Re: Passed CSIDSPM Exam!!!!!!!!!!!!!!!! [7:36306]

[Kevin Cullimore]

For the CCSA CP 2000 exam, the manuals were more than sufficient (assuming
you have an adequate grasp of "open" security technologies).
- Original Message -
From: "Godswill HO" 
To: 
Sent: Saturday, February 23, 2002 3:29 AM
Subject: Passed CSIDSPM Exam [7:36306]


> Am very grateful to you all. The group really helped me through out my
CSS1
> exam track. It has been a big learn place where knowledge is shared.I sat
and
> passed the Cisco Secure Intrusion Detection  Systems with Policy
> Manager(CSIDSPM) version 2.1 exam today to complete the CSS1(Cisco
Security
> Specialist 1) track.
>
>  It was a beast of an exam, totally different from the first three. It was
a
> tough battle but It is all over, thanks once more.
>
> You might think CCIE would be the next, no not at all, next in the list is
> CISSP (Certified Information Systems Security Professional) or CCSA
> (Checkpoint Certified Security Administrator). I will be grateful if
someone
> who have taken the CCSA exam help me with the best book/study materials to
> use. I can only locate materials for the CCSA CP 2000 exam, but I want to
> take
> the CCSA NG exam which is the latest version. Any help would be
appreciated.
>
> Enjoy.
>
> Godswill Oletu CCNP,CCDP,CSS1.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36327&t=36306
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Passed CSIDSPM Exam!!!!!!!!!!!!!!!! [7:36306]

[Kevin Cullimore]

Hi Oletu,

I'm not sure that any vendor has managed to stay ahead of checkpoint when it
comes to releasing the pertinent technical information for any given
version. Are you implementing NG or are you a current CP 2000 customer? If
so, you might be able to work with your sales rep to obtain beta support
documentation.

Regards,

Kevin

- Original Message -
From: "Godswill Oletu" 
To: 
Sent: Saturday, February 23, 2002 7:31 PM
Subject: Re: Passed CSIDSPM Exam [7:36306]


> Hi Kevin,
>
> I have the CCSA admin guide which might be okay for it. But It is CCSA NG
I
> want to write and not CCSA CP 2000. CSSA NG is the new exam.
>
> Regards.
> Oletu
>
> - Original Message -
> From: Kevin Cullimore
> To:
> Sent: Saturday, February 23, 2002 2:34 PM
> Subject: Re: Passed CSIDSPM Exam [7:36306]
>
>
> > For the CCSA CP 2000 exam, the manuals were more than sufficient
(assuming
> > you have an adequate grasp of "open" security technologies).
> > - Original Message -
> > From: "Godswill HO"
> > To:
> > Sent: Saturday, February 23, 2002 3:29 AM
> > Subject: Passed CSIDSPM Exam [7:36306]
> >
> >
> > > Am very grateful to you all. The group really helped me through out my
> > CSS1
> > > exam track. It has been a big learn place where knowledge is shared.I
> sat
> > and
> > > passed the Cisco Secure Intrusion Detection  Systems with Policy
> > > Manager(CSIDSPM) version 2.1 exam today to complete the CSS1(Cisco
> > Security
> > > Specialist 1) track.
> > >
> > >  It was a beast of an exam, totally different from the first three. It
> was
> > a
> > > tough battle but It is all over, thanks once more.
> > >
> > > You might think CCIE would be the next, no not at all, next in the
list
> is
> > > CISSP (Certified Information Systems Security Professional) or CCSA
> > > (Checkpoint Certified Security Administrator). I will be grateful if
> > someone
> > > who have taken the CCSA exam help me with the best book/study
materials
> to
> > > use. I can only locate materials for the CCSA CP 2000 exam, but I want
> to
> > > take
> > > the CCSA NG exam which is the latest version. Any help would be
> > appreciated.
> > >
> > > Enjoy.
> > >
> > > Godswill Oletu CCNP,CCDP,CSS1.
> _
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36334&t=36306
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How does repeater work? [7:36323]

[Kevin Cullimore]

The classical repeater as described in the first couple of chapters of
nearly every networking/internetworking technologies survey is a little
before my time, but here are some thoughts:

-bridges are often described as multi-port repeaters, leaving the impression
that mere repeaters have but a single port (please note, that the coinage
described might involve distinguishing ingress from egress ports, but that's
hardly clear to the uninitiated). I suppose that an argument might be made
to lend legitimacy to the practice of contrasting the prefix multi with
something other than a term specifically denoting "one" or "single", but I'm
not sure how relevant that will turn out to be as time erodes those cases
without corroborating evidence.

-to the extent that the purpose of the repeater is to extend a LAN, one
might picture a device with two cables (or other data-traversing-friendly
media) attached: one connected to the original network, one connected to the
extension. I'm honestly not sure how else it would function.

-to the extent that the characterization i've provided is accurate, it might
be useful to apply bridging concepts in order to discern the functionality
of the repeater. A bridge accepts packets on a given port and, by charter,
does NOT transmit replicas of those packets on the same (ingress) port. I
therefore picture a repeater as a device that has 2 connections: one to the
original network, one to the LAN extension. If this is the case, I would
presume that the relevant functionality is to perpetuate packets received on
one port to the other. If that is the case, the repeater cannot be said to
create a loop. Note: if a loop already exists, the repeater would perpetuate
that condition, by design.

All: as I mentioned, repeaters ceased to be relevant before my time. If
anyone knows differently about the topics I've alluded to, please post your
dissenting statement.

Thanks,


- Original Message -
From: "mlh" 
To: 
Sent: Saturday, February 23, 2002 3:18 PM
Subject: How does repeater work? [7:36323]


> Could anybody tell me how repeaters work ? I don't understand how repeater
> can regenerate
> the two-way signals from both segment connected to the repeater. Isn't it
> forming a loop?
> Pls forgive me asking the stupid question.
>
> Thanks in advance.
>
> mlh




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36362&t=36323
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How does repeater work? [7:36323]

[Kevin Cullimore]

My late-night-not-enough-sleep mistake. Sorry. Thanks to you and others for
pointing out the inaccuracies. It's still confusing to contrast repeater
with the prefix multi.
- Original Message -
From: "mlh" 
To: 
Sent: Monday, February 25, 2002 12:32 PM
Subject: Re: How does repeater work? [7:36323]


> I cannot agree that bridges are often described as multi-port repeaters.
> Actually, hubs are multi-port repeaters.
>
>
> - Original Message -
> From: "Kevin Cullimore"
> To:
> Sent: Monday, February 25, 2002 5:34 AM
> Subject: Re: How does repeater work? [7:36323]
>
>
> > The classical repeater as described in the first couple of chapters of
> > nearly every networking/internetworking technologies survey is a little
> > before my time, but here are some thoughts:
> >
> > -bridges are often described as multi-port repeaters, leaving the
> impression
> > that mere repeaters have but a single port (please note, that the
coinage
> > described might involve distinguishing ingress from egress ports, but
> that's
> > hardly clear to the uninitiated). I suppose that an argument might be
made
> > to lend legitimacy to the practice of contrasting the prefix multi with
> > something other than a term specifically denoting "one" or "single", but
> I'm
> > not sure how relevant that will turn out to be as time erodes those
cases
> > without corroborating evidence.
> >
> > -to the extent that the purpose of the repeater is to extend a LAN, one
> > might picture a device with two cables (or other
data-traversing-friendly
> > media) attached: one connected to the original network, one connected to
> the
> > extension. I'm honestly not sure how else it would function.
> >
> > -to the extent that the characterization i've provided is accurate, it
> might
> > be useful to apply bridging concepts in order to discern the
functionality
> > of the repeater. A bridge accepts packets on a given port and, by
charter,
> > does NOT transmit replicas of those packets on the same (ingress) port.
I
> > therefore picture a repeater as a device that has 2 connections: one to
> the
> > original network, one to the LAN extension. If this is the case, I would
> > presume that the relevant functionality is to perpetuate packets
received
> on
> > one port to the other. If that is the case, the repeater cannot be said
to
> > create a loop. Note: if a loop already exists, the repeater would
> perpetuate
> > that condition, by design.
> >
> > All: as I mentioned, repeaters ceased to be relevant before my time. If
> > anyone knows differently about the topics I've alluded to, please post
> your
> > dissenting statement.
> >
> > Thanks,
> >
> >
> > - Original Message -
> > From: "mlh"
> > To:
> > Sent: Saturday, February 23, 2002 3:18 PM
> > Subject: How does repeater work? [7:36323]
> >
> >
> > > Could anybody tell me how repeaters work ? I don't understand how
> repeater
> > > can regenerate
> > > the two-way signals from both segment connected to the repeater. Isn't
> it
> > > forming a loop?
> > > Pls forgive me asking the stupid question.
> > >
> > > Thanks in advance.
> > >
> > > mlh




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36444&t=36323
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Monitoring Cisco Router through MRTG [7:36598]

[Kevin Cullimore]

If the router is set up to allow SNMP read access, it will respond to
requests for many of the generic (MGMT: 1.3.6.1.2.1) objects.

So, medium independent error statistics may be gathered on a per-interface
basis by querying relevant instances of 1.3.6.1.2.1.2.2.1.14 (inbound)and
1.3.6.1.2.1.2.2.1.20 (outbound).

IIRC, layer-2-technology-specific data may be found in branches of
1.3.6.1.2.1.10 (transmission), including more relevant and detailed error
counters.

You might be able to get similar information from the proprietary cisco
MIBs, but using the generic ones where possible tends to simplify your MRTG
implementation in multi-vendor environments.

The specifications for the MGMT object definitions are available via several
RFCs/STDs.


- Original Message -
From: "Ziyad" 
To: 
Sent: Wednesday, February 27, 2002 12:15 AM
Subject: Monitoring Cisco Router through MRTG [7:36598]


> Hi All
>
> Can anyone tell me if I can use MRTG for monitoring CRC errors or
broadcast
> ??? I am already running MRTG for monitoring Bandwidth and CPU Utilization
> ...What are other things in a Ciso Router that can be meausured through
> MRTG.
>
> Ziyaad




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36610&t=36598
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Monitoring Cisco Router through MRTG [7:36598]

[Kevin Cullimore]

It's been a while, but I believe that some IOS versions support a "show snmp
mib" command, which should print out a list of OIDs supported by the
router/IOS combination (it's that one or a very similar undocumented
command).

Otherwise, any tool that will let you perform an snmpwalk will allow you to
uncover the supported MIBs (and therefore the SNMP OIDs), such as the getif
tool or even the snmp browser included with Microsoft resource kits.


- Original Message -
From: "Ziyad" 
To: 
Sent: Wednesday, February 27, 2002 7:53 AM
Subject: Re: Monitoring Cisco Router through MRTG [7:36598]


> Thanks prakash
> Can you please explain how can I find out the SNMP OID's for my cisco
router
> 
> Also the line "Do not forget to scan the device using SNMPv2."??
>
> Ziyaad
>
>
>  Original Message -
> From: "Surya Prakash PV"
> To:
> Sent: Wednesday, February 27, 2002 3:41 PM
> Subject: RE: Monitoring Cisco Router through MRTG [7:36598]
>
>
> > Everything. Try a tool called getif to find out the SNMP OID's for ur
> > device. Do not forget to scan the device using SNMPv2.
> >
> > Regds
> >
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> > Ziyad
> > Sent: Wednesday, February 27, 2002 10:46 AM
> > To: [EMAIL PROTECTED]
> > Subject: Monitoring Cisco Router through MRTG [7:36598]
> >
> >
> > Hi All
> >
> > Can anyone tell me if I can use MRTG for monitoring CRC errors or
> > broadcast ??? I am already running MRTG for monitoring Bandwidth and CPU
> > Utilization ...What are other things in a Ciso Router that can be
> > meausured through MRTG.
> >
> > Ziyaad
> > _
> > Do You Yahoo!?
> > Get your free @yahoo.com address at http://mail.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36635&t=36598
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco CPU [7:36765]

[Kevin Cullimore]

I'm not sure you can get away without knowing the exact addressing for the
value you wish to monitor. Unless things have changed recently, you need to
take the oid values for the parameter you want to monitor, figure out what
the index number of the entity you want information about (such as a ppp
interface, ospf area or a global parameter), join them together and place
the result in a configuration for a particular graph.

(Note: these examples are using generic mibs, since I don't have compiled
versions of the cisco mibs handy. Since, based on your subject line, you're
interested in router health, and want CPU statistics, I'm concerned that IOS
version might be an issue, since Cisco has been migrating from one set of
mibs to another over time, and I'm not aware of non-proprietary mibs for
router memory & cpu usage-If anyone knows better, please enlighten).
Unfortunately, I've not been happy with the detail on readily available
sites addressing non-prepackaged snmp monitoring of cisco-specific
variables: the most comprehensive one I've found is the somix templates
site. For those willing to work through it , here's a partial overview
addressing the "what do you do with them" part of the question.

1. figuring out what you want to monitor:

MIB files are generally viewable via wordpad; I'm told they're in ASN.1
syntax (I haven't read the ISO documents myself, so I can't verify that),
which some people find unwieldy, but you can certainly find descriptions
associated with a given OID:

Name: ospfSpfRuns
Type: OBJECT-TYPE
OID: 1.3.6.1.2.1.14.2.1.4
Full path:
iso(1).org(3).dod(6).internet(1).mgmt(2).mib-2(1).ospf(14).ospfAreaTable(2).
ospfAreaEntry(1).ospfSpfRuns(4)
Module: OSPF-MIB

Parent: ospfAreaEntry
Prev sibling: ospfImportAsExtern
Next sibling: ospfAreaBdrRtrCount

Numerical syntax: Counter (32 bit)
Base syntax: Counter32
Composed syntax: Counter32
Status: mandatory
Max access: read-only

Description: The number of times that the intra-area  route
  table  has  been  calculated  using this area's
  link-state database.  This  is  typically  done
  using Dijkstra's algorithm.

So, If you're interested in the description (to verify your ospf
implementation's stability or lack thereof) , you'd use the OID value
indicated.

Note some tools such as MG-SOFT (disclosure: paying customer) or even
snmputilg make this a lot, lot easier (I don't remember if Getif, the free
one, can display the description of the object).

The transmission node,
iso(1).org(3).dod(6).internet(1).mgmt(2).mib-2(1).transmission(10), contains
some useful media-specific sub-nodes (frame-relay, DS3 & others) featuring,
at a minimium, error & traffic counts as well as state information.

2. Figuring out the instance ID/index:

if you're interested in, say excessive collisions for a specific interface,
you would issue an SNMPWALK on the following oid to get the list of
available instances, and append the one you're looking for to
1.3.6.1.2.1.10.7.2.1.9

Name: dot3StatsExcessiveCollisions
Type: OBJECT-TYPE
OID: 1.3.6.1.2.1.10.7.2.1.9
Full path:
iso(1).org(3).dod(6).internet(1).mgmt(2).mib-2(1).transmission(10).dot3(7).d
ot3StatsTable(2).dot3StatsEntry(1).dot3StatsExcessiveCollisions(9)
Module: EtherLike-MIB

Parent: dot3StatsEntry
Prev sibling: dot3StatsLateCollisions
Next sibling: dot3StatsInternalMacTransmitErrors

Numerical syntax: Counter (32 bit)
Base syntax: Counter
Composed syntax: Counter
Status: mandatory
Max access: read-only

Reference: IEEE 802.3 Layer Management

Description: A count of frames for which transmission on a
  particular interface fails due to excessive
  collisions.

3. Placing the results in a graph's configuration (sample excerpted from
http://www.bubbagates.com/mrtg/mrtg.cfg):

The line beginning with "Target" specifies the target SNMP object.

### PPP Dial-In Modem Lines on AS53001 (Scranton) ###

Target[AS53001]:
1.3.6.1.4.1.9.10.19.1.1.4.0&1.3.6.1.4.1.9.10.19.1.1.5.0:[EMAIL PROTECTED]
PageTop[AS53001]: PPP Dial-In Modem Lines on AS53001 (Scranton)



- Original Message -
From: "Richard Tufaro" 
To: 
Sent: Wednesday, February 27, 2002 11:01 PM
Subject: Cisco CPU [7:36765]


> Hey guys..a little off topic but where is the BEST place to find out how
to
> install and configure Cisco CPU and Memory stats with MRTG. I get to somix
> and the MIB's but what do i do with them?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36777&t=36765
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco CPU [7:36765]

[Kevin Cullimore]

Here's a pretty good link to clarify what mibs you can use per product

http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml

Cisco Press' Performance & Fault Management reccomends the following for
monitoring CPU utilization:

Name: avgBusy5
Type: OBJECT-TYPE
OID: 1.3.6.1.4.1.9.2.1.58
Full path:
iso(1).org(3).dod(6).internet(1).private(4).enterprises(1).cisco(9).local(2)
.lsystem(1).avgBusy5(58)
Module: OLD-CISCO-CPU-MIB

Parent: lsystem
Prev sibling: avgBusy1
Next sibling: idleCount

Numerical syntax: Integer (32 bit)
Base syntax: INTEGER
Composed syntax: INTEGER
Status: mandatory
Max access: read-only

Description: 5 minute exponentially-decayed moving
  average of the CPU busy percentage.

and

Name: avgBusy1
Type: OBJECT-TYPE
OID: 1.3.6.1.4.1.9.2.1.57
Full path:
iso(1).org(3).dod(6).internet(1).private(4).enterprises(1).cisco(9).local(2)
.lsystem(1).avgBusy1(57)
Module: OLD-CISCO-CPU-MIB

Parent: lsystem
Prev sibling: busyPer
Next sibling: avgBusy5

Numerical syntax: Integer (32 bit)
Base syntax: INTEGER
Composed syntax: INTEGER
Status: mandatory
Max access: read-only

Description: 1 minute exponentially-decayed moving
  average of the CPU busy percentage.

and

Name: busyPer
Type: OBJECT-TYPE
OID: 1.3.6.1.4.1.9.2.1.56
Full path:
iso(1).org(3).dod(6).internet(1).private(4).enterprises(1).cisco(9).local(2)
.lsystem(1).busyPer(56)
Module: OLD-CISCO-CPU-MIB

Parent: lsystem
Prev sibling: authAddr
Next sibling: avgBusy1

Numerical syntax: Integer (32 bit)
Base syntax: INTEGER
Composed syntax: INTEGER
Status: mandatory
Max access: read-only

Description: CPU busy percentage in the last 5 second
  period. Not the last 5 realtime seconds but
  the last 5 second period in the scheduler.


versions of IOS later than 12.0(3)T may use similar entries from the
CISCO-PROCESS mib, such as

Name: cpmCPUTotal5minRev
Type: OBJECT-TYPE
OID: 1.3.6.1.4.1.9.9.109.1.1.1.1.8
Full path:
iso(1).org(3).dod(6).internet(1).private(4).enterprises(1).cisco(9).ciscoMgm
t(9).ciscoProcessMIB(109).ciscoProcessMIBObjects(1).cpmCPU(1).cpmCPUTotalTab
le(1).cpmCPUTotalEntry(1).cpmCPUTotal5minRev(8)
Module: CISCO-PROCESS-MIB

Parent: cpmCPUTotalEntry
Prev sibling: cpmCPUTotal1minRev

Numerical syntax: Gauge (32 bit)
Base syntax: Gauge
Composed syntax: Gauge
Status: mandatory
Max access: read-only
Size list: 1: 0..100

Description: The overall CPU busy percentage in the last 5 minute
  period. This object deprecates the object cpmCPUTotal5min
  and increases the value range to (0..100).

Most of the lsystem node is actually devoted to buffer counters. Even though
I figure that most of the others might be useful for monitoring memory, the
authors single out:

Name: bufferNoMem
Type: OBJECT-TYPE
OID: 1.3.6.1.4.1.9.2.1.47
Full path:
iso(1).org(3).dod(6).internet(1).private(4).enterprises(1).cisco(9).local(2)
.lsystem(1).bufferNoMem(47)
Module: OLD-CISCO-MEMORY-MIB

Parent: lsystem
Prev sibling: bufferFail
Next sibling: busyPer

Numerical syntax: Integer (32 bit)
Base syntax: INTEGER
Composed syntax: INTEGER
Status: mandatory
Max access: read-only

Description: Count of the number of buffer create
  failures due to no free memory.

and

Name: bufferFail
Type: OBJECT-TYPE
OID: 1.3.6.1.4.1.9.2.1.46
Full path:
iso(1).org(3).dod(6).internet(1).private(4).enterprises(1).cisco(9).local(2)
.lsystem(1).bufferFail(46)
Module: OLD-CISCO-MEMORY-MIB

Parent: lsystem
Prev sibling: bufferLgCreate
Next sibling: bufferNoMem

Numerical syntax: Integer (32 bit)
Base syntax: INTEGER
Composed syntax: INTEGER
Status: mandatory
Max access: read-only

Description: Count of the number of buffer allocation
  failures.

Which should help in pinpointing memory limitations. In general, I found the
information to be more accessible offline than on, but that could just be a
lack of patience . . .



- Original Message -
From: "Richard Tufaro" 
To: 
Sent: Wednesday, February 27, 2002 11:01 PM
Subject: Cisco CPU [7:36765]


> Hey guys..a little off topic but where is the BEST place to find out how
to
> install and configure Cisco CPU and Memory stats with MRTG. I get to somix
> and the MIB's but what do i do with them?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36790&t=36765
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco CPU [7:36765]

[Kevin Cullimore]

Caveat regarding the available memory

The textfile itself reveals:

OID: 1.3.6.1.4.1.9.2.1.8
Full path:
iso(1).org(3).dod(6).internet(1).private(4).enterprises(1).cisco(9).local(2)
.lsystem(1).freeMem(8)

Description: Return the amount of free memory in bytes.

  NOTE WELL:  this mib object is obsolete as
  of IOS release 11.1.  IOS release 11.1
  introduced the CISCO-MEMORY-POOL-MIB which
  better instruments all of the memory pools

Here's the pointer to the allegedly more modern set of counters:

OID: 1.3.6.1.4.1.9.9.48
Full path:
iso(1).org(3).dod(6).internet(1).private(4).enterprises(1).cisco(9).ciscoMgm
t(9).ciscoMemoryPoolMIB(48)

Again, I'm not sure when or if cisco will stop supporting the deprecated
MIBs.

- Original Message -
From: "Ziyad" 
To: 
Sent: Thursday, February 28, 2002 7:05 AM
Subject: Re: Cisco CPU [7:36765]


> You will  be needing the scripts for monitoring the CPU and memory .Add
them
> in your mrtg.cfg file and run the mrtg again.
> The MIBs are
> Memory :1.3.6.1.4.1.9.2.1.8.0
> CPU :1.3.6.1.4.1.9.2.1.57.0 & 1.3.6.1.4.1.9.2.1.57.0
>
> Make sure you calculate your memory correctly so that your graph show the
> correct levels.
> Let me know if it helps
>
> Ziyad
>
> - Original Message -
> From: "Richard Tufaro"
> To:
> Sent: Thursday, February 28, 2002 9:01 AM
> Subject: Cisco CPU [7:36765]
>
>
> > Hey guys..a little off topic but where is the BEST place to find out how
> to
> > install and configure Cisco CPU and Memory stats with MRTG. I get to
somix
> > and the MIB's but what do i do with them?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36793&t=36765
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Problem of upgrading IOS for a router at remote site [7:36965]

[Kevin Cullimore]

Would you be able to send them a console cable, and talk a non-technical end
user at the remote site through:

1. setting up pcanywhere or a similar package on a pc at the remote site so
that you can set IT up as your tftp server

2. connecting the console cable to the 2620 and the pc running the remote
control software.

It's not the most elegant solution, but I've seen it work in moments of
desperation.


- Original Message -
From: 
To: 
Sent: Friday, March 01, 2002 8:13 AM
Subject: Problem of upgrading IOS for a router at remote site [7:36954]


> Hi group,
>
> I run into a big problem when upgradeing IOS for a router at remote site.
I
> used "copy tftp: flash:" command on a Cisco 2620 router via telnet. It
first
> erased the existing IOS from the flash and then start to copy the image
from
> my tftp server, which is also running on my laptop. But the router will
> close the telnet session after certain period of idle time, and
surprisingly
> close the tftp session as well. It ends up that the router's flash memory
> has no valid IOS stored!
>
> There is no technical staff on that remote site, and it is more than a
> thousand KMs away so I couldn't use a console cable to directly attach to
> it. I repeated the above several times, watched those "!" going on
until
> the telnet session closed, and have to pray that there is no power surge
> happened to that router before I find a solution!
>
> Anyone faced this problem before? Please help!
>
> Tony
> --
>
>
>
>
> __
> Your favorite stores, helpful shopping tools and great gift ideas.
> Experience the convenience of buying online with Shop@Netscape!
> http://shopnow.netscape.com/
>
> Get your own FREE, personal Netscape Mail account today at
> http://webmail.netscape.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36965&t=36965
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT/ Pass one Lab and hold two CCIE certs ? [7:38402]

[Kevin Cullimore]

Once the cert becomes truly watered down and CCIE numbers are issued along
with birth certificates, number 67,677,369 could get away with this in any
ascii aware environment such as a packet sniffer "hex" pane (that would take
two translations, of course).

Was the original poster referring to the lab shared amongst all of the CCIE
C&S tracks? (I suppose If someone passed the lab and two of the qualifying
exams, such as optical & wireless, that the temptation would be to refer to
themselves as an "optical C&S CCIE" AND a "wireless C&S CCIE.") I'm not sure
what Cisco's take is on using anything but C&S CCIE.


- Original Message -
From: "Priscilla Oppenheimer" 
To: 
Sent: Friday, March 15, 2002 1:35 PM
Subject: Re: OT/ Pass one Lab and hold two CCIE certs ? [7:38402]


> I get it! ;-)
>
> Priscilla
> CNX 01CCDD
>
> At 11:49 AM 3/15/02, Phil Barker wrote:
> >What about the one who passes out as CCIE #52254 ?
> >
> >Phil.
> >  --- John Neiberger
> >wrote: > Change your last name to Ccie?  :-)
> > >
> > > Or, include both the written and lab exam, e.g. John
> > > Neiberger, CCIE
> > > Written, CCIE R&S #12005.
> > >
> > > Nah, because only one of those is a cert.  I give
> > > up, what's the trick?
> > >
> > >
> > > John
> > >
> > > >>> "Phil Barker"
> > > 3/15/02 8:44:23 AM >>>
> > > How can you get CCIE after your name twice by only
> > > passing 1 CCIE Lab exam ?
> > >
> > >
> > > PS : Lateral thinking may be required 
> > >
> > >
> > > Phil.
> > >
> > > __
> > > Do You Yahoo!?
> > > Everything you'll ever need on one web page
> > > from News and Sport to Email and Music Charts
> > > http://uk.my.yahoo.com
> >[EMAIL PROTECTED]
> >
> >__
> >Do You Yahoo!?
> >Everything you'll ever need on one web page
> >from News and Sport to Email and Music Charts
> >http://uk.my.yahoo.com
> 
>
> Priscilla Oppenheimer
> http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=38465&t=38402
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: RE: My interview story [7:40553]

[Kevin Cullimore]

I'd certainly agree that, in many cases, 2 hours is enough to ascertain the
presence or absence of communication skills and interpersonal
interoperability/evidence of the ability to play nice with others (although
I've certainly seen individuals slip through the cracks regarding the 2nd
characteristic, interviewing extremely well and then showing up to work with
a dramatically different and less cooperative personality).

However, I'd say that it's important to distinguish between various types of
technical interviews. Two or even three straight days of straightforward
technical questions will not necessarily provide insight into a candidate's
ability to learn or apply factual information in an unfamiliar context. I
agree that a mere willingness to learn or apply oneself cannot overcome a
dearth of experience for many roles performed by members of the professional
IT community, so it IS important to accurately assess someone's current
working skill set. However, I'd have to conclude that for many positions of
interest to people seeking CCIE numbers, some level of abstraction and
ability to cope with the unknown are highly desirable characteristics. All
too often, the "OSI layer" and "show command syntax" questions fail to
capture someone's potential to keep pace with the evolution of corporate
technology. I suppose my concern is that just as certain interviewing
techniques/styles can rule out promising candidates because they are too
abstract, focused technical interviews that are too simplistic can obscure
important differences in capability between sets of candidates. As usual,
the appropriate answer probably lies somewhere in between.


- Original Message -
From: "Phil Barker" 
To: 
Sent: Friday, April 05, 2002 10:54 AM
Subject: Re: RE: My interview story [7:40553]


> Yeah,
> I4m on your side John. I applied for a permy
> position with a big insurance comp when times where a
> bit lean. I finally got an interview reply six weeks
> later calling me for an interview. It turned out being
> a two day interview, which I immediately knew was not
> for me. If people want to hire my skillset they read
> my CV call me in and try and beat me down technically.
> That being done, can I get on with people etc can
> surely be spotted inside 2 hours, unless they are
> plain stupid.
>
> Phil.
>  --- John Neiberger  wrote: > That
> may be true, but it just sounds like something
> > straight
> > off the pages of Dilbert.  :-)
> >
> > I know personally I wouldn't respond to such an
> > interview
> > well.  If someone wants to test my creativity and
> > troubleshooting, then they should mock up a lab and
> > throw it at
> > me.  Perhaps that's because I'm not used to the idea
> > of being
> > psychologically tested during an interview.
> >
> > What's next, ink blot tests?  Values clarification
> > drills?
> > Written personality tests?  I can see it now:
> > "We're sorry,
> > you're an INTJ but we really want an ESTJ for this
> > position."
> >
> > Okay, I've got to stop answering email this early.
> > :-)
> >
> > John
> >
> >
> >
> >  On Fri, 5 Apr 2002, Jay Dunn ([EMAIL PROTECTED])
> > wrote:
> >
> > > This test may sound stupid, but based on Mark's
> > description
> > I'd say they
> > > were attempting to assess creativity and
> > troubleshooting
> > skills.
> > > Sometimes pure technical skills aren't enough.
> > Thinking "outside the
> > > box" is a big part of what an employer is looking
> > for. I'd
> > say a company
> > > as big as SNS has plenty of experience in hiring
> > and knows
> > what they're
> > > doing in making this part of the interview.
> > >
> > > Jay Dunn
> > > IPI*GrammTech, Ltd.
> > > www.ipi-gt.com
> > > Nunquam Facilis Est
> > >
> > > -Original Message-
> > > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]] On
> > Behalf Of
> > > John Neiberger
> > > Sent: Thursday, April 04, 2002 8:39 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: Re: My interview story [7:40553]
> > >
> > > Why would you want to work for a place with such
> > stupid
> > > interviews in the first place?  If they select
> > their
> > employees
> > > based on how they play "Stranded in the Desert" or
> > whatever
> > the
> > > heck that was, then it's probably best you don't
> > work there.
> > > I'm sure the management there is awful.
> > >
> > > Stuff like that is a sure sign their managers have
> > too much
> > > time on their hands, and there's almost nothing
> > worse than a
> > > clueless manager with too much time.
> > >
> > > Someone needs to send those managers a Dilbert
> > calendar!
> > >
> > > I'm sorry to hear it didn't go well, but you
> > should forget
> > > about them and move on to a better company.
> > >
> > > John
> > >
> > >
> > >
> > >  On Thu, 4 Apr 2002, Mark Zhang
> > ([EMAIL PROTECTED])
> > > wrote:
> > >
> > > > hi,everybody,I have a interview appointment at
> > 9:00 AM.
> > > > The position is Network Engineer in
> > SNS(schlumberger
> > network
> > > solutions
> > > > 

Re: Slightly OT: 2924XL and Blue Screen of Death [7:32536]

[Kevin Cullimore]

3 quick points:

-it's probably worth sniffing a client connection to the 2924XL from boot-up
until blue-screen (use ethereal if your company does not have an existing
relationship with a commercial packet-capturing software vendor. note: i'm
assuming that the 2924 is capable of port spanning, if not, it's probably
still worth plugging the client's nic into a hub also connected to the 2924
to see if the problem persists)

-to narrow down possible problems considerably, it's worth clarifying for
the group whether the netware clients are running ip only, ipx only or both.

