Re: route commands [7:72406]
This was discussed a milion times; static route that points to an interface has AD=1. Sasa CCIE #8635 Nakul Malik wrote: by default, a static route has an AD of 1. If the static route points to an exit interface, the AD=0. That is the only difference HTH. -Nakul Karyn Williams wrote in message news:[EMAIL PROTECTED] We recently added another interface, S1/1, that connects a private line to another school. We are routing 156.3.37.0 to them. Should I have route statements that say ip route 156.3.37.0 255.255.255.0 192.168.0.2 or ip route 156.3.37.0 255.255.255.0 Serial1/1 Current config: ip route 0.0.0.0 0.0.0.0 Serial0/0 ip route 0.0.0.0 0.0.0.0 Serial0/1 ip route 0.0.0.0 0.0.0.0 Serial1/0 ip route 65.165.174.0 255.255.254.0 FastEthernet0/0 ip route 156.3.37.0 255.255.255.0 192.168.0.2 ip route 198.182.157.0 255.255.255.0 65.165.175.253 ip route 207.233.56.0 255.255.255.0 192.168.0.2 I am interested if there is a performance difference between these two route statements or any other reason why one would be preferred over the other. TIA. -- Karyn Williams, CNE Network Services Manager California Institute of the Arts [EMAIL PROTECTED] http://www.calarts.edu/network -- Regards, Sasa CCIE #8635 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72464t=72406 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: Layer-2/Layer-3 Traceroute [7:70447]
Hi, I've finished new, much improved, version of my L2/L3 traceroute perl script. It can be downloaded from www.geocities.com/milicsasa/Tools/l2trace/index.html Happy tracing ! Comments are welcomed. Regards, Sasa CCIE #8635 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70447t=70447 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT: FXO FXS terminology - comments? [7:54331]
You can also connect DTE to DTE, as well as DCE to DCE, via null-modem cable. So, analogy with FXO/FSO is not correct. Sasa Chuck's Long Road wrote: Someone smarter than I made the following statements about FXO / FXS, in order to help me understand real world connectivity. That person said to think of FXO / FXS as something analogous to DTE / DCE. That is, DTE connects to DCE ( and visa versa ) and that FXO connects to FXS ( and visa versa ) In other words, an analog telephone set is an FXO device, and therefore plugs into an FXS port. The FXS port provides the signaling to the FXO device. Similarly, a PBX, or a CO switch, for that matter, is an FXS device that provides signaling, and therefore plugs into an FXO port. This seems to fit in with what I know - that you connect a router to a PBX or to the telco CO switch via an FXO port, and you connect an analogue fax or telephone into a router FXS port. Any comments? Reasonable way to think of things? Thanks. Chuck Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54340t=54331 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT: rate-limiting proofs [7:54134]
So, Chuck, was the wrong bandwidth statement problem ? Sasa Milic wrote: You have specified bandwidth 64000, shouldn't it be just 64 ? With 64000, router thinks that there is enough bandwidth available, and policy-map doesn't do anything, but drops occur later, at interface level buffers. Chuck's Long Road wrote: Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... that's the best command to show the output CL: unfortunately, as the following output indicates, even when all packets were being dropped ( apparently ) there was no indication of this. Router_1#sh policy int s 0 Serial0 Service-policy output: 200filter (1289) Class-map: pingr5 (match-all) (1291/2) 0 packets, 0 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: ip precedence 5 (1295) police: 8000 bps, 1500 limit, 1500 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop conformed 0 bps, exceed 0 bps violate 0 bps Class-map: pingr6 (match-all) (1299/3) 876 packets, 73152 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: ip precedence 6 (1303) police: 8000 bps, 1500 limit, 1500 extended limit conformed 60 packets, 7872 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop conformed 0 bps, exceed 0 bps violate 0 bps Class-map: pingr7 (match-all) (1307/4) 0 packets, 0 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: ip precedence 7 (1311) police: 8000 bps, 1500 limit, 1500 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop conformed 0 bps, exceed 0 bps violate 0 bps Class-map: class-default (match-any) (1315/0) 19228 packets, 27705238 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: any (1319) Router_1# -- RFC 1149 Compliant. Chuck's Long Road wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Chuck's Long Road wrote: I'm putting in some rack time to review certain QoS features. Configuration is not really a problem. MQC makes this really easy :- However, I am attempting to observe results, and I am finding that I am unable to make bad things happen, such as packet drops. I am pinging from three different routers on a token ring to 3 other routers via a 64K frame relay. The router that bridges the token ring and frame networks has the policy configured. You would have to exceed 64 Kbps for drops to occur, wouldn't you? Do you have any idea how much bandwidth you're using on the Token Ring side? What does show int show for load? I'm thinking you'll need to do more than ping. The problem with Cisco's ping is that it doesn't let you specify how much time between pings, sometimes called an interval. The timeout value is for unsucessful pings. But what you need is a configurable interval between the sending of pings, successful or not. A real operating system or real ping tool would let you do this. ;-) CL: I finally was able to get some bad things to happen. token ring domain border router - frame relay domain I just started pinging from both sides, over an extended period of time. To judget from the result, given the rudimentary configurations, it takes a minute or two for the rate limits to apply. There is an average traffic rate. three routers from each domain pinging the other side, packet sizes 1500 bytes, and I lowered the timeout value to 1 second from the default two seconds. By the time I added the sixth router's traffic, everybody started timing out. It took a minute or two for traffic to start going through again after I stopped traffic from a router or two. I'll have to look into the defaults more closely. There has got to be a better show command than the show policy-map interface etc for this. Back to the docs. Ping in the MS-DOS prompt on Windows doesn't have this either, at least not the version I'm using. But ping under UNIX does, although it may not let you set the interval low enough. Some UNIXes have a -f (flood) option that will let you really whip the pings out. And a ping utility would let you do that too. For example, I use iNetTools from WildPackets. Are you trying to consume bandwidth just by using router tools or could
Re: OT: rate-limiting proofs [7:54134]
Hm, interesting. I'm using rate-limit on internet routers to limit ICMP and SYN packets, and I clearly see drops. Also, I'm using NBAR with policy-map to block some HTTP GET requests, and, again, I see drops. But, you are mixing these two (policy + rate-limit inside it), and it doesnt' work. Could it be because drops aren't occuring because of policy-map ? You have specified bandwidth 64000, shouldn't it be just 64 ? With 64000, router thinks that there is enough bandwidth available, and policy-map doesn't do anything, but drops occur later, at interface level buffers. Hopt this helps. Regards, Sasa CCIE 8635 Chuck's Long Road wrote: Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... that's the best command to show the output CL: unfortunately, as the following output indicates, even when all packets were being dropped ( apparently ) there was no indication of this. Router_1#sh policy int s 0 Serial0 Service-policy output: 200filter (1289) Class-map: pingr5 (match-all) (1291/2) 0 packets, 0 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: ip precedence 5 (1295) police: 8000 bps, 1500 limit, 1500 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop conformed 0 bps, exceed 0 bps violate 0 bps Class-map: pingr6 (match-all) (1299/3) 876 packets, 73152 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: ip precedence 6 (1303) police: 8000 bps, 1500 limit, 1500 extended limit conformed 60 packets, 7872 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop conformed 0 bps, exceed 0 bps violate 0 bps Class-map: pingr7 (match-all) (1307/4) 0 packets, 0 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: ip precedence 7 (1311) police: 8000 bps, 1500 limit, 1500 extended limit conformed 0 packets, 0 bytes; action: transmit exceeded 0 packets, 0 bytes; action: drop conformed 0 bps, exceed 0 bps violate 0 bps Class-map: class-default (match-any) (1315/0) 19228 packets, 27705238 bytes 5 minute offered rate 0 bps, drop rate 0 bps Match: any (1319) Router_1# -- RFC 1149 Compliant. Chuck's Long Road wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Chuck's Long Road wrote: I'm putting in some rack time to review certain QoS features. Configuration is not really a problem. MQC makes this really easy :- However, I am attempting to observe results, and I am finding that I am unable to make bad things happen, such as packet drops. I am pinging from three different routers on a token ring to 3 other routers via a 64K frame relay. The router that bridges the token ring and frame networks has the policy configured. You would have to exceed 64 Kbps for drops to occur, wouldn't you? Do you have any idea how much bandwidth you're using on the Token Ring side? What does show int show for load? I'm thinking you'll need to do more than ping. The problem with Cisco's ping is that it doesn't let you specify how much time between pings, sometimes called an interval. The timeout value is for unsucessful pings. But what you need is a configurable interval between the sending of pings, successful or not. A real operating system or real ping tool would let you do this. ;-) CL: I finally was able to get some bad things to happen. token ring domain border router - frame relay domain I just started pinging from both sides, over an extended period of time. To judget from the result, given the rudimentary configurations, it takes a minute or two for the rate limits to apply. There is an average traffic rate. three routers from each domain pinging the other side, packet sizes 1500 bytes, and I lowered the timeout value to 1 second from the default two seconds. By the time I added the sixth router's traffic, everybody started timing out. It took a minute or two for traffic to start going through again after I stopped traffic from a router or two. I'll have to look into the defaults more closely. There has got to be a better show command than the show policy-map interface etc for this. Back to the docs. Ping in the MS-DOS prompt on Windows doesn't have this either, at least not the version I'm using. But ping under UNIX does, although it may not let you set the interval low enough. Some UNIXes have a -f (flood) option that will let you really whip the pings out. And a ping utility
Re: Port Security on 3550 [7:53446]
