RE: [NMSU-CW2K] RE: ciscoview-urgent [7:75227]
Fred, The ? in the icon on the Topology map means it's an unknown device. It knows it's CDP supported but it can not identify it's Cisco Device ID or the sysObjectID. There are a couple of reasons for this including the fact they are in reality HP JetDirects, New HP Servers (they both support CDP ) or the device or OS version is not supported by the version CW2K he has. Regards, Pete Peter P. Benac, CCNA Emacolet Networking Services, Inc Providing Systems and Network Consulting, Training, Web Hosting Services Phone: 919-847-1740 or 866-701-2345 Web: http://www.emacolet.com Need quick reliable Systems or Network Management advice visit http://www.nmsusers.org To have principles... First have courage.. With principles comes integrity!!! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Thursday, September 11, 2003 13:58 To: milind tare Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: [NMSU-CW2K] RE: ciscoview-urgent [7:75227] I still don't know what you mean by ? is coming on that box Do you mean for the OSM module? That's not listed in the supported devices for Campus Manager (which I'm assuming you mean by the topology view. You might try asking at [EMAIL PROTECTED] They have many more CiscoWorks people over there. I'll cross-post... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: milind tare [mailto:[EMAIL PROTECTED] Sent: Thursday, September 11, 2003 1:11 PM To: Reimer, Fred Cc: [EMAIL PROTECTED] Subject: RE: ciscoview-urgent [7:75227] hi reimer, Thanks for ur reply, and extremely sorry for mis communication. i will explain u my porblem. I install ciscoworks. I have GSR,7513,6509,3512 in my network. but in topology view i can see 7513,3512,and GSR. I install CATIOS6000,Switchaddlets,Entity, CLIparser. about 6509 the box is coming in Topology but ? is coming on that box. Thanks Regards, Milind Tare --- Reimer, Fred wrote: Communications problem. I don't understand what you are asking. Try using more words. Be verbose. I may be able to understand then... As far as I can tell: You are not having any problems discovering the 6509. It is in the topology. In your original messages, you said you were NOT getting the 6509 in the topology. See my confusion? Beyond that, I don't know what your problem is, so I can't suggest a solution. Just an off-the-wall guess, you probably need to load up the latest device information file (Incremental Device thingy) in CiscoWorks to recognize a particular module that may have been released recently... Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: milind tare [mailto:[EMAIL PROTECTED] Sent: Thursday, September 11, 2003 12:45 PM To: Reimer, Fred Cc: [EMAIL PROTECTED] Subject: RE: ciscoview-urgent [7:75227] hi reimer, Thanks for ur reply but not getting wht u want to say. coz i told u i install , CATIOS6000 , Entity , Switchaddlet, CLIparser still i can't see i mean it is coming intopology but with ? . so pls suggest me Thanks Regards, Milind Tare --- Reimer, Fred wrote: If you happen to be running PIM Sparse-Dense mode with auto-RP and duplicate loopback IP addresses then you need a special patch for CiscoWorks in order for it to properly discover the 6509's... This probably effects anything that has duplicate loopback IP addresses. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary
RE: [NMSU-discuss] NetworkSim Project to be Hosted by [7:74978]
I guess someday people will start asking me if these projects can be posted to NMSUsers.org. :) Regards, Pete Peter P. Benac, CCNA Emacolet Networking Services, Inc Providing Systems and Network Consulting, Training, Web Hosting Services Phone: 919-847-1740 or 866-701-2345 Web: http://www.emacolet.com Need quick reliable Systems or Network Management advice visit http://www.nmsusers.org To have principles... First have courage.. With principles comes integrity!!! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: Monday, September 08, 2003 12:09 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: [NMSU-discuss] NetworkSim Project to be Hosted by SourceForge I just received confirmation that my NetworkSim project has been approved by SourceForge. It will take me a while to get the proper licensing materials embedded in the source files, but look for it to become active in the next few days. I'll need to look into what I need to do to get the files uploaded and handle other administrative tasks, but that will have to wait until after work hours. See you soon at networksim.sourceforge.net! Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74978t=74978 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: mpls fragmentation [7:74577]
At 08:42 AM 9/2/2003 +1200, Thomas Salmen wrote: hmm, cheers any idea if there is any documentation regarding this? seems to me that with all these sites these days mucking around with df bits and filtering icmp that it's a wonder that any link with an odd pmtu works at all. not to mention qos getting all upset with fragmented packets. I don't believe there is any documentation per se. Essentially, if you operate a network and impose encap overhead to frames, you need to compensate for this overhead by increasing your supported mtu sizes. thomas At 10:37 PM 8/31/2003 +, Thomas Salmen wrote: does anyone know if using frame-mode mpls affects the mtu on an interface? i can't help thinking that sticking in an extra 32-bit header would mean reducing the amount of user data that could be carried by 32 bits - causing fragmentation if the data field is already at its max for a given interface... MPLS headers, 802.1q tags and all similar encap overhead certainly add size to frames and are certainly things one needs to be mindful of from an mtu perspective. apologies if the question is an inane one, but i'm just starting to get into this ls thang thomas **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74625t=74577 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: mpls fragmentation [7:74577]
At 10:37 PM 8/31/2003 +, Thomas Salmen wrote: does anyone know if using frame-mode mpls affects the mtu on an interface? i can't help thinking that sticking in an extra 32-bit header would mean reducing the amount of user data that could be carried by 32 bits - causing fragmentation if the data field is already at its max for a given interface... MPLS headers, 802.1q tags and all similar encap overhead certainly add size to frames and are certainly things one needs to be mindful of from an mtu perspective. apologies if the question is an inane one, but i'm just starting to get into this ls thang thomas **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74607t=74577 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Proority Queuing [7:74254]
It seems the earliest IOS release supporting Priority Queueing on the Cisco 828 is 12.2(8)T. I found this using the Cisco feature navigator www.cisco.com/go/fn (requires a Cisco login) What IOS version are you using? Skarphedinsson Arni V. wrote in message news:[EMAIL PROTECTED] Hi I am trying to configure prioryti queuing on a cisco 828 router, I can create the priority-list just fine, but can4t apply it to any interface, in interface config mode, the priority group command is missing, any ideas on why that is ? and how I can work around this problem to give certan traffic higher priority based on an access-list ? **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74512t=74254 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Possible Errata Additions: CCIE(TM): Cisco Certified [7:74093]
Marco I have found very many errata in this book. Mostly they are easy to spot, and there are few factual inaccuracies. I have been through the whole book, noting errors as I have found them, but I haven't had time to collate them yet. Peter Marco P. Rodrigues wrote in message news:[EMAIL PROTECTED] Edition By Rob Payne; Kevin Manweiler If someone is reading this book can they confirm some inconsistencies I've come across while reading the book. I'm currently on Chapter 7 and I've found the following problems (at least I think they are problems) Pg 98. Paragraph Five last sentence reads: DTE devices include terminals, PCs, routers, and bridges (customer-owned end node and internetworking devices) and DTE devices are devices such as packet switches Shouldn't it read: .. and DCE devices are devices such as packet switches Pg. 193. Figure 6.1 Bit 46 should read U/L and not I/G as listed in bit 47. Pg. 194 Figure 6.2 (Ethernet II Frame) Sync (Pattern 11) should read 2 bits and not 11 bits Pg. 207 set port duplex 2/10 full is issued in the config but the show port output lists the duplex speed as being half. All the other config changes match up with the output. Pg. 223 (Explanation of the command channel-group 1 mode desirable) Should read PAgP and not DTP. I've come across more , a few matched up with the Errata on Sybex's website. I just haven't been keeping track. I guess I'll start noting mistakes as I find them. If someone can confirm this with me I would appreciate it, and I'm sure the authors would too. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74093t=74093 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
BGP and QOS Beta exams [7:73599]
Folks I have seen a few mentions of the BGP and QOS beta exams recently (also mentioning the results). My question is, am I the only person still waiting for results for these exams? My Vue exam history shows Tue February 18, 2003 02:30 PM 641-661: BGP Corefacts, Cambridge, GBR taken Thu March 27, 2003 02:00 PM 643-641: Quality of Service Corefacts, Cambridge, GBR taken and certmanager doesnt mention either. Is it time to start chasing vue/cisco? As an aside, I took the CCNP support beta last year and never actually received results at all, although it did show up in certmanager as a pass about 3 months after I had given up waiting and passed the non beta version. Thanks Peter Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73599t=73599 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Cisco Secure VPN 642-511 [7:73919]
Assorted comments in line. --On 12 August 2003 13:45 + Reimer, Fred wrote: You should have six weeks to go through it. I'd suggest taking a day off or spending a Saturday to go through the whole course, but that's just me. I can't do the one hour here and there thing. Hmmm, you should try running through the knowledgenet course after work in the evening, then heading back into the office at midnight and configuring your first concentrator before 8:30am when people start arriving for their days work. That wasnt fun :-) They also include labs or simulations of setting up the hardware. However, they don't have an actual lab. I think they are working on that, but I found it very useful to have a real 3000 available to go through the menus. Yep. I have a side question myself. Cisco changed their specialist program, so that now apparently there isn't a Firewall Specialist, VPN Specialist, and IDS Specialist, but rather just one Security Specialist. So does that mean that I can't use the VPN Specialist designation anymore and have to wait until I pass all of the tests? What about that INFOSEC designation, is that still valid? I think you have things in reverse. The Security specialist cert is being / has been retired. The three new specialist exams and CCSP replaced it. If you are interested, I expressed my opinion on that change in some detail (either on this list or security ie dot com) a while back. (I wasnt very complementary about the new specialist certs) Regards Peter Walker CC[NID]P, CISSP, CSS1, etc (yeah, my current employer is a reseller) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73937t=73919 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: BGP and QOS Beta exams [7:73599]
--On 07 August 2003 02:50 + Mwalie W wrote: Yes, you will have to begin chasing VUE and Cisco. Thanks, that is what I thought Good Luck! You must be a very patient person:-) And this is also the reason I do not like Beta exams now. Actually, I am very impatient. Which is why I try to make a point of only doing Beta's when I dont need the exam, and then trying to ensure I forget about the exam. I really had put the exams out of my mind until I saw a couple of groupstudy messages in which people mentioned the results. I dont think there is a problem with my address as I have received results for CCIE Beta qualification exams I took before and after the QOS and BGP exams. Peter Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73759t=73599 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: RFC 2547 vs. RFC 2764 VPNs [7:73048]
I'm curious if anyone has talked to their SP and has thought about leveraging MPLS carrier's carrier approach? Not sure how many SPs, if any, support this currently, but seems to have the right scaling properties if you're an ISP. And with the ability for eBGP to carry labels for BGP routes (see neighbor send-label), the CE-PE protocol remains vanilla eBGP, meaning there's no need for MP-BGP or LDP. Of course, now you may need to do iBGP or confed eBGP over the MPLS cloud, but that could be interepreted as a benefit. L2VPN using Kompella or a bunch of PW's makes a very nice carrier of carriers approach without all the hokey L3 peering requirements. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73076t=73048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT: Anyone using Qwest PRN ? [7:72704]
At 04:31 PM 7/21/2003 +, John Neiberger wrote: Are any of you using Qwest PRN? If so, I have a few questions for you: 1. How do you like it so far? 2. Did you migrate from something else? If so, how did the migration go? 3. Any 'gotchas' that you learned later that you wish you'd learned sooner? 4. How does the service compare to what you were using before? 5. How many sites do you have? Is this solution scaling well for you? Hey John, What is PRN? Private routed network? Can't seem to find much about it in my brief googling. Of course, it's not necessary to answer every question. I'm just doing some research on their solution and thought I'd check around here for references. Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72708t=72704 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT: Anyone using Qwest PRN ? [7:72704]
At 07:58 PM 7/21/2003 +, John Neiberger wrote: I think this actually is an MPLS VPN, of sorts. It's been fairly hard for me to get the nitty gritty details. As I see it, it's a layer 3 MPLS vpn with OSPF as our 'interface' to their network but I may be wrong about that. This sounds exactly like a 2547bis based IP VPN. As someone else just mentioned, this service is expensive compared to frame relay. In fact, at the moment it's about twice the monthly cost, but we're quickly growing to a point where the frame network is not going to support our goals. This solution looks pretty slick, I must admit. Keep in mind that this solution involves the provider managing aspects of your WAN routing which involves a different level of attention from them then you would see with a traditional layer two network. Usually, this type of service commands a premium, but the market tends to dictate pricing in many areas (depending upon where you are located). Pete John Chuck Whose Road is Ever Shorter 7/21/03 1:50:51 PM so, John, whatever happened to the MPLS network they were trying to sell you a while back? what advantage does PRN have vis a vis MPLS such that Quest is no longer trying to convince you to buy it? inquiring minds need to know :- John Neiberger wrote in message news:[EMAIL PROTECTED] Peter van Oene wrote: At 04:31 PM 7/21/2003 +, John Neiberger wrote: Are any of you using Qwest PRN? If so, I have a few questions for you: 1. How do you like it so far? 2. Did you migrate from something else? If so, how did the migration go? 3. Any 'gotchas' that you learned later that you wish you'd learned sooner? 4. How does the service compare to what you were using before? 5. How many sites do you have? Is this solution scaling well for you? Hey John, What is PRN? Private routed network? Can't seem to find much about it in my brief googling. Oops. Accidentally hit post before adding any content. ;-) Yes, it stands for Private Routed Network. It's a very interesting solution. Our hub sites would participate in OSPF with their network, while our spoke sites would use static routing. The PRN would have static routes pointing to our spoke sites and those statics would be redistributed into OSPF. The biggest downside to this is that we'd have to contact Qwest each time we added a new subnet at a branch, but I suppose that just means we'd need to plan ahead better. This solution buys us a few things over our current frame relay network. Each site has a full pipe into the PRN instead of multiple PVCs sharing a single link, and we don't have to deal with CIR. From the perspective of our routers each site is one hop away from any other site. These combination of these features will allow us to proceed with VoIP throughout our network, which is not feasible with the current frame relay network. John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72726t=72704 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: a really big bug [7:72463]