-in some cases, the first couple of lines of the BSOD are useful. it might
be worth checking those codes/hex dumps with the resource kits or other
sources that comprehensively list the BSOD error codes/messages.


- Original Message -
From: "John Neiberger" 
To: 
Sent: Friday, January 18, 2002 5:10 PM
Subject: Slightly OT: 2924XL and Blue Screen of Death [7:32536]


> We're having an interesting issue that just appeared recently.  We have
> some Dell PCs running Netware 6 and new client software.  We're not sure
> why, but if one of these machines is connected to a 2924XL switch, it
> regularly experiences a blue screen of death either at login or within 5
> minutes of login.
>
> We have identical machines that operate fine if they're connected to
> our Bay switches or Cisco 1900 switches.
>
> Have any of you seen anything like this??  That makes no sense to me.
> The only difference I've been able to determine is that Spanning Tree is
> turned off on those particular Bay switches and 1900 switches, yet it is
> turned on on the 2924XL switches.  So, perhaps these PCs are reacting
> badly to STP BPDU.
>
> Any thoughts?  Our LAN people are doing some testing with different NIC
> software and Novell client software and I'll post back to the list if we
> determine the actual cause of the issue.  But can you think of why it
> would only happen if they're connect to a 2924?
>
> Thanks,
> John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32545&t=32536
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Slightly OT: 2924XL and Blue Screen of Death [7:32536]

[Kevin Cullimore]

Your conclusion may be quite correct, but it's dangerous to make
generalizations concerning the behavior of microsoft client software,
especially given their last 2 operating system offerings (2000 & XP).
Whether or not a PC should or should not "care" about traffic traditionally
destined for other sorts of devices constitutes an insufficient basis for
drawing inferences about the behavior of microsoft network clients.


- Original Message -
From: "Steven A. Ridder" 
To: 
Sent: Friday, January 18, 2002 6:10 PM
Subject: Re: Slightly OT: 2924XL and Blue Screen of Death [7:32536]


> ""John Neiberger""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > We're having an interesting issue that just appeared recently.  We have
> > some Dell PCs running Netware 6 and new client software.  We're not sure
> > why, but if one of these machines is connected to a 2924XL switch, it
> > regularly experiences a blue screen of death either at login or within 5
> > minutes of login.
> >
> > We have identical machines that operate fine if they're connected to
> > our Bay switches or Cisco 1900 switches.
> >
> > Have any of you seen anything like this??  That makes no sense to me.
> > The only difference I've been able to determine is that Spanning Tree is
> > turned off on those particular Bay switches and 1900 switches, yet it is
> > turned on on the 2924XL switches.  So, perhaps these PCs are reacting
> > badly to STP BPDU.
>
> A PC wouldn't care about a bpdu.  I say it's the client for netware.
>
> >
> > Any thoughts?  Our LAN people are doing some testing with different NIC
> > software and Novell client software and I'll post back to the list if we
> > determine the actual cause of the issue.  But can you think of why it
> > would only happen if they're connect to a 2924?
> >
> > Thanks,
> > John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=32547&t=32536
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: levelling of enable secer can't work [7:33362]

[Kevin Cullimore]

Only if you are using that particular brand of authentication. I believe
that Aaron's suggestion would work, as would the explicit configuration of a
single "enable" password as contrasted with the configuration of only enable
secrets. I've seen the latter function in production.

- Original Message -
From: "Michael Popovich" 
To: 
Sent: Sunday, January 27, 2002 12:27 PM
Subject: Re: levelling of enable secer can't work [7:33362]


> Don't you need users defined for the certain levels and then enable aaa
new
> model along with aaa authentication default local?
>
> MP
> - Original Message -
> From: "Aaron Dixon"
> To: "Grad Alfons Kanon" ;
> Cc:
> Sent: Sunday, January 27, 2002 11:15 AM
> Subject: RE: levelling of enable secer can't work
>
>
> > I think that you still have to have an enable password for level 15 on
> > the router so that you don't end  up locking yourself out.  When you
> > want to use privilege levels you need to specify that in your enable
> > command.  In your example, try 'enable 2' for level 2 and 'enable 3' for
> > level 3.
> >
> > Aaron
> >
> > -Original Message-
> > From: Grad Alfons Kanon [mailto:[EMAIL PROTECTED]]
> > Sent: Saturday, January 26, 2002 2:10 AM
> > To: [EMAIL PROTECTED]
> > Cc: [EMAIL PROTECTED]
> > Subject: levelling of enable secer can't work
> >
> >
> > Hello team,
> >
> > I have problem here, I configured two different level of enable password
> > on
> > my OHIO router to enable different privilege of accessing the router,
> > but
> > seems can't work because when I telnet from Michigan, OHIO is no even
> > considered has the enable secret configured
> >
> > below is the config.
> >
> >
> >
> > OHIO ROUTER
> > ===
> > !
> > hostname Ohio
> > !
> > enable secret level 2 5 $1$maWB$LVrsaUTyQGfCjUssdGVAN0
> > enable secret level 3 5 $6PRD$oza0RE5ve6QdSB3rAVG7h/
> > !
> > privilege exec level 3 show version
> > privilege exec level 2 show interfaces
> >
> >
> > MICHIGAN ROUTER
> > 
> >
> > Michigan#135.2.56.6
> > Trying 135.2.56.6 ... Open
> >
> >
> > User Access Verification
> >
> > Password:
> > Michigan>en
> > % No password set
> >
> >
> >
> > _
> > Join the worlds largest e-mail service with MSN Hotmail.
> > http://www.hotmail.com
> > _
> > CCIE Security list: http://www.groupstudy.com/list/security.html
> > _
> > CCIE Security list: http://www.groupstudy.com/list/security.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=33366&t=33362
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CSMA/CD [7:41105]

[Kevin Cullimore]

Since ethernet & csmacd are somewhat incidental to the evolution of the
Internet (which responds to such technologies based upon their success or
failure rather than any necessity-based dependencies), you might be better
served by the content found in different forums, such as priscilla's
certzone paper, the wildpackets/oed compendium, the IEEE 802.3 PDF (made
freely available less than a month after I bought it) or any of charles
spurgeon's online work at the university of texas website. A number of RFCs
describe ethernet, but I haven't found any that cover the level of detail
you seem to be looking for (disclaimer: I'm only on # 1287).


- Original Message -
From: "Brian Zeitz" 
To: 
Sent: Wednesday, April 10, 2002 5:38 PM
Subject: CSMA/CD [7:41105]


> Does anyone have any good links for CSMA/CD, I want to really
> understand the process of collisions. What is the best RFC?
>
>
>
> Thanks in advance.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41116&t=41105
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: packet size [7:41079]

[Kevin Cullimore]

I had always thought that 576 was referring to the minimium value for the
maximium packet size, due to the predominant layer 2 technologies in use at
the time. Does anyone know differently?

- Original Message -
From: "Priscilla Oppenheimer" 
To: 
Sent: Wednesday, April 10, 2002 5:17 PM
Subject: RE: packet size [7:41079]



> I didn't know IP had a minimum, although RFC 791 does say that "Every
> internet destination must be able to receive a datagram of 576 octets
> either in one piece or in fragments to be reassembled."




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41121&t=41079
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Ping times? Am i missing something [7:41151]

[Kevin Cullimore]

The range of TTL values is dependent upon the size of the field reserved to
hold it. In many cases, devices that modify the field as the packet passes
through it decrement the value by one. Due to congestion and other facts of
network life, it's therefore quite easy for the value to become out of sync
with an interpretation of the TTL as a value corresponding to tranmission
time measured in seconds, and probably better corresponds to a hop count.

- Original Message -
From: "[EMAIL PROTECTED] (Timothy Ouellette)" 
To: 
Sent: Thursday, April 11, 2002 2:58 AM
Subject: Re: Ping times? Am i missing something [7:41151]


> Okay, so ICMP doens't specify a TTL on it's own.  Doesn't IP by itself
> have a TTL of 255?
>
> Maybe i'm missing something.
>
> Tim
>
> On 11 Apr 2002 01:26:56 -0400, [EMAIL PROTECTED] ("Joseph
> Ezerski") wrote:
>
> >Ok, according to Stevens (TCP/IP Illustrated Vol 1), the ICMP Ping Packet
> >looks like this:
> >
> >
> >0   1   2   3
> >0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
> >   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >   | Type  | Code  |  Checksum |
> >   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >   |  Identifier   |  Sequence Number  |
> >   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >   |  Optional Data|
> >   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >
> >The RFC 792, does not specify a time value, other than IP TTL (at that
time,
> >assumed to be in units of seconds).  I think it really depends on how
your
> >OS has implemented it.  For example, on my Windows PC, the default
timeout
> >is 2000ms.  However, there is an option you can set (-w in the windows
> >world) to extend that timeout.  Stevens mentions something about newer
UNIX
> >implementations (as of the early 90s) timing out after 20 seconds.  My
> >Solaris box times out after 20 s, and it is listed in the man pages as
such.
> >
> >HTH
> >
> >-Joe
> >
> >
> >
> >-Original Message-
> >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> >Ouellette, Tim
> >Sent: Wednesday, April 10, 2002 8:13 PM
> >To: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]'
> >Subject: Ping times? Am i missing something
> >
> >
> >The other day while troubleshooting an issue, I saw some pings from out
> >Tivoli Netview box and it was showing ping times in the 15,000+ ms range.
Is
> >this possible? I though there was a limit on this particular field in the
> >head. If an of our frame-format experts (Priscilla?)  or sniffer gurus
> >(again... Priscilla?), could point me someone I'd appreciate it.  Thanks
a
> >bunch!
> >_
> >Commercial lab list: http://www.groupstudy.com/list/commercial.html
> >Please discuss commercial lab solutions on this list.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41166&t=41151
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: traffic analyzer [7:41267]

[Kevin Cullimore]

In sniffer pro, I've had success by specifying two conditions joined by an
OR statement for the filter.

Each condition is specified by selecting the Data Pattern tab of the Define
Filter dialog box and specifying appropriate offsets and data patterns.

For the case where you need to specify the source ip address, I'd use an
offset of 1A and fill in as many hex digits as it takes to uniquely define
the subnet.

For the case where you need to specify the destination ip address, I'd use
an offset of 1E and fill in as many hex digits as it takes to uniquely
define the subnet.

Note: if you're looking at an existing capture featuring traffic to or from
a specific host on the target subnet, you can use the data window in the
same tab to speed things up slightly by selecting the line of the decode
containing the address, clicking the set data button, and deleting the
characters in the pattern window which distinguish the host from the subnet
(generally, staring from the right: in the case of /24 masks, you'd
eliminate the value in column 3, corresponding to the last octet/2 Hex
digits).

I don't remember the vendor-specific info for etherpeek, but the
fundamentals are the same.

HTH

- Original Message -
From: "supernet" 
To: 
Sent: Friday, April 12, 2002 12:42 AM
Subject: traffic analyzer [7:41267]


> Hi Dear Friends,
>
> I have 1 branch office connected to main office by frame relay. I
> noticed a lot of traffic across this link and would like to find out
> what they are. The problem is I don't have access to the branch office,
> therefore, everything has to be done in main office. I tried sniffer
> pro, etherpeek and anasil but they only allow me to specify a particular
> source IP, not the whole branch office subnet. Is there any other
> software I can use?
>
> Thanks.
> Yoshi




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41275&t=41267
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: any good reference or homepage for learning Cisco TCL [7:41298]

[Kevin Cullimore]

Many of the top hits have to do with IVR Auto-Attendant & other voice
topics, instead of more traditional router functionality. I'm wondering,
since this technology involves scripting rather than a primary piece of
router functionality such as filtering, forwarding or routing, and the
origins of the technology reside outside of ciso/other router vendors, if
the user might not be well-served by searching unix sites/forums.

Unless, of  course, the functionality of the cisco implementation is limited
to telephony applications. Does anyone know whether or not that is the case?

- Original Message -
From: "jb" 
To: 
Sent: Friday, April 12, 2002 7:47 AM
Subject: Re: any good reference or homepage for learning Cisco TCL [7:41287]


> Always, Always go to the source..WWW.CISCO.COM
> Take a look at the books published by CiscoPress
> ""Ranma""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > please reply me
> > [EMAIL PROTECTED]
> > if you have any good suggestion.
> >
> > THANKS




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41298&t=41298
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: traffic analyzer [7:41267]

[Kevin Cullimore]

That works for networks divided on octet boundaries, but what about when you
want to capture a /22 or a /23? I actually needed the practice with dec->hex
conversions & offsets, so I always went straight for the data pattern tab
and never tried the wildcard in the address tab. Thanks for the tip.

- Original Message -
From: "Michael Williams" 
To: 
Sent: Friday, April 12, 2002 2:23 PM
Subject: RE: traffic analyzer [7:41267]


> supernet wrote:
> >
> > but they only allow me to specify a particular
> > source IP, not the whole branch office subnet.
>
> Why's that?  Sniffer Pro will let you define entire ranges of
> source/destination IPs in the filter.
>
> In Sniffer Pro, when you define the filter, simply put 192.168.1.* (where
> 192.168.1.0 is the subnet and * is the wildcard).
>
> Works for me =)
>
> Mike W.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41356&t=41267
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE Written Reading.. [7:41017]

[Kevin Cullimore]

A few concerns:

I'm not sure that "leeway" to "surf" & "chat" constitutes a better life/job.
That could just as easily be a sign that a position or a company is in in
trouble due to lack of business.

More realistically, not being allowed to "surf" newsgroups on company time
means that you are denied access to solutions that are not documented
anywhere else.

This has several consequences:

1. You must use their time to duplicate extant solutions.

2. You possibly improve your skills by independently deriving the solution.

This does not scale well for your employer: they have to wait for you to
come up with answers that others can extract via an online search, and you
become more expensive to retain over time (rendering your case for someone
in the opposite or nearly opposite situation to be in possession of "a
better life" all the weaker).

The "chat" case is a little more ambiguous.

While posting to newsgroups allows you to gain valuable practice (again, a
case where you potentially further your own marketability), it does
represent instances where you are sharing knowledge outside your employer's
talent pool and are not working on revenue generating matters (note: I'm
explicitly ignoring any social networking opportunities that might emerge as
a result of such interaction).



Other employers vary widely concerning these issues.

I'm not sure encouraging a technically-oriented Cisco employee to forego
pursuit  of a CCIE certification holds up as valid (impartial) advice.

As far as income/job/life goes, I'm not sure that any software/hardware
provider is safe from having their business eroded by their own increasing
efficiency or the efforts by competitors to leapfrog their current set of
capabilities. The entire world is banding together to reduce IT salaries,
and the success of those efforts would reduce both the overall quality and
achievable salaries of the remaining jobs (caveat: some jobs would certainly
remain interesting or possibly grow more appealing, but the number of
positions available for those roles would probably shrink).

Finally, I'm not sure that a company that routinely trims 5% during
unimaginably good times is the right one to passively cling on to as
suggested in your "Forget CCIE and hold on to your good Cisco Systems
employer" suggestion.

- Original Message -
From: 
To: 
Sent: Thursday, April 11, 2002 10:45 PM
Subject: RE: CCIE Written Reading.. [7:41017]


> Larry,
>
> Well, it did work for me and as you see I am going for the lab now.
> Of course, ccbootcamp, Boson, cerificationzone these are all just tools.
The
> actual result varies depending on the person's capacity.
>
> But, I am curious. Why do you want to become a CCIE?
>
> I want to become a CCIE with the hope and anticipation of a better job, a
> better income, and a better life.
> You already have a better life. Your signature says you work for Cisco,
and
> you
> are constantly on this list. This means you are getting paid for surfing
and
> chatting! This is an ultimate job. I love it.
>
> I don't believe any other employer would give you so much leway  even if
you
> were holding a PhD in brainsurgery. Where I work, we are not allowd to
surf
> the
> web and participate in newsgroups when we are on the clock

>
> Forget CCIE and hold on to your good Cisco Systems employer, and shoot me
an
> application form if they are hiring :-)
>
> Best wishes,
>
> A Strobel   (working on the lab exam)
>
>
>
> Quoting Larry Letterman :
>
> > Bernard's test does not work well, I would advise
> > using dennis L.'s boson # 3 test. Its a better test for
> > written.
> >
> >
> > Larry Letterman
> > Cisco Systems
> > [EMAIL PROTECTED]
> >
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> > [EMAIL PROTECTED]
> > Sent: Wednesday, April 10, 2002 11:20 AM
> > To: [EMAIL PROTECTED]
> > Subject: Re: CCIE Written Reading.. [7:41017]
> >
> >
> > Kris,
> >
> > I am sure you will find tons of info on this subject in archives.
> > Strategies are different from person to person.
> > I used the following to pass my written:
> >
> > -Bruce Caslow's Book (1st or 2nd edition)
> > -Boson #1 by Bernard
> > -CCO
> >
> > You can add www.certificationzone.com to your arsenal if you are an avid
> > reader. They have excellent white papers.
> >
> > During the period that you wait and practice for you lab, you can read:
> > Halabi
> > Jeff Doyle (1 &2)
> > BGP-4 by parkhurst
> > and many more.
> >
> > Good luck,
> > A Strobel ( working on the lab exam.)
> >
> >
> >
> > Quoting Kris Keen :
> >
> > > Hi All,
> > >
> > > I'll be preparing for the CCIE written exam very shortly, Im in the
> > process
> > > of building the tid bits for my lab and collecting the reading
material..
> > >
> > > What books should I read at a min, and what would be even more
> > advantgeous?
> > >
> > > I have all the CCNP books (Exam Cert Guides) and Doyles TCPIP Vol 1.
> > >
> > > Please help...
> > >
> > > Th

Re: CCIE Written Reading.. [7:41017]

[Kevin Cullimore]

I'm a little frightened at the equation of expressing corporate values with
managerial authority. If the organization is subject to such catastrophic
change due to personal whims or poorly-planned reactions to clearly
discernible macroecenomic trends, I'm not sure their issues and/or plight
are worth your attention/ire.

The higher up someone resides within a corporate structure, the more
valuable their "networking" (meant to invoke the non-technical use of the
term) skills are likely to be.

On balance, I'd MUCH PREFER the scenario in which managers participate in
newsgroups to exploit the interaction potential and make good use of their
time rather than the situation you depict. In this case, I suspect we're
dealing with an individual not neccessarily associated with the management
hierarchy who merely manages their time well enough to accomodate these
online conversations.

On a technical note, if more people paid attention to the free HT upgrade or
sought out an acceptable alternative, helpdesks would either find themselves
free to work on more interesting problems or pare themselves down to the
margin that you and your compatriots scream out for.

- Original Message -
From: 
To: 
Sent: Sunday, April 14, 2002 4:39 AM
Subject: Re: CCIE Written Reading.. [7:41017]


> Quoting Larry Letterman :
>
> > .. altho we wont do layoffs..we are not
> > replacing any body that leaves or does not make it on the performance
> > issues...
>
>
> Hey Larry,
>
> Who is "we"?
> Are you telling me that you are a mangager or a director at Cisco with the
> power to hire and fire?
> and even at a managerial position you do not have enough work to do other
> than
> surf and chat and evaluate Hyper Terminals?
>
> You must be kidding me, you are not a manger at Cisco, are you?
> Or, may be you are.
>
> A Strobel
>
>
>
> -_-_-_ Mail3000 gives you 30 Megs of Email space free -_-_-
> This mail sent through http://mail3000.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41430&t=41017
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF and MTU, spawned from the OSPF vs. EIGRP thread [7:41803]

[Kevin Cullimore]

One of the relatively few nice things about working with data communications
these days is that people like John Moy design non-policy based routing
protocols, and he's fairly conscientious about leaving clues regarding the
motivations underpinning the design decisions.

In the case of OSPF, I note thematic commonalities between the intent to
reserve the right to manufacture as large a packet as the medium will allow
according to clues such as the mtu, and the assertion that running the
protocol directly over ip is preferable to relying on udp partially because
of the extra 8 bytes which are eligible to carry ospf data (section 3.2 of
the book IIRC, and possibly in versions of the RFC as well). Maybe some
routing anthropologist might be able to make something of that.

In the interests of fairness, ospf might be said to not "care about" mtu,
but in cases involving a large enough mtu disparity, it might be said not to
"care to" form an adjacency either (this is particularly problematic given
what organizations are willing to pay people who troubleshoot such issues,
since ip connectivity & certain other routing protocols might very well be
functional under these conditions).

One way to characterize "weird interaction" might be as "indeterminism."
After expending much effort to establish whether or not the difference in
mtu calculation between the east coast router vendor and the west coast
router vendor was 4 or 6 bytes, trying to remember which direction the
difference ran, and trying to identify which part of the
packet/frame/grouping-of-bits the one vendor was ignoring (as packet
capturing products are sometimes said to do), scenarios would emerge whereby
routers running identical operating systems over similarly provisioned lines
of pupportedly identical capacity would require different offsets as
revealed by means of debug messages/pcap traces/log entries. I lost the
patience to even guess at what structural differences might account for the
offset required to make a frame relay cross-vendor adjacency form.


- Original Message -
From: "Howard C. Berkowitz" 
To: 
Sent: Wednesday, April 17, 2002 8:32 PM
Subject: Re: OSPF and MTU, spawned from the OSPF vs. EIGRP thread [7:41788]


> At 3:43 PM -0400 4/17/02, Kane, Christopher A. wrote:
> >In an attempt to find out why MTU is examined (more precisely, why it's
> >examined in the Database Description packets instead of the Hello
packets)
> >one of my co-workers found this passage in IETF meeting minutes:
> >
> >"Editor's note:  These minutes have not been edited.
> >
> >The OSPF Working Group met on Wednesday, December 11th from 1300-2500 at
> >the San Jose IETF. Minutes of the meeting follow:
> >
> >The second problem, reported by Dan Senie of Proteon, concerns MTU
> >mismatches between OSPF neighbors. This can cause flooding between
> >the two neighbors to fail, with large Link State Updates being
> >continually retransmitted. To fix this, we will report interface MTU
> >in Database Description packets. A router will discard received
> >Database Description packet which advertise an MTU that is larger
> >than the router can receive. In this way, adjacencies will not form
> >between routers having MTU mismatches. Tony Li expressed a desire
> >for a more general purpose mechanism. There was also a question
> >whether the same thing will have to be done for OSPF for IPv6 (we
> >think so)."
> >
> >
> >Very informative. Thank goodness for meeting minutes. Here's the link if
> >anyone is as hung up on this as I seem to be. :)
> >
> >http://www.ietf.org/ietf/ospf/ospf-minutes-96dec.txt
>
> H...I _think_ I was at that meeting...or at least one in SJ about
> that time.
>
> In a broader sense, I've run into other operational issues involving
> the MTU.  There's been a weird interaction between Cisco and Bay RS
> OSPF, where Bay thinks Cisco's 1500 MTU is 1472. Don't know if it
> ever was fixed. Incidentally, Passport OSPF is a different
> implementation than Bay RS.
>
> While, in principle, OSPF supports fragmentation, it's one of those
> things that I avoid like the plague. It tends to exercise parts of
> the code that were rarely tested.  When I was at Nortel, a sales type
> came running in announcing that some competitor could do, IIRC, 47
> neighbors per hello. He wanted us to say we could do more, just
> because bigger numbers are better in sales.  The sanity of having 47
> neighbors on an interface was not considered.
>
> Anyway, I did a back-of-the-envelope calculation, and this number
> (might have been 46 or 48) was the maximum number of neighbors that
> could fit into a 1500 byte Hello packet. Good, practical restriction,
> that never should be approached in practice.
>
> --
> "What Problem are you trying to solve?"
> ***send Cisco questions to the list, so all can benefit -- not
> directly to me***
>


> Howard C. Berkowitz  [EMAIL PROTECTED]
> Chief Technol

Re: MBA or CCIE [7:41809]

[Kevin Cullimore]

A fair amount of people who focused their academic pursuits on "natural
sciences"/mathematics work in the private sector. Some of them have jobs
which apply concepts & concrete knowledge that was part of their curriculum.
Some of them pusued a masters because they could actually learn something
about their field of interest (which can be profoundly hard to do within
undergrad programs) or it helped advance their pursuit of compensation or
responsibility. Some really competent Masters students opted to not pursue
PhDs because of the prospects of divorce and minimal returns based on their
current job status.  If they can't pass the quals, I'm not sure the
conferring of the Masters is in order. Conversely, there are PLENTY of good
reasons to NOT let someone in a PhD. program even if they CAN or DO pass
their quals.

I've encountered plenty of cases where better experiences can be had with
Mathematics BS grads than CS MS grads, because the math folk don't assume
that four years of algorithms & programming (and ponentially many other
topics except real-world microcomputer-based support & networking
issues-diclaimer, I'm aware that that is changing at the painfully slow pace
that most curriculms adhere to when reforming themselves, but the damage is
done) entitle them to godlike status where their intuitions concerning
technologies, formal systems and issues that they have had NO PRACTICAL
experience with are concerned. As far as the CS folk in question are
concerned, since they already know everything, they can be VERY difficult to
train. (I'm aware of the existence of exceptions, but they are not the ones
making laughingstocks of their respective IT groups, so they do not occupy
as prominent a place in my consciousness)

It's interesting that you align CS with engineering, since the
knowledge-gathering aspect of CS adheres better to the rhetoric and ideals
of the natural sciences ever could, due to the nature of the subject matter.

Dragging back in the original question, the CCIE somewhat affirms the
ability to perform hands-on work and apply concepts in unfamiliar contexts
with success slightly quicker than random trial and error generally produce
in a vendor-specific state-space. Its ameliorative influence upon your
career is somewhat dependent upon Cisco's success, IT's success and your
personal goals. I see high level networking jobs where a masters in computer
science is a prerequisite for having your resume read  (very effecient,
since it reveals two things: that human resource folk still misunderstand
that you can sneak by a CS program without an acceptable understanding of
how electrical patterns present on one computing device can magically be
made to replicate themselves on a remote computing device through the
wonders of networking, and that the employer in question is explicitly
choosing to use a filter that will quickly reduce the numbers of resumes
that have to actually be read, even though that might rule out some of the
best candidates). Whether or not the hands-on and advanced conceptual
knowledge are relevant to higher-level jobs is industry & even company
dependent, but you can bet that if a company can make it irrelevant so that
they don't have to compensate you for that knowledge, they will. An MBA is
supposed to provide you with the cognitive wherewithal to lead the overall
success of business efforts, which in many cases requires leaders to delve
into profoundly non-technical issues. If, following the completion of your
desired course of study, you wish to deal with people & financial issues
outright, by all means go for the MBA. The situation (besides, of course,
hands-on) where not having a CCIE might hurt you is if you have to lead a
team of them, and your role requires you to understand issues at their level
in order to communicate with them or make successful customer-related
decisions.


- Original Message -
From: "nrf" 
To: 
Sent: Friday, April 19, 2002 11:55 AM
Subject: Re: MBA or CCIE [7:41809]


> >
> > I'd tend to agree in traditional science fields like chemistry (my
> > original major), but not in computer science/networking outside pure
> > academia. I can look at an assortment of IETF leaders and find people
> > anywhere from college dropout to PhD. Even some key academic
> > researchers (not faculty) such as Scott Bradner have  masters'
> > degrees, not PhD's.
>
> But notice that was why I was restricting my discussion to only  the
natural
> sciences and mathematics, where a master's degree may not be very
positive,
> and could actually be negative. Different rules apply to, say, engineering
> (I still consider CS to be more engineering than natural science).  And,
of
> course, to business.
>
>
>
>
> >
> > This isn't just the "Old Guard."  A co-director of the IETF Routing
> > Area, Abha Ahuja, died suddenly and tragically at the age of 27. She
> > had a bachelor's degree.  One of the Advisory Council members of ARIN
> > got his appointment around his 21st or 22

Re: Scenario Design: Comments Invited [7:42007]

[Kevin Cullimore]

It seems to be the case that there exists too much concrete knowledge about
the subject matter to NOT discuss meta-issues, such as the most efficient
way to assimilate the content. I'm not sure why you singled this post out
for the "not a place to solicit
> opinions in things other than knowledge required to attain the CCIE cert"
given the mind-numbingly vast number of questions about obtaining isdn
simulators and the best boson test to scrape by a multiple-choice test with.
This effort seems a little more potentially productive than most. I'm not
sure about the business comments, since the very post itself (as well as the
act of submitting it for posting) precludes the possibility of financial
gain, but it's more than possible that I misunderstood your point there.

On balance, both the cert and the candidates might be better served by more
efficient lab techniques than shortcuts for rote memorization tools.

As far as soliciting opinions in things other than knowledge required to
attain the CCIE cert, I'm not sure that opinions count for much when you are
faced with the cold, hard reality of underdesigned software & hardware
refusing to succumb to the dictates inspired by your opinions.

If you are interested in soliciting facts "in" the knowledge required to
attain the CCIE cert, it occurs to me that issues involved with lab design
are not too dissimilar from those involved with network design (or at least
the brand of network design preferred by pointy-haired bosses world-round-if
you just invert the requirements you might wind up with something useful),
so the prospective cert-seeker could inadvertently help his own lab prep by
sorting through the problem-solving involved with those issues.



- Original Message -
From: 
To: 
Sent: Friday, April 19, 2002 4:18 PM
Subject: RE: Scenario Design: Comments Invited [7:42007]


> Hello Howard,
>
> Please do not get upset from me but this topic should not be posted. As
far
> as I know, all the individuals who participate in this email list have one
> goal, gaining the CCIE cert. It is not a place to develop a business
plane,
> it is not a place to market a business and it is not a place to solicit
> opinions in things other than knowledge required to attain the CCIE cert.
> From you writing, it sounds like you are very educated man, so please
accept
> my criticism. Good luck.
>
>
> Sam
>
> -Original Message-
> From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]]
> Sent: Friday, April 19, 2002 11:22 AM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Scenario Design: Comments Invited
>
>
> I'd like to start a discussion on the design of two kinds of scenarios:
>   1. lab preparation.  (problem recognition, speed building,
>  interaction among many protocols, time pressure, etc.)
>   2. In-depth understanding of protocols (seeing the effects of
>  alternative configurations, learning how to solve specific
>  problems with specific technologies).  Pure tutorials on
>  technologies complement these hands-on experiences.
>
> The two requirements, of course, are not mutually exclusive. #3 are
> scenarios that either statically or dynamically switch between the
> modes.
>
> It is my hope that this will stimulate community discussion involving
> both people who use scenarios and people who write them.
>
> Now, a disclaimer:  I work for Gettlabs and Gett Communications, the
> former of which runs a virtual rack service.  Gettlabs itself uses an
> open-source model for its own scenarios, as does Fatkid and some
> others. Gettlabs has partnerships with IPexpert and
> CertificationZone, which sell scenarios and supplemental materials.
> My comments here are intended to be neutral, and I will listen, learn
> and share with competitors.  I have discussed my intentions with Paul
> Borghese, and one of our agreements is that this is eligible to stay
> off the commercial list as long as I make free scenarios available.
>
> 1.  Lab Preparation
> ---
>
> Above all, these have to prepare you for pressure and ambiguity.
>
> A fairly basic question:  should all lab preparation scenarios be of
> 8-plus hour length, or two four-hour segments (forcing the disruption
> of a lunch break)?  Alternatively, is it acceptable to have sets of
> sub-scenarios that build on one another, so you can practice for an
> amount of time you have available, then pick up later on?
>
> I think it's a given that all you should be given is the addressing,
> etc., in the one day lab, plus instructions on what you should do,
> restrictions (e.g., no statics), and some criteria for judging
> success.  Estimated completion times/points also are important.
>
> An interesting question, however, is whether the scenario should
> include some of the sorts of things where it is fair (based on
> non-NDA statements of Cisco policy and the variations in proctors) to
> ask a proctor a question.  Should such points include things where
> variou

Re: Scenario Design: Comments Invited [7:41955]

[Kevin Cullimore]

I'm pretty far away from the "purchasing lab scenarios or the time to
practice them" point(so many printed words, only one lifetime), but one
frustrating theme permeating all of the vendor-endorsed training I've been
forced to attend (note: it was always the case that I would ask for training
during my first 6-12 months of exposure to a technology, get denied, and
then be required to attend the lowest possible level training a year later),
is that they offer one or two solutions to a given troubleshooting/design
problem. While they might come up with some acceptable reasons for their
solution, wouldn't it be better to provide scenarios where multiple
solutions exist for a given set of base requirements and the solutions
manual outlines all acceptable options, comparing & contrasting them with
one another, highlighting the merits of solutions that go above & beyond the
original motives according to generally accepted principles of network
design?