To: [EMAIL PROTECTED] Subject: Re: Port Security on 3550 [7:53446] well I guess we're mixing up directions... yes incoming from a device attached to a port on the switch. which would still help him but wouldn't be perfect. no, the port wouldn't shut down if a promiscuous mode nic was plugged in. It would receive everything. but that PC would not be able to send anything - to do so the switch would learn it's MAC - which wouldn't match and the port would shut down. But consider this... what info is passed between the switch and the NIC so that the Link light goes on? I don't know... will the switch still learn the MAC even if real traffic is not passed? Kevin Wigle - Original Message - From: Sasa Milic To: Sent: Tuesday, September 17, 2002 2:40 PM Subject: Re: Port Security on 3550 [7:53446] Kevin, port security works by monitoring INCOMING traffic to the switch. If source mac in incoming packets is not the one configured, port is either blocked or snmp trap is sent. And what if another computer use the port without sending any traffic (just capturing traffic, without sending anything) ? Switch won't shut it down. Sasa Kevin Wigle wrote: well I think port security would still be helpful. Port security is concerned with outgoing traffic from the port not incoming. setting the security to allow only one MAC would prevent another computer from using the port. If another computer tried to use the port with the wrong MAC then the port would shut down after 90 seconds. Kevin Wigle - Original Message - From: Sasa Milic To: Sent: Tuesday, September 17, 2002 1:20 PM Subject: Re: Port Security on 3550 [7:53446] With port security command, but it won't help you. Anyone can connect passive sniffer to that port, and switch won't block the port since there is no incoming traffic (you will configure port to be SPAN, right ? So anyone can sniff on that port). Sasa JohnZ wrote: How do you enable port security on a 3550. I want to use a port for sniffer and want to make sure that only my laptop is able to gain access on that certain port. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53547t=53446 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN Speed? [7:53563]
Do you see MPPP bundle interface with show users ? Those are users that have specified that MPPP will be used, so bundle is created on cisco side. That still doesn't mean that they use both B channels. Now check with show interface ... the speed; it will be either 64 or 128Kbps (or more if someone with more that one BRI dialed). Bundle interface name is listed in show users output. It's virtual-access interface, so it should be something like show interface virtual-access Vi10, for example. I'm sorry if I missed something, it's been almost two years since I touch 3640/dial-in box. Sasa Michael Williams wrote: Hello all, We have a 3640 setup with two PRI lines and a bunch of MICA modems. I have it configured so that we can accept incoming async modem calls or ISDN calls that use either 1 or 2 B-channels (using MPPP to allow bonding of thw two B channels). Is there a way to check the speed of an ISDN call that is active? (similar to show modem #/# to check the speed of an active async call) The issue is we have an ISDN caller, and upon connection, I only show a single B channel being used, but her modem shows both B channels being active, and her PC shows a speed of 115000 (2x56Kbps???) Can't ISDN B channels only support either 56K or 64K? I've done a debug isdn q931, and that's where I see that only one channel is coming up and active. Any suggestions or input is appreciated. Thanks! Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53572t=53563 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Port Security on 3550 [7:53446]
With port security command, but it won't help you. Anyone can connect passive sniffer to that port, and switch won't block the port since there is no incoming traffic (you will configure port to be SPAN, right ? So anyone can sniff on that port). Sasa JohnZ wrote: How do you enable port security on a 3550. I want to use a port for sniffer and want to make sure that only my laptop is able to gain access on that certain port. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53498t=53446 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Port Security on 3550 [7:53446]
Kevin, port security works by monitoring INCOMING traffic to the switch. If source mac in incoming packets is not the one configured, port is either blocked or snmp trap is sent. And what if another computer use the port without sending any traffic (just capturing traffic, without sending anything) ? Switch won't shut it down. Sasa Kevin Wigle wrote: well I think port security would still be helpful. Port security is concerned with outgoing traffic from the port not incoming. setting the security to allow only one MAC would prevent another computer from using the port. If another computer tried to use the port with the wrong MAC then the port would shut down after 90 seconds. Kevin Wigle - Original Message - From: Sasa Milic To: Sent: Tuesday, September 17, 2002 1:20 PM Subject: Re: Port Security on 3550 [7:53446] With port security command, but it won't help you. Anyone can connect passive sniffer to that port, and switch won't block the port since there is no incoming traffic (you will configure port to be SPAN, right ? So anyone can sniff on that port). Sasa JohnZ wrote: How do you enable port security on a 3550. I want to use a port for sniffer and want to make sure that only my laptop is able to gain access on that certain port. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53502t=53446 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Port Security on 3550 [7:53446]
Kevin Wigle wrote: no, the port wouldn't shut down if a promiscuous mode nic was plugged in. It doesn't matter in what mode nic is working, prom or not. If nic is not sending traffic, port will stay up. but that PC would not be able to send anything Maybe owner of that PC don't want to send. That PC will be able to sniff everything, that's the point. But consider this... what info is passed between the switch and the NIC so that the Link light goes on? No MAC packets are exchanged. will the switch still learn the MAC even if real traffic is not passed? No. Regards, Sasa CCIE 8635 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53506t=53446 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Router IOS Upgrade bug in 12.1 images [7:52489]
Speaking about upgrade bugs, I've found upgrade bug in 12.2. Here is what is happening, and how to overcome it. Hardware: - 2600 with 8 MB flash, 12.2(8)T1 telco IOS loaded. Problem: There is 8MB flash, and I want to load 12.2(8)T2. show flash shows that flash is 8MB. Do erase flash to remove existing image from flash. Now show flash shows that there is 7.8MB free in flash, and 12.2(8)T2 cannot be loaded (copy tftp flash says that there is no enough space). squeeze doesn't help. Solution: - Load older IOS that fits into 7.8 MB, for example 12.0(7)T, reload router, erase flash (now it will have 8 MB free), and then load 12.2(8)T2. Sasa Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52672t=52489 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Router IOS Upgrade bug in 12.1 images [7:52489]
Interesting. Anyway, for practicing MPLS, 12.2(8)T5 telco feature set still can run on 2600 with 8MB flash and 16 MB DRAM :) Sasa Shawn Heisey wrote: This is not actually a bug. Starting with 12.2(1) IOS, the 2600 and 3600 platforms support the squeeze command. To get it to work, you have to reformat the flash using a 12.2 image, which creates a log file used in the squeeze process. That log is a few hundred K in size, and hidden. The listed flash requirements for 12.2(8)Tx images is 16MB, and this is part of the reason why ... even though technically it can fit in an 8MB flash. It's also listed that way because future versions are not going to fit in 8MB, even formatted with old flash. Thanks, Shawn Sasa Milic wrote: Speaking about upgrade bugs, I've found upgrade bug in 12.2. Here is what is happening, and how to overcome it. Hardware: - 2600 with 8 MB flash, 12.2(8)T1 telco IOS loaded. Problem: There is 8MB flash, and I want to load 12.2(8)T2. show flash shows that flash is 8MB. Do erase flash to remove existing image from flash. Now show flash shows that there is 7.8MB free in flash, and 12.2(8)T2 cannot be loaded (copy tftp flash says that there is no enough space). squeeze doesn't help. Solution: - Load older IOS that fits into 7.8 MB, for example 12.0(7)T, reload router, erase flash (now it will have 8 MB free), and then load 12.2(8)T2. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52683t=52489 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: scariest IOS image name [7:51251]
Lets see: b - appletalk k8 - IPSec 56-bit encryption n - Novell o3 - Firewall r2 - IBM sy7 - IP+, reduced from normal IP feature set Sasa CCIE 8635 Neal Rauhauser wrote: Yes, this is a real image that I downloaded for real work - can anyone top it? c1700-bk8no3r2sy7-mz.122-8.T5.bin -- Neal Rauhauser CCNP, CCDP voice: 402-301-9555 mailto:[EMAIL PROTECTED] fcc : k0bsd I've seen the angels wearing their disguise, ordinary people leading ordinary lives - Tracy Chapman Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51281t=51251 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: L2/L3 traceroute [7:49260]
New version, v1.1.3, with numerous bug fixes :(, is posted on http://www.geocities.com/milicsasa/Tools/ Now with Windows2000 support ! Regards, Sasa, CCIE 8635 Wright, Jeremy wrote: does anyone know of a similar tool for windows. we dont have redhat on a laptop which would be a huge troubleshooting asset. tia. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49490t=49260 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Automatic Backup Question [7:47652]
Perl script that would do that is simplest/cheapest solution. Sasa CCIE No. 8635 Lupi, Guy wrote: I was wondering if anyone knows of a device that can do this. I have a situation where I need to provide automatic failover in the event that connectivity to the Internet is lost from an Ethernet port. The Ethernet port will not go down, it will be up, just IP connectivity will be lost. For various reasons I cannot run a routing protocol over the Ethernet port at all. Does anyone know if there is a unit that can ping a configurable IP address and dial an ISDN line in the event that the ping times out a certain number of times? It must have 2 routed Ethernet ports, one to connect to the provider and one to connect to the users LAN, and an ISDN BRI U interface. I appreciate any suggestions. Guy H. Lupi CCIE No. 9275 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48022t=47652 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Lab Reading [7:45486]
