Key chain question [7:1946]
Hi, For key chain which used for RIP/IGRP/EIGRP authentication purpose, if the time range of multiple key overlaps, which one actually takes effort? The first one or all of them. According to what CCO says: http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/np1_c /1cprt1/1ceigrp.htm There is a example in the bottom, figure 28, I don't understand why Router A send with key 2, and B send key 1, also it says A and B accept key 1 and 2, but I never made it work in my home lab. Any advice is appreciated, Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=1946&t=1946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Auto redistribution of static route in OSPF [7:2219]
Hi Group, If I define a static route with interface, and use "network xxx" in router rip/igrp domain, rip or igrp will automatically redistribute this route for it's treated as directed connected. But OSPF seems doesn't redistribute this when I do this, for example: router ospf 10 log-adjacency-changes network 118.0.0.0 0.255.255.255 area 1 network 192.168.0.0 0.0.255.255 area 1 ! ip classless ip route 192.168.80.0 255.255.255.0 GigabitEthernet1/1 It works after I add the mandatory redistribution command: redistribute static metric 10 Why it's different to rip and igrp? Thanks, Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=2219&t=2219 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IS-IS: Default route for L1 router [7:2485]
Hi, I have a question on case study on Doyle P.655. It says that in order to have a default route for IS-IS L1 router, the L1/L2 can have CLNS routing enabled, or have the following command: default-information originate My question is after tried this in my lab, I found even WITHOUT this command L1 router still got the L1 0.0.0.0/0 created, after I checked with IS-IS database, L1/L2 router actually doesn't have it included in LSP, so it seems that L1 router is able to parse that ATT bit and automatically create it in routing table. I don't have CLNS routing enabled either. The IOS version on L1 router is 11.3 and on L1/L2 is 12.1. After searching on CCO, the explaination of "default-information originate" command made me more confused, it says the default is only advertised in L2 LSPs if without a route-map, but in Doyle's case study router Brussels uses this command and send it to Amsterdam which is a L1 route, which one is correct ... Any help is appreciated, Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=2485&t=2485 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IS-IS: Default route for L1 router [7:2485]
Actually I have 1 L1/L2 which is in 12.1, and two L1 routers, one is in 11.3, another is also in 12.1 same as L1/L2, same result, no luck. Here is the topology, the links are all ethernet: E0/1 F2/3 G1/2 G1/2 -- NSX(L1) --- Corvette(L1/L2) -- Boxster(L1) -- Here is related config(trimmed): For NSX: version 11.3 clns routing interface Ethernet0/1 ip address 192.20.20.2 255.255.255.0 ip router isis router isis net 01.0050.731d.1941.00 is-type level-1 NSX#show ip ro i*L1 0.0.0.0/0 [115/10] via 192.20.20.1, Ethernet0/1 NSX# For Corvette: version 12.1 clns routing interface GigabitEthernet1/2 ip address 118.60.0.2 255.255.0.0 ip router isis isis circuit-type level-1 interface FastEthernet2/3 ip address 192.20.20.1 255.255.255.0 ip router isis isis circuit-type level-1 router isis net 01.0030.b636.fe61.00 For Boxster: version 12.1 clns routing interface GigabitEthernet1/2 ip address 118.60.0.1 255.255.0.0 ip router isis router isis net 01.00d0.97f2.8c8c.00 is-type level-1 Boxster#sh ip ro i*L1 0.0.0.0/0 [115/10] via 118.60.0.2, GigabitEthernet1/2 Boxster# I have loopback if defined in each router, but I don't think it's related to this. Thanks, Jerry - Original Message - From: "andyh" To: "Jerry Seven" ; Sent: Sunday, April 29, 2001 6:36 PM Subject: Re: IS-IS: Default route for L1 router [7:2485] > I would go with what works in your lab!! > > seriously - try putting 11.3 on both routers, then 12.1 on both, and then > reverse the 11.3/12.1 (so 12.1 on L1 and 11.3 on L2) and see what happens. > I would imagine that you can get away with not enabling CLNS if you have > IS-IS on just a P2P link - maybe not in a multi-router environment - are you > running off