RE: Logging to remote UNIX server [7:17401]
Hello Charles, Please try as an example logging 192.168.x.x logging trap debugging logging facility local6 ( you can use other facilities here but match what you do on the SUN box.) On the SUN box try (in the syslog.conf file) local6.debug/var/adm/messages (or any file you like) Winston CCIE #7991 -Original Message- From: Charles Dowling [mailto:[EMAIL PROTECTED]] Sent: Monday, August 27, 2001 5:56 PM To: [EMAIL PROTECTED] Subject: Logging to remote UNIX server [7:17401] Hey All, I have been trying to set up my 3660 (IOS 12.1) access router to log everything to my HP OpenView server (Solaris 8). It seems simple to set up on the Cisco side with only a few commands but it doesn't seem to be working. The 'show logging' command indicates that it is working and sending messages to the remote box but it is not receiving anything. Any thoughts, guidelines, info? Thanks, Charles. These are the configuration items I entered: logging on logging buffered 1 debugging no logging rate-limit logging trap debugging logging facility syslog logging 192.168.x.x Results of 'show logging': router#sh logging Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes, 0 overruns) Console logging: level debugging, 1559 messages logged Monitor logging: level debugging, 0 messages logged Buffer logging: level debugging, 1560 messages logged Logging Exception size (0 bytes) Trap logging: level debugging, 1564 message lines logged Logging to 192.168.x.x, 33 message lines logged Log Buffer (1 bytes): [GroupStudy.com removed an attachment of type text/x-vcard which had a name of cdowling.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17458t=17401 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Could not ping 127.0.0.1 [7:17317]
Almost sure that one cannot assign an address on the 127 network to a cisco router. This address is reserved for special reasons. One of the reasons that come to mind is to test the TCP/IP stack on a workstation or Server. If pinging the 127.0.0.1 address is successful, you can be almost sure that the TCP/IP stack loaded properly. Now you could proceed to ping default gateway etc etc. Cisco routers provide this functionality by using a loopback command on interfaces. If packets sent by an interface come back to the router, then TCP/IP is probably OK. Allowing the 127 net on routers would probably cause havoc especially on broadcast networks. Winston(#7991) -Original Message- From: Ednilson Rosa [mailto:[EMAIL PROTECTED]] Sent: Sunday, August 26, 2001 5:04 PM To: [EMAIL PROTECTED] Subject: Re: Could not ping 127.0.0.1 [7:17317] On Cisco routers you must explicitly assign a loopback interface. If you want it to be 127.0.0.1 you must do like this: conf t int loopback1 ip address 127.0.0.1 255.255.0.0 Then you will be able to ping yourself at this address. The automatic well known loopback is valid only for nic cards and other devices where you wouldn't be able to setup a loopback by other means. Regards, Ednilson Rosa - Original Message - From: Lists Wizard To: Sent: Sunday, August 26, 2001 11:19 AM Subject: Could not ping 127.0.0.1 [7:17317] Hi Group Have any one tried to ping the well known loopback address 127.0.0.1? I tried but I could not. I could ping the other ip interfaces on the router though. Any explanation is welcomed. Thanks Lw Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17336t=17317 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FR +OSPF Scenerio...CCBOOTCAMP LAB:3 [7:17117]
This is an interesting situation. You are not allowed to use the ip ospf network command to change the network type ? Ok. Are you allowed to change the ptp on R1 to multipoint ? No ? The network type is a critical factor on whether full adjacency is achieved. Frame map statements and ip ospf priority 0 statements on R2 and R3 in conjunction with dcli and neigbor statements on R1 should take care of the links between R1, R2 and R3. No ip ospf network command needed here. The link between R1 and R4 will probably become two-way without achieving full adjacency because the network types will always be different unless you are allowed to change it in some way. Is there a specific requirement to keep R1's link to R4 as point-to-point ? If not this subinterface could be changed to multipoint and OSPF should not have any problem with it. Let us know if you find another solution. Winston(CCIE#7991). -Original Message- From: Cisco Lover [mailto:[EMAIL PROTECTED]] Sent: Saturday, August 25, 2001 2:13 AM To: [EMAIL PROTECTED] Subject: FR +OSPF Scenerio...CCBOOTCAMP LAB:3 [7:17117] Hi Guys.. Facing some strange problem in OSPF.. DO u know any condition if two routers become adjacent but still cant exchange routes???What could be the reasons for it? In this Lab, We have 2 subinterfaces on R1.One multipoint subinterface is connected to two routers R2 R3 physical interfaces. The other PtP subinterface on R1 is connected to R4 physical interface. Now problem is that we are not allowed to use IP OSPF NETWORK COMMADN on these interfaces in order to make the same network type. The problem I m facing is on R1 R4 link.When I applied debug ip ospf,I see Hello mismatch SO I match the Hello values on both sides .AFter that I am able to see that R4 is now adjacent with R1 Point to point interface but Still I cant see any route from R1 coming on R4 or vice versa.. Any Suggestion GUY; Thanks a lot _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17257t=17117 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Here is the new CCIE 1 day lab! [7:16960]
You guys sure have a good sense of humour. Anyway,the 2 day lab exam I took recently was much more difficult than this new upcoming 1 day exam. Day 1 of old exam 1. Do this and do that. You are not allowed to use this and that. 2.Configure this and configure that. You are not allowed to use this or that. Day 2 of old exam 1. Do more of this and more of that. You are not allowed to do this or that. 2. Troubleshoot this and troubleshoot that. You are not allowed to use this or that. The instuctor was very helpful. Candidate-(5 mins before end of day 1) What is this and that ?? Proctor-- I am not allowed to tell you that. I am only joking folks, good luck to all of you who are making the trek. Winston. -Original Message- From: Mark Monica Baker [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 23, 2001 2:46 PM To: [EMAIL PROTECTED] Subject: RE: Here is the new CCIE 1 day lab! [7:16960] Well, most of those are pretty self-explanatory, except # 9, which is a trick question. I know I shouldn't be giving answers, but, what the 'ell: Do NOT attempt to assemble the rifle using the Swahili manual (section c, paragraph 4 of the manual requires 2 hours of prayer, which will put you over your time limit). Instead, take the barrel of the rifle and club your fellow labtakers over the head with it. Drag them to the door so the Bengal tiger will find them first. Continue with question 10 (which requires VoIP configuration). Mark -Original Message- From: Dennis H [SMTP:[EMAIL PROTECTED]] Sent: Thursday, August 23, 2001 8:10 AM To: [EMAIL PROTECTED] Subject:Here is the new CCIE 1 day lab! [7:16960] I just got a copy of the new one day lab from someone who shall remain nameless. As you can see the troubleshooting has been removed as we all know. However an extra credit task has been added! CCIE 1 Day Lab Exam - Morning 1. Describe the history of the papacy from its origin to the present day, concentrating especially, but not exclusively, on its social, political, economic, religious, and philosophical impact on Europe, Asia, America, and Africa. Be brief, concise, and specific. 2. You have been provided with a razor blade, a piece of gauze, and a bottle of Jack Daniels. Remove your appendix. Do not suture until your work has been inspected. You have 10 minutes. 3. 2500 riot-crazed aborigines are storming the room. Calm them. You may use any ancient language except Latin or Greek. 4. Create life. Estimate the differences in subsequent human culture if this form of life had developed 500 million years earlier, with special attention to its probable effect on the English Parliamentary System. Prove your thesis. 5. Write a piano concerto. Orchestrate and perform it with flute and drum. You will find a piano under your chair. 6. Based on your knowledge of their works, evaluate the emotional stability, degree of adjustment, and repressed frustrations of each of the following: a. Alexander of Aphrodisias b. Ramses II c. Gregory of Nicea d. Iammurati Support your evaluation with quotations from each man's work, making appropriate references. It is not necessary to translate. CCIE 1 Day Lab Exam - Afternoon 7. Estimate the sociological problems which might accompany the end of the world. Construct an experiment to test your theory. 8. Define management. Define Science. How do they relate? Why? Create a generalized algorithm to optimize all managerial decisions. Assuming an IBM 3270 with 257 Radio Shack and Panasonic terminals and each terminal to activate your algorithm. Design the communications interface and all the necessary control programs. 9. The disassembled parts of a high-powered rifle have been placed in a box on your desk. You will also find an instruction manual printed in Swahili. In 5 minutes, a hungry Bengal tiger will be admitted to the room. Take whatever action you feel appropriate. Be prepared to justify your decision. 10. There is a red telephone on the desk beside you. Start WWIII. Report at length on its socio-political effects, if any. 11. Take a position for or against truth. Prove the validity of your position. 12. Explain the nature of matter. Include in your answer an evaluation of the impact of the development of mathematics on science. 13. Sketch the development of human thought. Estimate its significance. Compare this with the development of any other kind of thought. Extra Credit: Define the universe. Give three examples. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=16965t=16960 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE lab equipment for sale [7:16350]
