Re: PRI to PRI - HELP !!! [7:74433]
Of course, if you're in the UK, you are (I think) probably using ETSI ISDN, so the physical config would actually be something like... controller E1 0 clock source line primary pri-group timeslots 1-31 interface Serial0:15 isdn switch-type primary-net5 ! rest of interface config... That's from an AS5300 running 12.2 - you may want to check that the defaults for framing etc match the 2611XM and your IOS. Dunno about the UK, but here it's possible to purchase PRI services in 10, 20 or 30 channels. I assume that's what you're referring to with 15 channels? JMcL Dave Madland wrote: Robert Bentley wrote: Hi I'm slowly getting my teeth into the world of cisco - but I am struggling to set up the following. I have two Cisco 2611XM routers, each with a serial card and a PRI card. I have set up the serial interfaces with a 30 bit IP address range, and the 2Mb serial link works well. I would now like to setup the PRI interfaces, to connect if ever the serial link fails. I have done this before with BRI ISDN, but not with PRI. The plan is to get all 15 channels to come into use, giving me 15x64k=1Mb link (approx) I can't find any examples on the cisco site - they all talk about a PRO dialling multiple BRI's. Can anyone assist with two sample configurations, showing the simplest way to achieve this? Many Thanks, Rob Bentley Bournemouth, UK You configure the PRI's roughly the same as two BRI's. You won't find it on CCO, at least I didn't either a few years back when I multilinked 4 PRI'a together. Also you have 24 channels in a PRI not 15. controller T1 1/0 framing esf linecode b8zs pri-group timeslots 1-24 ! interface Serial1/0:23 ip address 4.1.1.1 255.255.255.0 no ip directed-broadcast encapsulation ppp dialer idle-timeout 300 dialer string 3599327 dialer load-threshold 3 either dialer-group 1 isdn switch-type primary-ni fair-queue 64 256 0 ppp authentication chap ppp multilink no ppp multilink fragmentation OTHER SIDE: controller T1 1/0 framing esf linecode b8zs pri-group timeslots 1-24 ! interface Serial1/0:23 ip address 4.1.1.2 255.255.255.0 no ip directed-broadcast encapsulation ppp dialer load-threshold 3 either dialer-group 1 isdn switch-type primary-ni fair-queue 64 256 0 ppp authentication chap ppp multilink no ppp multilink fragmentation Dave -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74692t=74433 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Error on an interface FastEthernet of a router 374 [7:72610]
Just catching up after holidays... sorry for the late reply. I have recently been dealing with the same issue on a 3725. It's a bug. CSCea56403 and others. We upgraded to 12.3(1a) and it went away... JMcL Joseba Izaga wrote: Hi, Do you now the reason of the folowing message: 11:31:40: %GT96K_FEWAN-5-UNDERFLOW: Transmit underflow on int FastEthernet0/0 11:31:40: %GT96K_FEWAN-5-UNDERFLOW: Transmit underflow on int FastEthernet0/0 This is configuration I have on the interface interface FastEthernet0/0 ip address 63.80.132.16 255.255.255.0 ip route-cache same-interface ip policy route-map mail speed 100 full-duplex Regards, Joseba Izaga Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73218t=72610 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN Dialer time-out settings [7:72247]
I agree with Ronnie - sounds like the router isn't seeing any interesting traffic. show dialer can provide useful information. Depending on what IOS version you're running, it may show the time until disconnect. If you have more or less constant interesting traffic, it should stay near 120 seconds. If I remember correctly, debug dialer packets will show interesting packets. Use with caution (as with any debug) if you have a fair amount of traffic. Also, remember that interesting traffic has to be defined in both directions - either end can drop the link if there is no interesting traffic out of the interface for the idle-timeout. JMcL Ronnie Higginbotham wrote: Sounds like you don't have interesting traffic associated with the interface. Are you using DDR or Dialer interfaces? Are you running a routing protocol over this ISDN link? In the running-config DDR look for int bri 0 dialer-group 1 global command dialer-list protocol ip permit Dialer interfaces int dialer 1 dialer-group 1 global command dialer-list protocol ip permit If this is not setup to reset the idle timers on the interface it will disconnect at default 120 secs or what ever time you have specified with dialer idle-timeout command. Hope this helps.. Ronnie Ants wrote in message news:[EMAIL PROTECTED] Hi, Have a Dialup Cisco 3640 router with IOS 12.0(9) recently had a number of ISDN users complaining that they lose their connection after a set time once logged in successfully.. the idle-timeout on the dialer interfaces is not set..so the default is 120 seconds... promptly on 120 seconds they get chucked off the network.. when I increase this timeout to whatever amount it disconnects the user regardless but at the spefcified timeout set. thusfar only a couple of the dialer interfaces in use affected and most of them set to same settings. no upgrades or changes recently made. could this be a bug? thanks in adv. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72284t=72247 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN Config Problem? [7:65315]
Not necessarily the case for basic-net3 switch type. I have seen basic rate ETSI interfaces actuallly appear to be dead - at L1 as well as L2. Put a call through and up it comes. Pain in the neck, because you can't tell if the service is cactus without actually making a call. If anyone has any solutions do let me know :-) JMcL Troy Leliard wrote: You should definatley be getting output from debug isdn Q921 . This in effect is the D=Channel connectivity to the ISDN switch, and should always be up. If you are not getting SPI's when you debug this, then there is definatley a connectivity issue between your router and the ISDN switch? You also didn't mention where you are ? This could have an impact on the requirement of specifying your SPID's ? have u generated interesting traffic? ping to remote site. - Original Message - From: Johan Bornman To: Sent: Thursday, March 13, 2003 11:52 PM Subject: ISDN Config Problem? [7:65315] I am having difficulty getting my Cisco 803 to dial out the BRI interface. If I run the debug commands: isdn q921 and q931 with the debug ppp authentication commands, nothing happens. I have also tried different configurations but I get the same from the router.nothing. Term mon is enabled! The isdn status command shows the line as active or activated, so there is no problem with the line. I have tried the router on different ISDN lines to be sure. How do I check if my BRI interface is working? Any feedback/suggestions will be appreciated. Regards Johan Here is my config: (I have x'd out the username, password and dialer string number) CSTM#sh run Building configuration... Current configuration : 1020 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname CSTM ! enable secret 5 $1$9Y0j$fCPvbvNR8L37mwYBtD66K0 ! ip subnet-zero ! no ip domain-lookup no ip finger isdn switch-type basic-net3 ! interface Ethernet0 ip address 192.168.3.250 255.255.255.0 ip nat inside ! interface BRI0 no ip address ip nat outside encapsulation ppp dialer pool-member 1 isdn switch-type basic-net3 no cdp enable ! interface Dialer0 ip address negotiated encapsulation ppp dialer pool 1 dialer idle-timeout 300 dialer string XXX dialer load-threshold 128 outbound dialer-group 1 ppp pap sent-username XX password 7 X ! ip nat inside source list 1 interface BRI0 overload no ip http server ip classless ip route 0.0.0.0 0.0.0.0 Dialer0 ! access-list 1 permit 0.0.0.0 255.255.255.0 dialer-list 1 protocol ip permit ! line con 0 transport input none stopbits 1 line vty 0 4 password cstm login ! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65618t=65315 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF area command with advertise option [7:60550]
Howard C. Berkowitz wrote: At 1:40 AM + 1/8/03, The Long and Winding Road wrote: William Li wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi group I just happened to find there is an advertise option could be added in area area-id range ip-address mask command. The command could be like this area area-id range ip-address mask advertise. My question is, will there be any functional difference between with and without this option. As per DOC CD, option advertise means: Sets the address range status to advertise and generates a Type 3 summary link-state advertisement (LSA). But by default, when we generate a summary address in ABR without any options, the summary address will be advertised automatically, am I right? you are correct. if it is any help, Parkhurst states that the two commands area x range and area x range advertise are equivalent. there is no difference in behaviour that I have determined in my own humble experiments. Historically, when Cisco is thinking of changing a default, the show config commands will start displaying the current default (either xxx or no xxx). Later, a command to change the default will be made available, and the show command will show however the option is set. Eventually, the new default will stop displaying unless an explicit command is configured. Now, there are two ways I've seen an ABR behave when some of the more-specifics of a summary disappear from the LSDB. On Cisco, the summary continues to be advertised. This increases black-holing but also improves stability. In Bay/Wellfleet/Nortel RS, if some more-specifics disappear, the ABR stops advertising the summary and only passes the available more-specifics. This technique does avoid blackholes but causes more churn. Both interpretations/implementations have valid applications, and I've always wished Cisco supported both. I wonder if we have seen a slightly warped command release strategy here, and there is a conditional no-advertise in the works that will allow the Nortel-like behavior as well as the Cisco behavior. Eh-hem. From the 12.2 IOS command reference. area area-id range ip-address mask [advertise | not-advertise] [cost cost] not-advertise (Optional) Sets the address range status to DoNotAdvertise. The Type 3 summary LSA is suppressed, and the component networks remain hidden from other networks. Was that what you were after? I've never tried using this command - the description sounds like it just plain doesn't advertise it, whether more-specifics are around or not (why would you want that behaviour? To suppress all knowledge of the networks?) Perhaps it also needs a conditional-advertise option? It's been around since at least 12.0 - maybe longer. JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60578t=60550 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: frame relay stumper [7:60567]
Have you checked the underlying PVC? show frame pvc, debug frame lmi, beat up carrier? I have seen PVCs misconfigured by the carrier so they connected to *somewhere*, so the sub-interface was up... but the PVC wasn't connected to the service it was supposed to be connected to, so not much was usefully happening across the link. JMcL Mark W. Odette II wrote: What about bouncing the 7500... if you did the 2500, and your problem wasn't resolved, it might just repair itself by doing the same to the 7500 (during a good maintenance window of course :) ) And, of course, everything that Chuck said too :) -Mark -Original Message- From: The Long and Winding Road [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 07, 2003 10:24 PM To: [EMAIL PROTECTED] Subject: Re: frame relay stumper [7:60567] sanitized configs would help immensely. including other subinterfaces that work as well as the ones that don't. from both sides. also, IOS versions, numbers of subinterfaces,etc. thanks -- TANSTAAFL there ain't no such thing as a free lunch Mossburg, Geoff (MAN-Corporate) wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... How's this for nutty: We have a frame-relay point-to-point circuit going between our Cisco 7500 core router and a 2500 remote router, and the subinterfaces have IP addys of .1 and .2, respectively. Both sides' subinterfaces are up/up, but I am not able to ping either IP address, even when I am on the host router for each address! Both sides have other working subinterfaces which I have tested similarly, and these use the same physical circuit, so I know the circuit is good. OH... and this connection WAS working at some point, but I can't tell when it stopped working, due to the fact that neither router recognizes that there is a problem. I tried bouncing both subinterfaces and reloading the 2500, but the problem remains. Any advice about what I may be overlooking would be a Godsend. Thanks! GM Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60579t=60567 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Study Product Design Discussion [7:59970]
Going back to something from the previous thread... (LaWR wrote...) BTW, I am not so sure I agree that lab writing is a CCIE skill set. I'd like you to elaborate more on why you believe that the ability to write a good lab is indicative of CCIE level skill. Maybe some other folks have some thoughts on this as well. (Howard responded...) Well, maybe not commercial-grade lab writing, but if you can't write a lab with functions that build on one another, how are you going to get inside the minds of the lab developers? JMCL: So Howard, does that mean that you feel that lab writing is a skill set required to pass the CCIE lab, rather than necessarily being a skill set that a CCIE should have? Or do you feel that lab writing is a skill set that is also useful in a commercial environment (not a certification-oriented environment, but an enterprise design/troubleshooting environment, say)? Howard C. Berkowitz wrote: Well, as a first step to civility, I've changed the name of the thread to something neutral. At 3:19 PM + 12/30/02, MikeS wrote: Howard, I second the vote for a discussion.. assuming all parties can keep it civil and not have degenerate into the *mine is better then yours*... I know different vendors have different goals and ways to obtain the goals with their products. It would interesting to hear about the differences. MikeS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59986t=59970 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Collision [7:59590]
A late addition to the thread... Priscilla is correct about using full duplex if it's a point to point link - as long as the other end supports full duplex - not all of the older routers do. Another point to note is that the reported reliability of this link is only 250/255. Anything less than 255/255 is usually Not A Good Thing in my experience. But yeah, as at least one other poster has said - clear your counters and have another look to see what's happening NOW. JMcL Priscilla Oppenheimer wrote: The interface is set to half duplex. Collisions are a normal part of half duplex Ethernet. However, do you really need it to be confiugred as half duplex? What does it connect to? If it connects to a single port like a router or switch port or to a single workstation or server, then you can use full duplex. In other words, if it's a point-to-point link, then you can use full duplex, and no collisions will occur. Both ends should be configured as full duplex (or to use auto negotiation). If it connects to a shared network, like a hub, then it must use half duplex and you will get collisions. They are not a problem. The Ethernet interface retransmits if there is a collision. Priscilla Steiven Poh-\(Jaring MailBox\) wrote: Dear All, My network have collision is this good sign?? Please help!!! FastEthernet0/48 is up, line protocol is up Hardware is Fast Ethernet, address is 000a.f477.662c (bia 000a.f477.662c) MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, reliability 250/255, txload 5/255, rxload 9/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Half-duplex, 10Mb/s input flow-control is off, output flow-control is off ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:16, output 00:00:00, output hang never Last clearing of show interface counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 36 bits/sec, 73 packets/sec 5 minute output rate 227000 bits/sec, 51 packets/sec 1363328 packets input, 543353391 bytes, 0 no buffer Received 35975 broadcasts, 234208 runts, 0 giants, 0 throttles 234208 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 9715 multicast, 0 pause input 0 input packets with dribble condition detected 19819113 packets output, 2197938874 bytes, 2308379 underruns 0 output errors, 127070 collisions, 1 interface resets 0 babbles, 0 late collision, 11950 deferred 0 lost carrier, 0 no carrier, 0 PAUSE output 2308379 output buffer failures, 0 output buffers swapped out Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59940t=59590 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Caller ID [7:59602]
Going through the old posts... You may need to get your ISDN provider to set this up. It may be an extra cost feature. If it's working, you should be able to see the number using show isdn active or similar. It may depend on the switch type for all I know - I'm used to ETSI. JMcL =?iso-8859-1?B?U2VtaWgg3HN0/G4=?= wrote: Dear group members, I have a pri line that serves both bri and asynchronous backup lines and want to see caller party's telephone numbers. how can i see that? i tried show isdn subcommands and dialer subcommands but it doesn't work. Thanks. Semih \st|n Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59941t=59602 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Way OT - help desk [7:59946]
I came across this on a completely non-IT mailing list. Thought some might be amused by it. An interesting tech support problem... The phone rings: tech support: hello computer tech support customer: hello my computer was making a strange hissing noise last night and this morning when I turned it on there was a crackling noise and some smoke then nothing, if I bring it in can you fix it? The problem? See http://www.uq.edu.au/education/extra/all.html ... JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59946t=59946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT - network modelling and end-to-end monitoring [7:58087]
Has anyone used any network modelling tools, or end to end (performance) monitoring tools, that are actually suitable for a large network (more WAN than LAN) with many diverse and non-standard applications? I.e., are there any tools out there that are actually SCALABLE, and cope with more than just ethernet? Any recommendations or comments welcome - drop to my email rather than the list if you feel it's getting too off topic. JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58087t=58087 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: full duplex or half duplex, how can you tell [7:57431]
The Long and Winding Road wrote: John Tafasi wrote in message news:200211141056.KAA04663;groupstudy.com... Hi, I have a cisco 2516 router with an ethernet interface. How can I find out if this inteface is full duplex or half duplex? plug it into a full duplex 100 mbs switch port and see if link occurs? seriously, I believe all routers in the 25xx line are 10/half. there is no report on speed and duplex on routers that I can find. show int on a switch gives you a status Encapsulation ARPA, loopback not set Keepalive set (10 sec) Auto-duplex, Auto-speed even on a router with a port that do duplex changes ( 3640 NM-4E )there is no status. Interesting - I'd never twigged to this. A FastEthernet port certainly gives this information Full-duplex, 100Mb/s, 100BaseTX/FX but an ethernet port on the same router (a 3600) doesn't show it. I'd guess that the code for 'show ethernet' on the routers that do support full-duplex comes straight from the routers that don't support it ;-) I don't have access to a router with a port that permits speed and duplex changes.so I can't compare. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57471t=57431 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF adjacencies [7:57410]
Priscilla Oppenheimer wrote: Peter van Oene wrote: Nov 14 11:51:14.121 ESuT: OSPF: Rcv DBD from x.x.x.x on Channel6/0 seq 0x3DCDF2DA opt 0x2 flag 0x7 len 32 mtu 0 state EXCHANGE Nov 14 11:51:14.121 ESuT: OSPF: Send DBD to x.x.x.x on Channel6/0 seq 0x3DCDF2DA opt 0x42 flag 0x2 len 1472 My money is on either the mtu mismatch (master seems confused here) or the multicast nature of dbd process cause folks to get confused. Bit 2 in options is the E bit where set (0x2) means stub and unset means normal area. After sending my message, I did some sniffing of books and RFCs and packets with both EtherPeek and the NAI Sniffer and discovered that the OSPF Options field has been in flux over the years. As a former programmer, I would start with Bit 0. That's the low-order bit in the 2^0 place. Doyle in Routing TCP/IP, and the NAI Sniffer, call Bit 0 the T bit. Is is supposedly used to specify whether the router supports routing based on the Type of Service bits. RFC 2328 says that bit is undefined, I was glad to see. (Routing based on the TOS bits never panned out). Bit 1, or the bit in the 2^1 place, is the E bit. Both routers in this scenario are setting it. Both agree on the stubbiness of the area, so that should be fine. Bit 3 is the O bit and setting it refers to ones capability with opaque LSAs. Calling it Bit 3 is confusing. It's in the other nibble, for one thing. It should be called Bit 6 and it is the Opaque (O) bit, per RFC 2370, as you mentioned. The Sniffer got this right. Doyle and EtherPeek don't mention it. This won't help JMcL (sorry) but here's how the option bits are defined per RFC 2370: * | O | DC | EA | N/P | MC | E | * | E-bit This bit describes the way AS-external-LSAs are flooded. MC-bit This bit describes whether IP multicast datagrams are forwarded. N/P-bit This bit describes the handling of Type-7 LSAs. DC-bit This bit describes the router's handling of demand circuits. EA-bit This bit describes the router's willingness to receive and forward External-Attributes-LSAs. O-bit This bit describes the router's willingness to receive and forward Opaque-LSAs. It does help, in that I can pretty much disregard the 0x42 options field as a problem. Sorry if this was a BIT to bit-picky. ;-) I agree with Peter that MTU seems the suspicious issue. Of course, MTU should have different values depending on which layer you are referring to and it's hard to know what one specific configuration for a particular implementation (like on the mainframe) expects, so this could certainly be an area for concern. Let us know what you find out JMcL. Thanks. Will do - I have passed on various suggestions to the mainframe guru who is dealing with it (including the possibility of it being a multipoint issue), but she is dealing with another couple of things as well so this probably won't get a quick resolution (it's not causing a problem until something else breaks ;-) I think it is probably not mismatched MTUs in the sense of a simple configuration incompatability, because there are working adjacencies which use the same value as the non-working ones (and the same value as on the router). But I think it probably is MTU somehow - perhaps a flow-on effect from another part of the config is affecting the value actually used. JMcL Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57489t=57410 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF adjacencies [7:57410]
OK, I'll admit this is a real-life problem, not strictly a study question. I have a couple of OSPF adjacencies that refuse to start up. Just to make this entertaining, these are not router to router - they are Cisco to mainframe, over a CIP. Five IP stacks neighbour the router - two are OK, three get stuck in EXSTART/EXCHANGE. The five IP stacks also connect to a different router, and these adjacencies are fine. It looks to me like the classic MTU mismatch symptoms, but a printout of the m/f definitions shows the MTUs to be 4096, as does show int on the router. I'll get the m/f guru to check the definitions for white space - I don't know if that will affect it. There have been various m/f changes lately (and a couple of router ones) errors may have crept into the configs. What has me baffled is some of the debug output from the router (debug ip ospf events). Nov 14 11:51:14.121 ESuT: OSPF: Rcv DBD from x.x.x.x on Channel6/0 seq 0x3DCDF2DA opt 0x2 flag 0x7 len 32 mtu 0 state EXCHANGE Nov 14 11:51:14.121 ESuT: OSPF: Send DBD to x.x.x.x on Channel6/0 seq 0x3DCDF2DA opt 0x42 flag 0x2 len 1472 The debug doco isn't particularly detailed for this command, but I assume opt refers to the options field. RFC 2328 seems to think that the first two bits of the options field should be cleared, so the value of 0x42 being sent by the router surprises me. Obviously the value of MTU being reported in the received DBD is also a concern! Other debug output indicates that the m/f sends the same DBD several times (same seq), which the router acks, then after this is received several times the router claims Nov 14 11:51:20.037 ESuT: OSPF: EXCHANGE - OPTIONS/INIT not match Nov 14 11:51:20.037 ESuT: OSPF: Bad seq received from 92.1.2.20 on Channel6/0 Is anyone aware of any other gremlins that cause similar symptoms? Or any other ideas? Thanks, JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57410t=57410 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF adjacencies [7:57410]