I've ordered only CD with documentation, just to check how it (ordering) works. Got it, with bill for $12. Actually, it is billed to cisco partner through which we bought all equipment, but that doesn't mean that we won't have to pay for it ... Sasa Roberts, Larry wrote: www.cisco.com/upgrade Click on Product upgrade, then launch product upgrade. Enter your Agreement number... I get a message that I have no hardware upgradeable ( or something to that affect ) and then an option to select documentation. It was so right in front of my face that I missed it... Thanks Larry -Original Message- From: Kunal Bhatia [mailto:[EMAIL PROTECTED]] Sent: Saturday, June 01, 2002 12:18 PM To: Roberts, Larry; [EMAIL PROTECTED] Subject: RE: CCIE Lab Reading [7:45486] Can you provide some rough idea about where you found this on CCO ? -Original Message- From: Roberts, Larry [mailto:[EMAIL PROTECTED]] Sent: Saturday, June 01, 2002 10:24 PM To: [EMAIL PROTECTED] Subject: RE: CCIE Lab Reading [7:45486] I bet Cisco is scratching their heads trying to find out why the sudden demand on IOS manuals... After 45 minutes of searching the Site I found where to order. I don't know that I would ever find it again So I started ordering things left and right I bet I have 25+ books coming... I finally have new books to read! Thanks Larry -Original Message- From: Eric Rogers [mailto:[EMAIL PROTECTED]] Sent: Friday, May 31, 2002 8:00 PM To: [EMAIL PROTECTED] Subject: Re: CCIE Lab Reading [7:45486] Just ordered the complete copy of manuals for 12.2 IOS Documentation Set :-) THANKS for that info...I knew there was a reason for being on groupstudy... -Eric - Original Message - From: Brad Ellis To: Sent: Friday, May 31, 2002 10:38 AM Subject: Re: CCIE Lab Reading [7:45486] John, I believe if you have a smartnet contract, you can get the IOS manuals free from Cisco (at least you could a couple years ago). thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] www.optsys.net (Cisco hardware) [EMAIL PROTECTED] (John Nemeth) wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... On Oct 20, 7:01pm, Chuck wrote: } } Someone who passed the lab recently advised me ( as have other folks who } have posted their success here and elsewhere ) that it remains CRITICAL that } you spend as much time as possible reading the command references as found } on CCO. Print as much out as you can. Study them. Knowing the knobs, knowing } where to find things is very helpful. eBay seller [EMAIL PROTECTED] often has complete sets of printed 12.2 manuals. The price seems to range from $100 to $200 (of course, shipping is a killer). I bought a set and they are quite nice to use for reference; although, they do take up four feet of shelf space (I need more book shelves). They are organised just like the doc CD, and you quickly learn what is where, since you can't just type a command name into a search box (I suppose you could cheat and look it up in the master index, but I haven't cracked that one open yet). }-- End of excerpt from Chuck Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=46808t=45486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: out of band in band [7:46530]
Kris, in-band-signaling describes situation when signaling is transported through the same communication channel as data. out-of-band is when it is transported through the separate channel. ISDN (no matter if it is T1 or E1 variant) uses out-of-band signaling, because signaling is using D channel, while data/voice is using B channels. Voice transported through T1 network is using in-band signaling, because signaling is using the same 64Kbps channel as voice, robbing some bits for signaling. This is also called CAS (channel associated signaling). Voice transported through E1 network is using out-of-band signaling, because all signaling is happening on separate channel, time slot 16. This is also called CCS (common channel signaling). When you telnet to your routers, your management session is in-band, because it uses the same communication channel as user data. If you connect console cable, than it is out-of-band. Hope this helps. Sasa Kris Keen wrote: Can someone clarify the terms above? D Channel uses Out of Band Signaling, the B Channel uses In Band signaling? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=46613t=46530 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Turn off syslog in Ciscoworks [7:45866]
Windows or Unix ? On Windows, go to Control Panel / Services and stop process CMF syslog service. Sasa CCIE #8635 Jeffrey Reed wrote: Is there a way to turn off the syslog facility temporarily in Ciscoworks2000? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45884t=45866 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Provider Backbone Engineering and CCIEs [7:44876]
Because pop3 username and password use two packets (one for USER username and another for PASS password command). With telnet, every keystroke is transmitted in separate packet. It is possible to collect them all and reconstruct username/password, but it's not trivial as with pop3. Sasa CCIE 8635 Henrique Duarte wrote: Why can't I sniff my telnet login/password in clear text but can sniff my pop3 login/password in clear text? I'm using Sniffer Pro 4.5. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44983t=44876 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: require module info on 3600 series router [7:43925]
Amir, you need NM-1CE1/PRI (one E1 port) or NM-2CE1/PRI (two E1 ports). Amir Aziz wrote: Hi everybody, I am here in Pakistan and we have E1 running at our ISP setup. OUR Telco provide E1 facility on G703/704I want to terminate these E1 lines directly into my router currently I am using CISCO 5300 for that purpose but I need compatiable module for my 3600 series routers as well can anyone tell me the module details or module number to use in my router I will be very thankful to the person/s. Regards, Amir Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44074t=43925 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: MPLS on existing routers [7:43414]
12.2(8)T1, telco feature set, runs on 2600 with 8MB flash and 32 MB dram. That should be enough for MPLS. dre wrote: 2600 supports MPLS labels only (not MPLS-TE, etc) code to run would be 12.1.14 (48M DRAM, 16M Flash) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43439t=43414 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IOS upgrade on 2900 failing [7:42397]
Are you trying to install .bin or .tar file ? Ed Gobeille wrote: I'm getting an unusual error while tring to upgrade IOS on several of my 2900XL series switches. After doing the copy tftp flash command, I get the response from the IOS copy to or from flash not implemented. TAC site does not have anything on this that I could find. Any ideas? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=42448t=42397 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: apache [7:40616]
No, no, no, apache is part of ciscoworks, and it works on port 1741. Yangchun, are there error messages in logs/error.log file ? Sasa Mark Odette II wrote: look at the contention of HTTP Service Ports- In plain terms, check to make sure that only CiscoWorks or Apache is using Port 80 to answer HTTP requests. If Apache is preferred to do so, you need to CiscoWorks to use a different Port to start its HTTP Service. It sounds to me like both apps are configured to use port 80 to start their HTTP Server service, and CiscoWorks is starting before Apache can, dominating the Port. That's my guess. Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of yangchun Sent: Friday, April 05, 2002 11:01 AM To: [EMAIL PROTECTED] Subject: apache [7:40616] dear all: when i install the ciscowork200 the apache don't start .display : Could not start the Apache Webserver service on local computer. Error 1053: The service did not respond to the start or control request in a timely fashio. thanks you very very much! -- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=40643t=40616 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: mac address searcher [7:37143]
CiscoWorks/Campus Manager knows to do that. Sasa CCIE #8635 steve skinner wrote: Guys, you assistance if you please.. i am looking for a new tool to help me automate a task... i work for a global company with multiple it teams,who like to move multiple it servers willy-nilly... i suppport the switches 65`s but due to politics i am not allowed to set port secuirty on them... is there any tool out there that will queiry a cisco switch and tell me if it has a MAC record in its cam table.. i have got 60 65`s in 18 different MAN locations...and christ knows how many servers... it`s just i am lazy and dont want to keep typing Sh ip arp and sh cam dyn all the time... any help would be great. TIA steve _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp; Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37181t=37143 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Spanning tree Protocol Questions [7:36559]
Comments inline ... Pierre-Alex wrote: In blocking mode, an interface will receive and send BPDUs but not send and receive data traffic. It will receive and process BPDUs, but will not send BPDUs and will not receive/send data traffic. If topology changes, port will be eventually moved into learning state and at that point will start to send BPDUs. Are blocked port considered part of the spanning tree? No. What is the difference between a BPDU and a Configuration BPDU? Configuration BPDU is just one type of BPDU. There are two types: 1. Configuration BPDU 2. Topology change notification BPDU Is it right to say that configuration BPDUs are sent only by the root bridge and that BPDUs are fowarded by non-root bridges? No, they are not just forwarded. Non-root bridges send their own configuration BPDU, which contains information about root bridge. But, they also contain information about cost to root bridge, bridge id and port id that sent BPDU, etc., so each BPDU on the network is different. Regards, Sasa CCIE No 8635 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36573t=36559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ciscoworks autodiscovery [7:36386]
Have you entered seed device(s) ? Sasa CCIE No 8635 Patrick Ramsey wrote: Hey group, Anybody run into any problems with autodicovery form ani? I installed the entire lan management collection, browsed to ciscoworks url, changed the autodicovery dates/times...Then it asked me if I would like to go ahead and perform an autodiscovery... wow...how convienant...of course I would!... and WAHLA! uhh... nothing happened... so I thought...maybe I'll let it sit over the weekend and run through all the different times I had autodiscovery set up for... and low and behold still nothing! what gives? my snmp strings are as follows *.*.*.*:pub::priv with pub and priv being substituted for the real deal... any ideas? Is there some cheezy setting somewhere I am just missing? -Patrick Confidentiality DisclaimerThis email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36449t=36386 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 16MB Flash (Read) (Read/Write) on a 2524 ?? [7:35989]
Cisco Nuts wrote: Just upgraded the flash on 2 of my 2524 routers from 8 to 16 and on rebooting the router, I get this: 8192K bytes of processor board System flash partition 1 (Read ONLY) 8192K bytes of processor board System flash partition 2 (Read/Write) You have to unpartition flash with no partition flash command. It might be needed to erase flash firts, I'm not sure. You since it is ReadOnly, set config register to 0x2101, reboot router, erase and unpartition flash. While still in flash-load-helper image, upgrade IOS. Sasa CCIE No 8635 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36003t=35989 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP on GRE? [7:35988]
Tarek Sabry wrote: In other words, can I: - run EIGRP on a GRE tunnel? Yes, you can. Just be sure that tunnel destination address is known by some other method. If, after EIGRP neighbors exchange routes, your tunnel destination becomes available through EIGRP, tunnel will be torn down, and recursive routing (or something like that) message will be sent to syslog. - transport my static local routes across this MPLS cloud this way? EIGRP over GRE supports everything that EIGRP supports. - use a VLSM network in EIGRP like I did? No. You should either use network 192.168.30.0, or network 192.168.30.48 0.0.0.7, in case that IOS supports it. Sasa CCIE No 8635 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36004t=35988 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Delay Metric in EIGRP [7:36001]
