Free Cisco book - Dictionary of Networking
www.cisco.com/offer/edunet/d927 by Dec. 1, 2000 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX SMTP performance very Bad
Dear Sir: One of our customer use the PIX Firewall515 version 5.12 with 6-interfaces. He use three interfaes: Internal, External and DMZ, and everything seem well. Only one problem: The SMTP mail server in DMZ and PIX handle SMTP (TCP/25) performance very badevery smtp session delay more then 10sec in PIX. Thank you very much for your attention and kindness help. Look forward to hearing from you soon. Joseph Chuang ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PIX and SMTP Problem
Dear Sir: One of our customer use the PIX Firewall515 version 5.12 with 6-interfaces. He use three interfaes: Internal, External and DMZ, and everything seem well. Only one problem: The SMTP mail server in DMZ and PIX handle SMTP (TCP/25) performance very badevery smtp session delay more then 10sec in PIX. Thank you very much for your attention and kindness help. Look forward to hearing from you soon. Joseph Chuang ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Home Lsb -- Suggestions Please
Title: RE: Home Lsb -- Suggestions Please This is a very good link. This is the best I've seen so far regarding the oft appearing question of building a ccie lab. -Original Message-From: Han Nguyen [mailto:[EMAIL PROTECTED]]Sent: Wednesday, November 29, 2000 4:52 AMTo: 'Ikpasa, Kerry'; [EMAIL PROTECTED]Subject: RE: Home Lsb -- Suggestions Please Check out this URL: http://www.ccprep.com/resources/news/archives/990709.htm Han. -Original Message- From: Ikpasa, Kerry [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 29, 2000 5:36 AM To: [EMAIL PROTECTED] Subject: Home Lsb -- Suggestions Please Ladies & Gent, I am thinking off gathering equipment for my home lab, for study for CCNP, and moving on to CCIE (Say third quater ..2001). I need to start off small but adequate for the CCNP. Can you please suggest the equipments I can buy/aquire to kick this off! Thanks in advance __ Kerry Ikpasa NOC Engineer AduroNet Limited * Tel: ++44(0)1895 552-145 * Mob ++44(0)777 6161-145 * Fax: ++44(0)1895 271 931 * E-Mail :[EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Good reference book for Support/CIT
I am nearly complete in my quest for CCNP. I only have the CIT/Support exam to take. To date, most of my studying has come from Exam Cram and Boson tests. I realize that those books serve only to help with quick memorization and test cramming. I have also purchased and am reading other publications, like Jeff Doyle's book and Halabi's book. I am looking for a good reference book for CIT and Troubleshooting, the type of book I can actually use in the real world as I get my hands on more and more equipment (I work for an ISP). I am eventually moving on to CCIE written and I have been buying books in the Cisco Press CCIE series (i.e. Doyle, etc). What would this fine group recommend as the best source for Troubleshooting that would not only help me with CCIE written, but with real world problems... Thanks in advance, Joseph E. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: I need Bcran exam advise from you, sir.
Young William, I just took BCRAN 24 hours ago. It is still fresh in my mind. I will attempt to give you my impressions on the exam and how I prepared. I read Building Cisco Remote Access Networks by Catherine Paquet (A fine Cisco Press publication). I also used all three Boson test series covering the same. It took me about a week to read the book. My peers said the book was dry and a bit boring, but I found it to be rather enjoyable. Anyway, the book provided me with a strong foundation of the concepts. The Boson tests were slightly better than average and a good way to get yourself into the frame of mind to take a test. Once I had mastered the Boson exmas, I took the test. I passed with an 887. On the test, I saw a bunch of ISDN questions, from concepts and theory to actual usage. There were about 5-6 questions on DDR. There were many (about 12-15) questions where they ask you which Cisco command does this or that. They give you an exhibit to choose from 50 or so commands. The way they ask the question and the way the commands are listed in the exhibit, they practically give the answer away. There were the requisite Frame Relay questions too. Basic stuff there. The few questions I saw on X25 were of the most basic sort. There were also about 5 questions on what particular router would you put in a specific location (i.e. Central Office, Remote Location or SOHO) There were about 2 very general questions on the Cisco 700, and not very in depth questions at that. There were also a few questions related to Dialer Groups, Dialer Lists and Dialer Pools. Enough to be annoying. Finally, there were those few questions that Cisco likes to drop in there that are totally ambiguous and serve only to shake your confidence. I saw no blind "fill in the blank" type questions. Hope all of this helps. Good luck on your test! Joseph -Original Message- From: william [mailto:[EMAIL PROTECTED]] Sent: Sunday, December 03, 2000 7:43 PM To: [EMAIL PROTECTED] Subject: I need Bcran exam advise from you, sir. Hi guys I'm taking Bcran exam on coming wednesday. Can you all guys advise me on this? Thanks. William _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DSL Aggregation
Title: RE: DSL Aggregation Also check out the "less than perfect" 6400 UAC from Cisco. I work with them every day. They are pretty horrible. Joseph -Original Message-From: Abruzzese, John [mailto:[EMAIL PROTECTED]]Sent: Wednesday, December 06, 2000 10:15 AMTo: Terrence Garrison; [EMAIL PROTECTED]Subject: RE: DSL Aggregation Cisco's fairly new Edge Switch Router(ESR) 1 is a xDSL agg router -Original Message- From: Terrence Garrison [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 06, 2000 12:14 PM To: [EMAIL PROTECTED] Subject: DSL Aggregation What is DSL aggregation ? Does cisco make a box that does DSL aggregation ? _ Get more from the Web. FREE MSN Explorer download : http://explorer.msn.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Great Deal on CCIE LAN Switching book!!
Working towards CCNP and was looking to expand my library. Someone on this list mentioned to check Mysimon.com and compare book prices. I did that and I found a great price at Wal-Mart of all places. Normally the book lists for 70.00 US and Walmart has it, in hard-cover, for 49.00! I ordered it today and so I cannot fully verify it, but the website did say it was hardcover, so let's hope it comes through as such. Anyway, it is worth a "look-see". Joseph E -Original Message- From: xndr [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 06, 2000 12:55 PM To: [EMAIL PROTECTED] Subject: Re: CCIE certificationzone.com Mock Exam 754/1000 Hi! It does not seem to be enough to pass CCIE writting. I'd geting about 850-880 and my pass score on real CCIE was 100 points less. > Hit a 754/1000 tonight, I'm well pleased, but do you > think I'm ready or just knocking on the door ? > > Past results, > > 629 > 636 > 670 > 608 (Bad Day) > 706 > 706 > 706 (Getting Cheesed off) > 754 (Happier) > > Any comments appreciated. > > Best Regards, > > Phil. > > > > Do You Yahoo!? > Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk > or your free @yahoo.ie address at http://mail.yahoo.ie > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Great Deal on CCIE LAN Switching book!!
I noticed that Wal-Mart.com has a significant number of Cisco Press books in the $40+ range. I received my order confirmation and I am awaiting delivery. I had it sent via regualr ground mail, so it may take a week or so. If everything checks out, I may order more. Currently, I am preparing to take the CIT exam to complete my CCNP. However, the CCIE is my next lofty goal, so my library has found itself expanding at a very fast pace. Joseph -Original Message- From: Bharat Suneja [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 07, 2000 7:24 AM To: [EMAIL PROTECTED] Subject: Re: Great Deal on CCIE LAN Switching book!! That indeed is the lowest price on the Switching book, ISBN 1578700949, CCIE Professional Development: Cisco LAN Switching. Booksamillion.com also sells it for $49, with a further 10% discount if you're a member of their "Millionaire Book Club" - for $44.10 after the Club discount. Club membership is $5/year, and it pays off with the first book you buy. I've often found them offering the lowest prices on any Cisco Press book - I recently bought the Cisco Press BSCN book for $42, including shipping. Checked back a couple of days ago, and they'd raised the rates back to the list price of $60. :-) Bharat Suneja "Joseph Ezerski" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Working towards CCNP and was looking to expand my library. Someone on this > list mentioned to check Mysimon.com and compare book prices. I did that and > I found a great price at Wal-Mart of all places. > > Normally the book lists for 70.00 US and Walmart has it, in hard-cover, for > 49.00! I ordered it today and so I cannot fully verify it, but the website > did say it was hardcover, so let's hope it comes through as such. > > Anyway, it is worth a "look-see". > > Joseph E > > -Original Message- > From: xndr [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, December 06, 2000 12:55 PM > To: [EMAIL PROTECTED] > Subject: Re: CCIE certificationzone.com Mock Exam 754/1000 > > > Hi! > > It does not seem to be enough to pass CCIE writting. > I'd geting about 850-880 and my pass score on real CCIE was 100 points less. > > > Hit a 754/1000 tonight, I'm well pleased, but do you > > think I'm ready or just knocking on the door ? > > > > Past results, > > > > 629 > > 636 > > 670 > > 608 (Bad Day) > > 706 > > 706 > > 706 (Getting Cheesed off) > > 754 (Happier) > > > > Any comments appreciated. > > > > Best Regards, > > > > Phil. > > > > > > > > Do You Yahoo!? > > Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk > > or your free @yahoo.ie address at http://mail.yahoo.ie > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Need help with a failing 7206
I have a Cisco 7206 with an IMA card and two ATM T-1 circuits going into the 4 port IMA card. About every two weeks the router freezes up. Usually a reboot brings it back. Everytime the router reboots, the log gets cleared. Is there a way I can troubleshoot the hardware and/or IOS with this and get to the heart of the matter? Joseph _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Still doesn't work: tough VPN question
I beg to disagree with you. I can certainly telnet, ftp and ping to any NETBios name on my network. -Original Message- From: Benjamin Walling [mailto:[EMAIL PROTECTED]] Sent: Friday, December 08, 2000 9:21 AM To: [EMAIL PROTECTED] Subject: Re: Still doesn't work: tough VPN question Yes, WINS resolves NetBIOS names to IP addresses, but only for Windows networking functions. It is not used for ping, ftp, telnet, etc. It is used for name resolution with relation to file sharing, domain traffic, etc. The order in which a Windows box will try to resolve a DNS name (what happens when you ping): Host file DNS Cache WINS Broadcast LMHosts The order in which a Windows box will try to resolve a NetBIOS name: Cache WINS Broadcast LMHosts Hosts DNS (of course you can modify the NetBIOS node type and change this) ""Frank Wells"" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]... > Name resolution is exactly what WINS does! It maps Netbios names to IP > addresses. Windows clients resolve names to IP addresses using a number of > criterion, and depending on what kind of node they are (H;B;P;M)the order > that they search services and files differ. They certainly do not need DNS > to resolve IP addresses, although it would be an inprovement over their > native methods. > > Take a look at RFC's 1001/1002 for deeper insight. > > BTW, RPC's are used for mapping drives etc. > > > >From: "Benjamin Walling" <[EMAIL PROTECTED]> > >Reply-To: "Benjamin Walling" <[EMAIL PROTECTED]> > >To: [EMAIL PROTECTED] > >Subject: Re: Still doesn't work: tough VPN question > >Date: Fri, 8 Dec 2000 08:27:04 -0500 > > > >Pinging does not verify name resolution for WINS. Ping will resolve a name > >using DNS. MS uses WINS (NetBIOS naming) for Domain Logins and for mapping > >drives, etc. > > > >Try this link on Cisco's website for help with coordinating your NT domain > >with your network layout: > >http://www.cisco.com/warp/public/473/winnt_dg.htm > > > >It covers WINS and things like that. > > > >Ben > > > >"Jim Bond" <[EMAIL PROTECTED]> wrote in message > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > Hello, > > > > > > Thank you guys for the help. Unfortunately, I tried to > > > put LMHOST file, still doesn't work. We use WINS and I > > > can ping domain controller using name so I don't think > > > it's naming issue. > > > > > > I used a sniffer captured some data, client is sending > > > logon request to domain controller but didn't get any > > > response. Looks like PIX blocks it. How do I open > > > it(port 137, 138, 139)? > > > > > > Thanks in advance. > > > > > > > > > Jim > > > > > > --- Scott Morris <[EMAIL PROTECTED]> wrote: > > > > Your problem is likely the propgation of > > > > broadcasts... Or lack thereof. > > > > One thing you can do (I'm assuming you have a router > > > > before (LAN-side) the > > > > PIX) is set up an ip-helper address to forward > > > > UDP-level broadcasts (like > > > > 138/139 Netbios) to the NT server. > > > > > > > > The other thing you can do is bypass that broadcast > > > > thought process by using > > > > LMHosts files on the workstations at the branch > > > > office. That will pre-load > > > > (if you use the #PRE designation) the NetBIOS cache > > > > and give you IP > > > > addresses to go to. So if you have IP reachability, > > > > things will work just > > > > fine then. > > > > > > > > In LMHOSTS. : > > > > > > > > (ip address) (Netbios name) #PRE #DOM:(domain name > > > > if domain controller) > > > > > > > > Also, to refresh without rebooting the PCs, "nbtstat > > > > -R" > > > > > > > > Hope this helps! > > > > > > > > Scott > > > > > > > > -Original Message- > > > > From: [EMAIL PROTECTED] > > > > [mailto:[EMAIL PROTECTED]]On Behalf Of > > > > Jim Bond > > > > Sent: Thursday, December 07, 2000 1:19 AM > > > > To: [EMAIL PROTECTED] > > > > Cc: [EMAIL PROTECTED] > > > > Subject: tough VPN question > > > > > > > > > > > > Hello, > > > > > > > > I'm trying to set up a IPSec between a PIX (branch > > > > office) and router (central office). All PCs at > > > > branch > > > > office share 1 ip address. IPSec seems to be working > > > > fine because clients can ping/telnet/email/map > > > > drives > > > > from/to central office. The problem is they can't > > > > logon NT domain. They can ping domain controller > > > > though. > > > > > > > > Any idea why they can't log on NT domain? (The > > > > machines were already added to domain) > > > > > > > > Thanks in advance. > > > > > > > > > > > > Jim > > > > > > > > __ > > > > Do You Yahoo!? > > > > Yahoo! Shopping - Thousands of Stores. Millions of > > > > Products. > > > > http://shopping.yahoo.com/ > > > > > > > > > > > ___ > > > > To unsubscribe from the CCIELAB list, send a message > > > > to > > > > [EMAIL PROTECTED] with the body containing: > > > > unsubscribe ccielab > > > > > > > > __
RE: eXtreme ,juniper, Foundary and Cisco
You bring up very good points. I would like to add another. I work for an ISP and there is a lot to be said for a homogenous network. I am familiar with IOS and as the majority of our network devices are Cisco, I have an easier time learning new things or figuring out others. Also, it is nice to be able to go to one source to get answers. I am not necessarily the biggest fan of Cisco, but going the Cisco route does have major benefits. FYI, I have used Boson Tests. I find them to be excellent tools for putting you into the mindset of the exam. Joseph -Original Message- From: Bharat Suneja [mailto:[EMAIL PROTECTED]] Sent: Monday, December 11, 2000 9:33 AM To: [EMAIL PROTECTED] Subject: Re: eXtreme ,juniper, Foundary and Cisco I'd just like to point out one fact that most enterprises do give a lot of thought before making purchase decisions - Extreme, Foundry, Juniper, et al DO NOT have end-to-end solutions. Cisco does. The former also do not have a trained pool of network engineers to recommend and implement their products, whereas you'll find plenty of Cisco-trained, Cisco-experienced network engineers, designers & support professionals. Cisco IOS offers one consistent interface & CLI throughout most of its product line. Cisco also offers an impressive range of Network Management products that we're yet to see from other vendors. It's an endless debate - but not all enterprise networks require the performance & capabilities of a Juniper or a Foundry. Having said that, let me also add that as things stand, by no means is Cisco technologically the most superior throughout the length & breadth of its entire prouduct line. Juniper, Extreme, Foundry and others do have their niches that they fill quite effectively, and pose challanges to Cisco in those markets. And as someone correctly pointed out, the basic networking knowledge is still required even to implement other vendors' products. I doubt the CCIE will lose its value any time soon, but we just might see a deluge of CCNAs & CCNPs bred on the ExamCrams, Transcenders & Bosons. (I'm yet to determine how many of the people on this newsgroup have/have not used Boson tests... :-) Bharat Suneja "Mohamed Heeba" <[EMAIL PROTECTED]> wrote in message 91B200CBBEC3D111992A00805F31E6CB8807A3@MINAMAIL">news:91B200CBBEC3D111992A00805F31E6CB8807A3@MINAMAIL... > so wat do u think the value of Cisco Certificates in the market , how long > time this value is going to retain its bright ?? > > > -Original Message- > > From: Andy Walden [SMTP:[EMAIL PROTECTED]] > > Sent: Monday, December 11, 2000 5:34 AM > > To: Mohamed Heeba > > Subject: Re: eXtreme and Cisco > > > > > > They won't die, but they are loosing a ton of market share. Juniper is > > really kicking them hard on the router side (7xxx-12xxx). Foundry and > > Extreme are kicking them hard on the enterprise side (5xxx-6xxx). At some > > point its all going to add up and be very painful for Cisco. That is the > > price of being the big boy in town. They are slow and strapped down with a > > huge existing customer based and bloated buggy IOS where the other > > manufacturers don't have that problem. > > > > andy > > > > On Mon, 11 Dec 2000, Mohamed Heeba wrote: > > > > > hi guys > > > just coming now from extreme presentation .looks like they have much > > more > > > stronger products than cisco (in giga swtiches of course )do u think > > > guys that Cisco is going to die because of small focused companies like > > > extreme and jinper ??? if anyone feel interested ..we would like to > > discuss > > > this > > > > > > > > > Mohamed > > > > > > _ > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCO Login
