PDM Question [7:65954]
Hi there, I've got a 515UR failover I jus' upgraded from 5.3(1) to 6.1(4). I'd like to pop PDM on that system(s) and try that interface out. I'm a command line kind of guy, so am comfortable with CLI, but, I've heard that PDM is a worthy utility. Any words of wisdom on PDM installation? Best, G. Nations have recently been led to borrow billions for war; no nation has ever borrowed largely for education... no nation is rich enough to pay for both war and civilization. We must make our choice; we cannot have both. -- Abraham Flexner Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65954t=65954 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco 1000TX GBICs [7:50316]
and have nothing good to say about them. What sweet nothings would those be? On another, but similar, note, what 3d party GBICs for 1000LX single mode are out there for the Cat 3548 switches? And, are there any sweet nothings about using those in a Cisco platform? Very best, G. -Original Message- From: Ken Diliberto [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 31, 2002 2:55 PM To: [EMAIL PROTECTED] Subject: Cisco 1000TX GBICs [7:50316] Anyone have experience with the 1000TX GBICs from Cisco? We have used the stacking GBICs and have nothing good to say about them. The TX GBICs are over $100 less (retail). Ken Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50403t=50316 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Logic and Lab Rats [7:44653]
Shucks, folks, 'most everyone knows that the real world has its moments. Users. They generally provide considerable exposure to that which is perceived as real. 'Course, it's always nice to have a test-bed; but I think lab rat is a different definition. So, perhaps to lighten things up, here's a little ditty from the past. = Psychologists have recently decided to refrain from using white rats as experimental animals. So, instead, they decided to use lawyers. It seems the psycs wanted to avoid an emotional attachment... ;-) But, on real-world experience (get the thread!?), the psychological community found that there was a hidden advantage in the change. There are some things that white rats just won't do. Happy M-o-n-d-a-y Best, G. VP OCG Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44662t=44653 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MBA or CCIE [7:41809]
Sagely advice from some good sources, especially the last one. --- Try not to become a man of success, but rather try to become a man of value. - Albert Einstein Recognition is the greatest motivator. - Gerard C. Eakedale Sometimes one pays most for the things one gets for nothing. If I had my life to live over again, I'd be a plumber. - Albert Einstein The advantage of a classical education is that it enables you to despise the wealth which it prevents you from achieving. Russell Green The man who starts out simply with the idea of getting rich won't succeed; you must have a larger ambition. - John D. Rockefeller I'd like to live as a poor man with lots of money. - Pablo Picasso Money often costs too much. - Ralph Waldo Emerson The best way to become boring is to say everything. - Voltaire It's good to shut up sometimes. - Marcel Marceau Happy Friday! Best, G. VP OGC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=41958t=41809 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Switch Design Question [7:39888]
In a 10Mb environ, what the heck! I would speculate that double-up won't make an ROI out of consolidation. However, this brings up a nasty little problem I'm looking at, and I might phrase this another way. How many cascaded switching devices can exist in a broadcast domain without creating unacceptable latency in the network? I see some scary practices with repeated arrays of inexpensive switches, RAIS, if you will. Each time a new workstation room is set up, the answer is to cascade more and more unmanaged hub/switches (sorry Cisco, it's a money thing) on the rack or down the copper to the room, or both. While the sweetness of low cost is succulent, surely there is a theoretical limit of how many members of a RAIS array one can cram into a building. So, boy and girl wonders, I've heard the magic number of 7. Anyone want to do the math? Very best and happy Friday, G. VP OGC Subject: Switch Design Question [7:39888] I am looking at this configuration: [PC]---[Switch1]---Fiber---[Switch2]---[Switch3]---[WirelessBr idge]---distance2miles---[WirelessBridge]---[4Switch10Mb]---[R outer]---[ISPInternet] The switches are all consist of 10Mb ports. The question. Whould it not be a better design to take out switch2 and switch3 and replace it with one switch with more ports. This would elimate one switch to traverse when the clients are accessing the Internet. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=39901t=39888 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: how to deal with this message on pix? [7:39497]
I had a similar 'self-inflicted wound' a while back. Seems some dope (that would be me) had retired some public IP ranges on the inside and needed to (temporarily) route those to null from his inside router. Otherwise, the hapless administrator saw these udps denied with the dreaded 'xlate' error, as his router was cheerfully sending the packets out the default gateway --- the PIX inside interface. Note the PIX does not, as aforementioned, route. Sooo, I'd look at that outside router, and maybe any inside route tables you might have. Best, G. VP OGC -Original Message- From: Wilton White [mailto:[EMAIL PROTECTED]] Sent: Monday, March 25, 2002 8:14 PM To: [EMAIL PROTECTED] Subject: RE: how to deal with this message on pix? [7:39497] PIX should not see that traffic in the first place. PIX only routes traffic between interfaces and can't make u-turns - only routes traffic from inside to outside or from outside to inside, but not from inside to inside or outside to outside. PIX considers this a security violation. I would check outside router and see why is it forwarding this traffic to the PIX. -- Lidiya White CCIE #8155 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Roy Sent: Monday, March 25, 2002 8:20 PM To: [EMAIL PROTECTED] Subject: how to deal with this message on pix? [7:39497] hi all i notice the message shown as bellow on my pix, and how can i deal with it? 106011: Deny inbound (No xlate) udp src outside:61.156.7.187/16372 dst outside:202.96.137.40/6970 106011: Deny inbound (No xlate) udp src outside:61.156.7.187/16372 dst outside:202.96.137.40/6970 106011: Deny inbound (No xlate) udp src outside:61.156.7.187/16372 dst outside:202.96.137.40/6970 106011: Deny inbound (No xlate) tcp src outside:202.109.106.130/8893 dst outside:202.96.137.40/59478 106011: Deny inbound (No xlate) udp src outside:202.96.136.201/49202 dst outside:202.96.137.40/53 106011: Deny inbound (No xlate) tcp src outside:162.105.69.121/21 dst outside:202.96.137.40/60090 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=39577t=39497 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Anybody use Port Security on Switch in [7:39457]
Yep, I've used it. There is considerable flexibility in setup. Some switches take up to several hundred MAC entries, learned or statically assigned. You can also set the thing up to simply alert through SNMP traps, and/or administratively shut down that port until you do a 'no shut', or otherwise enable the port. Typically, it's one MAC address per port for setup, but, sometimes, the ability to add one or more allowed address can be useful. Those pesky additional hubs out there can be secured by simply adding whatever 'allowed' addresses to the list on the port serving the hub/downstream switch. Syntax can be funny, and is in a couple of spots. GUI is quite intuitive, and dynamically acquire the MAC address(s). port security max-mac-count x ;x=number of macs port security action shutdown | trap ; traps, of course, must be set up ; meanwhile, elsewhere mac-address-table secure .. FastEthernet x/y vlan z Document this! Port security can be tough on workers in the field without switch knowledge and/or access. Best, G. VP OGC Chaos reigns within. Reflect, repent and reboot. Order shall return. --Haiku wisdom So you have to be sure you're not causing a support nightmare for yourself when you use this. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=39703t=39457 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Off Topic - Riddle - The Obvious Question [7:38336]
Interesting, sometimes the obvious can be elusive. Pull more copper, is the obvious. Depending upon the telco layout, of course. But, like many of Chuck's musings, this brings up some more real world questions. Given: Investment in analog/digital cu based phone sets at buildings. A score, or more, of PBX's currently on telco copper. New fiber to each PBX building for voice and data. (6 strands, sm) What transport over that fiber would be most cost-effective in the near term? How about the longer-term? Where would convergence fit in the calculations? Let'see. Fiber T1 modems are simple, easy. Pluses. Minus? Old technology, difficult for data guys to manage well, no convergence factor. IP transport for telephones over the fiber pair. Pluses, data guys understand IP, ok convergence path. Bit more costly, currently, though. True VoIP. Haven't heard really glowing reports from large scale, lower budget, institutions,...yet. The convergence path. Costly. Throw out yer copper investment(s). Of course this is not an exhaustive discussion. Just a number of ways 'round the communications barn. Best, G. VP OGC Subject: Off Topic - Riddle - The Obvious Question [7:38336] Hint - consider the ways one might convert analogue to optic. Chuck Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=38432t=38336 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cat/CAT: was RE: you American need to think [7:38323]
I had a cat named Five once, but he had an unfortunate collision Yes.it is Friday. Best, G. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=38482t=38323 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX DMZ IP address unload [7:37666]
Typical problem. Hopefully an easy answer. The manual says so, but I've configured interface 3 on a 6 port 515 for a dmz. I needed to change that segment back to its original 127.0.0.1 255.255.255.255 ip address assignment. Failover goes just ducky back to 0.0.0.0. I get the infamous Sorry, not allowed to enter IP address on same network as interface n. n=3 in this case. The problem, as stated in the manual, goes like this. ...you may not be permitted to enter subsequent IP addresses if another interface's address is in the same range as the first. ... To fix this problem, reenter the first command specifying the correct network mask. Sure. I've reentered every 'ip address (interfacename)' on the box, and I still get the Sorry story on that dmz. The best I can get is the dmz interface (interface #2) to a '127.0.0.1 255.0.0.0' designation. Interfaces 3 and 4 are unchanged at 127.0.0.1 255.255.255.255. Interface 5 is a failover 100Mb. Fortunately, I won't need to heat up the dmz until next week, and performance is unaffected. Sooo, show ip looks similar to the below: ip address outside w.x.y.z 255.255.255.0 ip address inside w.a.b.c 255.255.255.0 ip address dmz 127.0.0.1 255.0.0.0 - bummer here ip address intf3 127.0.0.1 255.255.255.255 -- conflict here ip address intf4 127.0.0.1 255.255.255.255 ip address intf5 10.10.10.42 255.255.255.252 Of course I want dmz to now look like intf3 and 4. But no! The Sorry line continues. What's a poor administrator to do? Yup, tried the TAC, yup, 'clear xlate', too. Yup, got rid of all the 'static's, 'routes' and access-groups relating to the dmz. Stumped. So far. Any words of illumination? I'm at rev. 5.3(1) at the moment. Again, this interface is 'shutdown', and I anticipate no problems with a live reconfigure to another ip segment, but it is bothersome that I cannot get it to return to its original loopback address. Best, G. VP OGC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37666t=37666 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Infrastructure Upgrade..... [7:37627]
A while back I had the experience of witnessing a large network expenditure for similar reasons as the below. Unfortunately, the underlying problems *causing* the collisions and broadcasts went unaddressed. Raw speed can hide many ills.For a while. Before moving over to a switched environment, you might want to take a comparatively easy look at your 10Mb shared environment. You should be able to take a peek at all the traffic, all at once, and find any glaring errors there. There has been much previous groupstudy traffic on inexpensive/free and costly ethernet sniffers available. Of course, remote management per port on switches is also useful, and one *can* use port mirroring to sniff the wire. Nonetheless, I'd take the time to doctor up that shared ethernet first. Best, G. VP OGC -Original Message- Subject: RE: Infrastructure Upgrade. [7:37627] Actually what we are trying to do is increase speed, eliminate collisions and reduce any kind of broadcasting in the LAN Subject: Re: Infrastructure Upgrade. [7:37627] Well, You did pick a pretty expensive switch to purchase...hehe the 1900's are 10mb to the desktop... You'll see some Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37675t=37627 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: A Note From Your Friendly Moderator [7:36978]
Sayeth Chuck, esteemed moderator: The forbidden words are there mainly to stop spam, but also to stop some of the non-Cisco study messages that occasionally pop up. But, I see you have given no notice to the George Carlin's 1973 arresting, Seven words you can't say on television. I think that list has now shrunk to four. Urination, breasts and defecation are now apparently allowed in the vulgar. The remaining words remain in the domain of movies and CCIE exam labs. Best, G. VP OGC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37038t=36978 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco VS Foundry Networks.. [7:36448]
Depends on what you mean by worry. I've got a couple of Foundry's in addition to the Cisco stuff. Both L2 and L3. I like them. I like the support. And I like the company. Best, G. -Original Message- From: Washington Rico [mailto:[EMAIL PROTECTED]] Sent: Monday, February 25, 2002 4:03 PM To: [EMAIL PROTECTED] Subject: Cisco VS Foundry Networks.. [7:36448] Cisco people I would like to know your impression of Foundry Networks. Are they something to worry about? Regards, Eric Washington _ $B$+$o(B $B;H$($k%V%i%%6$G!%$%s%?! http://explorer.msn.co.jp/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36451t=36448 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX v6.2 [7:35987]
Hummm, I too scanned the Cisco site for 6.2 and only found 6.1.2. I'd heard from the rumor-mill that 6.2 was out, but perhaps that's incorrect. As I'm about ready to upgrade the failover 515UR, it'd be nice if I only had to do this once -- this year. Any speculation on that 6.2 release date? Best, G. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 21, 2002 11:08 AM To: [EMAIL PROTECTED] Subject: RE: PIX v6.2 [7:35987] Where did you guys find the new 6.2 versions? I looked at Cisco's site, no luck. Thanksnabil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36105t=35987 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Secret Clearance? [7:4152]