The router DOES pass total delay and minumum bandwidth of the route to neighbors. check show ip eigrp topologu Sasa CCIE No 8635 Steven A. Ridder wrote: I believe the delay is by default set on the interface by the router based on the type of link it is. I'm sure there's charts on CCO somewhere. You can change this info on the interface with the delay command, which is the recommended way of changing a metric if you are forced to do so. The router dosen't pass the delay info of a link to other routers as a raw figure, it calculates the BW and delay, then multiplies it by 256 and sends that calculation to a neighbor, which is the metric. Yatou Wu wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, In EIGRP, the delay metric is taken as configured in the interface of the router by the administrator, by default, or by measurement? when the router calculates the metric, it needs to know the minimum bandwidth along the path, and also the delay along the path. how can the router pass the infor around? pass the total delay along the path, or delay of every link? thanks yatou _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36010t=36001 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Why some routers have one E1/PRI port while others have [7:36031]
You got NM-2CE1/PRI for the price of NM-1CE1/PRI ? Well, that's great :) You can definitely use both ports. Sasa [EMAIL PROTECTED] wrote: I would like to ask a dump question here: When I ask for a cisco 2600 router with one ISDN PRI 30 interface from reseller, sometimes I got a router with one Channelized E1/PRI port, the other times the routers come to me with two such ports, and the prices are the same. The reseller told me that there is no difference between two versions of cisco 2600 routers, and he believes that the two ports are in the same module, which means I can only use the whole router for one PRI 30 connection. I don't believe those two ports are limited to only one PRI 30 connection, as the sh ver says there are two channelized E1/PRI ports. Has anyone used them before for two PRI 30 connections? Tony -- __ Your favorite stores, helpful shopping tools and great gift ideas. Experience the convenience of buying online with Shop@Netscape! http://shopnow.netscape.com/ Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=36031t=36031 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: simple ISDN / PRI question [7:33357]
Slot 0 is used for sinhronization. Slot 16 is D channel. Slots 1-15,17-31 and B channels. Sasa CCIE #8635 bergenpeak wrote: In Europe, a PRI carries 30B and one D channels. Each operates at 64kb/s. The overall PRI bandwidth is 2.048 Mb/s. 31 channels at 64 kb/s is 64kbps less than 2.048Mb/s. What's the 32nd 64kbps channel used for? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=33364t=33357 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CiscoWorks 2000: Campus Manager can't connect to ANI Server [7:33215]
Dandi, If you want to use CiscoWorks, you must have DNS server. It can be on the same box as campus manager, for testing purposes, but in production network you should put it on separate box. CiscoWorks takes lot of resurces. You only need one host in zone file, the host where CiscoWorks (and ANI server) is running. Believe me, I've been there and spent two days trying to figure out what is wrong, then I RTFM which says that campus manager is using DNS to resolve ANI server name into address. Sasa CCIE #8635 Dandi Darsana wrote: Can you explain it more detail, please? Also I don't have DNS server in the network. I use only IP address. Dandi At 02:04 PM 1/24/02 -0500, Sasa Milic wrote: Usual problem with ANI is that host where it is running must be configured in DNS. It doesn't help if you put it in local hosts file; campus manager wants is asking DNS server to resolve the name of ANI server. Sasa CCIE #8635 Dandi Darsana wrote: Dear all, I have problem with my Ciscoworks 2000. It running under Windows NT ver.4, Service Pack 6. Everytime I try to run Campus Manager, I always get error message: Cannot connect to ANI Server. I have checked and rechecked the settings in ANI Server. Everything seemed OK. The ANI Server status is Running but busy flag set. I have also checked the ANIServer.log file. I see the status is idle. Actually I have tried to reinstall the CiscoWorks 2000, and I also install it into 2 different Windows NT machines. But I always get the same problem. I also install Resource Manager Essentials, Device Fault Manager, Device Manager, Content Flow Monitor, etc, into the same machines with no problem at all. Thank you very much for your help. Best Regards, Dandi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=33215t=33215 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CiscoWorks 2000: Campus Manager can't connect to ANI Server [7:33103]
Usual problem with ANI is that host where it is running must be configured in DNS. It doesn't help if you put it in local hosts file; campus manager wants is asking DNS server to resolve the name of ANI server. Sasa CCIE #8635 Dandi Darsana wrote: Dear all, I have problem with my Ciscoworks 2000. It running under Windows NT ver.4, Service Pack 6. Everytime I try to run Campus Manager, I always get error message: Cannot connect to ANI Server. I have checked and rechecked the settings in ANI Server. Everything seemed OK. The ANI Server status is Running but busy flag set. I have also checked the ANIServer.log file. I see the status is idle. Actually I have tried to reinstall the CiscoWorks 2000, and I also install it into 2 different Windows NT machines. But I always get the same problem. I also install Resource Manager Essentials, Device Fault Manager, Device Manager, Content Flow Monitor, etc, into the same machines with no problem at all. Thank you very much for your help. Best Regards, Dandi Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=33103t=33103 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN client and Reflexive Access list [7:32858]
Check your input and output access lists on the interface, add deny ip any any log keyword so that you can see what traffic is blocked. Sasa CCIE #8635 Kevin Smith wrote: All, I am trying to connect to our HQ via Version 3.1 of Cisco's VPN Client. I use reflexive access lists on the router. The status page of the vpn client shows that my connection is established but I cannot ping any box at HQ. I know the isakmp packets are making it through the access-list but no ESP packets are. Anyone have any suggestions? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32979t=32858 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISL / DISL and a non-cisco switch [7:32757]
It is possible to establish trunk between cisco and non-cisco switch, but: 1. Only 802.1q trunk 2. No dynamic negotiation is possible. You have to hard code trunk as ON, and you have to disable DISL with nonegotiate. Sasa CCIE #8635 bergenpeak wrote: Is it possible to establish a DISL trunk between a cisco switch and a non-cisco switch? If so, how would one configure the port on the cisco switch side? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32839t=32757 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Question about EIGRP with secondary ip address [7:32557]
You have to disable split horizon on R1/E0 interface. Sasa CCIE #8635 I have a questions about EIGRP with secondary ip address, details as follow: R1 /E0R2/ E0 | (10.1.1.1/24) | (10.1.1.2/24) | (10.2.2.2/24 secondary)| | | -- R1 has a ethernet interface with primary ip address 10.1.1.1/24 and secondary ip address 10.2.2.2/24. R2 has a ethernet interface with ip address 10.1.1.2/24. Both routers are running EIGRP. R2 cannot learn the network 10.2.2.0 from R1, I think it is due to R1 did not advertise the network in secondary ip, right? How to force R1 to advertise the network in secondary ip? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32562t=32557 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Question on RSM PCMCIA, and Squeeze [7:32315]
Yep, it will remove from flash images that are marked as deleted. Sasa CCIE #8635 Richard Tufaro wrote: Hey guys, I have a question that maybe one of you can answer really quick. Im in the processes of upgrading an RSM with a PCMCIA card in Slot0. Currently there are 2 IOS images that are on it. One of them is the current production and the other one is a older IOS. I did a delete slot0: oldverofIOS.bin from the prompt and then it marked it for deletion. Now when I do a squeeze will it erase it from the card so that I can put a new version of IOS on it? Here is some info. CR-RSM#show flash -#- ED --type-- --crc--- -seek-- nlen -length- -date/time-- name 1 .D unknown E04A4755 656214 28 6513044 Jan 01 2000 00:08:13 c5rsm-isv-mz.120-3c.W5.8.bin 2 .. unknown 94AAC7D2 DFA514 28 8012416 Jul 22 2001 22:39:44 c5rsm-jsv-mz.120-3c.W5.8.bin 3 .. config A5D1B387 DFB6D0 14 4410 Jul 22 2001 23:10:08 startup-config 1853744 bytes available (14530256 bytes used) Richard Tufaro - MCSE - GSEC- CCNA Network Engineer - Anda Inc. [EMAIL PROTECTED] MSN IM - [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=32336t=32315 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I would like to hear from those who have taken the CCIE lab [7:31709]
FALSE. R4(config)#int loopback 0 R4(config-if)#shutdown R4(config-if)#end R4#sh int loopback 0 Loopback0 is administratively down, line protocol is down Hardware is Loopback Internet address is 172.16.4.4/24 ... R4#ping 172.16.4.4 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.4.4, timeout is 2 seconds: . Success rate is 0 percent (0/5) R4# Sasa Chuck Larrieu wrote: true or false - loopback interfaces can never be down unless the entire box fails.. Brad Ellis wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... They have removed ATM and Voice completely. Don't bother studying it. You should really focus on your loopback and token ring interface configuration. Make sure you can put the loopback interfaces in a 'down down' state. For the token ring interfaces, make sure you can program the router to automatically bring up a token ring interface without a mau or media filter or anything at all connected to the interface...and for that matter, if you do use a mau, make sure you can bring up the interface WITHOUT pushing in the RingIn and RingOut buttons (inside joke). You should be able to run a mile in under 5 minutes, as the cafeteria has been relocated 2.5 miles away and you only have a half hour for lunch, bring pepto and gatorade. Your lab is now written using invisible ink, make sure you can see it. You may have to repell from the third floor, bring a long rope. There will be loud music playing, and a laser light show, wear sunglasses and earplugs. The room temperature will be over 100F, dress light. You will have to solve world hunger, bring extra food. And last but not least, NDA!!! You'll find out when you get there!!! Study EVERYTHING -Brad Firesox wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am going for a the CCIE R/S lab in March. I am going thru all the labs that I can find, but I would love to hear from someone who has actually taken it recently. I am particularly curious to see how much ATM and Voice stuff I would have to know. Please email me at [EMAIL PROTECTED] Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31709t=31709 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IGRP Max Hop [7:31466]
Isn't 224 max for EIGRP ? Scott Nawalaniec wrote: Hi Cornelius, http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr rp_r/1rfigrp.htm#xtocid193833 Maximum hop count (in decimal). The default value is 100 hops; the maximum number of hops that can be specified is 255. For some reason I thought it was 224 or heard that somewhere before. Anywho, the maximum number of hops is 255. Scott -Original Message- From: Cornelius C. Marshall [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 09, 2002 2:46 PM To: [EMAIL PROTECTED] Subject: IGRP Max Hop [7:31466] Is the max # of hops for igrp 255 or 256 I'm receiving conflicting info? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31482t=31466 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISL Trunking [7:30728]