To add from my own personal experience, I work for an ISP. We buy the majority of our stuff from Cisco and as a result, we have CCO logins. If your company is a Cisco reseller, or you buy a lot of gear from them, I would venture to say that a CCO login is merely a click or a phone call away. Here is an excerp from an email from our Cisco Rep: "Go to www.cisco.com click on Register at the top Click on 1A Click Next Where it asks you to Enter your Cisco Registration or Service Contract Number, put in xxx Fill out the info from there and you should be good to go. Everyone over there can repeat this process to get a CCO login." Note: xxx= your particular contract number. Hope it helps. Joseph -Original Message- From: Ash Aslam [mailto:[EMAIL PROTECTED]] Sent: Monday, December 11, 2000 11:17 PM To: Cisco Group Study Subject: Fwd: CCO Login This may help clear some of the questions regarding those of you seeking after their own personal CCO login from Cisco. Below are details on how to receive your registered CCO login. Pls read the email from bottom to top. Regards. Ash -Original Message- From: Debbie Silva [mailto:[EMAIL PROTECTED]] Sent: Monday, December 11, 2000 6:14 PM To: [EMAIL PROTECTED] Subject: RE: Fwd: CCO Login CCIE lab ~*~*~*~*~*~*~*~*~*~*~*~* Debbie Silva CCIE Program 150 W Tasman Dr San Jose,Ca 95134 PH: 408 527-0787 Pg: 1-800 365-4578 [EMAIL PROTECTED] ~*~*~*~*~*~*~*~*~*~*~*~* At 01:49 AM 12/09/2000 +, you wrote: Hi, Does this mean having a CCIE written or CCIE lab? Thanks Ash -Original Message- From: Debbie Silva [mailto:[EMAIL PROTECTED]] Sent: Friday, December 08, 2000 4:21 PM To: [EMAIL PROTECTED] Subject: Re: Fwd: CCO Login You have to become a CCIE to get access to CCO. Thanks ~*~*~*~*~*~*~*~*~*~*~*~* Debbie Silva CCIE Program 150 W Tasman Dr San Jose,Ca 95134 PH: 408 527-0787 Pg: 1-800 365-4578 [EMAIL PROTECTED] ~*~*~*~*~*~*~*~*~*~*~*~* At 12:07 PM 12/06/2000 -0800, you wrote: >>Reply-To: <[EMAIL PROTECTED]> >>From: "Ash Aslam" <[EMAIL PROTECTED]> >>To: <[EMAIL PROTECTED]> >>Subject: CCO Login >>Date: Sun, 12 Nov 2000 07:31:50 - >>X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) >>Importance: Normal >> >>Hi, >> >>Can you please confirm if it's true that if one attains the CCIE Written >>exam, he/she automatically becomes eligible for a CCO login. >> >>Please let me know. >> >>Best Regards. >>Ash Aslam >> _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: GNS replies from furthest server
Not that I am any sort of expert in Novell, but have you checked the encapsulation type of the local server and the clients to see if it matches? Also, is the external IPX network number the same. And, as someone else mentioned, try and set a preferred server in your client software. Just my 2 cents. Joseph -Original Message- From: Scott McClure, CCNP, CCDA, MCNE [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 12, 2000 4:51 AM To: [EMAIL PROTECTED] Subject: Re: GNS replies from furthest server Shaun, Can you provide us an example of the 4908 configs? The problem may be in the IRB configuration, or in SAP spoofing (sometimes the router will respond to GNS faster than the local servers). Scott "Shaun Wakelen" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Can anybody shed some light on this problem. We have installed a gigabit > network using 3548's and 4908's. Two 3548's have Novell servers (NetWare 4) > connected to them, and also have links to WAN routers. These are connected > to two 4908's running IRB and HSRP. To the 4908's are four further 3548's to > which the Novell clients are attached. The problem is, when a client starts > up, the GNS request is being replied to by a server on the other side of the > WAN link, and not a local one. If the remote server is disconnected then a > different remote server replies. The IPX routing table shows the local > servers with the lowest hop count and metric. This was originally an ATM > network, which works perfectly. > > I now have several bumps where I have been hitting my head against a brick > wall! > > Any ideas > > Thanking you in advance > Shaun Wakelen > This e-mail and any attachments may contain privileged, confidential and/or > copyright information and is for the sole use of the intended addressee. If > you are not the named recipient, please notify the sender immediately and do > not disclose the contents to another person, use it for any purpose, or > store or copy the information in any medium.This message is subject to and > does not create or vary any contractual relationship between Telindus K-NET > Ltd and you. > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Find Great Prices on Books
Also, I posted a week or so ago about getting CCIE series books through Wal-mart. Normally I do not hype any particular place, but Walmart.com has most of the CCIE books (that list for $70.00 US) for 49.99 US. I received my first book from them and everything came out alright, and these are the hardcover editions. Anyway, feel free to shop and compare wherever you feel comfortable. Hope it all helps. Joseph CCNP -Original Message- From: Talib [mailto:[EMAIL PROTECTED]] Sent: Monday, December 18, 2000 10:07 AM To: [EMAIL PROTECTED] Subject: Find Great Prices on Books One of the best places to go and compare book prices is http://www.isbn.nu Also, always check out ebay for auctions. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Last Nights DC Group Meetings
I have seen all the e-mails flying around this group the past few days as to who the heck was speaking at the meeting. I spoke with Cisco training who stated that they would not comment on Cisco litigation against me, Howard Berkowitz or any other CCIE, website or publisher involved in legal proceedings. At this point it was premature to mention action that Cisco is taking because they have not taken it yet. The speaker who was addressing everyone at the training partner meeting was a vice-president at Cisco, Ed Kozel. I heard that I was going to be nailed to a cross for passing out a documents which resembled the CCIE lab to people at a Bay Area group meeting a few months back. I also heard that Ralph Ramal, Howard Berkowitz, and I are targets of lawsuits from Cisco for violating the NDA agreement. I have aquired an attorney yesterday who made an inquiry to Cisco's legal department and apparently they are going to be serving me soon, they stated within the next 90 days. Until then I guess I wait and loose sleep. Joe Abbott, CCIE Get your Free Website & Free E-mail at http://www.tcfb.comGet your own FREE Web and POP E-mail Service in 14 languages at http://www.zzn.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: So what SHOULD a CCIE know?
It is obvious that with the explosion of the Internet that networks and networking, in general, are moving to a more unified approach. We are seeing legacy protocols that could not stand the test of time give way and die in the face of TCP/IP. All of this is good news for CCIE's among others. The more things standardize on tried and true open standards, the better off our jobs will be, not to mention the experience of the customers we service. Imagine a world with no Appletalk, IPX, SNA, LAT, etc. Imagine that there are a few base protocols like TCP/IP working in tandem with Routing Protocols like OSPF and BGP. I beleive that when that day arrives, the CCIE should be a true expert in the pared down world wide standards that emerge as the dominant players. The less needless complexity that we need to grapple with, the better we can become and hone our skills to the expert level. Just my 2 cents Joseph -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 27, 2000 11:40 AM To: Cisco Mail List Subject: So what SHOULD a CCIE know? We've all seen a number of comments about the CCIE written and the CCIE Lab, regarding content. Most of those comments have been negative. So, what SHOULD be tested? What SHOULD a CCIE know? Anyone? Chuck -- I am Locutus, a CCIE Lab Proctor. Xx_Brain_dumps_xX are futile. Your life as it has been is over ( if you hope to pass ) From this time forward, you will study US! ( apologies to the folks at Star Trek TNG ) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Modem access from Router
As far as using the AUX port, I have been able to get by with the following minimal config: line aux 0 exec-timeout 30 0 password x (your own password here) modem InOut modem autoconfigure discovery transport input all stopbits 1 Mind you, I had a USR Sportster attached to the aux port, which is listed in the modemcap database, thus allowing me to squeek by with an autoconfigure discovery command. If you have some other model that is not in the modemcap, then you may have to add a few more lines. Also, if a password is not necessary, nor a timeout period, you could also delete those lines. Less is more! Joseph -Original Message- From: Adam Quiggle [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 04, 2001 3:21 AM To: Sam; [EMAIL PROTECTED] Subject: Re: Modem access from Router Sam, Here is a sample config from a 2501 that gives you PPP access to your network through the aux port. Don't worry about the missing lines because I've pulled stuff out that wasn't relevant to your question as well as stuck some stuff in that you need. Notice that "line 1" is all about configuring the physical layer, while "async 1" is all about configuring the data link layer and network layer. HTH, AQ p.s. If all you want is console access, this config should give it to you as well. 1 version 12.0 2 service timestamps debug uptime 3 service timestamps log uptime 4 no service password-encryption 5 ! 6 hostname RouterAsyncConfig 9 ! 10 ip subnet-zero 11 ! 22 interface Loopback0 23 ip address 1.1.1.1 255.255.255.255 24 no ip directed-broadcast 25 ! 26 interface Ethernet0 27 no ip address 28 no ip directed-broadcast 29 no ip route-cache 30 no ip mroute-cache 31 shutdown 32 ! 33 interface Serial0 34 ip address 192.168.10.2 255.255.255.0 35 no ip directed-broadcast 36 no ip route-cache 37 no ip mroute-cache 38 no fair-queue 39 ! 40 interface Serial1 41 no ip address 42 no ip directed-broadcast 43 no ip route-cache 44 no ip mroute-cache 45 shutdown 46 no fair-queue 47 ! 48 interface Async1 49 no ip address 50 no ip directed-broadcast 51 encapsulation ppp 52 async mode interactive 53 peer default ip address pool default 54 ppp authentication ms-chap chap pap 59 ! 47 ip local pool Dialup-pool 172.16.20.10 172.16.20.100 60 ip classless 61 ! 62 line con 0 63 exec-timeout 0 0 64 transport input none 65 line aux 0 66 no exec 67 no motd-banner 68 no exec-banner 69 autoselect ppp 70 modem Dialin 71 modem autoconfigure type usr_sportster 72 transport input all 73 stopbits 1 74 speed 38400 75 flowcontrol hardware 76 line vty 0 4 77 login 78 ! 79 end At 10:35 AM 1/3/01, Sam wrote: >Hello friends > >I have a modem connected to the AUX port of my router. I am using this modem >to dial into the router. > >Now I need to access this modem from the router. >What do i need to configure on the router to be able to access the modem >from the router itself. ie to be able to configure the modem using the AT >command set. >Could someone help me out on this. > >Thanks > >Sam > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ** Adam Quiggle Senior Network Engineer MCI Worldcom/NOC/BP Amoco [EMAIL PROTECTED] ** _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Modem access from Router
Oops, I did not read the original post. My config is really mostly for dialing into the router from an outside host, like a PC. Sorry. Joseph -Original Message- From: Joseph Ezerski Sent: Thursday, January 04, 2001 8:02 AM To: 'Adam Quiggle'; Sam; [EMAIL PROTECTED] Subject: RE: Modem access from Router As far as using the AUX port, I have been able to get by with the following minimal config: line aux 0 exec-timeout 30 0 password x (your own password here) modem InOut modem autoconfigure discovery transport input all stopbits 1 Mind you, I had a USR Sportster attached to the aux port, which is listed in the modemcap database, thus allowing me to squeek by with an autoconfigure discovery command. If you have some other model that is not in the modemcap, then you may have to add a few more lines. Also, if a password is not necessary, nor a timeout period, you could also delete those lines. Less is more! Joseph -Original Message- From: Adam Quiggle [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 04, 2001 3:21 AM To: Sam; [EMAIL PROTECTED] Subject: Re: Modem access from Router Sam, Here is a sample config from a 2501 that gives you PPP access to your network through the aux port. Don't worry about the missing lines because I've pulled stuff out that wasn't relevant to your question as well as stuck some stuff in that you need. Notice that "line 1" is all about configuring the physical layer, while "async 1" is all about configuring the data link layer and network layer. HTH, AQ p.s. If all you want is console access, this config should give it to you as well. 1 version 12.0 2 service timestamps debug uptime 3 service timestamps log uptime 4 no service password-encryption 5 ! 6 hostname RouterAsyncConfig 9 ! 10 ip subnet-zero 11 ! 22 interface Loopback0 23 ip address 1.1.1.1 255.255.255.255 24 no ip directed-broadcast 25 ! 26 interface Ethernet0 27 no ip address 28 no ip directed-broadcast 29 no ip route-cache 30 no ip mroute-cache 31 shutdown 32 ! 33 interface Serial0 34 ip address 192.168.10.2 255.255.255.0 35 no ip directed-broadcast 36 no ip route-cache 37 no ip mroute-cache 38 no fair-queue 39 ! 40 interface Serial1 41 no ip address 42 no ip directed-broadcast 43 no ip route-cache 44 no ip mroute-cache 45 shutdown 46 no fair-queue 47 ! 48 interface Async1 49 no ip address 50 no ip directed-broadcast 51 encapsulation ppp 52 async mode interactive 53 peer default ip address pool default 54 ppp authentication ms-chap chap pap 59 ! 47 ip local pool Dialup-pool 172.16.20.10 172.16.20.100 60 ip classless 61 ! 62 line con 0 63 exec-timeout 0 0 64 transport input none 65 line aux 0 66 no exec 67 no motd-banner 68 no exec-banner 69 autoselect ppp 70 modem Dialin 71 modem autoconfigure type usr_sportster 72 transport input all 73 stopbits 1 74 speed 38400 75 flowcontrol hardware 76 line vty 0 4 77 login 78 ! 79 end At 10:35 AM 1/3/01, Sam wrote: >Hello friends > >I have a modem connected to the AUX port of my router. I am using this modem >to dial into the router. > >Now I need to access this modem from the router. >What do i need to configure on the router to be able to access the modem >from the router itself. ie to be able to configure the modem using the AT >command set. >Could someone help me out on this. > >Thanks > >Sam > >_ >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ** Adam Quiggle Senior Network Engineer MCI Worldcom/NOC/BP Amoco [EMAIL PROTECTED] ** _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: dizzy from bcran study
I actually enjoyed Catherine's book for BCRAN. At first I was a little dizzied by all the dialer stuff. But if you look, there is a pattern there that fits the Cisco model for the most part. For example...a Dialer list is like an Access List for DDR. And, in the Cisco World, you might apply an access list to an interface with the "access-group" commmand. Well, for BCRAN, you apply a dialer list with the "dialer-group" command. Beleive it or not, the Boson tests helped me to get a grip on all the dialer concepts. I kept missing the same questions and it forced me to go back and review those parts of the book to solidify the idea. I also like the ability to jump to the web link for each question. Normally, the question references CCO or the specific page in the book. The Boson exams, for the most part, are based on Paquet's BCRAN book, so they mesh well. I know I didn't give you much, but I hope it helps, if even only a little. Good luck on your exam. -Joseph -Original Message- From: Kane, Christopher A. [mailto:[EMAIL PROTECTED]] Sent: Friday, January 05, 2001 7:55 AM To: '[EMAIL PROTECTED]' Subject: dizzy from bcran study Coming from an ISP background and being "dedicated connection" orientated, studying for the BCRAN is making me dizzy. Dialer-group, dialer pool, dialer map class, etc. I'm having fun trying to keep it all straight. I'm reading the Catherine Paquet Cisco Press BCRAN text. Has anyone found a good mnemonic to memorize all of this stuff? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP implementations
I am no BGP master, but from what I understand is that there are a few "rules of thumb" so to speak. The first being that it is not deemed acceptable to peer anything smaller than a /20. There is an RFC written about this, I beleive, RFC#2008. The reason being that it is highly desirable to keep your routing tables as efficient as possible. If everyone peered and advertised a /24, there would be too many routing table entries to make it work efficiently. As of this email, there are close to 100,000 advertised routes on the Internet. Secondly, You need a pretty powerful router to peer with. I see many people saying that 128MB of memory is desirable, not to mention a larger router, like a 7000 series, etc. Like I said, I am a pure BGP beginner, but undoubtly, the masters here on Groupstudy will have their say. -Joseph -Original Message- From: Arif Ali [mailto:[EMAIL PROTECTED]] Sent: Friday, January 05, 2001 9:20 AM To: [EMAIL PROTECTED] Subject: BGP implementations Dear Fellows, I have little routing problem, I have three links with three different ISP's and 32 class C address Pool . I want to route 192.168.96.0/23, 192.168.102.0/23, 192.168.104.0/20 from ISP1 and 192.168.120.0/21 from ISP 2 and 192.168.98.0/22 from ISP3. Right now we are using static routes but now i plan to go for BGP but i want load balancing and link redundancy. for IGP i want to use OSPF. Can it possible ? How ? (ISP1Router)-FastEthernet-(RouterA)-4MB Serial-(RouterB)-2Mb Serial-(RouterC)2Mb Serial(ISP2Router) | 2Mb Serial | (ISP3Router) I really appreciate your favor. If you want any other information please feel free to contact me. Kindest Regards my friends Arif Ali _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay...Inverse-Arp..?