The full circle: We now apparently check security clearance so carefully that fear of compromising the clearance indeed becomes more of a threat than knowing someone who once was in a room where a known commie breathed the air. And inhaled. Very best, G. VP OGC -Original Message- From: Patrick Ramsey [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 14, 2002 1:15 PM To: [EMAIL PROTECTED] Subject: RE: Secret Clearance? [7:4152] IT took me 6 months to get mine and I almost didn't get it because a friend in high school got busted sometime after graduation for dealing drugs... And even when I did get it, it was interim and took another 4 months before it was perm. -Patrick I think the Navy estimates 50,000 smackers per investigation Logan, Harold 02/14/02 01:03PM I disagree. In order to get a clearance, not only do you have to make the right choices, but all of your past and present friends, roomates, and coworkers need to make the right choices too. Add to that, it only takes one person bad-mouthing you to delay or even end your investigation... ask yourself this, is there at least one person out there who would lie about you in order to make your life difficult? It's a very subjective process, and one that I don't care to go through again. If you have a clearance, be glad that you do. Hal -Original Message- From: Jeff Buehler [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 13, 2002 6:34 PM To: [EMAIL PROTECTED] Subject: Re: Secret Clearance? [7:4152] You were not Lucky that you had nothing in your background. You made the right choices. People who make the wrong choices pay for it their whole life. It is called Character. William Gragido wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Well, since this is obviously a never ending thread I'll add my 2 cents. I have a Top Secret SCI that is still valid from my active duty period in the USMC. In regards to joining the service just to get a clearance, I'd say thats some of the most low brow thinking that I've ever heard. There are no guarantees that you'll get one. It all depends on the investigation and what they unearth, so don't be fooled into thinking that simply by selecting an MOS that requires a clearance you'll automatically qualify. Its not the case. I saw Marines go through schools only to be turned down for clearances. I was lucky and had nothing in my background that would prohibit my from obtaining one, but again, it all depends on what one's civilian life is compromised of that helps dictates whehter or not a person rates one. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Faubion Sent: Sunday, February 10, 2002 10:34 PM To: [EMAIL PROTECTED] Subject: Re: Secret Clearance? [7:4152] Ohh that's a good idea, then when you get orders to Bosnia, Somalia, Kuwait, or Afghanistan, you can be like the whiners of Desert Storm that cried about joining to get an education, not to go to war. Only this time it will be about getting a security clearance instead of going to war! While you can get a security clearance in the military, it is not valid after leaving the military unless it is documented correctly. However the reinstatement cost can be drastically reduced since the previous leg work has already been done. John - Original Message - From: Steven A. Ridder To: Sent: Sunday, February 10, 2002 7:52 PM Subject: Re: Secret Clearance? [7:4152] 80K!!! You could always do what I did and join the Army. If you pick a good MOS, you'll get a secret clearance for free while you are in Basic or AIT. Some jobs I'm sure will give you a top secret if needed. I bet just joining the reserves would get you a secret if the MOS called for it. Julian Eccli wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... A secret clearance can cost somewhere between $50K-$80K to get all the proper paper work and verifications done, hence why they want you to have it already :) -Julian Patrick Ramsey wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... not to mention that if they say it is required they probably do not want to pay the $$$ to have it done...hence the required portion of the job description. - Patrick Craig Columbus 02/09/02 15:38 PM Check the archives of the list. This has been discussed many, many times. Craig At 11:04 AM 2/9/2002 -0500, you wrote: So how does one gain Secret Clearance? --- Jeff D wrote: The contractor has no say in it. If the government says you need a clearance to enter the building, then you have to have one, period. Why waste your
RE: Secret Clearance? [7:4152]
Ancient wisdom, Who guards the guardians? If security is defined as abject obedience then my feeling of being secure in person is misplaced. If security is judged as well as Olympic Skating competition, then security is a misnomer. If a security clearance is based on dogma, we are less, not more secure in our persons. Nearly all men can stand adversity, but if you want to test a man's character, give him power.-Abraham Lincoln Best, G. VP OGC You were not Lucky that you had nothing in your background. You made the right choices. People who make the wrong choices pay for it their whole life. It is called Character. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=35407t=4152 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX information [7:35294]
AND, am I to understand correctly, as the manual is quite vague, that an upgrade of the primary failover unit also updates the secondary? Or, must the hapless administrator do each individually? Best, G. -Original Message- From: Jose Celestino [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 13, 2002 7:12 AM To: [EMAIL PROTECTED] Subject: Re: PIX information [7:35294] PIX-FW1# copy ? usage: copy tftp[:[[//location][/pathname]]] flash For instance: copy tftp://192.168.2.2/configs/pix.cfg flash Thus spake BASSOLE Rock, on Wed, Feb 13, 2002 at 09:06:59AM -0500: Hello group, What command can I use to copy a configuraton form a tftp server to a PIX Firewall? I have look on the cisco web site for the command but couldn't find. Can somebody help. Thank you. Rock -- Jose Celestino - Little prigs and three-quarter madmen may have the conceit that the laws of nature are constantly broken for their sakes. -- Friedrich Nietzsche Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=35314t=35294 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Average afterwork time Tech learning commitment? [7:34634]
I don't think this was Shoeless Joe Jackson, but rather a self-described awkward, skinny, asthmatic child who later became a musician/writer. Ref: google/joe jackson My own quote: This thread sounds like running thirty miles and hour on a treadmill going sixty. Best, G. VP OGC Some people live so fast They're so scared of getting old Some people keep on working All they do is line their graves with gold From the same track by Joe Jackson - Not bad for a baseball player :-) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34857t=34634 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Average afterwork time Tech learning commitmen [7:34634]
Here's a little tidbit from the Washington Post about battle: [Cy (Zulu, 1964)] Endfield also finds a quality missing from all too many battle sequences in millions of movies: that is, the utter physical labor of battle. It's very hard work to fight, which is why the young are so much better at it. His troopers emerge like footballers after an overtime -- exhausted men, drained and emotionally flattened, smeared with dirt and blood, beyond the need to do anything but sleep for days. Sounds a lot like those 'boot camps' I hear about, and some sustained training efforts mentioned here in the group. Not to mention the day after those CCIE lab tests. Best, G. VP OGC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34874t=34634 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Average afterwork time Tech learning commitment? [7:34634]
I would pontificate on the below. Several vendors have jumped on the 'training gravy train'. Used to be, vendors would train users with the idea that a knowledgeable operator would benefit all. Apparently, the huge training licensing schemes have clouded the original intent of vendor-specific training what makes us look good, makes you look good. One big difference in IT is the ugly reality of constant change. A company hiring an accountant, for example, would rarely need to re-train that staff in mathematics; 1+1 is generally the same as it was when rocks and sticks were used for counting. Anyone looked at IPV6 lately? How's about 802.3ad? Gigabit Ethernet? VOIP? Fiber Power-loss calculations? ad. nauseum. Wise employers (Enron and A. Andersen excluded, of course, a new 'ethic; of expecting nothing) need to understand that training is just as important as that 7% advertising budget. This generally means time and money for 'pump priming'. You can figure out the obvious advantages. As for 'dying at some point', long-term readers may have heard my 'whine' about stress strongly contributing to the early demise of more than one close friend who let IT get to them over the years. None of these folks, IMHO, received remotely realistic training budget or time allotments. Those things, you see, 'expected'. While the Enron execs of IT management may be golfing, the good ones understand the value of a good crew. Bottom line, if you cannot negotiate the training opportunities, time, or commitment; leave. And be good enough at what you do so your absence hurts. Badly. Catch 22? Sure. Most folks in IT do enjoy learning and being good at what they do. But to suffer, as some have indicated, two jobs, one for money and one to keep current enough to do the first, is neither wise for the employee nor the employer. And as for the vendors Does training for operators of your equipment/OS fall into advertising budget? Where are the grants? I have *begged*, as a public sector employee, two well-known OS vendors for *some* training directly from their (large) staff. Forget it. So much for 'corporate ethics'. So, go ahead, guys. Ignore your wife, forget your kids, stay up 'til the wee hours. You will find, after many years, that there is a cost incurred --- it will be up to you to decide if you earned enough to pay it off. Best, G. You get out it what you put into it. Its that simple. I know far too many people who would do well but refuse to admit that they need to spend some time studying. why wont they pay for it is the biggest whine.. you are entitled to NOTHING in this world except to die at some point so it's really up to you where to go and how to get there. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34670t=34634 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MAJOR OT: Free CCNPtraining for convicts [7:34039]
Wake up and smell the coffee! Prisoners have been getting costly commercial diving training for years down in California somewheres. Good job for tough men. But CCNP? I'm led to belief that less than 1% of inmates in Federal pens are white collar types. Maybe the 52% who are there due to the War on Drugs have the head for the cerebral nature of networking. Better solution? More education in the first place. High school Cisco Academy grads probably won't log much cell time later in life. Best, G. (technical servant of public education for over 15 years) VP OGC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34145t=34039 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Aggregate 3 T1's would this work. [7:33599]
Would this not also be a function of just what the ISP has/wants on the far end? My hookup uses a 3Com Accessbuilder 6100 I-Mux --- HSSI---Cisco 7200. The three T1's are inverse multiplexed on the 3Com. Scaleable to 7 T1's. 'Couse this is a 'Cisco' newsgroup Best, G. -Original Message- From: James Willard [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 29, 2002 12:33 PM To: [EMAIL PROTECTED] Subject: RE: Aggregate 3 T1's would this work. [7:33599] John, What you want to look at is Cisco Express Forwarding (CEF). It allows load balancing across multiple T1's. For each serial interface you would have your own subnet (such as a /30) to your provider, because the serial interfaces cannot be on the same subnet. Turn on CEF using ip cef globally (you may want to ensure you have a recent IOS, as CEF was buggy early on). Then, on each serial interface, issue either ip load-sharing per-packet or ip load-sharing per-destination depending on how you want the load distributed. To give you the full 4.5Mbps to any one site, use per-packet load balancing. James Willard, CCNA [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Jones Sent: Tuesday, January 29, 2002 3:17 PM To: [EMAIL PROTECTED] Subject: Aggregate 3 T1's would this work. [7:33599] I have a configuration question. I have 3 dedicated T1's a router 3620 with three T1 CSU/DSU and one FastEthernet ports installed. All dedicated T's are from the same ISP. I want to aggregate the three T1's for increased bandwidth (4.5 Mbps) Would I run into issues Here is my config. Would this work? ! hostname Cisco3620 ! ! no ip name-server ! ip subnet-zero no ip domain-lookup ip routing ! interface Ethernet 0/0 no description ip address 172.16.10.1 255.255.255.0 ! interface Serial 0/0 no shutdown ip address 1.1.1.2 255.255.255.248 ! interface Serial 0/1 no shutdown ip address 1.1.1.3 255.255.255.248 ! interface Serial 1/0 no shutdown ip address 1.1.1.4 255.255.255.248 ! ip route 0.0.0.0 0.0.0.0 serial0/0 ip route 0.0.0.0 0.0.0.0 serial0/1 ip route 0.0.0.0 0.0.0.0 serial1/0 ! ! ip classless no ip http server ! end I tried this config with Cisco's config maker and I get IP address errors on the serial ports, specifically being on the same subnet. Would this do basic aggregation? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=33611t=33599 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Totally OT : Was there a man on the moon ? [7:33465]
The flag is there. The last great president said we'd put it there. And we did. Best, G. VP OGC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=33513t=33465 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX: Rating the new Cisco Press Book [7:33023]
Subject sez pretty much all. Who's got the good/bad/ugly for: Cisco Secure Pix Firewalls ISBN 1587050358 Test? Who cares!!! Does the book deliver the how-to goods? Very best, G. VP OGC When your work speaks for itself, don't interrupt. -Henry J. Kaiser Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=33023t=33023 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Looking for Great CISCO Training Center in SJ area [7:32838]
I had Kip for ICRC/ACRC years ago. He was, by far and away, the best vendor-cert trainer I ever had. Best, G. VP OGC -Original Message- From: Daniel Cotts [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 22, 2002 8:44 AM To: [EMAIL PROTECTED] Subject: RE: Looking for Great CISCO Training Center in SJ area [7:32821] Try to find if Kip Petersen sp? is doing training in that area. Last that I knew he had moved to MentorTech. Previous to that he worked for the folks who had been doing the NetGun program. He was going to open a SJ area training center for MentorTech. They are now out of business. Hopefully he is still teaching. FWIW He was one of the original five Cisco trainers - before Cisco farmed out training. -Original Message- From: tim [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 22, 2002 5:31 AM To: [EMAIL PROTECTED] Subject: Looking for Great CISCO Training Center in SJ area [7:32794] Hi. Would you recommend good cisco training centers covering CCIE routing switching? Thanks in advance. Tim Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32838t=32838 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How much is a CCIE worth? [7:32856]