Priscilla Oppenheimer wrote: Jenny McLeod wrote: OK, I'll admit this is a real-life problem, not strictly a study question. I have a couple of OSPF adjacencies that refuse to start up. Just to make this entertaining, these are not router to router - they are Cisco to mainframe, over a CIP. Five IP stacks neighbour the router - two are OK, three get stuck in EXSTART/EXCHANGE. The five IP stacks also connect to a different router, and these adjacencies are fine. It looks to me like the classic MTU mismatch symptoms, but a printout of the m/f definitions shows the MTUs to be 4096, as does show int on the router. I'll get the m/f guru to check the definitions for white space - I don't know if that will affect it. There have been various m/f changes lately (and a couple of router ones) errors may have crept into the configs. What has me baffled is some of the debug output from the router (debug ip ospf events). Nov 14 11:51:14.121 ESuT: OSPF: Rcv DBD from x.x.x.x on Channel6/0 seq 0x3DCDF2DA opt 0x2 flag 0x7 len 32 mtu 0 state EXCHANGE Nov 14 11:51:14.121 ESuT: OSPF: Send DBD to x.x.x.x on Channel6/0 seq 0x3DCDF2DA opt 0x42 flag 0x2 len 1472 The debug doco isn't particularly detailed for this command, but I assume opt refers to the options field. I would assume it means Options too. RFC 2328 seems to think that the first two bits of the options field should be cleared, so the value of 0x42 being sent by the router surprises me. It surprises me too from what I've read and seen in Sniffer traces! I'm guessing that it's not a problem though. It's an unused bit, so it can probably be set either way and the recipient ignores it? JMcL: That's what I'm hoping. The RFC says it should be cleared, but it also says that receiving stations should ignore unrecognised bits ;-) Obviously the value of MTU being reported in the received DBD is also a concern! I've read that the MTU is set to zero for virtual links. Could the mainframe think it's a virtual link?? JMcL: Possibly. Or at least it might be something to do with this. After a bit more snooping around the mainframe definitions, we've found that a definition for a virtual interface on the m/f (sort of the equivalent of a loopback interface on a Cisco) has an MTU value defined for the non-working (or at least not completely working) IP stacks but not for the working stacks. Whether this has anything to do with the problem is, as yet, unknown, but it's one more thing for the mainframe guru to try fiddling with. Pardon if the description isn't very clear - I'm not very familiar with the mainframe end of this. Other debug output indicates that the m/f sends the same DBD several times (same seq), which the router acks, then after this is received several times the router claims Nov 14 11:51:20.037 ESuT: OSPF: EXCHANGE - OPTIONS/INIT not match Nov 14 11:51:20.037 ESuT: OSPF: Bad seq received from 92.1.2.20 on Channel6/0 Is anyone aware of any other gremlins that cause similar symptoms? Or any other ideas? Could there be some sort of connectivity problem and the router's ACKs aren't really getting to the mainframe??? I'm thinking that just because the router's debug says the router is sending something it doesn't mean it really got there. Like one hand clapping? JMcL: I don't think it's a *physical* connectivity issue, because hellos get through OK (apparently in both directions or the m/f wouldn't send DBDs at all, yes?) But it does look like the m/f is ignoring/not seeing the DBDs from the router, which I think is what it should do if the MTU advertised by the router is larger than what the m/f thinks it should be. I wish I could be more help. Normally I wouldn't even attemp to answer an OSPF question, but Chuck has been AWOL for a while. Where's Pamela when we need her? ;-) Priscilla Thanks, JMcL JMcL: we have a few things to try now on the mainframe end - including the old standard of swap the order of the configuration items and see what the problem does. Obviously, being a core part of the network, interruptive testing is limited, but I'll bung up the resolution eventually (assuming we find one ;-). I think it's more likely to need a fix at the mainframe end, not the Cisco end. Thanks, JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57417t=57410 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF adjacencies [7:57410]
Sniffer on a CIP? Not that I'm aware of. Unfortunately I can't really do any detailed debugging on the router, either, as it's a core router and crashing it due to overloading with debugging would make me rather unpopular. I don't believe a DR/BDR is required on this link - it's set to 0.0.0.0 for all the working neighbours on the link. Any hints on what might cause a bad checksum just for these neighbours? Thanks, JMcL Steven A. Ridder wrote: It looks like the options in the packets do not march. Any way to get a sniffer on there to see what each is sending as options. It could also be a priority issue if the network is a broadcast/nbma network where neither is being elected a DR? Finally, could a checksum be bad? -- RFC 1149 Compliant. Jenny McLeod wrote in message news:200211140127.BAA14210;groupstudy.com... OK, I'll admit this is a real-life problem, not strictly a study question. I have a couple of OSPF adjacencies that refuse to start up. Just to make this entertaining, these are not router to router - they are Cisco to mainframe, over a CIP. Five IP stacks neighbour the router - two are OK, three get stuck in EXSTART/EXCHANGE. The five IP stacks also connect to a different router, and these adjacencies are fine. It looks to me like the classic MTU mismatch symptoms, but a printout of the m/f definitions shows the MTUs to be 4096, as does show int on the router. I'll get the m/f guru to check the definitions for white space - I don't know if that will affect it. There have been various m/f changes lately (and a couple of router ones) errors may have crept into the configs. What has me baffled is some of the debug output from the router (debug ip ospf events). Nov 14 11:51:14.121 ESuT: OSPF: Rcv DBD from x.x.x.x on Channel6/0 seq 0x3DCDF2DA opt 0x2 flag 0x7 len 32 mtu 0 state EXCHANGE Nov 14 11:51:14.121 ESuT: OSPF: Send DBD to x.x.x.x on Channel6/0 seq 0x3DCDF2DA opt 0x42 flag 0x2 len 1472 The debug doco isn't particularly detailed for this command, but I assume opt refers to the options field. RFC 2328 seems to think that the first two bits of the options field should be cleared, so the value of 0x42 being sent by the router surprises me. Obviously the value of MTU being reported in the received DBD is also a concern! Other debug output indicates that the m/f sends the same DBD several times (same seq), which the router acks, then after this is received several times the router claims Nov 14 11:51:20.037 ESuT: OSPF: EXCHANGE - OPTIONS/INIT not match Nov 14 11:51:20.037 ESuT: OSPF: Bad seq received from 92.1.2.20 on Channel6/0 Is anyone aware of any other gremlins that cause similar symptoms? Or any other ideas? Thanks, JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57418t=57410 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF adjacencies [7:57410]
_ OneZero543 _ wrote: Why Not Try - IP OSPF MTU-IGNORE on the router(s). Don't try matching 4096. Later 'Cause I think it would have to be put on the mainframe end, and I doubt that such a knob exists there. In any case, since this is *not* a Cisco to Cisco connection, but Cisco to mainframe, I'd rather steer away from proprietary oddities that don't really fit the OSPF RFC. Compatibility is enough of an issue as it is. JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57422t=57410 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: question on isdn using PPP chap [7:57313]
Connie Nie wrote: Hi, group! I have been trying to figure out how dialer remote-name is used/or not used in the ppp process but without success. Here is what I understand the ppp chap process work: R1 calls R2 R2 challenges R1. Together with the random no and seq. no, r2 also send its hostname as specified by Hostname or ppp chap hostname, in this case, let's say it is R2 R1 looks up the password for R2, sends the response back with its own hostname, in this case, R1 R2 looksup the password for R1, use the password as one of the elements to generate hash value, compare it with R1's response, and makes decision. ---I didn't see dialer remote-name being used in this whole process. the name exchanged are specified with either hostname, or ppp chap hostname, and password lookup uses username ... password. Yet Caslow book states that dialer remote-name statement is critical for the called party. It must match the calling parties' host name or ppp chap hostname. Why is it so? Can someone shed some light on this? Thank you. Connie Nie I was going to make a smart-alec response and say because otherwise it doesn't work (because I am sure I've seen calls fail for this reason), but I thought I'd be more helpful, so I changed the remote-name on a test router and dialled up with some debugs on. Much to my surprise, the call worked (with the debugs indicating that CHAP authenticated using the real router names). I realised that the name I'd changed it to had a user-name statement defined, so I removed that. Still worked. Wondered if there was something left in a cache somewhere, so changed the remote-name to something daft. Still worked. This is using 11.2 IOS calling 12.1 IOS, and it may well depend on the precise configuration. I will note, however, that the dialer remote-name can be used without using PPP. Many moons ago we had a setup where the dialer remote-name was used to distinguish incoming calls and use the correct dialer interface. An incorrect dialer remote-name here certainly caused the call to fail (unless there was only one dialer interface defined, in which case,due to a bug, the remote-name was ignored). This was probably using IOS 11.2 or 10.3. JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57331t=57313 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN/DDR - Bandwidth on Demand [7:57038]
Hmm.. configs and routing tables might give a clue. My guess is that your serial line is still seen as the preferred route. By the way, be aware that depending on the bandwidth of your serial link, and your configuration, the extra bandwidth of the ISDN may be more hindrance than help. I haven't played with this using EIGRP (I'm more familiar with OSPF), so the variance command may get around this, but if you have (say) a 512 kbps serial link, and you add a 64kbps ISDN channel, and you have equal cost routes across them... you suddenly have 128 kbps of effective bandwidth in total. Not pretty. i know EIGRP can do unequal load balancing - I don't think it's automatic though (I'm sure someone will correct me if I'm wrong). JMcL =?iso-8859-1?Q?Jens_von_B=FClow?= wrote: Greetings, I am trying to configure bandwidth-on-demand between two internal routers - I have so far managed to setup the DDR interface and been able to specify the backup and load parameters to activate the ISDN line... All works as expected. When the serial interfaces goes down the dialer interfaces kicks in and calls the remote site and connectivity is restored. My problem is that during periods of heavy load the ISDN line is activated and the calls is placed and connected (as expected) - I can ping the remote ISDN interfaces without any problems, from both routers - I have checked my EIGRP settings and I can see the topology database being updated with the new routes. However, no packets are actually sent over the ISDN line (I have even tried to no ip route-cache on the serial interface, but this has not made a difference. When the load eventually drops down below the threshold values (no thanks to the ISDN line), the ISDN line is release and the dialer interface goes back into standby mode. How do I get the ISDN line to participate in the send of traffic (I have tried searching the www.cisco.com website - but I have not found any example that are able to help me out) I look forward to any example configurations and or pointers. Thanks Regards Jens Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57253t=57038 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP Support Passed [7:56995]
Congratulations, Symon. Top Down Network Design is a good read, period. It's not specifically oriented towards the CCDx exams, but it's very useful for that anyway. JMcL Symon Thurlow wrote: Hi all, Phew, 2nd time around passed support no problem. The first time I underestimated the difficulty of the exam. Since I had supported/installed/configured lots of Frame Relay and ISDN installs, and a bit of switching, I thought I could breeze through it. The exam is more in depth than day to day stuff. That's it for CCNP yay! I am going to begin CCDA and CCDP now, I remember reading somehwere that Priscilla's book- Top Down Network Design was a good read for the CCDP exam, is this correct? Cheers, Symon Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57015t=56995 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Getting slightly back on Topic - VOTE [7:56758]
Priscilla Oppenheimer wrote: Jenny McLeod wrote: I obviously have no idea what has been proposed for the US elections. However, at the last ACT (Australian Capital Territory) election in 2001, a trial of electronic voting was held, and was generally considered to be a success. More information, including a technical description of how it works, is at http://www.elections.act.gov.au/Elecvote.html Cool. Thanks. It even includes a link to the source code, although I have not had a look at that. Seems to be a slightly different approach to that used in Palm Beach. The executive summary is quite a good (non-technical) overview. Note that the ACT is a geographically small area, which means that physically transporting equipment from polling places to the tally room is feasible - at least for a trial (there are some comments in the executive summary about the logistics of expanding electronic voting). Oh, I hadn't thought of that. I bet they do physically transport the touch-screen computers. Never underestimate the Mbps of a truck barrelling down the highway with data! JMcL: Even easier - they use removable media to transport the data, according to the overview. And not touch-screens, but a display and keypad (and barcode reader). No point overdoing the technology when it's not required ;-) One more quick (last, I promise) comment: I heard that they are having high-school kids helping at the Florida elections, i.e. helping the senior citizens figure out the touch screens. That's kind of cool. JMcL: Given the over-enthusiasm of many teenagers I know, this may not be a good thing. Just click here, and here, and look! You've voted! Oh, isn't that who you wanted to vote for? What will it be when we're old geezers that we won't get? There will probably be some technology that the young people all get that we will be clueless about. I won't like that. ;-) Priscilla Still not a Cisco-focused thread, but at least it's back on technology ;-) JMcL Priscilla Oppenheimer wrote: [snipped] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56948t=56758 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Way Off Topic - VOTE [7:56758]
Ah, but only the Melburnians get the holiday - the rest of us just find radios or TVs at work... JMcL Symon Thurlow wrote: That always makes me laugh, having a day off to watch a horse race :) -Original Message- From: Jenny McLeod [mailto:nobody;groupstudy.com] Sent: 04 November 2002 04:37 To: [EMAIL PROTECTED] Subject: Way Off Topic - VOTE [7:56758] The Long and Winding Road wrote: For those United States residents, Tuesday is election day. No politics here. No flames here. You have a right and a privilege that is rare in today's world. Please take the appropriate amount of time to get to your polling place and exercise the right that many have fought and died for. Your vote DOES count. -- www.chuckslongroad.info And for the Aussies, Tuesday is Melbourne Cup day ;-) Enjoy the chook and champers. I know which of the two races (US and Oz) I'll be watching... (Despite my flippancy, I completely endorse Chuck's statements - it's your vote, think about it and make it count whichever way YOU want) JMcL = This email has been content filtered and subject to spam filtering. If you consider this email is unsolicited please forward the email to [EMAIL PROTECTED] and request that the sender's domain be blocked from sending any further emails. = Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56851t=56758 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Getting slightly back on Topic - VOTE [7:56758]
I obviously have no idea what has been proposed for the US elections. However, at the last ACT (Australian Capital Territory) election in 2001, a trial of electronic voting was held, and was generally considered to be a success. More information, including a technical description of how it works, is at http://www.elections.act.gov.au/Elecvote.html It even includes a link to the source code, although I have not had a look at that. Seems to be a slightly different approach to that used in Palm Beach. The executive summary is quite a good (non-technical) overview. Note that the ACT is a geographically small area, which means that physically transporting equipment from polling places to the tally room is feasible - at least for a trial (there are some comments in the executive summary about the logistics of expanding electronic voting). Still not a Cisco-focused thread, but at least it's back on technology ;-) JMcL Priscilla Oppenheimer wrote: Yes, indeed, VOTE. But, shall we take odds on the number of problems that will occur? :-) Many states are using new computerized systems. If these actually work in most cases, it will be a huge triumph for Information Technology. Back in 2000 I tried to get a discussion going about what an awful job IT did in letting states linger with 1970s punch-card technology. There were some general lessons to be learned there about the need to get rid of legacy technologies, etc.. But people thought I wanted to start a political discussion and refused to have a best practices discussion. I was bummed. ;-) But that's OK. It wasn't really Cisco-focused. But what do we know about these new computerized touch-screen systems? I heard that they were paperless. So is the data going to be transmited to a server somewhere? Are the devices connected via wireless or wired? Is there a Cisco switch? A router? How does the data get to the state authorities? How was the new system tested? What are the security issues, not to mention the reliability issues? Does it scare anyone else that we don't know anything about these systems? Shouldn't something about them be published? Did they go through a code reivew by experts in programming and security? Accoring to this article, Theresa LePore, the Queen of Chad, Supervisor of Elections in Palm Beach County, Florida, signed an agreement with Sequoia Voting Systems, the makers of Florida's new system, to protect their trade secrets, which effectively prohibits any party contesting an election from examining the machine or its programming. Scary. http://www.commondreams.org/views02/0805-07.htm Then again, maybe everything will go smoothly. If it does, it's a great credit to the programmers and network administrators who made it work and troubleshooted problems that happened in real-time. ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com The Long and Winding Road wrote: For those United States residents, Tuesday is election day. No politics here. No flames here. You have a right and a privilege that is rare in today's world. Please take the appropriate amount of time to get to your polling place and exercise the right that many have fought and died for. Your vote DOES count. -- www.chuckslongroad.info Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56875t=56758 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Way Off Topic - VOTE [7:56758]
The Long and Winding Road wrote: For those United States residents, Tuesday is election day. No politics here. No flames here. You have a right and a privilege that is rare in today's world. Please take the appropriate amount of time to get to your polling place and exercise the right that many have fought and died for. Your vote DOES count. -- www.chuckslongroad.info And for the Aussies, Tuesday is Melbourne Cup day ;-) Enjoy the chook and champers. I know which of the two races (US and Oz) I'll be watching... (Despite my flippancy, I completely endorse Chuck's statements - it's your vote, think about it and make it count whichever way YOU want) JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56785t=56758 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: isdn dual bri [7:56498]
Judging by where in the sequence the disconnect comes, have you tried turning on debug ppp auth? On the remote end as well, if you can. Mind you, I'm not sure why, on the configs given, the first two channels would come up if that was the problem. JMcL Dwayne Saunders wrote: Hi all can any one tell me why from my config that i can get the first 2 b channels up but the second 2 try to dial and the dissconnect I think I am missing something very simple. 00:02:26: ISDN BRI0/1: isdn_is_bchannel_available: No Free B-channels 00:02:26: ISDN BR0/0: Outgoing call id = 0x8005 00:02:111669190656: ISDN BR0/0: Event: Call to 0198308308 at 64 Kb/s9 00:02:26: %ISDN-6-LAYER2UP: Layer 2 for Interface BR0/0, TEI 76 changed to up 00:02:26: ISDN BR0/0: received HOST_PROCEEDING call_id 0x8005 00:02:26: ISDN BR0/0: received HOST_CONNECT call_id 0x8005 00:02:26: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to up 00:02:26: %ISDN-6-CONNECT: Interface BRI0/0:1 is now connected to 0198308308 00:02:26: BR0/0:1 PPP: Treating connection as a callout 00:02:26: BR0/0:1 PPP: Phase is ESTABLISHING, Active Open 0:02:26: BR0/0:1 PPP: No remote authentication for call-out 00:02:26: BR0/0:1 CHAP: Using alternate hostname username 00:02:26: BR0/0:1 LCP: O CONFREQ [Closed] id 4 len 22 00:02:26: BR0/0:1 LCP:MagicNumber 0x30831CF7 (0x050630831CF7) 00:02:26: BR0/0:1 LCP:MRRU 1524 (0x110405F4) 00:02:26: BR0/0:1 LCP:EndpointDisc 1 Local (0x1308017465736173) 00:02:26: ISDN BR0/0: Event: Connected to 0198308308 on B1 at 64 Kb/s 00:02:27: BR0/0:1 LCP: I CONFREQ [REQsent] id 1 len 33 00:02:27: BR0/0:1 LCP:VendorSpecific OUI 0x01 (0x0004) 00:02:27: BR0/0:1 LCP:MRU 1524 (0x010405F4) 00:02:27: BR0/0:1 LCP:AuthProto CHAP (0x0305C22305) 00:02:27: BR0/0:1 LCP:MRRU 1524 (0x110405F4) 00:02:27: BR0/0:1 LCP:EndpointDisc 1 Local (0x130801737461636B) 00:02:27: BR0/0:1 LCP:LinkDiscriminator 24066 (0x17045E02) 00:02:27: BR0/0:1 LCP: O CONFREJ [REQsent] id 1 len 12 00:02:27: BR0/0:1 LCP:VendorSpecific OUI 0x17 (0x0004) 00:02:27: BR0/0:1 LCP:LinkDiscriminator 24066 (0x17045E02) 00:02:27: BR0/0:1 LCP: I CONFACK [REQsent] id 4 len 22 00:02:27: BR0/0:1 LCP:MagicNumber 0x30831CF7 (0x050630831CF7) 00:02:27: BR0/0:1 LCP:MRRU 1524 (0x110405F4) 00:02:27: BR0/0:1 LCP:EndpointDisc 1 Local (0x1308017465736173) 00:02:27: BR0/0:1 LCP: I CONFREQ [ACKrcvd] id 2 len 25 00:02:27: BR0/0:1 LCP:MRU 1524 (0x010405F4) 00:02:27: BR0/0:1 LCP:AuthProto CHAP (0x0305C22305) 00:02:27: BR0/0:1 LCP:MRRU 1524 (0x110405F4) 00:02:27: BR0/0:1 LCP:EndpointDisc 1 Local (0x130801737461636B) 00:02:27: BR0/0:1 LCP: O CONFACK [ACKrcvd] id 2 len 25 00:02:27: BR0/0:1 LCP:MRU 1524 (0x010405F4) 00:02:27: BR0/0:1 LCP:AuthProto CHAP (0x0305C22305) 00:02:27: BR0/0:1 LCP:MRRU 1524 (0x110405F4) 00:02:27: BR0/0:1 LCP:EndpointDisc 1 Local (0x130801737461636B) 00:02:27: BR0/0:1 LCP: State is Open 00:02:27: BR0/0:1 PPP: Phase is AUTHENTICATING, by the peer 00:02:27: BR0/0:1 CHAP: I CHALLENGE id 1 len 28 from Dial IP 00:02:27: BR0/0:1 CHAP: Using alternate hostname username 00:02:27: BR0/0:1 CHAP: Username Dial IP not found 00:02:27: BR0/0:1 CHAP: Using default password 00:02:27: BR0/0:1 CHAP: O RESPONSE id 1 len 26 from username 00:02:27: ISDN BR0/0: received HOST_DISCONNECT call_id 0x8005 00:02:27: ISDN BR0/0: Event: Call to was hung up. 00:02:27: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to down 00:02:27: BR0/0:1 PPP: Phase is TERMINATING 00:02:27: BR0/0:1 LCP: State is Closed 00:02:27: BR0/0:1 PPP: Phase is DOWN 00:02:42: %ISDN-6-LAYER2DOWN: Layer 2 for Interface BR0/0, TEI 76 changed to dow n conven02# conven02# conven02# conven02# conven02# conven02# conven02#u all All possible debugging has been turned off conven02# conven02#sh ru Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname conven02 ! enable password 7 1511021F0725 ! memory-size iomem 10 ip subnet-zero no ip domain-lookup isdn switch-type basic-net3 ! ! ! interface Ethernet0/0 description connected to EthernetLAN_1 ip address 192.168.1.1 255.255.255.0 no ip directed-broadcast ip nat inside ! interface BRI0/0 description connected to Internet no ip address no ip directed-broadcast ip nat outside encapsulation ppp dialer rotary-group 1 isdn switch-type basic-net3 no cdp enable ! interface BRI0/1 description connected to Internet no ip address no ip directed-broadcast ip nat outside encapsulation ppp dialer rotary-group 1 isdn switch-type basic-net3 no cdp enable ! interface Dialer1 description connected to Internet ip address negotiated no ip directed-broadcast ip nat outside encapsulation ppp no ip split-horizon dialer in-band dialer string 12345678
Re: OSPF point-to-multipoint 32 mask [7:56136]
