Official CIPT coursebook
Anyone willing to part with the official CIPT course book? Email if interested _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Better do those V-labs while you can
I heard a while back they decided to do training only (no more network services). Any idea who they cut? Programmers or networkers? "Mask Of Zorro" wrote in message ... >It was a bloodbath over at Metntor Technologies this morning - another big >RIF. Better do those V-labs while they are still available... looks like it >won't be long. > > >Z >_ >Get your FREE download of MSN Explorer at http://explorer.msn.com > >_ >FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Technical Questions [7:10427]
I'm pretty good at allocating address blocks in binary as well. What I'm not good at is analyzing several decimal addresses (with variable-length masks) to see if they overlap. I almost always am forced to write these out in binary. See additional in-line comment. ""Howard C. Berkowitz"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > >Open Forum might be more up to speed if your free-time consists of working > >address plans in binary or looking for probability in the pregnant chads of > >Fortran punch cards :o) > > There's something wrong with doing address plans in binary? Best way > to learn, once you realize you don't have to do all 32 bits in > binary. Seriously, when I plan an address structure, and I am > documenting it, my primary mode is binary, and then converting to > dotted decimal where appropriate. Now, when I say planning address > structures, it often is to say "a /19 here, split into 8 /21 for I'll agree you're probably pretty good at subnetting in your head. Your typing skills could be further honed, however. :-) > areas". > > Not boasting here, but when you've been doing these for what...15 > years or so, I can do a fair bit of subnetting in my head. There are > tricks, but I wouldn't confuse a beginner with them. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=10485&t=10427 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Pix and iip options [7:10409]
This is the IP Router Alert option from RFC 2113. http://www.faqs.org/rfcs/rfc2113.html ""BOURNE, KENNETH"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hello , my Pix 515 is logging large amounts of denies from a host because of > ip option 0x14. I checked cco for the system message 106012 it tells me why > it is denying it but not what causes it . Can someone please give me or > point me to somewhere to find more info about ip option 0x14 and about ip > options in general ? > thanks in advance. > > > |Ken Bourne,CCNA|Network Specialist| > > |702-657-3432(direct)|702-524-1193(mobile)||[EMAIL PROTECTED]| Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=10487&t=10409 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNA scoring [7:10407]
The scoring is not weighted or curved; that is, your score is not based upon others' score or giving certain questions more weight. It's kind of weird the way Cisco figures your score. As soon as you pay your $100, you have scored 300 points. If you get 0 questions right, you get a 300/1000. If you get them all right, you get a 1000/1000. Your Cisco score = 300 + (number right/65) * 700 So, with your 946, you missed 5 questions out of 65. You scored roughly 92.2%. You need to score 51/65 (78.5%) to pass. Matt ""Sam Sneed"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I passed CCNA yesterday with a 946/1000(there is no integer divisible by 65 > that would give me this score so I know its curved). I did not think I was > doing well throughout the exam yet I got a good score. When it started, I > was told that you need 849/1000 based on a score that ranges between 300 > and 1000. So is this graded on a curve? If I got 3 wrong would my score be > 62/65= 954/1000? I don't think it works that way. I overstudied thinking I > needed at least 55/65 to pass but I do not think this was the case. Why > would they grade on a curve? If you can't answer 85% of the questions I > think you should fail. Are the CCNP exams graded on this weird scale and as > easy to pass as well? I recieved my MCSE a few months ago and honestly think > the scenario questions on those test were harder than any of the questions > on th CCNA.Coming from a Computer Science background at Rutgers, I can > guarantee the midterms and finals on my networking courses there were 100 > times more challenging than these exams.I barely needed a pen and paper > throughout the whole CCNA. > > Anyway before I digress any further I just wanted to know how the grading > worked on the CCNP and the scores required to pass. > > Thanks. > > Sam Sneed > CCNA # 3,324,567,892 > MSCE # 5,324,324,332 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=10577&t=10407 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Rate-limiting
