Re: OSPF forwarding address and route servers [7:58510]
I never heard about this type of config on cisco routers : The only rules I known about cisco implementation of forwarding address are shown on this web link : http://www.cisco.com/en/US/tech/tk648/tk365/technologies_tech_note09186a0080 09405a.shtml If you find anyway to implement this kind of config, I will be very interrested ! Hope it helps. -- Stephane Litkowski CCNP IP Network Engineer Equant p b a icrit dans le message de news: [EMAIL PROTECTED] Reading (yawn) RFC 2328 and there's mention of two uses of the forwarding address in external LSAs (section 2.3). The second use is where one makes an OSPF router a route server and it generates external LSAs with the forwarding address in each LSA set to the proper AS exit point IP. I guess the route server could specify multiple exit points for the same external network via a multiple respective LSAs and each router in the AS would compute it's path to the nearest exit point. Does anyone actually configure OSPF in this fashion? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=58561t=58510 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN tunnel question [7:57994]
Yes it is possible, I used this architecture at home with OSPF on the GRE tunnel and it works fine ! supernet a icrit dans le message de news: [EMAIL PROTECTED] RouterA---Internet--PIX-RouterB. I want to establish VPN between RouterA and PIX and build a GRE tunnel between RouterA and RouterB. The reason is I need to run routing protocol between RouterA and RouterB. Is it possible? Many thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57999t=57994 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Per user config on CISCO using TACACS [7:57970]
Hi all,
I tried to test some tacacs config with VPDN. The purpose was to implement
per user interface router config. I observed that I cannot use some
commands like ip vrf forwarding or service-policy or ip rtp priority
in the interface config AVPAIR (but it seems to be supported). Log is below
:
00:22:18: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up
00:22:18: Vi1 AAA/AUTHOR/LCP: Authorization succeeds trivially
00:22:20: AAA/AUTHOR (0xB): Pick method list 'default'
00:22:20: AAA/AUTHOR (0xB): Pick method list 'default'
00:22:20: Vi1 PPP/AAA: Check Attr: Framed-Protocol
00:22:20: Vi1 PPP/AAA: Check Attr: username
00:22:20: Vi1 PPP/AAA: Check Attr: interface-config:Peruser I/F
00:22:20: Vi1 PPP/AAA: Check Attr: interface-config:Peruser I/F
00:22:20: Vi1 PPP/AAA: Check Attr: interface-config:Peruser I/F
00:22:20: Vi1 AAA/AUTHOR/FSM: We can start LCP
00:22:20: Vi1 PPP/AAA: Check Attr: Framed-Protocol
00:22:20: Vi1 PPP/AAA: Check Attr: username
00:22:20: Vi1 AAA/AUTHOR/FSM: We can start IPCP
00:22:20: Vi1 AAA/AUTHOR/LCP: Process Author
00:22:20: Vi1 AAA/AUTHOR/LCP: Process Attr: interface-config
00:22:20: AAA/AUTHOR: Processing PerUser AV interface-config
00:22:20: Vi1 AAA/AUTHOR/LCP: Process Attr: interface-config
00:22:20: AAA/AUTHOR: Processing PerUser AV interface-config
00:22:20: Vi1 AAA/AUTHOR/LCP: Process Attr: interface-config
00:22:20: AAA/AUTHOR: Processing PerUser AV interface-config
00:22:20: Vi1 AAA/AUTHOR/LCP: Process Attr: interface-config
00:22:20: Vi1 AAA/AUTHOR/LCP: Process Attr: interface-config
00:22:20: Vi1 AAA/AUTHOR/LCP: Process Attr: interface-config
00:22:20: Vi1 AAA/AUTHOR/LCP: IF_config:
bandwidth 128
peer default ip address pool gvpn-pool2
service-policy output 4CB
00:22:21: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down
Here the service-policy seems to cause the problem, if I put it off the
config of the user profile it works fine.
The user profile is (LINUX TAC_PLUS server) :
user = gvpn_voice {
global = cleartext
service = ppp protocol = lcp {
interface-config#1=bandwidth 128
interface-config#2=peer default ip address pool gvpn-pool2
interface-config#3=service-policy output 4CB
}
service = ppp protocol = ip {
}
}
The config of the router (2500, IOS 12.2(11)T) is :
aaa new-model
!
!
aaa authentication fail-message ^CYou have been deconnected^C
aaa authentication password-prompt Secure password :
aaa authentication username-prompt Secure username :
aaa authentication login default group tacacs+ local
aaa authentication ppp default group tacacs+ local
aaa authorization network default group tacacs+ if-authenticated
aaa session-id common
!
virtual-profile aaa
vpdn enable
!
vpdn-group 2
! Default L2TP VPDN group
accept-dialin
protocol l2tp
virtual-template 2
!
vpdn-group 3
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 2
ip tos reflect
!
(...)
!
interface Ethernet0
description Private LAN interface
ip address 172.16.4.254 255.255.0.0 secondary
ip address 10.0.0.254 255.255.255.0
no ip proxy-arp
ip nat inside
no ip mroute-cache
no cdp enable
!
interface Ethernet1
description Public LAN interface
bandwidth 160
ip address dhcp
ip helper-address 10.0.0.1
no ip proxy-arp
ip nat outside
no ip mroute-cache
max-reserved-bandwidth 100
service-policy output 4CB
no cdp enable
!
interface Virtual-Template2
ip unnumbered Loopback0
max-reserved-bandwidth 100
no peer default ip address
ppp authentication chap ms-chap callin
!
(...)
!
ip local pool gvpn-pool1 192.168.254.1 192.168.254.253
ip local pool gvpn-pool2 192.168.255.1 192.168.255.253
!
tacacs-server host 10.0.0.3
tacacs-server key cisco42
Did someone already experience this kind of config ?
Thanks
Stephane Litkowski
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=57970t=57970
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF non-broadcast mode question [7:57242]
Hi all, I build an OSPF config between one cisco box and a zebra openbsd. LAN1 ZEBRA == (GRE Tunnel over Internet) == CISCO -- LAN2 Because I had some problem on the openbsd to encapsulate multicast hello packets in GRE, I used the ospf network type : non broadcast. My config is : interface Tunnel0 description Tunnel vers NICE ip address 192.168.0.2 255.255.255.252 ip mtu 1450 ip ospf network non-broadcast ip ospf cost 100 ip ospf hello-interval 10 ip ospf priority 255 tunnel source Ethernet1 tunnel destination 212.232.45.149 ! router ospf 1 router-id 192.168.2.1 log-adjacency-changes redistribute connected metric-type 1 subnets route-map CONNECTED-to-OSPF network 192.168.0.0 0.0.0.3 area 0 network 192.168.2.1 0.0.0.0 area 0 neighbor 192.168.0.1 priority 1 poll-interval 1 I don't exactely understand the behavior of the non-broadcast mode. What the purpose of the neighbor command ? Is it just for DR/BDR election or for neighbor discovering too ? If not, how is done the discovery (I didn't configure the neighbor command on the zebra box, and it works. moreover if I issue a non neighbor on the cisco, the command is still here) ? Are all the OSPF packets unicast ? (I take some traces, and it appears that all packets are unicast, but I want to be sure). Thanks for the help, I can't find any good documentation for NBMA ... Best Regards, Stephane Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57242t=57242 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
copying TOS in VPDN PPTP [7:57194]
Hi all, I'm trying to do some QoS features on PPTP tunnels, so I want the TOS field from original IP header to be copied to the tunnel IP header. I tried the command ip tos reflect but it doesn't work. IOS version is 12.2(11)T IP PLUS. Did anybody already try it ? Here is my config : vpdn-group 3 ! Default PPTP VPDN group accept-dialin protocol pptp virtual-template 2 ip tos reflect (...) ! ! interface Loopback0 description VPN Endpoint ip address 192.168.255.254 255.255.255.255 ! interface Ethernet0 description Private LAN interface ip address 172.16.4.254 255.255.0.0 no ip proxy-arp ip nat inside no ip mroute-cache ! interface Ethernet1 description Public LAN interface bandwidth 128 ip address dhcp ip helper-address 172.16.4.15 no ip proxy-arp ip nat outside no ip mroute-cache service-policy output 3CB-Internet-128k ! interface Virtual-Template2 bandwidth 64 ip unnumbered Loopback0 peer default ip address pool LOCAL ppp authentication chap ms-chap callin ! (...) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57194t=57194 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Traceroute blocking on CISCO router [7:56924]
Hi all, how can I prevent a cisco router to respond to a traceroute (ICMP or UDP) ? I tried to apply an access-list out to prevent ICMP to be generated by the router, but it doesn't seem to block anything ! Maybe access-lists cannot block local traffic ... access-list 101 deny icmp any any log access-list 101 permit ip any any I see the packet log by the ACL, but it is still transmitted (because local ?) 00:24:13: %SEC-6-IPACCESSLOGDP: list 101 denied icmp 192.168.1.3 - 192.168.1.2(0/0), 1 packet 00:24:13: IP: s=192.168.1.3 (local), d=192.168.1.2 (Ethernet0), len 56, sending 00:24:13: ICMP type=11, code=0 Thanks for help Stephane Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56924t=56924 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Traceroute blocking on CISCO router [7:56924]
I deny out traffic : ip access-group 101 out I cannot use it as in because, inbound request can be either ICMP or UDP depending of the version of traceroute. But I'm sure that the answer is in ICMP so applying an out filter will permit to use it with every traceroute version. Robert Raver a icrit dans le message de news: [EMAIL PROTECTED] Stephane, How are you applying this? It should be coming and not going out. ex. ip access-group 101 in Thanks, Robert Raver - Original Message - From: Stephane Litkowski To: Sent: Tuesday, November 05, 2002 11:21 AM Subject: Traceroute blocking on CISCO router [7:56924] Hi all, how can I prevent a cisco router to respond to a traceroute (ICMP or UDP) ? I tried to apply an access-list out to prevent ICMP to be generated by the router, but it doesn't seem to block anything ! Maybe access-lists cannot block local traffic ... access-list 101 deny icmp any any log access-list 101 permit ip any any I see the packet log by the ACL, but it is still transmitted (because local ?) 00:24:13: %SEC-6-IPACCESSLOGDP: list 101 denied icmp 192.168.1.3 - 192.168.1.2(0/0), 1 packet 00:24:13: IP: s=192.168.1.3 (local), d=192.168.1.2 (Ethernet0), len 56, sending 00:24:13: ICMP type=11, code=0 Thanks for help Stephane Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56936t=56924 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Traceroute blocking on CISCO router [7:56924]
Robert, I tried to apply th ACL at inbound (for ICMP traceroute version) : on the PC (192.168.1.2), I tried to traceroute an address behind the router (172.16.4.5) I can see in debug that the the ICMP packet is denied by ACL but the router replies to the host : 00:07:23: %SEC-6-IPACCESSLOGDP: list 101 denied icmp 192.168.1.2 - 172.16.4.5 (0/0), 1 packet 00:07:23: IP: s=192.168.1.2 (Ethernet0), d=172.16.4.5, len 92, access denied 00:07:23: ICMP type=8, code=0 00:07:23: IP: s=192.168.1.3 (local), d=192.168.1.2 (Ethernet0), len 56, sending 00:07:23: ICMP type=3, code=13-(unreachable because the address i traceroute does not exist) Robert Raver a icrit dans le message de news: [EMAIL PROTECTED] Stephane, How are you applying this? It should be coming and not going out. ex. ip access-group 101 in Thanks, Robert Raver - Original Message - From: Stephane Litkowski To: Sent: Tuesday, November 05, 2002 11:21 AM Subject: Traceroute blocking on CISCO router [7:56924] Hi all, how can I prevent a cisco router to respond to a traceroute (ICMP or UDP) ? I tried to apply an access-list out to prevent ICMP to be generated by the router, but it doesn't seem to block anything ! Maybe access-lists cannot block local traffic ... access-list 101 deny icmp any any log access-list 101 permit ip any any I see the packet log by the ACL, but it is still transmitted (because local ?) 00:24:13: %SEC-6-IPACCESSLOGDP: list 101 denied icmp 192.168.1.3 - 192.168.1.2(0/0), 1 packet 00:24:13: IP: s=192.168.1.3 (local), d=192.168.1.2 (Ethernet0), len 56, sending 00:24:13: ICMP type=11, code=0 Thanks for help Stephane Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56937t=56924 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Traceroute blocking on CISCO router [7:56924]
Yes it works with this command ! thanks Stephane Robert Edmonds a icrit dans le message de news: [EMAIL PROTECTED] Are you wanting to also block the ICMP unreachable message? If so, you can use no ip unreachable. Stephane Litkowski wrote in message news:200211052003.UAA03311;groupstudy.com... Robert, I tried to apply th ACL at inbound (for ICMP traceroute version) : on the PC (192.168.1.2), I tried to traceroute an address behind the router (172.16.4.5) I can see in debug that the the ICMP packet is denied by ACL but the router replies to the host : 00:07:23: %SEC-6-IPACCESSLOGDP: list 101 denied icmp 192.168.1.2 - 172.16.4.5 (0/0), 1 packet 00:07:23: IP: s=192.168.1.2 (Ethernet0), d=172.16.4.5, len 92, access denied 00:07:23: ICMP type=8, code=0 00:07:23: IP: s=192.168.1.3 (local), d=192.168.1.2 (Ethernet0), len 56, sending 00:07:23: ICMP type=3, -(unreachable because the address i traceroute does not exist) Robert Raver a icrit dans le message de news: [EMAIL PROTECTED] Stephane, How are you applying this? It should be coming and not going out. ex. ip access-group 101 in Thanks, Robert Raver - Original Message - From: Stephane Litkowski To: Sent: Tuesday, November 05, 2002 11:21 AM Subject: Traceroute blocking on CISCO router [7:56924] Hi all, how can I prevent a cisco router to respond to a traceroute (ICMP or UDP) ? I tried to apply an access-list out to prevent ICMP to be generated by the router, but it doesn't seem to block anything ! Maybe access-lists cannot block local traffic ... access-list 101 deny icmp any any log access-list 101 permit ip any any I see the packet log by the ACL, but it is still transmitted (because local ?) 00:24:13: %SEC-6-IPACCESSLOGDP: list 101 denied icmp 192.168.1.3 - 192.168.1.2(0/0), 1 packet 00:24:13: IP: s=192.168.1.3 (local), d=192.168.1.2 (Ethernet0), len 56, sending 00:24:13: ICMP type=11, code=0 Thanks for help Stephane Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56968t=56924 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IS-IS simple config [7:56751]