Hello, I have been successful with the CCIE lab. I would like to resell the equipment from my home lab. Available: Cat 2926T, 2509, two(2) 2513's, two(2) 2503's, 4000M. Please send an email if you are interested and I will provide equipment details. Thanks, Winston CCIE#7991 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=16350t=16350 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: fore
I have done a little work on Fore ATM switches more than a year ago. I think the company has been swallowed up by a new enterprise called Marconi. Check the web for www.marconi.com. Maybe their tech support can help you obtain some documentation. Winston. -Original Message- From: Donald B Johnson Jr [mailto:[EMAIL PROTECTED]] Sent: Friday, January 05, 2001 9:07 PM To: [EMAIL PROTECTED] Subject: fore Has anyone configured a forerunner ASX-200BX if so could you point me in = the direction of some documentation. Thanks=20 Duck _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: default routes
One of the issues here might be which route is better than the other for a particular destination. There is only one gateway of last resort in the routing table, although there may be more than one candidate default. If this router is on a stub network, then it might be better to do: ip route 0.0.0.0 0.0.0.0 interface 1 ip route 0.0.0.0 0.0.0.0 interface 2 10 By changing the admin distance you get a redundant default. If interfface 1 goes down, interface 2 will take over immediately. If the configuration remains as you have written it, I suspect that you will have per destination load balancing. But since routing detail is lost when using static default routes, packets will not necessarily take the best route to a given destination. There are other issues, but they depend on the topology and the routing protocols in use. Winston. -Original Message- From: Rahman, Abdul [mailto:[EMAIL PROTECTED]] Sent: Sunday, December 31, 2000 10:31 PM To: '[EMAIL PROTECTED]' Subject: default routes All: I know it is possible to place more than one default route in a router. What are some basic general issues with doing this, considering, that no routing loops are present. I am speaking of say: router 1# ip route 0.0.0.0 0.0.0.0 interface 1... going to network 1 router 1# ip route 0.0.0.0 0.0.0.0 interface 2... going to network 2 In the case of packets being forwarded to this router 1 would the routes that are not directly connect be sent out both interfaces? Thanks in advance. Abdul A. Rahman, Ph.D. Product Engineer Digex, Inc. (240)456-3119 [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Help Required - Desperately
Hello, 1st..open the router up and gingerly remove the memory chips and reseat them...try to boot again. 2nd.let us know if it helped. 3rd.we shall see..more to follow. I hope it is OK. Winston. -Original Message- From: Mani .K [mailto:[EMAIL PROTECTED]] Sent: Sunday, December 31, 2000 8:48 AM To: [EMAIL PROTECTED] Subject: Help Required - Desperately Hi all, I am badly in need of help from you Cisco gurus. We have a 2522 Router which was bought around 1996/1997. It doesnt boot now. The console screenshot is shown below. System Bootstrap, Version 11.0(10c), SOFTWARE Copyright (c) 1986-1996 by cisco Systems 2500 processor with 8192 Kbytes of main memory Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Internetwork Operating System Software IOS (tm) 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1996 by cisco Systems, Inc. Compiled Fri 27-Dec-96 17:33 by loreilly Image text-base: 0x0101, data-base: 0x1000 Local Timeout (control reg=0x118) Error, address: 0x2101884 at 0x1076504 (PC) --- I have tried to enter the ROM Monitor prompt and tried to set the config register as to boot from ROM and enter setup mode. But Neither does it enter the setup mode nor does it come up to the router promt. The above screen repeats itself. Can anyone infer what is the problem with the router. Also please tell me what I can do to get the router prompt. Thanks in advance. S.Kalidasan http://mail.indiainfo.com First you had 10MB of free mail space. Now you can send mails in your own language !!! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: can SPAN port transmit?
It would be a pleasant surprise to me if the normal switched SPAN port captured all your LANE traffic. It is not supported because of the way the LECs talk to the LES and other LECs. BUS traffic you should see very easily in an ELAN. ELANs may appear to be similiar to Broadcast VLANS but they use a different mechanism(addressing, etc) to do the simulation. In other words, I do not think it is supported. Having said that, if you do find a way to capture this traffic, I hope that you will share it with us. There might be a vendor-specific way to do it. I love this ATM stuff, why did they remove it from the CCIE Lab exam ??? Winston. -Original Message- From: Lou Nelson [mailto:[EMAIL PROTECTED]] Sent: Saturday, December 30, 2000 7:19 PM To: Nigel Taylor; Lou Nelson; [EMAIL PROTECTED]; [EMAIL PROTECTED]; Priscilla Oppenheimer Cc: Bryant Andrews Subject: RE: can SPAN port transmit? I do use intra-vlan routing in that a within the vlan is a gateway for that VLAN of course an arp (that I see) for the gateway occurs... then when traffic is sent to the vlans gateway to route to another vlan or anywhere... I do NOT see that As you said I would have to go to where the mapping occurs (a bunch of 7507s with AIPs)... I would find the HSRP active router... no problems... Still this does not give me what I was looking for... In Top Down Design (shameless Plug), a lot of discussion goes to knowing thyself and the traffic. What I wanted to see was the amount of traffic, type of traffic, broadcast versus standard on a given VLAN. First to baseline the VLAN, then to identify within my network where I may need additional improvements. We have some 16000 host and seem rock solid... We have way more bandwidth then needed but expect a huge amount of growth.. not in host but in applications... two of my 120+ work group managers constantly insist on infrastructure related problems... yet LMS and HP Open view show nothing. Each time they raise a stink, me or one of my technicians find not only nothing wrong, but often see no symptoms. Still these WGMs get managements ear. In all we have proven each and every time these guys are off their rockers but it did raise my desire to span the entire VLAN to Sniffer Pro and get some baselines of the VLANs traffic. I wanted to do this from my office simply by creating the LEC spanning the vlan ... and wham... In the end all I catch mostly is some CDP, HSRP, and other type broadcast Now spanning the port works exactly and accomplished everything I have wanted it to where I use it. I have been able to get profiles of our outbound and inbound data to our network. I have been able to show growth and get additional assets with empirical data... Anyway thanks Nigel... I keep looking for a way to capture ALL the data in a given VLAN... this kinda does make ya wish for a HUB mode.. not -Original Message- From: Nigel Taylor [mailto:[EMAIL PROTECTED]] Sent: Saturday, December 30, 2000 5:25 AM To: Lou Nelson; [EMAIL PROTECTED]; [EMAIL PROTECTED]; Priscilla Oppenheimer Cc: Bryant Andrews Subject: Re: can SPAN port transmit? See Inline. - Original Message - From: Lou Nelson [EMAIL PROTECTED] To: Nigel Taylor [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; Priscilla Oppenheimer [EMAIL PROTECTED]; Lou Nelson [EMAIL PROTECTED] Cc: Bryant Andrews [EMAIL PROTECTED] Sent: Saturday, December 30, 2000 3:13 AM Subject: RE: can SPAN port transmit? hmmm. I fully understand the Lane ATM Vlan Elan relationships. What is happening is that I only see the broadcast on the specific Vlan. I do not see the direct Vlan to Vlan traffic nor the Vlan to Vlan Gateway address... NT: This won't happen unless you implement some type of inter-vlan routing in which case you're no longer monitoring at layer 2 which is where the span ports on the switched devices are suppose to monitor/capture. Of course to monitor different vlans you would have to redefine you SPAN port values if you were looking to still mointor on Layer 2 . However, To monitor the VLAN to VLAN or VLANto VLAn gateway traffic you would have to do this where your VLAN maps to layer 3, which would mean at either the RSM(where you would probably have your HSRP gateways defined) or at router with a AIP card that provides the layer 3 requirememt. I assumed that the trunked ports were not passing the traffic out the lane blades because the Cam Dynamics recognized that the destination MAC was not down that port (trunked port... therefore it dropped the frame and my spanned port on the other side of the cloud never got the frame... and yes everything else is in place... a lec is configured on my Spanned port switch's lane blade... I clearly do not know what I am missing... I really feel I have covered everything -Original Message- From: Nigel Taylor [mailto:[EMAIL PROTECTED]] Sent: Saturday, December 30, 2000 1:54 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; Priscilla
RE: NetBios forwarding (Addendum)
