Re: ISDN Calls from Pots? [7:21738]
Hi, I can depend on the telco ISDN config. I must allow a POTS connection in. Also the router must be able to handle "modem" connections and be configured to do the job. interface Group-Async1 no ip address encapsulation ppp async dynamic address async mode dedicated no snmp trap link-status dialer in-band dialer rotary-group 0 no fair-queue no cdp enable group-range 1 8 ! interface bri#/# ip unnumbered Loopback1 no ip directed-broadcast encapsulation ppp no ip mroute-cache no snmp trap link-status isdn incoming-voice modem dialer idle-timeout 2147483 dialer-group 1 no fair-queue no cdp enable ppp authentication chap ppp multilink hold-queue 75 in The above snippets may not be exact for your application but give the idea of what is required. Teunis Hobart, Tasmania Australia On Tuesday, October 02, 2001 at 06:19:03 PM, Cisco wrote: > Hi Guys!! > > I have a topology with a 2620 router with 8 BRI S/T ports that will receive > dial backup calls from remote locations using ISDN. The problem is that we > don4t have ISDN service available on all of these locations. So my question > is: is it possible to terminate a call originated from a POTS line on the > ISDN BRI ports of the router?? I tried to call one of these ports from a > POTS line and received the messages below from the ISDN debug. The router > did not answer the calls. Some of the messages say that it4s not an ISDN > end-to-end call, which is obvious. Is there anyway of making it work?? > > *Mar 8 00:49:26.014: Progress Ind i = 0x8A81 - Call not end-to-end > ISDN, > may have in-band info > > *Mar 8 00:49:26.018: Calling Party Number i = 0x0083, > '07191338625', > Plan:Unknown, Type:Unknown > > *Mar 8 00:49:26.026: ISDN BR1/3: Event: Received a call with a bad > bearercap > from 07191388225 on B1 > > *Mar 8 00:49:29.498: %ISDN-6-LAYER2DOWN: Layer 2 for Interface BR1/3, > TEI 68 changed to down > > Thanks in advance!! > > Ednilson Rosa -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21748&t=21738 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Written: access lists [7:21726]
Hi, "A router#sh access-lists" will display the access-lists. To show what access-lists are applied to particular interfaces I would use: router#sh ip int (interface number) This will show the access list applied and the direction. The reason for enable prompt is that some router IOS versions will not display access-list without the specific number unless in enable mode. Just a thought Teunis, Hobart, Tasmania Australia On Tuesday, October 02, 2001 at 05:42:14 PM, Bob Timmons wrote: > You're right. I'm guessing it's another case of a poorly-worded question. > The only ways I know of to show an interface and its access-list is to "show > ip int" or whatever, or "show ipx int e0" or whatever protocol you're using. > The other is to "show run". > > > Dear Professional, > > > > I encountered this question while studying. It goes like this: > > > > Which command would display interfaces with applied access lists? > > > > A- show access-lists > > B- show ip access lists > > C- show ip access-lists > > D- show access lists > > > > The correct answer is supposed to be A. I tried this on my router but it > > does not show to which interfaces the access list is applied. What you > > thinks? > > > > > > Thanks > > > > Lw -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21744&t=21726 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP now, Thank You! [7:21495]
Hi all, I have made a complaint about wording of questions during each Cisco exam I completed. There are some subtle differences in different flavours of English that can create confusion. I would imagine this would even be worse when the questions are translated into other languages. Just a thought Teunis, Hobart, Tasmania Australia On Sunday, September 30, 2001 at 06:28:13 PM, Leigh Anne Chisholm wrote: > There must be a problem with me, because I didn't find anything on the CIT > exam to be poorly worded or difficult to understand. Then again, I used to > work at a law firm so perhaps my background gives me an unfair advantage. > (-: > > Previously I've expressed my opinion about the state of the CCNP exams. > That opinion holds true for CIT as well. And that in itself is likely the > real reason why I didn't find any of the questions difficult to > understand... > > > -- Leigh Anne (just Remote Access left...) > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > mike > > Sent: Sunday, September 30, 2001 2:50 PM > > To: [EMAIL PROTECTED] > > Subject: Re: CCNP now, Thank You! [7:21495] > > > > > > I can't agree with you more about the questions being worded > > badly. I also > > just finished the CIT exam for my CCNP. Every CCNP