Re: Studying Switching [7:75030]

[Tom Lisa]

Priscilla,

Didn't Radia write a poem that starts something like
I have never seen a tree as lovely as a spanning tree?

BTW, is it still possible to get a free copy of 802.1s  w.
I looked on the IEEE site but couldn't find them.

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Priscilla Oppenheimer wrote:

  Get a copy of Cisco LAN Switching by Kennedy Clark and Kevin
  Hamilton. It's
  right up there with Doyle as one of the best networking books ever
  written.
  It makes switching fun again! ;-) It's well written, technicaly
  accurate and
  interesting, and it doesn't just throw the latest marketing trends at
  you
  with no explanation of their history, like some switching material
  does.

  Also, CertificationZone has some good articles and study materials
  for
  switching.

  By the way, switching isn't as dull as it might seem. The spanning
  tree
  algorithm can be quite interesting to study. And there are
  enhancements to
  it now like 802.1s (multiple spanning trees) and 802.1w (rapid
  spanning tree
  protocol).

  Good luck!

  Priscilla Oppenheimer

  Nakul Malik wrote:
  
   Hi all,
   I started off studying routing and found it to be a topic that
   interested me
   a lot. I just couldn't get enough of halabi Doyle and the rest.
   I studied a
   lot, practiced a lot and was thrilled when I passed the exam in
   beta.
  
   Next I started studying for switching. That didn't turn out as
   well as I
   thought it would. I couldn't just work up the same level of
   interest. I have
   been analyzing the reasons and have come up with the following:
   1. I've never worked with switches much, so I don't know too
   much about
   them, as opposed to routers.
   2. Study materials.
  
   I've been wondering, has anyone else faced similar problems in
   their quest
   for CCNP.
  
   Also, could someone recommend some good materials/resources for
   switching
   other than the official Cisco book?
  
   Any/all answers would be appreciated.
   Thanks.
   -N
  
   --
   Nakul Malik
  
   H-342
   New Rajendra Nagar
   New Delhi - 110060
  
   Mobile: +91-9811424477
   Ph: +91-11- 2582 3488
 +91-11- 2585 0155
   Fax:: +91-11- 2575 2904
  
   [EMAIL PROTECTED]
  **Please support GroupStudy by purchasing from the GroupStudy Store:
  http://shop.groupstudy.com
  FAQ, list archives, and subscription info:
  http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75090t=75030
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Please Help - CIDR - How the bits work [7:75050]

[Tom Lisa]

We are now teaching VLSM/CIDR in the CCNA curriculum.

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Priscilla Oppenheimer wrote:

  Reimer, Fred wrote:
  
   No offense, but this is CCNA material.

  Do they still teach classful for CCNA, though? Perhaps the only thing
  that's
  hard for him is that 192.168.24.0 has a mask of 255.255.255.0 in a
  classful
  system. Moving the prefix over to the left of that classful boundary
  isn't
  something they teach for CCNA yet. (They will soon. The new
  Networking
  Academy books teach it from the start now.)

  Priscilla

   If you are going for
   your CCNP, then
   you should already have your CCNA and know the answer.  But
   anyway...
  
   If you need a network with 400 hosts, the smallest subnet would
   have a /23
   mask.  So take the first part of your given network and assign
   it to that:
  
   192.168.24.0/23 (192.168.24.0-192.168.25.255)
  
   Then you need one with 200 hosts.  Well, that could fit within
   a /24 subnet,
   so assign the next available to that:
  
   192.168.26.0/24 (192.168.26.0-192.168.26.255)
  
   Now you only have 192.168.27.0/24 left from the original
   192.168.24.0/23
   (which covered 192.168.24.0-192.168.27.255).  You need two
   50's, so that
   should fit within /26 subnets each.  Assign them:
  
   192.168.27.0/26 (192.168.27.0-192.168.27.63)
   192.168.27.64/26 (192.168.27.64-192.168.27.191)
  
   Finally, you need three subnets that can have two hosts each,
   which would
   fit within /30 subnets.  So assign:
  
   192.168.27.192/30
   192.168.27.196/30
   192.168.27.200/30
  
  
   Fred Reimer - CCNA
  
  
   Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA
   30338
   Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050
  
  
   NOTICE; This email contains confidential or proprietary
   information which
   may be legally privileged. It is intended only for the named
   recipient(s).
   If an addressing or transmission error has misdirected the
   email, please
   notify the author by replying to this message. If you are not
   the named
   recipient, you are not authorized to use, disclose, distribute,
   copy, print
   or rely on this email, and should immediately delete it from
   your computer.
  
  
   -Original Message-
   From: Steven Aiello [mailto:[EMAIL PROTECTED]
   Sent: Tuesday, September 09, 2003 8:02 AM
   To: [EMAIL PROTECTED]
   Subject: Please Help - CIDR - How the bits work [7:75050]
  
   I just started my routing class for my CCNP.  We are covering
   CIDR.  The
   book is VEERY vague on how the bit patterns break down and
   are used.
  
  
   This was a problem posed in one of my CCNP labs
  
   I have network number
  
   192.168.24.0 / 22
  
   from this I need
   networks with
  
   400 hosts
   200 hosts
   50  hosts
   50  hosts
   2   hosts (for serial int - no ip un-numbered allowed )
   2   hosts
   2   hosts
  
   Also no NATing
  
   Thanks all I really could use the help
  
   Steve
   **Please support GroupStudy by purchasing from the GroupStudy
   Store:
   http://shop.groupstudy.com
   FAQ, list archives, and subscription info:
   http://www.groupstudy.com/list/cisco.html
  **Please support GroupStudy by purchasing from the GroupStudy Store:
  http://shop.groupstudy.com
  FAQ, list archives, and subscription info:
  http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75118t=75050
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Please Help - CIDR - How the bits work What I figured out [7:75127]

[Tom Lisa]

Another way to look at it is that you have one long contiguous line of
addresses
that you need to break up into different size groups that must also be
contiguous.

For example:  192.168.1.0 /24
Assume we need three networks (nets ab) with 40 hosts, two networks
(nets cd) with 25 hosts, and 3 networks (nets e,f,g) with 12 hosts.

Our available subnet area is 192.168.1.0 - 192.168.1.255
Shown graphically (hope this doesn't get munged in transmission;
if so copy and paste into word using fixed width and 10).

.0   
.255
/24:
|---|
.128
/25:
|-|-|
.64 .192
/26:
|-|---|---|-|
(a)( b)
.160 .224
/27:
|-|---|-|-|--|--|
(c)   (d)
.208  .240
/28:
|-|---|-|-|-|||-|
(e)   (f)  (g)

From this we can see that Subnet blocks 192.168.1.0  .64 are used for
nets a  b.
Blocks .128  .160 are used for nets c  d, while blocks .192, 208  224
are used
for nets e, f,  g.  This leaves one block, .240 for future use or to
further
subnet for /30's to address serial links.

By looking at it visually, there isn't any danger of overlapping
previously assigned
blocks.  It also shows us where supernetting will occur so we can
properly assign
the blocks for easy aggregation.  Since the blocks must be recombined for
supernetting
in the same manner they were subnetted, we can see that nets a  b could
be put on
one router and we would only advertise a /25 (192.168.1.0) upstream.
Likewise, blocks
.128  .160 could be on a second router and advertised as a /26
(192.168.1.128).
We can also see that we couldn't put nets a-d on the same router and
advertise as a
/25 because they don't all come from the same /25 block.  We would have
to use two
advertisements, a /25  /26, if they were on the same router.

The same method can be used for address ranges that cross octet
boundries:
172.16.0.0 /16
0.0   255.255
/16: |---|
128.0
/17: |---|---|

and so on.

I find showing it visually to my students makes understanding a lot
easier.

HTH,
Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

John Neiberger wrote:

  The key is that you must completely unlearn classful thinking. Forget
  that
  you ever learned it. Completely ignore any prior classful subnet
  boundaries
  that you were forced to memorize. It's all just one big IP address
  space
  that you choose to carve up any way you like. As long as you do it
  correctly
  and don't have any overlap the subnetting scheme is up to you.

  Another helpful tip: don't ever use classful terminology any more!
  Don't say
  Class A to refer to an 8-bit prefix or subnet mask; don't say
  Class C to
  refer to a 24-bit mask, or /24. That will help move your brain away
  from
  that type of thinking.

  Think of your address space as a big pie, and each time you cut a
  segment in
  half you're adding one more bit to the subnet mask. Here's an
  example:

  You start with 10.20.30.0/24 (255.255.255.0) and we'll think of that
  as a
  whole pie. You don't need that many addresses in your subnet so you
  decide
  to break it up into smaller pieces. What do you do? Cut your pie in
  half
  (draw this out, it helps!).

  Your pie now has two halves and these represent two subnets with /25
  masks
  with no overlap. Let's say you want to further subnet one of those
  subnets.
  Cut it in half again! You now have a /25 and two /26s with no
  overlap. If
  you further cut one of those /26 subnets into two pieces you have two
  /27s.
  See how easy that is?

  Draw this out on paper and write down your subnet information as you
  go,
  like this:

  10.20.30.0/24 (10.20.30.0-255) becomes
  10.20.30.0/25 (10.20.30.0-127) and 10.20.30.128/25 (10.20.30.128-255)
  10.20.30.128/25 further subnetted becomes 10.20.30.128/26
  (10.20.30.128-191)
  and 10.20.30.192/26 (10.20.30.192-255)

  And so on...  practice it this way for a while and after a short time
  it
  will be second nature for you to subnet existing networks without
  accidentally overlapping them.

  HTH,
  John

   Steven Aiello 9/9/03 12:03:06 PM 
  I was stuck on the idea that you could ONLY re subnet a remaining
  piece
  of a subnetwork.  And not apply a mask to the whole span of the total
  available network.  You can (unless I'm incorrect here) you just have
  to
  watch out for address over lap neer your subnetwork boundries.

  I think I got

Re: Please Help - CIDR - How the bits work What I figured out [7:75129]

[Tom Lisa]

Another way to look at it is that you have one long contiguous line of
addresses
that you need to break up into different size groups that must also be
contiguous.

For example:  192.168.1.0 /24
Assume we need three networks (nets ab) with 40 hosts, two networks
(nets cd) with 25 hosts, and 3 networks (nets e,f,g) with 12 hosts.

Our available subnet area is 192.168.1.0 - 192.168.1.255
Shown graphically (hope this doesn't get munged in transmission;
if so copy and paste into word using fixed width and 10).


.0
.255
/24:
|---|

.128
/25:
|-|-|

   .64 .192
/26:
|-|---|---|-|

   (a)( b)

.160 .224
/27:
|-|---|-|-|--|--|

   (c)   (d)

.208  .240
/28:
|-|---|-|-|-|||-|

 (e)
(f)  (g)

From this we can see that Subnet blocks 192.168.1.0  .64 are used for
nets a  b.
Blocks .128  .160 are used for nets c  d, while blocks .192, 208  224
are used
for nets e, f,  g.  This leaves one block, .240 for future use or to
further
subnet for /30's to address serial links.

By looking at it visually, there isn't any danger of overlapping
previously assigned
blocks.  It also shows us where supernetting will occur so we can
properly assign
the blocks for easy aggregation.  Since the blocks must be recombined
for supernetting
in the same manner they were subnetted, we can see that nets a  b could
be put on
one router and we would only advertise a /25 (192.168.1.0) upstream.
Likewise, blocks
.128  .160 could be on a second router and advertised as a /26
(192.168.1.128).
We can also see that we couldn't put nets a-d on the same router and
advertise as a
/25 because they don't all come from the same /25 block.  We would have
to use two
advertisements, a /25  /26, if they were on the same router.

The same method can be used for address ranges that cross octet
boundries:
172.16.0.0 /16
0.0   255.255
/16: |---|
  128.0
/17: |---|---|

and so on.

I find showing it visually to my students makes understanding a lot
easier.

HTH,
Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

John Neiberger wrote:

 The key is that you must completely unlearn classful thinking. Forget
 that
 you ever learned it. Completely ignore any prior classful subnet
 boundaries
 that you were forced to memorize. It's all just one big IP address
 space
 that you choose to carve up any way you like. As long as you do it
 correctly
 and don't have any overlap the subnetting scheme is up to you.

 Another helpful tip: don't ever use classful terminology any more!
 Don't say
 Class A to refer to an 8-bit prefix or subnet mask; don't say Class
 C to
 refer to a 24-bit mask, or /24. That will help move your brain away
 from
 that type of thinking.

 Think of your address space as a big pie, and each time you cut a
 segment in
 half you're adding one more bit to the subnet mask. Here's an example:

 You start with 10.20.30.0/24 (255.255.255.0) and we'll think of that
 as a
 whole pie. You don't need that many addresses in your subnet so you
 decide
 to break it up into smaller pieces. What do you do? Cut your pie in
 half
 (draw this out, it helps!).

 Your pie now has two halves and these represent two subnets with /25
 masks
 with no overlap. Let's say you want to further subnet one of those
 subnets.
 Cut it in half again! You now have a /25 and two /26s with no overlap.
 If
 you further cut one of those /26 subnets into two pieces you have two
 /27s.
 See how easy that is?

 Draw this out on paper and write down your subnet information as you
 go,
 like this:

 10.20.30.0/24 (10.20.30.0-255) becomes
 10.20.30.0/25 (10.20.30.0-127) and 10.20.30.128/25 (10.20.30.128-255)
 10.20.30.128/25 further subnetted becomes 10.20.30.128/26
 (10.20.30.128-191)
 and 10.20.30.192/26 (10.20.30.192-255)

 And so on...  practice it this way for a while and after a short time
 it
 will be second nature for you to subnet existing networks without
 accidentally overlapping them.

 HTH,
 John

  Steven Aiello 9/9/03 12:03:06 PM 
 I was stuck on the idea that you could ONLY re subnet a remaining
 piece
 of a subnetwork.  And not apply a mask to the whole span of the total
 available network.  You can (unless I'm incorrect

Re: Please Help - CIDR - How the bits work [7:75050]

[Tom Lisa]

No, the new curriculum recognizes the subnet zero command.

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem



Daniel Cotts wrote:

 Tom,
 In the old CCNA books if a question came up about how many subnets could be
 formed from a block - the all zeros and all ones subnets were not counted.
 Does this still hold with the new curriculum?

  -Original Message-
  From: Tom Lisa [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, September 09, 2003 3:54 PM
  To: [EMAIL PROTECTED]
  Subject: Re: Please Help - CIDR - How the bits work [7:75050]
 
 
  We are now teaching VLSM/CIDR in the CCNA curriculum.
 
  Prof. Tom Lisa, CCAI
  Community College of Southern Nevada
  Cisco ATC/Regional Networking Academy
  Cunctando restituit rem
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=75149t=75050
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: in FECN [7:74642]

[Tom Martin]

The FECN bits are getting set, so traffic from the remote router (to your
router) is experiencing congestion somewhere within the Frame Relay cloud.
There's not really much you or your router can do about it. FECNs are sort
of useless since by the time your router sees them the congestion has
already occured.

The Frame Relay cloud will set the BECN bits in frames traveling to the
remote. If THAT router has Frame Relay traffic shaping enabled it may
adapt by slowing down the rate at which it sends your router traffic.

- Tom

On Tue, 02 Sep 2003 06:20:44 -0400, Md Nazri wrote:

 hi guys,
 
 this is the output of my sh frame-relay pvc
 
 DLCI = 171, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE =
 Serial0/0.171
 
   input pkts 1435560   output pkts 9358712  in bytes 370699089
   out bytes 1069864391 dropped pkts 0   in pkts dropped 0
   out pkts dropped 0out bytes dropped 0 in FECN pkts
   7738in BECN pkts 56  out FECN pkts 0 out BECN pkts 0
  in DE pkts 0 out DE pkts 0 out bcast pkts 193438
   out bcast bytes 12380032 5 minute input rate 2 bits/sec, 7
   packets/sec 5 minute output rate 13000 bits/sec, 12 packets/sec pvc
   create time 1w6d, last time pvc status changed 4d00h
 
 what will happen if 'in FECN' is increasing..how do router adapt to
 it..?
 
 
 thanks
 GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
 http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=74662t=74642
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: OT Microsoft worm [7:74045]

[Tom Lisa]

Hmmm, are IT Gals also easy to recognize???

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Priscilla Oppenheimer wrote:

  Evans, Timothy R (BearingPoint) wrote:
  
   I know of several organizations in the Washington / NoVa / MD
   area that were
   effected - the MD Motor Vehicle Administration was offline for
   quite some
   time, for example.
  
  
   Sadly - too many people, many who should know better, assumed
   that as long
   as the edge was secured than all was good.  Unfortunately it
   only takes
   one laptop (for ex) to break that theory :).

  Makes me wonder about people's security policies. Bringing in a
  laptop that
  isn't running software approved by IT shouldn't be allowed. This
  software
  should include patched OSs, anti-virus, and personal firewall.

  Of course, enforcing that is difficult.

  Friday night I was walking by a local bank and noticed that the
  ligths were
  still on. I had to chuckle when I looked inside and noticed IT guys
  hunched
  over PCs at the tellers' stations. I'm pretty sure I know what they
  were
  doing. And yes, IT guys are easy to recognize. You know who you are.
  :-)

  Today I went to my favoriate local coffee shop. The public Internet
  acccess
  PC was turned off with a sign that said, Not in service due to
  virus. Bye,
  bye Miss American Pie. Ah, the day the music died.

  This blaster thing is yet another wake-up call. The big one is still
  coming.
  We are lucky that so far it's been benign tricksters attacking our
  networks.
  Sorry for the dire warning, but I truly predict a huge failure at
  some
  point. Argh

  
  
   Luckily - this was/is a very sloppy worm:
 Noisy enough to easily tracedown
 Poor propogation method
 Limited vectors of attack
 No destructive payload
   (don't get me wrong - having a backdoor is bad, but let's say
   it wiped data
   from hardrives 8 hours after infecting them, or performed some
   other
   non-randon act of data destruction)
   ...   and, to top it all off, its attempted DoS was to the wrong
   URL and
   was easily sidestepped, although some people caused local RST
   floods on
   their network by attempting to mitigate it incorrectly :)

  It's not just Microsoft that has software bugs! Getting the wrong URL
  was an
  amazingly stupid bug, but benign. A lot of the infamous worms of the
  past
  spread unintentionally like wildfire because of software bugs.

  Why is software so hard to get right? Well, I know why. But this has
  gotta
  change

  Priscilla

  
  
  
   Thanks!
   TJ
   ... not all windows admin's are incompetent
   ... and some are network admins as well :)
  
   -Original Message-
   From: Reimer, Fred [mailto:[EMAIL PROTECTED]
   Sent: Saturday, August 16, 2003 4:23 PM
   To: [EMAIL PROTECTED]
   Subject: RE: OT Microsoft worm [7:74045]
  
   For reasons of confidentiality I won't and can't name any
   names, but I am
   aware of several hospitals that were affected pretty
   seriously.  Everyone
   here knows that Cisco Call Manager runs on Windows, so imagine
   what happens
   to your entire phone infrastructure if you are running VoIP.
   Network grinds
   to a halt and admitting can't access the applications to admit
   people in the
   ER.  Lab orders don't go through, so meds can't be dispersed
   based on the
   results of tests.  Everything goes back to a paper fall-back
   scheme until
   the Windows administrators patch the systems like they should
   have done
   weeks ago.
  
   So no, don't assume that even large organizations have a handle
   on things.
   Especially hospitals which are notoriously on the low end as
   far as
   adequately staffing, at the right levels, their IT staff.
  
   One thing I sincerely hope is changed in our lexicon is calling
   Windows
   administrators network administrators.  It makes me
   physically ill,
   because those folks don't administer the network, if
   anything they
   actually do can be classified as competent administration.
   They should be
   called what they are systems administrators, or, if you want
   to be more
   specific, Windows administrators.  I personally think they
   deserve a
   classification of their own.
  
   All I can say is that the Windows systems that our group has to
   use and is
   responsible for were patched long ago, and did not exhibit any
   issues.
  
   Fred Reimer - CCNA
  
  
   Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA
   30338
   Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050
  
  
   NOTICE; This email contains confidential or proprietary
   information which
   may be legally privileged. It is intended only for the named
   recipient(s).
   If an addressing or transmission error has misdirected the
   email, please
   notify the author by replying to this message. If you are not
   the named
   recipient, you

Re: 3500XL - duplicate IP and Windows NT/2000 server [7:73868]

[Tom Martin]

As far as the duplicate MACs go, it sounds like you have a layer-2 loop. 
Especially considering that all of your servers are experiencing the 
problem. When they ARP to verify that no other station has their IP, 
they see their own ARP and assume that another station is doing the same 
thing.

Layer-2 Loops will also cause MACs to appear to be sourced from 
different switches in the network.

Is STP enabled everywhere? Mismatched channelling will also cause the 
same behavior.

Firesox wrote:
 I have a bunch of 3500XL switches thruout my customer's lan.
 They are having a problem with unknown mac keep appearing and disappearing
 from the network.
 
 I can trace the mac-address of the unknown station by show mac from the
 swtich CLI.
 What's strange is that it appears at one switch, but a minute later it
 appears in the different switch.
 
 what's even more strange is that all NT/2000 servers log shows there is an
 IP conflict with this mac address.
 Of course, the servers IP function stops due to this duplicate IP, but
comes
 back in a few minutes.
 All the servers report the duplicate IP comes from the same mac address.
 