Hello John, Here is my opinion. Temporarily, take the software or the workstation to the same subnet of the Server and see if it runs OK. While it is there, you can capture a few packets to see the conversations and the ports that are being utilized. This gives you a pretty good idea of the goal. If that is inconvenient, then do a ip forward-protocol any-local-broadcast very temporarily. Contrary to popular belief, it should not kill your router unless it is already on the brink. Assuming that it is the Netbios ports(137,138,139), You might be better of using the ip helper-address command and the no ip helper-address command for the ports you do not want to be sent across the router. I think that there is a default of 7 UDP protocols which are automatically forwarded with this command. In your config below, I think it might work, but only 1 access-list would do the trick because the server should not do any broadcasting once it is contacted by the client. Of course, that depends on the application software. What is it called anyway ? Access-Lists are a necessary evil which should be avoided whenever possible. Personally, I think that less resources would be used to decide whether to drop or foward a broadcast than to compare it to an access list. Winston. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Sunday, December 31, 2000 2:01 AM To: [EMAIL PROTECTED] Subject: Re: NetBios forwarding (Addendum) Okay, after a tad more research, I've come up with the following config, which corrects some mistakes and misunderstandings in my previous config. interface Serial0 ip address 10.1.1.254 255.255.255.0 ip directed-broadcast 101 ! interface Serial1 ip address 10.2.2.254 255.255.255.0 ip directed-broadcast 102 ! access-list 101 permit udp host 10.1.1.1 any eq netbios-ns access-list 101 permit udp host 10.1.1.1 any eq netbios-dgm access-list 102 permit udp host 10.2.2.2 any eq netbios-ns access-list 102 permit udp host 10.2.2.2 any eq netbios-dgm Now, from what I can tell, this will do what I'm attempting, but I'd still love to have your opinions because I have *zero* experience with netbios or broadcast forwarding. I'd hate to break one thing while trying to fix another. (gee, I've never done that before!) Thanks again, John We have some new software running on a single workstation that is trying to use netbios to communicate with a server on a different subnet. We do not currently allow this type of forwarding, and I've never configured it before. We'd like to limit netbios forwarding to just these two machines. Here is my idea, let me know if this would be the way to do it. access-list 1 permit 10.1.1.1 (workstation) access-list 2 permit 10.2.2.2 (server) ip forward-protocol udp 137 ip forward-protocol udp 138 ip forward-protocol udp 139 int fastethernet1/0 ip add 10.1.1.254 255.255.255.0 ip directed-broadcast 1 ip helper-address 10.2.2.2 int fastethernet2/0 ip add 10.2.2.254 255.255.255.0 ip directed-broadcast 2 ip helper-address 10.1.1.1 Would this do what I'm trying to accomplish? If not, please let me know, or if anyone has any tips for this sort of thing, I'd love to hear them. Thanks a million, as usual! John ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NetBios forwarding (Addendum)
If you have decided to do it with these commands, do not forget the other UDP broadcasts which are automatically forwarded. Have you also considered putting permanent static routes in the workstation and server ?. Will the application allow this for communication ? If it does , you do not have to touch the router. Let us know how it turns out. example: ip helper address 10.2.2.2 no ip forward-protocol udp 69 !(this does not allow tftp broadcasts) Winston. -Original Message- From: John Neiberger [mailto:[EMAIL PROTECTED]] Sent: Sunday, December 31, 2000 5:34 AM To: Trentj; [EMAIL PROTECTED] Subject: Re: NetBios forwarding (Addendum) You're right, I do need that in my config. I had it in the first post, but forgot to add it to the second one. These two lines should be in the second version: int s0 ip helper-address 10.2.2.2 int s1 ip helper-address 10.1.1.1 I think this would accomplish what I'm trying, but I'm wondering what any downsides might be and if there is a better way. I've never used the "ip directed-broadcast" config to do what your trying to do. You may need to use the "ip helper-address" config to forward your netbios traffic. Check out the attached URL. Hope this helps. http://www.cisco.com/univercd/cc/td/doc/product/software/ssr83/rpc_r/48383.h tm#xtocid670622 "John Neiberger" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Okay, after a tad more research, I've come up with the following config, which corrects some mistakes and misunderstandings in my previous config. interface Serial0 ip address 10.1.1.254 255.255.255.0 ip directed-broadcast 101 ! interface Serial1 ip address 10.2.2.254 255.255.255.0 ip directed-broadcast 102 ! access-list 101 permit udp host 10.1.1.1 any eq netbios-ns access-list 101 permit udp host 10.1.1.1 any eq netbios-dgm access-list 102 permit udp host 10.2.2.2 any eq netbios-ns access-list 102 permit udp host 10.2.2.2 any eq netbios-dgm Now, from what I can tell, this will do what I'm attempting, but I'd still love to have your opinions because I have *zero* experience with netbios or broadcast forwarding. I'd hate to break one thing while trying to fix another. (gee, I've never done that before!) Thanks again, John We have some new software running on a single workstation that is trying to use netbios to communicate with a server on a different subnet. We do not currently allow this type of forwarding, and I've never configured it before. We'd like to limit netbios forwarding to just these two machines. Here is my idea, let me know if this would be the way to do it. access-list 1 permit 10.1.1.1 (workstation) access-list 2 permit 10.2.2.2 (server) ip forward-protocol udp 137 ip forward-protocol udp 138 ip forward-protocol udp 139 int fastethernet1/0 ip add 10.1.1.254 255.255.255.0 ip directed-broadcast 1 ip helper-address 10.2.2.2 int fastethernet2/0 ip add 10.2.2.254 255.255.255.0 ip directed-broadcast 2 ip helper-address 10.1.1.1 Would this do what I'm trying to accomplish? If not, please let me know, or if anyone has any tips for this sort of thing, I'd love to hear them. Thanks a million, as usual! John ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] ___ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: IP Multicasting TTL
Kevin, I believe that when the multicast packet arrives at an interface the TTL in the IP header is automatically decremented by 1. This applies even if a threshold has been set. If the TTL-threshold on an interface is set to a number which is higher than the TTL in the multicast packet, then the packet will be dropped at that interface. Example: If my initial TTL value is 64, I can set a TTL threshold of 65 at all the border routers and the multicast packets will never leave the internal Net. The multicast packets will go from internal router to internal router decrementing by 1 each time. This makes sense to me because the multicast algorithm is probably a separate module which says "subtract the TTL-threshold from the TTL value and if the result is a positive integer, let the packet through, if not discard the packet" The result is to give some control as to how far the packets are allowed to propagate without having to rewrite the IP module. The IP rule of decrementing by 1 (sec or hop) remains intact. I will do some IP multicasting tests soon to see if the above makes sense. The IOS has not failed to surprise me yet. Winston. -Original Message- From: Kevin Welch [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 28, 2000 8:44 AM To: [EMAIL PROTECTED] Subject: IP Multicasting TTL I am boning up on IP multicasting and I have a question about TTL = Thresholds. When a multicast packet passes through an interface with a = configured TTL threshold, is the TTL decremented my 1 or by the = threshold value? -- Kevin=20 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP newbie question, interesting
I saw this original question yesterday but got sidetracked before I could send a response. I think BGP needs TCP port 179 just to operate properly. You would need at least static routes(Ip routing) just to get BGP routers talking to each other. So it maybe semantical, BGP cannot get of the ground without some other "routing" already in place. If the IGP or statics fail, so does BGP. Bottom Line: BGP is fully dependent on TCP/IP, as it has no inherent way of transporting its own packets. Once the TCP packet arrives at a BGP router it can strip away the TCP and IP headers and deal with the hellos, updates,etc. Thoughts anyone ? Winston. -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 19, 2000 3:19 PM To: [EMAIL PROTECTED] Subject: Re: BGP newbie question, interesting Dan West -- CCNA, CCNP (in progress) asked, Is it possible to run IBGP as the ONLY IGP for a particular network (AS)?? Possible, but not a good idea in almost any situation. iBGP really is an unfortunate term. It is a protocol for coordinating the "outside" activities of eBGP, and is not intended as an IGP. In other words, while it may be interior, it's not an IGP. If for no other reasons, iBGP usually depends on an IGP with hellos for anything coming close to reasonably fast failure detection. I know all routers would know about outside networks, but how about different internal areas knowing about what other networks are advertising BGP seems so capable that it could almost be done without OSPF, EIGRP, etc _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Nagle's algorithm