loopback interfaces, or just the physicals? > > I have had trouble with this in the past - albeit in a lab environment. I > am always dubious about adding default-originates to Link-State protocols, > especially in an ISP enviroment where you want a default-free environment - > messing with outbound route-maps is a pain in the arse . > > I will set this up in the lab again and see if I can nail it down once and > for all. > > hth > > Andy > > > - Original Message - > From: "Jerry Seven" > To: > Sent: Sunday, April 29, 2001 11:08 PM > Subject: IS-IS: Default route for L1 router [7:2485] > > > > Hi, > > > > I have a question on case study on Doyle P.655. It says that in order to > > have a default route for IS-IS L1 router, the L1/L2 can have CLNS routing > > enabled, or have the following command: > > > > default-information originate > > > > My question is after tried this in my lab, I found even WITHOUT this > command > > L1 router still got the L1 0.0.0.0/0 created, after I checked with IS-IS > > database, L1/L2 router actually doesn't have it included in LSP, so it > seems > > that L1 router is able to parse that ATT bit and automatically create it > in > > routing table. I don't have CLNS routing enabled either. The IOS version > > on L1 router is 11.3 and on L1/L2 is 12.1. > > > > After searching on CCO, the explaination of "default-information > originate" > > command made me more confused, it says the default is only advertised in > L2 > > LSPs if without a route-map, but in Doyle's case study router Brussels > uses > > this command and send it to Amsterdam which is a L1 route, which one is > > correct ... > > > > Any help is appreciated, > > > > Jerry > > > > > > _ > > Do You Yahoo!? > > Get your free @yahoo.com address at http://mail.yahoo.com > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=2511&t=2485 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
EIGRP: questions on "ip summary-address" command [7:3335]
Hi group, I'm get confused to this command, according to explaination in Routing TC/IP p724, the eigrp xx is where the summary address sent to, so in p380, the example on redistribute eigrp route to igrp domain, why the command can also be used, for we want to send the summary route to igrp but not eigrp process. Another question is in p726, the second paragraph from bottom says that ip summary-address only filter external routes, I reproduced this case study in my home lab, but on Snider I don't see 192.168.4.0, my IOS version are all 12.0. Any ideas? Thanks, Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3335&t=3335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP: questions on "ip summary-address" command [7:3335]
No, here is not the problem on auto-summary, remember the ip summary-route command has a supernet address, 192.168.0.0/16, so disabled auto-summary or not doesn't matter, it will always be suppressed. The point I want to clear is whether ip summary-address will suppress only external eigrp routes as Doyle said in that case study or both. Thanks, Jerry - Original Message - From: "EA Louie" To: "Jerry Smith" Cc: Sent: Sunday, May 06, 2001 4:04 PM Subject: Re: EIGRP: questions on "ip summary-address" command [7:3335] >oops, forget the 192.168.4.0 subnets - I just realized that autosummary was >enabled on eigrp 2. i>f Snider gets the individual network advertisement at all, it will be >192.168.4.0/24 because it was summarized by Robinson's eigrp 2. >-e- > make sure you redistributed ospf 1 into eigrp 1, and eigrp 1 into eigrp 2 on > Robinson. > > Also, do a clear ip route * and clear arp on Robinson and Snider and see if > the route to 192.168.4.0 reappears on Snider. > > If not, Doyle could be wrong on this one. His paragraph on 726 regarding > suppression (A point of interest in Snider's...) doesn't make sense, since > EIGRP summarization applies to ALL routes advertised by the source router > (Robinson), not *just* the routes redistributed into eigrp 2. > > If his statement were right, then I'd actually expect to see on Snider a > route of 192.168.4.0 subnetted with the /29 and /30 subnets instead of the > summary that he shows in the illustration. > > -e- > > - Original Message - > From: "Jerry Smith" > To: > Sent: Sunday, May 06, 2001 3:12 PM > Subject: Re: EIGRP: questions on "ip summary-address" command [7:3335] > > > > >Question #2 - That's a good troubleshooting exercise for you. do a > "debug > > >ip eigrp transactions" on Snider and Robinson to find out why the subnet > > >isn't being advertised in the routing table (hint: make sure your > summary > > >address didn't include that subnet) > > > > That's my point, see the config at the bottom of p725: > > > > interface serial1 > > ip address 172.16.2.21 255.255.255.252 > > ip summary-address eigrp 2 192.168.0.0 255.255.0.0 > > > > My understanding is 192.168.4.0/24 will be supressed by this summay > address > > when sent out from s1, Snider doesn't see this, but only 192.168.0.0/16, > > that's what I have seen from my test. > > > > Actually the case study "Address Aggregation" on p384 says the same thing, > I > > don't understand why p726 says 192.168.4.0/24 is still get forwarded. > > > > Thanks, > > Jerry > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3395&t=3335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP: questions on "ip summary-address" command [7:3335]
Yes, I did, that's what I don't understand. Anyone else who did the same test and saw the result same as Doyle described in his book? J - Original Message - From: "EA Louie" To: Sent: Sunday, May 06, 2001 11:30 PM Subject: Re: EIGRP: questions on "ip summary-address" command [7:3335] > I'm curious - did you do the debug and clear the arp and routing tables? > > If you did the debugs, what did they indicate for advertisement? That's the > way that you'll find out for sure about the suppression > > -e- > > - Original Message - > From: "Jerry Seven" > To: > Sent: Sunday, May 06, 2001 7:04 PM > Subject: Re: EIGRP: questions on "ip summary-address" command [7:3335] > > > > No, here is not the problem on auto-summary, remember the ip > summary-route > > command has a supernet address, 192.168.0.0/16, so disabled auto-summary > or > > not doesn't matter, it will always be suppressed. > > > > The point I want to clear is whether ip summary-address will suppress only > > external eigrp routes as Doyle said in that case study or both. > > > > Thanks, > > Jerry > > - Original Message - > > From: "EA Louie" > > To: "Jerry Smith" > > Cc: > > Sent: Sunday, May 06, 2001 4:04 PM > > Subject: Re: EIGRP: questions on "ip summary-address" command [7:3335] > > > > > > >oops, forget the 192.168.4.0 subnets - I just realized that autosummary > was > > >enabled on eigrp 2. > > > > i>f Snider gets the individual network advertisement at all, it will be > > >192.168.4.0/24 because it was summarized by Robinson's eigrp 2. > > > > >-e- > > > make sure you redistributed ospf 1 into eigrp 1, and eigrp 1 into eigrp > 2 > > on > > > Robinson. > > > > > > Also, do a clear ip route * and clear arp on Robinson and Snider and see > > if > > > the route to 192.168.4.0 reappears on Snider. > > > > > > If not, Doyle could be wrong on this one. His paragraph on 726 > regarding > > > suppression (A point of interest in Snider's...) doesn't make sense, > since > > > EIGRP summarization applies to ALL routes advertised by the source > router > > > (Robinson), not *just* the routes redistributed into eigrp 2. > > > > > > If his statement were right, then I'd actually expect to see on Snider a > > > route of 192.168.4.0 subnetted with the /29 and /30 subnets instead of > the > > > summary that he shows in the illustration. > > > > > > -e- > > > > > > - Original Message - > > > From: "Jerry Smith" > > > To: > > > Sent: Sunday, May 06, 2001 3:12 PM > > > Subject: Re: EIGRP: questions on "ip summary-address" command [7:3335] > > > > > > > > > > >Question #2 - That's a good troubleshooting exercise for you. do a > > > "debug > > > > >ip eigrp transactions" on Snider and Robinson to find out why the > > subnet > > > > >isn't being advertised in the routing table (hint: make sure your > > > summary > > > > >address didn't include that subnet) > > > > > > > > That's my point, see the config at the bottom of p725: > > > > > > > > interface serial1 > > > > ip address 172.16.2.21 255.255.255.252 > > > > ip summary-address eigrp 2 192.168.0.0 255.255.0.0 > > > > > > > > My understanding is 192.168.4.0/24 will be supressed by this summay > > > address > > > > when sent out