Hi all, I see in Jeff Doyle's book (TCP/IP routing vol1) that for each ISIS router config (for IP routing only) there is the command clns routing. WHY ? I think this command is not necessary as long as we don't use clns router isis on interfaces : I already configured ISIS for IP routing on my 2500 routers without clns routing and it works fine ! Does this command bring something in IP only environment ? Thanks for clarifying this. -- Stephane LITKOWSKI Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56751t=56751 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: mapping OSPF tag value into BGP community [7:56450]
We use on our live network static binding between IGP routes tag (static routes) and BGP community using route-maps, and it works fine. I never heard about an automatic mechanism that convert IGP route tag to BGP community ... bergenpeak a icrit dans le message de news: [EMAIL PROTECTED] Is it possible to take tag values carried in OSPF external route advertisements and automatically map them into the community attribute of the respective BGP advertisement? Consider a router running both OSPF and BGP. In the BGP config, there's a redistribute from OSPF into BGP. Assume that only OSPF external routes, and hence those with tag values, are being redistributed into BGP. Assume that these external routes have different tag values. Is there a way to automatically get each respective OSPF tag value into the community value of the respective BGP route advertisement? So, if an OSPF external route advertisment has a tag value of 42, when the route is redistributed into BGP, the respective BGP community value would be 0:42. If the OSPF tag value was 81, the BGP community value would be 0:81. It looks like it might be IOS possible to statically encode all the possible OSPF tag values, via a route-map, and then set the BGP community value. I've not actually done this yet, so not sure if its possible. However, I'd rather use an automated mechanism for this. That way, as new OSPF external tag types are used in the network, I don't need to update route-maps. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56753t=56450 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IS-IS simple config [7:56751]
Ok ! I missed it ... Nigel Taylor a icrit dans le message de news: [EMAIL PROTECTED] Stephane, If you read a bit further in Doyle's Routing TCP/IP on page 654 you will understand the reasoning for the command within the configuration. It's important to remember as Doyle also points out earlier in his IS-IS chapter, that IS-IS was designed with the purpose of transitioning TCP/IP to OSI. Doyle gives a brief explanation of this on page 593-595. HTH Nigel - Original Message - From: Stephane Litkowski To: Sent: Saturday, November 02, 2002 1:21 PM Subject: IS-IS simple config [7:56751] Hi all, I see in Jeff Doyle's book (TCP/IP routing vol1) that for each ISIS router config (for IP routing only) there is the command clns routing. WHY ? I think this command is not necessary as long as we don't use clns router isis on interfaces : I already configured ISIS for IP routing on my 2500 routers without clns routing and it works fine ! Does this command bring something in IP only environment ? Thanks for clarifying this. -- Stephane LITKOWSKI Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56755t=56751 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IS-IS simple config [7:56751]
As I said, on my 2500, there's no command clns routing in show run But after verification, clns routing is enabled (but command does not appear). 2514-MPLS#sh protocols Global values: Internet Protocol routing is enabled CLNS routing is enabled (address 49.0001..0001.2514.00) 2514-MPLS#sh run Building configuration... Current configuration : 1042 bytes ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname 2514-MPLS ! ! ip subnet-zero ip cef mpls label protocol ldp ! ! ! interface Loopback0 ip address 10.0.0.1 255.255.255.255 no ip directed-broadcast ip router isis 1 isis circuit-type level-1 isis metric 0 level-1 (...) Thanks for help me to read the book !!! ;-) Stephane Nigel Taylor a icrit dans le message de news: [EMAIL PROTECTED] Stephane, If you read a bit further in Doyle's Routing TCP/IP on page 654 you will understand the reasoning for the command within the configuration. It's important to remember as Doyle also points out earlier in his IS-IS chapter, that IS-IS was designed with the purpose of transitioning TCP/IP to OSI. Doyle gives a brief explanation of this on page 593-595. HTH Nigel - Original Message - From: Stephane Litkowski To: Sent: Saturday, November 02, 2002 1:21 PM Subject: IS-IS simple config [7:56751] Hi all, I see in Jeff Doyle's book (TCP/IP routing vol1) that for each ISIS router config (for IP routing only) there is the command clns routing. WHY ? I think this command is not necessary as long as we don't use clns router isis on interfaces : I already configured ISIS for IP routing on my 2500 routers without clns routing and it works fine ! Does this command bring something in IP only environment ? Thanks for clarifying this. -- Stephane LITKOWSKI Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56756t=56751 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Config-register???? [7:54632]
The bit #8 does not prevent user to use break sequence at boot. It just prevent to use it when IOS is loaded ... When a router is in 0x2102, u can use break sequence at boot to enter ROMMON. When a router is in 0x2002 (break enabled), u can use break sequence when IOS is loaded and take traces when router hangs for example. Your problem is that u change console baud rate by setting the bit #5.Just set your terminal speed to 19200 and it will works ... NB : a good advice : if your terminal displays strange caracters, it's often a baud rate problem ... http://www.cisco.com/univercd/cc/td/doc/product/access/acs_mod/cis3600/hw_in st/3600hig/3600appc.htm Baud Bit 5 Bit 12 Bit 11 115200111 57600110 38400101 19200100 9600000 4800001 2400011 1200010 Hope it helps. Stephane Litkowski Network Engineer (Paris, FRANCE) CCNA + CCNP Mark W. Odette II a icrit dans le message de news: [EMAIL PROTECTED] Set your terminal app's baud rate to 19200 and see if that doesn't fix ya. Also, according to the nifty Config-Register calculator (from Boson's website), the Break Key is disabled. So, you'll need to let the router boot normally, and then, via the console, go into config mode and change the config register to your desired setting. HTH's Mark -Original Message- From: Frank Lodato [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 01, 2002 10:10 AM To: [EMAIL PROTECTED] Subject: Config-register [7:54632] I broke in to a Cisco 2600 router today, but I didn't have access to my handy sheet that tells me exactly what config-register setting to type in. Instead of 0x2142 I put 0x2124. Now when I hard bott the router it gives me'JJJ^^' . Now, I've never seen this before so I'm very confused as to what to do next. I can't really type anything either so it wont take commands that I know. What did I do? How can I fix it? Help! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54652t=54632 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP Aggregation in IOS 12.2 [7:54528]
To announce your loopback interfaces, u can also use redistribute connected with a route-map to filter which connected you want to redistribute (only loopbacks) ... Jim Brown a icrit dans le message de news: [EMAIL PROTECTED] Elmer, The way I read your config. You have enabled a single interface with EIGRP routing, interface loopback17 of network 192.168.199.0/24. You are redistributing all of EIGRP into BGP which only includes this one network. You are aggregating 192.168.192.0 255.255.248.0. The aggregate address needs a minimum of one network in the aggregate address range to advertise the supernet and more specific underlying routes. The BGP table is exactly right as far as I can tell. The only networks that should appear are the networks redistributed from EIGRP, 192.169.199.0/24, and the aggregate, 192.168.192.0/21, which is using the previous /24 network for its very existence. You must enter EACH of the loopbacks under the BGP process using 'network 192.168.192.0 mask 255.255.255.0', 'network 192.168.193.0 mask 255.255.255.0'. The mask statement is not necessary in this case, I just always use it for consistency. It is a personal preference. The mask statement is only necessary for networks outside their classful boundary. The other alternative is to include all of the loopbacks under the EIGRP process and have them redistributed into BGP which you already have setup, but currently you are only redistributing a single /24. If you want them all to appear, you need to either enter them under the BGP process with a network statement or redistribute them from EIGRP. The route-map you have included in the configs looks like you are planning on only advertising a subset of the more specific /24 routes. You should look at the suppress-map option under the aggregate address command as well as distribute list under the interface or neighbor statement. All three of these would accomplish the same result. -Original Message- From: cebuano [mailto:[EMAIL PROTECTED]] Sent: Sunday, September 29, 2002 11:34 PM To: [EMAIL PROTECTED] Subject: BGP Aggregation in IOS 12.2 [7:54528] Hi all. Has 12.2 changed in that when you do an aggregate-address the configured router only shows the aggregate route and not include the more-specific ( or aggregatED ) routes? Here's what I got... This config is supposed to allow me to advertise both the aggregate and more-specific routes. But if this has changed then i'll have to think of another solution... Thanks. Elmer Stowe-2504#s ! interface Loopback10 ip address 192.168.192.1 255.255.255.0 ! interface Loopback11 ip address 192.168.193.1 255.255.255.0 ! interface Loopback12 ip address 192.168.194.1 255.255.255.0 ! interface Loopback13 ip address 192.168.195.1 255.255.255.0 ! interface Loopback14 ip address 192.168.196.1 255.255.255.0 ! interface Loopback15 ip address 192.168.197.1 255.255.255.0 ! interface Loopback16 ip address 192.168.198.1 255.255.255.0 ! interface Loopback17 ip address 192.168.199.1 255.255.255.0 ! interface Serial0 bandwidth 64 ip address 192.168.1.254 255.255.255.252 ! router eigrp 100 network 192.168.199.0 ! router bgp 100 aggregate-address 192.168.192.0 255.255.248.0 redistribute eigrp 100 neighbor 192.168.1.253 remote-as 200 neighbor 192.168.1.253 send-community neighbor 192.168.1.253 route-map community out ! access-list 101 permit ip host 192.168.192.0 host 255.255.248.0 route-map community permit 10 match ip address 101 set community none ! route-map community permit 20 set community no-export ! Stowe-2504#sh ip bgp BGP table version is 9, local router ID is 192.168.199.1 Status codes: s suppressed, d damped, h history, * valid, best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path * 192.168.192.0/21 0.0.0.032768 i * 192.168.199.00.0.0.0 0 32768 ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54534t=54528 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PPPoE on Cisco 2500 [7:54139]
Thanks a lot ! Rahul Kachalia a icrit dans le message de news: [EMAIL PROTECTED] Yes it does. thanks, rahul. lab# lab#s ver Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), Version 12.2(8)T, RELEASE SOFTWARE (fc2) TAC Support: http://www.cisco.com/tac Copyright (c) 1986-2002 by cisco Systems, Inc. Compiled Wed 13-Feb-02 21:11 by ccai Image text-base: 0x0306DA78, data-base: 0x1000 ROM: System Bootstrap, Version 11.0(10c)XB1, PLATFORM SPECIFIC RELEASE SOFTWARE (fc1) BOOTLDR: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c)XB1, PLATFORM SP ECIFIC RELEASE SOFTWARE (fc1) lab uptime is 18 weeks, 5 days, 4 hours, 50 minutes System returned to ROM by reload System image file is flash:c2500-is-l.122-8.T cisco AS2511-RJ (68030) processor (revision K) with 14336K/2048K bytes of memory FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54207t=54139 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP Route Reflector Question [7:54187]
It depends on router B IP Address ... (172.16.12.1 or 12.2 ?) Abu Mwalie a icrit dans le message de news: [EMAIL PROTECTED] Hi All, Please, I have this question here which I do not seem to get: Question. You want to configure Router A as a BGP reflector and Router B as its client. Which three commands are necessary on Router A? (Choose three). A. Router BGP 65000 B. Neighbor 172.16.12.1 as 65000 C. Route-reflector-client 172.16.12.1 D. Neighbor 172.16.12.1 remote-as 65000 E. Neighbor 172.16.12.2 remote-as 65000 F. Neighbor 172.16.12.1 route-reflector-client G. Neighbor 172.16.12.2 route-reflector-client My comment: A is correct; B and C are definitely out. How about the rest? How do you choose which is which (D/F or E/G)?? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54208t=54187 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Inbound traffic and two BGP paths [7:54192]