I have an interesting tidbit that I hope can add to this thread. I was doing a frame relay lab and set up a 2501 as a frame switch. I had two other 2501s as the remote ends. I set up the major interface for frame relay, but did NOT specify a DLCI number for both remote ends. In the frame switch, I added my frame-relay route commands for the respective major interfaces and DID specify DLCI numbers. What I found out is that the remote ends "learned" their DLCI's from the frame switch. I remember in my studies that using the default Cisco LMI type buys you some auto discovery of sorts. I am not sure if this is playing a part in Nigel's experiment, but why not give it a go by changing the default Cisco LMI type to some other type and see if the results stays the same. Joseph -Original Message- From: Nigel Taylor [mailto:[EMAIL PROTECTED]] Sent: Sunday, January 14, 2001 6:48 PM To: Cisco Group Study; Chuck Larrieu; CCIE_Lab Group Study Subject: Frame Relay...Inverse-Arp..? Hi All, I was working through a number of frame relay lab and made = some pretty cool observations. The big one being that I had Inverse-Arp = working as well while using the "frame-map" command. Everything I know = tells me this shouldn't be but it works. I reloaded the routers and the Inverse arp worked. Even after shutting = down the interface and bringing it back up the Inverse-Arp still worked. = =20 Anyone got any thoughts on how this could be working? Nigel... _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay...Inverse-Arp..?
I think you got it right, but just to clarify The frame switch looks like this: Interface Serial0 encapsulation frame-relay frame-relay intf-type dce frame-relay route 20 interface serial1 30 Interface Serial1 encapsulation frame-relay frame-relay intf-type dce frame-relay route 30 interface serial0 20 Remote CPE #1 looks like this: Interface Serial0 ip address 192.168.1.1 255.255.255.252 encapsulation frame-relay (notice no DLCI is assigned) Remote CPE #2 looks like this: Interface Serial0 ip address 192.168.1.2 255.255.255.252 encapsulation frame-relay (notice no DLCI is assigned) My ping tests work between the two CPE's. My best guess is that the LMI is passing the important information across the point-to-point links. As for doing this with the Telco, I am not sure. Many times they use non Cisco switches, so IETF encapsulation is needed and/or use a different LMI type. But why don't you try it and report back? Joseph -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, January 15, 2001 10:57 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Frame Relay...Inverse-Arp..? Ok, now you all got me interested. #1) From what I'm reading, you are saying that if you create a FR lab and just place the DLCI map commands on the frame switch for the remote ends, and you have the LMI set right, then the remotes will automatically learn their DLCIs through LMI? #2) Would this also work in a real environment concerning telco assigning you DLCI numbers? What I'm saying is, after the telco gives you the DLCIs for your DTE interfaces (remote ends) usually you would go in and configure them. If you didn't bother to go and configure them, would your remote ends automatically learn them from the FR switch somewhere in the telco's network through LMI??? In a message dated 1/15/01 1:49:41 PM Eastern Standard Time, [EMAIL PROTECTED] writes: > that should be true no matter what. You are learning the DLCI's through LMI > a standard function of Frame Relay. You will learn it regardless as long as > your router and the switch agree on what type of LMI they are using. > > Steve > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Joseph Ezerski > Sent: Monday, January 15, 2001 9:59 AM > To: 'Nigel Taylor'; Cisco Group Study; Chuck Larrieu; CCIE_Lab Group > Study > Subject: RE: Frame Relay...Inverse-Arp..? > > > I have an interesting tidbit that I hope can add to this thread. I was > doing a frame relay lab and set up a 2501 as a frame switch. I had two > other 2501s as the remote ends. I set up the major interface for frame > relay, but did NOT specify a DLCI number for both remote ends. In the frame > switch, I added my frame-relay route commands for the respective major > interfaces and DID specify DLCI numbers. What I found out is that the > remote ends "learned" their DLCI's from the frame switch. I remember in my > studies that using the default Cisco LMI type buys you some auto discovery > of sorts. I am not sure if this is playing a part in Nigel's experiment, > but why not give it a go by changing the default Cisco LMI type to some > other type and see if the results stays the same. > > Joseph > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Seally Question!!!!
What's the difference between NetBIOS and NetBEUI??? _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIEBootCamp Labs
Sorry for changing the subject. But I think you folks may give me the answer. Just like to know when should you take lab exam after passed the written test. I mean, should written exam expire?/ Thanks! ""Patrick Murphy"" <[EMAIL PROTECTED]> wrote in message 8qu434$kn4$[EMAIL PROTECTED]">news:8qu434$kn4$[EMAIL PROTECTED]... > Any current list members using these labs? I am considering purchasing them > and the reviews on their site look good. > > Just looking for honest unbiased opinions before I spend my hard earned > dollars! > > Patrick > > > **NOTE: New CCNA/CCDA List has been formed. For more information go to > http://www.groupstudy.com/list/Associates.html > _ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Free book - Successful Implementation Strategies for SLM.
Successful Implementation Strategies for Service-Level Management." http://www.cisco.com/offer/sms/V561-1006Y __ Do You Yahoo!? Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free! http://photos.yahoo.com/ **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISL VLANS on a router - bridged?
I am not sure, but logic seems to dictate that both interfaces belong to the same layer 2 network. The way I am picturing it is like this: In any regular layer 2 switched network, you can have many devices of the same type. You could have many clients or servers, or printers or even routers. So why wouldn't the same hold true for your scenario? Now, when you bring it up to layer 3, you definitly have two distinct subnets working. The differnece would lie in how your end users are configured, ie- Which interface IP do you assign as their default gateway... Sorry for the oversimplification. It's my first day on the list and I am trying to get involved. Joseph Ezerski LMKI Communications -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 10, 2000 12:47 PM To: [EMAIL PROTECTED] Subject: ISL VLANS on a router - bridged? On a switch, if a unique VLAN ID appears on more than one trunked interface, that VLAN is part of the same layer 2 network and broadcast domain across all interfaces where it appears, based on the VLAN number. Is this also true on a router? That is, if I have the following configuration, what happens? Do VLAN 2 on switches connected to both interfaces see each other? interface FastEthernet0/0.2 description VLAN 2 to switch A encapsulation isl 2 ip address 192.168.1.254 255.255.255.0 no ip redirects no ip directed-broadcast interface FastEthernet0/1.2 description VLAN 2 to switch B encapsulation isl 2 ip address 192.168.2.254 255.255.255.0 no ip redirects no ip directed-broadcast Two separate subinterfaces of two separate physical interfaces connected to two different LANs, but with the same ISL encapsulation "color". Are they bridged? Would the IP address ranges both appear on both LANs? Can't find this in CCO anywhere. -- Jay Hennigan - Network Administration - [EMAIL PROTECTED] NetLojix Communications, Inc. NASDAQ: NETX - http://www.netlojix.com/ WestNet: Connecting you to the planet. 805 884-6323 **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Password encryption decoder
I beleive the enable password encryption is only 40 bit, so if you can get a copy of the string you should be able to use any standard 40 bit password cracker. Also, if it is a matter of recovering a forgotten password and you have physical access to the router, cisco.com has outlined a procedure to reset the password through ROMMON mode. You'll have to search the website, though.. -Original Message- From: Daniel [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 10, 2000 1:21 PM To: [EMAIL PROTECTED] Subject: Re: Password encryption decoder The Boson software works great for most password decryption. Do you know of any software that will decrypt enable secret passwords? The Boson software will not do it. Daniel ""Barnhill, Don"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > William, > > Try www.boson.com They have a free set of utilties that includes a tftp > server, syslog server, and password decoder. > > Don Barnhill > MCSE,ASE,CCNP,CCDA > > -Original Message- > From: Plantier, William [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, October 10, 2000 10:13 AM > To: '[EMAIL PROTECTED]' > Subject: Password encryption decoder > > > Where can I find the Password encryption decoder for Cisco encrypted > passwords? > > Thanks > > Wm. Spencer Plantier > LAN Engineer > (919) 474-1300 ext 0873 Office > (919) 474-1056 Fax > (919)696-8848 Cell > [EMAIL PROTECTED] > > **NOTE: New CCNA/CCDA List has been formed. For more information go to > http://www.groupstudy.com/list/Associates.html > _ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > **NOTE: New CCNA/CCDA List has been formed. For more information go to > http://www.groupstudy.com/list/Associates.html > _ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Back to Back CSU's in a Frame Relay experiment
I have: A 2610 with a WIC 1DSU-T1 (internal CSU/DSU) A 1601 with a WIC 1DSU-T1. (internal CSU/DSU). I created a T-1 crossover cable according to Cisco's specs. I am trying to connect those two routers in a simulated frame relay connection. I connected the crossover cable and configured my two routers to accept frame signals. I was not successful. I config'd both routers to have sub-interfaces with an IP address on the same subnet. I did set the 2610 to have internal clock source and I set the 1601 to clock source line. I currently get LINE UP, PROTOCOL down on the major interface and DOWN-DOWN on the subinterface. What is it that I am missing? FROM 2610-->>> Serial0/0 is up, line protocol is down Hardware is PQUICC with Fractional T1 CSU/DSU Description: Psuedo Frame Link MTU 1500 bytes, BW 1544 Kbit, DLY 2 usec, reliability 254/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY, loopback not set Keepalive set (10 sec) LMI enq sent 56, LMI stat recvd 0, LMI upd recvd 0, DTE LMI down LMI enq recvd 87, LMI stat sent 0, LMI upd sent 0 LMI DLCI 1023 LMI type is CISCO frame relay DTE Broadcast queue 0/64, broadcasts sent/dropped 2/0, interface broadcasts 2 Last input 00:00:00, output 00:00:08, output hang never Last clearing of "show interface" counters 00:09:34 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 88 packets input, 1427 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 14 input errors, 0 CRC, 14 frame, 0 overrun, 0 ignored, 0 abort 106 packets output, 3408 bytes, 0 underruns 0 output errors, 0 collisions, 17 interface resets 0 output buffer failures, 0 output buffers swapped out 1 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up * (also from 2610) interface Serial0/0 description Psuedo Frame Link no ip address encapsulation frame-relay service-module t1 clock source internal ! interface Serial0/0.10 point-to-point description Pseudo Frame Link ip address 192.168.0.2 255.255.255.0 frame-relay interface-dlci 16 protocol ip 192.168.0.1 ***Note that the 1601 is configured almost exactly the same except that it has an IP ADDR of 192.168.0.2 /24 but I did not include the running config to save space. Thanks in advance. Joe _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Do you know any software which can emulate IBM PC as a Mac?
Sorry for interrupt! Joseph _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Doyle's book - ROuting TCP/IP
Just a note: I saw on Amazon that Jeff Doyle's book (which seems fairly popular here on groupstudy) is currently being prepped for 2nd edition. The due date is March 2001. This is just in case you have recently ordered it and have the time to wait for the new editon. Joe _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Jobs in DC
Hello everybody, I am a a CCNP in the Wahington, D.C. area and I am looking for a new job. I was wondering if any of you know of company that's hiring. I am ready to interview at any time. Thanks, Joseph _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Testing123
testDo You Yahoo!? Yahoo! Messenger - Talk while you surf! It's FREE.