from s1, Snider doesn't see this, but only > 192.168.0.0/16, > > > > that's what I have seen from my test. > > > > > > > > Actually the case study "Address Aggregation" on p384 says the same > > thing, > > > I > > > > don't understand why p726 says 192.168.4.0/24 is still get forwarded. > > > > > > > > Thanks, > > > > Jerry > > > > FAQ, list archives, and subscription info: > > > http://www.groupstudy.com/list/cisco.html > > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > > > > _ > > Do You Yahoo!? > > Get your free @yahoo.com address at http://mail.yahoo.com > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3429&t=3335 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
2502: Always initial configutation dialog in the boottime [7:4618]
Hi Group, I just got a 2502, it runs 10.3(16), I configured it and use "copy run start" to save it, but next time when I boot the box, I still got the initial configuration dialog: --- System Configuration Dialog --- At any point you may enter a question mark '?' for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. Would you like to enter the initial configuration dialog? [yes]: no I pressed no, then I found everything I configured before reload is not there. "show start" still shows correct config but it's not used, for "show run" gives me blank config. I know the image is quite old, but without solving this problem I couldn't upgrade it. Anyone know what's wrong here? Thanks, Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=4618&t=4618 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Always initial configutation dialog in the boottime [7:4621]
It's solved, the configuration register was set to 0x2142, after I changed to 0x2102, it works fine. Sorry for this, Jerry - Original Message - From: "Jerry Seven" To: Cc: "[EMAIL PROTECTED]" Sent: Tuesday, May 15, 2001 4:31 PM Subject: 2502: Always initial configutation dialog in the boottime > Hi Group, > > I just got a 2502, it runs 10.3(16), I configured it and use "copy run > start" to save it, but next time when I boot the box, I still got the > initial configuration dialog: > > --- System Configuration Dialog --- > > At any point you may enter a question mark '?' for help. > Use ctrl-c to abort configuration dialog at any prompt. > Default settings are in square brackets '[]'. > Would you like to enter the initial configuration dialog? [yes]: no > > I pressed no, then I found everything I configured before reload is not > there. "show start" still shows correct config but it's not used, for "show > run" gives me blank config. > > I know the image is quite old, but without solving this problem I couldn't > upgrade it. > > Anyone know what's wrong here? > > Thanks, > Jerry > _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=4621&t=4621 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP/RR: In which case we have loop without using CLUSTER_LIST. [7:6807]
Hi, I read the Halabi's book and RFC1966, still could not understand why without CLUSTER_LIST we may run into the problem of having routing loop inside the AS. According to the rule, RR should be full-meshed between all non-client neighbors, when a client route is redistributed to them by IBGP, these neighbors will not redistribute to others, except to its client if it is a RR also. So in which case we will receive the client route from outside of cluster? Am I missing something? Thanks, Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=6807&t=6807 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RIPv1: why /32 route is distributed [7:7010]
Hi Group, In this simple environment: 172.10.12.0/25 R1R2 I run RIPv1 between R1 and R2, the network in between is 172.10.12.0/25, on R1 I have loopback0 which is 172.10.0.1/32 and another network 172.10.11.0/28 directly connected, I saw R1 distributes route 172.10.0.1/32 to R2, but not 172.10.11.0/28. I understand that 172.10.11.0/28 should not be distributed, but why /32 route is distributed, on R2 I saw route 172.10.0.1/32, how does R2 correctly know the mask is 32 bits, for I run RIPv1, packet doesn't carry mask. I also tried redistribute other /32 routes from OSPF to R1, R1 also redistribute them to R2, why /32 routes are always redistributed out by RIP. The versions are all 12.0. Thanks, Jerry Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7010&t=7010 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: RIPv1: why /32 route is distributed [7:7010]