Don't rightly know, depends. But, for comparison, here's a little quote from Information Week: Enron's board members made more than $300,000 per year, for just one board job. And just look at their performance! Maybe we should start a board member study group. Best, G. VP OGC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32856t=32856 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VLAN's [7:32351]
Well, I think that you could have two seperate VLANs with some modifications of the below. As far as I know, there is no dictate to assign an IP to those VLANs. While I don't have the need, or lack of need, for the L3 part, I'm not sure if the IRB command would be required for this seemingly unusual setup for a L3 switch. I'd just eliminate the IP parts below, set up a couple of bridge-groups, add the members, and see how that works. Best, G. VP OGC -Original Message- From: 416South [mailto:[EMAIL PROTECTED]] Sent: Friday, January 18, 2002 6:12 AM To: [EMAIL PROTECTED] Subject: RE: VLAN's [7:32351] Thanks all, in George's description mentions that that your doing intervlan routing, would this BVI work without a IP address and if not is there a command to just provide L2 separate VLANS? thanksHartnell, George wrote: Well, I have one of those GL3's, and it's a pretty good piece of work. I would agree that the documentation accompanying that switch is somewhat sparse. It took me quite a while to 'figure it out' on my first setup. The below assumes an IP network. If I remember correctly, those docs talked about irb enabling. Syntax: bridge irb Then the bridge: bridge (xx) protocol ieee ; for example for subnet 10.0.11.0/24; bridge 11 protocol ieee Then pop the interface config: int BVIxx ;Bridge Virtual Interface ip address xx.xx.xx.xx (netmask) ; example int BVI11, ip address 10.0.11.1 255.255.255.0 If I were to route these VLANS, internally, I'd have to add a statement whilst creating the bridge. This is where the routing happens, or, as you require, doesn't happen: bridge xx protocol ieee bridge xx route ip Without the route statement, routing doesn't occur between other VLANs. Finally, each interface needs to have VLAN membership. At the interface config: bridge group xx Took me a while to get all that right Best, G. ject: VLAN's [7:32351] Have a 2948GL 3 and want to set up a vlan but it docs state that you have to set up ISL . I don't want ISL enabled. is there a way to just create VLANS like in other L3 switches? I don't want to make these routeable or anything just L2 VLANS simple VLANS ie. when I do a int vlan 400 this would normally create a new vlan and put me into interface mode when i do a int vlan ? the options are to put in the vlan # but when I do all i get is a wrong command with the famous ^ at the vlan point in the command docs doc's dont seem to give enough info any Ideas thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32500t=32351 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Switch/router dhcp debug [7:32506]
This is a good question that I've recently been fighting at one of my sites. The obsoleted-by-the-manufacturer-5-years-ago router, HP, is a primitive, but reliable device without many bells and whistles. Recently, on it's logs, I've been getting some unusual 'ARP squeals', as well as the troublesome request below. About all the log reveals is that it happened. If I could get a MAC address, I could at the very least figure what the darn thing is --- at this point I'm thinking printer with that 0.0.0.0 source. The other out-of-range ARP complaint is an occasional foreign IP address; again I need to pick up on that MAC. Of course, all this happens intermittently, so it's hard to catch 'in the act'. I fiddled with the Cisco 2900XL system message logs a bit, but don't have a syslog server at that site (yet --- Kiwi?), so I haven't got a hit (clue) on who the culprit(s) might be. Maybe I just don't know how yet; maybe I need that syslog system; maybe I should break out the Fluke or Sniffer. Sure seems like I could get those MAC addresses direct from the switch, somehow, though. Sooo, I await with great curiosity on the solution to this one Best, G. VP OGC -Original Message- From: Joaquim Lopes [mailto:[EMAIL PROTECTED]] Sent: Friday, January 18, 2002 10:42 AM To: [EMAIL PROTECTED] Subject: Switch/router dhcp debug [7:32506] Hi, is it possible to see from whitch device is a dhcp request comming from, S=0.0.0.0 d=255.255.255.255 mac= Switch command -- ? Router command -- ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32521t=32506 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VLAN's [7:32351]
Well, I have one of those GL3's, and it's a pretty good piece of work. I would agree that the documentation accompanying that switch is somewhat sparse. It took me quite a while to 'figure it out' on my first setup. The below assumes an IP network. If I remember correctly, those docs talked about irb enabling. Syntax: bridge irb Then the bridge: bridge (xx) protocol ieee ; for example for subnet 10.0.11.0/24; bridge 11 protocol ieee Then pop the interface config: int BVIxx ;Bridge Virtual Interface ip address xx.xx.xx.xx (netmask) ; example int BVI11, ip address 10.0.11.1 255.255.255.0 If I were to route these VLANS, internally, I'd have to add a statement whilst creating the bridge. This is where the routing happens, or, as you require, doesn't happen: bridge xx protocol ieee bridge xx route ip Without the route statement, routing doesn't occur between other VLANs. Finally, each interface needs to have VLAN membership. At the interface config: bridge group xx Took me a while to get all that right Best, G. ject: VLAN's [7:32351] Have a 2948GL 3 and want to set up a vlan but it docs state that you have to set up ISL . I don't want ISL enabled. is there a way to just create VLANS like in other L3 switches? I don't want to make these routeable or anything just L2 VLANS simple VLANS ie. when I do a int vlan 400 this would normally create a new vlan and put me into interface mode when i do a int vlan ? the options are to put in the vlan # but when I do all i get is a wrong command with the famous ^ at the vlan point in the command docs doc's dont seem to give enough info any Ideas thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32377t=32351 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How would you design a Network ? [7:32067]
I would tend to agree, I have a similar number of WAN sites, and rely entirely on static routes on the back end. But! (There's always a 'but', and sometime with an extra 't') As my network changes, (read fiber and switches)I plan to go more VLANs, and private address spaces, for separating networks for security and traffic management. Yes, still a star; no, not a single-subnet-per-site structure any more. Soo, suddenly I'll have 60 (or so) subnets out there to route. This supposes, of course, a couple of subnets per site, a structure which may deserve some more scrutiny (Three thousand systems, 22 metropolitan locations) Dynamic VLANs have some more potential for use and complexity. Of course, there's legacy involved, as well. The computer wars are bad enough; the design war solutions tend to stick around for a while. I'd like to do it more-or-less right the first time. Best, G. VP OGC When you're wounded and left on Afghanistan's plains, And the women come out to cut up what remains, Jest roll to your rifle and blow out your brains An' go to your Gawd like a soldier. Kipling, on other wars with different soldiers -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 15, 2002 3:25 PM To: [EMAIL PROTECTED] Subject: RE: How would you design a Network ? [7:32067] Listers. I would like to make some routing changes to a mostly static routing environment. Currently everything is either routed via default gateway, or static route statements. the environment consists of about 30 remote point to point WAN sites, with most data traffic consisting of IP. We have several sites on dual T1's, and all sites are terminating at a central corporate location. So a big star network. The vendor of choice is cisco for routing and switching. Anyone see OSPF, EIGRP, BGP, IGRP, ISIS as the way to go? I would like to make this network more dynamic, just having a hard time justifying the move. All thoughts appreciated! thanks, Jason Without further information, I see no advantage to making this network more dynamic. If the issue is static routes need more maintenance, I suggest that you tie the generation of static routes to your IP assignment process; it's usually not hard to automate. If it's already a star, what do you gain in flexibility by adding the complexity of dynamic routing? Failover and load balancing are, if anything, easier with static than dynamic routes. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32210t=32067 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: What good is this stuff, anyway? [7:31705]
I watched, again, the most excellent Flight of the Phoenix over the weekend. (Yes, folks, I do have a life besides IT..) As sometimes happens after re-visiting a film, I discovered another perspective, maybe even relevant to IT engineering. There was a point, in the movie, that the engineer was in complete control. Who is in authority, here? As long as the aircraft was on the ground, in the design/construction phase, the engineer had complete, ruthless, but necessary, control. As soon as the engine started, however, that control shifted over to the pilot of the aircraft. The control shifted immediately and entirely. The pilot, you see, had many years of practical experience *flying* aircraft. The engineer's task was done. Maybe there is a lesson here. Sure, and engineer can have that coveted CCIE (or MCSE, or CNE, etc., etc.), but it takes a different kind of person to get the system off the ground and keep it flying. Best, G. VP OGC When you're wounded and left on Afghanistan's plains, And the women come out to cut up what remains, Jest roll to your rifle and blow out your brains An' go to your Gawd like a soldier. Kipling, on other wars with different soldiers -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Friday, January 11, 2002 8:53 PM To: [EMAIL PROTECTED] Subject: OT: What good is this stuff, anyway? [7:31705] I had the extreme good fortune of sitting in a meeting today with a customer. The project has moved out of the sales phase ( a year in the making ) and into the project phase. In attendance were the customer's top IT networking staff and my employer's project team. This ended up being a four hour meeting, completely dominated by Customer IT Director and my employer's Mr. CCIE One of the high points? the customer had sent Mr. CCIE an L3 switch configuration the previous day. Mr. CCIE was to offer comment on the design. Mr. CCIE said from what I see here, I'll bet you have a routing loop. I'll bet that if you do a traceroute from that switch to this particular network it will go nowhere. The customer said you're on, telnetted into the switch, performed the trace, and sure enough, the * * * * * * appeared after three hops. You shoulda seen this guy's face! this was but a small part of a fascinating dialogue between the customer and Mr. CCIE. Oh, it did not hurt that Mr. CCIE had fifteen years technology experience, and ten years in networking. Anyway, back to the books. I'm jazzed about learning the dirty little BS things again! Chuck Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31887t=31705 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: full-duplex Ethernet cable? [7:31643]
I did not note a speed associated with that full-duplex Ethernet spec. Wouldn't GigE Cu require all eight? And, might a new cable plant effort be well-served to require all eight conductors per RJ? Best, G. VP OGC -Original Message- From: Allen May [mailto:[EMAIL PROTECTED]] Sent: Friday, January 11, 2002 10:40 AM To: [EMAIL PROTECTED] Subject: Re: full-duplex Ethernet cable? [7:31643] Yep...and PIN Number, ACL List, etc. I used to bug instructors by referring to them as Network Interface Card Card's to point out what NIC Card really was ;) Allen - Original Message - From: Patrick Ramsey To: Sent: Friday, January 11, 2002 11:54 AM Subject: RE: full-duplex Ethernet cable? [7:31643] Is NIC Card kinda like a FAT Table? : p Daniel Cotts 01/11/02 12:34PM Unshielded Twisted Pair (UTP) uses two pair (four wires) on pins 12 and 36 of an RJ-45 plug. Whether it runs as full or half duplex is determined by the connected equipment - NIC card, Hub, Switch, router, etc. If Ethernet is running over coax cable then it is limited to half duplex. -Original Message- From: mlh [mailto:[EMAIL PROTECTED]] Sent: Friday, January 11, 2002 10:56 AM To: [EMAIL PROTECTED] Subject: full-duplex Ethernet cable? [7:31643] Hi, there, how many pairs of two-twisted cable are used for full-duplex Ethernet ? what is the difference between full- and half- duplex cable? Thank you in advance. Regrads, mlh Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31667t=31643 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
515UR Upgrade [7:31586]
Hi folks, Jus' checkin', I'm looking to upgrade my PIX 515UR w/failover from 5.3(1) wa up to the current 6.2. (Help me, I found myself *liking* the GUI of that PDM management interface!) Are there any war stories of note that might save the hapless administrator hours of time? Very best, G. When you're wounded and left on Afghanistan's plains, And the women come out to cut up what remains, Jest roll to your rifle and blow out your brains An' go to your Gawd like a soldier. Kipling, on other wars with different soldiers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31586t=31586 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OBTAIN A UNIVERSITY DEGREE...EASILY!! [7:30781]
And just what does prestigious non-accredited mean, exactly? The miserable worms who market accredited education for more-than-exorbitant fees are bad enough. (see previous threads on value of certifications vs. higher-education diplomas) I'd highly recommend pursuing industry certs rather than throwing your money and time away for a sheet of useless paper. This especially applies to our 'off-shore' brethren. Don't be a fool parting with his money... At least be fool partying with his money... Best, G. VP OGC A fool and his money are soon partying. Ancient wisdom from my youth UNIVERSITY DIPLOMAS Obtain a prosperous future, money earning power, and the admiration of all. Diplomas from prestigious non-accredited universities based on your present knowledge and life experience. No required tests, classes, books, or interviews. Bachelors, masters, MBA, and doctorate (PhD) diplomas available in the field of your choice. No one is turned down. Confidentiality assured. CALL NOW to receive your diploma within days!!! 1-305-460-3152 Call 24 hours a day, 7 days a week, including Sundays and holidays. If you no longer wish to be on our list send a message to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30807t=30781 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Win2K Browsing Problem [7:28074]