test I went > > into I felt > > very confident and found myself during the test wondering where > > the hell did > > they come up with some of these questions. You have to be a laywer to > > interpret some of them. Although I did well on all of the tests > > an am glad > > that I got the CCNP cert, I really don't feel like my knowledge of > > networking was put to the test. I hope the CCIE is more > > realistic. Anyway, > > congrats and good luck! > > > > Mike > > "Ole Drews Jensen" wrote in message > > news:[EMAIL PROTECTED]... > > > Here's a thanks to all of you who directly and indirectly helped me pass > > my > > > CCNP exams. I passed CIT this morning as the last one. > > > > > > The CIT exam was the one I felt best prepared for, but passed > > with a lower > > > score that any of the others. I felt that the questions were worded very > > > badly compared to the other exams, and I was asked questions about > > specific > > > details that I did not recall having read in any of my books. Anyway, I > > > passed - so I'm happy! > > > > > > A little advise to those of you who are on the first step on the CCNP > > > ladder: > > > > > > 1) Read at least two books for each exam, unless you feel very sure you > > know > > > everything you need to. A good rule that I have used, is to get a study > > > guide with good reviews. You can search, find and check for those on > > > http://www.amazon.com. A study guide usually uses an easier > > language that > > > you can better understand if you're reading about the topic for > > the first > > > time. As a second book, I like to buy a CiscoPress course or exam book, > > > because they are more detail specific regarding what they want > > you to know > > > for the exam. I do not recommend CiscoPress course or exam books as the > > only > > > book unless you are good at reading and understanding technical > > > explanations. They can be a little hard to understand if you're > > not really > > > sure what they're trying to tell you. > > > > > > 2) Download the Cisco exams from Boson. Take all three test exams, and > > then > > > buy the full version of the one you score lowest in. > > > > > > 3) Look on the Internet for other good helping tools or > > descriptions. For > > > the CIT, I recommend using the Flash Cards that Priscilla has available > > > (http://www.priscilla.com), and for the BCMSN exam, I recommend my own > > > applications to help you train the commands on the Catalyst 5000 and > > > calculate Multicast layer 2 and 3 addresses. Those two > > applications can be > > > found by following my RouterChief link below. > > > > > > Now on to CSS1 starting Monday or Tuesday when I expect the book to > > arrive. > > > > > > Have a nice weekend, > > > > > > Ole > > > > > > ~~~ > > > Ole Drews Jensen > > > Systems Network Manager > > > CCNP, MCSE, MCP+I > > > RWR Enterprises, Inc. > > > [EMAIL PROTECTED] > > > ~~~ > > > http://www.RouterChief.com > > > ~~~ > > > NEED A JOB ??? > > > http://www.oledrews.com/job > > > ~~~ -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21526&t=21495 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certifications for Sale ? [7:20747]
Hi, It would seem the ID bit is largely dependent on the person running the test site. I have always had to provide evidence of who I am. I have even been known to the person in the test site but still had to provide the evidence so it could be ticked off as sighted. Teunis, Hobart, Tasmania Australia On Sunday, September 23, 2001 at 11:07:42 PM, Kevin Wigle wrote: > Well I haven't taken a Cisco exam in a while but I have taken 7 Microsoft > exams in the last 3 months. > > At the beginning of each exam there were two surveys to be completed. One > for Microsoft and how much experience/studying/training you did/have. And > one for Prometric. Of the Prometric questions was: "Were you asked to > provide picture ID?" > > I would think that question was there for a reason. Cheaters of course > would lie but I would hope that anyone who takes certification seriously > would answer "No" if they weren't asked. > > Kevin Wigle > > - Original Message - > From: "Justin" > To: > Sent: Sunday, 23 September, 2001 22:32 > Subject: Re: Cisco Certifications for Sale ? [7:20747] > > > > speaking of ID... i've taken a couple of tests at different prometric > > testing places in melbourne, australia, > > and not one of them has asked for any ID. i havnt had to sign anything or > > give any information etc, so it would be incredibly easy to obtain a nice > > shiny certificate with your own name on it, and YOU dont even have to rock > > up to the exam :-). > > > > > > >Hi All, > > > > > >I do not know if that's true or not. But judging from how prometric done > > >verification on the candidate, the possibility is very high. As we all > know > > >some ID need to be shown before taking the exam, and it's up to the > testing > > >center to verify the ID Card (with a picture) and the person who's > claiming > > >it. > > >I won't be supprised if later on ppl going to ask you where you get your > > >certification and demanded a retest if it's taken in country where > > >regulation is known to be broken easily. > > >After all, a system is only as good as the ppl who carry it out ..;( -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20869&t=20747 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Reducing port scans. [7:20853]