Ahhh.. I was wondering if we were talking at cross purposes. It seemed like a very strange position for you to be taking otherwise! All is clear now. JMcL The Long and Winding Road wrote: mm... OK, we'll chalk this one off as a failure to communicate. the original post called for similar to ccbootcamp lab 5 , but how to summary those serial to other protocol ? area 0 range 172.16.1.0 255.255.255.0 area not working on ABR either which I took to mean summarizing area 0 routes to other area 0 routers and ultimately into an external protocol. which of course cannot be done. obviously, you are talking about summarizing area 0 routes into a non-zero area, which of course, does work just fine. -- www.chuckslongroad.info Jenny McLeod wrote in message news:200210290538.FAA14601;groupstudy.com... The Long and Winding Road wrote: Jenny McLeod wrote in message news:200210280429.EAA24675;groupstudy.com... The Long and Winding Road wrote: [snipped] area 0 range 172.16.1.0 255.255.255.0 area not working on ABR either CL: well, area 0 range is an illegal command. you may be able to enter it, but it does nothing. the area range command is design to summarize non backbone routes into the backbone. if you think aout it, there is probably not a real good reaso for backbone routes to be summarized JMcL: Since when?? I use the area 0 range blah blah command (without the area at the end, if that was supposed to be part of the command above), and it certainly doesn't do nothing. As far as I've seen, it works in exactly the same way as area anything else range blah blah. All right, Miss Smarty Pants. I don't know what IOS versions you use / have been using, but I have been through this song and dance with OSPF area 0 summarization, or lack thereof for a while now. I have yet to see it work. Seriously, Jen, you know I respect your wisdom and value your advice. I am absolutely certain that I have never successfuly summarized area 0 routes over a couple of years of lab rat living. The following is from my current study pod, and the IOS version is 12.1.5T10. First, router 1 configurations. There are a number of loopbacks,containing the route addresses in question. JMcL: Are any of the relevant routes being redistributed from RIP, or are the relevant bits pure OSPF? router ospf 123 log-adjacency-changes area 0 range 100.100.0.0 255.255.240.0 redistribute rip subnets route-map rip2ospf network 99.99.99.1 0.0.0.0 area 51 network 100.100.0.1 0.0.0.0 area 0 network 100.100.1.1 0.0.0.0 area 0 network 100.100.2.1 0.0.0.0 area 0 network 100.100.3.1 0.0.0.0 area 0 network 100.100.4.1 0.0.0.0 area 0 network 100.100.5.1 0.0.0.0 area 0 network 100.100.6.1 0.0.0.0 area 0 network 100.100.7.1 0.0.0.0 area 0 network 160.160.255.0 0.0.0.255 area 0 note the summary in the R1 routing table: Gateway of last resort is not set 100.0.0.0/8 is variably subnetted, 9 subnets, 2 masks O 100.100.0.0/20 is a summary, 00:11:57, Null0 now observe router 2's table: 100.0.0.0/24 is subnetted, 8 subnets JMcL: Interesting line above. You sure that's what it said? O 100.100.0.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.1.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.2.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.3.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.4.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.5.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.6.0 [110/26] via 160.160.255.1, 00:12:54, TokenRing0 O 100.100.7.0 [110/26] via 160.160.255.1, 00:12:54, TokenRing0 99.0.0.0/32 is subnetted, 1 subnets This has remained constant through several reconfigurations and several ospf process resets. JMcL: I'm not quite clear on your setup. Pick me up if I go wrong here. R1 and R2 are connected by 160.160.255.0/24, yes? 160.160.255.0/24 is in area 0, yes? So R2 is also in area 0, yes? So why are you expecting that the backbone routes will have been summarised? You haven't left the backbone yet - you haven't crossed an area boundary (referring to the quote below). What happens if you connect R1 and R2 by a non-backbone link? It also remain true even if on R1 I use a more generic network 100.100.0.0 0.0.255.255 area 0 command. So I stand by my statement that even though you may be able to enter the commands, the fact is that you cannot summarize area 0 routes on a cisco router, at least not that I've been able
Re: OSPF point-to-multipoint 32 mask [7:56136]
The Long and Winding Road wrote: Jenny McLeod wrote in message news:200210280429.EAA24675;groupstudy.com... The Long and Winding Road wrote: [snipped] area 0 range 172.16.1.0 255.255.255.0 area not working on ABR either CL: well, area 0 range is an illegal command. you may be able to enter it, but it does nothing. the area range command is design to summarize non backbone routes into the backbone. if you think aout it, there is probably not a real good reaso for backbone routes to be summarized JMcL: Since when?? I use the area 0 range blah blah command (without the area at the end, if that was supposed to be part of the command above), and it certainly doesn't do nothing. As far as I've seen, it works in exactly the same way as area anything else range blah blah. All right, Miss Smarty Pants. I don't know what IOS versions you use / have been using, but I have been through this song and dance with OSPF area 0 summarization, or lack thereof for a while now. I have yet to see it work. Seriously, Jen, you know I respect your wisdom and value your advice. I am absolutely certain that I have never successfuly summarized area 0 routes over a couple of years of lab rat living. The following is from my current study pod, and the IOS version is 12.1.5T10. First, router 1 configurations. There are a number of loopbacks,containing the route addresses in question. JMcL: Are any of the relevant routes being redistributed from RIP, or are the relevant bits pure OSPF? router ospf 123 log-adjacency-changes area 0 range 100.100.0.0 255.255.240.0 redistribute rip subnets route-map rip2ospf network 99.99.99.1 0.0.0.0 area 51 network 100.100.0.1 0.0.0.0 area 0 network 100.100.1.1 0.0.0.0 area 0 network 100.100.2.1 0.0.0.0 area 0 network 100.100.3.1 0.0.0.0 area 0 network 100.100.4.1 0.0.0.0 area 0 network 100.100.5.1 0.0.0.0 area 0 network 100.100.6.1 0.0.0.0 area 0 network 100.100.7.1 0.0.0.0 area 0 network 160.160.255.0 0.0.0.255 area 0 note the summary in the R1 routing table: Gateway of last resort is not set 100.0.0.0/8 is variably subnetted, 9 subnets, 2 masks O 100.100.0.0/20 is a summary, 00:11:57, Null0 now observe router 2's table: 100.0.0.0/24 is subnetted, 8 subnets JMcL: Interesting line above. You sure that's what it said? O 100.100.0.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.1.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.2.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.3.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.4.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.5.0 [110/26] via 160.160.255.1, 00:12:53, TokenRing0 O 100.100.6.0 [110/26] via 160.160.255.1, 00:12:54, TokenRing0 O 100.100.7.0 [110/26] via 160.160.255.1, 00:12:54, TokenRing0 99.0.0.0/32 is subnetted, 1 subnets This has remained constant through several reconfigurations and several ospf process resets. JMcL: I'm not quite clear on your setup. Pick me up if I go wrong here. R1 and R2 are connected by 160.160.255.0/24, yes? 160.160.255.0/24 is in area 0, yes? So R2 is also in area 0, yes? So why are you expecting that the backbone routes will have been summarised? You haven't left the backbone yet - you haven't crossed an area boundary (referring to the quote below). What happens if you connect R1 and R2 by a non-backbone link? It also remain true even if on R1 I use a more generic network 100.100.0.0 0.0.255.255 area 0 command. So I stand by my statement that even though you may be able to enter the commands, the fact is that you cannot summarize area 0 routes on a cisco router, at least not that I've been able to figure out.. My position is further supported by the Cisco documentation, which states The area range command is used only with area border routers (ABRs). It is used to consolidate or summarize routes for an area. The result is that a single summary route is advertised to other areas by the ABR. Routing information is condensed at area boundaries. Sorry - how does this say that you can't summarise in either direction? I don't see how it backs up your position. http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_r /iprprt2/1rdospf.htm#xtocid4 watch the wrap Of course, I am ready to learn something new, if you've got a trick I have yet to learn. Why not summarise backbone routes for the same reasons as summarising non-backbone routes - reduce routing tables, database sizes, route change propagations etc? In regards to the wisdom of summarizing backbone routes in an OSPF network, while I was pondering your response, I went through a few ideas, and I see where it might be advantageous.. I still believe that generally speaking, one would want
Re: OSPF point-to-multipoint 32 mask [7:56136]
The Long and Winding Road wrote: [snipped] area 0 range 172.16.1.0 255.255.255.0 area not working on ABR either CL: well, area 0 range is an illegal command. you may be able to enter it, but it does nothing. the area range command is design to summarize non backbone routes into the backbone. if you think aout it, there is probably not a real good reaso for backbone routes to be summarized JMcL: Since when?? I use the area 0 range blah blah command (without the area at the end, if that was supposed to be part of the command above), and it certainly doesn't do nothing. As far as I've seen, it works in exactly the same way as area anything else range blah blah. Why not summarise backbone routes for the same reasons as summarising non-backbone routes - reduce routing tables, database sizes, route change propagations etc? JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56396t=56136 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Dreadful writing on CCNP support exam. [7:56237]
I haven't taken any Cisco exams lately so can't comment on the wording, but to be honest trying to figure out which answer is less wrong sounds like a lot of my day to day work... JMcL Roberts, Larry wrote: Are you sure you haven't taken any of the Cisco Exams ? You almost nailed it exactly. I passed all the exams with room to spare so Im not bitter, but I found myself trying to figure out which answer was less wrong than the others :) Thanks Larry -Original Message- From: Howard C. Berkowitz [mailto:hcb;gettcomm.com] Sent: Sunday, October 27, 2002 12:37 PM To: [EMAIL PROTECTED] Subject: RE: Dreadful writing on CCNP support exam. [7:56237] At 1:31 PM + 10/27/02, Joshua Barnes wrote: I thought the routing exam was the worst offender for ambiguity. CIT a close second. The ultimate ambiguity would be if you couldn't decide which of the two was worse. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56397t=56237 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: run VoIP on a frame network at BIR instead of [7:55833]
John, Yes, and No. We still run IPX over our network (don't ask). JMcL John Brandis wrote: Hi Jenny, Is your carrier Telstra ? Do you use Telstra TPIPS for your cloud/next hop router ? John Sydney, Australia -Original Message- From: Jenny McLeod [mailto:nobody;groupstudy.com] Sent: Wednesday, October 23, 2002 9:17 AM To: [EMAIL PROTECTED] Subject: Re: run VoIP on a frame network at BIR instead of [7:55833] Depends on the frame switch, I think. I asked our telco about this as well (quite a while ago), and they said that on entry to the cloud, they automatically reset any DE bits set. So either way, your scheme isn't likely to work, but how much of a negative effect it has will depend on whether your telco drops entering DE packets or just resets the DE bits. JMcL Steven A. Ridder wrote: This was Cisco's old theory. In theory, it would work, but in reality, if the frame switch saw a packet come into it's ingress interface with the packet already marked DE, it will drop it because it was unexpected. I asked the telco's your question last year and that's the answer they gave me. Cisco seems to have abandoned that theory a while ago, which is probably why you haven't seen it written anywhere. dj wrote in message news:200210171534.PAA26762;groupstudy.com... Running a VoIP application over a frame-relay network with 256k CIR and 512k BIR. From the LLQ docs I reviewed, to guarantee good voice quality, traffic shaping all frame traffic to CIR is recommended along with LLQ of voice packets. Would like to take advantage of BIR bandwidth and still guarantee voice packets are not dropped by the frame relay switch network when congestion occurs. Here are my thoughts: What if the router were to pre-mark all data packets as Discard Eligible (DE) on the outbound serial interface connected to the frame network. Voice packets would NOT be marked DE. Then run up to BIR rates with LLQ prioritization for voice. Would the carrier frame network switches drop only the pre-marked DE data packets (by the router) when congestion occurred and NOT drop any voice packets? I haven't found any Cisco links that addressed QOS in this fashion. Any links on this topic would be greatly appreciated. The objective is to squeeze more bandwidth (BIR vs CIR) out of your frame relay network without dropping any voice packets. Why would this not work and what are the caveats? regards, dj ** visit http://www.solution6.com UK Customers - http://www.solution6.co.uk * This email message (and attachments) may contain information that is confidential to Solution 6. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Solution 6 are neither given nor endorsed by it. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56398t=55833 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: run VoIP on a frame network at BIR instead of [7:55833]
Depends on the frame switch, I think. I asked our telco about this as well (quite a while ago), and they said that on entry to the cloud, they automatically reset any DE bits set. So either way, your scheme isn't likely to work, but how much of a negative effect it has will depend on whether your telco drops entering DE packets or just resets the DE bits. JMcL Steven A. Ridder wrote: This was Cisco's old theory. In theory, it would work, but in reality, if the frame switch saw a packet come into it's ingress interface with the packet already marked DE, it will drop it because it was unexpected. I asked the telco's your question last year and that's the answer they gave me. Cisco seems to have abandoned that theory a while ago, which is probably why you haven't seen it written anywhere. dj wrote in message news:200210171534.PAA26762;groupstudy.com... Running a VoIP application over a frame-relay network with 256k CIR and 512k BIR. From the LLQ docs I reviewed, to guarantee good voice quality, traffic shaping all frame traffic to CIR is recommended along with LLQ of voice packets. Would like to take advantage of BIR bandwidth and still guarantee voice packets are not dropped by the frame relay switch network when congestion occurs. Here are my thoughts: What if the router were to pre-mark all data packets as Discard Eligible (DE) on the outbound serial interface connected to the frame network. Voice packets would NOT be marked DE. Then run up to BIR rates with LLQ prioritization for voice. Would the carrier frame network switches drop only the pre-marked DE data packets (by the router) when congestion occurred and NOT drop any voice packets? I haven't found any Cisco links that addressed QOS in this fashion. Any links on this topic would be greatly appreciated. The objective is to squeeze more bandwidth (BIR vs CIR) out of your frame relay network without dropping any voice packets. Why would this not work and what are the caveats? regards, dj Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56110t=55833 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN-dialer watch help.. [7:56055]
I'm not quite clear on what your criteria are, but it sounds like floating static routes might suit you (and change the idle-timeout value for the ISDN to ten minutes). Floating static routes are routes with a high administrative distance, that are normally overridden by another route (usually dynamic, I assume static is also fine) pointing to your leased line. If the leased line goes down, that route becomes inactive, and the floating static route (pointing to the ISDN) takes over. You will need to define interesting traffic. JMcL Parameswaran S wrote: Hi Group, Pls.help me in this requirement I want to bring up my isdn backup as soon as my Leased Line(primary) goes down .and it should be disconnected if there is no traffic flow for 10 minitues . I hope the only way of bringing up the backup interface for this purpose is using dialer watch which does not require any interested traffic to initiate the call,But will it work if i have any static routes specified already?And i understand isdn will be up untill the LL is coming up when you use dialer watch.(Correct me if am wrong) ideally which will not solve my purpose. So if i configure the router using DDR with backup delay , it will make my backup link protocol up and will not initiate the call unless there is any interested traffic.. how do i go about this ? any ideas.. Regards, Paramesh - Do you Yahoo!? Y! Web Hosting - Let the expert host your web site Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56111t=56055 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Frame relay circuit speed from IOS? [7:55908]
Whether you can get the CIR via LMI depends on the LMI type you are using. If you're using ANSI Annex D, it's not sent, and I know of no way of getting the info from the router. JMcL MADMAN wrote: Well thru LMI you can get the CIR and if the CIR is above 56K you can safely assume you have a T1 or a fractional T1 otherwise there is no way I know of. Dave Mossburg, Geoff (MAN-Corporate) wrote: LOL! That would be Qwest. :) The bad part is that they just reconciled THEIR data with OURS, not more than 6 months ago, so how accurate is that? (No slur intended toward Qwest) Would there be any way to get the circuit speed through debugging? Maybe debug lmi? -Original Message- From: MADMAN [mailto:dave;interprise.com] Sent: Friday, October 18, 2002 5:46 PM To: [EMAIL PROTECTED] Subject: Re: Frame relay circuit speed from IOS? [7:55908] No but hopefully you have the circuit ID's in case of trouble. With these you can ask your provider or have your salesdude get the info for you. Dave Mossburg, Geoff (MAN-Corporate) wrote: All, I've got a problem that has me stumped. I have an external CSU/DSU off of Serial0 at a remote site going to a frame-relay circuit of unknown speed. Is there any way to determine the circuit speed with the router's IOS? I want to be able to get this information remotely from many sites, so having someone physically look at the CSU/DSU's config is impractical for me. Thanks very much! GM -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56044t=55908 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: routing IPX over Leased Line with QoS [7:55373]
The Long and Winding Road wrote: DQoS test on Monday. Let's see if I pass of rail! some thoughts below JMcL: and more thoughts from me... -- Adam Broad wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, I have a 1720 router connected to a 3640 router by leased line (256K link). I wish to route IP, IPX and have VoIP (QoS) from site to site. At present the line is routing IP with static IP addresses on the leased line. It is also routing IPX and I have configured a network number on the leased line. If I try to add in the QoS it seems I need to have unnumbered IP addressing on the leased Line for it to work. If I use unnumbered IP addressing then it seems to prevent me allocating IPX network addresses to the serial line. I am getting confused at this point, should it be possible to have IP, IPX and QoS all at the same time? CL: sure, they can all be configured simultaneously. To clarify, so far as I know, QoS settings can apply only to IP traffic, or to traffic clssified by MAC address. You cannot apply QoS to IPX or any other non IP protocol except by that means. Well, let me qualify that by saying that on the 3550 you can add a few other L2 protocols such as DecNet and NetBIOS for QoS in a switched environment. JMcL: What are you considering QoS to be? In my mind, QoS covers a whole suite of techniques, many of which are entirely applicable to IPX or anything else you can specify in an access list. For example, I consider priority queuing to be a QoS technique - and it works with IPX and several other non-IP protocols. Sure, some QoS techniques are specific to IP, but not all... CL: I see no reason why unnumered is required on any interface to get QoS to work. Which leads to the question of IOS version. I believe that 12.1.2T or better is what you should be using. Other versions may or may not have all the required bells and whistles. I'm using 12.1.5T10 and so far I have not run into the issue of requiring unnumbered on serial links. Can't do NBAR protocol discovery on the 2500's and can't do MPLS, but that's another story. My IOS is 12.1 Thanks for any suggestions Adam. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55530t=55373 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: QoS testing - well, that explains it [7:55468]
Are you pinging directly from the router where the QoS stuff is configured, or are the pings going through the router? JMcL The Long and Winding Road wrote: the continuing saga of QoS configuration and testing As near as I can tell, ping testing is utterly useless as a means of testing QoS configurations. I have done any number of tests this morning. all of the following have been applied inbound on an interface: access-list 171 deny ip any any precedence critical access-list 171 permit ip any any ( all pings no matter what the tos value go through) access-list 181 permit ip any any precedence critical access-list 181 permit ip any any precedence internet access-list 181 permit ip any any precedence network ( all pings no matter what the tos value go through) access-list 191 permit icmp any any precedence critical access-list 191 permit icmp any any precedence internet access-list 191 permit icmp any any precedence network ( all pings no matter what the tos value go through) this certainly does explain why I can't rate limit or police or WRED or FRED any of the ectending ping traffic I am sending through. ah well... on to the next chapter. -- www.chuckslongroad.info like my web site? take the survey! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55531t=55468 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF dead-interval to hello-interval relation? [7:54969]
Actually, this looks consistent to me. At least as consistent as anything else Cisco does. Changing the hello interval drives changes to the dead interval, but not the reverse. If the dead interval is set to the default (four times hello interval), and you change the hello interval, you will change the dead interval. If the dead interval is *not* the default, then it's assumed that you know what you want it set to (perhaps a rash assumption), and so in this case changes to the hello interval don't change the dead interval. Your changes seem to be consistent with this. JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55322t=54969 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Novell Server node address change [7:55264]
This may not be relevant since it's just the socket that changes, but you don't have another workstation with a duplicate address, do you? I have seen similar symptoms from that. JMcL Ole D Jensen wrote: Thanks Priscilla for a very good explanation. The numbers were just made up, but it keeps changing from 85E8 to E885 and back to 85E8 a second later. As far as I have found out so far, 85E8 is Microsoft Endpoint Mapper for RPC, however the workstation is a Windows 98. I will take a closer look at the workstation, but if anyone have a good tip, please let me know. Thanks, Ole Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.RouterChief.com Priscilla Oppenheimer Sent by: [EMAIL PROTECTED] 10/10/2002 11:46 AM Please respond to Priscilla Oppenheimer To: [EMAIL PROTECTED] cc: Subject:Re: Novell Server node address change [7:55264] The number after network.node is the IPX socket number, not an SPX socket number. Some protocols, such as IPX and DDP, have a socket number at the network layer. SPX was used by RCONSOLE. Some SNA gateways used it, though most used NetBIOS. I think some printing can use SPX. Ordinary client/server traffic uses NetWare Core Protocol (NCP), however, which resides directly above IPX and does not use SPX. NCP has its own build-in transport like behavior that is similar to the old IPX PEP and provides a semi-reliable delivery service for single packet exchanges (often called a ping/pong protocol). SPX behaves more like TCP but is way less important and not used by much. It would be normal for a client's socket number to change if new appliations were started or restarted. Could you watch this user and see what they do? I usually blame the users. ;-) Could they be playing a game perhaps? Were those numbers you told us made up to hide the details for security reasons? Can you tell us the actual numbers? You can probably get more detailed info at novell.com, but here's a few nuggets about IPX sockets: Socket numbers between 0x4000 and 0x7FFF are dynamic sockets; these are used by clients to communicate with servers. Socket numbers between 0x8000 and 0x are well-known sockets; these are assigned by Novell to specific processes. Software developers who write NetWare applications can ask Novell to reserve a socket number and get on the list of well-known sockets. Novell also reserves several sockets for use in the NetWare environment. Here's a partial list of socket numbers. Socket Process 0x0002 Cisco IPX ping 0x0451 NCP server 0x0452 SAP 0x0453 RIP 0x0455 Novell NetBIOS 0x0456 Diagnostics 0x85BE EIGRP 0x9001 NLSP 0x9004 IPXWAN 0x9086 Novell IPX ping ___ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Ole D Jensen wrote: Yeah, I think you're right. I am not spending much time on the NW side of my network, so I can't remember all the facts by heart. The apps installed on that WorkStation are the same as installed on most other WorkStations on my networks. Ole Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.RouterChief.com The Long and Winding Road Sent by: [EMAIL PROTECTED] 10/10/2002 10:03 AM Please respond to The Long and Winding Road To: [EMAIL PROTECTED] cc: Subject:Re: Novell Server node address change [7:55264] Ole, it's been a long time for me as well, but isn't that last set of numbers - the four after the : ( colon ) the SPX socket number? That is the thing that appears to be changing. Not that I would know what the change signifies. what's running on that workstation? -- ! Ole D Jensen wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Thanks Dave, I have tried that without any luck. The command is reset router. Thanks, Ole Ole Drews Jensen Systems Network Manager CCNP, MCSE, MCP+I RWR Enterprises, Inc. [EMAIL PROTECTED] http://www.RouterChief.com Williams, Dave 10/10/2002 09:40 AM To: 'Ole D Jensen' , [EMAIL PROTECTED] cc: Subject:RE: Novell Server node address change [7:55264] You might try and
