my VoIP box on ebay

[Neal Rauhauser]

  I've never spammed the list before with stuff I am selling but I
am quite proud of this 1750 - specifically:


1750-2V, 48 meg of dram, PVDM-4, vic-2fxs, wic-1t, wic-1b-u - VoIP, sync
serial, and ISDN all in one neat little package. The only way this could
be better is if the 10/100 port on the 17xx would do ISL or 802.1Q -
they DON'T - so don't buy it thinking it'll do VLANs along with all the
other neat stuff it has installed.

http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItem&item=1218538608


   I'd rather see someone on here get it than have it go to some
equipment dealer who will part it out.

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

MC3810 == must have toy!

[Neal Rauhauser]

  I got an MC3810 a while ago on a trade and I haven't had much
time to mess with it. I couldn't stand the suspense any more so I took
it apart this evening just to get an idea of what it can do.

The base chassis has a 10 meg ethernet port and two DB60 serial
ports just like a 2501. The processor is a 40 MHz risc chip so its on
par with the 2610 in terms of performance. It has a single flash slot
and a single dram slot.

There are some good diagrams of the insides on this link:

http://www.cisco.com/univercd/cc/td/doc/product/access/multicon/3810fru.htm



The expansion slots are what makes this router so cool - you get a
video dialer slot for RS366 which is essentially useless but the other
four expansion slots are very interesting.

The video dialer slot is next to the power supply, the slot next to
the left holds a DSP for voice compression, the next slot can take a
variety of Multiflex trunk cards, and the far left two slots can take a
DSP and an MFT like the ones on the right or you can install a six port
pots card that will do FXO, FXS, or E&M.

  I already had an MC3810-MFT-T1 I'd gotten with a previous package
of Cisco stuff and the MC3810 I bought for $1100 had the same T1 module
and the MC3810-VCM6 DSP module.

 I own an pair of Adtran TSU 600 T1 channel banks with dual FXS
ports - I can configure the 3810's T1 port and use a pots phone plugged
in to the channel bank to do VoFR, VoATM, and VoIP.

 I started digging to find out what other goodies you can put in a
3810 and I was amazed to find this gem - the  MC3810-MFT-TBS - this card
has a T1 MFT port and an ISDN S bus just like the 2503.

 You can find a full list of parts for the MC3810 here -->
http://www.cisco.com/univercd/cc/td/doc/pcat/mc3810.htm


At the moment I have in my lab a Cisco 2521, a Cisco 2511, a Cisco
2525 /w ISDN, and this 3810.  I am done with CCNP/CCDP and my next step
is voice specialization. I think I am going to add another 3810 and make
sure it has two MFTs and that one of those MFTs has the ISDN option -
that will get me VoFR, VoATM, VoIP, and it'll fill my quote of ISDN
boxes for the CCIE lab prep.


 If you're just getting started on Cisco certs all I can say is
KEEP PUSHING. I've been studying for two years and I am amazed at the
cool stuff I get to do now that I've got the CCNP/CCDP out of the way.




_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MC3810 == must have toy!

[Neal Rauhauser]

The MC3810 bug bit me real hard today - I picked up another MC3810,
brought it home, and got busy cleaning up the debris from my CCNP/CCDP.

  At the end of the day I kept a 2511, a 2525 with a sync serial port, a
MC3810-V with a T1 port and DSPs, and a MC3810-3V with T1 port.

I hung all of the routers in my rack and then I stuck two Adtran TSU 600
channel banks under them. The TSUs are lightly populated - only two FXS ports
in each but that is plenty for one person doing VoX experiments.

You can see a picture of the current setup here

http://members.home.com/puzzled/voicelab.jpg


   You're right to guess this isn't complete - the 3810-V3 seems to allow VoIP
without the hardware DSP module installed but I haven't been able to get it to
run yet - I suspect I'll end up with a DSP expansion card before too long.

I'm also going to add a T1/ISDN modules to each router. I'll have one port
for TDM voice and then I'll hook the second T1 port in each router back to back
so I can do VoATM - this is *the* cheapest method to get hands on with that
technology.

   I knew I liked this first 3810 when I brought it home but the T1/ISDN card
is the clincher - VoATM and a much needed ISDN port  all in one small package.



Is anyone else running these things in a lab environment? I'd like to hear
what sort of fun others are having with them ... post configs if you've done
something interesting.



_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CID passed with 839, CCDP complete, details inside

[Neal Rauhauser]

100 questions, took me 32 of 120 minutes allowed, and I walked out
with an 839 and my spiffy new CCDP :-)

The exam has the following sections and I've listed my scores

1 Intro to Internetwork Design62%
2 Campus LAN design62%
3 TCP/IP network design88%
4 desktop protocol design80%
5 WAN design   76%
6 SNA design   71%
7 security issues  0% (!)(more on
this below)



For prep I used the Cisco Press CID book and the boson.com
pretest. I spent about a month after completing my CCDP just letting my
brain cool off then I crammed for the CID in about two weeks.


The BCMSN material does an excellent job of covering the Campus LAN
design portion, BSCN takes care of the TCP/IP network design, and BCRAN
covers a bit of the WAN design questions.

I studied for the CCNP 1.0 track and I took the ACRC exam last
spring and missed it by one question. I mostly took it to get that stuff
out of my head so I could work on switching and I didn't bother to
retest but I feel that working through the Sybex ACRC book and the IPX
and Appletalk labs in the CCIE Lab Study Guide really carried me on that
portion. The information in the Cisco Press book is NOT I repeat NOT
sufficient - you really need ACRC level skills to get by this thing.

There are a number of questions on Stratacom stuff in the WAN
portion. On pp367 of the Cisco Press CID book you will find this URL

http://www.cisco.com/univercd/cc/td/doc/product/wanbu/82/switch/sysm/sysmch01.htm

Learn all of the magic incantations on this page and you will be
protected from the ATM demon during your 640-025 exam :) I am a big fan
of mastery rather than rote learning but in this case the boson.com exam
proved invaluable - their questions are very, very close to what you'll
find on the actual exam and you can practice test your way to a passing
grade if you need to do so.


   As gross and as useless as it is for 92% of the people working on
this certification, you *must* know a little bit about SNA.

I had done workstation support in a huge SNA shop so it wasn't
entirely foreign and a long time ago (5+ years), for reasons I forget, I
purchased and read a large portion of Communications for Cooperating
Systems - OSI, SNA, and TCP/IP. This book is a psychotic piece of
IBM backed propaganda which argues for the subordination of TCP/IP and
the OSI model in the perfect (I use the word in the facist sense) SNA
world. If you can shield your mind from the IBM borgification procedures
its actually not a bad read if you want to get some background on SNA.
FWIW it is ISBN 0-201-50775-7 and my copy was 'updated with corrections'
in 1992.

If you don't have the aforementioned marvelous tome of IBM wisdom
the CID book covers a lot of what you need to know.


   The  0% on security was quite a suprise and I still wonder if it
isn't a misprint from the test software based on my final score- I was a
script kiddie way back when before there was even a word for it and I am
very used to looking at other's stuff with a  probing eye. I guess
the mindset of those that are trained to defend is a lot different than
that of those of us who took the Wyatt Earp route to getting our
sherrif's badge.


   Good luck, good studying, and if you're tired of people 'borrowing'
your linux box take a look at www.openbsd.org - its the best script
kiddie repellent I've found so far.







_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: WS-F5521 or WS-X5530-E2

[Neal Rauhauser]

 
  They're the same
 
ws-x5530-e1 - has a ws-f5511 or ws-f5520 EARL daughtercard
ws-x5530-e2/e2a has a ws-f5521/ws-f5521a netflow feature card
ws-x5530-e3/e3a has a ws-f5531/ws-f5531a netflow feature card 2
 
    I don't think this is necessary for the CCIE lab
(yet) and its actually pretty trivial to set it up - I had L3 switching
running in about two hours starting from scratch at a customer site six
months ago ... if you can get some time on any cat 5000 series box you
should scoot right through BCMSN.
 
 
 
Rick Holden wrote:

Could
someone please explain to me the difference between these to cards. WS-F5521
and WS-X5530-E2
I looked on Cisco's web site but still
can't get a clear picture of what the difference is. They both seem to
be supervisor card with NFFC, but the WS-F5521 card is alot less expensive.
Why should I by the WS-X5530-E2 when the other is less then half the price.
Thanks.

Cisco 100x WILL do OSPF/BGP using IPv6 image

[Neal Rauhauser]

  I don't know if anyone else noticed but there *IS* an image
for the little Cisco 1000 series boxes that does OSPF and BGP.


   I am running the old 11.3 based IOS IPv6 beta image and it works
great. The 12.0 based IPv6 image, besides being too large to fit on the
2 meg flash you find in the cheapest of 100x routers, corrects this
'deficiency' by only providing rip, igrp, and eigrp.


 So, you heard it hear first ... now watch the prices on those Cisco
1005 auctions zm on the good news.



_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

IPv6 connection offer

[Neal Rauhauser]

I changed jobs a few months back and as part of my new duties I get
to learn a lot about IPv6.


I have a Cisco 7206 VXR 300 that is dedicated to being an IPv6
access point. The router is part of AS12023 and its connected via
ethernet to our border router that peers with UUNet (AS701), Teleglobe
(AS6453), and Level3 (AS3356) - it should provide a fast, stable 6bone
connection.

I will provide to anyone who connects the following:


1. an IPv6 in IPv4 tunnel
2. a /60 of IPv6 addresses that are globally routeable
3. an internal BGP peering session to AS 12023
4. telnet access to the core router to help with troubleshooting
5. my office phone number and my VoIP target + destination code for
0800-1700 tech support

 The way I am setting this up it should be a good play for
intermediate/advanced students who want to hone their BGP skills and
learn a little about IPv6.

  If you're the type that likes book learning before you actually
put your hands on something I can recommend IPv6 second edition by
Christian Huitema ISBN 0-13-850505-5. I've picked up quite a few IPv6
books and almost all of them I found to be filled with fluff. Huitema's
book is a solid read you can place on the shelf between Caslow and
Halabi for ongoing reference.

 Don't I repeat DO NOT reply to [EMAIL PROTECTED] I don't exhaustively
read groupstudy since there is so much and a lot of it is beginner
material. Send any requests to mailto:[EMAIL PROTECTED] and I'll be happy
to hook you up.


_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Passing BCMSN Monday, sell/trade my Cat 5000

[Neal Rauhauser]

 If my boson.com test scores are an indicator I am going to scoot
through BCMSN come Monday without a lot of trouble.

 We're running a variety of cat stuff at work and I no longer feel
the need to keep the Cat 5000 I've been using so I am going to offer it
for sale/trade.


I have the following pieces:

Cat 5000 single AC
WS-X5006 Supervisor 1 fiber
WS-X5213A 12 port 10/100 ethernet blade
WS-X5155 ATM multimode fiber LANE blade
Olicom Rapidfire OC3 MM card - can be used as a one port ATM
switch
6' MM fiber cable


   I want $4000 cash *or* $3250 cash and something else fun for my lab.
I could use a 2514, 2513, a cat 2900-XL with enough flash to run
enterprise images, and I'd consider most anything else Cisco oriented as
partial trade.

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Lot of talk about 3548; but is it a VLAN router like the 5000?

[Neal Rauhauser]

 As a minimum you need a Supervisor III with a NFFC. The NFFC is a WS-F5521 as
opposed to the more expensive NFFC2 WS-F5531/5531A daughtercard.

 You can use an external router to do the job that the RSM does  different
environments but you can learn enough to pass using a 2620 as the external RP.

 There are some differences with ethernet cards as well - WS-X5224 24 port 10/100
blade does not do inline rewrite, WS-X5225 does ... inline rewrite basically transfers
the packet rewrite functions of the NFFC/NFFC2 to the level of ASICs in the card. Its
not on the test but its a big issue if you're trying to use a 55xx box with its limited
backplane. All the 65xx linecards support inline rewrite.

  I used to work for a reseller that is very active in the education market ... here is
some design/pricing wisdom for you.

   As a base I'd buy a WS-C5505 chassis, a WS-X5530-E2 supervisor, and a WS-X5213A
blade. Don't buy a WS-X5213 - won't work in a 55xx chassis even though they physically
fit. The chasis is $1950 new in distribution, the 5213A is not more than $1k, and the
engine should be not more than $5k. It costs $2100 to upgrade a WS-X5530-E1 to the
latest/greatest and those cards can be had for $1500 if you dig ... but keep in mind I
am digging, too, and I don't have an approval process to go through when I buy :-)

  For the RP I'd go with a 2620 if you want something you can put a voice card into
later or if you've got an NP-1FE in one of those 4500s you're already set.




"Butcher, Matthew" wrote:

> I did a search for router capability of the 3548 @
> http://www.cisco.com/warp/public/cc/pd/si/casi/ca3500xl/prodlit/3500x_ds.htm
> I did not seem like the "VLAN" command set like the 5xxx.
> I have worked w/ the 3508g and it is Layer 2.
> I have worked w/ the 2948G-L3 w/ IRB BVI Layer 2 routing and Port Channel
> routing w/ sub interfaces Layer 3 routing.
> I have passed the BCMSN exam but found myself grasping from my experiences
> w/ these "poor man" 5xxx and 65xx switches. In my opinion it made the exam
> harder; I still got 883.
> Anyway now my company has taken an interest in my current lab (13 routers
> from 1005 ~ 4500m) but we need a vlan switch.
> The best I can think of is a used 5xxx from a reseller w/ a warranty. But
> that RSM is $20,000 new.
> Any thoughts?

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

HSRP, NAT, OSPF - real world troubleshooting

[Neal Rauhauser]

  I had something kind of ugly happen at work today and I
thought I'd share the details.


   I have two DS1s in our office that leads to our border 7206 which
is in a colocated rack. One runs to a 2611, the other to a 2621. I have
two Cat 3524s tied together with a copper gigabit link. They have two
VLANS - #2 is 10.10.1.0/24 and #5 is xxx.xxx.21.32/27

The 2611 has one interface plugged into VLAN2, the other into
VLAN 5, while the 2621 uses an 802.1Q trunk to one switch that carries
both VLANs.

Both routers back each other up via HSRP - the 2611 is primary
for 10.10.1.0/24, the 2621 is primary for xxx.xxx.21.32/27 - thus load
balancing the traffic across the two DS1s.

Both routers run OSPF. Everything is in area 0 and there are
three other sites that are fed from the core 7206 via DS1s. Nothing else
was happening at the other sites when my trouble occured.

I have a NAT pool on each router. The 2611 was there when I
started and it originally had some numbers pulled out of the air with a
static route from the 7206 to the particular serial interface so they
were reachable. I got tired of wrestling with that config and stole .61
and .62 from xxx.xxx.21.32/27 to use instead. When I brought the 2621 in
I created a loopback 1 interface and attached xxx.xxx.21.240/32 to it
and used the middle two addresses for the NAT pool. I did this so I
could *see* which subnets were used where. Loopback0 on each router is a
/32 taken from the top of the xxx.xxx.21.0/24 - the 2611 is
xxx.xxx.21.252 and the 2621 is xxx.xxx.21.247 - this is done so we have
stable router IDs in OSPF for those of you who haven't read that chapter
yet.

The interface on the 2611 that carries the public numbers got
plugged into a port that was in the wrong vlan. The port was up/down and
I didn't notice when I left on Sunday after having just converted from a
100 mbit link to the gigabit connection.

This led to a couple of interesting consequences. Both of the
routers private addresses were reachable via telnet from the inside and
once there I could see everything else in the network but stations on
the inside could not reach anything.

The DNS server for our network lies on the public segment that was
not reachable via the 2611 and the addresses used for NAT came from the
downed interface.  With the 2611 being the active HSRP interface it
couldn't see DNS and it was using numbers from a network that our core
router believed to be reachable only through the 2621 ... which was not
where the NAT sessions were occuring.

I spent two hours digging on VLANs and other stuff before I noticed
the interface to the public LAN on the 2611 was up/down.


   I knew I liked the Loopback interface on the 2621 holding the NAT
pool a lot better than stealing from the public segment and I am going
to make that my policy now on any router that has to do NAT. I may find
a good use for a /31 yet :-)

   I also screwed up on interface tracking - I tracked the DS1s which
was a good thing but in a setup like this I believe the public LAN
interface needs to be tracked as well. I don't know if HSRP will let you
track multiple interfaces but I am going to find out as soon as I click
send for this message.


 Take heed, your CCIE wannabes, and demonstrate your problem solving
skills to the lab examiner instead of while standing in front of twenty
grumpy coworkers who want to know why they can't get their email :-(



_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BCMSN passed with 934, details inside

[Neal Rauhauser]

   I took the BCMSN this afternoon and exited the testing center
with a very surprising 934.