- Original Message -
From: "Lupi, Guy" 
To: 
Sent: Friday, April 19, 2002 6:07 PM
Subject: RE: Scenario Design: Comments Invited [7:41955]


> Exactly.  A technology learning scenario might benefit from having hints
and
> suggestions there for you.  A lab scenario should have no explanation
> whatsoever in the scenario itself, it should be just as vague as the real
> thing.  At the end of the scenario though, in the solution, I would
> definitely benefit from an explanation of why a particular method was
used,
> I believe others would too.
>
> ~-Original Message-
> ~From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]]
> ~Sent: Friday, April 19, 2002 5:25 PM
> ~To: [EMAIL PROTECTED]
> ~Subject: RE: Scenario Design: Comments Invited [7:41955]
> ~
> ~
> ~At 5:00 PM -0400 4/19/02, Lupi, Guy wrote:
> ~>The biggest problem I have with scenarios out there is that
> ~the solutions
> ~>are not explained in enough detail.  I suppose something
> ~could be said about
> ~>the requirement to then go look up a particular command and learn it
> ~>yourself, but part of the reason you have the scenarios is so
> ~that you can
> ~>learn.  Nothing irritates me more than to go through a lab,
> ~look at the
> ~>solution and find that the author solved it in a completely
> ~different manner
> ~>than you did, with no explanation.  This is especially
> ~important when there
> ~>is more than one way to come to a working solution.  A lot of
> ~times there is
> ~>a perfectly valid reason to use the method in the solution,
> ~but the reasons
> ~>are sometimes very hard to see, especially if you are not
> ~well versed in the
> ~>technology.  Some scenarios could be significantly improved
> ~if they gave the
> ~>reason behind a particular method used.
> ~
> ~Excellent point. There is utterly no question you are right for
> ~technology learning scenarios.  As far as lab practice scenarios,
> ~however, there's been a tendency in commercial labs not to do so,
> ~because Cisco doesn't do so.  Perhaps more correctly, Cisco doesn't
> ~do so any more, with the one-day format.
> ~
> ~Would you agree that this sort of explanation should be done only at
> ~the very end of the lab, as distinct from "hints" that may be
> ~available during the scenario?
> ~
> ~Let me throw out an example and see if it's a way of approaching it.
> ~I've written three scenarios, each of which has the same first step:
> ~establishing BGP connectivity to two POPs of the same ISP.
> ~
> ~Next, you are directed to implement load sharing, with certain of the
> ~address space preferring each POP. There are three variants,
> ~deliberately being a bit vague in the instructions.
> ~
> ~One says, for example,."you cannot use any method that adds addresses
> ~or manipulates AS information." In other words, I expect the student
> ~to know that a MED is the only general option remaining (ignoring
> ~ISP-specific communities).
> ~
> ~Another says "you may not manipulate addresses or metrics."  It's
> ~looking for AS path prepending.
> ~
> ~The third is written to look for more-specific and summary addresses.
> ~
> ~I've set up hints in each one, which really say the same thing...the
> ~hints are multiple levels of questions, only giving a specific answer
> ~at the end.  By the time you are through the hints, you will have
> ~reviewed the three possible options.
> ~
> ~ From what you are saying, it sounds like a technology-learning
> ~scenario would do well with the hints, but a lab-practice scenario
> ~should simply consolidate these explanations at the end. Is that a
> ~fair interpretation?
> ~
> ~Thanks,
> ~
> ~Howard
> ~
> ~
> ~
> ~
> ~Report misconduct
> ~and Nondisclosure violations to [EMAIL PROTECTED]
> ~




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=42036&t=41955
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Scenario Design: Comments Invited [7:41992]

[Kevin Cullimore]

Several dangers exist for those taking this approach.

Some of your statements reflect a disturbing assumption about preferred
approaches to test preparation:

 but it seems strange
> to me that someone who is not a CCIE is writing labs that they expect
people
> studying for the CCIE to buy.

In this case, I'd rather the person with more (teaching, design,
implementation, cisco-certification-specific) experience than many CCIEs
attempt to lead me to learn something about networking than those who
managed to grab a number and lack professional experience beyond
instruction.

I'm also led to believe that the early CCSI exams were designed to weed out
mere CCIEs (please, somebody, correct me if I'm wrong on that [or any other]
account).

>From pasts posts on this forum, I think that
> you have never even taken the test.

"I think" is ambiguous, and could be misconstrued as your opinion, rather
than a posited fact.

My recommendation is for you to sit the
> exam a time (or two or three!).

I would humbly venture a guess that this is the wrong advice to give to
someone with a perfect record of not-violating the NDA and
explicity/publicly attempting to prove his ability to do so in the face of
ever-waning cisco legal intellect.


Then you'll be able to answer your own
> questions about the format of practice labs.


I'm not sure basing the practice modules on current exams constitutes best
practice.

-Throughout the entirety of western civilization, most people who attempt to
formulate questions that definitively establish a person's knowlegedge about
a given topic have failed beyond measure.

-The exams may or may not establish that a candidate can function in a
manner reflecting efficient design, implementation & troubleshooting skills.
If you gear your curriculum towards understanding the underlying
technologies (and, in this case, optimizing your speed & ability to handle
the unusual in responding), all concerned might be better off.

the COMMON assumption that would render your submission coherent is that the
best method to follow in creating examination preparation tool material is
to precisely home in on the specific technology points being covered and
covering them in a manner that only introduces enough variety to ensure a
minimally passing grade with an emphasis on speed and precision (kind of
like a texas state government education initiative :-)  ).

BUT

that assumption presupposes that the ultimate goal of the materials was to
make sure that a candidate has no more or no less than the capabilities to
respond to the configuration (& possibly design, I'm years away from the lab
or any exposure to it) responsibilities required during the course of the
lab exam.

I'm thinking it scales better to design labs that teach nuances & caveats &
uncover hidden unwarranted assumptions of the technology involved rather
than labs which structurally mimic the extant exams in both form and
content. Following this path, people might finally get their money's worth
when they hire Industry-certified individuals, and possibly might be less
bitter/suspicious about our involvement in their business activities
(although that will NOT do anything about their raging
techno-science-phobia).

- Original Message -
From: "Denise Donohue" 
To: 
Sent: Friday, April 19, 2002 2:32 PM
Subject: RE: Scenario Design: Comments Invited [7:41992]


> I don't know you, so please don't take this personally, but it seems
strange
> to me that someone who is not a CCIE is writing labs that they expect
people
> studying for the CCIE to buy.  From pasts posts on this forum, I think
that
> you have never even taken the test.  My recommendation is for you to sit
the
> exam a time (or two or three!).  Then you'll be able to answer your own
> questions about the format of practice labs.
>
> No offense, just my 2 cents.
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Howard C. Berkowitz
> Sent: Friday, April 19, 2002 11:22 AM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Scenario Design: Comments Invited
>
>
> I'd like to start a discussion on the design of two kinds of scenarios:
>   1. lab preparation.  (problem recognition, speed building,
>  interaction among many protocols, time pressure, etc.)
>   2. In-depth understanding of protocols (seeing the effects of
>  alternative configurations, learning how to solve specific
>  problems with specific technologies).  Pure tutorials on
>  technologies complement these hands-on experiences.
>
> The two requirements, of course, are not mutually exclusive. #3 are
> scenarios that either statically or dynamically switch between the
> modes.
>
> It is my hope that this will stimulate community discussion involving
> both people who use scenarios and people who write them.
>
> Now, a disclaimer:  I work for Gettlabs and Gett Communications, the
> former of which runs a virtual rack service.  Gettlabs it

Re: Scenario Design: Comments Invited [7:41992]

[Kevin Cullimore]

Thanks for taking a variant of that (anti-cert-worshipping-centric) stance.

Minor points:

1) confusing DENNIS for DENISE is probably not acceptable in any human
forum.

2) Why would it be worth mention that Radia Perlman is not a CCIE, since she
does not focus on cisco-specific issues, does not regularly participate in
this newsgroup and was already more employable in this field and many more
enlightened ones than almost any CCIE since before the CCIE program started?

Why her and not Tony Li? Andrew Tannenbaum? Douglas Comer? Richard Stevens?
John VonNeumann?

(I know the last one was a stretch . . .)

disclaimer: I'm grateful for her expertise & written candor, I'm just not
sure what she has in common with the other people mentioned.

- Original Message -
From: 
To: 
Sent: Friday, April 19, 2002 7:18 PM
Subject: RE: Scenario Design: Comments Invited [7:41992]


> Dennis,
> Unfortunately, you do not know Howard. If you knew him, you would never
post
> such a message.
>
> Alone that Mr. Howard Berkowitz takes time to post a message to this list
is
> an
> honor for the people who know him. Howard does not need to be CCIE to be
> respected in the networking community. Honestly, I don't believe there is
> any
> certification that could possibly add to Howard's highly respected image.
>
> Are these four digit numbers all that you can use to judge people,
> especially
> people that you don't know?
>
> Jeff Doyle is not a CCIE any more and does not even work for Cisco. Does
> this
> make him even a tiny bit less respected?
>
> Priscilla is not a CCIE, so what? Would we possibly respect her and her
> invaluable inputs any more if she were one?
>
> Marc Russell is not a CCIE (so far as I know- sorry if I am wrong), but
his
> scenarios are the best tools to become a CCIE. There are hundreds of CCIEs
> who
> owe him their certifications.
>
> For your information, Radia Perlman is not a CCIE neither.
>
> Howard, on behalf of myself and all the members of this group who know you
> (not
> personally, though) I apologize to you for such uncalled for remarks.
>
>
> A Strobel
>
>
>
>
>
>
> Quoting Denise Donohue :
>
> > I don't know you, so please don't take this personally, but it seems
> > strange
> > to me that someone who is not a CCIE is writing labs that they expect
> > people
> > studying for the CCIE to buy.  From pasts posts on this forum, I think
that
> > you have never even taken the test.  My recommendation is for you to sit
> > the
> > exam a time (or two or three!).  Then you'll be able to answer your own
> > questions about the format of practice labs.
> >
> > No offense, just my 2 cents.
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> > Howard C. Berkowitz
> > Sent: Friday, April 19, 2002 11:22 AM
> > To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> > Subject: Scenario Design: Comments Invited
> >
> >
> > I'd like to start a discussion on the design of two kinds of scenarios:
> >   1. lab preparation.  (problem recognition, speed building,
> >  interaction among many protocols, time pressure, etc.)
> >
>
>
> -_-_-_ Mail3000 gives you 30 Megs of Email space free -_-_-
> This mail sent through http://mail3000.com/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=42041&t=41992
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Simple (E)IGRP Metric Question [7:42103]

[Kevin Cullimore]

I'd expect that the values they are multiplied by would change if they are
truly based upon data derived from the interface counters, which are
certainly subject to potentially vast fluctuations in absence of topology
changes

Real-world confirmation anyone?

- Original Message -
From: "Michael L. Williams" 
To: 
Sent: Saturday, April 20, 2002 10:28 PM
Subject: Re: Simple (E)IGRP Metric Question [7:42103]


> Well, reason I ask is that I was looking over a study sheet that lists the
> routing protocols, their type (link-state/distance-vector), their metric,
> etc, and it listed Bandwidth, Delay, Load, and Reliability as the
components
> for (E)IGRP metric calculation, but something in the back of mind was
going
> "Where's MTU?".  So I started digging around Cisco's site, and found
> documents showing the formula for calculation (only using the 4 components
> listed above) but then found all of the other things regarding
> redistribution and default metrics that tell you to use all five (the four
> above plus MTU).
>
> But yes, I've often read that it's best to leave K1 = K3 = 1 and K2 = K4 =
> K5 = 0.  However, I can't see why changing these values would result in
> frequent recalculation of the topology table.  Wouldn't the topology table
> only change when there are changes to the topology? (Which it seems to me
> wouldn't have anything to do with the values of K1-K5 used in the metric
> calculation).
>
> Mike W.
>
> "Steve Watson"  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Good question!! Not sure this is what you're looking for but it also
> > says that it is based on five criteria, bandwidth and delay are the
> > default criteria; reliability, loading and MTU are additional criteria
> > are NOT RECOMMENDED FOR USE because they result in frequent
> > recalculation of the topology table.
> >
> > Steve




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=42114&t=42103
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Scenario Design: Comments Invited [7:41955]

[Kevin Cullimore]

I'm not sure that I've ever seen anyone succeed at scenario type-2 without
spending quality time with packet captures (this is, of course, a
non-trivially different population that the set of individuals who merely
BELIEVE that they have succeeded at scenario type-20).

A lab presents a great opportunity for this type of study, because you can
see what some might consider to be low-level (though not as low level as,
say, the presence or absence of electrical current) consequences of
configuration changes, reinforcing any theoretical knowledge you might have
gleaned beforehand.

Scenario type-1 sounds like it might be amenable to an approach involving
automated enumeration, or some very mechanical manual procedure, at leat for
the less abstract topics or at the very beginning of study.


- Original Message -
From: "Howard C. Berkowitz" 
To: 
Sent: Friday, April 19, 2002 11:21 AM
Subject: Scenario Design: Comments Invited [7:41955]


> I'd like to start a discussion on the design of two kinds of scenarios:
>   1. lab preparation.  (problem recognition, speed building,
>  interaction among many protocols, time pressure, etc.)
>   2. In-depth understanding of protocols (seeing the effects of
>  alternative configurations, learning how to solve specific
>  problems with specific technologies).  Pure tutorials on
>  technologies complement these hands-on experiences.
>
> The two requirements, of course, are not mutually exclusive. #3 are
> scenarios that either statically or dynamically switch between the
> modes.
>
> It is my hope that this will stimulate community discussion involving
> both people who use scenarios and people who write them.
>
> Now, a disclaimer:  I work for Gettlabs and Gett Communications, the
> former of which runs a virtual rack service.  Gettlabs itself uses an
> open-source model for its own scenarios, as does Fatkid and some
> others. Gettlabs has partnerships with IPexpert and
> CertificationZone, which sell scenarios and supplemental materials.
> My comments here are intended to be neutral, and I will listen, learn
> and share with competitors.  I have discussed my intentions with Paul
> Borghese, and one of our agreements is that this is eligible to stay
> off the commercial list as long as I make free scenarios available.
>
> 1.  Lab Preparation
> ---
>
> Above all, these have to prepare you for pressure and ambiguity.
>
> A fairly basic question:  should all lab preparation scenarios be of
> 8-plus hour length, or two four-hour segments (forcing the disruption
> of a lunch break)?  Alternatively, is it acceptable to have sets of
> sub-scenarios that build on one another, so you can practice for an
> amount of time you have available, then pick up later on?
>
> I think it's a given that all you should be given is the addressing,
> etc., in the one day lab, plus instructions on what you should do,
> restrictions (e.g., no statics), and some criteria for judging
> success.  Estimated completion times/points also are important.
>
> An interesting question, however, is whether the scenario should
> include some of the sorts of things where it is fair (based on
> non-NDA statements of Cisco policy and the variations in proctors) to
> ask a proctor a question.  Should such points include things where
> variously the proctor will and will not answer, or even, in marginal
> cases, flip a software coin to see if the proctor will answer)?
>
> I believe it's realistic to be able to see a solved configuration,
> but, when you see it, you either should have demonstrated successful
> operation or accepted that you will accept losing points to be able
> to go on.
>
> I do not think that hints are appropriate in a lab preparation
> scenario, with the caveat that this sort of thing is quite
> appropriate to technology learning, and, as I suggested in #3 above,
> scenarios could be developed (possibly with a specific execution
> engine) that let you switch between preparation and learning modes,
> and even back.
>
> 2.  Technology Learning
> ---
>
> My general approach to designing such things is again to start with
> instructions, initialization, etc., but to break the exercise into
> relatively small steps.  Each step will have hints available, and
> will be fairly small so you can look at the successive changes to the
> configuration that move you closer to your goal.
>
> One difference comes with the physical presentation of the scenario.
> If it is a printed document, should the hints be in-line with the
> text, or in a separate section so you will use them only if needed?
> If the latter, should they be on separate pages or at least have
> significant "spoiler space" between them so you don't inadvertently
> get an unfair clue to what is coming next?
>
> If the scenario is running interactively, should hints and hint
> answers only be available with a specific user action (clicking a
> link, opening a file, e

Re: MBA or CCIE [7:41809]

[Kevin Cullimore]

Fair enough. Thanks for elegantly depicting the real-world factors involved.
I'll always bear a conceptual blind spot concerning individuals in that
category, but I felt compelled to point out that the popular generalization,
as usual, has issues where accuracy is concerned. I would never expect the
business world to be fair, or expect HR professionals who don't specialize
in IT (and, unfortunately, some who do) to accurately interpret the
candidate-specific data they are confronted with.  Since I'm constantly
fighting the practice of jumping to ANY conclusion (and thereby revealing
weaknesses that plague the conclusion-jumper's decision-making processes), I
really can't pass up opportunities to clarify situations which are
publically discussed such as the one we're addressing.



- Original Message -
From: "sakky" 
To: 
Sent: Sunday, April 21, 2002 1:24 AM
Subject: Re: MBA or CCIE [7:41809]


> ""Kevin Cullimore""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > A fair amount of people who focused their academic pursuits on "natural
> > sciences"/mathematics work in the private sector. Some of them have jobs
> > which apply concepts & concrete knowledge that was part of their
> curriculum.
> > Some of them pusued a masters because they could actually learn
something
> > about their field of interest (which can be profoundly hard to do within
> > undergrad programs) or it helped advance their pursuit of compensation
or
> > responsibility. Some really competent Masters students opted to not
pursue
> > PhDs because of the prospects of divorce and minimal returns based on
> their
> > current job status.  If they can't pass the quals, I'm not sure the
> > conferring of the Masters is in order. Conversely, there are PLENTY of
> good
> > reasons to NOT let someone in a PhD. program even if they CAN or DO pass
> > their quals.
>
> On the other hand, many of those master's degrees guys really were guys
who
> couldn't pass their quals.  So whether you had a legitimate reason for
> getting a master's degree or not doesn't really matter in terms of getting
a
> job or for professional prestige or whatever -  you will be deemed 'guilty
> by association' by being lumped together with a bunch of, shall we say,
> rejects.
>
> Is that unfair?  Yeah, it is.  But that's life.   Surely you realize that
HR
> and other hiring directors often make decisions based on what's on a piece
> of paper, and you therefore have no chance to explain the details of your
> situation to them.  The fact is, you are judged by the people you
associate
> with.  If you associate with a bunch of thugs and criminals, you shouldn't
> be surprised when people think you are a criminal yourself.  Now, I'm not
> saying that master's degree holders are criminals, it's just an example
I'm
> using.  I'm just saying that if you associate yourself in a group of
people
> for which there are indeed a large proportion on PhD failures, then people
> will often jump to the conclusion that you are also one yourself.
>
>
> >
> > I've encountered plenty of cases where better experiences can be had
with
> > Mathematics BS grads than CS MS grads, because the math folk don't
assume
> > that four years of algorithms & programming (and ponentially many other
> > topics except real-world microcomputer-based support & networking
> > issues-diclaimer, I'm aware that that is changing at the painfully slow
> pace
> > that most curriculms adhere to when reforming themselves, but the damage
> is
> > done) entitle them to godlike status where their intuitions concerning
> > technologies, formal systems and issues that they have had NO PRACTICAL
> > experience with are concerned. As far as the CS folk in question are
> > concerned, since they already know everything, they can be VERY
difficult
> to
> > train. (I'm aware of the existence of exceptions, but they are not the
> ones
> > making laughingstocks of their respective IT groups, so they do not
occupy
> > as prominent a place in my consciousness)
> >
> > It's interesting that you align CS with engineering, since the
> > knowledge-gathering aspect of CS adheres better to the rhetoric and
ideals
> > of the natural sciences ever could, due to the nature of the subject
> matter.
>
> Well, then I suppose you would also find it interesting to note that the
> vast majority of American universities (don't know about Europe) also lump
> CS into their engineering departments, rather than into their science
> departments .  Sur

Re: MBA or CCIE [7:41809]

[Kevin Cullimore]

A point that might not have been adequately articulated thus far is as
follows:

Until the past couple of years, many CS programs had no mechanisms in place
to ensure that a graduate would be of better value to a corporation
requiring networking or troubleshooting skills than someone without a CS
degree. This is compounded by CS graduates who act as if they ARE better
qualified because they took many courses requiring them to develop code
within the confines of classical programming languages/environments while
avoiding curriculum that emphasized data communications like some manner of
biblical plague. Just as people are likely to generalize based upon
someone's level of education, they are equally likely to adopt inflexible
opinions based upon their exposure to someone who, although talented &
potentially capable of wielding superior cognitive firepower, is not
immediately useful, and in fact obstructive, due to their lack of exposure
to the business world, and their stubborn belief in their own infallability.

For the record, the characteristics I've pointed out are indicative of the
individuals involved, not their field of study. CS is just a natural target
for people who wish to behave this way.

An enlightened approach I've noticed is institutions who require that a
candidate have a degree-not necessarily in computer science-to apply for a
given networking/support (more-accurately: non-programming) position. This
approach seems to form a balanced approach to addressing both sets of
concerns.

Unless I'm missing something terribly obvious (and yes, I'm aware that that
phrase is somewhat [if not doubly] redundant). Feedback?


- Original Message -
From: "nrf" 
To: 
Sent: Sunday, April 21, 2002 2:32 AM
Subject: Re: MBA or CCIE [7:41809]


> ""Chuck""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > one answer to your question might be that real management skills are
still
> > required to run the business.
> >
> > another might be that the venture capitalists and the investment bankers
> > required what they deemed as qualified managers to be part of the
> management
> > team.
>
> Yes I understand.  But either way, you must agree that it's really neither
> here nor there.  At the end of the day, if companies - for whatever
reason -
> want the degree , then the degree is what you will need to provide.
>
> >
> > there can be substantial differences in the skill sets required to be an
> > entrepreneur, visionary, leader, and the skill sets of professional
> > managers. Even innovative tech companies need both.
>
> Absolutely.  However I consider the degree a case of  'playing the
> percentages'.  Yes, you could roll the dice and try to be the next Gates,
> and  it might happen.  But probably not.
>
> Tech companies do indeed need both pro-managers and tech visionaries.  But
> it's not really a case of 'either-or' when a degree is involved.  It's not
> like by getting a degree, you are forfeiting tech visionary capabilities.
> You can have both - you can be both a visionary and have a lot of
education.
> In fact,not only is it possible, it is actually quite likely, because
highly
> educated people in fact tend to tech visionaries, some important
exceptions
> notwithstanding.Gates may have no formal education.  But, for example,
> the guys who founded Intel were all PhD's (Noyce -MIT, Moore - Caltech,
> Grove - Berkeley), and they just so happened to invent rather some
> innovative things like, oh, I don't know, solid-state memory (DRAM) and
the
> microprocessor (those are fairly important inventions, I would say).   The
> Cisco router was invented by a burst of innovation from Bosack and Lerner,
> who just so happen to hold graduate degrees from Stanford.  I could go on
> and on.
>
> Look, my point isn't to tell everybody to go to college, or to tell people
> that only the big schools matter.  Not at all.  Going or not going to
> college is a personal decision that only the individual can make.  And
truly
> it is the case the college is not right for some people.  What I'm saying
is
> that a college degree does hold substantial value, even in a historically
> informal industry like IT.   If you choose not to go to college, that's
> fine, just understand that you are giving up something of value.  Now you
> might decide that the degree is not worth the time and money it takes to
do
> it, or whatever, and that's a perfectly valid calculation for you to make.
> But if you decide not to go, you shouldn't delude yourself into thinking
> that you are not giving up anything of value, because you are.  Maybe it's
> not enough value for you, or, based on your personal circumstances,  not
> enough to justify a proper return-on-investment or whatever, but it's
still
> some value we're talking about here.
>
> >
> > Chuck
> >
> >
> >
> > ""nrf""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > ""William Gragido""  wrote in message
> > > [EMAIL PROTECTED]">news:[EMAI

Re: MBA or CCIE [7:41809]

[Kevin Cullimore]

I'm not sure that the "limited education" part is accurate.

Most extant accounts reveal that his
(not-derived-from-an-accredited-institution, of course) education was
profound enough to leave him bored, truly bored by the academic obligations
imposed upon him during his year at Harvard. I'm trying to imagine a
scenario whereby he graduates, and ONLY earns as much as an exceptional
Harvard graduate. Assuming some kind of visionary insight/prescience,
wouldn't his parents feel cheated by that result after doling out 4 years
worth of IVY-League tuition & room/board???



- Original Message -
From: "nrf" 
To: 
Sent: Sunday, April 21, 2002 1:14 AM
Subject: Re: MBA or CCIE [7:41809]


> ""William Gragido""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Thats not necessarily true.  Bill Gates is an excellent example of
someone
> > with limited education, who went on to be a force to be reckoned with in
> the
> > business world.
>
> You have just provided a standard response - the Gates response.
>
> Several people have used that response against me.  That's why I've
> developed a standard counterresponse.  It goes something like this (I cut
> and pasted it from the site I posted it before:
>
> "...One of the ironies of the tech industry is that while there are
> indeed many tech-icons who do not hold a degree,  these people themselves
> strongly prefer degrees out of job candidates they hire.  For example,
> surely we're all aware of the degree-less tech superstars-  Bill Gates,
> Larry Ellison, Steve Jobs, Michael Dell, and the list goes on.  Yet
> interestingly enough, if you look at the top management teams and Boards
of
> Directors of the companies they run, you will notice that almost
invariably,
> those guys are the only people there who have no degree.  Everybody else
> generally has at least one, if not several degrees, and usually from the
> most famous colleges in the world - Harvard, Stanford, Berkeley, Yale,
MIT,
> Oxbridge, etc.  You would think that if anybody would know the limitations
> of a college education, it would be somebody like Bill Gates.  Yet Gates
> himself has chosen to surround himself with an extraordinarily
well-educated
> management team, so that means that even a dropout like Gates realizes the
> value of the degree.  If Gates thought the degree wasn't particularly
useful
> (and who in the world could make such a claim more credibly than him?),
then
> why didn't he just hire a bunch of  dropouts to be the Microsoft
management
> team?  So clearly there must be something good (very good) about that
> degree."
>
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> > nrf
> > Sent: Thursday, April 18, 2002 3:10 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: MBA or CCIE [7:41809]
> >
> >
> > I understand.  But on the other hand, if you have ambitions to be the
CxO,
> a
> > CCIE  isn't going to cut it.  Like you said, it's a case of what you
want
> > out of life.
> >
> > However, what I will definitely say is this.  If you work for a company
> that
> > is willing to finance your degree at night school, you're a fool not to
> take
> > it.  If you're not the one paying for it, you should get as many degrees
> as
> > you can, because you never know what's going to happen in the future.
> >
> >
> >
> > ""Wes Stevens""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > A lot of it is what you want out of life. I will be 50 in 5 years and
am
> > > perfectly happy playing with cisco's. I make more money then my boss
> with
> > > the mba does and have more job security. What happens if you get laid
> off
> > at
> > > 45 or 50 with a middle to upper management job? If you are not way up
> > there
> > > in the corner office area you are going to have a hard time finding a
> job.
> > I
> > > work for a company in the fortune top 5 that is very stable. Yet this
> > > economy is hitting us also. They are going to cut my office way back
> from
> > > 500 people to 200 by the end of the year. They will offer me a job in
> > > Houston as they can always find a spot for a cisco network engineer.
My
> > boss
> > > and a lot of other are really scrambling. There are no jobs in the
local
> > > market and less chances of them finding a place in another part of the
> > > company as they are cutting back everywhere.
> > >
> > > Just some food for thought.
> > >
> > >
> > > >From: "nrf"
> > > >Reply-To: "nrf"
> > > >To: [EMAIL PROTECTED]
> > > >Subject: Re: MBA or CCIE [7:41809]
> > > >Date: Thu, 18 Apr 2002 14:37:51 -0400
> > > >
> > > >""Drew""  wrote in message
> > > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > > Sean Knox wrote:
> > > > > >
> > > > > >
> > > > > > I was actually heading towards my CCIE, but after getting my
CCNP,
> I
> > > >am
> > > > > > content with that for now and and getting more experience
> > (fortunately
> > > >I
> > > >am
> > > > > > not some new wide-eyed kid in the fiel

Re: MBA or CCIE [7:41809]

[Kevin Cullimore]

A point that might not have been adequately articulated thus far is as
follows:

Until the past couple of years, many CS programs had no mechanisms in place
to ensure that a graduate would be of better value to a corporation
requiring networking or troubleshooting skills than someone without a CS
degree. This is compounded by CS graduates who act as if they ARE better
qualified because they took many courses requiring them to develop code
within the confines of classical programming languages/environments while
avoiding curriculum that emphasized data communications like some manner of
biblical plague. Just as people are likely to generalize based upon
someone's level of education, they are equally likely to adopt inflexible
opinions based upon their exposure to someone who, although talented &
potentially capable of wielding superior cognitive firepower, is not
immediately useful, and in fact obstructive, due to their lack of exposure
to the business world, and their stubborn belief in their own infallability.

For the record, the characteristics I've pointed out are indicative of the
individuals involved, not their field of study. CS is just a natural target
for people who wish to behave this way.

An enlightened approach I've noticed is institutions who require that a
candidate have a degree-not necessarily in computer science-to apply for a
given networking/support (more-accurately: non-programming) position. This
approach seems to form a balanced approach to addressing both sets of
concerns.

Unless I'm missing something terribly obvious (and yes, I'm aware that that
phrase is somewhat [if not doubly] redundant). Feedback?