Re: OT - ISDN viability - WAS: Re: VPDN - ISDN pro [7:54007]
MADMAN wrote: FWIW I have implemented more ISDN backup than I care to remember but once configured and tested it works well. I always suggest that customers periodically test the backup, at least force tha ISDN connection up by pinging a test loopback or something. I had one customer who did't want to loose their SNA sessions, via DLSW, and ISDN backup with EIGRP converted fast enough that the SNA session stayed active. Dave JMcL: Yep, been there, done that too (with OSPF though). With RSRB as well, before we moved to DLSW (now TN3270...) Despite quite a few Cisco people telling us that SNA was far too sensitive... And I agree about the need to periodically test the failover. Especially since ETSI (Euro-ISDN, Basic-net3, call it what you will) appears to go to sleep when not used, so show isdn status indicates that the circuit's completely dead... until you need it again (anyone else noticed this?) Vicuna, Mark wrote: Where I work ISDN is primarily used for DDR since it is the most cost effective soln in Aust - especially if you have a large number of sites to cover as Jenny pointed out. With that in mind, the way of thinking being 'we only want to pay for what we use'. There's no point in having an fr circuit as backup for each remote/branch site. Of course with our main core trunk links into the telco cloud we wouldn't consider ISDN for backup. The majority of issues regarding ISDN I have had experience over here are with provider's equipement (we have subscription to every major telco in aust. and only one telco [no names mentioned] seems to give us ongoing grief with their dated equipment - lucent att - framed route issues with ldap), and of course dialer watch :) The current configuration we have would fail bringing up the isdn circuit sporadically on a watched subnet. Resolution? changed dialer watch group to any other number BUT 1. Go figure. In regards to manual intervention.. i hope not :-)I have worked for the 2 major telco's in Aust and there's no manual intervention happening there in context of servicing their customers. MV -Original Message- From: Jenny McLeod [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 24 September 2002 9:21 AM To: [EMAIL PROTECTED] Subject: RE: OT - ISDN viability - WAS: Re: VPDN - ISDN problem [7:53931] Hell yeah. We use ISDN to automatically failover. With over 350 remote sites, it's not uncommon to have a main link to an office fail somewhere. With automatic failover, our users often don't even know something's failed. Manual intervention? You've got to be kidding. To tweak and tune if necessary, sure, but to initiate failover - no way. Been there, done that, bad idea in our network. Anyway, in Australia at least, it's still the most cost-effective failover for a network like ours (lots of sites, geographically dispersed). It has some annoyances, sure - but it's still definitely an option for me. JMcL Chuck's Long Road wrote: I see more complaints / problems / issues with ISDN and DDR in specific and in general, in real world and in test situations. Idle curiousity. Is ISDN really viable in terms of reliability for DDR applications? In any number of mission critical applications, I have seen major vendors, major enterprises, and major service providers use manual intervention as the preferred means to apply dial backup. I welcome the informed comments of those who are obviously more versed in the topic than I am, with my limited exposure.. Chuck [snipped] -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 You don't make the poor richer by making the rich poorer. --Winston Churchill Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54200t=54007 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Routine Powercycles or reloads [7:54098]
Many many moons ago, we had a bug where routers leaked memory (so we periodically rebooted them - about every week, I think). I think it was IOS 10.0 on an AGS+, though, so I doubt you'd come across that particular bug very often these days ;-) I work on the theory that unless there appears to be some problem (such as leaking memory, or a hardware change required), leave it running... JMcL Symon Thurlow wrote: Periodic server reboots are generally to deal with memory leaks rather than moving parts. Flawed router software could perhaps exhibit the same fault, although I have never heard of it personally. Symon -Original Message- From: Robert Edmonds [mailto:[EMAIL PROTECTED]] Sent: 25 September 2002 20:36 To: [EMAIL PROTECTED] Subject: Re: Routine Powercycles or reloads [7:54098] I haven't come across anything personally either way, but it seems that this would be unnecessary for a router, since there are no hard drives, etc. I know it can be an issue with servers that stay on all the time, but I think routers, switches, etc. with no moving parts (except of course, the fans) could be left on all the time. I've definitely never heard of or experienced any issues relating to this. McHugh Randy wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Can anyone tell me if they have come accross documentation or guidance from Cisco on how often a 7200 router or any router should be reloaded if ever for a maintanance purposes ? Thx Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54204t=54098 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT - ISDN viability - WAS: Re: VPDN - ISDN problem [7:53931]
Hell yeah. We use ISDN to automatically failover. With over 350 remote sites, it's not uncommon to have a main link to an office fail somewhere. With automatic failover, our users often don't even know something's failed. Manual intervention? You've got to be kidding. To tweak and tune if necessary, sure, but to initiate failover - no way. Been there, done that, bad idea in our network. Anyway, in Australia at least, it's still the most cost-effective failover for a network like ours (lots of sites, geographically dispersed). It has some annoyances, sure - but it's still definitely an option for me. JMcL Chuck's Long Road wrote: I see more complaints / problems / issues with ISDN and DDR in specific and in general, in real world and in test situations. Idle curiousity. Is ISDN really viable in terms of reliability for DDR applications? In any number of mission critical applications, I have seen major vendors, major enterprises, and major service providers use manual intervention as the preferred means to apply dial backup. I welcome the informed comments of those who are obviously more versed in the topic than I am, with my limited exposure.. Chuck [snipped] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53940t=53931 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN oddities [7:53897]
I'm having a problem with some ISDN channels. We use ISDN as a failover for other services. The ISDN is on a AS5300 (IOS 12.1) - note that this is ETSI (switch type primary-net5). Lots of dialer interfaces, load thresholds set, ppp multilink used. The AS5300 dials the remote sites. 60 channels available all up, over two router interfaces, and up to twenty at each remote end (7500s), but max-link is set lower so that if we lose a lot of sites at once they can all get a look in (we then fiddle manually to allow more channels if necessary). Today, a hub frame relay service went plunk, throwing a stack of offices onto the ISDN. No great problem there. Except that, after a while, the AS5300 decided that it didn't really feel like raising any more calls. Most channels on s1:15 were in use, and some on s0:15 - the others appeared to be usable, but the router wasn't raising calls although loads were above the thresholds. Interestingly, when one channel was dropped (due to load decreasing), it was immediately used by a different (still busy) site. Also, the AS5300 was repeatedly attempting to call one office, but the call was being dropped almost immediately. Some debugging showed that ppp authentication was succeeding but the call was being dropped - by the called end - immediately after authentication anyway. This office already had several other successful calls in place, but it wasn't at its max-call limit. I couldn't do a lot of active troubleshooting (e.g. shut/no shutting the ISDN interface) as I didn't want to jeopardise the connectivity that was in place. Any suggestions as to what to look for/try if this happens again? Is there any way of clearing a single B channel? Thanks, JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53897t=53897 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Multiple ISDN dialups - 256k channel - advise need [7:52719]
I haven't actually done this in production, but at various times when testing, I have noticed that if you have multiple dialer strings on the one dialer interface, the first string will be dialled, and then if that fails, the second string will be dialled, and so on. I suspect that what you want to do would work, although I doubt it would load balance between the two numbers - I think it would normally dial the first number, and only dial the second number if the first one failed (or is engaged?) Hope that helps, JMcL Andrew Larkins wrote: Hi all, I am just testing the theory here to see if this is possible. I have a remote site with 2x ISDN BRI and a central site with 2x ISDN BRI. These BRI's are backing up a dedicated 256k point to point link. I have dialer interfaces created on both sites with the physical BRI's being members of dialer pools. ISDN backup works great. Question: I need to add a second BRI to this group. I assign the interface to the dialer pool. Each of these BRI's on the central site have different ISDN telephone numbers. In order to get ALL these channels (4x 64k) dialed up in the event of a failure, can I add another dialer string to the remote site dialer interface?? If so will it load balance ???. The other alternative I have is that the Telco can assign both numbers to a hunt group, but I do not really want to have this right now. I have left out the ppp multilink and dialer load threshold commands on purpose. Current confis below. Central site: interface BRI3/0 no ip address dialer pool-member 1 isdn switch-type basic-net3 ! interface BRI3/1 no ip address dialer pool-member 1 isdn switch-type basic-net3 ! interface Dialer1 description ISDN Backup bandwidth 56 ip address 1.1.1.1 255.255.255.252 ip nat inside encapsulation ppp dialer pool 1 dialer remote-name xx dialer-group 1 ppp authentication chap end Remote site: interface BRI0/0 no ip address dialer pool-member 1 isdn switch-type basic-net3 New isdn still to be added but the concept remains the same as above interface Dialer1 description ISDN Backup bandwidth 56 ip address 1.1.1.2 255.255.255.252 encapsulation ppp dialer pool 1 dialer remote-name y dialer string 222 (not the real one) dialer string 333 (is this correct???) dialer-group 1 ppp authentication chap Thanks in advance Andrew Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52957t=52719 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN load-interval [7:52851]
It's not specific to ISDN. By default, when you do a show int, you will see a 5 minute input rate and 5 minute output rate. The load figures are calculated over five minutes (I believe it's an exponentially decaying algorithm or something similar, not a straight average). These load figures are used in conjunction with dialer load-threshold to determine when to bring up (or drop) another ISDN channel. Now, you might want your ISDN channels to react more quickly to changes in load. In that case, you can set the load-interval to something shorter (e.g. 30 seconds). When you do a show int you will now see that a 30 second input rate. The load figure will react more quickly if the load suddenly increases, and your ISDN channel will be brought up more quickly. There's a good explanation in the command reference - http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_r/frprt3/frd3003.htm#xtocid2298117 (watch the wrap). JMcL hagedorn wrote: Hy can someone exlpain me for what the load-interval in isdn is. any comments are welcome. Regards Philipp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52959t=52851 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IPv6 despair (IOS 12.2T psychosis) [7:52032]
Neal Rauhauser wrote: BGP is funny with RIB-failure, OSPF is weird with dropping subnets that are visible elsewhere in a simple network, NAT some times explodes depending on version, EIGRP is a little screwy, and now I've got a truly exceptional problem :-( I've got a working async config - two 1750s back to back with aux ports, Paradyne 3820 plus modems, and a Teltone pots simulator. The router running 12.1.15 dials the other, can telnet to it, etc, but the 12.2T box can not ping, telnet, or anything. YES! I'm not kidding - complete failure from one side, but the box on the other side can cross the link. Sounds rather like a bug I came across a few weeks ago. Should be in the archives. Resolution for me - turn off ip route caching. JMcL I've been running this stuff in a production network and I've just hit the wall - its all coming out in a week after I get back from class and some nice, conservative GD image is taking its place. I didn't even get to touch IPv6 in production ... the IPv4 stuff is just too screwy. -- Neal Rauhauser CCNP, CCDP voice: 402-301-9555 mailto:[EMAIL PROTECTED] fcc : k0bsd I've seen the angels wearing their disguise, ordinary people leading ordinary lives - Tracy Chapman Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52113t=52032 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Edsger Dijkstra? [7:50896]
Hmmm... From the link... He and his wife had a fondness for exploring state and national parks in their Volkswagen bus, dubbed the Touring Machine, in which he wrote many technical papers. Whoever came up with *that* name (Dijkstra, or someone else??) had a warped sense of humour... JMcL David j wrote: I'm afraid it's true... http://www.cs.utexas.edu/users/UTCS/notices/dijkstra/ewdobit.html Jenny McLeod wrote: I received a rumour that Edsger Dijkstra, known for his dislike of Goto statements as much as for the shortest path first algorithm, has died. I haven't been able to confirm this, though. True? False? JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51035t=50896 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Serial Interface Bandwidth [7:50381]
Henry D. wrote: That would work if you have integrated CSU, the timeslots would be there. If you connect say with V.35 to an external CSU/DSU then you won't get the timeslot information. The only way to figure out the bandwidth then would be to stress-test the circuit and see how far you can get the bandwidth utilization on this interface. Or, of course, you can use the non-technical way. Ask your provider. We are supposed to be in a communications field, after all :-) JMcL Turpin, Mark wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... A show interface serial 'x' where x = the serial interface's number will tell you a couple things that are important. 1) the 5 minute load average for input/output 2) the timeslots used You can use the timeslots to determine the bandwidth that is technically available, and the load average to get an idea of what is currently being used. hth, -mark -Original Message- From: Curious [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 01, 2002 9:43 AM To: [EMAIL PROTECTED] Subject: Serial Interface Bandwidth [7:50381] I want to know the current bandwidth of my serial Interface of Router. Lets say i have a fractional T1, how would i know what bandwidth i have for my serial interface. thanks, The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50482t=50381 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Strange ping failures [7:50249]
Hi all, I have just been battling a rather odd routing(?) problem. I have a 2621XM router, which has an ethernet segment attached. This router is connected to an AS5300 via a modem connected to the aux port. The AS5300 has other connections. Both routers have loopback interfaces configured. Setup... Fa0/0--RTA--Aux--modemAS5300--Fa0--lots of other stuff Routing is basically via static routes, because this is actually the failover connection - RTA also has an ISDN connection via a BRI interface that, at the time of the problem, was (deliberately) down. Problem is, that I can ping from the AS5300 to the loopback of RTA, or even to the FA0/0 ip address, but I can't (usually) ping to any hosts on the Fa0/0 subnet. Nor can I ping from a PC on the RTA Fa0/0 subnet to the AS5300. Weird thing? If I clear the IP routes on RTA, the next ping (or two, on one occasion) works. Then they start failing again. The pings that work have reasonably short response times, and even if I extend the timeouts on the failing pings to 20 seconds they don't work, so I don't think it's a timeout problem. I think I've seen this or read about this somewhere - it's niggling at my brain. But I can't work out what the heck is going on, and my brain is now fried. Any hints?? (If you're really interested in the ip addressing, I'll post it, but according to the routing tables there is a path all the way there and all the way back). JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50249t=50249 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: frame relay back-to-back [7:50215]
eo wrote: On Tuesday 30 July 2002 07:59 pm, Dimitrije wrote: I would like to connect 2 routers with a back-to-back frame relay WAN conection, but I don't have the DCE-DTE back-to-back cable. Each router does however have T1 WICs. My question is can I connect the routers together with a T1 cross-over cable and successfully run frame relay encapsulation over that WAN. I don't see why not. Am I missing something? Thanks Nondisclosure violations to [EMAIL PROTECTED] You should'nt have any issues with two WIC's and a T1 crossover cable, I do it all the time in my lab provided you have a properly wired T1 crossover made. D Or, use a DTE cable plus a DCE cable (e.g. X.21 DCE plus X.21 DTE). JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50250t=50215 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF Route SUmmary [7:50208]
Kris Keen wrote: Your summary addresses will be configured on your ABR's, these summary's will be propagated to area 0. So your summarys will be on Sydney/Brisbane/Melbourne using the area range command HTH Kris Why would you have summaries on all three? If the connection to the global empire is from Sydney, the ABR is presumably (although not stated) the Sydney router. So that's where you'd summarise. Mind you, my brain stopped working a few hours ago, so treat me gently if I've overlooked something obvious... JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50251t=50208 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Strange ping failures [7:50249]
Daniel, thanks heaps and heaps, that worked. You just saved me probably at least half a days grief. Looks like I only needed to turn off fast-switching on the relevant dialer interface. I think the quick and dirty fix in this instance will do fine - I don't think process switching over a PSTN line will contribute a lot to processor load or latency... Definitely one for me to keep in mind. JMcL Daniel Cotts wrote: Try turning off fast switching. Several years ago with early 12.0 code a similar problem existed with 2600s. The first ping would succeed because it was process switched. All subsequent pings would fail. Wait five minutes for the cache to clear and again the first ping would work. The quick and dirty fix was to disable fast switching. The real fix was to update IOS. The problem that you are describing seems different from the above - but maybe it's a starting point. Try using sh int stat and sh int switching and other show commands to watch for traffic. -Original Message- From: Jenny McLeod [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 31, 2002 4:16 AM To: [EMAIL PROTECTED] Subject: Strange ping failures [7:50249] Hi all, I have just been battling a rather odd routing(?) problem. I have a 2621XM router, which has an ethernet segment attached. This router is connected to an AS5300 via a modem connected to the aux port. The AS5300 has other connections. Both routers have loopback interfaces configured. Setup... Fa0/0--RTA--Aux--modemAS5300--Fa0--lots of other stuff Routing is basically via static routes, because this is actually the failover connection - RTA also has an ISDN connection via a BRI interface that, at the time of the problem, was (deliberately) down. Problem is, that I can ping from the AS5300 to the loopback of RTA, or even to the FA0/0 ip address, but I can't (usually) ping to any hosts on the Fa0/0 subnet. Nor can I ping from a PC on the RTA Fa0/0 subnet to the AS5300. Weird thing? If I clear the IP routes on RTA, the next ping (or two, on one occasion) works. Then they start failing again. The pings that work have reasonably short response times, and even if I extend the timeouts on the failing pings to 20 seconds they don't work, so I don't think it's a timeout problem. I think I've seen this or read about this somewhere - it's niggling at my brain. But I can't work out what the heck is going on, and my brain is now fried. Any hints?? (If you're really interested in the ip addressing, I'll post it, but according to the routing tables there is a path all the way there and all the way back). JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50324t=50249 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF Route SUmmary [7:50208]
Kris Keen wrote: If you have networks in brisbane, would you not summarise those at the brisbane abr? I think i have the wrong diagram in my head :) I think we just have different diagrams in our heads. And they're probably both different to what John has in mind ;-) But we seem to agree that you summarise at the ABR - and John hasn't said where he's putting his ABR(s). So it really depends on the OSPF design, and how John's emerging global empire is split into areas. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50326t=50208 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN Backup [7:50261]
Shane Stockman wrote: I currently have 2 point to point links ruuning to the same place using eigrp as the routing protocol.I have added a isdn bri as backup but I don't want the isdn to kick in until both the point to point links drop. There is a serious routing issue with have 1 link up and the bri as the will load balance across and cause a loss of packets. If there are any config examples or documents or if anyonehas done this sort of config please send some info. Thanks Sounds like a case for floating static routes. Lets say that if both ptp links drop, you want site A to call site B. Presumably site A can usually see routes to various site B addresses via EIGRP (maybe even nicely summarised). On site A, set up a static route to a site B address (or to a summary - whatever matches your EIGRP routes), with an administrative distance of say 200, pointing to the dialer interface for the BRI (if you're using a dialer - or straight to the BRI). Then, if one ptp link drops, site A will still use the EIGRP route across the other ptp link. If both ptp links drop, the static route will kick in and send traffic via the ISDN. JMcL Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50337t=50261 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: load sharing [7:24752]
I assume you mean using BGP? I have absolutely no experience with BGP at all, so this could be way off base, but which direction are the links unbalanced in - for incoming traffic, outgoing traffic, or both? If it's traffic from you to the provider that is not shared evenly, then have a look at how YOU are load sharing, and make sure that is per-packet. JMcL Mohammed Saro wrote: We have two links to our provider and this provider makes load sharing per packet but sometimes one of two links is saturated and the other has free bandwidth can any one explain this weird behavior Best Regards, Mohamed Saro Senior Network Engineer GEGA NET Tel: +20 2 4149771/2/3/4 ext.:111 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24856t=24752 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: HSRP - hows it work [7:24721]
Can you use floating static routes instead? JMcL Mr. Oletu Hosea Godswill, CCNA wrote: Hi group, Who have used the 'standby track serial 0' command before, while configuring HSRP. I tried it and was disappointed because, my two upstream providers are connected via a radio (microwave link). Even when one of them is down, the radio coneected to the router still send keepalives to the route and as such the interface does not go down, and as such the HSRP does not work when any of the upstream goes down. Has anyone being able to solve this problem? Regards --- Michael Williams wrote: If router A has a higher priority and is setup to preempt, then when it comes back up (after a failure), it will resume being the active. If router A does not setup with preempt, it won't become the active until Router B fails or is restarted, etc. HSRP works by projecting a virtual IP address and a virtual MAC address. You would configure the clients/workstations with a gateway that is the virtual IP address (or the standby IP). Whenever the end device sends an ARP which the routers resolve to the virtual MAC. It is possible to use a Burned-in (MAC) Address (called a BIA) in case the default virtual MAC causes a problem. Once the end workstation resolves the virtual IP to the virtual MAC, it communicates with the virtual MAC, in which both routers receive and take note of the traffic, but only the active router will actually forward the traffic. This is a in a nutshell view of HSRP and I'm sure there is something that I've left out or said wrong, but that's basically it.. Mike W. [EMAIL PROTECTED] __ Do You Yahoo!? Make a great connection at Yahoo! Personals. http://personals.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24870t=24721 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IPX RIP [7:24621]