The routers I tested were in version 12.1T or 12.1E and also 12.0(1)T, I runs V1, for that's the default RIP config, to make sure, I added version 1 but no luck. After sent out the mail I tested another 1600 which runs 12.0(0.20)T, this guys runs differently -- doesn't propagate its loopback address, sounds like a IOS change in 12.X. Thanks, Jerry - Original Message - From: "Circusnuts" To: "Jerry Seven" ; Sent: Sunday, June 03, 2001 3:33 PM Subject: Re: RIPv1: why /32 route is distributed [7:7010] > The /32 Subnet Mask in your Show IP Route, is OSPF earmarking the loopbacks. > I believe it's 12.1 where this goes away, though I do not know what the > advantage would be. > > Phil > > - Original Message - > From: Jerry Seven > To: > Sent: Sunday, June 03, 2001 6:27 PM > Subject: RIPv1: why /32 route is distributed [7:7010] > > > > Hi Group, > > > > In this simple environment: > > > >172.10.12.0/25 > > R1R2 > > > > I run RIPv1 between R1 and R2, the network in between is 172.10.12.0/25, > on > > R1 I have loopback0 which is 172.10.0.1/32 and another network > 172.10.11.0/28 > > directly connected, I saw R1 distributes route 172.10.0.1/32 to R2, but > not > > 172.10.11.0/28. > > > > I understand that 172.10.11.0/28 should not be distributed, but why /32 > route > > is distributed, on R2 I saw route 172.10.0.1/32, how does R2 correctly > know > > the mask is 32 bits, for I run RIPv1, packet doesn't carry mask. > > > > I also tried redistribute other /32 routes from OSPF to R1, R1 also > > redistribute them to R2, why /32 routes are always redistributed out by > RIP. > > > > The versions are all 12.0. > > > > Thanks, > > Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7023&t=7010 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: [F.R.] What's the difference of multipoint subinterface to [7:7922]
- Original Message - From: Jerry Seven Sent: Sunday, June 10, 2001 3:05 PM Subject: [F.R.] What's the difference of multipoint subinterface to physical interface? Hi Group, I don't quite understand why we need multipoint subinterface, during my practice it seems that it's exactly the same to physical interface, what's the difference and in which case it's recommended but not physical interface? Thanks, Jerry Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=7922&t=7922 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Bridging: "no ip routing" and "no bridge xx route ip" [7:8917]
Hi All, I have a question on "no bridge xx route ip" command, what I want is to disable IP routing inside the bridge group, but I found after I use this command, router still routes the IP packets. My configuration is as follows: .2172.10.37.0/24.1.1172.10.36.0/24 .2 R7 R3 R6 The configuration on R7 and R6 as usual, no bridge group is configured on them, on R3, I have(stripped): bridge irb ! interface GigabitEthernet1/0/0 ip address 172.10.37.1 255.255.255.0 no ip route-cache distributed no ip mroute-cache load-interval 30 negotiation auto bridge-group 1 ! interface FastEthernet2/0/0 ip address 172.10.36.1 255.255.255.0 no ip route-cache distributed no ip mroute-cache half-duplex bridge-group 1 ! bridge 1 protocol ieee But on R7 I still could ping 172.10.36.2, after I use "no ip routing", then it failed, so my question what is the relationship between "no bridge xx route ip" and "no ip routing", why after I run the first command, ip routing is still enabled in the bridge group? Thanks, Jerry Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8917&t=8917 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Bridging: "no ip routing" and "no bridge xx route ip" [7:8981]