I am glad you are not representative of the current Cisco Culture. Your attitude in this matter really is not acceptable and I would hope that Cisco's attitude would be better. Any exploit hypothetical or not quickly spreads acrossed the internet faster then Bill Gates can find another security flaw in Windows. My Solaris Servers that face the internet are under constant bombardment from would be windows script kiddies. It doesm't matter to them whether I have a Solaris System or a Windows System. They want to be real hackers and will try anything that is posted. This applies to other systems as well. Cisco has the major market share and therefore is the primary target. Cisco is not Microsoft, and never has been. They have always put their flaws right in peoples faces. The infamous SNMP bug was published and fixed long before CERT published it. Cisco has a PSIRT team whose soul function in life is security risk accessment. I have never known Cisco to call a potential Security threat Entertainment. Perhaps we should send your response to this to John Chambers and see what he will say. I still remember his e-mail address since I too am an ex-cisco employee. Regards, Pete Peter P. Benac, CCNA Emacolet Networking Services, Inc Providing Systems and Network Consulting, Training, Web Hosting Services Phone: 919-847-1740 or 866-701-2345 Web: http://www.emacolet.com Need quick reliable Systems or Network Management advice visit http://www.nmsusers.org To have principles... First have courage.. With principles comes integrity!!! I sincerly hope that Cisco is not becoming Microsoft. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72565t=72463 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: an ISIS question.... [7:72081]
At 12:29 AM 7/11/2003 +, wj chou wrote: In this case, you L1 areas will not usually be the same and the L1 adjacency between the two core routers will not form. If the area is the same, the L2 adjacency is superfluous. Many large networks are single area, or single level (ie L1 everyone in one area, or L2 everywhere where area isn't very relevant.) Can you explain a bit more about this? you L1 areas will not usually be the same an the L1 adjacency between the two core routers will not form? I am new to ISIS... In the picture, you drew a network like the following: L1L1L2---L1L2-L1 This looks very much like a network where two areas area interconnected via a backbone. The backbone in this case is the set of L1L2 routers. In this network, it would be logical to assign different area id's to each L1 process such that they operate as distinct areas. Since ISIS routers exist fully in a single area, this will leave the two L1L2 routers in different areas. Those routers will form an L2 adjacency because the L2 process doesn't look for matching area IDs, but the L1 adjacency process will fail between them as L1 adjacencies require matching area IDs (at least one) Does this help? Pete Thanks! Ellie Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72153t=72081 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: an ISIS question.... [7:72081]
At 03:40 AM 7/10/2003 +, wj chou wrote: Hi.. a basic ISIS question... I know that by default, an IS is L1-L2, so it can form a L1L2 adjacency with its neighbors. But what's the benefit of it? and under what kind of situation in real world people want to configure it this way? L1L2 routers are required to interconnect L1 areas via an L2 backbone. An L1L2 router acts much like an OSPF ABR. thanks! Ellie Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72110t=72081 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: an ISIS question.... [7:72081]
At 08:36 AM 7/10/2003 -0700, Zsombor Papp wrote: Hi, the L1/L2 behavior can be configured on a per interface basis. The question why you would want an interface to be both L1 and L2, and especially why you would want a router to form both L1 and L2 adjacency with one of its neighbors, is a good one. In general, I don't think you would want this. I can attest to have never intentionally designing a network of that nature. Unless you wish to connect L1 domains to a backbone, or are in the process of a migration from one topology to another, minimizing adjacency state and its related overhead is a good thing. One (exotic) example would be if an L1L2 router has L1, L2, and L1L2 neighbors as well on the same interface like, this: |--L2 | |--L1L2 | |--L1L2 | |--L1 In this case the L1L2 routers' interface must be configured for both L1 and L2 if we want the L1 router to be able to get out. Consequently, the two L1L2 routers will form both L1 and L2 adjacency with each other, but this is more a coincidence than a requirement, IMHO. I would agree. There is no benefit to this as I see it. A more realistic scenario would be like this: L1--| |--L1L2(A)--L2 | |--L1L2(B)--L2 L1--| In this case, you L1 areas will not usually be the same and the L1 adjacency between the two core routers will not form. If the area is the same, the L2 adjacency is superfluous. Many large networks are single area, or single level (ie L1 everyone in one area, or L2 everywhere where area isn't very relevant.) Pete I am not sure however if there is any advantage of having A and B form both L1 and L2 adjacencies with each other. It appears to me that L1 would be just fine. I, too, would be happy to hear some comments on this. Thanks, Zsombor At 02:40 PM 7/10/2003 +, Peter van Oene wrote: At 03:40 AM 7/10/2003 +, wj chou wrote: Hi.. a basic ISIS question... I know that by default, an IS is L1-L2, so it can form a L1L2 adjacency with its neighbors. But what's the benefit of it? and under what kind of situation in real world people want to configure it this way? L1L2 routers are required to interconnect L1 areas via an L2 backbone. An L1L2 router acts much like an OSPF ABR. thanks! Ellie Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72118t=72081 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Lab !!! [7:71919]
At 08:51 AM 7/5/2003 +, H T wrote: Hi, Actually Cisco just says the following topics are removed, but there is not details http://www.cisco.com/warp/public/625/ccie/certifications/routing.html ISO CLNS... does it include ISIS ??? ISIS routing IP is still a valid topic. Token Ring and Token Ring Switching... does it includes all IBM networking??? no clue here and haven't looked into this in years. much like yourself it seems :) 1. SRB 2. SR/TLB 3. RSRB 4. DLSw and DLSw+ 5. Encapsulation bridging 6. CRB 7. IRB How about ATM, what will be included? Can any one fine out Cheers, Heiman. Hemingway wrote in message news:[EMAIL PROTECTED] anyone who is serious about CCIE lab prep should become familiar with this site: http://www.cisco.com/warp/public/625/ccie/ start your reading here. everything yoiu need to know can be found somewhere within the links provided. H T wrote in message news:[EMAIL PROTECTED] Hi all, Can any one help us about the lab topics? Cheers, Heiman. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71941t=71919 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Your advise pls! [7:60327]
At 03:15 AM 1/5/2003 +, RamG wrote: Hello Group, I finished NP/DA in Oct 2000. Since then, I have been looking for job in networking. I know my drawback for being unsuccessful. It is my past experience {as Accountant} and real world experience with Cisco routers. In order to get some experience, I had setup 5 router home lab and gained little experience by practicing / solving lab exercise from Satterlee book. Even that did not help me to get entry level positions. The job market in Toronto is so bad that, I am unable to find Tech support job too. Have you tried the VAR market for a presales tech position? Most VARs are usually interested in technical folks who understand how to present technology from a business/financial standpoint where I would expect you'd be rather proficient based upon your background. Further, for those VARs that wish to also persue Silver/Gold status with Cisco, you're being in a position to take a shot at the CCIE would be of great benefit. Doesn't the CCIE qualification exam renew at least the NP of your Certs? The DA is about useless from my perspective unless you get some free stuff for it :-). If so, I'd take the qualification exam and attack the VAR market as a pre CCIE with good business sense. Pete Now it is time for me to recertify {Oct}. What should, I do? I have already spent a lot of money on books/routers. I cannot spend any more on books/routers. Any advise appreciated. / RamG Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71677t=60327 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MPLS for CCIE [7:71132]
check the blue print on CCO. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71218t=71132 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Router question [7:71191]
Hunt The 4500 uses a boot helper image when it starts up. The boot helper is a cut down IOS that (hopefully) recognises most of your devices (useful if you need to use tftp) and then tries to load the main IOS. You shouldnt need to upgrade the bootflash, although I would make sure you have a fairly up to date boot helper image as the boot helper is actually quite helpfull if there are problems loading your main ios image. Regards Peter --On 23 June 2003 23:30 + Lee wrote: Hello Group, I want to beef up my 4500M+ to 16MB Flash so I can run 12.2 code on it... Under the show version (as below), I see 2 different flash: 4096K bytes of processor board System flash (Read/Write) 4096K bytes of processor board Boot flash (Read/Write) How does the 4500M+ works? Does it mean that I will need to have both the System Flash Boot Flash up to 16MB? If so, does anyone where I can find some? And if I need to find them, are they just called? 4500M System Flash AND 4500M Boot Flash Thanks so much for the help in advance, Regards, Hunt Router#sh ver Cisco Internetwork Operating System Software IOS (tm) 4500 Software (C4500-I-M), Version 11.1(5), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1996 by cisco Systems, Inc. Compiled Mon 05-Aug-96 13:40 by mkamson Image text-base: 0x600088A0, data-base: 0x6042A000 ROM: System Bootstrap, Version 5.3(16) [richardd 16], RELEASE SOFTWARE (fc1) ROM: 4500 Software (C4500-BOOT-M), Version 11.1(7), RELEASE SOFTWARE (fc2) Router uptime is 1 minute System restarted by reload System image file is flash:c4500-i-mz.111-5, booted via flash cisco 4500 (R4K) processor (revision D) with 16384K/4096K bytes of memory. Processor board ID 05795949 R4700 processor, Implementation 33, Revision 1.0 G.703/E1 software, Version 1.0. Bridging software. X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. 128K bytes of non-volatile configuration memory. 4096K bytes of processor board System flash (Read/Write) 4096K bytes of processor board Boot flash (Read/Write) Configuration register is 0x2102 Router# Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71226t=71191 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: number of CCIE [7:70151]
[JN] Yeah, but does the college happy HR dude (your idol) who says bachelors required on dinky IT jobs (e.g. desktop support tech) pay attention to that? As far as he's concerned all BSs are BSs, and they are all superior to non-graduates. Remember that we are talking about IT jobs, not top mamanegent or top financial analyst positions. First of all, let me clear up that HR is not my idol. I too do not like many of the things that HR does. The difference is that I accept that HR has hiring power and I see little point in raging against the machine on this point. Why? What's the point? You can whine all you want and they're still going to have hiring power. It's far more efficient to simply accept that HR has hiring power and learn to follow their rules. I don't mean to get into the battle of which CCIE number is better than which as I don't really have an opinion. However, one thing I do pick up on is the reliance here upon getting through HR screens. I don't recall ever getting a job through conventional means myself and I don't imagine that many somewhat established folks who do better than average work do either. Most of the hiring I've ever participated in was referral based as well. To me, this debate really only applies to those folks who do not have contacts in a given area and who are not prone to more aggressive employment acquisition strategies. This bunch of folks tends to flood resumes out to Monster and hope they get a call. However, I would see this category of folks as pretty junior, in which case I wouldn't expect to see them applying for the top tier jobs in the industry. These folks need to get a job, get established, and then leverage their contact base to move on to bigger and better things, or leverage their track record to move up internally. So, the way I see it, either you are pretty new to the industry and need some help getting through screener bots, or you are not and should find far better mileage leveraging your contact base in the industry. If you are good at what you do, likely the folks you worked with noticed this as did the vendors who worked with you as did your customers. Somewhere in that mix there has to be a hotter lead than www.findmeajobfor100k.com. If you are new, having a CCIE number of any type likely helps a bunch and I can't see anyone caring how high or low it is unless you are trying to get some uber job. If you are, you'll likely lose to someone else who came recommended and the how many guys passed the lab before you won't be of much significance. (did I just get into the debate I said I wanted to avoid? :) Anyway, I guess I'm not sure who the group of people are who are highly talented, yet have no contacts in the industry but still expect to pull down top calibre jobs. I'm also not sure who the top calibre job employers are that would chose not to hire you based upon how high your CCIE number was vs how well you fit the job and interviewed, but I'm assuming this CCIE number value cut deals more with first cut resume screening. Pete Second of all, do you not think that if HR sees a degree from Harvard in a resume, he's going to give more weight to that resume than to a guy from Podunk Community College? Of course he would. Everybody would. Sure, he's not going to say that anybody who wants to get a job must have Crimson blood, but when it comes to making the first cut, you know what he's going to do. [NRF] First of all, what admissions fiasco? Are you saying that because of the abundance of information that all of a sudden everybody's getting a perfect score on their SAT's? I don't see that happening. Do you? If so, please [JN] The admissions process is a fiasco, but that is another issue. Are you implying that all the certified people are getting perfect scores because of braindumps and bootcamps? No I am not, but you do concede that those things make certs easier? And because of the fixed-score nature of certs, that there is no relative-scoring mechanism that can compensate for this. To wit - if everybody who applied to Harvard presents a 1600 SAT, that doesn't mean that everybody gets admitted - the admissions decision now moves to other criteria because at the end of the day there are more applicants to Harvard than there are slots. But if everybody who attempts the CCIE is properly bootcamp-ed, then everybody can, in theory, pass. [NRF] that all of a sudden because of the abundance of information, everybody is now a star athlete or class president, or all those other factors that help [JN] Ah, I see, we wish for a hierarchial classification of tech in the same manner a college partitions its student body: i.e. a class president or class athlete, as in star router dude test# 652-STAR, a position in cert society achieved by fulfilling a number of criteria. Perhaps one such criterion is popularity among
Re: RE: number of CCIE [7:70151]
At 09:34 PM 6/8/2003 +, garrett allen wrote: the intent of this list is to discuss preparation cisco exams, not opportunities in the various job markets. if your comments don't relate to the study blueprint in some meaninful way, please keep them to yourself. nice thread :-) for those whining about it, you can skip the messages you know. ccie is a good challenge. got after it if you want. maybe it will help you get a job, maybe it won't. jncie is pretty neat too :) my ie will expire in a couple months and I could really care less. but please, feel free to continue debate subjective topics as you see fit. for what its worth, in my opinion, nrf has well earned the right to debate whatever he wants on this list. pete thanks. - Original Message - From: n rf Date: Sunday, June 8, 2003 4:14 pm Subject: Re: RE: number of CCIE [7:70151] garrett allen wrote: yawn. Bored? I don't want to be overly confrontational, but if you really thought this thread was so boring that you're yawning, then why did you bother to make a rebuttal to me in the first place? The fact that you did obviously means that you don't think it's THAT boring. Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70401t=70151 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DLSW Icanreach [7:70154]
You should do bit-swapping because the routers will speak in non-canonical addressing. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70164t=70154 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Redistribute OSPF to RIPv1 [7:69969]
you could try to configure area 1 range command at the abr, R2. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70041t=69969 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: permit only even subnets [7:70039]