Thanks Priscilla. I thought that would be the case. In fact, digging around a bit more, I'm not even sure if a triggered update would be sent. 'clear ipx route *' causes RIP/SAP general requests on all IPX interfaces, according to the command reference. But I think that would just cause RT2 to send its routes (and SAPs) to RT1 - I assume RT2 wouldn't also send them to RT3, and RT1 wouldn't send out an update saying it's lost all it's routes?! I haven't found any doco that goes into IPX RIP in such gory detail, though! All the stuff I've seen barely even mentions the existence of triggered updates, let alone the details of exactly when they are sent :-( JMcL Priscilla Oppenheimer wrote: Triggered updates on IPX RIP are stupid compared to something like EIGRP. They just get sent out by a router that brings a route up or notices that one goes down. They don't get propagated. More than one router might decide a route is up or down, but not necessarily, depending on timing. As you know I'm sure, IPX routes are marked invalid if no routing updates are heard within three times the value of the update interval and are advertised with a metric of infinity. IPX routes are removed from the routing table if no routing updates are heard within four times the value of the update interval. I think RT2 in your case would wait 15 minutes to mark a route from RT1 invalid. In the meantime, RT2 is still sending RIPs every 60 seconds out to RT3 with the routes from RT1 still valid. So, I would say that the triggered update from RT1 would not cause any extra traffic on the RT2---RT3 link or on the RT3---RT4 link. You can configure the interval at which a network RIP entry ages out, by the way, with the ipx rip-multiplier command. That could confuse matters Sorry I don't have any more experience to share. Good luck. I'm sorry you're having a bad week. We're learning from your experiences too, if that helps at all. ;-] Priscilla At 01:36 AM 10/30/01, [EMAIL PROTECTED] wrote: OK, I'm asking a few more questions than I'm answering lately. Question about IPX RIP (not IP RIP - although they may work the same way in this instance). Say I have the following setup... RT1---RT2---RT3---RT4 The RT2 to RT3 link is ethernet, the others are serial, although I'm not sure that that makes a difference. The IPX RIP update time is set to five minutes on the RT1 to RT2 link, and defaults (to 60 seconds) on the other two links - again, I'm not sure that this makes a difference. There are no relevant filters in this scenario. If the IPX routes are cleared on RT1 (clear ipx route *), how far will triggered RIP updates/changes be propagated? Will any extra traffic (above normal RIP updates) be created from RT3 to RT4? Thanks, JMcL Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24724t=24621 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN irregularity
8000 bytes = 64000 bits. What speed is your ISDN channel? How long will it take a ping to get to the other side and back? How long is your timeout? I expect that if you increase the timeout you will see your pings return. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 09/04/2001 10:23 am --- "Savvas Themistocleous" [EMAIL PROTECTED]@groupstudy.com on 06/04/2001 08:17:17 pm Please respond to "Savvas Themistocleous" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: ISDN irregularity Hi all, I have just picked up something strange on my AS5300. Is this standard for an Isdn connection with an MTU over 8000, it has a regular pattern which suggests that it is standard to me. Any ideas? I thought fragmentation should occur past this to 18024. JHB-AS5300#ping Protocol [ip]: Target IP address: 216.0.53.162 Repeat count [5]: Datagram size [100]: Timeout in seconds [2]: Extended commands [n]: Sweep range of sizes [n]: y Sweep min size [36]: 5000 Sweep max size [18024]: 1000 % Bad maximum size JHB-AS5300#ping Protocol [ip]: Target IP address: 216.0.53.162 Repeat count [5]: Datagram size [100]: Timeout in seconds [2]: Extended commands [n]: Sweep range of sizes [n]: y Sweep min size [36]: 5000 Sweep max size [18024]: 1 Sweep interval [1]: 500 Type escape sequence to abort. Sending 55, [5000..1]-byte ICMP Echos to 216.0.53.162, timeout is 2 seconds: !!.!!.!!.! Regards Savvas _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
2501 help
Oh boy. What version of IOS are you running - 9.14 or something like that? From memory, and this appears to be backed up by my historical copy of the Router Products command summary for 'software release 9.1' (they didn't use the term 'IOS' then), that is what you get with an early IOS version. I'm not sure when it changed - I think in IOS 10.0. Type 'show version' at the exec prompt (i.e. not while you're trying to configure the router) and look for the version - second line of output, probably. If it's 9.something, then you have a very early version of IOS. You can still do a fair amount of stuff - ospf, igrp, IPX (except it used novell as the keyword then), rsrb, snmp, x.25... depending on what feature set you have. If this is supposed to be a production router, upgrade it. If it's for a lab, you will rapidly find that you cannot do anything that is faintly recent (EIGRP, HSRP, etc), and most of the commands in books won't work, and you will want to upgrade it anyway. Many of the commands have changed since 9.1. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 04/04/2001 05:55 pm --- "RamG" [EMAIL PROTECTED]@groupstudy.com on 04/04/2001 04:14:28 pm Please respond to "RamG" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "Ciscogroupstudy" [EMAIL PROTECTED] cc: Subject: 2501 help Hello Friends, I am new to this field. Received couple of routers today. Trying to learn basic commands.When I enter config t following is the output RouterA#config t Enter configuration commands, one per line. Edit with DELETE, CTRL/W, and CTRL/U; end with CTRL/Z I don't get RouterAconfig prompt. What could be the problem? Thanks Gopal _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP and OSPF
I seem to recall that in some of the (old) CCNA stuff it used the term to refer to separate routed protocols. Doyle says that "although SIN routing usually refers to multiple routing protocols routing multiple routed protocols on the same router (such as OSPF routing IP and NLSP routing IPX), it can also refer to two IP protocols routing for separate IP domains on a single router." (or, presumably, two IPX protocols routing for separate IPX domains...) As far as I can see, you can apply the term equally well to routed or routing protocols. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 05/04/2001 08:55 am --- "Bradley J. Wilson" [EMAIL PROTECTED]@groupstudy.com on 04/04/2001 07:25:37 pm Please respond to "Bradley J. Wilson" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "cisco" [EMAIL PROTECTED] cc: Subject: Re: EIGRP and OSPF I've only heard this phrase used in conjunction with routing protocols - you can run OSPF and BGP on the same router, but they won't have anything to do with one another (like ships in the night) unless you configure redistribution explicitly. Although I suppose it could also be applied to routed protocols as well...I've just never heard it used for them before. :-) BJ - Original Message - From: Fred Danson To: [EMAIL PROTECTED] Sent: Tuesday, April 03, 2001 11:50 PM Subject: RE: EIGRP and OSPF Wait a sec, I thought ships in the night meant that 2 ROUTED protocols are running concurrently without knowledge of eachother. Running 2 routing protocols has nothing to do with ships in the night, right? Fred From: "Raul F. Fernandez" Reply-To: "Raul F. Fernandez" To: "Thomas" , Subject: RE: EIGRP and OSPF Date: Tue, 3 Apr 2001 22:42:55 -0400 Yes you can .they are ships in the night. The never see each other. Raul -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Thomas Sent: Tuesday, April 03, 2001 10:14 PM To: [EMAIL PROTECTED] Subject: EIGRP and OSPF Hi All - Is it possible to have both EIGRP and OSPF installed on a single router? Just trying to get rid of the RIP here. Thanks All! Nondisclosure violations to [EMAIL PROTECTED] _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN switch type in Korea
While your provider may well use primary-net5, they may not. The Cisco documentation only gives an indication of the switch types used in each country; it's not conclusive (for example some PRIs in Australia use primary-net5, not primary-ts014). It depends on what your provider is using. Ask your provider, and as somebody else suggested, run a list of switch types past them. If they say they use 'ETSI' or 'Euro-ISDN', then that means primary-net5. A list of switch-types supported in IOS 12.1, in case you haven't already found it, is at (watch the wrap) http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/dial_r/drdrisla.htm#1030992 JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 05/04/2001 11:31 am --- "Buri, Heather H" [EMAIL PROTECTED]@groupstudy.com on 05/04/2001 01:26:27 am Please respond to "Buri, Heather H" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "'Chiao Liang'" [EMAIL PROTECTED] [EMAIL PROTECTED] cc: Subject: RE: ISDN switch type in Korea For the router configuration, the switch type should be configured as primary-net5 which covers European, New Zealand and Asia ISDN PRI switches (per Cisco documentation). I am not sure where your provider is getting his information. I suspect he does not know what he is talking about. I would question him further on this point and maybe ask to speak with someone else. Heather Buri CSC Technology Services - Houston Phone:(713)-961-8592 Fax: (713)-961-8249 Mobile: Alpha Page: Mailing: 1360 Post Oak Blvd Suite 500 Houston, TX 77056 -Original Message- From: Chiao Liang [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 04, 2001 10:12 AM To: [EMAIL PROTECTED] Subject: ISDN switch type in Korea Hi All, I tryong to apply for an ISDN PRI line in SEOUL. The providetell me that the switch type use is "PBX". I was so confuss as in CISCO AS5300 that i going to use, there was not switch type known as "PBX". Can anybody enlighten me on this. Is there a "PBX" Switch for ISDN? If yes how do i configure my AS5300 for the ISDN PRI LINE. Thank, with regards Chan _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Anyone looked at this RFC yet?
RFCs 3091 (Pi Digit Generation Protocol) and 3092 (Etymology of Foo) are also quite enlightening. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 03/04/2001 09:05 am --- Daniel Cotts [EMAIL PROTECTED]@groupstudy.com on 03/04/2001 01:39:06 am Please respond to Daniel Cotts [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "'Fowler, Robert J.'" [EMAIL PROTECTED] [EMAIL PROTECTED] cc: Subject: RE: Anyone looked at this RFC yet? And the publishing date is??? Author Scott Bradner. -Original Message- From: Fowler, Robert J. [mailto:[EMAIL PROTECTED]] Sent: Monday, April 02, 2001 10:13 AM To: [EMAIL PROTECTED] Subject: RE: Anyone looked at this RFC yet? Ooops here is the link... http://www.isi.edu/in-notes/rfc3093.txt -Original Message- From: Fowler, Robert J. [mailto:[EMAIL PROTECTED]] Sent: Monday, April 02, 2001 10:50 AM To: [EMAIL PROTECTED] Subject: Anyone looked at this RFC yet? RFC 3093, the Firewall Enhancement Protocol promises to reduce the hassle of setting up a firewall by tunneling any TCP/IP application over HTTP. Thanks, Robert Fowler We are told that talent creates its own opportunities. But it sometimes seems that intense desire creates not only its own opportunities, but its own talents. - Eric Hoffer (1902-1983 American Author Philosopher) Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IPX Help
If you don't want to send RIP/SAP updates that often, you can change the update times by ipx update interval {sap|rip} xwhere x is in seconds - this is IOS 12. For earlier IOS (11.2 anyway, not sure which version 11.3 uses), the commands are ipx sap-interval x (for SAP updates - x is in minutes) ipx update-time x (for RIP updates - x is in seconds) An unusual instance of Cisco actually making the IOS commands more intuitive (or at least more consistent) instead of less! JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 21/03/2001 08:56 am --- Priscilla Oppenheimer [EMAIL PROTECTED]@groupstudy.com on 21/03/2001 05:50:21 am Please respond to Priscilla Oppenheimer [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "EA Louie" [EMAIL PROTECTED] "David A. Lauer" [EMAIL PROTECTED] "'Bradley J. Wilson'" [EMAIL PROTECTED] "'cisco'" [EMAIL PROTECTED] cc: Subject: Re: IPX Help Good response. At 09:09 PM 3/19/01, EA Louie wrote: Issue: bandwidth of SAPs (Service Advertisement Protocol) broadcast over the WAN - depending on how many IPX services are allowed, it could be a big hit...although I've never personally seen SAP traffic saturate a decent bandwidth (128k and above) WAN link, perhaps others here have. I have! (Well, thinking back, maybe it was only 128 K?) SAP stands for Service Advertising Protocol. Cisco has spelled out the acronym incorrectly for years. Solution: Filter outbound SAP's at the source router (this may need to be done at both ends of the WAN circuit depending on the number of servers on each side. Normally, unless an application or printer needs to be advertised on the 'other' end of the WAN link, I shut them all down, except for file services. Otherwise, the routing tables (same for IPX RIP as IP RIP) are sent over the WAN link every 90 seconds by default. IPX RIP sends every 60 seconds by default. IP RIP sends every 30 seconds by default. You're thinking of IGRP when you say IGRP perhaps? Sorry for being so picky. Your answer is right on! Priscilla -e- - Original Message - From: David A. Lauer [EMAIL PROTECTED] To: 'Bradley J. Wilson' [EMAIL PROTECTED]; 'cisco' [EMAIL PROTECTED] Sent: Monday, March 19, 2001 7:23 PM Subject: RE: IPX Help How about routing IPX over a WAN? What are the issues and performance hits? DaL -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Bradley J. Wilson Sent: Monday, March 19, 2001 5:54 PM To: cisco Subject: Re: IPX Help The command "no ipx routing" will clear up *all* your troubles. ;-) BJ - Original Message - From: Nabil Fares To: [EMAIL PROTECTED] Sent: Monday, March 19, 2001 5:32 PM Subject: IPX Help Greetings all, I'm trying to find out how routers treat IPX traffic, is there any type of switching or optimization taking place. I hope my questions is clear! Thanks, Nabil _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to Make Frame Relay Redundant?
John Hardman wrote: Hi Well lets start out by saying I have worked with FR for many years, so let me share my pain with you. First, FR is not redundent, and in and of it's self can not be made redundent. There are several things one can do to help bring up the "up time" with a FR network. [snipped] 4) Full or partial mess network. JMcL: OK, I *know* it's a typo, but it's a very appropriate one :-) [more snipped] Back on topic, and just so this post isn't a complete waste of bandwidth... it's probably not relevant to this situation, but your provider *may* offer redundant PVCs, so that if the remote frame relay access dies, a secondary PVC to a different access will kick in. Down here the redundant PVC is charged at about 10% of the regular rate and is not usable except in failover situations. Another possibility - probably not what you need, but it may be useful to somebody else. JMcL _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
SPCs was Re: Internetwork Design Question
[snipped] When I was doing WAN engineering in Australia, there was a very cost-effective nailed-up Basic Rate ISDN service that you might also want to research. [more snipped] You'd be referring to Telstra's Semi-Permanent Connections (SPCs). They were available on Microlink services. Telstra is shutting down their old Microlink/Macrolink network (switch types basic-ts013, primary-ts014). All new services are ETSI, and have been for a while now. They've been trying to get everyone to migrate, but it's taking a little longer than they hoped :-) They don't offer SPCs on their new services, but they do have (at least for now) some reasonable call charge capping plans. I haven't done the sums - I don't think they're as cost-effective as the SPCs were but they're an awful lot better than raw per-minute charges. JMcL _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Serial intermittant flapping
Hmm. You originally said it's a 32/64k link, but your interface description says 128k (changing your bandwidth parameter may prevent some confusion as well, although it won't cause problems). If it's 64k, you may be getting some bandwidth problems - your 5 minute utilisation is 42k, which is OK, but if you've taken that snap-shot at an off-peak time, you may have an issue there - incoming traffic choking off lmi, for example. Does it happen randomly, or at peak time, or what? The lmi stats look odd to me. Num Status Enq. Sent 5588 Num Status msgs Rcvd 5588 Num Update Status Rcvd 0 Num Status Timeouts 49 I would expect the status msgs rcvd plus the timeouts to equal the status enq sent. When the link goes down, is it just briefly? Can you leave debug frame lmi on, so it captures what happens when the link flaps - e.g. does the lmi report the PVC down, or does the lmi timeout, causing the link to flap? My guess would be environmental, given where it's located. Are you still in wet season? Is it a manned site (are you well aware of lousy weather consitions/environmental conditions e.g. nearby cyclones :-)? We've had dafter reasons than tides turn out to be the cause of problems, so don't discount it. John's suggestions sound good to me. Then tell the telco to do some work - get them to replace the NTU. They probably just don't want to go up there :-) By the way, David, do you have any comments on general performance/gotchas of the 2610s using 12.1? Are you using ISDN as well as frame? Any IOS problems? I'm planning on using a few in situations that may be quite similar to yours, and would welcome any feedback you have. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 16/03/2001 11:34 am --- "David Heaton" [EMAIL PROTECTED]@groupstudy.com on 14/03/2001 04:52:14 pm Please respond to "David Heaton" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: Re: Serial intermittant flapping we're moving the serial to s1/0 this arvo then if that fails they are also upgrading the access rate on the NTU (only device between router) then if it still fails we might be able to convice the carrier to replace the NTU we've also managed to get a spare router out of the client carrier techs say it may be radio fade as the FR is remote in this region delivered via radio bearers sh ver Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-D-M), Version 12.1(2), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2000 by cisco Systems, Inc. Compiled Tue 09-May-00 23:09 by linda Image text-base: 0x80008088, data-base: 0x808FA304 ROM: System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1) thursday-island uptime is 20 hours, 35 minutes System returned to ROM by power-on at 11:22:46 EST Mon Nov 13 2000 System restarted at 19:15:45 EST Tue Mar 13 2001 System image file is "flash:1:c2600-d-mz.121-2.bin" cisco 2610 (MPC860) processor (revision 0x203) with 26624K/6144K bytes of memory. M860 processor: part number 0, mask 49 Bridging software. X.25 software, Version 3.0.0. Basic Rate ISDN software, Version 1.1. 1 Ethernet/IEEE 802.3 interface(s) 2 Serial(sync/async) network interface(s) 1 ISDN Basic Rate interface(s) 32K bytes of non-volatile configuration memory. 8192K bytes of processor board System flash partition 1 (Read/Write) 8192K bytes of processor board System flash partition 2 (Read/Write) Configuration register is 0x2102 thanks all David John Neiberger [EMAIL PROTECTED] 03/14 2:40 pm Hmmm... well, in 16.5 hours it only dropped one keepalive and had one error out of 307000 packets, which isn't too bad. there shouldn't be any at all, but one bad packet in 300k isn't going to hurt that much. The line certainly doesn't appear to be over-utilized by any stretch. Hmmm... I'd still blame the telco, but that's my number one rule anyway. : -) One thing that is worth trying is to disconnect all the relevant cables and reconnect them a few times, especially the cable from the CSU/DSU to the network jack. This actually resolved a problem that we had that neither I or the telco could figure out. That T-1 is now running perfectly clean and it was experiencing 5-10% errors before. HTH, John Gladly, I think the frame error coincided with a line proto bounce I think it may be environmental at site - maybe Serial0/0 is up, line protocol is up Hardware is PowerQUICC Serial Description: 128k Frame Relay Service Y216077142N MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, reliability 255/255, txload 1/255, rxload 6/255 Encapsulation FRAME-RELAY IETF, loopback not set Keepalive set (10 sec) LMI enq sent 5960, LMI stat recvd 5959, LMI upd recvd 0, DTE LMI up LMI enq recvd 0, LMI stat sent 0, LMI upd sent 0 LMI DLCI 0 LMI type is ANSI Annex D frame relay DTE Broadcast queue 0/64, broadcasts sent/dropped
Internetwork Design Question
John, Bear in mind that if you need 2Mbps for *each* link, you'll need more than a single 2 Mbps frame relay service at the central site (unless you're happy with that much oversubscription). You could use a high-bandwidth frame relay or ATM service ( 2Mbps) interworking with 2 Mbps services at each of the remote sites. Telstra does high-bandwidth frame relay and I expect that other carriers do as well - plenty do ATM. The high-bandwidth service will need an HSSI or ATM port on the router, not a standard serial port, so if your routers are already fixed that may cause a problem. I haven't yet used the high-bandwidth frame relay or ATM, so I'm not speaking from personal experience. If you're using different telcos at the international sites check that they will interwork - I've never looked into that. If you're stuck with 2Mbps interfaces on your routers you may have to look at either multiple 2Mbps services at the central site, oversubscription, or just use point to point links. When the number of PVCs on a central access drops below a certain point, it's more cost-effective to just do simple point to point links. For redundancy, you could use ISDN on demand (PRI if you want 2 Mbps, unless you're really into trying to blend vast numbers of BRIs together). You'd probably need a PRI at each remote site plus one or more at the central site - again, it depends on how much oversubscription of your redundancy capability you need - what if your central frame/ATM service goes down? You could also look at backup PVCs - some telcos offer a service where a backup PVC will kick in if a service fails. You pay about 10% of the standard cost of the backup PVC. You can't use the backup PVC except in a failure situation. Just some quick thoughts before I shoot through for the day - aveagoodweekend... JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 16/03/2001 04:55 pm --- "John Brandis" [EMAIL PROTECTED]@groupstudy.com on 16/03/2001 12:31:35 pm Please respond to "John Brandis" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: Internetwork Design Question HI @groupstudy members Got a question for you. I have just started at a startup network company and they wish to have links to about 10 different locations (some of them overseas). What we need is that these links come into a central site (home office router) and we also have some sort of redundant backup should one of these links fail. One of our needs is that each link have a bandwidth of 2MB/S. My idea was to install and configure a frame relay device in the central office then organize for for the remote offices to terminate the frame relay channel in their respective offices. Can some one pass on a comment from previous experience in regards to the service that I am trying to create. Any constructive information is much appreciated. John B [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Halabi's Internet Routing Architecture 1st/2d eds- Difference s?
I've got the second edition but haven't read it (or the first edition) yet. From the introduction... "In addition to providing a thorough update to the original material, this edition includes recent enhancements to the BGP ptotocol, discusses changes surrounding registration and allocation of Internet numbers, and provides additional information on research and educational networks." For what it's worth... JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 09/03/2001 08:39 am --- Daniel Cotts [EMAIL PROTECTED]@groupstudy.com on 09/03/2001 07:57:20 am Please respond to Daniel Cotts [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "'Greg Macaulay'" [EMAIL PROTECTED] [EMAIL PROTECTED] cc: Subject: RE: Halabi's Internet Routing Architecture 1st/2d eds- Difference s? The second edition was highly recommended by my BSCN instructor. He stated that there was significantly more information in the book. He complained that they used smaller type so that the number of pages didn't change that much. -Original Message- From: Greg Macaulay [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 08, 2001 12:36 PM To: [EMAIL PROTECTED] Subject: Halabi's Internet Routing Architecture 1st/2d eds- Differences? Hi all, Anyone have any knowledge/opinions as to the substantive differences between Halabi's 1st and 2d editions to his BGP book (Internet Routing Architecture)?? I have the 1st edition and really don't want to waste money -- if the two volumes are fundamentally the same. Any and all opinions welcomed -- including flamers -- if you need to!! Greg Macaulay AARP (lifetime member) certs not listed other professional qualifications also not listed _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN 22 second PPP Negotiation Time-out, help...