I think it's hard problem ... First, with your configured policies. Traffic from Internet will not be loadbalanced, without configuration (maximum-paths), BGP chooses only ONE path ... (oldest one between eBGP paths then lowest routerid, then lowest IP address). One solution (the only I see) is to implement policy-based routing. So on your ATM subinterfaces, u have ton configure one route-map (one for each interface). Example : interface ATM1/0.100 ip policy route-map FROM_SPRINT in ! ! interface ATM1/0.200 ip policy route-map FROM_TELIA in ! route-map FROM_TELIA set ip nexthop 40.40.40.2 ! route-map FROM_SPRINT set ip nexthop 30.30.30.2 I don't think that u can do what u want, just by using BGP attributes, because u can only prefer destinations based on source of routing information (but not prefer these destinations based on source of packets). If anyone know a way to do it with only BGP, explain me ! ot's a very hard problem ... --- Stephane Litkowski CCNA + CCNP TMS a icrit dans le message de news: [EMAIL PROTECTED] Hello I have question regarding BGP protocol. I have router with two BGP connections to Tier-1 providers - Sprint and Telia. To this router I connected also customer which wants two links, first to Sprint and second for Telia. I created each link using separate BGP session and separate E1/Serial interface. My question is about inbound traffic from Sprint and Telia. Is this traffic go to customer through good interface ? Or router do load-balancing between Serial2/0 and Serial2/1 (equal BGP paths to customer) ? My idea is: traffic from Sprint must return via Serial2/0 and traffic from Telia must return via Serial2/1. Router configurtion: ! interface ATM1/0 no ip address ! interface ATM1/0.100 description Sprint (AS1239) bandwidth 1 ip address 10.10.10.2 255.255.255.252 pvc 0/100 enapsulation aal5snap vbr-nrt 1 1 ! ! interface ATM1/0.200 description Telia (AS1299) bandwidth 1 ip address 20.20.20.2 255.255.255.252 pvc 0/200 enapsulation aal5snap vbr-nrt 1 1 ! ! interface Serial2/0 description Customer (AS200) - Sprint bandwidth 1000 ip address 30.30.30.1 255.255.252 ! interface Serial2/1 description Customer (AS200) - Telia bandwidth 1000 ip address 40.40.40.1 255.255.252 ! router bgp 100 network 30.30.30.0 mask 255.255.255.0 network 40.40.40.0 mask 255.255.255.0 ! neighbor 10.10.10.1 description Sprint neighbor 10.10.10.1 remote-as 1239 neighbor 10.10.10.1 filter-list 1 out ! neighbor 20.20.20.1 description Telia neighbor 20.20.20.1 remote-as 1299 neighbor 20.20.20.1 filter-list 1 out ! neighbor 30.30.30.2 descripion Customer - Sprint neighbor 30.30.30.2 remote-as 200 neighbor 30.30.30.2 filter-list 30 out neighbor 30.30.30.2 route-map SETLOC in ! neighbor 40.40.40.2 descripion Customer - Telia neighbor 40.40.40.2 remote-as 200 neighbor 40.40.40.2 filter-list 40 out neighbor 40.40.40.2 route-map SETLOC in ! ! ip as-path access-list 1 permit ^$ ip as-path access-list 30 permit ^1239_ ip as-path access-list 40 permit ^1299_ ! route-map SETLOC permit 10 set local-preference 1000 set community 100:1 ! best regards, Tommy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54212t=54192 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IBGP mesh and 'network' command [7:54195]
don't forget that for announcing 10/8 via network command, this route (10/8) must be present in routing table. If you're doing aggregation, u must use : ip route 10.0.0.0 255.0.0.0 Null0 for announcing the route. Stephane Abu Mwalie a icrit dans le message de news: [EMAIL PROTECTED] Yes, you need the network 10.0.0.0 command on all the 3 BGP routers. This network entity could, after all, be in the IP routing tables of the 3 routers. The next-hops should be different!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54213t=54195 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Very interresting : Routing bit positionning strange behavior [7:54235]
I found a strange behavior in cisco OSPF spf calculcation and routing bit positionning : Consider this design : LAN1(Area0) ASBR1 IP Tunnel1 (Area0) ASBR3 --(Area0)--- LAN2 -- FW | | | | --(Area0)--- ASBR2 -- IP Tunnel2 (Area0) ASBR4 (Area0)- ASBR3 4 (attached to LAN2) redistribute one static route pointing to the FW as External 2. the FW is NOT running OSPF. Each ASBR has his LAN interface running OSPF in Area 0 (wildcard is 0.0.0.0, so forwarding address of redistributed routes is 0.0.0.0 and not the FW). The IP tunnel interfaces are in area 0 too. The tunnel 1 has a cost of 100 The tunnel 2 has a cost of 200 On ASBR1 I can see two type 5 LSA (all captures are from ASBR1) : one for each ASBR. And one route in the routing table (best forwarding metric). All is good for the moment ! NB : I can reproduce this behavior with type 3 LSA. BUT, I can see in the database that the two LSAs have the routing bit set !! Router#sh ip ospf data external OSPF Router with ID (200.0.0.3) (Process ID 1) Type-5 AS External Link States Routing Bit Set on this LSA LS age: 1274 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 192.0.0.1 (External Network Number ) Advertising Router: 200.0.0.1 LS Seq Number: 8002 Checksum: 0xFC17 Length: 36 Network Mask: /32 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 0.0.0.0 External Route Tag: 0 Routing Bit Set on this LSA LS age: 1041 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 192.0.0.1 (External Network Number ) Advertising Router: 200.0.0.4 LS Seq Number: 8007 Checksum: 0xE02B Length: 36 Network Mask: /32 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 20 Forward Address: 0.0.0.0 External Route Tag: 0 If I debug, I can see that, the first LSA is analyzed, there's no route in routing table, so the LSA is putted in RT (routing bit set for the LSA). Then, the second LSA is analyzed (better fwd metric), the metric is changed in routing table (because NH is the same). and routing bit is set on the second LSA. The problem is that the routing bit is not reset on the first LSA, because the metric was just changed (route was not deleted). 03:10:04: OSPF: Started Building Type 5 External Routes 03:10:04: OSPF: Start processing Type 5 External LSA 192.0.0.1, mask 255.255.255 .255, adv 200.0.0.1, age 696, seq 0x8002, metric 20, metric-type 2 03:10:04:Add better path to LSA ID 192.0.0.1, gateway 22.0.0.1, dist 20 03:10:04:Add path: next-hop 22.0.0.1, interface Tunnel0 03:10:04: network update dest_addr 192.0.0.1 mask 255.255.255.255 gateway 22.0. 0.1 03:10:04: RT: add 192.0.0.1/32 via 22.0.0.1, ospf metric [110/20] 03:10:04:Add External Route to 192.0.0.1. Metric: 20, Next Hop: 22.0.0.1 03:10:04: OSPF: insert route list LS ID 192.0.0.1, type 5, adv rtr 200.0.0.1 03:10:04: OSPF: Start processing Type 5 External LSA 192.0.0.1, mask 255.255.255 .255, adv 200.0.0.4, age 463, seq 0x8007, metric 20, metric-type 2 03:10:04:Add better path to LSA ID 192.0.0.1, gateway 22.0.0.1, dist 20 03:10:04:Add path: next-hop 22.0.0.1, interface Tunnel0 03:10:04: network update dest_addr 192.0.0.1 mask 255.255.255.255 gateway 22.0. 0.1 03:10:04: RT: metric change to 192.0.0.1 via 22.0.0.1, ospf metric [110/20] new metric [110/20] 03:10:04:Add External Route to 192.0.0.1. Metric: 20, Next Hop: 22.0.0.1 03:10:04: OSPF: insert route list LS ID 192.0.0.1, type 5, adv rtr 200.0.0.4 03:10:04: OSPF: ex_delete_old_routes 03:10:04: OSPF: Started Building Type 7 External Routes 03:10:04: OSPF: ex_delete_old_routes To follow my meaning, I modify the router-id from ASBR4 200.0.0.1 to 200.0.0.10 (same LSA just changed router-id of the ASBR). With this, the first LSA become the last in cisco LSA processing. After clear ip ospf process (ASBR1 always), I can see this debug : 03:32:37: OSPF: Started Building Type 5 External Routes 03:32:37: OSPF: Start processing Type 5 External LSA 192.0.0.1, mask 255.255.255 .255, adv 200.0.0.4, age 691, seq 0x8009, metric 20, metric-type 2 03:32:37:Add better path to LSA ID 192.0.0.1, gateway 22.0.0.1, dist 20 03:32:37:Add path: next-hop 22.0.0.1, interface Tunnel0 03:32:37: network update dest_addr 192.0.0.1 mask 255.255.255.255 gateway 22.0. 0.1 03:32:37: RT: add 192.0.0.1/32 via 22.0.0.1, ospf metric [110/20] 03:32:37:Add External Route to 192.0.0.1. Metric: 20, Next Hop: 22.0.0.1 03:32:37: OSPF: insert route list LS ID 192.0.0.1, type 5, adv rtr 200.0.0.4 03:32:37: OSPF: Start processing Type 5 External LSA 192.0.0.1, mask 255.255.255 .255, adv 200.0.0.10, age 500, seq 0x8001, metric 20, metric-type 2 03:32:37: OSPF: higher forward cost The first LSA is inserted in routing table (because of no route at
Re: 1750 and MPLS [7:54016]
Which version ? Can we find it on the CCO ? Jim Tickle a icrit dans le message de news: [EMAIL PROTECTED] I would love to get a copy so I could experiment. I just want to run MPLS on a home pod so I can do some simple configurations in preparation for the CCIE Written. If anybody has a copy of it somewhere, please let me know... Thanks... Tic Oddy wrote:There is an experimental version of 12.0 that will run MPLS on the 2500. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Darren Ward Sent: Tuesday, September 24, 2002 9:28 PM To: [EMAIL PROTECTED] Subject: Re: 1750 and MPLS [7:54016] Can't find it for any 1700 platforms. IOS Feature Navigoator: http://www.cisco.com/go/fn/ Darren Ward (PGradCS, CCIE #8245, SCSA, CCDP, MCP) On Wed, 25 Sep 2002, Jim Tickle wrote: We've pretty much exhausted the possibility that MPLS can run on a 2500 series, but I've got a couple of 1750's, and perhaps they can help fill in. Does anybody know if there is a version of IOS for the 1750-2v's that will do MPLS (and perhaps voice with the same code)? The Tickler - Do you Yahoo!? New DSL Internet Access from SBC Yahoo! Do you Yahoo!? New DSL Internet Access from SBC Yahoo! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54037t=54016 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 1750 and MPLS [7:54016]
Do you have this image ? Oddy a icrit dans le message de news: [EMAIL PROTECTED] It's a 12.0 experimental version, so it was never meant to be used in a production network. That's why it isn't on CCO, but on one of their engineering servers instead. If anything goes wrong, TAC wont support the image. It was compiled by one of the engineers at Cisco to test MPLS using lower end routers for cost reasons. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Stephane Litkowski Sent: Wednesday, September 25, 2002 3:40 AM To: [EMAIL PROTECTED] Subject: Re: 1750 and MPLS [7:54016] Which version ? Can we find it on the CCO ? Jim Tickle a icrit dans le message de news: [EMAIL PROTECTED] I would love to get a copy so I could experiment. I just want to run MPLS on a home pod so I can do some simple configurations in preparation for the CCIE Written. If anybody has a copy of it somewhere, please let me know... Thanks... Tic Oddy wrote:There is an experimental version of 12.0 that will run MPLS on the 2500. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Darren Ward Sent: Tuesday, September 24, 2002 9:28 PM To: [EMAIL PROTECTED] Subject: Re: 1750 and MPLS [7:54016] Can't find it for any 1700 platforms. IOS Feature Navigoator: http://www.cisco.com/go/fn/ Darren Ward (PGradCS, CCIE #8245, SCSA, CCDP, MCP) On Wed, 25 Sep 2002, Jim Tickle wrote: We've pretty much exhausted the possibility that MPLS can run on a 2500 series, but I've got a couple of 1750's, and perhaps they can help fill in. Does anybody know if there is a version of IOS for the 1750-2v's that will do MPLS (and perhaps voice with the same code)? The Tickler - Do you Yahoo!? New DSL Internet Access from SBC Yahoo! Do you Yahoo!? New DSL Internet Access from SBC Yahoo! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54070t=54016 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PPPoE on Cisco 2500 [7:54139]
Does anyone experienced PPPoE configuration on a 2500 router ? Does this feature exist in IOS for 2500 ? (nothing on feature navigator). Thanks for help. Stephane Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54139t=54139 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP AS Path Regular Expressions [7:53956]
Hi all, I'm trying to find a regexp to match AS PATH including AS200 only, but AS200 can be contained more than one time (AS PATH prepending). Example : 200 - Match 200 200 - Match 200 200 200 - Match 200 200 200 300 - Don't Match I tried to use this regexp : ^(200)+$ but it doesn't work, why ? However, the regexps : ^(200_)+$ seems to work. Can someone explain me why the first regexp doesn't work ? thanks. Stephane Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53956t=53956 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: URGENT: problem with load balancing accross tw [7:53901]