To match the even subnets, use access-list 1 permit 192.168.0.0 0.0.254.255 To match the odd subnets, use access-list 1 permit 192.168.1.0 0.0.254.255 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70040t=70039 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP recertification question [7:69943]
Kevin Actually you have to attempt the lab within 18 months of completing the qualification exam. If you fail you mustnt leave a a gap of more than twelve months between lab attempts and must pass the lab within three years of the qualification exam pass. Peter --On 01 June 2003 02:35 + Kevin Wigle wrote: no, the CCIE written does one thing and one thing only, allows you to attempt the lab - and then you have to do so within one year. The recert extends your CCNP another 3 years. Kevin Wigle Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69960t=69943 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Tag Switching Vs Multicast [7:69797]
At 05:24 PM 5/29/2003 +, Kazan, Naim wrote: Howard, I would appreciate your view and the group on which one you guys would prefer, Tag switching or Multicasting. We having been running into problems with doing multiple windows XP imaging that can only handle up to 8 computers at a time. Multicast is enable at the layer 2 3 but still can't run more than 8 multicast sessions using Norton tool to accept clients for multicast. Once it receives the MAC address of the computer we send a session out to image about 8 computers. The number of computer will fluctuate doing more than 8 and sometimes only capable of doing no more than 3. If we do more than that it freezes up at 25% completion rate of the image. We have over a thousand computers to upgrade to windows XP by mid to late June. Our network has 6500 serious switches along with 7507 core routers. The 6500 handle both layer2/3 functions. Any help will go a long way. Thank you in advance for everyone's input in this matter. Sounds to me like you need a better multi-cast source vs changes in your network. Where does tag switching fit into this? -Original Message- From: Howard C. Berkowitz To: [EMAIL PROTECTED] Sent: 5/28/03 3:50 PM Subject: Re: Packet retransmit questiion [7:69715] At 6:46 PM + 5/28/03, Robert Perez wrote: Hi all, I have a question on the CCIE 350-001 test. I have heard differing opinions on this but when traffic crosses a WAN connection and there are problems who does the retransmit?? Host or RTR?? 1.) In Frame relay there is a line hit or corrupt packet on the WAn, who retransmits, should be the source router correct? 2.) In a point to point circuit w/HDLC there is a line hit or corrupt packet who retransmits, should be the source router correct?? 3.) In a bridged environment with a WAN a T-1 takes a line hit or corrupt packet who retrnasmits, should be the source host correct?? In all cases, the host, if you are running IP protocols that even specify retransmission. TCP does, but UDP does not. RPC over UDP retransmits. The only exception where the router would retransmit would be if you are running X.25, LAP-B, SSCOP, or SDLC. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69813t=69797 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Am I over my head guys? [7:69746]
At 07:52 AM 5/29/2003 +, B Rudy wrote: Hey guys, I just got an offer to become a 2nd senior network engineer for this company in Orange Country. Great News i know!! Dilemma: I am a CCNP but have no local Area Nework Experience. Going to be workin with Catalyst 6500 switches. Also i have about 2 yrs working with cisco equipment, however, dont feel i am ready for a senior title and duties. Also working with cisco routers. What do you guys think i should do? 1. Take the job and see how it works out? Maybe mess up their network and look real dumb and unknowledgable on some troubleshooting. risked getting fired? 2. Let the job go, and watch a great opp float away? 3. Keep the existing job i have working with cisco equipment and technology? I get through most days very much like a duck; calm in appearance, but scrambling like crazy underneath to keep things afloat. This is not a bad thing really, it just means that you may have to do a bit more research here and there. At the end of the day, so long as you don't misrepresent yourself, or answer questions when you aren't sure of the correct answer, you'll do fine. One of the best ways to advance and really push yourself is to drop in well over your head and see if you can't swim up :-) Drowning is a great motivator! You obviously care about getting it done right, and will likely put the time it to make up for any lack of experience you think you may have. You'll do fine I expect. Pete p.s. This job is a senior position, so meaning senior pay. very positive aspect, and a great company going places. over 4000 employees. Your output is greatly appreciated. Really need some advice. Thanx Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69811t=69746 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Urgent Help Needed [7:69669]
At 12:02 PM 5/28/2003 +, Rohit Sundriyal wrote: Hi All I am facing very Strange Problem .My lan is behind Pix and for the last few weeks i am receiving some popup messages on my lan pc from internet even thought i am not browsing any site.Can anybudy tell how to block this kinda messages on pix ??? These are likely triggered by trojan apps on your pc. Try grabbing software that scans your PC for these types of tools. I use ad-aware myself if I recall correctly. Also, when a pop up appears, you can always drop to the shell (assuming winx) and use netstat to see what connections you have active to get an idea where the pop up was coming from. Pete For more information please visit http://www.4vsoft.com (Software that is used for sending this kinda messages.) Thanks Rohit Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69680t=69669 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 640-607 CCNP SUPPORT EXAM urgent [7:69565]
thanks guys Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69599t=69565 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Layer 3 and 2 question. [7:69576]
At 03:05 PM 5/27/2003 +, Nuurul Basar wrote: I am planning to configured both my core and distributions as L3 device, and let the access switch to distribution using L2. I was advice that by doing this on my network two identical ip address on same subnet/vlan but in a different access switch can exist. And a packet that is attend to a host in the different switch might end up in the else where. Is this real?. I'm not entirely sure what you are trying to accomplish here? Do you actually require multiple devices to share single IP addresses? I have only seen that used for things like DNS query handling (stateless udp). Haven't seen it used anywhere else. Sorry, but I have never think off this before. Thanks Nuurul Basar Mohd Baki Network Engineer DDSe Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69602t=69576 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Layer 3 and 2 question. [7:69576]
At 08:19 AM 5/28/2003 +0800, Nuurul Basar wrote: I was amming to get both Core and dist running on L3, thus a thought off two network device having the same IP was no in. My design was rejected by the Project Mgr, due this this reason. Since my customer won't be running DHCP, so some one can used the IP in another switch. I have seen the L3 config done in another site with DHCP, and so far it works fine. I also have to disable STP and lets routing take over, using OSPF. Ok. It sounds a bit like you might have an ISP network that connects to multiple different customers? I am trying, but failing to understand what it is you are trying to do :-) Pete - Original Message - From: Peter van Oene To: Sent: Wednesday, May 28, 2003 2:51 AM Subject: Re: Layer 3 and 2 question. [7:69576] At 03:05 PM 5/27/2003 +, Nuurul Basar wrote: I am planning to configured both my core and distributions as L3 device, and let the access switch to distribution using L2. I was advice that by doing this on my network two identical ip address on same subnet/vlan but in a different access switch can exist. And a packet that is attend to a host in the different switch might end up in the else where. Is this real?. I'm not entirely sure what you are trying to accomplish here? Do you actually require multiple devices to share single IP addresses? I have only seen that used for things like DNS query handling (stateless udp). Haven't seen it used anywhere else. Sorry, but I have never think off this before. Thanks Nuurul Basar Mohd Baki Network Engineer DDSe Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=69623t=69576 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP AS removal [7:66928]
At 01:53 AM 4/6/2003 +, Bullwinkle wrote: In other words, for purposes of testing, there are ONLY two ways to remove things from the AS_PATH. 1) the technique you describe, which is to create Both these techniques are invalid in my opinion. If you create a new route, you haven't changed the AS-PATH on another route at all. In these cases, you have two routes, not one modified one. an aggregate and advertise that aggregate only ( although refresh my memory - an aggregate might still contain full AS_PATH information - don't have my book handy ) OR to create an appropriate route to null 0, then enter that route into the BGP process, while filtering those that contain the AS_PATH you want to remove. AS1-AS2-AS3 192.168.x.x subnets --advertised into AS2 ip route 192.0.0.0 255.0.0.0 null 0 bgp process command: network 192.0.0.0 mask 255.0.0.0 filter the more specific BGP routes. AS3 should see just the route to null 0, which does originate in AS2 do I have that right? Do you agree? -- - Bullwinkle: Hey, Rocky, watch me pull a CCIE out of my hat! Rocky: Bullwinkle, that trick NEVER works Bullwinkle: This time FOR SURE!!! ( pulls snarling Proctor out of hat ) No doubt about it. I gotta get me a new hat! Salvatore De Luca wrote in message news:[EMAIL PROTECTED] I hear ya.. that's why if this was a TEST situation, the statement: ip as-path access-list 1 permit _2_ ! _2_ _1$ would permit routes traversing AS2 but deny any routes traversed though AS2 Originating in AS1. In which case 150.50.200.0 aggregated element should be the nlri Fresh Route point for AS3's knowledge. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66965t=66928 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP AS removal [7:66928]
At 04:22 PM 4/2/2003 -0500, you wrote: 150.50.200.0(R1)(R2)--(R3). R1 belongs to AS1 R2 belongs to AS2 R3 belongs to AS3 I inject 150.50.200.0 using the network command on R1 and see 150.50.200.0 in R3 with as_path of 2 1. The question is how can I remove the 1 from the As Path on R3. You don't. Doing this would be silly and likely dangerous. I have tried using the network command on R2 with no success. If I aggregate on R2 using 150.50.200.0 255.255.255.0 summary-only , I will still see 150.50.200.0 with as-path 2 1 ( no change). However, if I aggregate on R2 using 150.50.0.0 255.255.0.0 summary-only, then I will see 150.50.0.0 with as-path 2. The question was to get 150.50.200.0 and not 150.50.0.0. I can't get the 150.50.200.0 to work. Thank you. RAM Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66928t=66928 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP AS removal [7:66928]
At 08:26 PM 4/5/2003 +, Salvatore De Luca wrote: I have to agree that it is a bit silly, dangerous, and should not be done on a production enviornment.. but so are a lot of scenarios on the CCIE Lab.. Just to add to the sillyness: Because it is silly and dangerous, you also can't do it without creating an entirely fresh route with the same nlri and conditionally advertising it somehow. You simply are not supposed to muck with AS-PATH elements unless you are aggregating, it which case you follow the defined guidelines. Not sure how this would work, but you can try it.. have you tried as-path manupulation? From what I can see you want to remove as 1 from the path as R3 see's it. This config may work for what you are looking to do. You can try applying this to the config aggregating the 150.50.200.0 network. I think AS2 would have to originate the 150.50.200.0 net. router bgp 3 neighbor x.x.x.x route-map as-path in route-map as-path permit 10 match as-path 1 route-map as-path permit 20 match as-path 2 ip as-path access-list 1 permit _2_ ! _2_ _1$ ip as-path access-list 2 permit .* Sal Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66938t=66928 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP Question...?? [7:66919]
At 03:46 PM 4/5/2003 +, Salvatore De Luca wrote: Hi All, I am trying to better understand a particular BGP scenario, thought someone might shed some light. This is probably very simple, i am just missing the punchline. If you have 2 routers, one let's say running in AS100 the other running in AS200, and you had to EBGP peer with 128.1.1.254 from AS100 router. You were required to use the Ethernet0/0 ip on AS100 router for peering 128.1.2.3, would you configure your neighbor statment pointing to 128.1.1.254 and update the source to Ethernet 0/0?,(I tried this and was no good) even after a debug ip bgp. I think maybe a secondary address 128.1.1.253 on the ethernet might be a way to go. Basically, 128.1.1.254 is a route generator that I would need to peer with in order to recieve several external routes. I dont have any configs to post at the moment, but just trying to get an outside opinion. There isn't enough info here to answer this. Is 128.1.1.254 on the other side of the Ethernet? (ie the next is 128.1.0.0/22)? Likely not I expect. If not, you need to use EBGP multihop which will allow the EBGP packets to move out farther than 1 link (changes the TTL in the packet from 1 to whatever you set it to) Furthermore, is the 128.1.1.254 configured to peer with 128.1.2.3? If not, you'll need to use update source to set your side of the connection to the appropriate address. If 128.1.2.3 is a secondary, that this would likely need to be used as well. However, is 128.1.2.3 is the primary address on the eth0 and the eth0 is the closest link on your router toward 128.1.1.254 and 128.1.1.254 is set to peer with 128.1.2.3, than you should just be able to set multi-hop with an appropriate TTL and be on your way. Also watch for BGP authentication in case it is required. Pete Thanks, Static0101 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66937t=66919 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Books for Introduction to networking [7:66849]
This has always been one of my favorites. http://www.amazon.com/exec/obidos/ASIN/0130661023/qid=1049475026/sr=2-2/ref=sr_2_2/002-6465627-7277631 (Computer Networks by Andrew Tannenbaum) Pete At 03:20 PM 4/4/2003 +, Hubert Pun wrote: Hi, Is there any good book for non-technical manager about intro to networking (or network 101)? I have tried to search around and come across two books. Cisco Networking Academy Program IT Essentials II: Network Operating Systems Companion Guide http://www.ciscopress.com/isapi/st~{83B5FF0E-06C7-4A59-B7F4-61B7A6B1566C}/session_id~{8F92035A-5279-4756-AE28-2676C8AB5BF8}/product_id~{66B1B7AF-7587-4FD1-8D82-FDB7976BD71F}/catalog/product.asp Internet Architecture: An Introduction to IP Protocols http://www.amazon.com/exec/obidos/tg/detail/-/0130199060/qid=1049468836/sr=1-9/ref=sr_1_9/002-1652755-1832040?v=glances=books The Internetwork Technology Handbook that is too cisco oriented and also one step too far. What I am looking for is some books that talks about OSI 7 layers, what router is for, what switches is for and so on Thanks in advance for any suggestion. _ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66856t=66849 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PAT AFTER NAT (confused) [7:66734]
According to my experience you have got it the wrong way round. Cisco IOS will do NAT until the pool runs out, then do PAT on the last IP. This was a major issue when then documentation suggested the opposite. Not sure if this is still the case though. Peter --On 03 April 2003 07:50 + ciscoGo2002 wrote: Hello friends, Thankyou for your answeres, but I have more doubts: Config: ip nat inside source list 1 pool POOL overload If have understood your answers, the router start doing PAT with the first IP address and doesn't takes the next avalaible public IP address until PAT is exhausted with the first IP address, right?? But if this is the way it works I think we never use the rest of the public IP's in the pool because there are not enough clients to exhaust PAT with the first IP... I think it will be much better if the router starts doing PAT and after the pool is exhausted. I cannot do NAT 1:1 and reserve one public IP to do PAT, because I don't want to give the same IP to a set of clients and not to another... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66743t=66734 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Is this addressing permissible ? [7:66676]