Background:

I have a couple of years time in grade with cat 19xx/28xx, about
the same more recently with 29xx/35xx, and I once worked for three
months on an incredibly psychotic Cat 5500 with 800 MACs in the cam and
one subnet(!). I've also done one Cat 5500 + NFFC + RSM layer 3 deploy
to an ISP with 40k worth of public IPs being routed through the switch.

Study gear:

I had two Cat 3524s running enterprise attached to a Cisco 2621
running 802.1Q VLANs in production at work. I had a loaner Cat 5000 with
a Sup 1 and a ws-x5213 for the last few weeks of my studies. There was
an idle 7206 in a remote facility that I used to brush up on mls rp
commands. I did some multicast work with my 25xx collection at home.

Study Materials:

Didn't refer to Caslow once(!). The Cisco Press BCMSN book (only a
few errors) and the official Cisco Press LAN switching were all I used.
The LAN switching reference does an excellent job of covering some items
that the BCMSN gives what I felt was a lightweight treatment.

The boson.com pretests were *excellent* - my only gripe is that what
is in boson's stuff is *way* harder than the real thing - I was getting
mid 60% on the boson stuff and I thought I'd squeak by the exam ... the
934 was a huge surprise.


What to watch for on the exam:


I think the BCMSN question base is *very* broad. I've talked to
folks that had to examine network sniffer traces and so forth and I saw
none of that. The possible broadness being mentioned the details are ...



  Pound VTP operations into your head and do it twice for that stuff
about version numbers. Use the same amount of effort on spanning tree
and VLAN configuration issues. MLS is there but if you *understand* the
BCMSN chapter on it and then read the Cisco Press LAN Switching you'll
be fine.

  I am amazed at how little there was on multicast - knowing how to
convert an IP address to a MAC address covered 50% of what I saw. This
makes me think the exam question base is broad because I've talked to
others who got a lot of multicast questions.

  I really got flogged on Cisco product line knowledge. I worked for an
equipment dealership and I've troubleshot/tested/sold/refurbed
everything Catalyst from 1912s to 65xx series include all of the layer 3
modules and I was streeetccchheddd by what the test wanted
to know. I can eyeball a box full of Cat 5500/6500 cards and tell you
part numbers and specs on them - I rarely need to refer to the fact
Cisco product guide any more - and I was really reaching on some of this
stuff. If my experience is represenative you should call 800-553-NETS
and order DOC-CISCOCATALOG= and memorize the 55/6500 layer three stuff
before approaching the exam.




   Well, thats all the wisdom I have to offer at the moment ... I am
going to go pounce on CIT and see if I can be a CCNP by this time Friday
.. I left the easiest exam for last :-)

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CIT passed with 850 & CCNP done, details inside

[Neal Rauhauser]

  I passed my BCMSN yesterday with a 934 and as a special present to
myself I scheduled the CIT exam early this morning.


  I did basically zero preparation for the test. I spent the $30 for
the boson.com exam for CIT because boson's stuff has been a very
reliable indicator of readiness for me. I breezed through the first
practice test in about nine minutes with a 70% and figured I was ready
to go.


  I found the following areas covered in the exam


1. structured troubleshooting - collect some facts, try to
isolate the problem, then an action plan. They must cover this in a
structured fashion in the classes but I've never talked to anyone that
has taken the CIT. There was a 'drag the little tabs into the
appropriate order' question ... it was common sense.

2. ISDN. backwards and forwards. Caslow is a must read for this
and I did all of the labs in the CCIE Lab Study Guide by Hutnik and
Saterlee using a real live ISDN line into my house sharing the circuit
between two S bus routers using an NT1.

3. frame relay. Once again Caslow and the CCIE Lab Study Guide
will get you right through this.

4. IP and IPX behavior. I had a CNA and a lot of time in grade
with netware and I've read W Richard Stevens TCP/IP illustrated so I had
no trouble with this.

5. VLANs in all their glory. I feel *very* lucky that I
scheduled this on top of the BCMSN instead of waiting and reviewing as I
usually do.

6. there were a lot of subtle questions about connectionless
protocols and troubleshooting in an internetwork that I did not do get.
I am going to track that stuff down and read it for my personal
satisfaction.


I started working on the CCNP stuff diligently around April of this
year after passing my CCNA last October and my CCDA in January. So,
seven months of hard work, a killer home lab when I worked for Optimum
and a not so killer home lab now that I am spending my own money, and
maybe 500 hours of study and lab time and I'm now smart enough to
accurately assess just how far I have to go for the CCIE :-(

I got the boson.com exam for the CID earlier tonight and the results
were promising :-) Am I going to be the first to knock off three of
these exams in three days? I guess we'll see ...





_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Mo' Better Kitty Rides Again! [7:3093]

[Neal Rauhauser]

I have two Catalyst 2926s that are ebay bound but I don't have
time to put the auctions up at the moment so I put them up for a few
days so some of you aspiring CCNPs who can't afford these toys get a
chance to play.

   They can be reached at these locations with the userid and password
both being 'ebay'. The switches themselves have no passwords for access
or enable.


24.3.233.101 2007
24.3.233.101 2008

The switches are cabled back to back to each other via the first
ethernet port on their supervisor engines and the unit at port 2007 has
its 24th fast ethernet port plugged into my other ethernet stuff.

I was in Optimum Data the other day and I saw a Cisco 4700 with a
fast ethernet port in it. I am going to visit those guys later today and
I'll see if I can borrow that box for a few days so this will be a
complete lab. If I do borrow a router it'll be placed at 24.3.233.1001
2006.


Play nice! That means no changing the passwords, no access lists so
others can't play, no messing with the other stuff thats hooked to my
2511, etc.


If you accidentally dork it up send me email at mailto: [EMAIL PROTECTED]
- I don't read my groupstudy mailbox much any more since I finished my
CCNP/CCDP six months ago - this mailbox has 18,000 unread messages in it
:-(




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3093&t=3093
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Scary Kitty Mutation [7:3097]

[Neal Rauhauser]

I was rooting around in the debris field I call my office looking
for my digital camera so I could auction those Catalyst 2926s and I came
up with a pair of Catalyst 2600s - token ring switches.

I got these things thinking they might be like the much feared
Catalyst 3900 which has never been sighted anywhere other than a
CCIE lab exam,  but I don't think its the same thing - these switches
drive just about like the old Grand Junction Catalyst 1900 switches.


Anyway, there are two of them  at these locations without any
passwords:

24.3.233.101 2005
24.3.233.101 2006

If one of you scholars can forward me the pinout needed to cross
token ring on an RJ45 port I'll whip up a cable for them. If I dig a
little more I might find some token ring cables so I can hook a couple
of routers up to these things.


  As always, if you mess it up email me at mailto:[EMAIL PROTECTED] so I
can fix it.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3097&t=3097
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

free online catalyst lab [7:3270]

[Neal Rauhauser]

There was nothing good on TV tonight so I assembled a fairly
complete Catalyst lab for people to check out - its available at these
addresses


24.3.233.101 2008Catalyst 2926T

24.3.233.101 2007Cisco 4500 /w Fast Ethernet

24.3.233.101 2006Cisco 2610

24.3.233.101 2005Cisco 3810



I'm not going to give my usual full cabling description since
anyone far enough along to play with this should understand how Cisco
Discovery Protocol
works - it is up to you to figure out what connects where. I also set
the exec-timeout on the 2511 to five minutes - no more people idling for
sixteen hours
before I notice and clear the session.


As always, play nice, no setting passwords, access lists, etc,
so others can't get in, and if you dork it up email me at
mailto:[EMAIL PROTECTED] so I can
make sure its available.



We also owe a big thank you to the guys at
http://www.optimumdata.com who have kindly loaned us this 4500 with fast
ethernet so this is a full lab instead
of the catalyst only thing I put up yesterday. I had to move about a
dozen new boxed cisco 2610s to get to the shelf where I found this 4500
today and I counted
about 75 25xx routers in the same area - I saw a lot of 2514s, 2521s,
and I think a few 2523s - they have plenty of good stuff if you're
trying to build your lab
out.. I believe Michael Beacom ( mailto:[EMAIL PROTECTED] ) has
been handling education sales since I left Optimum Data - you can reach
him via
their main number 800-879-8795.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3270&t=3270
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Having problem with tftp to flash : URGENT [7:3455]

[Neal Rauhauser]

Your very urgent problem is going to require NEW BOOT ROMS for your 26xx.

I have encountered this bug before and there isn't a good way around it
if you need
to use tftp. I escaped my troubles by borrowing a Cisco 2650 that had newer
boot roms
and using it to load the flash for my impaired 2621.

   If you've got the router on contract Cisco will send you new boot roms -
I've got to
believe if I figured this out many other people have already reported the
bug - but if
you have no contract you need to pay for one (about $360 US for a 26xx) or
borrow a
newer router to load the flash.




Kiran Kumar M wrote:

> Hi,
>
> I have a router which is having a flash card (8 MB), but not having the
> flash memory in it.
>
> I am trying to upload a flash file from tftp. I am trying to use tftpdnld
> command, but it is not taking..
>
> Here is the message that I am getting while booting..
>
> System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
> Copyright (c) 1999 by cisco Systems, Inc.
> TAC:Home:SW:IOS:Specials for info
> C2600 platform with 32768 Kbytes of main memory
>
> device does not contain a valid magic number
> boot: cannot open "flash:"
> boot: cannot determine first file name on device "flash:"
>
> System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
> Copyright (c) 1999 by cisco Systems, Inc.
> TAC:Home:SW:IOS:Specials for info
> C2600 platform with 32768 Kbytes of main memory
>
> device does not contain a valid magic number
> boot: cannot open "flash:"
> boot: cannot determine first file name on device "flash:"
>
> System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
> Copyright (c) 1999 by cisco Systems, Inc.
> TAC:Home:SW:IOS:Specials for info
> C2600 platform with 32768 Kbytes of main memory
>
> rommon>
>
> Can anyone please give me a solution to solve this problem.. It is very
> URGENT.. please help me..
>
> Thanks,
> Kiran
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3544&t=3455
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Free Layer 3 Catalyst Lab (Kitty++) [7:6066]

[Neal Rauhauser]

More is never enough. This obvious truth being stated, we'll move on
to the details of our latest 'event' :-)


   Using reverse telnet to 24.3.233.101 with a userid and password of
'ebay' you will find the following toys


port 2008Catalyst 5000 /w WS-X5530-E2 NFFC supervisor 3 engine
port 2007Cisco 4500 /w fast ethernet (not yet functional, must be
made to netboot due to small flash)
port 2006Cisco 7206 /w fast ethernet
port 2005 Cisco 2501
port 2004Cisco 2501
port 2003Cisco MC3810
port 2002Cat 2912-XL-EN (due in Tuesday)

 For the moment all of these devices have no passwords beyond the
userid ebay/password ebay needed to get past the terminal server HOWEVER
the last time I provided a free online lab some buttnozzle, against my
explicit instructions, went around and put passwords on every device. I
don't mind providing this stuff when its around but this kind of
behavior drives me to distraction so there is now a new policy:

   This stuff will be freely available over the long Memorial Day
weekend and you can email myself ([EMAIL PROTECTED]) or Peter Slow
([EMAIL PROTECTED]) and we'll patch up anything that goes wrong.

   Once the weekend is over we're going to lock it down for our personal
use HOWEVER we will accept small cash bribes ($10?) via paypal for a day
of dedicated access. I think this will keep the lab available, still
darned close to free, and save Pete and I a lot of tech support
headaches.


   We owe massive props to:


Peter Slow - the world's youngest AND shortest CCNP (17, 5' nothing)
- for the loan of the Catalyst and supervisor engine

Optimum Data - for the loan of the PA-FE-TX, the WS-X5224 in the
Catalyst, and the entire 4500 /w fast ethernet.

Dan Jaffe - for the loan of the Cat 2912



   You can reach Optimum Data @ 800-879-8795 and I counted maybe 80 -
100 25xx series routers in their warehouse when I was in there a week
ago. I think Michael Beacom ([EMAIL PROTECTED]) is the guy
handling education sales now that I am gone.






Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=6066&t=6066
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Why use GRE Tunnels [7:6155]

[Neal Rauhauser]

I have this configuration in production:


branch office lan  cisco 2611  Cisco 7206 running BGP  Cisco 2611  branch
office lan


I have a /24 from one of my three BGP peers which is used for most
everything in my
network and there is a sloppy deploy of RFC1918 private addresses on two
branch office
segments.

I knew I didn't want the 10.x.x.x/8 addresses leaking into my overall
routing table
and providing access from our colo sites into our corporate network. Our
network is a
star topology with the 7206 as its core so I could have done some fancy
route filtering
so only the three routers involved would see the private numbers OR used the
VPN
capability of the 2611s but I decided not to because:

1. complexity - there are two junior level people who work on our
internetwork when
I am not around - I judged the GRE tunnel to be much simpler to understand
than some
route filtering scheme

2. complexity - an IPsec VPN would have accomplished the same thing as the
simple GRE
tunnel but would have left the junior router gods scratching their heads if
it had
trouble while I was gone, to say nothing of the encryption tax on the link -
there are
some activities that light up the T1 for quite a while and a stand alone
26xx processor
can't handle a full DS1 worth of encrypted traffic.

3. ease of maintenance - the GRE tunnels are tied to the loopback address on
each
router and we're running OSPF as our IGP. I make it  a habit to tie VoIP,
GRE tunnels,
etc to the logical loopback - we did have a dual T1 configuration at one
branch office
for a while and it was nice to be able to change things and not worry about
making sure
the tunnel stuff was OK - it just automagically came right back in the event
of a
topology change (yes, I did the HSRP labs on a live network. So shoot me :-))

  I've found many other uses for GRE tunnels ever since I discovered
them - its so
convenient if you're off site and want to do some work - rather than jacking
up your
access lists you just 'pipe' a little bit of your private address space to
where ever
you're at and you're working like you're in the office - think telecommuting
in this
case - pretty easy to move a little bit of 10.x.x.x/8 to my house and work
from home
when I needed. Yes, its somewhat insecure in that an @home guy could see
stuff by
snooping the GRE, but it would be darned hard to exploit unless he hijacked
my public
IPs at home.





Rashid Lohiya wrote:

> Hi,
>
> Can anyone give me some reasons why anyone would want to or need to use GRE
> Tunnels
>
> Thanks
>
> Rashid Lohiya
> [EMAIL PROTECTED]
> 020 8509 2990
> 07785 362626
> www.pioneer-computers.com
> London UK
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=6178&t=6155
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIP certification - who else is doing it? [7:26605]

[Neal Rauhauser]

After completing my CCNP and CCDP about a year ago I pretty much
dropped out of the education scene, sold all of my routers, and got busy
with various radio related stuff.


  Last spring I started a wireless ISP with a couple of other guys. We
got it funded about two months ago and I found that I was doing a lot
more with Cisco, at least BGP/OSPF/802.1Q/QoS, and I started looking
over the certs to see if there was one that mostly matched what I am
doing work wise - the CCIP fits me the way the CCIE, with all of its
enterprise stuff, never will.

  I've started slowly rebuilding the lab - a 2621 with voice and ISDN,
my trusty old no serial number CiscoPro 2511 that I couldn't bear to
sell, a Cat 1924 EN, and a 7204 with four sync serial ports dropped into
my lap a couple of weeks ago. I figure I'll be back to 'full strength'
before too long - I'll probably sell the 7204 and get something
smaller/quieter.

  I don't see any "Pass the CCIP" books or any CCIP specific tests on
boson.com so I started digging into the requirements to see if the
CCNP/CCDP stuff might fit. This is what I've found so far:

   Building Scalable Cisco Internetworks (exam 640-900) is the larger of
the two core exams and it appears to be very similar to BSCN with much
added from BGP and IS-IS. I'm reading Internet Routing Architectures
again and its a lot more fun this time - I have a dual T1 CEF bundle
from Sprint, another T1 that terminates at a different Sprint router,
and a UUNet T1 that ought to be up in a few weeks - nothing like real
world application to get you to open up the book :-)

   The Multicast + QoS beta exam (exam 641-905) looks like much of the
multicasting information from the BCMSN exam and a lot of QoS stuff that
isn't covered anywhere else. I'm lucky here, too, lots of QoS stuff I
need to do on my growing network. I've had the Cisco Press IOS 12.0
Quality of Service reference book for a while, and I just got Enhanced
IP Services for Cisco Networks and the new IP Quality of Service book as
well. Hopefully reading this stuff will fill in the blanks ...


  I looked at the five possible electives - Cable, Content Networking,
METRO (optical), Security, and MPLS - MPLS is the only one that doesn't
look completely useless for a network of the size I operate. I've been
hoping they'll add a wireless specialization which would be very easy
for me after the last six months, but MPLS looks like a good second
choice - stuff I might be able to use, lab gear is not a fortune, and
there are a couple of books out. I bought MPLS and VPN Architectures
today.