Guys, don't forget that VTP is using VLAN 1, and it cannot be configured to use some other vlan. Sasa Mark Odette II wrote: Let me clarify my statement: ...Some Catalysts may just simply not allow dropping VLAN 1, as it can be the only Administrative Vlan. What I meant by this is that based on the Version of IOS/CAT OS, that it would not accept any other VLAN as the Administrative Vlan. I know for a fact that you can specify other Vlans as the Administrative Vlan on many of the CAT 5x00/6x00 switches. I just was suggesting that stranger things could happen for the lower-end switches that have low port density, and other types of limitations. After all, Cisco hasn't made a considerable effort to make ALL their switches run Native IOS or CAT OS... it's been a mix/match from all the competitors they've acquired! :) Mark Odette II ... who obviously doesn't have experience with EVERY catalyst switch on the market, and admits it readily. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Darren Crawford Sent: Thursday, January 03, 2002 11:32 AM To: [EMAIL PROTECTED] Subject: RE: ISL Trunking [7:30728] I must disagree with VLAN 1 being the only administrative VLAN. It is simply the default VLAN. At a previous client I set up a DMZ switch with a management VLAN of 999. This was on a Cat5505. HTH Darren At 11:28 PM 1/2/2002 -0500, Mark Odette II wrote: Ali- If my memory serves correct, you must first specify another VLAN as your administrative VLAN before you can drop VLAN 1 from the trunk...otherwise, your trunk would be orphaned (become unmanageable) and you wouldn't be able to control it anymore- until you cleared the config that is. Some Catalysts may just simply not allow dropping VLAN 1, as it can be the only Administrative Vlan. If you have a SmartNet contract, you might just call TAC to get a quick and straight forward answer to this. The call will probably last you 5 minutes +/-. -Mark Odette II -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ali, Abbas Sent: Wednesday, January 02, 2002 5:59 PM To: [EMAIL PROTECTED] Subject: ISL Trunking [7:30728] Is it possible to remove default Vlans 1, 1002-1005 from ISL trunking? I am setting up a ISL trunking between Catalyst 2924 and 3640 router. I am running IOS on Catalyst XL 2924 and only want certain vlan on my link. IOS does it, but then it also inserts default vlan 1 and 1002-1005 automatically. The IOS accepts the remove command to remove vlans from the current list, but will not remove default vlans. Ali x$:0`0:$xx$:0`0:$xx$:0`0:$xx$: Lucent Technologies NetworkCare Professional Services http//www.lucent.com/netcare/ Darren S. Crawford - CCNP, CCDP, CCIE TBA Northwest Region - Sacramento Office Voicemail (916) 859-5200 x310 Pager (800) 467-1467 mailto:[EMAIL PROTECTED] x$:0`0:$xx$:0`0:$xx$:0`0:$xx$: You always have time for things you put first - Tucker Resources Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30887t=30728 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Completely OT: StarWars [7:28204]
StarWars episode IV in text mode: telnet to towel.blinkenlights.nl Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=28204t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Completely OT: StarWars [7:28204]
It's not on CCIE lab, it's on SWIE lab. It looks that you have to configure either: 1. line vty 0 4 terminal-type ansi or 2. line vty 0 4 terminal-type xterm I'm using xterm, working fine, but some people couldn't see it with vt100. Sasa Bill Carter wrote: I don't want anyone to break the NDA, but is this on the CCIE lab?? The trick is, you would have to use service compress-config ip route 1.1.1.0 255.255.255.0 R2D2 ip route 2.2.2.0 255.255.255.0 C3PO Router bgp 4 neighbor 1.1.1.1 remote-as 5 neighbor 1.1.1.1 ebgp-multihop GalaxyFarFarAway Router ospf 1 redistribute static subnets subgalaxies -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sasa Milic Sent: Wednesday, December 05, 2001 11:51 AM To: [EMAIL PROTECTED] Subject: Completely OT: StarWars [7:28204] StarWars episode IV in text mode: telnet to towel.blinkenlights.nl Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=28224t=28204 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: E1 R2 Signalling [7:27270]
Mohamed, I guess that you are missing ani at the end of ds0-group command. Here is part of my config: ! controller E1 0/0 framing NO-CRC4 ds0-group 1 timeslots 1-15,17-31 type r2-digital r2-compelled ani cas-custom 1 country easteurope use-defaults ! Sasa Mohamed el-Komy wrote: Hi all, I've a prbolem related to appearence of caller ID on E1 R2 configured on AS 5400. What do I've to add in configuration to support caller ID appearence or is it enabled by default like DNIS? Any help greatly appreciated. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27394t=27270 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Slightly OT: vpnclient 3.1.1 and Nimda [7:25877]
Yes, I've emailed TAC yesterday. As soon as I get more information, I'll post it here. Could it be that it is just some pattern that anti-virus software has recognized as nimda virus ? I didn't have any problems on my laptop, and none of the files are infected (except ikernel.exe). Regards, Sasa Brad Ellis wrote: Hmm...that's weird. I do have 3.1.1, and I scanned it for Nimda, and nothing. However, I do see that Cisco removed it from their website. What's up with that? Have you emailed TAC yet? Let me know if you have, and if so, what they have responded with. If not, I'll send them an e-mail tomorrow. On Friday, I just setup a client of ours with 3.1.1. thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] used Cisco gear: www.optsys.net CCIE Labs, racks, and classes: www.ccbootcamp.com Sasa Milic wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi All, have anyone downloaded and installed cisco vpn client 3.1.1 ? I've downloaded it 2 weeks ago, and I've just found Nimda virus in file ikernel.exe ! Cisco has removed version 3.1.1 from Software centar (but they forgot to remove readme file for it), but I still have original installation file and I've confirmed that it is indeed infected. Strange, Norton AV did not find virus two weeks ago - it did find it now, with latest virus definition file (BTW, I'm updating def file every day). Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25966t=25877 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Slightly OT: vpnclient 3.1.1 and Nimda [7:25877]
OK, here is info from TAC: This is a false alarm. There isn't really a virus it has been improperly reported Regarding removing software from software center ... It was a precautionary measure until the threat could be determined. It should be back on in a day or so. Regards, Sasa Sasa Milic wrote: Yes, I've emailed TAC yesterday. As soon as I get more information, I'll post it here. Could it be that it is just some pattern that anti-virus software has recognized as nimda virus ? I didn't have any problems on my laptop, and none of the files are infected (except ikernel.exe). Regards, Sasa Brad Ellis wrote: Hmm...that's weird. I do have 3.1.1, and I scanned it for Nimda, and nothing. However, I do see that Cisco removed it from their website. What's up with that? Have you emailed TAC yet? Let me know if you have, and if so, what they have responded with. If not, I'll send them an e-mail tomorrow. On Friday, I just setup a client of ours with 3.1.1. thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc [EMAIL PROTECTED] used Cisco gear: www.optsys.net CCIE Labs, racks, and classes: www.ccbootcamp.com Sasa Milic wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi All, have anyone downloaded and installed cisco vpn client 3.1.1 ? I've downloaded it 2 weeks ago, and I've just found Nimda virus in file ikernel.exe ! Cisco has removed version 3.1.1 from Software centar (but they forgot to remove readme file for it), but I still have original installation file and I've confirmed that it is indeed infected. Strange, Norton AV did not find virus two weeks ago - it did find it now, with latest virus definition file (BTW, I'm updating def file every day). Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25995t=25877 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Friday Follies Returns on Thursday - Access-list [7:25701]
No, no, no, you don't need outgoing access list if there are only two routers (Router_1 and Router_2). You don't have to block outgoing traffic on Router_1 since input ACL on Router_2 will block it. Even if you want to configure them with outgoing access list, you list is wrong ;) It should be: On Router_1: access-list 100 permit tcp host Router_1 eq bgp host Router_2 gt 1023 access-list 100 permit tcp host Router_1 gt 1023 host Router_2 eq bgp access-list 101 permit tcp host Router_2 eq bgp host Router_1 gt 1023 access-list 101 permit tcp host Router_2 gt 1023 host Router_1 eq bgp Sasa Donald wrote: You would need an access list blocking traffic going out too. In will allow traffic to cross the link but the router will drop it. I think one of Chuck's stipulations were Provide the access-list required on each router, so that BGP works, BGP neighbor relationships form, BGP routes are exchanged, but no other traffic occurs. I.e. no telnet, no ICMP, no EIGRP, no nothing. but no other traffic occurs interface ATM0 ... ip access-group 100 out ip access-group 101 in ! access-list 100 permit tcp host Router_1 eq bgp host Router_2 gt 1023 access-list 100 permit tcp host Router_1 gt 1023 host Router_2 eq bgp access-list 101 permit tcp host Router_1 eq bgp host Router_2 gt 1023 access-list 101 permit tcp host Router_1 gt 1023 host Router_2 eq bgp - Original Message - From: Sasa Milic To: Sent: Thursday, November 08, 2001 10:32 AM Subject: Re: Friday Follies Returns on Thursday - Access-list [7:25701] interface Ethernet0 ... ip access-group 100 in ! access-list 100 permit tcp host Router_1 eq bgp host Router_2 gt 1023 access-list 100 permit tcp host Router_1 gt 1023 host Router_2 eq bgp Similar on Router_1. Sasa Chuck Larrieu wrote: Hey you bad boys and girls! In preparing my pod for BGP access across the net, I have run into something I find fascinating. Rather than post the results, I shall instead pose this as Friday Follies on Thursday puzzle. The problem - to construct an access list such that the only thing that can happen is that BGP neighbor relationships form and BGP routes are exchanged. Hint - there appears to be a trick, if my observations are correct. I will read your replies and provide my own observations and answer when I return from my travels on Friday evening. the layout: ( not that it matters in particular ) Router_1 Router_2 | | -- ethernet ( but it works the same for serial ) Provide the access-list required on each router, so that BGP works, BGP neighbor relationships form, BGP routes are exchanged, but no other traffic occurs. I.e. no telnet, no ICMP, no EIGRP, no nothing. Extra credit if your access-lists permit only the two routers involved to engage. Have Fun Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=25711t=25701 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Resolved, was OSPF Virtual Link Authentication [7:23867]
John, Type 0 - No Authentification Type 1 - Clear text auth. Type 2 - MD5 auth Sasa John Neiberger wrote: but instead of getting a Mismatched Authentication Key error during debugging I was getting a Mismatched Authentication Type. It claimed that one end was using Type 0 and the other was Type 1. I don't really know what that means so I tinkered for a while. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23998t=23867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: NM-8AM and E1 HELP !! [7:24078]