Jobs in DC
Hello everybody, I am a a CCNP in the Wahington, D.C. area and I am looking for a new job. I was wondering if any of you know of company that's hiring. I am ready to interview at any time. Thanks, Joseph _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ntp query
If the routers can't be configured with polling interval to query the ntp server, will they then continue to poll every 60-64 seconds? Or do they only poll when the time is not synch'd with the server? Does the algorithm detect this dynamically? I've seen on Unix servers where the poll stat was either 512 (8min) or 1024 (17 min), will Cisco router/switch behave similarly? where by default it polls once every 60-64secs but as long as time synch's with the server it won't poll again for anumber of minutes later? Thanks. J.Sunia Network Engineer _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
question : ethernet collision rule of thumb...
I would first like to thank everyone. I have been a member of this groups for several years now. I have never actually posted a question, generally I just absorb others questions. I realise there is no concrete answer on this, BUT how many collision on a shared media ethernet segment does it take before having a problem?? I was just invovled in a situation where we had a hub hanging off a hub connected to our 6509. The switchport error disabled and I had to track the devices down. I beleive you will always see some collisions in a shared ethernet environment??? At what collision rate should you get worried??? How much does it take to shut a switch port down??? Thanks, Ed __ Do You Yahoo!? Yahoo! Calendar - Get organized for the holidays! http://calendar.yahoo.com/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Voice Ready Router [7:1092]
It depends on what model 1750. There are 3 models: 1750, 1750 2V, 1750 4V. The 1750 2V-4V you only need a VIC. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=1101&t=1092 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Help on Cisco 4000 Switch [7:6191]
Hi, My friend has a question on the Cisco 4000 switch, can anyone please help? Thanks in advance. == When a Cisco 1720 is hookup to the switch, if there is no traffice from the 1720, it will be disconnected from the Cisco catalyte 4000 switch after a preset 300 seconds. The mac-address of 1720 will be disappeared from the Cisco 4000 switch arp table. Is this OK to use "set arp static-address" to permantly write the 1720 mac-address and IP into the 4000 switch arp table? == Thanks, JC __ Do You Yahoo!? Yahoo! Auctions - buy the things you want at great prices http://auctions.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=6191&t=6191 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Help on Cisco 4000 Switch [7:6191]
hehe.. Interesting. Why in the past when I used "I" to make a statement here and you didn't notice it before? =) Just to clarify it, If you want to have that guy "my friend"'s work #, mobile #, email address, work address..etc as well as my work #, mobile #, email address, work address, I will be so glad to send you the info. The reason I asked for him is that I am only studying Routing 2.0, and don't know too much on Switches. But don't get me wrong, I do appreciate all the suggestions. JC. --- Rik Guyler wrote: > Friend, eh?!? Oh the humanity... ;-} > > Well, you could set a static entry but why? The ARP > table is designed to be > dynamic so that it doesn't grow to a large size and > really create additional > overhead. Remember, before ARP does its broadcast > search, the switch will > check the ARP cache. The bad news: the ARP cache is > parsed from the top > down. So if the table becomes large, static entries > may actually slow > things down. I wouldn't get into the habit of > adding static entries, but if > "his" little heart desires it so badly... > > BTW - removing the router's entry from the ARP table > will not disconnect it > from the switch. All that it really does is force > the switch to broadcast > for the MAC address of the router if it's not in the > table and that really > doesn't take much time at all. If a disconnect is > really happening, then > you...I mean he...has other issues to contend with. > > Rik > > -Original Message- > From: Joseph Cheng [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, May 29, 2001 3:23 AM > To: [EMAIL PROTECTED] > Subject: Help on Cisco 4000 Switch [7:6191] > > > Hi, > > My friend has a question on the Cisco 4000 switch, > can > anyone please help? Thanks in advance. > > == > When a Cisco 1720 is hookup to the switch, if there > is > no traffice from the 1720, it will be disconnected > from the Cisco catalyte 4000 switch after a preset > 300 > seconds. > > The mac-address of 1720 will be disappeared from the > Cisco 4000 switch arp table. > > Is this OK to use "set arp static-address" to > permantly write the 1720 mac-address and IP into the > 4000 switch arp table? > == > > Thanks, > JC > > __ > Do You Yahoo!? > Yahoo! Auctions - buy the things you want at great > prices > http://auctions.yahoo.com/ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] [EMAIL PROTECTED] __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=6647&t=6191 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Router problem inserting into token ring [7:33304]
Thank you all for your replies. I have solved the problem, apparently these MAU's are not capable of 16mb speeds. I chaned the speed on the token ring cards and the routers to 4mb and everything is working great. I don't need 16mb anyway because this is a non production lab. Thank you all for you help. Joseph J. Slawinski AT&T Global Networks Network Technician CCNP,CCNA,A+,Apple,HP,Canon Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=33744&t=33304 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Topic repeat [7:33865]
get real.. what SDSL Provider is going to do BGP with you ? Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 31, 2002 12:20 PM To: [EMAIL PROTECTED] Subject: Re: Topic repeat [7:33865] You can use BGP if you simply receive partial routes from say the SDSL provider and point default at the other with floating default for SDSL provider. This way you can dynamically announce your network, get some load balancing and redundancy. Dave Shawn Xu wrote: > > First of all, I should announce I have searched Archives before I post this > message, but not exactly match my question. > > Some people said for this topic you have to use BGP, and some people said > you can use default route if you are only for load balance and fault > tolerance purpose. > > We have one client, who currently uses T1 line (Cisco 2503 router) to an > ISP, and has a whole class C ip address (/24) from the ISP. And on their > local network, they have web server, mail server, etc. everything is working > fine. > > Now they want to connect to us using SDSL line (Cisco 1605 router) for load > balance and fault tolerance. > > How to do that? > > 1. Cannot use BGP, because nobody wants to buy a BGP router. > 2. Static or default route: > (1) HSRP groups implement load sharing, and automatically switching over in > case of one line is down, is it right? > (2) Because they are using T1 line ISP's IP address for local network, if T1 > line is down, how can we route their traffic through DSL line, ip route > 0.0.0.0 0.0.0.0 DSL_ISP will work? and from outside how people can reach > their local network through DSL line? > > Thanks > > Shawn > > _ > Chat with friends online, try MSN Messenger: http://messenger.msn.com -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 "Emotion should reflect reason not guide it" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=33895&t=33865 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: cef debug error "slow service", what [7:34218]
are you running cef with NAT ? Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: bergenpeak [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 02, 2002 4:03 PM To: [EMAIL PROTECTED] Subject: cef debug error "slow service", what's it mean? [7:34218] I'm having some problems wit CEF and so enabled a number of CEF debug commands (ip cef drops, events, received). I'm getting periodic debug output which says "CEF: slow service". What does this mean? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=34229&t=34218 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Concentrator 3030 RADIUS authentication [7:34537]
Configuration | User Management | Groups | Modify For the group under IPSEC you need to specify the authentication method (Internal, NT Domain, Radius, SDI, etc) in addition to labeling it an "external" group. once you do this if it still will not work, then do some debugs under Configuration | System | Events | Classes for all 3 auth's Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: Jim Bond [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 05, 2002 5:50 PM To: [EMAIL PROTECTED] Subject: Concentrator 3030 RADIUS authentication [7:34537] Hello, I'm trying to set up authenticating groups externally through RADIUS. I created a group and changed the type to "External". On my RADIUS server (Safeword 5.1), I created a group with the same name on 3030. Users couldn't get authenticated. On 3030 log, it said user unspecific. Any thoughts? Thanks. Jim __ Do You Yahoo!? Send FREE Valentine eCards with Yahoo! Greetings! http://greetings.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=34547&t=34537 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VIP2 microcode [7:34511]
Ok here is where we're at: We've never had this RSM with a proper image. The first time we booted it there was only a boot image on it (c5rsm-boot-mz.112-12a.P1.bin), so we don't know if there was some pre-existing hardware problem with our VIP2 card. With the old 11.2 *boot* image we didn't receive a boot error and software does get loaded onto the VIP2 (sw ver 22.20). We can't see the amount of memory on it and the microcode status is 0x4 (all from sh diag). Also we can't see the ATM PAM interface, though the enabled light is on. We installed the c5rsm-jsv-mz.122-3.bin and we didn't have enough DRAM on the RSM (only 32M) to support it so we reloaded the other image we had into the RSM (c5rsm-jsv-mz.121-10.bin) and we received these errors during bootup: ***CUT FROM CONSOLE*** %VIP-3-SVIP_RELOAD: VIP2 slot9 : SVIP Reload is called. %VIP-3-SYSTEM_EXCEPTION: VIP2 slot9 : VIP System Exception occurred sig=10, code =0x1C, context=0x605154A4 %CBUS-3-CCBPTIMEOUT: CCB handover timed out, CCB 0x5800FFB0, slot 9 -Traceback= 602E6454 602E3B18 602E416C 602DB3E8 60269744 601C1C70 601C1E48 60249 B44 60249B30 ***END CUT FROM CONSOLE*** We also did a sh diag and saw that the "board is disabled wedged" and the memory amount is unknown (like before), and this time, it doesn't say the sw version (under sh cont cbus) and the microcode status is 0x5. Also shown under sh diag is: === Flushing messages (00:00:01 UTC Mon Mar 1 1993) === Queued messages: No fault history 0x. Need 11.1 (2) or higher ROM Under 12.1, this is what a sh cont vip all log displays (there isn't a sh cont vip all log under 11.2 so I didn't get output from that version of IOS): show logging from Slot 9: %Failed to connect to remote console : no such port I *think* we have the VIP2-15 because it has one SRAM slot and two DRAM slots, thereby having 1MB of SRAM and 16MB of DRAM. (as a side note, what's the SRAM for?). I apologize for the spam, but I don't know any other way to provide you with enough info to diagnose this problem. I have edited out as much information as possible. If there is some information that I left out that would be important to see, let me know. I'm really not sure where to go next. Thanks, Joe Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=34593&t=34511 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Dynamic Mac Address Assignment [7:35303]
IOS based switch - 3524XL_ATL(config-if)#mac-address ? H.H.H MAC address Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: Kwame [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 13, 2002 10:11 AM To: [EMAIL PROTECTED] Subject: Dynamic Mac Address Assignment [7:35303] Pls ignore my previous post b'cos it's wrongly frame. Here's what I want to ask: Is it possible to assign a mac address to a catalyst switch such that the switch would not use the burned-in-mac but rather use the assigned mac? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=35309&t=35303 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DRAM and FLASH question [7:35600]
www.memoryx.net great prices, selection Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: Ronnie [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 16, 2002 6:38 AM To: [EMAIL PROTECTED] Subject: DRAM and FLASH question [7:35600] Hi all, I was wondering if somebody good tell me the secret on Kingston memory and flash in Cisco Routers. Where is a good and not so expensive (I'm Dutch .. :-)) site for selling these items ? Thanks in advanced ... Cheers Ronald Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=35622&t=35600 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DRAM and FLASH question [7:35600]
www.memoryx.net great prices, selection Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: Ronnie [mailto:[EMAIL PROTECTED]] Sent: Saturday, February 16, 2002 6:38 AM To: [EMAIL PROTECTED] Subject: DRAM and FLASH question [7:35600] Hi all, I was wondering if somebody good tell me the secret on Kingston memory and flash in Cisco Routers. Where is a good and not so expensive (I'm Dutch .. :-)) site for selling these items ? Thanks in advanced ... Cheers Ronald Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=35622&t=35600 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP's and ISP going out of business [7:35850]
No. Its usually non-portable space. Unless your a really important company like USPS that has tonnes of portable space Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: Steven A. Ridder [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 19, 2002 9:48 AM To: [EMAIL PROTECTED] Subject: IP's and ISP going out of business [7:35850] If a company has a block of public IP's assigned to them via their ISP, and that ISP goes out of business, can a company transfer those IP's to a different ISP? I don't think so, but maybe I'm wrong. -- RFC 1149 Compliant. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=35856&t=35850 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: China/Cisco connection [7:35946]
>BTW, does the US government filter access to the internet for it's employees >and from it's offices? bet they do! Don't compare the access US govt employees have @ work, (where our tax dollars pay the bills) to the access these same employees have in their homes. The Chinese "government" is not just blocking its employees internet access while on the job, it is limiting free speech in the entire country. Such an arrogant comparison is dangerous. Lets not forget our countrymen who were held against their will as pow's for 2 weeks last year. China is an oppressive communist dictatorship, hate our government all you want, at home you have free reign of the net. Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: Chuck [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 20, 2002 9:35 AM To: [EMAIL PROTECTED] Subject: Re: China/Cisco connection [7:35946] so. BFD, packets can be sniffed and access to certain sites can be blocked. so what? nothing new here. We get questions on this list regularly about how to do it. There are several companies, including but not only Cisco, who make a lot of money selling content blocking products. Most things in life can be used for good or evil. The internet is no different. Corporate and government response to the internet is no different. BTW, does the US government filter access to the internet for it's employees and from it's offices? bet they do! Chuck Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36037&t=35946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MPLS in the Enterprise [7:36670]