 Has anyone seen this problem?
 
 Thanks
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73892t=73868
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: 3500XL - duplicate IP and Windows NT/2000 ser [7:73868]

[Tom Martin]

Oops, I read the post as if the MACs were duplicated.

I have also come across a situtation where a faulty station (Wyse 
terminal actually) responded to all ARPs as if it owned the IP. I had an 
interesting conversation with Wyse support who remained convinced that 
it was impossible for their terminals to do that, since they weren't 
programmed that way. The fact that I had a packet capture of it 
happening didn't even phase them!

I ended up tracing down the Wyse terminal via its MAC (it wasn't 
changing ports as described in the original post) and replaced it.

Windows computers use ARPs to detect duplicate IPs. Perhaps something 
similar is happening? It could also be a Proxy ARP issue.

Zsombor Papp wrote:
 There are duplicate IP addresses, not duplicate MACs. And all the duplicate
 IP addresses come from the same MAC address, as if a single machine had
 suddenly all the IP addresses configured on the same interface. I don't see
 how this can be attributed to a L2 loop.
 
 Firesox, what is this phantom MAC address?
 
 Thanks,
 
 Zsombor
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73912t=73868
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Back to Back Routers [7:73897]

[Tom Martin]

Keep in mind that neither the 1601 or the 2509 are beefy routers. You 
may be hitting a practical limitation. You may want to verify that CEF 
is enabled (or at least fast switching if CEF isn't supported).

How does your router CPU utilization look?

Paul Carter wrote:
 I have a 1601 router and a 2509 to practice with. I've connected them
 with a DCE/DTE cable off the s0 ports on each router and set a clock
 rate on the DCE end, the 1601. On Sundays I can use a fiber connection
 with this setup. I have this coming in the e0 on the 1601. The E0 on the
 2509 is crossover cabled to a PC.
 
 
 
 10Mbps in at switch(10.140.240.1/30) --- (10.140.240.2/30) e0-1601 /
 s0-1601(172.16.96.1/30) --- (172.16.96.2/30)s0-2509 /
 e0-2509(10.140.240.161/27)  (10.140.240.162/27)PC
 
 10.140.240.160 is my inside network
 
 My problem seems to be a lack of bandwidth to the PC end. At speed test
 sites on the net I'm only getting about 1.6 Mbps.
 I think I may be bottlenecked somewhere in the router back to back
 setup. The configs are close to what they were originally set up as to
 keep my boss happy in case he needs one in a hurry. I've changed the
 addresses to similar types of networks but private numbers. The ethernet
 ports are ARPA and the serial ports HDLC. I've set bandwidth to
 1Kbps at each port. I originally had the clock rate at 64000 but
 didn't know if that was a bottleneck.
 
 
 --
 Router1601#sh run
 Current configuration:
 !
 version 11.2(not enough memory to upgrade)
 service timestamps debug datetime msec localtime show-timezone
 service timestamps log datetime msec localtime show-timezone
 service password-encryption
 no service udp-small-servers
 no service tcp-small-servers
 !
 hostname 1601
 !
 boot system flash
 enable secret 5 
 enable password 7 
 !
 ip subnet-zero
 clock timezone PST -8
 clock summer-time pdt recurring
 !
 interface Ethernet0
  description E0 10Mbps connection to Fiber
  ip address 10.140.240.2 255.255.255.252
  media-type 10BaseT
  no cdp enable
 !
 interface Serial0
  description S0 to 2509 S0
  ip address 172.16.96.1 255.255.255.252
  bandwidth 1
  clockrate 400
 !
 no ip classless
 ip route 0.0.0.0 0.0.0.0 64.240.140.1
 ip route 10.140.240.160 255.255.255.224 172.16.96.2
 logging buffered 4096 debugging
 snmp-server community  RO
 !
 snip Banner stuff
 !
 end
 
 
 Router2509#sh run
 Current configuration : 2227 bytes
 !
 version 12.1
 no service single-slot-reload-enable
 service timestamps debug datetime msec localtime show-timezone
 service timestamps log datetime msec localtime show-timezone
 service password-encryption
 service udp-small-servers
 service tcp-small-servers
 !
 hostname Router2509
 !
 boot system flash
 enable password 7 
 !
 !
 clock timezone PST -8
 clock summer-time pdt recurring
 ip subnet-zero
 !
 interface Ethernet0
  description to LAN
  ip address 10.140.240.161 255.255.255.224
 !
 interface Serial0
  bandwidth 1
  ip address 172.16.96.2 255.255.255.252
  no fair-queue
 !
 interface Serial1
  no ip address
  shutdown
 !
 no ip classless
 ip route 0.0.0.0 0.0.0.0 172.16.96.1
 ip route 10.140.240.160 255.255.255.224 10.140.240.162
 no ip http server
 !
 end
 
 Any ideas?
 ...
 ...
 PC
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73947t=73897
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Back to Back Routers [7:73897]

[Tom Martin]

Keep in mind that neither the 1601 or the 2509 are beefy routers. You 
may be hitting a practical limitation. You may want to verify that CEF 
is enabled (or at least fast switching if CEF isn't supported).

How does your router CPU utilization look?

Paul Carter wrote:
 I have a 1601 router and a 2509 to practice with. I've connected them
 with a DCE/DTE cable off the s0 ports on each router and set a clock
 rate on the DCE end, the 1601. On Sundays I can use a fiber connection
 with this setup. I have this coming in the e0 on the 1601. The E0 on the
 2509 is crossover cabled to a PC.
 
 
 
 10Mbps in at switch(10.140.240.1/30) --- (10.140.240.2/30) e0-1601 /
 s0-1601(172.16.96.1/30) --- (172.16.96.2/30)s0-2509 /
 e0-2509(10.140.240.161/27)  (10.140.240.162/27)PC
 
 10.140.240.160 is my inside network
 
 My problem seems to be a lack of bandwidth to the PC end. At speed test
 sites on the net I'm only getting about 1.6 Mbps.
 I think I may be bottlenecked somewhere in the router back to back
 setup. The configs are close to what they were originally set up as to
 keep my boss happy in case he needs one in a hurry. I've changed the
 addresses to similar types of networks but private numbers. The ethernet
 ports are ARPA and the serial ports HDLC. I've set bandwidth to
 1Kbps at each port. I originally had the clock rate at 64000 but
 didn't know if that was a bottleneck.
 
 
 --
 Router1601#sh run
 Current configuration:
 !
 version 11.2(not enough memory to upgrade)
 service timestamps debug datetime msec localtime show-timezone
 service timestamps log datetime msec localtime show-timezone
 service password-encryption
 no service udp-small-servers
 no service tcp-small-servers
 !
 hostname 1601
 !
 boot system flash
 enable secret 5 
 enable password 7 
 !
 ip subnet-zero
 clock timezone PST -8
 clock summer-time pdt recurring
 !
 interface Ethernet0
  description E0 10Mbps connection to Fiber
  ip address 10.140.240.2 255.255.255.252
  media-type 10BaseT
  no cdp enable
 !
 interface Serial0
  description S0 to 2509 S0
  ip address 172.16.96.1 255.255.255.252
  bandwidth 1
  clockrate 400
 !
 no ip classless
 ip route 0.0.0.0 0.0.0.0 64.240.140.1
 ip route 10.140.240.160 255.255.255.224 172.16.96.2
 logging buffered 4096 debugging
 snmp-server community  RO
 !
 snip Banner stuff
 !
 end
 
 
 Router2509#sh run
 Current configuration : 2227 bytes
 !
 version 12.1
 no service single-slot-reload-enable
 service timestamps debug datetime msec localtime show-timezone
 service timestamps log datetime msec localtime show-timezone
 service password-encryption
 service udp-small-servers
 service tcp-small-servers
 !
 hostname Router2509
 !
 boot system flash
 enable password 7 
 !
 !
 clock timezone PST -8
 clock summer-time pdt recurring
 ip subnet-zero
 !
 interface Ethernet0
  description to LAN
  ip address 10.140.240.161 255.255.255.224
 !
 interface Serial0
  bandwidth 1
  ip address 172.16.96.2 255.255.255.252
  no fair-queue
 !
 interface Serial1
  no ip address
  shutdown
 !
 no ip classless
 ip route 0.0.0.0 0.0.0.0 172.16.96.1
 ip route 10.140.240.160 255.255.255.224 10.140.240.162
 no ip http server
 !
 end
 
 Any ideas?
 ...
 ...
 PC
 **Please support GroupStudy by purchasing from the GroupStudy Store:
 http://shop.groupstudy.com
 FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73913t=73897
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: FW: Has anyone configured a US Robotics Courier ISDN modem [7:73362]

[Tom Lisa]

Try sh isdn history or debug dialer.

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

[EMAIL PROTECTED] wrote:

 I have sorted this out..it is now working.

 Is there a command in ISDN to view the number dialled?
 I have connected an analogue telephone to the isdn modem and am using it of
 the isdn line.
 Is there a command for me to view the number I dialled and the statistics?
 My Router is a 2600 with isdn ports and 1 ethernet.

 Tx
 Pooven
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 Sent: 01 August 2003 09:58 AM
 To: [EMAIL PROTECTED]
 Subject: Has anyone configured a US Robotics Courier ISDN modem
 [7:7]

 Hi All,

 Has anyone configured a USRobotics courier ISDN/v.34 modem?
 I managed to install the correct drivers and have done the test through the
 USRobotics Courier I-modem Configuration Manager which results in a
 successful check on the line to the ISDN 2600 router.However when I dial to
 the router it errors with Error678 the remote computer did not respond.
 Has anyone has any ideas on this ISDN modem as I suspest that some
 configuration on the modem is wrong.

 Pooven




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73362t=73362
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com

Re: FW: Has anyone configured a US Robotics Courier ISDN modem [7:73393]

[Tom Lisa]

Try sh isdn history or debug dialer.

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

[EMAIL PROTECTED] wrote:

 I have sorted this out..it is now working.

 Is there a command in ISDN to view the number dialled?
 I have connected an analogue telephone to the isdn modem and am using it of
 the isdn line.
 Is there a command for me to view the number I dialled and the statistics?
 My Router is a 2600 with isdn ports and 1 ethernet.

 Tx
 Pooven
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 Sent: 01 August 2003 09:58 AM
 To: [EMAIL PROTECTED]
 Subject: Has anyone configured a US Robotics Courier ISDN modem
 [7:7]

 Hi All,

 Has anyone configured a USRobotics courier ISDN/v.34 modem?
 I managed to install the correct drivers and have done the test through the
 USRobotics Courier I-modem Configuration Manager which results in a
 successful check on the line to the ISDN 2600 router.However when I dial to
 the router it errors with Error678 the remote computer did not respond.
 Has anyone has any ideas on this ISDN modem as I suspest that some
 configuration on the modem is wrong.

 Pooven
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73393t=73393
--
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Re: Gigabit Copper Switch [7:73116]

[Tom Martin]

Don't forget that you are still limited by the Cross-stack maximum 
speed. You won't be able to get 90-Gbps across the 32-Gbps stack 
backplane.

Ismail Al-Shelh wrote:
 Hi chuck,
 
  I think they cisco mentioned it officially , yesterday I read some
 documents about the 3750 , and I found that you can take for example 3 port
 from the first switch and 4 ports from the second one and as much as you
can
 take from the other stacked switch and bundle them in a way they will act
as
 a single port, this is amaze I was thinking with myself that if I have 9
 switches stackable then I can bundle 5 ports from each switch , 5 x 9 = 45
 ports then the speed will be 45 Gig * 2 (full duplex) = 90 Gig , wow.
 
 Here is what was written 
 
 Cross-Stack EtherChannel Connections
 Because all the ports in a stack behave as one logical unit, EtherChannel
 technology can operate across multiple,physical devices in the stack. Cisco
 IOS Software can aggregate up to eight separate physical ports from any
 switches in the stack into one logical channel uplink. Up to 12
EtherChannel
 groups are supported on a stack.
 
 Refer to

http://www.cisco.com/application/pdf/en/us/guest/products/ps5023/c1244/ccmig
 ration_09186a008017b238.pdf
 
 Ismail




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73243t=73116
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: What protocol win? [7:73152]

[Tom Martin]

Pichit,

Both routing protocols will learn about the networks. Neither routing 
protocol will be responsible for placing the routes in the routers 
routing table -- the administrative distances of the routing protocols 
are both higher than the administrative distance of a directly connected 
interface. The networks will be in the routing table because they are 
directly connected, not because they are known via OSPF or BGP.

- Tom

Pichit Ruangroj wrote:
 Hi guys,
 I've a question to ask. Follow the config  show below. What routing
 protocol are supposed to put the route 203.113.38.0 , 203.113.39.0 and
 203.113.94.175 into the table? Shall it be OSPF or BGP?
 
 Pichit
 
  Config
 ===
 interface GigabitEthernet0/0/0
  ip address 203.113.38.241 255.255.255.0
 
 interface GigabitEthernet8/0/0
  ip address 203.113.39.241 255.255.255.0
 
 interface Loopback0
  ip address 203.113.94.175 255.255.255.255
 
 router ospf 100
  router-id 203.113.94.175
  log-adjacency-changes
  redistribute static subnets
  network 203.113.38.0 0.0.0.255 area 0
  network 203.113.39.0 0.0.0.255 area 0
  network 203.113.94.175 0.0.0.0 area 0
  maximum-paths 6
 !
 router bgp 9737
  no synchronization
  bgp router-id 203.113.94.175
  bgp log-neighbor-changes
  redistribute connected
  neighbor 203.113.94.182 remote-as 9737
  neighbor 203.113.94.182 update-source Loopback0
  neighbor 203.113.94.183 remote-as 9737
  neighbor 203.113.94.183 update-source Loopback0
  no auto-summary
  !
 
 = show ip route
 ===
 lty_vpngw_01#sh ip route 203.113.38.0
 Routing entry for 203.113.38.0/24
   Known via connected, distance 0, metric 0 (connected, via interface)
   Redistributing via bgp 9737
   Advertised by bgp 9737
   Routing Descriptor Blocks:
   * directly connected, via GigabitEthernet0/0/0
   Route metric is 0, traffic share count is 1
 
 lty_vpngw_01#sh ip route 203.113.39.0
 Routing entry for 203.113.39.0/24
   Known via connected, distance 0, metric 0 (connected, via interface)
   Redistributing via bgp 9737
   Advertised by bgp 9737
   Routing Descriptor Blocks:
   * directly connected, via GigabitEthernet8/0/0
   Route metric is 0, traffic share count is 1
 
 lty_vpngw_01#sh ip route 203.113.94.175
 Routing entry for 203.113.94.175/32
   Known via connected, distance 0, metric 0 (connected, via interface)
   Redistributing via bgp 9737
   Advertised by bgp 9737
   Routing Descriptor Blocks:
   * directly connected, via Loopback0
   Route metric is 0, traffic share count is 1




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=73164t=73152
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Cisco menu logins [7:72931]

[Tom Martin]

A couple of days ago I came across a new (to me anyway) Cisco feature, 
menus. So naturally I configured a router with menus to see how it 
works... Everything seems to work fine, except the login option.

When Telneting to this router, I use the username and password as 
specified within the configuration file (attached in its entirety at the 
end of this post). Note: The login authentication default command 
isn't under the line configuration because it's default. After logging 
in the menu immediately appears as expected.

All of the menu options work, but when I choose option 3 (which requires 
a second authentication), the command never runs! Here is an example 
where I re-authenticate properly:

... text omitted ...
9  Sign off

 Enter your selection, HUMAN: 3
Login required

User Access Verification

Username: fry
Password:

--More--
Welcome to my Cisco router
  All your base are belong to us.
... text omitted ...

Here is the output when I do not authenticate properly

... text omitted ...
9  Sign off

 Enter your selection, HUMAN: 3
Login required

User Access Verification

Username: alsdkfj;alsdkfj
Password:

% Authentication failed.

--More--
Welcome to my Cisco router
  All your base are belong to us.
... text omitted ...

Has anyone ever successfully configured menus with a secondary 
authentication? Any ideas???

- Tom

Full router configuration
-
Current configuration : 1593 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Rtr-3
!
logging queue-limit 100
enable secret 5 $1$F30N$HeewMLSkB0BkSZWKFr9BP1
!
username fry password 0 guy
aaa new-model
!
!
aaa authentication login default local
aaa session-id common
ip subnet-zero
!
!
no ip domain lookup
!
mpls ldp logging neighbor-changes
!
!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
!
!
!
interface Loopback0
  ip address 1.0.0.1 255.255.255.0
!
interface FastEthernet0/0
  no ip address
  shutdown
  duplex auto
  speed auto
!
interface Serial0/0
  no ip address
  shutdown
!
interface FastEthernet0/1
  ip address dhcp
  duplex auto
  speed auto
!
interface Serial0/1
  no ip address
  shutdown
!
ip http server
ip classless
!
!
!
!
menu TEST title ^C
 Welcome to my Cisco router
   All your base are belong to us.
^C
menu TEST prompt ^C Enter your selection, HUMAN: ^C
menu TEST text 1 Show IP routing stuff
menu TEST command 1 show ip route
menu TEST text 2 Show IP protocol info
menu TEST command 2 show ip protocol
menu TEST text 3 Show the time
menu TEST command 3 show clock
menu TEST options 3 login
menu TEST command bye menu-exit
menu TEST text 9 Sign off
menu TEST command 9 exit
menu TEST line-mode
!
!
radius-server authorization permit missing Service-Type
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
line con 0
  logging synchronous
line aux 0
line vty 0 4
  autocommand  menu TEST
!
!
end




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72931t=72931
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco menu logins [7:72931]

[Tom Martin]

But I should keep the All your base are belong to us line in there??? :)

It's a lab router!

- Tom

Reimer, Fred wrote:

If you use this in production you probably don't want to put Welcome in
there.  Plenty of note in Cisco course material on why not...

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.


-Original Message-
From: Tom Martin [mailto:[EMAIL PROTECTED] 
Sent: Thursday, July 24, 2003 9:47 AM
To: [EMAIL PROTECTED]
Subject: Cisco menu logins [7:72931]

A couple of days ago I came across a new (to me anyway) Cisco feature, 
menus. So naturally I configured a router with menus to see how it 
works... Everything seems to work fine, except the login option.

When Telneting to this router, I use the username and password as 
specified within the configuration file (attached in its entirety at the 
end of this post). Note: The login authentication default command 
isn't under the line configuration because it's default. After logging 
in the menu immediately appears as expected.

All of the menu options work, but when I choose option 3 (which requires 
a second authentication), the command never runs! Here is an example 
where I re-authenticate properly:

... text omitted ...
9  Sign off

 Enter your selection, HUMAN: 3
Login required

User Access Verification

Username: fry
Password:

--More--
Welcome to my Cisco router
  All your base are belong to us.
... text omitted ...

Here is the output when I do not authenticate properly

... text omitted ...
9  Sign off

 Enter your selection, HUMAN: 3
Login required

User Access Verification

Username: alsdkfj;alsdkfj
Password:

% Authentication failed.

--More--
Welcome to my Cisco router
  All your base are belong to us.
... text omitted ...

Has anyone ever successfully configured menus with a secondary 
authentication? Any ideas???

- Tom

Full router configuration
-
Current configuration : 1593 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Rtr-3
!
logging queue-limit 100
enable secret 5 $1$F30N$HeewMLSkB0BkSZWKFr9BP1
!
username fry password 0 guy
aaa new-model
!
!
aaa authentication login default local
aaa session-id common
ip subnet-zero
!
!
no ip domain lookup
!
mpls ldp logging neighbor-changes
!
!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
!
!
!
interface Loopback0
  ip address 1.0.0.1 255.255.255.0
!
interface FastEthernet0/0
  no ip address
  shutdown
  duplex auto
  speed auto
!
interface Serial0/0
  no ip address
  shutdown
!
interface FastEthernet0/1
  ip address dhcp
  duplex auto
  speed auto
!
interface Serial0/1
  no ip address
  shutdown
!
ip http server
ip classless
!
!
!
!
menu TEST title ^C
 Welcome to my Cisco router
   All your base are belong to us.
^C
menu TEST prompt ^C Enter your selection, HUMAN: ^C
menu TEST text 1 Show IP routing stuff
menu TEST command 1 show ip route
menu TEST text 2 Show IP protocol info
menu TEST command 2 show ip protocol
menu TEST text 3 Show the time
menu TEST command 3 show clock
menu TEST options 3 login
menu TEST command bye menu-exit
menu TEST text 9 Sign off
menu TEST command 9 exit
menu TEST line-mode
!
!
radius-server authorization permit missing Service-Type
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
line con 0
  logging synchronous
line aux 0
line vty 0 4
  autocommand  menu TEST
!
!
end




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72942t=72931
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: certification expire [7:72786]

[Tom Lisa]

You can continue to complete your CCNP exams, but you
will not be CCNP certified until you recertify your CCNA.
Normally, successfully completing a higher level exam would
recertify your lower level certification.  However, if it has
already expired then you must take that recert exam.

If you have any other questions you can contact Cisco
at:  www.cisco.com/go/certsupport

HTH,
Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Justin Vo wrote:

  Dear All,

  I would like to know what happen if my CCNA expire but i have two
  passed
  exams of the CCNP. Do you loose all these exams and redo the whole
  thing ?
  or can I continue with the CCNP once I redo my CCNA exam ?

  or even if you know any email of cisco that I can ask this question
  is also
  good.