I just done a test to verify ... Fast switching cache is established based on egress interfaces. So when a packet comes on an ingress interface (cache empty), first packet is routed (process switched) and an entry is cached for egress Interface (sh ip cache). If I disable fast switching on the egress interface, the entry disappears and no more entry are cached for this interface when packet come. For me, issuing the command no ip route-cache on an interface, disables caching for this interface. Stephane Priscilla Oppenheimer a icrit dans le message de news: [EMAIL PROTECTED] Stephane Litkowski wrote: If you don't want to (or can't) use CEF, just use the command : no ip route-cache on destination interfaces to desactivate FAST SWITCHING. Destination interfaces or ingress interfaces? I would think you would disable it on the incoming interfaces to disable the automatic behavior of using the fast-switching cache when a packet comes in. Correct me if I'm wrong, please. Thanks. Priscilla NB : using CEF is more efficient than using PROCESS SWITCHING. Stephane Russell Heilling a icrit dans le message de news: [EMAIL PROTECTED] afshin wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have got two internet links from two ISPs boths of which are directly connected to the lan . I would like to set the default gateway of my clients to the 3660 router I have on my network so that it will load balance the outgoing traffic accross the two seperate internet links. I though maybe two equal cost default routes would result in load balancing between equal cost paths . but it didn't work. Is there a command to allow load-balancing between equal cost static routes , that I am missing ? Policy routing is not quite what I want because the load will not be quite balanced. Any clues ? Default load balancing is per destination, so if you are testing from a single workstation you will always hit the same link. To get a more even load sharing you'll want to enable per packet load sharing. To do this globally enable CEF (ip cef in global config mode), and then add the following command to the interface config on the interfaces connecting to the ISPs: ip load-sharing per-packet. Hope this helps. Russell Heilling http://www.ccie.org.uk/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53963t=53901 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP AS Path Regular Expressions [7:53956]
Kent, As u said, ^(200)+$ will match my ASPATHs but not only ... However, when I configure it, this expression doesn't match ASPATH prepended like 200 200 200 (but 200 is present !). The not prepended ASPATH (200 only) is matched. I don't understand this behavior. Kent Yu a icrit dans le message de news: [EMAIL PROTECTED] Stephane, ^(200)+$ matches 200 or 200200 etc.. Of course, in case of as-path, it will only find 200. You want to use _ to match the space between the as-nums, so IOS will try to match the whole as-path. HTH Kent Stephane Litkowski wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, I'm trying to find a regexp to match AS PATH including AS200 only, but AS200 can be contained more than one time (AS PATH prepending). Example : 200 - Match 200 200 - Match 200 200 200 - Match 200 200 200 300 - Don't Match I tried to use this regexp : ^(200)+$ but it doesn't work, why ? However, the regexps : ^(200_)+$ seems to work. Can someone explain me why the first regexp doesn't work ? thanks. Stephane Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53964t=53956 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP AS Path Regular Expressions [7:53956]
Ok that's clear now !! thank you very much for your help. Kent Yu a icrit dans le message de news: [EMAIL PROTECTED] Stephane, As u said, ^(200)+$ will match my ASPATHs but not only ... I am afraid that was not what I said :) However, when I configure it, this expression doesn't match ASPATH prepended like 200 200 200 (but 200 is present !). The not prepended ASPATH (200 only) is matched. I don't understand this behavior. As I said, ^(200)+$ would match 200 ONLY, we only have 2 bytes for the as-number, 200200 will not show up in a router. When you give IOS 200 200 200, it sees the spaces between the numbers, ^(200)+$ tells it to match some 200s without anything else in between them, space is something. Since you have ^ and $, it can not have anything before and after these 200s either. After reading the first 200, it expects the next thing is either 2 or end of line, but it sees the space following the first 200 in 200 200 200, that's a no-no. Kent Kent Yu a icrit dans le message de news: [EMAIL PROTECTED] Stephane, ^(200)+$ matches 200 or 200200 etc.. Of course, in case of as-path, it will only find 200. You want to use _ to match the space between the as-nums, so IOS will try to match the whole as-path. HTH Kent Stephane Litkowski wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, I'm trying to find a regexp to match AS PATH including AS200 only, but AS200 can be contained more than one time (AS PATH prepending). Example : 200 - Match 200 200 - Match 200 200 200 - Match 200 200 200 300 - Don't Match I tried to use this regexp : ^(200)+$ but it doesn't work, why ? However, the regexps : ^(200_)+$ seems to work. Can someone explain me why the first regexp doesn't work ? thanks. Stephane Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53992t=53956 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: URGENT: problem with load balancing accross two internet [7:53901]
If you don't want to (or can't) use CEF, just use the command : no ip route-cache on destination interfaces to desactivate FAST SWITCHING. NB : using CEF is more efficient than using PROCESS SWITCHING. Stephane Russell Heilling a icrit dans le message de news: [EMAIL PROTECTED] afshin wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have got two internet links from two ISPs boths of which are directly connected to the lan . I would like to set the default gateway of my clients to the 3660 router I have on my network so that it will load balance the outgoing traffic accross the two seperate internet links. I though maybe two equal cost default routes would result in load balancing between equal cost paths . but it didn't work. Is there a command to allow load-balancing between equal cost static routes , that I am missing ? Policy routing is not quite what I want because the load will not be quite balanced. Any clues ? Default load balancing is per destination, so if you are testing from a single workstation you will always hit the same link. To get a more even load sharing you'll want to enable per packet load sharing. To do this globally enable CEF (ip cef in global config mode), and then add the following command to the interface config on the interfaces connecting to the ISPs: ip load-sharing per-packet. Hope this helps. Russell Heilling http://www.ccie.org.uk/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53901t=53901 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Multilink PPPOE on ADSL [7:53473]
Hi all, Does someone (especially in France) try to aggregate two ADSL lines using Multilink PPPoE ? Does Cisco PPPoE client support this ? Does Freebsd support this ? Does the DSLAMs (in France) support this feature ? Thanks for help, Stephane Litkowski Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53473t=53473 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Multilink PPPOE on ADSL [7:53473]
I think I was wrong, the problem is not the DSLAM, but the BAS ... so does the BAS support this ? Stephane Litkowski a icrit dans le message de news: [EMAIL PROTECTED] Hi all, Does someone (especially in France) try to aggregate two ADSL lines using Multilink PPPoE ? Does Cisco PPPoE client support this ? Does Freebsd support this ? Does the DSLAMs (in France) support this feature ? Thanks for help, Stephane Litkowski Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53474t=53473 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Callmanager installation [7:52946]
I tried to install Callmanager 2.4.5 on a Windows 2000 Server with SQL Server 7 (upgraded to SP4). And when I launch setup, it says that I need Service Pack 4 at least for Y2k updates. What does it mean ? Service Pack for what ? thanks for help. -- Stephane LITKOWSKI Student in a French computer science school EPITA Telecom Network specialization (Paris, FRANCE) CCNA + CCNP EMail : [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52946t=52946 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF NSSA [7:52122]
Hi all, I have some questions about Type 7 LSA default-routes propagated by ABRs. Consider a NSSA with two ABRs. Each ABR propagate a default route with a cost of 100 (commands are : area 1 nssa default-originate area 1 default-cost 100). On a Internal router directly connected to each ABR, I can see that only one default route is in the routing table : O*N2 0.0.0.0/0 [110/100] via 193.0.0.2, Ethernet0 But the two LSA are in the database : IR_AS200_AREA1#sh ip ospf database nssa-external OSPF Router with ID (192.168.108.3) (Process ID 1) Type-7 AS External Link States (Area 1) Routing Bit Set on this LSA LS age: 1702 Options: (No TOS-capability, No Type 7/5 translation, DC) LS Type: AS External Link Link State ID: 0.0.0.0 (External Network Number ) Advertising Router: 192.168.108.2 LS Seq Number: 8001 Checksum: 0x4F63 Length: 36 Network Mask: /0 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 100 Forward Address: 193.0.0.2 External Route Tag: 0 LS age: 318 Options: (No TOS-capability, No Type 7/5 translation, DC) LS Type: AS External Link Link State ID: 0.0.0.0 (External Network Number ) Advertising Router: 192.168.108.4 LS Seq Number: 8003 Checksum: 0xF37B Length: 36 Network Mask: /0 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 100 Forward Address: 2.0.0.1 External Route Tag: 0 My first question is, why does the IR choose one default route and not the both ? With more investigation, I can see that it prefer the link with the highest bandwidth. If I increase the bandwidth of the other link, the nexthop change : O*N2 0.0.0.0/0 [110/100] via 2.0.0.1, Serial0 if bandwidth are equal, the both routes are introduced : O*N2 0.0.0.0/0 [110/100] via 193.0.0.2, Ethernet0 [110/100] via 2.0.0.1, Serial0 Why does it consider cost of the link ? My other question is, on the ABR. I can see that the 0.0.0.0 LSA are in the database. The First one is not computed because selforiginated but why the other is not computed ? (It's a type 7 LSA , not type 3). Thanks for help. -- Stephane LITKOWSKI Student in a French computer science school EPITA Telecom Network specialization (Paris, FRANCE) CCNA + CCNP EMail : [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52122t=52122 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF NSSA [7:52122]
For the first problem, I can see in routing table the concept of Forward metric, if bandwidth are unequal, first route has : IR_AS200_AREA1#sh ip route 0.0.0.0 Routing entry for 0.0.0.0/0, supernet Known via ospf 1, distance 110, metric 100, candidate default path, type NSS A extern 2, forward metric 10 Redistributing via ospf 1 Last update from 193.0.0.2 on Ethernet0, 00:00:00 ago Routing Descriptor Blocks: * 193.0.0.2, from 192.168.108.2, 00:00:00 ago, via Ethernet0 Route metric is 100, traffic share count is 1 If I shut down the ethernet link, the second route goes up : IR_AS200_AREA1#sh ip route 0.0.0.0 Routing entry for 0.0.0.0/0, supernet Known via ospf 1, distance 110, metric 100, candidate default path, type NSS A extern 2, forward metric 64 Redistributing via ospf 1 Last update from 2.0.0.1 on Serial0, 00:00:00 ago Routing Descriptor Blocks: * 2.0.0.1, from 192.168.108.4, 00:00:00 ago, via Serial0 Route metric is 100, traffic share count is 1 Does the concept of forward metric influence the choose of routes for NSSA ? Stephane LITKOWSKI a icrit dans le message de news: [EMAIL PROTECTED] Hi all, I have some questions about Type 7 LSA default-routes propagated by ABRs. Consider a NSSA with two ABRs. Each ABR propagate a default route with a cost of 100 (commands are : area 1 nssa default-originate area 1 default-cost 100). On a Internal router directly connected to each ABR, I can see that only one default route is in the routing table : O*N2 0.0.0.0/0 [110/100] via 193.0.0.2, Ethernet0 But the two LSA are in the database : IR_AS200_AREA1#sh ip ospf database nssa-external OSPF Router with ID (192.168.108.3) (Process ID 1) Type-7 AS External Link States (Area 1) Routing Bit Set on this LSA LS age: 1702 Options: (No TOS-capability, No Type 7/5 translation, DC) LS Type: AS External Link Link State ID: 0.0.0.0 (External Network Number ) Advertising Router: 192.168.108.2 LS Seq Number: 8001 Checksum: 0x4F63 Length: 36 Network Mask: /0 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 100 Forward Address: 193.0.0.2 External Route Tag: 0 LS age: 318 Options: (No TOS-capability, No Type 7/5 translation, DC) LS Type: AS External Link Link State ID: 0.0.0.0 (External Network Number ) Advertising Router: 192.168.108.4 LS Seq Number: 8003 Checksum: 0xF37B Length: 36 Network Mask: /0 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 100 Forward Address: 2.0.0.1 External Route Tag: 0 My first question is, why does the IR choose one default route and not the both ? With more investigation, I can see that it prefer the link with the highest bandwidth. If I increase the bandwidth of the other link, the nexthop change : O*N2 0.0.0.0/0 [110/100] via 2.0.0.1, Serial0 if bandwidth are equal, the both routes are introduced : O*N2 0.0.0.0/0 [110/100] via 193.0.0.2, Ethernet0 [110/100] via 2.0.0.1, Serial0 Why does it consider cost of the link ? My other question is, on the ABR. I can see that the 0.0.0.0 LSA are in the database. The First one is not computed because selforiginated but why the other is not computed ? (It's a type 7 LSA , not type 3). Thanks for help. -- Stephane LITKOWSKI Student in a French computer science school EPITA Telecom Network specialization (Paris, FRANCE) CCNA + CCNP EMail : [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52123t=52122 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DCT,DTE [7:52117]