To all, My understanding of the "Service nagle" algoritm is to give a user the appearance of smooth keystrokes and responses in a congested net. It is especially useful when using telnet as send and receive characters get buffered and are sent in chunks as Chuck and others have stated. It is not a good idea to use it for remote users who have X terminals which obtain their X windows from X servers through a router because the screen then paints in a very slow and choppy manner. Does it affect other traffic ? probably because buffer resources are being used to store the chars. I saw it on a practice CCIE lab and the question was "Ensure that your telnet sessions to the router comes back quickly". The answer they wanted was the service nagle command. Winston -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Monday, December 18, 2000 4:11 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Nagle's algorithm I don't know. This looks like another one of those things where we'd have to find the people at Cisco who actually introduced this service to the IOS to explain why it is there and what function it performs. The 12.1 command reference most certainly indicates that the router is acting on behalf of end stations. The fact that it is stated that one should now enable the algorithm if XRemote and XWindows is in operation on the network indicates to me, at least, that pass through traffic effected. - When using a standard TCP implementation to send keystrokes between machines, TCP tends to send one packet for each keystroke typed, which can use up bandwidth and contribute to congestion on larger networks. John Nagle's algorithm (RFC 896) helps alleviate the small-packet problem in TCP. The first character typed after connection establishment is sent in a single packet, but TCP holds any additional characters typed until the receiver acknowledges the previous packet. Then the second, larger packet is sent, and additional typed characters are saved until the acknowledgment comes back. The effect is to accumulate characters into larger chunks, and pace them out to the network at a rate matching the round-trip time of the given connection. This method is usually good for all TCP-based traffic. However, do not enable the Nagle slow packet avoidance algorithm if you have XRemote users on X Window sessions. - Does one use X-windows sessions to connect to the router? Sorry, my Unix is poor. If I am an X user, and I open a telnet session to the router from my X desktop, is this what we are talking about? Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of [EMAIL PROTECTED] Sent: Sunday, December 17, 2000 6:14 PM To: [EMAIL PROTECTED] Subject:RE: Nagle's algorithm Agreed - I abbreviated my response a bit more than I should have. I was thinking along the lines that a gateway/IMP (always makes me think of Maxwell's demon)/router at the time of RFC 896 wouldn't be likely to be looking into the TCP layer and acting on it. Also, the IOS command reference comments "This method is usually a good [sic] for all TCP-based traffic. However, do not use the service nagle command if you have XRemote users on X Window sessions." JMcL -- Forwarded by Jenny Mcleod/NSO/CSDA on 18/12/2000 01:08 pm --- Priscilla Oppenheimer [EMAIL PROTECTED] on 18/12/2000 11:00:33 am To: [EMAIL PROTECTED] [EMAIL PROTECTED] cc: Subject: RE: Nagle's algorithm At 10:15 AM 12/18/00, [EMAIL PROTECTED] wrote: Flem, thanks for the confirmation. Chuck, given the age of the RFC, I seriously doubt that Nagle intended the router to do anything too complicated. Routers were always part of the TCP/IP architecture, even if they were called gateways or Interface Message Processors? But I agree with your main point that routers generally don't play a role with the Nagle algorithm, unless the router is one of the TCP endpoints. The Cisco command reference I suspect was written by somebody who didn't delve too deeply into what the command does. I guess I would have expected some note pointing out that it only applies to sessions terminating at the router, That's for sure. if that is the case, as most IOS commands affect through traffic (OK, most commands don't deal with the transport layer...) And how many people use XWindows to connect to a router? Well don't forget Telnet runs on top of TCP too. Priscilla JMcL "Chuck Larrieu" [EMAIL PROTECTED]@groupstudy.com on 15/12/2000 05:29:54 pm Please respond to "Chuck Larrieu" [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [EMAIL PROTECTED] cc: Subject: RE: Nagle's algorithm Jen, I see your point. I just finished a quick read of RFC 896 (Congestion Control in IP/TCP Internetworks) Recognizing that TCP is responsible for end to end reliable data communications, it would seem
RE: Juniper
Observation: Those are some interesting numbers. I wonder what it will be like next year. However the truth is that in this business is that the "best" does not always "win". Look at TCP/IP, it was supposed to die a slow death many moons ago..but now... I say keep learning Networking technology and you should be able to stand on your own irrespective of which vendor is on top. Suggestion: Recently, I wanted to purchase an ISDN simulator to do scenarios for the CCIE Lab and I had the thought to use two BRI routers and hook them into the local phone company's real live ISDN switch. I am happy to report that this works and I have saved a few dollars and got an ISDN connection in the bargain. If you already are doing DSLh. I will probably get DSL after the Lab exam. Winston. -Original Message- From: Mark Nguyen [mailto:[EMAIL PROTECTED]] Sent: Sunday, December 17, 2000 6:07 PM To: Priscilla Oppenheimer; [EMAIL PROTECTED] Subject: Re: Juniper Priscilla Oppenheimer wrote: At 10:17 AM 12/15/00, [EMAIL PROTECTED] wrote: is very hard to get your hands on a Juniper router... they are selling like hotcakes. And how about Juniper stock!? ;-) Like most tech stocks, they have recently slumped. but let's look at the numbers anyway as of Dec. 15th: Juniper is +113% for year 2000 Cisco is -11% for year 2000 and just for fun, how about extreme and foundry: Extreme is +71% for year 2000 Foundry is -77% for year 2000 _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Fast Ethernet MTU Size
Try it. Ethernet is based on physical and data layer characteristics with a strong dose of CSMA/CD. If all sides agree what the bit times will be above 64 then it might work. The mtu command could probably be placed on all interfaces involved. On another note, I remember having two identical servers-one fast ethernet, the other with a 100Mbs ATM card hooked directly to an ATM switch and the server with the ATM card always seemed "faster" than the one with the FE card. This was a production environment so I never really got a chance to do any real testing. I have always felt that the predictabilty of the ATM cell sizes would account for the seemingly faster throughput. We have moved away from ATM on the LAN to Gig except for some WAN connections so I might never know. Let us know if it worked. Winston. -Original Message- From: Darren Ward [mailto:[EMAIL PROTECTED]] Sent: Saturday, December 02, 2000 4:02 AM To: [EMAIL PROTECTED] Subject: Fast Ethernet MTU Size Hi All, Is it at all possible to raise the MTU size on Fast Ethernet? I'll give you all a scenario ATM on one side with an MTU of 4470, fast ethernet connecting the two routers, Gigabit Ethernet the other side with an MTU of 4470. How can I raise the MTU of a Full Duplex Fast Ethernet Connection above 1500? I assume it's not possible when going through switched as they will show every packet as a giant but in a router to router cross-over connection I was hoping there was some way to keep the MTU static across the path rather than force the routers to fragment and re-assemble (of course the destination re-assembles). Darren Ward CCNP, CCDP, CCIE Wannabee _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Hub-to-Switch connection problem
Hello, Sometimes these things happen because not all equipment have the same specs. My suggestion would be to consider DTE to DTE needs at least one roll in the connection, and DTE to DCE needs a straight-through or two rolls in the connection. It all hangs on the constuction of the interface connection and which pins it is using for transmit, receive etc. Bottom line is try to determine which interfaces(DTE or DCE) are involved and then it is easier to choose the correct cable. Hope this helps a little. Winston. -Original Message- From: Bradley J. Wilson [mailto:[EMAIL PROTECTED]] Sent: Friday, December 01, 2000 1:31 PM To: cisco Subject: Hub-to-Switch connection problem Okay gang, I had an interesting and annoying situation yesterday morning, and I'd like to see if anyone else has had an experience like this: My client was installing an older BayStack 301 switch into their existing network, which consisted of a Bay Access Node router, as well as four stacked SynOptics LattisHubs. The router was experiencing excessive collisions, hence the installation of the switch. So we installed the switch and cabled the router to it, moved all the "power users" directly onto the switch, and left the other users attached to the hub. We attached the hub to the switch via a straight-through cable. The users who were directly connected to the switch had no problem accessing the network and Internet. The users on the hub were dead in the water. We tried swapping out the cable between the hub and switch, tried plugging either end into different ports, tried flipping the MDI/MDI-X switch, and nothing worked. The only thing that *did* work was using a *crossover* cable between the hub and the switch. Now, the rule (which I gleaned from this newsgroup, btw) is that when you're connecting devices at different OSI layers, you use a straight-through - e.g. PC to hub, PC to switch, switch to router, hub to switch - that's all straight-through. You use a crossover when you're connecting devices at the same OSI layer - router to router, switch to switch, hub to hub, PC to PC. In the situation yesterday, a straight-through seemed logical, as we were trying to connect a hub to a switch. Am I wrong here? Why did the crossover work? Thanks, BJ P.S. sorry for the Bay-centric example...I'm trying to get them to change that. ;-) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Is there any methods to monitor packets accross a router
Perhaps you can set up a log server and use the access-list.log command. You should be able to see when something is denied or permitted by the list. Winston -Original Message- From: Dove [mailto:[EMAIL PROTECTED]] Sent: Saturday, December 02, 2000 6:01 AM To: [EMAIL PROTECTED] Subject: Is there any methods to monitor packets accross a router Hi all, I would like to know is there any methods to monitor packets across a router? I know that I can use "debug ip packet" to monitor them, but it will generates a significant amount of output. In my environment: Server ---R1R2R3- PC PC: 10.2.2.1 Server: 10.1.1.1 If I apply the access-list with debug command in R3 and PING from PC to Server, it can display all packets. However, when I apply them in R2 and PING again, nothing display. Can anyone help me? The access-list and debug command are as follow: Router(config)#access-list 150 permit ip host 10.2.2.1 host 10.1.1.1 Router(config)#access-list 150 permit ip host 10.1.1.1 host 10.2.2.1 Router#debug ip packet 150 detail Router#terminal monitor Thanks. dovelet _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: About OSPF and Loopback port