SEE BELOW. I have a router with a loopback address This address is being used by Serial0/0.1 and Serial0/0.3. Is this a legal use of loopback addressing - or would it lead to ip duplicate conflicts within routing processes. (The ARP table shows no entries when these i/faces are pinged). Is this addressing 'valid' ? ..Sh ip int brie... Serial0/0 unassigned YES unset upup Serial0/0.1 146.135.171.209 YES unset upup Serial0/0.2 10.220.38.30YES NVRAM upup Serial0/0.3 146.135.171.209 YES unset upup .sh run.. interface Loopback1 ip address 146.135.171.209 255.255.255.255 no ip directed-broadcast ! interface Ethernet0/0 ip address 10.31.0.1 255.255.252.0 no ip directed-broadcast ipx encapsulation SAP ipx network 1031 ! interface Serial0/0 no ip address no ip directed-broadcast encapsulation frame-relay no ip mroute-cache random-detect frame-relay lmi-type ansi ! interface Serial0/0.1 point-to-point ip unnumbered Loopback1 no ip directed-broadcast frame-relay interface-dlci 445 ! interface Serial0/0.2 point-to-point ip address 10.220.38.30 255.255.255.252 no ip directed-broadcast ipx network 19468416 frame-relay interface-dlci 150 ! interface Serial0/0.3 point-to-point description 8K Management PVC to Docklands bandwidth 8 ip unnumbered Loopback1 no ip directed-broadcast frame-relay interface-dlci 446 ! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66676t=66676 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: A career in MPLS..... [7:66609]
At 03:27 AM 4/2/2003 +, Priscilla Oppenheimer wrote: I wonder if Cisco's MPLS class is just dated. It takes a long time to develop and roll out a new class, especially if there's also a Cisco Press book, exam, instructor materials, course binder, instructor training, beta testing, etc. More than likely, Cisco chose to teach what a broad range of their gear could do. L2vpn doesn't fit this category, though I would expect that they have better luck with RSVP. In the early days of MPLS, was there more emphasis on LDP than on RSVP-TE? I find the two technologies not competitive actually. I am just now building a network that runs LDP on a large number of devices for ease of provisioning, yet rides a TE core that is signalled by RSVP-TE. To me, these are two tools. However, I agree with nrf that glossing over RSVP will leave a bit of a hole in one's knowledge. I again expect that Cisco may have had wider platform support for LDP than they did for RSVP, but I'd have to check that out as I know they were an early supporter of RSVP, but may not have offered it beyond their 7500/12000 product lines. Were MPLS L3 VPNs around before L2 VPNs? RFC2547bis, or BGP/MPLS VPNs, was the first widely inter operable vpn technology that used MPLS in the forwarding plane. It is thus also the most mature of the many variants and again more widely support across the product line. L2vpn (ptp) is still pretty fresh, particularly in the Cisco camp. Very few platforms have a wide range of support for the many encapsulations defined by the various martini specs. (Luca Martini from L3 has taken the lead on the many L2 over MPLS encap standards as well as defined a signalling mechanism via LDP) I expect the standard course gear doesn't have enough support for these technologies to make labs feasible. I should note that the L2vpn (if you want to call it that and most marketing types do) I've been discussing (though briefly) are the point to point type (Virtual Private Wire Services -VPWS). Think frame relay with ethernet in the last mile and 802.1q tags for DLCIs. There are also a set of standards dealing with point to multipoint delivery, usually known as Virtual Private Lan Services that are attracting a bunch of a attention. These specs made the provider network look like a single broadcast domain. I'm not convinced that is a good thing (don't know many providers using LANE for what its worth), but it certainly seems exciting to marketing and IETF types. Anyway, I suppose my overall point is that I fully agree with nrf, that to the curricula is not entirely representative of the more interesting bits of MPLS, however I expect the underlying reason is lack of platform/sw support to enable effective classroom lecture on the subjects. Pete Maybe it's just a matter of course development latency. Thanks for your insights. Priscilla nrf wrote: Henry D. wrote in message news:[EMAIL PROTECTED] I don't mean to start any type of argument here, especially with someone who obviously has more experience than I do. Yes, you've been contributing to this study group many times. But also many times your contributions are rather rethorical than practical and at the same time you seem to draw attention to what your opinion is rather than to give an educated and objective view backed by any type of real life examples. First of all, given the subject matter (MPLS), it is most difficult to be giving out real-life examples. The fact is, MPLS is at this time not widely implemented, so therefore few examples abound. Second of all, it is essentially impossible for anybody to make a posting that is not necessarily colored with an opinion, particularly when they are discussing a subjective question. Questions like whether they should study MPLS or what they should do with their future are necessarily going to draw a wide range of opinions. If everybody is supposed to dogmatically answer 'yes' or 'no', then what's the point of even asking the question in the first place? The point is that subjective questions must necessarily elicit subjective answers. People are not robots. Everybody has to call it like they see it. You ask a subjective question, and people should be able to chime in with whatever they think. It's all about freedom of speech. Third of all, Cisconuts and I have taken the discussion offline, and while I don't want to speak for him, I would venture to say that he is quite happy with my responses. So if he's cool, then what exactly is your beef? Fourth of all, I resent the implication that my views are not educated. Be careful when you go around saying stuff like that. I seem to recall a story a few years ago how one particular guy harangued another guy about BGP, essentially saying that he knew nothing about how BGP really worked - only to find out
Re: CCIE Vs. Linux engineer (not Ph.d) [7:66669]
Just study both and go easy on the incitement of textual riots. At 10:15 AM 4/2/2003 +, you wrote: Hopefully I'm not going to stir another whirpool here. Today I was surfing job sites and found out that where there are less than dozen jobs available for CCIE in Silicon valley, there are more than 80 jobs available for Linux engineers. Their initial salaries seem to be better than CCIE nowaday. We all understand that we take great pride in achieving CCIE. It is not only the hardest network certifications to get, but also financial rewards used to be excellent, too. No matter how much efforts we put in these CCIE certifications, our fates are still being subject to the cruel law of supply and demand especially in this time of war. Linux is not easy. There are many commands to remember. But it doesn't require to invest thousands of dollars in routers and switches for training. However their demands are higher than ever. On the other hand, the supply for the CCIEs seems to surpass today's demand and for some serious time to come. Some might say, you study CCIE because you love the networking. Alright, but if the future salaries for CCIEs are going to be somewhere near MCSE level, would you put such an effort to get CCIE certs and still pursuing the career of Cisco? Where are we heading? Someone please enlighten us. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66688t=9 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2 different CCNP certifications [7:66547]
Charles There are 3 basic differences. The foundation exam really is like three exams in one sitting. You get questions from all three of the topic areas and get scores for each subject area. If you pass in ALL subject areas then you have passed. If you fail in any area then you have failed the whole exam. The 2nd difference is cost. If you pass first time then you will spend less on the foundations exam. If you fail once or twice then it would probably have been cheaper to take the exams individually. The final difference is that the foundations exam does not count in any way towards CCIP certification. You will still need to pass BSCI to attain CCIP certification. So if you are very confident of your knowledge of Routing, Switching and Remote Access, and arent planning on going for CCIP then the Foundation exam could be a quicker, cheaper route to CCNP (with Support exam). Peter Walker CCNP, CCIP, CCDP, etc --On 31 March 2003 13:00 + DeVoe, Charles (PKI) wrote: Since I just recently passed my CCNA I thought I would continue on up the ladder. In looking at the CCNP I see there are 2 ways to get it. 1. Take the BSCI 640-901, Switching 640-604, Remote Access 640-605 and Support 640-606 exams. OR 2. Take the Foundation exam 640-841 (combination of the BSCI, Switching and Remote Access exams) and the Support 640-606 exam. What is the difference and what is proffered? Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66555t=66547 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What tools can tell u r using lease line or ISDN? [7:66561]
At 05:27 PM 3/31/2003 +, Link Teo wrote: I am using leased line to connect my remote offices to HQ. All the leased line are backup by ISDN. Is there any tools which can inform me via email or other means about whether I am using leased line now or ISDN backup? In other words, any tools which can inform me when the primary line is down and the ISDN kick in? Any SNMP manager should be able to tell you when the primary link dies. Thanks a lot. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66574t=66561 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP Route Reflectors [7:66488]
At 04:52 PM 3/31/2003 +, \\[EMAIL PROTECTED]\ wrote: All, Please can someone clear this up for me, if you have the time. IBGP peers do not have to be physically connected to one another, as long as an IGP (most preferably) is running between them. In most cases the routers are not adjacent and certainly do not need to be. Half the reason one runs an IGP in an ISP is for loopback reachability support for IBGP peering. Such a demand would put pretty expensive topological demands on a network. On page 128 (paragraph 1) of the Routing TCP/IP Volume 2 book, it says the following about route reflectors and clients :- The clients have physical connections to each of the route reflectors, and they peer to each This may relate only to the diagram in question. I assume that each client in a iBGP domain, does not need to share a physical data-link to each RR? Correct. Many thx. (maybe im just tired from studying all weekend). Regards, Ken For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66573t=66488 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PING THINGS - THE SEQUEL [7:66242]
Of course. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66372t=66242 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ping things [7:66155]
OK If I use the loopback addr then I can see ext trace going right way. Now I need to make the rtr use this addr as the source Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66237t=66155 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ping things [7:66155]
I can reach my end node by declaring the loopback address as the source. By default the router is using the seril i/f address. Unless I use the loopback as the source it dont work. So I need to understand how to fix this - I imagine the intervening hops are where the trouble lies Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66244t=66155 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PING PROBLEM [7:66132]
At 09:58 AM 3/26/2003 +, Larry Letterman wrote: The serial interface cant ping itself like the ethernet can..It will send the packet to the remote end and then back..if the path between both serial interfaces is not correct the local ping will fail..turn off keepalives and see if the ping will work on the local end.. With HDLC encap, the router should be able to ping itself IIRC. Pete Larry Letterman Network Engineer Cisco Systems - Original Message - From: srinivas kunthuri To: [EMAIL PROTECTED] Sent: Tuesday, March 25, 2003 8:43 PM Subject: Re: PING PROBLEM [7:66132] Hi Larry, I did not understand what you are saying. I had pinged my local serial interface. it is giving request timed out. i had pinged the remote end serial ip. it is giving reply. Can you tell me why it happend. Thanks, K.Srinivas - Original Message - From: Larry Letterman To: srinivas kunthuri ; [EMAIL PROTECTED] Sent: Wednesday, March 26, 2003 1:09 AM Subject: Re: PING PROBLEM [7:66132] to ping the serial interface usually it has to go to the remote end and then back...make sure the path from end to end is working... Larry Letterman Network Engineer Cisco Systems - Original Message - From: srinivas kunthuri To: [EMAIL PROTECTED] Sent: Tuesday, March 25, 2003 2:11 AM Subject: PING PROBLEM [7:66132] Hi all I am having one doubt regarding ping. I had configured two routers at two locations connected through SCPC PAMA VSATs. I had pinged to serial interface. It has given request timed out. but, the serial interface is up and line protocol is also up. I had pinged the other end serial ip. it is giving reply. what will be the reason. can any one explain me . Regards, K.Srinivas Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66251t=66132 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PING THINGS - THE SEQUEL [7:66242]
When I traceroute or ping to a remote node from Router A - no reply. If so an extended traceroute or ping using the source's loopback address - hey presto- all works fine. So how do I get the route to use its loopback address as the source - rather than the serial interface. Or cant I change this? IF I cant change this then I seem to have to look at the routing in the intervening hops and ensure all hops refer to this loopback address - rather than the serial address on Router A. Yes? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66242t=66242 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Basic QOS Frame MPLS question [7:66210]
At 02:08 PM 3/26/2003 +, [EMAIL PROTECTED] wrote: I don4t think so. There are many QoS tool that you can use without MPLS. For what it's worth, MPLS is not a QOS tool. It can be used as a component in a QOS strategy, but by itself, provides no QOS. For example, you can use ip rtp priority, so the priority traffic will go to a high priority queue. Also, the fragmentation options will help you to avoid 'big' frames from starving the voice frames. Low Latency Queueing for Frame Relay http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t2/dtfrpqfq.htm#wp1033474 Link Fragmentation and Interleaving with Frame-Relay http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos_c/fqcprt6/qcflfifr.htm Frame Relay Header compression http://www.cisco.com/univercd/cc/td/doc/product/software/ios112/rtphead.htm#xtocid63548 Paul @groupstudy.com em 25/03/2003 19:59:20 Favor responder a Paul Enviado Por: [EMAIL PROTECTED] Para: [EMAIL PROTECTED] cc: Assunto:Basic QOS Frame MPLS question [7:66210] Hi, Quick question to everyone At work I have a Frame Cloud that links all our sites together in a hub and spoke manner. At some of the sites I would like to extend our IP Telephony and perhaps introduce Video Conferencing. Assume I have adequate bandwidth throughout for video and IP telephony. I would like to implement QOS. Am I correct in assuming that I can only prioritise voice/video over the frame circuit, and that if I want to implement QOS I would have to 'swap' Frame for MPLS/Layer 4 Switching ??? Kind regards Paul Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66261t=66210 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ping things [7:66155]
At 12:55 PM 3/26/2003 +, Peter P wrote: I can reach my end node by declaring the loopback address as the source. By default the router is using the seril i/f address. Unless I use the loopback as the source it dont work. So I need to understand how to fix this - I imagine the intervening hops are where the trouble lies Make the serial interface reachable. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66260t=66155 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ping things [7:66155]
I can ping from router A through various hops to router F. Therefore the packet'knows' how to reach F - and also how to find a path back to A by reply. However from router F I cannot ping router A. As the ping works in the first case - ie it knows the path back from F to A - how come it doesnt work in the 2nd ? The path is 'clean' ie no firewalls, access lists or any filtering. Puzzled. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66155t=66155 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ping things [7:66155]
At 02:55 PM 3/25/2003 +, Peter P wrote: I can ping from router A through various hops to router F. Therefore the packet'knows' how to reach F - and also how to find a path back to A by reply. However from router F I cannot ping router A. As the ping works in the first case - ie it knows the path back from F to A - how come it doesnt work in the 2nd ? The path is 'clean' ie no firewalls, access lists or any filtering. Puzzled. A cannot reach the interface from which the ping in sourced on F most likely. Try controlling your source addresses and see if that points you in the right direction. Pete Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66174t=66155 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ping things [7:66155]