What speed did you configure ? Mohamed Saro a icrit dans le message de news: [EMAIL PROTECTED] that was configured but the interfaces flaps up and down Best Regards, Mohamed Saro Network Division Manager T.E. DATA Tel: +20-10 -1663531 Tel: +20- 2 -7494025 Ext:1102 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 27, 2002 10:24 AM To: [EMAIL PROTECTED] Subject: RE: DCT,DTE [7:52117] On the DCE interface you have to enter the following command: clock rate . Rgrds Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52131t=52117 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF NSSA [7:52122]
Found question 2 answer in the RFC 1587 : If the destination is the default route (destination = DefaultDestination) and if the originator of the LSA and the calculating router are both NSSA area border routers do nothing with this LSA and consider the next in the list. Stephane LITKOWSKI a icrit dans le message de news: [EMAIL PROTECTED] For the first problem, I can see in routing table the concept of Forward metric, if bandwidth are unequal, first route has : IR_AS200_AREA1#sh ip route 0.0.0.0 Routing entry for 0.0.0.0/0, supernet Known via ospf 1, distance 110, metric 100, candidate default path, type NSS A extern 2, forward metric 10 Redistributing via ospf 1 Last update from 193.0.0.2 on Ethernet0, 00:00:00 ago Routing Descriptor Blocks: * 193.0.0.2, from 192.168.108.2, 00:00:00 ago, via Ethernet0 Route metric is 100, traffic share count is 1 If I shut down the ethernet link, the second route goes up : IR_AS200_AREA1#sh ip route 0.0.0.0 Routing entry for 0.0.0.0/0, supernet Known via ospf 1, distance 110, metric 100, candidate default path, type NSS A extern 2, forward metric 64 Redistributing via ospf 1 Last update from 2.0.0.1 on Serial0, 00:00:00 ago Routing Descriptor Blocks: * 2.0.0.1, from 192.168.108.4, 00:00:00 ago, via Serial0 Route metric is 100, traffic share count is 1 Does the concept of forward metric influence the choose of routes for NSSA ? Stephane LITKOWSKI a icrit dans le message de news: [EMAIL PROTECTED] Hi all, I have some questions about Type 7 LSA default-routes propagated by ABRs. Consider a NSSA with two ABRs. Each ABR propagate a default route with a cost of 100 (commands are : area 1 nssa default-originate area 1 default-cost 100). On a Internal router directly connected to each ABR, I can see that only one default route is in the routing table : O*N2 0.0.0.0/0 [110/100] via 193.0.0.2, Ethernet0 But the two LSA are in the database : IR_AS200_AREA1#sh ip ospf database nssa-external OSPF Router with ID (192.168.108.3) (Process ID 1) Type-7 AS External Link States (Area 1) Routing Bit Set on this LSA LS age: 1702 Options: (No TOS-capability, No Type 7/5 translation, DC) LS Type: AS External Link Link State ID: 0.0.0.0 (External Network Number ) Advertising Router: 192.168.108.2 LS Seq Number: 8001 Checksum: 0x4F63 Length: 36 Network Mask: /0 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 100 Forward Address: 193.0.0.2 External Route Tag: 0 LS age: 318 Options: (No TOS-capability, No Type 7/5 translation, DC) LS Type: AS External Link Link State ID: 0.0.0.0 (External Network Number ) Advertising Router: 192.168.108.4 LS Seq Number: 8003 Checksum: 0xF37B Length: 36 Network Mask: /0 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 100 Forward Address: 2.0.0.1 External Route Tag: 0 My first question is, why does the IR choose one default route and not the both ? With more investigation, I can see that it prefer the link with the highest bandwidth. If I increase the bandwidth of the other link, the nexthop change : O*N2 0.0.0.0/0 [110/100] via 2.0.0.1, Serial0 if bandwidth are equal, the both routes are introduced : O*N2 0.0.0.0/0 [110/100] via 193.0.0.2, Ethernet0 [110/100] via 2.0.0.1, Serial0 Why does it consider cost of the link ? My other question is, on the ABR. I can see that the 0.0.0.0 LSA are in the database. The First one is not computed because selforiginated but why the other is not computed ? (It's a type 7 LSA , not type 3). Thanks for help. -- Stephane LITKOWSKI Student in a French computer science school EPITA Telecom Network specialization (Paris, FRANCE) CCNA + CCNP EMail : [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52145t=52122 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2502 Memory/Flash [7:51387]
You're nearly right ... Your router has 8 MB of FLASH but 4 MB of DRAM (2 MB are used for main memory and 2 MB for I/O shared memory) - maybe a 2 MB SIMM and 2 MB of onboard DRAM. Please check this link for more details : http://www.cisco.com/warp/public/63/arch_2500_5750.shtml Hope it helps. -- Stephane LITKOWSKI Student in a French computer science school EPITA Telecom Network specialization (Paris, FRANCE) CCNA + CCNP EMail : [EMAIL PROTECTED] Robert D. Cluett a icrit dans le message de news: [EMAIL PROTECTED] All, am I reading this right? Does this state that there is 8MB Flash and 2MB of DRAM? If so, what do I need to do to get it to the latest version of IOS that Cisco uses for the tests? Help would be more than appreciated! cisco 2500 (68030) processor (revision L) with 2048K/2048K bytes of memory. Processor board ID 06992214, with hardware revision Bridging software. X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. 1 Token Ring/IEEE 802.5 interface(s) 2 Serial network interface(s) 32K bytes of non-volatile configuration memory. 8192K bytes of processor board System flash (Read ONLY) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51392t=51387 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: bgp prefix number [7:51354]
sh ip bgp neighbors RR_LDCOM#sh ip bgp neighbors BGP neighbor is 10.0.0.1, remote AS 254, external link (...) For address family: IPv4 Unicast BGP table version 6, neighbor version 0 Index 1, Offset 0, Mask 0x2 0 accepted prefixes consume 0 bytes - Prefix advertised 0, suppressed 0, withdrawn 0 Number of NLRIs in the update sent: max 0, min 0 or sh ip bgp neighbors x.x.x.x advertised-routes So PaulDong a icrit dans le message de news: [EMAIL PROTECTED] Hi all, What command can I use to find out how many prefixes I am advertising via bgp? Thanks in advance Paul Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51395t=51354 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP and HSRP [7:49807]
Ok, for me it was implicit to configure outbound filtering to upstream in order to not become Transit AS. Jason Greenberg a icrit dans le message de news: [EMAIL PROTECTED] No, the filter lists would only be to prevent the default route from being advertised back out the other upstream link. Note that usually the BGP AS-path loop avoidance rules will prevent a problem in this scenario (especially with only the default route being advertised), but in a more advanced scenario, or if the upstream ISP were using 2 ASNs, one for each link (who knows, but sometimes it happens), then the ISP could consider this poor guy's 2 2600's as a short path back to the rest of their network. I think the general rule of thumb is always filter BGP advertisements. I like to be in complete control of what I'm advertising to other ASs. On Sat, 2002-07-27 at 14:27, Stephane LITKOWSKI wrote: A couple of suggestions: 1) If you run iBGP, be *sure* not to advertize the default route learned from one edge router, through iBGP to the other edge router, and back out the other upstream. You can use a filter list to prevent that. I agree with you about your technique but : Why do you want to prevent 0.0.0.0 to be advertized via the iBGP ? I think, if each edge router, advertize his eBGP-learned default route to his iBGP peer, each edge router have 2 default routes and so will prefer the EBGP path. And if the EBGP path is lost, iBGP path is used (and so if other routers are on the same LAN, ICMP redirect is generated pointing to the second edge router). NB : I think that HSRP will desactivate ICMP redirects on the configured interface. And so if u want to use it, u have to reenable it. 2) I would highly recommend running an IGP such as OSPF on all your routers. Remember, that's what routers are there for; routing protocols don't make things more complicated or flakey, but in fact it simplifies things and makes your network more robust. I notice this is a common misconception about using only static routes, and I have much experience on the matter. Static routes break things, especially when you have more than one potential path, like you are suggesting. Don't be afraid to let your firewall learn the correct default route from the redistributed EGP. I think it's really the best (and easier) solution. -- Jason Greenberg, CCNP Network Administrator Execulink, Inc. [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49918t=49807 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP and HSRP [7:49807]
A couple of suggestions: 1) If you run iBGP, be *sure* not to advertize the default route learned from one edge router, through iBGP to the other edge router, and back out the other upstream. You can use a filter list to prevent that. I agree with you about your technique but : Why do you want to prevent 0.0.0.0 to be advertized via the iBGP ? I think, if each edge router, advertize his eBGP-learned default route to his iBGP peer, each edge router have 2 default routes and so will prefer the EBGP path. And if the EBGP path is lost, iBGP path is used (and so if other routers are on the same LAN, ICMP redirect is generated pointing to the second edge router). NB : I think that HSRP will desactivate ICMP redirects on the configured interface. And so if u want to use it, u have to reenable it. 2) I would highly recommend running an IGP such as OSPF on all your routers. Remember, that's what routers are there for; routing protocols don't make things more complicated or flakey, but in fact it simplifies things and makes your network more robust. I notice this is a common misconception about using only static routes, and I have much experience on the matter. Static routes break things, especially when you have more than one potential path, like you are suggesting. Don't be afraid to let your firewall learn the correct default route from the redistributed EGP. I think it's really the best (and easier) solution. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49893t=49807 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IBGP Usage for enterprise company network [7:49736]
If you have just one BGP edge router, u don't need to use iBGP. But if you have many ISP, with many edge routers. iBGP is very useful to pass BGP attributes from one edge to another and so making global decisions for exiting the AS based on BGP attributes (for example, using local-pref propagated by iBGP to prefer an exit path to your AS). Depending on your network design, this kind of architecture can result in routing loops (in some cases) if all routers are not BGP routers. = please read the article :BGP and HSRP [7:49807] for some example of use of iBGP in customer network. Hope it helps. -- Stephane LITKOWSKI Student in a French computer science school EPITA Telecom Network specialization (Paris, FRANCE) CCNA + CCNP EMail : [EMAIL PROTECTED] hinwoto a icrit dans le message de news: [EMAIL PROTECTED] Hello guys, I'm a newbie in BGP, please forgive me for asking begineer question of IBGP I can see IBGP usage for transit AS in ISP network which is for updating the AS path when BGP routes are redistribute into IGP or it's configure no synchronization with IGP. However, it makes me confuse about IBGP usage in enterprise company network, since - enterprise company won't want to be transit AS and will just received packets for its AS as well as received default route from ISP - moreover, the external AS update will not be advertised by the edge BGP router into other routers within the same AS if synchronizatioin with IGP is enabled. Can anyone please show me the light of this issue, IBGP usage for company network ? Thanks and best regards Hinwoto Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49894t=49736 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 11050 dropping packets [7:49169]
I never see this problem on CSSs. I done some tests on HTTP1.0 and 1.1 one year ago using ap0405068b and it worked fine. What do you mean by 1.1 doesn't seem to send the full header info ? what info are missing ? I just took some traces of HTTP 1.1 traffic and header are like HTTP 1.0 (the big difference between 1.0 and 1.1 fr loadbalancers is that one TCP connection can be used for transferring many objects in 1.1. In 1.0, one object download = one TCP connection). BH a icrit dans le message de news: [EMAIL PROTECTED] Hi, Has anyone seen a problem with the 11050 load balancer dropping packets from http 1.1 browsers? Http 1.0 seem to work fine but 1.1 doesnt seem to send the full header info and the 11050 drops packets like mad. Software version 4.00 build 3 Hardware Major version: 02 Hardware Minor version: 0 Thanks! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49895t=49169 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF summarizing BGP redistributed routes into 0/0 [7:49552]