  Much appreciate.
  Justin Vo
  [EMAIL PROTECTED]
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72815t=72786
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Starting off towards a CCNP [7:72734]

[Tom Lisa]

In the Academy program we offer BSCI first then
follow with BCRAN , BCMSN and finish with the
CIT course.

The new CIT exam, when released, is supposed
to kick the difficulty level up a couple of notches.

HTH,
Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

[EMAIL PROTECTED] wrote:

  hi ppl,
  Im planning to start on my ccnp--- first step joined groupstudy (as
  i did
  for my ccna ;-) ). Just have a few queries regarding the
  certification.
  1. I have the CCNP materials dated 2000. do they still hold good for
  the
  current certifications?
  2. Im planning to start of with the BCRAN certification first. Any
  opinions
  on that?
  thanks in advance...
  regards,
  aj
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72742t=72734
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ODR, was RE: CCDA: changes in syllabus. [7:72380]

[Tom Martin]

John,

I have come across ODR in production a couple of times. Up until 
recently I had thought that ODR worked quite well for hub and spoke 
topologies...

My most recent involvement with ODR occurred when replacing a 2621 with 
a 3745, which was the hub of the hub-and-spoke topology. I quickly 
learned that the 3745 doesn't enable CDP by default. I was also reminded 
that Cisco doesn't save configuration commands that are considered 
default...

What ended up happening was CDP was not enabled by default and when I 
enabled it (cdp run) the command wouldn't save because it was 
considered a default command! Each time the router booted CDP was 
disabled again!

I recommend to everyone that ODR not be used in a Cisco production 
environment. You never know when an IOS (platform?) bug will render your 
WAN unusable!

- Tom

John Neiberger wrote:
 
 
 I've never heard of anyone using ODR. Anyone here know of anyone using ODR
 in a production environment? Are there any environments where ODR is
 recommended over other options?
 
 John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72693t=72380
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Why ppp encaps at physical as well as dialer int? [7:72440]

[Tom Martin]

Greg,

The configuration on the dialer interface is used when making outbound 
calls. When an incoming call comes in, it isn't associated with a 
specific dialer interface. If you don't specify the encapsulation on the 
interface any incoming calls will be treated as HDLC.

- Tom

Greg Kirkness wrote:
 Subject pretty much says it all. Why is ppp encaps specified at the dialer
 interface as well as on the physical? Where are the LCP extensions
 available?
 
 Cheers




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72694t=72440
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Help PLEASE FAST [7:72603]

[Tom Martin]

Describe how your clients lose their network connection. Do IP pings 
fail? Does DNS lookups fail (say, pinging www.google.com)? Do server 
shares become unreachable? Is network neighborhood not working?

It also would be very helpful to get a network capture during the 
problem. If you don't already have a favorite, check out www.ethereal.com.

- Tom

E. Keith J. wrote:
 Hi all
 
 HELP!
 
 
  The clients on my network seem to be loosing their connection to the 
 network for no apparent reason. we have a main office and a spoke location 
 running over vpn.
 
 The problem seems to be at main office because it happens here and was 
 happening before the other location came on-line. There are some internal 
 DNS issues also. I haven't determined if they are related but is happening 
 at both locations now. it is a AD domain and the other site is part of the 
 domain. I need help in getting this resolved soon. I will try to answer
any
 questions as best I can.
 
  I know this may not be Cisco issue but I do have Cisco products and 
 this is the best list of people with experience will all types of problems 
 that I know. I know of none better. I know someone here has had this issue 
 before, and can help me. I just hope they read this email soon.
 
  A reboot of the machine seems to fix the problem. Lease time is 24
 hours.
 DHCP is being used. I need to resolve this soon as it is a critical 
 situation.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72701t=72603
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How do I check if load balancing works ? Catalyst 2900 and [7:72700]

[Tom Martin]

Chris,

Since you are choosing the link based on MAC addresses and only one 
switch LED is blinking, is your test traffic to stations located across 
a router? The router will obviously have a single MAC address, so 
EtherChannel based on MACs will use only a single link. Perhaps you 
should change to IP balancing.

Regarless of whether you use MAC or IP balancing, make sure that your 
test includes multiple destinations or you will only ever use one link!

- Tom

Chris wrote:
 Hi everybody
 
 
 I have a Compaq server with 2 NC3121 cards. According with the docs, the
 card supports Fast Etherchannel
 static configuration (ON).
 I couldn't find a procedure to set up Fast Etherchannel for the network
card
 so I did what I thought it was better.
 
 I selected the following :
 Teaming control =Load balancing
 Load balancing options:
 ---
 [x]Switch assisted load balancing
 [ ]Transmit load balancing
 ---
 [x ]Balance with MAC addresses
 [ ]Balance with IP addresses
 ---
 
 On the switch side I set up the following:
 
 interface Port-channel
  no ip address
  flowcontrol send off
 !
 interface FastEthernet0/1
  no ip address
  channel-group 1 mode on
 !
 interface FastEthernet0/2
  no ip address
  channel-group 1 mode on
 
 Everything looks fine, the redundancy works but how can I see if it works ?
 I mean the load balancing.
 I don't know the SNMP OID to monitor that interface. Judging by the
blinking
 lights it works only on one interface.
 I made the tests selecting different classes of IPs (10 mod 2 and 10 mod 5)
 for transmission on the server side
 I set up the switch on source balancing. Not very sure that both MAC aren't
 in the same class (MAC) mod 2.
 The 'show int' command shows me load only on the first interface of the
 channel.
 The 'debug etherchanel' shows that the switch senses the disconnecting of
 the interfaces (if I test this).
 
 Any clue ?
 Thank you
 Chris




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72700t=72700
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: 1601 flash card. [7:72560]

[Tom Martin]

Johan,

Sure! Linux has the ability to read and write various flash types and 
formats. I did something very similar a while back, albeit not with a 1600.

There's a really good chance that your Linux system will pick up the 
flash, but not necessarily out-of-the-box. I had to recompile my 
kernel before I could read flash cards...

Once the flash is recognized you may be able to mount the flash (if the 
filesystem is supported by the kernel). If not, and it probably won't 
be, perform a dd to image the flash card to a file -- it will be much 
easier and faster to work from.

If the format is proprietary, and honestly I have no idea what format is 
used by the 1600 series, then you might have to write a standalone 
interpreter for it. I've had to do this with some old CP/M images. 
Although it's not terribly difficult it does require a programming 
background.

If you just want to be able to read and write files using your notebook 
and don't care about being able to use them in your 1600 then things are 
a bit easier. You'll still have to know a thing or two about Linux though.

- Tom

Johan Bornman wrote:
 Can this type of flash card be installed in a notebook PCMCIA slot to copy
 files?
 
 
 
 This e-mail may contain confidential information and may be legally
 privileged and is intended only for the person to whom it is addressed. If
 you are not the intended recipient, you are notified that you may not use,
 distribute or copy this document in any manner whatsoever. Kindly also
 notify the sender immediately by telephone, and delete the e-mail. When
 addressed to clients of the company from where this e-mail originates (the
 sending company ) any opinion or advice contained in this e-mail is
subject
 to the terms and conditions expressed in any applicable terms of business
or
 client engagement letter . The sending company does not accept liability
for
 any damage, loss or expense arising from this e-mail and/or from the
 accessing of any files attached to this e-mail.
 
 At present, the integrity of e-mail across the Internet cannot be
 guaranteed and messages sent via this medium are potentially at risk.  The
 recipient should scan any attached files for viruses.  All liability
arising
 as a result of the use of this medium to transmit information by or to
 e-Innovation is excluded to the extent permitted by law.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72705t=72560
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: Late Friday Funnies [7:72614]

[Tom Lisa]

Let me apologise in advance for this one.
I just couldn't resist.

These friars were behind on their belfry payments,
so they opened up a small florist shop to raise funds.

Since everyone prefered to buy flowers from the men of
God, a rival florist across town thought the competition
was unfair. He asked the good fathers to close down,
but they would not.

He went back and begged the friars to close.
They ignored him. So, the rival florist hired Hugh MacTaggart,
the roughest and most vicious thug in town to persuade them
to close. Hugh broke their windows and trashed their store,
saying he'd be back if they didn't close up shop.

Terrified, they did so, thereby proving that ,
Hugh, and only Hugh, can prevent florist friars.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72614t=72614
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: cisco IOS [7:72454]

[Tom Martin]

KW S,

You need to obtain Smartnet on the routers. Once you do you will get a 
CCO and download access. Contact your local Cisco partner for more 
information:

http://tools.cisco.com/WWChannels/LOCATR/jsp/partner_locator.jsp

- Tom

KW S wrote:
 Dear all
 
 Does anyone know where I can download cisco IOS. I am not a cco member and
 therefore unable to access the cisco cco site.
 
 I just bought 2 used cisco 2501 and I want to upgrade the IOS to a more up
 to date version. Does ver 12.0 works on a 2501 ? what is the requirement to
 run ios ver 12.0 ?
 
 Regards, kws




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72491t=72454
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Static Routes and Administrative Distance [7:72495]

[Tom Martin]

John,

The behavior changed with the IOS releases. Newer IOS releases with 
static routes pointing to an interface will have an administrative 
distance of 1, not 0. Older versions will have an administrative 
distance of 0. Unfortunately I do not know the exact release in which 
the behavior changed.

The term myth is too strong and it's possible that the people that 
haven't worked with the older IOSs do not realize that this behavior was 
once different.

This is the output from one of my routers running 12.2(15)T:
   Lab#show ip route 10.1.1.0
   Routing entry for 10.1.1.0/24
 Known via static, distance 1, metric 0 (connected)
 Routing Descriptor Blocks:
 * directly connected, via Serial0
 Route metric is 0, traffic share count is 1

As far as I know, certification study materials still expect you to 
think that a static route to an interface has an AD of 0.

- Tom

John Neiberger wrote:
 I accidentally deleted the posting about this but I wanted to make a point.
 It's been said that a static route has an AD of 1 unless it points directly
 out an interface, in which case it has an AD of 0. Sasa just mentioned that
 this has been discussed in the past and is a myth. However, I'd like to
 agree with the 'myth'. 
 
 A directly connected route has an AD of 0. If you create a static route
 pointing directly out an interface, that route will show up as directly
 connected in the routing table, and would therefore have an AD of 0.  In
 fact, if you look at a static route you'll see the usual [AD/metric] listed
 as [1/0]. However, if you look at a static route pointing out an interface
 this is missing. This is because the router treats that route as if it were
 directly connected to the interface.
 
 If I'm wrong about this--and I certainly might be--please let me know where
 my reasoning is incorrect.
 
 Regards,
 John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72501t=72495
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Standard ACLs and distribute-list [7:72253]

[Tom Martin]

Fred,

If the access-list were applied as an inbound or outbound interface 
filter, it would match a single host. Since the access-list is being 
applied using a distribution list it doesn't match just a single host -- 
it matches the network 131.108.0.0 and must match every bit exactly.

It wouldn't hurt to have access-list 1 permit 131.108.0.0 0.0.255.255, 
which also matches 131.108.0.0. But in theory it could also allow other 
networks to be advertised (such as 131.108.1.0, 131.108.2.0, etc). Since 
you're running RIP I this wouldn't be an issue, but personally I think 
having the specific host match is cleaner.

Remember that the wildcard only specifies which bits must be an exact 
match and which bits are wild. Using the host keyword (or wildcard 
0.0.0.0) does not necessarily imply that you are matching a host, it 
just means that every bit must match!

Cisco's documentation was not wrong.

- Tom

Reimer, Fred wrote:
 Here's what should be a simple question.
 
  
 
 If standard access lists are used with a distribute list, how is the mask
 treated if none is specified in an ACE?  The Cisco documentation says:
 
  
 
 The following router configuration mode example causes only one network
 
 (network 131.108.0.0) to be advertised by a RIP routing process:
 
  
 
 access-list 1 permit 131.108.0.0
 
 access-list 1 deny 0.0.0.0 255.255.255.255
 
 router rip
 
  network 131.108.0.0
 
  distribute-list 1 out
 
  
 
 I asked one of the mentors at KnowledgeNet, and they said:
 
  
 
 That is not a network, 131.108.0.0.  It is a host.  You must add the
 
 wildcard mask to make it a network address.
 
  
 
 Sorry, but the Cisco doc is incorrect.
 
  
 
 So, the entry in the routing table is 131.108.0.0/16, yet Cisco
 documentation says that a ACE entry of 131.108.0.0 with no wildcard
 specified, would match.  How, exactly, does IOS match routing entries when
 using a standard ACL in a distribute list?  Does it consider any ACEs
 without a mask to have a normal classful mask?  Like 131.108.0.0 would have
 a mask of /16, and 192.168.1.0 would have a mask of /24?  Another example
in
 the IOS 12.2 docs is:
 
  
 
 In the following example, access list 1 is applied to outgoing routing
 
 updates, and Intermediate Sytem-to-Intermediate System (IS-IS) is enabled
on
 
 Ethernet interface 0. Only network 131.131.101.0 will be advertised in
 
 outgoing IS-IS routing updates.
 
  
 
 router isis
 
  redistribute ospf 109
 
  distribute-list 1 out
 
 interface Ethernet 0
 
  ip router isis
 
 access-list 1 permit 131.131.101.0 0.0.0.255
 
  
 
 So, it would appear that if you don't want the classful mask to be used
 (when none is specified in the ACE) then you need to include wildcard bits.
 
  
 
 Thanks,
 
 Fred Reimer - CCNA
 
 Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
 Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050
 
 NOTICE; This email contains confidential or proprietary information which
 may be legally privileged. It is intended only for the named recipient(s).
 If an addressing or transmission error has misdirected the email, please
 notify the author by replying to this message. If you are not the named
 recipient, you are not authorized to use, disclose, distribute, copy, print
 or rely on this email, and should immediately delete it from your computer.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72293t=72253
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Standard ACLs and distribute-list [7:72253]

[Tom Martin]

Comments are inline.

Reimer, Fred wrote:

So would it match a network of 131.108.0.0/24?  From what Cisco says, that
it matches the classful mask if none is specified, it should not match.
From what you say it sounds like you think it would match.
  


An access-list with wildcards (131.108.0.0 0.0.255.255) would match 
131.108.0.0/16, 131.108.0.0/24 and 131.108.1.0/24. The fact that there 
is a 24-bit prefix on some of these networks doesn't really matter, only 
the network bits are being matched.

I don't think wildcard bits are real wildcard bits when used in a distribute
list.  I think they are used to match the prefix of the route in the routing
table.  Your theory about 131.108.0.0 0.0.255.255 possibly matching other
networks, such as 131.108.1.0/24 (presumably /24) and 131.108.2.0/24 is an
interesting theory, but I'd like to know the facts.  I don't have time to
test this at the moment myself, but I certainly will once we get our CCIE
lab up and running.
  


Wildcard bits are real wildcard bits even in distribute lists. If you 
want to permit/deny based on prefix length you need to use a prefix-list 
instead of an IP access-list so that you can match on both the network 
and prefix length.

Fred Reimer - CCNA


Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177  Cell: 770-490-3071  Pager: 888-260-2050


NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72310t=72253
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: What Hardware do I need? [7:71712]

[Tom Martin]

Justin,

The lab I use is at work, and I need remote access to it to do labs at 
home. I use a Linux PC with a Moxa PCI serial port card (8 serial 
ports). With the 2 built-in serial ports, I can connect to 10 Cisco 
devices. I have users set up so that when user R1 logs in via SSH the 
console window immediately appears...

I looked around and found it to be much more cost effective than 
purchasing a used 2509, as well as far more functional since it also 
serves as a source of traffic. I also have home-grown scripts to 
automate the downloading and archiving of router configs/network 
topology which is nice.

Anyway, that's what worked for me.

- Tom

Justin Clark wrote:
 I currently have 3 2501 routers and a 1924 switch.  I use them as a study
 lab but when I'm not using it, it just sits there.  I'm trying to find out
 what is the least expensive way to share those to the internet.  I want to
 be able to give access to one IP that a person can telnet to and then
 console out to the 4 devices.  What do i need to do this?  Console server,
 terminal server, what?  Preferably I would like it to be a seperate piece
of
 hardware so i can just leave the cisco hardware on and no need a computer
to
 run it all.  Also, keep in mind, i'm just doing this some someone else can
 get use out of them when I'm not using them so i really dont want to spend
a
 lot of money to get this up and running.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72006t=71712
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco catalyst 3548 and Radius [7:71991]

[Tom Martin]

Robert,

Kind of annoying isn't it? I looked a while ago and the short answer was 
it's not there and you can't do it. Some quick checking on Cisco's site 
showed that they might finally have released it in newer code though:

http://www.cisco.com/en/US/partner/products/hw/switches/ps637/prod_release_note09186a00800c8102.html#xtocid17

The release notes are for 12.0(5)WC5a, which might not even be the 
latest. Perhaps you just need to update your software?

- Tom

Robert Perez wrote:
 Hi all,
 
 I am configuring Radius on a cat 3548 and I do not have the global config
 radius command available.  Anyone know what the commands ought to be to
 create a server, key, etc.. Normally it is Radius-server key, radius-server
 host..  Can't figure it out..  
 
 I have IOS  12.0(5.2)XU




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=72009t=71991
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Quoting in Replies [7:71366]

[Tom Lisa]

Oh dear, first I'm threatened with an attorney
and now The Howard has threatened me with
Deanna's mom.  It is indeed time to cease and
desist.  I'll be good now.

Worf the Contrite

Howard C. Berkowitz wrote:

  Need I have Lxwana talk to both of you?

  At 11:57 PM + 7/2/03, Tom Lisa wrote:
  Puny Marvin,
  
  It is appropriate that you ended you last sentence
  with I'm afraid.  You should be afraid, very
  afraid!!!   I have the new and improved, ultra
  special, galaxy class disrupter.  I say pshaw to
  your lowly Q-36.
  
  This will be my last statement on this as I must
  return to annihilating useless  redundant posts
  on the associate list!  HAHAHAHAHA
  
  No regards,
  Worf the Merciless Moderator
  
  John Neiberger wrote:
  
 Worf the Moderator dares challenge Marvin the Moderator??  My
 Illudium Q-36
 Explosive Space Modulator can easily disrupt your puny  Klingon
 Disrupter
 Ray!  Your threat forces me to take drastic action and I'm going
  to
 have to
 blow up your entire planet, I'm afraid.
  
 Kind regards,
 Marvin
  
  Tom Lisa 7/2/03 12:56:58 AM 
 Stop this thread immediately or I will be forced to annihilate
  all of
 you with my Anti-Proton Sub-Space Internet Disrupter Ray!
  
 Worf
  
 Wilmes, Rusty wrote:
  
 According article 4 section 10 subsect ym, of the Charter Of
 Interspatially
 Recognized Internet Keyword Search Lookup People, use of
  illudium, in
 either
 a peaceful or dastardly fasion, is punishable by Death Ray.
  
 Ming The Merciless
  
 -Original Message-
 From: John Neiberger [mailto:[EMAIL PROTECTED]
 Sent: Tuesday, July 01, 2003 3:51 PM
 To: [EMAIL PROTECTED]
 Subject: Re: Quoting in Replies [7:71366]
  
 Cosmic ray machines are a violation of the GroupStudy TOS. 
  Please
 discontinue the use of such devices.  Failure to comply will
  result
 in
 retaliation with an Illudium Q-36 Explosive Space Modulator.
  
 Your compliance is appreciated,
 Marvin
  
  David Cooper 7/1/03 4:30:09 PM 
 On Tuesday 01 July 2003 15:29, Jamie Johnson wrote:
  Cool! My cosmic ray machine must be working. Better put on
  your
 tinfoil
  hats.
 
  From: Recent escapee from the ex-dot.commer insane asylum
 
  John Neiberger wrote:
- jvd 7/1/03 12:32:02 PM 
   
   Hi my Quote button disappeared! No serious, there used to be
  a
  
   quote
   button
  
   next to my Post button but now it's gone. I refreshed the
  page
  
   as well and
  
   still nothing. Maybe the cosmic rays hit my PC's memory,
  
   corrupted it and
  
   deleted my Quote button :-)
   
   No serious, is anybody else also having this problem?
  
   That's rather odd.  What browser are you using?
  
 Could that be considered a Denial of Service attack?
 [EMAIL PROTECTED]
 [EMAIL PROTECTED]
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=71882t=71366
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Quoting in Replies [7:71366]

[Tom Lisa]

Stop this thread immediately or I will be forced to annihilate all of
you with my Anti-Proton Sub-Space Internet Disrupter Ray!

Worf

Wilmes, Rusty wrote:

  According article 4 section 10 subsect ym, of the Charter Of
  Interspatially
  Recognized Internet Keyword Search Lookup People, use of illudium, in
  either
  a peaceful or dastardly fasion, is punishable by Death Ray.

  Ming The Merciless

  -Original Message-
  From: John Neiberger [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, July 01, 2003 3:51 PM
  To: [EMAIL PROTECTED]
  Subject: Re: Quoting in Replies [7:71366]

  Cosmic ray machines are a violation of the GroupStudy TOS.  Please
  discontinue the use of such devices.  Failure to comply will result
  in
  retaliation with an Illudium Q-36 Explosive Space Modulator.

