PDM Question [7:65954]

[Hartnell, George]

Hi there,

I've got a 515UR failover I jus' upgraded from 5.3(1) to 6.1(4).  I'd like
to pop PDM on that system(s) and try that interface out.

I'm a command line kind of guy, so am comfortable with CLI, but, I've heard
that PDM is a worthy utility.

Any words of wisdom on PDM installation?

Best, G.

Nations have recently been led to borrow billions for war;
no nation has ever borrowed largely for education...
no nation is rich enough to pay for both war and civilization.
We must make our choice; we cannot have both. -- Abraham Flexner




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=65954t=65954
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco 1000TX GBICs [7:50316]

[Hartnell, George]

and have nothing good to say about them.

What sweet nothings would those be?

On another, but similar, note, what 3d party GBICs for 1000LX single mode
are out there for the Cat 3548 switches?  And, are there any sweet
nothings about using those in a Cisco platform?

Very best, G.


 -Original Message-
 From: Ken Diliberto [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, July 31, 2002 2:55 PM
 To: [EMAIL PROTECTED]
 Subject: Cisco 1000TX GBICs [7:50316]
 
 
 Anyone have experience with the 1000TX GBICs from Cisco?  We have used
 the stacking GBICs and have nothing good to say about them.  The TX
 GBICs are over $100 less (retail).
 
 Ken




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=50403t=50316
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Logic and Lab Rats [7:44653]

[Hartnell, George]

Shucks, folks, 'most everyone knows that the real world has its moments.

Users.  They generally provide considerable exposure to that which is
perceived as real.

'Course, it's always nice to have a test-bed; but I think lab rat is a
different definition.

So, perhaps to lighten things up, here's a little ditty from the past.
=


Psychologists have recently decided to refrain from using white rats as
experimental animals.  So, instead, they decided to use lawyers.

It seems the psycs wanted to avoid an emotional attachment... ;-)



But, on real-world experience (get the thread!?), the psychological
community found that there was a hidden advantage in the change.


There are some things that white rats just won't do.


Happy M-o-n-d-a-y

Best, G.
VP OCG




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=44662t=44653
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MBA or CCIE [7:41809]

[Hartnell, George]

Sagely advice from some good sources, especially the last one.
---

Try not to become a man of success, but rather try to 
become a man of value. - Albert Einstein

Recognition is the greatest motivator. - Gerard C. Eakedale

Sometimes one pays most for the things one gets for nothing. If 
I had my life to live over again, I'd be a plumber. - Albert 
Einstein 

The advantage of a classical education is that it enables you to despise
the wealth which it prevents you from achieving.   Russell Green

The man who starts out simply with the idea of getting rich 
won't succeed; you must have a larger ambition. - John D. 
Rockefeller

I'd like to live as a poor man with lots of money. 
- Pablo Picasso

Money often costs too much. - Ralph Waldo Emerson

The best way to become boring is to say everything. - Voltaire

It's good to shut up sometimes. - Marcel Marceau



Happy Friday!
Best, G.
VP OGC




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=41958t=41809
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Switch Design Question [7:39888]

[Hartnell, George]

In a 10Mb environ, what the heck!  I would speculate that double-up won't
make an ROI out of consolidation.

However, this brings up a nasty little problem I'm looking at, and I might
phrase this another way. How many cascaded switching devices can exist in a
broadcast domain without creating unacceptable latency in the network?

I see some scary practices with repeated arrays of inexpensive switches,
RAIS, if you will.  Each time a new workstation room is set up, the answer
is to cascade more and more unmanaged hub/switches (sorry Cisco, it's a
money thing) on the rack or down the copper to the room, or both.  While the
sweetness of low cost is succulent, surely there is a theoretical limit of
how many members of a RAIS array one can cram into a building.

So, boy and girl wonders, I've heard the magic number of 7.  Anyone want
to do the math?

Very best and happy Friday, G.
VP OGC



 Subject: Switch Design Question [7:39888]
 I am looking at this configuration:
 
 [PC]---[Switch1]---Fiber---[Switch2]---[Switch3]---[WirelessBr
 idge]---distance2miles---[WirelessBridge]---[4Switch10Mb]---[R
 outer]---[ISPInternet]
 
 The switches are all consist of 10Mb ports.  The question. 
 Whould it not be 
 a better design to take out switch2 and switch3 and replace 
 it with one 
 switch with more ports.  This would elimate one switch to 
 traverse when the 
 clients are accessing the Internet.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=39901t=39888
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: how to deal with this message on pix? [7:39497]

[Hartnell, George]

I had a similar 'self-inflicted wound' a while back.  Seems some dope (that
would be me) had retired some public IP ranges on the inside and needed to
(temporarily) route those to null from his inside router.  Otherwise, the
hapless administrator saw these udps denied with the dreaded 'xlate' error,
as his router was cheerfully sending the packets out the default gateway ---
the PIX inside interface.  Note the PIX does not, as aforementioned, route.

Sooo, I'd look at that outside router, and maybe any inside route tables you
might have.

Best, G.
VP OGC

 
 -Original Message-
 From: Wilton White [mailto:[EMAIL PROTECTED]]
 Sent: Monday, March 25, 2002 8:14 PM
 To: [EMAIL PROTECTED]
 Subject: RE: how to deal with this message on pix? [7:39497]
 
 
 PIX should not see that traffic in the first place. PIX only routes
 traffic between interfaces and can't make u-turns - only routes
 traffic from inside to outside or from outside to inside, but not from
 inside to inside or outside to outside. PIX considers this a security
 violation.
 I would check outside router and see why is it forwarding this traffic
 to the PIX.
 
 -- Lidiya White
 CCIE #8155
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On 
 Behalf Of
 Roy
 Sent: Monday, March 25, 2002 8:20 PM
 To: [EMAIL PROTECTED]
 Subject: how to deal with this message on pix? [7:39497]
 
 
 hi all
 
 i notice the message shown as bellow on my pix, and how can i 
 deal with
 it?
 
 106011: Deny inbound (No xlate) udp src outside:61.156.7.187/16372 dst
 outside:202.96.137.40/6970
 106011: Deny inbound (No xlate) udp src outside:61.156.7.187/16372 dst
 outside:202.96.137.40/6970
 106011: Deny inbound (No xlate) udp src outside:61.156.7.187/16372 dst
 outside:202.96.137.40/6970
 106011: Deny inbound (No xlate) tcp src 
 outside:202.109.106.130/8893 dst
 outside:202.96.137.40/59478
 106011: Deny inbound (No xlate) udp src 
 outside:202.96.136.201/49202 dst
 outside:202.96.137.40/53
 106011: Deny inbound (No xlate) tcp src outside:162.105.69.121/21 dst
 outside:202.96.137.40/60090




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=39577t=39497
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Anybody use Port Security on Switch in [7:39457]

[Hartnell, George]

Yep, I've used it.  There is considerable flexibility in setup.  Some
switches take up to several hundred MAC entries, learned or statically
assigned.  You can also set the thing up to simply alert through SNMP traps,
and/or administratively shut down that port until you do a 'no shut', or
otherwise enable the port.

Typically, it's one MAC address per port for setup, but, sometimes, the
ability to add one or more allowed address can be useful.  Those pesky
additional hubs out there can be secured by simply adding whatever 'allowed'
addresses to the list on the port serving the hub/downstream switch.  Syntax
can be funny, and is in a couple of spots.  GUI is quite intuitive, and
dynamically acquire the MAC address(s).

port security max-mac-count x ;x=number of macs
port security action shutdown | trap ; traps, of course, must be set up

; meanwhile, elsewhere

mac-address-table secure .. FastEthernet x/y vlan z

Document this!  Port security can be tough on workers in the field without
switch knowledge and/or access.

Best, G.
VP OGC

Chaos reigns within.
Reflect, repent and reboot.
Order shall return.
--Haiku wisdom


 
 So you have to be sure you're not causing a support nightmare 
 for yourself
 when you use this.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=39703t=39457
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Off Topic - Riddle - The Obvious Question [7:38336]

[Hartnell, George]

Interesting, sometimes the obvious can be elusive.  Pull more copper, is
the obvious.  Depending upon the telco layout, of course.

But, like many of Chuck's musings, this brings up some more real world
questions.  

Given: Investment in analog/digital cu based phone sets at buildings.
   A score, or more, of PBX's currently on telco copper.
 New fiber to each PBX building for voice and data. (6 strands, sm)

What transport over that fiber would be most cost-effective in the near
term?
How about the longer-term?
Where would convergence fit in the calculations?

Let'see.  Fiber T1 modems are simple, easy.  Pluses.  Minus?  Old
technology, difficult for data guys to manage well, no convergence factor.

IP transport for telephones over the fiber pair.  Pluses, data guys
understand IP, ok convergence path.  Bit more costly, currently, though.

True VoIP.  Haven't heard really glowing reports from large scale, lower
budget, institutions,...yet.  The convergence path.  Costly.  Throw out
yer copper investment(s).

Of course this is not an exhaustive discussion.  Just a number of ways
'round the communications barn.

Best, G.
VP OGC


 Subject: Off Topic - Riddle - The Obvious Question [7:38336]
 
 Hint - consider the ways one might convert analogue to optic.
 
 Chuck




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38432t=38336
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cat/CAT: was RE: you American need to think [7:38323]

[Hartnell, George]

I had a cat named Five once,

but he had an unfortunate collision



Yes.it is Friday.  

Best, G.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38482t=38323
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX DMZ IP address unload [7:37666]

[Hartnell, George]

Typical problem.  Hopefully an easy answer. The manual says so, but

I've configured interface 3 on a 6 port 515 for a dmz.  I needed to change
that segment back to its original 127.0.0.1 255.255.255.255 ip address
assignment.  Failover goes just ducky back to 0.0.0.0. I get the infamous
Sorry, not allowed to enter IP address on same network as interface n.
n=3 in this case.

The problem, as stated in the manual, goes like this.  ...you may not be
permitted to enter subsequent IP addresses if another interface's address is
in the same range as the first. ... To fix this problem, reenter the first
command specifying the correct network mask.

Sure.  I've reentered every 'ip address (interfacename)' on the box, and I
still get the Sorry story on that dmz.  The best I can get is the dmz
interface (interface #2) to a '127.0.0.1 255.0.0.0' designation.  Interfaces
3 and 4 are unchanged at 127.0.0.1 255.255.255.255. Interface 5 is a
failover 100Mb.  Fortunately, I won't need to heat up the dmz until next
week, and performance is unaffected.

Sooo, show ip looks similar to the below:

ip address outside w.x.y.z 255.255.255.0
ip address inside w.a.b.c 255.255.255.0
ip address dmz 127.0.0.1 255.0.0.0  - bummer here
ip address intf3 127.0.0.1 255.255.255.255  -- conflict here
ip address intf4 127.0.0.1 255.255.255.255
ip address intf5 10.10.10.42 255.255.255.252

Of course I want dmz to now look like intf3 and 4.  But no!  The Sorry
line continues.

What's a poor administrator to do?  Yup, tried the TAC, yup, 'clear xlate',
too.  Yup, got rid of all the 'static's, 'routes' and access-groups relating
to the dmz.  Stumped.  So far.

Any words of illumination?  I'm at rev. 5.3(1) at the moment.  Again, this
interface is 'shutdown', and I anticipate no problems with a live
reconfigure to another ip segment, but it is bothersome that I cannot get it
to return to its original loopback address.

Best, G.
VP OGC




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=37666t=37666
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Infrastructure Upgrade..... [7:37627]

[Hartnell, George]

A while back I had the experience of witnessing a large network expenditure
for similar reasons as the below.

Unfortunately, the underlying problems *causing* the collisions and
broadcasts went unaddressed.  Raw speed can hide many ills.For a while.

Before moving over to a switched environment, you might want to take a
comparatively easy look at your 10Mb shared environment.  You should be able
to take a peek at all the traffic, all at once, and find any glaring errors
there.  There has been much previous groupstudy traffic on inexpensive/free
and costly ethernet sniffers available.

Of course, remote management per port on switches is also useful, and one
*can* use port mirroring to sniff the wire.  Nonetheless, I'd take the time
to doctor up that shared ethernet first.

Best, G.
VP OGC 

 -Original Message-
 Subject: RE: Infrastructure Upgrade. [7:37627]
 
 Actually what we are trying to do is increase speed, 
 eliminate collisions
 and reduce any kind of broadcasting in the LAN
 
 Subject: Re: Infrastructure Upgrade. [7:37627]
 
 Well,
 
 You did pick a pretty expensive switch to purchase...hehe
 
 the 1900's are 10mb to the desktop... You'll see some




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=37675t=37627
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: A Note From Your Friendly Moderator [7:36978]

[Hartnell, George]

Sayeth Chuck, esteemed moderator:

The forbidden words are there mainly to stop spam, but also to stop some
of the non-Cisco study messages that occasionally pop up.


But, I see you have given no notice to the George Carlin's 1973 arresting,
Seven words you can't say on television.

I think that list has now shrunk to four.  Urination, breasts and defecation
are now apparently allowed in the vulgar. 

The remaining words remain in the domain of movies and CCIE exam labs.

Best, G.
VP OGC




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=37038t=36978
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Cisco VS Foundry Networks.. [7:36448]

[Hartnell, George]

Depends on what you mean by worry.

I've got a couple of Foundry's in addition to the Cisco stuff.  Both L2 and
L3.

I like them.  I like the support. And I like the company.

Best, G.

 -Original Message-
 From: Washington Rico [mailto:[EMAIL PROTECTED]]
 Sent: Monday, February 25, 2002 4:03 PM
 To: [EMAIL PROTECTED]
 Subject: Cisco VS Foundry Networks.. [7:36448]
 
 
 Cisco people I would like to know your impression of Foundry 
 Networks.  Are 
 they something to worry about?
 
 Regards,
 Eric Washington
 
 _
 $B$+$o(B 
 $B;H$($k%V%i%%6$G!%$%s%?! http://explorer.msn.co.jp/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36451t=36448
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX v6.2 [7:35987]

[Hartnell, George]

Hummm, I too scanned the Cisco site for 6.2 and only found 6.1.2.  I'd heard
from the rumor-mill that 6.2 was out, but perhaps that's incorrect.

As I'm about ready to upgrade the failover 515UR, it'd be nice if I only had
to do this once -- this year.

Any speculation on that 6.2 release date?

Best, G.

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
 Sent: Thursday, February 21, 2002 11:08 AM
 To: [EMAIL PROTECTED]
 Subject: RE: PIX v6.2 [7:35987]
 
 
 Where did you guys find the new 6.2 versions?  I looked at 
 Cisco's site,
 no luck.
 
 Thanksnabil




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=36105t=35987
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Secret Clearance? [7:4152]

[Hartnell, George]

The full circle:  We now apparently check security clearance so carefully
that fear of compromising the clearance indeed becomes more of a threat than
knowing someone who once was in a room where a known commie breathed the
air.