I think by default IRB bridges all protocols, include IP, that's what I get from CCO: http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/ibm_c /bcprt1/bctb.htm In this document there is a example named "Complex Integrated Routing and Bridging Example", it is very similar to my configuration, but it uses "bridge 1 route ip" in the end, I didn't use it and I still can route ip inside of the bridge group? Thanks, Jerry P routing is by default on when using IRB bridging. The only way to trun IP routing off is by the command you have done.! -----Original Message- From: Jerry Seven [mailto:[EMAIL PROTECTED]] Sent: 18 June 2001 06:19 To: [EMAIL PROTECTED] Subject: Bridging: "no ip routing" and "no bridge xx route ip" [7:8917] Hi All, I have a question on "no bridge xx route ip" command, what I want is to disable IP routing inside the bridge group, but I found after I use this command, router still routes the IP packets. My configuration is as follows: .2172.10.37.0/24.1.1172.10.36.0/24 .2 R7 R3 R6 The configuration on R7 and R6 as usual, no bridge group is configured on them, on R3, I have(stripped): bridge irb ! interface GigabitEthernet1/0/0 ip address 172.10.37.1 255.255.255.0 no ip route-cache distributed no ip mroute-cache load-interval 30 negotiation auto bridge-group 1 ! interface FastEthernet2/0/0 ip address 172.10.36.1 255.255.255.0 no ip route-cache distributed no ip mroute-cache half-duplex bridge-group 1 ! bridge 1 protocol ieee But on R7 I still could ping 172.10.36.2, after I use "no ip routing", then it failed, so my question what is the relationship between "no bridge xx route ip" and "no ip routing", why after I run the first command, ip routing is still enabled in the bridge group? Thanks, Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=8981&t=8981 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NTP: Question on authentication [7:12213]
NTP gurus, I have two routers, R2 is configured to be NTP server, R7 is NTP client, I set the authentication on the server side, on client only the basic config, but client can still synchronize to the server: R2#sh run | be ntp ntp authentication-key 10 md5 02070658 7 ntp authentication-key 20 md5 12180416 7 ntp authenticate ntp trusted-key 10 ntp trusted-key 20 ntp clock-period 17179824 ntp update-calendar ntp server 172.10.27.3 key 20 end R2# -- R7#sh run | be ntp ntp clock-period 17180004 ntp server 172.10.27.1 end R7#sh ntp s Clock is synchronized, stratum 10, reference is 172.10.27.1 nominal freq is 250. Hz, actual freq is 249.9980 Hz, precision is 2**24 reference time is BEF831D9.8D762DCD (07:25:29.552 PDT Thu Jul 12 2001) clock offset is -62.3280 msec, root delay is 3.46 msec root dispersion is 939.09 msec, peer dispersion is 0.46 msec R7# I turned on the NTP debug, the packet R7 sent to R2 doesn't have any authentication key, why R2 still accept it? The images are 12.0. Thanks, Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=12213&t=12213 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
What's the relationship between SAP and EIGRP/NLSP? [7:16884]
Hi, This one really confused me. I know SAP is a protocol that carris IPX server information, it's in protocol type 4 and is needed when running IPX RIP. My question is when EIGRP or NLSP is running, do they already have the SAP information in their packets or we still need to run SAP exchange? The reason is CCO says EIGRP supports SAP incremental mode, seems to be a different mode, also NLSP has three SAP modes: on|off|auto, this implies by default NLSP is not using "SAP compatible" mode. I also have another question on the following IPX SAP filters: "ipx input-sap-filter" "ipx output-sap-filter" "ipx router-sap-filter" Are they only for RIP/SAP or for EIGRP/SAP and NLSP/SAP as well? Any response is appreciated, Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=16884&t=16884 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
How do I filter traffic on Cat5k based on IP addre [7:26776]
Hi, I'm wondering if anybody knows the answer, port security is based on MAC address, do we have other alternative based on IP address? Thanks, J _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=26776&t=26776 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
How do I give priority to the SNA 3270 [7:18720]
Hi Group, I'm working on a lab scenario, the question is that one dlsw router needs to configure queueing so that "give priority to the SNA 3270 traffic over the NetBIOS traffic, Make sure that if the serial link becomes congested that all SNA are delivered first". I don't know in priority queueing how could I differentiate these two traffic, any help is appreciated. BTW, this is not from real lab, I haven't taken it yet. Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18720&t=18720 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How do I give priority to the SNA 3270 [7:18720]