  Your compliance is appreciated,
  Marvin

   David Cooper 7/1/03 4:30:09 PM 
  On Tuesday 01 July 2003 15:29, Jamie Johnson wrote:
   Cool! My cosmic ray machine must be working. Better put on your
  tinfoil
   hats.
  
   From: Recent escapee from the ex-dot.commer insane asylum
  
   John Neiberger wrote:
 - jvd 7/1/03 12:32:02 PM 

Hi my Quote button disappeared! No serious, there used to be a
   
quote
button
   
next to my Post button but now it's gone. I refreshed the page
   
as well and
   
still nothing. Maybe the cosmic rays hit my PC's memory,
   
corrupted it and
   
deleted my Quote button :-)

No serious, is anybody else also having this problem?
   
That's rather odd.  What browser are you using?

  Could that be considered a Denial of Service attack?
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=71772t=71366
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Quoting in Replies [7:71366]

[Tom Lisa]

Puny Marvin,

It is appropriate that you ended you last sentence
with I'm afraid.  You should be afraid, very
afraid!!!   I have the new and improved, ultra
special, galaxy class disrupter.  I say pshaw to
your lowly Q-36.

This will be my last statement on this as I must
return to annihilating useless  redundant posts
on the associate list!  HAHAHAHAHA

No regards,
Worf the Merciless Moderator

John Neiberger wrote:

  Worf the Moderator dares challenge Marvin the Moderator??  My
  Illudium Q-36
  Explosive Space Modulator can easily disrupt your puny  Klingon
  Disrupter
  Ray!  Your threat forces me to take drastic action and I'm going to
  have to
  blow up your entire planet, I'm afraid.

  Kind regards,
  Marvin

   Tom Lisa 7/2/03 12:56:58 AM 
  Stop this thread immediately or I will be forced to annihilate all of
  you with my Anti-Proton Sub-Space Internet Disrupter Ray!

  Worf

  Wilmes, Rusty wrote:

  According article 4 section 10 subsect ym, of the Charter Of
  Interspatially
  Recognized Internet Keyword Search Lookup People, use of illudium, in
  either
  a peaceful or dastardly fasion, is punishable by Death Ray.

  Ming The Merciless

  -Original Message-
  From: John Neiberger [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, July 01, 2003 3:51 PM
  To: [EMAIL PROTECTED]
  Subject: Re: Quoting in Replies [7:71366]

  Cosmic ray machines are a violation of the GroupStudy TOS.  Please
  discontinue the use of such devices.  Failure to comply will result
  in
  retaliation with an Illudium Q-36 Explosive Space Modulator.

  Your compliance is appreciated,
  Marvin

   David Cooper 7/1/03 4:30:09 PM 
  On Tuesday 01 July 2003 15:29, Jamie Johnson wrote:
   Cool! My cosmic ray machine must be working. Better put on your
  tinfoil
   hats.
  
   From: Recent escapee from the ex-dot.commer insane asylum
  
   John Neiberger wrote:
 - jvd 7/1/03 12:32:02 PM 

Hi my Quote button disappeared! No serious, there used to be a
   
quote
button
   
next to my Post button but now it's gone. I refreshed the page
   
as well and
   
still nothing. Maybe the cosmic rays hit my PC's memory,
   
corrupted it and
   
deleted my Quote button :-)

No serious, is anybody else also having this problem?
   
That's rather odd.  What browser are you using?

  Could that be considered a Denial of Service attack?
  [EMAIL PROTECTED]
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=71803t=71366
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Multipoint cost [7:71619]

[Tom Martin]

Mohamed,

OSPF calculates costs based on interface bandwidth, each router 
assigning the link cost based on its idea of the bandwidth. For 
multipoint the costs for a link may be different depending on which 
router it is being viewed from.

- Tom

Mohamed Saro wrote:
 How can the router calculate the OSPF cost for multipoint interface 
  
 --  Cost 100 Cost 390  
 I   R1   I-IR2I
 II Bandwidth 1024Bandwidth 256 I  I
 --  Multipoint Int'f   




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=71689t=71619
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: IP Multicast [7:71577]

[Tom Martin]

rbx10,

224.0.0.0-255 multicast addresses are translated into L2 addresses the 
same way as the rest of the multicast addresses. For Ethernet, the MAC 
address becomes 0100.5e followed by the last 23 bits of the multicast IP 
address.

Take 224.0.0.1. Last 23 bits are 000  0001. Translate 
the last 23-bits back into hexadecimal (00.0001). The MAC address 
becomes 0100.5e00.0001.

The fact that the multicast packets will never leave the segment 
(routers never forward the packets, TTL=1 as a failsafe) does not affect 
  how the L2 addresses are derived.

- Tom

rbx10 Defcom wrote:
 I understande how Multicast routers should not forward any multicast
 datagram with destination addresses in this range (224.0.0.0 - 224.0.0.255
)
 bec. of ttl not able the address to go to the next hop.
 But I dont' remember how those addresses are translated to L2 addresses. Or
 maybe I'm not reading into it...or the link local terminology is throwing
me
 off.
 
 Thanks all for you answers. 
 rbx10Priscilla Oppenheimer wrote:




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=71693t=71577
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Access-list ?? [7:71684]

[Tom Lisa]

You might try the below:

access-list 10 deny   192.100.34.96 0.0.0.3
access-list 10 deny   192.100.34.151 0.0.0.0
access-list 10 deny   192.100.34.152 0.0.0.7
access-list 10 permit 192.100.34.96 0.0.0.31
access-list 10 permit 192.100.34.128 0.0.0.31

The 1st three lines block the unwanted portions
of the ranges allowed by the last 2 lines.  Don't
forget the implied deny all after the last line that
blocks all other addresses.  Some folks like to put
an explicit deny any as the last line.  Can be
applied inbound on the external interface(s) or
outbound on the internal interface(s).

Happy 4th of July! :)

HTH,
Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Hyman, Craig wrote:

  ALL-

  I know you have answered this question before, but I hope somewhere
  in your
  4th of July heart you can help me.

  I have a 1600 router running a 12021 IP PLUS --- I have tried to add
  access-lists to block all sites incoming except 192.100.34.100-150.

  Can someone help with the correct lists.

  Thanks in advance

  SRS Level 2
  SRS Implementation Team
  Cell phone# 720-840-4887
  SUN PH# 303-272-2661
  Virtual Office# 303-604-0037
  [EMAIL PROTECTED]
  [EMAIL PROTECTED]
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=71704t=71684
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Proxy [7:70959]

[Tom Martin]

Gbenga,

Proxy Server 2.0 was the last version released before ISA server, and it 
did not support transparent proxy. Supporting transparent proxy is 
important here, since the HTTP header for a proxy request will always 
contain certain lines (such as Host:), whereas direct HTTP 1.0 
requests may eliminate these lines.

For a proxy server to work correctly, it is important that it know both 
the destination IP/host and the URL. If the proxy does not receive all 
of the required information, it can't service the proxy client. I am 
more familiar with Squid (I don't know whether Squid is supported on 
Windows) which can be configured to fix-up HTTP requests on the fly 
(recreating the Host line from the URI for example), allowing it to be 
used as a transparent proxy...

IP helper addresses don't apply to the problem you are trying to solve. 
Policy-based routing and WCCP won't do anything for you either, since 
you are limited by the Proxy server. You either have to use the bundled 
Proxy client software to force users to use the proxy or use a different 
proxy server.

- Tom

OLUGBENGA BANKOLE wrote:
 Tom,
 I refer to Microsoft Proxy server. i.e can I direct traffic to a microsoft
 proxy just like I would a DHCP server by using the ip helper address
command.
  
  
 Regards,
 Gbenga
 
 
 To God be the Glory.Gbenga.
 
 -
 Do you Yahoo!?
 SBC Yahoo! DSL - Now only $29.95 per month!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=71139t=70959
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Transporting Multiple Vlans over point-to-point [7:71074]

[Tom Martin]

Alaerte,

I can think of a couple ways to doing this. Be forewarned. Both are ugly.

Method #1: Relocate the servers /30 subnet
--

We'll say the server's IP address is 192.3.3.254/24. Create a secondary 
IP address on R2 for 192.3.3.252/30. R2's secondary address becomes 
192.3.3.253/30, the server can stay 192.3.3.254/24. Make sure that R3 
knows how to reach the 192.3.3.252/30 subnet (either static route or a 
classless routing protocol).

How it works:

Proxy ARP. Stations on VLAN 300 attempting to connect to the server will 
ARP for 192.3.3.254, for which R3 has a better route, and will respond 
to the ARP with its own MAC. Traffic to 192.3.3.254 will be routed to 
R2. The reverse will happen when 192.3.3.254 attempts to respond to the 
client, it ARPs, R2 knows of a route and responds with its MAC, the 
packet is routed back.

Other info:

- I've assumed that the server address was 192.3.3.254, it could have 
been anything. The /30 subnet would change accordingly.
- I've assumed that .252 and .253 were not already in use. If they were, 
connectivity to these stations would be broken. You can get around this 
problem by configuring (and redistributing) static routes for 
192.3.3.252/32 and 192.3.3.253/32 pointed back towards Vlan 300 on R3.
- L2 Broadcasts will not be available to/from the new server


Method #2: Virtual router
-

This method has the unique property of being both cleaner (from a caveat 
perspective) and uglier at the same time. Imagine walking into this at a 
customer site -- how long would it take you to figure out what was going 
on? :)

Once again we'll say the server's IP address is 192.3.3.254/24. 
Configure a static route on R3 as follows:

 ip route 192.168.3.254 255.255.255.255 (ip_of_R2)

On R2, determine an IP address that isn't used for use as a virtual 
router. We'll say 192.168.2.254/24 isn't used. Create a static route on 
R2 to the server through the virtual router:

 ip route 192.168.3.254 255.255.255.255 192.168.2.254

The virtual gateway doesn't exist so pings to it will fail. Don't worry 
about that yet. Move the server to VLAN 200 without changing its IP 
address or mask. Determine the MAC address of the server. We'll say 
0001.0002.0003. On R2, configure the MAC for the virtual router to be 
the server's IP:

 arp 192.168.2.254 0001.0002.0003 arpa

You must perform similar steps on the server. We'll assume that its 
default gateway has not changed. We'll also assume that its default 
gateway was 192.3.3.1. Configure a static ARP entry for the default 
gateway that reflects R2's Ethernet MAC (0102.0304.0506):

 arp -s 172.30.16.254 01:02:03:04:05:06

Make sure that R3 knows how to reach the 192.3.3.254/32 subnet (either 
add a static route or redistribute on R2).

How it works:

Vlan 300 stations broadcast ARP, and R3 responds with its MAC (Proxy 
ARP). R3 forwards the packets to R2. R2 forwards the packets directly to 
the server (although it believes it is forwarding to another gateway). 
The server receives the packet because the MAC was correct, notices that 
it is the end station, and processes the packet. Traffic from the server 
to VLAN 300 is possible using Proxy ARP as describe in Method 1. Traffic 
to/from other VLANs (VLAN 100) will also work fine since the server 
forwards all of its default gateway traffic to the correct default 
gateway, R2.

Other info:

- I've assumed that the server address was 192.3.3.254, it could have 
been anything.
- The only 192.3.3.0/24 address used on VLAN 200 (other than the servers 
IP) is the Ethernet IP address of R3.
- L2 Broadcasts will not be available to/from the new server
- Pings to the virtual router will fail (it /is/ virtual after all), 
even though the server will have full network connectivity.


If you get around to actually doing either of these in the lab and run 
into trouble, let me know (the above was written from memory, and I may 
have missed a step or two). I originally came across these ideas after 
reading Doyle and configured them in the lab just to see if I could pull 
it off. Yep. :)

You would be surprised with some of the crazy labs you can make for 
yourself when IP addresses don't need to be contiguous or need to match 
the local router!

- Tom


alaerte Vidali wrote:
 Need to transport multiple Vlans over PoS.
 
 Any Thoughts?
 
 It is a short term need.  It is necessary to move a server without changing
 its IP address from Vlan 300 to Vlan 200 and a server from Vlan 100 to Vlan
 200.
 
 
 Vlan 100 (192.1.1.0)  R1 --- R2 (192.2.2.0) Vlan 200
|  |
|  |
 Vlan 300 (192.3.3.0) R3---




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=71147t=71074
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct

Re: VTP Domain Server Question [7:70942]

[Tom Martin]

Dave,

Comments are inline.

- Tom

Dave C. wrote:
 I have a question regarding VTP.
 
 I am working with a network configuration that has dual 6509's as core
 switches.  One is the VTP domain server, the other is a VTP domain client. 
 All other 4000 switches are defined as client also.
 
 I need to take both 6509's down to upgrade the Cat-OS on them, however I am
 concerned about what happens to the other switches when the VTP domain
 server goes away while the other 6509 is in client mode.

You will not have ANY problems taking down the VTP servers and leaving 
only clients in your network. VTP server and VTP clients perform almost 
identical roles. The only difference between the two is that you can 
console (or Telnet) in to make VLAN and VTP modifications on a VTP 
server, VTP clients must learn their changes from other switches in the 
network.

VTP clients learn, remember (while they have power anyway) and propagate 
VTP information, just as VTP servers do. Your other switches will not be 
affected while the VTP servers are offline, aside from obvious 
connectivity limitations. :)

 
 I know that I can assign multiple VTP servers to a domain.  My original
 thought is to first make sure that the client 6509 is running the same VTP
 revision # as the server 6509.  Then I should be able to change the client
 6509 to VTP server mode.  Then in theory either server can take over VTP
 responsibilites, because one will be able to act as the other if the other
 one goes away.

You can have multiple servers in the VTP domain, but there is no take 
over responsibilities functionality. VTP servers and VTP clients both 
learn and propagate VTP information. VTP servers will learn VTP 
information from clients (assuming the client has a higher revision 
number) just like VTP clients will learn VTP from VTP servers (assuming 
the server has a higher revision number).

You need at least one VTP server in your network, since the VTP server 
remembers its VTP information between reboots (also you need at least 
one switch in your network where you can change VLAN information, right? 
:) Once you have chosen at least one switch to be a VTP server, the 
remaining switches in your network can be VTP clients or VTP servers. 
There are some notable design and redundancy issues with having only a 
single VTP server -- but network functionality will not be affected.

I think that VTP client is supposed to be a security safeguard, keeping 
changes from being made except from authorized (VTP server) switches. 
But that has never really make sense to me since you need to be in 
enable mode to change VLAN information anyway. If you have access to 
enable mode you can just as easily change the switch to VTP server, make 
your changes, then change the mode back to client. There's no real 
security advantage.

 
 What I was also wondering, do all VLAN's go disabled if I were to only have
 a single VTP server and shut it down when the rest of the switches are
 clients?  If so, would this happen right away, or after 5 minutes? If I
take
 the 6509 server down, it will not be able to tell anyone that a topology
 change has occurred, but will the clients be looking for the VTP 5 minute
 updates?
 

VLANs will not be disabled unless you power off all of your VTP servers 
and reboot all of your VTP clients at the same time.

 If anyone could help clarify this, I would appreciate it.

Based on the other posts, I seem to be going against conventional 
thinking. If you need further clarification, I can provide CCO links.

 
 Thanks.
 
 Dave C.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70971t=70942
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP problem [7:70797]

[Tom Lisa]

It's probably a LinkSys Hub.  Didn't Cisco buy them a short time ago? :)

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Larry Letterman wrote:

  Priscilla has a Hub that makes dinner..wonder when I can the cisco
  people
  To make switches that will do that.

  Larry Letterman
  Cisco Systems

  -Original Message-
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, June 17, 2003 6:53 PM
  To: [EMAIL PROTECTED]
  Subject: Re: STP problem [7:70797]

  My hub is calling me to dinner so I have to make this quick.
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70910t=70797
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: dhcp packets not visible in 6509 [7:70898]

[Tom Martin]

Vik,

There could be any number of reasons that DHCP isn't working. The client 
may not be requesting DHCP, the switch may not have portfast enabled, a 
router not having an IP helper address, DHCP server offline, DHCP server 
without a scope for the VLAN, and so on.

Perform a packet trace from the DHCP client and if necessary on the DHCP 
server (using SPAN). You will be able to determine the problem by 
identifying which packets are present in the capture and which are not.

For example, you may find that the client sends a DHCP discovery packet 
but does not receive an offer packet from the DHCP server. If you see 
the same behavior on the server port (discovery, no offer) then it's 
possible that:

  - The DHCP server isn't operational or the service/daemon isn't running
  - The DHCP server doesn't have a scope defined for that VLAN
  - The DHCP server has run out of IP addresses for that VLAN

On the other hand, if you the capture shows a discovery packet is sent 
by the client but the packet is never seen by the DHCP server it's much 
more likely that you have a missing (or incorrect) IP helper address.

Once you perform the packet capture(s) you will probably need no further 
help. If you do, the information obtained from the capture would be 
enough for the group to point you in the right direction.

- Tom

Vik Vikky wrote:
 Hi *,
 
 am fairly new to cisco products/ commands.
 
 have a problem
 got a WS-X6348-RJ-45 module at slot 3 of 6509. In which am unable to get 
 DHCP broadcast /address from the main dhcp server.
 configured all the ports to respective vlan-x and at the routing module in
a
 core switch (6509 with msfc) I hv given the ip helperaddress for this vlan.
 rest of the catalyst 4006 switch fetches dhcp frm this scope.
 
 Below is the module capabilities:
 
 Type 10/100BaseTX
 Speedauto,10,100
 Duplex   half,full
 Trunk encap type 802.1Q,ISL
 Trunk mode   on,off,desirable,auto,nonegotiate
 Channel  yes
 Broadcast suppressionpercentage(0-100)
 Flow control receive-(off,on),send-(off)
 Security yes
 Dot1xyes
 Membership   static,dynamic
 Fast start   yes
 QOS scheduling   rx-(1q4t),tx-(2q2t)
 CoS rewrite  yes
 ToS rewrite  DSCP
 UDLD yes
 Inline power no
 AuxiliaryVlan1..1000,1025..4094,untagged,dot1p,none
 SPAN source,destination
 COPS port group  3/1-48
 Link debounce timer  yes
 
 
 Module configuration:
 
 set vlan 68   3/1-48
 set port auxiliaryvlan 3/1-48 none
 set port qos 3/1-48 trust-ext untrusted
 set port qos 3/1-48 cos-ext 0
 set port enable 3/1-48
 set port speed  3/1-48  auto
 set port trap   3/1-48  enable
 set port name   3/1-48
 set port dot1x 3/1-48 port-control force-autho
 set port dot1x 3/1-48 multiple-host disable
 set port dot1x 3/1-48 re-authentication disabl
 set port security 3/1-48 disable age 0 maximum
 set port broadcast  3/1-48  100.00%
 set port membership 3/1-48  static
 set port protocol 3/1-48 ip on
 set port protocol 3/1-48 ipx auto
 set port protocol 3/1-48 group auto
 set port flowcontrol3/1-48 send off
 set port flowcontrol3/1-48 receive off
 set cdp enable   3/1-48
 set udld disable 3/1-48
 set udld aggressive-mode disable 3/1-48
 
 Cat-OS version:
 
 cat6000-sup.6-3-9.bin
 
 
 
 Can you guide me, anything I am missing out.
 
 Thank you
 
 _
 Get 10mb of inbox space with MSN Hotmail Extra Storage 
 http://join.msn.com/?pgmarket=en-sg




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70926t=70898
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Bridging [7:70912]

[Tom Martin]

Milind,

The 3550 switches do not support AppleTalk, which explains why your 
printer doesn't work when you disable bridging. Have you tried enabling 
TCP/IP printing on the printer?

If you're running an older MacOS, TCP/IP printing may not be available 
to you. I'm not intimately familiar with MacOS, nor did you indicate 
which version of Mac OS you are using, but OSX supports both AppleTalk 
and TCP/IP. If your clients are not OSX you can configure an OSX print 
server (spooler) that prints to the printer using TCP/IP but advertises 
the printer to the local VLAN using AppleTalk.

I've assumed that since you're running Macs that you probably have 
access to an OSX server. If not, you can accomplish the same thing using 
Linux, Windows or Netware.

- Tom

milind tare wrote:
 Dear All,
 
 
  I have following setup in my company
 
 2 Core 6506 Redundancy
 
 3500 series distribution and access switches.
 
 configured 20 vlan's in my network and having 130
 switches. configured bridging in my network. but now i
 remove netbios from user's PC. 
 
 And in my network i hv Network printer which is
 running on MAC. if i remove bridging from my network
 it will affect on network printer. i mean network
 printer will not work if i remove bridging.
 
 can anyone give me solution on this. coz i want to
 remove bridging from the network.
 
 Thanks  Regards,
 Milind Tare
 
 __
 Do you Yahoo!?
 SBC Yahoo! DSL - Now only $29.95 per month!
 http://sbc.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70930t=70912
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: STP problem [7:70797]

[Tom Martin]

Chris,

STP should be enough to avoid these types of problems. In order to cause 
a bridging loop the station would have to have both interfaces in the 
same VLAN and forward all L2 traffic except for BPDUs. Even if this were 
the case the wireless network (10-Mbps?) shouldn't be enough to bring 
the LAN to its knees (100-Mbps?). If you have STP enabled on all of your 
switches, I'm doubt that a single station is bringing the network down.