Thanks all for the replies ... Conditionnal default route propagation works fine using default-information with route-map. I thought that default-originate with route-map (for conditionnal propagation purpose) worked only in BGP ... Wes a icrit dans le message de news: [EMAIL PROTECTED] Stephane, You're missing the default-information originate command. 0/0 can not be propagated into OSFP without it. Static, conditional, dynamic, redistributed, it doesn't matter. You need that statement to allow the 0/0 route into OSPF. (No doubt why it's showing up in the database but not in the route-tables - your logic is correct and the route is being summarized, but not allowed in) Read up on the default-information command; it's a neat one. You can do the conditional advertisement you're looking for with this command - and make it very specific using a route-map. Good Luck --Wes Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49552t=49552 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF summarizing BGP redistributed routes into 0/0 [7:49429]
Hi all, I tried to use the summary-address OSPF command to summarize learned BGP routes to a default summary route (0/0) and it seems that it doesn't work. (fake BGP routes) - router A 1.0.0.0/32 (OSPF) - router B Router A : -- router ospf 1 log-adjacency-changes summary-address 0.0.0.0 0.0.0.0 redistribute bgp 1 subnets network 1.0.0.0 0.255.255.255 area 0 ! router bgp 1 bgp log-neighbor-changes network 5.0.0.0 network 6.0.0.0 network 7.0.0.0 network 8.0.0.0 network 9.0.0.0 network 10.0.0.0 ! ip classless ip route 5.0.0.0 255.0.0.0 Null0 ip route 6.0.0.0 255.0.0.0 Null0 ip route 7.0.0.0 255.0.0.0 Null0 ip route 8.0.0.0 255.0.0.0 Null0 ip route 9.0.0.0 255.0.0.0 Null0 ip route 10.0.0.0 255.0.0.0 FastEthernet0 Router B : -- router ospf 1 log-adjacency-changes network 1.0.0.0 0.255.255.255 area 0 On the router A, I can see that type 5 LSA is installed for 0/0 and propagated to neighbor : CustomerA#sh ip ospf database OSPF Router with ID (192.168.254.254) (Process ID 1) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 192.168.108.4 192.168.108.4 592 0x8003 0x6121 2 192.168.254.254 192.168.254.254 592 0x8006 0x7C72 2 Type-5 AS External Link States Link ID ADV Router Age Seq# Checksum Tag 0.0.0.0 192.168.254.254 4 0x8001 0x2A22 0 But after some seconds, the external LSA is aged out and so disappears (by what ) : CustomerA#sh ip ospf database OSPF Router with ID (192.168.254.254) (Process ID 1) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 192.168.108.4 192.168.108.4 593 0x8003 0x6121 2 192.168.254.254 192.168.254.254 593 0x8006 0x7C72 2 Type-5 AS External Link States Link ID ADV Router Age Seq# Checksum Tag 0.0.0.0 192.168.254.254 36000x8002 0x301B 1 CustomerA#sh ip ospf database OSPF Router with ID (192.168.254.254) (Process ID 1) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 192.168.108.4 192.168.108.4 597 0x8003 0x6121 2 192.168.254.254 192.168.254.254 596 0x8006 0x7C72 2 If I use another summary-address (like 4.0.0.0/6 or 8.0.0.0/5), it works fine (external LSAs are not aged out). Why this use doesn't work ? What happens ? Why the LSA is aged out ? The purpose of this test was to conditionnaly advertise default routes (if BGP routes disappears, default route disappears). NB : router A is 1750 router with IOS 12.1(14) Thanks for help, -- Stephane LITKOWSKI Student in a French computer science school EPITA Telecom Network specialization CCNA + CCNP EMail : [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49429t=49429 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF summarizing BGP redistributed routes into 0/0 [7:49461]
Hi all, I tried to use the summary-address OSPF command to summarize learned BGP routes to a default summary route (0/0) and it seems that it doesn't work. (fake BGP routes) - router A 1.0.0.0/32 (OSPF) - router B Router A : -- router ospf 1 log-adjacency-changes summary-address 0.0.0.0 0.0.0.0 redistribute bgp 1 subnets network 1.0.0.0 0.255.255.255 area 0 ! router bgp 1 bgp log-neighbor-changes network 5.0.0.0 network 6.0.0.0 network 7.0.0.0 network 8.0.0.0 network 9.0.0.0 network 10.0.0.0 ! ip classless ip route 5.0.0.0 255.0.0.0 Null0 ip route 6.0.0.0 255.0.0.0 Null0 ip route 7.0.0.0 255.0.0.0 Null0 ip route 8.0.0.0 255.0.0.0 Null0 ip route 9.0.0.0 255.0.0.0 Null0 ip route 10.0.0.0 255.0.0.0 FastEthernet0 Router B : -- router ospf 1 log-adjacency-changes network 1.0.0.0 0.255.255.255 area 0 On the router A, I can see that type 5 LSA is installed for 0/0 and propagated to neighbor : CustomerA#sh ip ospf database OSPF Router with ID (192.168.254.254) (Process ID 1) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 192.168.108.4 192.168.108.4 592 0x8003 0x6121 2 192.168.254.254 192.168.254.254 592 0x8006 0x7C72 2 Type-5 AS External Link States Link ID ADV Router Age Seq# Checksum Tag 0.0.0.0 192.168.254.254 4 0x8001 0x2A22 0 But after some seconds, the external LSA is aged out and so disappears (by what ) : CustomerA#sh ip ospf database OSPF Router with ID (192.168.254.254) (Process ID 1) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 192.168.108.4 192.168.108.4 593 0x8003 0x6121 2 192.168.254.254 192.168.254.254 593 0x8006 0x7C72 2 Type-5 AS External Link States Link ID ADV Router Age Seq# Checksum Tag 0.0.0.0 192.168.254.254 36000x8002 0x301B 1 CustomerA#sh ip ospf database OSPF Router with ID (192.168.254.254) (Process ID 1) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 192.168.108.4 192.168.108.4 597 0x8003 0x6121 2 192.168.254.254 192.168.254.254 596 0x8006 0x7C72 2 If I use another summary-address (like 4.0.0.0/6 or 8.0.0.0/5), it works fine (external LSAs are not aged out). Why this use doesn't work ? What happens ? Why the LSA is aged out ? The purpose of this test was to conditionnaly advertise default routes (if BGP routes disappears, default route disappears). NB : router A is 1750 router with IOS 12.1(14) Thanks for help, -- Stephane LITKOWSKI Student in a French computer science school EPITA Telecom Network specialization CCNA + CCNP EMail : [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49461t=49461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF summarizing BGP redistributed routes into 0/0 [7:49471]
Some more informations : LSA for 0.0.0.0 (using summary-address) : CustomerA#sh ip ospf database external OSPF Router with ID (192.168.254.254) (Process ID 1) Type-5 AS External Link States LS age: 5 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 0.0.0.0 (External Network Number ) Advertising Router: 192.168.254.254 LS Seq Number: 8001 Checksum: 0x2A22 Length: 36 Network Mask: /0 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 1 Forward Address: 0.0.0.0 External Route Tag: 0 CustomerA#sh ip ospf database external OSPF Router with ID (192.168.254.254) (Process ID 1) Type-5 AS External Link States Delete flag is set for this LSA LS age: MAXAGE(3600) Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 0.0.0.0 (External Network Number ) Advertising Router: 192.168.254.254 LS Seq Number: 8002 Checksum: 0x301B Length: 36 Network Mask: /0 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 16777215 Forward Address: 0.0.0.0 External Route Tag: 1 LSA for 4.0.0.0 8.0.0.0 summary routes : CustomerA#sh ip ospf database external OSPF Router with ID (192.168.254.254) (Process ID 1) Type-5 AS External Link States LS age: 11 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 4.0.0.0 (External Network Number ) Advertising Router: 192.168.254.254 LS Seq Number: 8001 Checksum: 0xEC5E Length: 36 Network Mask: /6 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 1 Forward Address: 0.0.0.0 External Route Tag: 0 LS age: 11 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 8.0.0.0 (External Network Number ) Advertising Router: 192.168.254.254 LS Seq Number: 8002 Checksum: 0xAA9F Length: 36 Network Mask: /5 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 1 Forward Address: 0.0.0.0 External Route Tag: 0 LSA 0.0.0.0 using default-originate command - works fine CustomerA#sh ip ospf database external OSPF Router with ID (192.168.254.254) (Process ID 1) Type-5 AS External Link States LS age: 13 Options: (No TOS-capability, DC) LS Type: AS External Link Link State ID: 0.0.0.0 (External Network Number ) Advertising Router: 192.168.254.254 LS Seq Number: 8001 Checksum: 0x3C0F Length: 36 Network Mask: /0 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 1 Forward Address: 0.0.0.0 External Route Tag: 1 So there's no difference, I just saw that using summary-address, the LSA 0.0.0.0 as an external route tag set to 0 and set to 1 when it is aged out. I done the same test using a cisco 2500 router with IOS 12.2, and it's the same, LSA is prematurely aged out when using summary-address command. Thanks for the help. Stephane Stephane LITKOWSKI a icrit dans le message de news: [EMAIL PROTECTED] Hi all, I tried to use the summary-address OSPF command to summarize learned BGP routes to a default summary route (0/0) and it seems that it doesn't work. (fake BGP routes) - router A 1.0.0.0/32 (OSPF) - router B Router A : -- router ospf 1 log-adjacency-changes summary-address 0.0.0.0 0.0.0.0 redistribute bgp 1 subnets network 1.0.0.0 0.255.255.255 area 0 ! router bgp 1 bgp log-neighbor-changes network 5.0.0.0 network 6.0.0.0 network 7.0.0.0 network 8.0.0.0 network 9.0.0.0 network 10.0.0.0 ! ip classless ip route 5.0.0.0 255.0.0.0 Null0 ip route 6.0.0.0 255.0.0.0 Null0 ip route 7.0.0.0 255.0.0.0 Null0 ip route 8.0.0.0 255.0.0.0 Null0 ip route 9.0.0.0 255.0.0.0 Null0 ip route 10.0.0.0 255.0.0.0 FastEthernet0 Router B : -- router ospf 1 log-adjacency-changes network 1.0.0.0 0.255.255.255 area 0 On the router A, I can see that type 5 LSA is installed for 0/0 and propagated to neighbor : CustomerA#sh ip ospf database OSPF Router with ID (192.168.254.254) (Process ID 1) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum Link count 192.168.108.4 192.168.108.4 592 0x8003 0x6121 2 192.168.254.254 192.168.254.254 592 0x8006 0x7C72 2 Type-5 AS External Link States Link ID ADV Router Age Seq# Checksum Tag 0.0.0.0 192.168.254.254 4 0x8001 0x2A22 0 But after some seconds, the external LSA is aged out and so disappears (by what ) : CustomerA#sh ip ospf database OSPF Router with ID (192.168.254.254) (Process ID 1) Router Link States (Area 0) Link ID
Re: Route Reflectors Peer-Group [7:46464]
I'm using peer-groups with route-reflectors on different Cisco platforms (2500, 7500, 12000) and it works fine !! -- Stephane LITKOWSKI Student in a French computer science school EPITA Telecom Network specialization CCNA + CCNP EMail : [EMAIL PROTECTED] Hunt Lee a icrit dans le message de news: [EMAIL PROTECTED] Hi, I have read both BGP 4 Command Reference + CCNP Building Scable Cisco Networks, they both state that peer-group and route reflectors are not compatible to each other. Yet, when I tried to configure both together... it seems to work for me :( Am I missing something important here? RouterB#sh ip bgp ne BGP neighbor is 172.16.0.2, remote AS 1, internal link Index 1, Offset 0, Mask 0x2 Route-Reflector Client group1 peer-group member BGP version 4, remote router ID 172.16.0.2 BGP state = Established, table version = 1, up for 00:28:41 Last read 00:00:40, hold time is 180, keepalive interval is 60 seconds Minimum time between advertisement runs is 5 seconds Received 36 messages, 0 notifications, 0 in queue Sent 36 messages, 0 notifications, 0 in queue Prefix advertised 0, suppressed 0, withdrawn 0 Connections established 2; dropped 1 Last reset 00:28:52, due to RR client config change 0 accepted prefixes consume 0 bytes 0 history paths consume 0 bytes Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Local host: 172.16.0.1, Local port: 11003 Foreign host: 172.16.0.2, Foreign port: 179 Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes) Event Timers (current time is 0x263A98): Timer StartsWakeupsNext Retrans32 0 0x0 TimeWait0 0 0x0 AckHold31 19 0x0 SendWnd 0 0 0x0 KeepAlive 0 0 0x0 GiveUp 0 0 0x0 PmtuAger0 0 0x0 DeadWait0 0 0x0 iss: 904884479 snduna: 904885079 sndnxt: 904885079 sndwnd: 15785 irs: 3309753480 rcvnxt: 3309754096 rcvwnd: 15769 delrcvwnd:615 SRTT: 310 ms, RTTO: 780 ms, RTV: 80 ms, KRTT: 0 ms minRTT: 24 ms, maxRTT: 300 ms, ACK hold: 200 ms Flags: higher precedence, nagle Datagrams (max data segment is 1460 bytes): Rcvd: 44 (out of order: 0), with data: 31, total data bytes: 615 Sent: 52 (retransmit: 0), with data: 31, total data bytes: 599 BGP neighbor is 193.16.0.2, remote AS 1, internal link Index 1, Offset 0, Mask 0x2 Route-Reflector Client group1 peer-group member BGP version 4, remote router ID 0.0.0.0 BGP state = Active, table version = 0 Last read 00:04:24, hold time is 180, keepalive interval is 60 seconds Minimum time between advertisement runs is 5 seconds Received 33 messages, 0 notifications, 0 in queue Sent 37 messages, 1 notifications, 0 in queue Prefix advertised 0, suppressed 0, withdrawn 0 Connections established 2; dropped 2 Last reset 00:04:45, due to BGP Notification sent, hold time expired 0 accepted prefixes consume 0 bytes 0 history paths consume 0 bytes No active TCP connection RouterB# Any ideas would be greatly appreciated. Thanks -- Hunt Lee WebCentral Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=46474t=46464 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Just passed BCRAN, now CCNP [7:44031]
I just passed BCRAN with 932 and just become a CCNP. Now go to the CCIE written ! Thanks all for help. -- Stephane LITKOWSKI Student in a French computer science school EPITA Telecom Network specialization CCNA + CCNP EMail : [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44031t=44031 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Some questions about IGRP [7:41763]