  Has anyone on here completed the CCIP yet? Who is actively working on
it? I'd love to hear from others doing this - drop me a note at
mailto:[EMAIL PROTECTED]







-- 
Neal Rauhauser CCNP, CCDP   voice: 402-391-3930
http://AmericanRelay.comfax  : 402-951-6390
mailto:[EMAIL PROTECTED]  fcc  : k0bsd




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26605&t=26605
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VoIP questions? Get "Integrating Voice and Data Networks" [7:26637]

[Neal Rauhauser]

Any question you may have about Cisco VoIP is answer in the Cisco
Press book:

Integrating Voice and Data Networks
ISBN1-57870-196-1



Farhang Sharifi wrote:
> 
> Dear all,
> Does anybody have info on VoIP using Cisco platform?
> I have the following question:
> I am using an AS5300 system for VoIP termination for the traffic that is
> comming from a carrier, Now I want to add a new carrier so that both can
> send traffic simultaniously. I dont know how I sould set up the Cisco and
if
> I need additional software or hardware.
> 
> Any idea welcome.
> 
> Thank you and best regards
> Farhang Sharifi
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-391-3930
http://AmericanRelay.comfax  : 402-951-6390
mailto:[EMAIL PROTECTED]  fcc  : k0bsd




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26637&t=26637
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

bridging analog phone service with Cisco VoIP

[neal rauhauser]

  If you just want to 'bridge' analog phone service this is what you need
- private line automatic ringdown (plar) means that the connection is
established as soon as one end goes off the hook. This is a point to
point config ... if you want to get fancier than this you need to create
a dial plan.

--- router one ---

voice-port 1/0/0
 connection plar 194
!
!
dial-peer voice 194 voip
 destination-pattern 194
 codec g711ulaw
 session target ipv4:x.x.x.241
!
!
dial-peer voice 1 pots
 destination-pattern 167
 port 1/0/0

--- router two ---
voice-port 1/0/0
 connection plar 167
!
dial-peer voice 167 voip
 destination-pattern 167
 codec g711ulaw
 session target ipv4:x.x.x.245

dial-peer voice 1 pots
 destination-pattern 194
 port 1/0/0


[EMAIL PROTECTED] wrote:

> hi all,
>
> here's the network layout
>
>  x25  LL
> FRx25
> POTS 1 --- 1750 -- 4500 -- 4500  --- 4500 --- 1750
>  POTS 2
>
> how to setup the router for voice connection from both POTS ?
> thank you very much.
>
> Best Regards,
> JC
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

did I find a BGP bug?

[neal rauhauser]

   I am running a 7206VXR for our main BGP box. We're colocated with
Level 3 (AS3356) and we have ethernet to them. We have T1s to UUNet
(AS701) and Teleglobe (AS6453).

   I am running OSPF for my IGP and everything seems to be working well
there. I have a 7120 in my office that I am using for BGP experiments.
Besides what I show below it has a static route 0.0.0.0/0 to the outside
world.


When I run this config on the 7120 without the filter-list 2 I get a
full BGP table viewable via 'show ip bgp' and the routing table gets
populated with a bunch of BGP routes. When I turn on that filter-list
and do a clear ip bgp  from the 7206 and the 7120 I see the
message counter going up on the 7120 in 'show ip bgp neighbor' but the
BGP table never has anything in it.


   I chose to filter 3356 since the majority of the entries in the BGP
table on the 7206 come from there. It was my plan to trim the BGP
entries coming to an internal router down to the point where I could use
something smaller/slower (like a 2611 with 64 meg) for BGP experiments
and put the 7120 back to work.


   The 7120 is a bit warped, however, take a look at this evil 'show
ver'

ROM: System Bootstrap, Version 12.0(5r)XE, RELEASE SOFTWARE (fc1)
BOOTFLASH: EGR Software (C7100-P-M), Experimental Version
12.0(2110:181554) [otroan-thanksgiving-rel 196]

This is an IPv6 image based on 12.0. This isn't available on the web
site yet - I had to display some pretty solid groveling technique to get
it and it works fine for IPv6 stuff but its not so nice for IPv4.


Is this config valid? I've seen other weirdness with this image
related to IPv4 routing behavior besides this BGP stuff and I am really
wondering if its just the image and not my lack of skill that is causing
these BGP problems.


--- this is the 7120's relevant info ---

router bgp 12023
 no synchronization
 neighbor 209.58.21.253 remote-as 12023
 neighbor 209.58.21.253 update-source Loopback0
 neighbor 209.58.21.253 filter-list 2 in
 no auto-summary

!

ip as-path access-list 1 permit ^$
ip as-path access-list 2 deny ^(_3356)
ip as-path access-list 2 permit ^$


--- and this is the 7206

router bgp 12023
 no synchronization
 network 209.58.21.0
 neighbor 63.210.10.97 remote-as 3356
 neighbor 63.210.10.97 description Level3 Peer
 neighbor 63.210.10.97 filter-list 1 out
 neighbor 157.130.20.69 remote-as 701
 neighbor 157.130.20.69 description Order Number 17124
 neighbor 157.130.20.69 filter-list 10 in
 neighbor 157.130.20.69 filter-list 1 out
 neighbor 207.45.199.189 remote-as 6453
 neighbor 207.45.199.189 description Teleglobe Peer
 neighbor 207.45.199.189 filter-list 11 in
 neighbor 207.45.199.189 filter-list 1 out
 neighbor 209.58.21.221 remote-as 12023
 neighbor 209.58.21.221 update-source Loopback0
 neighbor 209.58.21.221 filter-list 2 in
 no auto-summary
!


--- I think this is a 'sink' so that any unallocated stuff from our
209.58.21.0/24 block
--- doesn't get looped back to the outside world ... or maybe its here
because BGP needs
--- IGP reachability before it'll advertise anything.
ip route 209.58.21.0 255.255.255.0 Null0 250

ip as-path access-list 1 permit ^$
ip as-path access-list 2 deny ^$
ip as-path access-list 10 permit ^(_701)+$
ip as-path access-list 10 deny ^(_701)+(_1239)+$
ip as-path access-list 10 deny ^(_701)+(_3561)+$
ip as-path access-list 10 deny ^(_701)+(_2041)+$
ip as-path access-list 10 deny ^(_701)+(_10753)+$
ip as-path access-list 10 deny ^(_701)+(_1)+$
ip as-path access-list 10 deny ^(_701)+(_6453)+$
ip as-path access-list 10 deny ^(_701)+(_6172)+$
ip as-path access-list 10 deny ^(_701)+(_3967)+$
ip as-path access-list 10 deny ^(_701)+(_2914)+$
ip as-path access-list 10 permit ^(_701)+_[0-9]+$
ip as-path access-list 11 permit ^(_6453)+$
ip as-path access-list 11 deny ^(_6453)+(_1239)+$
ip as-path access-list 11 deny ^(_6453)+(_3561)+$
ip as-path access-list 11 deny ^(_6453)+(_2041)+$
ip as-path access-list 11 deny ^(_6453)+(_10753)+$
ip as-path access-list 11 deny ^(_6453)+(_1)+$
ip as-path access-list 11 deny ^(_6453)+(_701)+$
ip as-path access-list 11 deny ^(_6453)+(_6172)+$
ip as-path access-list 11 deny ^(_6453)+(_3967)+$
ip as-path access-list 11 deny ^(_6453)+(_2914)+$
ip as-path access-list 11 permit ^(_6453)+_[0-9]+$

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ISDN simulator Adtran Atlas 550 (like the Atlas 800 in CCIE Study Guide)

[neal rauhauser]

 Don't know if everyone saw this or not ... I recently picked up an
evaluation Adtran Atlas 550 with a quad BRI card. This unit has the same
interface as the Atlas 800 mentioned in the Hutnik & Satterlee CCIE
Study Guide only its smaller - one PRI and 4 BRI instead of the two PRI
and eight BRI the 800 has. I played with it a bit, ran it on ebay, and
it didn't sell. I think one of those online school places is going to
take it but if anyone else is interested I think I can get more.


 Sorry for the commercial spam but not a lot of people know about
this box yet and I think maybe people are paying for Teltone's when they
could have a piece that would let them do proper ISDN dial - you really
can't experience the full  misery ^h^h^h^h^h^h^h joy of ISDN till you
have three different routers trying to talk to each other :-)

http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItem&item=386206664

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: bridging analog phone service with Cisco VoIP

[neal rauhauser]

  The voice over IP depends on the IP portion of the network working - just set
up the routers as you normally would and the voice traffic will travel just fine.



You do have a potential problem with congestion here, don't you? I am assuming
more than one type of data is using the area of the network that has the 4500s in
it.

  This will be a good chance to exercise your cisco skills? Will IP precedence on
the 1750s do the job? Do you have to set up the 4500s to handle precedence as
well? Perhaps its a job for customer/priority queueing??

  You'll have a wonderful learning experience with this ...


Janto Cin wrote:

> On Mon, 17 Jul 2000, you wrote:
>
> thanks for the attention,
> correction for network layout :
>
>   x25 LLFR x25
> POTS1  1750  4500  4500  4500  1750  POTS2
>
> can I configure the voice connection between both POTS but still use x25 for
> data ? how to configure the routers ?
> thanks.
> Janto
>
> > If you just want to 'bridge' analog phone service this is what you need
> > - private line automatic ringdown (plar) means that the connection is
> > established as soon as one end goes off the hook. This is a point to
> > point config ... if you want to get fancier than this you need to create
> > a dial plan.
> >
> > --- router one ---
> >
> > voice-port 1/0/0
> >  connection plar 194
> > !
> > !
> > dial-peer voice 194 voip
> >  destination-pattern 194
> >  codec g711ulaw
> >  session target ipv4:x.x.x.241
> > !
> > !
> > dial-peer voice 1 pots
> >  destination-pattern 167
> >  port 1/0/0
> >
> > --- router two ---
> > voice-port 1/0/0
> >  connection plar 167
> > !
> > dial-peer voice 167 voip
> >  destination-pattern 167
> >  codec g711ulaw
> >  session target ipv4:x.x.x.245
> >
> > dial-peer voice 1 pots
> >  destination-pattern 194
> >  port 1/0/0
> >
> >
> > [EMAIL PROTECTED] wrote:
> >
> > > hi all,
> > >
> > > here's the network layout
> > >
> > >  x25  LL
> > > FRx25
> > > POTS 1 --- 1750 -- 4500 -- 4500  --- 4500 --- 1750
> > >  POTS 2
> > >
> > > how to setup the router for voice connection from both POTS ?
> > > thank you very much.
> > >
> > > Best Regards,
> > > JC
> > >
> > > ___
> > > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> --
> Best Regards,
> Janto Cin
> PT Datacomm Diangraha
> Phone : 62-21-6303030 (Hunting)
> Mobile : 62-812-9102542
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Can two High density Serial ports be tied together? - YES!

[neal rauhauser]

  Someone wrote to say that you use a null HSSI which is absolutely correct.
I'd like to add that the timing setup is tricky - if you just set clock rate
you'll see CDP making it from the DCE to the DTE device but you won't be able
to establish two way communications. There is also a 'hssi dce' or something
like that which must be set.


   Not all Cisco HSSI ports are the same. I've had an easy time getting this to
work with a PA-H or PA-2H and a not so easy time getting it to go with a
CX-HIP.


rtc wrote:

>  A HSSI high density serial port is 50 pins and the size of a normal PC
> serial connector.
> We need a cale that goes  [50pinHSSI high density serial port]--- [50pinHSSI
> high density serial port]
>
> Its the only we can tie our 7513 to our other 3 routers because we cant
> afford more Ethernet Boards.
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE All-in-one (author: moron or genious?)

[neal rauhauser]

 


   It would appear that your contact with the book has so befuddled you that
you've forgotten what a paragraph is.

   You're right that there are some problems with the CCIE Lab Study Guide
but its a wonderful tool to have, all in all. I imagine the second version,
which I see is out on the shelves at Borders, goes a long way towards correcting
the deficiencies.


 I've used the book, errors and all, and I completed 70+ labs before I went
off and started inventing my own stuff.  I credit that book with getting me
through ACRC and I recommend it to anyone that is working on Cisco certs ...
wish I'd had it when I was doing the CCNA.



[EMAIL PROTECTED] wrote:

> Hey Groupies,
> Just wanted to bring up a topic that I've been pondering. About a month
> ago, me and another member on the list met up and started working on his path
> to CCIE, starting with the "CCIE All-In-One Study Guide." Any of you who have
> ever used this book have all seen the massive amounts of errors in it, from
> picture errors, config errors, and even syntax spelling errors. We are almost
> through the whole book and I must say that out of the 80 labs in the book, at
> least 75% of them have had AT LEAST a tiny glitch on the authors part. I have
> hated this for the time that I've been working in the book, until last night.
> Me and the other member were working on one of the BGP labs. First of all,
> there was a config missing for one of the routers, and for router D in the
> config there wasn't supposed to be a serial address...but of coarse in the
> picture there was one. We literally spent about 2 hours on what was supposed
> to be a 20 minute lab. I commented this and the other member said "I know,
> this is great." That's when I got to thinking. What if this author made all
> of these mistakes to teach us troubleshooting. I must admit, I have spent a
> lot of time on these labs trying to figure out what's wrong with them after
> we use what the author wants, and I even get better from it. On the way home
> last night I was thinking that maybe the book was intended to be that way and
> all of those errata's are just ruining it because it's letting people not use
> their heads. If this is NOT the case and the author didn't intend in making
> this book a troubleshooter, then maybe he is a moron. But if he did, indeed,
> write this book this way intentionally, then I have to tip my hat and say
> that he is a genius and a great teacher. Just my thoughts guys. After all,
> the second half of "the lab" is fixing what was made wrong. If this book can
> simulate that...then it is the best CCIE study guide to a certain level. Have
> a good one group,
>
> Mark Zabludovsky ~ CCNA
> [EMAIL PROTECTED]
>
> If the automobile had followed the same development as the computer, a
> Rolls-Royce would today cost $100, get a million miles per gallon, and
> explode once a year killing everyone inside.
> ~Robert Cringely, InfoWorld~
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: no access to router

[neal rauhauser]

   Sounds like you have flow control enabled on the PC port you're using to
connect to the router.



groupstudy wrote:

> too bad , i will throw my 2503 out of window ,kiding..,thanks anyway
> ElephantChild wrote in message ...
> >On Sat, 29 Jul 2000, groupstudy wrote:
> >
> >>I got a cisco 2503 . I can't get access to the console except that i
> can
> >> see the information in the terminal window but can't not type .and
> >> unfortunately I lost the telnet password and enable password.
> >
> >Do the same cable and terminal emulator work with other routers? If tey
> >do, check that the cable is properly seated and that there isn't dirt in
> >the console port on the router. If it still doesn't work, the router
> >may be set up for software flow control, or hardware flow control, or
> >none at all. Try fiddling with the flow control setup on your terminal
> >emulator and see what happens.
> >
> >If you have a null modem cable, you may also try the aux port.
> >
> >>   my question is whether doing a password recovery to this router without
> >> getting access to the console port is possible ??
> >
> >No.
> >
> >--
> >Bungee jumping and skydiving are for wimps. If you want to experience
> >true gut-wrenching terror, have children. --Dusty Rhoades.
> >
> >___
> >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> >FAQ, list archives, and subscription info: http://www.groupstudy.com
> >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >---
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

LAT - what unix terminal package to use?

[neal rauhauser]

This is somewhat off topic ... I am boning up for BCRAN in a
week or two and I am reading the stuff about protocol translation. For
those who aren't this far yet protocol translation is used for allowing
telnet, x25, and lat sessions to interoperate - LAT is nonrouteable so
its handy to be able to tunnel it over TCP/IP.


Rather than some boring reading I'd rather just hack on this a
bit and maybe get it running in my lab but I can't find a good linux LAT
client. Does anyone have a suggestion for what package to use? I do have
some FreeBSD boxes available at work as well but I am less familiar with
them. Thanks in advance.


 As an aside, I am relatively old for this certification crowd, I
attended a university that had a tight relationship with DEC, and VAX
11/780 S/N 2 (!) lived in my garage for a while as I parted it out after
Iowa State decommissioned it. I've never used LAT, I've never run a
protocol analyzer on a network with LAT, and I've never talked to anyone
that has used it. Does this stuff still exist in production anywhere in
the world? And more importantly does it ever turn up in any Cisco exam
other than one question on this BCRAN pretest?