Once you find the offending switch that you need to reboot, you can 
issue console commands to determine the root bridge and any blocked 
ports. Make sure that things are normal. You do have your root bridge 
set manually, don't you? :)

To find out which port is causing the loop, take a look at the interface 
counters. You should see an unreal amount of traffic on the offending 
port (and the uplink to the core switch).

When STP has been enabled I have only come across layer-2 loops twice. 
Once when a few HP switches had gone bad, and another time when a 
customer had configured channeling on one side but not the other (3500 
series, no channel negotiation).

In both cases I found that the problem was made worse with increasing 
traffic levels, and the problem also revolved around the same set of 
switches. The channeling problem was a bit more difficult to narrow down 
though, since it disabled MLS on the core switch and every segment 
appeared to have problems!!!

I hope that helps,

- Tom


Christopher Dumais wrote:
 Hi all,
 We are having an STP problem where we think a user with an integrated
 wireless and LAN NIC is creating a bridge loop and bringing down the entire
 network. The problem occurs then goes away after 20 or so minutes unless we
 can narrow down which closet it is coming from and reboot the switch. All
of
 our management tools die during the outage. Does anyone have any ideas on
 how we might prevent this from happening or track down the offender? We
have
 6509's in our Core and a mix of 3548's and 3550-SMI. Any thoughts are
 appreciated. Thanks!
 
 Chris Dumais, CCNP, CNA
 Sr. Network Administrator
 NSS Customer and Desktop Services Team
 Maine Medical Center
 (207)871-6940
 [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70812t=70797
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: EIGRP OSPF DUAL MUTUAL REDISTRIBUTION [7:70643]

[Tom Martin]

Jason,

Chuck answered pretty completely, but there's another option that works 
well, changing administrative distances.  At the redistribution points, 
set the default administrative distance for each protocol to something 
like 200.  Next create an access-list that identifies all routes 
internal to each routing domain, and override the default 
administrative distance (200) with the normal AD (something less than 200).

This has the effect of assigning all 'internal' routes the normal AD, 
and prevents route feedback.  Routes will only be redistributed if they 
are not already present in the internal table.

This also has the advantage of providing additional redundancy.  If a 
route becomes inaccessible for some reason, but is still available via 
another routing protocol, it will be learned using the alternate path. 
With route filtering this is not possible.

A very good explanation of this can be found in Chapter 13 of Doyle's 
TCP/IP Routing Vol. I.

- Tom


Jason Viera wrote:
 Can't figure this one out. I am mutually redistributing eigrp into ospf
 (dual redistribution points) and vice versa, I also have a separate
 redistribution point in the eigrp domain which introduces external (AD170)
 routes into the Eigrp domain, upon redistribution into OSPF these (external
 eigrp) routes are given an AD of 110, creating suboptimal routing. The only
 solution I could devise was based on modifying the distance of the external
 routes in the eigrp domain. What would be the best approach to tackle the
 problem,  Any insight would be greatly appreciated!!
 Thanks Jason




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70716t=70643
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Dynamic VLAN [7:70445]

[Tom Martin]

Lo,

Dynamic VLANs are based on MAC address, so a PC with one NIC will have 
one MAC even if you have two IP addresses configured on it.  The switch 
will put the PC in the correct VLAN based on its database.

The PC will end up in one VLAN, and as such will only be able to 
communicate with one of the servers.

- Tom

Lo Ching wrote:
 Dear All,
 
 Suppose there is a PC have 2 IP address configured in single NIC (10.x,
 20.x) and connect catalyst 35xx switch that configured with dynamic vlan.
 (NOT tagged)
 
 And there are 2 servers with IP 10.x and 20.x connected to the same switch
 as well. The server belongs to VLAN 10 and VLAN 20 based on the IP address.
 
 Can the client PC connect to both server in the same time? In other words,
 can the switch port allow both VLAN 10 and VLAN 20?
 
 Thanks.
 
 rgds,
 LoChing




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70579t=70445
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: RJ48-RJ48 cable [7:70596]

[Tom Martin]

Thomas,

You can use a straight-through CAT5 or CAT3 patch cable.  The difference 
is in the meaning of the pins.  From a cabling perspective it doesn't 
matter.

- Tom

Thomas N wrote:
 Hi All,
 
 I am wondering what is the difference between the RJ48 and RJ45
 connector/cable?  I am setting a router with a integrated CSU/DSU
 (WIC-1DSU-T1) with a T1 RJ48 connection hand off by the ISP.  They however
 do not provide the cable.  Could I make a cable with RJ45 connectors for
 this?  What would be the pinout for both end of the cable?  Does the
 direction of the cable connection matter?  It's urgent. Please help. Thanks
 in advance!
 
 Thomas.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70600t=70596
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: I will be taking BCRAN [7:70498]

[Burnett Tom]

I read the Cisco Press Exam certification guide for 640-505 three times,
went through Knowledgenet CBT once and purchased Self-test software practise
exam.  Scored 950 on first attempt after 4 weeks study.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70616t=70498
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: route-map V distribute list's [7:70121]

[Tom Martin]

DJ,

A route-map is just way more flexible.

A distribute-list will afford you a single access-list in which you must 
define everything, where as a route-map allows you to use multiple 
access-lists.  This is especially important during temporary changes to 
a network topology, where a new route-map clause can be added without 
changing the existing access list.

Route-maps also allow you to match on more than the routes to be 
redistributed (such as outgoing interface, next hop IP, advertising 
router, etc).

For most implementations, I've found that a distribution list is all 
that's required.  Even so I still use route maps, because you never know 
what you'll need down the road.

- Tom

maine dude wrote:
 Hi
  
 Can someone clarify why you would use a route-map instead of distribute
list?
  
 Thanks in advance,
 -DJ 
 
 
 
 
 
 -
 Yahoo! Plus - For a better Internet experience




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70125t=70121
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How to trace conversations of Yahoo and Acess to Sex sites [7:70130]

[Tom Martin]

Bala Ware,

With all due respect, it seems to me that you have a political problem 
on your hands.  You're dealing with a GM that wants (more or less) 
direct access to the Internet and manages the person(s) responsible for 
managing the firewall.

Of course there's ways to identify what he's doing on the Internet, but 
it sounds as if the GM has enough authority to make this process 
difficult (assuming he finds out) and your job could end up in jeopardy. 
  It may not be fair, but sometimes that's life.

Perhaps your boss should talk to the GM (or his boss).  I'm not sure 
that a technical approach would be appropriate given the situation.

My 2 cents anyway.

- Tom

Mr piyush shah wrote:
 Hello all
 I will be highly appreciable if someone will help
 me.In our organisation there is a newly joineD to whom
 we have provided internet access through proxy server
 .However being slightly technical he has insistently
 taken public Ip address and have opened all the ports
 on firewall ,wherein from his pc to external world all
 ports are opened .My boss is worrying whether this
 chap is utilising this facility for chating using
 yahoo messanger woth sex chat rooms as well as
 acessing many more sex sites.Unfortunately there is no
 way to trace whetgher what is he accessing .I request
 you to suggest some software which will track what
 site is he accesiing and what conversation is he
 doing. 
 I know that I can load websense or surfcontrol on
 f/w,but unfortunately f/w is being controlled by one
 of the engineer who reports to tha GM.Hence no access
 to f/w.
 I sincererly request to help me.
 
 
 Regards
 
 BALA WARE
 
 
 
 Missed your favourite TV serial last night? Try the new, Yahoo! TV.
visit http://in.tv.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70130t=70130
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIM-SM Join Messages. [7:70014]

[Tom Martin]

Ken,

PIM messages are sent multicast, either to 224.0.0.2 or 224.0.0.13 
depending on the PIM version.

PIM Joins are sent periodically, every 60 seconds.

- Tom

[EMAIL PROTECTED] wrote:
 Hello,
 
 I have two questions here on the above.
 
 Are PIM joins sent multicast or unicast.  Some docs says it's unicast, but
I
 see it as multicast in my trace.
 
 Also, If a flow maintains state for a period of time, do PIM-Join messages
 get sent periodically to the RP or root of the source, if so how often?
 
 Many thx
 Ken
 
 
 
 For more information about Barclays Capital, please
 visit our web site at http://www.barcap.com.
 
 
 Internet communications are not secure and therefore the Barclays 
 Group does not accept legal responsibility for the contents of this 
 message.  Although the Barclays Group operates anti-virus programmes, 
 it does not accept responsibility for any damage whatsoever that is 
 caused by viruses being passed.  Any views or opinions presented are 
 solely those of the author and do not necessarily represent those of the 
 Barclays Group.  Replies to this email may be monitored by the Barclays 
 Group for operational or business reasons.
 
 




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70086t=70014
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: LLQ on Ethernet subinterfaces [7:70020]

[Tom Martin]

Watch for wrap:

http://www.cisco.com/en/US/customer/tech/
tk543/tk545/technologies_tech_note09186a0080114326.shtml

neil K wrote:
 Can somebody tell me how to configure LLQ on Ethernet subinterfaces
 connected to two VLAN's.
 Will appreciate it.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70087t=70020
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Please expalin the numbers in the source-bridge statement?? [7:70093]

[Tom Martin]

Robert,

The local Token Ring number is 9.  The interface will bridge traffic 
from this ring to ring number 23.  The Token Ring RIF will indicate the 
router as bridge 3.

- Tom

Robert Perez wrote:
 interface TokenRing0
  ip address 192.168.34.3 255.255.255.0
  ring-speed 4
  source-bridge 9 3 23   source-bridge spanning




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=70093t=70093
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VTP pruning verses clear trunk [7:69844]

[Tom Martin]

'clear trunk' is used to prevent VLAN traffic from ever crossing a trunk 
link.

VTP pruning is used to prevent broadcasts from trunk links only when 
there are no hosts on the VLAN on the other side of the trunk link.

listmailing wrote:
 Same, not the same?
  
 From what I am reading, Clear trunk will deny the VLAN from the trunk.
 VTP Pruning will do the same but also mentioned host broadcast
 suppression.
  
 Also I have read pruning is dynamic, where clearing is static.
  
 Thanks!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=69869t=69844
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: BGP Load Balance [7:69611]

[Tom Martin]

Salvatore,

ebg-multihop is not required for load balancing.  It can be beneficial 
to use a loopback to peer from/to, similar to IPX internal networks 
provide better load balancing for NetWare servers.

If you feel it's a good idea to peer to/from loopack interfaces 
(redundancy, better balancing) then you'll need ebgp-multihop since you 
are adding hops.  If you have multiple directly connected interfaces to 
the BGP neighbor and don't use loopback interfaces, you don't need 
ebgp-multihop.

- Tom

Salvatore De Luca wrote:
 Understood..  but does the command neigh x.x.x.x ebgp-multihop X by
itself
 provide load-balancing? I could be wrong.. but from my undrstanding this
 just states that you have the capability of peering with neigh that are not
 directly connected.. You could very well acheive loadbalancing when 2 EBGP
 routers peer with its neighbors loopbacks.. Yes.. in this case you would
 need to be directly connected.. so why would you need neigh x.x.x.x
 ebgp-multihop... Please enlighten me with your thoughts..




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=69755t=69611
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Dynamic Route Graphs...... [7:69738]

[Tom Martin]

Raj,

Is the software going to be open source?  I have a large collection of 
scripts for automating configuration (during rollouts) and basic 
troubleshooting.  I've had intentions of providing a GUI front-end at 
some point, either in Java or PHP, but never seem to have the time to 
get around to it.

Most of the advanced troubleshooting is performed by our technicians 
anyway (as opposed to directly by the customer), so not having a 
graphical interface has not been a big deal.

Either way, since you've obviously done some work in that area it might 
be nice to merge some sources to provide additional functionality.  For 
example, I can see where it might be nice to see which switches are 
encountered between hops, especially if the next hop isn't reachable.  I 
wouldn't imagine this would be terribly difficult, since the code is 
already written.

Just a thought.

- Tom

Raj Santiago wrote:
 Hi All,
 
 A friend and myself have recently completed a program, in which WE think
 is going to be very helpful to all engineers out there. Basically its a
 network-graphing program. How does it work ?
 
 7 logs on to all known routers in your network and issues term len 0 and
 then show ip route. These outputs are then stored under the name of the
 router.
 7 Next you specify a source ip(or name) and a destination ip (or name)
 7 Our code basically works out the starting point(s) and then builds a
graph
 based on the routing table(stored as files) to the destination.
 7 The graph(very pretty with nice colours  ) is stored as a png file and a
 HTML document is created to reference it.
 
 What does this mean? 
 7 You can basically get a graphical representation of your network from any
 two points
 7 All of this is dynamic because it follows your routing table entries.
 7 Makes troubleshooting simpler
 Etc
 
 Well, we were stoked to see the end product (in which we are doing final
 testing and formulating a module). I was wondering if this would be useful
 to you out there ? If so, just leave a comment. This will give us a rough
 idea on how user friendly we need to package this
 
 
 Here is a sample diagram :
http://www.superplasmas.com.au/routeparser/10.25.159.1_10.47.200.30.png
 
 With IE, you will need to enlarge the pic to view it correctly... (just run
 your mouse over and click on the enlarge button).
  
 
 Any feedback will be good. Please remember this program is free.
 
 Cheers
 
 Raj




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=69758t=69738
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Help with Cisco 3745 configuration [7:69765]

[Tom Martin]

J B,

If you're familiar with Cisco routers, WAN troubleshooting (probably T1 
or Frame) and QoS intricasies, then $5,500 is way too much.  You could 
set up the routers well within a single day, probably closer to 1/2 day.

If you're not familiar with Cisco routers, especially QoS since quality 
problems may only arise under certain load conditions, then having an 
outside company do it correctly may very well be worth it.  I suppose it 
all depends on how important uptime is to your company.  If your company 
stands to lose money if voice calls can't go through or if reliability 
is an issue, pony up and pay the $5,500.

If you're up to the challenge, poke around Cisco's site.  There's not 
much detail on your environment, but you'll probably be interested in 
PPP interleaving, FRF.11 or 12, LLQ and the various classification 
techniques.  Getting voice over your data circuit reliably requires that 
you look at the path end-to-end, so you might also be interested in 
looking at what layer 2 classification/prioritization is available on 
your switches.

As far as IP connectivity, not much has changed in the last 2 years. 
Assign valid addresses, pick a routing protocol and whalla!

That should be enough to get you started anyway.  :)

- Tom

J B wrote:
 Hi, Everyone
 I just been awarded the responsibility of installing 4 3745 Cisco routers. 
 The local phone company wanted $5500 dollars for the installation and my
 employer thinks is to much.  I was looking at the Cisco website for sample
 configurations but I couldn't find them.  I need to share the T1 channels
 link for voice and data.  I haven't done Cisco for like 2 years.  Can
 someone help me with some guidance to find some information in how to do
that.
 
 Thanks
 JBary




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=69775t=69765
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Need help for CCNA 3.0 [7:69772]

[Tom Martin]

   (Watch for word wrap)

Guruprasad Sanjeevi wrote:
 Group,
  
 I am going to take ccna 3.0  as my ccna 1.0 has expired. Can anyone
 please tell me the topics that I need to focus on? . I'm working on
 routers for past 3 years
  
 TIA
 guru




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=69781t=69772
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Need help for CCNA 3.0 [7:69772]

[Tom Martin]

The URL was stripped from the earlier post:

http://www.cisco.com/warp/public/10/wwtraining/
certprog/testing/current_exams/640-607.html


Tom Martin wrote:
(Watch for word wrap)
 
 Guruprasad Sanjeevi wrote:
 
Group,
 
I am going to take ccna 3.0  as my ccna 1.0 has expired. Can anyone
please tell me the topics that I need to focus on? . I'm working on
routers for past 3 years
 
TIA
guru




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=69787t=69772
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Dynamic Route Graphs...... [7:69738]

[Tom Martin]

Priscilla,

I've found that CDP works great for identifying transit Ethernet 
switches since CDP details IP addresses, and suprisingly picks up more 
that just Cisco equipment.  I've noticed HP switches providing CDP, but 
most of the networks I work with are primarily Cisco.  One of the 
biggest benefits of CDP is that it's really easy to remotely automate 
and parse, allowing automated network topology generation.

Granted STP works more globally, but doesn't have any way of showing an 
associated IP address (most of my scripts have been geared towards 
troubleshooting, where most often it's valuable to Telnet to the next 
hop and get it's perspective).  I suppose STP contains a bridge ID 
that can be cross-referenced to an IP address, assuming a central 
database exists.

To be honest I haven't done anything too elaborate with STP scripting 
since CDP has worked out so well, except on a couple of occasions where 
I found platforms/IOSs where CDP isn't enabled by default...  I had 
plans of extending my scripts with STP to identify root bridge placement 
and identify L2 transit paths.  Perhaps someday I'll actually have the 
free time to do it! :)

- Tom

Priscilla Oppenheimer wrote:
 
 Since switches do transparent bridging, how would you know that they are
 there? It's hard to see something that is transparent. Perhaps there's some
 spanning-tree info you could gather that would illuminate the logical
 topology and the path frames would take. It would only be for that LAN
though.
 
 Of course, if you meant L3 switches, then his program already works with
 those probably.
 
 Thoughts? I'm just thinking out loud here.
 
 The program sounds great! Congratulations on the accomplishment and good
 luck with its marketing.
 
 Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=69800t=69738
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Dynamic Route Graphs...... [7:69738]

[Tom Martin]

Priscilla,

I've found that CDP works great for identifying transit Ethernet
switches since CDP details IP addresses, and suprisingly picks up more
that just Cisco equipment.  I've noticed HP switches providing CDP, but
most of the networks I work with are primarily Cisco.  One of the
biggest benefits of CDP is that it's really easy to remotely automate
and parse, allowing automated network topology generation.

Granted STP works more globally, but doesn't have any way of showing an
associated IP address (most of my scripts have been geared towards
troubleshooting, where most often it's valuable to Telnet to the next
hop and get it's perspective).  I suppose STP contains a bridge ID
that can be cross-referenced to an IP address, assuming a central
database exists.

To be honest I haven't done anything too elaborate with STP scripting
since CDP has worked out so well, except on a couple of occasions where
I found platforms/IOSs where CDP isn't enabled by default...  I had
plans of extending my scripts with STP to identify root bridge placement
and identify L2 transit paths.  Perhaps someday I'll actually have the
free time to do it! :)

- Tom

Priscilla Oppenheimer wrote:

 
  Since switches do transparent bridging, how would you know that they are
  there? It's hard to see something that is transparent. Perhaps 
there's some
  spanning-tree info you could gather that would illuminate the logical
  topology and the path frames would take. It would only be for that 
LAN though.
 
  Of course, if you meant L3 switches, then his program already works with
  those probably.
 
  Thoughts? I'm just thinking out loud here.
 
  The program sounds great! Congratulations on the accomplishment and good
  luck with its marketing.
 
  Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=69809t=69738
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: RHCE Vs. CCIE [7:69801]

[Tom Martin]

Joseph,

I noticed that too, but never really thought about it.  I browsed the 
article (http://www.certmag.com/issues/jan02/feature_sosbe.cfm).  Figure 
4, 6 and 9 all rank RHCE at the top.

If a well-known third party ranked your certification as overall best 
overall quality, I'm sure you'd advertise it too.  I know I would!

It looks as though your message was part of an existing thread that 
didn't show up for me, but for what's it worth CCIE was missing from the 
certifications examined, so it's really not much of an RHCE vs. CCIE 
comparison.

- Tom

Joseph Brunner wrote:
 Want a laugh.. I was installing Redhat 8 (graphical install)
 during the install was an advertisement for the RHCE. I would
 like REDHAT to answer this...
 
 If your RHCE is so great (Top Overall IT Certification), then
 why is a Cat6k (sup1/2 clearly visible) in the background ?
 
 check out these screenshots...
 
 http://www.kiatex.com/rhce/




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=69817t=69801
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: default-information originate with route-map [7:69558]

[Tom Martin]

Maroun,

OSPF routers don't really send out routes to their neighbors, they send 
LSAs.  For most things you can think of them as being the same, except 
in situations like yours.

Your router is presumably creating the default route (use 'show ip ospf 
database' to verify) and therefore creating the LSA for it.  The LSA is 
flooded to all neighbors.  In a redundant network the LSA could even be 
sent from multiple neighbors.  The end result is that all routers WILL 
get the default gateway LSA.

To get around this problem, you need to use a distribution list on the 
router that should not honor the default gateway.  The router will still 
get the LSA, will still enter the LSA into its database and will still 
flood the LSA to its neighbors.  But if you use a distribution list it 
will NOT put the route in its routing table.  It sounds like this is 
what you're looking for.

In other words put the filter on the router where the filtering needs to 
take place, not on the sending router.  You could also accomplish this 
by using multiple areas and filtering at the ABR.

- Tom

Maroun Waked wrote:
 hi,
 
 I have a router running ospf that needs to send a
 default route to its neighbors. For this, I have used
 the command default-information originate.
 Then I wanted one of the neighbors not to receive the
 default route. I thought that the route-map option at
 the end of the default-information originate, would
 help.
 However, each time I create a route-map, the default
 route will not be advertised to any of the neigbors.
 I tried using match interface, but I never got any
 matches.
 In brief, things didn't work.
 Can anyone help
 
 thank you
 
 __
 Do you Yahoo!?
 The New Yahoo! Search - Faster. Easier. Bingo.
 http://search.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=69714t=69558
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Virtual Link Problem [7:69640]

[Tom Martin]

Kevin,

It might just be an oversight, but R5 and R6 don't seem to have a 
loopback or explicit router ID defined.