Hi, Here is a little food for thought. Recently one of the most common questions I am asked is "how can I reduce port scanning down my link". Almost invariably the clients have a network being advertised down there link with a number of addresses far exceeding those being used. In a number of cases a /24 being advertised and 2 or 3 devices on the network. By cutting down the size of the networks to what is required to successfully run your business will significantly reduce unwanted traffic. In the example above some 255 (including the broadcast) addresses are being scanned. By reducing the size of the network to a /29 reduces the scan size to 7. This has a significant effect in two ways. The traffic coming down the link in an attempt to find the box and the ICMP reply to say it is not there. With some of the viruses about the total affect can be amazing. I have had clients thinking their users were all going via a proxy and the proxy being the only device going out on the net. The complaint was a constant meg of data going down the link and this data was not being seen by the proxy. Access lists were hard for the client to maintain (the device at his end and/or the expertise required). I had them reduce the size of the network from some 255.255.254.0 subnet mask to 255.255.255.248. Instantly his traffic dropped by in excess of 800K per/s. He was able to find the cuplprit and control his traffic far better. This is not for all but food for thought. Teunis Hobart, Tasmania Australia -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20853&t=20853 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: HP OpenView, CiscoWorks, Cabletron [7:20406]
Hi, Having used both HP OpenView and Cabletron Specrtum I found it easier to use Spectrum but I almost feel biased. Openview is also very good but it seems to require a lot more bolt on interfaces into different equipment. Spectrum seemed to offer an easier interface to the user and provide easier reporting capabilities. I found creating views of interfaces and devices not already modelled far easier in Spectrum. Others might not agree however. The real trick is to understand the devices being monitorred and what you want from the management. Both products are good. Just a view, Teunis, Hobart, Tasmania Australia On Wednesday, September 19, 2001 at 01:32:02 PM, Mr. Monitor wrote: > Thanks. > > I want to implement network management on a network campus. Hp openview has > many products for application ,database, network management. Openview has > larger power.., right ? > > Any suggestion? > > ""John Neiberger"" That all depends on what you're trying to accomplish. > I have no idea > > what Cabletron has to offer, but HP OpenView and CiscoWorks2000 are > > entirely different products and are useful in different ways. > > > > What tools do you want or need? > > > > >>> "Mr. Monitor" 9/19/01 9:37:43 AM >>> > > Dears.. > > > > Who know which one is the best ? > > Which one is the best tools? > > > > Thank you very much! -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20465&t=20406 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Frame Relay - duplex. [7:20320]
Hi, In most cases a CIR of 128K in each direction (full duplex) with bursts up to 256K depending on frame switch and or other PVC's on the link's utilsation. Just a thought Teunis Hobart, Tasmania Australia On Tuesday, September 18, 2001 at 05:52:57 PM, [EMAIL PROTECTED] wrote: > We have a discrepancy going on between our infrastructure group. The question > is. Is Frame Relay full duplex or half? We've called several providers > several > times each and we get different answers from the same provider. We are fairly > certian that a T1 is full duplex -1.544 both in and out. > > If we have a frame circuit that has a port of 256 and a CIR of 128. Are we > guaranteed 128 to transmit and 128 to receive, or are we guaranteed 128 to > both > transmit and receive. > > Curious and thanks!, > Rob Michel > [EMAIL PROTECTED] -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20327&t=20320 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BRI D channel [7:20241]