And inhaled.

Very best, G.
VP OGC



 -Original Message-
 From: Patrick Ramsey [mailto:[EMAIL PROTECTED]]
 Sent: Thursday, February 14, 2002 1:15 PM
 To: [EMAIL PROTECTED]
 Subject: RE: Secret Clearance? [7:4152]
 
 
 IT took me 6 months to get mine and I almost didn't get it 
 because a friend
 in high school got busted sometime after graduation for 
 dealing drugs... And
 even when I did get it, it was interim and took another 4 
 months before it
 was perm.
 
 -Patrick
 
 I think the Navy estimates 50,000 smackers per investigation
 
  Logan, Harold  02/14/02 01:03PM 
 I disagree. In order to get a clearance, not only do you have to make
 the right choices, but all of your past and present friends, roomates,
 and coworkers need to make the right choices too. Add to that, it only
 takes one person bad-mouthing you to delay or even end your
 investigation... ask yourself this, is there at least one person out
 there who would lie about you in order to make your life difficult?
 
 It's a very subjective process, and one that I don't care to 
 go through
 again. If you have a clearance, be glad that you do.
 
 Hal
 
 -Original Message-
 From: Jeff Buehler [mailto:[EMAIL PROTECTED]] 
 Sent: Wednesday, February 13, 2002 6:34 PM
 To: [EMAIL PROTECTED] 
 Subject: Re: Secret Clearance? [7:4152]
 
 
 You were not Lucky that you had nothing in your background. 
  You made
 the
 right choices.  People who make the wrong choices pay for it 
 their whole
 life.  It is called Character.
 
 
 William Gragido  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  Well, since this is obviously a never ending thread I'll add my 2
 cents.
 I
  have a Top Secret SCI that is still valid from my active duty period
 in
 the
  USMC.  In regards to joining the service just to get a 
 clearance, I'd
 say
  thats some of the most low brow thinking that I've ever 
 heard.  There
 are
 no
  guarantees that you'll get one.  It all depends on the investigation
 and
  what they unearth, so don't be fooled into thinking that simply by
 selecting
  an MOS that requires a clearance you'll automatically qualify.  Its
 not
 the
  case.  I saw Marines go through schools only to be turned down for
  clearances.  I was lucky and had nothing in my background that would
  prohibit my from obtaining one, but again, it all depends on what
 one's
  civilian life is compromised of that helps dictates whehter or not a
 person
  rates one.
 
 
 
  -Original Message-
  From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED]]On Behalf Of
  John Faubion
  Sent: Sunday, February 10, 2002 10:34 PM
  To: [EMAIL PROTECTED] 
  Subject: Re: Secret Clearance? [7:4152]
 
 
  Ohh that's a good idea, then when you get orders to Bosnia, Somalia,
 Kuwait,
  or Afghanistan, you can be like the whiners of Desert Storm 
 that cried
 about
  joining to get an education, not to go to war. Only this 
 time it will
 be
  about getting a security clearance instead of going to war!
 
  While you can get a security clearance in the military, it is not
 valid
  after leaving the military unless it is documented 
 correctly. However
 the
  reinstatement cost can be drastically reduced since the previous leg
 work
  has already been done.
 
  John
 
  - Original Message -
  From: Steven A. Ridder
  To:
  Sent: Sunday, February 10, 2002 7:52 PM
  Subject: Re: Secret Clearance? [7:4152]
 
 
   80K!!!  You could always do what I did and join the Army.  If you
 pick a
   good MOS, you'll get a secret clearance for free while you are in
 Basic
 or
   AIT.  Some jobs I'm sure will give you a top secret if needed.   I
 bet
  just
   joining the reserves would get you a secret if the MOS called for
 it.
   Julian Eccli  wrote in message
   [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
A secret clearance can cost somewhere between $50K-$80K 
 to get all
 the
proper paper work and verifications done, hence why 
 they want you
 to
  have
   it
already :)
   
   
-Julian
   
Patrick Ramsey  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 not to mention that if they say it is required they 
 probably do
 not
  want
to
 pay the $$$ to have it done...hence the required portion of
 the
 job
 description.

 -
 Patrick



  Craig Columbus  02/09/02 15:38 PM 
 Check the archives of the list.  This has been discussed many,
 many
   times.

 Craig

 At 11:04 AM 2/9/2002 -0500, you wrote:
 So how does one gain Secret Clearance?
 --- Jeff D  wrote:
   The contractor has no say in it. If the government
   says you need a clearance
   to enter the building, then you have to have one,
   period. Why waste your

RE: Secret Clearance? [7:4152]

[Hartnell, George]

Ancient wisdom, Who guards the guardians?

If security is defined as abject obedience then my feeling of being
secure in person is misplaced.  If security is judged as well as Olympic
Skating competition, then security is a misnomer.  If a security
clearance is based on dogma, we are less, not more secure in our persons.

Nearly all men can stand adversity, but if you want to test a 
man's character, give him power.-Abraham Lincoln

Best, G.
VP OGC

 
 You were not Lucky that you had nothing in your background. 
  You made the
 right choices.  People who make the wrong choices pay for it 
 their whole
 life.  It is called Character.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=35407t=4152
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX information [7:35294]

[Hartnell, George]

AND, am I to understand correctly, as the manual is quite vague, that an
upgrade of the primary failover unit also updates the secondary?  Or, must
the hapless administrator do each individually?

Best, G.

 -Original Message-
 From: Jose Celestino [mailto:[EMAIL PROTECTED]]
 Sent: Wednesday, February 13, 2002 7:12 AM
 To: [EMAIL PROTECTED]
 Subject: Re: PIX information [7:35294]
 
 
 PIX-FW1# copy ?
 usage: copy tftp[:[[//location][/pathname]]] flash
 
 For instance:
 
 copy tftp://192.168.2.2/configs/pix.cfg flash
 
 
 Thus spake BASSOLE Rock, on Wed, Feb 13, 2002 at 09:06:59AM -0500:
  Hello group,
  
  
  What command can I use to copy a configuraton form a tftp 
 server to a PIX
  Firewall? I have look on the cisco web site for the command 
 but couldn't
  find. Can somebody help.
  
  Thank you.
  
  Rock
 -- 
 Jose Celestino 
 -
 Little prigs and three-quarter madmen may have the conceit 
 that the laws of
 nature are constantly broken for their sakes.
 -- Friedrich Nietzsche




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=35314t=35294
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Average afterwork time Tech learning commitment? [7:34634]

[Hartnell, George]

I don't think this was Shoeless Joe Jackson, but rather a self-described
awkward, skinny, asthmatic child who later became a musician/writer.  Ref:
google/joe jackson

My own quote:

This thread sounds like running thirty miles and hour on a treadmill going
sixty.

Best, G.
VP OGC

 Some people live so fast
 They're so scared of getting old
 Some people keep on working
 All they do is line their graves with gold
 
 From the same track by Joe Jackson - Not bad for a baseball player :-)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=34857t=34634
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Average afterwork time Tech learning commitmen [7:34634]

[Hartnell, George]

Here's a little tidbit from the Washington Post about battle:

[Cy (Zulu, 1964)] Endfield also finds a quality missing from all too many
battle sequences in millions of movies: that is, the utter physical labor of
battle. It's very hard work to fight, which is why the young are so much
better at it. His troopers emerge like footballers after an overtime --
exhausted men, drained and emotionally flattened, smeared with dirt and
blood, beyond the need to do anything but sleep for days.

Sounds a lot like those 'boot camps' I hear about, and some sustained
training efforts mentioned here in the group.  Not to mention the day after
those CCIE lab tests.

Best, G.
VP OGC




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=34874t=34634
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Average afterwork time Tech learning commitment? [7:34634]

[Hartnell, George]

I would pontificate on the below.  Several vendors have jumped on the
'training gravy train'.  Used to be, vendors would train users with the idea
that a knowledgeable operator would benefit all.  Apparently, the huge
training licensing schemes have clouded the original intent of
vendor-specific training  what makes us look good, makes you look good.

One big difference in IT is the ugly reality of constant change.  A company
hiring an accountant, for example, would rarely need to re-train that staff
in mathematics; 1+1 is generally the same as it was when rocks and sticks
were used for counting.  Anyone looked at IPV6 lately?  How's about 802.3ad?
Gigabit Ethernet?  VOIP?  Fiber Power-loss calculations?  ad. nauseum.

Wise employers (Enron and A. Andersen excluded, of course, a new 'ethic; of
expecting nothing) need to understand that training is just as important
as that 7% advertising budget.  This generally means time and money for
'pump priming'.  You can figure out the obvious advantages.

As for 'dying at some point', long-term readers may have heard my 'whine'
about stress strongly contributing to the early demise of more than one
close friend who let IT get to them over the years.  None of these folks,
IMHO, received remotely realistic training budget or time allotments.  Those
things, you see, 'expected'.  

While the Enron execs of IT management may be golfing, the good ones
understand the value of a good crew.  Bottom line, if you cannot negotiate
the training opportunities, time, or commitment; leave.  And be good enough
at what you do so your absence hurts.  Badly.

Catch 22?  Sure.  Most folks in IT do enjoy learning and being good at what
they do.  But to suffer, as some have indicated, two jobs, one for money and
one to keep current enough to do the first, is neither wise for the employee
nor the employer.

And as for the vendors  Does training for operators of your equipment/OS
fall into advertising budget? Where are the grants?  I have *begged*, as a
public sector employee, two well-known OS vendors for *some* training
directly from their (large) staff.  Forget it.  So much for 'corporate
ethics'.

So, go ahead, guys.  Ignore your wife, forget your kids, stay up 'til the
wee hours.  You will find, after many years, that there is a cost incurred
--- it will be up to you to decide if you earned enough to pay it off.

Best, G.

 
 
 You get out it what you put into it. Its that simple.
 
 I know far too many people who would do well but refuse to 
 admit that they
 need to spend some time studying. why wont they pay for it 
 is the biggest
 whine.. you are entitled to NOTHING in this world except to 
 die at some
 point so it's really up to you where to go and how to get there.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=34670t=34634
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: MAJOR OT: Free CCNPtraining for convicts [7:34039]

[Hartnell, George]

Wake up and smell the coffee!  Prisoners have been getting costly commercial
diving training for years down in California somewheres.  Good job for tough
men.

But CCNP?  I'm led to belief that less than 1% of inmates in Federal pens
are white collar types.  Maybe the 52% who are there due to the War on
Drugs have the head for the cerebral nature of networking.

Better solution?  More education in the first place.  High school Cisco
Academy grads probably won't log much cell time later in life.

Best, G. (technical servant of public education for over 15 years)
VP OGC




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=34145t=34039
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Aggregate 3 T1's would this work. [7:33599]

[Hartnell, George]

Would this not also be a function of just what the ISP has/wants on the far
end?

My hookup uses a 3Com Accessbuilder 6100 I-Mux --- HSSI---Cisco 7200.  The
three T1's are inverse multiplexed on the 3Com.  Scaleable to 7 T1's.

'Couse this is a 'Cisco' newsgroup

Best, G.

 -Original Message-
 From: James Willard [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, January 29, 2002 12:33 PM
 To: [EMAIL PROTECTED]
 Subject: RE: Aggregate 3 T1's would this work. [7:33599]
 
 
 John,
 
 What you want to look at is Cisco Express Forwarding (CEF). 
 It allows load
 balancing across multiple T1's. For each serial interface you 
 would have
 your own subnet (such as a /30) to your provider, because the serial
 interfaces cannot be on the same subnet. Turn on CEF using 
 ip cef globally
 (you may want to ensure you have a recent IOS, as CEF was 
 buggy early on).
 Then, on each serial interface, issue either ip load-sharing 
 per-packet or
 ip load-sharing per-destination depending on how you want the load
 distributed. To give you the full 4.5Mbps to any one site, 
 use per-packet
 load balancing.
 
 James Willard, CCNA
 [EMAIL PROTECTED]
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 John Jones
 Sent: Tuesday, January 29, 2002 3:17 PM
 To: [EMAIL PROTECTED]
 Subject: Aggregate 3 T1's would this work. [7:33599]
 
 
 I have a configuration question.
 I have 3 dedicated T1's a router 3620 with three T1 CSU/DSU and one
 FastEthernet ports installed. All dedicated T's are from the same ISP.
 I want to aggregate the three T1's for increased bandwidth (4.5 Mbps)
 Would I run into issues
 
 Here is my config.  Would this work?
 
 
 !
 hostname Cisco3620
 !
 !
 no ip name-server
 !
 ip subnet-zero
 no ip domain-lookup
 ip routing
 !
 interface Ethernet 0/0
  no description
  ip address 172.16.10.1 255.255.255.0
  !
 interface Serial 0/0
  no shutdown
  ip address 1.1.1.2 255.255.255.248
  !
 interface Serial 0/1
  no shutdown
  ip address 1.1.1.3 255.255.255.248
  !
 interface Serial 1/0
  no shutdown
  ip address 1.1.1.4 255.255.255.248
  !
 ip route 0.0.0.0 0.0.0.0 serial0/0
 ip route 0.0.0.0 0.0.0.0 serial0/1
 ip route 0.0.0.0 0.0.0.0 serial1/0
 
 !
 !
 ip classless
 no ip http server
 !
 end
 
 
 I tried this config with Cisco's config maker and I get IP 
 address errors on
 the serial ports, specifically being on the same subnet.
 Would this do basic aggregation?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=33611t=33599
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Totally OT : Was there a man on the moon ? [7:33465]

[Hartnell, George]

The flag is there.  The last great president said we'd put it there.

And we did.

Best, G.
VP OGC




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=33513t=33465
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX: Rating the new Cisco Press Book [7:33023]

[Hartnell, George]

Subject sez pretty much all.  Who's got the good/bad/ugly for:

Cisco Secure Pix Firewalls
ISBN 1587050358

Test? Who cares!!!  Does the book deliver the how-to goods?

Very best, G.
VP OGC

When your work speaks for itself, don't interrupt. 
-Henry J. Kaiser




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=33023t=33023
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Looking for Great CISCO Training Center in SJ area [7:32838]

[Hartnell, George]

I had Kip for ICRC/ACRC years ago.  He was, by far and away, the best
vendor-cert trainer I ever had.

Best, G.
VP OGC

 -Original Message-
 From: Daniel Cotts [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, January 22, 2002 8:44 AM
 To: [EMAIL PROTECTED]
 Subject: RE: Looking for Great CISCO Training Center in SJ area
 [7:32821]
 
 
 Try to find if Kip Petersen sp? is doing training in that 
 area. Last that I
 knew he had moved to MentorTech. Previous to that he worked 
 for the folks
 who had been doing the NetGun program. He was going to open a SJ area
 training center for MentorTech. They are now out of business. 
 Hopefully he
 is still teaching. FWIW He was one of the original five Cisco 
 trainers -
 before Cisco farmed out training.
 