Howard, The question is on SNA and NetBIOS are both DLSw+ payload,When use priority queue we could only use ACL for IP traffic, and in IP ACL how could you differentiate payload if it's a SNA or NetBIOS? Thanks, Jerry From: "Howard C. Berkowitz" Subject: Re: How do I give priority to the SNA 3270 [7:18720] Date: Wed, 5 Sep 2001 23:29:18 -0400 > >Hi Group, > > > >I'm working on a lab scenario, the question is that one dlsw router needs to > >configure queueing so that "give priority to the SNA 3270 traffic over the > >NetBIOS traffic, Make sure that if the serial link becomes congested that > >all SNA are delivered first". > > > >I don't know in priority queueing how could I differentiate these two > >traffic, any help is appreciated. > > > >BTW, this is not from real lab, I haven't taken it yet. > > > >Jerry > > > Some hints: > > How do DLSW (and, for that matter, RSRB) encapsulate SNA and NetBIOS? > What is different in an encapsulated packet? > > If there were differences in priority among RSRB or DLSW, how would > the encapsulated packets differ? _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18893&t=18720 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Question on route loop when using OSPF demand circuit [7:22076]
Hi Group, When viewing CCIE power session presentation of Networkers 2000, I could not understand why you could form route loop when using ospf demand circuit. Here is the example given there: interface BRI0 ip ospf 1.1.1.1 255.255.255.0 ip ospf demand-circiut ! router ospf 10 redistribute rip subnets network 1.1.1.1 0.0.0.0 area 5 ! router rip redistribute connected network 3.0.0.0 default-metric 3 The power session could be found at http://www.ieng.com/networkers/nw00/pres/3304/3304_c1_sec7.pdf thanks, J _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=22076&t=22076 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Two questions on DLSw+ [7:22297]
Hi, I'm working on some scenarios, two questions I could not answer: 1) How to reset dlsw connections without altering the configuration of dlsw? 2) on dlsw router, only allow NetBIOS names that contains the letter CISCO to be advertised to it's peer. I know I could use netbios host acl, but you could only define the pattern that start from CISCO, not any string that contain CISCO. Am I right? Any responses are appreciated, Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=22297&t=22297 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
SPF timer in OSPF [7:23834]
Hi, In OSPF, is SPF algorithms running periodically or just invoked when route change happens? If the first one is true, what's the command to change it? I saw "timer spf" in CCO, but seems for other purpose. Thanks, Jerry _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=23834&t=23834 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SPF timer in OSPF [7:23834]
Actually my question comes from one scenario of ipexpert lab, it's http://www.ipexpert.net/products/pdf/Section203Portion.pdf You could see in OSPF part "Change SPF on R5 so if will only occur every 30 seconds". If it's happens only route changes, what this "every" means? J - Original Message ----- From: "malay patel" To: "Jerry Seven" ; Sent: Monday, October 22, 2001 7:26 PM Subject: Re: SPF timer in OSPF [7:23834] > FYI, > > I belive, SPF algorithms calculates new routing table > when ever there are changes. > > Malay Patel > > --- Jerry Seven wrote: > > Hi, > > > > In OSPF, is SPF algorithms running periodically or > > just invoked when route > > change happens? If the first one is true, what's > > the command to change it? > > I saw "timer spf" in CCO, but seems for other > > purpose. > > > > Thanks, > > Jerry > > > > > > > _ > > Do You Yahoo!? > > Get your free @yahoo.com address at > > http://mail.yahoo.com > [EMAIL PROTECTED] > > > __ > Do You Yahoo!? > Make a great connection at Yahoo! Personals. > http://personals.yahoo.com _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=23912&t=23834 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
SRB and 3920 questions, please help [7:24734]