i was pitched this very thing recently by wcom and qwest.. basically it is only as secure as your carriers.. if some "f*cks up" and imports something into your VRF, either a default, another vpn, or whatever you security is finished.. plug banks are supposed to encrypt over IPSEC, so why bother running MPLS (come one how much diff-serv can do you on frac T-1's anyway) if you are just going to IPSEC the packets between pix's or vpn concentrators anyway.. MPLS right now for 100 sites, just can't be trusted. I used to work for ISP's, everyone there was a perp.. trust my vpn security to some loser ISP. No thanks read this http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/mxinf_ds.htm Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 12:24 PM To: [EMAIL PROTECTED] Subject: MPLS in the Enterprise [7:36670] Okay, I'm about to show how clueless I am when it comes to MPLS I've been getting calls from multiple providers lately all trying to suggest that I migrate our 100-site frame relay network to their MPLS network, suggesting that we'll have any-to-any connectivity and the ability to prioritize traffic classes within the MPLS network. Are any of you doing something like this? I'm going to read up on it but I'm having trouble visualizing it. Does this basically turn our network into a giant multipoint network? Do our branch routers need to be aware of MPLS or do providers make this transparent somehow? How does this affect routing? It seems that if we have any-to-any connectivity then the branch routers don't even need to run a routing protocol; every router would have one exit point to get to any destination. But, how would the MPLS cloud know where to route packets? The more I think about it it seems like our branch routers would have to participate in MPLS to provide the necessary destination info for the MPLS cloud. See how clueless I am? Ugh... Time to do some studying on this. Since we already do a little video conferencing over IP and are working on getting VoIP working, it might be beneficial to get away from the frame relay network. But since I don't understand this new technology, I don't know if it's a viable solution for us or not. Off to CCO I go! Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36672&t=36670 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
re: Cisco Wireless Cert [7:36794]
Hello, I was thinking about taking the cisco wireless cert. Does anyone have any ideas on where i can get some documentation in order to prep for the exam. Cisco's CCO has a long and boring CBT. Thanks Joe Rago Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36794&t=36794 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco CPU [7:36765]
Target[2621_cpu]: 1.3.6.1.4.1.9.2.1.57.0&1.3.6.1.4.1.9.2.1.58.0:@ MaxBytes[2621_cpu]: 100 AbsMax[2621_cpu]: 100 Options[2621_cpu]: gauge,nopercent,growright Unscaled[2621_cpu]: dwmy YLegend[2621_cpu]: Utilization ShortLegend[2621_cpu]: % LegendI[2621_cpu]: 1 Min: LegendO[2621_cpu]: 5 Min: Legend1[2621_cpu]: AvgBusy 1 Min Legend2[2621_cpu]: AvgBusy 5 Min Title[2621_cpu]: 2621_Kansas Router CPU Utilization PageTop[2621_cpu]: 2621_Kansas Router CPU Utilization Target[2621_mem]: 1.3.6.1.4.1.9.9.48.1.1.1.5.1&1.3.6.1.4.1.9.9.48.1.1.1.6.1:@ MaxBytes[2621_mem]: 15365292 Options[2621_mem]: gauge,nopercent,growright Unscaled[2621_mem]: dwmy YLegend[2621_mem]: Memory Used ShortLegend[2621_mem]: Bytes LegendI[2621_mem]: Used LegendO[2621_mem]: Free Legend1[2621_mem]: Memory Used Legend2[2621_mem]: Memory Free Title[2621_mem]: 2621_Kansas Memory Utilization PageTop[2621_mem]: Memory Utilization of 2621_Kansas Memory CPU = Just go with 100% MEMORY is router specific.. telnet to the router and do show mem.. if i found MIT_CORE_1>sh mem HeadTotal(b) Used(b) Free(b) Lowest(b) Largest(b) Processor 62298CE090600224 48963288570389685493368 85631408 I/O790 7340032 2273784 5066248 5041504 5066012 90600224 would be my maxbytes for mem. I use Processor mem in my mrtg configs.. because i think the other parts of my memory in I/0 are reserved for IOS and shouldn't be counted.. plus the OID only concerns processor memory. Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: Richard Tufaro [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 27, 2002 11:02 PM To: [EMAIL PROTECTED] Subject: Cisco CPU [7:36765] Hey guys..a little off topic but where is the BEST place to find out how to install and configure Cisco CPU and Memory stats with MRTG. I get to somix and the MIB's but what do i do with them? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36769&t=36765 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CIT Support Passing Score [7:37113]
100%, anything less, john chambers puts your name in a database that prevents you from working on his equipment for 10 years. Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: john jones [mailto:[EMAIL PROTECTED]] Sent: Sunday, March 03, 2002 6:20 PM To: [EMAIL PROTECTED] Subject: CIT Support Passing Score [7:37113] All, What's the passing score for the 640-506 support exam. Thanks, John __ Do You Yahoo!? Yahoo! Sports - sign up for Fantasy Baseball http://sports.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37116&t=37113 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Pix NAT - Two to one [7:37179]
pix will respond with error if you do more than 1 static command (specify more than one public > private translation, using the static command). Pix dosent offer "extendable" either (im running 6 train on the pix) Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: Hire, Ejay [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 3:52 PM To: [EMAIL PROTECTED] Subject: RE: Pix NAT - Two to one [7:37179] On a cisco router, you use the Extendable command. not sure about the pix. -Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 3:07 PM To: [EMAIL PROTECTED] Subject: Pix NAT - Two to one [7:37179] Hi all, Has anybody tried NAT'ing two outside addresses to one internal (DMZ) address on the same port (80) in some way. Not too difficult to get round, as I can get the DNS of one site changed and use the single address outside to single inside. The advantage would be that when the web sites are separated, to two machines inside, I would like to be able to change the pix settings immediately rather than change DNS and wait a couple of days for DNS to propagate. I'm sure there may be some simple way of doing it, but I couldn't find it whilst playing about today. Any ideas welcome. Thanks, Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37200&t=37179 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: strange problem [7:37359]
David Letterman's top 10 reasons this customer can't browse the internet: 10) PPP - Pre-Historic Pathetic Protocol 9) ISDN - Inferior Service for Dinosaur Networks 8) DNS - Dosent' networking Suck 7) ACL - Adamantium Cisco Locks 6) RIP - Rest In Peace (V2 also) 5) BGP - Big Geek Past-time 4) NAT - Non Acceptable Timeouts ? 3) PING - Please Investigate News Groups 1st ! 2) CBAC - Can't Browse ? Ask Cisco 1) TAC - Try Accepting Counseling Ping first by name, if it does not resolve to ip, try nat settings... if it does resolve try telnetting to something external.. next check ie settings.. make sure they dont have a proxy set or something. Post config here. ""kaushalender"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi group > > I am facing strange problem one of customer whom we have given 128Kbps > linkand connected on ppp ecapsulation. They r not able to browse the > website.When i did traceroute and ping it was working fine and customer > is able to reach the internet .But when i typed www.yahoo.com in the > browser the browser was respoding "website found waiting for reply " and > it keeps on waiting .Can somebody can help me in identifing that why > http request is dieng or geting killed Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37368&t=37359 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
re: wireless cert [7:37574]
Has any one taken the cisco wireless cert exam. If yes, what study material did you use. Is there anything besides the presentation on Cisco's CCO. Thanks Joe R. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37574&t=37574 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
unicast flooding:question [7:37609]
I have a scenario I wanted to bounce of the group. I never really thought about this before, just wanted to confirm what Im thinking is correct. By default I think a Cisco router maintains an ARP entry for 2 hours, at which time if its not been used it ages out. In a Cisco switch however cam entries age out in a much shorter rate, I think 10 minutes. On that note can't you get unicast flooding as a result of this?? Because the cam entry for a device has disappeared and the directly attached router still has an Arp entry?? Wont packets destine for that device from another Vlan still be sent to that network and get unicast flooded??? (A switch floods a packet when it doesnt not have a cam entry for it, if the device is shut off the cam isnt going to come back) This could be fixed by a clear Arp but unless I'm missing something it seems what I stated above would happen, and could happen regularly for up to a 2 hour period ?? __ Do You Yahoo!? Try FREE Yahoo! Mail - the world's greatest free email! http://mail.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37609&t=37609 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cat 6505 Error Message [7:37543]
Is it possible that somehow when it rebooted it came up on a older code rev?? (ie: multiple images in bootflash) I know depending on the gig mod you need a certain code rev to support it. Not sure what you get if your running code prior to that first supported rev --- Mark Odette II wrote: > I've never seen anything like this myself, but... > > If it is not considered "Production" yet, why don't > you just power the whole > switch down, re-seat the GIG line card, and then > power it back up?!? > > Of course, make sure you are console connected so > you can watch the boot > process. > > Aside from that, I would think that maybe you should > look at your SmartNet > contract and call TAC for a possible replacement > (and start watching the > rest of the switch for possible further power > damage. > > Mark > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > Fraasch James > Sent: Thursday, March 07, 2002 9:56 AM > To: [EMAIL PROTECTED] > Subject: Cat 6505 Error Message [7:37543] > > > I swear I get more error messages on my stuff than > anyone! I must have that > magic 'static' toouch or something! > > So here is the problem: I have a 6506 hooked up with > both power supplies > plugged in and everything says 'green'- everything > except module 6 which is > a 16 port gigabit card. It was working and I was > pinging all downstream > switches as of Tuesday afternoon. I noticed in Show > Version that somehow > the switch was rebooted on Tuesday night (I think it > lost power and since it > is not quite production it is not yet plugged into a > UPS). Well, since the > reboot, module 6 has been unable to register. I get > the error message: > SYS-5-MOD_NOREGISTRATION: No registration received > from module 6...resetting > module. > > Cisco website doesnt say much on the topic except > that the module will be > rebooted until it registers...but it never > registers. So I guess the > questions I have are 1) Has anyone ever seen this > before, and 2) Could it be > related to power problems? > > Thanks for any help. > > James [EMAIL PROTECTED] __ Do You Yahoo!? Try FREE Yahoo! Mail - the world's greatest free email! http://mail.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37612&t=37543 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE Lab - San Jose [7:37444]
MOTEL 6 - SAN JOSE AIRPORT, CALIFORNIA #1007, San Jose, CA US 101/Bayshore Freeway at the 1st Street exit Ph: (408) 436-8180 (its by a car rental place and accross the fwy is a hyatt.. used to live there at that hotel... :) Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: Hire, Ejay [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 2:52 PM To: [EMAIL PROTECTED] Subject: RE: CCIE Lab - San Jose [7:37444] There is a $50/night motel 6 with a denny's in the parking lot that is okay.I can't remember the name of the street it's on, but it's only about 2 mi. from the hq. -Ejay -Original Message- From: timothy thielen [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 12:57 PM To: [EMAIL PROTECTED] Subject: RE: CCIE Lab - San Jose [7:37444] If you test date is a long way off, or you are close by, start walking now. Remember to pack food and supplies for cold and warm weather. Also, a rain poncho may be wise. Carry or search for a cardboard box (the only approved Homeless/bum shelter approved for use within San Jose). Find a space to sleep either near the cisco compound or near a light-rail station. Transportation from Box to Cisco: Take the light-rail. USUALLY nobody will even check for a ticket. If the transit police DO check, at least you have a better place to sleep tomorrow night. Seriously, though, things are not cheap in San Jose. BUT, the do have an abundance of Starbucks Coffee Installations, where jack-booted Caffiene-Nazi's are likely to force you to consume the People's Drink. --Tim James wrote: > > Hello, > > I hope to get some advice from those who attempted the > lab in San Jose. I have a lab scheduled soon and hope > that someone can let me know where to stay at the best > rates, travel arrangements from hotel to Cisco, etc.. > any information is greatly appreciated. > Thank you > > > > __ > Do You Yahoo!? > Try FREE Yahoo! Mail - the world's greatest free email! > http://mail.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37591&t=37444 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cat 2950-24 [7:37374]
Moreover, the 6509 complains (cat-os) if it hears BPDU's on a port configured for Portfast . That port is automatically, immediately disabled. Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: Mike Mandulak [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 06, 2002 9:11 PM To: [EMAIL PROTECTED] Subject: Re: Cat 2950-24 [7:37374] The portfast command does not turn STP off. The following is from CCO: Cisco added a feature named "portfast" or "fast-start," which means the STP for this port will assume that the port is not part of a loop and will immediately move to the forwarding state, without going through the blocking, listening, or learning states. This command does not turn STP off. It just makes STP skip a few (unnecessary in this circumstance) steps in the beginning on the selected port. Note: The portfast feature should never be used on switch ports that connect to other switches, hubs, or routers. These connections may cause physical loops and it is very important that spanning tree go through the full initialization procedure in these situations. A spanning tree loop can bring your network down. If portfast is turned on for a port that is part of a physical loop, it can cause a window of time where packets could possibly be continuously forwarded (and even multiply) in such a way that the network cannot recover. - Original Message - From: "Elijah Savage" To: Sent: Wednesday, March 06, 2002 10:56 AM Subject: RE: Cat 2950-24 [7:37374] > From my knowledge if you use this command (spanning-tree portfast) on a > switch port it actually disable spanning tree for that port you should > only do this if pc's are connected. So if you enable portfast you > disable spanning tree for that port, if you disable portfast you enable > spanning tree for that port. > > What this does with it enabled and a pc connected to it, it will keep > the port from going through all the spanning tree phases you know like > learning, listening, blocking etc it will take the switch 60 seconds to > figure all this out before it starts passing traffic to that port. If > portfast is enabled then it does not go through those phases and will > only take approximately 3 seconds before traffic is passing according to > Cisco. Someone please correct me if I am wrong here or missed something. > Hope that helps > > www.digitalrage.org latest in Technical News and HowTo's > www.digitalrage.org/phpBB Discussion Forums > > > -Original Message- > From: Cebuano [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, March 06, 2002 7:21 AM > To: [EMAIL PROTECTED] > Subject: Re: Cat 2950-24 [7:37374] > > You don't disable STP on the port to the PC because > STP is only run between Layer2 devices. > I believe you are referring to PortFast. > > Elmer > > - Original Message - > From: "Brian" > To: > Sent: Wednesday, March 06, 2002 2:34 AM > Subject: Re: Cat 2950-24 [7:37374] > > > > If you connect a computer to a switch port, it takes spanning tree a > bit > to > > allow traffic to pass. If this is an individual host being connected, > you > > could try disabling spanning tree on the port.. > > > > Bri > > > > - Original Message - > > From: "Ismail Al-Shelh" > > To: > > Sent: Tuesday, March 05, 2002 10:44 PM > > Subject: Cat 2950-24 [7:37374] > > > > > > > Dear all > > > We have Pc with 3Com 3c90x-Tx 10/100 Network Card. This PC is > installed > > > with Dos 6.22 Operating System. We used to connect this to our 3com > > > Switch1100 with the dos driver provided by 3Com. The sequence of > loading > > > the 3com driver to connect to 3com Switch1100 is as follows: > > > LSL.COM > > > 3C90X.EXE > > > IPXODI.COM > > > NETX.EXE > > > F: > > > LOGIN > > > This is in a batch file and when we run the batch file it will > connect > > > immediately. > > > The problem I am facing while connect to CISCO CATALYST 2950-24 port > is > > that > > > If I am > > > running the same batch file it will not connect. > > > I have to load the LSL.COM first and port on switch to which this > computer > > > is connected will be in Green color. But When > > > I will load 3c90x.exe immediately the port on the switch color > becomes > > > amber. > > > I have to wait for 1 to 1.5 minutes for the port color to become > green > > > and after that if load IPXODI.COM and NETX.EXE then it will connect. > > > I can see this because I am sitting in front