  -Original Message-
  From: tim [mailto:[EMAIL PROTECTED]]
  Sent: Tuesday, January 22, 2002 5:31 AM
  To: [EMAIL PROTECTED]
  Subject: Looking for Great CISCO Training Center in SJ area 
 [7:32794]
  
  
  Hi.
  Would you recommend good cisco training centers covering CCIE 
  routing 
  switching?
  
  Thanks in advance.
  
  Tim




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=32838t=32838
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How much is a CCIE worth? [7:32856]

[Hartnell, George]

Don't rightly know, depends.  But, for comparison, here's a little quote
from Information Week:

Enron's board members made more than $300,000 per year, for just one board
job.

And just look at their performance!  Maybe we should start a board member
study group.

Best, G.
VP OGC




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=32856t=32856
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VLAN's [7:32351]

[Hartnell, George]

Well, I think that you could have two seperate VLANs with some modifications
of the below.  As far as I know, there is no dictate to assign an IP to
those VLANs.  While I don't have the need, or lack of need, for the L3 part,
I'm not sure if the IRB command would be required for this seemingly unusual
setup for a L3 switch.  I'd just eliminate the IP parts below, set up a
couple of bridge-groups, add the members, and see how that works.

Best, G.
VP OGC

 -Original Message-
 From: 416South [mailto:[EMAIL PROTECTED]]
 Sent: Friday, January 18, 2002 6:12 AM
 To: [EMAIL PROTECTED]
 Subject: RE: VLAN's [7:32351]
 
 
 Thanks all,
 
 in George's description mentions that  that your doing 
 intervlan routing, 
 would this BVI work without a IP address and if not is there 
 a command to
 just provide L2 separate VLANS?
 
 thanksHartnell, George wrote:
  
  Well, I have one of those GL3's, and it's a pretty good piece
  of work.  I
  would agree that the documentation accompanying that switch is
  somewhat
  sparse.  It took me quite a while to 'figure it out' on my
  first setup.  The
  below assumes an IP network.
  
  If I remember correctly, those docs talked about irb enabling. 
  Syntax:
  bridge irb
  
  Then the bridge:
  bridge (xx) protocol ieee  ; for example for subnet
  10.0.11.0/24; bridge 11
  protocol ieee
  
  Then pop the interface config:
  int BVIxx   ;Bridge Virtual 
 Interface
  ip address xx.xx.xx.xx (netmask)  ; example int BVI11, ip
  address 10.0.11.1
  255.255.255.0
  
  If I were to route these VLANS, internally, I'd have to add a
  statement
  whilst creating the bridge.  This is where the routing happens,
  or, as you
  require, doesn't happen:
  
  bridge xx protocol ieee
  bridge xx route ip
  
  Without the route statement, routing doesn't occur between
  other VLANs.
  
  Finally, each interface needs to have VLAN membership.  At the
  interface
  config:
  
  bridge group xx
  
  
  Took me a while to get all that right
  
  Best, G.
  
  
  ject: VLAN's [7:32351]
   
   
   Have a 2948GL 3 and want to set up a vlan but it docs state 
   that you have to
   set up ISL .  I don't want ISL enabled.  is there a way to 
   just create VLANS
   like in other L3 switches?  I don't want to make these 
   routeable or anything
   just L2 VLANS simple VLANS
   
   ie. when I do a int vlan 400 this would normally create a 
   new vlan and put
   me into interface mode
   
   when i do a int vlan ?  the options are to put in the vlan 
   # but when I do
   all i get is a wrong command with the famous ^ at the vlan 
   point in the
   command
   
   docs doc's dont seem to give enough info
   
   any Ideas
   
   thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=32500t=32351
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Switch/router dhcp debug [7:32506]

[Hartnell, George]

This is a good question that I've recently been fighting at one of my sites.

The obsoleted-by-the-manufacturer-5-years-ago router, HP, is a primitive,
but reliable device without many bells and whistles.  Recently, on it's
logs, I've been getting some unusual 'ARP squeals', as well as the
troublesome request below.  About all the log reveals is that it happened.
If I could get a MAC address, I could at the very least figure what the darn
thing is --- at this point I'm thinking printer with that 0.0.0.0 source.
The other out-of-range ARP complaint is an occasional foreign IP address;
again I need to pick up on that MAC.

Of course, all this happens intermittently, so it's hard to catch 'in the
act'.  I fiddled with the Cisco 2900XL system message logs a bit, but don't
have a syslog server at that site (yet --- Kiwi?), so I haven't got a hit
(clue) on who the culprit(s) might be.  Maybe I just don't know how yet;
maybe I need that syslog system; maybe I should break out the Fluke or
Sniffer.  Sure seems like I could get those MAC addresses direct from the
switch, somehow, though.

Sooo, I await with great curiosity on the solution to this one

Best, G.
VP OGC

 -Original Message-
 From: Joaquim Lopes [mailto:[EMAIL PROTECTED]]
 Sent: Friday, January 18, 2002 10:42 AM
 To: [EMAIL PROTECTED]
 Subject: Switch/router dhcp debug [7:32506]
 
 
 Hi, is it possible to see from whitch device is a dhcp 
 request comming from,
 S=0.0.0.0 d=255.255.255.255 mac=
 
 Switch command -- ?
 Router command -- ?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=32521t=32506
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: VLAN's [7:32351]

[Hartnell, George]

Well, I have one of those GL3's, and it's a pretty good piece of work.  I
would agree that the documentation accompanying that switch is somewhat
sparse.  It took me quite a while to 'figure it out' on my first setup.  The
below assumes an IP network.

If I remember correctly, those docs talked about irb enabling.  Syntax:
bridge irb

Then the bridge:
bridge (xx) protocol ieee  ; for example for subnet 10.0.11.0/24; bridge 11
protocol ieee

Then pop the interface config:
int BVIxx   ;Bridge Virtual Interface
ip address xx.xx.xx.xx (netmask)  ; example int BVI11, ip address 10.0.11.1
255.255.255.0

If I were to route these VLANS, internally, I'd have to add a statement
whilst creating the bridge.  This is where the routing happens, or, as you
require, doesn't happen:

bridge xx protocol ieee
bridge xx route ip

Without the route statement, routing doesn't occur between other VLANs.

Finally, each interface needs to have VLAN membership.  At the interface
config:

bridge group xx


Took me a while to get all that right

Best, G.


ject: VLAN's [7:32351]
 
 
 Have a 2948GL 3 and want to set up a vlan but it docs state 
 that you have to
 set up ISL .  I don't want ISL enabled.  is there a way to 
 just create VLANS
 like in other L3 switches?  I don't want to make these 
 routeable or anything
 just L2 VLANS simple VLANS
 
 ie. when I do a int vlan 400 this would normally create a 
 new vlan and put
 me into interface mode
 
 when i do a int vlan ?  the options are to put in the vlan 
 # but when I do
 all i get is a wrong command with the famous ^ at the vlan 
 point in the
 command
 
 docs doc's dont seem to give enough info
 
 any Ideas
 
 thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=32377t=32351
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How would you design a Network ? [7:32067]

[Hartnell, George]

I would tend to agree, I have a similar number of WAN sites, and rely
entirely on static routes on the back end.

But! (There's always a 'but', and sometime with an extra 't') As my network
changes, (read fiber and switches)I plan to go more VLANs, and private
address spaces, for separating networks for security and traffic management.
Yes, still a star; no, not a single-subnet-per-site structure any more.

Soo, suddenly I'll have 60 (or so) subnets out there to route.  This
supposes, of course, a couple of subnets per site, a structure which may
deserve some more scrutiny (Three thousand systems, 22 metropolitan
locations) Dynamic VLANs have some more potential for use and complexity.

Of course, there's legacy involved, as well.  The computer wars are bad
enough; the design war solutions tend to stick around for a while.  I'd like
to do it more-or-less right the first time.

Best, G.
VP OGC

When you're wounded and left on Afghanistan's plains,
And the women come out to cut up what remains,
Jest roll to your rifle and blow out your brains
   An' go to your Gawd like a soldier.
Kipling, on other wars with different soldiers


 -Original Message-
 From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]]
 Sent: Tuesday, January 15, 2002 3:25 PM
 To: [EMAIL PROTECTED]
 Subject: RE: How would you design a Network ? [7:32067]
 
 
 Listers.
 
 I would like to make some routing changes to a mostly static routing
 environment.  Currently everything is either routed via 
 default gateway, or
 static route statements. 
 
 the environment consists of about 30 remote point to point 
 WAN sites, with
 most data traffic consisting of IP.  We have several sites 
 on dual T1's, and
 all sites are terminating at a central corporate location.  
 So a big star
 network.   The vendor of choice is cisco for routing and switching. 
 
 Anyone see OSPF, EIGRP, BGP, IGRP, ISIS as the way to go?   
 I would like to
 make this network more dynamic, just having a hard time 
 justifying the move.
 
 All thoughts appreciated!
 
 thanks,
 Jason
 
 Without further information, I see no advantage to making this 
 network more dynamic.  If the issue is static routes need more 
 maintenance, I suggest that you tie the generation of static routes 
 to your IP assignment process; it's usually not hard to automate.
 
 If it's already a star, what do you gain in flexibility by adding the 
 complexity of dynamic routing?  Failover and load balancing are, if 
 anything, easier with static than dynamic routes.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=32210t=32067
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: What good is this stuff, anyway? [7:31705]

[Hartnell, George]

I watched, again, the most excellent Flight of the Phoenix over the
weekend.  (Yes, folks, I do have a life besides IT..)  As sometimes happens
after re-visiting a film, I discovered another perspective, maybe even
relevant to IT engineering.

There was a point, in the movie, that the engineer was in complete control.
Who is in authority, here?  As long as the aircraft was on the ground, in
the design/construction phase, the engineer had complete, ruthless, but
necessary, control.

As soon as the engine started, however, that control shifted over to the
pilot of the aircraft.  The control shifted immediately and entirely.

The pilot, you see, had many years of practical experience *flying*
aircraft.  The engineer's task was done.

Maybe there is a lesson here.  Sure, and engineer can have that coveted CCIE
(or MCSE, or CNE, etc., etc.), but it takes a different kind of person to
get the system off the ground and keep it flying.

Best, G.
VP OGC

When you're wounded and left on Afghanistan's plains,
And the women come out to cut up what remains,
Jest roll to your rifle and blow out your brains
   An' go to your Gawd like a soldier.
Kipling, on other wars with different soldiers




 -Original Message-
 From: Chuck Larrieu [mailto:[EMAIL PROTECTED]]
 Sent: Friday, January 11, 2002 8:53 PM
 To: [EMAIL PROTECTED]
 Subject: OT: What good is this stuff, anyway? [7:31705]
 
 
 I had the extreme good fortune of sitting in a meeting today with a
 customer. The project has moved out of the sales phase ( a year in the
 making ) and into the project phase. In attendance were the 
 customer's top
 IT networking staff and my employer's project team.
 
 This ended up being a four hour meeting, completely dominated 
 by Customer IT
 Director and my employer's Mr. CCIE
 
 One of the high points? the customer had sent Mr. CCIE an L3 switch
 configuration the previous day. Mr. CCIE was to offer comment 
 on the design.
 Mr. CCIE said from what I see here, I'll bet you have a 
 routing loop. I'll
 bet that if you do a traceroute from that switch to this 
 particular network
 it will go nowhere. The customer said you're on, telnetted into the
 switch, performed the trace, and sure enough, the * * * * * * 
 appeared after
 three hops. You shoulda seen this guy's face!
 
 this was but a small part of a fascinating dialogue between 
 the customer and
 Mr. CCIE.
 
 Oh, it did not hurt that Mr. CCIE had fifteen years 
 technology experience,
 and ten years in networking.
 
 Anyway, back to the books. I'm jazzed about learning the 
 dirty little BS
 things again!
 
 Chuck




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=31887t=31705
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: full-duplex Ethernet cable? [7:31643]

[Hartnell, George]

I did not note a speed associated with that full-duplex Ethernet spec.
Wouldn't GigE Cu require all eight?  And, might a new cable plant effort be
well-served to require all eight conductors per RJ?

Best, G.
VP OGC


 -Original Message-
 From: Allen May [mailto:[EMAIL PROTECTED]]
 Sent: Friday, January 11, 2002 10:40 AM
 To: [EMAIL PROTECTED]
 Subject: Re: full-duplex Ethernet cable? [7:31643]
 
 
 Yep...and PIN Number, ACL List, etc.  I used to bug 
 instructors by referring
 to them as Network Interface Card Card's to point out what 
 NIC Card really
 was ;)
 
 Allen
 - Original Message -
 From: Patrick Ramsey 
 To: 
 Sent: Friday, January 11, 2002 11:54 AM
 Subject: RE: full-duplex Ethernet cable? [7:31643]
 
 
  Is NIC Card kinda like a FAT Table?  : p
 
   Daniel Cotts  01/11/02 12:34PM 
  Unshielded Twisted Pair (UTP) uses two pair (four wires) on 
 pins 12 and
 36
  of an RJ-45 plug. Whether it runs as full or half duplex is 
 determined by
  the connected equipment - NIC card, Hub, Switch, router, etc.
  If Ethernet is running over coax cable then it is limited 
 to half duplex.
 
   -Original Message-
   From: mlh [mailto:[EMAIL PROTECTED]]
   Sent: Friday, January 11, 2002 10:56 AM
   To: [EMAIL PROTECTED]
   Subject: full-duplex Ethernet cable? [7:31643]
  
  
   Hi, there,
  
  
   how many pairs of two-twisted cable are used for full-duplex
   Ethernet ? what
   is the
   difference between full- and half- duplex cable?
  
   Thank you in advance.
  
  
  
   Regrads,
  
   mlh




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=31667t=31643
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

515UR Upgrade [7:31586]

[Hartnell, George]

Hi folks,

Jus' checkin', I'm looking to upgrade my PIX 515UR w/failover from 5.3(1)
wa up to the current 6.2.  (Help me, I found myself *liking* the GUI
of that PDM management interface!)

Are there any war stories of note that might save the hapless administrator
hours of time?

Very best, G.

When you're wounded and left on Afghanistan's plains,
And the women come out to cut up what remains,
Jest roll to your rifle and blow out your brains
An' go to your Gawd like a soldier.
Kipling, on other wars with different soldiers.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=31586t=31586
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: OBTAIN A UNIVERSITY DEGREE...EASILY!! [7:30781]

[Hartnell, George]

And just what does prestigious non-accredited mean, exactly?

The miserable worms who market accredited education for
more-than-exorbitant fees are bad enough. (see previous threads on value of
certifications vs. higher-education diplomas)

I'd highly recommend pursuing industry certs rather than throwing your money
and time away for a sheet of useless paper.  This especially applies to our
'off-shore' brethren.  Don't be a fool parting with his money...

At least be fool partying with his money...