I have no experience with the US telco environment, but looking at this from another angle... You say that the PPP negotiation is timing out. Is this because the negotiation traffic is being dropped (dodgy ISDN line), or is it because it's not negotiating properly in the first place? Debug ppp negotiation and debug ppp packet (I think - going from memory here) can be quite useful if you haven't already used them. At both ends. I have had problems with a bug where prioritisation and PPP multilink could not be used on the same link. If they were, PPP negotiation failed (timed out after about 22 seconds) - one side simply failed to reply to the other once the virtual link was set up. Similarly, changing the encapsulation of an interface to PPP without shutting/no shutting the interface can give negotiation problems. If this is a new link, what order did you enter commands in? Was 'no shut' the first or last thing you did? If the problem is with the negotiation process itself, then you can probably stop pestering the telco and start pestering the TAC instead. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 09/03/2001 09:01 am --- Dan West [EMAIL PROTECTED]@groupstudy.com on 09/03/2001 03:15:44 am Please respond to Dan West [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: Kurt Bailey [EMAIL PROTECTED] [EMAIL PROTECTED] cc: Subject: Re: ISDN 22 second PPP Negotiation Time-out, help... I have done this *type* of work before Get ready. Ask telco to trace out the carrier for you from their demarc and find every mux point or switch AND ask them IF the circuit gets HANDED OFF to another CARRIER at some point. If so, your nice 64k digital line might be stepping down to analog within another telco (CARRIER) so your LEC might not even care or say they have control over it It's oh so much fun working with the phone companies. Although I must say I have worked with some really good, qualified people there who have been extremely helpful --- Kurt Bailey [EMAIL PROTECTED] wrote: I have mutliple ISDN lines in the US that seem to be UN-Fixable... Calls time-out after 22 seconds. We use Cisco. Some locations work when you call in-bound but fail on out bound calls, while others fail both in and out bound. We order the ISDN 64k DATA/DATA. It must be 64k DATA/DATA in order to work with our access-servers, VOICE/DATA will not work. Local and Long distance teclo SAY they are configured right... Long distance telco says they are handing a 64k data call to local and local says they are recieving a 64k data call and vise versa. Now for some issues I have been able to set the call speed to 56k to get the call working. My main point for posting this is to find help in how I can talk to the telco and make them look at the line and be absolutly sure that our calls are traveling a 64k DATA/DATA trunk and not being routed over ANALOG or VOICE/DATA. Or if there are any config changes that can be made local or on the access-servers. Thanks, Kurt _ Get your FREE download of MSN Explorer at http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] = from The Big Lebowski... The Dude: You sure he won't mind? Bunny: Dieter doesn't care about anything. He's a nihilist. The Dude: Ohhh, that must be exhausting... __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN B Chanell
Try using 'debug dialer', and 'debug isdn q931' (on both routers). Is the router *attempting* to dial? If so, is the call being seen by the other router? JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 05/03/2001 11:36 am --- "Santosh Koshy" [EMAIL PROTECTED]@groupstudy.com on 02/03/2001 01:17:48 pm Please respond to "Santosh Koshy" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: Re: ISDN B Chanell I am presently using the command "dialer load-threshold 1 either" to no sucess... "Daniel Cotts" [EMAIL PROTECTED] wrote in message 303479FA060CD211B893F805A88AA11009@EXCHANGE1">news:303479FA060CD211B893F805A88AA11009@EXCHANGE1... On the BRI interface use "dialer load-threshold 'load'". A value of 1 for load brings up the second link instantaneously. Quoted from the Cisco Press BCRAN book edited by Catherine Paquet p197. There is more detail to this - so best to check out CCO. -Original Message- From: Santosh Koshy [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 01, 2001 7:37 PM To: [EMAIL PROTECTED] Subject: ISDN B Chanell Hello All, I am setting up a simple point to point ISDN BRI connection. It works like a charm, but for the life of me, I cannot get the secondary B chanell to come up. When I initiate a ping, it brings up the first B chanell instantaneously, but it wont bring up the secondary. ROUTER 1 interface BRI0 ip address 10.10.10.1 255.255.255.240 no ip directed-broadcast encapsulation ppp dialer idle-timeout 86400 dialer map ip 10.10.10.2 name ABC broadcast 9032031701 dialer map ip 10.10.10.2 name ABC broadcast 9032031704 dialer hold-queue 1 dialer load-threshold 1 either dialer-group 1 isdn switch-type basic-ni isdn spid1 90319074001 isdn spid2 903319074101 compress stac ppp authentication chap ppp multilink ROUTER 2 interface BRI0 ip address 10.10.10.2 255.255.255.240 no ip directed-broadcast encapsulation ppp dialer idle-timeout 86400 dialer map ip 10.10.10.1 name XYZ broadcast 9033190740 dialer map ip 10.10.10.1 name XYZ broadcast 9033190741 dialer hold-queue 1 dialer load-threshold 1 either dialer-group 1 isdn switch-type basic-ni isdn spid1 903203170101 isdn spid2 903203170401 compress stac ppp authentication chap ppp multilink Thanx, Santosh _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Referce book or cheat list
For IOS 9.1, the 'router products command summary' book was indeed a convenient size - about 20cm by 12 cm, and about 1.5 cm thick, and it did include short examples. By IOS 10.3 (from memory) it was the same height/width but about 4cm thick. 11.3 is the latest hardcopy I've seen (it's now the 'Cisco IOS software command summary'), and Cisco wasn't wild about providing them (they'd prefer to give you the CD, not surprisingly), and it's about 28cm by 20 cm, and 5.5 cm thick. Admittedly, the type is larger than for the IOS 9.1 book, and there's more white space. But it no longer includes even brief examples. And it only covers IOS, not the various switch interfaces. If you want a *small* reference book to include all that, expect a very small font. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 02/03/2001 08:28 am --- Daniel Cotts [EMAIL PROTECTED]@groupstudy.com on 02/03/2001 02:59:22 am Please respond to Daniel Cotts [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "'John Chang'" [EMAIL PROTECTED] [EMAIL PROTECTED] cc: Subject: RE: Referce book or cheat list In the old printed IOS documentation there was a book called the "Cisco IOS Software Command Summary". The one for 11.1 is 2-1/4 inches thick in a 7 by 8 inch format. However, no examples given. The latest is located at: http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121sup/index .htm I do not know if a print version is available. It seems to be a condensed version of the Configuration Guides and Command References. -Original Message- From: John Chang [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 01, 2001 9:27 AM To: [EMAIL PROTECTED] Subject: Referce book or cheat list Does anyone know of a small reference book set up like a dictionary that gives a small explanation of the command, parameters, and an example for a specific router/switch/IOS version. If not someone should publish it and put me on the buy list. Thanks. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF design question re: location of Area Border Router
John, You could equally well have the 7513 with one interface in area 1 and the rest in area 0, and the 4500 with all interfaces in area 1, in which case the 7513 is the ABR. David, Am I correct in thinking that the only router at the remote site is the 4500? Or is there more 'behind it'? Because if the 4500 is the only router, you're not gaining much by making the 4500 the ABR. Area 0 will still include all the routers in your network, and the 4500 will still have all the area 0 information. You can summarise your remote site routes into area 0, but that's about it. Are you planning on extending this idea and having lots of other areas set up in the same way? Generally regarded as not a good idea to have 'too many' areas defined on one router - the guidelines I saw last (quite a while ago) suggested a maximum of three areas per router but even at the time that was a very vague rule of thumb - they also suggested a maximum of about 60 routers in an area which you are obviously exceeding, presumably without problems. Running area 0 over WAN links is not necessarily a terrible thing to do - if your network is stable, OSPF doesn't spew out lots of traffic. Making the 7513 the ABR is probably your best bet - it sounds like your 7513 can cope with it (check your memory usage as well, though). JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 01/03/2001 08:38 am --- "John Neiberger" [EMAIL PROTECTED]@groupstudy.com on 01/03/2001 04:19:39 am Please respond to "John Neiberger" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: OSPF design question re: location of Area Border Router I think I must be missing something here, or I don't understand the concept of ABR. If you have a 7513 in area 0 connected to a 4500 in area 1, for instance, then the 4500 will have one interface in area0 and the rest presumably in area 1. By definition, that makes the 4500 an ABR, doesn't it? I don't see how you have any choice in this matter at all, but since I've never actually configured OSPF perhaps someone will enlighten me. "Hennen, David" [EMAIL PROTECTED] 2/28/01 9:32:59 AM Hi, I am preparing to bring up a new site in an ospf network. The new site will be a training facility connected back to the main office by a t1. Currently we use OSPF and have everything in area 0, around 100 routers. I want to make this new site a different area and to make the new area a Totally Stubby Area. We have two 7513 routers at the main office that handle all the wan traffic, the new remote office would connect to one of these. The remote training office will have a 4500. One of my coworkers suggested that the 7513 at the main office should be the Area Border Router, because we should keep area 0 from being spread out over a bunch of wan links. I had it in mind that the remote 4500 should be the ABR. I don't have a strong reason for thinking that way. The cpu of the 7513 runs between 20-30 % utilization according to snmp info. Are there any rules of thumb regarding this? I looked through the Cisco OSPF network design book and can see some examples that support having the ABR at the main office. Is that the accepted practice? Are there any gotcha's to look out for? Thanks if you can help dave h _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Dial-Up AS5300 Dial Out
Err.. yes. Depends what sort of dial-out access you are talking about. For ISDN, it's a standard PRI setup - configure controllers, configure D-channels, configure dialer interfaces, don't forget the dialer group and dialer list stuff to define interesting traffic, add any dial-out related bits like load-threshold commands, min/max links etc. There's heaps of stuff on dialup configs on CCO, although a lot of it for the AS5300 assumes that it will only be accepting calls. Try http://www.cisco.com/warp/public/793/access_dial/1.html - it may be useful to you, but it depends exactly what you're trying to do. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 27/02/2001 08:57 am --- [EMAIL PROTECTED]@groupstudy.com on 27/02/2001 01:22:26 am Please respond to [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: [EMAIL PROTECTED] Subject: RE: Dial-Up AS5300 Dial Out Is there anyone who has experience setting up an AS5300 for dial-out capability and if so how is it done?? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: RE: Speaking of Routers on a stick
Personally, the phrase always reminds me of C.M.O.T. Dibbler's rat onna stick in Terry Pratchett's Discworld. And since VLANs are habitually distinguished by colours (at least in Cisco's pretty diagrams), I guess the VLANs are the ketchup, mustard, etc... JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 26/02/2001 09:29 am --- "Howard C. Berkowitz" [EMAIL PROTECTED]@groupstudy.com on 24/02/2001 06:54:15 am Please respond to "Howard C. Berkowitz" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: RE: Speaking of Routers on a stick I can't help it...whenever I see references to "router on a stick," I wonder whether Vlad the Impaler was the product architect. Returning to your regularly scheduled discussion... _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
testing dial backup...
I use floating statics to test backup non-disruptively, but then I use floating statics to initiate the backup as well, so I'm not sure whether this technique will work if you're using the dial backup command to initiate your backup. But for what it's worth... Choose a network address that is not known in your network (and that your users don't need access to for the period of the test, because this test will disrupt access to this). This will obviously depend on your particular network. You could make it a host address if you want. Create a floating static route to that network, pointing to your backup interface (dialer interface or whatever you're using). E.g. ip route x.y.z.0 255.255.255.0 dialer1 250 Make sure that ping traffic to that network is classified as interesting traffic for your backup interface. Ping an address on that network. The ping will fail, because (presumably) the router at the other end doesn't know where to send the ping, but it should raise your backup link. Remove the static route after testing. This is not a complete test. It does test physical connectivity (in my experience, the main problem with backup links is a telco problem that isn't picked up because the link is never used), but it doesn't test correct routing. Be aware that depending on your exact setup, this may be disruptive. For example, if for some reason traffic prefers the backup link once it's up, you could have unexpected traffic flows. If you redistribute static routes into a routing protocol on that router, (false) knowledge of your 'test' network may suddenly appear all over the place. Use with caution and knowledge of *your* network, and don't blame me if you break something :-) JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 26/02/2001 09:53 am --- "Z" [EMAIL PROTECTED]@groupstudy.com on 23/02/2001 02:13:35 pm Please respond to "Z" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: testing dial backup... Question... Anybody know how I can test to see if our dial backup on our = devices actually kicks up when the primary interface goes down? We have = dialer interfaces as our backup and I want to see if they work. I just = got to this place a month ago and have noticed that in most of the = devices, they don't even have the backup statements configured on the = primary int. Here's the kicker. I can't take the primary down to do this = and I don't feel like coming in on the weekend =3Do) I remember = somebody said something about creating a floating static and pinging = something but I forget what was said. Is there just an easy way to do = this? I would imagine there is. Thanks all, This has been an Eyez Only streaming e-mail broadcast...We are watching. ~ NetEyez ~ CCNP, CCDA _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ODD isdn config
interface Serial1/0:15 is simply referring to your d-channel. Slot 1, port 0, channel 15 (or 16 if you count from 0). Don't get confused by the Cisco doco - it often refers to the d-channel as being channel 23 (e.g. s1/0:23), because that's what it is on a T1 PRI used in the US. You're obviously using an E1 PRI if you've got 30 active channels, so the d-channel is :15. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 23/02/2001 08:38 am --- "Stephen D Skinner" [EMAIL PROTECTED]@groupstudy.com on 23/02/2001 05:11:09 am Please respond to "Stephen D Skinner" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: ODD isdn config GUYS i have this odd isdn config which don`t make any sense to me... !!! interface Serial1/0:15 ! no ip address no ip directed-broadcast encapsulation ppp no ip split-horizon load-interval 30 dialer pool-member 1 max-link 20 dialer pool-member 3 isdn switch-type primary-net5 isdn sending-complete fair-queue 64 256 0 no cdp enable ppp authentication chap ppp multilink It`s the FIRST line i don`t understandyou see if i do an "SHOW ISDN ACTIVE" ,it brings up 30 channels of my ISDN 30 as active when i do as SHOW INT it shows all 30 ...but i thought that "serial 1/0:15 meant only channels 0-15..i.e 16 channels... am i being thick or what ??? thanks in advance Stephen Skinner GIS UK Operations,Esso Petroleum Company St. Catherines House. 2 Kingsway, PO Box 397, London WC2B 6WJ External Email:[EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Full Duplex
Yes, you can certainly get more than 100mb total throughput, if you add the two directions together. But you can still only get 100 mb in either direction, even if there's no traffic in one direction. It's really a matter of semantics. Marketing types like to add both directions together and claim that as the bandwidth, because they can claim a higher bandwidth that way. But in my opinion it's more useful to say it's 100 mb full duplex, and that tends to still be the standard, particularly for serial links. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 23/02/2001 08:46 am --- "AndyD" [EMAIL PROTECTED]@groupstudy.com on 22/02/2001 03:01:21 pm Please respond to "AndyD" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: Re: Full Duplex So on a full-duplex 100 mb ethernet link you could theoretically get 200 mbps throughput?? I have had this argument with several people before. I thought that 100 mb each direction being possible, if both parties transmit at the same time but in different directions, you still have 200 mb of throughput. They all thought I was crazy - said you can't possibly get more than 100 mbps out of a 100 mb link. ""Santosh Koshy"" [EMAIL PROTECTED] wrote in message 970klv$f2n$[EMAIL PROTECTED]">news:970klv$f2n$[EMAIL PROTECTED]... Hi akshay, If its full duplex you will get 2Mbs of transmit bandwith 2Mbs of receive traffic... In a half duplex link you will get a total of 2mbs for transmit and receive. hope the above helps, Santosh Koshy ""Network Operations"" [EMAIL PROTECTED] wrote in message 9706m3$ouv$[EMAIL PROTECTED]">news:9706m3$ouv$[EMAIL PROTECTED]... The 2Mbps link i had mentioned is a serial link (E1) not an ethernet link. regards akshay -- Network Operations (Mumbai) Bharti BT Internet Ltd. Tel:- 91-22-6127242 91-22-6127179 Email :- [EMAIL PROTECTED] "dark_baby" [EMAIL PROTECTED] wrote in message 96vudv$dqr$[EMAIL PROTECTED]">news:96vudv$dqr$[EMAIL PROTECTED]... Yes. You'll get 2M Transmit 2M REceive(4M) between AB with full duplex. With half duplex transfer rate is poor, it is about 1M or less. You can imply full duplex only with switch, or just host to host link. With hub, you can only use half duplex , because each station must detect collision before transfer, full duplex doesn't detect collision(There is no collision with full duplex). _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: backup subinterface on another subinterface
What differentiates the traffic? Different destination IP networks? Then floating statics should be OK. Different protocols? Then you need to look at each type of traffic independantly - you can set up floating statics for IPX, and maybe other protocols. What are your different types of traffic? JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 15/02/2001 01:37 pm --- Adam Wang [EMAIL PROTECTED]@groupstudy.com on 15/02/2001 05:31:40 am Please respond to Adam Wang [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: Re: backup subinterface on another subinterface Thanks for all your input on setting up a floating static suggestion, but the 2 PVCs that I have are both active and in production, and each is carrying different type of traffic. They are both acting as primary links. I want to set up something that if one fail, it will jump to the other one. I don't think floating static will work in this case. Adam --- Kelly D Griffin [EMAIL PROTECTED] wrote: The way my company does it is to weight routes for the two PVC's. Serial0/0.1 point-to-point ip address 192.168.255.1 255.255.255.252 no ip route-cache no cdp enable frame-relay interface-dlci 20 ! Serial0/0.2 point-to-point ip address 192.168.255.5 255.255.255.252 no ip route-cache no cdp enable frame-relay interface-dlci 21 ! ip route 10.0.0.0 255.0.0.0 192.168.255.2 ip route 10.0.0.0 255.0.0.0 192.168.255.6 200 ! end wr This says to route the traffic over S0/0.1 as it is directly connected. Route the traffic over S0/0.2 if the primary link should become unreachable. You have to be careful with the administrative distance on the backup route. If you are running a routing protocol (OSPF, RIP, etc.) you will have to take into account what the default distances are for these protocols. Keep in mind that a route that points to an interface is distance 0 and a route to an IP address is distance 1. Kelly D Griffin, CCNA, CCDA Network Engineer Kg2 Network Design http://www.kg2.com - Original Message - From: "Adam Wang" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, February 14, 2001 10:08 AM Subject: backup subinterface on another subinterface Hi group, I have 2 PVCs setup using Frame Relay on a serial interface with 2 subinterafces, and I want these 2 subinterfaces to backup each other when 1 fails. I did backup interface s0.2, but it won't allow a subinterface on the backup command, only the physical interface. So backup interface s0 is possible. Why is that and how can I do this Thanks in advance Adam __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] http://1cis.com Free E-mail Servers with unlimited mailboxes 1st Class Internet Solutions http://1cis.com Free E-mail Servers with unlimited mailboxes 1st Class Internet Solutions _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE vs CCNP
Depends why you want to become certified. If you want to be able to enhance your job prospects because you have more letters after your name, or because Cisco partners need a certain number of qualified people, then go for the CCNP unless you're seriously intending to follow up the CCIE written with the lab. The CCIE written on its own gives you no qualification and no formal recognition, despite the plethora of 'CCIE candidate' and 'CCIE written' wannabes. If you are pursuing certification to fill in gaps in your knowledge, or for personal satisfaction, it doesn't matter too greatly. As you say, the CCIE written is not much more study than the CCNP. In my opinion the CCIE written is broader, but the CCNP exams require slightly more in depth knowledge (note that I did mainly CCNP 1.0 exams - there seems to be a school of thought that reckons the 2.0 exams are not as hard). Because the CCIE written is a single exam and covers a lot of topics, you can get away with not knowing some of the topics and still passing, as any particular topic may only have a couple of questions - this may be harder to do with the CCNP. However there are topics on the CCIE written that are not covered in any of the CCNP exams, unless you go for the specialisations. If this is why you're doing certification, you may as well do both. My 2c - YMMV JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 15/02/2001 03:54 pm --- "James" [EMAIL PROTECTED]@groupstudy.com on 15/02/2001 11:01:11 am Please respond to "James" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: CCIE vs CCNP Is it reasonable to take the CCIE written instead of CCNP? I've been working with Cisco equipment and software for over 10 years and decided to go ahead with certification. The CCNP looks like a good choice, but it appears the CCIE written only requires a few more months of study. Of course, the lab is a different story. Has anyone tried this? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Cisco Lab Tax Write Off
Good grief. The least you could do is state what country you're talking about. US, since that appears to be where the majority of list members are from? Bangladesh, since www.chetona.com appears to be rather Bangladeshi-oriented? Somewhere else? I suspect you would be rather better off asking for tax advise from a tax expert in your on country. While there are no doubt some genuine tax experts on this list, how are you going to know who's an expert and who's just a ring-in who thinks they're an expert? Dunno about your country, but down here the tax office would die laughing if you used the excuse " but somebody on the web told me it was OK to claim this..." JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 15/02/2001 05:05 pm --- "Steve Barone" [EMAIL PROTECTED]@groupstudy.com on 15/02/2001 12:12:50 pm Please respond to "Steve Barone" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: Cisco Lab Tax Write Off Are router's/switche's/isdn simulator's purchased for the home lab tax deductible. Also, are the ciscopress textbook's tax deductible expense. Is anyone else claiming these on the Federal Taxes? TIA _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF: ASBR/ABR
Done it, yes. Problems, no. But this will depend almost entirely on what routers you're using, how much memory they have, how big your network is, the design of your network, and zillions of other factors that are not going to be the same in your network as they are in mine. Head for your lab and test it under something approaching *your* network conditions. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 12/02/2001 11:48 am --- "West, Karl" [EMAIL PROTECTED]@groupstudy.com on 10/02/2001 02:27:14 am Please respond to "West, Karl" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "'[EMAIL PROTECTED]'" [EMAIL PROTECTED] cc: Subject: OSPF: ASBR/ABR Need suggestion: Has anyone ever implemented OSPF where they had their router been an ASBR and a ABR at the same time and if so was there any problems? I have to connect a non OSPF router to my AGG router (ABR). I really don't want to do any redistribution on the ABR routers but the powers that be are cheap :-) Before I even go into the lab I just want to get some feed back from anyone. Thanks Karl _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PPP Multilink or Cisco BoD (Correction on Typo)
There is at least one subtle difference between using dialer load-threshold with ppp multilink and without (or at least between using ppp multilink and using hdlc). It actually appears to be a different command, but with the same syntax. There is a bug that means that only outgoing load is used in the BoD calculations. This appears to be written up as a 'feature' in some of the doco (sorry, in a bit of a hurry and don't have time to look up the BugID or links - yell if you really want them and I'll chase them later). In other words, 'dialer load-threshold 150 either' will ignore the 'either' and just look at outgoing load. However, over ppp multilink, the 'inbound' and 'either' options do work. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 12/02/2001 03:56 pm --- "Adam Burgess" [EMAIL PROTECTED]@groupstudy.com on 11/02/2001 08:04:03 pm Please respond to "Adam Burgess" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "Santosh Koshy" [EMAIL PROTECTED] cc: [EMAIL PROTECTED] Subject: Re: PPP Multilink or Cisco BoD (Correction on Typo) Sorry - previous message should have read: Correct - although you don't need to specify 'ppp multilink' in order to bring up multiple channels, you only need to use 'dialer load-threshold'. This enables bandwidth on demand and seems to provide the same throughput and functionality as ppp multilink. If you specify dialer load-threshold AND ppp multilink, then the interfaces switches to 'industry standard' ppp multilink. I was curious if there were any benefits (ie. bandwidth utilisation, delay, CPU time, memory, etc) to be gained by using bandwidth on demand without ppp multilink. Adam - Original Message - From: "Santosh Koshy" [EMAIL PROTECTED] Newsgroups: groupstudy.cisco To: [EMAIL PROTECTED] Sent: Sunday, February 11, 2001 3:46 PM Subject: Re: PPP Multilink or Cisco BoD The dialer load-threshold feature, works in combination with ppp multilink... What "dialer load-threshold" does is, define the load level that must be exceeded on the first ISDN B channel before the router attempts to bring up a second B channel for a multilink PPP connection. ""Adam Burgess"" [EMAIL PROTECTED] wrote in message 011001c093dd$116e7140$[EMAIL PROTECTED]">news:011001c093dd$116e7140$[EMAIL PROTECTED]... To all DDR gurus: Are there any benefits in using the Cisco Proprietary = Bandwidth-on-Demand feature (ie. dialer load-threshold), rather than = using ppp multilink (other than the fact the ppp multilink is standard)? Regards Adam Burgess Brisbane, Australia _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco 1600 Router Down/Flapping ?