Juli, I don't think that analog modems can pick the call coming through E1 port. How is port configured ? Send configs, I've done E1/R2, E1/PRI, and 8AM (but connected to analog phone lines). Sasa Juli Hato wrote: Halo E1 and AM(Analog Modem) gurus, I'm currently working on Analog modem and Ei port VOIP configuration. For the AM I can't make the modem pick the phone. For E1 port it seem to be the same problem. Any sample configuration to give or tips to make it clear. Thanks Best Regards, Hato _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24081t=24078 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ospf point-to-multipoint [7:23655]
Jim, point-to-multipoint can be both broadcast and non-broadcast. In case it is configured as broadcast (default when you configure 'ip ospf network point-to-multipoint), it will treat interface as collection of point-to-point links and will use multicast, just as on point-to-point link. If it is configured as non-broadcast, with: ip ospf network point-to-multipoint non-broadcast it will use unicast, and you have to configure neighbors. See page 566 for example. Sasa Jim Bond wrote: On Jeff Doyle's TCP/IP volume I, P417 it says point-to-multipoint is multicast; P433 it says it's unicast. Which one is correct? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=23703t=23655 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Sniffer Pro for Win2K [7:22175]
I have version 4.50.04, and it works under Win2K. Sasa juno vtv wrote: Last time I checked, Sniffer Pro 4.5 did not work with Win2k. That was a few months ago. Maybe they have a working version now. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=22233t=22175 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Sniffer Pro for Win2K [7:22175]
Speaking about SnifferPro, did anyone have success sniffing IPSec/ESP encrypted packets under Windows2000 ? I have tried SnifferPro, Ethereal, windump, and they all do wrong decoding of ESP packets. If I connect unix box, tcpdump works, so it isn't problem with the lab network, only windows cannot show ESP packets. For example, windump shows: 0.0.0.0 0.0.69.3: ip-proto-0 0 [ttl 0] 0e00 4503 0098 05bb ff32 1523 2828 2801 2828 2802 b0a8 8643 0023 0004 9acf 43c0 0800 c016 4d41 2b50 1d81 5717 8712 46fb bc05 d605 c538 3f34 a7f0 4ac5 fc72 There is exactly 18 bytes inserted in front of every ESP packet ! IP packet starts from 4503. Sasa Priscilla Oppenheimer wrote: Try WildPackets EtherPeek. It's great. Priscilla At 02:01 AM 10/5/01, George Murphy CCNP, CCDP wrote: I tried to demo it which requires registration and no one has ever called me back. Maybe they dont need my business ;-) Steiven Poh-(Jaring MailBox) wrote: Hello Folks, Did anybody know where I can download Sniffer Pro for Win2K...demo version or either... :) Rgds, Steiven Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=22248t=22175 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: delay and delay [7:20926]
I like the way Jeff Doyle writes this IGRP EIGRP metric formulas. It looks to me that all other ways just confuse people. At least that is my opinion, which don't have to be true. For example, Priscilla wrote: The metric = [K1 * bandwidth + (K2 * bandwidth) / (256 - load) + K3 * delay] * [K5 / (reliability + K4)] but if someone try to calculate EIGRP metric based on above formula, with specified minimum bandwidth and total delay, as reported with show ip eigrp topology a.b.c.d he/she won't get the correct result, because bandwidth and delay in above formula aren't bandwidth and delay ! Instead, much better way is to say the metric is (lets assume K1=K3=1 and K2=K4=K5=0, for simplicity): metric = 256 * ( K1 * EIGRP_BANDWIDTH + K3 * EIGRP_DELAY ) where EIGRP_BANDWIDTH = 10^7 / min_bandwidth_on_path_in_kbps EIGRP_DELAY = total bandwidth in 10uS (10uS is unit in which delay is actually configured on the interface) Now, lets see example: #show ip eigrp topology 192.168.224.3 255.255.255.255 IP-EIGRP topology entry for 192.168.224.3/32 State is Passive, Query origin flag is 1, 1 Successor(s), FD is 156160 Routing Descriptor Blocks: 65.195.140.4 (FastEthernet0/0), from 65.195.140.4, Send flag is 0x0 Composite metric is (156160/128256), Route is External Vector metric: Minimum bandwidth is 10 Kbit Total delay is 5100 microseconds Reliability is 255/255 Load is 1/255 Minimum MTU is 1500 Hop count is 1 External data: Originating router is 192.168.224.3 AS number of route is 0 External protocol is Connected, external metric is 0 Administrator tag is 0 (0x) So, EIGRP_BANDWIDTH = 10^7 / 10^5 = 10^2 = 100 EIGRP_DELAY = 5100 / 10 = 510 metric = 256 * ( 100 + 510 ) = 256 * 610 = 156160 , exactly as reported by show ip eigrp topology and show ip route command. Help this clear confusion :) Regards, Sasa Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21068t=20926 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VoIP quality and Requirement [7:20497]
Mukul, usually, one voice packet is 20 bytes. Add to that 40 bytes for RTP+UDP+IP headers. So, for 8 Kbps voice stream, you would have to add 16 Kbps for overhead. That is total 24 Kbps. RTP header compression could shrink that to 11-12 Kbps, but it is possible to use it only on PtoP links, between two routers running RTP compression. End-to-end delay (delay budget) should be less than 150 ms, but then, it all depends, it could work will more, depending on users' expectations. BTW, great book for VoIP is Integrating Voice and Data Networks. Sasa MJ wrote: Moreover I second question was : What should be bandwidth to run one channel, they say 8K, so does that mean that on 64K leased line I can have 8 Ports working without any problem Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20508t=20497 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VoIP quality and Requirement [7:20497]
- Integrating Voice and Data Networks Scott Keagy Cisco Press Published October 2000 ISBN 1578701961 MJ wrote: Thanks Sasa, Well this will help me to calculate. Where you got all these stats ? are they in the same book that you have reffered, can u tell me the Author and publication also. Can we have RTP compression at 2 Internet routers if they are connected Via Internet ? Moreover normally delay is 500 msec or something on internet, and if you have ever done a voice chat on msn or yahoo when we are on dialup, things work perfectly. So that made me think that VoIP should work perfectly on Internet based leased lines. Mukul Sasa Milic wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Mukul, usually, one voice packet is 20 bytes. Add to that 40 bytes for RTP+UDP+IP headers. So, for 8 Kbps voice stream, you would have to add 16 Kbps for overhead. That is total 24 Kbps. RTP header compression could shrink that to 11-12 Kbps, but it is possible to use it only on PtoP links, between two routers running RTP compression. End-to-end delay (delay budget) should be less than 150 ms, but then, it all depends, it could work will more, depending on users' expectations. BTW, great book for VoIP is Integrating Voice and Data Networks. Sasa MJ wrote: Moreover I second question was : What should be bandwidth to run one channel, they say 8K, so does that mean that on 64K leased line I can have 8 Ports working without any problem Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20568t=20497 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Configuration buffer full [7:20408]
Try service config in global configuration mode. Sasa Hawthorne, Mike MM wrote: Does anyone know how to resolve this. When saving the config on a 3600 Router I get this message. % Configuration buffer full, can't add command: snmp-server enable traps entity % Aborting Save. Compress the config.[OK] Thanks Mike __ Disclaimer and confidentiality note Everything in this e-mail and any attachments relating to the official business of Standard Bank Investment Corporation (Stanbic) is proprietary to the company. It is confidential, legally privileged and protected by law.\ Stanbic does not own and endorse any other content. Views and opinions are those of the sender unless clearly stated as being that of Stanbic. The person addressed in the e-mail is the sole authorised recipient. Please notify the sender immediately if it has unintentionally reached you and do not read, disclose or use the content in any way. Stanbic can not assure that the integrity of this communication has been maintained nor that it is free of errors, virus, interception or interference. __ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20420t=20408 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Configuration buffer full [7:20408]
No, no, no ! It's not service config, it is service compress. Sasa Sasa Milic wrote: Try service config in global configuration mode. Sasa Hawthorne, Mike MM wrote: Does anyone know how to resolve this. When saving the config on a 3600 Router I get this message. % Configuration buffer full, can't add command: snmp-server enable traps entity % Aborting Save. Compress the config.[OK] Thanks Mike __ Disclaimer and confidentiality note Everything in this e-mail and any attachments relating to the official business of Standard Bank Investment Corporation (Stanbic) is proprietary to the company. It is confidential, legally privileged and protected by law.\ Stanbic does not own and endorse any other content. Views and opinions are those of the sender unless clearly stated as being that of Stanbic. The person addressed in the e-mail is the sole authorised recipient. Please notify the sender immediately if it has unintentionally reached you and do not read, disclose or use the content in any way. Stanbic can not assure that the integrity of this communication has been maintained nor that it is free of errors, virus, interception or interference. __ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20421t=20408 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN Troubleshooting [7:20403]
Michael, I've seen this, and problem was SS7 configuration between telco switches. Basically, they configured isdn switches so that isdn calls can be made in only one direction. Have you tried to connect plain phones into NT1 (in case that NT1 supports them) and to call other location from phone ? Ask your telco to check. Sasa Michael Gergov wrote: Hi everyone, I was troubleshooting a DDR Backup with ISDN line, here is what happened. Location 1 was setup to initiate the call, Location 2 to accept it . (I went trough the config n+1 times). The connection was never established. I set up the syslog server and debugging of Q931. Here is the excerpt out of the syslog. DISCONNECT pd = 8 callref = 0xC9 Cause i = 0x81D8 - Incompatible destination Signal i = 0x03 - Network congestion tone on I put 1 in front of the dial string xxx-xxx-, and it changed to the following. DISCONNECT pd = 8 callref = 0xF4 Cause i = 0x82A2 - No channel available Signal i = 0x03 - Network congestion tone on DISCONNECT pd = 8 callref = 0xA2 Cause i = 0x80C1 - Bearer capability not implemented Signal i = 0x03 - Network congestion tone on Than I reversed the configuration-Location 2 calling Location 1 - It was working just the way it supposed to. I am not an ISDN specialist,so can someone tell me, what my problem with the first setup was? Many Thanks, Michael Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20423t=20403 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE level topic - IPX default route - very long [7:19715]