Best, G.
VP OGC

A fool and his money are soon partying.  Ancient wisdom from my youth

 UNIVERSITY DIPLOMAS
 
 Obtain a prosperous future, money earning power,
 and the admiration of all.
 
 Diplomas from prestigious non-accredited
 universities based on your present knowledge
 and life experience.
 
 No required tests, classes, books, or interviews.
 
 Bachelors, masters, MBA, and doctorate (PhD)
 diplomas available in the field of your choice.
 
 No one is turned down.
 
 Confidentiality assured.
 
 CALL NOW to receive your diploma
 within days!!!
 
 1-305-460-3152
 
 Call 24 hours a day, 7 days a week, including
 Sundays and holidays.
 
 
 
 If you no longer wish to be on our list send a message to 
 [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=30807t=30781
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Win2K Browsing Problem [7:28074]

[Hartnell, George]

Actually, understanding Windows browsing implementation can be quite
instructive.  There are both WAN and LAN switching gotchas.  Keep in mind
that, at least with my NT 4.0 browsing, this is based upon broadcasts.
Things like netmasks, VLANs and routers can do funny things to, and with,
broadcast packets.

There is a definitive article, Troubleshooting the Microsoft Computer
Browsing Service, Technet article number Q188305, which explains much about
the MS browsing system.

Not that this has much to do, directly, with Cisco, excepting the network
theory and architecture.

Best, G.

-Original Message-
From: maamun Murangwa [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 04, 2001 8:11 AM
To: [EMAIL PROTECTED]
Subject: Win2K Browsing Problem [7:28074]


Hi all,
Can anyone give me some advise on how to solve a
network browsing problem on a win2k enviroment, how
can i improve it or what should i check for, on the
Win2k side?

MMK


Nokia 5510 looks weird sounds great. 
Go to http://uk.promotions.yahoo.com/nokia/ discover and win it! 
The competition ends 16 th of December 2001.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=28324t=28074
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Send BREAK to console thru term server [7:27572]

[Hartnell, George]

The term to search on at CCO is 'break key sequence' which should bring up
the following page:

http://www.cisco.com/warp/customer/701/61.html

I'd cut-n-paste, but there is a wealth of information there, with many
different hardware and applications documented.

Best, G.
VP OGC

-Original Message-
From: Sean Wu [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, November 28, 2001 1:01 PM
To: [EMAIL PROTECTED]
Subject: Send BREAK to console thru term server [7:27572]


How can we send a BREAK signal via telnet session?

I access some device via terminal server, the only thing I am wondering is
how to send a BREAK so that I can do password recovery.

thanks.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=27591t=27572
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: ZONE Tests vs Boson Tests [7:26639]

[Hartnell, George]

Here's a little story from the Bering Sea.  Bear with me and you'll see why
the 'thread' fits.

The Anacortes, Washington fishing family had been very successful in the
late 1980's.  Early 1990 saw four brand-new crab boats ready to plunder the
king crab population in an area the coast guard describes as 'the major
leagues' compared to North Atlantic fishing ground weather conditions.

Not too far out of Dutch Harbor, Alaska, two of those boats capsized,
killing all 15 crew members aboard, including the son of one of the
surviving vessels.  While the craft were carrying out a load of 800lb.
'pots, photos of the loaded boats before their doomed departure showed
nothing visible to point toward load instability.

Investigations, of course, followed.  Over a year later, as the
investigation was closing, without answers, almost as an afterthought, a
shipyard worker approached one investigator.  I don't know if it really
matters, but we had some extra bottom paint, and we added an extra 12 inches
around the hull of both boats, he told them.

Anti-fouling bottom paint, to combat marine organisms, makes a very visible
waterline on the hull of a vessel.  Normally, this would be considered a
'bonus' for an owner.  This time, however, was different.

The engineering specifications had the craft designed with bottom paint to a
certain level on the hull.  The 25 year-old skipper had loaded the crab pots
*to the waterline as indicated by the additional 12 inches of paint*.  No
one, not the planners, not the skipper, not the investigators, had thought
that the paint-line, so visible in the after-the-fact photos, was so 'out of
spec.' Twelve inches deeper on a 150 foot boat equals tons of additional
displacement. The boats flipped like tops; there was not even time for a
'mayday'.

There are a couple of lessons here.  The first, and most obvious, is follow
the engineering specifications without error.  The second, and more
relevant to this thread, was that the skipper was operating by rote.  He
apparently did not understand that the stability of the vessel was not due
to a line in the water, but to exact engineering specifications that were
inviolate physics.

So, does learning to pass the CCxx test(s) require rote learning?  Yes.
Does that rote learning style make you a safe skipper?  Probably not.

Know your engineering, as much as possible.  The Why's it do that? are
perhaps more important than just knowing it does...

Very best, G.
VP OGC

And have a happy Thanksgiving.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=26955t=26639
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Salary Expectations/CCNP's!!!!!!!!! [7:25805]

[Hartnell, George]

There are, I hope, perspective employers looking at this service.  They can
make up their own minds about folks who are looking for a 'quick fix' and
their motivations.

But I would not hire, or even look at, people who make a practice of
belittlement and sarcasm.  I'd rather hire a person who asks; in whatever
format.  And no, I don't care how 'smart' they are, or how smart they think
they are.  There are good people, with good ethics, who can do the job,
regardless of complexity.  It may take longer, and they might even have to
ask

It is also much easier to ridicule someone than give a polite pointer and/or
response.  Transparent, in some of the past cases.

S, 'let the heathen rage', big people can take small-minded responses.
Water off a duck's back.

By the way, this thread has had a number of 'big people' mentioned; Babbage,
Smee, Turing, amongst others.  Thanks to all who try a make positive that
which can seem so negative, at times.  

That list remains incomplete!  Let's hear some more names of heroes of
digital technology!

Very best, G.
VP OGC




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=26525t=25805
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Salary Expectations/CCNP's!!!!!!!!! [7:25805]

[Hartnell, George]

Ah, the intolerance of it all...

I answered this guy because he needed help.  I did the research long ago,
and put him in the ballpark.  Of course, the rest of the knowledge is up to
him.  By the .signature involved I surmised this was a 'working stiff'.
Have a little empathy.

Some here have exhibited 'righteous indignation' towards those who would
defile real or imagined standards placed by real or imagined judges.
Reminds me of fundamentalist everywhere.  How easy it is to generalize real
people by the general they.  Who knows? Someday, they may be you.

The amount of energy devoted to trite answers and holier-than-thou elitism
far outweighs any perceived good.  (Hey, I had some fun looking it up again,
myself.)

Besides, it violates one of the great training principles, There are no
dumb questions!

Keep those card and letters coming!

Very best, G.
VP OGC
previous stuff===

You are indeed correct.  Posting questions here is a way of finding
information on the internet.  It's the lazy persons way!  Why take an hour
or two to look something up on your own when you can post a question here in
one minute and have someone else provide the answer?

The ability to research a problem and identify possible solultions on ones
own is a critical skill for networkers.  Do you think a CCIE just posts a
question here every time they come across something they are not familiar
with?  I don't think so!  If you want to encourage people to post questions
here without doing research, that's up to you but you're not doing them a
favor.  All you're teaching them is when confronted with a problem... ASK
SOMEONE ELSE!

=
 I can be mean sometimes can't I ;-)... I just get tired of people claiming
 to be networkers and they don't even know how to use the ultimate
resource
 of networkers... the internet... they just post questions here without
doing
 ANY research on their own...




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=26379t=25805
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: OT - List of dirty words [7:26380]

[Hartnell, George]

Speaking as the chief smut-buster at my site for the fed's typical effort
with the Children's Internet Protection Act, you have a hard road coming.
This is a high-profile and thankless duty.

My solution is to go to a commercial provider, make it very clear that the
filtering choice is their responsibility, and keep my head down.  Otherwise,
you need a 'committee' to share the wealth of abuse you're about to take.

As for actual words, the aforementioned commercial provider gave up on the
word game; too many variables, at least in the html filter land.

And, as a 20 year commercial fisher with a few additional commercial diving
years thrown in for good measure, I can assure you that sin-free souls
have little chance covering truly depraved language.  Given that vast
expertise, and the obvious relevance to CCIE-type expertise, I'd be happy to
provide you that information for standard CCIE rates---not!

Your best bet might be George Carlin's list of Seven words you can't say on
television.

Very best, G.
VP OGC

-Original Message-
From: Dennis Laganiere [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 15, 2001 9:03 AM
To: [EMAIL PROTECTED]
Subject: OT - List of dirty words [7:26380]


This is totally off-topic, and I realize it's lazy to ask help so quickly,
but this seems like an interesting quest.

I need to populate my e-mail filters for dirty words, racial epitaphs and
other offensive nonsense. 

Before I corrupt my pure and uncommonly sin-free soul by spending hours
typing every foul thing I can think of, does anybody know of a webpage that
I can cut and paste something, or perhaps e-mail me off-line what you've
accumulated in the past?

Again, let me apologize for the OT, but hey, the sooner I get this lame task
done, the sooner I can power up my pod and contribute some relevant material
to the group.

Thank you in advance for your assistance, and I'm waiting in trepidation to
see what comes my way in response to this inquiry... :-)

-=- Dennis




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=26394t=26380
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Uplink fast and Port fast [7:26236]

[Hartnell, George]

Trip over the same rock fantastic


Spanning Tree Protocol is where you want to go.  Here's a typical symptom:

Install new workstation on high end switch to troubleshoot multimedia
through firewall.  Connection fails. Link light fine. Realize all other cu
ports are static address servers.  Further realize DHCP uses broadcast for
address.  Static address on workstation connects.  Hu.

STP is the culprit.  Why it comes up as a default for simple non-redundant
route switched systems I'll leave up to the conjecturests. (Yes, I do know
the advertised reason.)  If you look at a STP packet through a sniffer, most
of the settings will become clear.  The most important is the time it takes
to become what's known as in a 'forwarding' state.  Typically this adds up
to 50 seconds.  Blocking--listening --learning and finally forwarding.

By the time most of a minute has passed, Microsoft devices needing an
address have given up.  They have no address and so, have no network
connection.  

I've tripped over this rock in my early days of Cisco switching.

I'm tempted to entirely disable STP, in my environment; point to point,
non-redundant, no ring.  There have been discussions on this in previous
threads.  I believe the answer was similar to my feelings --- why not, if
you don't need it?  Not sure of the C(isco)ompany line, though.

Port fast, simply enough, enables a quick STP forwarding state.  Uplink fast
is similar, but over trunked connections, I believe.  Other vendors have
other cutesy names for similar functions.

And, by the way, while STP is a basic, and comparatively simple, those, like
me, who have not much switching stick time, have found it confounding in
that 'real world' we frequent.  That world sometimes has some serious time
limitations.  I tend to learn more quickly by knowing what I looking for.

Very best, G.
VP OGC

-Original Message-
From: MADMAN [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, November 14, 2001 10:54 AM
To: [EMAIL PROTECTED]
Subject: Re: Uplink fast and Port fast [7:26236]


Nothing wrong with questions but for these real basic things a simple
search will work and you will learn more by looking around and reading:

http://www.cisco.com/

  Dave
 

William wrote:
 
 Dear all,
 
 Any one know what is uplink fast and port fast?
 
 Thanks a lot!!
-- 
David Madland
Sr. Network Engineer
CCIE# 2016
Qwest Communications Int. Inc.
[EMAIL PROTECTED]
612-664-3367

Emotion should reflect reason not guide it




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=26297t=26236
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Salary Expectations/CCNP's!!!!!!!!! [7:25805]

[Hartnell, George]

A very distant shout from the lives of some of those we owe...

Thomas Hobbs, Charles Babbage, Albert Smee, Alan Turing.  It never ceases to
amaze me that 'success', in modern America, equals money.  It used to equate
with knowledge and the gaining thereof.  Though some of the early digital
pioneers died poor and alone, I doubt the names of many contemporary CEOs
will last as long in history.  Nor do I feel their contribution(s) have been
of equal value.  The soul of this new machine deserves far better than greed
as the primary motivator.

Best, G.
Vice-president (honorary), Old Geezers Club




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=26310t=25805
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: What do you cats do for motivation? [7:24549]

[Hartnell, George]

Well, my paycheck crack didn't seem to satisfy the mark.  I know it's a
tough job.  Old readers will note my previous, and current, affiliation with
commercial salmon fishing.  Nowadays it is for relaxation.  That smallish
break in the summer has had its moments, and I'm grateful for the escape
into extreme nature from year to year. 

I see too much stress in this newsgroup.  People can be harsh when pushing
hard over a long haul.  Like fishing, we are brothers (sisters, too) of a
common misery.  Also like fishing, I have seen friends die from their
high-tech jobs.  Maybe not as violent an end, but nonetheless, the end.

Lots of folks want to enter the high tech field.  Sometimes, though, the
wanting is considerably different than the having.

I used to think that, with enough work and dedication, anyone could excel in
this field.  I don't think that, anymore.  The learning never stops.  Know
what you've signed up for.

If you think it's hard now, wait 'til you look back at 20 years and wonder
where all that time went!

We're all in this together. So let's keep our sticks on the ice and pull for
each other. 

Very best, G.
VP OGC
Youth is wasted on the wrong people. 



-Original Message-
From: Joe [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 29, 2001 7:10 PM
To: [EMAIL PROTECTED]
Subject: Re: What do you cats do for motivation? [7:24549]


I am sick of networking after doing it for a few years and I quit my job and
take a long break for 2 years and do something that is totally irrelevant to
computer.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=24679t=24549
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: What do you cats do for motivation? [7:24549]

[Hartnell, George]

I look very much forward to continuing picking up my paycheck every
month


Very best, G.
VP OGC
Youth is wasted on the wrong people.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=24568t=24549
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: OT- maybe... [7:24121]

[Hartnell, George]

 Can you give me the url for this WUG product.
 
-
WhatsUp Gold.  www.ipswitch.com

A very decent product for the price.  Simple, yet effective, ICMP polling
plus some SNMP Get additions.  Mapping is good. Graphing available.  The
notification options; from pop-ups to email to pager to noise, are very
useful. One nifty is the ability to poll various NT services.  There are
various customization tools.  COM interfaces are there, as well.

If you think about your basic needs for enterprise management, this is
certainly worth a look. Small fraction of the cost of some vendor's stuff.
Doesn't do it all, but there's always telnet, eh?

Best, G.
V.P. OGC

 
  -Original Message-
  From:   [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]]
  Sent:   Thursday, October 25, 2001 1:03 PM
  To: [EMAIL PROTECTED]
  Subject:OT- maybe... [7:24121]
  
  Hi All, 
  
  Besides Cisco Works, anyone know of any good Cisco monitoring
 apps?
  I am looking to monitor my routers, VPN and switches. 
  