Hi, I have several Token ring switch questions: Router R1 has interface To0 connects to token ring network, and it's the only device on it besides 3920, on 3920 I configured the bridge number 1 and vlan 10 for TrBRF, ring number 2 and vlan 20 for TrCRF. Questions: 1) Why should I configure vlans for TrBRF and TrCRF, what are they for? 2) If I enable SRB on R1, what's the bridge number and ring number should I choose in order to be consistent to 3920 configuration? Should I use different bridge ID and same ring ID as follows: source-bridge ring-group 100 interface To0 source-bridge 2 2 100 Any help is greatly appreciated, J _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=24734&t=24734 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SRB and 3920 questions, please help [7:24734]
Fred, Thanks for your reply. So in my case I just need to use ring 2 as source ring, choose any number for bridge number and terminator ring, that's it, right. I have another two questions: 1) in the following scenario, on 3920 two TrCRFs are created, in ring number 1 and 2 respectively, they belong to one TrBRF with bridge number 0xF: R1 Ring 1 3920 Ring 2 R2 Let's say on R1, is the following config ok? source-bridge ring-group 100 interface To0 source-bridge 1 1 100 source-bridge spanning multiring all I can not use 0xF for the internal bridge number of R1, right? 2) When should I use SRB for TrCRF on 3920, and when to use SRT? If I use the above config for R1, and configure SRT on 3920 for ring 1, will it work? J - Original Message - From: "Fred Ingham" To: "Jerry Seven" Cc: Sent: Monday, October 29, 2001 11:50 PM Subject: Re: SRB and 3920 questions, please help [7:24734] > Jerry: The way the Token Ring VLANs are set up there is a parent VLAN > and a child VLAN. The TrBRF is the parent, the TrCRF is the child. The > TrBRF is the virtual bridge, TrCRF's belong to a given TrBRF. 3920 > ports are assigned to a TrCRF. The VLAN IDs are used internally on the > 3920 and are independent from the bridge or ring numbers. There is a > good tuitorial on the CD or CCO under the 3920 section. > > When you have two To interfaces, you can have them on the same ring or > on different rings. For the same ring: Configure the TrBRF first, this > is the parent vlan. Assign a bridge number (default is F) and a vlan > id. Next configure a TrCRF, this is the child vlan. Assign a vlan ID, > tie it to the TrBRF, and configure the ring number (in hex), and the > bridging mode (SRT or SRB). Next assign ports to the TrCRF. If you > assign multiple ports to the TrCRF they are on the same ring. > > With the single TrBRF defined you can tie multiple TrCRF's to it with > different ring numbers. These will be bridged. There is no router > interface configuration necessary > other than ring speed to bridge between the two rings. You can give the > To interfaces and the TrBRF IP addresses in the same net and ping > between them. > > For your configuration you are not bridging on the 3920, you are > bridging on the router. This is done if you are configuring DLSW, for > instance. When you have configured the TrCRf for ring 2 this is the > source ring used on the To interface. You can use any bridge number to > the router virtual ring 100. For DLSW use the source-bridge spanning > command and, of course, configure ring speed. > > Hope this isn't too confusing, Fred. > > Jerry Seven wrote: > > > > Hi, > > > > I have several Token ring switch questions: > > > > Router R1 has interface To0 connects to token ring network, and it's the > > only device on it besides 3920, on 3920 I configured the bridge number 1 and > > vlan 10 for TrBRF, ring number 2 and vlan 20 for TrCRF. > > > > Questions: > > > > 1) Why should I configure vlans for TrBRF and TrCRF, what are they for? > > > > 2) If I enable SRB on R1, what's the bridge number and ring number should I > > choose in order to be consistent to 3920 configuration? Should I use > > different bridge ID and same ring ID as follows: > > > > source-bridge ring-group 100 > > interface To0 > > source-bridge 2 2 100 > > > > Any help is greatly appreciated, > > > > J > > > > _ > > Do You Yahoo!? > > Get your free @yahoo.com address at http://mail.yahoo.com _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=24830&t=24734 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