Actually, understanding Windows browsing implementation can be quite instructive. There are both WAN and LAN switching gotchas. Keep in mind that, at least with my NT 4.0 browsing, this is based upon broadcasts. Things like netmasks, VLANs and routers can do funny things to, and with, broadcast packets. There is a definitive article, Troubleshooting the Microsoft Computer Browsing Service, Technet article number Q188305, which explains much about the MS browsing system. Not that this has much to do, directly, with Cisco, excepting the network theory and architecture. Best, G. -Original Message- From: maamun Murangwa [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 04, 2001 8:11 AM To: [EMAIL PROTECTED] Subject: Win2K Browsing Problem [7:28074] Hi all, Can anyone give me some advise on how to solve a network browsing problem on a win2k enviroment, how can i improve it or what should i check for, on the Win2k side? MMK Nokia 5510 looks weird sounds great. Go to http://uk.promotions.yahoo.com/nokia/ discover and win it! The competition ends 16 th of December 2001. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=28324t=28074 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Send BREAK to console thru term server [7:27572]
The term to search on at CCO is 'break key sequence' which should bring up the following page: http://www.cisco.com/warp/customer/701/61.html I'd cut-n-paste, but there is a wealth of information there, with many different hardware and applications documented. Best, G. VP OGC -Original Message- From: Sean Wu [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 28, 2001 1:01 PM To: [EMAIL PROTECTED] Subject: Send BREAK to console thru term server [7:27572] How can we send a BREAK signal via telnet session? I access some device via terminal server, the only thing I am wondering is how to send a BREAK so that I can do password recovery. thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27591t=27572 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ZONE Tests vs Boson Tests [7:26639]
Here's a little story from the Bering Sea. Bear with me and you'll see why the 'thread' fits. The Anacortes, Washington fishing family had been very successful in the late 1980's. Early 1990 saw four brand-new crab boats ready to plunder the king crab population in an area the coast guard describes as 'the major leagues' compared to North Atlantic fishing ground weather conditions. Not too far out of Dutch Harbor, Alaska, two of those boats capsized, killing all 15 crew members aboard, including the son of one of the surviving vessels. While the craft were carrying out a load of 800lb. 'pots, photos of the loaded boats before their doomed departure showed nothing visible to point toward load instability. Investigations, of course, followed. Over a year later, as the investigation was closing, without answers, almost as an afterthought, a shipyard worker approached one investigator. I don't know if it really matters, but we had some extra bottom paint, and we added an extra 12 inches around the hull of both boats, he told them. Anti-fouling bottom paint, to combat marine organisms, makes a very visible waterline on the hull of a vessel. Normally, this would be considered a 'bonus' for an owner. This time, however, was different. The engineering specifications had the craft designed with bottom paint to a certain level on the hull. The 25 year-old skipper had loaded the crab pots *to the waterline as indicated by the additional 12 inches of paint*. No one, not the planners, not the skipper, not the investigators, had thought that the paint-line, so visible in the after-the-fact photos, was so 'out of spec.' Twelve inches deeper on a 150 foot boat equals tons of additional displacement. The boats flipped like tops; there was not even time for a 'mayday'. There are a couple of lessons here. The first, and most obvious, is follow the engineering specifications without error. The second, and more relevant to this thread, was that the skipper was operating by rote. He apparently did not understand that the stability of the vessel was not due to a line in the water, but to exact engineering specifications that were inviolate physics. So, does learning to pass the CCxx test(s) require rote learning? Yes. Does that rote learning style make you a safe skipper? Probably not. Know your engineering, as much as possible. The Why's it do that? are perhaps more important than just knowing it does... Very best, G. VP OGC And have a happy Thanksgiving. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26955t=26639 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Salary Expectations/CCNP's!!!!!!!!! [7:25805]
There are, I hope, perspective employers looking at this service. They can make up their own minds about folks who are looking for a 'quick fix' and their motivations. But I would not hire, or even look at, people who make a practice of belittlement and sarcasm. I'd rather hire a person who asks; in whatever format. And no, I don't care how 'smart' they are, or how smart they think they are. There are good people, with good ethics, who can do the job, regardless of complexity. It may take longer, and they might even have to ask It is also much easier to ridicule someone than give a polite pointer and/or response. Transparent, in some of the past cases. S, 'let the heathen rage', big people can take small-minded responses. Water off a duck's back. By the way, this thread has had a number of 'big people' mentioned; Babbage, Smee, Turing, amongst others. Thanks to all who try a make positive that which can seem so negative, at times. That list remains incomplete! Let's hear some more names of heroes of digital technology! Very best, G. VP OGC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26525t=25805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Salary Expectations/CCNP's!!!!!!!!! [7:25805]
Ah, the intolerance of it all... I answered this guy because he needed help. I did the research long ago, and put him in the ballpark. Of course, the rest of the knowledge is up to him. By the .signature involved I surmised this was a 'working stiff'. Have a little empathy. Some here have exhibited 'righteous indignation' towards those who would defile real or imagined standards placed by real or imagined judges. Reminds me of fundamentalist everywhere. How easy it is to generalize real people by the general they. Who knows? Someday, they may be you. The amount of energy devoted to trite answers and holier-than-thou elitism far outweighs any perceived good. (Hey, I had some fun looking it up again, myself.) Besides, it violates one of the great training principles, There are no dumb questions! Keep those card and letters coming! Very best, G. VP OGC previous stuff=== You are indeed correct. Posting questions here is a way of finding information on the internet. It's the lazy persons way! Why take an hour or two to look something up on your own when you can post a question here in one minute and have someone else provide the answer? The ability to research a problem and identify possible solultions on ones own is a critical skill for networkers. Do you think a CCIE just posts a question here every time they come across something they are not familiar with? I don't think so! If you want to encourage people to post questions here without doing research, that's up to you but you're not doing them a favor. All you're teaching them is when confronted with a problem... ASK SOMEONE ELSE! = I can be mean sometimes can't I ;-)... I just get tired of people claiming to be networkers and they don't even know how to use the ultimate resource of networkers... the internet... they just post questions here without doing ANY research on their own... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26379t=25805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT - List of dirty words [7:26380]
Speaking as the chief smut-buster at my site for the fed's typical effort with the Children's Internet Protection Act, you have a hard road coming. This is a high-profile and thankless duty. My solution is to go to a commercial provider, make it very clear that the filtering choice is their responsibility, and keep my head down. Otherwise, you need a 'committee' to share the wealth of abuse you're about to take. As for actual words, the aforementioned commercial provider gave up on the word game; too many variables, at least in the html filter land. And, as a 20 year commercial fisher with a few additional commercial diving years thrown in for good measure, I can assure you that sin-free souls have little chance covering truly depraved language. Given that vast expertise, and the obvious relevance to CCIE-type expertise, I'd be happy to provide you that information for standard CCIE rates---not! Your best bet might be George Carlin's list of Seven words you can't say on television. Very best, G. VP OGC -Original Message- From: Dennis Laganiere [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 15, 2001 9:03 AM To: [EMAIL PROTECTED] Subject: OT - List of dirty words [7:26380] This is totally off-topic, and I realize it's lazy to ask help so quickly, but this seems like an interesting quest. I need to populate my e-mail filters for dirty words, racial epitaphs and other offensive nonsense. Before I corrupt my pure and uncommonly sin-free soul by spending hours typing every foul thing I can think of, does anybody know of a webpage that I can cut and paste something, or perhaps e-mail me off-line what you've accumulated in the past? Again, let me apologize for the OT, but hey, the sooner I get this lame task done, the sooner I can power up my pod and contribute some relevant material to the group. Thank you in advance for your assistance, and I'm waiting in trepidation to see what comes my way in response to this inquiry... :-) -=- Dennis Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26394t=26380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Uplink fast and Port fast [7:26236]
Trip over the same rock fantastic Spanning Tree Protocol is where you want to go. Here's a typical symptom: Install new workstation on high end switch to troubleshoot multimedia through firewall. Connection fails. Link light fine. Realize all other cu ports are static address servers. Further realize DHCP uses broadcast for address. Static address on workstation connects. Hu. STP is the culprit. Why it comes up as a default for simple non-redundant route switched systems I'll leave up to the conjecturests. (Yes, I do know the advertised reason.) If you look at a STP packet through a sniffer, most of the settings will become clear. The most important is the time it takes to become what's known as in a 'forwarding' state. Typically this adds up to 50 seconds. Blocking--listening --learning and finally forwarding. By the time most of a minute has passed, Microsoft devices needing an address have given up. They have no address and so, have no network connection. I've tripped over this rock in my early days of Cisco switching. I'm tempted to entirely disable STP, in my environment; point to point, non-redundant, no ring. There have been discussions on this in previous threads. I believe the answer was similar to my feelings --- why not, if you don't need it? Not sure of the C(isco)ompany line, though. Port fast, simply enough, enables a quick STP forwarding state. Uplink fast is similar, but over trunked connections, I believe. Other vendors have other cutesy names for similar functions. And, by the way, while STP is a basic, and comparatively simple, those, like me, who have not much switching stick time, have found it confounding in that 'real world' we frequent. That world sometimes has some serious time limitations. I tend to learn more quickly by knowing what I looking for. Very best, G. VP OGC -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 14, 2001 10:54 AM To: [EMAIL PROTECTED] Subject: Re: Uplink fast and Port fast [7:26236] Nothing wrong with questions but for these real basic things a simple search will work and you will learn more by looking around and reading: http://www.cisco.com/ Dave William wrote: Dear all, Any one know what is uplink fast and port fast? Thanks a lot!! -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26297t=26236 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Salary Expectations/CCNP's!!!!!!!!! [7:25805]
A very distant shout from the lives of some of those we owe... Thomas Hobbs, Charles Babbage, Albert Smee, Alan Turing. It never ceases to amaze me that 'success', in modern America, equals money. It used to equate with knowledge and the gaining thereof. Though some of the early digital pioneers died poor and alone, I doubt the names of many contemporary CEOs will last as long in history. Nor do I feel their contribution(s) have been of equal value. The soul of this new machine deserves far better than greed as the primary motivator. Best, G. Vice-president (honorary), Old Geezers Club Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26310t=25805 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: What do you cats do for motivation? [7:24549]
Well, my paycheck crack didn't seem to satisfy the mark. I know it's a tough job. Old readers will note my previous, and current, affiliation with commercial salmon fishing. Nowadays it is for relaxation. That smallish break in the summer has had its moments, and I'm grateful for the escape into extreme nature from year to year. I see too much stress in this newsgroup. People can be harsh when pushing hard over a long haul. Like fishing, we are brothers (sisters, too) of a common misery. Also like fishing, I have seen friends die from their high-tech jobs. Maybe not as violent an end, but nonetheless, the end. Lots of folks want to enter the high tech field. Sometimes, though, the wanting is considerably different than the having. I used to think that, with enough work and dedication, anyone could excel in this field. I don't think that, anymore. The learning never stops. Know what you've signed up for. If you think it's hard now, wait 'til you look back at 20 years and wonder where all that time went! We're all in this together. So let's keep our sticks on the ice and pull for each other. Very best, G. VP OGC Youth is wasted on the wrong people. -Original Message- From: Joe [mailto:[EMAIL PROTECTED]] Sent: Monday, October 29, 2001 7:10 PM To: [EMAIL PROTECTED] Subject: Re: What do you cats do for motivation? [7:24549] I am sick of networking after doing it for a few years and I quit my job and take a long break for 2 years and do something that is totally irrelevant to computer. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24679t=24549 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: What do you cats do for motivation? [7:24549]
I look very much forward to continuing picking up my paycheck every month Very best, G. VP OGC Youth is wasted on the wrong people. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24568t=24549 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT- maybe... [7:24121]