  
  Thanks, 
  
  
  Rich




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=24298t=24121
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: National Geek Guard To Save Data [7:22208]

[Hartnell, George]

Two thousand year-old wisdom:

Who guards the guardians?

Best, G.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=22246t=22208
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Way OT: Interesting Date today [7:21675]

[Hartnell, George]

And, speaking of our neighbors to the north... 

I've heard some very discouraging news from Canada about their new nuclear
menace.








They've had the 'eh' bomb for quite some time.

Best, G.


-Original Message-
From: Chuck Larrieu [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 02, 2001 4:39 PM
To: [EMAIL PROTECTED]
Subject: RE: Way OT: Interesting Date today [7:21675]


as Leigh Anne pointed out indirectly, the Brits use the DDMM format. so
a Brit list would come up with different results than would a Yank list.

Hey, Leigh Anne, up in Canada you folks are half Frenchie. How do the Frogs
do it?

Chuck Larrieu
ancestors left France a very long time ago

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
John Neiberger
Sent: Tuesday, October 02, 2001 8:42 AM
To: [EMAIL PROTECTED]
Subject: RE: Way OT: Interesting Date today [7:21675]


Yes, a palindrome is a word that is spelled the same backward and
forward.  In this case, the numbers are palindromic because--using the
MMDD format--  10-02-2001 is the same when read either direction.
Using MM-D-YY, today is 10-2-01, which is also palindromic.

There is no importance whatsoever, it's just a numeric oddity depending
on which date format you use.  A coworker mentioned it this morning and
we've just been discussing it.  It's completely useless information, but
interesting nonetheless.

However, it's *really* off-topic so I suppose I should get back
on-topic.

John

 Juan Blanco  10/2/01 9:15:13 AM 
 John,
When you said It's a palindrone! are you refering at the following:
A Palindrome is a word spelled the same backwards and forwards
If not please can you give more details for those who do not know what
are
you refering toand why it is so importantand how did you find
out
about those date

Thanks,

JB

-Original Message-
From: John Neiberger
To: [EMAIL PROTECTED]
Sent: 10/2/2001 10:03 AM
Subject: Way OT:  Interesting Date today [7:21675]

10-02-2001...  It's a palindrome!  When was the last date where
this
occurred?  Here at work we think it was 08-31-1380.  When will the
next
one be?  :-)  Sorry for the OT post, I just thought this was amusing.

Back to the morning coffee

John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=22151t=21675
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Sniffing Packet From the router. [7:21111]

[Hartnell, George]

I have the most unsightly wad of V.35 Y cables you ever saw.  Eighteen, last
time I counted; all for a single Network General DSS WAN Sniffer that I
absolutely, positively, cannot live without.

I plug in the Ys when I have to sniff one of those T1 links.  Otherwise, I
try and neatly hang them up in some semblance of order on a home-made
'hanger'.

Very best, G.

-Original Message-
From: Trevor J Corness [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 02, 2001 4:03 PM
To: [EMAIL PROTECTED]
Subject: Re: Sniffing Packet From the router. [7:2]


I honestly have never tried leaving the Y-Cable in on critical links...   
normally I do this stuff on an outside-contractor basis from the perspective

of the company (my client).  I offer outside services at a Communications 
company, my job is to design, install, and troubleshoot networks for many 
clients.  As a result, I only have 1 Y-Cable V.35 for the Internet Advisor, 
and it always leaves with me, when the unit is no longer used.  I will try
to
research this in a lab, and let you know what conclusion I come up with.

Now I know what I am going to fill my 2 spare hours with tomorrow morning.


On October  2, 2001 01:53 pm, Dan Faulk wrote:
 Hey learn something new every day on this list, good info. Could the
 Y-cable be left in circuit on critical links, with proper precautions of
 course, yeah I know simpleton question but you never know. I always leave
 one port open on all my switches just for the sniffer, has made life so
 much easier and safer too, nice to know the same idea could be used on the
 WAN also.

 Dan

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 Trevor J Corness
 Sent: Tuesday, October 02, 2001 3:14 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Sniffing Packet From the router. [7:2]


 The only other way that I know of to avoid crashing the router, and
getting
 a
 useful sniff of the WAN traffic, is to use a V.35 protocol analyzer,
such
 as the HP Internet Advisor.  This is a pricey unit, but if you do this
 stuff regularly (as my coworkers and I do), it is the easiest, and most
 presentable
 way to do this.  Note: There is a short disruption of service while
 inserting
 and removing the V.35 Y-cable used to do this.

 Internet Advisor generates some very management-friendly reports, used to
 present findings to people of a slightly more non-technical background.
It
 also has many VERY powerful features (think: SnifferPro-like GUI).

 I am sure there are other very similiar products out in the field, I am
 only explaining what I have used.  At the present time, this is only the
HP
 Internet Advisor.

 Regards,
   Trevor J Corness, CCNA CCDA JNCIS NNCSS MCSE
   Radian Communication Services Corporation
   http://www.radiancorp.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=21751t=2
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Fridays funnies [7:17141]

[Hartnell, George]

Hummm, with those kinds of credentials those guys shouldn't have to work.




They could teach.



Best, G.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=17443t=17141
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT:National Rebellion Day [7:16928]

[Hartnell, George]

On this date in 1775, England declared the colonies in a 'state of
rebellion'.

Let's all keep up the good work!

Best, G.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=16928t=16928
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: code red [PIX edition] [7:15286]

[Hartnell, George]

Below is a nice read.  Very helpful.  Can someone translate this for me from
RouterTalk into PIXese?

Best, G.



Subject: code red [7:15286]


I wanted to share this with the group:

http://www.cisco.com/warp/public/63/nbar_acl_codered.shtml




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=16071t=15286
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: RouterSim 3.0 [7:11342]

[Hartnell, George]

Hummm, imagine my disappointment when looking for an actual evaluation of
the product.

Can someone enlighten me as to the value of (the new) RouterSim on it's
merits?

Best, G.
VP OGC




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=11556t=11342
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Confused about Cisco Agreement [7:8819]

[Hartnell, George]

Cisco agreement!!??? Cheating must be discouraged, everywhere.  See below;
yet another reason Cisco certs are becoming 'required' while advanced
degrees are 'preferred' in those lucrative job postings

From the Bellingham [Washington State] Herald, June 17, 2001, Editorial
Opinion:

In an outrageous scenario that played out this winter quarter, a computer
science lecturer had to resort to handing in her resignation to get the
administration's backing to flunk a student caught cheating on an exam.  ...
The student had turned an a four-question essay test in which his answers
mirrored the previous exam but not the one being given. ... The
[university's Student Academic Grievance Board] ruled that this particular
type of cheating was not one listed in the rule books, so the student should
be cleared.  Egad.

Egad, indeed.  Public education should be ashamed, and good for Cisco for
their attempts to limit ill-gotten gains.

Best, G.

-Original Message-
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
Sent: Saturday, June 16, 2001 10:37 AM
To: [EMAIL PROTECTED]
Subject: Re: Confused about Cisco Agreement [7:8819]


At 06:47 AM 6/16/01, Oletu Hosea Godswill, CCNA. wrote:
Has anyone really taken time to read and thoroughly understand the Cisco
examination agreement page?

The item 6 in that agreement reads(ie page 2 of your score sheet) Not to
sell, license, distribute, give away, or obtain from any OTHER source OTHER
THAN CISCO the exam materials, questions or answers

Is Cisco trying to say that obtaining exam materials from Sybex, boson,
certifyexpress, cramsession, wanpro, certificationzone,

None of those sites have the Cisco exam materials. Only Cisco has them. By 
materials they mean the actual test. But if someone besides Cisco somehow 
got a hold of the exam materials and then you got them, you would be in 
possession of stolen goods, which is illegal in the U.S.

and passing on same
materials to friends who need them for their exams or borrowing others is
illegal?

Passing on materials of any sort might be illegal if the materials are 
copyrighted. That's a different issue, though.

If that is not what they meant, I think it is good they re-amend
that item 6.

Am confused, can someone explain better to me. Are mind by this enslaved to
cisco for all my materials relating to the exams or what do they really
mean.

Regards.
Oletu


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=9003t=8819
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: retransmissions [7:7731]

[Hartnell, George]

I like that plain English part; the computer people I know do not normally
speak plain English.

Actually, I've had some fascinating (to a computer person) times with a
Sniffer and retransmissions.  My aging DSS' expert analysis feature does
allow for quick 'drill downs', and is vastly superior, still, to Microsoft's
useful network monitor.

Using this, one of my more interesting finds was with an I/C seismometer
using IP to transmit information packets to a mini-cpu down at the
university.  Had a 'retransmit' error every three packets.  The geologist
were happy, the data was transferred and processed ok.  The Sniffer's
increments of red numbers, however, were quite annoying.

The 'retransmitted' packets were different sizes.  The sequence number from
the instrument side, however, did not change.  This, I believe, is one of
the 'definitions' of a retransmit.  This was not, however, an error
condition, except in the protocol violation. 

As happens with good test equipment, I persuaded the U. to replace the NIC
card and all was again sweetness and light.

There are other, more mundane, natural acts of retransmits.  It's fun to
watch outside/inside IP traffic once in a while.  Besides, it would give you
a 'feel' for what looks 'good' sos't when it's very, very bad, you have some
baseline for a troubleshooting start.  

And a baseline that 30% is too much on a sustained basis.

Very best, G.

-Original Message-
From: Nick R [mailto:[EMAIL PROTECTED]]
Sent: Monday, June 11, 2001 11:35 AM
To: [EMAIL PROTECTED]
Subject: RE: retransmissions [7:7731]


Forget about AutoNegotiation and set all nodes to manual 10 or 100 Mbps. 

Also, Priscilla had some good questions. What kind of retransmissions are
those? What layer? The Expert Software in the Sniffer will tell you the
details broken down to a plain english language.

-- Nick




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=8180t=7731
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Semi-RANT: extended exams [7:7871]

[Hartnell, George]

It's all due to the latitudinal locations of both Canada and Australia, both
former British colonies.  Because of these extremes, and the northerly
location of the British Isles themselves, they use the 20 hour day, instead
of the more conventional 24 hour period.  Canada, particularly, I have
heard, is moving toward the 24 hour day with typical reluctance, as it is a
perceived movement towards the Americanization of that country on the
United States' northern border.  So the stated time difference for those
test is actually the 'corrected' time for that 20 hour day.


(Apologies to that great Canadian TV show, Twenty-two Minutes in This
Hour.)

Best, G.
V.P. OGC


-Original Message-
From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, June 12, 2001 9:01 AM
To: [EMAIL PROTECTED]
Subject: Re: Semi-RANT: extended exams [7:7871]


I'm not even sure if there's a CCIE test center in Australia, but, if 
there is, let's not be too hasty in assuming English, American, or 
Australian.

American candidate to Australian proctor, probably ok:  ping that row-ter

English candidate to Australian proctor, ping that root-er, and the 
candidate immediately makes inappropriate physical contact with the 
person in the apparently appropriate direction.

Vaguely reminded of the Battle of Britain veteran, waving his hands 
and ranting there were fokkers to the left of me, fokkers to the 
right of me... and being interrupted with There weren't any Fokkers 
in the Battle of Britain!

What does that have to do with it? These fokkers were Messerschmidts!

(Wondering if this will get through the filters).




On Mon, 11 Jun 2001, Kevin Wigle wrote:

  I wasn't aware that an extended exam was anymore different than normal
  exams except you get more time.

  If this truly is the only difference I'm not sure what your point is.
If
  you, a good English speaker can do the test in 1 hour, then - you're
done.
  Doesn't matter if the exam has allotted 2 hours or 3 hours, you're done
in
   1.

Picture the following aborted recruiter interview:

Me: I'm a CCNP and CCDP...

Recruiter: (interrupts me) You passed the extended exams, not the
standard ones. You're not a true CCNP and CCDP. You won't do. Good bye.

(OK, this is slightly exaggerated, but it should give you the gist.)

  I don't think too many people from the US/Canada are going to hop a
plane
to
  get that extra 30 minutes test time.  Perhaps someone in Brittain would
take
  the train to France?  that would probably bump the effective price up a
bit.

Well, now that you mention it... A Briton would have to hop onto a train
or plane to Brussels to take the CCIE lab. So would a German, a Greek,
or a Spaniard. I don't remember anything in the CCIE lab blueprint that
mentioned granting an extra 2 hours, or half-day, or whatever, to
candidates who don't speak natively whatever language(s) the lab
documents are written in and or the lab proctors speak or mangle. That
sounds inconsistent with the stated goals, esp. when the CCIE written
*has* the extension.

  I agree with your point #1 and with that a candidate should be able to
elect
  to take a non-extended exam.  However, a problem could present itself
later
  if a candidate failed the exam and then complained he didn't understand
the
  consequences of not taking an extended exam!  :-)  I don't think that
Vue
or
  Prometric want to be responsible for having to first judge the English
  proficiency of a candidate.

Amusingly, at least one Prometric testing center in Paris also offers an
ESL proficiency exam. But you're right, they shouldn't have to. However,
there are ways around this, such as letting you (the candidate) take the
exam again for free, perhaps limiting that to cases where you appear to
be in good faith and or didn't fail the exam abismally (which could be
decided by the number of correct answers to questions you had time to
answer before the ax felt). Also, the policy is cisco's, and my email
was addressed to cisco.

  Your point #2 probably wasn't thought of in that way because that would
be
  politcally incorrect and nobody wants that  :-)

OK, so I'm blunt and unsubtle. :-) I'm curious, though: what would be a
newspeak way of stating it without making it meaningless?

  Your point #3 would require in my opinion that the option to accept/deny
the
  extended exam would have to be asked in the candidate's native language.
  Now imagine how interesting that could get...

I must have a pedestrian imagination, because all solutions to that that
I could think of are uninteresting.

- If registering online: IMHO, someone who could navigate the test
   center's web pages should be able to understand a warning, or a
   mention, in plain English right at the point the option is offered.

- If registering in person or on the phone: you would presumably speak
   to someone (an administrative assistant or receptionist, perhaps) who
   speaks the same language as you.

  Unless the exam 

RE: Rule 5-4-3 [7:7578]

[Hartnell, George]

A couple of 5-4-3 refinements:

Try this picture:
   MORE HOSTS
   \.../
 hosts  HUB(s)  hosts
  \|/\|/\|/
host --- hub --- repeat --- SWITCH --- repeat-- hub --- hub etc...
  /|\/|\/|\
 hosts  hosts  hosts

The question of 'slot time' becomes confusing to me with the addition of
one, or more, switches into the (10,100,1000) circuit(s).  The 'etc' above
asks, What is the practical limit of cascaded switch/hub combinations in a
10 Mb/s ethernet?  A combination 10 and 100 Mb/s ethernet?  Yes, even with a
1Gb/s backbone?  Please, don't laugh, we here in K-12 education need to
lash up all kinds of stuff.  Sometimes, if you can believe it, people will
even sneak an extra hub into the building!