- Original Message -
From: "nrf" 
To: 
Sent: Sunday, April 21, 2002 2:32 AM
Subject: Re: MBA or CCIE [7:41809]


> ""Chuck""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > one answer to your question might be that real management skills are
still
> > required to run the business.
> >
> > another might be that the venture capitalists and the investment bankers
> > required what they deemed as qualified managers to be part of the
> management
> > team.
>
> Yes I understand.  But either way, you must agree that it's really neither
> here nor there.  At the end of the day, if companies - for whatever
reason -
> want the degree , then the degree is what you will need to provide.
>
> >
> > there can be substantial differences in the skill sets required to be an
> > entrepreneur, visionary, leader, and the skill sets of professional
> > managers. Even innovative tech companies need both.
>
> Absolutely.  However I consider the degree a case of  'playing the
> percentages'.  Yes, you could roll the dice and try to be the next Gates,
> and  it might happen.  But probably not.
>
> Tech companies do indeed need both pro-managers and tech visionaries.  But
> it's not really a case of 'either-or' when a degree is involved.  It's not
> like by getting a degree, you are forfeiting tech visionary capabilities.
> You can have both - you can be both a visionary and have a lot of
education.
> In fact,not only is it possible, it is actually quite likely, because
highly
> educated people in fact tend to tech visionaries, some important
exceptions
> notwithstanding.Gates may have no formal education.  But, for example,
> the guys who founded Intel were all PhD's (Noyce -MIT, Moore - Caltech,
> Grove - Berkeley), and they just so happened to invent rather some
> innovative things like, oh, I don't know, solid-state memory (DRAM) and
the
> microprocessor (those are fairly important inventions, I would say).   The
> Cisco router was invented by a burst of innovation from Bosack and Lerner,
> who just so happen to hold graduate degrees from Stanford.  I could go on
> and on.
>
> Look, my point isn't to tell everybody to go to college, or to tell people
> that only the big schools matter.  Not at all.  Going or not going to
> college is a personal decision that only the individual can make.  And
truly
> it is the case the college is not right for some people.  What I'm saying
is
> that a college degree does hold substantial value, even in a historically
> informal industry like IT.   If you choose not to go to college, that's
> fine, just understand that you are giving up something of value.  Now you
> might decide that the degree is not worth the time and money it takes to
do
> it, or whatever, and that's a perfectly valid calculation for you to make.
> But if you decide not to go, you shouldn't delude yourself into thinking
> that you are not giving up anything of value, because you are.  Maybe it's
> not enough value for you, or, based on your personal circumstances,  not
> enough to justify a proper return-on-investment or whatever, but it's
still
> some value we're talking about here.
>
> >
> > Chuck
> >
> >
> >
> > ""nrf""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > ""William Gragido""  wrote in message
> > > [EMAIL PROTECTED]">news:[EMAI

Re: MBA or CCIE [7:41809]

[Kevin Cullimore]

Fair enough. Thanks for elegantly depicting the real-world factors involved.
I'll always bear a conceptual blind spot concerning individuals in that
category, but I felt compelled to point out that the popular generalization,
as usual, has issues where accuracy is concerned. I would never expect the
business world to be fair, or expect HR professionals who don't specialize
in IT (and, unfortunately, some who do) to accurately interpret the
candidate-specific data they are confronted with.  Since I'm constantly
fighting the practice of jumping to ANY conclusion (and thereby revealing
weaknesses that plague the conclusion-jumper's decision-making processes), I
really can't pass up opportunities to clarify situations which are
publically discussed such as the one we're addressing.



- Original Message -
From: "sakky" 
To: 
Sent: Sunday, April 21, 2002 1:24 AM
Subject: Re: MBA or CCIE [7:41809]


> ""Kevin Cullimore""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > A fair amount of people who focused their academic pursuits on "natural
> > sciences"/mathematics work in the private sector. Some of them have jobs
> > which apply concepts & concrete knowledge that was part of their
> curriculum.
> > Some of them pusued a masters because they could actually learn
something
> > about their field of interest (which can be profoundly hard to do within
> > undergrad programs) or it helped advance their pursuit of compensation
or
> > responsibility. Some really competent Masters students opted to not
pursue
> > PhDs because of the prospects of divorce and minimal returns based on
> their
> > current job status.  If they can't pass the quals, I'm not sure the
> > conferring of the Masters is in order. Conversely, there are PLENTY of
> good
> > reasons to NOT let someone in a PhD. program even if they CAN or DO pass
> > their quals.
>
> On the other hand, many of those master's degrees guys really were guys
who
> couldn't pass their quals.  So whether you had a legitimate reason for
> getting a master's degree or not doesn't really matter in terms of getting
a
> job or for professional prestige or whatever -  you will be deemed 'guilty
> by association' by being lumped together with a bunch of, shall we say,
> rejects.
>
> Is that unfair?  Yeah, it is.  But that's life.   Surely you realize that
HR
> and other hiring directors often make decisions based on what's on a piece
> of paper, and you therefore have no chance to explain the details of your
> situation to them.  The fact is, you are judged by the people you
associate
> with.  If you associate with a bunch of thugs and criminals, you shouldn't
> be surprised when people think you are a criminal yourself.  Now, I'm not
> saying that master's degree holders are criminals, it's just an example
I'm
> using.  I'm just saying that if you associate yourself in a group of
people
> for which there are indeed a large proportion on PhD failures, then people
> will often jump to the conclusion that you are also one yourself.
>
>
> >
> > I've encountered plenty of cases where better experiences can be had
with
> > Mathematics BS grads than CS MS grads, because the math folk don't
assume
> > that four years of algorithms & programming (and ponentially many other
> > topics except real-world microcomputer-based support & networking
> > issues-diclaimer, I'm aware that that is changing at the painfully slow
> pace
> > that most curriculms adhere to when reforming themselves, but the damage
> is
> > done) entitle them to godlike status where their intuitions concerning
> > technologies, formal systems and issues that they have had NO PRACTICAL
> > experience with are concerned. As far as the CS folk in question are
> > concerned, since they already know everything, they can be VERY
difficult
> to
> > train. (I'm aware of the existence of exceptions, but they are not the
> ones
> > making laughingstocks of their respective IT groups, so they do not
occupy
> > as prominent a place in my consciousness)
> >
> > It's interesting that you align CS with engineering, since the
> > knowledge-gathering aspect of CS adheres better to the rhetoric and
ideals
> > of the natural sciences ever could, due to the nature of the subject
> matter.
>
> Well, then I suppose you would also find it interesting to note that the
> vast majority of American universities (don't know about Europe) also lump
> CS into their engineering departments, rather than into their science
> departments .  Sur

Re: TAC [7:42141]

[Kevin Cullimore]

Generally, for the purposes of effecting scaleable call-tracking management,
larger organizations tend to have explicit policies regarding call closure,
specifying intervals  of time which must elapse or a certain number of
unanswered attempts to contact the customer in order to close a call without
the requestor's explicit permission. Almost Invariably, the support
personnel are required to send a form letter requesting that the "end-user"
respond if they are not in agreement with this action.

I've seen the TAC provide high-level weekend support, it just tends to take
a little longer.


- Original Message -
From: "Paul Jin" 
To: 
Sent: Sunday, April 21, 2002 1:40 PM
Subject: Re: TAC [7:42141]


> see inline -
>
> Craig Columbus wrote:
> >
> > In my experience, either side can close the case.
> >
> > I've had TAC close cases that were not even close to being
> > resolved.  I
> > assume that there's some type of reward structure for closing
> > cases quickly.
> >
>
> Generally, the TAC should be asking the customer if the problem has been
> resolved and if the case should be closed.  But depending on
> circumstances, TAC can close it as well.  But usually, I get emails from
my
> TAC engineer asking if the issue has been resolved and can we close the
case.
>
>
> > On another topic, has anyone had the experience that TAC is
> > perhaps
> > slipping a bit when it comes to the quality of the first line
> > engineers?  I
> > don't remember having any problems with TAC until about the
> > time Cisco's
> > stock price started seriously dropping.  Since that time, I've
> > had several
> > occurrences where I've had extremely rude and/or incompetent
> > people
> > initially handle my TAC cases.
>
> Probably because most TAC people are overworked now because of the
layoffs.
> Cisco probably have not been selling much new gears in the last 2 years,
but
> the day to day TAC support business probably never went down, but they
laid
> off people so fewer people are handling the same amount of TAC calls.
>
> And I think certain things that go to development engineer type groups
have
> been taking longer and longer to be resolved.  Something that should take
1
> week, might now take 2-3 weeks.
>
>
> > In each instance, I've had to
> > get rude back
> > and insist that they drop the case and transfer me to their
> > supervisor.  Once transferred, I got the superior TAC support
> > that I'm used
> > to.  I spoke with a colleague about this, and he told me that
> > he's had
> > exactly the same experience.  What's been your experience?  Has
> > this
> > happened with increasing frequency to any of you?
> >
> > Craig




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=42159&t=42141
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Slight digression on Scenario 5 -- choices on real-world [7:42308]

[Kevin Cullimore]

Over time, worthwhile content tends to be read, and sometimes even purchased
first (though possibly not in a timeframe acceptable to the author, on both
counts). I've found that understanding design considerations for networks,
routing protocols & even "routed"protocols make it easier to remember the
concrete details so dear to the hearts & ideologies of the hardware/software
vendor "educational" community.

If people are in it for more than yet another set of letters, or, if they
want to do "it" right, they'll be checking amazon in hopes of an expedited
publication date for this material every couple of days. I'm not sure what
the ratio of those types to the folk in need of more explicit/focused
training materials is, and how the practice of coping with ecomonic
overcorrections will influence that mix in the near future.


>
> A metaquestion here: AFAIK, this is very real-world stuff that the
> CCIE lab is unlikely to get to.  The lab prescribes your methods or
> leaves you only one real choice, and also doesn't tend to state WHY
> you need to do things one way.
>
> This is the sort of thing I'd do in Internet routing training, and in
> fact do in my two Wiley books.  I happen to think this sort of
> knowledge, if you can demonstrate it, gives you a significant leg up
> for working for an ISP, or for an enterprise with extensive Internet
> connectivity. But it doesn't have an associated Cisco certification.
> Is it something that people/companies find meaningful (i.e., worth
> money)?
>
> I ask this, in part, because if I'm going to post methods scenarios
> and possibly get into them commercially, is this kind useful, or
> should I focus more on things likely to be on the lab?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=42308&t=42308
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MBA or CCIE [7:41809]

[Kevin Cullimore]

As much as I stand for everything wrong with american education, I'm not
sure I'm willing to share blame with the university for that mishap. It
seems to me that the institution had something to offer that wasn't taken
advantage of. You are, of course, quite correct that my take on academic ROI
is problematic, but I'd rather it lead someone to reject its implications
than allow it to persist just because it can work as a general
heuristic/guiding notion. My concern with the generalization is this: it
doesn't seem to apply equally. If someone's time spent being lectured at and
working through academic exercises lead one down a path that precludes
opportunity creation, I'm not sure the advanced/elite education has served
you well, ESPECIALLY if you're already operating at a post-graduate level in
the first place. Again this is all based on second-hand accounts, but I
obviously wasn't being clear enough in expressing my position (hence the
followup post). I agree with you concerning the general case, but I maintain
that its weakness is the lack of universal applicability. Feel free to
continue the OT thread privately if you wish.


- Original Message -
From: "nrf" 
To: 
Sent: Tuesday, April 23, 2002 3:42 AM
Subject: Re: MBA or CCIE [7:41809]


> ""Kevin Cullimore""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I'm not sure that the "limited education" part is accurate.
> >
> > Most extant accounts reveal that his
> > (not-derived-from-an-accredited-institution, of course) education was
> > profound enough to leave him bored, truly bored by the academic
> obligations
> > imposed upon him during his year at Harvard. I'm trying to imagine a
> > scenario whereby he graduates, and ONLY earns as much as an exceptional
> > Harvard graduate. Assuming some kind of visionary insight/prescience,
> > wouldn't his parents feel cheated by that result after doling out 4
years
> > worth of IVY-League tuition & room/board???
>
> Well I suppose using that argument you could say that the parents of Ted
> Kaczynski (the Unabomber) must have been REALLY feeling cheated by paying
> for his Harvard degree, right?
>
> What I'm saying is this.  Getting a top degree greatly increases the
chances
> of you succeeding.  But like anything in life, there are no guarantees.
> It's all about playing the odds.  Anything could happen.  But we need to
> deal with what is likely to happen.  The fact is, people who work hard and
> get a good education will probably succeed.  Those who are lazy and
neglect
> their education will probably not succeed.  No guarantees of course.  But
> the odds are with you.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=42312&t=41809
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: I need help with a BVI and MIBs on a Catalyst 8540 [7:42404]

[Kevin Cullimore]

Does an instance found under 1.3.6.1.2.1.2.2.1 exist that corresponds to the
BVI? My guess is yes, but guesses have funny ways of turning on their owners.

If so, what is the value found in 1.3.6.1.2.1.2.2.1.5 for that instance_ID?

It might be constructive to compare that value to the ones found in
cisco-proprietary mibs.




- Original Message -
From: "SNMP2002" 
To: 
Sent: Tuesday, April 23, 2002 4:10 PM
Subject: I need help with a BVI and MIBs on a Catalyst 8540 [7:42370]


> We have an Catalyst 8540 with a BVI.
> There are numerous ports on the switch that are in this bridge group.
> If you look at the BVI interface,
> sh int bvi2:
>
> MTU 1500 bytes, BW 1 Kbit, DLY 5000 usec, rely 255/255, load 1/255
>
> The true speed of the devices plugged into the ports is manually set to
> 100Mbps. But
> using our network management software which reads the MIB in the switch
> interfaces,
> it reads the devices as a speed of 10Mbps.  I think the MIB is using the
> data from
> the BVI (BW 1 Kbit) and not the real port/interface speed.
>
> Does the BVI2 have a true speed of only 10Mbps?  What would it do to change
> the
> BW from 1 Kbit to 10 Kbit (10Mbps to 100Mbps) manually?
>
> Thanks for any ideas.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=42404&t=42404
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP Multihoming Policy [7:43962]

[Kevin Cullimore]

My (admittedly limited/shallow) understanding is that if you buy a corporate
entity, you are also buying their AS number, which dovetails well with the
limited resources the regional registries have available to track & respond
to commercial misdoings.

It might be more instructive to note that AS1 was originally BBN, which only
makes sense, since they are at least partially to blame for all of this fuss
over data connectivity in the first place.


- Original Message -
From: "Chuck" 
To: 
Sent: Sunday, May 12, 2002 2:50 PM
Subject: Re: BGP Multihoming Policy [7:43962]


> ""Howard C. Berkowitz""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > At 12:30 AM -0400 5/12/02, Erwin wrote:
> > >Suppose we are the ISP having 3 different AS connected to users for
> > >multihoming. If it is requested that the users prefer a particular
path,
> say
> > >from AS1, instead of from AS2 or AS3. What is the best way to apply the
> > >configuration? Is it using BGP path selection process criteria, then we
> > >apply weight or Local Preference, or we use the policy for controlling
> > >inbound traffic by configuring MED or AS PATH?
> > >
> > >Thanks in advance
> >
> > I'd need to know a lot more about what problem you are trying to
> > solve.  Are AS1-3 all internal to you, or are some of them your
> > upstreams?  It's highly unlikely that an ISP could get three
> > registered AS, but you could use private ASNs.
>
> In case anyone is interested, AS-1 is registered to Genuity ( formerly
> GTE ), AS-2 is registered to ACES Research out of Phoenix AZ, whcih in
turn
> was sold to RMI Net of Denver a couple of years ago, and AS-3 is
registered
> to MIT. For some reason I kinda doubt this person is connected through all
> three of these. So he is probably using these numbers for simplicity sake.
> ( I would hope )
>
> Idle curiousity - in cases like AS 2, if the buying ISP already has an AS
> number, do they get to keep the one acquired in the purchase? Or does ARIN
> require that to be relinquished? Probably not,  meaning that worlCom must
> have about a dozen AS numbers, but you never can tell.
>
> >
> > Do the users have ASNs of their own? Do any multihome to other
> > providers?  Is their address space provider-assigned? If so, by you
> > or another ISP?
> >
> > Why do you want different paths? Traffic management? Controlling the
> > exit to your upstreams?
> > --
> > "What Problem are you trying to solve?"
> > ***send Cisco questions to the list, so all can benefit -- not
> > directly to me***
> >
>

> 
> > Howard C. Berkowitz  [EMAIL PROTECTED]
> > Chief Technology Officer, GettLab/Gett Communications
> http://www.gettlabs.com
> > Technical Director, CertificationZone.com
http://www.certificationzone.com
> > "retired" Certified Cisco Systems Instructor (CID) #93005




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43981&t=43962
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE- I WILL BE [7:43969]

[Kevin Cullimore]

Please don't discount the value of analyzing & troubleshooting
poorly-designed networks. The learning opportunities are almost unimaginably
vast. OTH, it probably takes sustained exposure to both for an adequate
understanding of how all this stuff is supposed to function/interact.



> Lucky for me, I have a well-designed network to analyze and troubleshoot,
> and I have a 40 router lab to build whatever I want to, to my
heart’s
> content.
>
>
> Karl Thrasher




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=43983&t=43969
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Is IGRP actually supported by other vendors? [7:43994]

[Kevin Cullimore]

It's probably worth distinguishing between IGRP & the rest of the set of
proprietary cisco technologies, since they are more than eager to distance
themselves from any of the features of IGRP that were overridden by EIGRP.
As for impossibility, that's probably a question of the skill set possessed
by the technical folk charged with reverse engineering the IOS code. Few
vendors are bold enough to claim such interoperability without a formal
exchange between their legal representation & whomever performs that role
for cisco.


- Original Message -
From: "nrf" 
To: 
Sent: Monday, May 13, 2002 4:02 AM
Subject: Re: Is IGRP actually supported by other vendors? [7:43994]


> In-line
>  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Nokia might support it, but I have been (fairly reliably) told that
Cisco
> > will *not* be supporting IGRP as of one of the newest IOS releases.  I
> > can't find the announcement on CCO (if there is one), so take with a
grain
> > of salt, but a Cisco instructor was quite adamant about this last week.
>
> That makes sense, considering it's literally been years since I've
actually
> seen a bonafide production network running IGRP.   So it makes sense that
> Cisco is finally ditching this dead wood.
>
> But I'm not asking this question because I'm champing at the bit to
install
> a mixed Cisco/Nokia  IGRP network.  No, I'm asking because if it's true
that
> Nokia really does support IGRP, then that begs the question - what other
> supposedly Cisco-proprietary technologies are like this too?  I'm not
> talking about situations like what Howard stated where Cisco actually has
an
> agreement to provide its technology to other vendors (somehow I doubt that
> Cisco and Nokia have such an agreement),  but I'm talking about full-blown
> vendor compatibility between some other vendor and Cisco.  For example,
does
> anybody know of another vendor that supports, say, EIGRP?  Or CDP?   Now
you
> might say that it would be impossible for another vendor to support these
> technologies, but, hey, Nokia apparently somehow managed to support IGRP,
so
> why exactly couldn't somebody else support, say, EIGRP?
>
> >
> > JMcL
> > - Forwarded by Jenny Mcleod/NSO/CSDA on 13/05/2002 04:44 pm -
> >
> >
> > "nrf"
> > Sent by: [EMAIL PROTECTED]
> > 13/05/2002 01:42 pm
> > Please respond to "nrf"
> >
> >
> > To: [EMAIL PROTECTED]
> > cc:
> > Subject:Is IGRP actually supported by other vendors?
> > [7:43994]
> > Is this part of a business decision process?:
> >
> >
> > Just found this while surfing around.
> >
> > "As a network device, the Nokia IP330 supports a comprehensive suite of
> > IP-routing functions and protocols, including RIPv1/RIPv2, IGRP, OSPF
and
> > BGP4 for unicast traffic..."
> > http://www.nokia.com/securitysolutions/platforms/330.html
> >
> > Every piece of literature I've ever read has stated without fail that
IGRP
> > is proprietary to Cisco.  Yet here's Nokia brazenly claiming that they
in
> > fact support IGRP.  What's up with that?  Unfortunately I don't have an
> > Ipso
> > box lying around that I can actually experiment with.  Can anyone
confirm
> > whether this is true and whether it provides complete interoperability
> > with
> > Cisco?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44015&t=43994
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Bandwidth command!! [7:44055]

[Kevin Cullimore]

An opportunity for misunderstanding that underlies this thread involves the
following:

DEFAULT costs are calculated for cisco OSPF interfaces based upon
traditional bandwidth values associated with interface types. What's not
clear is how the ospf process does this. Does anyone have any insight?


- Original Message -
From: "Priscilla Oppenheimer" 
To: 
Sent: Monday, May 13, 2002 4:42 PM
Subject: Re: Bandwidth command!! [7:44055]


> Setting the bandwidth would affect OSPF also. This isn't necessarily a bad
> thing, though. You probably wouldn't be running both routing protocols on
> the same interface, for one thing. But if you were, then you would want
> them both to use a metric that's based on the actual bandwidth for the
path.
>
> That sounds like good advice from the CCIE Practical Studies book. It
> brings up a subtle point, in addition to the one you pointed out. The
> outgoing interface may have a different level of bandwidth than the
> incoming interface of the router on the other end of a circuit, in some
> implementations. A good example might be a Frame Relay hub-and-spoke
> design. The hub has a larger pipe than the spoke.
>
> Priscilla
>
> At 12:54 PM 5/13/02, Rajesh Kumar wrote:
> >Hi all,
> >
> >CCIE Practical studies - Vol I book - EIGRP chapter says that the
> >bandwidth command used in serial interfaces should be set to a value
> >equal to the remote port speed to which the serial interface is
> >connected to.
> >
> >For ex :
> >
> > RTR 1  --   RTR 2
> >
> > 1.544 Mbps64 Mbps
> >
> >
> >
> > int
> >s0int s0
> > bandwidth 64
> >bandwidth 1544
> >
> >
> >
> >
> >
> >
> >My question is - Is it not going to affect the other routing protocols
> >like OSPF where we set the bandwidth decides the cost of the outgoing
> >interfaces.
> >
> >Can somebody shed some light on this please?
> >
> >
> >Thanks,
> >Rajesh
> 
>
> Priscilla Oppenheimer
> http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44156&t=44055
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DNS - Unicast or Broadcast? [7:44060]

[Kevin Cullimore]

Brian's description is precisely how NT 4 works. I'd say the same for 2000,
but they effected a lot of scary changes to the networking implementation
during their latest OS rewrite. Shortly after the 1st post appeared, I
verified firsthand (ethereal & a browser: most likely much quicker than the
original poster's online search, and more definitive) that 2000 advanced
server behaves this way, but I don't really have access to other versions of
the 2000 software to test with .

In general, you're more likely to find the type of information the original
poster was seeking in articles about how to use network monitor than their
ip white papers, since packet-capturing tutorials like working with
well-defined examples such as DNS.


- Original Message -
From: "Brian Hill" 
To: 
Sent: Monday, May 13, 2002 11:21 PM
Subject: Re: DNS - Unicast or Broadcast? [7:44060]


> Patrick Ramsey wrote:
> >
> > windows clients will actualy send unicast to ALL listed dns
> > servers... Instead of quearying the first, timeout, second,
> > timeout, etc They just assume all will time out and send it
> > to all listed.  but it is definately unicast.
> >
> > -Patrick
>
> Patrick,
>
> Unless you can back this up with a sniff or Q article, I am going to
> strongly disagree with this one. To my knowledge, windows clients actually
> just send to the first server listed. If that server NEVER responds, it
> sends to the second. But if that server responds negatively (i.e. "I can't
> find the host"), the client will never query any other servers, due to the
> fact that the other servers SHOULD (assuming root hints and forwarding are
> correctly configured) respond with the same answer.
>
> Brian Hill
> CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0),
> MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+
> Lead Technology Architect, TechTrain
> Author: Cisco, The Complete Reference
> http://www.alfageek.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44165&t=44060
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE- I WILL BE [7:43969]

[Kevin Cullimore]

Please don't leave out the people who think they are technical, think they
already know what the problem is, feed you interpretations instead of facts
and then want you to take steps to fix the problem that wouldn't work even
if their diagnosis WAS correct.

- Original Message -
From: "MADMAN" 
To: 
Sent: Monday, May 13, 2002 2:57 PM
Subject: Re: CCIE- I WILL BE [7:43969]


> Yes or when there is a problem and you ask, "did you change ANYTHING"
> you get the answer, no.  a long time later after you finally isloate the
> problem the customer says, "oh I didn't THINK that would have any effect
> on..."  You want to say I didn't ask what changes you thought would
> cause the problem...
>
>   Dave
>
> Priscilla Oppenheimer wrote:
> >
> > And add to that cranky users who are entirely dependent on the network
but
> > won't tell you the whole story when reporting problems. ;-)
> >
> > Priscilla
> >
> > At 09:52 PM 5/12/02, Michael L. Williams wrote:
> > >"Larry Letterman"  wrote in message
> > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > A 40 router lab is nice, but its not the same as troubleshooting a
> > > > production network with 20,000 + users at multiple sites.
> > >
> > >Here here and to add to that.  "... a production network with
> > >20,000+ users at multiple sites..." running a variety of multiprotocol,
> > >quirky, sometimes custom-written (read: homemade) applications that are
> > >trying to do whatever on the network coupled with devices from
> whatever
> > >manufacturers that don't play nice ("oh, you need this device in it's
own
> > >VLAN because broadcast traffic makes it crash"), etc, etc
> > >
> > >Mike W.
> > 
> >
> > Priscilla Oppenheimer
> > http://www.priscilla.com
> --
> David Madland
> Sr. Network Engineer
> CCIE# 2016
> Qwest Communications Int. Inc.
> [EMAIL PROTECTED]
> 612-664-3367
>
> "Emotion should reflect reason not guide it"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44190&t=43969
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Is IGRP actually supported by other vendors? [7:43994]

[Kevin Cullimore]

It's probably insufficient to refer to the "source" of igrp without
referring to the "source" for allegedly open standards terminology used to
misdescribe routing protocols such as "distance vector" (hint: NOT cisco . .
.). Then again, when referring to the "source" for IGRP, depending upon the
aspect of the technology you are referring to, better choices to depict as
the "source" of IGRP might include JJ Garcia-Luna-Aceves, Chuck Hedrick or
Len Bosack.

>From Hedrick's report:

This paper really should show Len Bosack of cisco Systems as co-author, and
possibly should also list an

unidentified lawyer at Townsend and Townsend. Most of the ideas behind IGRP
are Len's.

Anyway, none of them work for Cisco (and at least one was kicked out with
extreme prejudice).

While Cisco has a lot of say over what IGRP is and is not, they have no
authority to say what entities are or are not in the set of all objects
defined as "distance vector routing protocols," precisely because they DO
sell routing products.

Granting them that authority is almost as inimical to a better understanding
of the subject matter as letting them define the structure & content of OSI
layers.

- Original Message -
From: "Rick" 
To: 
Sent: Monday, May 13, 2002 6:42 PM
Subject: Re: Is IGRP actually supported by other vendors? [7:43994]


> Priscilla,
> I hate to differ with you on this Hybrid or not but the source says
> it is considered a Hybrid routing Protocol. check the link for yourself
> http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/en_igrp.htm
>
> I myself am not a fan Lammle, but on this one he is right and you are
wrong
> and YES I said you are wrong! EIGRP is as much Link-State as it is
Distance
> Vector.
> Rick
>
> ""Priscilla Oppenheimer""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > At 04:13 PM 5/13/02, Mike Mandulak wrote:
> > >Lammle refers to EIGRP as being a Hybrid of distance-vector and link
> state.
> >
> > That's wrong. EIGRP is not link-state in any way. EIGRP calculates a
flat
> > routing table that lists networks, distance, and next hop (distance
> > vectors). If the list contains multiple entries for a destination
(because
> > there are multiple ways to reach the destination), the entries are
sorted
> > by metric and the one with the lowest metric is selected. This is very
> > different than how a link-state protocol functions.
> >
> > A link-state routing protocol creates a mathematical graph that depicts
> the
> > network. A link-state protocol implements a sophisticated process,
called
> > the Dijkstra algorithm, to determine the shortest path to all points in
> the
> > graph when the nodes and links in the graph are known. Link-state has a
> > specific meaning to computer scientists. You'll find a lot of good stuff
> > about it if you search with Google. A lot of it is not related to
routing
> > protocols.
> >
> > EIGRP does have some features that make it different from other
> > distance-vector protocols. Although EIGRP still sends vectors with
> distance
> > information, the updates are non-periodic, partial, and bounded.
> > Non-periodic means that updates are sent only when a metric changes
rather
> > than at regular intervals. Partial means that updates include only
routes
> > that have changed, not every entry in the routing table. Bounded means
> that
> > updates are sent only to affected routers. These behaviors mean that
EIGRP
> > uses very little bandwidth.
> >
> > EIGRP also determines a feasible successor, which other distance-vector
> > protocols don't do. Its complex metric is also a feature not found in
many
> > other distance-vector algorithms, (except IGRP of course).
> >
> > Please do not send messages to me directly, especially not to quote
Lammle
> > CCNA fluff.
> >
> > Priscilla
> >
> > >He only gives a brief mention of EIGRP and says to refer to the CCNP
> study
> > >guide for more info.
> > >
> > >- Original Message -
> > >From: "Priscilla Oppenheimer"
> > >To:
> > >Sent: Monday, May 13, 2002 3:19 PM
> > >Subject: Re: Is IGRP actually supported by other vendors? [7:43994]
> > >
> > >
> > > > At 02:44 PM 5/13/02, Mike Mandulak wrote:
> > > > >Lamme's CCNA study guide states that the courde and exam only
covers
> > > > >distance-vector routing protocols (RIP and IGRP).
> > > >
> > > > If it only covers distance-vector, then it could cover EIGRP also.
> EIGRP
> > >is
> > > > also distance-vector. I don't think the test does cover it, but it's
> not
> > > > because the test only covers distance-vector. It's probably because
of
> > all
> > > > the extra features in EIGRP, such as the diffusing update algorithm
> > >(DUAL),
> > > > with the feasible successors and all that other BS. Come to think of
> it,
> > > > maybe I'm glad I don't have to cover it! ;-)
> > > >
> > > >
> > > > >- Original Message -
> > > > >From: "Priscilla Oppenheimer"
> > > > >To:
> > > > >Sent: Monday, May 13, 2002 1:27 PM
> > > > >Subject: Re: Is IGRP actually supp

Re: CCIE- I WILL BE [7:43969]

[Kevin Cullimore]

Please don't leave out the people who think they are technical, think they
already know what the problem is, feed you interpretations instead of facts
and then want you to take steps to fix the problem that wouldn't work even
if their diagnosis WAS correct.