Sorry Chuck, cannot solve your problem. But, I've found another way to inject default route: no ipx default-route ! interface Loopback0 ipx network FFFE ! Sasa Chuck Larrieu wrote: In my review of frame relay, I am examining every routing protocol over a frame cloud in a hub and spoke setup. IPX is the topic of the day, and I thought I was so clever when I devised this scenario. I was writing this post well before I ran into The Problem. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20427t=19715 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE level topic - IPX default route - very long [7:19715]
Explanation missing from first mail. Basically, this router won't have default route. But, it will advertise network -2 just as any other network it is connected to. Downstream routers will recognize this as a default network (but, they shouldn't have no ipx default-route in config). Sasa Sasa Milic wrote: Sorry Chuck, cannot solve your problem. But, I've found another way to inject default route: no ipx default-route ! interface Loopback0 ipx network FFFE ! Sasa Chuck Larrieu wrote: In my review of frame relay, I am examining every routing protocol over a frame cloud in a hub and spoke setup. IPX is the topic of the day, and I thought I was so clever when I devised this scenario. I was writing this post well before I ran into The Problem. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20429t=19715 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF demand Circuit [7:20228]
show ip ospf database router, look at LSAs without DC in options field. Sasa Lance wrote: Is there any way I can find which routers do not support it, I assume that each router must run IOS 11.3 or later? Thanks, Lance Sasa Milic wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Lance, DNA LSAs are not allowed because router received LSAs (ten different LSAa) without DC bit set in options field from other routers in the area. That means that there are routers in the area which doesn't support demand circuit. As you remember, in order to support DNAs, all routers in the area must support it, which is not the case in your network. Sasa Lance wrote: I have R6 connected to R5 via an ethernet and a ISDN link. The ISDN link is configured as an OSPF demand circuit however when I do a show ip ospf int I get the following output. Notice that it says DoNotAge LSA not allowed (Number of DCbitless LSA is 10). Why is this, I need for the DoNotAge LSA to be allowed and I thought this is what ospf demand-circuit is for. BTW this is CCbootcamp lab 8a. Please help? R6#sho ip ospf int bri0 BRI0 is up, line protocol is up (spoofing) Internet Address 137.20.224.6/20, Area 0 Process ID 64, Router ID 137.20.60.1, Network Type POINT_TO_POINT, Cost: 1562 Configured as demand circuit. Run as demand circuit. DoNotAge LSA not allowed (Number of DCbitless LSA is 10). Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:06 Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor 137.20.240.1 (Hello suppressed) Suppress hello for 1 neighbor(s) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20307t=20228 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Slightly OT: Flash removal destructive to contents? [7:20229]
John, I've done that with 2500, 2600 and 3640, and it works. Sasa John Neiberger wrote: Oddly, I've never run across this before and I'll have the chance to check it out for certain tomorrow. However, I wanted to see what your experience was with this. I'm going to be removing the flash from one 2600 and putting it into another. Will this be destructive to the contents? Will I be able to boot up the new 2600 with no problem or should I expect to load a new image before booting? Since this is a production box I'll be prepared to do whichever, but it would save me some time and stress if I could limit the downtime. Have any of you had any luck with this? Thanks, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20229t=20229 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF demand Circuit [7:20228]
Lance, DNA LSAs are not allowed because router received LSAs (ten different LSAa) without DC bit set in options field from other routers in the area. That means that there are routers in the area which doesn't support demand circuit. As you remember, in order to support DNAs, all routers in the area must support it, which is not the case in your network. Sasa Lance wrote: I have R6 connected to R5 via an ethernet and a ISDN link. The ISDN link is configured as an OSPF demand circuit however when I do a show ip ospf int I get the following output. Notice that it says DoNotAge LSA not allowed (Number of DCbitless LSA is 10). Why is this, I need for the DoNotAge LSA to be allowed and I thought this is what ospf demand-circuit is for. BTW this is CCbootcamp lab 8a. Please help? R6#sho ip ospf int bri0 BRI0 is up, line protocol is up (spoofing) Internet Address 137.20.224.6/20, Area 0 Process ID 64, Router ID 137.20.60.1, Network Type POINT_TO_POINT, Cost: 1562 Configured as demand circuit. Run as demand circuit. DoNotAge LSA not allowed (Number of DCbitless LSA is 10). Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:06 Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor 137.20.240.1 (Hello suppressed) Suppress hello for 1 neighbor(s) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=20231t=20228 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Ip precedence of GRE packets [7:19125]
Chris, I've tested that 4-5 months ago, on 2621 with 12.1T. TOS field is propagated from encapsulated packets into TOS of GRE packets. The same happens with IPSec tunnels; TOS from encrypted packets is copied into IPSec headers. Regards, Sasa Chris Read wrote: Is it possible to cause the IP precedence of a GRE packet to be the same as the IP precedence of the packet which it encapsulates? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=19132t=19125 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: what is the native vlan function in trunk? [7:18543]
Dave, what you wrote is correct for 802.1q trunks. However, ISL tags all frames, and 'native vlan' in ISL context is vlan to which the port will be assigned if trunking is disabled (by DISL, DTP, or via CLI). See: http://www.cisco.com/warp/public/793/lan_switching/2.html Regards, Sasa Dave wrote: Trunking is means of transporting multiple VLANs over a single link. This is done by the tagging the frames according to which VLAN they belong to at both ends of the trunk so they can be separated at the other end. If 10 VLANs are being trunked, how many need to be tagged? Just nine, because both ends agree that the untagged VLAN is the native VLAN. Since both ends believe that any untagged frames belong to the VLAN that is configured as the native VLAN, you can see this could cause some serious problems if different VLANs are configured as the native VLAN at each end of the trunk. Native VLAN mismatches can also cause some really nasty bridging loops in a large switched enviorment if you get multiple Spanning Tree negotiations going at the same time. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=18569t=18543 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE : What version of IOS on R/S Lab [7:18565]
According to latest info on CCO, starting from Nov 15 12.1 will be in the lab. So, before that date, 12.0 is what you can expect. But, keep in mind that 12.0T is still 12.0, but with features found in 12.1 ! Sasa Can anybody tell me if they know what version of IOS will be on the CCIE R/S Lab Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=18631t=18565 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: does vtp can span the router [7:18545]
VTP runs only on VLAN 1. Anyone know (or can test) what will happen in this topology: [SwitchA] -- isl trunk -- [Router] -- isl trunk -- [SwitchB] If router is configured for pure bridging between two ports, will VTP messages pass through it ? If yes, then answer to the original questions is yes, router is vtp transparent. Sasa i dont know which vlan can carry vtp,or like cdp-a purely layer 2 protocol, does vtp indepent of vlan,it runs on native vlan?? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=18634t=18545 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: what is the native vlan function in trunk? [7:18543]
Imagine that you use 802.1q trunk, with different native vlan on switches. Traffic from two different vlans will mix between those two switches, and will flow to the rest of the network. It will be two IP subnets on one LAN. BTW, see: http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t3/dtbridge.htm Sasa Guest wrote: you can see this could cause some serious problems if different VLANs are configured as the native VLAN at each end of the trunk. i still can not imaging what type of problem will occur,can you show me some examples? now i have enough switch to prove it ,this problem has confused me for days. thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=18641t=18543 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: remote ios upgrade? [7:18632]
Yes, there are ways. If rom image (conf-reg 0x2101) support subinterfaces, than everything will work, if it doesn't (more likely) that you have to configure physical interface. And, don't forget 'ip default-gateway a.b.c.d'. Sasa Is there anyway to upgrade a 2500 router ios using a frame relay connection? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=18644t=18632 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: does vtp can span the router [7:18545]
Since VTP uses only VLAN 1, that means that VTP messages won't be passed from one subinterface to another, on the same trunk, since you can have only one subinterface assigned to VLAN 1. Regarding passing VTP messages from one trunk to another ... From http://www.cisco.com/warp/public/473/40.html: The Catalyst 4908G-L3 does not support several Layer 2-oriented protocols, such as VTP, DTP, and PAgP, found on other Catalyst switches Also: In this example, the Catalyst 3512XL switches are configured in VTP transparent mode because a VTP domain cannot be extended across the Catalyst 4908G-L3. I would say that routers, as L3 devices, don't propagete VTP messages from one trunk to another. Sasa Priscilla Oppenheimer wrote: VTP advertisements are sent to a data-link-layer multicast 01-00-0C-CC-CC-CC. The SNAP type is 2003 which distinguishes the frame from other Cisco frames that use that multicast (CDP and DISL, for example). As I said before, the router would have to be sitting in the middle of a Layer-2 topology. For example, a one-armed router would pass VTP from one subinterface to another, wouldn't it?? I'm just trying to explain the statement from a CIT book about the router being in VTP transparent mode, which was the original question. Perhaps someone else has more details. Priscilla At 06:29 PM 9/5/01, Jeff Smith wrote: Does a VTP advertisement have a layer 3 address? I thought these were only heard within a broadcast domain. How does the router know who to pass these to on the other side? From: Priscilla Oppenheimer Reply-To: Priscilla Oppenheimer To: [EMAIL PROTECTED] Subject: Re: does vtp can span the router [7:18545] Date: Wed, 5 Sep 2001 13:51:37 -0400 A VTP transparent device does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements. However, VTP-transparent devices do forward received VTP advertisements to other devices. I can imagine a situation where a router with VLANs implemented is sitting in the middle of a Layer 2 topology and you want the router to be in VTP transparent mode so that it passes VTP advertisements onto switches on the other side of it. It doesn't seem like a very good design, but it could happen. Priscilla At 10:19 AM 9/5/01, Guest wrote: I believe it means that the router will not listen to the vtp messages. It will also not pass them along- it is strictly layer 2. pass them along,you mean just transfer it ,right?but i don't know where it go,see my last message,i dont know which vlan can carry vtp,or like cdp-a purely layer 2 protocol, does vtp indepent of vlan,it runs on native vlan?? i dont find ways to prove it. anyway ,thanks a lot Priscilla Oppenheimer http://www.priscilla.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=18691t=18545 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: e1 r2 on 3620 [7:16122]