No problem is insurmountable with the comparatively limitless private sector
resources.  Network design is easy (easier) without the albatross of old
equipment never, ever, being surplused out, just moved out closer to the
edge. That's why we like the theory, as below.  We frequently need to figure
out what flies ourselves.

Very best, G.

 
Be strict in what you send, and forgiving in what you receive.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
George Hartnell, Network Supervisor
Bellingham School District, 1306 DuPont St.
Bellingham, Wa. 98225-3198 (360)647-6860
[EMAIL PROTECTED] Internet Mail



-Original Message-
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 07, 2001 12:38 PM
To: [EMAIL PROTECTED]
Subject: Re: Rule 5-4-3 [7:7578]


At 02:17 PM 6/7/01, Aleksey Loginov wrote:
Hi!
Question about rule 5-4-3.
How it's work for 10BaseT?
This scheme correct?

 hosts  hosts  hosts
  \|/\|/\|/
host --- hub --- repeat --- hub --- repeat --- hub --- host
  /|\/|\/|\
 hosts  hosts  hosts


Great job on the ASCII art! It's quite pleasing to the eye. ;-)

A 10BaseT hub is a repeater. Dare I say that there's no difference between 
a Layer-1 repeater and a hub? Just like there's no difference between a 
Layer-2 switch and a bridge, or a Layer-3 switch and a router. Argh.

One topology that became popular for explaining propagation delay on an 
Ethernet network was the 5-4-3 topology. With a 5-4-3 topology, you can 
have up to five segments in series, with up to four repeaters, and no more 
than three mixing segments. If three mixing segments are used, then the 
remaining two segments must be link segments. A mixing segment is one that 
can have more than one attachment, such as a coax cable. A link segment is 
a point-to-point link. It could be a fiber link between hubs, for example. 
A 10BaseT hub connection to an end station is also a link segment.

The 5-4-3 topology is just one of many models that work actually. It is a 
simplification of the actual rule that says that the round-trip propagation 
delay in one collision domain must not exceed the time it takes a sender to 
transmit 512 bits, which is 51.2 5s for 10-Mbps Ethernet, and is also known 
as the slot time.

A single collision domain must be limited in size so that a station sending 
a minimum-sized frame (64 bytes or 512 bits) can detect a collision and jam 
signal reflecting back from the opposite side of the network, while the 
station is still sending the frame. Otherwise, the station would be 
finished sending and not listening for a collision, thus losing the 
efficiency of Ethernet to detect a collision and quickly retransmit the 
frame. For a higher layer to notice that the frame needs retransmitting 
takes much more time. Ethernet retransmissions occur within nanoseconds.

Priscilla


Any comments, please.

Best regards,
Aleksey


Priscilla Oppenheimer
http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=8036t=7578
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

T and F LA's. Was Intrusion Detection [7:6840]

[Hartnell, George]

STFW?  LOL?  My fifty plus years are showing.  While I once used familiar
jargon like 'far out', 'spacy' and some others, I find myself puzzled by
some of the new acronyms used by the YPKs.

Is there some dictionary of current acronyms used by my younger colleagues
sos't I can communicate?

It is Friday, after all, so enjoy the funnies!

Best, G.
V.P. OGC

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 30, 2001 2:59 PM
To: [EMAIL PROTECTED]
Subject: RE: Intrusion Detection [7:6494]


STFW?  Hmmm?

Security Things to Fiddle With?  .Org or .Com?

-Original Message-
From: Christopher Kolp [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 30, 2001 14:47
To: [EMAIL PROTECTED]
Subject: RE: Intrusion Detection [7:6494]


Wow, such hostility.

Sorry for raining on your parade, I found the page and am checking it out.

Why don't you go back to answering the phones and get off my back.

ck





 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 Russ Kreigh
 Sent: Wednesday, May 30, 2001 5:30 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Intrusion Detection [7:6494]
 
 
 STFW!
 
 
 - Original Message -
 From: Christopher Kolp 
 To: 
 Sent: Wednesday, May 30, 2001 4:02 PM
 Subject: RE: Intrusion Detection [7:6494]
 
 
  link please
 
   -Original Message-
   From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED]]On Behalf Of
   Russ Kreigh
   Sent: Wednesday, May 30, 2001 4:48 PM
   To: [EMAIL PROTECTED]
   Subject: Re: Intrusion Detection [7:6494]
  
  
   Snort is also a decent one for the price (free)
  
  
  
   - Original Message -
   From: William E. Gragido
   To:
   Sent: Wednesday, May 30, 2001 3:11 PM
   Subject: RE: Intrusion Detection [7:6494]
  
  
Check out Intrusion.com
   
They make some truly great products
   
-Original Message-
From: [EMAIL PROTECTED]
   [mailto:[EMAIL PROTECTED]]On Behalf Of
Mel Chandler PMI
Sent: Wednesday, May 30, 2001 2:08 PM
To: [EMAIL PROTECTED]
Subject: Intrusion Detection [7:6494]
   
   
Has any had the opportunity to evaluate an intrusion
   detection system?  I
know Cisco makes one, not sure what it runs for an OS and
   how well it's
   put
together.  Have looked at Cabletron, excuse me, Enterasys,
   and Webtrends.
Anyone offer any insight?
   
   
Mel L. Chandler, A+, Network+, MCNE, MCDBA, MCSE+I, CCNA
[EMAIL PROTECTED]
Network Analyst
Information Services
PMI Delta Dental
(562) 467-6627
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to
   [EMAIL PROTECTED]
FAQ, list archives, and subscription info:
   http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to
   [EMAIL PROTECTED]
   FAQ, list archives, and subscription info:
  http://www.groupstudy.com/list/cisco.html
  Report misconduct and Nondisclosure violations to 
 [EMAIL PROTECTED]
  FAQ, list archives, and subscription info:
 http://www.groupstudy.com/list/cisco.html
  Report misconduct and Nondisclosure violations to 
 [EMAIL PROTECTED]
 FAQ, list archives, and subscription info: 
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=6840t=6840
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How work in large environment? [7:4420] How work in large environment? [7:4420]

[Hartnell, George]

Don't forget the public sector entities.  Metropolitan, campus and
government networks can offer some great exposure.  

The pay, on the other hand.

Best, G.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=4442t=4420
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Stop Sending me mails this is my fourth mail. [7:3280]

[Hartnell, George]

I came into IT from commercial fishing almost 20 years ago.  Kept my fingers
in that exercise, as much as possible, over the years.  I work in education,
so summers, in the past, have had some time to get out on the boat.  I had
to give that up, recently; just not enough time for both IT and that kind of
'part time' work.

It's true what they say about commercial fishing.  My wife and I have lost
several friends over the years to the 'worlds most dangerous profession.
Many of us have come close.  Comes with the territory.

There was a time, though, a few years back, that I buried a couple of
friends within a short period.  While not the diagnosis of record, many of
us saw a direct relation with their early demise (one was 43 years old) and
on-the-job stress related illness(es).  They were both IT professionals.  So
called 'safe' profession.

So, keep in mind, gentle readers, that stress can, and does, kill just as
surely as that 90 foot wave in Perfect Storm.

If you don't have the temperament to deal with that stress, be careful and
realistic with yourself.  Do take positive action if you find yourself(ves)
'out there' in high-stress land.  No amount of compensation can make up for
the long-term harm that can sneak up on the unwary.

On the boat, with the crew, we have a saying; Brothers of a common misery.
We also say a rising tide raises all ships.  While IT folks don't generally
depend upon each other for life itself, we should keep in mind that we can
find ourselves working closely with one another throughout our careers.
Deliberately spreading more misery (read stress) produces neither less
misery nor more common brotherhood.

It can, indeed, lead to worse scenarios.

The IT job is hard enough.  

Very best, G.

 

-Original Message-
From: hal9001 [mailto:[EMAIL PROTECTED]]
Sent: Saturday, May 05, 2001 12:07 PM
To: [EMAIL PROTECTED]
Subject: Re: Stop Sending me mails this is my fourth mail. [7:3280]


And quite alot of ignorance on one persons part.

Karl
- Original Message -
From: William E. Gragido 
To: 
Sent: Saturday, May 05, 2001 8:01 PM
Subject: RE: Stop Sending me mails this is my fourth mail. [7:3280]


 I am detecting a lot of hostility here...

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 Larry Osei-Kwaku
 Sent: Saturday, May 05, 2001 5:31 AM
 To: [EMAIL PROTECTED]
 Subject: Re: Stop Sending me mails this is my fourth mail. [7:3280]


 You Fool !

 Go to WWW.groupstudy.com and unsubscribe yourself.


 --- M. HASAN USMANI.  wrote: 
 unsubscribe cisco
 
 
  STOP SENDING ME EMAILS!!!
 
  UNSUBSCRIBE CISCO
  UNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE
  CISCOUNSUBSCRIBE CISCO
 
 
 
 
 
 
 ___
  Send a cool gift with your E-Card
  http://www.bluemountain.com/giftcenter/
  FAQ, list archives, and subscription info:
  http://www.groupstudy.com/list/cisco.html
  Report misconduct and Nondisclosure violations to
  [EMAIL PROTECTED]
 
 
 


 =
 Wear a smile and have friends; wear a scowl and  have wrinkles.
   - George Eliot

 the greatest glory is not in never falling, but rising up each time we
 fall.

 The greatest man is not he who does not fall but he who falls and rises
 again to win

 
 Do You Yahoo!?
 Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
 or your free @yahoo.ie address at http://mail.yahoo.ie
 FAQ, list archives, and subscription info:
 http://www.groupstudy.com/list/cisco.html
 Report misconduct and Nondisclosure 

RE: Job Opening Senior Network Engineer

[Hartnell, George]

I note with interest that the 4 year degree is "preferred" whilst the CCIE
is a "must have".

Four year institutions need to scrutinize their heretofore stranglehold on
credentials.  To little bang for too many bucks with a mini portion of
relevance in the real world.

Best, G.


-stuff omitted ---
  
   Job Requirements:
   * Must have CCIE Cisco Certification
   * BA or BS degree preferred
   * Ability to document and provide in-depth reporting and
   analysis
   * 5 years of industry experience


 -bla bla bla---
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX IOS upgrade

[Hartnell, George]

Having just installed 5.3(1) on a replacement 515.  I am seeing what I
believe(d) to be logical icmp denies on a regular basis.  Can anyone point
me to the right TAC (or other) spot for analysis of these rumored maladies?
I've searched the bug reports  And yes, one of the 'shotgun' solutions
was to drop down to 5.2.  Apparently, however, this was not the solution
this time.

Maybe TAC Tools Seminar meltdown yesterday was more significant than its
functionality...

Best, G.

-Original Message-
From: John Hardman [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 03, 2001 12:54 PM
To: [EMAIL PROTECTED]
Subject: Re: PIX IOS upgrade


Hi

There have been a lot posts in the Cisco news groups about people having
ICMP problems with 5.3 code. Several stating that TAC has recommended a down
grade to solve the problems. Personally I would not install a 5.3 code at
this time. 5.2.x seems to be fine.

HTH
--
John Hardman CCNP MCSE


""Paul L Holloway"" [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
 I'm upgrading the IOS on a new PIX. What would be the downside of me
upgrading to 5.3 without stepping up incrementally and just going directly
from 4.4 to 5.3. I don't see anywhere in the Cisco documentation where they
advise against this, but I seem to remember several threads here advising to
go up one version at a time. Any thoughts??
 Paul
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX Performance

[Hartnell, George]

It *was* broke.

After much wailing and gnashing of teeth, I finally tried shutting down the
primary.

Bandwidth was immediately improved.

S, I'm calling this a faulty 515 primary system E0 interface.

Best, G.
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX Performance

[Hartnell, George]

How's about a little 'real-life' observation on a 515UR/failover package:

Problem:
external limited to ~850Kbit/s since install. Normal range, 2.5-3.5Mbits/s
internal ether on 515 does not exceed 140-160KBytes/s
internal ether has unusual number of IP transport retransmissions.
no apparent loops/collisions/protocol/hardware problems (Fluke OneTouch)
external ether on 515 sends 2.5Mbits/s+ to external IMux'ed T1's fine.
load: well under specs.
no NAT
5.3

internal -- hub/switch -- 100Mb/full -- 515 -- 10BaseT --border router
--T1X3 --external

N.G. Sniffer on internal and external side of 515.  Fluke OneTouch as well.

Somehow, it seems that, despite the theoretical, this PIX is throttling the
bandwidth at around 850Kbits/s.  The MRTG graph is most unusual and
certainly shows the pattern of a throttle of some  sort.  Plateau shape, no
spikes.  Config normal, as far as a couple of us can tell, certainly nothing
bazaar.  I've tried disabling the failover, yes.  No NAT *may*, I've heard
speculation, need another kind of treatment.  Seems like  '0 0 0 0' with
statics wouldn't kill the throughput...

How or why it's down that has been a baffler for a couple of days/nights.
Maybe it's broke.

If anyone might have a suggestion on what to look for ('show what?)|(debug
what?) I'd listen.  Otherwise, handy syslog indicates the thing is doing
it's job.  A "must have" device.

However, to keep internal peace, I may have to not have until I can get a
solution.

Best, G.
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Advance Cisco PIX Configuration Exam - Passed!

[Hartnell, George]

Well, I've looked there, at the CCO, and the documentation I've found is
'ok'.

By 'ok' I mean that you *can* successfully set up the PIX from those docs.
The PIX, however, isn't there for just NAT, it's there to help secure your
network.  To that end there seems, to me, to be very little in the way of
code snippets for, say, preventing a simple smurf, or for dropping IP
packets where the source isn't from your address range.  Things that CERT
talks about, but how do you *do* that on your firewall?

In fact, some current 'how tos' at the Cisco PIX site still talk about the
'outbound' command; something even IOS 5.1 (5.3 is current) indicates has
been superseded by the 'access-list' command.  Check out this outdated
'help' yourselves:

"Question: How do you configure outbound access lists on the PIX box?

http://www-1.cisco.com/cgi-bin/Support/OpenForum/dispnewqa.pl/3753  "

While it's sometimes nice to have archival information for past IOS
versions, clearly this information is less-than-useful to current PIX IOS
users.  Unless, as many, I'm lost in the vastness of CCO-land, which,
admittedly, is possible.

So, it's nice that somebody passed the exam.  It would also be nice to find
a resource for the PIX.  I'm still struggling, but making headway.

Best, G.


_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 0s and 1s??

[Hartnell, George]

"I read in an article that Michael Muuss has died in a car accident. He is
the person who gave us a tool called "PING" to make our lives easier when
troubleshooting our networks."
-
And he is now surrounded by his loved ones,

and his loved zeros.


Happy Friday! (sent during the recent downtime.)

Best, G.