- Original Message -
From: "MADMAN" 
To: 
Sent: Monday, May 13, 2002 2:57 PM
Subject: Re: CCIE- I WILL BE [7:43969]


> Yes or when there is a problem and you ask, "did you change ANYTHING"
> you get the answer, no.  a long time later after you finally isloate the
> problem the customer says, "oh I didn't THINK that would have any effect
> on..."  You want to say I didn't ask what changes you thought would
> cause the problem...
>
>   Dave
>
> Priscilla Oppenheimer wrote:
> >
> > And add to that cranky users who are entirely dependent on the network
but
> > won't tell you the whole story when reporting problems. ;-)
> >
> > Priscilla
> >
> > At 09:52 PM 5/12/02, Michael L. Williams wrote:
> > >"Larry Letterman"  wrote in message
> > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > A 40 router lab is nice, but its not the same as troubleshooting a
> > > > production network with 20,000 + users at multiple sites.
> > >
> > >Here here and to add to that.  "... a production network with
> > >20,000+ users at multiple sites..." running a variety of multiprotocol,
> > >quirky, sometimes custom-written (read: homemade) applications that are
> > >trying to do whatever on the network coupled with devices from
> whatever
> > >manufacturers that don't play nice ("oh, you need this device in it's
own
> > >VLAN because broadcast traffic makes it crash"), etc, etc
> > >
> > >Mike W.
> > 
> >
> > Priscilla Oppenheimer
> > http://www.priscilla.com
> --
> David Madland
> Sr. Network Engineer
> CCIE# 2016
> Qwest Communications Int. Inc.
> [EMAIL PROTECTED]
> 612-664-3367
>
> "Emotion should reflect reason not guide it"




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44143&t=43969
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Is IGRP actually supported by other vendors? [7:43994]

[Kevin Cullimore]

It's probably insufficient to refer to the "source" of igrp without
referring to the "source" for allegedly open standards terminology used to
misdescribe routing protocols such as "distance vector" (hint: NOT cisco . .
.). Then again, when referring to the "source" for IGRP, depending upon the
aspect of the technology you are referring to, better choices to depict as
the "source" of IGRP might include JJ Garcia-Luna-Aceves, Chuck Hedrick or
Len Bosack.

>From Hedrick's report:

This paper really should show Len Bosack of cisco Systems as co-author, and
possibly should also list an

unidentified lawyer at Townsend and Townsend. Most of the ideas behind IGRP
are Len's.

Anyway, none of them work for Cisco (and at least one was kicked out with
extreme prejudice).

While Cisco has a lot of say over what IGRP is and is not, they have no
authority to say what entities are or are not in the set of all objects
defined as "distance vector routing protocols," precisely because they DO
sell routing products.

Granting them that authority is almost as inimical to a better understanding
of the subject matter as letting them define the structure & content of OSI
layers.


- Original Message -
From: "Rick" 
To: 
Sent: Monday, May 13, 2002 6:42 PM
Subject: Re: Is IGRP actually supported by other vendors? [7:43994]


> Priscilla,
> I hate to differ with you on this Hybrid or not but the source says
> it is considered a Hybrid routing Protocol. check the link for yourself
> http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/en_igrp.htm
>
> I myself am not a fan Lammle, but on this one he is right and you are
wrong
> and YES I said you are wrong! EIGRP is as much Link-State as it is
Distance
> Vector.
> Rick
>
> ""Priscilla Oppenheimer""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > At 04:13 PM 5/13/02, Mike Mandulak wrote:
> > >Lammle refers to EIGRP as being a Hybrid of distance-vector and link
> state.
> >
> > That's wrong. EIGRP is not link-state in any way. EIGRP calculates a
flat
> > routing table that lists networks, distance, and next hop (distance
> > vectors). If the list contains multiple entries for a destination
(because
> > there are multiple ways to reach the destination), the entries are
sorted
> > by metric and the one with the lowest metric is selected. This is very
> > different than how a link-state protocol functions.
> >
> > A link-state routing protocol creates a mathematical graph that depicts
> the
> > network. A link-state protocol implements a sophisticated process,
called
> > the Dijkstra algorithm, to determine the shortest path to all points in
> the
> > graph when the nodes and links in the graph are known. Link-state has a
> > specific meaning to computer scientists. You'll find a lot of good stuff
> > about it if you search with Google. A lot of it is not related to
routing
> > protocols.
> >
> > EIGRP does have some features that make it different from other
> > distance-vector protocols. Although EIGRP still sends vectors with
> distance
> > information, the updates are non-periodic, partial, and bounded.
> > Non-periodic means that updates are sent only when a metric changes
rather
> > than at regular intervals. Partial means that updates include only
routes
> > that have changed, not every entry in the routing table. Bounded means
> that
> > updates are sent only to affected routers. These behaviors mean that
EIGRP
> > uses very little bandwidth.
> >
> > EIGRP also determines a feasible successor, which other distance-vector
> > protocols don't do. Its complex metric is also a feature not found in
many
> > other distance-vector algorithms, (except IGRP of course).
> >
> > Please do not send messages to me directly, especially not to quote
Lammle
> > CCNA fluff.
> >
> > Priscilla
> >
> > >He only gives a brief mention of EIGRP and says to refer to the CCNP
> study
> > >guide for more info.
> > >
> > >- Original Message -
> > >From: "Priscilla Oppenheimer"
> > >To:
> > >Sent: Monday, May 13, 2002 3:19 PM
> > >Subject: Re: Is IGRP actually supported by other vendors? [7:43994]
> > >
> > >
> > > > At 02:44 PM 5/13/02, Mike Mandulak wrote:
> > > > >Lamme's CCNA study guide states that the courde and exam only
covers
> > > > >distance-vector routing protocols (RIP and IGRP).
> > > >
> > > > If it only covers distance-vector, then it could cover EIGRP also.
> EIGRP
> > >is
> > > > also distance-vector. I don't think the test does cover it, but it's
> not
> > > > because the test only covers distance-vector. It's probably because
of
> > all
> > > > the extra features in EIGRP, such as the diffusing update algorithm
> > >(DUAL),
> > > > with the feasible successors and all that other BS. Come to think of
> it,
> > > > maybe I'm glad I don't have to cover it! ;-)
> > > >
> > > >
> > > > >- Original Message -
> > > > >From: "Priscilla Oppenheimer"
> > > > >To:
> > > > >Sent: Monday, May 13, 2002 1:27 PM
> > > > >Subject: Re: Is IGRP actually sup

Re: CCIE Number [7:44294]

[Kevin Cullimore]

The following excerpt comes from a post by #1026 from a little less than a
month ago:

The first CCIE, #1025, is/was Stewart Biggs.  My understanding is that his
certification has lapsed and he's off doing something else.  I took the test
from him in August, 1993 and became the second CCIE, #1026.  The lab itself
had
a plaque outside the door labeling it as #1024 (a power of two - kind of an
inside joke for networking/compuer jocks).

- Original Message -
From: "Chuck" 
To: 
Sent: Friday, May 17, 2002 11:58 PM
Subject: Re: CCIE Number [7:44294]


> 1024 is definitely a kilobyte.
>
> maybe the correct story is that the Lab will killya, and it bites.
>
>
>
>
> ""Michael L. Williams""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I've heard this before, and I do believe that the first CCIE# given out
> was
> > 1025.  but I also have to believe that part about 1024 being chosen
> > because of the "kill ya (Kilo)" and "hurts (hertz)" is nonsense I
say
> > that because in the non-binary world Kilo = 1000 not 1024.  and
> > since Hertz has been around much longer than bits and bytes, I seriously
> > doubt any scientist considers 1 KiloHertz to equal 1024 Hertz.  =)
> >
> > Mike W.
> >
> > "Kunal Bhatia"  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Here's an interesting little tidbit I picked off of
www.ccbootcamp.com -
> > >
> > > All successful students receive a CCIE number. The first CCIE was
issued
> > > number #1025. Number #1024 was given to the CCIE Lab. They chose #1024
> > > because 1024 is a kilohertz - "The Lab will kill ya (Kilo), and it
hurts
> > > (hertz)."




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44424&t=44294
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Network Design... Hmmm [7:44417]

[Kevin Cullimore]

Is it worthwhile to re-examine the assumption that an individual should
start at one end of the all-important "stack" and work their way to the
other end?

As far as the process itself goes (although, all too often there's not a lot
of process or method associated with design, but I'm sure we're all at least
implicitly aware of that), I'm not sure that the undertakings on behalf of
one layer can be as precisely isolated from one another as the data
structures themselves. If the strategy adopted is bottom-up (thereby
emulating many career paths), I'm not sure that one can tackle layer one
decisions without an understanding of they type & volume of traffic they
will be forced to contend with. For those of you who acknowledge data
connectivity layers > 7, the unreasonable expectations & contradictory
demands of the financial backers would probably need to be addressed first.

Anyway, I'm just wondering if there exist advantages to working out of
order; I'm well aware that certain advantages exist to working IN order . .
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Network Design... Hmmm [7:44417]

[Kevin Cullimore]

I'll defend the practice of analyzing humorous statements as a point of
origin for inquiries potentially leading to insight until the end of time
and beyond. One of the reasons that this is possible is precisely BECAUSE
practices such as "build a network and they will come" occur whether or not
they work, in turn somewhat contributing to the ecomonic viability of
professions shared by some members of the group.


- Original Message -
From: "Steve Watson" 
To: 
Sent: Saturday, May 18, 2002 3:28 PM
Subject: RE: Network Design... Hmmm [7:44417]


> This was not a comparison of network design methodologies, it was mean
> to be humorous (I totally agree with the top down process). The idea of
> "build a network and they will come" simply does not work!
>
> The context of the other book was that no network will function properly
> if Layer 1 is not designed correctly.
>
> BTW, how many is too many? :-)
>
> Steve
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> Priscilla Oppenheimer
> Sent: Saturday, May 18, 2002 2:04 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Network Design... Hmmm [7:44417]
>
> At 08:49 PM 5/17/02, Steve Watson wrote:
> >I am reading Priscilla's book "Top Down Network Design" for the second
> >time for a refresher and decided to hit the pool after I got home.
>
> Thanks for reading Top-Down Network Design. I hope you had a nice swim
> and
> didn't drink too many beers at the pool. ;-)
>
> >On
> >the way out I looked on my book shelf and saw "Advanced IP Network
> >Design" that I haven't had a chance to look at yet. So I took it to the
> >pool with me. When lo and behold, what did I read on page 5, "The best
> >place to start when designing a network is at the bottom".
>
> Out of context, this is completely meaningless. What else does it say?
>
> >
> >
> >Food for thought :-)
> >
> >
> >
> >Steve
> 
>
> Priscilla Oppenheimer
> http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44481&t=44417
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Logic and "Lab Rats" [7:44653]

[Kevin Cullimore]

wow.

(attention G-S moderators: I know you always hoped I'd be at a loss for
words at some point. Nota Bene: this post came closer than most. I apologize
for the tease)

please note that I'm using this thread in a vain hope to render dormant all
sub-threads.

I say wow, partially because where purely non-tangible matters are
concerned, I usually applaud extreme tactics, but in this case I'm
profoundly stumped. Paul Feyerabend is certainly one of my favorite
non-fiction authors, but even he wielded reason against itself. I'm
impressed (and I'm not often impressed by how/the-manner-in-which/ people
think-or at least pretend to), but this post raised the stakes a bit, albeit
unwittingly, refuting reason BY EXAMPLE, therefore providing the only
potentially compelling counterargument to the modification of the subject
line wherein the string "Logic" suddenly plays a part..

taxomonical breakdown:

2 questions contrasted with the output of a 3rd, whereupon the outcome
solves nothing, and the group of two bear a tenuous relation to the third.

The 4th question is profoundly subject to the whims of fortune, temporality,
and the instincts of the poor fellow who would dare use the "L" word on this
newsgroup: based upon the past couple of hundred years of western
civilization or so, I'd say that the intended target has a better chance
than most, especially if he is allowed to draw upon past experience.

Question 5 ignores the public record on the subject, and improperly
contrasts the potential answers of the first set with it's own solution
space.

Whether or not someone remembers cretaceous technologies they have worked
with does not provide a useful predictive measure of their ability to adapt
to change or assimilate new technologies and their nuances.

I'm not sure where the equation between familiarity with the specifics of
predecessor technologies and the practice of perpetuating their continued
usage came from, but certainly not from a sample size relevant enough to
settle this issue.

I'm going to skip a bit, because my potential point of insight has not been
posted by anyone else as best my time-warner internet access point can
reveal.

Taking us to the matter of appreciation: I'm not sure this admonishment is
best directed at someone who provides materials whereby individuals may
study and aspire to be the best, since

A) his materials are profoundly superior to many other competitive products
B) he offers advice from a career marked by a profound lack of stagnation
and a level of maintaining familiarity with emerging standards so extreme
that he would up participating in the development process itself for various
extant standards.

Since your observations don't match the public record, and since the past
100 years of USA public schooling and the profession of psychology have
profoundly failed humanity, I'll not directly address the last comment
except to note that the noun is undescriptive at best.

To address the previous replies:

Peter had excellent insight & wording, but just in case his analysis is not
100% correct (as in, what if he did NOT lose a job to such an individual),
I offer mine in order to force the available quibble space to converge to 0.

Tomas Larus elagantly outlines the issues which concern me.

Ms. McLeod adroitly points out the balance between no testing & too much of
the same.

Adam Lee re-emphasizes the ongoing need for support of the technologies
dismissed out-of-hand by the original poster.

Priscilla provides factual clarification & some fundamental insight.

nrf posts a call for balance as a strategy for intellectual succes in this
industry that binds us. His subsequent posts come the closest to a better
way.

in all cases, the matter boils down to this: your cognitive dualism won't
stand.

to abruptly divide the world between experienced, stubborn, older folk
unfamiliar with the past 7 years of digital computing research, and newly
matriculated folk who lack any exposure to large scale implementations of
the technologies they would purpport to support, is to reduce yourself to
the level of performance that many HR times are unjustly relegated to
(DISCLAIMER: I'm aware of the cases where this is justified . . .).

As the SLJ character in pulp fiction might start it out, THE TRUTH IS, the
one common characteristic people afraid of new things, incapable of testing,
and unfriendly to new ideas have is precisely the following:

the characteristics I just described.

Sure, there exist seasoned veterans who never learned to troubleshoot and
can't handle changing LAN topologies any better than they manage their
waning vitality.

However, there also exist individuals straight out of "accredited" programs
who know all kinds of nuances regarding C programming & assembler theory.
They coast through college complete and fulfilled based upon the realization
that this background COMPLETELY prepares them for desktop, server AND
network/intermediate systems support. these individuals are typ

Re: filter snmp MIB send out on a router [7:44777]

[Kevin Cullimore]

You might be able to accomplish this goal with the view option of the
snmp-server command.

If the message parsing doesn't strip it out, here's a URL that might shed
some light:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_
r/frprt3/frd3001.htm#1023313



- Original Message -
From: "Adam Wang" 
To: 
Sent: Wednesday, May 22, 2002 9:01 PM
Subject: filter snmp MIB send out on a router [7:44777]


> Hi group,
>
> Is there a way to filter the SNMP MIB sned out on a
> cisco router.
>
> For example, I want a community string only send out
> router interface status info.
>
> How would I accomplish this?
>
> Thanks
>
> Adam
>
> __
> Do You Yahoo!?
> LAUNCH - Your Yahoo! Music Experience
> http://launch.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=44795&t=44777
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Spanish Inquisition project [7:44906]

[Kevin Cullimore]

That machine is how I've always thought of netview, at least to the
extremely sophisticated extent to which it wasn't implemented and leveraged
within networks I have supported in the past.



- Original Message -
From: "Howard C. Berkowitz" 
To: 
Sent: Friday, May 24, 2002 10:34 PM
Subject: RE: Spanish Inquisition project [7:44906]


> At 4:42 PM -0400 5/24/02, s vermill wrote:
> >Our chief weapon is suprise...surprise and fear...fear and surprise
Our
> >two weapons are fear and surprise...and ruthless efficiency  Our
*three*
> >weapons are fear, surprise, and ruthless efficiency...and an almost
> >fanatical devotion to the Pope  Our *four*...no... *Amongst* our
> >weapons  Amongst our weaponry...are such elements as fear,
surprise
> >I'll come in again.
> >
> >http://servlet.java.sun.com/javaone/conf/sessions/945/google-sf2001.jsp
> >
> >I'm not sure if these slides are any more serious than the skit.
> >
>
> Consider, in another film by these stellar intellects, the Most
> Important Machine in the Hospital, and its significance to Cisco
> certification.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=45006&t=44906
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Provider Backbone Engineering and CCIEs [7:44876]

[Kevin Cullimore]

It's interesting that by quickly perusing the thread one that one could
infer an equation of troubleshooting tool with "device capable of revealing
the content of packets sent across the transmission medium."

I'd have to agree that making that sort of data readily available to those
stuck bet is not the Cisco router family's /IOS' strong point.

I'd have to note that this is somewhat vendor specific. Nortel routers not
currently serving as dust epicenters in technology museums ARE, to some
extent, packet sniffers (via pcap), but then again, since they didn't
deliberately assemble the most underpowered microprocessor-based boxes they
could get away with, the difference approaches understandability.

I'd have to concur that having packet captures available is my first choice
as far as implements of troubleshooting are concerned (it's amazing what a
dedicated sniffer pc at a remote workstation can do to reduce the number of
sleepless nights spent on seemingly intractable problems).

I'd have to say that I've recently come to regard snmp-enabled CSU/DSU's as
a reasonable substitute for overpriced, media-specific inline WAN packet
capturing tools.

Certain debug argument hierarchies, for example those associated with ppp &
ospf, DO give enough header information to solve some problems such as mtu
negotiation mismatches.

- Original Message -
From: "Priscilla Oppenheimer" 
To: 
Sent: Friday, May 24, 2002 4:30 PM
Subject: Re: Provider Backbone Engineering and CCIEs [7:44876]


> Well, maybe I overstated it a bit. ;-) My main complaint about the debug
> commands is that the output is too cryptic. Also, some of them were
clearly
> designed for the Cisco developers not for the end user of the router
> (network admin, engineer). The information they provide is simply not
> helpful.
>
> Inserting a sniffer can definitely be a pain on a WAN, on the other hand.
> Plus WAN sniffers are terribly expensive. Actually inserting a sniffer is
> more of a pain than it used to be on LANs too. But at least the result is
a
> plain-language decode of every packet.
>
> By the way, do you remember which EIGRP debug commands you used and how
> they helped solve the problem? That might be helpful info for us (if you
> have time to explain, no biggie if you don't.)
>
> Thanks
>
> Priscilla
>
> At 03:35 PM 5/24/02, MADMAN wrote:
> >I have to respectfully disagree,
> >
> >   Done correctly with caution when necessary the router is an excellant
> >and often the only troubleshooting tool. If your unpacking a Sniffer
> >your in deep doo doo as it's quite rare I require it to solve a network
> >problem.  Don't get me wrong, they are essential and have a purpose but
> >too often people are going too deep too fast to solve problems that do
> >not require an analyzer.
> >
> >   I used a couple of EIGRP debugs yesterday to help a hospital whose
> >core 6500 was melting down and for those that do remote support debug is
> >our friend.
> >
> >   DebugDave
> >
> >
> >Priscilla Oppenheimer wrote:
> > >
> > > At 07:32 AM 5/24/02, dre wrote:
> > > >  Cisco router to solve any problem, even those that shouldn't be
solved
> > > >with
> > > >a router!
> > >
> > > And how about all the people who try to turn the router into a
> > > troubleshooting tool? You wouldn't believe how many times I've had to
> > > convince people that the debug commands aren't a replacement for a
> sniffer.
> > > Not only are there issues with eating CPU resources to display the
debug
> > > info, but a lot of the commands don't show packets (which they
> shouldn't).
> > > Also, regardless of whether they show events or packets, they don't
> display
> > > the information in English (in many cases). In fact, many of the debug
> > > commands were written to help Cisco software and hardware developers
do
> > > some debugging on flaky code/hardware. They weren't written to help a
> > > network administrator or engineer.
> > >
> > > I know this is a tangent from the real discussion, but I just wanted
to
> > > make that additional point about a Cisco router not being the solution
to
> > > every problem.
> > >
> > > Priscilla
> > >
> > > 
> > >
> > > Priscilla Oppenheimer
> > > http://www.priscilla.com
> >--
> >David Madland
> >Sr. Network Engineer
> >CCIE# 2016
> >Qwest Communications Int. Inc.
> >[EMAIL PROTECTED]
> >612-664-3367
> >
> >"Emotion should reflect reason not guide it"
> 
>
> Priscilla Oppenheimer
> http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=45013&t=44876
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Jeff Doyle's official response re: lab rats [7:45001]

[Kevin Cullimore]

I'm concerned that his focus is a little too narrow (and possibly distracted
based upon the employer change) to be regarded as "the" authority on the
cert over and above someone like, say, Bruce Caslow. I'm going by the
blueprint, but it seems as if the exam encompasses a wider scope than the
contents of Vol I & II (my opinion probably doesn't count, but I always
regarded those two books as ones to read to gain perspective on routing, not
pass a test).

More importantly, this post underscores a level of description problem with
many portions of the thread.

It's inadequate to only consider the case of a person with just lab
experience vs. the case of the person with no formal/training but (possibly
too) much experience: there exist too many in-between cases where the
outcome differs.

In the case of someone with clear potential who has managed to envelop
themselves in a firm theoretical grounding and a deep empirical
understanding of router behavior under controlled conditions without the
benefit of on-the-job experience, The attitude of employers is all-too-often
to go with the experienced competent individual (all else being equal),
since they can immediately apply their experience to scenarios they have
encountered before, scenarios that would take far too long and consume far
too much in the way of financial equipment to stumble across in a lab
setting.



- Original Message -
From: "cebuano" 
To: 
Sent: Friday, May 24, 2002 9:55 PM
Subject: Jeff Doyle's official response re: lab rats [7:45001]


> Dear fellow professionals,
> In fear of "taking a person's words and using them out of context",
> I decided to ask Mr. Doyle himself. He was kind enough to respond
> to my e-mail, and I'm posting this with the hope of encouraging both
> "lab rats" and gurus alike to aim for knowledge, not only certs,
> and in the process help your fellow man/woman.
> I put my faith in everyone to be civilized and not bash Mr. Doyle's
> reputation, even if you disagree with his point of view.
> Last but not least, I hope that this will put an end to personal attacks
> that have become more common lately, unlike what groupstudy.com
> used to be 2 to 3 years ago when I first signed up.
>
> Thank you.
> Elmer
>
> - Original Message -
> From: Jeff Doyle
> To: elmer
> Sent: Friday, May 24, 2002 2:28 PM
> Subject: Re: Please care to comment on Vol.2 page 792
>
> Hi Elmer,
>
> Thanks for the clarification-- my definition of "lab rat" is a bit
different
> than yours. At Juniper, the lab rats tend to be the most experienced field
> engineers. Nonetheless, under your definition (lab rat = someone with more
> theoretical than practical experience), the statement applies equally to
> those
> with some practical experience and those with little or none.
>
> I know exactly the kinds of "old timers" to which you refer-- typically
these
> are guys who have gained their knowledge gradually over the years through
> practical experience. Scratch the surface of most of these guys, and you
will
> find little understanding of the foundations of the protocols and
> technologies
> they think they are experts at. Therein lies the source of their
derogatory
> attitude toward "newbies": Insecurity in their own skills.
>
> I regularly conduct technical interviews for Juniper, and I can tell you
that
> if a candidate has a deep understanding of the theories and facts of the
> various IP networking protocols, I am impressed regardless of the
candidate's
> practical experience. If the engineer is smart and aggressive, it is easy
> enough to team him or her up with a mentor to add the practical
experience.
>
> There is an opposite view on all this: I've encountered many people with
> CCIEs
> that think the certification is all they need to land a high-level
networking
> job. For me, seeing the CCIE certification on a resume makes me look
closer,
> and is usually enough to make me schedule a face-to-face interview. But
once
> the interview takes place, I expect the candidate to impress me with a
level
> of knowledge that goes well beyond what is required to pass the lab. The
> first
> three or four minutes of the interview is generally enough for me to
> determine
> whether the candidate truly knows his or her stuff, or whether the CCIE
was
> won by learning just what is needed to pass the lab and no more.
>
> All this long-winded reply is saying is: Yes, getting the CCIE will help
you
> get ahead even if your practical experience is limited. It is an excellent
> way
> to prove your capabilities to prospective employers, but be sure the depth
of
> your theoretical knowledge well exceeds the rather limited things you need
to
> know to pass the lab.
>
> As for your two PS's: I used 11-something for most of the book, and wrote
the
> BGP chapters quite early, which accounts for the outdated statement you
cite
> (and a few others). I have been discussing doing a second edition of the
book
> with Cisco Press to bring it up to date. The conflictin

Re: Jeff Doyle's official response re: lab rats [7:45001]

[Kevin Cullimore]

INS. Gobbled up by lucent during the somewhat less-than-rational corporate
atmosphere that reigned supreme not so long ago. I did not mean to imply
that he jumped ship from one to another, merely that he went from an
organization most directly in competition with Cisco's professional services
division to what turned out to be Cisco's most fierce short-term competitor
for the devices we obsess over. His sustained focus on cisco-specific
implementation of routing technologies is readily perceived as a conflict of
interest if he's not directly charged with competitive endeavors.


- Original Message -
From: "Schwantz" 
To: 
Sent: Saturday, May 25, 2002 1:57 AM
Subject: Re: Jeff Doyle's official response re: lab rats [7:45001]


> What employer change are you talking about ? I believe Jeff Doyle was
never
> a Cisco employee.
>
> Schwantz
>
> ""Kevin Cullimore""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I'm concerned that his focus is a little too narrow (and possibly
> distracted
> > based upon the employer change) to be regarded as "the" authority on the
> > cert over and above someone like, say, Bruce Caslow. I'm going by the
> > blueprint, but it seems as if the exam encompasses a wider scope than
the
> > contents of Vol I & II (my opinion probably doesn't count, but I always
> > regarded those two books as ones to read to gain perspective on routing,
> not
> > pass a test).
> >
> > More importantly, this post underscores a level of description problem
> with
> > many portions of the thread.
> >
> > It's inadequate to only consider the case of a person with just lab
> > experience vs. the case of the person with no formal/training but
> (possibly
> > too) much experience: there exist too many in-between cases where the
> > outcome differs.
> >
> > In the case of someone with clear potential who has managed to envelop
> > themselves in a firm theoretical grounding and a deep empirical
> > understanding of router behavior under controlled conditions without the
> > benefit of on-the-job experience, The attitude of employers is
> all-too-often
> > to go with the experienced competent individual (all else being equal),
> > since they can immediately apply their experience to scenarios they have
> > encountered before, scenarios that would take far too long and consume
far
> > too much in the way of financial equipment to stumble across in a lab
> > setting.
> >
> >
> >
> > - Original Message -
> > From: "cebuano"
> > To:
> > Sent: Friday, May 24, 2002 9:55 PM
> > Subject: Jeff Doyle's official response re: lab rats [7:45001]
> >
> >
> > > Dear fellow professionals,
> > > In fear of "taking a person's words and using them out of context",
> > > I decided to ask Mr. Doyle himself. He was kind enough to respond
> > > to my e-mail, and I'm posting this with the hope of encouraging both
> > > "lab rats" and gurus alike to aim for knowledge, not only certs,
> > > and in the process help your fellow man/woman.
> > > I put my faith in everyone to be civilized and not bash Mr. Doyle's
> > > reputation, even if you disagree with his point of view.
> > > Last but not least, I hope that this will put an end to personal
attacks
> > > that have become more common lately, unlike what groupstudy.com
> > > used to be 2 to 3 years ago when I first signed up.
> > >
> > > Thank you.
> > > Elmer
> > >
> > > - Original Message -
> > > From: Jeff Doyle
> > > To: elmer
> > > Sent: Friday, May 24, 2002 2:28 PM
> > > Subject: Re: Please care to comment on Vol.2 page 792
> > >
> > > Hi Elmer,
> > >
> > > Thanks for the clarification-- my definition of "lab rat" is a bit
> > different
> > > than yours. At Juniper, the lab rats tend to be the most experienced
> field
> > > engineers. Nonetheless, under your definition (lab rat = someone with
> more
> > > theoretical than practical experience), the statement applies equally
to
> > > those
> > > with some practical experience and those with little or none.
> > >
> > > I know exactly the kinds of "old timers" to which you refer--
typically
> > these
> > > are guys who have gained their knowledge gradually over the years
> through
> > > practical experience. Scratch the surface of most of these guys, and
you
> > will
> &

Re: Jeff Doyle's official response re: lab rats [7:45001]

[Kevin Cullimore]

I was also under the impression that you can't win,. since people will
invariably oversimplify on the most immediately available data points and
not be swayed from the simplest possible confusion. Upon reconsideration,
maybe it's possible to simply NOT strongly identify Jeff Doyle with any
given certification program or vendor, since engaging in either judgement
inexorably detracts from his stature as an implementer & explainer of
digital computing communication technologies.

Unfortunately, people are not readily moved from stances such as those, so
maybe you CAN'T win.

- Original Message -
From: "Howard C. Berkowitz" 
To: 
Sent: Saturday, May 25, 2002 8:53 AM
Subject: Re: Jeff Doyle's official response re: lab rats [7:45001]


> At 3:34 AM -0400 5/25/02, Kevin Cullimore wrote:
> >INS. Gobbled up by lucent during the somewhat less-than-rational
corporate
> >atmosphere that reigned supreme not so long ago. I did not mean to imply
> >that he jumped ship from one to another, merely that he went from an
> >organization most directly in competition with Cisco's professional
services
> >division to what turned out to be Cisco's most fierce short-term
competitor
> >for the devices we obsess over. His sustained focus on cisco-specific
> >implementation of routing technologies is readily perceived as a conflict
of
> >interest if he's not directly charged with competitive endeavors.
> >
>
> Sometimes it seems like you just can't win. First, I know Jeff and
> he's an honorable guy (for the occasional would-be sniper on the
> list, go look at the acknowledgements in Vol. I of Doyle).
>
> Jeff is/was a CCIE and CCSI. There's the perception of conflict of
> interest because he works for Juniper.  As I said, I avoided taking
> the CCIE exam because I was worried about appearance of conflict of
> interest.  Doesn't seem like either works, does it?
>
> An observation about the carrier market in which Jeff and I play:  as
> opposed to many enterprises, the customers WANT multiple vendors, to
> avoid single points of failure, and to give them leverage with
> vendors.  The market reality would be that a Juniper person HAS to
> stay current with Cisco because they will need to interoperate with
> them.
>
> Second, there is movement among the major vendors.  Many of Juniper's
> key engineers came from Cisco and still have friends there.
>
> Third, outside the sales arena, there is a great deal of engineering
> cooperation. In my own direct experience, I'm the lead author on a
> couple of IETF BGP benchmarking drafts, but  my coauthors are from
> Cisco, Juniper, NextHop, and Nortel. Every one has shared details of
> their implementations, in an honest attempt to come up with a design
> that's fairest to everyone.
>
> For example, there are implementation-specific ways to send updates
> to a BGP router (send all prefixes of a given length together, send
> the least-specific followed by all more-specifics, etc.) that will
> make a particular router converge the fastest.  What the team has
> been doing is coming up with a randomized test stream that is equally
> fair to all implementations.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=45030&t=45001
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: written [7:45056]

[Kevin Cullimore]

Dealing with poorly worded questions can sometimes serve as good practice
for interpreting the inherent incoherence & unrealism characterizing many
customer demands and concerns in real time.

The relevance of the history questions underscores the distinctiveness of
your situation. You are indeed fortunate to not have to contend with legacy
code, but many of us lack the financial independence to adhere to your high
standards, so we're faced with situations where we need to make sure that
the intermediate systems on the far end running code from 1999 can support
the relatively new functionality we were hoping to implement on devices
found at the near end.

Two side notes: Foundry is not the only alternative, and I can verify
firsthand that CCSE<>knowledge of security (although I admit that those
exams contained more questions concerning rfc-based security standards than
any other exams I've taken).