Also, what is the OSPF network type on R2?  It's set manually on R5 and 
R6, but left to the default on R2.  I believe (but haven't verified) the 
default would be non-broadcast not point-to-multipoint.

- Tom

Kevin Love wrote:
 Hey Team,
 
 I cannot figure this out.  I've configured lots of virtual links, but no
 matter what I do this isn't working.  I had md5 authentication configured
 for Area 0, but to isolate the problem, I removed authentication and the
 virtual link still isn't up.  I need another set of eyes (or two) looking
at
 this.  Please help if you can!
 
 Here's the topology:
 
 Area 2 (Loopback 0)
  |
  R2
\
 \
  FR
Area 1
  /\
 R5R6
  \/
Area 0
   Ethernet
 
 Here are the salient config snippets:
 
 R2
 !
 interface Loopback0
  ip address 192.168.2.2 255.255.255.255
  ip ospf network point-to-point
 !
 interface Serial1.256 multipoint
  ip address 172.16.56.2 255.255.255.248
  ip ospf priority 255
  frame-relay map ip 172.16.56.2 105
  frame-relay map ip 172.16.56.5 105 broadcast
  frame-relay map ip 172.16.56.6 106 broadcast
  no frame-relay inverse-arp
 !
 router ospf 1
  log-adjacency-changes
  area 1 virtual-link 192.168.5.5
  area 1 virtual-link 192.168.6.6
  network 172.16.56.0 0.0.0.7 area 1
  network 192.168.2.2 0.0.0.0 area 2
 !
 
 R5
 
 interface Ethernet0
  ip address 172.16.200.5 255.255.255.128
  ip ospf hello-interval 15
 !
 interface Serial0
  ip address 172.16.56.5 255.255.255.248
  encapsulation frame-relay
  ip ospf network point-to-multipoint
  frame-relay map ip 172.16.56.2 501 broadcast
  frame-relay map ip 172.16.56.5 501
  frame-relay map ip 172.16.56.6 501 broadcast
  no frame-relay inverse-arp
  frame-relay lmi-type cisco
 !
 router ospf 1
  log-adjacency-changes
  area 1 virtual-link 192.168.2.2
  network 172.16.56.0 0.0.0.7 area 1
  network 172.16.200.0 0.0.0.127 area 0
  network 192.168.5.5 0.0.0.0 area 5
 !
 
 R6
 
 interface Serial0
  ip address 172.16.56.6 255.255.255.248
  encapsulation frame-relay
  ip ospf network point-to-multipoint
  frame-relay map ip 172.16.56.2 601 broadcast
  frame-relay map ip 172.16.56.5 601 broadcast
  frame-relay map ip 172.16.56.6 601
  no frame-relay inverse-arp
  frame-relay lmi-type cisco
 !
 interface FastEthernet0
  ip address 172.16.200.6 255.255.255.128
  ip ospf hello-interval 15
  half-duplex
 !
 router ospf 1
  log-adjacency-changes
  area 1 virtual-link 192.168.2.2
  network 172.16.56.0 0.0.0.7 area 1
  network 172.16.200.0 0.0.0.127 area 0
  network 192.168.6.6 0.0.0.0 area 6
 !
 
 R2#sh ip ospf vir
 Virtual Link OSPF_VL5 to router 192.168.5.5 is down
   Run as demand circuit
   DoNotAge LSA allowed.
   Transit area 1, Cost of using 65535
   Transmit Delay is 1 sec, State DOWN,
   Timer intervals configured, Hello 10,  40, Wait 40, Retransmit 5
 Virtual Link OSPF_VL4 to router 192.168.6.6 is down
   Run as demand circuit
   DoNotAge LSA allowed.
   Transit area 1, Cost of using 65535
   Transmit Delay is 1 sec, State DOWN,
   Timer intervals configured, Hello 10,  40, Wait 40, Retransmit 5
 R2#
 
 Trust me on the router-IDs for the virtual link statements - I have
 triple-checked them.  I have reloaded the routers with no luck.  What am I
 missing here?!
 
 Thanks!
 Kevin




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=69720t=69640
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Packet retransmit questiion [7:69715]

[Tom Martin]

First of all, I wouldn't post a question advertising it to be from the 
350-001 test to a public newsgroup.  It just seems like a bad idea.

I'm responding to the question based on the fact that I took the test a 
couple weeks ago and didn't see the question.  I'm HOPING that the 
question is from your study material for the test.

Robert Perez wrote:
 Hi all,
 
 I have a question on the CCIE 350-001 test.  I have heard differing
opinions
 on this but when traffic crosses a WAN connection and there are problems
who
 does the retransmit?? Host or RTR??

Generally the sending host.

 
 1.) In Frame relay there is a line hit or corrupt packet on the WAn, who
 retransmits, should be the source router correct?

Frame Relay includes a CRC to detect corrupted frames.  The CRC is 
checked at the end router and is used to detect corrupted frames so that 
they can be dropped.  Neither router will retransmit the frames, 
assuming of course that neither router is the source of the traffic.

If one of the routers is sourcing the traffic, perhaps Telneting to the 
other router, then the routers would resend corrupted frames (actually 
the router would resend the IP packet, possibly resending multiple 
frames).  But at this point the router is performing the role of a host.

 
 2.) In a point to point circuit w/HDLC there is a line hit or corrupt
packet
 who retransmits, should be the source router correct??
 

Same as Frame Relay.  There is no link-level ACK, resends are the 
responsibility of the upper-layer protocols on the sending host.

 3.) In a bridged environment with a WAN a T-1 takes a line hit or corrupt
 packet who retrnasmits, should be the source host correct??
 
 

Yes.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=69725t=69715
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Networkers: is there a consistent link from CCO to [7:66054]

[Tom Lisa]

Howard,

I don't know if you would call this consistent but here are the links
to the presentations from 1999 - 2002:

http://www.cisco.com/networkers/nw99_pres/index.htm
http://www.cisco.com/networkers/nw00/pres/
http://www.cisco.com/networkers/nw01/pres/
http://www.cisco.com/networkers/nw02/post.html

HTH,
Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Howard C. Berkowitz wrote:

  I'll have to admit that I usually go to a specific presentation for
  which I already have the URL, and then work backwards to find the
  presentation index for a particular Networkers' event.

  Is there a better way?  When I search on CCO for a root to
  Networkers, all I seem to come up with is registration information
  for upcoming ones or salesy stuff on why I should attend.

  Does anyone know if there is a consistent place to go and find the
  starting point for the presentation archives for a given Networkers?
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=66054t=66054
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Networkers: is there a consistent link from CCO to [7:66053]

[Tom Lisa]

Howard,

I don't know if you would call this consistent but here are the links
to the presentations from 1999 - 2002:

http://www.cisco.com/networkers/nw99_pres/index.htm
http://www.cisco.com/networkers/nw00/pres/
http://www.cisco.com/networkers/nw01/pres/
http://www.cisco.com/networkers/nw02/post.html

HTH,
Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Howard C. Berkowitz wrote:

  I'll have to admit that I usually go to a specific presentation for
  which I already have the URL, and then work backwards to find the
  presentation index for a particular Networkers' event.

  Is there a better way?  When I search on CCO for a root to
  Networkers, all I seem to come up with is registration information
  for upcoming ones or salesy stuff on why I should attend.

  Does anyone know if there is a consistent place to go and find the
  starting point for the presentation archives for a given Networkers?
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=66053t=66053
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Cisco Instructor - CCNA Class [7:65742]

[Tom Lisa]

Or the super-normal way is to have a Cisco Certified Academy Instructor
(CCAI) from an authorized Cisco Networking Academy with both on-line
curriculum and textbooks with a plethora of routers, switches, hubs,
modems, isdn/pots/t1 simulators, test equipment and numerous lab
experiments.  :)

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Jens Neelsen wrote:

  Hi,

  the normal way is to have an experienced certified instructor
  from a Cisco Learning Partner with the original coursebook from
  Cisco and the necessary lab.

  Jens

  --- Robert Raver  wrote:
   Hey,
  
   I have been given the duty to teach a CCNA class.  Have any of
   you done this
   before?  I was wondering what did and didn't work for you?
   What tips you
   might have.  What the best way of approaching this would be.
   We will be
   using
   the Cisco Press book for the class and each student will have
   three routers
   and a switch.
  
   Thanks,
   Robert Raver
  [EMAIL PROTECTED]
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=65787t=65742
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ip ospf dead-interval [7:64311]

[Tom Lisa]

So, what layer does ARP run at?

Sorry, I couldn't resist. :)

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Priscilla Oppenheimer wrote:

 Welcome to Group Study. Nobody ever gets a straight answer here! ;-) And
 usually they shouldn't. With the exception of the ones and zeros that go
 across the wire (or air), most other things in this industry are simply not
 black-and-white. Just wait till the next time someone asks what a L3 switch
 is or what layer ARP runs at! :-)

 Priscilla




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=64451t=64311
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: ??? IS-IS ??? [7:63875]

[Tom Lisa]

Steve,

Yes, it is a routing protocol and has just recently been added to the new
BSCI (was BSCN) exam.  Unfortunately, the folks that make the decisions
about what's added to the certification exams didn't give the Academy
folks any lead time to change our Advanced Routing curriculum.  We should
have a new curriculum (hopefully) with IS-IS by the Fall of this year.

You can go to www.ciscopress.com and download the chapter on IS-IS from
the new BSCI book they are releasing.  At least you could a month or so
ago.  Also, search on CCO for IS-IS and you should get a lot of
information about it.

HTH,
Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Steven Aiello wrote:

  Hello All,

  I'm wondering was IS-IS is.  No pun intended.  I'm assuming it's a
  routing protocol?  I've gone through Cisco, CCNA acad. and have my
  CCNA
  and I've even started going over Semester 5 for the CCNP, but IS-IS
  is
  no where to be found...  Is this a new protocol?  Or does someone
  know
  where I can find a good over view?

  Thanks for brain food,
  Steve
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63899t=63875
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Core Layer L2 or L3 [7:63708]

[Tom Lisa]

Peter,

The current rumour for the Academy CCNP program is that Cisco is dropping
the 3 layer model and moving to a 2 layer model with L3 in the core for
the BCMS course.  I guess I'll find out for certain at Networkers in
Orlando, Fla. this June.

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Peter van Oene wrote:

  At 11:05 AM 2/25/2003 +, Skarphedinsson Arni V. wrote:
  In a Core-Distribution-Access Layer design, would you keep the Core
  L2 or
  with high end L2/L3 switches such as the Cat6500 do you think it
  would be
  better to do L3 in the core ?

  I personally haven't found the need to have a Distribution layer in
  most
  networks.  It's a model designed by vendors to sell boxes imho.

  Pete
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=63803t=63708
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OT: New Instructor Experiences [7:62826]

[Tom Lisa]

John,

A good classroom experience begins with three things: preparation,
preparation, preparation!  This is not to say that you didn't prepare,
but each class requires additional preparation even if taught before. 
Another issue that arises is that every class has its own synergy.  The
concepts that were readily assimilated by one group become more difficult
to unravel than a Gordian Knot by the next.

You may have been lulled into a false sense of security by the first
couple of groups and then got blind-sided by the last.  I suspect that
you felt your explainer was broken because you were only prepared to
explain things in one way and ran into a group that needed it in another
format.  Individuals have different learning modes (preferences).  A
diagnostic instrument called VARK (Visual, Aural, Read/Write,
Kinesthetic), developed by Neil Fleming, Lincoln University, Canterbury,
New Zealand, shows how learning preferences affect the teaching process. 
If you prefer to learn in one mode, you tend to teach in that mode. 
However, if it doesn't match the preferred mode of the majority of your
class, then you will have one of those days.

If you're interested in learning more about it, you can go to the
National Learning  Teaching Forum at www.ntlf.com.  Click on the search
link and enter the search term VARK.  Teachers must always be prepared to
be multi-modal and have more than one way of explaining difficult
concepts (and sometimes even the simple ones).  I'm still searching for
the One All-Inclusive way of teaching sub-netting to products of our
marginally effective K-12 schools systems.  Basic math appears to be a
foreign concept to many of my students.

BTW, I still have days when I think my explainer is broke.  This
teaching gig is harder than it looks! :)

HTH,
Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem
 

John Neiberger wrote:

  I just feel the need to rant/vent for a bit and I knew there were a
  bunch of you who might be able to relate to this.  I've started
  teaching
  a short, one-session general networking class for some of the people
  here at the bank.  The first session, which was really just a
  runthrough
  with a handful of students, went fairly well.  In fact, it went so
  well
  that they increased the number of overall attendees to about 60 or
  so.

  Last week I had another session that went exceptionally well, except
  for a couple of students who really didn't want to be there.  I
  couldn't
  have asked for it to go better, and my boss heard lots of good things
  about it.  One person even said I should be a professor!  :-)  Now,
  that
  brings us to today

  Today I had an afternoon class, and in my opinion it sucked rotten
  eggs.  I feel embarrassed to have been involved with it.I can't
  think of too many ways in which it could have gone worse.  I rambled,
  I
  flew through 2.5 hours of material in about an hour, I lost my place
  a
  lot.  I'm not certain that I ever formed a train of thought longer
  than
  a couple of cars, and I think even those trains were without engine
  and
  caboose.

  Have any of you other instructors had days like that?  As I even
  mentioned in class, I felt like my 'explainer' was broken today, and
  it
  certainly was.  I'm hoping that I could get some sympathy from other
  instructors with similar experiences.

  Okay, I'm going to go drown my disappointment in some coffee!

  John
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62837t=62826
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 4000 and DHCP [7:62632]

[Tom Martin]

Tunde,

If configuring static IP addresses served as a temporary workaround, your
problem is DHCP.  Enabling Spanning Tree portfast on the ports to which
stations directly attach will fix your problem:

   set spantree portfast  enable

- Tom

On Fri, 07 Feb 2003 12:16:47 +, Tunde Kalejaiye wrote:

 hi all,
 
 we just upgraded our network to a switched, a catalyst 4006 to be
 exactsome users have been getting 'no domain server available '
 error message. they usually have to try more than 4 - 6 times to
 successfully log on to the network.
 has anybody come across this problem before? what work around did u use
 besides configuring static ip addresses?
 thanks for your response(s) in advance
 
 Tunde




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62702t=62632
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 4000 and DHCP [7:62632]

[Tom Martin]

Tunde,

If configuring static IP addresses served as a temporary workaround, your
problem is DHCP.  Enabling Spanning Tree portfast on the ports to which
stations directly attach will fix your problem:

   set spantree portfast  enable

- Tom

On Fri, 07 Feb 2003 12:16:47 +, Tunde Kalejaiye wrote:

 hi all,
 
 we just upgraded our network to a switched, a catalyst 4006 to be
 exactsome users have been getting 'no domain server available '
 error message. they usually have to try more than 4 - 6 times to
 successfully log on to the network.
 has anybody come across this problem before? what work around did u use
 besides configuring static ip addresses?
 thanks for your response(s) in advance
 
 Tunde




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62695t=62632
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CBAC, PPTP and NAT Interaction [7:62727]

[Tom]

I have a user that I need to support with the following configuration.

Host Site has Cisco 806 with 12.2 IOS FW 3DES
Remote Site has Cisco 806 with 12.2 IOS FW 3DES

Want to implement IPSec Peer to Peer Tunnel between two 806s
Want to implement PPTP for a remote user with a Dynamic IP terminated on the
806
Want to use combination of CBAC, NAT and ACL to secure router

Here's what I've got, IPSec No problem.
PPTP No problem.
Securing router using CBAC, NAT and ACL will break IPSec or PPTP and
sometimes other protocols coming through router.

I am looking for some good information on the interaction of CBAC, NAT and
ACL as to what gets processed in what order, what interactions they have, if
any, etc.

Looking at TAC, I have found many articles on each, but not much that
combines them.  Anybody been successful using these all on the same router
at the same time?

Tom




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62727t=62727
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Help with CCIE Study's!!! [7:62547]

[Tom Brokaw]

I have been a Network Engineer for over 3 years and
have my CCNP. I have been reading posts and
researching about CCIE. I am fortunate enough to have
a lab with 9 routers and a 2924 switch. I would love
to get a 3550, voice and ATM, but like you too much
$$$. 
Help!!! I am so intimidated. I don't want to start
down the wrong path in the beginning. I am not asking
those CCIE's or guys who have taken the test and
failed to break any NDA agreements, but Where to
start? I have the books, Doyle, Satterlee, Caslow. I
am going to start going through these, but how do you
know when you are ready? After I have gone through
these books I am planning on buying CCbootcamps lab
subscription etc. 
Help!!! I guess I need motivation or a direction, can
you talk to me about your road successful or not? My
email address is [EMAIL PROTECTED] if you want to
email me privately with the upmost confidentiality. I
am not looking for a free ride or to cheat, but to not
start out with bad habbits, and come up with an end.
Thanks for reading my panic attack. 

Scratch

__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=62547t=62547
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Traceroute troubles [7:61247]

[Tom Lisa]

Priscilla Oppenheimer wrote:



 Here's how it works, from my book Troubleshooting Campus Networks, that
 everyone should get, especially if you are studying for the Support test
for
 CCNP. It covers all topics for that test. Hey, my publisher won't do any
 marketing for me. I'll have to do it myself. Hope that's OK, if I keep it
to
 a minimum. :-) Anyway, here's the info. (There are more details in the
book.)

Hey, I'm recommending it to my students.  Does that mean I get promotional
fee? :)

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61415t=61247
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Traceroute troubles [7:61247]

[Tom Lisa]

Well, considering what she's probably getting paid for writing it,
I doubt it. :(  So, Priscilla (please note I didn't use any of the
prohibited
abreviations; wouldn't want to upset the boss), based on the hours you
put in writing it, how many cents per hour are you making?

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Larry Letterman wrote:

  Tom,
  That means you now work for Priscilla's marketing dept.
  Hope she pays you well.:)

  --

  Larry Letterman
  Network Engineer
  Cisco Systems

  Tom Lisa  wrote in
  message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   Priscilla Oppenheimer wrote:
  
  
  
Here's how it works, from my book Troubleshooting Campus
  Networks, that
everyone should get, especially if you are studying for
  the Support test
   for
CCNP. It covers all topics for that test. Hey, my
  publisher won't do any
marketing for me. I'll have to do it myself. Hope that's
  OK, if I keep it
   to
a minimum. :-) Anyway, here's the info. (There are more
  details in the
   book.)
  
   Hey, I'm recommending it to my students.  Does that mean I
  get promotional
   fee? :)
  
   Prof. Tom Lisa, CCAI
   Community College of Southern Nevada
   Cisco ATC/Regional Networking Academy
   Cunctando restituit rem
  [EMAIL PROTECTED]
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=61423t=61247
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Network Academy Router Simulator [7:60894]

[Tom Lisa]

Materials provided by the Cisco Networking Academy program are
for the exclusive use of students enrolled in the program even if they
are
free to them.  Unless this instructor has received permission from Cisco
to distribute it freely to anyone, he should have that area of the
webpage
password protected.

In other words, yes, it appears to be a violation of Cisco's property
rights.
You might do this person a favor by reminding him of his responsibility
to protect Academy resources from distribution to the public at large.

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem
 
 

cheekin wrote:

  Hi all,

  I recently, kind of, stumbled onto an instructor's webpage that
  allows
  free, uncontrolled download of the Network Academy Router Simulator.
  Anyone who accesses this page can download this simulator.

  I believe the instructor is an academy instructor.

  Has there been any form of violation?

  Thanks,
  cheekin
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=60963t=60894
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Fwd: RE: CCIE Vs. BS or MS dergree [7:59481]

[Tom Lisa]

It is amazing to me how some individuals feel that they have a
right to have their questions answered.  This without even
indicating that they have done any independent research on
their own prior to querying the list.

Oh well, Happy Holidays to all, and to all a good night!

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Howard C. Berkowitz wrote:

  At 1:37 PM + 12/20/02, Mr piyush shah wrote:
  Dear friends
  It has been quite long that I have been hearing
  whether CCIE is superior or MS. I thing it is high
  time we should wrap the topic.I dont understand
  ,whether why this forum for ? It should b a purely
  technical. For a typically type of questioning like
  this, there are resposes which lasts for weeks but
  there are some questions for whom nobody seems to be
  bothered ?
  There was a queation which was thrown on this on
  TACACS ACS  whether What could the issue that I am
  able to authenticate and not authorisation ,not a
  single person on this site bothered to answered ,not
  even Priscilla .

  Let's consider whether people bother to respond.  First, remember
  that everyone who does so is volunteering their time. They are not a
  substitute for the TAC or reference materials.  Have you considered
  that at the time you asked the question, Priscilla might be on
  vacation, another expert has limited list access while on business
  travel (perhaps behind a strict firewall), and two others are trying
  to finish projects for which they are paid?

  The latter might scan the list, but not have 10-30 minutes to write a
  post. Indeed, many of those experts do not have the answer memorized,
  but would have to look it up -- admittedly much faster than would a
  beginner.

  Which sounds to be very starnge. There are so many
  people who r new to networking tech ,hence comes with
  some querry which might b stupid to some of our
  colleages but pls ensure that u were also like them
  during your initial  phase ,

  The following is not meant to be a put-down, but a reality of how
  some people started in networking technology.  I was first
  responsible for a network in 1970, using Bell 100 series modems (300
  bps) to a PDP-11 running critical medical applications. Most links
  were acoustically coupled dialups, but we did have a few dedicated
  lines (again at 300 bps).