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How to Open Pix firewall Ports

[Hartnell, George]

Hi Muhammad,

I just put up a 515-UR, OS 5.3(1).  Quoth the manual, "Cisco recommends that
you do not use the access-list command with the conduit and outbound
commands."  There are some evaluation sequence issues.

That said, from configuration mode:
access-list acl_out permit tcp any any eq 3050
access-list acl_out permit udp any any eq 3050
similar entries for port 3051
access-group acl_out in interface outside

Like many computer things, there are other ways around the barn, and other
flavors of the command to do the same, or similar things.  For instance
'any' can be substituted with a 'host ipaddress' for a single permit or a
'ipaddress netmask' combination for a range of permitted systems to access
those ports.  'udp' and 'tcp' can be covered by 'ip', which also covers icmp
packets.

While I haven't used this command, 'range' could be used as the operator
rather than 'eq'. According to the manual, thusly:

access-list acl_out permit ip any any range 3050 3051

That should/could drop your configuration file line count down a bit.  My
configuration file is leaning towards the enormous.  Small price, though,
for a secure site.

Best, G.
Bellingham, Washington

-Original Message-
From: Darren Crawford [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, March 13, 2001 11:06 AM
To: Muhammad Faheem; cisco@groupstudy. com (E-mail)
Subject: Re: How to Open Pix firewall Ports



If you are opening the ports to "outside" entities you'll need to create
conduits.  They would look something like this:

conduit permit udp host 1.1.1.1 eq 3050 any
conduit permit tcp host 1.1.1.1 eq 3050 any

conduit permit udp host 1.1.1.1 eq 3051 any
conduit permit tcp host 1.1.1.1 eq 3051 any

HTH

Darren

At 09:56 PM 03/13/2001 +0400, Muhammad Faheem wrote:
Hi Guys

I want to open port 3050 and 3051 on Pix firewall , i would appreciate if
any body Guide me how to get this done or what command should i check.

Regards
Muhammad Faheem
Systems Engineer
Afcomp
Hello : (9714)-3933878 / 3027338
Fax   : (9714)-3933832
Web  : www.afcomp.com

_
FAQ, list archives, and subscription info: 
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] 

Darren S. Crawford
Lucent Technologies Worldwide Services 
2377 Gold Meadow WayPhone: (916) 859-5200 x310 
Suite 230   Fax: (916) 859-5201 
Sacramento, CA 95670Pager: (800) 467-1467 
Email: [EMAIL PROTECTED] Epager: [EMAIL PROTECTED] 
http://www.lucent.comhttp://www.lucent.com   Network Systems
Consultant - CCNA

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: HEX

[Hartnell, George]

That Priscilla is a real jewel, eh?  I think I'll add this formula to my
*must know* list.

The one tid-bit I might include, though not reputed to be 'test centric', is
to *memorize* (I say this as a member in good standing of the O)ld G)eezer's
C)lub) the binary numeric for HEX digits.  The 'weight' of the bits logic
has helped me out a few times  An interesting math trick, 16^4 is
()+1 or (   )+1.  Note that 2^16=16^4=1   
 binary=0x1 hex.  They all reach the same number.  It took this 52
year-old maybe a week of practice to 'grok this in it's fullness'.  Just my
way of figgerin' it out.  There are others.

It is delightful to hear of someone who hasn't fired up the scientific side
of that Windows accessory for this kind of math.  I've been helpless without
that hex/bin calculator for years.  The memorization/concept isn't that
hard, though, and, really, CCxx's should, as advertised, be able to do this,
'in your head'.

Best, G.

-Original Message-
From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 02, 2001 4:27 PM
To: [EMAIL PROTECTED]
Subject: RE: HEX


I never even knew the Windows Accessories calculator converted to hex! I 
just do it manually. I have the following numbers and letters pretty much 
memorized, so that helps.

10 = A
11 = B
12 = C
13 = D
14 = E
15 = F

16^0 = 1
16^1 = 16
16^2 = 256
16^3 = 4096
16^4 = 65536

Figure out where the number they give you falls in the above list, for 
example, is it between 256 and 4096? Or between 4096 and 65536? Divide by 
the smaller of the numbers you select. Keep dividing the remainders until 
you run out of numbers, (or can select the right answer, it is multiple 
choice after all!)

Here's an example: Convert  to Hex. Easy!

Divide  by 4096 = 1, remainder = 1459
Divide 1459 by 256  = 5, remainder = 179
Divide 179 by 16= B, remainder = 3
Divide 3 by 1   = 3

Answer = 15B3

Note: a few things made this example easy.  divided by 4096 is 
obviously 1. 256 x 5 is obviously 1280. 16 x 11 is obviously 176. Often 
it's much easier than it seems. (Sometimes, it's not and you just do brute 
force.)

Priscilla

At 09:26 AM 3/2/01, Dale Frohman wrote:
exactly.  I had a friend who told me there was some HEX conversions on the
BCMSN exam which i am scheduled to take in a couple of weeks.

On Fri, 2 Mar 2001, Barronton, Ken wrote:

  Because you can't use it during an exam. Real life...OK, exam...NO.
 
  -Original Message-
  From: Nuria Canamares [mailto:[EMAIL PROTECTED]]
  Sent: Friday, March 02, 2001 6:27 AM
  To: 'Dale Frohman'
  Cc: [EMAIL PROTECTED]
  Subject: RE: HEX
 
 
  Why don't you use the calculator of windows accesories?
 
  -Mensaje original-
  De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]En nombre de
  Dale Frohman
  Enviado el: Jueves 1 de Marzo de 2001 3:24 PM
  Para: [EMAIL PROTECTED]
  Asunto: HEX
 
 
  Does anyone have a way/tricks in remembering how to do HEX conversions?




Priscilla Oppenheimer
http://www.priscilla.com

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: what is the average age of people in this stuff?

[Hartnell, George]

Please sign me up for the OGC, as I more than qualify.

'Round here we chew up and sipt out the YPK's  Those that stick around might
learn enough to qualify for OGC membership when their time comes.

Very best, G.
 
"Be strict in what you send, and forgiving in what you receive."
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
George Hartnell, Network Supervisor
Bellingham School District, 1306 DuPont St.
Bellingham, Wa. 98225-3198 (360)647-6860
[EMAIL PROTECTED] Internet Mail


-Original Message-
From: Christopher Kolp [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 27, 2001 12:40 PM
To: [EMAIL PROTECTED]
Subject: RE: what is the average age of people in this stuff?


Young Punk Kid here...

Coming to take your job soon. :)

Thats right, grampa :) It's a kids world.

ck



 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
 Tom Lisa
 Sent: Tuesday, February 27, 2001 2:52 PM
 To: [EMAIL PROTECTED]
 Subject: Re: what is the average age of people in this stuff?

 If you wish to join the OGC, I will be happy to appoint you 
 in-house counsel.  Then we
 can sue the hell out of any YPK's that get in our way! :)  
 Remember, even if we're
 clueless, when OGC members talk, people listen.
 
 Tom Lisa, Instructor, CCNA, CCAI
 Community College of Southern Nevada
 Cisco Regional Networking Academy

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: what is the average age of people in this stuff?

[Hartnell, George]

I'm fifty-two.

The memory does become more of a challenge.  The quick uptake takes a hit.
The twenty-hour days take days of recuperation.

But the knowledge chase is still very satisfying.  It comes in a more
relaxed and in-perspective kind of way.  I enjoy mastery of the thing, and,
looked at in that way, the long hours of study melt into, well, the career,
life, the way.  Whatever.

Best, G.

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Speaking of cables....

[Hartnell, George]

Hi,

I jus' happen to have a couple of 2600 series routers, 2610  2611, as well
as a Network General  WAN Sniffer.  I also have a 'Y' cable, with V.35
female-female ends.  The third 'Y' leg goes to the WAN Sniffer.  I have one
(1) Cisco V.35 DTE serial cable, male.

There are a smattering of other router vendors around here, too.  HP, Bay,
Wellfleet.  I've found it useful to sniff the various WAN protocols between
vendors, from time to time.  Very instructive.

What I'd like is to connect the two Cisco's for a training lab, of sorts,
for myself, and my staff.  I'd like to be able to cross-connect serial
router ports on all those vendors, but Cisco would be sufficient. 

So, can I procure a Cisco DCE serial cable and complete the cross-over that
way?  I realize I'd need a gender-bender, given the f-f config of the 'Y'.
That would also negate a generic V.35 to those other routers mentioned, I'd
have to fabricate a cross-over for each.  

Can I procure another Cisco DTE V.35 cable and cross over within the 'Y'?
What would be, or where can I find, the pin outs for that?

Finally, how might you, gentle reader, do this another way?


Cisco serialV.35--V.35-Cisco serial
  |
  |
  -WAN Sniffer

I also have a couple of CSU/DSUs available.  Forgive my ignorance, but I've
only used them over point-to-point and frame T1s on public networks.  Can I
directly wire those devices back-to-back and achieve router-to-router WAN
connections in that way, as well?  Again, what might be the wire chart for
that T1-like circuit labeled 'cu', below?

RouterV.35-V.35---CSU/DSU-(cu)-CSU/DSU-V.35-Router
|
|
---WAN Sniffer

Thanks for any ruminations on this connectivity issue.

Best regards, G.
 
"Be strict in what you send, and forgiving in what you receive."
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
George Hartnell, Network Supervisor
Bellingham School District, 1306 DuPont St.
Bellingham, Wa. 98225-3198 (360)647-6860
[EMAIL PROTECTED] Internet Mail

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Disappointed with ccnp!!

[Hartnell, George]

Quoth someone earlier:

"If you work for the state or your county, you can make
a LOT of dough. They tend to overpay for most
positions."

Could someone tell me just what that state or country that is?

Best, G. (A third generation government technical employee.)


Somewhat more seriously, public sector education work, while in *my*
experience is far from riches, does present a good resume stuffer.  The
velocity only promises to increase with "technology in education" being such
a current buzzword.  My team gets the exposure.  Those who have gone on to
the private sector from here have made out quite well.

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: RE: Last Nights DC Cisco Meeting

[Hartnell, George]

Well, I used to live near DC -- traveled up there quite a bit, in my 18-21
days.  Long time ago.  But, I wonder, what was said there in DC about
certificationzone?

Best, G.

-Original Message-
From: Steve Jacks [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 19, 2000 1:39 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: RE: Last Nights DC Cisco Meeting


Actually the website was never mentioned at the meeting.  I asked around and
was told it was Knowledgenet.com however I now know it is
CertificationZone.com. -Chuck

---
Thailand's BEST Free Email at Bangkok.com - http://mail.bangkok.com

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

L3 Switch Individual Host Route

[Hartnell, George]

Hi,

Let's imagine that you have a L3 switch with a segment (x) serving a
(actually more) router feeding another segment (y).  The L3 has other BVIs
(w and z).

Let's also imagine that one has a server belonging to the routed segment y,
(y.1) Let's also imagine that the server has crashed, and needs to
physically be located at the L3 switch site, several miles from its "home"
on physical segment y.  Server Y's IP address is, as aforementioned, Y.1.

Can routing switch L3 have an individual port configured for an individual
host route?

So, steps?  The static ip route statement is fine, but for the next
interface entry?
What about the existing ip route to the router server segment X?  All routes
do go through that L3 first.  Router (YX) would also have the static entry
for Y.1.

Or, am I barking up the wrong pole?  Simpler solutions do exist.

Jus' wonderin'

Best, G.

--YRouterX---L3Z--Router-cloud
 |
 |
  host Y.1

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: 100BaseT Between Buildings

[Hartnell, George]

Not with copper.  Single mode fiber with LX modules work for me.  You can
buy 100Mb/sec cu to single mode fiber media converters.  I don't think you
can 'get there from here' with multimode fiber, or, as aforementioned,
copper.

Oddly enough, it seemed (to me) that gigabit LX gbic modules for some
catalyst switches are just as inexpensive as the media converter lash-up.
One-hundred meg ethernet is also less challenging to 'sniff' for problems.

Probably you will want to run single-mode anyway; keeping future scale-up
options open.  Strandage?  Spares are handy. Phones too?  Look at copper
hybrid cable for cu-T1 or extra fiber stands for T1/DS1 PBX phone switches.

Or, why not wireless?  If you're line-of-site, there are some 100Mb/s
solutions out there.

Best, G.

-Original Message-
From: Rossetti, Stan [mailto:[EMAIL PROTECTED]]
Sent: Monday, December 04, 2000 3:10 PM
To: '[EMAIL PROTECTED]'
Subject: 100BaseT Between Buildings


Does anyone know of a way to implement 100BaseT between 2 buildings that are
¾  (~ 4100 feet) of a mile apart?  I think the distance limitation per
segment is 200 meters.




Thanks

Stan Rossetti

Russia Services Group
Voice:  (256) 544-5031
Email:  [EMAIL PROTECTED]
Beeper:  544-5031 pin 0112

CCDA, CCNA, CCSE

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: T3- DS3

[Hartnell, George]

Been here before, but bears repeating:

http://eff5.csuchico.edu/bellingham/silver/staff.html


Subject: Re: T3- DS3

No, they are identical. I'm sure someone else will respond with some more
history on the reasons they are named the different things. The DS is
digital signal and T I assume has something to do with TDM. Its 28 T1's or
DS-1's, or 672 DS0's though I have never heard T0. 

andy

On Tue, 21 Nov 2000, Chris Larson wrote:

 What is the difference between the 2. I know a T-3 is the about equal to
30 T-1's, but there must also be a difference in signaling right?
 

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: T3- DS3

[Hartnell, George]

Ah, the many varied duties of the harried network supervisor:  

The ACTUAL link on the T3-DS3 conundrum is:

http://www.dcbnet.com/notes/9611t1.html

Thanks to Jon McC for the correction.

Subject: RE: T3- DS3


Been here before, but bears repeating:

http:// bad address! no biscuit!


Subject: Re: T3- DS3

No, they are identical. I'm sure someone else will respond with some more
history on the reasons they are named the different things. The DS is
digital signal and T I assume has something to do with TDM. Its 28 T1's or
DS-1's, or 672 DS0's though I have never heard T0. 

andy

On Tue, 21 Nov 2000, Chris Larson wrote:

 What is the difference between the 2. I know a T-3 is the about equal to
30 T-1's, but there must also be a difference in signaling right?
 

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Rock and Roll Trivia - WAS: Youngest CCNP

[Hartnell, George]

It is becoming an irritation that what some consider history, I consider
memories.

Dylan.

Very best, (getting ready for those geriatric wheel-chair races) G.

-Original Message-
From: Dan Henry [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 13, 2000 11:14 PM
To: whatshakin
Cc: [EMAIL PROTECTED]
Subject: Re: Rock and Roll Trivia - WAS: Youngest CCNP


It's a Dylan song; the Turtles did it, yes about '66-'67..not that I was
there or
anything

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

NMS -- What is really needed?

[Hartnell, George]

I've been perusing the trial version of CiscoWorks 5.0 w/What's Up Gold.