- Original Message -
From: 
To: 
Sent: 26 May 2002 4:44 am
Subject: Re: written [7:45056]


> Yeah but I can sympathize with you man because several times on the test I
> think that Cisco is wrong.  Usually, Cisco is right on and I have to agree
> because the right answer is just here.  However, sometimes I don't think
> the answer is there at all or I think the question is phrased in a way to
> make me fail.  I don't like those questions.
>
> So far, BSCN, BCSI, IDS, VPN, PIX, MCNS and QoS had questions that I could
> not disagree with and though yeah, the correct answer is right here.  The
> questions properly tested my knowledge and if I was wrong, I agreed I was
> wrong.  These are good tests.  Especially the CLI questions, very
> respectable.
>
> However, for CCNA, CCDA, CID, CIT, and CCIE R&S/SEC written, some of the
> questions I thought were more designed to make me fail rather than test my
> real knowledge on the topic.   It was like, I would take sometimes 3
> minutes just to try to figure out what the hell Cisco was asking.  I never
> had that problem with the other tests.  I don't like it either when Cisco
> plays English language word games on the test.  Some of my friends are not
> native English speakers can they can't understand the questions.  In
> particular, I don't like the IOS history questions.  They really get me
> vexed.  Can you imagine this.
>
> Router>
> Router>en
> Password:  
> Question: What IOS version introduced NAT?
> Question: 11.0 (Engineer shouts explictives!)
> Question: wrong
> Question: 10.2
> Question: wrong
> Question: 11.1
> Question: wrong
>
> If my router asked me this I would throw it out the window and go buy a
> Foundry machine asap!  I don't understand why I need to know the history
> of a command.  So far, only Cisco is asking me these silly questions.
> Understanding a topic is quite different from understanding the history.
> Historical questions are just silly I think!I just can't understand
> how I would be a better engineer if I knew the history of commands
> expecially given that I now only use 12.0 and above.  If someone wanted me
> to do below 12.0 I would tell them to find a starving CCIE from Cali!
>
> And get this!  I am a CISSP and a CSS1 and CCSE.  You would think that I
> know security right?  I got a 0% on the CID security section twice!  I
> still don't know why.  How could I not know enough when I got over 900 on
> each of the CSS1 tests all on the first try???  I just don't
> understand sometimes.
>
> Theodore Stout, CISSP
> Senior Security Consultant
> CCSE, CSS1, CCNP, CCDP, MCSE
>
>
>
>
>
>
>
> "Erwin"
> Sent by: [EMAIL PROTECTED]
> 05/26/2002 01:57 PM
> Please respond to "Erwin"
>
>
> To: [EMAIL PROTECTED]
> cc:
> Subject:Re: written [7:45056]
>
>
> How would you know that the particular question does not have a correct
> answer, based on the score you get--69%-- It does not sound convincing to
> me.
> Even you get that question rewarded to you, it does not mean you will get
> 70% since I believe it is calculated using a statistical analysis
> technique.
> Even if you can get 70%, it does not mean that you master the topic well.
> The most important thing is that you understand and master the topics, not
> just "pass pass pass". Try to get distinction or high distinction
> (unfortunately, the exam grade is only pass and fail).
>
> Good luck for your next exam.
>
> ""CJ""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Having obtained 69% and failing the CCIE qualification, There was one
> > question
> > which did not have a correct answer.  Whom do I contact at Cisco address
> this
> > issue. [EMAIL PROTECTED] did not yet replay since the last 4 days.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=45104&t=45056
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Provider Backbone Engineering and CCIEs [7:44876]

[Kevin Cullimore]

The challenges involved in maintaining & expanding a toolkit probably differ
when you contrast hardware-based tools with software-based ones, as well as
the sets of tools used for design/implementation vs. those used for
troubleshooting purposes (although there's certainly some opportunity for
overlap between those two). To expand your set of troubleshooting skills,
simply perform successful analysis of the next connectivity, performance
issue you are charged with without telnetting/consoling to the router.
There's a lot of underexploited features of commonly-deployed software lying
in wait. Now, when you are trying to solve a problem that requires you to
identify the right combination of software/hardware to serve as an
intermediate system, expanding your "toolkit" might not be an option due to
the tendency the manufacturers' have to charge for their products. Maybe an
altheon or a checkpoint might be a better solution for the problem at hand
rather than the corresponding set of router commands that allegedly provide
comparable functionality, but you aren't a billionaire or refuse to buy into
sadistically complex licensing schemes. As usual, real-world outcomes tend
to not always reflect the optimal leveraging of technology. I'd certainly
agree that people don't make enough use of the tools they DO have, both
hardware & software, for both design & troubleshooting purposes, due mainly
to a lack of familiarity with non-standard ways using technology, which may
or may not be linked to a lack of willingness to explore these options.

As far as hammers go, If you order the list from those implements which can
bring the least amount of classical/newtonian force to bear to those
implements which can bring the most amount of force to bear, i'm pretty sure
that you start matching them with cisco routers, and you almost certainly
end up with a different vendor's products when you get to the more powerful
hammers.

I'd appreciate any insight on completing the following:

"If the only tool at your disposal is disconnecting and reconnecting power
cables, then every problem looks like a "

- Original Message -
From: "Chuck" 
To: 
Sent: 25 May 2002 3:48 pm
Subject: Re: Provider Backbone Engineering and CCIEs [7:44876]


> It figures, Howard, that you would have a plethora of sizes and types of
> hammers in your garage. I have only one, and believe me, just about every
> household repair problem indeed looks exactly like a nail. Even the one
> involving the pulling up of carpet to repair the rotted flooring
underneath.
>
> It is absolutely correct that the skilled professional SHOULD have a
variety
> of tools on his/her belt, and SHOULD know how to use those tools, and in
> what circumstances. A number of the real world problems we discuss on this
> list tend to result from the limits of people's expertise. Some folks just
> "try things" until they solve a particular problem. After several months
of
> this they have One Giant Mess, they don't know what to do.
>
> One can hope that the folks on this list are making a best effort to
acquire
> a variety of tools, and the knowledge necessary to use them appropriately.
>
> Chuck
>
>
>
> ""Howard C. Berkowitz""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > At 1:25 PM -0400 5/24/02, Chuck wrote:
> > >""Priscilla Oppenheimer""  wrote in message
> > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > >>  At 07:32 AM 5/24/02, dre wrote:
> > >>  >  Cisco router to solve any problem, even those that shouldn't be
> solved
> > >>  >with
> > >>  >a router!
> > >>
> > >snip for brevity
> > >>
> > >>  I know this is a tangent from the real discussion, but I just wanted
> to
> > >>  make that additional point about a Cisco router not being the
solution
> to
> > >  every problem.
> >
> > This goes beyond tangent. It is a sin.
> >
> > >
> > >
> > >most of us here are really just a bunch of router jocks. what do you
> think
> > >we would use? ;->
> > >when your only tool is a hammer, all your problems look like nails!!!
:->
> > >
> > >Chuck
> >
> > Only tool?  Match up column A and column B (I'm only citing things
> > that actually are in my own shop), and cite the equivalent routers.
> >
> >  tack hammer6" spike
> >  8 oz two-faced mallet  4d finishing
> >  16 oz two-faced mallet 16d galvanized common
> >  10 lb sledge   18gauge brad
> >  16 oz black rubber mallet  8d bright common
> >  16 oz ball-pein3" masonry
> >  drywall hammer drywall nail
> >  8 oz ball pein 2" masonry
> >  2 lb sledge16d bright common
> >  24 oz wood handled carpenter   8d finishing
> >  32 oz all metal carpenter  6d finishing
> >  Meat tenderizer3/4" aluminum roofing
> >  8 oz wood handled carpenterwire staple for Romex
> >  de

Re: written [7:45056]

[Kevin Cullimore]

Just a few clarificatory points inline:
- Original Message -
From: 
To: "Kevin Cullimore" 
Cc: ; 
Sent: 26 May 2002 9:41 pm
Subject: Re: written [7:45056]


> I agree with your statement about poorly worded questions.  However, this
> is just an excuse for a poorly written test!
>
> Oh just for the record, ever hear of a bandwidth domain?  If you have
> please let me know about it because I can't find it anywhere.
>
> I didn't say that only CCSE<>knowledge of security!  (Man if you had any
clue you would have said
> CSS1<> knowledge of security and I didn't say that either!  But why not
> say CCNP/IP<> knowledge of Routing just to be consistant!)

Agreed about your original claim. Unfortunately, i can only speak about the
CCSE since I don't have (and did not sit the exams for) the CISSP or the
CSS1. I could easily make the same (verifiable) claims for 6 other vendors,
which would encompass the CCNP, but I'm not sure that that would have been
relevant to your case.

Given your dissatisfaction with the rigorousness of the tests in question,
the expectation ("would give at least a suggestion") appears to be way out
of line. The expectation also leaves you open for misinterpretations such as
"only CCSE<>knowledge of security!"  Though definitely NOT by me.

What I implied
> was that those 3 tests in combination would give at least a suggestion
> that I do know security enough to not get a 0% on an easier test
> especially with the same vendor!  Additionally, what I said before is that
> the CCSE was a test where I had to memorize answers in order to pass the
> test pure and simple vs Most of Cisco's tests where what I read in a book
> is used the same day on the job. If you know the theory then you know it.
> It will be the same in RSA or a RFC or sometimes even Microsoft or other
> publications.
>
> Oh can I make this clearer?  If I read Doyle, Halabi, Pricilla, Howard or
> Moy, I can not only apply their knowledge to any vendor network, but I can
> pass Cisco tests based on their books and become more educated in the
> process. (I am still making money just from Top-Down)  If I don't know
what these 5 authors are talking about then I need to
> reread them for I will fail to know networking in more than one
> environment. I really didn't have this experience with Checkpoint although
> RFC 2401-2410 did help a bit. With Checkpoint I was pretty much on my own
> and no matter how many times I did the labs and implemented solutions for
> customers, I still didn't help me on the test.  4 routers, Halabi and
> Caslow, and a day in an ISP was all I needed to increase from a 10% to a
> 100% on the BGP section of the BSCN (of yeah about 10 lattes at least).
> That is how tests should be.
>
> Reread what I said about the CCSE again...  The implication is more
> towards the CSS1 and CCIE Sec wri.  I just aced the first RSA test and
> Microsoft design Sec test and what helped me out for them?  Grad School,
> CSS1, CCSE, CISSP, work, RFC 2401-2410, RSA Press, white papers,Maeda.  If
> Cisco can help me get a better score on a non-Cisco test then it should
> help me get a better score on a Cisco test!  Got the point?

I knew the point in advance, I just am forbidden from criticizing
educational endeavors without having endured them myself, no matter how much
of a well-established pattern they might follow to the letter.

>
> Perhaps what you said about my history situation is correct.  If my
> customer have pre 12.0 I just tell them to upgrade or I will not work for
> them.  So far it has worked every time.  The same goes for PIXs.  If they
> are using 5.2 or the 520 I tell them to get 6.1 and upgrade to the 525 and
> po's are signed.  Just force the issue with them or walk away.  It works
> well for me :-)  It makes your company more money too.

It does indeed make your company more money, I've just encountered a
different success rate with the walking away tactic.

>
> I know Foundry is not the only solution.  We have here, Extreme, Juniper,
> NEC, Hitachi, Packeteer, BigIP, among other vendors.  I used Foundry
> because of the straight forwardness of the vendor,

I'm not sure that straightforwardness extends to their documentation or even
product specs; I've seen people make the wrong purchasing decision based
upon bad information received from technical support on topics that were not
covered online.

quality, and price but
> I evaluated the other vendors as well.
>
> Theo
>
>
>
>
>
>
>
> "Kevin Cullimore" 
> Sent by: [EMAIL PROTECTED]
> 05/27/2002 08:44 AM
> Please respond to "Kevin Cullimore"
>
>
> To: [EMAIL PROTECTED]
> cc:
> Subject:  

Re: teaching CCNA [7:45489]

[Kevin Cullimore]

Back in 1999, most vendor certs were pretty intolerant regarding the use of
abbreviations in answers to "fill-in-the-blank" syntax questions. I suspect
that had more to do with limitations of the testing software and the
overwhelming desire to not compensate people for the effort required to
rectify the situation rather than an insistence that people type thousands
of more characters than they need to in order to do their job.

- Original Message -
From: "Priscilla Oppenheimer" 
To: 
Sent: Thursday, May 30, 2002 11:02 PM
Subject: teaching CCNA [7:45489]


> I will be teaching a CCNA class next week. I've never taught an intro
class
> before. ;-) The textbook will be Wendell Odom's "Cisco CCNA Exam #640-607
> Certification Guide." I didn't choose it, but I'm fine with it. I have
some
> questions, however:
>
> Wendell covers Catalyst 1900 configuration in quite a bit of detail.
> Cisco's list of topics for 640-607 doesn't include this, so I'm not
> planning to teach it, and in fact, we won't have a switch in the lab
> probably. Will this be OK? Does anyone know if the 640-607 test has
> Catalyst 1900 configuration questions??
>
> Does anyone know if the test (which now includes router simulation
> questions) allows one to use abbreviations for commands? (such as cop run
> start instead of copy running-config startup-config)?
>
> Token Ring doesn't support multicast (He says this many times.) I know
> IEEE 802.5 does "officially" support it. I also know that many Token Ring
> NICs didn't support it in the early 1990s. Didn't they fix that??? I would
> have thought that Token Ring NIC vendors would have added support for
> multicast by now.
>
> Thanks!
>
> Priscilla
>
> 
>
> Priscilla Oppenheimer
> http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=45590&t=45489
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Interface uptime [7:46221]

[Kevin Cullimore]

Assuming that snmp has not re-initialized since the device itself was last
brought online, you might want to try plotting the delta arising from a
comparison of values associated with the child nodes of 1.3.6.1.2.1.2.2.1.9

and the global system oid

1.3.6.1.2.1.1.3

I have no devices handy to verify the spec with at this time.

Author: Stefan Leemann (195.216.69.---)
Date:   06-07-02 10:33

Is there a possibility to get out an interface uptime from a cisco router 
via SNMP? 

I would like to get a quick overview over Link uptimes with MRTG/RRD. 

Thanks, 
Stefan




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46221&t=46221
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP BPDUs [7:46839]

[Kevin Cullimore]

withinline
- Original Message -
From: "Brian Backer" 
To: 
Sent: 18 June 2002 7:40 pm
Subject: RE: STP BPDUs [7:46839]


> Priscilla,
>
> Quite defensive.  Calm down... I was just explaining where I found my
> information from.  I know they are no idiots and that they know exactly
> what they are talking about

It would be difficult to make that claim on behalf of ALL of them based upon
your thread of posts.

It probably is indicative of something that, even in an economy as dismal
for the employee as the current one, the notion of all members of a given
corporate entity being well-versed in that organization's core competencies
doesn't scale beyond the smallest of sustainable organizations.

We're also probably going to have to rennounce the ideal whereby the
"talent" are involved with, and sign off on, all aspect of a given IT
training curriculum. I'm almost more than certain that people on the list
formerly involved in producing vendor-sanctioned cisco training materials
would NOT want to be associated with the entirety of the end product once it
meandered its way through the rest of the evil corporate empire(I apologize
that I lack the imagination required to formulate an original way of
expressing that notion).

The sad reality is that someone NOT teaching the class prepared the
advertising blurb under discussion. If that is not the case, nrf brought a
mighty compelling point to bear.

>and I certainly wasn't trying to defame them
> then in any way.
>
> However, you are wrong about you generalization statement.  If they were
> generalizing, they would have put those in the section titled "IP
> Multicasting" regardless if it's "IP" or not.

I'm unable to find a generalization statement in the post you're replying
to. What I DO find is an observation concerning common practices surrounding
data communications technology instruction. Whether or not those practices
occur is NOT subject to their lack of correspondence to a temporally linear
sequence of events wherein more general concepts are introduced prior to the
ones they subsume.  Please note that none of these issues depend on the
validity or lack thereof of the order you allude to. Educational efficacy
may or may not correspond to such a descriptively compact methodology.

Specifically, an assertion that instructors tend to start off with a
well-known (as, obviously, contrasted with well-UNDERSTOOD) concept such as
broadcast as a means of more readily achienving some semblance of
understanding when they then move on to multicast, as well as the assertion
that that strategy may have been in play here, are NOT invalidated by the
observation that if the instructor wished to talk about a more general
phenomenon before discussing a special case, that they would not have
succeeded by following the strategy referred to above.

>I personally think it was
> a mistake which really doesn't warrant any further discussion,

I'm in agreement that the original profound misunderstanding of proprietary
technology & spanning tree does not warrant further comment, unlike the
meta-issues subsequently elicited.

>however,
> according to their reply in an email I sent them, I wonder
> B
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> Priscilla Oppenheimer
> Sent: Tuesday, June 18, 2002 6:49 PM
> To: [EMAIL PROTECTED]
> Subject: Re: STP BPDUs [7:46839]
>
> At 05:58 PM 6/18/02, nrf wrote:
> >There it is, I did not engage in a rush to judgment
>
> It was still a rush. ;-)
>
> >, PMG really are idiots.
>
> Why don't you both take the class and see for yourselves? Judging
> someone
> on an outline is awfully superficial. The founder of Pine Mountain Group
>
> has been doing protocol analysis since the early 1980s. I'm sure he
> knows
> what he's doing.
>
> Many experts would bundle multicasts and broadcasts together in an
> informal, overview discussion. I'm sure if you take the class, they will
>
> explain that CDP, BPDU, and HSRP Hellos are really sent to a multicast
> destination, and that should improve performance. Since their classes
> are
> protocol analysis classes, you'll see for yourself what is used in the
> destination MAC address field.
>
> By the way, I say "should improve performance," but it might not. A lot
> of
> NICs are stupid about multicasts and take them all in even if the
> applications have not registered to receive them. In other words, they
> interrupt the host CPU for irrelevant multicasts. So when talking about
> network performance in a non-detailed fashion, it's OK to group
> broadcasts
> and multicasts.
>
> Priscilla
>
>
>
> >""Brian Backer""  wrote in message
> >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Priscilla,
> > >
> > > Please see:
> > >
> > > http://www.pmg.com/nai_wireless.htm
> > >
> > > -Original Message-
> > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf
> Of
> > > Priscilla Oppenheimer
> > > Sent: Tuesday, June 18, 2002 5:06 PM
> > > 

Re: Access-list or Conduit [7:47146]

[Kevin Cullimore]

- Original Message -
From: "Richard Tufaro" 
To: 
Sent: 21 June 2002 3:08 pm
Subject: Access-list or Conduit [7:47146]


> Hey all, I was wondering when configuring rules in a Cisco PIX running
> (6.2), when making your rules, is it better to do access-lists or
conduits?


> Which way is Cisco going on those?

In general, at least for enterprise-class products, anytime cisco borgs a
product line such as catalyst or pix, they expend a great deal of time,
resources & computer programming firepower on rendering the process of
interacting with the underlying operating system as close as possible to the
analogous process involving IOS, for all of the traditional mba-type
reasons.

Apparently, this is not well-known, based upon some extremely contemptuous
looks I received during a not-so-long ago set of interviews. Are people not
aware of the driving forces behind cisco's behavior?

Anyway, it seems like conduits have slightly more advanced functionality
than access-lists, possibly closer to the route-map & prefix-list
mechanisms, presumably to compete with functionality by vendors who boast of
stateful inspection mechanisms (disclosure: my ability to meet financial
obligations depends partially on the success of a competitor of those who
most blatantly leverage that phrase). Does anyone have some real-world
experience that they might use to clarify this issue?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47198&t=47146
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Switch Messages [7:47005]

[Kevin Cullimore]

IIRC, watchdog proccess exist in IOS to compensate for its non-preemptively
multitasking architecture, being invoked when a given process hogs resources
for some arbitrarily-arrived-at interval deemed excessive. If the timer
expires and the OS cannot switch control of the usual suspects to another
process, cisco documentation hints that an involuntary (from the viewpoint
of the LAN administrator, at least) reset might be imminent.

In your case, I'm assuming that the excessive amounts of writes to the
structures reserved for mapping MAC addresses are getting in the way of
other functions.


- Original Message -
From: "Richard Tufaro" 
To: 
Sent: 19 June 2002 3:44 pm
Subject: Switch Messages [7:47005]


> Hey all im trying to troubleshoot some issues with 2 of our switches. Most
> of the error codes I can find, but the watchdog one's I can't find a lot
of
> info on this particular issue. Any help would be appreciated. Events are
in
> chronological order.
>
> 2002-06-19 10:31:46 Local7.Warning Switch 1 2002 Jul 11 12:31:26
> %CDP-4-NVLANMISMATCH:Native vlan mismatch detected on port 2/22
> 2002-06-19 10:31:50 Local7.Warning Switch12002 Jul 11 12:31:31
> %MLS-4-MOVEOVERFLOW:Too many moves, stop MLS for 5 sec(2000)
> 2002-06-19 10:31:56 Local7.Warning switch1 2002 Jul 11 12:31:36
> %MLS-4-MOVEOVERFLOW:Too many moves, stop MLS for 5 sec(4000)
> 2002-06-19 10:32:00 Local7.Warning switch1 2002 Jul 11 12:31:41
> %MLS-4-RESUMESC:Resume MLS after detecting too many moves
> 2002-06-19 14:29:35 Local7.Error switch1 2002 Jun 19 14:30:35
> %SYS-3-P2_ERROR: 4/Watchdog failure (Standard Watchdog Funnel) - system
may
> reset
> 2002-06-19 14:29:35 Local7.Error switch1 2002 Jun 19 14:30:35
> %SYS-3-P2_ERROR: 4/Watchdog failure (Blsk Default Event Queue) - system
may
> reset
> BAM!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47199&t=47005
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF, when is it time for more than area 0 (try 2) [7:47202]

[Kevin Cullimore]

There's no reason not to use regular expressions for ALL of the
troubleshooting steps you mentioned:

#1

HOSTNAME#show ip ospf | i Area|execute
Area BACKBONE(0)
Area has no authentication
SPF algorithm executed 21 times
Area ranges are
HOSTNAME#


#2

HOSTNAME#show processes cpu | i OSPF Hello
   2  165116   1340327123   0.00%  0.00%  0.00%   0 OSPF Hello
HOSTNAME#

- Original Message -
From: "Kelly Cobean" 
To: 
Sent: 21 June 2002 7:34 pm
Subject: RE: OSPF, when is it time for more than area 0 (try 2) [7:47165]


> Here are some commands you can run, and their significance in determining
> whether your OSPF Area 0 routers are working too hard or not:
>
> #show ip ospf:
>Look for:
>"SPF algorithm executed xxx times" - I don't know what constitutes
a
> high number, but if it's in the hundreds or thousands after a relatively
> short period of time, that means that instabilities in your network are
> causing the routers to frequently run the Dijkstra (SPF) algorithm, which
is
> a very processor intensive process.
>
> #show processes cpu:
>Look for:
> "OSPF Hello" - Again, I'm not sure what "high" is, but one of our
> routers that has 1 Broadcast interface, and 13 Point-to-point interfaces
> holds steady at 0.06% processor utilization.  Anyone care to chime in on
> what a high number for this process would be?
> "OSPF Router" - This is the one that will spike during SPF
> calculation, so watch the 5 minute utilization here, if you see it
> consistently high, that probably means it's time to move to multi-area
OSPF
>
> #show processes memory | include OSPF: (the "| include OSPF" just helps
> minimize the junk)
> Look for:
> OSPF Hello & OSPF Router - Not real sure about OSPF Hello, but I believe
the
> memory counter for OSPF router indicates the size of your databases.  If
you
> find these growing large enough to start running the router out of memory,
> it's time to move to multi-area OSPF (again, I don't know what size of
> network it would take to do this, sorry.  Any takers on that one?)
>
>
> The number of SPF calculations and CPU utilization are the two big ones to
> watch our for (and are directly linked to one another)  If you see lots of
> re-calc's and they are holding your processor hostage, then you should
start
> thinking about redesign.
>
>
> HTH,
>   Kelly Cobean
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> bergenpeak
> Sent: Friday, June 21, 2002 8:09 AM
> To: [EMAIL PROTECTED]
> Subject: OSPF, when is it time for more than area 0 (try 2) [7:47129]
>
>
> I've got a rather large OSPF area 0 network with no non-zero
> areas.  This network will continue to grow both in number of
> network elements and number of subnets on these routers.
>
> What commands, and specifically, what information provided by
> these commands, will give me insight as to whether these routers
> are nearing the point, from a routing perspective, that its time
> to segement the network in some fashion?
>
> Thanks




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47202&t=47202
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: serial interface down/down or up/down [7:47101]

[Kevin Cullimore]

Some wrap-up comments:

Challenged by the incompleteness of the cisco-press materials, I attempted
to produce a complete taxonomy mapping configurations/conditions to
interface/line up/down states. An unimaginably short attention-span cut that
short, but I realized that maybe a superset of that information, up/down
states AND the serial indicators shown at the bottom of the show interface
command. That project ended similarly, but I believe that working in the
other direction might be easier, wherein you tackle the task of categorizing
the large set of circumstances responsible for the four interface states by
examining the entirety of the output for both interface & controller show
commands per misconfiguration, and gradually developing a profile for the
entirety of the show output, allowing patterns to emerege that might render
the first line of the show interface command somewhat intelligible.

A real possibility is that the case of the integrated csu/dsu serial
interface might have to be treated seperately from the the one involving a
mere serial interface, due to the lack of interaction with an external
device for those functions.

The two references that dramatically increased my  understanding of layer 1
operations are the paradyne 3160 manual and uyless s black's Physical Layer
Interfaces and Protocols book.


- Original Message -
From: "Priscilla Oppenheimer" 
To: 
Sent: 21 June 2002 8:02 pm
Subject: Re: serial interface down/down or up/down [7:47101]


> At 07:17 PM 6/21/02, Chuck wrote:
> >""Priscilla Oppenheimer""  wrote in message
> >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > I guess the question is too hard for a practice test if NOBODY can
answer
> > > it!?
> > >
> >
> >CL: surprise surprise we all THINK we know the answer byt realy we don't
;->
>
> My messages arrived asynchronously, when I meant for them to arrive
> isochronously. ;-) Seriously, they arrived out of order. Despite all the
> confusion, I do feel like I have an answer now. Thanks to everyone who
> answered.
>
> Priscilla
>
>
>
> > > Here's the thing: Cisco says that a down/down interface means the
router
> > > interface is not sensing a Carrier Detect signal (that is, the CD is
not
> > > active).
> > >
> > > Now, from my studies of V.35 I know that data carrier detect (DCD or
CD)
> > > comes from the DCE side of the V.35 link, carried on pin 8, yadda,
yadda.
> > > It comes from the data interface on the DSU side of the CSU/DSU.
> > >
> > > If the router is correctly connected to the CSU/DSU, will it see CD or
> >does
> > > the answer depend on whether the CSU/DSU is also correctly talking to
the
> > > telco?
> > >
> > > Does "carrier detect" mean literally what it sounds like it means?
Would
> > > the CSU/DSU not assert CD if there was a problem on the telco side?
And
> > > hence the router wouldn't see CD and would say the interface was
> >down/down.
> > >
> >
> >CL: in my old dial up to the BBS days, I always interpreted "carrier" as
> >essentially a completed telephone call. I've carried that "idea" into the
T1
> >world I live in now. however, I think we all know the problem with Frame
or
> >ATM, where the line is up ( i.e. there is carrier ) because of LMI or the
> >ATM equivalent signalling, so dial backup doesn't kick in, even though
end
> >to end is down.
> >
> >
> > > Not something I can easily test. Maybe I better simplify the question.
> ;-)
> > >
> >
> >CL: personally, I enjoy getting into the nitty gritty of how things
really
> >work. Not that I need to, or that it is necessary, even in the
certification
> >quest. It just serves to broaden the perspective. It never hurts to
> >understand things a bit better.
> >
> >
> > > Priscilla
> > >
> > > At 06:34 PM 6/20/02, Priscilla Oppenheimer wrote:
> > > >Hi Group Study,
> > > >
> > > >While writing some questions for a practice test, I found myself
> > > >questioning what I thought was the right answer. Here's the scenario:
> > > >
> > > >A Cisco router serial interface is correctly connected with a good
V.35
> > > >cable to the data port on the DSU side of a CSU/DSU. The CSU/DSU has
> been
> > > >misconfigured for the framing method (SF instead of ESF). The framing
> > > >doesn't match what the provider is using. (The question refers to a
> >CSU/DSU
> > > >that is external to the router, not one that is built into the
router.)
> > > >
> > > >Will the Cisco router serial interface be down/down or up/down?
> > > >
> > > >And, would the answer be any different if the question has to do with
> > > >misconfiguring the encoding (AMI versus B8ZS)?
> > > >
> > > >If you have real-world experience with this, that would help. I have
> read
> > > >the Cisco documentation and the troubleshooting charts, etc.
> > > >
> > > >Thanks
> > > >
> > > >Priscilla
> > > >
> > > >
> > > >
> > > >Priscilla Oppenheimer
> > > >http://www.priscilla.com
> > > 
> > >
> > > Priscilla Oppenheimer
> > > http://www.priscilla.com
> _

Re: STP BPDUs [7:46839]

[Kevin Cullimore]

down-there-line . . .
- Original Message -
From: "Priscilla Oppenheimer" 
To: 
Sent: 22 June 2002 6:19 pm
Subject: Re: STP BPDUs [7:46839]


> The bottom line is that gleaning technical information from a course
> outline is not advisable.

yes

>Saying that they made inaccurate statements is
> ridiculous. They didn't make any statements at all.

that's quite exactly the point. Your pen-pal behaved as if they did.

> There aren't even any
> verbs. It is a course outline, for heaven't sake! It's not even a
> categorization of concepts. It's a description of what will be covered and
> the names of the modules. The theme of the particular module is probably
> overhead traffic (both broadcast and multicast).

yes. again, your pen-pal missed those points.

>
> Sorry, but this one is still bothering me. I can't believe how stupid we
> get sometimes on this list. ;-)

no need to apologize, it obviously bothers other people too. as far as
stupidity is concerned, i'm pretty sure that while limits exist regarding
how smart a sentient creature can behave, no such limits exist for the lower
end of the spectrum.

>But, if we insist on still trying to get
> something real out of this discussion, then the real advice is be careful
> with what you find on the Internet.

exactly.



>


> Priscilla
>
> At 02:14 PM 6/22/02, Kevin Cullimore wrote:
> >withinline
> >- Original Message -
> >From: "Brian Backer"
> >To:
> >Sent: 18 June 2002 7:40 pm
> >Subject: RE: STP BPDUs [7:46839]
> >
> >
> > > Priscilla,
> > >
> > > Quite defensive.  Calm down... I was just explaining where I found my
> > > information from.  I know they are no idiots and that they know
exactly
> > > what they are talking about
> >
> >It would be difficult to make that claim on behalf of ALL of them based
upon
> >your thread of posts.
> >
> >It probably is indicative of something that, even in an economy as dismal
> >for the employee as the current one, the notion of all members of a given
> >corporate entity being well-versed in that organization's core
competencies
> >doesn't scale beyond the smallest of sustainable organizations.
> >
> >We're also probably going to have to rennounce the ideal whereby the
> >"talent" are involved with, and sign off on, all aspect of a given IT
> >training curriculum. I'm almost more than certain that people on the list
> >formerly involved in producing vendor-sanctioned cisco training materials
> >would NOT want to be associated with the entirety of the end product once
it
> >meandered its way through the rest of the evil corporate empire(I
apologize
> >that I lack the imagination required to formulate an original way of
> >expressing that notion).
> >
> >The sad reality is that someone NOT teaching the class prepared the
> >advertising blurb under discussion. If that is not the case, nrf brought
a
> >mighty compelling point to bear.
> >
> > >and I certainly wasn't trying to defame them
> > > then in any way.
> > >
> > > However, you are wrong about you generalization statement.  If they
were
> > > generalizing, they would have put those in the section titled "IP
> > > Multicasting" regardless if it's "IP" or not.
> >
> >I'm unable to find a generalization statement in the post you're replying
> >to. What I DO find is an observation concerning common practices
surrounding
> >data communications technology instruction. Whether or not those
practices
> >occur is NOT subject to their lack of correspondence to a temporally
linear
> >sequence of events wherein more general concepts are introduced prior to
the
> >ones they subsume.  Please note that none of these issues depend on the
> >validity or lack thereof of the order you allude to. Educational efficacy
> >may or may not correspond to such a descriptively compact methodology.
> >
> >Specifically, an assertion that instructors tend to start off with a
> >well-known (as, obviously, contrasted with well-UNDERSTOOD) concept such
as
> >broadcast as a means of more readily achienving some semblance of
> >understanding when they then move on to multicast, as well as the
assertion
> >that that strategy may have been in play here, are NOT invalidated by the
> >observation that if the instructor wished to talk about a more general
> >phenomenon before discussing a special case, that they would not have
> >succeeded by following the strategy referred to above.
> >
> > >I persona

Re: Re: HSRP [7:47177]

[Kevin Cullimore]

Generally speaking, people tend to configure hsrp for addresses serving as
default gateways.