Your input rate-limit is ok. I just tested it. The problem is with your output rate-limit. You can't use a standard access-list for output rate-limits in this situation. You want to limit the output traffic based a destination address, which can NOT be accomplished with a standard access-list. Instead use something like rate-limit output access-group 105 128000 128000 128000 conform-action transmit exceed-action drop access-list 105 permit ip any host 10.1.1.2 Matt ""Russ Kreigh"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi all I posted a question a while back asking how to limit the maximum > speed of an IP address. Well I have kinda got something working that does do > that, but it limits everything! > > access-list 5 permit 10.1.1.2 > access-list 5 deny any > > Ethernet 0 > ip address 10.1.1.1 255.255.255.0 > ip address 10.1.2.1 255.255.255.0 secondary > rate-limit input access-group 5 128000 128000 128000 conform-action transmit > exceed-action drop > rate-limit output access-group 5 128000 128000 128000 conform-action > transmit exceed-action drop > > I want this configuration to limit the bandwidth of IP address 10.1.1.2 to > 128k which it does, but it limits everything else also. > > Any thoughts on this? > > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Ports for Internet Mail
One problem I immediately see is that the source ports should be smtp and pop3, not the destination ports. ""Daniel Ma"" <[EMAIL PROTECTED]> wrote in message 8ju278$ikm$[EMAIL PROTECTED]">news:8ju278$ikm$[EMAIL PROTECTED]... > Let's use this scenario. > 1. The clients are inside the corporate network, with private IP. Let's say > 192.168.1.0, public range 202.166.1.0/28. The router is doing dynamic NAT. > 2. The E-mail server is in the ISP. > 3. Primary DNS is inside corporate network. > > I use following access-list, however the clients could not access internet > mail. Is there any more ports I should open? > > Another question, for DNS, both TCP and UDP have port 'domain '. What's the > difference? > > Following are examples of access-list: > > int s0 > access-list 101 in > > access-list 101 permit tcp any 202.166.1.0 0.0.0.15 established > access-list 101 permit tcp any 202.166.1.0 0.0.0.15 eq smtp > access-list 101 permit tcp any 202.166.1.0 0.0.0.15 eq pop3 > access-list 101 permit ip 202.166.1.0 0.0.0.15 any > access-list 101 permit tcp any 202.166.1.0 0.0.0.15 eq domain > access-list 101 permit udp any 202.166.1.0 0.0.0.15 eq domain > > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Single ISDN BRI Dial to 3 Sites
Take a look at the command dialer fast-idle "seconds" ""Tan Choh Koon"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi, > > AT Hub site I had configure one physical BRI to dial to and receive call > from 3 remotes router. So far it is working well, but I discovered if Hub > router had initiated call to 2 remote sites, then when there is a traffic to > 3rd remote site the router initiated the 3rd call but there is not available > channel (2B is occupied ) to call. It should drop the 3nd call till the > channels is available agains. But weird things is it Disconnected the First > called number and allowed the 3rd call ? > > How to prevent this ? I dont want to interrupt the previous connection till > the idle time is expired, then only the 3nd call traffice can make the > connection. > > Thanks > > Choh Koon, Tan > CCDA,CCNP > > ___ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > --- ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Easy Brain Teaser (Switching)