Hello, I am a little late on this one, but is R1E2 and R2E2 on the same Lan? (10.2.0.0). If so any device on that lan with the correct IP will be able to ping any other device with the correct IP. I think a simple ARP will allow that. No Router needed for the ping to succeed. Even if I have missed the gist of the story, please don't stop. I love this OSPF stuff. And the next time I will read all 400 of my emails before I jump in. Winston. -Original Message- From: Chuck Larrieu [SMTP:[EMAIL PROTECTED]] Sent: Thursday, November 30, 2000 5:47 AM To: Howard C. Berkowitz; [EMAIL PROTECTED] Subject: RE: About OSPF and Loopback port OK Howard. I'm not afraid to look foolish in front of everyone. --- Howard's scenario: Scenario 1 (R1 is initially misconfigured) R1 E0: 10.6.0.1 DOWN R2 E0: 10.1.0.1 UP/UP E1: 10.5.0.2 UP/UP E1: 10.5.0.2 UP/UP E2: 10.2.0.1 UP/UP E2: 10.2.0.2 UP/UP Admin discovers that R1 E1 is misconfigured and should have been 10.5.0.1. Our Heroine corrects that interface to 10.5.0.1. Assuming both routers had OSPF configured with network 10.0.0.0 0.255.255.255 area 0.0.0.1 Will a device on R1 E2 be able to ping a host on R2 E2? -- My feeble attempt at cleverness: Assuming that there is no typo in your addressing scheme, I say you have a real mess here and that the answer is no. 1) you have the same subnet appearing on two different routers 10.0.5.0/whatever on R1E1 and R2E1 While OSPF can handle discontiguous subnets, I would be surprised if it can handle duplicate subnets with any aplomb 2) on R1 the interface with the address of 10.0.5.2 has been placed into area 0.0.0.1. when the ip address for that interface is changed, without either reloading the router or performing a clear ip ospf process the interface with the address 10.5.0.1 will NOT have been placed into the OSPF process. 3) I have not done this on my routers yet. I want to see if I am in the right ballpark so far. ( well, to be honest, as soon as I send this message I am setting up a scenario, upon which I will report subsequently ) Well, gang - am I wise or still a fool? Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Howard C. Berkowitz Sent: Wednesday, November 29, 2000 12:37 PM To: [EMAIL PROTECTED] Subject: RE: About OSPF and Loopback port At 10:45 AM -0800 11/29/2000, Healis, Jim wrote: Use loopback ports in OSPF so you can set the Router OSPF ID, otherwise it will take the highest IP address. Jim Healis CCNP, CCDP Senior Network Administrator Virata Unless there have been recent IOS changes (I'm really most current in 11-something), it's even more unpredictable than just the highest IP address: At the time of OSPF initialization, the router ID is: if there are multiple loopback interfaces, the highest IP address on any loopback (i.e., not highest loopback interface number) if there is a single loopback interface, use its address if there are no loopback interfaces, use the highest IP address on any active interface (i.e., if all interfaces are in shutdown, OSPF can't initialize. Using loopbacks avoids this because a loopback cannot be down.) A fiendish troubleshooting scenario: R1 comes up first, then R2. They share an Ethernet. Neither has any loopbacks. Scenario 1 (R1 is initially misconfigured) R1 E0: 10.6.0.1 DOWN R2 E0: 10.1.0.1 UP/UP E1: 10.5.0.2 UP/UP E1: 10.5.0.2 UP/UP E2: 10.2.0.1 UP/UP E2: 10.2.0.2 UP/UP Admin discovers that R1 E1 is misconfigured and should have been 10.5.0.1. Our Heroine corrects that interface to 10.5.0.1. Assuming both routers had OSPF configured with network 10.0.0.0 0.255.255.255 area 0.0.0.1 Will a device on R1 E2 be able to ping a host on R2 E2? -Original Message- From:Moerdo [mailto:[EMAIL PROTECTED]] Sent:Wednesday, November 29, 2000 8:26 AM To: [EMAIL PROTECTED] Subject: About OSPF and Loopback port Does anyone here can explain to me, why me must use loopback port for OSPF configuration. Thank you for the answer for this stupid question. Thank you. moerdo. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Virtual-link load balancing
Interesting situation. It might be that the "virtual link" is like a tunnel and gets a different "cost" although it is a T1 line. Have you already tried cost adjustments ? to bring the other T1's to the same level as the virtual T1. As long as they are equal in cost there should be load balancing. If you use "no ospf auto-cost determination" and then explicitly assign the same cost to all the lines. Maybe ??? just maybe the T1's are at cost 64 and the tunnel is at a different level. Winston. -Original Message- From: Craig Johnson [mailto:[EMAIL PROTECTED]] Sent: Monday, November 27, 2000 5:08 PM To: '[EMAIL PROTECTED]' Subject: Virtual-link load balancing I'm at the end of my rope on this one, so I was wondering if anyone knew the answer. I have a virtual link configured between area 0 going through area 5, for backup purposes. Well, our primary link failed and we are routing over this virtual link. Each of these routers has 3 T1's going from them to area 5. Unfortunately, all virtual-link traffic is traversing over serial 0, and not load balancing across the other T1's. Normal inter-area traffic is load balancing fine, but I have 1 T1 that is heavily overloaded with the other 2 light. Any ideas? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF NSSA problem
Just a suggestion. Have you tried "tagging" the routes coming into the ASBR and then denying them on the ABR with a route map ? Winston. -Original Message- From: Peter Van Oene [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 23, 2000 7:18 PM To: Simon Hope; [EMAIL PROTECTED] Subject: Re: OSPF NSSA problem It is my belief that the P bit is unmodifiable. Type 7's are advertised as 5's to the OSPF domain in almost if not all manufacturers equipment. Although some texts allude to the fact that you can control this behavior with a nob, I've never seen it. Pete *** REPLY SEPARATOR *** On 11/23/2000 at 4:54 PM Simon Hope wrote: Hi guys / gals, Here is an interesting problem that I am struggling with at present Area 4 of my OSPF network is configured as NSSA and has 3 routers in it. Router 1 is the ABR that connects to the backbone, Router 2 is the ASBR that is redistributing some IGRP networks into area 4 and Router 3 is just an internal area 4 router. They are connected together over one ethernet. I would like to set the "P" bit on the type 7 LSA's that the ASBR produces to zero, so that the ABR (r1) will NOT convert these to Type 5's and NOT put them into the backbone (see Doyle, p483 if you dont know what I mean) the closest command I can come up with is the "area 4 nssa no-redistribute" , which I thought would work when I typed it in on R2 (the ASBR) - but this seems to block the production of the type 7 LSA altogether, so that R1 and R3 can no longer see the IGRP routes at all If I type the "area 4 nssa no-redistribute" on the ABR (R1) then this has no effect whatsoever, and the type 7 routes still get converted to type 5, and flooded into the backbone. Doyle says this command should be implemented on the ASBR not a seperate ABR so this doesn't surprise me too much Does anyone know how to do this? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 804 problems after 'erase startup' and reload
Sounds a little like it might have something to do with flow control. Have you already tried toggling different flow control settings ? Usually gibberish means the devices are talking but the characters are not properly synchronized from one device to the other. Let us know how it works out. Winston. -Original Message- From: Jason Roysdon [mailto:[EMAIL PROTECTED]] Sent: Sunday, November 19, 2000 2:04 AM To: [EMAIL PROTECTED] Subject: 804 problems after 'erase startup' and reload Was going to let a friend reconfigure an 804 from scratch. We were telnetted to a router and going out the AUX port with reverse telnet to the 804. I copied my current config off to my tftp server, then did an 'erase startup', 'show startup' (came back unconfigured), 'reload,' and said no to save current config and confirmed reload. Next thing we knew we got jibberish (like we had the wrong baud rates). AUX was set for 9600 (default) and was working fine before the reboot... When I got physical access to the 804, I tried with direct console access from my laptop. Same thing, 9600,8,n,1 just gave me jibberish. I tried all other baud rates Tera Term Pro (my favorite free telnet/serial terminal program) supports (100-115200) , as well as 7,e,1 at a random number of baud rates, etc. Even went to try from Hyperterminal, no luck there either at 9600 or 115200 (same results). Actually, the only thing that didn't give me jibberish was 115200 which just flashed the cursor but never moved it. I tried issuing ESC, CTRL+C BREAK after power off/on with 9600 115200, no luck and same results. Any ideas out there? -- Jason Roysdon, CCNA, MCSE, CNA, Network+, A+ List email: [EMAIL PROTECTED] Homepage: http://jason.artoo.net/ Cisco resources: http://r2cisco.artoo.net/ _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 4 NET WORK CARDS IN ONE SERVER
I think that you can do this if you have 4 different subnet addresses to use. I have only tried it with two using Advanced Server. If and when you do, watch what choices you make because the Server may try to become a rudimentary router for IP RIP, OSPF, IPX etc.not sure if that is what you want. Winston. -Original Message- From: L Reid [mailto:[EMAIL PROTECTED]] Sent: Sunday, November 19, 2000 3:51 AM To: [EMAIL PROTECTED] Subject: 4 NET WORK CARDS IN ONE SERVER How do I set up four network cards in one NT 2000 server? Is there a book that you know of? Thanks in advance guys = = = = = = = = = = = = = = = = = = [EMAIL PROTECTED] = = = = = = = = = = = = = = = = = = _ Do You Yahoo!? Yahoo! http://calendar.yahoo.com/ Calendar - Get organized for the holidays! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: what is the purpose of FECN?