RE: concentrator 3000 vs. checkpoint vpn [7:37474]
The checkpoint is the black sheep of the industry. It is a poorly documented, un-intuative, overly licensed B.S. interface. The checkpoint where I used to work (nokia IP 440) reminded me of this cartoon with porky pig and daffy duck. Porky pig gets a hotel room for .10Cents. The mouse comes and starts chewing celery so he can't sleep. Then daffy wants like $10 for a cat to get rid of the mouse. Then the cat keeps him from sleeping so daffy wants $20 for a dog to get rid of the cat, and its goes all the way till an elephant to get rid of a lion for several hundred dollars. And guess what gets rid of the elephant, (now taking up all the space in his hotel room) ? You guessed it a MOUSE !. Moral of the story, they string you along with different answers on each call (so issues just go in circles), the licenses make the product too expensive, while not as good at VPN tunneling as a Cisco VPN Concentrator, which comes with 100 USERS for only around $4K. The Checkpoint is garbage. Avoid it at all costs. Long live Altiga (Cisco) VPNs. Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice -Original Message- From: ""[EMAIL PROTECTED] [mailto:""[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 2:18 AM To: [EMAIL PROTECTED] Subject: RE: concentrator 3000 vs. checkpoint vpn [7:37474] I've worked with the 3000 concentrator but not with the Checkpoint. The 3000 is very user friendly and easy to use. You have to do minor configuration via console and then you're off with the web interface which is very simple to use. I can't make a recommendation for which you should buy but the Cisco products always make me happy. I've set up a vpn tunnel from a cisco router to a checkpoint firewall and it seemed like the person on the configuring end of the checkpoint had a lot of problems with upgrading software and technical support but that may have been a one person scenario. I can't say for sure. Jason -Original Message- From: Colin [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 07, 2002 8:03 AM To: [EMAIL PROTECTED] Subject: Re: concentrator 3000 vs. checkpoint vpn [7:37474] I haven't used both but I had to reply. I had set up a CheckPoint SecuRemote VPN, the VPN package that came with CP 2000 on a Nokia box and I have to say, it's not worth the hassle. CP tossed in the VPN component as a selling point so they could say, "Hey our firewall does it all". I should also mention that their documentation on getting SecuRemote up and running is sad, if not almost non-existent. Colin Alex Lei wrote: > Group, > > Has anyone used both concentrator 3000 and checkpoint vpn (either software > or hardware)? What are each's advantages and disadvantages? I am interested > in the following factors: Ease of installation and configuration, security, > manageability, reporting and logging, scalability, and pricing. I've > searched the archives but couldn't find any real world advices. > > Thanks, > > Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37592&t=37474 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: nter-Vlan routing [7:38088]
Were you able to specify encapsulation ISL/DOT1Q on the router? You still need to be able to understand the trunked VLANS being received on 1 physical connection, using the same encapsulation as the switch. I think you need the PLUS/ENTERPRISE Feature set, hence more dram/flash. A valid configuration, puts ip addresses and specifies encapsulation per sub-if, and each each sub-if is assigned a vlan #. Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: Kelly Cobean [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 13, 2002 10:10 AM To: [EMAIL PROTECTED] Subject: RE: nter-Vlan routing [7:38088] You don't need the IP+ feature-set to route VLAN's. I just tried creating a sub-interface off of the FE on one of our 2621's running 12.1.5 IP, and it let me. That's the only requirement. Kelly Cobean, CCNP, CCSA, ACSA, MCSE, MCP+I -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of colin newman Sent: Wednesday, March 13, 2002 4:59 AM To: [EMAIL PROTECTED] Subject: nter-Vlan routing [7:38088] Hi In order to do Inter-Vlan routing with a 2620, do I need IP Plus IOS? If the IOS does indeed need to be IP Plus, I will have to add more DRAM to the 2620. Currently the router has a 32M module of DRAM. Can I just add another module into the second slot - is it that easy? Any gotchas I should be aware of? Thanks Colin Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=38103&t=38088 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Jr. CCIE Ad on Dice [7:38034]
Every headhunter does that.. i used to be one.. lie lie lie on the phone to hiring managers, candidates. You ask candiditates who have they interviewed with, so you can call that manager and push different candidates, you feel are worth more money (to up your % fee thats paid) and you ask managers who they have been interviewing so you can badmouth that candidate, to get one of yours in. That is the business. EVERY HEADHUNTER does this. Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 14, 2002 10:14 AM To: [EMAIL PROTECTED] Subject: RE: Jr. CCIE Ad on Dice [7:38034] Atlantis Partners is just a bad company all around, from what I can tell. Here in Denver they post fake job openings just to get people to send in resumes to fill their databases. I couldn't believe it when I discovered that they did this. Why would anyone use a company that does stuff like that?? John >>> "Sean Knox" 3/13/02 3:02:29 PM >>> I would say it's a sign that recruiting firms, such as Atlantis, don't have a clue, as it has always been. - Sean -Original Message- From: Tarek Sabry [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 12, 2002 6:27 PM To: [EMAIL PROTECTED] Subject: RE: Jr. CCIE Ad on Dice [7:38034] This is really funny :) I don't think it's a sign that the industry doesn't acknowledge CCIEs as all-round experts anymore (hopefully not anyway!) I think the word "junior" is just to justify the relatively low salary range they're offering (in California). Tarek -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ken Diliberto Sent: Tuesday, March 12, 2002 7:42 PM To: [EMAIL PROTECTED] Subject: Jr. CCIE Ad on Dice [7:38034] This is good for a laugh. They are looking for a junior CCIE. http://www.dice.com/DandL/c/cxapga.35951.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=38242&t=38034 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISL Trunking from a h/w's perspective [7:39246]
"Danny Andaluz, CCNP" - It will work. did it on a 2611. Ci$co, won't support it and obviously they want you to buy more expensive 100 Mbps ports/routers (even if my total of 4 vlans uses 1mbps) Why do you believe everything cisco tells you ? Most of their tech docs were written by people that have never had beyond level 1 on a production router. Would you take make out advice from the loser geek virgin ? Business advice from Enron ? "You must unlearn what you have learned." - yoda Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Friday, March 22, 2002 11:08 PM To: [EMAIL PROTECTED] Subject: Re: ISL Trunking from a h/w's perspective [7:39246] I don't know what else you want me to do to prove it. This was true at one time but it has changed. I have personally not tried this config and seen it work but if I have some time on Monday I'll confirm whether or not the 3660 will do as advertised. Dave "Danny Andaluz, CCNP" wrote: > no you can't. I got straight from cisco that they have to be 100 meg > full-dux interfaces. > ""MADMAN"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Actually on some platforms with the right IOS you can trunk 10 meg ports: > > > > C3660B(config)#inter e2/0.1 > > C3660B(config-subif)#encap dot1 1 > > C3660B(config-subif)# > > > > Dave > > > > danny wrote: > > > > > The router's ethernet must be 100 full dux. You configure subinterfaces > on > > > the ethernet. a trunking protocol must be configured on each sub with > the > > > corresponding vlan #. The router will route between Vlans. > > > > > > Hope this helps. > > > > > > Danny > > > ""George Siaw"" wrote in message > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > Thanks for all your responses. > > > > > > > > One last question though. For external router, routing between vlans > if > > > > I have just one FastEthernet interface on the router can I route > between > > > > vlans? > > > > > > > > George. > > > > > > > > -Original Message- > > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf > Of > > > > Scott H. > > > > Sent: 23 March 2002 00:53 > > > > To: [EMAIL PROTECTED] > > > > Subject: Re: ISL Trunking from a h/w's perspective [7:39246] > > > > > > > > The only time the SC0 interface comes into play is for telnet into the > > > > box. > > > > If you have any 100 MB ports on your switch, you can run trunking. > > > > > > > > set trunk (mod/port) on isl > > > > > > > > If this trunk is running into a router, you need to create the > > > > subinterfaces > > > > on the router to enable routing between VLANS. > > > > > > > > int fa1/0.100 > > > > ip address (the subnet of the vlan) > > > > encap isl (the vlan #) > > > > > > > > HTH, > > > > Scott > > > > > > > > ""George Siaw"" wrote in message > > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > > Do I need an Sc0 port when routing between Vlans? However, there's > no > > > > > uplink module on neither of my supervisor engines. Would you know a > > > > s/w > > > > > work around without having to buy the module? > > > > > > > > > > George. > > > > > > > > > > -Original Message- > > > > > From: Larry Letterman [mailto:[EMAIL PROTECTED]] > > > > > Sent: 23 March 2002 00:17 > > > > > To: George Siaw; [EMAIL PROTECTED] > > > > > Subject: RE: ISL Trunking from a h/w's perspective [7:39246] > > > > > > > > > > You dont have to configure SC0 interface to do isl or dot1q. Its > only > > > > > needed > > > > > for management, telnet etc... > > > > > > > > > > > > > > > Larry Letterman > > > > > Cisco Systems > > > > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > -Original Message- > > > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Beha
VPN issues [7:40064]
Well, I am having some trouble with VPN sessions getting disconnected. I have a Cisco VPN 3005 at the main office that sits in the DMZ zone of a Cisco PIX-515-R and at the remote end I have a Sonicwall ProVX that VPNs into the VPN concentrator. We are using IPSec Lan-to-Lan IKE-3DES-MD5 for the tunnel and have no trouble establishing a connection. But after a few day the Sonicwall disconnects from the VPN and the only way to get it to reconnect is to logout the session on the VPN concentrator. Also the syslog output from the concentrator says key exchange is failing and on the log for the Sonicwall it indicates that it is not getting a response from the remote end. What can I do to prevent this from happening? Thanks, Joe Carr MCDBA, CCDA, CCNP, CCIE (written) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40064&t=40064 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
re: voip em [7:40225]
I have two 2610 routers, one in new york and one in miami These two routers are connected to pbx via e/m cards. When a call is initiated from miami, a ring back tone is heard before the user picks up the phone. However, when the call is initiated from new york, no ring back tone is heard Any suggestions would be appreciated Joe R. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40225&t=40225 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: AS-Path Filtering in Confederations? [7:40249]
ip as-path access-list 1 deny _65001_ outbound from 65002 towards 65003 dosent work ? have you tried both route-map match as-path 1 and neighbor 1.1.1.1 filter-list 1 out ? (not at the same time of course :) Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice -Original Message- From: William Lijewski [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 02, 2002 6:11 PM To: [EMAIL PROTECTED] Subject: AS-Path Filtering in Confederations? [7:40249] Can you filter out certain confederations (in the main AS) using AS-Path access-lists? I don't think that it's possible since they are technically in one big main AS. I have also tried it to no avail, but the thing that makes me think it may be able to be done is if I do a show bgp regexp ^$ it shows just my routes local to my confederation, not anyone elses. I've looked on CCO without any luck. Can someone tell me if this is possible or not? Thanks. Example: (65001) - (65002) - (65003) I want to filter so that confederation 65003 does not see any routes that originated in confederation 65001 using AS-Path Access-Lists. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40311&t=40249 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Network latency [7:40295]
MRTG with PING PROBE SCRIPTS. Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice -Original Message- From: Mike Bernico [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 03, 2002 10:06 AM To: [EMAIL PROTECTED] Subject: RE: Network latency [7:40295] I'd also like to get a program like that. We had to write our own, but I'm sure an outside company could do a better job. Mike --- Mike Bernico [EMAIL PROTECTED] Illinois Century Network http://www.illinois.net (217) 557-6555 > -Original Message- > From: Michalis Palis [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, April 03, 2002 12:09 AM > To: [EMAIL PROTECTED] > Subject: Network latency [7:40295] > > > Dear all > > I am looking for a goot tool to measure network > latence and packet loss. Any idea? > > __ > Do You Yahoo!? > Yahoo! Tax Center - online filing with TurboTax > http://taxes.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40360&t=40295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FIXUP PROTOCOL ON PIX 515 [7:40577]
Hi can anyone tell me in non technical terms what the fixup protocol is used for on a pix 515. Do i need to specify a fixup protocol number for all applications used. Right now i am able to citrix into a server on my DMZ and i do not have a fixup protocol statement defined for citrix ports. Thanks Joe Rago Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40577&t=40577 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Trace failure indication [7:12191]
This problem shows up on any cisco router that I have tried, about 20 routers. It appears from a debug packet and debug icmp on the final destination router that the final destination router still has the port open while it is handling the previous trace probe. I want to know if anyone can get this to work correctly and if not where is this normal error indication documented. Following is a trace with a probe count of 15. I have included the debug output from the destination router. termsvr#trace Protocol [ip]: Target IP address: 192.168.10.2 Source address: Numeric display [n]: Timeout in seconds [3]: Probe count [3]: 15 Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 192.168.10.2 1 192.168.10.2 16 msec * 20 msec * 20 msec * 20 msec * 20 msec * 20 msec * 20 msec * 20 msec termsvr# Result of debug packet and ICMP on 192.168.10.2 01:26:14: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 01:26:14: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 01:26:14: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, sending 01:26:14: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 01:26:17: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 01:26:17: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 01:26:17: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, sending 01:26:17: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 01:26:20: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 01:26:20: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 01:26:20: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, sending 01:26:20: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 01:26:23: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 01:26:23: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 01:26:23: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, sending 01:26:23: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 01:26:26: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 01:26:26: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 01:26:26: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, sending 01:26:26: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 01:26:29: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 01:26:29: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 01:26:29: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, sending 01:26:29: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 01:26:32: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 01:26:32: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 01:26:32: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, sending 01:26:32: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 01:26:35: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 01:26:35: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 01:26:35: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, sending r1# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=12244&t=12191 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Trace failure indication [7:12191]