Can you give me the url for this WUG product. - WhatsUp Gold. www.ipswitch.com A very decent product for the price. Simple, yet effective, ICMP polling plus some SNMP Get additions. Mapping is good. Graphing available. The notification options; from pop-ups to email to pager to noise, are very useful. One nifty is the ability to poll various NT services. There are various customization tools. COM interfaces are there, as well. If you think about your basic needs for enterprise management, this is certainly worth a look. Small fraction of the cost of some vendor's stuff. Doesn't do it all, but there's always telnet, eh? Best, G. V.P. OGC -Original Message- From: [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]] Sent: Thursday, October 25, 2001 1:03 PM To: [EMAIL PROTECTED] Subject:OT- maybe... [7:24121] Hi All, Besides Cisco Works, anyone know of any good Cisco monitoring apps? I am looking to monitor my routers, VPN and switches. Thanks, Rich Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24298t=24121 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: National Geek Guard To Save Data [7:22208]
Two thousand year-old wisdom: Who guards the guardians? Best, G. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=22246t=22208 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Way OT: Interesting Date today [7:21675]
And, speaking of our neighbors to the north... I've heard some very discouraging news from Canada about their new nuclear menace. They've had the 'eh' bomb for quite some time. Best, G. -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 02, 2001 4:39 PM To: [EMAIL PROTECTED] Subject: RE: Way OT: Interesting Date today [7:21675] as Leigh Anne pointed out indirectly, the Brits use the DDMM format. so a Brit list would come up with different results than would a Yank list. Hey, Leigh Anne, up in Canada you folks are half Frenchie. How do the Frogs do it? Chuck Larrieu ancestors left France a very long time ago -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Neiberger Sent: Tuesday, October 02, 2001 8:42 AM To: [EMAIL PROTECTED] Subject: RE: Way OT: Interesting Date today [7:21675] Yes, a palindrome is a word that is spelled the same backward and forward. In this case, the numbers are palindromic because--using the MMDD format-- 10-02-2001 is the same when read either direction. Using MM-D-YY, today is 10-2-01, which is also palindromic. There is no importance whatsoever, it's just a numeric oddity depending on which date format you use. A coworker mentioned it this morning and we've just been discussing it. It's completely useless information, but interesting nonetheless. However, it's *really* off-topic so I suppose I should get back on-topic. John Juan Blanco 10/2/01 9:15:13 AM John, When you said It's a palindrone! are you refering at the following: A Palindrome is a word spelled the same backwards and forwards If not please can you give more details for those who do not know what are you refering toand why it is so importantand how did you find out about those date Thanks, JB -Original Message- From: John Neiberger To: [EMAIL PROTECTED] Sent: 10/2/2001 10:03 AM Subject: Way OT: Interesting Date today [7:21675] 10-02-2001... It's a palindrome! When was the last date where this occurred? Here at work we think it was 08-31-1380. When will the next one be? :-) Sorry for the OT post, I just thought this was amusing. Back to the morning coffee John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=22151t=21675 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Sniffing Packet From the router. [7:21111]
I have the most unsightly wad of V.35 Y cables you ever saw. Eighteen, last time I counted; all for a single Network General DSS WAN Sniffer that I absolutely, positively, cannot live without. I plug in the Ys when I have to sniff one of those T1 links. Otherwise, I try and neatly hang them up in some semblance of order on a home-made 'hanger'. Very best, G. -Original Message- From: Trevor J Corness [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 02, 2001 4:03 PM To: [EMAIL PROTECTED] Subject: Re: Sniffing Packet From the router. [7:2] I honestly have never tried leaving the Y-Cable in on critical links... normally I do this stuff on an outside-contractor basis from the perspective of the company (my client). I offer outside services at a Communications company, my job is to design, install, and troubleshoot networks for many clients. As a result, I only have 1 Y-Cable V.35 for the Internet Advisor, and it always leaves with me, when the unit is no longer used. I will try to research this in a lab, and let you know what conclusion I come up with. Now I know what I am going to fill my 2 spare hours with tomorrow morning. On October 2, 2001 01:53 pm, Dan Faulk wrote: Hey learn something new every day on this list, good info. Could the Y-cable be left in circuit on critical links, with proper precautions of course, yeah I know simpleton question but you never know. I always leave one port open on all my switches just for the sniffer, has made life so much easier and safer too, nice to know the same idea could be used on the WAN also. Dan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Trevor J Corness Sent: Tuesday, October 02, 2001 3:14 PM To: [EMAIL PROTECTED] Subject: Re: Sniffing Packet From the router. [7:2] The only other way that I know of to avoid crashing the router, and getting a useful sniff of the WAN traffic, is to use a V.35 protocol analyzer, such as the HP Internet Advisor. This is a pricey unit, but if you do this stuff regularly (as my coworkers and I do), it is the easiest, and most presentable way to do this. Note: There is a short disruption of service while inserting and removing the V.35 Y-cable used to do this. Internet Advisor generates some very management-friendly reports, used to present findings to people of a slightly more non-technical background. It also has many VERY powerful features (think: SnifferPro-like GUI). I am sure there are other very similiar products out in the field, I am only explaining what I have used. At the present time, this is only the HP Internet Advisor. Regards, Trevor J Corness, CCNA CCDA JNCIS NNCSS MCSE Radian Communication Services Corporation http://www.radiancorp.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21751t=2 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Fridays funnies [7:17141]
Hummm, with those kinds of credentials those guys shouldn't have to work. They could teach. Best, G. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17443t=17141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT:National Rebellion Day [7:16928]
On this date in 1775, England declared the colonies in a 'state of rebellion'. Let's all keep up the good work! Best, G. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=16928t=16928 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: code red [PIX edition] [7:15286]
Below is a nice read. Very helpful. Can someone translate this for me from RouterTalk into PIXese? Best, G. Subject: code red [7:15286] I wanted to share this with the group: http://www.cisco.com/warp/public/63/nbar_acl_codered.shtml Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=16071t=15286 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RouterSim 3.0 [7:11342]
Hummm, imagine my disappointment when looking for an actual evaluation of the product. Can someone enlighten me as to the value of (the new) RouterSim on it's merits? Best, G. VP OGC Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=11556t=11342 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Confused about Cisco Agreement [7:8819]
Cisco agreement!!??? Cheating must be discouraged, everywhere. See below; yet another reason Cisco certs are becoming 'required' while advanced degrees are 'preferred' in those lucrative job postings From the Bellingham [Washington State] Herald, June 17, 2001, Editorial Opinion: In an outrageous scenario that played out this winter quarter, a computer science lecturer had to resort to handing in her resignation to get the administration's backing to flunk a student caught cheating on an exam. ... The student had turned an a four-question essay test in which his answers mirrored the previous exam but not the one being given. ... The [university's Student Academic Grievance Board] ruled that this particular type of cheating was not one listed in the rule books, so the student should be cleared. Egad. Egad, indeed. Public education should be ashamed, and good for Cisco for their attempts to limit ill-gotten gains. Best, G. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Saturday, June 16, 2001 10:37 AM To: [EMAIL PROTECTED] Subject: Re: Confused about Cisco Agreement [7:8819] At 06:47 AM 6/16/01, Oletu Hosea Godswill, CCNA. wrote: Has anyone really taken time to read and thoroughly understand the Cisco examination agreement page? The item 6 in that agreement reads(ie page 2 of your score sheet) Not to sell, license, distribute, give away, or obtain from any OTHER source OTHER THAN CISCO the exam materials, questions or answers Is Cisco trying to say that obtaining exam materials from Sybex, boson, certifyexpress, cramsession, wanpro, certificationzone, None of those sites have the Cisco exam materials. Only Cisco has them. By materials they mean the actual test. But if someone besides Cisco somehow got a hold of the exam materials and then you got them, you would be in possession of stolen goods, which is illegal in the U.S. and passing on same materials to friends who need them for their exams or borrowing others is illegal? Passing on materials of any sort might be illegal if the materials are copyrighted. That's a different issue, though. If that is not what they meant, I think it is good they re-amend that item 6. Am confused, can someone explain better to me. Are mind by this enslaved to cisco for all my materials relating to the exams or what do they really mean. Regards. Oletu Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=9003t=8819 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: retransmissions [7:7731]
I like that plain English part; the computer people I know do not normally speak plain English. Actually, I've had some fascinating (to a computer person) times with a Sniffer and retransmissions. My aging DSS' expert analysis feature does allow for quick 'drill downs', and is vastly superior, still, to Microsoft's useful network monitor. Using this, one of my more interesting finds was with an I/C seismometer using IP to transmit information packets to a mini-cpu down at the university. Had a 'retransmit' error every three packets. The geologist were happy, the data was transferred and processed ok. The Sniffer's increments of red numbers, however, were quite annoying. The 'retransmitted' packets were different sizes. The sequence number from the instrument side, however, did not change. This, I believe, is one of the 'definitions' of a retransmit. This was not, however, an error condition, except in the protocol violation. As happens with good test equipment, I persuaded the U. to replace the NIC card and all was again sweetness and light. There are other, more mundane, natural acts of retransmits. It's fun to watch outside/inside IP traffic once in a while. Besides, it would give you a 'feel' for what looks 'good' sos't when it's very, very bad, you have some baseline for a troubleshooting start. And a baseline that 30% is too much on a sustained basis. Very best, G. -Original Message- From: Nick R [mailto:[EMAIL PROTECTED]] Sent: Monday, June 11, 2001 11:35 AM To: [EMAIL PROTECTED] Subject: RE: retransmissions [7:7731] Forget about AutoNegotiation and set all nodes to manual 10 or 100 Mbps. Also, Priscilla had some good questions. What kind of retransmissions are those? What layer? The Expert Software in the Sniffer will tell you the details broken down to a plain english language. -- Nick Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8180t=7731 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Semi-RANT: extended exams [7:7871]
It's all due to the latitudinal locations of both Canada and Australia, both former British colonies. Because of these extremes, and the northerly location of the British Isles themselves, they use the 20 hour day, instead of the more conventional 24 hour period. Canada, particularly, I have heard, is moving toward the 24 hour day with typical reluctance, as it is a perceived movement towards the Americanization of that country on the United States' northern border. So the stated time difference for those test is actually the 'corrected' time for that 20 hour day. (Apologies to that great Canadian TV show, Twenty-two Minutes in This Hour.) Best, G. V.P. OGC -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 12, 2001 9:01 AM To: [EMAIL PROTECTED] Subject: Re: Semi-RANT: extended exams [7:7871] I'm not even sure if there's a CCIE test center in Australia, but, if there is, let's not be too hasty in assuming English, American, or Australian. American candidate to Australian proctor, probably ok: ping that row-ter English candidate to Australian proctor, ping that root-er, and the candidate immediately makes inappropriate physical contact with the person in the apparently appropriate direction. Vaguely reminded of the Battle of Britain veteran, waving his hands and ranting there were fokkers to the left of me, fokkers to the right of me... and being interrupted with There weren't any Fokkers in the Battle of Britain! What does that have to do with it? These fokkers were Messerschmidts! (Wondering if this will get through the filters). On Mon, 11 Jun 2001, Kevin Wigle wrote: I wasn't aware that an extended exam was anymore different than normal exams except you get more time. If this truly is the only difference I'm not sure what your point is. If you, a good English speaker can do the test in 1 hour, then - you're done. Doesn't matter if the exam has allotted 2 hours or 3 hours, you're done in 1. Picture the following aborted recruiter interview: Me: I'm a CCNP and CCDP... Recruiter: (interrupts me) You passed the extended exams, not the standard ones. You're not a true CCNP and CCDP. You won't do. Good bye. (OK, this is slightly exaggerated, but it should give you the gist.) I don't think too many people from the US/Canada are going to hop a plane to get that extra 30 minutes test time. Perhaps someone in Brittain would take the train to France? that would probably bump the effective price up a bit. Well, now that you mention it... A Briton would have to hop onto a train or plane to Brussels to take the CCIE lab. So would a German, a Greek, or a Spaniard. I don't remember anything in the CCIE lab blueprint that mentioned granting an extra 2 hours, or half-day, or whatever, to candidates who don't speak natively whatever language(s) the lab documents are written in and or the lab proctors speak or mangle. That sounds inconsistent with the stated goals, esp. when the CCIE written *has* the extension. I agree with your point #1 and with that a candidate should be able to elect to take a non-extended exam. However, a problem could present itself later if a candidate failed the exam and then complained he didn't understand the consequences of not taking an extended exam! :-) I don't think that Vue or Prometric want to be responsible for having to first judge the English proficiency of a candidate. Amusingly, at least one Prometric testing center in Paris also offers an ESL proficiency exam. But you're right, they shouldn't have to. However, there are ways around this, such as letting you (the candidate) take the exam again for free, perhaps limiting that to cases where you appear to be in good faith and or didn't fail the exam abismally (which could be decided by the number of correct answers to questions you had time to answer before the ax felt). Also, the policy is cisco's, and my email was addressed to cisco. Your point #2 probably wasn't thought of in that way because that would be politcally incorrect and nobody wants that :-) OK, so I'm blunt and unsubtle. :-) I'm curious, though: what would be a newspeak way of stating it without making it meaningless? Your point #3 would require in my opinion that the option to accept/deny the extended exam would have to be asked in the candidate's native language. Now imagine how interesting that could get... I must have a pedestrian imagination, because all solutions to that that I could think of are uninteresting. - If registering online: IMHO, someone who could navigate the test center's web pages should be able to understand a warning, or a mention, in plain English right at the point the option is offered. - If registering in person or on the phone: you would presumably speak to someone (an administrative assistant or receptionist, perhaps) who speaks the same language as you. Unless the exam