Manolito, "don't see see the Num Status msgs Rcvd and the Num Status Enq Sent incrementing" - do you mean that NEITHER counter is increasing? I.e. the local router isn't trying to send lmi? Check that your keepalives match at each end. By default I think this is 10 seconds. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 08/02/2001 08:40 am --- "Leigh Anne Chisholm" [EMAIL PROTECTED]@groupstudy.com on 08/02/2001 05:13:04 am Please respond to "Leigh Anne Chisholm" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "Liwanag, Manolito" [EMAIL PROTECTED] "Cisco Group Study" [EMAIL PROTECTED] cc: Subject: RE: Cisco 1600 Router Down/Flapping ? If the command "show frame-relay pvc" is identifying the PVC status as "inactive", the PVC connection between your router and switch is working properly. There is a problem between the switch and the destination router. Ensure all configuration parameters on the remote router have been configured correctly... -- Leigh Anne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Liwanag, Manolito Sent: February 7, 2001 7:42 AM To: Cisco Group Study Subject: RE: Cisco 1600 Router Down/Flapping ? Hi Guys, Thank you for all your tips and suggestions. How can I tell if it is the cable or the interface that is the problem. If I do a sh frame-relay lmi and don't see see the Num Status msgs Rcvd and the Num Status Enq Sent incrementing plus I do a sh frame-relay pvc and the status is inactive. Does this mean cable or interface problem. I am thinking cable but not totally sure. I think the cable is a cab-v35mt and cost about a $100usd. I don't want to purchase that unless I know for certain that it is the problem. Actually does anyone know of a place in Seattle that I can get that cable from. Last time I had to order it from Cisco. Thank you once again. rgds, Manolito -Original Message- From: Tony van Ree [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 06, 2001 5:25 PM To: Liwanag. Manolito; Cisco Group Study Subject: Re: Cisco 1600 Router Down/Flapping ? Hi, do 'sh frame pvc' check what the status is. Does it indicate it is active, Deleted, inactive. Is the pvc up and solid? (probably not) Check the counters on the PVC as well. Look at the serial interface and check for interface resets and/or transitions. Is the physical link up and solid? (Maybe) If the remote LMI and Physical are not tansitioning and the PVC is not deleted then do the same for the end that is being called. Have fun Just some thoughts. Teunis, Hobart, Tasmania Australia On Tuesday, February 06, 2001 at 05:07:58 PM, Liwanag. Manolito wrote: Hi Guys, I have a 1600 Cisco router in Seattle that is giving me a headache. This router is connected to our network via frame-relay. From corporate, I am not able to ping or access this router and hence the users in that remote branch can't log into the network and browse the net. All I-net traffic goes through Corporate PIX. I called MCI and they assured me that their network is fine and they even sent a technician to the office to check the CSU/DSU and it was also OK. I was able to get to the router through PC anywhere and when I checked the configuration it was fine. The LAN side is working fine but when I do a "sh int s0.1" it gives me a line down and protocol down. When I reload the router it gives me Line and protocol up. I give it about 10 seconds and then the line and protocol goes down on the serial interface. What gives ? any ideas ? Could it be flapping ? but then again it is not going back up. It only goes back up when I reload. Any help is appreciated. Thank you in advanced. rgds, Manolito _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Strange problem with Cisco 2501 routers
So... if you hit enter after all these messages have completed, what happens? JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 08/02/2001 08:56 am --- Cisco Engineer [EMAIL PROTECTED]@groupstudy.com on 08/02/2001 01:27:56 am Please respond to Cisco Engineer [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: Strange problem with Cisco 2501 routers Hi Folks, I have a few Cisco 2501 routers all eith the same startup problem. On startup, the routers behave normal, but after the "Press RETURN to get started" message, the routers come up with errors about the ethernet and serial interfaces, restarts and then hang up completely. Thinking that the problem may be with the DRAM, Flash or software, I have replaced these with ones from other Cisco 2501 routers in good working condition, but the problem remained the same. The typical output from these routers is as shown at the end of this posting. Any good ideas will be appreciated. Thank you. System Bootstrap, Version (3.3), SOFTWARE Copyright (c) 1986-1993 by cisco Systems 2500 processor with 4096 Kbytes of main memory Unknown or ambiguous service arg - udp-small-servers Unknown or ambiguous service arg - tcp-small-servers Illegal IP keyword - classless Booting ie11170n from Flash address space F3: 3731220+95304+191716 at 0x360 Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Internetwork Operating System Software IOS (tm) 3000 Software (IGS-I-L), Version 11.1(7), RELEASE SOFTWARE (fc2) Copyright (c) 1986-1996 by cisco Systems, Inc. Compiled Wed 23-Oct-96 20:37 by tej Image text-base: 0x0301FC14, data-base: 0x1000 cisco 2500 (68030) processor (revision A) with 4096K/2048K bytes of memory. Processor board ID 01091217, with hardware revision Bridging software. X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. 1 Ethernet/IEEE 802.3 interface. 2 Serial network interfaces. 32K bytes of non-volatile configuration memory. 4096K bytes of processor board System flash (Read ONLY) Press RETURN to get started! %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1, changed state to down %LINK-3-UPDOWN: Interface Ethernet0, changed state to up %LINK-3-UPDOWN: Interface Serial0, changed state to down %LINK-3-UPDOWN: Interface Serial1, changed state to down %SYS-5-CONFIG_I: Configured from memory by console %SYS-5-RESTART: System restarted -- Cisco Internetwork Operating System Software IOS (tm) 3000 Software (IGS-I-L), Version 11.1(7), RELEASE SOFTWARE (fc2) Copyright (c) 1986-1996 by cisco Systems, Inc. Compiled Wed 23-Oct-96 20:37 by tej %LINK-5-CHANGED: Interface Serial1, changed state to administratively down __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices. http://auctions.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Access-List Statement Clearification Request
More comments inline JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 08/02/2001 11:54 am --- John Neiberger [EMAIL PROTECTED]@groupstudy.com on 08/02/2001 04:24:17 am Please respond to John Neiberger [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: [EMAIL PROTECTED] Subject: Re: Access-List Statement Clearification Request Comments inline. --- Start --- Statement: "You can only assign one access list per interface, per protocol, or per direction" Question 1: Would this be correct as to an overall general understanding of this statement? interface ethernet 0 ip address 192.1.1.1 255.255.255.0 ip access-group 1 in ip access-group 2 out ipx access-group 3 in ipx access-group 4 out Yes, this is correct. JMcL: it is incorrect for the same reason as the next example is incorrect - access-list numbers 3 and 4 are IP access lists and can't be used for IPX access lists. However, the following should be fine... interface ethernet 0 ip address 192.1.1.1 255.255.255.0 ip access-group 1 in ip access-group 2 out ipx access-group 800 in ipx access-group 801 out Question 2: Can this possibly imply the following: (intuition says not possible because there are duplicate access lists on the single interface) interface ethernet 0 ip address 192.1.1.1 255.255.255.0 ip access-group 1 in ip access-group 2 out ipx access-group 1 in ipx access-group 2 out --- Finish --- This it not correct because access list numbers 1-99 are IP access lists. They could not possibly be used in an IPX access group statement. JMcL: John's correct, this is not valid, but not simply because the numbers are the same. You can't use the same number for different protocols simply because the syntax of the statement is wrong, not the combination of statements. What might be a better example is that the following is legal (I'm not sure what sort of access-list would make it *useful*, but it is legal): interface ethernet 0 ip address 192.1.1.1 255.255.255.0 ip access-group 1 in ip access-group 1 out However the following is NOT correct: interface ethernet 0 ip address 192.1.1.1 255.255.255.0 ip access-group 1 in ip access-group 100 in Here, access-list 1 is a standard IP access-list and access-list 100 is an extended access-list. Although they are different 'types' of access-list, with different formats, they are both IP access-lists, and if you type this in you will find that 'ip access-group 1 in' is overwritten - only ip access-group 100 will be applied. JMcL _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Show Router Model
show tech page will page through the output. Available in IOS 11.2, maybe earlier as well. Interesting thing about this command is that 'q' will not take you back to the router prompt. Instead, it will take you to the start of the next section of the show tech. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 07/02/2001 08:50 am --- Jim Dixon [EMAIL PROTECTED]@groupstudy.com on 07/02/2001 04:36:35 am Please respond to Jim Dixon [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "Liwanag, Manolito" [EMAIL PROTECTED] "'Cisco Group Study'" [EMAIL PROTECTED] cc: Subject: RE: Show Router Model The only way to SLOW down a show tech command is to capture it to a file then use an editor to search through it. Take a look at Cisco's website for more information. Here is one link to SHOW COMMANDS http://www.cisco.com/univercd/cc/td/doc/product/atm/c8540/12_0/13_19/cmd_ref /show.htm Watch the word- -wrap -Original Message- From: Liwanag, Manolito [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 06, 2001 10:32 AM To: 'Cisco Group Study' Subject: RE: Show Router Model Hi Guys, Thank you for unfreezing my brain. So embarrassed. I feel that I should return my Cisco certs rgds, Manolito -Original Message- From: Evan Francen [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 06, 2001 10:53 AM To: 'Liwanag, Manolito'; 'Cisco Group Study' Subject: RE: Show Router Model show version, or show hardware, it will give you the base router model. Then you can determine from the interfaces installed, what router you have. Evan -Original Message- From: Liwanag, Manolito [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 06, 2001 9:51 AM To: 'Cisco Group Study' Subject: Show Router Model Hi guys, Can anyone tell me how to tell what model router you have from CLI ? I am trying to figure out what model we have in a few branches remotely (through telnet) but my brain is frozen. I can't recall the command. Can any one help ? I tried doing a sh tech but the info was flying by. How do I slow that info down ? Thank you in advanced. rgds, Manolito _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN Dialup Backup
We use floating static routes rather than dial backup, but here's one way of doing it... Remove the dial backup command. Add a static IP route to a network that doesn't exist in your routing table. Make sure it's a network that you don't need to be able to connect to, at least temporarily (this obviously may be tricky if you use default routes and your users may need to connect to any network), or make the static route for the address of the dialer interface at the other end. Point the static route at the dialer interface (not the address, the interface). E.g.ip route 1.2.3.0 255.255.255.0 dialer1 Ping the address of your route - e.g 1.2.3.4 for the above route. If you've used a 'fake' address, the ping won't work, but it should bring up the ISDN link anyway. This is just basic routing stuff, so I assume it would work with 12.1. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 06/02/2001 08:44 am --- Elijah Savage [EMAIL PROTECTED]@groupstudy.com on 05/02/2001 12:53:32 pm Please respond to Elijah Savage [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "Cisco (E-mail)" [EMAIL PROTECTED] cc: Subject: ISDN Dialup Backup I support allot of customers with dedicated t1's and using isdn dialup backup. I have had some customers that want to test the dialup backup without taking the serial link down. I have noticed that on version 12.0 of the IOS you can take the dial backup command off the interface and ping the other side of the isdn link and make it come up and dial, this is great for not having a customer experience any down time. Well I was working on a 1720 on Friday with IOS 12.1 and this does not work. You actually have to take the serial link down to make the isdn dial. This is very inconvenient when you are setting up a new customer and you do not know if the isdn line is in place. Especially when setting up customers in Texas it seems like it takes an act of god to have someone at the phone company give you the right spids. I guess my question is this, does anyone know if this was a feature Cisco had in IOS 12.0 and removed it from later versions or if this was a bug in the 12.0 IOS. I have another engineer at work that swares it is a bug to be able to take the dial backup command off and make the link dial up. Any ideas? Or any other ways I am overlooking in making the backup link come up without having to take a customer down? Elijah _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Idle timer followup
A couple of weeks ago I was looking for an alternative to 'show dialer' to display the value of the idle timer in IOS 12.1 on an AS5300. I found an answer. For those who are interested, 'show int' now shows the information (at least on an AS5300). It is also much easier to determine which interface is bound to what. JMcL router1#sh int Dialer7 is up, line protocol is up Hardware is Unknown Interface is unnumbered. Using address of Loopback0 (x.x.x.x) MTU 1500 bytes, BW 512 Kbit, DLY 2 usec, reliability 255/255, txload 198/255, rxload 142/255 Encapsulation PPP, loopback not set Time to interface disconnect: idle 00:01:59 -- Idle timer :-) Interface is bound to Se0:23 Interface is bound to Se0:24 Interface is bound to Se0:25 Interface is bound to Se0:26 Interface is bound to Se0:27 Interface is bound to Se0:28 Interface is bound to Se0:29 Interface is bound to Se0:30 LCP Open, multilink Open Open: IPCP, CDPCP, IPXCP Last input 00:00:00, output never, output hang never Last clearing of "show interface" counters 1w2d [stats snipped] Bound to: Serial0:23 is up, line protocol is up [all the usual guff snipped] Timeslot(s) Used:24, Transmitter delay is 0 flags _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Urgent .... ISDN Help
Without checking too deeply... Try changing BRI 1/1 to associate with dialer rotary-group 2 instead of rotary-group 1. Your dialer 2 interface isn't being used at the moment. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 30/01/2001 04:05 pm --- "Magdy H. Ibrahim" [EMAIL PROTECTED]@groupstudy.com on 30/01/2001 01:01:13 am Please respond to "Magdy H. Ibrahim" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: Urgent ISDN Help Dear all, Please Help me.. I have a big problem related with ISDN. I have 2600 router with 8 bri ports, right, and I want to install two bri ports with to PC dialup connection ove ISDN ofcourse. the first customer is already connected. I tried to connect the second customer by using the same configuration of the first one but I failed to establish the connection. the configuration as the following: the first one conf. is: interface BRI1/0 description connected to Dial-inPCs(ISDN) no ip address no ip directed-broadcast encapsulation ppp no ip mroute-cache ip policy route-map r2000 dialer rotary-group 1 isdn switch-type basic-net3 no fair-queue no cdp enable ! interface Dialer1 description connected to Dial-inPCs(ISDN) ip unnumbered Ethernet0/0 no ip directed-broadcast encapsulation ppp no ip split-horizon ip policy route-map r2000 keepalive 3600 dialer in-band dialer load-threshold 1 either dialer-group 1 peer default ip address pool ISDNUSERS no fair-queue no cdp enable ppp authentication chap pap callin ppp multilink ! ip local pool ISDNUSERS 212.3.61.104 ip default-gateway 212.3.61.100 ! I added the following conf for the second bri1/1 But it didnot work: interface BRI1/1 description connected to Dial-inPCs(ISDN) no ip address no ip directed-broadcast encapsulation ppp no ip mroute-cache ip policy route-map r2000 dialer rotary-group 1 isdn switch-type basic-net3 no fair-queue no cdp enable ! interface Dialer2 description connected to Dial-inPCs(ISDN) ip unnumbered Ethernet0/0 no ip directed-broadcast encapsulation ppp no ip split-horizon ip policy route-map r2000 keepalive 3600 dialer in-band dialer load-threshold 1 either dialer-group 1 peer default ip address pool ISDNUSERS2 no fair-queue no cdp enable ppp authentication chap pap callin ppp multilink ! ip local pool ISDNUSERS2 212.3.61.108 ip default-gateway 212.3.61.100 Can any one have any Idea to fix this problem ??? Regards, Magdy _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Early Token release
My memory of Tolkien Ring is a touch rusty, but I believe "One ring to rule them all, one ring to find them" implies a rather hierarchical protocol. "One ring to bring them all and in the darkness bind them" I would say rules out the use of fibre. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 29/01/2001 02:05 pm --- "Howard C. Berkowitz" [EMAIL PROTECTED]@groupstudy.com on 29/01/2001 11:43:33 am Please respond to "Howard C. Berkowitz" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: Re: Early Token release There's something profoundly Tolkien-ish in this. But I shouldn't make a hobbit of such comments. multiple frames , one token -- (1) flem --- Faisal Athar [EMAIL PROTECTED] wrote: Hi, Please solve my confusion for this as I am getting different answers from different resources.. Early token release (1) allows one token and more than one frames. (2) Allows more than one token and more than one frames. (3)allows more than two tokens and one data frame. Thanks a lot in advance... Faisal. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Docs CD - where is it?
You could try buying hardware :-) An expensive way of getting a CD, but I believe they still whack them in with every box (sort of like the free steak knives) JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 29/01/2001 02:21 pm --- "Bob Vance" [EMAIL PROTECTED]@groupstudy.com on 26/01/2001 07:32:18 am Please respond to "Bob Vance" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "CISCO_GroupStudy List \(E-mail\)" [EMAIL PROTECTED] cc: Subject: Docs CD - where is it? Has Cisco discontinued the Docs CD? (I used to get one quarterly as part of the consultant program -- I still have access to the Web site and the online doco there. ) If not, how do you get it? - Tks | mailto:[EMAIL PROTECTED] BV | mailto:[EMAIL PROTECTED] Sr. Technical Consultant, SBM, A Gates/Arrow Co. Vox 770-623-3430 11455 Lakefield Dr. Fax 770-623-3429 Duluth, GA 30097-1511 = _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Logging error
The formatting makes it a bit confusing, but they look to me like completely separate log messages - look at the timestamps. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 29/01/2001 02:12 pm --- "Roberts, Timothy" [EMAIL PROTECTED]@groupstudy.com on 27/01/2001 08:49:17 am Please respond to "Roberts, Timothy" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "'[EMAIL PROTECTED]'" [EMAIL PROTECTED] cc: Subject: Logging error Why would the log tell me that my Ethernet went down and report my serial IP address? Serial INT IP Major Fri Jan 26 12:56:17 xxx.xxx.xxx.xxx Jan 26 12:53:44 xxx.xxx.xxx.xxx xxx: Jan 26 13:51:13: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to down _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
But isn't that the routers job???