Even the example at http://www.cisco.com/warp/public/105/ext_ping_trace.html shows this failure but provides no explanation. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=12246&t=12191 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Used Rack [7:15897]
More specifically http://www.musiciansfriend.com/ex/shop/bv/specials/010820062909065227199184438233?pid=450238 but also look at http://www.musiciansfriend.com/ex/shop/bv/specials/010820062909065227199184438233?pid=450065 and http://www.musiciansfriend.com/ex/shop/dj/010820062909065227199184438233?pid=540150 "Justin M. Clark" wrote: > try musiciansfriends.com they have a 8U rack for $19. > > ""Ray Smith"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Anyone with a used 19" Network Rack in good condition to unload at a > > reasonable price, preferable in the New York/NJ area for the purpose of > > saving on shipping & handling? Thanks > > > > _ > > Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp [GroupStudy.com removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=16546&t=15897 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE One Day Lab FAIL [7:27029]
For those that finished with an hour or so to spare, do you mind posting what your estimated typing speed is? I know it sounds funny, but I work with someone who can type 120 words a minute and it seems to make all the difference in a tight time situation like the lab. Thanks in advance, -Joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of McCallum, Robert Sent: Tuesday, November 20, 2001 5:45 AM To: 'Ccielab' (E-mail); Cisco@Groupstudy. Com (E-mail); George; Kev; kevin; sandra; sandra1; Warren Subject: CCIE One Day Lab FAIL O.k. I sat the exam last week and failed but by not a lot. Silly mistakes killed me. For those of you who have still to experience the one day lab then please read ahead. Mostly everyone on this list stated that there was no time to do the lab or check anything. I found this to be so untrue it was unreal. Most people on the lab finished with an hour to go and I had more time than this to check and try to get the annoying things that didn't work to work (although I failed to get two things working)... So from that, my advice is if you are stuck on something, move on and work your way through the workbook. Once you get to the end you should have plenty time to fix (if you can) the problems you left. >From my experience of Brussels everything was there. The proctors turned up when they should, answered any questions you asked, there were icons for each element you had to configure, there was paper, there were pens, pencils, sharpeners and erasers. Lunch was horrible although I don't think anyone was to bothered about lunch, so if you are a person who cannot go without lunch bring a packed lunch with you (just don't put your answers in your lunch box !!). All in all enjoy the experience and READ the questions (even the smallest detail). I am resetting in Feb next year and I reckon the pressure will really be on then. Most people fail 1st time anyway is what I can say this time but next time ?? Robert McCallum Ext 730 3448 DDI : 01415663448 Mobile : 07818002241 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27029&t=27029 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Ebay question [7:32808]
I used that seller before on ebay. I purchased a few token ring hubs from them. They were very prompt and easy to work with. Joseph J. Slawinski AT&T Global Networks Network Technician CCNP,CCNA,A+,Apple,HP,Canon Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=32937&t=32808 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Token Ring DB9 to RJ45 connector [7:33060]
You will need a token ring media filter which has a DB9 connector on one end, and an RJ-45 connector on the other. The media filter basically "filters" out noise on UTP cables. A picture of one is listed in the link below. http://www.pulsewan.com/rad/mf3.htm Hope this helps, Joseph J. Slawinski AT&T Global Networks Network Technician CCNP,CCNA,A+,Apple,HP,Canon Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=33297&t=33060 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Router problem inserting into token ring [7:33304]
I am having a problem I know most of you folks could help me with. I have two 2502 routers and two token ring hubs. The hubs are "dumb hubs," they have no network management capabilities. They don't even have external power supplies. The problem is I am able to hook up my computers to the hubs, the token ring cards will automatically attemt to insert themselves into the rings on the hubs. The relays light up every 15 seconds, so I know that is working ok. My problem is, I am unable to configure the routers to insert themselves into the ring. I have experience connecting hubs with network management modules into routers with no problems, but I somehow can't find a way to configure the routers to attach to these "dumb hubs." I know that I'm missing something key here. I was thinking maybe the media filters I am using are defective, but I can't be sure. I know this question may sound dumb, but I have nowhere else to turn. Thank you in advance for your help, Joseph J. Slawinski AT&T Global Networks Network Technician CCNP,CCNA,A+,Apple,HP,Canon Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=33304&t=33304 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Router problem inserting into token ring [7:33304]
I have checked the ring speed, its the same on the token ring cards and the router. The hub doesn't have a setting for ring speed though. Author: Charles Manafa (---.blueyonder.co.uk) Date: 01-26-02 17:26 Have you checked the ring speed? CM - Original Message - From: "Joseph Slawinski" To: Sent: Saturday, January 26, 2002 8:26 PM Subject: Router problem inserting into token ring [7:33304] > I am having a problem I know most of you folks could help me with. I have > two 2502 routers and two token ring hubs. The hubs are "dumb hubs," they > have no network management capabilities. They don't even have external > power supplies. > > The problem is I am able to hook up my computers to the hubs, the token ring > cards will automatically attemt to insert themselves into the rings on the > hubs. The relays light up every 15 seconds, so I know that is working ok. > > My problem is, I am unable to configure the routers to insert themselves > into the ring. I have experience connecting hubs with network management > modules into routers with no problems, but I somehow can't find a way to > configure the routers to attach to these "dumb hubs." I know that I'm > missing something key here. I was thinking maybe the media filters I am > using are defective, but I can't be sure. > > I know this question may sound dumb, but I have nowhere else to turn. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=33322&t=33304 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Router problem inserting into token ring [7:33304]
The MAU's speed cannot be changed, so I am guessing this is controlled between the token ring cards and the router, (they have to negotiate together). The 15 second blinking of the port light on the MAU is only when one PC is attached. I used this as an indicator to prove that the ports were working properly. When both PC's are connected to the MAU, the lights stay on because there is at least two devices that have created the ring. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=33326&t=33304 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Limit access to serial link to four users [7:33306]
see comments below -Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Saturday, January 26, 2002 3:51 PM To: [EMAIL PROTECTED] Subject: Limit access to serial link to four users [7:33306] >Hi all, >I'm after some ideas if you'd be so kind :-) >A 2Mb link being used mainly for streaming media has about 15 potential >users. The task is to limit the number of users at any one time to four, so >they have half a Mb each (ish). All 15 @ once may be able to watch this stream. you should run a test to determine if this is a 300kbps, (DSL cable stream) or a 150Kbps "T-1" stream. if you go to Abcnews.com or somesites to watch video, they expect corporate users to choose a T-1 stream, because they run on a business line which is not exclusively for the streaming. What I would do is ask people to choose the lower res stream, and enforce this with an aggresive car / traffic shaping policy. It would be nice if this stream uses layer 4 characteristics which will make it easy to classify and apply policy to, however assuming it uses a protocol you don't wish to delay (like tcp 80, http), you can always use car to limit per ip bandwidth for your 15 potential users, this would easiest if their ip's were in a neat little /28 range) >My initial idea, which I must admit, I dont think is such a good one is to >set up a NAT pool of four addresses, and drag the translation timeout down >to about a minute (yet to be tested), so that the first four users to pass >traffic will be translated and allowed through, but after that, they'll have >to wait. this can work.. however every minute it would get kicked.. not cool if the stream is long. (you can make sure the potential users are in a specific range and then make a route map, keeping the hosts in their own nat pool, unless your potential users are your only users. >I'm off to look at something like TACACS to see if I can control network >authorization by number of users (shot in the dark). >No equipment in place yet, so we have a clean drawing board. >Anybody have any neat ideas please!! Thanks, Gaz Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=33313&t=33306 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP and one backup link [7:33433]
Sometimes As prepending won't work.. your best bet is to telnet to route-views.oregon-ix.net (public route server) and do a show ip bgp with your as # (then you will know who is using your prepended path to get there. Most likely one peer of your backup link providers, sets local pref or metric on a private peering arrangement, thereby nullifying your prepends. Unfortunately there is nothing you can do.. if you were a hi-cap T-3 or larger customer, they might traffic engineer this for you. Joseph Brunner ASN 21572 MortgageIT MITLending New York, NY 10038 (212) 651 - 7695 Voice (212) 651 - 7795 Fax -Original Message- From: Alejandro Acosta [mailto:[EMAIL PROTECTED]] Sent: Monday, January 28, 2002 10:36 AM To: [EMAIL PROTECTED] Subject: BGP and one backup link [7:33433] Hi all, I have a BGP question. In this moment we have one Internet link with just one provider, now, we have got a second link just for backup. I mean, we can only use it for 180 hrs per month. I can easily manage my outgoing traffic (using local preferece or weight), however the incomming traffic in more difficult. I added many prepends (9) in the publication of the second link but there still few traffic on it. There is not IBGP between my two providers. Any ideas? Thks in advanced. Alejandro Acosta Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=33441&t=33433 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Port Numbers
This link should tell you. http://www.networksorcery.com/enp/default.htm ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CIT questions?
Does anyone know what's different between new and old test? Any suggestion will be appreciated. Joseph ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: visio template for Cisco equipment
David, I have the same problem as yours. Q: How many types of CCO account are there? Joseph "David Ristau" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I have a cco account and it's not very helpful, maybe I need > another type of account ? I can login to CCO but get auth > failed when going to this page. heh! > > > Neil Schneider wrote: > > > > Fine if you have a CCO acount, otherwise not very usefull. > > > > Neil > > > > ""McCallum, Robert"" <[EMAIL PROTECTED]> wrote in message > > news:[EMAIL PROTECTED] > > .uk... > > > Once again, > > > > > > http://www.cisco.com/partner/visio/ > > > > > > -Original Message- > > > From: Mike Dang [mailto:[EMAIL PROTECTED]] > > > Sent: 31 August 2000 15:29 > > > To: [EMAIL PROTECTED] > > > Subject: visio template for Cisco equipment > > > > > > > > > Hi group, > > > > > > I'm using Visio to draw a network topology and just wondering that if > > > anyone knows where I could find .vsd files for Cisco equipment? And > > > how much it would cost? > > > > > > Thanks in advance, > > > > > > MD > > > > > > > > > __ > > > FREE voicemail, email, and fax...all in one place. > > > Sign Up Now! http://www.onebox.com > > > > > > ___ > > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > > > FAQ, list archives, and subscription info: http://www.groupstudy.com > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > ___ > > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > > > FAQ, list archives, and subscription info: http://www.groupstudy.com > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > ___ > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > > FAQ, list archives, and subscription info: http://www.groupstudy.com > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: bcran
Passing Score: 692 Time: 105 min with 61 Questions. You can not mark and go back. ""cslx"" <[EMAIL PROTECTED]> wrote in message 8p51lc$7td$[EMAIL PROTECTED]">news:8p51lc$7td$[EMAIL PROTECTED]... > please tell me the pass score of bcran and the number of the questions of > bcran > thanx > > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: free book (introduction to network analysis)
Try this www.cisco.com/offer/avvid/d877 "Lauren Child" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hiya, > > Free book alert and demo CD from network associates on their sniffer > package. > > register here - > > http://networkassociates.worldatamail.com/cgi-bin/mail.dll?A282 > > TTFN > Lauren > -- > [EMAIL PROTECTED] Lauren Child, BSc. CCNP-ATM & CCDP Certified > http://www.laurenchild.net/ http://www.routerfaq.net/ > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: tftp
Mag, It means that "timesout and Out-Of-Order (easy to remember: So many big O) pakets prevent netbooting. (ftp, tftp, or rcp)"ref: Cisco CIT page 3-49, 50 Joseph "Magnus Thorne" <[EMAIL PROTECTED]> wrote in message 8B5B58F220FCD311879600508B652072010FC102@ev-cal-ex01">news:8B5B58F220FCD311879600508B652072010FC102@ev-cal-ex01... > When tftping a new firmware... > > ! means good packet > . means no packet? > O means ??? > > thanx, > -Mag > > > Magnus Thorne > eVoice, Inc. > 1394 Williow Road > Menlo Park, CA 94025 > Direct: 650.330.3974 > Main: 650.330.3700 > Cell: 650.799.6887 > Fax: 650.330.3901 > > eVoice. The best voicemail you can buy is free. > Sign up at www.evoice.com or call 1.800.GET.EVOICE > > **NOTE: New CCNA/CCDA List has been formed. For more information go to > http://www.groupstudy.com/list/Associates.html > _ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DR verses BDR IP address
DR and BDR listen to 224.0.0.5 but BDR gets 224.0.0.6 multicast also. regards jaison > -Original Message- > From: Bond Jeffrey MSgt 93 CSS/SCON [SMTP:[EMAIL PROTECTED]] > Sent: Wednesday, May 10, 2000 10:56 PM > To: Cisco (E-mail) > Subject: DR verses BDR IP address > > Can anyone tell me if the DR and BDR both listen to multicast address of > 224.0.0.6 and all OSP routers use 224.0.0.5. > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Routing or Bridging?
you have to use edge router at the two offices and route the traffic. otherwise you may end up with chocking your wan link. across the wan link switching is not a good practice unless otherwise you are using MPLS or tag switching. regards jaison > -Original Message- > From: Kevin Zsenak [SMTP:[EMAIL PROTECTED]] > Sent: Wednesday, May 17, 2000 8:10 AM > To: [EMAIL PROTECTED] > Subject: Routing or Bridging? > > Hello group, > > I am looking for an opinion on whether to use routing > or bridging in this situation. > > Two offices connected via 128k Frame Relay using only > TCP/IP protocol. 30 users in one office 10 in the > other. There are only servers in the first office. > Servers are Win NT. Workstations are mostly Win 95 > with some NT. > > Would you use routing or bridging to connect them? > With a bridge they could all be on the same subnet but > wouldn't that cause a lot of broadcast traffic on the > WAN? > > Thanks, > Kevin > Newly Minted CCNA > > > > __ > Do You Yahoo!? > Send instant messages & get email alerts with Yahoo! Messenger. > http://im.yahoo.com/ > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cat5k 10/100 module: ISL or not ISL?