RE: Rule 5-4-3 [7:7578]
A couple of 5-4-3 refinements: Try this picture: MORE HOSTS \.../ hosts HUB(s) hosts \|/\|/\|/ host --- hub --- repeat --- SWITCH --- repeat-- hub --- hub etc... /|\/|\/|\ hosts hosts hosts The question of 'slot time' becomes confusing to me with the addition of one, or more, switches into the (10,100,1000) circuit(s). The 'etc' above asks, What is the practical limit of cascaded switch/hub combinations in a 10 Mb/s ethernet? A combination 10 and 100 Mb/s ethernet? Yes, even with a 1Gb/s backbone? Please, don't laugh, we here in K-12 education need to lash up all kinds of stuff. Sometimes, if you can believe it, people will even sneak an extra hub into the building! No problem is insurmountable with the comparatively limitless private sector resources. Network design is easy (easier) without the albatross of old equipment never, ever, being surplused out, just moved out closer to the edge. That's why we like the theory, as below. We frequently need to figure out what flies ourselves. Very best, G. Be strict in what you send, and forgiving in what you receive. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- George Hartnell, Network Supervisor Bellingham School District, 1306 DuPont St. Bellingham, Wa. 98225-3198 (360)647-6860 [EMAIL PROTECTED] Internet Mail -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 07, 2001 12:38 PM To: [EMAIL PROTECTED] Subject: Re: Rule 5-4-3 [7:7578] At 02:17 PM 6/7/01, Aleksey Loginov wrote: Hi! Question about rule 5-4-3. How it's work for 10BaseT? This scheme correct? hosts hosts hosts \|/\|/\|/ host --- hub --- repeat --- hub --- repeat --- hub --- host /|\/|\/|\ hosts hosts hosts Great job on the ASCII art! It's quite pleasing to the eye. ;-) A 10BaseT hub is a repeater. Dare I say that there's no difference between a Layer-1 repeater and a hub? Just like there's no difference between a Layer-2 switch and a bridge, or a Layer-3 switch and a router. Argh. One topology that became popular for explaining propagation delay on an Ethernet network was the 5-4-3 topology. With a 5-4-3 topology, you can have up to five segments in series, with up to four repeaters, and no more than three mixing segments. If three mixing segments are used, then the remaining two segments must be link segments. A mixing segment is one that can have more than one attachment, such as a coax cable. A link segment is a point-to-point link. It could be a fiber link between hubs, for example. A 10BaseT hub connection to an end station is also a link segment. The 5-4-3 topology is just one of many models that work actually. It is a simplification of the actual rule that says that the round-trip propagation delay in one collision domain must not exceed the time it takes a sender to transmit 512 bits, which is 51.2 5s for 10-Mbps Ethernet, and is also known as the slot time. A single collision domain must be limited in size so that a station sending a minimum-sized frame (64 bytes or 512 bits) can detect a collision and jam signal reflecting back from the opposite side of the network, while the station is still sending the frame. Otherwise, the station would be finished sending and not listening for a collision, thus losing the efficiency of Ethernet to detect a collision and quickly retransmit the frame. For a higher layer to notice that the frame needs retransmitting takes much more time. Ethernet retransmissions occur within nanoseconds. Priscilla Any comments, please. Best regards, Aleksey Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=8036t=7578 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
T and F LA's. Was Intrusion Detection [7:6840]
STFW? LOL? My fifty plus years are showing. While I once used familiar jargon like 'far out', 'spacy' and some others, I find myself puzzled by some of the new acronyms used by the YPKs. Is there some dictionary of current acronyms used by my younger colleagues sos't I can communicate? It is Friday, after all, so enjoy the funnies! Best, G. V.P. OGC -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 30, 2001 2:59 PM To: [EMAIL PROTECTED] Subject: RE: Intrusion Detection [7:6494] STFW? Hmmm? Security Things to Fiddle With? .Org or .Com? -Original Message- From: Christopher Kolp [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 30, 2001 14:47 To: [EMAIL PROTECTED] Subject: RE: Intrusion Detection [7:6494] Wow, such hostility. Sorry for raining on your parade, I found the page and am checking it out. Why don't you go back to answering the phones and get off my back. ck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Russ Kreigh Sent: Wednesday, May 30, 2001 5:30 PM To: [EMAIL PROTECTED] Subject: Re: Intrusion Detection [7:6494] STFW! - Original Message - From: Christopher Kolp To: Sent: Wednesday, May 30, 2001 4:02 PM Subject: RE: Intrusion Detection [7:6494] link please -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Russ Kreigh Sent: Wednesday, May 30, 2001 4:48 PM To: [EMAIL PROTECTED] Subject: Re: Intrusion Detection [7:6494] Snort is also a decent one for the price (free) - Original Message - From: William E. Gragido To: Sent: Wednesday, May 30, 2001 3:11 PM Subject: RE: Intrusion Detection [7:6494] Check out Intrusion.com They make some truly great products -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Mel Chandler PMI Sent: Wednesday, May 30, 2001 2:08 PM To: [EMAIL PROTECTED] Subject: Intrusion Detection [7:6494] Has any had the opportunity to evaluate an intrusion detection system? I know Cisco makes one, not sure what it runs for an OS and how well it's put together. Have looked at Cabletron, excuse me, Enterasys, and Webtrends. Anyone offer any insight? Mel L. Chandler, A+, Network+, MCNE, MCDBA, MCSE+I, CCNA [EMAIL PROTECTED] Network Analyst Information Services PMI Delta Dental (562) 467-6627 FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=6840t=6840 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How work in large environment? [7:4420]How work in large environment? [7:4420]
Don't forget the public sector entities. Metropolitan, campus and government networks can offer some great exposure. The pay, on the other hand. Best, G. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4442t=4420 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Stop Sending me mails this is my fourth mail. [7:3280]
I came into IT from commercial fishing almost 20 years ago. Kept my fingers in that exercise, as much as possible, over the years. I work in education, so summers, in the past, have had some time to get out on the boat. I had to give that up, recently; just not enough time for both IT and that kind of 'part time' work. It's true what they say about commercial fishing. My wife and I have lost several friends over the years to the 'worlds most dangerous profession. Many of us have come close. Comes with the territory. There was a time, though, a few years back, that I buried a couple of friends within a short period. While not the diagnosis of record, many of us saw a direct relation with their early demise (one was 43 years old) and on-the-job stress related illness(es). They were both IT professionals. So called 'safe' profession. So, keep in mind, gentle readers, that stress can, and does, kill just as surely as that 90 foot wave in Perfect Storm. If you don't have the temperament to deal with that stress, be careful and realistic with yourself. Do take positive action if you find yourself(ves) 'out there' in high-stress land. No amount of compensation can make up for the long-term harm that can sneak up on the unwary. On the boat, with the crew, we have a saying; Brothers of a common misery. We also say a rising tide raises all ships. While IT folks don't generally depend upon each other for life itself, we should keep in mind that we can find ourselves working closely with one another throughout our careers. Deliberately spreading more misery (read stress) produces neither less misery nor more common brotherhood. It can, indeed, lead to worse scenarios. The IT job is hard enough. Very best, G. -Original Message- From: hal9001 [mailto:[EMAIL PROTECTED]] Sent: Saturday, May 05, 2001 12:07 PM To: [EMAIL PROTECTED] Subject: Re: Stop Sending me mails this is my fourth mail. [7:3280] And quite alot of ignorance on one persons part. Karl - Original Message - From: William E. Gragido To: Sent: Saturday, May 05, 2001 8:01 PM Subject: RE: Stop Sending me mails this is my fourth mail. [7:3280] I am detecting a lot of hostility here... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Larry Osei-Kwaku Sent: Saturday, May 05, 2001 5:31 AM To: [EMAIL PROTECTED] Subject: Re: Stop Sending me mails this is my fourth mail. [7:3280] You Fool ! Go to WWW.groupstudy.com and unsubscribe yourself. --- M. HASAN USMANI. wrote: unsubscribe cisco STOP SENDING ME EMAILS!!! UNSUBSCRIBE CISCO UNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCOUNSUBSCRIBE CISCO ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = Wear a smile and have friends; wear a scowl and have wrinkles. - George Eliot the greatest glory is not in never falling, but rising up each time we fall. The greatest man is not he who does not fall but he who falls and rises again to win Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure
RE: Job Opening Senior Network Engineer
I note with interest that the 4 year degree is "preferred" whilst the CCIE is a "must have". Four year institutions need to scrutinize their heretofore stranglehold on credentials. To little bang for too many bucks with a mini portion of relevance in the real world. Best, G. -stuff omitted --- Job Requirements: * Must have CCIE Cisco Certification * BA or BS degree preferred * Ability to document and provide in-depth reporting and analysis * 5 years of industry experience -bla bla bla--- _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX IOS upgrade
Having just installed 5.3(1) on a replacement 515. I am seeing what I believe(d) to be logical icmp denies on a regular basis. Can anyone point me to the right TAC (or other) spot for analysis of these rumored maladies? I've searched the bug reports And yes, one of the 'shotgun' solutions was to drop down to 5.2. Apparently, however, this was not the solution this time. Maybe TAC Tools Seminar meltdown yesterday was more significant than its functionality... Best, G. -Original Message- From: John Hardman [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 03, 2001 12:54 PM To: [EMAIL PROTECTED] Subject: Re: PIX IOS upgrade Hi There have been a lot posts in the Cisco news groups about people having ICMP problems with 5.3 code. Several stating that TAC has recommended a down grade to solve the problems. Personally I would not install a 5.3 code at this time. 5.2.x seems to be fine. HTH -- John Hardman CCNP MCSE ""Paul L Holloway"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm upgrading the IOS on a new PIX. What would be the downside of me upgrading to 5.3 without stepping up incrementally and just going directly from 4.4 to 5.3. I don't see anywhere in the Cisco documentation where they advise against this, but I seem to remember several threads here advising to go up one version at a time. Any thoughts?? Paul _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Performance
It *was* broke. After much wailing and gnashing of teeth, I finally tried shutting down the primary. Bandwidth was immediately improved. S, I'm calling this a faulty 515 primary system E0 interface. Best, G. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PIX Performance
How's about a little 'real-life' observation on a 515UR/failover package: Problem: external limited to ~850Kbit/s since install. Normal range, 2.5-3.5Mbits/s internal ether on 515 does not exceed 140-160KBytes/s internal ether has unusual number of IP transport retransmissions. no apparent loops/collisions/protocol/hardware problems (Fluke OneTouch) external ether on 515 sends 2.5Mbits/s+ to external IMux'ed T1's fine. load: well under specs. no NAT 5.3 internal -- hub/switch -- 100Mb/full -- 515 -- 10BaseT --border router --T1X3 --external N.G. Sniffer on internal and external side of 515. Fluke OneTouch as well. Somehow, it seems that, despite the theoretical, this PIX is throttling the bandwidth at around 850Kbits/s. The MRTG graph is most unusual and certainly shows the pattern of a throttle of some sort. Plateau shape, no spikes. Config normal, as far as a couple of us can tell, certainly nothing bazaar. I've tried disabling the failover, yes. No NAT *may*, I've heard speculation, need another kind of treatment. Seems like '0 0 0 0' with statics wouldn't kill the throughput... How or why it's down that has been a baffler for a couple of days/nights. Maybe it's broke. If anyone might have a suggestion on what to look for ('show what?)|(debug what?) I'd listen. Otherwise, handy syslog indicates the thing is doing it's job. A "must have" device. However, to keep internal peace, I may have to not have until I can get a solution. Best, G. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Advance Cisco PIX Configuration Exam - Passed!
Well, I've looked there, at the CCO, and the documentation I've found is 'ok'. By 'ok' I mean that you *can* successfully set up the PIX from those docs. The PIX, however, isn't there for just NAT, it's there to help secure your network. To that end there seems, to me, to be very little in the way of code snippets for, say, preventing a simple smurf, or for dropping IP packets where the source isn't from your address range. Things that CERT talks about, but how do you *do* that on your firewall? In fact, some current 'how tos' at the Cisco PIX site still talk about the 'outbound' command; something even IOS 5.1 (5.3 is current) indicates has been superseded by the 'access-list' command. Check out this outdated 'help' yourselves: "Question: How do you configure outbound access lists on the PIX box? http://www-1.cisco.com/cgi-bin/Support/OpenForum/dispnewqa.pl/3753 " While it's sometimes nice to have archival information for past IOS versions, clearly this information is less-than-useful to current PIX IOS users. Unless, as many, I'm lost in the vastness of CCO-land, which, admittedly, is possible. So, it's nice that somebody passed the exam. It would also be nice to find a resource for the PIX. I'm still struggling, but making headway. Best, G. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 0s and 1s??