  With about 10 user ports on the machine, we sometimes just ran out.
  Since one of the dedicated lines was only needed for backups at
  night, and another for reporting, I realized I could switch them to
  dialup during the day.

  There was no Black Box Catalog or the like.  I needed to get a copy
  of RS-232 and learn the wiring, decide how many pins I had to switch,
  go to the electronics store and get an appropriate rotary switch and
  other components, and physically build the box, soldering the wires
  to the switch.

  I made some incorrect assumptions the first time, and had to use
  electronic test instruments to find what I had done wrong -- it
  turned out I wasn't clear about the functions of the Pin 1 and Pin 7
  grounds.

  At the same time all of this was going on, I was the head of software
  development for the medical applications, so needed to both design,
  write, and manage development, as well as researching expert system
  rules for blood banking and clinical chemistry.

  So no, not everyone had the luxury of a list or even colleagues.

  hence try to  rectify the
  querry rather than spending your precious time on
  stupid questions like  ccie is superior or MS , what
  is the salary of CCIE ? 

  And I will be perfectly honest.  Sometimes, I may be in a hurry when
  reading the list, and there's a stupid question that I can answer
  from personal experience.  Even when I answer a technical question
  with which I am very familiar, I often check the documentation --
  Cisco or IETF -- to be sure I'm referring to the right document.  On
  another list, for example, there was a DNS question.  I knew the
  answer was in RFC 1033, 1034, or 1035, but wasn't sure which, and
  didn't have time to look it up.  I cited the three documents, and
  said I _thought_ it was 1034.  Looking it up later, it was 1035.

  I hope the message is clear to everybody
  Regards
  
  PIYUSH
  
  
  
  
  Note: forwarded message attached.
  
  
  Missed your favourite TV serial last night? Try the new, Yahoo! TV.
  visit http://in.tv.yahoo.com
  X-Apparently-To: [EMAIL PROTECTED] via
  web8002.mail.in.yahoo.com;
 20 Dec 2002 07:36:38 +0500 (IST)
  Return-Path:
  X-Track: 1: 100
  Return-Path:
  Received: from groupstudy.com (66.220.63.9) by
  mta102.in.mail.yahoo.com
 with SMTP; 20 Dec 2002 07:34:44 +0500 (IST)
  Received: from localhost (mail@localhost) by groupstudy.com
 (8.9.3/8.9.3) with SMTP id CAA32069; Fri, 20 Dec 2002 02:04:32
  GMT
  Received

Re: VLSM Question [7:58569]

[Tom Lisa]

If the test prep you are using is for the CCNA exam then C is the
correct
Cisco answer (the use of Class B/Class C terminology makes me think
this is the case). This is because Cisco still insists, at the CCNA
level, on
computing subnets using the formula 2^n-2.  This assumes that subnet
zero and the all ones subnet are unusable.  Therefore you have to create
16 subnets, resulting in 14 usable to get the required 8 subnets.

In the real world, 255.255.224.0 is correct.
BTW, what is the VLSM question here?

HTH,
Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Richard Burdette wrote:

  A prep test I am using has a question for which I disagree with the
  answer.
  Here is the question

  If I had a Class B address, what subnet mask would I use if I wanted
  to
  split it into 8 class C addresses?

  a.255.255.240.0
  b.255.255.255.0
  c.255.255.248.0
  d.255.255.254.0

  The answer from the test is c.

  I think the answer is not even listed; 255.255.224.0 because to add
  eight
  additional subnets we need 2^3=8 bits of subnet which equates to 224
  of
  mask.  Am I right or wrong?

  Rich
   
   
   
   
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58605t=58569
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Off Topic - Missed it by that much - CCIE Lab report [7:58606]

[Tom Lisa]

Chuck,

Sorry to hear you contracted the Agent 86 disease.  However, it
sounds like you won't have any problem the next time around.

Good Luck,
Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

The Long and Winding Road wrote:

  In the words of the esteemed Maxwell Smart, missed it by that much.

  Good test. Liked it a lot.  Can't say much about the content,
  obviously.

  The 3550's were there. I think that those who have expressed
  reservations
  about this will find little to worry about. The Lab writers did a
  pretty
  good job of integrating the devices into the rack and the exam.

  I think I was more surprised by what I did NOT see than by what I did
  see.
  Wish I could say more.

  There were the usual off the wall requirements. I knew the names, or
  had
  heard of the technology, but had never practiced it. Here's where the
  doc CD
  came in handy. It was very easy to locate the information and do the
  required configuration.

  I did have one very odd problem I was unable to solve. My own
  practice, not
  to mention the doc CD configuration guide, told me that a particular
  configuration should have worked. But it didn't. I've mocked up the
  configuration here at home, and it took a total of 10 minutes to
  start from
  a router with no configuration and have it up and running correctly.
  But in
  the Lab it just would not work. I have an inquiry in to the CCIE Lab
  folks,
  asking them to check the rack. I believe there is a physical problem,
  although for the life of me I cannot come up with a plausible
  explanation as
  to why. I would get more specific, except this would be a direct
  violation
  of NDA. I will say that anyone who sits at rack 12 in San Jose - if
  you are
  absolutely certain your configuration is correct, tell the proctor. I
  hesitated to do so, and I paid the price. You'll know when you see it
  ;-)

  I did one stupid thing, and the more I think about it, I should have
  corrected it immediately when I discovered it. When I first created
  my
  notepad file with my alias commands, I stupidly did most of them as
  alias
  configure rather than alias exec Given that the lab is graded
  pretty much
  by scripts, I have this bad feeling that this mistake may have
  interfered
  with the operation of some of those scripts, meaning that I was not
  given
  credit for successfully completed tasks just because the script was
  unable
  to function properly.

  You are no longer given a point total in your report. When I counted
  up
  points in the late afternoon, I thought I had between 60 and 70. I
  had no
  reachability problems, save to one interface, and that interface had
  nothing
  depending upon it. I knew I didn't have enough points to pass, but I
  thought
  I was close. To judge from my score report, the final total was maybe
  35-45
  depending. As those of you who have been there know, the dependings
  will
  kill you every time. :-)

  I can say I had a lot of fun doing this test. That's probably part of
  the
  reason I failed - I'm having too much fun. I can also say I'm hot to
  trot. I
  can taste it. I'm yay close to passing, and I want back in as soon as
  I can
  get there. You can bet I'm checking CCO regularly for those open
  dates.

  Afterwards, I had the pleasure of hooking up with groupstudy regular
  Larry
  Letterman. Larry - thanks for the tour - it was impressive. I was
  reminded
  of exactly why I got into the tech business in the first place - the
  desire
  to do things like you are doing, important things, things that keep
  businesses competitive. You're doing a great job and I appreciate
  your
  taking some time to show me what you're working on.

  well, another time.

  Back on the road again.
  --
  TANSTAAFL
  there ain't no such thing as a free lunch
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58606t=58606
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Regarding Router rental business? [7:58422]

[Tom Lisa]

dey shore r et r cologe!

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem
 
 

B.J. Wilson wrote:

   Guys, the spelling is getting terrible. Even painful to read.

  Agreed.  The three R's are *not* readin', routin', and 'rithmetic.
  ;-)

  BJ
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58520t=58422
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Question about multicast [7:57423]

[Tom Martin]

Dovelet,

Use a static MAC address:

(config)# mac-address-table 01.00.5e.11.22.33 fastethernet 0/1 
fastethernet 0/2 fastethernet 0/3 vlan 1

Just make sure that the MAC address correctly represents the multicast 
IP.  I chose the MAC address for 224.17.34.51, mainly because I'm not 
particularly creative.  :)

- Tom


dovelet wrote:
 Hi all,
 
 I am using a Cisco Cat.2950 switch to connect the network. Assume I have 5
 computers are connected to the switch. 3 of them will tell using multicast.
 I don't want the other computers listen this multicast. How can I control
 only these three switch ports can send and receive this multicast. Please
 node that all the computers do not support IGMP.
 
 Regards,
 Dovelet




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=58046t=57423
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCIE R amp;amp;amp;S LAB [7:57050]

[Tom Martin]

Charles,

You can get the information from Cisco's web site using the following
URL.  It requires a CCO user account to access it though:

http://www.cisco.com/en/US/partner/learning/le3/le11/learning_ccie_resource_guide.html#18

Relevant verbage in case you to not have a CCO account:

18.  Lab Exam Content and Equipment Changes

CCIE Candidates should note the following changes to the technical
content and equipment for the CCIE Lab exam. The content changes affect
the CCIE Routing and Switching Lab exam, while the equipment changes
affect all CCIE certification tracks.

The CCIE program continually monitors the topics and technologies
covered in the CCIE certification tracks. The end result of this process
is that a topic may be removed from the exam to allow greater emphasis
on features or technologies that are more current in the industry.

Therefore, effective November 4th, 2002, the following topics will
no longer be tested on the CCIE Routing and Switching exam:

   IGRP
   Token Ring
   Token Ring Switching
   IPX

Please note that DLSw+ will remain as a valid topic on the exam.

Between September 1, 2002 and November 4th, 2002 all CCIE labs
will replace the current Catalyst 5000 switches with Catalyst 3550
switches. However, the only switching features tested during this time
will be those common to both devices - additional features on the
Catalyst 3550 will only be tested beginning November 4th, 2002.

Please note that except for the change in switches, no new topics
are being added to the content covered by the Routing and Switching
exam. However, many features currently tested will now be able to
receive more weight on the exam beginning November 4th.

If you have questions regarding these changes, please contact
[EMAIL PROTECTED] . Please allow up to 72 hours for a response.

- Tom

cer wrote:
  Brad,
 
  Where did you get your information from, and is there a Cisco URL
  that I can look at to confirm?
 
  TIA,
 
  Charles
 
 
  Brad  wrote in message
  news:200211081509.PAA29591;groupstudy.com...
 
  No, that stuff is now gone.
 
  thanks, -Brad Ellis CCIE#5796 (RS / Security) Network Learning Inc
   [EMAIL PROTECTED] www.optsys.net (Cisco hardware)
 
  Mike Peterson  wrote in message
  news:200211071521.PAA27543;groupstudy.com...
 
  Hi All,  Soon I will be going for the RS LAB and I am not seeing
   that CISCO took out :IGRP, IPX, Token Ring from the LAB yet.
  Does anyone knows why  or they will still keep those on the LAB ?
   Thanks, [EMAIL PROTECTED]
 
  

 
 
 
 
  Tired of spam? Get advanced junk mail protection with MSN 8.
  archives, and subscription info:
  http://www.groupstudy.com/list/cisco.html Report misconduct and
  Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=57166t=57050
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: How RIPv1 masks are determined - confused [7:57049]

[Tom Martin]

Robert,

I believe that your diagram should reflect R1's serial interface to R2
as s0/1 instead of s0/0.  This caused me some confusion in trying to
figure out the configs.  Actually, there is still some confusion given 
the a duplicate IP (172.16.66.1) assigned to both routers on that serial 
link -- and that the routing updates are being sourced from that 
duplicate IP.  Perhaps this was your intention???

Anyway, to help answer your question:

  I expected that the router would choose netmask belonging to the
  subnet of update source (172.16.66.1/25 in this case). This would
  make more sense - or maybe I am wrong??

The receiving router, R2 in this case, has no idea what the subnet of 
the update source is since this information isn't carried in the update 
itself.  Instead, R2 assumes that the advertised RIP network has the 
same subnet as the network configured on its receiving interface.  Since 
all three of the IP addresses belong to the same major network as the 
sender, all three are valid candidates for being the intended recipient 
of the update.  The valid IP address that R2 seems to be using to 
interpret the advertised network is obviously 172.16.77.3/29.

You make a strong argument that a more logical interpretation would be 
to use the local IP address 172.16.66.1/25 to interpret the route since 
it is the only IP address that is on the same subnet as the sending 
router (since the other IPs configured on the link should, based on 
normal IP rules, require another router to communicate with the sender). 
  All documentation I've come across and configuration I have done 
indicates that the receiving router validates the update based on major 
network only, and then uses the mask of the locally configured address 
of that network to interpret the incoming networks.  So, technically, 
interpreting the route as 172.16.77.0/29 isn't wrong -- it's just one 
of 3 possible ways of interpreting the advertised network.

I'm curious as to whether your configuration works at all given the 
next-hop address (172.16.66.1) is also a valid IP address on R2.  Are 
you able to ping 172.16.200.1 from R2?  It seems to me that R2 should be 
dropping the traffic instead of forwarding it to R1.  If R2 isn't 
dropping the traffic I'd like to know to why -- Was this intentional and 
part of your intended lab?

Anyway, I hope that this provides some help.

- Tom

Robert Slaski wrote:
  Hi,
 
  I was almost sure I understood RIP a little. Until today, grr ;-)
 
 
 
  My goal was to inject 172.16.200.0/25 OSPF routes into 172.16.12.0/26
   RIP domain and I tried to use secondary addresses to extend /25 to
  RIP domain.
 
  We have two routers connected via serial link on the edge of a
  network: R1 (s0/0)  (s0/1) R2 (s0/0)  the rest of a network.
 
  R1 is doing OSPF/RIP redistribution and R2 only in RIP domain:
 
  router ospf 666 log-adjacency-changes redistribute rip subnets
  network 172.16.100.0 0.0.0.7 area 1 ! router rip redistribute ospf
  666 metric 6 passive-interface Serial0/0 network 172.16.0.0
  distribute-list 1 out Serial0/1 ! access-list 101 permit ip
  172.16.200.0 0.0.0.7 any
 
 
  R1: interface Serial0/1 ip address 172.16.66.1 255.255.255.128
  secondary ip address 172.16.12.2 255.255.255.192 no ip split-horizon
 
  172.16.0.0/16 is variably subnetted, 4 subnets, 3 masks O IA
  172.16.200.0/25 [110/65] via 172.16.100.2, 02:29:30, Serial0/0 C
  172.16.12.0/26 is directly connected, Serial0/1 C 172.16.100.0/29 is
  directly connected, Serial0/0 C 172.16.66.0/25 is directly connected,
  Serial0/1
 
 
  R2: interface Serial0/0 ip address 172.16.77.3 255.255.255.248
  secondary ip address 172.16.66.1 255.255.255.128 secondary ip address
   172.16.12.1 255.255.255.192 clockrate 64000
 
 
  172.16.0.0/16 is variably subnetted, 3 subnets, 3 masks C
  172.16.12.0/26 is directly connected, Serial0/0 C 172.16.77.0/29 is
  directly connected, Serial0/0 C 172.16.66.0/25 is directly connected,
  Serial0/0
 
 
  Now a RIPv1 update is received: Mar  1 01:12:44.149: RIP: received v1
   update from 172.16.66.1 on Serial0/0 *Mar  1 01:12:44.149:
  172.16.200.0 in 6 hops
 
  and the routing table looks now:
 
  C205.2.3.0/24 is directly connected, Loopback10 172.16.0.0/16 is
  variably subnetted, 4 subnets, 3 masks R   172.16.200.0/29
  [120/6] via 172.16.66.1, 00:00:15, Serial0/0 C   172.16.12.0/26
  is directly connected, Serial0/0 C   172.16.77.0/29 is directly
  connected, Serial0/0 C   172.16.66.0/25 is directly connected,
  Serial0/0
 
  We see that an update about 172.16.200.0 was received from
  172.16.66.1 (secondary of serial interface of R1) and installed in
  route table. But the netmask was chosen not as I expected: not /25
  subnet locally configured on s0/0 (172.16.66.2/25) has been chosen
  but longest-match rule was applied and /29 mask configured on one of
  subinterfaces won.
 
  This behaviour get me confused. Doyle vol.1 doesn't even mention of
  choosing masks

Re: Slightly off Topic PIX [7:56994]

[Tom Martin]

David,

Absolutely.

When specifying the translation commands, instead of specifying a full 
IP translation just specify the port.  For example, assuming you wanted 
your public IP (12.12.12.12) to redirect HTTP traffic to 192.168.0.1 and 
HTTPS traffic to 192.168.0.2:

 static (inside,outside) tcp 12.12.12.12 80 192.168.0.1 80 netmask 
255.255.255.255 0 0
 static (inside,outside) tcp 12.12.12.12 443 192.168.0.2 443 netmask 
255.255.255.255 0 0
 conduit permit tcp host 12.12.12.12 eq 80 any
 conduit permit tcp host 12.12.12.12.eq 443 any

- Tom

Dave Tyler wrote:
 This is just a bit off topic and I have several questions about the PIX.
 
  We currently run a Symantec Enterprise Firewall and we are considering
 moving
 to a Cisco PIX 506E or 515E.  The SEF runs DNS and has the ability to
listen
 to a range of IP addresses on a single interface then proxy the calls.  The
 question about a PIX is whether it can do the same thing?  As I read the
 documentation from Cisco I did notice the SMTP redirection. Can the PIX
 redirect for https and http from different different  public IP address
calls
 on a single interface?  Like OWA over https to one system and http traffic
to
 a different system?
 
 
 David Tyler
 IT Manager
 Clear Technology Inc.
 [EMAIL PROTECTED]
 www.clear-technology.com
 
 This document, and any attachments, may contain confidential and
proprietary
 information of Clear Technology, Inc. Any unauthorized dissemination or
 copying is strictly prohibited. If you are not the intended recipient,
please
 destroy or return this document without reading or copying it, and notify
us
 immediately. Clear Technology will protect its intellectual property rights
 to
 the maximum extent possible under law.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=57169t=56994
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: VoIP+QoS+xDSL+H.323Gatekeeper [7:57121]

[Tom Martin]

Mark,

It sounds like the voice traffic is being prioritized correctly since 
the voice is rock solid after the connection is made.  Looking at your 
config this is strange as the default IP Precedence should be 0 for 
voice traffic and I do not see where you have specified this in your 
dial peer.  Based on your explanation I would expect to see something like:

dial-peer voice 1 voip
  destination-pattern .
  session target ...
  ip qos dscp cs5 media

-or-

dial-peer voice 1 voip
  destination-pattern .
  session target ...
  ip precedence 5

With the classification statements missing from your configuration, I 
would expect voice to be choppy and unintelligible.  The default 
classification for router-originated voice traffic is supposed to be ip 
precedence of 0 (DSCP=00).  Perhaps Cisco has changed this in the 
latest IOS releases?

You should also have ip qos dscp cs5 signaling present in your 
dial-peer configuration to identify the signalling traffic as having IP 
precedence=5 so that it is classified correctly and sent down your voice 
PVC.  As it stands now, your signalling traffic should be using your 
data PVC.

You can find some decent QoS configuration examples on Cisco's web site 
relating to LLQ which might also help along these lines.  Cisco usually 
recommends setting signaling to af31 and media to ef (to make sure that 
if signaling and media contend for bandwidth voice quality is not 
affected).  Since your configuration is already classifying explicitly 
on ip precedence=5, it might just be simpler to set the ip precedence of 
both media and signaling traffic to 5.

I hope this helps.  :)

- Tom


Mark S wrote:
 For those of you trying to email me from the link in the message, here is
 the updated post.  Sorry about the duplicate.
 
 ***
 Well, this should give you enough to chew on since voice is becoming a hot
 topic. I am trying to configure VoIP with QoS. Why over IP and not over
ATM,
 you say? I have to controll the call with a H.323 Gatekeeper, and that is
IP.
 
 My problem appears to be that the call setup (or maybe signalling?) appears
 to be delayed. The test results are as follows:
 
 If the WAN link is saturated with data packets PRIOR to establishing the
 voice call, the first 10 to 15 (approximately) seconds of the call are
lost.
 After the call is established, voice is rock solid and no voice packets are
 delayed or lost.
 
 If the voice call is established PRIOR to saturating the WAN link with data
 packets, the voice call is rock solid and no voice packets are delayed or
 lost.
 
 Thoughts or configs would be appreciated.
 
 --Mark
 
 
 version 12.2
 service timestamps debug datetime msec
 service timestamps log datetime msec
 no service password-encryption
 !
 hostname Router
 !
 logging buffered 4096 debugging
 !
 memory-size iomem 25
 ip subnet-zero
 !
 no ip domain lookup
 !
 ip cef
 !
 voice call carrier capacity active
 voice rtp send-recv
 !
 no voice hpi capture buffer
 no voice hpi capture destination
 !
 vc-class atm vip
 vbr-rt 256 256 10
 precedence 5
 no bump traffic
 no protect vc
 no protect group
 !
 vc-class atm normal
 vbr-nrt 192 192
 precedence other
 no protect vc
 no protect group
 !
 interface ATM0/0
 ip address 1.1.1.254 255.255.255.0
 ip nat outside
 no atm ilmi-keepalive
 bundle-enable
 bundle qosmap
 protocol ip 1.1.1.1
 encapsulation aal5snap
 pvc-bundle data 0/37
 class-vc normal
 pvc-bundle voice 0/36
 class-vc vip
 !
 dsl equipment-type CPE
 dsl operating-mode GSHDSL symmetric annex A
 dsl linerate AUTO
 h323-gateway voip interface
 h323-gateway voip id Gatekeeper ipaddr x.x.x.x 1718
 h323-gateway voip h323-id Gateway
 ip rsvp bandwidth 64 64
 ip rsvp resource-provider wfq pvc
 !
 interface FastEthernet0/0
 ip address 10.200.100.1 255.255.255.0
 ip nat inside
 speed auto
 !
 ip nat inside source list 1 interface ATM0/0 overload
 ip classless
 ip route 0.0.0.0 0.0.0.0 1.1.1.1
 no ip http server
 ip pim bidir-enable
 !
 access-list 1 permit 10.200.100.0 0.0.0.255
 !
 call rsvp-sync
 !
 voice-port 2/0
 station-id name StaID
 station-id number 111222
 caller-id enable
 !
 voice-port 2/1
 station-id name StaID
 station-id number 111222
 caller-id enable
 !
 dial-peer cor custom
 !
 dial-peer voice 1 voip
 destination-pattern T
 session target ras
 !
 gateway
 !
 line con 0
 line aux 0
 line vty 0 4
 login
 !
 no scheduler allocate
 end




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=57139t=57121
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Problems w/Hyperterminal?? [7:56619]

[Tom Lisa]

Greg,

Let's be politically correct here.  We are not suffering from
Alzheimer's.  We are merely enjoying the occurrence of
randomly generated Senior Moments.