When the client's NIC software initializes & gathers values for the default
gateway (dynamically or otherwise), it arps for the gateway's mac address,
which, under ideal conditions, is answered by the active member of the HSRP
group. If the active member of the HSRP group fails, and the standby ISs can
detect this, They will begin answering on behalf of the mac address
associated with the ip default gateway address.

If the client attempts to speak directly to the other address the router is
maintaining on the same ip network it will arp for the BIA of the IS's
ethernet interface.


- Original Message -
From: "LongTrip" 
To: 
Sent: 23 June 2002 12:44 pm
Subject: Re: Re: HSRP [7:47177]


> So you are saying the client never sees the MAC address of RouterA?  It
only
> sees the MAC address of the "Virtual Router"?
>
> Kim
>
> >
> > From: "Michael L. Williams"
> > Date: 2002/06/23 Sun AM 11:29:24 EDT
> > To: [EMAIL PROTECTED]
> > Subject: Re: HSRP [7:47177]
> >
> > This isn't quite right.  See comments below.
> >
> > "Kim Graham"  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > This brings up a question.  I understand that after the initial "hi I
> will
> > > be handling your requests please use me as your destination mac
address".
> > > (Router talking to client).
> > >
> > > But what happens when the initial router fails and HSRP kicks in?
After
> an
> > > unreachable, would ClientA send out an arp or would RouterB initiate
the
> > > arping to re-establish connections to any client that was using
RouterA
> > > after it noticed that RouterA was not responding?
> > >
> > > Scenario:
> > >
> > >
> > > ClientA - RouterA/B(HSRP) -- ClientB
> > >
> > > ClientA  sends a packet to ClientB
> > > ClientA  talks to the Virtual RouterA/B -- RouterA/B sends to ClientB
> > > RouterA/B tells ClientA -- RouterA will be handling your requests.
> >
> > Router A never tells Client A that "Router A will be handling your
> > requests".  As you mentioned, Client A talks to the Virtual Router via
the
> > Virtual IP address which it ARPs to find the Virtual MAC.  Client A
never
> > knows which of the HSRP routers is "intercepting" and processing it's
> > requests  When Client A sends a frame to the Virtual MAC to go out
of
> > it's gateway, both Router A and Router B "hear" the packet, but only the
> > HSRP Active router will process it.  So if, the janitor steps in and
> unplugs
> > Router A, then after Router B misses enough Hello packets from Router A,
it
> > declares itself the Active HSRP router for that HSRP group, and at that
> > point it starts to process the information sent to the Virtual
IP/Virtual
> > MAC.  This is all transparent to the end clients, Client A in this
example.
> > So as far as Client A knows, it's still sending traffic to the Virtual
IP
> > via the Virtual MAC address it has in its ARP cache.
> >
> > HTH,
> > Mike W.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47243&t=47177
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Re: HSRP [7:47177]

[Kevin Cullimore]

A useful notion to keep in mind is that hsrp and its un-patented
counterparts (you'd think that during the past century, people would learn
from IBM's example, but apparently that isn't the case) are profoundly
asymmetric in scope:

they are concerned with the host->default gateway portion of the
conversation, not the return path (although implementational specifics might
force them to address the return path in some circumstances).



- Original Message -
From: "LongTrip" 
To: 
Sent: 23 June 2002 2:22 pm
Subject: Re: Re: HSRP [7:47177]


> hmmm maybe there was a misunderstanding on my part of an earlier post that
> mentioned "The only time you see the virtual MAC address is on the
original
> request from the host. Forwarded requests and replies don't use it. ".
>
> I understood this to mean that after the initial set up of communications
> that the virtual mac address was not used in subsequent data
transmissions.
>
> This will be one for a lab experiment on my part.  Until I see it the
result
> with my own eyes it will be a question.
>
>
> Kim
>
>
>
> >
> > From: "Thomas E. Lawrence"
> > Date: 2002/06/23 Sun PM 01:08:17 EDT
> > To: [EMAIL PROTECTED]
> > Subject: Re: Re: HSRP [7:47177]
> >
> > Perhaps this will help explain
> >
> >
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c
> > /ipcprt1/1cdip.htm#xtocid23
> >
> > Yes, HSRP creates a single "virtual" IP and MAC pair. Yes, when one
router
> > fails, the standby router "assumes" control of this virtual IP and MAC
> pair.
> >
> > From an end station standpoint, nothing has changed. The end station
knows
> > the virtual IP, as configured in it's own settings, or as received as
part
> > of its DHCP configuration. In either case, no end station knows all of
the
> > IP's of all of the members of the HSRP group. Unless things have changed
> > recently, there is no way to configure multiple default gateways on a
> > Windows machine, at least. This is the reason HSRP, and now VRRP, were
> > developed. If the end station does not already know the MAC of the
default
> > gateway, it sends an ARP request, as is standard operating procedure for
> any
> > host seeking the MAC of an IP. The active router replies with the
virtual
> > MAC.
> >
> > You may also want to refer to the VRRP RFC. VRRP is the open standard
> > intended to replace the several proprietary methods that now exist. The
> > first couple of pages provide a good explanation and a good background
of
> > the problem to be solved.
> >
> > ftp://ftp.isi.edu/in-notes/rfc2338.txt
> >
> > Tom
> >
> >
> >
> > ""LongTrip""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > So you are saying the client never sees the MAC address of RouterA?
It
> > only
> > > sees the MAC address of the "Virtual Router"?
> > >
> > > Kim
> > >
> > > >
> > > > From: "Michael L. Williams"
> > > > Date: 2002/06/23 Sun AM 11:29:24 EDT
> > > > To: [EMAIL PROTECTED]
> > > > Subject: Re: HSRP [7:47177]
> > > >
> > > > This isn't quite right.  See comments below.
> > > >
> > > > "Kim Graham"  wrote in message
> > > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > > This brings up a question.  I understand that after the initial
"hi I
> > > will
> > > > > be handling your requests please use me as your destination mac
> > address".
> > > > > (Router talking to client).
> > > > >
> > > > > But what happens when the initial router fails and HSRP kicks in?
> > After
> > > an
> > > > > unreachable, would ClientA send out an arp or would RouterB
initiate
> > the
> > > > > arping to re-establish connections to any client that was using
> > RouterA
> > > > > after it noticed that RouterA was not responding?
> > > > >
> > > > > Scenario:
> > > > >
> > > > >
> > > > > ClientA - RouterA/B(HSRP) -- ClientB
> > > > >
> > > > > ClientA  sends a packet to ClientB
> > > > > ClientA  talks to the Virtual RouterA/B -- RouterA/B sends to
ClientB
> > > > > RouterA/B tells ClientA -- RouterA will be handling your requests.
> > > >
> > > > Router A never tells Client A that "Router A will be handling your
> > > > requests".  As you mentioned, Client A talks to the Virtual Router
via
> > the
> > > > Virtual IP address which it ARPs to find the Virtual MAC.  Client A
> > never
> > > > knows which of the HSRP routers is "intercepting" and processing
it's
> > > > requests  When Client A sends a frame to the Virtual MAC to go
out
> > of
> > > > it's gateway, both Router A and Router B "hear" the packet, but only
> the
> > > > HSRP Active router will process it.  So if, the janitor steps in and
> > > unplugs
> > > > Router A, then after Router B misses enough Hello packets from
Router
> A,
> > it
> > > > declares itself the Active HSRP router for that HSRP group, and at
that
> > > > point it starts to process the information sent to the Virtual
> > IP/Virtual
> > > > MAC.  This is all transparent to the end clients, Client A in this
> > example.
> > > > So as far as Client A knows, it's

Re: Re: HSRP [7:47177]

[Kevin Cullimore]

A general point to keep in mind is that failover, like monitoring CAN be
over-engineered to the point where mechanisms put in place to address
high-availability needs get in each other's way and undermine the original
intent.


- Original Message -
From: "Chuck" 
To: 
Sent: 23 June 2002 3:30 pm
Subject: Re: Re: HSRP [7:47177]


> ""Kevin Cullimore""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > A useful notion to keep in mind is that hsrp and its un-patented
> > counterparts (you'd think that during the past century, people would
learn
> > from IBM's example, but apparently that isn't the case) are profoundly
> > asymmetric in scope:
> >
> > they are concerned with the host->default gateway portion of the
> > conversation, not the return path (although implementational specifics
> might
> > force them to address the return path in some circumstances).
> >
>
> CL: good point. in my experience, in the quest for 100% up time, the
process
> still depends upon routers at either end to determine the reachability and
> account for that in the routing protocol. for example, I have my HSRP
pair,
> and each has a WAN link to different carriers. Those links terminate into
> some central network somnewhere.
>
> CL: so when the remote site HSSRP primary fails, two things have to
happen.
> 1) the failover router has to take over and 2) the routers at the far end
of
> the links have to note the link failure to the primary, mark that route as
> down, and start using the secondary path.
>
> CL: seems to me this is the flaw in the system. Might be fine if you are
> using HSRP merely as failover connectivity to the internet. May not be so
> fine if you are using HSRP as failover from a branch office to HQ.
Depending
> on the aplication. Depending upon the time it takes to get the new routes
in
> place.
>
>
> CL: as an aside, I just had a convcersation along these lines with a
> customer, to whom I had to explain at length what HSRP was, what it did,
how
> it behaved, and therefore why what he was thinking was probably not a good
> idea. Not that we couldn't have done it. But that in the end what the
> customer wanted me to do wuld have put him at more risk than if he left
> things as they were. Not to mention the loss of bandwidth that HSRP would
> have created for him.
>
>
> >
> >
> > - Original Message -
> > From: "LongTrip"
> > To:
> > Sent: 23 June 2002 2:22 pm
> > Subject: Re: Re: HSRP [7:47177]
> >
> >
> > > hmmm maybe there was a misunderstanding on my part of an earlier post
> that
> > > mentioned "The only time you see the virtual MAC address is on the
> > original
> > > request from the host. Forwarded requests and replies don't use it. ".
> > >
> > > I understood this to mean that after the initial set up of
> communications
> > > that the virtual mac address was not used in subsequent data
> > transmissions.
> > >
> > > This will be one for a lab experiment on my part.  Until I see it the
> > result
> > > with my own eyes it will be a question.
> > >
> > >
> > > Kim
> > >
> > >
> > >
> > > >
> > > > From: "Thomas E. Lawrence"
> > > > Date: 2002/06/23 Sun PM 01:08:17 EDT
> > > > To: [EMAIL PROTECTED]
> > > > Subject: Re: Re: HSRP [7:47177]
> > > >
> > > > Perhaps this will help explain
> > > >
> > > >
> > >
> >
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c
> > > > /ipcprt1/1cdip.htm#xtocid23
> > > >
> > > > Yes, HSRP creates a single "virtual" IP and MAC pair. Yes, when one
> > router
> > > > fails, the standby router "assumes" control of this virtual IP and
MAC
> > > pair.
> > > >
> > > > From an end station standpoint, nothing has changed. The end station
> > knows
> > > > the virtual IP, as configured in it's own settings, or as received
as
> > part
> > > > of its DHCP configuration. In either case, no end station knows all
of
> > the
> > > > IP's of all of the members of the HSRP group. Unless things have
> changed
> > > > recently, there is no way to configure multiple default gateways on
a
> > > > Windows machine, at least. This is the reason HSRP, and now VRRP,
were
> > > > developed. If the end station does not already know the MAC of the
> &

Re: Re: HSRP [7:47177]

[Kevin Cullimore]

It's a problem when:

people assume that symmetry exists when HSRP & similar L3 failover
technologies are implemented.

It's a problem getting in the way of:

people's understanding of those failover technologies.

Otherwise, I'm thinking that the flexibility (wherein conversations in
different directions may be treated differently) is quite welcome.

Comments?

- Original Message -
From: "Howard C. Berkowitz" 
To: 
Sent: 23 June 2002 3:54 pm
Subject: Re: Re: HSRP [7:47177]


> At 3:08 PM -0400 6/23/02, Kevin Cullimore wrote:
> >A useful notion to keep in mind is that hsrp and its un-patented
> >counterparts (you'd think that during the past century, people would
learn
> >from IBM's example, but apparently that isn't the case) are profoundly
> >asymmetric in scope:
> >
> >they are concerned with the host->default gateway portion of the
> >conversation, not the return path (although implementational specifics
might
> >force them to address the return path in some circumstances).
>
>
> Kevin, how is the asymmetry a problem? The HSRP linked routers
> presumably have the same routing tables, although the backup might
> have to ARP for its first packet forwarded. Even if that's an issue,
> promiscuous ARP learning shouldn't be all that much of a problem.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47267&t=47177
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Rogue Wireless LANs [7:47287]

[Kevin Cullimore]

- Original Message -
From: "Priscilla Oppenheimer" 
To: 
Sent: 24 June 2002 2:26 pm
Subject: Re: Rogue Wireless LANs [7:47287]


> At 11:54 AM 6/24/02, chris wrote:
> >WEP for starters, then you can set the acccess point to only accept
> >connections from specific MAC addresses.
>
> I don't think he was asking how to secure a wireless network. He was
asking
> how to control non-IS user types from installing new equipment on the
> network, including wireless LANs.
>
> The question is as old as the hills, really. I remember back in the olden
> days when we had similar problems because people would add modems and
> software-based routers, etc.

Those problems might constitute an instance where the plaintext
authentication mechanisms that modern routing protocols support could serve
a purpose other than RFC-2223 compliance. Their use generally don't provide
an adequate level of security, but they might provide enough of an obstacle
to deter some of the end-users bent on bringing the network down via their
participation on (in?) it.

>
> Anyway, about the only modern solution I can think of is the MAC-based
> security on switches.
>
> Presumably for this rogue wireless network to work, they first installed
an
> access point into an Ethernet port. That access point has a different MAC
> address than the device that's "supposed" to be on that switch port. So
> MAC-based security on the switch would help because it would say only let
> the configured MAC address in. (I think that's how it works?)
>
> It's probably a huge hassle to do MAC based security, however.
>
> The other solution is based on the eighth layer of the OSI model:
Policies.
> Make your users sign an Acceptable Use Policy statement and make sure
there
> are consequences if they go against it (torture chambers and the like.)
>
> Priscilla
>
> >You can implement LEAP on the
> >cisco AP, radius/tacacs+ requiring user/pass.  Then you could place the
AP
> >outside the LAN/Firewall and require VPN to access the LAN resources.
> >
> >Cisco has good whitepaper on securing wireless.  What you have
experienced
> >pretty common.
> >
> >Chris
> >""Patrick Donlon""  wrote in message
> >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > I've just found a wireless LAN set up by someone in the building, I
found
> >it
> > > by chance when I was checking something with a colleague from another
> >dept.
> > > The WLAN has zero security which is not a surprise and lets the user
into
> > > the main LAN in the site with a DHCP address served up too! Does
anyone
> >have
> > > any tips on preventing users and dept's who don't think about security
> >from
> > > plugging whatever they like into the network,
> > >
> > > Cheers
> > >
> > > Pat
> > >
> > >
> > >
> > > --
> > >
> > > email me on : [EMAIL PROTECTED]
> 
>
> Priscilla Oppenheimer
> http://www.priscilla.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47343&t=47287
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: New Subnet Rule [7:47670]

[Kevin Cullimore]

It seems to have more to do with the nature of the code forced to interpret
it than any inherent properties of the number corresponding to the address

- Original Message -
From: "Howard C. Berkowitz" 
To: 
Sent: 30 June 2002 5:55 pm
Subject: Re: New Subnet Rule [7:47670]


> At 8:44 PM -0400 6/29/02, Priscilla Oppenheimer wrote:
> >At 12:49 PM 6/29/02, Michael L. Williams wrote:
> >>I have successfully used both an "all-zeros" and an "all-ones" subnet on
> >>Windows 9x.  (192.168.0.0/24 and 192.168.255.0/24)  Works fine.
> >
> >Those aren't subnets, though, since it's class C.
> >
> >Priscilla
>
> Ah, Priscilla, Priscilla, Priscilla.  And all along I respected you
> because I thought your design thinking had no class.
>
> It would be accurate to say 192/8 is the traditional Class C space,
> with the assumption of a /24 mask. To have shorter masks in that
> space does imply CIDR awareness, but there can still be significant
> problems -- and carrier filtering issues -- merely because something
> is in 192/8.
>
> Ironically, I once had a /22 in 192/8, which was generally subnetted
> into /25's. There were a couple of sites where I could have used a
> /24, but chose not to because any /24 tends to draw unneeded
> attention of the Address Vigilantes.
>
> >
> >
> >>Mike W.
> >>
> >>"Kazan, Naim"  wrote in message
> >>news:[EMAIL PROTECTED]...
> >>  > Ok, now that we know the answer to that question? Will windows
support
> >  > > subnets 0-255.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47803&t=47670
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Off Topic - speculating on Lab equipment [7:48268]

[Kevin Cullimore]

Based on the company's focus, it's quite possible that people with a
financial stake in cisco's future are more concerned about getting customers
to purchase internetworking gear at rates similar to those experienced
during the last decade. Since a lot of gear out there consists of 25xx
series devices, I can see how forcing early replacement of those devices via
obsolesence might become a significant priority, thereby allowing them to
sidestep questions over whether or not their code is as efficient (in
various senses of the word) as it could be (which, in turn, affects the
hardware specifications that must be adhered to in order to run a given
version of IOS). If a side consequence is that their certs carry more
weight, I can't see how they wouldn't welcome that (while at the same time
conspiring to divert a greater percentage of would-be candidates' incomes
towards purchases of preparation materials that cisco directly profits
from). Market forces will eventually bring about the exclusion processes
referred to in this thread, the rest devolves to questions concerning how
gracefully and by what causal mechanisms those changes come to pass. Anyone
with better insight into Cisco's motivations & priorities, please correct
me.

Experience requirements can probably help raise standards applied to
certification candidates, but it's worth keeping in mind that plenty of IT
jobs allow their holders to coast, earning years of experience without
requiring that they noticeably improve or update their skill sets.

- Original Message -
From: "Chuck" 
To: 
Sent: 07 July 2002 8:13 pm
Subject: Re: Off Topic - speculating on Lab equipment [7:48268]


> not so long as Cisco is making a bundle selling "CCIE" study books and
CCIE
> Lab slots. ;->
>
> Besides, the driver here is the channel partner situation, not the end
user
> situation. As you recall, it was at the time stated that the primary
reason
> for moving to the one day lab was to help out their channel partners. The
> unforeseen consequence of the one day lab seems to have been that the lab
> backlog is as long as ever.
>
> The CISSP folks finally got wise to the certification phenomenon in their
> field as well. I seem to recall seeing some study materials in Borders
last
> time I was there. It is interesting that their response was to require
more
> verifiable experience, rather than more money for their test ;->
>
>
>
> ""John Kaberna""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > That is why the CCIE program should adopt a similar rule to the CISSP.
> You
> > must have 3 years (as of this January it's 4 years) of verifiable
> experience
> > in security to take the CISSP.  Cisco should require that candidates
have
> at
> > least 4 or 5 years of Cisco experience prior to qualifying for the lab.
> If
> > a person lies they are automatically forbidden from ever attempting the
> CCIE
> > again.  The lab rat problem would be for the most part solved.  You
might
> > have a few liars, but when those people blow up someone's network they
> could
> > be reported to Cisco so that they can investigate if the person lied
about
> > their experience.
> >
> > John Kaberna
> > CCIE #7146 (R/S, Security)
> >
> >
> > ""nrf""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > ""Chuck""  wrote in message
> > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > > just did some looking around on CCO. checking the current state of
the
> > art
> > > > for IOS images for the 25xx routers we all know and love so dearly.
> > > >
> > > > it's looking like the images are getting so bloated that pretty soon
> > they
> > > > will exceed the physical limits of the router flash and dram.
> > > >
> > > > this could be disastrous to all us lab rats ;->
> > >
> > > I know this is going to sound so bad when I say this.  But maybe
that's
> > the
> > > point - to cut down on the number of lab-rats.
> > >
> > > Yeah yeah, I know a bunch of you are going to read that and
immediately
> > jump
> > > all over me.  You're going to say things like "People should be
allowed
> to
> > > learn what they want" and "Information wants to be free" and that kind
> of
> > > thing.
> > >
> > > All I have to say is this.  Learning how to be, say,  a doctor is not
> > free -
> > > it's unbelievably expensive. Not everybody who wants to be a doctor is
> > > allowed to be one.   You can't just decide that you want to learn
> surgery
> > > and then just expect somebody to give you a bunch of cadavers so you
can
> > > start cutting them up.   You can't just walk into a hospital and
demand
> > that
> > > somebody start teaching you medicine.  And this is true of just about
> any
> > > profession - law,  investment-banking, pharmacy, engineering,
> > pro-athlete,
> > > you name it.
> > >
> > > The fact is, all professions operate on the principle of exclusion.
> Yes,
> > I
> > > know that sounds rough, but that's life.  Not everybody who wants to
be
> a
> > > doctor gets t

Re: OSPF Route Summary [7:49085]

[Kevin Cullimore]

You'd probably be well-served to distinguish between a mask you wish to use
at each site vs. a mask used for the purposes of summarization. The
interface or subinterface used as a gateway for these networks should
probably incorporate your suggested mask within their respective
configurations, since you do wish to maintain 2 or more layer 3 boundaries
at each site. Routing protocol summarization statements should probably
reflect the mask your supervisor specified, unless other, as-yet unmentioned
considerations would prevent that.


- Original Message -
From: "John Brandis" 
To: 
Sent: 17 July 2002 10:56 pm
Subject: OSPF Route Summary [7:49085]


> G'Day All,
>
> A client has sent me a list of IP's that are to be used in a new global
> network. Our Global network will IP is 10.64.x.x  . Now, for for each
> office, we will have two networks, for example, Paris is 10.64.4.0 through
> to 10.64.6.0 . The only exception is Sydney, where the client will have 4
> networks, 10.64.0.0-10.64.4.0 . Now I wish to use at each site, subnet
mask
> 255.255.255.0 (24bit), however to summarise my routes in OSPF, my superior
> has handed me this
>
>
> Sydney 10.64.0.0./22
> Paris 10.64.0.4./23
> LA 10.64.0.6./23
> NYC 10.64.0.8./23
>
>
> This looks wrong to me. What am I missing.
>
>
> John Brandis
>
>
>
> **
>
> visit http://www.solution6.com
> visit http://www.eccountancy.com - everything for accountants.
>
> UK Customers - http://www.solution6.co.uk
>
> *
> This email message (and attachments) may contain information that is
> confidential to Solution 6. If you are not the intended recipient you
cannot
> use, distribute or copy the message or attachments.  In such a case,
please
> notify the sender by return email immediately and erase all copies of the
> message and attachments.  Opinions, conclusions and other information in
> this message and attachments that do not relate to the official business
of
> Solution 6 are neither given nor endorsed by it.
> *




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=49102&t=49085
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: private addressing [7:49083]

[Kevin Cullimore]

It's probably not valid to frame the question as one that stands to confirm
or deny the validity of a denifition such as that applied to the notion of a
class C address based upon the behavior exhibited by a given implementation
of old-style tcp/ip. Unlike many parts of life, in this case the definition
supercedes the implementation.

Conversely, in the context of scrutinizing cisco's rip implementation, your
questions are quite timely & relevant. I'd love to know the answers myself.

It's obvious that cisco has a reason to stand behind & invest effort into
their igrp/eigrp implementation.

Based upon both Fred Baker's pivotal role in crafting RFC 1812 and his
professional affiliations, their effort in maintaining a competitive OSPF
implementation comes as no surprise (I fully admit that those observations
may not have had any causal affect or effect on actual events, but i wonder
if the reality of their unrobust rip implementation might have encouraged
them to more fervently refine & enhance their OSPF implementation).

But I've always wondered why they have been several steps behind other
competitors as far as their RIP implementation is concerned, in terms of
both controlling and diagnosing its behavior.

The simple answer is one indirectly implied in threads from many months
back, that their proprietary "hybrid" (whatever that means outside the
context of gatherings of marketing executives) protocol effort left them
with little motivation to direct a sufficient quantity of their programming
wherewithal & might towards a truly robust rip implementation

Is there more to it? The few high level Cisco engineers I've interacted with
seemed well-versed in all commonly-adopted routing protocols EXCEPT RIP,
indicating somewhat of a pattern corporate-wide.

Nota Bene: my reference point is Wellfleet's RIP implementation, which
mattered a lot more when both wellfleet & rip were more prominent
participants in the capital "I" internet and the enterprise organizations
which fed off of it.




- Original Message -
From: "cebuano" 
To: 
Sent: 18 July 2002 5:08 pm
Subject: RE: private addressing [7:49083]


> Howard,
> Since 192.168/16 is supposedly Class C, can you tell me why if I
> configure RIPv1 it allows me to configure "network 192.168.0.0" instead
> of giving me an error? I've tested it and of course it does not generate
> or accept any updates until you change it something like 192.168.10.0.
> Although it reports when you do a "sh ip prot" that it is routing for
> networks 192.168.0.0 and 192.168.10.0. Is this a Cisco IOS "feature"?
> I guess the same thing holds true with my question on the 172.16/12
> Private IP. Thanks in advance for your input.
>
> Elmer
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
> Howard C. Berkowitz
> Sent: Thursday, July 18, 2002 9:11 AM
> To: [EMAIL PROTECTED]
> Subject: Re: private addressing [7:49083]
>
> >Can anyone tell me.
> >
> >172.16.0.0 - 172.31.0.0 is used for class B private addressing..
> >
> >That means that it can use 16 class B network address
> >
> >Now, let say I wan to use 172.35.0.0 block, so is this consider a
> private
> >address or a public address ?
>
> Public.
>
> The private blocks are
>
> 10/8
> 172.16/12
> 192.168/16
>
> Again, the sooner you stop thinking in classful terms, the easier
> real-world addressing becomes.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=49213&t=49083
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Priscilla Oppenheimer [7:49347]

[Kevin Cullimore]

> I think I come to the same conclusion that you did, which is that you can
> ping an unnumbered serial interface. It's kind of stretching the truth
> though. You're pinging the router, but are you really pinging the serial
> interface when you're using an address that is not associated with the
> serial interface?

Proxy ICMP? (Does the source address contained in the echo replies affirm
that possibility?) It seems as if designating certain details as
implementation-specific might serve to partially undermine the scope of
standard diagnostic protocols. In the simple case, If a device on the far
side of one and only one serial link responds to pings even though the
interface is unnumbered, you might reasonably infer that the interface is
healthy enough to serve its traditional purpose (although you might have to
sacrifice the level of diagnostic detail you are privy to when the interface
is explicitly configured with a distinct ip address). If you have multiple
unnumbered serial links to the same host, an echo reply surrenders some of
its diagnostic credibility. If you are merely concerned with reaching the
host and destinations behind it, this affirms the motivation & proper
behavior of a loopback address. If you have non-trivial policy-routing in
place, or some arrangement that exhibits a similar reliance upon the actual
paths traversed, your reachability checks might lead you even further from
the realtime status information you seek.

>But I admit, I'm acting like Bill Clinton now and
> questioning the meaning of words. ;-)

It seems as he was quite comfortable to merely use them & leave the
questioning to others.
Even when cornered & forced to provide interpretation, his convictions were
unwavering & left no room for question or debate of any kind. HE didn't have
questions, the impeachment committee did . . .

> Trace route works too, by the way, even when the Ethernet interface is
down.
> I don't have an easy way to test SNMP. It might work too.

> Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=49617&t=49347
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: show process cpu and the interrupt value [7:49954]

[Kevin Cullimore]

> > The next time the scheduler runs, it notes the packet in the input queue
of
> > ip_input (assuming it was an IP packet), and schedules this process to
run.
> >
> > With fast switching, the CPU is interrupted, and the packet is actually
> > switched at that time.
>
> Yup, that's how I understood it as well. The CPU must be interrupted in
> all cases, because otherwise, how could it know a packet had arrived?
> Unless you're doing distributed switching of some kind, of course; in
> that case, the receive interrupt needn't be seen by the main CPU at all.
>
> > However, I wasn't able to glean an answer to the original question about
> the
> > second part of the statisitic when you do a show interface. Do you think
> the
> > second part (the interrupt part) is just refering to the second
situation
> > (switching the packet during the CPU interrupt)?

The generalization established in "that book" is: the more primitive the
switching method (namely process switching-I'm not sure the generalization
scales all-too-well), the more interrupts it uses. The same book claims that
the second value includes all interrupts handled by the cpu during the 5
second interval in question. Presumably, a router passing a non-trivial
amount of data would exhibit noticeably different ratios linking cpu usage
devoted to interrupt processing with total cpu utilization  when using
process-based switching vs. instances where higher-end packet forwarding
mechanisms are enabled.


>
> That's how I always understood it anyway.
>
> I'll take a peek at 'Inside Cisco IOS Software Architecture' when I'm at
> work.
>
> Regards,
>
> Marco.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50094&t=49954
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: router vs packet forwarding [7:50471]

[Kevin Cullimore]

Partially marketing, partially an ability to scale (general purpose os'
generally tend to get burdened with tasks that deprive the routing threads
of vital system resources).

As a device that passes data between two L3 networks, and makes decisions
based upon L3 header information, you can call it a router.

As a device that is dedicated to, and designed for, routing, you probably
wouldn't want to.

They both forward packets.

- Original Message -
From: "John Green" 
To: 
Sent: 01 August 2002 6:03 pm
Subject: router vs packet forwarding [7:50471]


> what is the difference between router and a device
> that does packet forwarding between its interfaces.
>
> example:
> can a plain NT box with two network cards (with IP
> forwarding enabled) be called as a router ? or it is
> just doing packet forwarding.
> in my understanding even routers like say cisco router
> does such packet forwarding though it can make a
> decision on such packet forwarding based on a routing
> protocol. would that be correct to say ?
>
> __
> Do You Yahoo!?
> Yahoo! Health - Feel better, live better
> http://health.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50505&t=50471
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: RIP/IGRP Routing Simulator? [7:50586]

[Kevin Cullimore]

- Original Message -
From: "Priscilla Oppenheimer" 
To: 
Sent: 03 August 2002 1:47 pm
Subject: RE: RIP/IGRP Routing Simulator? [7:50586]


> A protocol analyzer would let you generate packets. Capture some RIP and
> IGRP updatess so you know what they look like, change and add network
> numbers, and then send them out again. A good analyzer will recalculate
the
> IP checksum for you. (Also, the UDP checksum in the case of RIP).