12.0(7)T worked for me on 3640. 32MB ram + 8 MB flash, IP Only. Regie wrote: what ios release do i need for my 3600 router to support e1 r2 signaling? i have an nmce1b module in my router.. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=16198t=16122 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: J. Doyle's Routing TCP/IP, Vol. 1, OSPF [7:14952]
Alex, it is subnet on point-to-point link between Rubens and Chardin - 192.168.30.3/29 Alex Lee wrote: I am going thru' the OSPF section of this book and have a question :- There is a Link ID of 192.168.30.8 appears on routers 'Goya' and 'Matisse' ospf database, e.g. Figure 9.64 of page 525. I cannot find this ip address on any of the routers used in the sample and yet I can ping it from 'Goya' as well as from 'Matisse'.Traceroute is not successful though. Can someone shed some light ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=14965t=14952 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: J. Doyle's Routing TCP/IP, Vol. 1, OSPF [7:14952]
Should be 192.168.30.8/29. Sasa Milic wrote: Alex, it is subnet on point-to-point link between Rubens and Chardin - 192.168.30.3/29 Alex Lee wrote: I am going thru' the OSPF section of this book and have a question :- There is a Link ID of 192.168.30.8 appears on routers 'Goya' and 'Matisse' ospf database, e.g. Figure 9.64 of page 525. I cannot find this ip address on any of the routers used in the sample and yet I can ping it from 'Goya' as well as from 'Matisse'.Traceroute is not successful though. Can someone shed some light ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=14973t=14952 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: GRE and routing protocols [7:14432]
What is happeninng is that router is receiving (via RIP) tunnel destination ip address route. That's what recursive routing means. You shuold fix redistribution into RIP. Tunnel end points must be known by some other way. Obviously, since your tunnel is up, you do have static routes pointing to the other side. But, once the tunnel is up, destination ip address is received via rip. Now, the router thinks how can tunnel destination be reached via rip, if rip is supposed to work over tunnel, and tunnel end point is reachable over rip, which is working over tunnel ... recursion ! You should add some distribute list or route-map that is preventing tunnel end points to be redistributed into rip, and that will fix it. Hope this helps. Sasa Jim Dixon wrote: is there a way you can use poison reverse? -Original Message- From: Mike [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 31, 2001 9:03 PM To: [EMAIL PROTECTED] Subject: GRE and routing protocols [7:14432] I've configured a point-to-point GRE tunnel between two routers. Works fine with static routes, however, once I turn on RIP I get the following in about 30 seconds. %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing 1d01h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel0, changed state to down I've read about the recursive routing problem with IP in IP, can someone explain exactly why this is happening? Also, what is the solution. thanks, Mike Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=14517t=14432 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Question About Ciscowork [7:12621]
Syam, would you please describe what you mean by I cannot set. BTW, I don't remember that there is snmp string for ANI server; there are snmp strings for devices that ANI server uses, I guess that's what you've meant. So, you've started web browser and connected to ciscoworks server, logged into it, select Cisco Works/Setup/ANI Server. Then you click on SNMP ..., and in right part of the window you get editor window with current configuration. Right ? Now, enter for each device: x.y.z.w:public_string::private_string That should work. Click on Apply. On question Run discovery now click on No. Go into ANI Server / Discovery menu. Enter seed device(s) on the right. Click OK. Go into Campus Manager / Topology Window. Click on Discovery. That should work. Anyway, if editing snmp strings through java applet doesn't work, that's serious problem. File with strings is located at /etc/cwsi/anisnmp.conf, you should be able to edit it by hand. Sasa norsyam ariffin wrote: I cannot set snmp string for ANI server. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=12970t=12621 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Question About Ciscowork [7:12621]
Syam, I've recently installed CW2000, after numerous problems with ANI. What exactly is happening ? Topology window couldn't connect to ANI server or ... ? Regards, Sasa norsyam ariffin wrote: Hi gys. Currently I' m installing Ciscowork 2000, but have some problem regarding ANI server. I cannot make the ANI server up. Could anybody gime some hint on how to make the ANI server up? Thank in advance. Syam Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=12719t=12621 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: HELP! Frame Relay HELP! [7:12632]
And then static map will kill InARP, wouldn't it ? Sasa Marc Russell wrote: You don't need a routing protocol to ping a directly connected neighbor ip address on the same subnet. Inverse arp should of taken care of the layer-2 to layer-3 mapping. As for your own interface add a frame map command for your own interface and it will work. Marc Russell www.ccbootcamp.com Ray Smith wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I was doing one of the frame relay labs from Hutnik's CCIE lab books and did not understand the following:- 1. Why is it that I could only ping from Router-A to Router-B and vice-versa, but can not ping their own interfaces? 2. Why is the routing protocol (RIP in this case) configured on Router-A but not on Router-B, yet I was still able to ping accross end-to-end? Can someone out there explain this to me? Thanks Ray _ Get your FREE download of MSN Explorer at http://explorer.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=12721t=12632 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re:
It all depends what your telco would provide to you. For example, in my country, telco is using nocrc4 framing with alcatel isdn switches, and crc4 with siemens switches. Regards, Sasa Does anyone have any idea about crc4 and nocrc4 ? I think crc4 used for framing (G.704) and ITU-T recommended. Why Cisco put nocrc4 feature in their boxes. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Slightly OT - Setting up syslog on Solaris for Remote logging of Cisco Routers
I'm using syslog on Solaris, and I'm logging messages from cisco on it. Didn't have to configure anything special, except /etc/syslog.conf file: # local5.debug/var/log/cisco/debug local7.debug/var/log/cisco/log # One pretty offen problem arise if you don't use TABs in syslogd config file - it just won't work. So, remove all spaces (0x20) and use TABs instead of them, and it should work. Hope this helps. Sasa _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SNMP variable of *IP* octets and not layer#2 octets
Take a look at local.linterfaces.lifTable table. There you will
find:
lifEntry OBJECT IDENTIFIER ::= { lifTable 1 }
locIfipInPkts OBJECT IDENTIFIER ::= { lifEntry 42 }
locIfipOutPktsOBJECT IDENTIFIER ::= { lifEntry 43 }
locIfipInOctets OBJECT IDENTIFIER ::= { lifEntry 44 }
locIfipOutOctets OBJECT IDENTIFIER ::= { lifEntry 45 }
Above variables reflect output from command
show interface interface accounting
and in the locIfEntry there are entries for other supported protocols,
also. I'm using above variables since IOS 10.3, so yoy don't need
anything special (plain IP feature set works).
Hope this helps.
Sasa
Christian Hammers wrote:
Does anybody know a SNMP variable (regardless which IOS it would need)
that counts only IP bytes (non-IP is filtered anyway so we can ignore
it).
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Another Router-on-a-stick Post
Scott, 2610 doesn't have FastEthernet interface. You can configure ISL or 802.1q trunking only on FE. Sasa "Scott M. Trieste" wrote: Colleagues, I've been browsing cisco.com for some info on inter-vlan routing with the 2610. Cisco says there is a way to build ethernet sub-interfaces for trunking to a switch. But when I do a "int e0/0.100" and try to add an IP address, it gives me an error message: "Configuring IP routing on a LAN subinterface is only allowed if that subinterface is already configured as part of an IEEE 802.10 or ISL vLAN." There doesn't seem to be an "encapsulation [dot1q | isl] command on this router, and mls obviously isn't supported. I know that I could just give this interface multiple IP address and use a "switchport access multi" command on the switch-- but that would be too easy. By the way, I am trying to do this with a 2924XL. Should this or shouldn't this work? Many thanks in advance, Best Regards, Scott M. Trieste _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Admin distance on directly connected
A directly connected network has an AD=0. A static route via Interface has AD=0 A static route via IP address has AD=1 Correct? A static route via interface cannot have AD of 0. It can have AD from 1 (default) to 255, just like any other static route. Sasa _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Fast Ethernet ISL
Chris McKay wrote: I understand that I need to have a fast ethernet interface on a router in order to support ISL. I am looking at purchasing a 2621, but am wondering if a 1700 with a Fast Ethernet interface will do the job. Does anyone know if this will work? 1700 don't support ISL. You need at least 2620. Sasha ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: channelized e1 card
Rahul Mehta wrote: Can i connect different 64k channels to 30 leased lines with different ip address attached to each channel , i want to use this config. with one channelized e1 card and on 3640 router Rahul, actually, you can do this with 31 leased lines (each line 64Kbps). You just have to configure 31 channel-groups on E1 controller. And, be sure that your telco can/want do this. On the 3640 side, you will have something like: controller E1 0/0 framing NO-CRC4 channel-group 0 timeslots 1 channel-group 1 timeslots 2 ... channel-group 30 timeslots 31 ! interface Serial0/0:0 description Leased line 1 ... ! interface Serial0/0:1 description Leased line 2 ... ! interface Serial0/0:30 description Leased line 31 ... ! Hope this helps. Sasa, CCNP ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CSU for E1 module
We've got a 3640 with DB15 E1 connector, E1 line is Rj45. I thought we should use a CSU, right? No. For T carrier, you must use DSU/DSU. For E carrier, only DSU is required, while CSU (or LTU-Line Termination Unit in E terminology) is not. So, E1 module that you have includes DSU. DB-15 connector is there just to force you to buy $100 cisco cable CAB-E1/PRI. But, it is simple to make that cable, and it will cost you probably less that $1 (it cost me around 1$, actually :) ). What you need is: - one DB-15 male connector - one RJ-45 connector - utp cable, 1-3 meters Now, connect pins: DB-15 RJ-45 = = 2 4 9 5 8 1 15 2 Pins 1 and 2 are one pair, pins 4 and 5 are another. Regards, Sasa, CCNP ___ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