At 04:35 PM 3/25/2003 +, Priscilla Oppenheimer wrote: Orlando Palomar Jr CCIE#11206 wrote: You have a routing problem. Check your routing tables thouroughly. I'm sure you're missing some networks. The reason you're able to ping one-way is because you're using different sets of source and destination IP addresses when pinging from router A to router F, as compared to pinging from router F to router A. The ping reply from router F uses the same addresses as the ping from router F to router A. Why would the reply work but not the ping? In many cases the ping is directed to a router loopback which I assumed and likely Orlando did as well. Or maybe the ping from router F to router A fails because the reply from router A doesn't get back. But that would be weird too. Why would router A be able to send a ping but not a reply? He needs to find out which fails and where, with debugs or sniffers. He could still have a routing problem, but it would have to be a weird one if these results are consistent. He says no firewalls or access lists, but it sure sounds like a firewall or access list to me. Priscilla Use the extended ping command to see what I mean. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66175t=66155 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ping things [7:66155]
At 04:35 PM 3/25/2003 +, Priscilla Oppenheimer wrote: Orlando Palomar Jr CCIE#11206 wrote: You have a routing problem. Check your routing tables thouroughly. I'm sure you're missing some networks. The reason you're able to ping one-way is because you're using different sets of source and destination IP addresses when pinging from router A to router F, as compared to pinging from router F to router A. The ping reply from router F uses the same addresses as the ping from router F to router A. Why would the reply work but not the ping? In many cases the ping is directed to a router loopback which I assumed and likely Orlando did as well. Or maybe the ping from router F to router A fails because the reply from router A doesn't get back. But that would be weird too. Why would router A be able to send a ping but not a reply? He needs to find out which fails and where, with debugs or sniffers. He could still have a routing problem, but it would have to be a weird one if these results are consistent. He says no firewalls or access lists, but it sure sounds like a firewall or access list to me. Priscilla Use the extended ping command to see what I mean. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66204t=66155 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: type 4 LSA updates OSPF question [7:66089]
At 08:25 PM 3/24/2003 +, Xy Hien Le wrote: Hi everyone, Can someone tell me that only ABR will ORIGINATE type 4 LSA in OSPF or both ABR and ASBR do? Only ABRs originate type 4 summaries. Pete Thanks Xy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66094t=66089 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Using communites to change the local-pref - not working?? [7:65999]
Are you sure the communities are on the routes when they hit UU/Sprint? I expect you remembered to add send-community to the peer :) Pete At 04:26 PM 3/22/2003 +, Cisco Nuts wrote: Hello, I have 2 routers in AS300 RTF is connected to RTA in AS 1239 RTG is connected to RTH in AS 701 In AS300 I have set communities via a route-map to be advertised as follows: 1239:110 to AS 1239 701:120 to AS 701 Routers in AS 1239 and AS 701 have been configured with a community list and a route-map to match these communities and change the local pref to 110 and 120 respectively. These work fine: Ex.AS701-H#bt Network Next HopMetric LocPrf Weight Path * 3.3.3.0/24 190.90.10.1 120 0 300 i Ex. AS1239-A#bt Network Next HopMetric LocPrf Weight Path * 3.3.3.0/24 180.80.10.1 0110 0 300 i AS1239 and AS701 are connected to RTE AS7018-NAP From AS7018, I wanted to route to be preferred through AS701 which has a higher local pref of 120 BUT AS7018 still prefers the route thru AS1239 which has a local pref. And I do not see the local pref values in AS7018. Why?? Ex. AS7018-NAP#bt Network Next HopMetric LocPrf Weight Path * 3.3.3.0/24 170.70.10.20 701 300 i * 160.60.10.20 1239 300 i 160.60.10.2 is AS1239 Now I do understand that all things being equal, BGP will prefer the router with the lowest RID, which in this case is AS1239, 160.60.100.100. Thus AS7018 chooses this route. BUT I want AS7018 to choose AS701 to get to AS300's networks!!! Question: Should AS7018 on receiving the communites from AS1239 and AS701 set the desired local pref?? Why not?? What am I missing? Please advise. Thank you. Sincerely, CN _ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65999t=65999 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Using communites to change the local-pref - not working?? [7:66002]
Question: Should AS7018 on receiving the communites from AS1239 and AS701 set the desired local pref?? Why not?? What am I missing? Please advise. My read on it ( after checking Halabi's and Stewart's books ) is that LOCAL_PREF is typically set on the inbound side, not with the outbound side. LOCAL_PREF is an optional attribute. You don't want others to be able to impose their criteria on you. This is actually a real world scenario. In an ISP network, I want control of everything. Letting customers influence their flows (or peers or anyone for that matter other than me) makes me nervous. For these reasons, even though it may be safe to use it, I'd zero all inbound meds. However, I may want to allow a customer some controlled flexibility, so I give them a few communities to strap on routes that will influence my pref setting. This is what CN is referencing. ATT might give you 7018:90, 7018:80 and 7018:100 to use which they will honor with LPref settings on their end (of 80,90 and 100 in this case). In this way, as the ISP, you give the customer the ability to influence your exit decisions, but you do it on your terms. Pet also - are you remembering to use the bgp send-communities switch? This, or buggy IOS that itself might have overlooked this setting would be my guess. Thank you. Sincerely, CN _ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66002t=66002 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IPSec and nated ISDN router [7:65782]
Chris The Cisco TAC website has a number of examples. From www.cisco.com Technical Support - Technology Support - Security VPN - IPSEC - Samples and Tips Or just go to http://www.cisco.com/cgi-bin/Support/browse/psp_view.pl?p=Internetworking: IPSecs=Implementation_and_Configuration#Samples_and_Tips (watch the wrap). You may need a cco login to get that far though. Then scroll down to IPSec on Router to ... By looking through a few of the router to router and router to pix examples you should be able to work it out. If I am reading your question right it basically comes down to putting in some deny statements into your NAT access-list that match your crypto map. Regards Peter --On 19 March 2003 22:18 + Chris Penrose wrote: Hi all, Can anyone help me with a problem I am having trying to create a VPN on an 801 to a PIX firewall. I have other devices working fine but the isdn router does not seem to want to encrypt the traffic I specified in the access list. I have applied the cypto map to both the dialer and the bri interface and I have read somewhere that the problem is to do with the ios natting the traffic before it gets to the crypto statement. Does anyone that has done this have any examples they could send me, as I can't seem to find a relevant one on the cisco site :-/ Many thanks Chris This email and any attachments are confidential and intended solely for the individual or organisation to which it is addressed. If you have received this email or any attachments in error please notify us by email or telephone +44 (0) 1872 279727 immediately. Please ensure no further copies of this email or attachments are distributed in any form and that all copies are permanently deleted from your systems. The contents of this email and any attachments shall be of no contractual effect unless otherwise agreed between AC Systems (Danemove Ltd) and the legitimate recipient. AC Systems Danemove House Newham Road Truro Cornwall TR1 2DP www.ac-systems.co.uk Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65792t=65782 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: pix 501 limitations [7:65785]
bk The answers you are looking for are in the PIX 501 datasheet at http://www.cisco.com/warp/public/cc/pd/fw/sqfw500/prodlit/px501_ds.pdf (watch out for line wrap), in the section Performance Summary Peter --On 19 March 2003 22:24 + bk wrote: Good day, I thought I read somewhere that the vpn tunnel on a 501 is limited to 3mb/sec throughput?? But I can't find that anywhere. Has anyone actually got the inside of a 501 to use 100mbs?? thanks, bk Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65793t=65785 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Getting out of hand?? [7:65676]
At 07:31 PM 3/18/2003 +, Priscilla Oppenheimer wrote: Maccubbin, Duncan wrote: How is the industry supposed to keep up with this?? What's the issue? Not sure I'm seeing your point. What's wrong with Cisco announcing that their product received some sort of certificaton? Exactly.. I think the poster mistook the possibly ambiguous announcement as yet another CCXX cert. Now, if you were concerned that Cisco has too many ways for people to get certified and that the situation is getting out of hand, I might agree. I really am surprised at how many folks pour their heart/money into getting one after another. I'm also amazed at how many folks will try and devote a good portion of interview time to showing me their various certificates. After the first couple I pretty much grasp that you have enough short term memory to get through a multiple choice exam and we should really get back to talking about technologies. Cisco makes big bucks on these certifications. The recert requirements create a beautiful residual revenue stream making this business unit very attractive internally to Cisco. Since they doubled the cost of the CCIE recert, purely for profit, I have decided to let my certification lapse vs give in to this obvious cash grab. Kudos to Cisco for making their VAR channels one of their more lucrative revenue sources. Priscilla Cisco also announced today highly prestigious certification support across the entire PIX Family of security appliances. Certifications earned include the Common Criteria Evaluation Assurance Level 4 (EAL4) certification, and both ICSA Labs firewall and IPSec certifications. These certifications provide customers with independent and objective validation that a company's product meets certain levels of quality and reliability, and are among the industry's most respected and stringent criteria for certification. Providing customers broad certification support across the Cisco PIX family within a common operating system increases operational efficiencies and lowers support and management costs. Duncan Maccubbin US Network Support, Cable and Wireless CCNA, CCNP, CSS1, MCSE4 Work (703)287-6975 [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65689t=65676 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS for MPLS [7:65586]
At 02:25 PM 3/17/2003 +, Michael wrote: Dear all Can anybody suggest a stable vesion that supports MPLS? Try your SE team. It's all a balance of platforms/features/interfaces/VIPs/PA's etc :) We are in a process of running MPLS though our network on C7507 routers and we tried a few versions IOS but we face various and different problems between the version . We face problems with interface statistics, with web browising with various vendors Firewalls etc.. Most of these issues sound like MTU problems. Are you budgeting for the extra encap overhead in your backbone MTU's? Pete Your help will be appreciated __ Do you Yahoo!? Yahoo! Web Hosting - establish your business online http://webhosting.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65593t=65586 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Off Topic - CCIE Certification Junkies [7:65499]
At 05:30 PM 3/15/2003 +, The Long and Winding Road wrote: With the announcement of the CCIE Voice certification ( a Good Thing, IMHO ) I wonder a couple of things: 1) who will be the first quadruple CCIE? A certification junkie ;-) 2) Does Cisco still recognize the Design, WAN, and IBM CCIE's as valid certifications, making it possible to have more than four? 3) When will the CCIE become just another useless cert in the long history of useless networking certs? I really don't see the point myself. Having a CCIE proves that one is able to do research and pass a relatively challenging test. However, the practicality of the material tested upon is really questionable (more so in some tracks than others I expect as well) I imagine most employers with the technical ability to properly evaluate candidates will not weight candidates with more than one CCIE higher than others. I imagine these types of employers will simply look for candidates who can demonstrate the proficiencies they are looking for. Further, there is little justification outside of the VAR space to hire CCIEs over otherwise qualified folk anyway. Indeed, there may be justification not to as a CCIE may attract more head hunter attention (if there are any left) than a non CCIE would. For me, the CCIE was a good motivation for learning some technologies I would have otherwise ignored. If I were to do another one, it would provide only that benefit. But the costs are becoming quite prohibitive, and Cisco's decision to raise the cost of recertification to 300 bucks has really left me wondering if I will recert. I'm not big on extortion. Pete NRF - you out there tonight? -- TANSTAAFL there ain't no such thing as a free lunch Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65515t=65499 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Any Cisco Teaching Certificate [7:65322]
At 04:45 PM 3/13/2003 +, Shawn Xu wrote: I am holding CCNP certificate. Recently I am interested in teaching Cisco router and switch stuff. Do I need any Cisco teaching certificate? That depends on what you want to teach. If you want to teach licensed Cisco material, then I'd consult with whomever you expect to be teaching for and ask them what they require of you. Shawn _ The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65349t=65322 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Spanning tree question on .1q trunks [7:65386]
At 11:08 AM 3/14/2003 +, Amar KHELIFI wrote: ur right about the frames ability to use gig0/2 only if the gig0/1 goes down, but according to the standard, the link from which bpdu's arrive with a higher cost will be put on blocking, but visibely that is not the case. some one will surelly respond to this. Keep in mind that only one side of a point to point LAN link will ever block. One node on every LAN segment must be elected as the designated bridge port for the segment.I posted a pretty long explanation of this awhile back but can't find it in my archives :( Pete John Brandis a icrit dans le message de news: [EMAIL PROTECTED] Hey All, I am going through my network, which consists of a single 4006 at the core, and some 14 2950's connected via gig fibre. Picture this, I have 4 2950's on each floor (3 floors in my building, yes I know that does not equal 14 switch's) each have a gbic fibre connection to the 4006 core, whilst the other gig port go's to the next switch on that level. So switch 1 connects int gig 0/2 to switch 2 gig 0/2 My issue at the moment, is that when I have a look at the spanning tree states, I see that both gig ports are in a forwarding state. That does not sound correct to me as I expected to see one blocking (the int gig 0/2) and the link to the core in a forwarding state. Here is the output of one of my switch's lvl13-sw1#sh spanning-tree blockedports Name Blocked Interfaces List Number of blocked ports (segments) in the system : 0 --- A showing of my active spanning tree ports shows -- InterfacePort ID Designated Port ID Name Prio.Nbr Cost Sts Cost Bridge ID Prio.Nbr - --- - Gi0/1128.49 4 FWD 0 8192 0009.e87f.ea00 128.75 Gi0/2128.50 4 FWD 4 32769 000a.b7e3.2dc0 128.50 * I have noticed that the cost of the port is significantly higher which would indicate to me that data not go over this interface unless the interface gig 0/1 died. Am I right, or do I have an error on my network. Thanks for this guys/girls/etc/squid/ ** visit http://www.solution6.com UK Customers - http://www.solution6.co.uk ** The Solution 6 Head Office and NSW Branch has moved premises. Please make sure you have updated your records with our new details. Level 14, 383 Kent Street, Sydney NSW 2000. General Phone: 61 2 9278 0666 General Fax: 61 2 9278 0555 ** This email message (and attachments) may contain information that is confidential to Solution 6. If you are not the intended recipient you cannot use, distribute or copy the message or attachments. In such a case, please notify the sender by return email immediately and erase all copies of the message and attachments. Opinions, conclusions and other information in this message and attachments that do not relate to the official business of Solution 6 are neither given nor endorsed by it. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65431t=65386 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ASBR router [7:65424]