If the pc/microcomputer you were planning on using is expendable, you might
consider putting a unix variant on it, as the range of available simulators
is a bit larger. Both the simulator & the analyzer approach aren't much help
with at least one part of the certification preparation process:

altering configuration parameters on the cisco IS & verifying that the
packet structure & content match the expectations you are developing.

Even in the case of proprietary routing protocols, it remains an open
question whether or not the behavior of the vendor's software & hardware
match the descriptions set forth in the specification (As usual, the
proprietary specifications themselves remain closed).

In the case of allegedly open standards, enough details are left up to the
vendor that this kind of hands-on research is essential in order to avoid
hitting a tinted-glass ceiling as far as a deep understanding of networking
is concerned, which is itself nearly essential when in the midst of a supply
glut.

I suspect the standards themselves are similarly partially disassociated
with the principles that undergird them, but I lack examples.


> Of course, if you could afford a good analyzer, you could afford some new
> routers too, though! ;-) Does anyone know if the free analyzers like
> Etherreal will let you generate packets?

As far as ethereal is concerned, not as of the spring 2002 version.

> Priscilla
>
>
> Sparky Nelson wrote:
> >
> > What I am looking for is a Windows program that I can connect
> > to a Cisco
> > router that will send out RIP routing updates. Would love to
> > send out a a
> > group of 5 to 10different routes to illustrate  routing without
> > using
> > loopback addresses. If I need to use loopbacks I will but would
> > prefer the
> > routes were coming into the rouing environment from an external
> > source
> > rather than an internal router. I figure it won't be hard to
> > get a RIP
> > simulator, I really don't expect to get anything that will send
> > IGRP routing
> > information because of the propritary nature of IGRP.
> >
> > Thanks,
> >
> > Kevin




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50602&t=50586
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: RIP/IGRP Routing Simulator? [7:50586]

[Kevin Cullimore]

- Original Message -
From: "Priscilla Oppenheimer" 
To: 
Sent: 03 August 2002 7:48 pm
Subject: Re: RIP/IGRP Routing Simulator? [7:50586]



> > is a bit larger. Both the simulator & the analyzer approach
> > aren't much help
> > with at least one part of the certification preparation process:
> >
> > altering configuration parameters on the cisco IS & verifying
> > that the
> > packet structure & content match the expectations you are
> > developing.
>
> He can do that with a protocol analyzer. I don't see your point I guess.
(He
> did say he has some routers.) Changing Cisco IOS configs and capturing
with
> an analyzer is an excellent way to see how protcols really behave. The
> packet strucutre won't change usually, but the contents will change.

Agreed. The distinction is roughly as follows:

1. If you don't have enough routers, you can certainly simulate traffic
directed towards those routers by using pc-based costware packet capturing
tools, thus simulating environments where many routers are in play,
transmitting the traffic you have captured.

2. However, any time you wish to verify what a cisco l3-capable device would
do based on a particular type of configuration change, you must rely on
output from the original router, not your retransmitted
sniffer/etherpeek/whatever output. It's a question of verifying the spec,
the vendor's statements on how their implementation behaves and how
unspecified conditions are handled. If you wish to test how multiple
misconfigurations on multiple devices exchanging information with each other
behave, there's not really a substitute for multiple cisco routers, unless
you're willing to capture the device from a target router and coordinate the
retransmission. If he has enough routers, great, but if he already has a
given number of routers and asks about available windows simulators, chances
are, he is seeking to understand how large numbers of directly connected
intermediate systems interoperate.




>>(As
> > usual, the
> > proprietary specifications themselves remain closed).
>
> IGRP protocol specifications are easy to learn even it is technically
> "proprietary." Of course, the protocol analyzer vendors have all learned
it
> (and EIGRP) quite well. Sniffer does a particulary good job of decoding
EIGRP.

This is encouraging, but anyone on the path towards understanding should
verify these specifications and their resulting consequences for themselves.
The danger with proprietary technologies is the tendency to assume that
routers react to inbound packets with a specified header-content/payload as
the vendor insists they would.

> IGRP, by the way, is completely specified in this old paper from Rutgers,
> which Cisco never objected to:
>
> http://www.cisco.com/warp/public/103/5.html
>
> EIGRP protocol specification info is harder to find, though from an
> operations viewpoint, TAC has some terrific papers here:
>
> http://www.cisco.com/warp/public/103/eigrp3.html
>

In retrospect, it kind of makes sense that proprietary technologies would
have a better chance of converging towards a more complete specification,
since they don't have to leave any details to  vendor discretion. In spite
of that, it remains a valuable exercise to  verify that these protocols
behave according to vendor specification.


>
> Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50619&t=50586
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: WAN Layer 1 Book (Multiplexors, DACS, TxPorts, etc).// [7:51021]

[Kevin Cullimore]

If the original sources are too hard to come by, Uyless Black's Physical
Layer Interfaces and Protocols goes into somewhat greater detail than the
WAN CCNA book referred to in another reply.

- Original Message -
From: "Robert D. Cluett" 
To: 
Sent: 07 August 2002 8:09 pm
Subject: WAN Layer 1 Book (Multiplexors, DACS, TxPorts, etc).// [7:50881]


> Group
>
> Anyone know of a good layer 1 (WAN) book?
>
> R. Cluett, CCNA




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=51021&t=51021
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Notes on salaries [7:51052]

[Kevin Cullimore]

- Original Message -
From: "Priscilla Oppenheimer" 
To: 
Sent: 09 August 2002 5:57 pm
Subject: Re: Notes on salaries [7:51052]

> > The key, we have found, is to be selective in the students you
> > allow into
> > the program.
>
> Sure you can be selective in the students allowed into the program. Then
you
> get smart, well-to-do students who are probably going to go on to college
> and not immediately get a job configuring routers. So, while they could
have
> been studying AP Math, Chemistry, etc., they have learned the file naming
> convention for Cisco IOS images. Very useful thing to know as a college
> student.
>
I'm probably mixing subthreads here. Sorry about that.

If you're capable of understanding data networking (as sharply contrasted
with merely the capability to correctly configure participating intermediate
systems) at age 12, or even in high school, and you're relying on your
coursework as your primary source of information about math & chemistry,
you're usually squandering whatever potential you seem to exhibit. Then
again (Out of respect for intellectual property rights, I'm forced to rely
upon secondhand reports such as those posted to online communities such as
this one), it seems as if much of the program's content is readily gleaned
by those individuals without the benefit of participation in the program
itself.

> The program was meant to be a vocational program for students who will
work
> out of high school. It doesn't work for those students. They don't have
the
> requisite reading skills, problem-solving skills, or analytical abilities.
>
> High school brains are not well developed, in general. In the case of the
> vocational students, their brains just can't handle networking concepts in
> many cases.
>
> The small percentage of high school students that the program works for
are
> the smart students who will work part-time while in college and may find a
> job doing networking instead of working in the dorm cafeteria. That's a
> really small number of people.

As you point out, it's sort of arbitrary. Violent reactions to non-decimal
numbering systems and an unflinching determination to oversimplify &
invalidly categorize newly received information, as well as a profound lack
of understanding of the fundamental concepts you enumerated, might be
quenched before they emerge if those skills are actually developed during
the course of prior interactions with formal education (or, for efficiency's
sake, less cumbersome methods).

> At high schools where there is a shortages of resources, teachers, etc.,
> Cisco Networking Academy is a waste.

Waste might be a bit strong. A bigger danger would come when brief exposure
to fundamentals leads people to overestimate their ability to understand and
deal with situations that don't identically correspond to instructional
scenarios they were spoon-fed (we'll call it
"fresh-out-of-college-CS-major-with-no-real-world-experience-and-only-progra
mming-skills-who-insist-that-their-academic-credentials-entitle-them-to-high
-level-networking-jobs-and-attendant-respect" syndrome). Cf. Alexander Pope
& musings on pierian (sp?) springs.

>Instead of teaching the vocational
> students file naming conventions, subnet masking, OSI, etc. etc., why not
> teach them something they can actually be good at and use on the outside
> right out of high school, such as tech support, hardware configuration and
> repair, desktop support, etc.

It remains an executive-level fantasy that, as skills associated with data
communications become commoditized, that many associated activities will
become entirely deterministic/cookie-cutter, thereby lowering the skill
level necessary to perform such tasks. As usual, their coarse & vehemently
unreflective approach prevents them from taking advantage of any truth that
might be found within the conceptual confines of the oversimplifications
they so deeply cherish & swear by.

Example: the 1st person who takes an IT support call could (in many cases)
be trained to enable a switch port and hardcode duplex & speed settings, but
the wisdom required to know whether they should, or how to troubleshoot
unexpected consequences might not be as readily disseminated. A better
example from another realm would involve DNS record changes.

I'd agree that the skills you mentioned would constitute a better choice in
the relevant forums, but for a different reason: the need for a greater
percentage of well-rounded networking professionals, who understand
technologies commonly delegated to different individuals within an IT
organizations, such as operating systems, messaging, microcomputer hardware
& many other topics.

> Of course, your situation may be very different from what we have here in
> Southern Oregon.
>
> Priscilla
>
> > Without that, it can indeed be a very difficult
> > curriculum
> > to teach at the high school level.
> >
> > Prof. Tom Lisa, CCAI
> > Community College of Southern Nevada
> > Cisco ATC/Regional Networking Ac

Re: Simple (silly) question on PING [7:51580]

[Kevin Cullimore]

- Original Message -
From: "cebuano" 
To: 
Sent: 17 August 2002 11:35 pm
Subject: Simple (silly) question on PING [7:51580]


> Hi all,
> Just two simple but annoying PING questions.
> 1. Why is it that on a broadcast medium, you can issue ping
> 224.0.0.5 and have all OSPF routers respond (according to CCO), but when
> I do a simple ping 192.168.10.255 on the subnet, no replies are seen
> from all the interfaces on this subnet? I know you'll say my brain is
> getting fried from too much "rack exposure".

This is one of those cases that underscore the extent to which communication
protocol specifications sometimes define a range of acceptable behavior in
the face of a given set of conditions rather than a single acceptable
option. In some cases, the RFCs/Standards don't provide a reccomendation for
how a given implementation should behave, leading to real-world
interoperability issues. A more obvious case where these considerations
matter involve the inexplicably persistent notion that distinct
implementations of a given standard should behave identically given
identical circumstances. In this case, whether or not a given icmp/ip
implementation responds to echo requests addressed to a layer 3 broadcast
address is left up to the vendor (which used to provide a quick-n-dirty way
of performing simplistic os fingerprinting within a given broadcast domain),
based on the use of the may keyword when describing within RFC 1122 when
describing the receiving host's behavior during that situation.

The key here is that the guidelines covering behavior in response to
received multicast & broadcast traffic are separate, allowing for distinct
behavior, which may, in turn, reflect different needs/goals to be addressed
when dealing with the two different (though conceptually related) types of
traffic.





> 2. Using a crossover to connect two Ethernet interfaces, I can ping
> say RtrA's e0 from RtrB, but can't ping RtrB's e0 from RtrA. I know some
> of you on the list have seen this before and have had a really
> crystal-clear explanation for this.
>
> TIA,
> Elmer




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=51597&t=51580
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How to force a gratuitous ARP [7:51674]

[Kevin Cullimore]

Does this network contain servers? workstations? Both?

If the end-systems are running operating systems from the Northwestern
United States, you could push down a registry change involving the arp cache
timer.

If they are dhcp clients, option 35 is supposed to be associated with that
timer as well (I don't have equipment available to test with).

I'm not sure if there's a way to alter the mac address associated with the
gateway address on the 6513 (documented or otherwise), but if there is, and
you're removing the router from that network, that might be an option as
well.



- Original Message -
From: "John Neiberger" 
To: 
Sent: 19 August 2002 5:13 pm
Subject: How to force a gratuitous ARP [7:51674]


> I'm planning on moving routing responsibilities from a router to our
> 6513 and I *really* need to minimize downtime.  I'll be moving an
> interface IP address from one device to another and this is the default
> gateway for all devices on that network.  The problem is that all
> devices on that subnet will have the wrong MAC address in their ARP
> caches.  I know that if I issue a unicast ping from the new router it
> will force the end host to update its ARP cache but a broadcast ping
> does not accomplish the same thing, probably because most devices ignore
> a broadcast ping, and I don't feel like pinging every device
> individually.
>
> I can't configure HSRP just to gain the benefit of gratuitous ARP;
> simply configuring it will be disruptive and that's what I'm trying to
> avoid.
>
> Any ideas?
>
> Thanks,
> John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=51681&t=51674
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How to force a gratuitous ARP [7:51674]

[Kevin Cullimore]

If the hosts are running snmp, and you have write access, it might be worth
seeing if you can get away with a wellfleet trick, wherein you delete
individual arp cache entries as they appear in the ipNetToMedia table (or
proprietary equivalent) by setting the ipNetToMediaType value to 2, and then
adding in the desired substitute entry.

Then again, if you're willing to endure enough downtime to contact each
member of the network, you can generate the contents of a batch file/shell
script based on ping or your favorite ip troubleshooting utility fairly
quickly using a spreadsheet (this, of course, would refer to one written
with "modern" programming values in mind, where efficiency and good form are
sacrificed in the name of quickly turning out an end product).

Or, you can contact all members of a manageably-sized broadcast domain in a
matter of seconds by making use of freeware port scanners and other script
kiddie toolkit favorites.



- Original Message -
From: "John Neiberger" 
To: 
Sent: 19 August 2002 5:13 pm
Subject: How to force a gratuitous ARP [7:51674]


> I'm planning on moving routing responsibilities from a router to our
> 6513 and I *really* need to minimize downtime.  I'll be moving an
> interface IP address from one device to another and this is the default
> gateway for all devices on that network.  The problem is that all
> devices on that subnet will have the wrong MAC address in their ARP
> caches.  I know that if I issue a unicast ping from the new router it
> will force the end host to update its ARP cache but a broadcast ping
> does not accomplish the same thing, probably because most devices ignore
> a broadcast ping, and I don't feel like pinging every device
> individually.
>
> I can't configure HSRP just to gain the benefit of gratuitous ARP;
> simply configuring it will be disruptive and that's what I'm trying to
> avoid.
>
> Any ideas?
>
> Thanks,
> John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=51687&t=51674
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Views on Extreme networks? [7:52432]

[Kevin Cullimore]

- Original Message -
From: "Chuck's Long Road" 
To: 
Sent: 31 August 2002 12:30 pm
Subject: Re: Views on Extreme networks? [7:52432]


> Extreme is a large player in the service provider market. They also have a
> line of access switches. They are non blocking wire speed. Some of their
low
> end line is L3 capable. One selling point is an "IOS like" CLI.

Another of their selling points (as of approximately 10 months ago) is that
ALL of the offerings in their 3 main product lines (pick a ski equipment
vendor of your choice) are L3 capable and non-blocking.

They did lose a potential selling point by conforming to relevant CPs
(current practices) in developing a proprietary L2 failover mechanism and
thereby complicating phased integrations cisco style.

During the past couple of years, it hasn't proven too difficult to beat
cisco pricing (YMMV, based upon organization size & pre-existing business
relationships), but Extreme seemed determined to undercut all.

Additional data points confirming, denying or redirecting this contribution
are most welcome.

>
> I've been to a couple of their SE training labs. The stuff seems pretty
> nice. I can't comment on pricing. I just don't have the information handy.
>
> On the high end, with their architecture being wire speed non blocking,
you
> don't have to fool around with SFM's and fabric-enabled versus
> non-fabric-enabled cards, the way you have to with Cisco.
>
> Probably the best thing for you to do is hit the Extreme website, find out
> who your local sales team is, and contact them. Extreme is becoming very
> aggressive in the lower end markets, and heir teams will be happy to set
you
> up with some training and some sales materials.
>
> HTH
>
> --
> TANSTAAFL
> "there ain't no such thing as a free lunch"
>
>
>
>
> ""suaveguru""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > hi anyone
> >
> > heard of Extreme networks ? I heard they are
> > leveraging on Ethernet technologies over IP ? Is it a
> > good skill to pick up?
> >
> >
> > regards,
> >
> > suaveguru
> >
> > __
> > Do You Yahoo!?
> > Yahoo! Finance - Get real-time stock quotes
> > http://finance.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=52451&t=52432
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF MTU [7:53047]

[Kevin Cullimore]

Inline, starting from the very bottom on up.

- Original Message -
From: "Frank Merrill" 
To: 
Sent: 10 September 2002 10:41 pm
Subject: RE: OSPF MTU [7:53047]


> Priscilla Oppenheimer wrote:
> >
> > OSPF routers that don't agree on the MTU can get stuck in the
> > EXSTART phase and never succesfully exchange their database
> > description (DBD) packets, thus never becoming fully adjacent.
>
> And I've actually seen this happen between a Cisco 6509 with a Flexwan and
> A3 Port adapter at one end, and at the other end was a Nortel BCN router
> with an ARE card.
>
> This was tested in a lab and the team who was implementing it got it
working
> in the lab (it didn't work initially) by setting the 'mtu-ignore'.
> Unfortunately when it went to production the adjacency wouldn't come up
> because now the DBD's were too large. It turned out that in the Lab the
> adjacency came up because the initial descriptors were rather small, and
> hence the DBD's fell at less than a full MTU size, and came up ok in the
lab
> once they told the Cisco to ignore the MTU mismatch.
>
> Fixed this in production by looking at what the Cisco box recorded in it's
> log that the mismatch size was, and set them appropriately. The Nortel box
> actually sent something different than what it was actually set for, and
so
> that gave us a fit for a few minutes, until we saw what it was actually
> sending in the Cisco log.
> It's been in operation for over a year now.

The safest strategy is probably to synchronize the output by adjusting the
parameters (which needs to be distinguished from a mere synchronization of
the parameters) either by inspection of IOS debug/RS log output or analyzing
packet capture (substitute vendor-specific marketing terms as appropriate).
The defaults set by both vendors mentioned in this post disagree often, and
attempts at establishing rules of thumb often require more effort than most
networking types are willing to (or have time to) expend. It's a relief to
see that people actually work through these issues instead of behaving like
Ford is where their private exchange & vpn interoperability issues are
concerned (network world has a recent feature on the subject, but I don't
have the url handy-sorry).

>
> Have fun,
> Frank Merrill
>
> >
> > Neither router should have the MTU set to bigger than the
> > maximum as specified by the relevant standards for the data
> > link in use, but one of the routers could be set with an MTU
> > that is smaller than the max allowed. This router might be
> > unable to receive full-sized DBD packets from its neighbor.
> >
> > One fix is just to make sure the routers do agree on the MTU.
> > But what if the other router is Brand X router and doesn't
> > support such a change?
> >
> > In that case, you might want to use this new "ip ospf
> > mtu-ignore" command.

On the bright side (for corporate leadership, at least), this command &
analagous ones on competing platforms lower the technical skill required to
establish connectivity between devices with dissimilar defaults.

On the unbright side (for all concerned), the design considerations
prompting the strict reactions to MTU mismatches seem to involve (according
to passages from the Moy book featuring "anatomy" in the title) a willful
reservation of the right to max out the payloads of ospf packets in order to
avoid the prospect of ip-level fragmentation (and possibly other unnamed
unacceptable scenarios).

An all-too-shallow experience base leads me to conclude that these
differences tend to involve less than 100 bytes, and often under 10
(although the range of possible sets of disparities within that range is
striking in its magnitude and occasional lack of any defining pattern),
which might legitimize a more widespread adoption of these
"parameter-negotiation-avoidance" strategies. Does anyone have contrary
data?

> >
> > Here's what Cisco says:
> >
> > "Cisco IOS . Software Release 12.0(3) introduced interface MTU
> > mismatch detection. This detection involves OSPF advertising
> > the interface MTU in the DBD packets, which is in accordance
> > with the OSPF RFC 2178, appendix G.9. When a router receives a
> > DBD packet advertising a MTU larger than the router can
> > receive, the router ignores the DBD packet and the neighbor
> > state remains in exstart. This prevents an adjacency from
> > forming. To fix this problem, make sure the MTU are the same on
> > both ends of a link.
> >
> > In Cisco IOS Software 12.1(3), the interface-level ip ospf
> > mtu-ignore command was introduced to turn off the MTU mismatch
> > detection; however, this is only needed in rare instances."
> >
> > See this URL for the full story:
> >
> > http://www.cisco.com/warp/public/104/12.html
> >
> > Priscilla Oppenheimer
> >
> > Hello Goodbye wrote:
> > >
> > > There is a command 'ip ospf mtu-ignore' that makes
> > > ospf ignore the mtu at the interface for neighbor
> > > establishment.  This may be a dumb question but since
> > > all the ne

Re: The Origin of Echos and Echo Replies [7:53148]

[Kevin Cullimore]

- Original Message -
From: "Priscilla Oppenheimer" 
To: 
Sent: 11 September 2002 6:45 pm
Subject: RE: The Origin of Echos and Echo Replies [7:53148]


> To be absolutely sure I would want to use a serial protocol analyzer, but
> alas, those are too expensive for the self-employed. But I'm 99% convinced
> by the testing that I did.

I'm wondering if there are any obstacles to using the following strategy to
avoid the usually traumatic financial consequences associated with the
serial protocol analyzer option:

1: apply strict acls permitting only the test traffic to the remote router's
serial interface
2: clear all counters
3: generate traffic
4: review the interface statistics (something like show int s |
i received|input) for evidence that the packets traversed the wire.

>
> Priscilla
>
> > I know
> > this has been discussed in the past but I didn't find anything
> > in the archives that exactly answers my question.
> >
> > It kinda makes sense that a local serial interface will
> > encapsulate an echo packet that it receives and put it on the
> > wire (it only knows how to encapsulate in one direction and
> > de-encapsulate in the other).  It makes sense that the
> > distant-end router will return it, based on the destination IP
> > in the packet.  What I'm a little fuzzy on is why CCO says that
> > the echo reply must also be sent accross the WAN and be
> > returned by the distant end router.  If it were the interface
> > itself that had to generate the echo reply, I guess the same
> > logic as before would apply.  But does the router or the
> > interface actually generate the reply?  If it isn't the
> > interface itself, it seems the router would simply generate a
> > reply back towards the source IP (the ethernet interface -
> > which is essentially itself).  Is it required that an ICMP
> > packet actually be given life on a hardware interface and thus
> > the one-directional encapsulation issue comes back into play
> > again?
> >
> > Or am I just really confused about it all?
> >
> > Thanks all,
> >
> > Scott




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=53196&t=53148
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT: Serves Me Right - DHCP problem [7:54402]

[Kevin Cullimore]

Your customer would probably be gravely offended and unbelieving at the
prospect that most major changes in digital computing connectivity involve a
trade-off of some kind, but that doesn't render it any less accurate.

In this case, since the trade-off is between exposure to non-unicast traffic
and level of interactive involvement with the address procural process, why
not shrink the relevant timers? Would they notice the extra traffic? If
they're not happy with either scenario, then both the issue & its resolution
catapult way above the OSI layers that fall within the IS manufacturer's
purview, usually leading to a rather ungraceful resolution.

I've found that opponents of major redesigns will leverage the reality that
many types of changes do NOT result in situations featuring only benefits
and no drawbacks to fight or impede the cutover as vociferously as possible,
forcing an appeal to the economic considerations that motivated the project
in order to squelch the dissensiion.

- Original Message -
From: "Chuck's Long Road" 
To: 
Sent: 28 September 2002 1:28 pm
Subject: Re: OT: Serves Me Right - DHCP problem [7:54402]


> I see I should have made this one a "Friday Folly" :->
>
> In a Big Flat Bridged Network, a mobile user unplugs the laptop at one
> office, drives over to the next office, plugs back in, and no further
action
> is required. The Windoze PC has retained it's IP address, and the network
> doesn't care about location, because it is one big flat network.
>
> However, in the brand new ATM based AVVID ready routed network, said
mobile
> user is now in a different segment in each location. With Windoze, you
have
> to manually intervene. Sometimes you have to release the IP address,
reload
> the computer, and then get your new DHCP assignment. Users don't like
this.
> After all, now they have to do something, whereas before they did not.
Never
> mind the higher speed, the failover capability of the routers, the new 100
> mbs switches rather than 10mbs. They have to take an extra step or two in
> order to log in.
>
> This is normal behaviour for Windoze machines, and maybe for DHCP clients
in
> general. I have had to do this release / renew for years.
>
> But to the customer, who is pretty naive in terms of networking, there is
a
> "problem" that was caused by the new routers.  To the users, there is a
> problem that never existed before.
>
> Like I said, serves me right. You give a customer a great new network, and
> you break something so rudimentary that it never would have occurred
> otherwise. :->
>
> --
>
> www.chuckslongroad.info
> like my web site?
> take the survey!
>
>
>
> ""Priscilla Oppenheimer""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Spare us the mystery and tell us what you're getting at. :-) Did  you
> forget
> > to tell the DHCP server to provide the correct default gateway address
to
> > the PCs? That's my guess, since you say everything else like helper
> > addresses, etc. is configured correctly.  Just a late-night theory,
> waiting
> > for Jay Leno to come on.
> >
> > Thanks,
> >
> > Priscilla
> >
> > Chuck's Long Road wrote:
> > >
> > > The AVVID solution I sold a few months ago is gong through
> > > implementation.
> > > This project has been problematic for a lot of reasons, so it
> > > is not unusual
> > > for a round of e-mails from the customer complaining about one
> > > thing or
> > > another.
> > >
> > > Today was a good one, however. Shows to go you have to ask
> > > things you
> > > normally wouldn't think about.
> > >
> > > DHCP - no big deal. Works fine. All of us have probably used it
> > > or
> > > configured it. All of us probably have experience with running
> > > several small
> > > sites off a single DHCP server at a central site.
> > >
> > > So why is the customer complaining about DHCP not working, and
> > > it's because
> > > our routers are screwed up and Microsoft told them that they
> > > would have to
> > > change their network addressing to a single class B rather than
> > > subnets of
> > > /16 space, the way I designed it?
> > >
> > > The routers are configured correctly. The network is designed
> > > correctly - no
> > > overlapping subnets. IP helpering is configured correctly.
> > >
> > > Problem occurs with several users, different NIC's, either
> > > Win2K or WinXP.
> > > No one common factor. Worked just fine before we put the new
> > > routers in.
> > >
> > > Recognizing that Microsoft is full of C**P and their TCP stack
> > > is S**T,
> > > still, why the problem.
> > >
> > > Gee, what happens to DHCP when you go from a single flat
> > > bridged network to
> > > a segmented routed network? Especially to mobile users, who
> > > travel from site
> > > to site for various reasons on a regular basis?
> > >
> > > Serves me right
> > >
> > > Chuck
> > >
> > > --
> > >
> > > www.chuckslongroad.info
> > > like my web site?
> > > take the survey!




Message Posted at:
http://www.groupstudy.com/form/read.

Re: Lookee Lookie - new certifications!!!! [7:54435]

[Kevin Cullimore]

inline
- Original Message -
From: "Robert Edmonds" 
To: 
Sent: 29 September 2002 12:00 am
Subject: Re: Lookee Lookie - new certifications [7:54435]


> I don't think it's accurate to say that Cisco, Microsoft and Novell have
> contributed to the "paper cert syndrome".  They simply created
> certifications in an effort to distinguish those who are familiar with
their
> products from those who don't.

As part of the process of actuating those certifications, they commissioned
tests containing questions that could be answered "correctly" without
possessing an adequate knowledge of the subject matter. Even if you are only
concerned with their ability to gauge book learning, the questions have
tended to fall far, far short of useful expectations.

>The people who use
brain-dumps and boot
> camps are the real culprits.  They get the certifications that get them
the
> jobs, then prove they don't know what they're doing, and in turn it casts
a
> shadow of doubt on those who do (know what they're doing).  You can't
blame
> them.  Besides, all three have made their more recent certifications more
> difficult with simulations, etc.  And I don't think many people doubt that
> someone who has passed the CCIE lab knows at least enough to stumble
through
> and succeed.  Anyway, I think the idea is great, and I hope they succeed.
I
> will definitely be in line to get my FCP certification.  Maybe it will be
> the difference between me and that other guy.  Maybe you (not anyone
> specific -- generally).
>
> ""Chuck's Long Road""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > ""Kevin Wigle""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > If you read further into the site you will that the FCPA is proposing
to
> > > deliver hands-on testing at both junior and senior levels of
> > certification.
> > >
> > > They have buy in from the major vendors such as Cisco, Microsoft,
Novell
> > and
> >
> >
> > CL: ironically, all three of the above have contributed mightily to the
> > whole "paper cert" syndrome!
> >
> >
> > > Red Hat.
> > >
> > > Both Novell and Red Hat and talking it up as the "capstone" to their
> > certs,
> > > but not as a replacement.
> > >
> > > People who have CCIE / CDE / RHCE certs will be awarded a FCPA cert
> > without
> > > being tested.
> > >
> > > Which is a bit funny as the list has from time to time "discussed"
paper
> > > CCIEs.
> > >
> > > Since the FCPA cert is just another lab, I don't know how it would be
> > > different from any other.  It still doesn't "automatically" mean yoou
> have
> > > real world experience, just real lab experience.
> > >
> > > However, it is almost a daily discussion where I work about how
someone
> > has
> > > some initials but can't seem to troubleshoot out of a paper bag.
Quite
> > > often people are sent off on courses but are not "motivated" to take
the
> > > exam.  Anybody can sit at the back of the classroom and play
solitaire -
> > not
> > > everyone passes the exam.
> > >
> > > A "hands-on" exam I think would be very beneficial as another tool to
> > assess
> > > a person's ability.  Still, as mentioned we will always be able to
> debate
> > > the "lab/real world" gambit but at least the whole discussion would be
> on
> > a
> > > higher plane.
> > >
> > > However, being on a "vendor neutral" plain, anyone can walk in and
take
> > the
> > > exam without pre-requisites.  This could be enhanced by having a real
> > > pre-requisite of having the vendor's "paper" cert before attempting
the
> > lab.
> > >
> > > But this can be debated also.  On the site in one of the meeting
minutes
> > was
> > > an interesting quote:
> > >
> >
>
http://www.fieldcertification.org/Composition/Steering_Committee_Meeting_Min
> > > utes_06-18-01.htm
> > >
> > >  Eighty Pound Weight:  Mr. Brown commented that he believed a company
> > could
> > > spend a million dollars designing a multiple-choice test which
> accurately
> > > predicts whether a person is likely able to lift an eighty-pound
weight
> > or,
> > > the test taker could prove this ability merely by being asked to lift
an
> > > eighty-pound weight.  Mr. Brown believed the FCPA. effort is
attempting
> to
> > > have technology workers prove themselves by "lifting eighty pound
> > weights."
> > >
> > >
> > > I think I like what FCPA wants to accomplish but the devil is always
in
> > the
> > > details and whether yet another certification will gain industry
> > acceptance.
> > >
> > > In this regard, the FCPA seems to have attracted participation from a
> lot
> > of
> > > the industry's top vendors so maybe the time is right for performance
> > based
> > > testing.
> > >
> > > Kevin Wigle
> > >
> > > - Original Message -
> > > From: "Chuck's Long Road"
> > > To:
> > > Sent: Saturday, September 28, 2002 6:00 PM
> > > Subject: Re: Lookee Lookie - new certifications [7:54435]
> > >
> > >
> > > > check fur