--
"Just do the steps that you've been shown
 by everyone you've ever known
 until the dance becomes your very own" - Jackson Browne



___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

VoIP - real bandwidth used for G729R8 codec

[neal rauhauser]

I have been tinkering with a 2611 and a 2621 with voice gear and I
am tearing my hair out. I see the claimed bandwidth is 8k plus
'overhead' which the Cisco documentation seems to not want to cover in
detail ... apparently the overhead can be double the size of the data
for a total of 24k/conversation using Cisco's
best codec.

   I've been messing with various low bandwidth configurations and I can
get a solid conversastion through a 28.8 link. If I use header
compression and compress
the link itself it'll run through a 14.4k link. I need to do this for
two AS5300s fully configured with 120 voice ports in each

 I understand what RTP header compression does but I can't use it
because there are multiple hops involved and not everything is serial
links.

  Can anyone point me to some useable information about tuning this
stuff? Cisco's site and Google have proven pretty useless on this topic
... I get the feeling they don't want to talk about it.



--
"Just do the steps that you've been shown
 by everyone you've ever known
 until the dance becomes your very own" - Jackson Browne



___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: MAC Address support for c1900 series

[neal rauhauser]

   The little switches have a limited MAC address table. If you know you have a
link where they're going to see more MACs than they can hold you set it to be a
'network' port and the switch doesn't learn MACs from there. This is meant for
a large campus environment where you have a 19xx serving a workgroup.  I've
worked on some real cluster (*#&$%s over the years and I've never seen a real
world situation where this would be needed.


   I'd like to hear from anyone else if they've been in some shop of horrors
where this configuration was required.



Daniel Boutet wrote:

> I was looking at the specs and it says that it supports 1024 MAC address. My
> understanding is that it is what the CAM table will support at one time.
> But the specs also states:
>
> "Unlimited MAC addresses support on configurable network port"
>
> This, I don't get. Can anyone explain?
>
> Thanks
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associate-Announcement.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

--
"Just do the steps that you've been shown
 by everyone you've ever known
 until the dance becomes your very own" - Jackson Browne



**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ipv6 tunnels available, leads to all sorts of fun stuff

[neal rauhauser]

   I've colocated a Cisco 7120 at pensat.com and I am working with an
engineer there to get ipv6 tunnels working. I've got half a dozen set up
but we need to hit 40+ before they qualify for the next size block of
IPv6 numbers.


   IPv6 is interesting but there are some other goodies that come with
this connection as well. 

  We've got the 7120 set up with enough ram to do BGP and we'll be
turning that on shortly. I've got a 7505 with enough guts to do that job
as well and I am planning on using it to give people hands on in
something like a production BGP environment. I think the 7120 will be
accessible but only in login and not enable mode.

   I am also in the process of installing an ISDN dial lab at work that
will be accessible only via IPv6. Its got an AS5200, an Adtran TSu 600
for analog calls, an Atlas 800 to do ISDN switching, and some Cisco
1003s as clients. This should be ready within the next month or so.

   The initial config is not very difficult - you just need a CCO login
so you can get the IPv6 software for your router or I can set you up
with the 7120 image if that is your platform - its not released for beta
yet but a kind Cisco developer 'loaned' me a copy. Once you have your
software this is about all you need to get started.

! this is really all that is required besides the single default ipv6
route
interface Tunnel95
 description ipv6 link to Optimum Data Switching Lab 3ffe:b00:4007:5/64
 no ip address
 no ip directed-broadcast
 ipv6 enable
 ipv6 address 3FFE:B00:4007:C12::6/127
 tunnel source 209.58.21.221
 tunnel destination 24.3.235.22
 tunnel mode ipv6ip

  If this is something you are interested in please email me at
[EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ipv6 - doesn't have broadcast addresses

[neal rauhauser]

IPv6 uses multicasts instead of broadcasts, so unlike ipv4 where a
/31 is unuseable the /127 works just fine. I have half a dozen working
ipv6 tunnels to prove this :-)



Brad Beck wrote:
> 
> Interesting  I'm curious how you can have a /127 address, since this
> allows you only a network and broadcast, but no host bits
> 
> Am I missing something??
> 
> -Brad
> 
> Brad Beck, CCNA
> WAN Administrator
> Diva Systems
> 
> > ipv6 address 3FFE:B00:4007:C12::6/127
> 
> At 10:06 PM 5/15/00 -0500, neal rauhauser wrote:
> >   I've colocated a Cisco 7120 at pensat.com and I am working with an
> >engineer there to get ipv6 tunnels working. I've got half a dozen set up
> >but we need to hit 40+ before they qualify for the next size block of
> >IPv6 numbers.
> >
> >
> >   IPv6 is interesting but there are some other goodies that come with
> >this connection as well.
> >
> >  We've got the 7120 set up with enough ram to do BGP and we'll be
> >turning that on shortly. I've got a 7505 with enough guts to do that job
> >as well and I am planning on using it to give people hands on in
> >something like a production BGP environment. I think the 7120 will be
> >accessible but only in login and not enable mode.
> >
> >   I am also in the process of installing an ISDN dial lab at work that
> >will be accessible only via IPv6. Its got an AS5200, an Adtran TSu 600
> >for analog calls, an Atlas 800 to do ISDN switching, and some Cisco
> >1003s as clients. This should be ready within the next month or so.
> >
> >   The initial config is not very difficult - you just need a CCO login
> >so you can get the IPv6 software for your router or I can set you up
> >with the 7120 image if that is your platform - its not released for beta
> >yet but a kind Cisco developer 'loaned' me a copy. Once you have your
> >software this is about all you need to get started.
> >
> >! this is really all that is required besides the single default ipv6
> >route
> >interface Tunnel95
> > description ipv6 link to Optimum Data Switching Lab 3ffe:b00:4007:5/64
> > no ip address
> > no ip directed-broadcast
> > ipv6 enable
> > ipv6 address 3FFE:B00:4007:C12::6/127
> > tunnel source 209.58.21.221
> > tunnel destination 24.3.235.22
> > tunnel mode ipv6ip
> >
> >  If this is something you are interested in please email me at
> >[EMAIL PROTECTED]
> >
> >___
> >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> >FAQ, list archives, and subscription info: http://www.groupstudy.com
> >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

can anyone help with VoIP config?

[neal rauhauser]

   I have two VoIP capable routers I've been messing with and I am
tearing my hair out.


   We've made VoIP calls and thats no big deal but we're having trouble
with the dial plan - what I want to accomplish is this



402-391-2413 <-> Cisco 1750 /w FXO card <-- IP connection --> Cisco 1750
/w FXS <-> plain ol' phone



  when a call comes to the PSTN number it should just ring the remote
phone and when the remote phone is picked up the user should get the
dial tone from 402-391-241. I've looked at dial plan stuff until my eyes
cross and I can't figure this out - if anyone has an example config of
how to do this I'd be eternally thankful.

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: What does your home lab look like?

[neal rauhauser]

   While others have a bigger 'spread' in terms of numbers of routers I
think I have the most liberal employer in terms of letting me walk out
with expensive toys ... 

specifically at the moment

Cisco 1003s
Cisco 1750
Cisco 2511
Cisco 2513
Cisco 2516
Cisco 2521
Cisco 2523
Cisco 7120 (deployed at pensat.com for IPv6 fun)
Cisco 7505 /w vip2-40 & PA-A1-OC3-MM, CX-FEIP
Cat   2820 /w ATM OC3 card
Cat   5505 /w Sup3 NFFC2 & WS-X5155 ATM blade
Cisco LS100 ATM switch
Cisco AS5200 Access Concentrator
Adtran TSU 600 (channel bank to provide FXS to DS1 to AS5200)
Adtran Atlas 800 (communications widget ... a small ISDN switch for the
1003s)


  You can see various pictures of my setup at

http://www.optimumdata.com/ccielab


  


Louie Belt wrote:
> 
> I'd be interested to see the different configurations / equipment that
> exists in everyone's home labs.  Perhaps we could even "trade time" between
> labs to prevent us from all spending a fortune for lab equipment.
> 
> Anyone want to post a diagram of their home lab config so we can compare
> notes and setups?
> 
> Here's mine in its current form (It's still a work in progress - I need
> another Router with an ATM Module)
> 
> http://members.home.com/louieb/ciscolab.htm
> 
> Comments, suggestions, thoughts, criticisms all appreciated..
> 
> I've shown you mine, now show me yours :>
> 
> Louie
> 
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Back to Back with Internal T1 or 56k CSU/DSU

[neal rauhauser]

  For T1 make a cable using cat5 and two RJ45 ends - cross pins 1+2 to pins
4+5 and you've got your T1 crossover.


   For 56k CSU/DSUs cross 1+2 and 7+8 if I remember correctly.


Gary Alterson wrote:

> Hello all wiser than I:
>
> If I've got two 2600 series routers, both with the Internal T-1/Frac T-1
> DSU/CSU WIC, what do I need to hook them up to each other back to back?  Is
> it just a cable?  If so, which kind?  Also, can I then channelize the full
> T-1 to decrease the bandwidth available?
>
> Do I use a different cable if I need to hook up to 56k DS0 WICs instead?
>
> Thanks in advance,
> Gary
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco NP-1FE and MC3810 $500/ea [7:20574]

[Neal Rauhauser]

I apologize for the commercial spam :-(

 
  I've got an NP-1FE and an MC3810 /w 32d/8f  - I don't need 'em,
they've been hanging around for months, and my last three ebay bidders
have not paid. 


  My busy schedule and ebay frustration is your gain - I think $500 is
under market for either piece. Both are known working, 90 day guarantee,
etc, etc.


  If you want it the deal is paypal $500 + shipping and it'll go out
right away.


  There is some other misc junk down here but I don't think group
studiers would want it - a new AS5300 dual DC power supply, two
AS53-VOXD-12, a SM25-BRI-U, a MC3810 T1/E1 card, a lot of cosmetic
spares for 7505/7507 chassis, etc. If any of this sounds interesting
drop me a note ... be sure to use mailto:[EMAIL PROTECTED] - send
it to this account and you're entering mailing list purgatory :-)


-- 
Neal Rauhauser CCNP, CCDP   voice: 402-391-3930
http://AmericanRelay.comfax  : 402-951-6390
mailto:[EMAIL PROTECTED]  fcc  : k0bsd




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20574&t=20574
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Aironet Access points Range [7:23758]

[Neal Rauhauser]

The AP350 is a 100 milliwatts or +20dBm. The 'duck' antenna that
ships with the unit has 2.2dBi of gain.

  The dBi rating indicates gain over an isotropic radiator - a
theoretical perfect point radiator in free space. The 2.2 dB of gain
indicates that there is a little bit of focusing of the radiated energy
towards the horizon when the antenna is mounted vertically.

  To figure out how far out you can get a signal you'd need to know the
receive sensitivity of the client radio in use (-75dBm for 2 meg ...
this is the only rule of thumb I carry in my head) and the receive gain
of the client antenna. If you're talking to PCMCIA cards they're nasty -
essentially no gain.

  You'd need to figure the loss to find out if the observed signal at
the receiver is greater than the receive sensitivty.

  Examine this URL:

http://www.qsl.net/n9zia/wireless/

  There is a lot of information in here about 2.4 gig radio performance
and in particular there are a lot of nice equations that show how to
calculate link loss and all sorts of other stuff you need to know.


  This is a little tense for indoor use - but I've shot Aironet 342 over
a 22 mile link :-) 


IT Guy wrote:
> 
> Hi guys,
> 
> Need to clear an small confusion??
> 
> As we know Range for 350 AP at 11 mbps is 130 ft??What does it mean??
> 130 ft horizontal or vertical or both???
> 
> Thanks for removing my confusion.
> 
> _
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-391-3930
http://AmericanRelay.comfax  : 402-951-6390
mailto:[EMAIL PROTECTED]  fcc  : k0bsd




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=23825&t=23758
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Off Topic - good auction seller [7:24468]

[Neal Rauhauser]

I worked for an aftermarket dealrship (Optimum Data) - Pat McKool has
been in the business a long time (ten years? more?) and is very
respected. I've done a number of sizeable deals with him and I trust him
completely.




"Ouellette, Tim" wrote:
> 
> Chuck,
> 
> I too have dealt with Pat McKool. I was also very impressed with the
> product/service that I received.  In the event that I need to buy more
> equipment, I will definetly give Pat a call.
> 
> TIm
> 
> > -Original Message-
> > From: Chuck Larrieu [SMTP:[EMAIL PROTECTED]]
> > Sent: Monday, October 29, 2001 12:27 AM
> > To:   [EMAIL PROTECTED]
> > Subject:  Off Topic - good auction seller [7:24468]
> >
> > After some of the recent negative discussion about a particular auction
> > seller ( and thanks - it helped me avoid bidding on certain products ) I
> > thought some folks might be interested in my recent positive experience.
> >
> > Pat McKool of Market Network Solutions, was a pleasure to deal with.
> >
> > If anyone is in the market for used equipment, you might want to keep an
> > eye
> > out for this guy on That Auction Site.
> >
> > NOTE: past performance is no guarantee of future results ;->
> >
> > Chuck
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-391-3930
http://AmericanRelay.comfax  : 402-951-6390
mailto:[EMAIL PROTECTED]  fcc  : k0bsd




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=24508&t=24468
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: does BCMSN include LANE [7:56051]

[Neal Rauhauser]

I passed BCMSN almost two years ago and there wasn't a lick of LANE in
sight. 10/100/1000 ethernet and layer three switching have pretty much
slain every lick of ATM/Token Ring out there and Cisco's exams reflect
the changes in the market.

  Today I walked in to a place to do an eval and I found Cabletron
ATM+TR ... first time I've seen it in production in at least three years
and part of the deal is to yank the stuff out and replace it with
ethernet.







Aaron Ajello wrote:
> 
> I would trust the cisco web site and go with what it says is featured on
the
> exam.  From what I have seen, what it notes on the web site is accurate to
> what is on the test.
> I used 504 books to pass the 604 test, so I don't think too much changed.
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:neallist@;wispair.net fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=56113&t=56051
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco 26xx image with MPLS support? [7:57299]

[neal rauhauser]

I just heard a viscious rumor on the nanog mailing list - there are 
some images for the 26xx that support MPLS!@!@!@!@!


 
   I am mostly done with studies for the BSCI and QoS+Mcast - only 
barrier to me getting CCIP was getting my sticky little paws on routers 
that support MPLS - if there is a 26xx image that is decent I have a 
whole network I can turn to MPLS after I test it on this spare 2620 :-) 
:-) :-)


I would greatly appreciate if someone can name the image that does 
this - the fellow writing about it said 12.2.(12.6) and I am not sure 
which image/train he means.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=57299&t=57299
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

sale or trade - voice tidbits [7:57532]

[neal rauhauser]

I pulled a UBR924 and a couple of PVDM-4 voice DSPs for 1750s out of 
service last week. I am not gonna need this stuff and the guys on 
isp-equipment don't seem to want it - rather than consign it to ebay I 
thought I'd mention it here. Cash is good, other Cisco bits I can use 
are good, and I always like new books for my library ... drop me a note 
if you're interested in these things.



mailto:[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=57532&t=57532
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 802.1q trunking [7:57772]

[neal rauhauser]

DON'T TRUST THE CODE ON THE 35XX SERIES SWITCHES.



  Sorry for yelling, but its that important. I've seen repeated 
situations like this:


router  switch 1  switch 2


  With a daisy chained configuration like this I've seen multiple 
instances where a vlan that is done correctly on the router won't work 
on switch 2, even though all the links are set up for trunking. I've 
tried forcing this situation with allowed vlan configs and so forth, and 
its just a pain in the you-know-what. It seems less of a hassle with the 
most recent code, but I never go in and offer a design like that - its 
just way, way too risky. PA-FE-TX are about $500 on the aftermarket - 
have them buy you a couple for the 7206, run lines to the switches, and 
handle each one as an individual connection.




Kris Waters wrote:

>Everyone,
>
>Let me explain what I am trying to do. My main building was set up years ago
>with a Class C address scheme. I need to change this for a number of reasons
>and am planning to move it to a 10.X.X.X scheme. I would like to do this on
>a gradual basis.
>
>My building contains the following equipment:
>
>7206VXR router that does internal routing. I have one FastEthernet port on
>this router.
>
>One Catalyst 4006 (Sup2, set based code) switch on the third floor. Both
>these devices run the latest code.
>
>The first and second floors have Catalyst 3500 switches with fiber between
>floors. A VTP domain is set up between the 3 switches.
>
>It was suggested to me to put 3 subinterfaces on the fastethernet port on
>the router and then trunk them to the switch (or switches). I'm not quite
>sure of the best way to go about doing this. I've read numerous tac
>articles, but a little more guidance would be greatly appreciated.
>
>Here is a sample of the code I used on the 7206 to create the subinterfaces:
>interface FastEthernet0/0.1
> encapsulation dot1Q 111
> ip address 10.50.1.1 255.255.255.0
>
>What do I do now? The router is plugged directly into port 4/10 on the 4006.
>Do I create a VLAN 111 on the 4006? Any replies can be copies directly to me
>at [EMAIL PROTECTED] as well as to the board.
>
>TIA
>Kris




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=57795&t=57772
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cat 5000 ram [7:49643]

[Neal Rauhauser]

Steal it out of a 2500 you're not using :-) Its the same stuff.