At 03:00 PM 3/14/2003 +, [EMAIL PROTECTED] wrote: It is generally a bad idea to run any IGP with your ISP. If your intent is to advertise the external interface that you connect to your ISP to your OSPF network, then run that interface under OSPF as passive. I don't think any sane ISP would allow this anyway ;-) I personally don't see how OSPF is relevant in the question, unless it relates to BGP Next-Hop resolution which likely isn't the case, or maybe the origination of a default route. Thanks, Mario Puras SoluNet Technical Support Mailto: [EMAIL PROTECTED] Direct: (321) 309-1410 888.449.5766 (USA) / 888.SOLUNET (Canada) -Original Message- From: hanan [mailto:[EMAIL PROTECTED] Sent: Friday, March 14, 2003 7:21 AM To: [EMAIL PROTECTED] Subject: ASBR router [7:65424] Hello I have a ASBR router that has internal interface with my internal network and a external interface witch is connected to ISP that provide us Internet My question is do I need to configure this external interface with a separate area or I dont need to put it in a separate area, and if so how I will know which area the ISP use Could you please explain to me how we configure the external interface, which is connected to ISP in ASBR router? Hanan Best regards Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65453t=65424 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Layer 3 Switches Vs Routers [7:65215]
At 05:57 PM 3/14/2003 +, Scott Roberts wrote: In the end, the device either routes or bridges the frames it receives, but takes no action that can be distinctly described as layer three switching. Pete to my basic understanding ALL routing has a switching component to it already, whether we're talking about regular routers or L3 switches. process switching, fast switching, autonomous switching, distributed switching, etc... are all the ways the packets are moved between interfaces on a router. therefore both layer 2 and layer 3 'switch' irregardless of the name on the chassis. I disagree. You are describing a generic technology with vendor specific terminology. How packets move (if they move at all) in a router is an implementation specific detail (that is to say it's up to the box designer and internal to the device itself) . I personally view the sole distinction between the standard routers/bridges and the multilayer switches as the use of ASICs. How a technology is implemented does not change the nature of the technology itself. By this definition, I would be curious at what forwarding rate does a router becomes a switch? In other words, just because some IP routers are faster than others does not mean they are not routers. Of note, most high end routers implement an all silicon based forwarding path and few of these folks have branded their routers as switches. scott Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65476t=65215 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Layer 3 Switches Vs Routers [7:65215]
At 01:43 AM 3/13/2003 +, aletoledo wrote: a layer three switch is a router, just as a switch is really a bridge. a layer 3 switch 'routes' in hardware, while a router routes in software. For what its worth, Juniper would likely take exception to your calling their products layer three switches as they have an all ASIC forwarding plane and therefore route in hardware. thats the easiest way to look at them. it has gaps, but once you get the big picture you can then start to talk about the specifics. probably the biggest thing that a layer 3 switch can't do (unless its changed recently) is route anything but IP. while designing the hardware routing circuits for a L3-switch they had to compromise and IP being the most popular won out. thats not to say that one day they won't have made enough chipsets to route every other kind of protocol also. I suppose since we saw the death of bridges due to switches, we'll also see the death of routers to L3-switch. scott nanda wrote in message news:[EMAIL PROTECTED] Hi ... We have switches that operate at Layer 3..right.. My Question is when we have Routers that are good enough why do we need switches at layer3? Under what circumtances do we use switches instead of routers? Hope I made Myself Clear...Thanks in Advance!!! Regards... Nanda Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65300t=65215 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Layer 3 Switches Vs Routers [7:65215]
At 10:44 PM 3/12/2003 +, Orlando, Jr. Palomar wrote: Without consulting any documentation, a couple of reasons I could think of is forwarding rate and the switch-fabric (or the size of the backplane, usually in Gbps). A full-fledged Layer-3 switch running at wire-speed would be much more efficient in routing (and switching) between VLANs compared to a router. Many routers route at wire speed and can do this on/between tagged VLANs. This is just routing. Another point of comparison is port density. You can only have such and such number of ethernet, fastethernet, or maybe even gigabit ethernet ports on a router before the cost becomes quite prohibitive. Oh sure, you can use the router-on-a-stick method. And though it is a good Cisco IOS feature, it was meant to be an interim solution when transitioning from a flat to a segmented network. Anyway, if you only have a relatively small network, say 2 VLANs, you can opt for the router-on-a-stick method. Or better yet, use a router with dual ethernets or fastethernets. However, if you're supporting 4,5, or more networks, that's what L-3 and multi-layer switches are for. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65301t=65215 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP dampening [7:65086]
At 07:39 PM 3/11/2003 +, Oliver Hensel wrote: Hi! Can someone point me to a document which explains what happens with a prefix that is dampened if it's distributed via two providers. Hi Oliver, Here is a link to a doc from Randy Bush that covers damping in some detail. http://psg.com/~randy/021028.zmao-nanog.pdf (handily posted to NANOG today :) For technical info on damping in general, check rfc 2439, and RIPE 229 for recent best practise config settings (which are put into serious question by the above PDF) Damping was brought into existence as a means to protect routers which could be overwhelmed by a large amount of BGP updates to the extent where they would would either crash, or drop BGP sessions themselves thereby exacerbating the route churn issue. At present, newer routers and better BGP implementations are able to deal with large amounts of BGP updates without any impact to other processes in the router and thus the need to protect them via damping isn't a huge priority. Further, as Randy points out, damping may do more harm than good to route convergence in the global Internet. As a result, I think it is safe to say that the need for damping in general is in serious question. Will only the penalized route dampened, that is will we still have connectivity if one link is flapping. I think so, but I'd like to have some confirmation for that. BGP prefixes (NLRI) are damped individually, however damping really only impacts you on more remote AS's. In your case, you have a situation like the below: you / \ transit1transit2 | \ / | remote1 - - remote2 | \ / | remote3 --- remote4 When you advertise 10/8 to transit1 and transit2, assuming these folks are clueful and automatically pref customer routes above peer/transit, both of them will always prefer the direct route to you. This is important as implicit withdrawals are penalized in the same way as direct withdrawals. This fact, coupled with the fact that damping stats are cleared on EBGP sessions when the peer resets will tend to make damping irrelevant between neighboring AS's. However, as you get more and more remote, things get worse. To expand on this, consider remote3. Assuming you advertise 10/8 to both transits, imagine that the update from transit2 gets to remote1 first and on to remote3. In this case, remote3 hits you with an advert penalty and posts the route 10/8 via as-path r1,t2, you Shortly thereafter, the update from transit1 shows up in remote1 and by virtue of a better AS-PATH becomes the best path in remote1. Remote1 therefore sends an update with the new path info to remote3. This update includes an implicit withdrawal of the old path and a subsequent damping penalty applied to 10/8 in remote3.Likely these two updates appeared in remote 3 in a pretty narrow time window and thus you have a 10/8 prefix that has suffered a nice penalty without ever really flapping. Consider also that depending on AS size, router types, BGP advertisement intervals and such, remote 3 may have seen an r1,r4,r2,t2 path first, then an r1.r2,t2, then an r1,t1 path and may have penalized you once for the initial advert and two more times for the implicit withdrawals which might get you damped in remote3 right off the bat. This issue gets worse as you consider ASes more and more remote from you. For what it's worth, I may have this entirely wrong :-) But this is my understanding of the behavior. The networks I have designed used graded damping and are not tremendously aggressive. I am however considering removing damping from the configs for the few networks I have some impact in as I really don't see it serving much of a role. Pete Thanks and best regards, Oliver -- Oliver Hensel telematis Netzwerke GmbH mailto: [EMAIL PROTECTED] Siemensstrasse 23, D-76275 Ettlingen Tel: +49 (0) 7243-3448-0, Fax: -498 visit us: http://telematis.com 3 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65302t=65086 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISP OSPF Design [7:65316]
At 03:54 PM 3/13/2003 +, Chris Headings wrote: Good morning all, Does anyone out there know of either a good white paper or book that shows some ISP OSPF designed networks? I am trying to find something that is more geared towards service providers rather than corporate network LAN design. Here are some thoughts. First off, keep your IGP as small as possible by pushing as much routing as possible in BGP. Ideally, you'll only use OSPF for loopback and link reachability. Use multiple areas only when the sheer amount of routers/interfaces demands it. Since you have few routes in OSPF, you won't be using multiple areas to enable address summarization. The amount of routers one has before one needs isolation via areas is a matter of some debate, but assuming you have some service provider class routers, should be at least in the 50-100 range at minimum and could likely approach much higher numbers. If you must use multiple areas, configure them as NSSA. You shouldn't have any externals in your network to begin with, but some odd situations tend to demand it and therefore if you must bring them in, NSSA will allow you some control over their flooding. Beyond that, try nanog archives for metric use guidelines if you intend to do some TE in OSPF (there are a few different approaches to metric use in IGPs). Also nanog is likely to have some timer tweaks that will be helpful in speeding convergence. Book wise, I've not seen one that covers IGP/BGP in tremendous detail. Howard Berkowitz has a pretty useful service provider book (Building Service Provider Networks / Wiley) that covers a variety of ISP oriented details that would likely be a good read if you are new to ISP networking, but most of the decent ISP best-practise like details from a router configuration perspective have usually been found at or near the NANOG community. Phillip Smith from Cisco has published his ISP Essentials set of guildelines as a book which has a lot of very useful information, but can also be found in pdf form. Pete Thanks as always... Chris Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65345t=65316 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Layer 3 Switches Vs Routers [7:65215]
At 12:16 PM 3/13/2003 -0500, Howard C. Berkowitz wrote: At 2:43 PM + 3/13/03, Peter van Oene wrote: At 10:44 PM 3/12/2003 +, Orlando, Jr. Palomar wrote: Without consulting any documentation, a couple of reasons I could think of is forwarding rate and the switch-fabric (or the size of the backplane, usually in Gbps). A full-fledged Layer-3 switch running at wire-speed would be much more efficient in routing (and switching) between VLANs compared to a router. Many routers route at wire speed and can do this on/between tagged VLANs. This is just routing. Another point of comparison is port density. You can only have such and such number of ethernet, fastethernet, or maybe even gigabit ethernet ports on a router before the cost becomes quite prohibitive. Oh sure, you can use the router-on-a-stick method. And though it is a good Cisco IOS feature, it was meant to be an interim solution when transitioning from a flat to a segmented network. Anyway, if you only have a relatively small network, say 2 VLANs, you can opt for the router-on-a-stick method. Or better yet, use a router with dual ethernets or fastethernets. However, if you're supporting 4,5, or more networks, that's what L-3 and multi-layer switches are for. Peter, would you agree that when someone says that's what layer3 and multilayer switches are for, they are really talking about router packaging (as oppposed to fundamentally different technology) that creates platforms with certain port densities, functionality tradeoffs, and price points? I would certainly agree. There is definitely a family of enterprise devices that package relatively high density layer two aggregation (ie lots of GE/FE ports) with a routing functionality such that you end up with an integrated device that can route or bridge depending upon configuration. However, such a device is in theory no differently that a router connected directly to a bridge via an external vlan trunked interface. The fact that the box happens to integrate the connection between router and bridge is merely a matter of convenience. In the end, the device either routes or bridges the frames it receives, but takes no action that can be distinctly described as layer three switching. Pete Again, I call attention to the comment of routing in hardware as misleading. I can't think of a routing ASIC, where I actually looked at the chip or chipset design, that wasn't some flavor of Von Neumann stored-program computer. Certain of the specific designs might be microcode rather than RISC or CISC, but they are still basically von Neumann. FPGAs might be a special case, but they can't do the more complex functions. In other words, an ASIC is a computer, just a specialized, optimized computer burned into silicon (or whatever).. Some newer ASICs even are partially reprogrammable, typically with electrically alterable gate arrays and the like. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65341t=65215 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Bandwidth calculations [7:65008]
At 01:36 PM 3/12/2003 +, Amar KHELIFI wrote: sorry i don't agree. check the bandwidth calculator on the net, u will see that i was correct. + for the K and k and B and b, it is so obvious that an explanation is not necessary... While I agree that Kb tends to refer to 1024 and kb to 1000, I will suggest that very few things are so obvious that they do not require explanation. If it truly did not require explanation, you would not be involved in a discussion revolving around the clarity of the expression, or otherwise you mean to suggest that your partner in the discussion is obtuse to to the point of missing the most obvious of points, which I think might be a little offensive. Pete thanx for letting my messages show up normally and then respond to them; s vermill a icrit dans le message de news: [EMAIL PROTECTED] I should also have mentioned that the B is typically capitalized along side the K when dealing with kilobytes (KB) and the b is typically not capitalized when dealing with kilobits (kbps). That's probably at least, if not more, significant than the K/k capitalization (if, in fact, any of it is significant). I mention it because it seems to cause so much confusion. You won't see it around here much, but at some other forums one of the chief complaints relates to achieving only 1/8th the expected download rate. What's happening, of course, is that the download is being measured in KB/sec while the connection is rated in kbits/sec. I'll shut up now... s vermill wrote: Amar KHELIFI wrote: since 1byte=8bits and 1Kbits=1024bits then 32kbps=32768bps=4096bytes there is no formula. Amar KHELIFI, 1kbits does not = 1024bits and 32kbps does not = 32768bps. 1kbps = 1,000bps 32kbps = 32000bps. k simply means 1,000. The whole idea of 1KB (KiloByte) = 1024 bits has to do with binary math and the fact that computers deal in bytes vs. bits. 2^10 = 1024, which is divisibly by 8 (whereas 1,000 would not be). It would be very inconvenient for a computer to have to deal with information blocks that are not divisible by 8. Modern communications systems are not byte-aligned at all and deal strictly in bits. For example, a DS0 is 64kbps. That's 64,000bps. As a side note, and I'm not sure that there's any official convention to go along with this, in general, a KiloByte is abbreviated KB, with a capital K. kilobits per second is generally abbreviated kbps, with a lower-case k. Thus, when you see a capital K, it's safe to assume 1024 is being implied, whereas when you see a lower-case k, it's safe to assume 1,000 is being implied. Regards, Scott Robert Perez a icrit dans le message de news: [EMAIL PROTECTED] Anyone know how the conversion techniques for converting bits, bytes, kilobits, etc, to calculate bandwidth usages? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65204t=65008 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ??? MPLS ??? [7:64898]