I'm sure that somebody else will give a much more complete answer, but in a nutshell... Don't forget that there is more than one component to 'routing'. The 'routing process' (I'm using Cisco terms out of my rather old CIT notes here, which in my opinion are thoroughly confusing in this context) identifies the best path to a destination. This is what OSPF, EIGRP, etc etc do. The routing process builds the routing table. The switching process (we're still talking about routers here) moves traffic from an input interface to an output interface. It uses the routing table to work out which interface is the output interface. It is the switching process (i.e. moving packets, based on information in the routing table) that is offloaded to the SP. The RP still does the routing process (i.e. working out where to move the packets - building the routing table). JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 23/01/2001 09:17 pm --- [EMAIL PROTECTED]@groupstudy.com on 23/01/2001 03:05:02 pm Please respond to [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: But isn't that the routers job??? Hey Group, Me again. I'm reading for my CIT and am at the section where it goes into detail of the various switching methods in the router (i.e., silicon, CEF, autonomous, etc.) I understand how all this works and understand how the SP takes a lot of the stress away from the RP and this is good because your avoiding bogging the RP/CPU down. I have a problem with these statements though and want some clarification... Taken form the book (Lammle's CIT p. 173): "This is just another reason why switching is such a good practice. Why burden the RP with every packet if it's not necessary? By using switching methods, the RP is free to use valuable CPU time on more important things than doing route lookups for every packet that comes in the router." Correct me if I'm wrong but isn't that what a routers supposed to do??? What else does the RP have to do that is more important than ROUTING? I may be overanalyzing this but it just seems that he's saying that the RP has better things to do like make coffee, rather than route. Basically, could somebody give me a list of some other things the RP/CPU has to do other than route lookups...(I know there are access-lists and other CPU things here, I just would like a solid list to remember). Thanks team, Mark Zabludovsky ~ CCNA, CCDA, 3/4-NP A HREF="mailto: [EMAIL PROTECTED]"[EMAIL PROTECTED]/A "Even if I knew I had only 1 more week to live, I would still schedule my CCIE lab. I would just have to work a little harder I guess. After all, without any goals in life, I'm dead already." ~Mark Zabludovsky~ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN idle-timer
Erick, Thanks for passing on the question. sh is act doesn't help much either. router1#sh is act ISDN ACTIVE CALLS CallCalling Called Remote Seconds Seconds Seconds Charges TypeNumber Number NameUsedLeftIdleUnits/Currency Out xx router2 1890 - - 0 I'd be interested in getting feedback from others regarding what IOS versions/platforms show the idle-timer in the 'show dialer' command, and which don't. Is anyone else running 12.1 with ISDN? What platform? What shows up with 'show dialer'? JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 22/01/2001 09:14 am --- "Erick B." [EMAIL PROTECTED]@groupstudy.com on 19/01/2001 05:04:31 pm Please respond to "Erick B." [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] cc: Subject: Re: ISDN idle-timer Hi, Have you tried 'show isdn act' ? I haven't done it on a AS5300 but that shows a listing of active calls with phone #, time up, idle time remaining, etc. I also asked your question on the Cisco-NAS mailing list which is more access-server related. --- [EMAIL PROTECTED] wrote: In IOS 11.2, a 'show dialer' shows the time until disconnect, as below... Serial2/0:9 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is physical layer up Interface bound to profile Dialer1 Time until disconnect 118 secs -- idle timer value Connected to xx (router1) I find the idle-timer very useful when troubleshooting. However I am playing with an AS5300 running IOS 12.1(4), and it doesn't give the value of the idle-timer. Serial0:30 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is data link layer up Dial reason: ip (s=x.x.x.x, d=x.x.x.x) Interface bound to profile Di2 Current call connected 00:05:14 Connected to xx (router2) I've checked the CCO command reference for 12.1, and it still shows the 'time until disconnect' line in the doco. I can't see any matching bugs on Bug Search. Has anyone come across this before? Bug, or 'feature'? Is it restricted to the AS5300? And... has anyone found this information in any other command?? Ta, JMcL _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Remote Telnet access via dial-up
My first thought when I read the mail was that while it is certainly a useful tip, I would want to be very clear on the site's security policy before doing this. If they are tight on security (which they may be if Internet access is not available), then opening up an unauthorised backdoor connection to the internal network, and inviting a third party to use it, could be a seriously career limiting move. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 19/01/2001 11:19 am --- Priscilla Oppenheimer [EMAIL PROTECTED]@groupstudy.com on 19/01/2001 09:30:09 am Please respond to Priscilla Oppenheimer [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "J Roysdon" [EMAIL PROTECTED] [EMAIL PROTECTED] cc: Subject: Re: Remote Telnet access via dial-up Sounds like a helpful troubleshooting method but what were the security risks? Thoughts, anyone? Priscilla At 10:31 PM 1/17/01, J Roysdon wrote: Today I was a site w/o internet access, but I needed to get Cisco into it to save time relaying commands and information. I had a dial-up connection out to my ISP, and then thought about the built-in Telnet server that Windows 2000 Professional has. I made a quick guest account for Cisco, and told them my dial-up IP, which they could connect to, and then once telnetted into my workstation, they were able to telnet out my NIC to the routers they needs to get to. Only catch is that you can only have one session up through it (enough for us): Microsoft (R) Windows (TM) Version 5.00 (Build 2195) Welcome to Microsoft Telnet Service Telnet Server Build 5.00.99201.1 login: cisco password: * Microsoft Windows Workstation allows only 1 Telnet Client License Server has closed connection When they were done, I just disabled the Cisco account. Rather handy now that I have it. I've run into a lot of troubleshooting where it was a real pain not to have internet access for Cisco to get in (or I didn't control the customer's firewall, etc.). After a successful telnet: *=== Welcome to Microsoft Telnet Server. *=== C:\telnet 192.168.45.253 Connecting To 192.168.45.253... -- Jason Roysdon, CCNP/CCDP, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN idle-timer
In IOS 11.2, a 'show dialer' shows the time until disconnect, as below... Serial2/0:9 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is physical layer up Interface bound to profile Dialer1 Time until disconnect 118 secs -- idle timer value Connected to xx (router1) I find the idle-timer very useful when troubleshooting. However I am playing with an AS5300 running IOS 12.1(4), and it doesn't give the value of the idle-timer. Serial0:30 - dialer type = ISDN Idle timer (120 secs), Fast idle timer (20 secs) Wait for carrier (30 secs), Re-enable (15 secs) Dialer state is data link layer up Dial reason: ip (s=x.x.x.x, d=x.x.x.x) Interface bound to profile Di2 Current call connected 00:05:14 Connected to xx (router2) I've checked the CCO command reference for 12.1, and it still shows the 'time until disconnect' line in the doco. I can't see any matching bugs on Bug Search. Has anyone come across this before? Bug, or 'feature'? Is it restricted to the AS5300? And... has anyone found this information in any other command?? Ta, JMcL _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Remote Telnet access via dial-up
I recently spent quite a bit of time working with the TAC to solve a problem. Yes, they wanted to dial into the network to 'have a look'. When I asked what they were looking for, they couldn't tell me. I am well aware that, when tracking down a problem, it can be very useful to just 'have a look', without really knowing what you are looking for. I do it all the time :-) However, since they couldn't (or wouldn't) even give me any hints on what they expected to be doing, they didn't get access. I could send them log output etc via email and they received it quickly enough that we could work together over the phone (the speed of incoming mail to me was another issue altogether but not really a problem). In any case, I've done a fair bit of troubleshooting over the phone, sometimes with completely non-technical people running the 'hands on'. Slower than telnetting in yourself? Sure. But it works, and sometimes it's the only option. And it's VERY good practice for remembering commands and what output they produce ;-) JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 19/01/2001 04:38 pm --- "Chuck Larrieu" [EMAIL PROTECTED]@groupstudy.com on 19/01/2001 12:39:45 pm Please respond to "Chuck Larrieu" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "Priscilla Oppenheimer" [EMAIL PROTECTED] [EMAIL PROTECTED] cc: Subject: RE: Remote Telnet access via dial-up Cisco TAC always wants to telnet in to troubleshoot when working a ticket. One alternative is to e-mail your configs to them, at which point maybe they will get back to you with some resolution in a time frame you can live with. Fact is that the internet makes things so damn convenient for us. Most time most people just don't consider the implications. While it may be true that some places have security policies, reasonable of otherwise, the fact is that most places don't, most managements don't want to be bothered, and most users don't want to be inconvenienced. Chuck BTW - nice to see you again, Priscilla. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Priscilla Oppenheimer Sent: Thursday, January 18, 2001 4:38 PM To: [EMAIL PROTECTED] Subject: Re: Remote Telnet access via dial-up At 11:11 AM 1/19/01, Tony van Ree wrote: Hi, As long as the appropriate security/passwords are set it is probably every bit as good as any other form of remote access. Remember that this wasn't CHAP or even PAP. It was Telnet. The Telnet password both to reach his PC and to reach the routers is unencrypted. How was the enable password sent? The characters were typed and sent unencrypted. Getting a Sniffer to the right place to catch this would be hard, but not impossible. Hopefully he will change the password used to reach his PC, but it's not likely he'll change the router VTY and enable passwords. So what did the Cisco engineers to when they Telnetted into this back door to configure the routers? Did they do show run by any chance? Yeah, I just got the complete configuration of the customer's routers. That is unencrypted also. And don't say, well it's Telnet so it's one character at a time which would make understanding it difficult. Responses in Telnet are not one character at a time. The output of show run would be send in TCP segments using the IP MTU. It would be very easy to understand. I don't think most customers would even let him do what he did. A lot of customers wouldn't have an analog phone line for him to use to dial up his ISP. Analog phone-line backdoors are an infamous no-no. I'd love to hear someone else's opinion too. Isn't anyone else as shocked as I am? Priscilla On Thursday, January 18, 2001 at 02:30:09 PM, Priscilla Oppenheimer wrote: Sounds like a helpful troubleshooting method but what were the security risks? Thoughts, anyone? Priscilla At 10:31 PM 1/17/01, J Roysdon wrote: Today I was a site w/o internet access, but I needed to get Cisco into it to save time relaying commands and information. I had a dial-up connection out to my ISP, and then thought about the built-in Telnet server that Windows 2000 Professional has. I made a quick guest account for Cisco, and told them my dial-up IP, which they could connect to, and then once telnetted into my workstation, they were able to telnet out my NIC to the routers they needs to get to. Only catch is that you can only have one session up through it (enough for us): Microsoft (R) Windows (TM) Version 5.00 (Build 2195) Welcome to Microsoft Telnet Service Telnet Server Build 5.00.99201.1 login: cisco password: * Microsoft Windows Workstation allows only 1 Telnet Client License Server has closed connection When they were done, I just disabled the Cisco account. Rather handy now that I have it. I've run into a lot of troubleshooting where it was a real pain not to have internet ac
why pri call failed
It looks like your service may not be properly active. Usually, if you have a PRI service that is active but has no calls, debug isdn q921 will give you something like ISDN Se1:15: RX - RRp sapi = 0 tei = 0 nr = 0 ISDN Se1:15: TX - RRf sapi = 0 tei = 0 nr = 0 ISDN Se1:15: TX - RRp sapi = 0 tei = 0 nr = 0 ISDN Se1:15: RX - RRf sapi = 0 tei = 0 nr = 0 You're exchanging SABMEs and UAs between your router and your switch instead, which doesn't look healthy. I came across one of our links recently that showed as happy with 'show isdn status', but debug isdn q921 showed a similar output to yours - it was exchanging SABMEs and UAs instead of RRs (and it wouldn't accept or make calls, either). When I shut and no shut the controller and D channel, it didn't fix the problem, but at least the router worked out it was broken and reported it as such with 'show isdn status' :-) JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 18/01/2001 09:41 am --- "Frank" [EMAIL PROTECTED]@groupstudy.com on 16/01/2001 12:30:52 am Please respond to "Frank" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: why pri call failed I connect a AS5300 (4 E1/PRI) with a PRI line from the switch, after I"deb isdn q931""deb isdn q921",i run "csim start ***"to simulate a call,and i got the following result,and the call setup failed, why? 1d03h: ISDN Se0:15: RX - SABMEp c/r = 1 sapi = 0 tei = 0 1d03h: ISDN Se0:15: TX - UAf c/r = 1 sapi = 0 tei = 0 1d03h: ISDN Se0:15: RX - SABMEp c/r = 1 sapi = 0 tei = 0 1d03h: ISDN Se0:15: TX - UAf c/r = 1 sapi = 0 tei = 0 1d03h: ISDN Se0:15: RX - SABMEp c/r = 1 sapi = 0 tei = 0 1d03h: ISDN Se0:15: TX - UAf c/r = 1 sapi = 0 tei = 0 1d03h: ISDN Se0:15: TX - INFOc sapi = 0 tei = 0 ns = 0 nr = 0 i = 0x080200 2A0504038090A31803A9839F7009803632303836353439 1d03h: SETUP pd = 8 callref = 0x002A 1d03h: Bearer Capability i = 0x8090A3 1d03h: Channel ID i = 0xA9839F 1d03h: Called Party Number i = 0x80, '62086549', Plan:Unknown, Type:Unkn own 1d03h: ISDN Se0:15: RX - SABMEp c/r = 1 sapi = 0 tei = 0 1d03h: ISDN Se0:15: Event: Syncing Discards: L2 Discards 124, L2D_Task Counter 1 23 1d03h: ISDN Se0:15: RX - SABMEp c/r = 1 sapi = 0 tei = 0 1d03h: ISDN Se0:15: TX - UAf c/r = 1 sapi = 0 tei = 0 1d03h: ISDN Se0:15: RX - SABMEp c/r = 1 sapi = 0 tei = 0 1d03h: ISDN Se0:15: TX - UAf c/r = 1 sapi = 0 tei = 0 1d03h: ISDN Se0:15: RX - SABMEp c/r = 1 sapi = 0 tei = 0 1d03h: ISDN Se0:15: TX - UAf c/r = 1 sapi = 0 tei = 0 1d03h: ISDN Se0:15: TX - INFOc sapi = 0 tei = 0 ns = 0 nr = 0 i = 0x080200 2A0504038090A31803A9839F7009803632303836353439 1d03h: SETUP pd = 8 callref = 0x002A 1d03h: Bearer Capability i = 0x8090A3 1d03h: Channel ID i = 0xA9839F 1d03h: Called Party Number i = 0x80, '62086549', Plan:Unknown, Type:Unkn own 1d03h: ISDN Se0:15: TX - INFOp sapi = 0 tei = 0 ns = 0 nr = 0 i = 0x080200 2A0504038090A31803A9839F7009803632303836353439 1d03h: SETUP pd = 8 callref = 0x002A 1d03h: Bearer Capability i = 0x8090A3 1d03h: Channel ID i = 0xA9839F 1d03h: Called Party Number i = 0x80, '62086549', Plan:Unknown, Type:Unkn own 1d03h: ISDN Se0:15: RX - SABMEp c/r = 1 sapi = 0 tei = 0 1d03h: ISDN Se0:15: Event: Syncing Discards: L2 Discards 125, L2D_Task Counter 1 24 1d03h: ISDN Se0:15: RX - SABMEp c/r = 1 sapi = 0 tei = 0 1d03h: ISDN Se0:15: TX - UAf c/r = 1 sapi = 0 tei = 0 if i just "deb isdn event" i got the following 1d03h: ISDN Se0:15: Outgoing call id = 0x802D, dsl 0 1d03h: ISDN Se0:15: process_pri_call(): call id 0x802D, number 62086443, speed - 1, call type VOICE 1d03h: building outgoing channel id for call nfas_int is 0 len is 0 1d03h: ISDN Se0:15: Event: Syncing Discards: L2 Discards 112, L2D_Task Counter 1 11 1d03h: ISDN Se0:15: Event: Syncing Discards: L2 Discards 113, L2D_Task Counter 1 12 csim err csimDisconnected recvd DISC cid(38) csim: loop = 1, failed = 1 csim: call attempted = 1, setup failed = 1, tone failed = 0 cisco# 1d03h: CC_CHAN_ReleaseChanpri for DSL 0 B-chan 31 1d03h: CCPRI_ReleaseChan released b_dsl 0 B_Chan 31 1d03h: ISDN Se0:15: CCPRI_ReleaseCall(): bchan 0, call id 0x802D, call type VOIC E 1d03h: ISDN Se0:15: LIF_EVENT: ces/callid 1/0x802D CALL_REJECTION 1d03h: ISDN Se0:15: LIF_EVENT: ces/callid 1/0x802D CALL_CLEARED 1d03h: ISDN Se0:15: Got a disconnect on a non-existent call (call id = 0x802D). 1d03h: This probably is a call that we placed that never got answered. 1d03h: ISDN Se0:15: ISDN_DISCON Voice cid 802D error 1d03h: ISDN Se0:15: Event: Syncing Discards: L2 Discards 114, L2D_Task Counter 1 13 what does "Syncing Discards"mean,and i am sure my dialplan is right and the called number does exist. Thanks Frank _ FAQ, list archives, and subscrip
RE: CertificationZone White Paper EIGRP ?
Phil, Doyle (Routing TCP/IP, volume 1) has a slightly more useful explanation. In the IGRP chapter (he doesn't dicuss EIGRP metrics much as he just refers back to the IGRP formula which is the same), he explains "If k5 is set to 0, the [k5/(reliability + k4)] term is not used". It implies that there are essentially two different formulae: [k1*BW + (k2 * BW)/(256-load) + k3 * delay] * [k5/(reliability + k4)] if k5 0, and [k1*BW + (k2 * BW)/(256-load) + k3 * delay] if k5 = 0. I agree with you on the maths :-) JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 16/01/2001 08:52 am --- Phil Barker [EMAIL PROTECTED]@groupstudy.com on 16/01/2001 04:46:09 am Please respond to Phil Barker [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cisco GroupStudy [EMAIL PROTECTED] cc: Subject: RE: CertificationZone White Paper EIGRP ? Thanks for that link Glen, It looks now like its me against the world. In the UK I would call K5 the nominator of this part of the equation and "reliability + k4" would be the denominator. If the nominator = 0 then the expression k5/(rel + k4) will be 0. As a result when multiplying by anything on the left will result in 0. I'm wondering if there is a difference in algebraic notation batween USA and UK or if I need to go back to school ? Regards, Phil. --- Glenn Johnson [EMAIL PROTECTED] wrote: http://www.cisco.com/warp/public/103/eigrp1.html -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Phil Barker Sent: Monday, January 15, 2001 11:59 AM To: cisco GroupStudy Subject: CertificationZone White Paper EIGRP ? I'm having trouble with the equation referenced on page 5 (A4) concerning the metric calculation. Ref Don Dettmore. If this equation is correct as it stands and K2=K4=K5=0 Then the Right Side of the equation will be 0, which when multiplied by whatever on the left side will equal 0. i.e metric = 0. I'm guessing a little that these two sides should be added together not multiplied ? Can anyone verify this ? I've cross checked this with Ivan Pepelnjak' book on EIGRP. Chapter 1, Page 10 "Computing a Composite Metric" appears to verify that the White Paper is CORRECT. They both suggest that if K5 = 0 then the Composite Metric = 0 ??? Ivan also suggests that if all K-Values are set to zero then the composite metric is always 1 ? Wether or not you add or multiply both sides together the composite metric will = 0. Anyway, there is also a typo below 108 should read 10^8 SNIP This differs from the bandwidth usage in OSPF, in which route cost, by default, derives from the sum of interface costs along the path. OSPF interface cost defaults to 108/interfaceBandwidth, where interfaceBandwidth is 1544 or the value of the interface bandwidth commands (with a value in kilobits). END SNIP Any thoughts ? Phil. Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: subnetting and tcp/ip and Private addressing Help!
Well, if the network isn't connected to the Internet, and isn't going to be, then you can use whatever addresses you like. Not recommended to use any old class A (just because requirements always change - you may have to merge with another network, you may need Internet connectivity in the future etc), but it will work. You can use NAT (Network Address Translation) or PAT (Port Address Translation) to translate your 'inside' network addresses (i.e. anything you choose) to legal assigned Internet addresses. This can be done either statically or dynamically. Not all protocols work with NAT; for example if the IP address is contained in the data portion of the application packet, NAT needs to be aware of that and needs to change it there as well (which may mean re-calculating checksums etc - messy). It is generally recommended (actually, I think it is universally recommended) that if you have a choice, use RFC1918 Private addresses if you're not using 'real' (i.e. allocated to you) addresses. These are address blocks set aside and not allocated to anybody. 10.0.0.0/8 is the class A address defined as a 'private' address block. Why might you use some other class A? Well, we use multiple unassigned class As in our internal network. It makes it easier to have an addressing scheme that uses the octet boundaries - you don't need to be able to think in binary to be able to work out what office a particular address refers to. On its own, that isn't a very good reason - but our network addressing scheme was implemented before RFC1918 came out, and it's a large, geographically distributed network with several hundred remote sites (very remote, some of them). The effort and pain that would be involved with re-addressing is, so far, greater than the effort and pain in working around the problems caused by using 'illegal' addresses. Sooner or later we're probably going to have to readdress, but personally I'm hoping somebody comes up with some other solution ;-) JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 16/01/2001 12:37 pm --- Jennifer Cribbs [EMAIL PROTECTED]@groupstudy.com on 16/01/2001 10:21:57 am Please respond to Jennifer Cribbs [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "John Pusledzki" [EMAIL PROTECTED] cc: [EMAIL PROTECTED] Subject: RE: subnetting and tcp/ip and Private addressing Help! There is such a thing as private addressing where you can have any address you want, but you usually have something set up at the router that dynamically assigns you an address space when you leave your network, such as out in the internet world. That way you remain legal... And the addressing within your network is your own business then. I do not know how this actually works, but I do know this is an option. I think I read something about NAT providing this service. The group would know about this. I do not. Chuck is a good one to ask on this issue... The question is how come someone can have a class a address that internic did not assign. Anybody?? Jen Have a Good Day!! Jennifer Cribbs [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: wrong subnet
I think what Natasha meant is that the address is completely legal, but it could still be the wrong address to use - if it contradicts the particular organisation's addressing standards, for example. Correct me if I'm wrong, Natasha (my mails are taking hours to get through at the moment so this will probably be resolved by the time this hits the list anyway :-) Dennis, why do you think the address is wrong? It looks OK from the information you've given us... JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 16/01/2001 04:39 pm --- "Eric Fairfield" [EMAIL PROTECTED]@groupstudy.com on 16/01/2001 12:49:25 pm Please respond to "Eric Fairfield" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: Re: wrong subnet How is it not correct? The subnet would be 10.1.244.0 with an address range of 10.1.244.1-10.1.245.254 with a broadcast address of 10.1.245.255. -- Eric Fairfield CCIE #6413 "Natasha" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... It may be legal but still not correct. One thing that seems a bit odd though, the gateway is generally a smaller number then the node. I've never seen it larger but hey I've seen stranger things. Natasha just a CCNA lol Eric Fairfield wrote: Looks legal to me. -- Eric Fairfield CCIE #6413 ""Dennis Ighomereho"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... hello everyone, someone has just given me an IP address to use which i think the subnet is wrong or know is wrong.can someone just confirm this. Ip address:10.1.245.253 mask: 255.255.254.0 gateway10.1.245.254 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OFF TOPIC - Where is everyone?
Go Raiders??? But the rugby league season hasn't started yet :-) Studying - no. Watching cricket (on the weekend, anyway) - yes. JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 15/01/2001 10:34 am --- "Chuck Larrieu" [EMAIL PROTECTED]@groupstudy.com on 15/01/2001 04:03:04 am Please respond to "Chuck Larrieu" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "Cisco Mail List" [EMAIL PROTECTED] "CCIE_Lab Groupstudy List" [EMAIL PROTECTED] cc: Subject: OFF TOPIC - Where is everyone? You bad boys and girls watching football today instead of studying? GO RAIDERS! :- Chuck http://www.1112.net/lastpage.html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]