Symon Thurlow wrote:
> 
> Hey guys,
> 
> Anyone have a good source for CAT5K SUP1 Ram?
> 
> Thanks,
> 
> Symon
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"This is my private email devoted to various mailing lists. If you're
a twerp with an attorney and someone else's money, don't bother my
employer about the things I say, just come see me personally and we'll
discuss the situation. No names, you twerps should know who you are".




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=49655&t=49643
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCNP Please Clarify. [7:49826]

[Neal Rauhauser]

Shravan,

  I got my CCNP and CCDP 12/2000. I suggest you get the following:


 Hutnik & Satterlee's Cisco CCIE Lab Study Guide - there are 119 hands
on labs in this book and you will easily pass the routing and
troubleshooting if you do all of them.

 Andrew Bruce Caslow Cisco Certification Bridges, Routers, and Switches
for CCIEs

 You must have hands on time with ISDN. There is no way around it. Buy
two Cisco 2503s and share a single ISDN line between them if you're
poor, get an Adtran Atlas 550 and a couple of ISDN routers if you're
rich. You might be able to do this work with a simulator - I worked for
a reseller so I had all the equipment I needed.


Neal

Shravan Bellal wrote:
> 
> Hi All,
> 
> Today only I subscribed to this mail ID. Its so nice to talk with all
Cisco
> Experts. I started preparing CCNP (2.0) routing exam. I have Cisco CCNP
exam
> certification Kit. Is this material is sufficient for CCNP Routing exam or
> any other good material for this exam. Also please let me know any good
> sites for exam preparation (sample test questions).
> 
> I passed CCNA 1.0 in Dec 1999. Is I am eligible to write CCNP 2.0?
> 
> If yes what is the dead line for me to complete CCNP.
> 
> I would be appreciating if any one clarifies my doubts.
> 
> Thanks
> 
> Shravan
> 
> 
> 
> -----
> Do You Yahoo!?
> Yahoo! Health - Feel better, live better
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"This is my private email devoted to various mailing lists. If you're
a twerp with an attorney and someone else's money, don't bother my
employer about the things I say, just come see me personally and we'll
discuss the situation. No names, you twerps should know who you are".




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=49906&t=49826
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Any VoIP compatibility issues between MC38010 & 1750? [7:49968]

[Neal Rauhauser]

I've used 1750 to talk to AS5300, 26xx to talk to AS5300, 26xx to talk
to 72xx /w PA-VXC-2TE1, MC3810 to talk to 72xx, etc, etc.


  The thing to watch is the codec support on the image you're running -
711 is always there, 723 is next most likely, variations of 729 can
appear and give you trouble. You can use 'debug voip ccapi inout' but
I've never cared for the results - very, very verbose output.


Dimitrije wrote:
> 
> Can one run VoIP over a WAN between different router families such as an
> MC38010
> and a 1750?  Is this a no brainer or are there some subtle issues here that
> require awareness?
> 
> Specifically, are there compatibility issues running VoIP between an
MC38010
> with an FXO module running IOS 12.1.14 IP Plus, and a 1750 with an FXS
module
> running 12.1.14 IP Voice Plus?
> 
> thanks
> dj
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"This is my private email devoted to various mailing lists. If you're
a twerp with an attorney and someone else's money, don't bother my
employer about the things I say, just come see me personally and we'll
discuss the situation. No names, you twerps should know who you are".




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=49968&t=49968
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: FW: Cisco Aironet 350 Series Bridges Incompatible with 340 [7:50056]

[Neal Rauhauser]

This is not entirely true. I've had 34x bridges talking to 352 bridges
in stable configurations for long periods of time.

 Note that I wouldn't recommend this in the real world ... I got it done
by accident one day, not knowing any better.

Daniel Cotts wrote:
> 
> FYI I'm resending info provided by a Cisco Channel Partner SE.
> 
> "Cisco Aironet 340 and 350 Series Bridges can be connected to the same LAN
> segments, but they cannot communicate
> wirelessly. Although you can disable STP on non-root 350 series bridges,
350
> and 340 series bridges are not designed to
> interoperate. If you use both 340 and 350 series bridges on your network,
> make sure the 340 series bridges have radio bridge
> links only to other 340 series bridges, and that 350 series bridges have
> radio bridge links only to other 350 series bridges."
> 
> Watch the wrap:
> 
>
http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/accsspts/a
> p350rn/rn1121.htm#xtocid14
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"This is my private email devoted to various mailing lists. If you're
a twerp with an attorney and someone else's money, don't bother my
employer about the things I say, just come see me personally and we'll
discuss the situation. No names, you twerps should know who you are".




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50056&t=50056
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

horse trade: UBR 924 for wireless stuff? [7:50080]

[Neal Rauhauser]

I've got this UBR924 (ethernet, cable, two FXS voice ports) that I
haven't used in a long time. I'm considering ebaying it, but I'd rather
get a BR/AP/WGB35x in exchange. Anyone interested?


-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"This is my private email devoted to various mailing lists. If you're
a twerp with an attorney and someone else's money, don't bother my
employer about the things I say, just come see me personally and we'll
discuss the situation. No names, you twerps should know who you are".




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50080&t=50080
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: aironet wireless lan [7:50153]

[Neal Rauhauser]

What code is on the AP1200?

  This is par for the course on WGB352, haven't heard of APs doing this
yet, but I don't have any 1200s in my network.


 You might see 11.07 (old), maybe 11.21 would be better since 802.1x is
mostly finished in it, I think I saw 11.40 scroll on the screen on the
one 1200 I've handled.



"neil K." wrote:
> 
> Hi All,
> 
> Recently Installed Aironet 1200 series based wireless LAN,with cisco LEAP
> authentication.Now the network works for a couple of days and then doesn't
> until I reboot the Access Points or the Cisco 3524-PWR-XL series switch
from
> which the access points are powered.
> Has anybody faced problem like this.
> Any help will be highly appreciated.
> 
> Neil
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"This is my private email devoted to various mailing lists. If you're
a twerp with an attorney and someone else's money, don't bother my
employer about the things I say, just come see me personally and we'll
discuss the situation. No names, you twerps should know who you are".




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50219&t=50153
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

a thing of beauty (12.2T BGP chaos) [7:50531]

[Neal Rauhauser]

I am getting nipped by this today, and its more than just VPN that is
affected. Latest 12.2.8T5, too :-(


CSCdw84776

   When a customer edge (CE) router advertises a route that contains the
provider edge (PE)-CE
   link, the PE router fails to install this route to the virtual
private network routing/forwarding
   instance (VRF) because the route is already registered in the VRF as
a connected route. If the
   connected route is learned from the redistribution of connected
routes to the Border Gateway
   Protocol (BGP) through the external Border Gateway Protocol (eBGP),
the BGP on the PE
   router marks the route with Routing Information Base (RIB) failure
and prevents the route from
   being advertised to other peer internal Border Gateway Protocol
(iBGP) PE routers. This
   behavior causes a loss of connectivity from the local connected route
to the remote sites. 

   Workaround: Source the route on the PE router. Do not allow the CE
router to advertise the
   route that connects the PE and the CE routers. This condition does
not occur if eBGP is not
   configured between the CE and PE routers and if a routing protocol
such as the VRF, Interior
   Gateway Protocol (IGP), Open Shortest Path First (OSPF), or Routing
Information Protocol
   (RIP) is used. 
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"This is my private email devoted to various mailing lists. If you're
a twerp with an attorney and someone else's money, don't bother my
employer about the things I say, just come see me personally and we'll
discuss the situation. No names, you twerps should know who you are".




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50531&t=50531
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP: RIB-failure [7:50593]

[Neal Rauhauser]

What is the RIB-failure listed as a Status below? This was taken from
a router that runs one EBGP and two IBGP sessions. Some of the internal
routes come from two IBGP peers. The IBGP peers are pretty near
identical in config, each presenting a single /24, one makes it, the
other fails. By failure I mean the route shows up with a leading 'r' and
it doesn't get presented to the EBGP peer, thusly the block doesn't make
it to global BGP table.

 I'd be perfectly happy if someone could define RIB-failure for me ...
cisco.com is strangely quiet on the topic.

BGP table version is 94, local router ID is 63.170.237.254
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal,
  r RIB-failure
Origin codes: i - IGP, e - EGP, ? - incomplete
 
   Network  Next HopMetric LocPrf Weight Path
*> 12.36.200.0/23   12.22.183.1930 0 20333 i
*> 12.36.210.0/23   12.22.183.1930 0 20333 i
*> 12.108.204.0/22  12.22.183.1930 0 20333 i
*> 12.108.206.0/24  0.0.0.0  0 32768 i
*> 12.108.207.0/24  12.108.207.150  20 32768 i
* i 63.170.238.254   0100  0 i
*> 63.170.237.0/24  0.0.0.0  0 32768 i
* i63.170.238.0/24  63.170.238.254   0100  0 i
*>  12.108.207.150  20 32768 i
*>i63.170.239.0/24  63.170.239.254   0100  0 i

-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"This is my private email devoted to various mailing lists. If you're
a twerp with an attorney and someone else's money, don't bother my
employer about the things I say, just come see me personally and we'll
discuss the situation. No names, you twerps should know who you are".




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=50593&t=50593
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix logging to a Freebsd syslog server [7:51124]

[Neal Rauhauser]

The Cisco logging facility on a router uses a random high port as the
source for the syslog packets. I assume the PIX is the same since you're
having trouble. The FreeBSD syslogd expects the packets to be sourced
from port 514. You can try the flag that supposedly allows syslogd to
take random source ports, but it doesn't work :-(

  I'd strongly suggest you do what I did - just modify the syslogd
source so it doesn't check source port, compile it, then install.

  If that is beyond your C programming skills drop me a note and I can
email you the bungholed syslogd.c file and you can take it from there.

 

Elijah Savage III wrote:
> 
> Can anyone help me out with a PIX logging to a Freebsd syslog server. I
> thought I was sure about setting this up but I am not getting any
> messages on the server, see my configs below.
> 
> logging on
> 
> logging timestamp
> 
> logging trap debugging
> 
> logging facility 23
> 
> logging host inside 192.168.11.4
> 
> FreeBSD
> 
> local7.debug/var/log/cisco.all
> 
> I also startes syslogd with these parameters
> 
> 29612  ??  Ss 0:00.03 syslogd -a 192.168.11.2/255.255.255.0
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"This is my private email devoted to various mailing lists. If you're
a twerp with an attorney and someone else's money, don't bother my
employer about the things I say, just come see me personally and we'll
discuss the situation. No names, you twerps should know who you are".




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=51131&t=51124
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

break via reverse telnet [7:51192]

[Neal Rauhauser]

How do I send a break via reverse telnet? I've never figured this one
out and I've got a situation now were this would be really handy to do. 



-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=51192&t=51192
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

scariest IOS image name [7:51251]

[Neal Rauhauser]

Yes, this is a real image that I downloaded for real work - can anyone
top it?

c1700-bk8no3r2sy7-mz.122-8.T5.bin

-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=51251&t=51251
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: RIB Failure in BGP table ? [7:51720]

[Neal Rauhauser]

Which IOS image are you running?

  This is very likely a bug - how are the routers learned via IGP? Try
setting the distance on the learned routes to 201 and see if that
doesn't clear the problem.




shiju joseph wrote:
> 
> Hi,
> 
> Whille playing with BGP synchronization, I am
> seeing one route learned from iBGP to get marked as
> "r>i150.0.0.0/24". Any idea what is causing this ?
> 
> R1  R2  R3  R4
> Route is synchronized.
> 
> ===
> BGP table version is 6, local router ID is 101.0.0.1
> Status codes: s suppressed, d damped, h history, * valid, > best, i -
> internal,
>   r RIB-failure
> Origin codes: i - IGP, e - EGP, ? - incomplete
> 
>Network  Next HopMetric LocPrf Weight Path
> *> 140.0.0.0100.5.0.20 0 200 i
> r>i150.0.1.0/24 100.6.0.20100  0 300 i
> ===
> 
> Thanks
> Joseph
> 
> ----
> Join Excite! - http://www.excite.com
> The most personalized portal on the Web!
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=51735&t=51720
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

becoming a CCSI? [7:52437]

[Neal Rauhauser]

I just got back in town after a week on the road delivering BCRAN - my
first time teaching. The venue was not a Cisco learning partner, no
official materials, etc, etc, but I think there is a lot of promise in
expanding the business and I'd like to do it up right.

 Cisco's web site is strangely quiet on the topic - I did find this one
URL below with google - can anyone initiate me into the mysteries of
CCSI? How much does it cost for the test? What are the requirements for
a 'learning partner'???


 http://64.139.25.96/Internal/CCSICert.htm


Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=52437&t=52437
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BGP verification(long)(real world)(access available) [7:52500]

[Neal Rauhauser]

xpect but I've been wrestling with this
for a while and I can't figure out how to confirm operation without
involving someone else. 

  I've also poked around in RADB.NET and I see that Level3 has kindly
proxy registered my subnets and AS20333's subnets since I haven't taken
the time to get AS20333/AS25943 a proper RADB login. This is the best
proof I have that the config is working globally.



 So, there it is in a rather large nutshell - my first carrier BGP job
and I feeling a bit overwhelmed by the whole business - anyone got any
helpful suggestions?





-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=52500&t=52500
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP verification(long)(real world)(access available) [7:52507]

[Neal Rauhauser]

This is part of the problem - no entries in radb.net except for the
proxy stuff done by Level3 to help 'those crazy Sprint folks'.

  I tried to get RAToolset running on fbsd4.0 and failed miserably.
Maybe it'll be more fun with 4.6-stable.

  Thanks for the tip ...

"[EMAIL PROTECTED]" wrote:
> 
> Sorry for weird formatting if any...Comcast (my connectivity provider)'s
> SMTP
> servers have been down for over 48 hours, and I'm having to go through a
web
> interface to mail.
> 
> As a start on nondestructive testing, consider the RAtoolset. 
PRtraceroute,
> which compares a traceroute with IRR policy, is a good start. It's
freeware,
> but you need to compile the C++ on a UNIX box. There may be some looking
> glasses that make it available -- I'd hunt around at ISI.edu and merit.edu
> as a
> start.
> 
> http://www.isi.edu/ra/RAToolSet
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=52507&t=52507
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP verification(long)(real world)(access available) [7:52540]

[Neal Rauhauser]

Peter,

   Your response was dead on for what I need - comments inline.

> 
> To begin with, keep in mind that bgp routers only reflect best
> paths.  Hence, all your prepend stuff will generally not be visible on

  This had escaped me - I never noticed it working from a single AS
perspective, even though its in Halabi - something I found in that book
only after I'd been bitten by it.

> distant route servers which should only see the optimal paths.  If you are
> doing primary/secondary type prepending, you'll only see the primary in
> most cases (except those where a looking glass happens to be far enough
> away from one side that the primary and secondary end up with equal length
> as-paths and the route server posts both).

  This explains why I only see a couple of prepend paths in an entire
show ip bgp from a major carrier - just a few of them getting lucky and
being the same length.

> 
> Anyway, the short answer is that it is tough to see prepended announcements
> beyond looking at your rib outs.  It is further tougher to see what gets
> prepended as cisco has this nasty habit of showing you a pre policy rib-out
> (via show ip bgp neigh x/x advertised-routes)

  This (show ip bg ne advertised-routes) is also something I had never
used - I just always trusted the route servers for that sort of
information. Makes things much clearer.

> 
> Route server wise, route-server.ip.att.net I'm sure you've found.  701 does
> not maintain one and I am pretty sure sprint doesn't either.  It would be
> really nice if they did :)  Lost of ppl have told them this.

 I found 7018's route server, Sprint and UUNet must be pestered each
time you want to know what is going on inside them, and another fellow
from this list told me about this thing - its *very* handy - kind of
like what AT&T provides only with views to a large (100+) number of
ASes.

--- IMPORTANT ---

telnet route-views.oregon-ix.net

--- IMPORTANT ---




> 
> Troubleshooting wise, I have been bitten by ATT's policy of matching
> distribute-lists in's (routes accepted via whatever cisco means they chose)
> with ip access-group ins.  In some cases, they'll take the route, but not
> the traffic.  This can be a major pain to find until you get used to their
> doing that (source verification for dos/ddos prevention)


   I found this one early on in the game. I love how accessible their
tech support is, too - I have enable on one of their peers, the peer has
me entered as an official maintainer, and they're still nearly useless.
I must say that they don't suck as badly as XO/Concentric's support, but
its close.