Looks like a trick question. I would choose answer a. Answer b corresponds to what is called the BECN. The reason that it is a trick question is that the immediate reaction would be to discard Answer a because FECN is not the only way to tell if a packet experienced congestion. Winston. -Original Message- From: cslx [mailto:[EMAIL PROTECTED]] Sent: Sunday, November 19, 2000 10:39 AM To: [EMAIL PROTECTED] Subject: what is the purpose of FECN? what is the purpose of FECN? a.To tell the router that a packet experienced congestion b.To tell the router that packets it is sending to a remote site are experiencing congestion c.To tell the router that there is bandwidth available _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Kinda OT - ARP Question
If you cannot telnet to the router, there is a possibility that a "gratuitous arp" may do the trick. If the router recognizes these kinds of arp packets it should update its cache. The broadcasted arp will have the same source and destination Ip address and the new source MAC address. It is used primarily to check if another node had the source's IP address. In fact you might not have to do anything to change it. The act of putting the Ip on a different NIC may generate the gratuitous arp. If not, try to find a way to generate the special arp from the new station. Winston. -Original Message- From: Fred Ingham [mailto:[EMAIL PROTECTED]] Sent: Sunday, November 19, 2000 7:56 PM To: Hinds, Jarrett (contractor); [EMAIL PROTECTED] Subject: Re: Kinda OT - ARP Question You could just enter "clear arp" this will force a refresh. If you want to totally clear an entry shut/no shut the interface it was learned on. Of course, make sure this isn't the interface you are using for your telnet session |:) Fred. "Hinds, Jarrett (contractor)" wrote: I believe, by default, the timeout for ARP on a 3640 is four hours. I was wondering if there is anyway to force an update of this ARP table without having access to the router to manually clear the table. Would pinging the router from a box with the same IP address, but different MAC do the trick? Or do I have to wait the four hours for a timeout? Thanks, Jarrett _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: About Backplane
A beginner you say ? Have no fear, even the non-beginners are drowning in IT terminology. There are many words and acronyms which have been created, dropped and re-created in this field. In concept, the "backplane" is the physical part of the switch(usually found in the "back" of the switch)which is connected to all other parts of the switch. It is somewhat similar to the "motherboard" or "mainboard" of a computer. Packets which must go from one module to another will cross the backplane. It has the switching bus and is extremely fast because it is based on hardware components. Not all packets have to cross this backplane, but when they do they do so at a high rate of speed. You will be able to see the backplane in many switches if you remove the modules. Hope this helps, Winston. -Original Message- From: Moerdo [mailto:[EMAIL PROTECTED]] Sent: Sunday, November 19, 2000 8:02 PM To: [EMAIL PROTECTED] Subject: About Backplane I still don't understand with cisco catalyst 5500 backplane. What does the backplane mean for ? is there anybody can answer this beginner question ? thank you. moerdo _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF on Broadcast Net
Hello, This is a brain teaser. What would happen if you placed two OSPF routers on the same broadcast network and configured only one with authentication ? Stop !! do not try it on your lab before you think about it. Winston. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Some OSPF Questions
It appears that there might be some small misunderstanding about DR and BDR relationships. On a Multi-access net the DR is the "pseudonode" which represents the net. It is similar to NLSP in this regard. All OSPF routers refresh their LSAs occasionally. The DR sends LSA type 2 to all OSPF routers on the net. This way all routers get a refresh of who is who etc. Hellos are only used to establish and maintain adjacencies. Prior to 11.3 LSA's were sent every 30 minutes and all routers refreshed their databases. Now the default for all LSAs is 4 minutes(240 sec). This is configurable by using the command "timers lsa-group-pacing". A BDR, being an OSPF router would miss any other OSPF router after 10 times 4 = 40 secs using the default. This will cause it to change its routing behaviour, however the BDR to DR functionality would not take effect until it did not see the LSA type 2 packets from the DR after the set time(4 min default). I am not sure if that has been changed in 12.x the DR is the only router who originates LSA type 2 packets. Winston -Original Message- From: Frank B. [mailto:[EMAIL PROTECTED]] Sent: Saturday, November 11, 2000 1:24 AM To: David Armstrong; [EMAIL PROTECTED] Subject: Re: Some OSPF Questions You couldn't be more right! I jumped the gun. My response to your question 1) was incorrect. The BDR to Dr transition doesn't use the Hello protocol. The BDR listens to the LSAs from other routers (non-DR/BDRs) but doesn't reflood or ack them unless the DR fails to. I still can't find the exact timer value (or what it's called-if anything) that must go by before the BDR takes over. I've reviewed the RFC2328 section on flooding procedure and references to the DR/BDR, Doyle's, Thomas' and Caslow's book but no mention of the length of time. One response said 0.5 seconds and quoted an Exam Cram...I don't own any Exam Cram's but shouldn't there be a source reference somewhere? That very well could be correct but they had to get it from some where? Any ideas? Also, regarding question 3) Mr Berkowitz did come up with scenarios where he used multiple OSPF processes on one box. I'm sure there are enough possible permutations of networks, as well as IOS nerd knobs, out there that could support nearly anything. Generally speaking though I'd go with Cisco's guidance on this one...this practice is highly discouraged because it can take a toll on resources of the box. Just my opinion :) Thanks to all everyone out there willing to help.Frank David Armstrong wrote: Frank, Thanks for your response. It seems there is some confusion over the things I'm confused about! :-) I appreciate your response. I've been looking at some of this as I could. I do have a question about the BDR to DR promotion. We had found 2 sources that said the BDR listens for LSA's from the DR rather than Hello packets. That's really where the confusion came from. It would make sense that and adjacency was formed between the DR and BDR and that the BDR would wait for the Dead Interval before promoting to DR but both of these said that it listened for LSA's. Do you know if this is correct? Thanks, David Armstrong -Original Message- From: Frank B. [mailto:[EMAIL PROTECTED]] Sent: November 10, 2000 1:49 PM To: David Armstrong Cc: [EMAIL PROTECTED] Subject:Re: Some OSPF Questions David, It appears you have received conflicting guidance on your question...I'll throw my 2 cents in but I hope I don't add to the confusion: 1) RouterDeadInterval is the legth of time a router waits for a Hello packet from a neighbor before declaring it down...the same timer is used by the BDR to determine whether the DR is down. The RouterDeadInterval is recommended by RFC 2328 to be "some multiple of the HelloInterval (say 4)" With respect to the HelloInterval RFC2328 states "Sample value for a local area network: 10 seconds." These are the numbers Cisco's implementation uses : 10 seconds for Hello and 40 seconds for RouterDead...for NBMA it's 30 and 120 respectively. 2) OSPF enabled routers maintain a data struture for each OSPF enabled interface. When you type "sh ip ospf int x" the router will disply the contents of the data structure. Point-to-point interfaces will NOT display any DR or BDR--because there are none. With only 2 routers on the segment you don't need 'em. 3) I've never had a need to use 2 OSPF process but Someone already stated it being used to transition/migrate and that seems
RE: Redistributing routes
Suggestion: look at the MULTI_EXIT_DISC (MED) attribute of BGP and whether your provider can provide you metrics for routes. Winston. -Original Message- From: Kevin Welch [mailto:[EMAIL PROTECTED]] Sent: Friday, November 10, 2000 10:31 AM To: [EMAIL PROTECTED] Subject: Redistributing routes Hi, I am trying to understand some route redistribution, here is the senario: I have two routers, each is receiving a default route from its BGP peer. Both peers are to the same providers network, I want to make both of these routes available to both routers, right now each router is only receiving one route. In order to acheive good load balancing and fault tolerance, I need to make sure both links are utilized. My inital thought was just to redistribute use the redistribute bgp command, but the routes are not seen when this is done. My guess is that I am missing some step to redistribute the default routes I am receiving. I would prefer a nudge in the right direction, rather than an all out answer if possible. I have looked through Cisco's web site, but I have not had much luck. -- Kevin _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Some OSPF Questions