At 02:16 PM 3/10/2003 +, Steven Aiello wrote: Sorry for such a newbe question. But what is MPLS? And what is it? Any one have a link they can point me too? Just trying to learn more. I would recommend you start at www.mplsrc.com and possibly surf to the standards page. Within that page, check out http://www.ietf.org/rfc/rfc3031.txt?number=3031 at least for an overview of the architecture of the protocol itself. Cisco will have a great deal of information as well, and certainly played a big role in the development of the specifications, but also tend to use a lot of proprietary terminology that might just confuse you moving forward. Matt Kolon at Juniper said once that MPLS is essentially low overhead, virtual circuits for IP. I personally think this statement aptly describes the protocol. At present, MPLS plays an enabling role in many technical solution sets, mostly in the VPN environment. Hence, a lot of folks, particularly when first learning the protocol, become distracted by the many features that MPLS enabled solutions might present, but lose site of what role MPLS itself plays. The C/S mailing list at Groupstudy might prove an interesting forum for QA as I believe MPLS is more relevant to that track, however this list certainly includes a bunch of folks who have a wealth of knowledge on the topic. Pete Thanks, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65048t=64898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: OSPF vs ISIS in large networks [7:65049]
Hi all, Here is a quick post from Dave Katz on ISIS vs OSPF in large networks dealing with the issue of which protocol inherently scales better. This is from a thread in the IETF OSPF WG mailing list for those looking for the full thread. Dave has participated significantly in the development of routing protocol software for both Cisco and Juniper. Thought some folks might find it interesting Pete Date: Sun, 9 Mar 2003 21:05:14 -0800 Reply-To: Mailing List Sender: Mailing List From: Dave Katz Subject: Re: ospf limits... To: [EMAIL PROTECTED] X-RAVMilter-Version: 8.4.1(snapshot 20020919) (usermail.com) X-Spam-Status: No, hits=-8.5 required=9.1 tests=FORGED_RCVD_TRAIL,IN_REP_TO,REFERENCES version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) For all practical purposes, the designs of the OSPF and ISIS protocols will not be the limiting factor in the size of an area, unless (a) you have a really good implementation, and (b) you feel the need to dump excessive numbers (many thousands) of external and stub routes into the protocol. Most implementations will crash and burn before the topology gets big enough to become an issue, and most people don't dump externals into their IGPs (they use BGP instead.) Architecturally, OSPF limits the inter-router topology and stub routes due to the 64KB limit on the Router LSA, and ISIS limits the total amount of information due to the 256 LSP fragment limit. One could come up with various hacks for either protocol if these limits were actually, well, limiting, but this has never been the case in (sane) practice. Historically, the ISIS implementation from a particular major vendor has had better scaling characteristics than the OSPF implementation of that particular major vendor, but this this isn't really the case for another major vendor. ;-) --Dave Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=65049t=65049 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Become instructor [7:64820]
At 11:11 AM 3/8/2003 +, omar wrote: Hello , I am working as a freelance and i would like to be an Instructor (Cisco) . Did anybody know the cursus? I believe you still need to work for an authorized Cisco training partner assuming you are looking for the CCSI designation. best regards omar ___ Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en frangais ! Yahoo! Mail : http://fr.mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64831t=64820 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP for CCIE Written [7:64707]
At 12:11 PM 3/7/2003 +, Johan Bornman wrote: Is EIGRP a Hybrid or Distance Vector protocol? Cisco calls it Hybrid. It looks pretty distance vector to me though. A hello mechanism and adjacencies does not a link state one make. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64724t=64707 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP for CCIE Written [7:64707]
At 03:54 PM 3/7/2003 +, The Long and Winding Road wrote: Peter van Oene wrote in message news:[EMAIL PROTECTED] At 12:11 PM 3/7/2003 +, Johan Bornman wrote: Is EIGRP a Hybrid or Distance Vector protocol? Cisco calls it Hybrid. It looks pretty distance vector to me though. in what way? the hop count is pretty well hidden in the dark interior of the code. all those cost numbers, the ( also somewhat hidden ) topology table, and the ( somewaht hidden ) successor table certainly give it the appearance of link state. In a link state algorithm, a router builds a complete topology table for the bounded area in which it operates and then uses a spanning tree like algorithm (dijkstra in most cases) to calculate loop free paths. EIGRP simply does not do this. Primary and secondary paths in EIGRP are calculated based upon indirect information relayed by direct neighbors only using an advanced distance vector algorithm (DUAL). I think Cisco likes to call it Hybrid since many folks feel distance vector routing is inferior to link state and thus by labelling EIGRP as the best of both approaches, Cisco has put a positive spin on the protocol. This is typical marketing garbage from one of the best spin companies on the planet (in a neck and neck race with Microsoft and Harley Davidson for that matter) Pete Chuck who considers all this stuff a kind of magic A hello mechanism and adjacencies does not a link state one make. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64732t=64707 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: EIGRP for CCIE Written [7:64707]
At 04:31 PM 3/7/2003 +, Willy Schoots wrote: Maybe the fact that EIGRP has an option to turn SPLIT HORIZON on/off is a big clue towards it being a DV protocol. Last time I checked OSPF/ISIS didn't have this option ;-) OSPF and ISIS are actually distance vector between areas and use a strict two level hierarchy with a single backbone along with some LSP/LSA process rules that prevent loops. Cheers, Willy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of The Long and Winding Road Sent: vrijdag 7 maart 2003 16:54 To: [EMAIL PROTECTED] Subject: Re: EIGRP for CCIE Written [7:64707] Peter van Oene wrote in message news:[EMAIL PROTECTED] At 12:11 PM 3/7/2003 +, Johan Bornman wrote: Is EIGRP a Hybrid or Distance Vector protocol? Cisco calls it Hybrid. It looks pretty distance vector to me though. in what way? the hop count is pretty well hidden in the dark interior of the code. all those cost numbers, the ( also somewhat hidden ) topology table, and the ( somewaht hidden ) successor table certainly give it the appearance of link state. Chuck who considers all this stuff a kind of magic A hello mechanism and adjacencies does not a link state one make. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64734t=64707 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Layer 3 MPLS VPN Questions [7:64770]
At 09:05 PM 3/7/2003 +, John Neiberger wrote: I'm at the early stages of considering migrating away from a point-to-point frame relay network to a layer 3 MPLS-based private network and I have a couple of questions based on some preliminary verbal information. I was told that no router reconfiguration was required on our side but I don't see how that's possible. Since our CE router connects the the PE router they need to have common addressing and a common routing protocol, which I think must be either OSPF or IS-IS. For L3VPN based on 2547bis, the provider network becomes a layer three peer with your edge gear. In the frame relay model, the provider is fully transparent to you at layer three. Hence, you'll need to establish some sort of layer three peering with the providers edge routers. This could be a typical IGP, or ideally one of static or BGP. A layer two VPN, using pseudowires as defined by Luca Martini in the various draft-martini-pick-your-layer-two, would more or less emulate the type of service you have now and would not require a change in your routed topology. I tend to recommend L2VPNs where customers already have sizable frame networks, unless the customer has a strong desire to outsource its routing to the provider. Regarding the routing protocol, it wouldn't be a big deal to change to using one of the above but that would still be a change, right? :-) Yep Regarding the addressing, is it common for a customer to get a new addressing scheme for the provider for their edge links? Or, will the provider readdress their PE connections that interface with our network? It makes more sense to me that the provider would make us readdress. Does one method seem to be more common than the other? Addressing in one VPN is fully abstracted from another VPN and thus there really isn't the need to migrate toward any unique IP space here. You could use your own space, or some 1918 etc. Since this is a layer 3 VPN the provider's routers will have specific information about our internal addressing, and I can hear our security people groaning over this already. My boss might not like that idea, as well. Has this been a security concern for anyone? Is there reason to be concerned? Conversely, is there a good way for me to explain to my boss and the security department why we shouldn't be concerned? Security is a common concern here. However, in any vpn service, you are putting some trust in the provider as they do have internal access to your traffic flows. If you are concerned about security, there is nothing to preclude the use of IPsec over the public/VPN portions of your network. I'm still awaiting more technical information from our provider, and we're going to have a face-to-face meeting with technical people in a couple of weeks, but I wanted to become more familiar with this technology before they get here. Here is the latest draft for the protocol http://www.ietf.org/internet-drafts/draft-rosen-ppvpn-2547bis-protocol-02.txt Many thanks! John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64781t=64770 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Re: EIGRP for CCIE Written [7:64707]
At 09:30 PM 3/7/2003 +, The Long and Winding Road wrote: MADMAN wrote in message news:[EMAIL PROTECTED] I agree 100%, it is ENHANCED, read glorified, IGRP. the REAL question is which is better, EIGRP or L3 switching? ;- I'm working on a draft for ARP switching. Still struggling with what layer it works at though and what it specifically does. I'll let you know when I'm finished. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64782t=64707 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Question on BGP aggregation [7:64581]
At 08:31 AM 3/6/2003 +, Mike Flanagan wrote: I have a question on different methods of BGP aggregation. Lets say for instance that I had 4 /24 that I wanted to aggregate to a /22. I am getting these /24's through EBGP and want to summarize them to my IBGP peer withought using any aggregate address or summary address command. What other options would I have to summarize this ? Why would you want to do this? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64619t=64581 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: New Voice CCIE [7:64620]
Just as an FYI I received the following in an answer to a question I sent to cisco. It goes a bit off topic from the original question but it didnt really make sense to just paste in the mention of QOS. = I will try to explain the rational for CS IP Telephony and how it relates to CCIE Voice. CS is a Service Provider oriented exam. The commonality between Service Providers is their IP core and the technologies involved with an IP core such as unicast IP routing (OSPF, ISIS, BGP), QoS, Multicast, MPLS, MPLS VPNs, traffic engineering, Multiprotocol BGP, etc. These are the main elements of the CS lab exam and we expect a CS CCIE to be expert in these areas. Service Providers also supply a number of access services such as optical, cable, DSL, wireless, dial, and IP Telephony. When the CS track was designed we decided that it is not feasible to require a candidate to be expert in all of these service areas but they should be familiar with a least one of these areas. So the structure of the CS exam evolved into 1 lab that tests the core IP technologies and a series of written exams that cover the core IP technologies and 1 of the service technologies. Therefore a CS CCIE is considered to be a core IP expert but is also literate in at least one service area. CCIE Voice will test competencies regarding a total voice solution, but not the inherent infrastructure over which a VoIP solution is implemented. That is why the CCIE Voice written exam is %100 percent voice. Therefore a CCIE in Voice will be considered a VoIP expert while a CS CCIE who passed the IP telephony exam is considered a core IP expert with a high level of VoIP literacy. I agree that there is a %50 overlap between the CCIE Voice written exam and the CCIE CS IP telephony exam, but there is very little overlap between the CCIE Voice lab and the CCIE CS lab. The one topic that is common is QoS. === --On 06 March 2003 18:19 + The Long and Winding Road wrote: Skarphedinsson Arni V. wrote in message news:[EMAIL PROTECTED] I would say it sound very intresting, sepcialy for those that have call manager / voice experince. I wonder how much routing it has, for example, I doubt you have to configure BGP on this one, or what do you think ? OTOH, bet you'd have QoS up the wazoo! Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64650t=64620 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Memory purchase [7:64605]
You should be able to get 2500 flash from ebay and many cisco / memory resellers. The company I used to use was http://www.memoryx.net (mainly bacuase they were just down the road from where I worked and I could place same day collection orders. Peter --On 06 March 2003 14:29 + [EMAIL PROTECTED] wrote: Where can I find flash memory for 2500 series routers? Thanks in advance. MF Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64613t=64605 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: can one someone pls recommend [7:64380]
Timur You may want to look at Heinz Ulm's boot camps ( http://www.heinzulm.com ). I dont have any experience of the classes myself but I have heard good things on the net. Peter --On 04 March 2003 19:09 + Mirza, Timur wrote: a hands-on lab training course for the ccie lab exam...i want to prepare myself for my 6th attempt...i believe there was ecp course but i don't have the details...thx in advance Timur Mirza Principal Network Engineer Enterprise Core Network Verizon Wireless 15505-B Sand Canyon Avenue Irvine, California 92618 949.286.6623 (o) 949.697.7964 (c) Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64452t=64380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Off Topic - for those looking for cheap lab routers [7:64323]
Thats a lot better than the $900 USD I paid last year a month before Cisco announced that token ring wasnt going to be in the lab any more. Gr :-( --On 04 March 2003 03:50 + Steve wrote: i got a 3920 for 120 usd. i know its cheap..yes it works steve The Long and Winding Road wrote in message news:[EMAIL PROTECTED] token ring stuff is going for very reasonable prices over on that auction site we all know and love. might be a good way to add serial ports / complexity to an existing rack. or start building a CCNA / CCNP study rack just a thought Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64323t=64323 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VOIP [7:64080]
Tunde For a VOIP basic lab you need At least two analog telephony devices/connections (eg telephone, pstn phone line) At least two routing devices (ie routers) with network connectivity and appropriate interfaces for the above devices. (eg 2600, MC3810) connectivity/routes between the routers. == eg1 Two telephones Two 2600 routers Two NM-1V Voice network modules Two VIC-2FXS eg2 Two telephones Two MC3810 Two AVM3 or AVM6 (Analog voice modules) Two FXS APMs (Analog Personality Modules) == If you are using a PSTN line instead of a telephone then replace FXS with FXO If you are buying used from auction sites such as Ebay then eg2 will work probably out to be a lot cheaper option and just as capable as the 2600 router (in terms of voice, basic routing). Regards Peter Walker CC[NID]P, CIPTSS, etc --On 03 March 2003 12:36 + Tunde Kalejaiye wrote: what do you need at a minimum to configure voip in a lab enviroment.. i need a basic setup between 2 points thanks in advance Tunde - Original Message - From: Angel Leiva To: Sent: Friday, February 28, 2003 10:11 PM Subject: RE: VOIP [7:64080] Hi Kris, Try Configuring Cisco Voice Over IP, Second Edition by Callisma (Various Authors). Below is the URL to view the book's info. I am currently reading it. It has lots of great information on VoIP matters. In fact, Chapter 4 explains what exactly FXS, FXO or EM interface ports do. http://www.syngress.com/catalog/sg_main.cfm?pid=2282 Hth, Angel -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Waters, Kristina Sent: Friday, February 28, 2003 8:48 AM To: [EMAIL PROTECTED] Subject: VOIP [7:64080] Everyone, I am seeking a recommendation on a voip book, preferably something that explains the different types of technologies and how they can be applied 'in the real world'. Right now, we are doing some very rudimentary voip stuff with a variety of routers, 1760, 2600, and a 3600 seriers which is connected to a pri. We have no call manager (yet), so we have a bunch of dial-peer groups set up on all our routers to interconnect the remote offices. All offices have their own pbx's of different types, and most of the routers at the remote locations have the vic fxs cards. I feel like this is a good opportunity for me to learn a great deal, but I want to make sure that I REALLY understand what I am learning. And right now, for example, I have no idea what the difference is between an FXS card and an EM card. I'm starting to feel a bit like the village voip idiot, and the tons of docs I've read on the cisco web site do not seem to be helping. Any recommendations will be highly appreciated. Thanks, Kris ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender by email, delete and destroy this message and its attachments. ** Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64264t=64080 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ATM RFC [7:64199]