> 
> Solution wise, I would tend to be destructive during a maint window to
> ensure that both control and forwarding work, and beyond that, ping your
> transit providers for shots of their rib-in from you, along with a shot of
> your routes as they see them.  You likely did this already and are troubled
> that you read this much only to find out that you did it all already :)


  I am thinking a spare Cisco 1750 somewhere on net, peered with both
ASes using ebgp multihop and a private AS might just be a good solution
- apply same policies to it that I apply at the borders of the other
networks and see what comes from it.


> 
> At 12:17 AM 9/2/2002 +, Neal Rauhauser wrote:
> >I'll start this out by saying that I'm frustrated enough with the
> >final verification of this thing to publish the running configs of all
> >relevant routers, provide shell access to production boxes, and to set
> >up an open 48 meg 1750 inside AS 25943 with IBGP sessions to all routers
> >involved. I *think* its running as intended - I'm having trouble with
> >verification of my policies - this is my first 'carrier class' network.
> >
> >   BGP layout is like so - I own 25943 and I have admin control of the
> >20333 routers:
> >
> >AS701AS20333AS25943AS25943AS25943AS1239
> >AS7018--^
> >
> >
> >  AS20333 (Exanium) gets service from AT&T(AS7018) and UUNet(AS701) on a
> >128 meg Cisco box taking full routes. The AS25943/AS1239 connecting
> >point is also a 128 meg box taking full routes. The internal routers in
> >AS25943 are all 64 meg 26xx, including the machine at the
> >AS20333/AS25943 peering point. The diagram is somewhat simplified - I
> >show one purely internal AS25943 router when there are actually two now
> >and another two being commissioned within the next thirty days. These
> >other boxes are actually leaf nodes from the internal AS25943 box
> >pictured - it sits at the center of a star topology.
> >
> >   Geographically it is somewhat complex also - the AS20333 router and
> >its AS25943 peer are within 12' 

which image for IS-IS? [7:52560]

[Neal Rauhauser]

I just did a quick look around my network and 'clns routing' doesn't
seem to work on any of the routers (16xx, 17xx, 26xx) I have in
operation. Is there a particular image train one needs to run or some
trick to getting ISIS working?



-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=52560&t=52560
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

wanted: old school IPv6 beta images [7:52561]

[Neal Rauhauser]

There are some old IPv6 beta images running around out there that have
crazy stuff like OSPF/BGP in the image for the Cisco 1000 series routers
- anyone got this stuff lying around? I just dusted off a 1003 and I'd
like it to do more than just access duty in the lab.


-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=52561&t=52561
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

BSCI - are boson.com exams good? [7:52574]

[Neal Rauhauser]

I used nothing but Boson.com exams when I was getting my CCNP two
years ago. Now I have started to work on the BSCI exam towards my CCIP
and I don't see a lot different in the BSCI pretest from what was needed
for BSCN.

  Can someone who has passed the BSCI comment on this? I've studied less
than twenty hours in the last month, after two years of ignoring all
BSCI issues except BGP/OSPF which I use for work, and I'm surprised that
these tests are telling me I'm nearly ready to go.




-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=52574&t=52574
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BCMSN study material [7:52501]

[Neal Rauhauser]

I finished BCMSN 12/2000 and I used almost nothing but the Cisco Press
BCMSN book. I did have hands on with cat1900/2900/5500 in large
operations though, but only L2 features in 5500.

 I found the Boson exams to be an excellent gauge of my readiness -
http://www.boson.com


puro prasad wrote:
> 
> Hi,
> I am using cisco press BCMSN coursebook authored by Karen Webb. how good is
> this book? do i need to go for anything else other than this one so as to
> get through the switching exam?
> 
> Also I would like to know about any WAN switching exams (IGX platform)
> offered by cisco currently.
> 
> Thanx
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=52503&t=52501
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Help needed on Cisco MC3810 [7:52657]

[Neal Rauhauser]

Its like a 2501 in terms of interfaces for the base chassis, so if its
cheap, go for it.

 I can do VoIP, VoFR, etc, if it has DSPs and voice interface cards in
it.

 They're cool. Take it!


H wrote:
> 
> Hello,
> 
> Does anyone had any experience on Cisco MC3810?   Is it useful for CCIE lab
> preparation?? The reason I am asking is because someone offered me a 2nd
> hand MC3810, but I just wasn't sure whether I will need it or not.
> 
> Any help or comments would be greatly appreciated.
> 
> Best Regards,
> H.
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=52661&t=52657
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 1601 R AUI & Ethernet ports ... [7:52820]

[Neal Rauhauser]

Its there to allow you to feed the unit with fiber, or to place it on
an old thicknet run, or some other location where you had a 25xx /w
transceiver.

  If you want dual ethernet you buy a 1605, if you just need two
ethernet ports you can place two 1601s back to back with a crossover
cable and get the job done. If you're not worried about speed you can
use a rollover RJ45 and connect AUX ports and run PPP ... but there are
no aux on 16xx.



Paul wrote:
> 
> Hi  Quick question to you all 
> 
> I have a 1601, with 1 serial interface, 1 ethernet interface, 1 console
> port, 1 AUI interface. I also have a transceiver. Is there anyway that I
can
> create a secone 'ethernet interface' by utilising either the AUI or the
> console port 
> 
> I have looked on the cisco website and also books that I have ... But I
> cannot find any documentation anywhere  If I can't use the AUI port as
> another ethernet port .. then what is the purpose of this interface 
> 
> Regards
> 
> Paul ...
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=52824&t=52820
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

IPsec - what is wrong with this config? [7:52865]

[Neal Rauhauser]

I have two 1750s sharing an ethernet hub - just trying to get IPsec on
a tunnel between ethernet interfaces and I am having trouble. This
config seems close but I don't know what to do next


Here is the error I am getting when I try to ping the opposite end of
the tunnel

01:05:29: ISAKMP (0:1): retransmitting phase 1 MM_NO_STATE...
01:05:29: ISAKMP (0:1): incrementing error counter on sa: retransmit
phase 1
01:05:29: ISAKMP (1): sending packet to 192.168.6.50 (I) MM_NO_STATE.

-- this router is at the bottom of a three router stack
crypto isakmp policy 1
 authentication pre-share
crypto isakmp key duh address 192.168.6.51
!
!
crypto ipsec transform-set MIDDLE ah-sha-hmac esp-des
!
crypto key pubkey-chain rsa
 named-key middle
  key-string
   305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00D081DF
26BC7013
   448EA3D2 5C0853FA E0E01770 06D6C4FE A57B165A 4BC25F0E 5FD517B1
12EEA345
   8C9CC44E DCDC705E AB6327F9 81868B14 CB2294F1 304611A2 A7020301 0001
  quit
 addressed-key 192.168.6.51
  address 192.168.6.51
  key-string
   305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00D081DF
26BC7013
   448EA3D2 5C0853FA E0E01770 06D6C4FE A57B165A 4BC25F0E 5FD517B1
12EEA345
   8C9CC44E DCDC705E AB6327F9 81868B14 CB2294F1 304611A2 A7020301 0001
  quit
 !
 crypto map MIDDLE2 local-address Tunnel0
 crypto map MIDDLE2 10 ipsec-isakmp
 set peer 192.168.6.51
 set transform-set MIDDLE
 match address middle

interface Tunnel0
 ip address 192.168.6.50 255.255.255.0
 tunnel source 192.168.1.50
 tunnel destination 192.168.1.51
 tunnel mode ipip
 crypto map MIDDLE2
!
interface FastEthernet0
 ip address 192.168.1.50 255.255.255.0
 speed auto


--- this router is in the middle of a three router stack

crypto isakmp policy 1
 authentication pre-share
crypto isakmp key duh address 192.168.6.50
!
!
crypto ipsec transform-set BOTTOM ah-sha-hmac esp-des
!
crypto key pubkey-chain rsa
 named-key bottom
  key-string
   305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00B941FA
8C44F60C
   76199B3E DADDA933 F5EA1118 9F9410B0 E097836F 166FDC84 3FD06FA0
338E77AE
   F32142F4 D750F4F0 31844B70 099DD8B2 6F8753D7 70BD2BBA 03020301 0001
  quit
 addressed-key 192.168.1.50
  address 192.168.1.50
  key-string
   305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00B941FA
8C44F60C
   76199B3E DADDA933 F5EA1118 9F9410B0 E097836F 166FDC84 3FD06FA0
338E77AE
   F32142F4 D750F4F0 31844B70 099DD8B2 6F8753D7 70BD2BBA 03020301 0001
  quit
 !
 crypto map BOTTOM2 local-address Tunnel0
 crypto map BOTTOM2 10 ipsec-isakmp
 set peer 192.168.6.50
 set transform-set BOTTOM
 match address bottom
interface Tunnel0
 ip address 192.168.6.51 255.255.255.0
 tunnel source 192.168.1.51
 tunnel destination 192.168.1.50
 tunnel mode ipip
 crypto map BOTTOM2
!
interface Serial0
 ip address 192.168.3.1 255.255.255.0
 clockrate 100
!
interface FastEthernet0
 ip address 192.168.1.51 255.255.255.0
 speed auto




-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=52865&t=52865
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IPsec - what is wrong with this config? [7:52865]

[Neal Rauhauser]

Since I want the crypto to flow over a tunnel that is where I placed
the crypto maps. I realize that Fa0 on these two machines is the same
subnet, but it won't be when I place one of them in Omaha and the other
in Houston - hence the tunnel structure.

 I found the IPsec stuff in the Hutnik & Satterlee  CCIE Lab Study
Guide(cool book!) after I learned to do it the hard way - my config
appears correct but doesn't work. I removed the startup-config and I'm
going to go at it from scratch later today.



Nigel Taylor wrote:
> 
> Neal,
>  I you'll also need to have the crypto maps added to the physical
> interface through which the tunnels are built.  Paste a copy of the
complete
> configs without the debug output.   However, what I noted seems to be the
> only thing that stands out! Watch the word wrap...
> 
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/secur
> _c/scprt4/scipsec.htm#xtocid2141729
> 
> HTH
> Nigel
> 
> - Original Message -
> From: "Neal Rauhauser"
> To:
> Sent: Saturday, September 07, 2002 7:41 PM
> Subject: IPsec - what is wrong with this config? [7:52865]
> 
> > I have two 1750s sharing an ethernet hub - just trying to get IPsec on
> > a tunnel between ethernet interfaces and I am having trouble. This
> > config seems close but I don't know what to do next
> >
> >
> > Here is the error I am getting when I try to ping the opposite end of
> > the tunnel
> >
> > 01:05:29: ISAKMP (0:1): retransmitting phase 1 MM_NO_STATE...
> > 01:05:29: ISAKMP (0:1): incrementing error counter on sa: retransmit
> > phase 1
> > 01:05:29: ISAKMP (1): sending packet to 192.168.6.50 (I) MM_NO_STATE.
> >
> > -- this router is at the bottom of a three router stack
> > crypto isakmp policy 1
> >  authentication pre-share
> > crypto isakmp key duh address 192.168.6.51
> > !
> > !
> > crypto ipsec transform-set MIDDLE ah-sha-hmac esp-des
> > !
> > crypto key pubkey-chain rsa
> >  named-key middle
> >   key-string
> >305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00D081DF
> > 26BC7013
> >448EA3D2 5C0853FA E0E01770 06D6C4FE A57B165A 4BC25F0E 5FD517B1
> > 12EEA345
> >8C9CC44E DCDC705E AB6327F9 81868B14 CB2294F1 304611A2 A7020301 0001
> >   quit
> >  addressed-key 192.168.6.51
> >   address 192.168.6.51
> >   key-string
> >305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00D081DF
> > 26BC7013
> >448EA3D2 5C0853FA E0E01770 06D6C4FE A57B165A 4BC25F0E 5FD517B1
> > 12EEA345
> >8C9CC44E DCDC705E AB6327F9 81868B14 CB2294F1 304611A2 A7020301 0001
> >   quit
> >  !
> >  crypto map MIDDLE2 local-address Tunnel0
> >  crypto map MIDDLE2 10 ipsec-isakmp
> >  set peer 192.168.6.51
> >  set transform-set MIDDLE
> >  match address middle
> >
> > interface Tunnel0
> >  ip address 192.168.6.50 255.255.255.0
> >  tunnel source 192.168.1.50
> >  tunnel destination 192.168.1.51
> >  tunnel mode ipip
> >  crypto map MIDDLE2
> > !
> > interface FastEthernet0
> >  ip address 192.168.1.50 255.255.255.0
> >  speed auto
> >
> >
> > --- this router is in the middle of a three router stack
> >
> > crypto isakmp policy 1
> >  authentication pre-share
> > crypto isakmp key duh address 192.168.6.50
> > !
> > !
> > crypto ipsec transform-set BOTTOM ah-sha-hmac esp-des
> > !
> > crypto key pubkey-chain rsa
> >  named-key bottom
> >   key-string
> >305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00B941FA
> > 8C44F60C
> >76199B3E DADDA933 F5EA1118 9F9410B0 E097836F 166FDC84 3FD06FA0
> > 338E77AE
> >F32142F4 D750F4F0 31844B70 099DD8B2 6F8753D7 70BD2BBA 03020301 0001
> >   quit
> >  addressed-key 192.168.1.50
> >   address 192.168.1.50
> >   key-string
> >305C300D 06092A86 4886F70D 01010105 00034B00 30480241 00B941FA
> > 8C44F60C
> >76199B3E DADDA933 F5EA1118 9F9410B0 E097836F 166FDC84 3FD06FA0
> > 338E77AE
> >F32142F4 D750F4F0 31844B70 099DD8B2 6F8753D7 70BD2BBA 03020301 0001
> >   quit
> >  !
> >  crypto map BOTTOM2 local-address Tunnel0
> >  crypto map BOTTOM2 10 ipsec-isakmp
> >  set peer 192.168.6.50
> >  set transform-set BOTTOM
> >  match address bottom
> > interface Tunnel0
> >  ip address 192.168.6.51 255.255.255.0
> >  tunnel source 192.168.1.51
> >  tunnel destination 192.168.1.50
> >  tunnel mode ipip
> >  crypto map BOTTOM2
> > !
> > interface Serial0
> &g

Re: Cisco Serials and Theft [7:53574]

[Neal Rauhauser]

Let me firmly advise you against talking to Cisco about stolen
equipment.

  There is a huge theft ring operating in the Bay area right now -
mostly they defraud honest broker/dealers with dumpster grade gear but
they have previously been involved in a variety of corruption - drugs
for hot equipment from janitorial staff, cash under the table to Cisco
employees at the Brennan(sp?) facility, faulty  unserialized gear
leaking from destruction facilties, and big time freight theft - 53'
trailers & associated semis just vanishing from Cisco storage lots.

  There was a $5 * MEG freight theft from Netro last year which led to
the breakup of the Roohparvar brothers money laundering operation in San
Jose and a variety of other scumbags going on extended state sponsored
vacations. I see the names Buompenserio, Bochinni, etc on the detailed
criminal complaint in connection with the Netro freight theft and
freight capers are usually mafia territory ...




  I advise you to *not* talk to Cisco because I made this mistake in
1999 after purchashing a piece of equipment from one of the little
weasels out there. I called the FBI on them after a $9700 loss but I
contacted  the authorities three days after they'd nabbed the guy
responsible for one of the semi thefts. I knew I wasn't getting my money
back but I'd hoped to at least see the perp punished - instead I got
implicated in their shenanigans.


 If your source isn't in the Bay area itself, and the prices are near
what is being charged on ebay, and you know they guy, you're probably
OK. If you want to talk in private that is cool also - I'll share names
of known losers you should avoid :-)



John Wright wrote:
> 
> Hi guys,
> 
> Just found this group and it looks like a great resource for Cisco
> certification misc. questions. I'm CCNP and have passed CCIE written.
> 
> My question is this: an aquaintance has offered me some really good
> equipment that I could really use to study for the CCIE, at really low
prices.
> 
> I don't know the guy very well, he seems legit, but is there any way to
> check the serials on the equipment to see if its stolen? I don't want to
> possess stolen equipment, and I definitely don't want to find that out
> when/if I sell it after I pass the Lab. Thanks for any and all advice--
> 
> John
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=53633&t=53574
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

would you attend a two day basics class? [7:54631]

[Neal Rauhauser]

Would you guys attend a two day, hands on basics class for Cisco
routers?


  I own an internet provider and starting tomorrow morning I am teaching
a two day class for our installers and one enterprise customer. Topics
covered would be more productivity focused than theory - ie these are
the top ten things you'll have to do on basic installs and we're going
to touch each one from the customer and provider side so you guys
understand what you're doing.