I'm finding that I might want to invest in a more robust Network Management
System, and/or add-ons.  I notice a couple of things at the Cisco site:

The CiscoWorks2000 Campus Bundle.
For Unix boxes, several parts:
Campus Manager
Traffic Director
Resource Manager Essentials (what might be more than
essentials?)
CiscoView
CiscoWorks2000 Management Server
For NT boxes:
LAN Management Solution
Traffic Director
Campus Manager
Resource Manager Essentials
Content Flow Monitor
CiscoView

Then there's a whole bunch of 'other stuff'; device fault manager, switch
probes, QoS manager, internetwork performance monitor, routed WAN
management, ad. nauseum.

I'm big on test equipment, but must admit some antiquity, on my part, and
but a notion of just-enough management for a largish campus/metropolitan
area fiber network.

So, some specifics, eh?  Single-mode concentric rings connecting 22 sites.
All within 10 miles, as the fiber runs.  Three thousand nodes.  No voice.
Gig ether.  Cisco equipment, mostly.

Public-sector K-12, so, keep it realistic.  Although, now that I think about
it, no matter who wins The Election, K-12 education has been promised
billion$$$.

I'm waiting for the manna to start falling

Thanks.

Best, G.

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX-How's that 'U' work?

[Hartnell, George]

The PIX 515UR is a real nice addition.  I've got 3k workstations behind 24
class C's.  The "U")nrestricted license is for thousands of connections.

But, this site has a Proxy server.  This means that there will only be a
handful of internal stations really hitting the PIX/net.  Of course, there
is mail, a web server, and one or two other systems needing external access.

Is that Unrestricted license really necessary?  What might I loose down the
road if I decide on the restricted license?

Best, G.

-Original Message-----
From: Hartnell, George 
Sent: Tuesday, November 14, 2000 3:46 PM
To: [EMAIL PROTECTED]
Subject: NMS -- What is really needed?


I've been perusing the trial version of CiscoWorks 5.0 w/What's Up Gold.

I'm finding that I might want to invest in a more robust Network Management
System, and/or add-ons.  I notice a couple of things at the Cisco site:

The CiscoWorks2000 Campus Bundle.
For Unix boxes, several parts:
Campus Manager
Traffic Director
Resource Manager Essentials (what might be more than
essentials?)
CiscoView
CiscoWorks2000 Management Server
For NT boxes:
LAN Management Solution
Traffic Director
Campus Manager
Resource Manager Essentials
Content Flow Monitor
CiscoView

Then there's a whole bunch of 'other stuff'; device fault manager, switch
probes, QoS manager, internetwork performance monitor, routed WAN
management, ad. nauseum.

I'm big on test equipment, but must admit some antiquity, on my part, and
but a notion of just-enough management for a largish campus/metropolitan
area fiber network.

So, some specifics, eh?  Single-mode concentric rings connecting 22 sites.
All within 10 miles, as the fiber runs.  Three thousand nodes.  No voice.
Gig ether.  Cisco equipment, mostly.

Public-sector K-12, so, keep it realistic.  Although, now that I think about
it, no matter who wins The Election, K-12 education has been promised
billion$$$.

I'm waiting for the manna to start falling

Thanks.

Best, G.

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CiscoWorks 5.0 and What's Up?

[Hartnell, George]

Any wonderful references out there for good usage of CiscoWorks?

Best, G.

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Segments, Switches, and Routers

[Hartnell, George]

Ah, yes, another lost soul in G-L3 land.
 
My 2948G-L3 is, indeed, at the core.  Quite a useful multilayer model
device.  I like it.
 
You can divide your class B into those 8 subnets, assign a BVI to each, and
then attach whatever ports to that bridge-group that you need.  Nice for
servers back 'at the office'.  There are, of course, lots of ways to set-up
and embellish.  My needs were simple, so far.
 
Couple of items.  Don't expect ACLs.  Don't think that, on the 2948 at
least, the secondary gig port runs at line speed with both interfaces
pumping to different segments.  Do 'think like a switched vlan' more than
'router centric'.  The docs are minimal.  We/I need a 'G-L3' group.
 
One more tidbit.  "Cisco LAN Switching" (good book, read it *before* you
need to) does address flat VLAN structure quite a bit, but, in the last
third, you will read about how much easier it is to *manage* multilayer.
Very true, in my environs.
 
Best, G.

-Original Message-
From: NetEng [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, November 01, 2000 3:47 PM
To: [EMAIL PROTECTED]
Subject: Segments, Switches, and Routers


If I have 2 segments each connecting to a Catalyst 5000 (via GBIC fiber) in
the core, do I need a router? The more I think about this, the more confused
I get. Should I put in a couple of 4908G-L3 in the core? I guess I don't
understand when I have to and when I don't have to use a router when
connecting seperate subnets through (or using) a layer 3 switch. I
understand what a layer 3 switch is, but I am confused on when I really need
to use one. If I was to subnet a class B address in to 8 subnets, would I
use a layer 3 switch, like a 4908G-L3 or a bunch of routers? I thought in a
proper Cisco design, layer3 activities should be done at the distibution
layer and not in the backbone. Thanks for thoughts and posts.
 
 
--2948G-L3-[192.168.100.x]CAT5000
(core)[192.168.200.x]--2948G-L3--

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Network mgmt product..

[Hartnell, George]

Sorry about the Aussie Dollars.  Someday I have great hope to fly down there
and spread some greenbacks about.

Anyway, what, dear readers, might you recommend for a 24 class C segmented
network with about 3000 to 4000 hosts?  Metropolitan area.  Fiber.  *Mostly*
Cisco stuff. NT. IP only. *Some* say CiscoWorks 5.0 might do.  Some say HP.
Some say both.

Testimonials are good.

Best, G.




If you have less than 50 hosts to monitor investigate CiscoWorks for Windows
- it ships with What's up Gold too. 
Cost me about $3500 Aussie Dollars 9 months ago - about USD $1750 at the
moment :-(

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Paying One's Dues (was: Re: Need Advice)

[Hartnell, George]

Want some advice?  Pay your dues in a K-12 public sector job.  Lots of
action in today's educational technology buzz-word world.  Pay is generally
terrible, but the exposure can be significant.
 
A good resume stuffer.
 
Best, G.

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Diagnosing Internet connection problems

[Hartnell, George]

I have used my Network General (now, alas, Network Associates) WAN sniffer
with great success.  I have used the V.35 connector to the router for full
and muxed T1s.  This is a great, must-have, keep-'em-honest tool.

War stories?  I've locked three vendors in my MDF and bluntly said, "No one
leaves until all fingers point at the problem and not each other."  Without
*my* sniffer, we'd still be there.

Of course, you do need to know how to use it.  Not a trivial task.

Best, G.

-Original Message-
From: Crystal Oakes [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 26, 2000 10:54 AM
To: [EMAIL PROTECTED]
Subject: Diagnosing Internet connection problems


My company has a T1 connection to the internet.  Usually the connection
speed is very fast, but sometimes very slow.  Sometimes we can't even ping
to anything on the internet.

How can I diagnose where the problem is?  If the problem is with the ISP,
how can I obtain concrete proof?

Thanks in advance!


_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CiscoWorks 5.0 trail location

[Hartnell, George]

Recently, someone querried about the location of a trail version of
CiscoWorks 5.0.  The very next thread entry was, "Never mind, I found it!"

The actual location, however, remained an unpublished mystery.

Who might share the authenticity and actualy location of such an offer?

Best, G.

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Sniffer Pro 3.5

[Hartnell, George]

"A kinder and gentler nation."

I've used Sniffers since the (long lamented) Network General days.  Support
before, during and after sales was one of N.G.'s best traits.

As far as useage is concerned, try and get some training.  N.G. had very
good training, at one time, in geographically pleasing locations. Sales
types will say,"It tells you the answer in plain English!"  While the expert
systems analysis does help get you into the troubleshooting ball park, it is
a well know fact that computer people don't speak "plain English".

This is a *must have* tool, but it does require some dedication to master.

Best, G.

-Original Message-
From: William E Gragido [mailto:[EMAIL PROTECTED]]
Sent: Friday, October 20, 2000 10:37 AM
To: Charles Nunie; [EMAIL PROTECTED]
Subject: RE: Sniffer Pro 3.5


I don't mean to be rude man, but why on God's green earth would you buy a
product like Sniffer Pro without the slightest friggin inclination as to
what it does?

 To: [EMAIL PROTECTED]
 Subject: Sniffer Pro 3.5


 Hi everyone,

 I bought this Sniffer Pro 3.5 which looks great.  Can I have a
 URL where I can
 info on the best way to understand and use it?

 Regards,


"There's a little fruitcake in all of us."
J. Buffet
gfh

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BVIs, IRBs, and L3 Switching

[Hartnell, George]

I'm having some difficulty getting bridge-group routing to happen.  Static
routing happens just ducky between two IP addressed interfaces. IRB is
enabled. Bridge group 64 (my number of the month) remains painfully silent
as the packets bounce back and forth, back and forth, between a routed port
and the default gateway downstream.  The (sparse) manual has been followed,
but the BVI class C virtual interface will neither route nor respond.

The example scripts at Cisco were quite instructive.  They do not, however,
assign routed interfaces a direct IP address, instead relying on this BVI
scheme.  The very one I can't get to work.

Anyone out there with similar equipment, having time, might drop a piece of
wisdom this way.

Best, G.
 
"Be strict in what you send, and forgiving in what you receive."
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
George Hartnell, Network Supervisor
Bellingham School District, 1306 DuPont St.
Bellingham, Wa. 98225-3198 (360)647-6860
[EMAIL PROTECTED] Internet Mail

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: One last Layer3 switching ?[Not!]

[Hartnell, George]

The easy config -- switch = router gives the 24 collision domains.  The easy
config, give one interface one network address, route somehow (static --
OSPF), and off you go.

What if, say, you want two (or three or ten) switch/router ports as a single
virtual bridge/hub/switch? The not-unusual collapse of a server or two to
the MDF for a specific VLAN/subnet is such a 'typical'.  How might one
cleverly use the 2948G-L3 (and relatives) BVI/IRB system to route selected
ports for multiple VLANs (e.g., in G-L3'ese "BVI and bridge groups with
Integrated Routing and Bridging")?

These are not just 'how-to's', but understanding just how the L3 fits into
'The Cisco Way' is indeed an enjoyable journey. 

Welll, mostly enjoyable.

Very best, G.

-Original Message-
From: Scott Jensen [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 05, 2000 12:50 PM
To: NetEng
Cc: [EMAIL PROTECTED]
Subject: Re: One last Layer3 switching ?


You are correct in the part of 24 separate collision domains which also
allows you to put the 24 ports in Full Duplex mode. The part about 24
broadcast domains would only hold true if each port were in a different VLAN
no 2 ports in the same VLAN. I.E. a port is an isolated collision domain and
a VLAN is an Broadcast domain.

Scott

NetEng wrote:

 I understand the layer3 switching concept, but what happens to broadcast
 based services? On a 24 port layer3 switch module are there 24
 collision/broadcast domains?

 **NOTE: New CCNA/CCDA List has been formed. For more information go to
 http://www.groupstudy.com/list/Associates.html
 _
 UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
 FAQ, list archives, and subscription info: http://www.groupstudy.com
 Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: [Practical]Layer3 switching - More Clarification

[Hartnell, George]

The theory of layer 3 switching is fairly straightforward, logically and
physically.  The implementation of a well designed network integrating L3
with VLANs/BVIs, channels and tunnels is less immediately apparent.
 
As aforementioned in a previous thread comment, Cisco does have some setup
configs published at the CCO.  I think all of us could use a 'best practice
setup for multiple VLANs, dynamic VLAN issues, QOS, and some other details
found in an L3 switch like the 2948G-L3.
 
Best, G.

 
first of all a switch will always switch faster than a router since the
router has a processor and a switch has a ASIC specific for switching.
 
now a router not only switches the packets but will process it for access
restrictions and queueing. thus slowing things down compared switches that
perform none of this. sure remove all these aspects and you come closer to a
switch, but remember the router still has more overhead to deal with in
keeping routing tables up to date. 
 
---etc---
--etc--
-etc-- 

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Layer 3 switching

[Hartnell, George]

Quoth someone below:"2948G-L3 -- Basically a 48-port router!"
 
Yes, as aforementioned, the 2948G-L3 *can* reside quite readily in Layer 3
land, and configured that way, per port.
 
But, L3 land isn't really switch land, and to just view the G-L3 as a 48
port high-speed router is not getting your Cisco 'bang-for-the-buck".  Don't
forget ISL/802.1q, VLAN fun, I)ntegrated R)outing and B)ridging and B)ridge
V)irtual I)nterfaces.  Those nifty, but, for me at least, complex
integrations, are a real instructive challenge to your BCSN tasks.  The
2948G-L3 is a fairly new addition to the fleet.
 
To that end, there are a couple of URLs providing *some* guidance for setup.
Be warned, however, that a good grasp of Cisco LAN Switching should be a
prerequisite.  Oddly enough, Cisco Press has a book of that title.  It's a
worthy read.
http://www.cisco.com/warp/public/473/25.html

http://www.cisco.com/warp/public/473/29.html
http://www.cisco.com/warp/public/473/29.html 

http://www.cisco.com/univercd/cc/td/doc/product/l3sw/2948g-l3/rel_12_0/7wx51
5a/config_g/bridging.htm#23388
http://www.cisco.com/univercd/cc/td/doc/product/l3sw/2948g-l3/rel_12_0/7wx5
15a/config_g/bridging.htm#23388 

There is one other link at the Cisco site concerning ISL links to a 2924XL.
Don't have that one handy.

If any of you gentle readers have some more sample configs, please don't
hesitate to contact me, as I'm still fighting the battle.

Best, G.

"Be strict in what you send, and forgiving in what you receive."
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
George Hartnell, Network Supervisor
Bellingham School District, 1306 DuPont St.
Bellingham, Wa. 98225-3198 (360)647-6860
[EMAIL PROTECTED] Internet Mail


-Original Message-
From: Guyler, Rik [EESUS] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 27, 2000 9:00 AM
To: Cisco Groupstudy (E-mail)
Subject: RE: Layer 3 switching


2948G-L3 -- Basically a 48-port router!

-Original Message-
From: Fowler, Joey [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 27, 2000 11:19 AM
To: [EMAIL PROTECTED]
Subject: Layer 3 switching



I know there has been much discussion on this in the past, but I want to
make sure that I understand it.  Layer 3 switching is the equivalent of
routing, but is usually referred to as Layer 3 switching because it's
designed for high speed LAN traffic.

Assuming the above is correct what are some examples of a regular routers
vs. layer 3 switch? I'm guessing the 2500 series routers would be regular
but what would be a good example of a layer 3 switch?

Thanks, 
Joey Fowler 
Senior Network Engineer 
Foodtrader.com 

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]