Chuck, Thanks for testing. Now my curiosity is at an all time high. Is it possible for you to do the test with 4 routers ? My theory is that 2 or maybe even 3 routers are not enough. Here is why: 2 routers on a broadcast net will always have a DR and BDR. If the DR goes away, the DR will know it is alone on a broadcast net. It will become a DR in its own right. It will not be taking over any duties of the former DR. The time to realize that it is alone will be 40 secs(default). A 3 router net might have the same issue. The absence of the DR will trigger a promotion of the BDR. The remaining router will become the BDR. This seems to be consistent with the broadcast net rules. Although the code obviously selects BDRs and DRs very early, maybe the duties of DR flooding do not start until there is at least one other DRother on the net. I only have two routers available and my test produced essentially the same results as yours. Something I did notice is that the Network type 2 LSAs never aged. If a 4 router test produces the same results then it will be difficult to say whether LSAs or hello packets determine when the BDR takes over for the dead DR. I hope they never ask this question on any test. Winston. -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Saturday, November 11, 2000 8:39 PM To: Matthew Herman; David Armstrong; [EMAIL PROTECTED] Subject: RE: Some OSPF Questions Just to put in some empirical data, I set up two routers on an Ethernet link, in the classic OSPF broadcast scenario. Hello time is 10 seconds. Dead time 40 seconds ( 4xhello ) I determined which of the two routers was the DR, and which was the BDR I then plugged into and monitored from the BDR, using repeated "show ip ospf neighbor" commands I then unplugged the DR from the ethernet I then repeatedly reissued the show ip ospf neighbor commands I watched. The result of the show command was that the neighbor state FULL/DR remained in effect until the dead time was reached. After that, there was no neighbor. I also plugged it the first router back into the ethernet and repeatedly issued the commands. After a few seconds the first router showed up as a FULL/BDR Of some interest - the debug ip ospf hello and debug ip ospf events were silent immediately after unplugging the DR. It was only after the expiration of the dead time that debug ip ospf events indicated the election of a new DR, to whit, the router I was monitoring. Where this 0.5 second / half second thing comes from I cannot say. But using Cisco's defaults in a quick and dirty lab, it is safe to say that this is not what happens. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Matthew Herman Sent: Friday, November 10, 2000 9:56 AM To: David Armstrong; [EMAIL PROTECTED] Subject:RE: Some OSPF Questions I'll throw my hat in.. 1. .5 seconds (50 msec) (Chapter 7, p142 exam cram acrc) 2. yes, there will be only one DR and its your single point of failure as well 8-. 3. doh...I have set up multiple as's on one router when I had multiple customer and redistributed into my AS. It worked ok but I am not saying that was a good way of configuring the router. 2/3 = 66 percent Still not enough to pass the ccie... matt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of David Armstrong Sent: Friday, November 10, 2000 8:46 AM To: [EMAIL PROTECTED] Subject: Some OSPF Questions Last night at our BSCN study group meeting in Dallas we had some questions about OSPF that we weren't able to resolve. If someone or ones could answer these it would clarify some areas we're a little fuzzy on. Also, if you're iin the Dallas Ft. Worth area and would like to attend, we'd love to have you join us.. Thanks for any help, David Armstrong 1) What is the default time period that the BDR waits when listening to LSA's from the DR before it decides that the DR is down and promotes itself to DR. All the literature we could find simply said that the BDR waits for the specified time period but never said what that period is. 2) In a Point-to-Point network in which the router in Area 0 is connected to FR, ISDN, X.25 or ATM branch offices (networks), how does convergence and updates take place? From what we've found a DR and BDR is not elected in a strictly Point-to-Point network. I think an example would explain this question better: We have one 3620 router in our Ft. Worth office connected to an office in Houston (via FR), and office in Kansas City (via FR), an office in the DFW area (via ISDN) and the owner's home (via ISDN). The 3620 is behind a firewall (Pix 520) and the firewall is connected to a 1720 going to the Internet. I'd like to implement OSPF on our network simply for the experience. However, I don't have 2 routers internally on our Ethernet LAN that can be configured for Area 0 and elected to DR and BDR. All other routers connected to that
IOS differences
Does anyone know if there is a there is a source for the major differences between IOS releases ? For example 11.1 -added this or that functionality 11.2-added support for x etc. The info is scattered all over on Cisco. thanks, Winston. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: OSPF Area virtual links
There seems to be one major advantage of using loopback addresses for OSPF-the highest loopback will be chosen for the RID and it stays up as long as the router is up and you can use any address you want. There are other advantages but not as significant as this. If you use a loopback address which is a legal IP address, and treat it like any other legal interface, you can ping and route to that interface from anywhere. If you use an unpublished address, you cannot ping or route to the interface from elsewhere. In the case of virtual links, it is advisable to use any physical interface IP address on the router. This allows the routers on either end of the link to find each other. It does not have to be the loopback interface. In fact it should not be the loopback interface unless you are using a legal router address for the loopback. Bottom Line: If you have addresses to spare, use a legal address for the loopback. If you do not have addresses to spare use an "unpublished" address. Do not advertise or distribute this address. Only the router on which it is configured should have it as a route(and RID). All others will see it only as an RID. For virtual links, any interface address configured on the router would do the trick. The OSPF routers configured with the statement know what to do with the packets regardless of which interface it comes in on. Of course it may be better to choose the interfaces which are closest to each other. This does not cover every possible scenario, but in the special case of virtual links, it is not necessary to do static or advertise the loopback. Winston. -Original Message- From: Keith Townsend [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 09, 2000 8:01 PM To: [EMAIL PROTECTED] Subject: OSPF Area virtual links When creating a virtual link between an ABR non-directly connected are to an ABR in the backbone should you always use the loopback address for the virtual link. Doyle does this on page 943 of his Routing TCP/IP book. Secondly is there a route to the loopback of these two routers. Maybe I'm forgetting something but how do the two routers find routes to each other if you're not advertising L0 and there is no static routes to the L0. Thanks, Keith _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TCP protocol behavior - Ports above 1023
I think most folks understand port assignment but I would like to add my twist to the explanations. It is not a good idea to address the subject of "Ports" without addressing the subject of "Sockets" and the Client/Server paradigm. Well-known ports allow client computers to know ahead of time which service is being offered by Servers. These were established to represent common services. A good example is the Telnet service which is offered by well-known port 23. I do not have to call the Administrator of a Server to ask which port to use if he is offering standard telnet services. My standard telnet client will be assigned a dynamic source port above 1023 which the operating system chooses and passes to the TCP stack. At the same time my client knows that the standard telnet destination port is always 23. The source IP address, the random( dynamic) source port and the destination IP, well-known destination port(23) are placed in the TCP/IP packet and sent on its way. The operating system keeps track of the random ports. Several telnet client sessions can be fired up on the same client and each will be given a different random source port number combined with the same well known destination port number(23). The combination of an IP address and a source port number is known as a "socket". So this client may have several sockets operating at the same time, each of which will be unique because of the randomly selected port number. IP address remains the same and destination port(23) remains the same for each socket. On the Telnet Server side, each "socket" consists of the Server's IP address and the well-known port. It has the client's IP address and the client's randomly generated source port which was provided in every TCP packet. Each combination of two sockets , one for client and one for server is unique in the entire Internet and allows for multiplexing several telnet sessions from the same client to the same server at the same time. This is the backbone of Client/Server technology. It is entirely possible for a programmer to write a TCP/IP stack and select any port number he/she likes for his Telnet Server daemon to listen on. But he/she would also have to write the telnet client portion to use the new number. No standard telnet client would know his/her new non-standard number. Folks who are writing new apps which "register" their ports are writing both Server and client side. The Server daemon or Service listens at the "registered" port and the client side seeks out that number. e.g. A GroupWise client knows that the standard GroupWise Server is listening at 1677. In the final analysis, it really does not matter which ports are used where as long as both client and server agree. It is not wise to use any well-known ports for new applications because they were programmed into the Operating Systems (starting with UNIX) or added as third party stacks a long time ago. Winston. -Original Message- From: Chuck Larrieu [SMTP:[EMAIL PROTECTED]] Sent: Tuesday, November 07, 2000 2:24 AM To: Cisco Mail List Subject: TCP protocol behaviour - Ports above 1023 Got a question about this. Application wants to open a TCP connection to something - say http, so the application issues the request, TCP on the application side uses some random port number above 1023 as the source port number. The destination port is the well know port on the distant end. However, I see from the IANA port listings (http://www.isi.edu/in-notes/iana/assignments/port-numbers ) that there are any number of registered ports above 1023. For example L2TP uses port 1701, Groupwise uses port 1677, ands WINS uses port 1512. The IANA page itself calls ports 1024 through 49151 "registered" and further states that only ports 49152 and beyond are "dynamic and / or private" Anyone ever sniffed outbound traffic and seen apps using source ports in the 1024 through 49151 range? It just occurs to me that this has the potential of creating problems, if an application uses a port reserved for some other application. Since most of the ports in this "registered" range appear to be for obscure kinds of services or applications, perhaps this isn't really and issue. Comments? Chuck _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ospf process id / AS??