  This first thing kind of sprung up under my feet due to the enterprise
customer wanting to get comfortable with their new four location VPN and
the rest are tagging along - I am wondering if this is something I could
put a little polish to and then offer to the masses. We're charging the
attendees $500 for the two days - do you guys think something like this
would fly as a regular offering via a community college, local computer
store, etc???






-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54631&t=54631
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCNP Help [7:54623]

[Neal Rauhauser]

Get the Caslow CCIE book and the Hutnik & Satterlee CCIE Lab Study
Guide (119 hands on labs) as a minimum.

  The McGraw Hill Cisco Access Lists Field Guide is pretty good, you
need the official Cisco Press BCMSN book for switching, the BCRAN book
has some fluff but it does parallel the exam pretty closely.

  I used the http://www.boson.com exams for prep and I found them to be
dead on for all four exams.

  
  To handle 75% of the Hutnik & Satterlee labs you'll need a router with
four serial ports to serve as a frame relay switch, two other routers
with at least one serial port, and some sort of ISDN access. If you can
roll the fourth router I think it covers all the lab bases.

  ISDN is the big trick for CCNP if you don't have hands on with it -
try and get a single line for home and share the spids between two 2503s
using an NT1 - much cheaper to pay six months of ISDN service than to
find a teltone or adtran box for ISDN emulation.


Dave Bradshaw wrote:
> 
> I am about to embark on my CCNP training, I would be very grateful for any
> advice as how to go about getting this Cert. At present I am gathering lab
> equipment for home use, does anyone have any suggestions as to what
equipment
> I should get? i.e. what is essential & what is nice to have! Also if anyone
> can recommend any good study guides, or places to look for relevant
> information, (obviously I've found one good place :-) ). I think it may be
> worth mentioning I don't presently work in a Networking environment, I am
an
> Engineer on Networked peripherals, which is what has got me interested in
> this
> field in the first place. I passed my CCNA earlier this year. Any advice
most
> gratefully accepted.
> 
> Dave
-- 
Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
mailto:[EMAIL PROTECTED] fcc  : k0bsd
"I've seen the angels wearing their disguise,
ordinary people leading ordinary lives" - Tracy Chapman




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54630&t=54623
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: NM-1CT1 or WIC-1DSU-T1 [7:74741]

[neal rauhauser]

The WIC-1DSU-T1 is a service module - it always appear as serial0/0 or
whatever, and if you do anything with timeslots you are just adjusting
the number used for this one serial interface.

  The NM-1CT1 is a channelized T1 interface. You must configure one or
more channels in a channel group, then they get assigned to a virtual
serial interface.

  In the bad old days before frame relay people used to get 56k leased
lines for remote offices and aggregate them all by having a channelized
T1 delivered with each DS0 being a separate circuit to a remote.

  One additional use for the channelized interfaces that I am aware of
is attachment to digital modem modules like the NM-xxDM. There may be
others, but that is the one that comes to mind first.


  If you don't know why you might want an NM-1CT1, you need a
WIC-1DSU-T1 :-)



neil K wrote:
> 
> Can somebody explain when I can use WIC-1DSU-T1 over NM-1CT1 or what
exactly
> are the difference except that WIC-1DSU-T1 has a built-in DSU/CSU where as
> NM-1CT1 is a T1 Module.
> 
> Thanks in advance.
> 
> neil
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html

-- 
mailto:[EMAIL PROTECTED]
phone:402-301-9555
"After all that I've been through, you're the only one who matters,
you never left me in the dark here on my own" - Widespread Panic




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74750&t=74741
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

3640 Router E3 support (maybe) [7:74800]

[neal rauhauser]

You can install an NM-HSSI and an external E3 CSU/DSU or use an
internal NM-1TE3 to terminate a clear channel link.

  Cisco also built an NM-1A-E3 ATM card as well. In the US the DS3
counterpart to this card was typically used for DSL providers, while the
clear channel card or HSSI + external CSU/DSU was used for internet
connectivity.

 
  So the machine can physically terminate the link and it can stand a
full circuit worth of traffic, but if you're considering running BGP *BE
CAREFUL*.


  A little while ago I was working on a 128 meg Cisco 7206 connected to
Sprint via a DS3. IOS grabbed 16 meg for packet buffer in the presence
of the high speed interface and the 122k BGP routes from Sprint were too
much for the remaining memory. A Cisco 2650 with 128 meg can still take
full routes from Sprint because it has much less buffer space allocated,
but in general I'm treating 128 meg boxes as ticking bombs if they're
connected to Tier 1 providers - its just a matter of time - maybe this
time next year - before they just stop working due to memory issues.




Cappuccio Victor wrote:
> 
> Hello people
> 
> I what to know if a Cisco 3640 Router can support a E3 connection ??
> 
> Regards
> Victor.
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html

-- 
mailto:[EMAIL PROTECTED]
phone:402-301-9555
"After all that I've been through, you're the only one who matters,
you never left me in the dark here on my own" - Widespread Panic




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74800&t=74800
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: OT: Cable Lengths [7:74776]

[neal rauhauser]

I've seen situations where the legal length has been nearly doubled
on full duplex connections without much apparent trouble. I don't know
if I'd trust a Windoze box in this kind of configuration, but routers,
unix hosts, etc, don't seem to mind too much.


"[EMAIL PROTECTED]" wrote:
> 
> I have a question regarding the max length for a 100BaseT cable. Granted I
> haven't done a wealth of research on this so feel free to point me to
> google if the answer is mind numbingly simple, which it probably is
> 
> I have always understood the 100M limitation on 10BaseT ethernet cable to
> be attributable to the time it would take a collision signal - assuming you
> are running at half duplex - to be returned in time to prevent the next
> packet from being sent. In other words any longer than 100M and the sending
> station would not get the message in time that there had been a collision
> and thus continue sending packets instead of backing off. I have heard
> attenuation mentioned, but not as the "real" reason for the distance limit.
> 
> My question is given that many stations are running 100 full duplex these
> days - thus removing the collision concerns - does this effectively change
> the maximum distance for cable runs? Or is attenuation truly a factor in
> anything over 100M?
> 
> In general I am referring to standard Cat5 cabling
> 
> Just curious...
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html

-- 
mailto:[EMAIL PROTECTED]
phone:402-301-9555
"After all that I've been through, you're the only one who matters,
you never left me in the dark here on my own" - Widespread Panic




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74799&t=74776
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: OT: Cable Lengths [7:74776]

[neal rauhauser]

Windows *sucks*. I've seen it act stupid in lots of situations where a
FreeBSD laptop with the exact same configuration works just fine. I
don't have a technical explanation - I'm attributing it to excessive bad
karma.

Dom wrote:
> 
> >>I've seen situations where the legal length has been nearly doubled on
> full duplex connections without much apparent
> >>trouble. I don't know if I'd trust a Windoze box in this kind of
> configuration, but routers, unix hosts, etc, don't seem
> >>to mind too much.
> 
> What is the difference between a Windoze box with a PCI card in it, a
> Solaris Box with the same PCI card in it or even a router with the same
> card in it? It all goes up the stack and if the drivers are OK it all
> works fine.
> 
> Best regards,
> 
> Dom Stocqueler
> SysDom Technologies
> Visit our website - www.sysdom.org

-- 
mailto:[EMAIL PROTECTED]
phone:402-301-9555
"After all that I've been through, you're the only one who matters,
you never left me in the dark here on my own" - Widespread Panic




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74837&t=74776
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: backup interface [7:74836]

[neal rauhauser]

I think there are some implications with the ISDN interface being in
backup mode - like IOS idling the interface. You could just use a
floating static route to dodge that issue - works as long as you don't
mind the ISDN not being tied to the serial interface and the effect
should be the same - works whether you're looking for dial backup or you
can leave ISDN up all the time.

kaiser anwar wrote:
> 
> Hi,
>I am having issue with backup interface with isdn. I can ping
>my directly connected bri interface. but as soos as I hit my
>serial backup interface bri 0/0. Bri goes down. i do show isdn
>staus it says layer one deactived. this what it shows for sh ip int
> 
> Interface  IP-Address  OK? Method Status
> Protocol
> Ethernet0/0unassigned  YES NVRAM  up
> up
> Ethernet0/0.4  130.4.34.3  YES NVRAM  up
> up
> Ethernet0/0.6  130.4.36.3  YES NVRAM  up
> up
> BRI0/0 130.4.113.3 YES NVRAM  standby mode
> down
> Serial0/0  130.4.100.3 YES NVRAM  up
> up
> BRI0/0:1   unassigned  YES unset  administratively down
> down
> BRI0/0:2   unassigned  YES unset  administratively down
> down
> Virtual-Access1unassigned  YES TFTP   down
> down
> Loopback0  130.4.3.3   YES manual up
> up
> 
> Thanks in advance for eveyone's help.
> 
> Sincerely,
> Kaiser A
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html

-- 
mailto:[EMAIL PROTECTED]
phone:402-301-9555
"After all that I've been through, you're the only one who matters,
you never left me in the dark here on my own" - Widespread Panic




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74841&t=74836
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Stuck on Subinterfaces - read the Caslow book [7:74907]

[neal rauhauser]

This stuff is covered in gory detail in the Caslow book - I wouldn't
have completed my CCNP/CCDP with that.


Rich wrote:
> 
> Could someone help a CCNP student who is really confused?  I am currently
> studying for the BSCI Routing Exam using the Sybex Books on a home Lab of 4
> 2500's and 1 2600.  It has been working great and I have always been very
> pleased with the Sybex Series.  Unfortunately they have never covered
> Subinterfaces well enough and many of the Labs In the CCNP BSCI book are
> using
> them without much explanation.  They have various Labs that use OSPF,
IS-IS,
> BGP etc. to route IP over Serial Subinterfaces on what I see as just a
> "Plain
> old LAN".  All they do is show the IP Addresses and Networks already
> arranged,
> some on Serial Subinterfaces, and go right into the Routing Protocol
> configurations.  They don't say anything at this point about using a Frame
> Relay, ATM, IPX, or ISL for VLAN's on them in this book.  Those topics are
> covered in the Remote Access and Switching Books.  My problem is:  when I
> set
> up Subinterfaces on the Serial Ports with IP Addresses, set the clocking,
> and
> then bring up the interfaces, they all show as Interface Up and Line
> Protocol
> up - But I just can't seem to Ping any of the IP's on the Serial ports if
> they,
> or the other end they are attached to, are Subinterfaces.  If I can't Ping
I
> sure can't route right?  When I stick to regular physical interfaces,
> everything works great.  Am I missing something important?  If any of you
> Cisco
> Experts out there could offer any suggestions, I would hugely appreciate
> it.
> I'm kind of stuck on Stall right now and can't move on to any of the other
> Labs
> until I resolve this.  Thanks.
> 
> Rich.
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html

-- 
mailto:[EMAIL PROTECTED]
phone:402-301-9555
"After all that I've been through, you're the only one who matters,
you never left me in the dark here on my own" - Widespread Panic




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=74907&t=74907
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: PBR on 7200 subinterfaces [7:75055]

[neal rauhauser]

If you're trying to use the modular QoS CLI on subinterfaces its
something of a mess - you have to create  'backpressure' at the physical
interface level so bandwidth available is less than what your policy
needs, or everything stays FIFO.

  I had a production network with this issue and I finally just gave up
and pushed the QoS stuff out to the edge and crossed fingers on the
core.


"Salmons, Malcolm" wrote:
> 
> Hi
> 
> I'm trying to do policy based routing on a FE subinterface on a 7200 and am
> having problems at present, i.e. not working. I'm not sure if the router
> doesn't do PBR on subinterfaces or if I need a newer IOS version. I'm
> currently running 12.0.15.S3
> 
> Any help appreciated.
> 
> Best regards
> 
> Malcolm
> 
>
*
> This message has been checked for all known viruses by Primus
> Telecommunications through the Virus Control Centre. For further
information
> on this or the Primus range of Voice, Mobile, Data & internet business
> solutions call Primus Telecommunications on.
> 
> Phone UK: 0800 8361234
> E-mail: [EMAIL PROTECTED]
> WWW: http://www.primustel.co.uk
> 
> This electronic message contains information from Primus Telecommunications
> Ltd, which may be legally privileged and confidential. The information is
> intended to be for the use of the individual(s) or entity named above. If
> you are not the intended recipient, be aware that any disclosure, copying,
> distribution or use of the contents of this information is prohibited. If
> you have received this electronic message in error, please notify us by
> telephone or e-mail (to the number or address above) immediately. Any
views,
> opinions or advice expressed in this electronic message are not necessarily
> the views, opinions or advice of Primus Telecommunications. It is the
> responsibility of the recipient to ensure that any attachments are virus
> free and Primus Telecommunications bear no responsibility for any loss or
> damage arising in any way from the use thereof.
>
*
> Make a PrimusTalk PC to Phone call today!
> Go to http://www.iprimus.net to learn more.
> **Please support GroupStudy by purchasing from the GroupStudy Store:
> http://shop.groupstudy.com
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html

-- 
mailto:[EMAIL PROTECTED]
phone:402-301-9555
"After all that I've been through, you're the only one who matters,
you never left me in the dark here on my own" - Widespread Panic




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=75073&t=75055
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

CCIP - who is doing this one? [7:45166]

[Neal Rauhauser 402-301-9555]

I'm back to reading groupstudy after an eighteen month abscence. My
CCNP/CCDP certs which I finished 12/2000 and 1/2001 are working wonders
career wise, but I am doing a lot of carrier type stuff now and I've
lined up projects that pretty much cover the BSCI, MCAST+QoS, and MPLS
tests for CCIP - no reason not to get it done if I am going to do the
reading anyway.


  I am curious to know the stats - how many people have completed this
cert? I was about #1500 on CCDP and I'd like to think I'll be able to
better that on the CCIP.



    Neal Rauhauser




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=45166&t=45166
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCIP vs CCNP vs CCIE - not very close at all [7:45893]

[Neal Rauhauser 402-301-9555]

I recently asked who was doing CCIP and got a raft of responses - "Its
just like the CCNP",  "Just got get your CCIE", "It doesn't make sense".

  Rather than continuing that thread I thought I'd highlight the
differences and mention why the CCIP is more interesting than CCIE in
many cases.


  The CCNP covers routing, switching, remote access, and
troubleshooting.  When completed, the cert holder is capable of entering
IOS commands without having too many of them spelled out, and can
identify the correct books to read to fill in his/her knowledge gaps. No
disrespect intended - I've got it, its done wonders for my career, but
the biggest effect I've seen is that it has let me accurately articulate
just how much further I have to go.

  The CCIE is full of useless crap from the perspective of a service
provider. DLSw+? I mean, do I care about this? And IPX? And Appletalk?
If you're in a provider environment I *suppose* you could argue it might
be of some use, but I bet I can make just as good an argument for
getting your real estate license as a career booster.

  Now look at the CCIP. Nothing *but* routing as a fundamental
requirement. If you read the other stuff you can see Cisco things this
is for the big boys only - you'll be working 12xxx boxes and you don't
care much about ISDN dial support.

  Where are you going to get good MPLS information? Cisco Press has a
book out, but CCIE != person who read and fully understood that book. I
need to configure it, not just be able to define the acronym.

  And then there is multicast. Conceptually simple, fundamentally evil,
and known to attract wing nuts with business plans based on it. I've got
two wing nuts with their checkbooks cocked and locked right now - if
they can't run a single 384k stream from their site and have it fan out
to N+1 paying remotes I get to keep eating Ramen, instead of moving up
to TV dinners.


  There are a lot of other very heavy things in the various CCIP tracks,
I'm just touching on the ones that can be done with gear I can afford
and appeal to my existing customer base.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=45893&t=45893
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

old IPv6 beta image grovel [7:46009]

[Neal Rauhauser 402-301-9555]

Does anyone have any of the old IPv6 beta images for 16xx series?
These would be the ones that provided BGP on access routers :-) I have a
ton of 1605s hanging around so I am whipping up a little lab.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46009&t=46009
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

full routes via BGP: Cisco 2650 [7:46066]

[Neal Rauhauser 402-301-9555]

This one is taking full routes from UUNet and AT&T without any special
configuration.


Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-IS-M), Version 12.1(5)T7,  RELEASE
SOFTWARE (fc1)
TAC Support: http://www.cisco.com/cgi-bin/ibld/view.pl?i=support
Copyright (c) 1986-2001 by cisco Systems, Inc.
Compiled Tue 17-Apr-01 03:26 by ccai
Image text-base: 0x80008088, data-base: 0x81019D3C

ROM: System Bootstrap, Version 12.1(3r)T1, RELEASE SOFTWARE (fc1)
ROM: C2600 Software (C2600-IS-M), Version 12.1(5)T7,  RELEASE SOFTWARE
(fc1)

A uptime is 12 weeks, 1 day, 10 hours, 13 minutes
System returned to ROM by power-on
System image file is "flash:c2600-is-mz.121-5.T7.bin"

cisco 2650 (MPC860P) processor (revision 0x00) with 126976K/4096K bytes
of memory.
Processor board ID JAB04310CY8 (1982591658)
M860P processor: part number 5, mask 1
Bridging software.
X.25 software, Version 3.0.0.
1 FastEthernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read/Write)

Configuration register is 0x2102




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46066&t=46066
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: full routes via BGP: Cisco 2650 [7:46066]

[Neal Rauhauser 402-301-9555]

This is a 2650 getting full routes from AT&T and UUNet with a T1 to each
provider.