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem
 
 

Greg Macaulay wrote:

  It's not nice to flame an active member of the Bar who is still
  in good
  standing Alzheimer's (Cisco type) may indeed be overtaking me
  here, but
  my legal brain cells are still quite sharp.  So flame me at your
  own
  risk! Perhaps I can obtain enuf from a lawsuit to purchase an
  ISDN
  simulator 

  Don't anybody take the above para in the wrong vein!  I was simply
  having a
  bad day (and then I had to take my grandchildren trick or treating
  for
  hours -- while I searched through my Alzheimer-ridden brain cells to
  identify a solution to my problem.  Now back to my problem.

  Greg Macaulay
  Oldest Human Being preparing for the CCIE Lab
  Lifetime AARP member
  Retired Attorney/Law Professor

   -Original Message-
   From: [EMAIL PROTECTED] [mailto:nobody;groupstudy.com]On Behalf
  Of
   Tom Lisa
   Sent: Thursday, October 31, 2002 8:10 PM
   To: [EMAIL PROTECTED]
   Subject: Re: Problems w/Hyperterminal?? [7:56619]
  
  
   Priscilla,
  
   The real reason not to flame him is because he may come out of
  retirement
   and sue all of us!  :)
  
   Prof. Tom Lisa, CCAI
   Community College of Southern Nevada
   Cisco ATC/Regional Networking Academy
   Cunctando restituit rem
  
   Priscilla Oppenheimer wrote:
  
 I wouldn't flame the oldest CCDP on the planet ;-), but, what do
  you
 mean
 you can't ping from HyperTerminal? HyperTerminal just gets you
  serial
 access
 to the console port.
  
 Priscilla
  
 Greg Macaulay wrote:
 
  Hi all --
 
  I'm suffering thru a terrible newbies type problem and cannot
  seem to
  identify the error of my ways.  I know it's something very
  basic -- and it
  brings back memories of high school geometry homework where I
  stared at
  objects for hours on end trying to understand!!!
 
  The thrust of my pitiful situation is: I cannot ping from
  hyperterminal --
  altho' I can readily ping from a DOS prompt on the same PC.
 
  I have the parameters set properly 8-N-1-None -- and I have
  tried with the
  TFTP server setup on the same PC and on another in my home
  network (I have
  10 pcs in my home network -- most old -- but they still
  work!).  Neither
  works.
 
  Any suggestions.  And please don't waste time flaming me -- I
  know I should
  be able to figure this out -- but even after researching the
  archives and
  CCO, I am no closer to a solution than I am to passing the LAB
  on the first
  try!
 
  So any and all helpful suggestions would be welcome.
 
  Thanks to all -- in advance!!
  Greg Macaulay
  Oldest Human Being preparing for the CCIE Lab
  Lifetime AARP member
  Retired Attorney/Law Professor
 [EMAIL PROTECTED]
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=56707t=56619
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Problems w/Hyperterminal?? [7:56619]

[Tom Lisa]

Priscilla,

The real reason not to flame him is because he may come out of retirement
and sue all of us!  :)

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando restituit rem

Priscilla Oppenheimer wrote:

  I wouldn't flame the oldest CCDP on the planet ;-), but, what do you
  mean
  you can't ping from HyperTerminal? HyperTerminal just gets you serial
  access
  to the console port.

  Priscilla

  Greg Macaulay wrote:
  
   Hi all --
  
   I'm suffering thru a terrible newbies type problem and cannot
   seem to
   identify the error of my ways.  I know it's something very
   basic -- and it
   brings back memories of high school geometry homework where I
   stared at
   objects for hours on end trying to understand!!!
  
   The thrust of my pitiful situation is: I cannot ping from
   hyperterminal --
   altho' I can readily ping from a DOS prompt on the same PC.
  
   I have the parameters set properly 8-N-1-None -- and I have
   tried with the
   TFTP server setup on the same PC and on another in my home
   network (I have
   10 pcs in my home network -- most old -- but they still
   work!).  Neither
   works.
  
   Any suggestions.  And please don't waste time flaming me -- I
   know I should
   be able to figure this out -- but even after researching the
   archives and
   CCO, I am no closer to a solution than I am to passing the LAB
   on the first
   try!
  
   So any and all helpful suggestions would be welcome.
  
   Thanks to all -- in advance!!
   Greg Macaulay
   Oldest Human Being preparing for the CCIE Lab
   Lifetime AARP member
   Retired Attorney/Law Professor
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=56645t=56619
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: hate cisco's new site? [7:56236]

[Tom Lisa]

I can't get to cisco.com either, must be down.

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
Cunctando Restituit Rem
 
 

Carroll Kong wrote:

  Well, a few work arounds.  You can just go straight to the
  documentation CD

  (right now the site seems down for me, ugh, so I cannot verify 100%,
  the
  links are pretty close, and if you navigate hard enough it really
  just links
  back to the universal cd anyway)

  http://www.cisco.com/univercd/

  OR just go to the bottom right and click on GO TO THE OLD SITE. 
  And
  presto you get your old site back.  Ironically it usually takes a
  very long
  time to load the old site

  As for general navigation, if you guys want to find docs, I think it
  was
  under support, hardware (for stuff like the pix) and software for
  IOS, then
  you can drill down and one of them eventually brings you back to the
  universal cd.  ;)

  While I hate it too, but come on guys we are powerful Cisco Study
  candidates, we should be able to solve anything that comes up
  quickly!  If
  we can crunch Cisco problems we can navigate this new nasty site as
  well!  :)

   I used to bitch about the old one and am now totally screwed... I
  guess
  I'll
   learn to like it ;-(
  
   Tim
  
   sam sneed  wrote in message
   news:200210241956.TAA01985;groupstudy.com...
Am I the only one that hates Cisco's new site? I can't find
  anything that
I'm looking for on the there. Its driving me up the wall.
  -Carroll Kong
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=56286t=56236
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Catalyst 8540CSR [7:56172]

[Tom Wilson]

Been running a few 8540CSR's for a couple of years now.
E-mail me off-topic, and we can exchange information.

-Tom


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=56197t=56172
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCNP Candidates - Free Study Sources for new BSCI exam [7:55732]

[Tom Lisa]

I refuse to respond any further on the grounds it may encourage you further,
as if you need any! :)

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy

Howard C. Berkowitz wrote:

 At 11:20 PM + 10/15/02, Tom Lisa wrote good stuff about IS-IS.

 I have one question, if it doesn't break NDA. Is there anything about
 Bill Clinton's definition of IS-IS?  Perhaps a menage a trois?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55732t=55732
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CCNP Candidates - Free Study Sources for new BSCI exam [7:55747]

[Tom Lisa]

Your Honor, I rest my case!

Howard C. Berkowitz wrote:

 At 6:57 PM + 10/16/02, Tom Lisa wrote:
 I refuse to respond any further on the grounds it may encourage you
further,
 as if you need any! :)

 I see you have recognized I am incorrigible, and you refuse to incorrige
me.

 
 Prof. Tom Lisa, CCAI
 Community College of Southern Nevada
 Cisco ATC/Regional Networking Academy
 
 Howard C. Berkowitz wrote:
 
   At 11:20 PM + 10/15/02, Tom Lisa wrote good stuff about IS-IS.
 
   I have one question, if it doesn't break NDA. Is there anything about
Bill Clinton's definition of IS-IS?  Perhaps a menage a trois?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55747t=55747
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CCNP Candidates - Free Study Sources for new BSCI exam [7:55648]

[Tom Lisa]

All-

The link below to ciscopress provides information on the new BSCI exam
as well as links to pertinent material on CCO about IS-IS.  Also, in
mid-Nov
they will be providing free chapters on-line about IS-IS.

http://www.ciscopress.com/link.asp?link=54

Here are the links they provide if you want to go directly there and not
pass go.

IS-IS: A Brief Introduction
http://www.ciscopress.com/content/images/1587200015/downloads/ISIS.pdf?session_id={009BD592-28D3-4DB9-BB97-99F0C2697AAD}

Introduction to Intermediate System-to-Intermediate System Protocol
http://www.cisco.com/warp/public/cc/pd/iosw/prodlit/insys_wp.htm

Configuring IS-IS for IP on Cisco Routers
http://www.cisco.com/warp/public/97/is-is-ip-config.html

Configuring Integrated IS-IS
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c/ipcprt2/1cdisis.htm

(No NDA or IPR violations occurred in the creation of this email) {:-)

HTH,
Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=55648t=55648
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF for ISPs [7:54540]

[Tom Lisa]

Howard,

Is there an audio tape that goes with the slides.  If so, I'd being
willing to
pay so I could show this presentation to my CCNP students, including
the shameless plug.  BTW, liked your concise explanation of CIDR
vs VLSM.

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy
 
 

Howard C. Berkowitz wrote:

  At 2:58 PM + 9/30/02, Don wrote:
  Rather than run OSPF to customers, it is generally much better to
  have
  them use a default route to the ISP and for the ISP to run static
  routes to
  the customer.  OSPF to the customer is a huge land mine for the ISP
  and
  should be avoided in almost every case.
   Don

  I agree completely with Don that an ISP _never_ should link its IGP
  to that of the customer.  Don't fall into the trap of assuming that
  BGP needs a full routing table or will consume excessive resources.

  I remain confused why a default route wouldn't serve, unless there
  are multiple connections between the ISP and customer. By send the
  block to the customer, do you mean the block is in the customer's
  space?  You could certainly use a second static route, which can be
  generated automatically as part of your address assignment (see my
  NANOG presentation,
  http://www.nanog.org/mtg-9811/ppt/berk/index.htm).

  If that's not appropriate, have the customer announce his two blocks
  to you with BGP and receive default from your BGP.

  
  
  Chris Headings  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Good morning all.  I was wondering if someone could lend me a
  little help
about engineering OSPF in the backbone for an ISP network.  I
  just had a
couple of questions and hopefully someone can give me some
  guidance.or
  even
some CCO links with some specific examples or better yet any
  material
anywhere.
  
Say, for example, that a customer has a small block of IP's and a
distribution router knows where that block is, via a connected
  route,
  like
  a
/30 on a serial link.  But later down the line the customer
  requests an
additional block of 64 IP addresses, what is the best way to send
  this
  block
to the customer?  Do I need to run OSPF on the customer
  equipment?  If
  the
customer router is not running OSPF, how do the routers know how
  to get
  to
this destination?  I assume via static routing???
  
Thanks as always.
  
 Chris
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=54565t=54540
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: LAN Design [7:54023]

[Tom Lisa]

I'm hurt to say the least.  I touch on all of those, albeit briefly.  After
all, I'm not
teaching CCDA/DP courses.

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy

Priscilla Oppenheimer wrote:

 Thank-you very much for the recommendations for Top-Down Network Design. I
 probably don't express my gratitude often enough to the many people who
 bought the book.

 I suspect that we may be helping a Cisco Networking Academy student with
 homework. ;-) This sounds a lot like the exercises they do. That program
has
 a tendency to teach a bottom-up design methodology that focuses on physcial
 size and technology/media selection, before gaining an understanding for:

 business and political concerns
 budget
 user expectations for reliability, response time, etc.
 application requirements for bandwidth, delay, etc.
 appliation behavior in terms of broadcasts, traffic patterns, etc.

 You all did a good job of pointing out the importantance of these concepts,
 so I will say no more.

 Priscilla



 Chuck's Long Road wrote:
 
  Tim Medley  wrote in message
  [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
   If you are serious about designing this netwoek and designing
  ir correctly
   for scalability and functionality, pick up a good network
  design book.
  
   My reccomendation is Top Down Network Design, by Priscilla
  Openheimer. U
   have two copies one at home and one at the office, I refer to
  this tome
   quite often. Great book, excellent methodology.
 
  CL: a good book indeed. the irony here is that oftentimes,
  particularly in
  smaller environments, the person who has to make these
  decisions is under a
  severe time constraint, and does not have time to attain the
  background that
  all of us study. back in the days when I was a network manager,
  I never had
  time to learn this stuff. my own road to correct network
  thinking began
  after I was downsized. :-
 
  
  
  
   Tim Medley, CCNP+Voice, CCDP, CWNA
   Sr. Network Architect
   VoIP Group
   iReadyWorld
  
  
   -Original Message-
   From: Jimmy [mailto:[EMAIL PROTECTED]]
   Sent: Tuesday, September 24, 2002 11:01 PM
   To: [EMAIL PROTECTED]
   Subject: LAN Design [7:54023]
  
  
   If i have to design network for 3 storey on a building. There
  are around
   200-300 workstations in 2 storey each. Is it advisable to use
  Ethernet to
   link them up. As for the other storey it is for admin
  purpose. The
  distance
   is around 150m between the further storey. However it is
  possible to put a
   switch/router at the middle for interconnect.
  
   Cheers,
   Jimmy




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=54140t=54023
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: LAN Design [7:54023]

[Tom Lisa]

Yes, Sem1 does concentrate on Layer 1.  We teach the concepts from the
bottom up.  But, as we all know, Top Down Network Design is best.  Didn't
someone write a book on it?  All good design starts by getting Layer 8
issues resolved first.

Prof. Tom Lisa, CCAI
Community College of Southern Nevada
Cisco ATC/Regional Networking Academy

Priscilla Oppenheimer wrote:

  Tom Lisa wrote:
  
   I'm hurt to say the least.  I touch on all of those, albeit
   briefly.  After all, I'm not
   teaching CCDA/DP courses.
  
   Prof. Tom Lisa, CCAI
   Community College of Southern Nevada
   Cisco ATC/Regional Networking Academy

  I'm sure experienced, knowledgable professors such as yourself do
  teach
  design in a well-rounded fashion. ;-) It's more the Academy course
  materials
  I was concerned about. They teach design from a cabling, hardware,
  product
  viewpoint, which does have some value, by the way. As Chuck
  mentioned, you
  have to think about the positioning of wiring closets, the MDF, etc.
  Cisco
  Networking Academy harps on that a lot, from what I remember.

  Priscilla

  
   Priscilla Oppenheimer wrote:
  
Thank-you very much for the recommendations for Top-Down
   Network Design. I
probably don't express my gratitude often enough to the many
   people who
bought the book.
   
I suspect that we may be helping a Cisco Networking Academy
   student with
homework. ;-) This sounds a lot like the exercises they do.
   That program has
a tendency to teach a bottom-up design methodology that
   focuses on physcial
size and technology/media selection, before gaining an
   understanding for:
   
business and political concerns
budget
user expectations for reliability, response time, etc.
application requirements for bandwidth, delay, etc.
appliation behavior in terms of broadcasts, traffic patterns,
   etc.
   
You all did a good job of pointing out the importantance of
   these concepts,
so I will say no more.
   
Priscilla
   
   
   
Chuck's Long Road wrote:

 Tim Medley  wrote in message
 [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
  If you are serious about designing this netwoek and
   designing
 ir correctly
  for scalability and functionality, pick up a good network
 design book.
 
  My reccomendation is Top Down Network Design, by Priscilla
 Openheimer. U
  have two copies one at home and one at the office, I
   refer to
 this tome
  quite often. Great book, excellent methodology.

 CL: a good book indeed. the irony here is that oftentimes,
 particularly in
 smaller environments, the person who has to make these
 decisions is under a
 severe time constraint, and does not have time to attain the
 background that
 all of us study. back in the days when I was a network
   manager,
 I never had
 time to learn this stuff. my own road to correct network
 thinking began
 after I was downsized. :-

 
 
 
  Tim Medley, CCNP+Voice, CCDP, CWNA
  Sr. Network Architect
  VoIP Group
  iReadyWorld
 
 
  -Original Message-
  From: Jimmy [mailto:[EMAIL PROTECTED]]
  Sent: Tuesday, September 24, 2002 11:01 PM
  To: [EMAIL PROTECTED]
  Subject: LAN Design [7:54023]
 
 
  If i have to design network for 3 storey on a building.
   There
 are around
  200-300 workstations in 2 storey each. Is it advisable to
   use
 Ethernet to
  link them up. As for the other storey it is for admin
 purpose. The
 distance
  is around 150m between the further storey. However it is
 possible to put a
  switch/router at the middle for interconnect.
 
  Cheers,
  Jimmy
  [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=54186t=54023
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: CVOICE book: VoATM and VoFR [7:53909]

[Tom Scott]

Priscilla wrote:

 I have gotten quite a few of these simple voice/data
 networks up and running. It's very easy.  There is no Call
 Manager! And, as you mentioned, the major benefit is that
 you bypass long-distance charges because you simply use
 the existing data network. You may need to prioritize
 voice, and break up big data packets to get the low level
 of delay required for voice, but other than that, there's
 not much to it

For many purposes there's not much for the network
administrator to do, as you mention. In other contexts
such as a company that has a bunch of expensive PBXs that
have to be integrated onto the WAN portion of the data
network, one must exercise care to benefit from bypassing

PSTN and other legacy solutions.

Later steps can be taken to evolve to the full AVVID
solution discussed in the CIPT book, but for now I have to
focus on the Cvoice model, namely, using VoFR, VoATM and
VoIP to stop the hemorrhage of funds into legacy
long-distance voice networking. Getting those PBXs talking
to each other over an FR or ATM cloud is no small matter,
and the economic benefit is huge.


-- TT


 Original Message 
Subject: RE: CVOICE book: VoATM and VoFR [7:53567]
Date: 19 Sep 2002 00:29:26 -
From: [EMAIL PROTECTED] (Priscilla Oppenheimer)
Organization: GroupStudy.com Discussion Groups
Newsgroups: groupstudy.cisco

Tom Scott wrote:
 
  Having asked about VoMPLS transcoding from analog voice to MPLS
  frames without intermediate IP packets, my lab partner noticed
  that the CVOICE book (edited by Steve McQuerry etal) discusses
  VoFR and VoATM (chapters 8 and 9):
 
 
  analog+---+ +---+  analog
  phone A1  |   |   ATM   |   |  phone B1
... | rtr A |  or FR  | rtr B |...
  analog    |   |  cloud  |   |  analog
  phone Ai  +---+ +---+  phone Bj
 
 
  Are we reading this correctly, that the analog phones plug into
  the cisco routers and the analog voice traffic is transformed
  into FR frames or ATM cells, with no IP packets in between?
  It makes sense to do it that way in some applications. For
  example, if you have a call center in a distant suburb across
  a LATA line or two, that services a metropolitan area, then
  you'd want to bypass long-distance charges if at all possible.
 
  This seems like an easy way to do it. But what handles the
  call control? Does the router do that? Some of the diagrams
  in the CVOICE book have no PBX (or CCM) in them. Does the
  router translate the call-control signaling from the analog
  phone into corresponding pass-through signaling in the ATM/FR
  packets (sort of like user-to-user signaling that could be
  passed through SS7, in this case the users are the routers
  and the network is the ATM/FR switches)?

Yup, you got it, although it may be even simpler than you imagine.

Before AVVID, Cisco did VoIP, VoFR, and VoATM, as discussed in the CVOICE
class. With these solutions, you simply connected analog phones to FXS ports
on routers. The routers digitized and compressed the dialed digits and the
voice itself and packetized it. If it was VoATM or VoFR, there was no IP.
The data was simply put into data-link-layer frames (or cells with ATM).

You asked about the call-control signaling from the analog phone, but how
much would there be? These phones would be your basic $5.99 KMart special
with no bells and whistles, so to speak. The router provides dial tone and
picks up the dialed digits and forwards them to the other router.

As you can probably tell, I'm not a telepony expert, but I have gotten quite
a few of these simple voice/data networks up and running. It's very easy.
There is no Call Manager! And, as you mentioned, the major benefit is that
you bypass long-distance charges because you simply use the existing data
network. You may need to prioritize voice, and break up big data packets to
get the low level of delay required for voice, but other than that, there's
not much to it. The original CVOICE class covered only these types of
solutions and I'm sure the book still has a lot of this flavor, although
both the book and the newer version of CVOICE also cover newer solutions too
these days probably.

___

Priscilla Oppenheimer
www.troubleshootingnetworks.com
www.priscilla.com

 
  -- TT




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=53909t=53909
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX Question [7:53832]

[Tom Nielsen]

Well... Close.  I was using conduit statements more so than access lists. 
After seeing what you had put down, I think my error was in the global
statement.  I had...

global (outside) 1 interface

Tom


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=53875t=53832
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]