There should be a triggered update. It will list the unreachable network with the largest possible delay. Could you check again? Perhaps in some topologies, there would be no need to send a triggered update, but that would be strange. I think you maybe just didn't recognize it as being a triggered update. I found the reason why there was no triggered updates : I used config like this : int eth0 ip address 10.0.0.1 255.0.0.0 ! router igrp 10 network 10.0.0.0 redistribute static ip route 1.0.0.0 255.0.0.0 Null0 ip route 2.0.0.0 255.0.0.0 Null0 I used route pointing to Null0 to simulate routes and when I suppressed a static route, there was no triggered update. But when I use standard config : int eth0 ip address 10.0.0.1 255.0.0.0 int eth1 ip address 11.0.0.1 255.0.0.0 ! router igrp 10 network 10.0.0.0 network 11.0.0.0 When I shutdown Eth1, there's a triggered update sent through eth0 ... So triggered updates are not generated when using redistribution (It worked fine with RIP, so I supposed that it should work with IGRP, but no). Thanks for your answers. -- Stephane LITKOWSKI Student in a French computer science school EPITA Telecom Network specialization CCNA + CCNP EMail : [EMAIL PROTECTED] Priscilla Oppenheimer a icrit dans le message news: [EMAIL PROTECTED] At 03:27 PM 4/17/02, Stephane LITKOWSKI wrote: Hi all, I have some questions about IGRP : - In an update, IGRP distinguish Subnets, AS Networks and outside-AS networks, when I take some traces, I can see that there's the number of each category and then all routing entries but I don't understand how IGRP know if the routing entry is Subnet, AS or outside AS. Distinguishing AS routes (major net) or subnets is not important (applying interface mask and comparing major networks can do distinction), but how IGRP knows if the routing entry is candidate default ? An IGRP update message has three portions: interior, system (meaning this autonomous system but not interior), and exterior. (Sniffer uses slightly different terminology.) The interior section is for routes to subnets for the network on which the broadcast is being sent. Major networks (i.e. non-subnets) are put into the system portion of the update message unless they are exterior. A network will be flagged as exterior if it was learned from another router and the information arrived in the exterior portion of the update message. Exterior routes are also candidate defaults. They are routes that go to or through routers that are considered to be appropriate as defaults, to be used when there is no explicit route to a destination. Cisco's implementation chooses a default route by picking the exterior route with the smallest metric. - I can see in traces that IP addresses are coded with just 3 bytes, so I think I cannot use subnets 24 bits ... isn't it ? Not necessarily. Class C subnets could be greater than 24. With interior routes, a router can assume that the first octet is the same as the first octet of the sending and receiving interfaces, so it can be left out. Remember that IGRP is classful, so there's no way the prefix boundary could be over to the left past the 8-bit boundary, so IGRP leaves out the first 8 bits in interior (subnet) routes. Check your traces again. I think you'll see that it's the first octet (not the last) that is left out on interior routes. On system and exterior, which deal with major network numbers, the router can leave out the last octet. - I can see different routing entry types, for example (traces done with NAI Sniffer Pro) : ROUTING ENTRY #1 IP Address = [172.16.1.0] ... ROUTING ENTRY #2 IP Address = [10.0.0.XX] ... what does the XX mean ??? I can see in hexa dump that's 00 Which kind was this? System or exterior I would guess. Perhaps the XX just means anything (wildcard). It's probably not actually in the hex dump, since IGRP just uses 24 bits as you mentioned. Check for 0A 00 00, which would be 10.0.0. - What is the utility of the hopcount ? preventing from loop like in RIP ? Yes, it prevents loops. I think if the router sees the hop count increasing, it puts the route in holddown. (so is the hop count incremented hop by hop ?) Yes. - I saw that Cisco implement trigger updates in IGRP, but on a Cisco 1603R with IOS 12.0(4)T, it don't seem to be implemented, when there's a change in topology, there's no trigger update. Does anyone experienced this problem ? There should be a triggered update. It will list the unreachable network with the largest possible delay. Could you check again? Perhaps in some topologies, there would be no need to send a triggered update, but that would be strange. I think you maybe just didn't recognize it as being a triggered update. - Does IGRP use a database like RIP ? or not ? It probably uses something like a database. For some reason, there aren't very good show commands for igrp though. Of course
Some questions about IGRP [7:41763]
Hi all, I have some questions about IGRP : - In an update, IGRP distinguish Subnets, AS Networks and outside-AS networks, when I take some traces, I can see that there's the number of each category and then all routing entries but I don't understand how IGRP know if the routing entry is Subnet, AS or outside AS. Distinguishing AS routes (major net) or subnets is not important (applying interface mask and comparing major networks can do distinction), but how IGRP knows if the routing entry is candidate default ? - I can see in traces that IP addresses are coded with just 3 bytes, so I think I cannot use subnets 24 bits ... isn't it ? - I can see different routing entry types, for example (traces done with NAI Sniffer Pro) : ROUTING ENTRY #1 IP Address = [172.16.1.0] ... ROUTING ENTRY #2 IP Address = [10.0.0.XX] ... what does the XX mean ??? I can see in hexa dump that's 00 - What is the utility of the hopcount ? preventing from loop like in RIP ? (so is the hop count incremented hop by hop ?) - I saw that Cisco implement trigger updates in IGRP, but on a Cisco 1603R with IOS 12.0(4)T, it don't seem to be implemented, when there's a change in topology, there's no trigger update. Does anyone experienced this problem ? - Does IGRP use a database like RIP ? or not ? Can I see the database like show ip rip database ? thanks a lot. Stephane Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=41763t=41763 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Passing CIT score [7:41472]
692 was the pass for me, I passed it last monday with 896 Kris Keen a icrit dans le message news: [EMAIL PROTECTED] William, 690 was the pass, I passed this exam last friday with 885 Cheers Kris Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=41765t=41472 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
MPLS based on OSPF (GSR platform) [7:34268]
Hi all, I have to deploy MPLS based on OSPF as IGP, the backbone is build on Cisco 12000 GSRs (12008,12012 12016). I heard that MPLS over OSPF on GSR can cause some problems (ISIS is prefered as IGP ...) but I don't have details about these problems. Does anybody experienced bugs with this kind of environment ? Thanks for your help. Stephane Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34268t=34268 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP question [7:27879]
You need to announce all your local subnets : - by using the network command, u can announce all subnets already placed in the routing table by an IGP - by redistributing your IGP on BGP using the redistribute command in router bgp config mode I see some OSPF routes in your routing table, so you can use network command to announce all subnets : (config)# router bgp 200 (config-router)# network 192.168.1.0 mask 255.255.255.0 (config-router)# network 192.168.2.0 mask 255.255.255.0 (config-router)# network 192.168.3.0 mask 255.255.255.0 u don't need to announce the peering link ... or use redistribution (not recommended by Cisco in BSCN book, but it works) : (config)# router bgp 200 (config-router)# redistribute ospf hope it helps -- Stephane LITKOWSKI Student in a french computer science school EPITA Telecom Network specialization CCNA + BCMSN EMail : [EMAIL PROTECTED] Stephen C a icrit dans le message news: [EMAIL PROTECTED] When configuring BGP on a singlehome net, everything I read says the basic config commands are ... for S 0\0 to S 0\0 (200.200.1.1 to 200.200.1.2) wire 200.200.1.0 Router-A(config)#router bgp [as#] Router-A(config-router)#network [subnet#] Router-A(config-router)#neighbor [subnet#] remote-as [as#] now filling in the blanks Router-A(config)#router bgp [200] Router-A(config-router)#network [200.200.1.0] Router-A(config-router)#neighbor [200.200.1.1] remote-as [100] unless I configure RIP on the same wire I get nothing. No mention of RIP in any of the books I reference. I config RIP and get a from show ip route this C200.200.1.0/24 is directly connected, Serial1 R200.200.100.0/24 [120/1] via 200.200.1.1, 00:00:14, Serial1 [120/1] via 200.200.2.1, 00:00:14, Serial0 C200.200.2.0/24 is directly connected, Serial0 C192.168.1.0/24 is directly connected, Ethernet0 O192.168.2.0/24 [110/74] via 192.168.1.2, 01:54:20, Ethernet0 O E2 192.168.3.0/24 [110/20] via 192.168.1.2, 01:54:20, Ethernet0 Not showing bgp on the connections the Show ip bgp yields . Router-A#show ip bgp BGP table version is 3, local router ID is 200.200.2.2 Status codes: s suppressed, d damped, h history, * valid, best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path * 200.200.1.0 200.200.2.1 0 0 100 i * 200.200.1.1 0 0 100 i * 0.0.0.0 0 32768 i Where did I pick up the Static/Default paths from * 200.200.2.0 200.200.2.1 0 0 100 i * 200.200.1.1 0 0 100 i * 0.0.0.0 0 32768 i Where did I pick up the Static/Default paths from Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27881t=27879 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: EIGRP problem [7:26189]
The only bug I know about EIGRP in IOS 11.2 is this one (I experienced it with some Cisco 25xx, some directly connected routes weren't propagated). http://www.cisco.com/univercd/cc/td/doc/product/software/ios112/ios112p/112p cavs.htm a.. CSCdj59706 Enhanced Interior Gateway Routing Protocol (EIGRP) might not take directly connected host routes into the topology table and redistribute them to other routers. There is no workaround. -- Stephane LITKOWSKI Student in a french computer science school EPITA Telecom Network specialization CCNA + BCMSN EMail : [EMAIL PROTECTED] Jim Bond a icrit dans le message news: [EMAIL PROTECTED] Hello, We have a 4500 (IOS 11.2.16 IP) at hub with static default gateway configured, then redistribute into EIGRP. Sometimes, this default route is missing on spoke routers. I suspect it's an IOS bug, but I couldn't find it in CCO Bug Navigator. Anyone has the same problem? Thanks in advance. Jim __ Do You Yahoo!? Find the one for you at Yahoo! Personals http://personals.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26201t=26189 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ip direct-broadcast [7:24160]
this command, prevent broadcast from being dropped. So after activating this, u can configure helper-address to convert broadcast to unicast or to propagate broadcast to some other subnets. The command ip directed-broadcast enable the translation of directed broadcast. This is used if u have a DHCP or BOOTP server and clients on different subnets. Helper Address are used to permit client to join servers. In IOS 12.0, the default is disabled Hope it helps. -- Stephane LITKOWSKI Student in a french computer science school EPITA Telecom Network specialization CCNA + Switching EMail : [EMAIL PROTECTED] Jim Bond a icrit dans le message news: [EMAIL PROTECTED] Hello, I'm wondering what ip direct-broadcast does? If I have a PC with IP 10.1.1.2, default to 10.1.1.1, which is a router configured with ip direct-broadcast. Does it mean all 10.1.1.255 traffic will be forward to other subnets? Thanks in advance. Jim __ Do You Yahoo!? Make a great connection at Yahoo! Personals. http://personals.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24165t=24160 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BCMSN thoughts [7:24040]
I passed it at the beginning of the months. I had questions about : VTP, a lot of trunking, CGMP, IGMP, spantree convergence timers, design (which switch to put in which layer), troubleshooting (span config, leds on CATALYST), questions about ports config (duplex, speed ...) on IOS, CatOS, some questions on MLS (access-list flowmask, cache entry, some config) ... Stephane John McCartney a icrit dans le message news: [EMAIL PROTECTED] Hi all, I'm taking the BCMSN this weekend and I wanted to know from those who have taken it recently -how was it? Was it slanted towards more of the VLAN/VTP stuff or MLS. Any thoughts are appreciated. John Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24054t=24040 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BCMSN some question need help!!! [7:21836]