Total: 101929412, Used: 67234276, Free: 34695136
 PID TTY  Allocated  FreedHoldingGetbufsRetbufs Process
   0   0  75536   18084650980  0  0 *Init*
   0   0752 970112752  0  0 *Sched*
   0   0   17642116   10399220 187676 163440  0 *Dead*
   1   0280280   3864  0  0 Load Meter

   2   0   9028 212388   9920780  0 OSPF Hello

   3   0  0664   6864  0  0 Check
heaps
   4   0  20248  0  27112  0  0 Chunk
Manager
   5   0   20008464  24080 1999566131440  10880 Pool
Manager
   6   0280280   6864  0  0 Timers
   7   0280280   6864  0  0 Serial
Backgroun
   8   0  0  0   6864  0  0
ALARM_TRIGGER_SC
   9   0280280   6864  0  0
Environmental mo
  10   06596964   31309820  367921641380  0 ARP Input




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46073&t=46066
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

wireless feature set for 26xx series? [7:46079]

[Neal Rauhauser 402-301-9555]

Does anyone know what this thing does? I've been using 12.2T for IPv6
support and I just noticed the image below, labeled  IP PLUS IPSEC 56
WIRELESS - is that for the 5.8 gig wireless NM? Anyone using this stuff
in the field?




c2600-ik8sw6-mz.122-8.T4.bin




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46079&t=46079
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CISCO KNOWS SQUAT (was any good linux BGP simulator [7:46088]) [7:46107]

[Neal Rauhauser 402-301-9555]

This one is just too juicy to pass up :-)

   The concise question is "Why would you use linux/freebsd or an appliance
based on
them instead of purchasing a real router?"


  Cisco rules the backbone, they do enough on lan switching to get my vote
their, and
their Aironet radios are OK if you're abusing 802.11b by running it as a
wireless
internet provider but ...

  CISCO KNOWS SQUAT ABOUT ROUTER/WIRELESS INTEGRATION!


  There, I've said it. Detaled proof of concept is below:


  Lets consider a network I recently installed. I've got a tower on a
building on a
bluff that overlooks a valley where there is no DSL service. On the opposite
side of
the valley I have another tower on a building on a bluff. The two towers are
separated
by about three miles. Some sites in the valley can see one side, some can
see the
other, neither site would cover the whole valley properly.

  The building closest to my  head end  has an elevator shaft on top with my
small
tower bolted to the side. There is room for a good sized 19" cabinet and AC
power. The
building on the opposite side of the valley has a beautiful 50' tower on top
but the
only facilties on the roof are a NEMA outdoor enclosure. The NEMA enclosure
can take a
couple of radios and maybe a small hub but would not take any router larger
than a
1605.

  So, this one building has a backhaul link, it has a customer cell, it
feeds the cell
across the valley, and I have two other customers attached to this location
that
received dedicated point to point links for a total of one cell and four
point to point
wireless links. There is also a wired link to our customers in the building.

 From the layer three perspective this location has four /29s used for point
to point
(why not /30s? you tell me, but ponder the wonder of VLANs and OSPF first
:-] ), one
/27 that is the customer cell, and a /29 for the wired customers.

  How would you build a network with six total subnets, one wireless cell,
and four
point to point links, using only Cisco equipment? This is the parts list
with estimated
pricing:

Cisco 2620 $1500
Catalyst 1912  $300
Aironet AP352  $650
four x WGB352  $1800
total  $4250

  Now consider the alternative - a $400 PC, a $50 flash card, $200 for a
linux based
wireless capable OS from http://www.mikrotik.com, two PCI Aironet cards
($350) and a
Dlink quad port ethernet card ($100). $1100 total

 I still needed the $650 AP and one external $450 WGB352 - $1100 for this.


  So, for $2200 I got the effect of purchasing $4250 of refurbished Cisco
gear.


   Now lets look at the soft benefits of MikroTik vs IOS:

Feature  MikroTikIOS
ssh  yeswith provider image
OSPF yesyes
PPTP server  yesnot that I can find
PPPoE server yesyes, clumsy
rate shape PPPoE client  bit rate per user  nope, just IOS
traffic controls

NAT  yesyes
processorAMD 1 gig  40 MHz PPC
memory   256 megmax out at 64 meg
firewall ipchains(cool) clumsy access lists
user interface   killer CLI clumsy CLI
annual support   $500 or so including aironet   about 3X MT costs


 Over a three year period the MikroTik box is going to cost me about one
fourth of what
I'd pay for a minimal Cisco solution and the performance of the MT is on par
with a
7206 /w an NPE300.


 Now there are a lot of reasons to prefer Cisco in the backbone over
MikroTik, but I'm
not going to say anything :-) You'll just have to download the free eval of
MikroTik
and make it work with your Cisco lab if you want to know ...





> I always see people asking for Linux/Unix sims for BGP
> or just to simulate a router in General. I for the life of me can't
> figure out why a Linux router could be better than a 2501 and
> it would cost me more to build a Linux box. I see the same with




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46107&t=46107
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CISCO KNOWS SQUAT (was any good linux BGP simulator [7:46142]

[Neal Rauhauser 402-301-9555]

There is one sensible argument against what I've said, but this isn't it.
Try again
and put some thought into it.


"Steven A. Ridder" wrote:

> No one ever accused cisco of being a charity...
>
> --
>
> RFC 1149 Compliant.
>
> ""Neal Rauhauser 402-301-9555""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > This one is just too juicy to pass up :-)
> >
> >The concise question is "Why would you use linux/freebsd or an
> appliance
> > based on
> > them instead of purchasing a real router?"
> >
> >
> >   Cisco rules the backbone, they do enough on lan switching to get my
vote
> > their, and
> > their Aironet radios are OK if you're abusing 802.11b by running it as a
> > wireless
> > internet provider but ...
> >
> >   CISCO KNOWS SQUAT ABOUT ROUTER/WIRELESS INTEGRATION!
> >
> >
> >   There, I've said it. Detaled proof of concept is below:
> >
> >
> >   Lets consider a network I recently installed. I've got a tower on a
> > building on a
> > bluff that overlooks a valley where there is no DSL service. On the
> opposite
> > side of
> > the valley I have another tower on a building on a bluff. The two towers
> are
> > separated
> > by about three miles. Some sites in the valley can see one side, some can
> > see the
> > other, neither site would cover the whole valley properly.
> >
> >   The building closest to my  head end  has an elevator shaft on top with
> my
> > small
> > tower bolted to the side. There is room for a good sized 19" cabinet and
> AC
> > power. The
> > building on the opposite side of the valley has a beautiful 50' tower on
> top
> > but the
> > only facilties on the roof are a NEMA outdoor enclosure. The NEMA
> enclosure
> > can take a
> > couple of radios and maybe a small hub but would not take any router
> larger
> > than a
> > 1605.
> >
> >   So, this one building has a backhaul link, it has a customer cell, it
> > feeds the cell
> > across the valley, and I have two other customers attached to this
> location
> > that
> > received dedicated point to point links for a total of one cell and four
> > point to point
> > wireless links. There is also a wired link to our customers in the
> building.
> >
> >  From the layer three perspective this location has four /29s used for
> point
> > to point
> > (why not /30s? you tell me, but ponder the wonder of VLANs and OSPF first
> > :-] ), one
> > /27 that is the customer cell, and a /29 for the wired customers.
> >
> >   How would you build a network with six total subnets, one wireless
cell,
> > and four
> > point to point links, using only Cisco equipment? This is the parts list
> > with estimated
> > pricing:
> >
> > Cisco 2620 $1500
> > Catalyst 1912  $300
> > Aironet AP352  $650
> > four x WGB352  $1800
> > total  $4250
> >
> >   Now consider the alternative - a $400 PC, a $50 flash card, $200 for a
> > linux based
> > wireless capable OS from http://www.mikrotik.com, two PCI Aironet cards
> > ($350) and a
> > Dlink quad port ethernet card ($100). $1100 total
> >
> >  I still needed the $650 AP and one external $450 WGB352 - $1100 for
this.
> >
> >
> >   So, for $2200 I got the effect of purchasing $4250 of refurbished Cisco
> > gear.
> >
> >
> >Now lets look at the soft benefits of MikroTik vs IOS:
> >
> > Feature  MikroTikIOS
> > ssh  yeswith provider
> image
> > OSPF yesyes
> > PPTP server  yesnot that I can
> find
> > PPPoE server yesyes, clumsy
> > rate shape PPPoE client  bit rate per user  nope, just IOS
> > traffic controls
> >
> > NAT  yesyes
> > processorAMD 1 gig  40 MHz PPC
> > memory   256 megmax out at 64 meg
> > firewall ipchains(cool) clumsy access
> lists
> > user interface   killer CLI clumsy CLI
> > annual support   $500 or so including aironet   about 3X MT costs
> >
> >
> >  Over a three year period the Mik

config backup - cisconf from cpan.org [7:46239]

[Neal Rauhauser 402-301-9555]

I am using cisconf from CPAN.org - its a modifiable perl module for
doing backups to a tftp server.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46239&t=46239
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP prefix study [7:46726]

[Neal Rauhauser 402-301-9555]

"Howard C. Berkowitz" wrote:

> At 4:07 PM -0400 6/16/02, Neal Rauhauser 402-301-9555 wrote:
> >My only explanation for this is that there was nothing good on TV on a
> >lazy Sunday morning ...
> >
> >   I am about to start doing some truly gruesome things with IBGP due to
> >geographical separate peering points and I've got some internal routers
> >that are maxed out at 64 meg, so I spent a little time this AM examining
> >the source of this silly 114k+ entry global BGP table. My idea was that
> >a carrier stuck smack in the middle of the US could probably ignore
> >details about RIPE and APIC address space. Those two authorities turn
> >out to be responsible for only about 32k of the total so I am casting
> >around for other methods to trim the fat but I thought I'd share the
> >results thus far.
>
> You'll find a LARGE part of the routing table still comes from the
> Swamp [1] or the Toxic Waste Dump [2], rather than any geographical
> region.
>
> Neal, this is a distinctly nontrivial problem, with no ideal
> solution.  Your basic choice is accepting "suboptimal routing [3]" or
> upgrading your routers.
>
> Several basic questions come up about what you are trying to do:
>
> 1.  Is this for an ISP or an enterprise?

   Internet provider, doing wireless, playing with private line replacement
stuff, too.

>
> 2.  From a bandwidth standpoint, how many peering points could you
> lose and still have acceptable performance?

 I've got a single Sprint T1 at one end of the network, an AT&T and
UUNet T1 at the
other end. The Sprint side will grow quickly to more capacity, the AT&T and
UUNet stuff
is a colo company, not mine to rule, so they're fussy about how much output
we
generate, but don't care much about our input side.

>
> 3.  To how many different AS do you connect, and do they have
> approximately
> equal connectivity?

Sprint, AT&T, UUNet, probably going to add one more at the end where the
Sprint
circuit is, but I suspect it'll be UUNet there, too.

>
> 4.  What is your IGP?

   Today its OSPF and that is the one I know best. There is some cause to
consider
replacing OSPF area 0 with EIGRP due to different cost links and varying
'cleanliness'
in the wireless layer, but we'll see how that goes - I have enough to do
without
worrying about redistribution right now.

>
> 5.  How much effort, including programming, are you willing to do to
> optimize tables?

   Lots and lots ... keeps me off the street and contributes to passing my
CCIP BSCI
exam I think ...

>
> 6.  Do you have a decent familiarity with RPSL, routing registry, and
> some
> of the freeware tools such as CIDRadvisor and RtConfig?
>

  I've made a few basic entries in the RADB, I've played with cflowd,
and I've not
done much with the automation tools in this area. I'll prefer to hand tune
at first,
until I really understand what I am facing.


>
> Howard
>
> [1] The Swamp is the term used in addressing working groups to refer
> to 192.0.0.0/8, the original Class C space.
>
> [2] The Toxic Waste Dump, which probably is somewhere in Northern New
> Jersey, is that part of the Swamp containing /24 or longer prefixes.
>
> [3] People often worry about suboptimal routing, but the gains of one
> "perfect"
> path may be marginal when compared with the complexity of
> differentiating it from a "decent" route.
>
> --
> "What Problem are you trying to solve?"
> ***send Cisco questions to the list, so all can benefit -- not
> directly to me***
>

> Howard C. Berkowitz  [EMAIL PROTECTED]
> Chief Technology Officer, GettLab/Gett Communications
http://www.gettlabs.com
> Technical Director, CertificationZone.com http://www.certificationzone.com
> "retired" Certified Cisco Systems Instructor (CID) #93005




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=46888&t=46726
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Aironet SNMP tricks revealed [7:48574]

[Neal Rauhauser 402-301-9555]

I spent about twenty hours last week dorking around with AP35x and
BR35x, MRTG, and snmpwalk on a unix box.

  I've created some MRTG configs that will graph common 802.11b errors
vs good fragments and I posted the MIBs used along with links to two MIB
browsers that will produce the OIDs you need to drive MRTG.

  The documentation is kinda crappy, the information is incomplete on
CCO because of MIB compile problems with old Aironet enterprise MIBs,
and its a real pain to figure out - but now you have no excuse, since
I've done 95% of the hard work for you.

 I also started an Aironet SNMP specific mailing list at
mailto:[EMAIL PROTECTED]

 You can see what has been done so far at http://aironet.wispair.net/

  FYI this little dab that I put up is a good read if you want to get
started doing stuff with MRTG besides the out of the box bandwidth
management - I haven't bothered to extend it to other devices but one
could dig around in the MIB directory on Cisco's site and create all
sorts of cool monitoring tricks.



-- 
=
mailto:[EMAIL PROTECTED]phone: 402-301-9555
=




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48574&t=48574
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

crazy slow BGP convergence - why? [7:48621]

[Neal Rauhauser 402-301-9555]

Below is the relevant config information from two Cisco 26xx routers
separated by an ethernet switch. Neither is running more than 15%
utilization but its taken ninety minutes for 950 routes to make it from
the 2650 to the 2620. Why is this so slow?

> 
> !Cisco 2620, 64 meg, IOS 12.2.8T2
> router bgp 25943
>  no synchronization
>  bgp log-neighbor-changes
>  network 63.170.237.0 mask 255.255.255.0
>  network 63.170.238.0 mask 255.255.254.0
>  neighbor 12.22.183.193 remote-as 20333
>  neighbor 12.22.183.193 description Exanium Cisco 2650 peers /w 7018 &
> 701
>  neighbor 12.22.183.193 filter-list 1 in
>  no auto-summary
> 
> ip as-path access-list 1 permit ^20333 701_
> 
> !Cisco 2650, 128 meg, peers with AS701 & AS7018
> router bgp 20333
>  bgp log-neighbor-changes
>  network 12.22.183.192 mask 255.255.255.192
>  network 12.36.200.0 mask 255.255.254.0
>  network 12.36.210.0 mask 255.255.254.0
>  network 12.108.204.0 mask 255.255.252.0
>  neighbor 12.22.183.229 remote-as 25943
>  neighbor 12.22.183.229 description WispAir border router AS 25943
>  neighbor 12.22.183.229 distribute-list 66 in
> access-list 66 deny   any
> 




ex2620#sh ip bg su
BGP router identifier 63.170.237.254, local AS number 25943
BGP table version is 3094, main routing table version 3094
1004 network entries and 993 paths using 137108 bytes of memory
300 BGP path attribute entries using 19080 bytes of memory
295 BGP AS-PATH entries using 8940 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
317 BGP filter-list cache entries using 3804 bytes of memory
BGP activity 1731/6097 prefixes, 1888/895 paths, scan interval 60 secs
 
NeighborVAS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down 
State/PfxRcd
12.22.183.193   4 203331941 107 308700 01:42:49
991











> --
> Neal Rauhauser CCNP, CCDP   voice: 402-301-9555
> mailto:[EMAIL PROTECTED]   fcc  : k0bsd
> "They say it takes hardship, boy, to let you love the rest,
> sometimes underneath the load is where I show my best" - Widespread
> Panic

-- 
=
mailto:[EMAIL PROTECTED]phone: 402-301-9555
=




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48621&t=48621
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]