Use the following command: show port capabilities mod#/port# This will display various options for configurations, including the mode of Trunking supported. Joe On Mon, 29 May 2000, Mark Holloway wrote: > How do you know which modules are ISL capable? > > Thanks, > Mark > > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCNA 1.0 & 2.0
What's the difference between CCNA 1.0 & 2.0? When will CCNA 1.0 last exam be? Which book for CCNA 2.0 is the best, how about CCNA: Cisco Certified Netowrk Associate Study Guide, by Todd Lammle? Moreover, which book is best for CCNP? Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OT Re: Snort versus Cisco IDS [7:62939]
Priscilla, Snort is very happy running on Windows platforms as well. I have been running it as such for a little over a year now in combination with MySQL and ACID and have been pleased. The only challenge (which may soon be resolved) is using multi-processor machines, as the often used packet capture library 'winpcap' did not support MP's. Version 3.0 Beta of winpcap is said to have some support for MP's. -Joe -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 13, 2003 12:20 PM To: [EMAIL PROTECTED] Subject: RE: OT Re: Snort versus Cisco IDS [7:62939] Thanks for all the replies. It's very helpful to get a feel for the differences. To quickly synthesize what I've read, I would say that Cisco's IDS is an enterprise, end-to-end solution, with improving reliability and ease-of-use. Snort, on the other hand, is more appropriate for the midsize or smaller companies with Unix expertise and has all the advantages of an open-source project, but has some ease-of-use "issues" of its own. I have a low-cost computer on order. I'm going to squeeze Windows XP into a small partition (should just wipe it out maybe? ;-) and install Red Hat and learn Linux better. I'll be tearing my hair out I'm sure! But before long, I'll have Snort running too. I guess it only runs on UNIX platforms? Priscilla Carroll Kong wrote: > > Backing up what Craig said, Snort is probably better performing > in > terms of cost/performance than almost all the IDSes out there, > including Cisco. It does not have a end to end solution to > make > one's life easier though, at least not out of the box. > > Of course, you will need some sort of a unix background to set > it up, > and I do not mean installing Solaris with GUI tools. Pretty > easy to > anyone who has worked with a FreeBSD or a Linux box (without > using > GUI all over the place and/or rpms everywhere). The idea of no > GUI > is probably quite daunting to "enterprise" level engineers. > > > You COULD make it have a lot of the "enterprise level" > features, but > it requires a lot of work on your part, and of course no > commercial > support, so you are on your own. (So, add this to your end > cost...) > > If you want a GUI frontend to snort, you can try Demarc, or > what they > call themselves "PureSecure" now. There are also some freeware > analyzers, but Demarc/PureSecure is definately one of the > nicest > ones. Albeit, it had some bugs, fortunately since they give > you > their cgis, if you know some perl, you can patch it yourself > before > they get around to it. (unless they changed this behavior, the > last > I used was 1.05). > > Puresecure DOES charge for commercial usage, which I suppose > puts a > damper on it. Their licensing is a bit ridiculous. However, > the > pricing should still be very competitive. > > It's a mixed bag, but if you know your Unix, seems like Snort > is a > much cheaper (if you know Unix and programming very well, the > disadvantages aren't that big) IDS solution. > > If you don't, oh well, like all things in life, pay the price > for > one's ignorance. :) > > > Someone told me in an authoritative voice today that Cisco > doesn't recommend > > their IDS. They recommend Snort. Is this really true? Isn't > Cisco's IDS a > > big part of SAFE? > > > > Of course, the person who said this doesn't understand that > Cisco is a huge, > > chaotic organism, and that saying Cisco does something based > on what one > > person does, doesn't make sense. > > > > But I'm just curious, what do you all recommend for intrusion > detection? How > > do Snort and Cisco IDS compare? I guess Cisco's solution is a > bit more > > complicated, requiring appliances or IDS cards in a switch > and a console: > > > > Cisco Secure IDS DirectorHP OpenView Network Node Manager > "plug-in" that > > runs on UNIX (Solaris and HP-UX) > > > > Cisco Secure Policy Manager (v2.2+)Windows NT-based package > > > > Thanks. > > > > Priscilla > -Carroll Kong Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=62979&t=62939 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN question [7:63380]
the office 3000 concentrator will route packets between each spoke client (3002). Its sort of like a hub & spoke frame relay network in a routing sense. For implementation, just make sure the 3002 are passed routes via their split tunneling network list on the the 3000 concentrator. Or if your not using split tunneling, the 3002's should be picking up all routes anyway, as reachable via the 3000 (except their default gateway, or course!) You will run network extension mode on with the 3002's (NOT PAT OVER TUNNEL). The 3002 can't terminate any tunnels, so you can't ipsec connect B & C Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63390&t=63380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: is 10baseT dead? [7:65263]
Priscilla, Thanks for the correction on the 1024 vs. 1000. I had forgotten that bandwidth uses 1000 instead of 1024. Rerunning these numbers with 1000 comes up with the last packet accepted is the 1142nd. (The worksheet is below.) I believe our results are not synchronizing because of different readings of the problem. As I read the problem, the server with the 100 Mbps link is not running full out: Server rate = 100,000 packets per second Each packet = 100 bytes Server rate = 10,000,000 bytes per second Server rate = 10,000,000 x 8 bits per second Server rate = 80,000,000 bps = 80 Mbps Using your elegant ratio method, the 10Mbps side can now receive at 1/8th the speed the server side is sending out. At 16 packets 2 have been sent, 14 queued. At 48 packets 6 have been sent, 42 queued. At 96 packets 12 have been sent, 84 queued. At 960 packets 120 have been sent, 840 queued. and finally: At 1142 packets 142.75 have been sent and 1000 are queued (actually 999.25, but I am going to assume the switch does not remove the packet from the buffer until it has fully been sent on the wire.) This would say the 1143rd packet would reach a full buffer and be dropped. Let me know if I made any errors... Thanks, Joe Corrected worksheet: serverpacketsize = 100 bytes serverrate = 100,000 pps serverrate = 100 bytes x 100,000 pps = 10,000,000 Bps = 10,000,000 x 8 bps = 80,000,000 bps clientmax = 10 Mbps = 10 x 1024 Kbps = 10 x 1000 x 1000 bps = 10,000,000 bps bufferpacketsize = 100 bytes buffer = 1000 packets = 1000 x 100 B = 1000 x 100 x 8 b = 800,000 b buffer = (severrate - clientrate) x time 800,000 b = ((80,000,000 bps) - (10,000,000 bps)) x t 800,000 b = (70,000,000 bps) x t t = (800,000 b) / (70,000,000 bps) t = 0.011428571428571428571428571428571 seconds until the buffer is completely full. bitcount = (80,000,000 bps) x t = (80,000,000 bps) x 0.011508433379980849966855711865655 s = 914285.71428571428571428571428571 b packetcount = 914285.71428571428571428571428571 b / 100 B = 914285.71428571428571428571428571 b / 800 b = 1142.8571428571428571428571428571 The 1142th packet will go through and the 1143th will be the first to be dropped due to a buffer overflow. -Original Message- From: Priscilla Oppenheimer To: [EMAIL PROTECTED] Sent: 3/13/2003 6:54 PM Subject: RE: is 10baseT dead? [7:65263] So, here was my thinking. Feel free to correct me if there are holes in my logic. Notice I didn't ask about time, although the fact that you used time is fine and maybe got you a better answer. ;-) The question was after how many packets sent by the server will the switch start dropping packets? So, considering I said after how many, then actually the answer I get is packets. The 1112th packet is dropped. Here was my (possibly flawed) logic. The 10 Mbps side can send at 1/10th the speed of the 100 Mbps. Let's assume the first packet isn't queued at all and starts going out right away. The next 9 packets are queued. They can't be sent because the port is still sending the first packet at 10 Mbps, but they have arrived since the servers is sending at 100 Mbps, so they must be queued. (Hmm, I wonder if that should be 10 packets queued actually) At 20 packets 2 have been sent, 18 queued. At 50 packets 5 have been sent, 45 queued. At 100 packets 10 have been sent, 90 queued. At 1000 packets (buffer size), 100 have been sent, 900 queued. We're still OK. At 1100 packets, 110 have been sent, 990 have been queued. At 1110 packets, 111 have been sent, 999 queued. We're getting close! At packets, 111. have been sent, 1000 queued. The 1112th packet is dropped. Priscilla Priscilla Oppenheimer wrote: > > You win! However, I got the 1112 packet. :-) > > When you said the clientmax = 10 Mbps = 10 x 1024 Kbps = 10 x > 1024 x 1024 bps = 10,485,760 bps, you shouldn't have multiplied > by 1024. Bandwidth is just in 10s, not powers of 2s. > > Do you get 1112 if you take that into account?? > > Thanks, > > Priscilla > > Joseph Malin wrote: > > > > Priscilla, > > > > Never one to turn down a math problem, and my apologies if > > someone has > > already sent this in (and to any statisticians for my lack of > > handling of > > significant digits), but in answer to the question you posed > > earlier: > > > > t = 0.011508433379980849966855711865655 seconds until the > > buffer is > > completely full. > > After the 1150th packet the buffer will be full. The 1151st > > packet will be > > the first to be dropped. > > > > - > > The work: > > serverpacketsize = 100 bytes > > serverrate = 100,000 pps > > serverrate = 100 bytes x 100,000 pps = 10,000,000 Bps = > > 10,000,000 x 8 bps = > &g
RE: is 10baseT dead? [7:65263]
Priscilla, Never one to turn down a math problem, and my apologies if someone has already sent this in (and to any statisticians for my lack of handling of significant digits), but in answer to the question you posed earlier: t = 0.011508433379980849966855711865655 seconds until the buffer is completely full. After the 1150th packet the buffer will be full. The 1151st packet will be the first to be dropped. - The work: serverpacketsize = 100 bytes serverrate = 100,000 pps serverrate = 100 bytes x 100,000 pps = 10,000,000 Bps = 10,000,000 x 8 bps = 80,000,000 bps clientmax = 10 Mbps = 10 x 1024 Kbps = 10 x 1024 x 1024 bps = 10,485,760 bps bufferpacketsize = 100 bytes buffer = 1000 packets = 1000 x 100 B = 1000 x 100 x 8 b = 800,000 b buffer = (severrate - clientrate) x time 800,000 b = ((80,000,000 bps) - (10,485,760 bps)) x t 800,000 b = (69,514,240 bps) x t t = (800,000 b) / (69,514,240 bps) t = 0.011508433379980849966855711865655 seconds until the buffer is completely full. bitcount = (80,000,000 bps) x t = (80,000,000 bps) x 0.011508433379980849966855711865655 s = 920674.6703984679973484569492 b packetcount = 920674.6703984679973484569492 b / 100 B = 920674.6703984679973484569492 b / 800 b = 1150.8433379980849966855711865 The 1150th packet will go through and the 1151th will be the first to be dropped due to a buffer overflow. -- ***Please note: this all assumes a connectionless protocol. TCP will not overload the switch as the server will wait for the ack's before sending more packets. I believe many UDP based applications also implement some sort of acknowledgment at a higher (then transport) OSI level -Joe The Question: > Here's a hypothetical scenario: > > The server has a 100-Mbps NIC. It is connected to the switch. > The client has a 10-Mbps NIC. It is also connected to the > switch. > > The switch has 1000 buffers. Each buffer holds a 100-byte > packet. > > The server is sending 100,000 packets per second as fast as it > can (i.e. with no significant gap between the packets). Each > packet is 100 bytes. > > The switch is sending the packets out the 10-Mbps port as fast > as it can. > > After how many packets sent by the server will the switch start > dropping packets? > > A free book to anyone who gets the right answer! You must show > your work. :-) --- -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Thursday, March 13, 2003 12:56 AM To: [EMAIL PROTECTED] Subject: RE: is 10baseT dead? [7:65263] It's been a long day. Priscilla Priscilla Oppenheimer wrote: > > > DeVoe, Charles (PKI) wrote: > > > > > > What about htis. > > > The server tries to dump data to the client > > > over the 10M > > > pipe. The client cannot accept it as fast as the server can > > > put out. > > > Having a slower line to the client in effect will cause > > > degradation at the > > > server. > > I have a better answer and question than my previous wisecrack. > :-) I also bumped the conversation to the top of the Web site. > > Answer: The problem won't be the client not keeping up. The > problem will occur at a store-and-forward switch between the > server and client. (To connect 100-Mbps to 10-Mbps requires a > store-and-forward device. Let's say it's a switch.) > > So, the engineering question becomes, at what point will this > mythical store-and-forward switch start dropping packets? > > Here's a hypothetical scenario: > > The server has a 100-Mbps NIC. It is connected to the switch. > The client has a 10-Mbps NIC. It is also connected to the > switch. > > The switch has 1000 buffers. Each buffer holds a 100-byte > packet. > > The server is sending 100,000 packets per second as fast as it > can (i.e. with no significant gap between the packets). Each > packet is 100 bytes. > > The switch is sending the packets out the 10-Mbps port as fast > as it can. > > After how many packets sent by the server will the switch start > dropping packets? > > A free book to anyone who gets the right answer! You must show > your work. :-) > > Priscilla > > > > > > > > > -Original Message- > > > From: Steven Aiello [mailto:[EMAIL PROTECTED] > > > Sent: Wednesday, March 12, 2003 11:02 AM > > > To: [EMAIL PROTECTED] > > > Subject: Re: is 10baseT dead? [7:65077] > > > > > > > > > Scott, > > > > > >I think you have a great point, it seems that most of the > > > computer > > > technologies we have today are not taken full advantage of. > > > However > > > instead of taking the air out the sale's staff sales as it > > were > > > ( no pun > > > intended ). Why not suggest upgrade from the Idf's to the > > > server farm. > > > You could suggest Ether Channel to combine some of the > runs > > > you have > > > put in ( I'm sure ) when you are upgrading your netw
RE: CID 640-025 [7:66041]
Does anyone out there in the wild vast yonder of Cisco Cert Land know if Atalk and IPX are still on the CID 3.0 (640-025) test ? It doesn't show up on the exam desciription... http://www.cisco.com/warp/public/10/wwtraining/certprog/testing/current_exam s/640-025.html Mahalo! Joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2003 1:10 PM To: [EMAIL PROTECTED] Subject: RE: What is a distributed/collapsed backbone? [7:65225] According to CID "lingo" a collapsed backbone is a single router or switch acting as a backbone in a campus design model. It contrasts with a distributed backbone where routers or switches are spread out among floors or buildings, all connected together via something like FDDI. (Yes, CID still has FDDI in it!) Maybe that picture you are looking at is an error. Good luck with CID. It's a fun one! :-) Priscilla Marc Thach Xuan Ky wrote: > > Hi all, > I thought I'd do 640-025 CID before it disappears, so I started > reading > the Ciscopress book, CID exam certification guide. Now in > chapter 2, > section "Issues facing campus LAN designers" (I'm using Safari > books > online so I don't know the page number) it shows figs 2.4 and > 2.5 > distributed and collapsed backbones respectively. The > distributed > backbone shows per floor, one router and one switch, the > collapsed > backbone shows a single router for the building fanning out to > one > switch per floor. Fair enough I guess, but the scenario 1, Q2 > in the > same chapter asks what backbone to use in a particular case and > then > answers it with "distributed backbone" and a picture fig 2.8 > that looks > rather like the collapsed backbone shown earlier. I obviously > have to > learn Ciscospeak for the exam so can anybody tell me, which is > it? > rgds > Marc Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66041&t=66041 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CID 640-025 [7:66103]
Reposting... Does anyone out there in the wild vast yonder of Cisco Cert Land know if Atalk and IPX are still on the CID 3.0 (640-025) test ? It doesn't show up on the exam desciription... http://www.cisco.com/warp/public/10/wwtraining/certprog/testing/current_exam s/640-025.html Mahalo! Joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2003 1:10 PM To: [EMAIL PROTECTED] Subject: RE: What is a distributed/collapsed backbone? [7:65225] According to CID "lingo" a collapsed backbone is a single router or switch acting as a backbone in a campus design model. It contrasts with a distributed backbone where routers or switches are spread out among floors or buildings, all connected together via something like FDDI. (Yes, CID still has FDDI in it!) Maybe that picture you are looking at is an error. Good luck with CID. It's a fun one! :-) Priscilla Marc Thach Xuan Ky wrote: > > Hi all, > I thought I'd do 640-025 CID before it disappears, so I started > reading > the Ciscopress book, CID exam certification guide. Now in > chapter 2, > section "Issues facing campus LAN designers" (I'm using Safari > books > online so I don't know the page number) it shows figs 2.4 and > 2.5 > distributed and collapsed backbones respectively. The > distributed > backbone shows per floor, one router and one switch, the > collapsed > backbone shows a single router for the building fanning out to > one > switch per floor. Fair enough I guess, but the scenario 1, Q2 > in the > same chapter asks what backbone to use in a particular case and > then > answers it with "distributed backbone" and a picture fig 2.8 > that looks > rather like the collapsed backbone shown earlier. I obviously > have to > learn Ciscospeak for the exam so can anybody tell me, which is > it? > rgds > Marc Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66103&t=66103 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP route to Null0? [7:66755]
What's sloppy about it ? Would you prefer the overhead of an acl ? Please suggest a better way.. But with the AD in there set to 200, it looks like a route in a "holding pattern" for bgp redistribution. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66759&t=66755 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Hybrid vs. Native [7:66766]
HYBRID, Especiall for someone like you who needs uptime/redundancy. In hybrid, if the MSFC dies, you don't loose the whole switch, just intervlan routing, etc. You can still telnet to the supervisor engine to get and and find out whats up. In native the whole switch dies and your burned. Cisco's answer- buy two sup2/msfc2/pfc2 boards and run high availability.. No thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66780&t=66766 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN CONCENTRATOR Parallel FW [7:66819]
You need a router when running them parrallel. The router will determine internet traffic goes to the pix, remote vpn lan's etc go to the vpn 3000. Mine is like VPN 3000 PIX 10.0.0.210.0.0.10 10.0.0.0/24 10.0.0.1 RTR 192.168.0.1 SERVERS 192.168.0.0/24 This way no servers need "route" commands to know where to route what. And you guessed it, my vpn clients get addresses on the subnet between router and vpn (10.0.0.0/24) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66843&t=66819 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VPN CONCENTRATOR Parallel FW [7:66819]
No Read what the tunnel default gateway does... (from the concentrator page where you set it) "Enter the IP address of the default gateway or router for tunnels. Enter 0.0.0.0 for no default router." This is used to have a different gateway for IPSEC tunnels than for ip routing.. What we are discussing is how servers with two possible next hops, a pix and a vpn, will determine which to use for what subnets. The servers (defaulted to the pix) have to bypass it to speak to remote subnet (and use the concentrator instead). A common workaround (one I used to employ) was NT route add statements for each subnet that should "bypass" the pix, their default gateway, and use the Concentrator instead. A better and more scalable solution is to put a router between the concentrator and pix internal segment, and the servers. INBOUND For inbound internet and inbound ipsec tunnel traffic back, the pix and the vpn concentrator have a route to the "server's subnet" with the router as the next-hop. OUTBOUND Subnets reachable via vpn 3000 are routed to the vpn concentrator's private interface, a default route for Outbound Internet traffic is towards the pix. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=66865&t=66819 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]