"I read in an article that Michael Muuss has died in a car accident. He is the person who gave us a tool called "PING" to make our lives easier when troubleshooting our networks." - And he is now surrounded by his loved ones, and his loved zeros. Happy Friday! (sent during the recent downtime.) Best, G. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to Open Pix firewall Ports
Hi Muhammad, I just put up a 515-UR, OS 5.3(1). Quoth the manual, "Cisco recommends that you do not use the access-list command with the conduit and outbound commands." There are some evaluation sequence issues. That said, from configuration mode: access-list acl_out permit tcp any any eq 3050 access-list acl_out permit udp any any eq 3050 similar entries for port 3051 access-group acl_out in interface outside Like many computer things, there are other ways around the barn, and other flavors of the command to do the same, or similar things. For instance 'any' can be substituted with a 'host ipaddress' for a single permit or a 'ipaddress netmask' combination for a range of permitted systems to access those ports. 'udp' and 'tcp' can be covered by 'ip', which also covers icmp packets. While I haven't used this command, 'range' could be used as the operator rather than 'eq'. According to the manual, thusly: access-list acl_out permit ip any any range 3050 3051 That should/could drop your configuration file line count down a bit. My configuration file is leaning towards the enormous. Small price, though, for a secure site. Best, G. Bellingham, Washington -Original Message- From: Darren Crawford [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 13, 2001 11:06 AM To: Muhammad Faheem; cisco@groupstudy. com (E-mail) Subject: Re: How to Open Pix firewall Ports If you are opening the ports to "outside" entities you'll need to create conduits. They would look something like this: conduit permit udp host 1.1.1.1 eq 3050 any conduit permit tcp host 1.1.1.1 eq 3050 any conduit permit udp host 1.1.1.1 eq 3051 any conduit permit tcp host 1.1.1.1 eq 3051 any HTH Darren At 09:56 PM 03/13/2001 +0400, Muhammad Faheem wrote: Hi Guys I want to open port 3050 and 3051 on Pix firewall , i would appreciate if any body Guide me how to get this done or what command should i check. Regards Muhammad Faheem Systems Engineer Afcomp Hello : (9714)-3933878 / 3027338 Fax : (9714)-3933832 Web : www.afcomp.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Darren S. Crawford Lucent Technologies Worldwide Services 2377 Gold Meadow WayPhone: (916) 859-5200 x310 Suite 230 Fax: (916) 859-5201 Sacramento, CA 95670Pager: (800) 467-1467 Email: [EMAIL PROTECTED] Epager: [EMAIL PROTECTED] http://www.lucent.comhttp://www.lucent.com Network Systems Consultant - CCNA _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: HEX
That Priscilla is a real jewel, eh? I think I'll add this formula to my *must know* list. The one tid-bit I might include, though not reputed to be 'test centric', is to *memorize* (I say this as a member in good standing of the O)ld G)eezer's C)lub) the binary numeric for HEX digits. The 'weight' of the bits logic has helped me out a few times An interesting math trick, 16^4 is ()+1 or ( )+1. Note that 2^16=16^4=1 binary=0x1 hex. They all reach the same number. It took this 52 year-old maybe a week of practice to 'grok this in it's fullness'. Just my way of figgerin' it out. There are others. It is delightful to hear of someone who hasn't fired up the scientific side of that Windows accessory for this kind of math. I've been helpless without that hex/bin calculator for years. The memorization/concept isn't that hard, though, and, really, CCxx's should, as advertised, be able to do this, 'in your head'. Best, G. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Friday, March 02, 2001 4:27 PM To: [EMAIL PROTECTED] Subject: RE: HEX I never even knew the Windows Accessories calculator converted to hex! I just do it manually. I have the following numbers and letters pretty much memorized, so that helps. 10 = A 11 = B 12 = C 13 = D 14 = E 15 = F 16^0 = 1 16^1 = 16 16^2 = 256 16^3 = 4096 16^4 = 65536 Figure out where the number they give you falls in the above list, for example, is it between 256 and 4096? Or between 4096 and 65536? Divide by the smaller of the numbers you select. Keep dividing the remainders until you run out of numbers, (or can select the right answer, it is multiple choice after all!) Here's an example: Convert to Hex. Easy! Divide by 4096 = 1, remainder = 1459 Divide 1459 by 256 = 5, remainder = 179 Divide 179 by 16= B, remainder = 3 Divide 3 by 1 = 3 Answer = 15B3 Note: a few things made this example easy. divided by 4096 is obviously 1. 256 x 5 is obviously 1280. 16 x 11 is obviously 176. Often it's much easier than it seems. (Sometimes, it's not and you just do brute force.) Priscilla At 09:26 AM 3/2/01, Dale Frohman wrote: exactly. I had a friend who told me there was some HEX conversions on the BCMSN exam which i am scheduled to take in a couple of weeks. On Fri, 2 Mar 2001, Barronton, Ken wrote: Because you can't use it during an exam. Real life...OK, exam...NO. -Original Message- From: Nuria Canamares [mailto:[EMAIL PROTECTED]] Sent: Friday, March 02, 2001 6:27 AM To: 'Dale Frohman' Cc: [EMAIL PROTECTED] Subject: RE: HEX Why don't you use the calculator of windows accesories? -Mensaje original- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]En nombre de Dale Frohman Enviado el: Jueves 1 de Marzo de 2001 3:24 PM Para: [EMAIL PROTECTED] Asunto: HEX Does anyone have a way/tricks in remembering how to do HEX conversions? Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: what is the average age of people in this stuff?
Please sign me up for the OGC, as I more than qualify. 'Round here we chew up and sipt out the YPK's Those that stick around might learn enough to qualify for OGC membership when their time comes. Very best, G. "Be strict in what you send, and forgiving in what you receive." -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- George Hartnell, Network Supervisor Bellingham School District, 1306 DuPont St. Bellingham, Wa. 98225-3198 (360)647-6860 [EMAIL PROTECTED] Internet Mail -Original Message- From: Christopher Kolp [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 27, 2001 12:40 PM To: [EMAIL PROTECTED] Subject: RE: what is the average age of people in this stuff? Young Punk Kid here... Coming to take your job soon. :) Thats right, grampa :) It's a kids world. ck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tom Lisa Sent: Tuesday, February 27, 2001 2:52 PM To: [EMAIL PROTECTED] Subject: Re: what is the average age of people in this stuff? If you wish to join the OGC, I will be happy to appoint you in-house counsel. Then we can sue the hell out of any YPK's that get in our way! :) Remember, even if we're clueless, when OGC members talk, people listen. Tom Lisa, Instructor, CCNA, CCAI Community College of Southern Nevada Cisco Regional Networking Academy _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: what is the average age of people in this stuff?
I'm fifty-two. The memory does become more of a challenge. The quick uptake takes a hit. The twenty-hour days take days of recuperation. But the knowledge chase is still very satisfying. It comes in a more relaxed and in-perspective kind of way. I enjoy mastery of the thing, and, looked at in that way, the long hours of study melt into, well, the career, life, the way. Whatever. Best, G. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Speaking of cables....
Hi, I jus' happen to have a couple of 2600 series routers, 2610 2611, as well as a Network General WAN Sniffer. I also have a 'Y' cable, with V.35 female-female ends. The third 'Y' leg goes to the WAN Sniffer. I have one (1) Cisco V.35 DTE serial cable, male. There are a smattering of other router vendors around here, too. HP, Bay, Wellfleet. I've found it useful to sniff the various WAN protocols between vendors, from time to time. Very instructive. What I'd like is to connect the two Cisco's for a training lab, of sorts, for myself, and my staff. I'd like to be able to cross-connect serial router ports on all those vendors, but Cisco would be sufficient. So, can I procure a Cisco DCE serial cable and complete the cross-over that way? I realize I'd need a gender-bender, given the f-f config of the 'Y'. That would also negate a generic V.35 to those other routers mentioned, I'd have to fabricate a cross-over for each. Can I procure another Cisco DTE V.35 cable and cross over within the 'Y'? What would be, or where can I find, the pin outs for that? Finally, how might you, gentle reader, do this another way? Cisco serialV.35--V.35-Cisco serial | | -WAN Sniffer I also have a couple of CSU/DSUs available. Forgive my ignorance, but I've only used them over point-to-point and frame T1s on public networks. Can I directly wire those devices back-to-back and achieve router-to-router WAN connections in that way, as well? Again, what might be the wire chart for that T1-like circuit labeled 'cu', below? RouterV.35-V.35---CSU/DSU-(cu)-CSU/DSU-V.35-Router | | ---WAN Sniffer Thanks for any ruminations on this connectivity issue. Best regards, G. "Be strict in what you send, and forgiving in what you receive." -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- George Hartnell, Network Supervisor Bellingham School District, 1306 DuPont St. Bellingham, Wa. 98225-3198 (360)647-6860 [EMAIL PROTECTED] Internet Mail _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Disappointed with ccnp!!
Quoth someone earlier: "If you work for the state or your county, you can make a LOT of dough. They tend to overpay for most positions." Could someone tell me just what that state or country that is? Best, G. (A third generation government technical employee.) Somewhat more seriously, public sector education work, while in *my* experience is far from riches, does present a good resume stuffer. The velocity only promises to increase with "technology in education" being such a current buzzword. My team gets the exposure. Those who have gone on to the private sector from here have made out quite well. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RE: Last Nights DC Cisco Meeting
Well, I used to live near DC -- traveled up there quite a bit, in my 18-21 days. Long time ago. But, I wonder, what was said there in DC about certificationzone? Best, G. -Original Message- From: Steve Jacks [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 19, 2000 1:39 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: RE: Last Nights DC Cisco Meeting Actually the website was never mentioned at the meeting. I asked around and was told it was Knowledgenet.com however I now know it is CertificationZone.com. -Chuck --- Thailand's BEST Free Email at Bangkok.com - http://mail.bangkok.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
L3 Switch Individual Host Route
Hi, Let's imagine that you have a L3 switch with a segment (x) serving a (actually more) router feeding another segment (y). The L3 has other BVIs (w and z). Let's also imagine that one has a server belonging to the routed segment y, (y.1) Let's also imagine that the server has crashed, and needs to physically be located at the L3 switch site, several miles from its "home" on physical segment y. Server Y's IP address is, as aforementioned, Y.1. Can routing switch L3 have an individual port configured for an individual host route? So, steps? The static ip route statement is fine, but for the next interface entry? What about the existing ip route to the router server segment X? All routes do go through that L3 first. Router (YX) would also have the static entry for Y.1. Or, am I barking up the wrong pole? Simpler solutions do exist. Jus' wonderin' Best, G. --YRouterX---L3Z--Router-cloud | | host Y.1 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 100BaseT Between Buildings
Not with copper. Single mode fiber with LX modules work for me. You can buy 100Mb/sec cu to single mode fiber media converters. I don't think you can 'get there from here' with multimode fiber, or, as aforementioned, copper. Oddly enough, it seemed (to me) that gigabit LX gbic modules for some catalyst switches are just as inexpensive as the media converter lash-up. One-hundred meg ethernet is also less challenging to 'sniff' for problems. Probably you will want to run single-mode anyway; keeping future scale-up options open. Strandage? Spares are handy. Phones too? Look at copper hybrid cable for cu-T1 or extra fiber stands for T1/DS1 PBX phone switches. Or, why not wireless? If you're line-of-site, there are some 100Mb/s solutions out there. Best, G. -Original Message- From: Rossetti, Stan [mailto:[EMAIL PROTECTED]] Sent: Monday, December 04, 2000 3:10 PM To: '[EMAIL PROTECTED]' Subject: 100BaseT Between Buildings Does anyone know of a way to implement 100BaseT between 2 buildings that are ¾ (~ 4100 feet) of a mile apart? I think the distance limitation per segment is 200 meters. Thanks Stan Rossetti Russia Services Group Voice: (256) 544-5031 Email: [EMAIL PROTECTED] Beeper: 544-5031 pin 0112 CCDA, CCNA, CCSE _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: T3- DS3
Been here before, but bears repeating: http://eff5.csuchico.edu/bellingham/silver/staff.html Subject: Re: T3- DS3 No, they are identical. I'm sure someone else will respond with some more history on the reasons they are named the different things. The DS is digital signal and T I assume has something to do with TDM. Its 28 T1's or DS-1's, or 672 DS0's though I have never heard T0. andy On Tue, 21 Nov 2000, Chris Larson wrote: What is the difference between the 2. I know a T-3 is the about equal to 30 T-1's, but there must also be a difference in signaling right? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: T3- DS3
Ah, the many varied duties of the harried network supervisor: The ACTUAL link on the T3-DS3 conundrum is: http://www.dcbnet.com/notes/9611t1.html Thanks to Jon McC for the correction. Subject: RE: T3- DS3 Been here before, but bears repeating: http:// bad address! no biscuit! Subject: Re: T3- DS3 No, they are identical. I'm sure someone else will respond with some more history on the reasons they are named the different things. The DS is digital signal and T I assume has something to do with TDM. Its 28 T1's or DS-1's, or 672 DS0's though I have never heard T0. andy On Tue, 21 Nov 2000, Chris Larson wrote: What is the difference between the 2. I know a T-3 is the about equal to 30 T-1's, but there must also be a difference in signaling right? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Rock and Roll Trivia - WAS: Youngest CCNP
It is becoming an irritation that what some consider history, I consider memories. Dylan. Very best, (getting ready for those geriatric wheel-chair races) G. -Original Message- From: Dan Henry [mailto:[EMAIL PROTECTED]] Sent: Monday, November 13, 2000 11:14 PM To: whatshakin Cc: [EMAIL PROTECTED] Subject: Re: Rock and Roll Trivia - WAS: Youngest CCNP It's a Dylan song; the Turtles did it, yes about '66-'67..not that I was there or anything _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NMS -- What is really needed?