The concept of an Autonomous System is carried in the AREA(S) used by OSPF. There are 4 things which enable OSPF routers to become adjacent in the same area. Area Identification Authentication Hello and Dead Intervals Stub Area Flag However, the AS may consist of several areas arranged in a hierachy with Area 0 at the top. The AS can seen as a group of one or more areas under the same administration. The router process-id only identifies a particular separate algorithm of OSPF. There can be more than one OSPF process running on the same routers in the same area. Hope it helps. Winston. -Original Message- From: Jeff McCoy [SMTP:[EMAIL PROTECTED]] Sent: Tuesday, November 07, 2000 3:26 PM To: [EMAIL PROTECTED] Subject: ospf process id / AS?? If the process id is defined as 200 in the command: router ospf 200 and this is not the AS, then where is the AS defined? -jm _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Catalyst 5000 Console
Please try a straight-through cable. Winston. -Original Message- From: Austin [mailto:[EMAIL PROTECTED]] Sent: Saturday, November 04, 2000 5:55 PM To: [EMAIL PROTECTED] Subject: Catalyst 5000 Console How does one connect to the Cat 5000 console port? The Cat's console port is not like other Cisco routers console ports. Please let me know. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: HSRP priority bug???
Not sure, but my understanding is that the default priority is 100 and you should not set it if you want a device to be 100. Try setting one to 105 and leave the other alone. To rule out other interfering devices, I would use the standby x authentication string command on all HSRP routers to make sure that they talk to each other and no one else. Whatever you do, please let us know what worked so we can know if there is problem in this snippet of code. Winston. -Original Message- From: Billha [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 31, 2000 9:59 PM To: [EMAIL PROTECTED] Subject: Re: HSRP priority bug??? That's good advice Scott, you can also ping 224.0.0.2 and see who replies. Regards, Bill "Scott M. Trieste" [EMAIL PROTECTED] wrote in message 8tn1o6$ean$[EMAIL PROTECTED]">news:8tn1o6$ean$[EMAIL PROTECTED]... Mark, I have run into this before. Chances are there is another device on this segment that is listening to multicast 224.0.0.2. Do a "debug standby" and see if these devices are communicating. My intuition says that another device on this segment is hearing the 224.0.0.2 multicast. Let me know what you find. -Scott [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey Group, Got an issue for you. I am faced with a dilemma here. We have a client who is about to make us upgrade about 100 IOS's to fix this issue and I just want to know if there is another way around it. We have a site with 2 redundant routers. HSRP is configured between them. The modle is Cisco 2612(Token/Ether) when we configure HSRP with a priority of 100 on the secondary router and 105 on the primary both of them get stuck in INIT. The rest of the network uses these settings and everything is nice and dandy. When we go onto these devices and try to set the priority to 100, HSRP does not work!?!? If we set it to 105, 110, 115, etc. it will work just fine but for some reason it will not except 100. Has anybody ever dealt with this problem or know how to fix it? I would really appreciate it if somebody could help us out or it looks like we will be working nights here if you know what I mean. Thanks in advance all... Mark Zabludovsky ~ CCNA, CCDA, 1/4-NP _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TELNET question?
There is a file called /etc/default/login which has a CONSOLE variable. Comment out this line to allow remote logins by root. P.S. It is a security issue. Winston -Original Message- From: Ngo Van Dzung [SMTP:[EMAIL PROTECTED]] Sent: Tuesday, October 31, 2000 10:08 AM To: CISCO Group Study Subject: TELNET question? Hi All, I have server with SUN Solaris 7, from a Workstation (Windows 98), I telnet to the Server and logon using user root, but after I typed username and password I saw following message: --- Not on system console Connection to host lost. --- But if I telnet and logon with another username it done successfuly, and I can su to root no problem. So how can I telnet and logon using user root? Please help me! Cheeres, _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RIP v1 or RIP v2?
I think I read somewhere that by default the router sends only RIP v1 but listens to both RIP v1 and RIP v2. Anything else has to be manually configured. Winston. -Original Message- From: Pete [mailto:[EMAIL PROTECTED]] Sent: Sunday, October 29, 2000 2:27 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: RIP v1 or RIP v2? By default it will be RIP v1. You have to specifically tell it to use RIP v2. Sincerely, Peter Kurdziel CCNA, CCDA, MCSE, MCP+I http://www.inotez.com http://www.inotez.com/ Cisco QA http://www.inotez.com/discus http://www.inotez.com/discus -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Friday, October 27, 2000 10:26 AM To: [EMAIL PROTECTED] Subject: RIP v1 or RIP v2? If you enable rip on a router by defualt will it be RIP v1 or RIP v2? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: RIP v1 or RIP v2?
I agree. If one wants the router to do anything useful with the V2 updates it hears one must specifically use the version 2 and/or the ip rip receive version 2 commands. Winston. -Original Message- From: Chuck Larrieu [mailto:[EMAIL PROTECTED]] Sent: Sunday, October 29, 2000 11:26 AM To: Shaw, Winston Mr.; 'Pete'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: RIP v1 or RIP v2? I believe that listening for RIP v2 must be done on an interface by interface basis using the "ip rip receive version 2" command. If memory serves, I did a quick and dirty lab and reported the results some time back. Those with no lives (:-) may want to check the archives. Which reminds me, anybody seen or heard from that bad boy Bob Vance lately? Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Shaw, Winston Mr. Sent: Sunday, October 29, 2000 1:48 AM To: 'Pete'; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject:RE: RIP v1 or RIP v2? I think I read somewhere that by default the router sends only RIP v1 but listens to both RIP v1 and RIP v2. Anything else has to be manually configured. Winston. -Original Message- From: Pete [mailto:[EMAIL PROTECTED]] Sent: Sunday, October 29, 2000 2:27 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: RIP v1 or RIP v2? By default it will be RIP v1. You have to specifically tell it to use RIP v2. Sincerely, Peter Kurdziel CCNA, CCDA, MCSE, MCP+I http://www.inotez.com http://www.inotez.com/ Cisco QA http://www.inotez.com/discus http://www.inotez.com/discus -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Friday, October 27, 2000 10:26 AM To: [EMAIL PROTECTED] Subject: RIP v1 or RIP v2? If you enable rip on a router by defualt will it be RIP v1 or RIP v2? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Loopback address on serial subinterface
On your printout, someone first configured an ip address on loopback99 and then issued the following command under the subinterface: ip unnumbered loopback99 Winston. -Original Message- From: Lists Wizard [mailto:[EMAIL PROTECTED]] Sent: Sunday, October 29, 2000 8:44 PM To: [EMAIL PROTECTED]; 'Cisco group study'; [EMAIL PROTECTED] Subject: Loopback address on serial subinterface Hi There, Does any one knows how to assign a loopback ip address to a serial subinterface? Please look at the output of the show command below so that you understand what I mean thanks. Routersh int s0/0.1 Serial0/0.1 is up, line protocol is up Hardware is PQUICC with Fractional T1 CSU/DSU Description: frame-relay PVC to Interlocken Interface is unnumbered. Using address of Loopback99 (10.66.0.161) MTU 1500 bytes, BW 256 Kbit, DLY 2 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY IETF Router _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