Question 1 I think the answer is : show run Question 2 I think the answer is A : set mls enable set mls include Question 3 the answers are B D because : A is false command, good command is : set spantree portfast enable and the priority doesn't influence the convergence time Hope it helps Regards, -- Stephane LITKOWSKI Student in a french computer science school EPITA Telecom Network specialization CISCO Certified Network Associate EMail : [EMAIL PROTECTED] hoi fung chan a icrit dans le message news: [EMAIL PROTECTED] Anyone can help me to answer this 3 question?? 1.Which command can you use to verify that a router interface has been configured for CGMP? a.show interface b.show run c.show pip d.show cgmp ** i think the answer should be a, pls cfm!! 2.Which command(s) are required to configure the MLS-SE to participate in multiplayer switching with an RSM? a.set mls enable and set mls include rsm ip address commands in privilege mode b.No commands are required. MLS is enabled by default c.set mls include command in privileged mode d.set mls enable and set mls agingtime number of seconds commands in privileged mode e.set mls enable and set mls vtp-domain vtp domain name commands in privileged mode 3.Which command do you use to improve spanning-tree convergence? a.set spantree portfast b.set spantree backboneFast c.set spantree priority d.set spantree uplinkfast enable ** i think the answer should be c, pls cfm!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21854t=21836 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BCMSN some question need help!!! [7:21836]
Sorry but i was wrong, after a verification : I think that : Question 2 is not A because, in case of RSM, you don't need to put the set mls include command. It's automatic and MLS is by default enable on CATALYST that support it. So I think the answer is B. Sorry for the confusion ... Regards, -- Stephane LITKOWSKI Student in a french computer science school EPITA Telecom Network specialization CISCO Certified Network Associate EMail : [EMAIL PROTECTED] Stephane LITKOWSKI a icrit dans le message news: [EMAIL PROTECTED] Question 1 I think the answer is : show run Question 2 I think the answer is A : set mls enable set mls include Question 3 the answers are B D because : A is false command, good command is : set spantree portfast enable and the priority doesn't influence the convergence time Hope it helps Regards, -- Stephane LITKOWSKI Student in a french computer science school EPITA Telecom Network specialization CISCO Certified Network Associate EMail : [EMAIL PROTECTED] hoi fung chan a icrit dans le message news: [EMAIL PROTECTED] Anyone can help me to answer this 3 question?? 1.Which command can you use to verify that a router interface has been configured for CGMP? a.show interface b.show run c.show pip d.show cgmp ** i think the answer should be a, pls cfm!! 2.Which command(s) are required to configure the MLS-SE to participate in multiplayer switching with an RSM? a.set mls enable and set mls include rsm ip address commands in privilege mode b.No commands are required. MLS is enabled by default c.set mls include command in privileged mode d.set mls enable and set mls agingtime number of seconds commands in privileged mode e.set mls enable and set mls vtp-domain vtp domain name commands in privileged mode 3.Which command do you use to improve spanning-tree convergence? a.set spantree portfast b.set spantree backboneFast c.set spantree priority d.set spantree uplinkfast enable ** i think the answer should be c, pls cfm!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21867t=21836 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNA question with routing setup [7:18572]
You have to announce classfull networks in RIPv1 : for router A : router rip network 192.168.254.0 for router B : router rip network 192.168.50.0 if it doesn't work with this, try debug ip rip -- Stephane LITKOWSKI Student in a french computer science school EPITA Telecom Network specialization CISCO Certified Network Associate EMail : [EMAIL PROTECTED] a icrit dans le message news: [EMAIL PROTECTED] I have 2 2501 routers setup as follows: RouterA eth0 with 192.168.254.1/24 RouterA serial 0 with 192.168.100/24 setup as DTE, no shutdown, router rip network 192.168.0.0 RouterB eth0 with 192.168.50.1/24 RouterB serial 0 with 192.168.100.11/24 setup as DCE, clock rate 64000, no shutdown, router rip network 192.168.0.0 My problem is it won't see any of the networks...do I have this number setup wrong? when I setup a static IP ROUTE..the networks work fine and see each other its just with RIP for some reason is unable to see the other networks...what am I doing wrong? thank you all Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=18574t=18572 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: isl encapsulation over fastethernet sub interface [7:18395]
Interface FastEthernet1/0.5 ip address x.x.x.x encapsulation isl VLANID Stephane LITKOWSKI a icrit dans le message news: [EMAIL PROTECTED] Hi On the subinterface, you have to configure : Interface FastEthernet1/0.5 ip address encapsulation isl Regards, -- Stephane LITKOWSKI Student in a french computer science school EPITA Telecom Network specialization CISCO Certified Network Associate EMail : [EMAIL PROTECTED] Jagan Krishnaraj a icrit dans le message news: [EMAIL PROTECTED] hi all can anybody help me. i have a catalyst 5505 connected to a 2610 fastethernet interface. vlans are configured in the catalyst and are trunked to the fa interface. in the fa interface subinterfaces encapsulation for vlans are created in the router. but still router does not connect to the switch and carrying the vlan traffic. when i debug vlan packet on router it gives vLAN: Received ISL encapsulated UNKNOWN packet bearing colour ID 5 on interface FastEthernet1/0.5 which is not configured to route or bridge this packet type can anybody help me regards jagan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=18396t=18395 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: isl encapsulation over fastethernet sub interface [7:18395]
Hi On the subinterface, you have to configure : Interface FastEthernet1/0.5 ip address encapsulation isl Regards, -- Stephane LITKOWSKI Student in a french computer science school EPITA Telecom Network specialization CISCO Certified Network Associate EMail : [EMAIL PROTECTED] Jagan Krishnaraj a icrit dans le message news: [EMAIL PROTECTED] hi all can anybody help me. i have a catalyst 5505 connected to a 2610 fastethernet interface. vlans are configured in the catalyst and are trunked to the fa interface. in the fa interface subinterfaces encapsulation for vlans are created in the router. but still router does not connect to the switch and carrying the vlan traffic. when i debug vlan packet on router it gives vLAN: Received ISL encapsulated UNKNOWN packet bearing colour ID 5 on interface FastEthernet1/0.5 which is not configured to route or bridge this packet type can anybody help me regards jagan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=18395t=18395 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CONF REG AND BOOT SYSTEM [7:18397]
The config register is the parameter that decide of boot. The config register must specify if startup config has to be read or not (command : boot system) Stephane TP a icrit dans le message news: [EMAIL PROTECTED] If I have: 1)conf register set to 0x1... (from ROM) 2) boot system falsh: image.bin to the next reload what happens? It will boot from ROM or FLASH? Who wins, config register or the first command line? Thank you Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=18398t=18397 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Earl ASIC unsupported error message on cat5509 [7:18048]
Did you check the catos version you put on ? This message make me think that the OS don't correspond to the hardware architecture (ASIC unsupported). EARL is (Enhanced Address Recognization Logic), this ASIC make the forwarding decision in the supervisor engine. Hans Stout a icrit dans le message news: [EMAIL PROTECTED] Hello colleagues, I am trying to install a redundant SE III in a Cat5509 switch; the module is booting, but then the system is halted. Here is the output from the boot sequence: System Bootstrap, Version 5.1(2) Copyright (c) 1994-1999 by cisco Systems, Inc. Presto processor with 65536 Kbytes of main memory Autoboot executing command: boot bootflash:RTSYNC_cat5000-sup3_4-5-3.bin Loading Network Management Processor image Uncompressing file: ### ## System Power On Diagnostics NVRAM Size ...512 KB ID Prom Test ..Passed DPRAM Size 16KB DPRAM Data 0x55 Test ..Passed DPRAM Data 0xaa Test ..Passed DPRAM Address Test Passed Clearing DPRAM Done System DRAM Memory Size ...64MB DRAM Data 0x55 Test ...Passed DRAM Data 0xaa Test ...Passed DRAM Address Test Passed Clearing DRAM .Done EARLII Present EARLII RAM Test ...Passed EARL Serial Prom Test .Passed Level2 Cache ..Present Level2 Cache test..Passed Boot image: bootflash:RTSYNC_cat5000-sup3_4-5-3.bin Downloading epld sram device please wait ... Programming successful for Altera 10K50 SRAM EPLD SYSTEM_FATAL_ERROR: Banff subsystem failed SYSTEM_FATAL_ERROR: Unsupported Earl ASIC Halting the system. Does this mean that one of the ASICs on the card is malfunctioning ? Thanks for your help in advance. Hans _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=18049t=18048 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: vlans [7:17919]
So, u have a switch with a trunk (802.1q or ISL link that transport VLAN information). If VLAN2 is suffering from a broadcast storm, broadcasts will take all the bandwidth on the link. So VLAN1 will suffer from the broadcast storm too on this link, but if u have other links (with just VLAN1 = no trunk), these links will not suffer from the broadcast storm, so by these links, traffic of VLAN1 is not altered. VLAN1 | SW2--VLAN2 | | (trunk) VLAN1 SW1 / \ VLAN1VLAN2 on switch 1 there's no problem in VLAN1 communication (if the switch is good - no internal congestion). Problem are just in communications across the trunk. Joe Morabito a icrit dans le message news: [EMAIL PROTECTED] If you have a switch that has 2 vlans (vlan1 and vlan2) using the same physical connection to the rest of the network, what happens to vlan1 if vlan2 is suffering from a broadcast storm, since both vlans traverse the same physical wire? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17928t=17919 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
QoS on CAT6k [7:17555]
Hi group, I want to do some rate-limiting on a CAT6k. Consider a physical port in a VLAN (with many ports), I want to do bidirectionnal rate-limiting (one bandwidth for in, and one for out). Trafic might be distinguished by subnet (- an access-list can be used to characterize trafic) Can I do this by using CAR on Routers ? How is the configuration ? thanks. -- Stephane LITKOWSKI Student in a french computer science school EPITA Telecom Network specialization CISCO Certified Network Associate EMail : [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17555t=17555 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Another CCIE Written Question [7:17050]
A serial link, is not a shared media. Serial link is used for point to point connection = no collision U can have collision if Tx is connected on Tx on the other side of the cable, but if the cable and interfaces (X21, V24 ...) are good, there's no collision. -- Stephane LITKOWSKI Student in a french computer science school EPITA Telecom Network specialization CISCO Certified Network Associate EMail : [EMAIL PROTECTED] Wright, Jeremy a icrit dans le message news: [EMAIL PROTECTED] Can you have collisions on a serial link? Thanks again. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17053t=17050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Another CCIE Written Question [7:17050]
I agree with you. Serial link is not always full duplex. It depends of the relation between the two entities : primary/secondary (Normal mode : SDLC - SNRM frame) or Balance mode (LAPB - SABM frame). -- Stephane LITKOWSKI Student in a french computer science school EPITA Telecom Network specialization CISCO Certified Network Associate EMail : [EMAIL PROTECTED] Howard C. Berkowitz a icrit dans le message news: [EMAIL PROTECTED] Most are full duplex, so in those cases, no you shouldn't.. Brian Sonic Whalen Success = Preparation + Opportunity On Thu, 23 Aug 2001, Wright, Jeremy wrote: Can you have collisions on a serial link? Thanks again. I'm in general agreement, but be aware that you might run into IBM BSC or SDLC networks that use polled multidrop on half-duplex facilities. Rare now, but you might see them on things like automatic teller machines, point-of-sale terminals, etc. -- those being critical business applications that work, so no one wants to fiddle with them. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=17065t=17050 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Routing Exam [7:16913]
Are percentage the same for BSCN, BCMSN, CIT and BCRAN ? I will take the BCMSN exam in 2 weeks. thanks -- Stiphane LITKOWSKI Student in a computer science school EPITA Telecom Network specialization CISCO Certified Network Associate Randy Lopez a icrit dans le message news: [EMAIL PROTECTED] I'm currently studying for the CCNP Routing Exam and I wanted to know the Percentage needed to Pass. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=16926t=16913 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: NAT using a single interface [7:16902]
What do u want to do exactely ? Did u try to use subinterfaces ? -- Stephane LITKOWSKI Student in a french computer science school EPITA Telecom Network specialization CISCO Certified Network Associate EMail : [EMAIL PROTECTED] Leigh Anne Chisholm a icrit dans le message news: [EMAIL PROTECTED] I've searched the Groupstudy archives... there's been much speculation as to whether or not this can be done. Has anyone managed to get NAT using a single Ethernet interface to work? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=16929t=16902 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