At 12:19 PM 3/2/2003 +, you wrote: Hi Group, Would u kindly guide me which RFC to read to understand properly the behaviour of different ATM types of service ( vbr-nrt, cbr, abr, ... ) Best Regards The ATM forum is your best bet here. Here is a relevant link. http://www.atmforum.com/standards/approved.html Protect your PC - Click here for McAfee.com VirusScan Online Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64206t=64199 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Scheduling Timed FTP [7:63886]
We wish to occasionally have a router perform a large FTP download. The router needs to have a low priority applied to this transfer in order to not cause outage to other time sensitive applications that are running concurrently. Obviously we can configure priority queuing or some such similar traffic shaping methodology. However we want to have this scheduled by some sort of timer. I cant think of an IOS based way of doing this but are there any apps or add-ons (Cisco works ?) that could handle the timing side of this problem ? Thanks in advance. Peter Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63886t=63886 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: L3 Switching Huh???? [7:63728]
A And that's exactly what would happen if you did the inter-VLAN routing on a router too, using subinterfaces for each VLAN/ IP subnet. :-) And, if it were a high-end router, it could do this at wire speed and would have a RIB and FIB, just like someone else described for the 6500. The 7500 router has had that sort of architecture for years, if I'm not mistaken. Howard has given us lots of examples of other high-end routers that have this sort of architecture. Of course, these high-end routers are probably way more expensive than the so-called L3 switch and probably have all sorts of features that you might not need in a campus network. Last I check, extreme make some pretty cheap bridges with integrated routing :) Naturally, to get a bunch of packet processing without mortgaging forwarding capacity, you'll end up spending more bucks. Howard's point about the relevance of wire speed routing in the enterprise is dead on though - most folks don't need it and wouldn't make use of it even if they had it. So, we're back to the first answer. The difference between a router and a L3 switch is marketing. Also economics. Sorry, I just had to play devil's advocate. What a shame that Cisco has mangled this so much in their intro training materials. Priscilla ... Does that help? Oh - and I think you meant to say layer 3 switching is a marketing term, not scientific or engineering in nature. ... you said layer 3 routing ... Thanks! TJ [EMAIL PROTECTED] -Original Message- From: DeVoe, Charles (PKI) [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 7:45 AM To: [EMAIL PROTECTED] Subject: RE: L3 Switching Huh [7:63728] OK, let me try this again. I am trying to figure out the difference between conventional layer 3 routing and layer 3 switching. A little background. I am currently working towards my CCNA (have been for about 3 years). At any rate, everything I read and look at says that switching/bridging is a layer 2 function, routing is a layer 3 function. Either I don't have a good grasp of the OSI model, switching, routing, VLANs or all of the above. The network: Host A 10.1.1.2 MAC 00.AA Host B 10.1.2.2 MAC 00.BB |10.1.1.1 MAC 01.AA 10.1.2.1 MAC 02.BB| switch A---Router-switch B 10.1.1.0/2410.1.2.0/24 This is an ethernet network. Both segments are connected by a traditional router say a 2500. In this instance the router interfaces are subnet A 10.1.1.1, and subnet B 10.1.2.1 For simplicity, assume ARP cache is empty. Host A wishes to ping Host B End user on Host A enters - ping 10.1.2.2 The IP packet places the source address 10.1.1.2 and the destination address 10.1.2.2 into the packet. The IP protocol examines the IP address and based on the IP address determines this is in another subnet. An ARP request goes out for 10.1.1.1 (default gateway) and the MAC address is found. The DLL then places the source MAC address 00.AA and the destination MAC 01.AA into the frame. The frame then goes out the wire to the destination MAC. The router interface sees this frame as destined for itself. It de-encapsulates the frame removing the MAC addresses. The router then examines the IP address, based on the routing table it knows the destination port. The router leaves the same IP source (10.1.1.2) and destination (10.1.2.2) in the packet. The frame is rebuilt with the new MAC address of source 02.BB and destination 00.BB Host B grabs this packet and does it's thing. Now, if I replace the router with a 6509 switch, with routing, how does the process change? Said 6509 would be equipped with a 10/100 card so that the hosts are now directly connected. The router interface is now a virtual interface, there is no physical interface. Which is another question. How does the 6509 determine this virtual address? Am I correct? Inter VLAN communication cannot occur without a router. Switching is based on MAC address. Routing is based on IP address. I believe the term layer 3 routing is a marketing term, not scientific or engineering in nature. ** The information in this email is confidential and may be legally privileged. Access to this email by anyone other than the intended addressee is unauthorized. If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or any action taken or omitted to be taken in reliance on it is prohibited and may be unlawful. If you are not the intended recipient, please reply to or forward a copy of this message to the sender and delete the message, any attachments, and any copies thereof from your
Re: Core Layer L2 or L3 [7:63708]
At 11:05 AM 2/25/2003 +, Skarphedinsson Arni V. wrote: In a Core-Distribution-Access Layer design, would you keep the Core L2 or with high end L2/L3 switches such as the Cat6500 do you think it would be better to do L3 in the core ? I personally haven't found the need to have a Distribution layer in most networks. It's a model designed by vendors to sell boxes imho. Pete Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63714t=63708 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: L3 Switching Huh???? [7:63728]
At 03:54 PM 2/25/2003 +, DeVoe, Charles (PKI) wrote: I am under the impression that switching is a layer 2 function and that routing is a layer 3 function. I have seen several discussions talking about layer 3 switching. Could someone explain this to me? Bridging is a layer two function, routing is a layer three function. Switching is an ambiguous term and should be avoided in technical conversations. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63746t=63728 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: pcmcia flash memory card for 2501 [7:63741]
Don You may want to take the cover off of the 2500s and have a look at the front right hand side of the motherboard. There is definitely something there that looks like a pcmcia slot. I dont know anything more than that, if it works, how it is used, but it is definitely there :-) Regards Peter Walker --On 25 February 2003 17:13 + Don Kanicki wrote: I have 4 2500 series routers and not a one of them has a pcmcia slot on it.I know the 16xx routers use pcmcia falsh cards but I have yet to see a 2500 with a pcmcia slot. HTH Don K. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63760t=63741 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Core Layer L2 or L3 [7:63708]
At 04:08 PM 2/25/2003 +, [EMAIL PROTECTED] wrote: In a pratical world it all comes down to your needs for your business and the money you want to spend. We use a collapsed core with 2 4006 with Supervisor III's doing the layer 3 functions. We could add a high performance layer 2 switch for the core but it would be overkill. I don't disagree, however merely suggest that the model was driven by a vendor interested in selling more devices. Keep in mind you should also have a minimum of two devices per layer for resiliency ;-) If you have a high performance core that can provide access aggregation, packet processing and performance all at the same time, and your port costs are comparable per mbps, I'm not sure why you'd buy a distribution layer other than to help a rep hit his number for the quarter. -Original Message- From: Peter van Oene [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 8:13 AM To: [EMAIL PROTECTED] Subject: Re: Core Layer L2 or L3 [7:63708] At 11:05 AM 2/25/2003 +, Skarphedinsson Arni V. wrote: In a Core-Distribution-Access Layer design, would you keep the Core L2 or with high end L2/L3 switches such as the Cat6500 do you think it would be better to do L3 in the core ? I personally haven't found the need to have a Distribution layer in most networks. It's a model designed by vendors to sell boxes imho. Pete Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63782t=63708 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: L3 Switching Huh???? [7:63728]
At 04:46 PM 2/25/2003 +, Robert Edmonds wrote: Layer 3 switching combines the best of switching and routing in one platform. The main advantage here is speed. The way it works is, in a switch you have some kind of layer 3 routing engine (aka route processor, or RP). For example, the MSFC2 (Multilayer Switch Feature Card 2) is one of the options available for the Cisco 6500 (and a couple of others, I think) switches. When the switch receives a packet bound for a different VLAN, it sends it to the RP. The RP makes the routing decision and puts an entry in the route cache for the switch. The first packet in a flow is routed and the rest are switched at wire speed, hence the increase in speed. That's kind of a simplified view, but I think it gets the general idea across. So, layer 3 switching is both routing and switching, but faster (usually, anyway). One should keep in mind that many vendors including Cisco have been capable of doing per packet routing at wire speed for some time and thus this advantage is a legacy attribute. DeVoe, Charles (PKI) wrote in message news:[EMAIL PROTECTED] I am under the impression that switching is a layer 2 function and that routing is a layer 3 function. I have seen several discussions talking about layer 3 switching. Could someone explain this to me? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63783t=63728 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: L3 Switching Huh???? [7:63728]
At 06:03 PM 2/25/2003 +, Ellis, Andrew wrote: According to Cisco: Layer 3 switching refers to a class of high-performance switch routers optimized for the campus LAN or intranet, providing wirespeed Ethernet routing and switching services. Compared to other routers, Layer 3 switch routers process more packets faster by using application-specific integrated circuit (ASIC) hardware instead of microprocessor-based engines. My own two cents: Wire speed routing if you will. By that logic, a wire speed router is a layer three switch :-) It's all marketing garbage if you ask me. If you put a router inside a high performance switch, you have two devices sharing the same chassis, one bridging and one routing. Drew -Original Message- From: DeVoe, Charles (PKI) [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 10:55 AM To: [EMAIL PROTECTED] Subject: L3 Switching Huh [7:63728] I am under the impression that switching is a layer 2 function and that routing is a layer 3 function. I have seen several discussions talking about layer 3 switching. Could someone explain this to me? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63785t=63728 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCDP / Top Down Network Design [7:63773]
I would say that it is sufficient from a technology and principles viewpoint. When supplemented by an old out of date cisco press cert guide and the exam blueprints it was sufficient for me to pass DCN and CID late last year. I am not really disagreeing with John, just trying to add to what he said. In any case, your individual milage may vary. Peter Walker CISSP, CC[DNI]P, CSS1, etc --On 25 February 2003 21:37 + John Neiberger wrote: I am curious why ciscopress.com lists Priscilla's book under the CCDA certification when I see so many comments that it is one of, if not the best book to prepare for CCDP. Even in the CCDA section it is listed last. Now that I successfully recertified my CCNP I was planning on buying this book to finish my CCDP before my CCDA expires. Do you think this book would be sufficient to study for the CID 640-025 exam? I would say that it's not sufficient because it's not intended to be a CCDP study guide. TDND is intented to teach solid design principles using an iterative, top-down process. It's a great book and I'd highly suggest you read it before you take the exam, but you should supplement your studies with other materials. This book deals largely with procedures and principles and touches on a large number of technical details. However, since the test is constantly being updated I'd suggest reading additional technical materials. John Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63806t=63773 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Core Layer L2 or L3 [7:63708]
At 11:17 PM 2/25/2003 +, you wrote: Peter, The current rumour for the Academy CCNP program is that Cisco is dropping the 3 layer model and moving to a 2 layer model with L3 in the core for the BCMS course. I guess I'll find out for certain at Networkers in Orlando, Fla. this June. That would be very interesting. I am always leery of vendor models as they tend to have the vendor foremost in their mind :-) I always try and caution folks not too build hierarchy just to have it. Naturally, your 15 router OSPF network's visio diagram exudes a great deal more sharpness when it has a nice backbone and some number of non-backbone areas. However, in reality, many networks -large and small- are served far better with non hierarchical topologies. I am naturally digressing from the topic of three layer networks, but I think the message is the same. As others have pointed out, don't give in to the desire to build really neat networks that use a lot of technology unless you actually have a need for them. This to me would include building 3 layer networks where 2 layer ones would suffice (and be cheaper in both CAPEX and OPEX) Just my .02c as I sit here snowed-in in Arkansas of all places :-) Who would think I'd fly from Toronto to Littlerock and end up stuck in more snow than I left! Pete Prof. Tom Lisa, CCAI Community College of Southern Nevada Cisco ATC/Regional Networking Academy Cunctando restituit rem Peter van Oene wrote: At 11:05 AM 2/25/2003 +, Skarphedinsson Arni V. wrote: In a Core-Distribution-Access Layer design, would you keep the Core L2 or with high end L2/L3 switches such as the Cat6500 do you think it would be better to do L3 in the core ? I personally haven't found the need to have a Distribution layer in most networks. It's a model designed by vendors to sell boxes imho. Pete [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63816t=63708 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Network Monitoring [7:63532]
You could try looking for a tool called Just For Fun Network monitoring (or something like that). I came accross it a week or two back and thought it looked quite good. I think it may have been on sourceforge. Regards Peter --On 21 February 2003 22:32 + Kevin Banifaz wrote: Does anyone know of any free or really cheap network monitoring tools, I work for a real cheap company and I can't get them to shell out for HP OV. I appreciate a response. Thanks in advance Kaveh _ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63554t=63532 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Network Protocol Map [7:63424]
Does anyone have or know of a site with a network protocol map / chart (that I can print out). I am after a kind of wall chart that shows where protocols fit within 7 layer OSI model. I do not want to have pay anything, preferabbly. (Thanks in advance). Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63424t=63424 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]