I have to agree with Joe (alhtough not in the same tone). I'm willing to take it a step further, and say the cable doesn't even have to be pulled out. As soon as the switch hears the MAC address on a different port, the CAM table is updated. Take HSRP for example. If you have two routers connected to the same switch both running HSRP, if one goes down the other takes over almost immediately. This means the CAM table must be updated almost immediately as well because the virtual IP address has the same MAC address. "Joe Pinkus" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Leigh Anne, > > This is completely false what you have just said, here is the output from a switch: > > 4000-7-1 (enable) sh cam dynam 2/17 > * = Static Entry. + = Permanent Entry. # = System Entry. R = Router > Entry. X = Port Security Entry > > VLAN Dest MAC/Route Des Destination Ports or VCs / [Protocol Type] > -- > > 1 00-50-8b-9b-22-b2 2/17 [ALL] > Total Matching CAM Entries Displayed = 1 > 4000-7-1 (enable) set cam aging ? > Usage: set cam agingtime >(agingtime = 0, 15..100 seconds, 0 to disable) > vlans = 1..1005 > An example of vlans is 2-10,1005) > 4000-7-1 (enable) set cam aging 1 1 > Vlan 1 CAM aging time set to 1 seconds. > 4000-7-1 (enable) sh cam aging > VLAN1 aging time = 1 sec > VLAN 1003 aging time = 300 sec > VLAN 1005 aging time = 300 sec > 4000-7-1 (enable) sh cam dyanm 2/17 > Usage: show cam [count] [vlan] >show cam >show cam [vlan] >show cam agingtime > 4000-7-1 (enable) sh cam dynam 2/17 > * = Static Entry. + = Permanent Entry. # = System Entry. R = Router > Entry. X = Port Security Entry > > VLAN Dest MAC/Route Des Destination Ports or VCs / [Protocol Type] > -- > > 1 00-50-8b-9b-22-b2 2/17 [ALL] > Total Matching CAM Entries Displayed = 1 > 4000-7-1 (enable) pull the cable > Unknown command "pull". Use 'help' for more info. > 4000-7-1 (enable) 2000 Jul 06 14:22:45 %PAGP-5-PORTFROMSTP:Port 2/17 > left bridge port 2/17 > > 4000-7-1 (enable) sh cam dynam 2/17 > * = Static Entry. + = Permanent Entry. # = System Entry. R = Router > Entry. X = Port Security Entry > > VLAN Dest MAC/Route Des Destination Ports or VCs / [Protocol Type] > -- > > 4000-7-1 (enable) > > Notice that after the cable was pulled, the mac address was purged. > > Leigh Anne Chisholm wrote: > > > I've seen this "problem" quite often, and it's helpful that you've brought this up. > > > > In the Catalyst 5000/5500 series switch, the MAC address to port mapping table keeps entries for 5 minutes (or 300 seconds) by default. When you switch ports (say, moving a server from a test room to the production location), the table waits the aging time before the old MAC address/port mapping is removed. This creates the lack of connectivity you reference. > > > > The aging of the MAC address to port mapping can really play havoc with one's mind when the default has been changed to the maximum of 20 minutes (someone's decided that changing this value will optimize switch and network performance). This leaves the administrator scratching their heads for 20 minutes wondering why they don't have connectivity. > > > > -- Leigh Anne > > > > > -Original Message- > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > > John Neiberger > > > Sent: Thursday, July 06, 2000 9:05 AM > > > To: [EMAIL PROTECTED] > > > Subject: Easy Brain Teaser (Switching) > > > > > > > > > Here's an easy one, because I'm nicer than Chuck. :-) Even though it's > > > easy, it's still practical. And for those of you who immediately know the > > > answer, let the less experienced people mull this one over for a bit. > > > > > > You have a Catalyst 5000 with several servers connected and you've decided > > > to rearrange the port assignments. You disconnect one server in > > > particular > > > and move it to another port, then quickly discover that it now has no > > > network connectivity. You attempt to access the network for a couple of > > > minutes to no avail. In supreme frustration, you head to the > > > break room for > > > coffee and donuts. > > > > > > When you come back several minutes later you find that the server now has > > > network connectivity and all is well, no problems. > > > > > > What is the most likely cause of this behavior and what could you > > > have done > > > to remedy the situation immediately? > > > > > > Good luck! > > > > > > John > > > > > > > > > > > > > > > > > > ___ > > > Say Bye to Slow Internet! > > > http://www.home.com/xinbox/signup.html > > > > > > ___ > > > UPDATED Posting Guidelines