I've been perusing the trial version of CiscoWorks 5.0 w/What's Up Gold. I'm finding that I might want to invest in a more robust Network Management System, and/or add-ons. I notice a couple of things at the Cisco site: The CiscoWorks2000 Campus Bundle. For Unix boxes, several parts: Campus Manager Traffic Director Resource Manager Essentials (what might be more than essentials?) CiscoView CiscoWorks2000 Management Server For NT boxes: LAN Management Solution Traffic Director Campus Manager Resource Manager Essentials Content Flow Monitor CiscoView Then there's a whole bunch of 'other stuff'; device fault manager, switch probes, QoS manager, internetwork performance monitor, routed WAN management, ad. nauseum. I'm big on test equipment, but must admit some antiquity, on my part, and but a notion of just-enough management for a largish campus/metropolitan area fiber network. So, some specifics, eh? Single-mode concentric rings connecting 22 sites. All within 10 miles, as the fiber runs. Three thousand nodes. No voice. Gig ether. Cisco equipment, mostly. Public-sector K-12, so, keep it realistic. Although, now that I think about it, no matter who wins The Election, K-12 education has been promised billion$$$. I'm waiting for the manna to start falling Thanks. Best, G. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX-How's that 'U' work?
The PIX 515UR is a real nice addition. I've got 3k workstations behind 24 class C's. The "U")nrestricted license is for thousands of connections. But, this site has a Proxy server. This means that there will only be a handful of internal stations really hitting the PIX/net. Of course, there is mail, a web server, and one or two other systems needing external access. Is that Unrestricted license really necessary? What might I loose down the road if I decide on the restricted license? Best, G. -Original Message----- From: Hartnell, George Sent: Tuesday, November 14, 2000 3:46 PM To: [EMAIL PROTECTED] Subject: NMS -- What is really needed? I've been perusing the trial version of CiscoWorks 5.0 w/What's Up Gold. I'm finding that I might want to invest in a more robust Network Management System, and/or add-ons. I notice a couple of things at the Cisco site: The CiscoWorks2000 Campus Bundle. For Unix boxes, several parts: Campus Manager Traffic Director Resource Manager Essentials (what might be more than essentials?) CiscoView CiscoWorks2000 Management Server For NT boxes: LAN Management Solution Traffic Director Campus Manager Resource Manager Essentials Content Flow Monitor CiscoView Then there's a whole bunch of 'other stuff'; device fault manager, switch probes, QoS manager, internetwork performance monitor, routed WAN management, ad. nauseum. I'm big on test equipment, but must admit some antiquity, on my part, and but a notion of just-enough management for a largish campus/metropolitan area fiber network. So, some specifics, eh? Single-mode concentric rings connecting 22 sites. All within 10 miles, as the fiber runs. Three thousand nodes. No voice. Gig ether. Cisco equipment, mostly. Public-sector K-12, so, keep it realistic. Although, now that I think about it, no matter who wins The Election, K-12 education has been promised billion$$$. I'm waiting for the manna to start falling Thanks. Best, G. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CiscoWorks 5.0 and What's Up?
Any wonderful references out there for good usage of CiscoWorks? Best, G. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Segments, Switches, and Routers
Ah, yes, another lost soul in G-L3 land. My 2948G-L3 is, indeed, at the core. Quite a useful multilayer model device. I like it. You can divide your class B into those 8 subnets, assign a BVI to each, and then attach whatever ports to that bridge-group that you need. Nice for servers back 'at the office'. There are, of course, lots of ways to set-up and embellish. My needs were simple, so far. Couple of items. Don't expect ACLs. Don't think that, on the 2948 at least, the secondary gig port runs at line speed with both interfaces pumping to different segments. Do 'think like a switched vlan' more than 'router centric'. The docs are minimal. We/I need a 'G-L3' group. One more tidbit. "Cisco LAN Switching" (good book, read it *before* you need to) does address flat VLAN structure quite a bit, but, in the last third, you will read about how much easier it is to *manage* multilayer. Very true, in my environs. Best, G. -Original Message- From: NetEng [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 01, 2000 3:47 PM To: [EMAIL PROTECTED] Subject: Segments, Switches, and Routers If I have 2 segments each connecting to a Catalyst 5000 (via GBIC fiber) in the core, do I need a router? The more I think about this, the more confused I get. Should I put in a couple of 4908G-L3 in the core? I guess I don't understand when I have to and when I don't have to use a router when connecting seperate subnets through (or using) a layer 3 switch. I understand what a layer 3 switch is, but I am confused on when I really need to use one. If I was to subnet a class B address in to 8 subnets, would I use a layer 3 switch, like a 4908G-L3 or a bunch of routers? I thought in a proper Cisco design, layer3 activities should be done at the distibution layer and not in the backbone. Thanks for thoughts and posts. --2948G-L3-[192.168.100.x]CAT5000 (core)[192.168.200.x]--2948G-L3-- _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network mgmt product..
Sorry about the Aussie Dollars. Someday I have great hope to fly down there and spread some greenbacks about. Anyway, what, dear readers, might you recommend for a 24 class C segmented network with about 3000 to 4000 hosts? Metropolitan area. Fiber. *Mostly* Cisco stuff. NT. IP only. *Some* say CiscoWorks 5.0 might do. Some say HP. Some say both. Testimonials are good. Best, G. If you have less than 50 hosts to monitor investigate CiscoWorks for Windows - it ships with What's up Gold too. Cost me about $3500 Aussie Dollars 9 months ago - about USD $1750 at the moment :-( _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Paying One's Dues (was: Re: Need Advice)
Want some advice? Pay your dues in a K-12 public sector job. Lots of action in today's educational technology buzz-word world. Pay is generally terrible, but the exposure can be significant. A good resume stuffer. Best, G. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Diagnosing Internet connection problems
I have used my Network General (now, alas, Network Associates) WAN sniffer with great success. I have used the V.35 connector to the router for full and muxed T1s. This is a great, must-have, keep-'em-honest tool. War stories? I've locked three vendors in my MDF and bluntly said, "No one leaves until all fingers point at the problem and not each other." Without *my* sniffer, we'd still be there. Of course, you do need to know how to use it. Not a trivial task. Best, G. -Original Message- From: Crystal Oakes [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 26, 2000 10:54 AM To: [EMAIL PROTECTED] Subject: Diagnosing Internet connection problems My company has a T1 connection to the internet. Usually the connection speed is very fast, but sometimes very slow. Sometimes we can't even ping to anything on the internet. How can I diagnose where the problem is? If the problem is with the ISP, how can I obtain concrete proof? Thanks in advance! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CiscoWorks 5.0 trail location
Recently, someone querried about the location of a trail version of CiscoWorks 5.0. The very next thread entry was, "Never mind, I found it!" The actual location, however, remained an unpublished mystery. Who might share the authenticity and actualy location of such an offer? Best, G. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Sniffer Pro 3.5
"A kinder and gentler nation." I've used Sniffers since the (long lamented) Network General days. Support before, during and after sales was one of N.G.'s best traits. As far as useage is concerned, try and get some training. N.G. had very good training, at one time, in geographically pleasing locations. Sales types will say,"It tells you the answer in plain English!" While the expert systems analysis does help get you into the troubleshooting ball park, it is a well know fact that computer people don't speak "plain English". This is a *must have* tool, but it does require some dedication to master. Best, G. -Original Message- From: William E Gragido [mailto:[EMAIL PROTECTED]] Sent: Friday, October 20, 2000 10:37 AM To: Charles Nunie; [EMAIL PROTECTED] Subject: RE: Sniffer Pro 3.5 I don't mean to be rude man, but why on God's green earth would you buy a product like Sniffer Pro without the slightest friggin inclination as to what it does? To: [EMAIL PROTECTED] Subject: Sniffer Pro 3.5 Hi everyone, I bought this Sniffer Pro 3.5 which looks great. Can I have a URL where I can info on the best way to understand and use it? Regards, "There's a little fruitcake in all of us." J. Buffet gfh _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BVIs, IRBs, and L3 Switching
I'm having some difficulty getting bridge-group routing to happen. Static routing happens just ducky between two IP addressed interfaces. IRB is enabled. Bridge group 64 (my number of the month) remains painfully silent as the packets bounce back and forth, back and forth, between a routed port and the default gateway downstream. The (sparse) manual has been followed, but the BVI class C virtual interface will neither route nor respond. The example scripts at Cisco were quite instructive. They do not, however, assign routed interfaces a direct IP address, instead relying on this BVI scheme. The very one I can't get to work. Anyone out there with similar equipment, having time, might drop a piece of wisdom this way. Best, G. "Be strict in what you send, and forgiving in what you receive." -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- George Hartnell, Network Supervisor Bellingham School District, 1306 DuPont St. Bellingham, Wa. 98225-3198 (360)647-6860 [EMAIL PROTECTED] Internet Mail _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: One last Layer3 switching ?[Not!]
The easy config -- switch = router gives the 24 collision domains. The easy config, give one interface one network address, route somehow (static -- OSPF), and off you go. What if, say, you want two (or three or ten) switch/router ports as a single virtual bridge/hub/switch? The not-unusual collapse of a server or two to the MDF for a specific VLAN/subnet is such a 'typical'. How might one cleverly use the 2948G-L3 (and relatives) BVI/IRB system to route selected ports for multiple VLANs (e.g., in G-L3'ese "BVI and bridge groups with Integrated Routing and Bridging")? These are not just 'how-to's', but understanding just how the L3 fits into 'The Cisco Way' is indeed an enjoyable journey. Welll, mostly enjoyable. Very best, G. -Original Message- From: Scott Jensen [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 05, 2000 12:50 PM To: NetEng Cc: [EMAIL PROTECTED] Subject: Re: One last Layer3 switching ? You are correct in the part of 24 separate collision domains which also allows you to put the 24 ports in Full Duplex mode. The part about 24 broadcast domains would only hold true if each port were in a different VLAN no 2 ports in the same VLAN. I.E. a port is an isolated collision domain and a VLAN is an Broadcast domain. Scott NetEng wrote: I understand the layer3 switching concept, but what happens to broadcast based services? On a 24 port layer3 switch module are there 24 collision/broadcast domains? **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: [Practical]Layer3 switching - More Clarification
The theory of layer 3 switching is fairly straightforward, logically and physically. The implementation of a well designed network integrating L3 with VLANs/BVIs, channels and tunnels is less immediately apparent. As aforementioned in a previous thread comment, Cisco does have some setup configs published at the CCO. I think all of us could use a 'best practice setup for multiple VLANs, dynamic VLAN issues, QOS, and some other details found in an L3 switch like the 2948G-L3. Best, G. first of all a switch will always switch faster than a router since the router has a processor and a switch has a ASIC specific for switching. now a router not only switches the packets but will process it for access restrictions and queueing. thus slowing things down compared switches that perform none of this. sure remove all these aspects and you come closer to a switch, but remember the router still has more overhead to deal with in keeping routing tables up to date. ---etc--- --etc-- -etc-- **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Layer 3 switching
Quoth someone below:"2948G-L3 -- Basically a 48-port router!" Yes, as aforementioned, the 2948G-L3 *can* reside quite readily in Layer 3 land, and configured that way, per port. But, L3 land isn't really switch land, and to just view the G-L3 as a 48 port high-speed router is not getting your Cisco 'bang-for-the-buck". Don't forget ISL/802.1q, VLAN fun, I)ntegrated R)outing and B)ridging and B)ridge V)irtual I)nterfaces. Those nifty, but, for me at least, complex integrations, are a real instructive challenge to your BCSN tasks. The 2948G-L3 is a fairly new addition to the fleet. To that end, there are a couple of URLs providing *some* guidance for setup. Be warned, however, that a good grasp of Cisco LAN Switching should be a prerequisite. Oddly enough, Cisco Press has a book of that title. It's a worthy read. http://www.cisco.com/warp/public/473/25.html http://www.cisco.com/warp/public/473/29.html http://www.cisco.com/warp/public/473/29.html http://www.cisco.com/univercd/cc/td/doc/product/l3sw/2948g-l3/rel_12_0/7wx51 5a/config_g/bridging.htm#23388 http://www.cisco.com/univercd/cc/td/doc/product/l3sw/2948g-l3/rel_12_0/7wx5 15a/config_g/bridging.htm#23388 There is one other link at the Cisco site concerning ISL links to a 2924XL. Don't have that one handy. If any of you gentle readers have some more sample configs, please don't hesitate to contact me, as I'm still fighting the battle. Best, G. "Be strict in what you send, and forgiving in what you receive." -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- George Hartnell, Network Supervisor Bellingham School District, 1306 DuPont St. Bellingham, Wa. 98225-3198 (360)647-6860 [EMAIL PROTECTED] Internet Mail -Original Message- From: Guyler, Rik [EESUS] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2000 9:00 AM To: Cisco Groupstudy (E-mail) Subject: RE: Layer 3 switching 2948G-L3 -- Basically a 48-port router! -Original Message- From: Fowler, Joey [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2000 11:19 AM To: [EMAIL PROTECTED] Subject: Layer 3 switching I know there has been much discussion on this in the past, but I want to make sure that I understand it. Layer 3 switching is the equivalent of routing, but is usually referred to as Layer 3 switching because it's designed for high speed LAN traffic. Assuming the above is correct what are some examples of a regular routers vs. layer 3 switch? I'm guessing the 2500 series routers would be regular but what would be a good example of a layer 3 switch? Thanks, Joey Fowler Senior Network Engineer Foodtrader.com **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]