Hi, I think you might find the "D" channel sets up the link to the ISDN switch and does some communication with it. When making the call to the IP address and the other end this is done via the "B" channels. When creating different dialer interfaces each uses a different "B" channel to communicate and the "D" channel is used to setup the call via the ISDN switch. Therefore on the first call the "D" channnel will be brought up and communications will start with the ISDN switch. The line is setup (TEI, Speeds etc) number of the remote end is dialed and called. This might require a "D" channel is brought up or it might indeed be up to the remote end. Once up the "B" channels setup the end to end call and authentication takes place. After successful authentication the protocol negotiations take place establishing the IP addresses etc. I realise this is not complete but gives a rough idea of what happens. You can indeed use one dialer interface to call 2 different remote sites if required. Each on its own "B" channel. You can indeed spread these across a number of "B" channels on multiple PRI's if required. Just some thoughts. Teunis, Hobart, Tasmania Australia On Tuesday, September 18, 2001 at 08:56:26 AM, Dennie Turner wrote: > You can use dialer profiles to dial multiple locations. To accomplish > this you would create a virtual interface with interface dialer1 and > place relevant commands under that interface. Hope this helps > > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Mohammed Saro > Sent: Tuesday, September 18, 2001 2:05 AM > To: [EMAIL PROTECTED] > Subject: BRI D channel [7:20241] > > the D channel is the channel that takes the ip address so how can i > dial to > two different locations with the same BRI interface > and the other question about cisco BOD how can i use dialer > load-threshold > load > > without enabling MLPPP what will happen to ips is it will take two > different > ips ? > > > Best Regards, > Mohammed Saro > Network Engineer -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20324&t=20241 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Multihoming Without BGP!!!!!....How Posible???? Here's How [7:20322]
Hi, Wouldn't this also depend largely on the routing etc from each of the upstream providers. For example, if the address range used is within one provided via the upstream provider it is likely the routes to others in that upstream provider will only come via the link provided by the upstream provider. eg. (I know this example uses private space but it is just an example) You are given a range say 172.16.20.0/23 by you provider. This fits in the providers range of 172.16.0.0/16. The provider does not allow it's own addresses in to its network via another provider (quite a normal arrangement). It will not be possible then to access a number of sites. Just a thought on something I have seen on a number of occasions. Maybe you have an answer for this. Teunis, Hobart, Tasmania Australia On Tuesday, September 18, 2001 at 05:15:22 PM, [EMAIL PROTECTED] wrote: > If you do not want to go the complexity of running BGP and you still want > to multihome your network to the Internet here's how to do it: > > Purchase and configure two egresses to the Internet via two different ISPs. > Say that both edge routers are Cisco 3640's and both have a Firewall, say a > Pix behind them for security. > > I emphasize that for this to work make sure both 3640s have at least two > Ethernet or Fa ports each! > > Setup your default gateway on both 3640s to be each respective ISP next > hop. Setup the default gateway of your Pix to its respective edge 3640 > router. Setup a vlan on a switch, do not make any routers aware of that > vlan...its only a local broadcast domain...kind of like using a hub. > > Say your primary Ethernet interface on both edge routers is E0/0. Patch > both E0/1 interfaces on each 3640 to your local vlan so that they can > communicate, don't forget to no shut these interfaces of course. Configure > both E0/1 interfaces so that they are both in the same subnet, use a /30 > bit mask so that there is never a possiblity for IP overlap.you may > totally forget about these interfaces..I warn you..I have on my network ; > -). Now configure HSRP on Both E0/0 interfaces with each other's E0/0 as > the stanby IP address. > > Your done! If ISP 1 dies, HSRP will kick in and spoof the mac of your > other 3640. All traffic that hits your edge router pointed toward the dead > ISP will be forwarded across your local vlan to your other ISP! > > This of course doesn't work if your are running a web server and you are > NATing simultaneously like 99% of the world, however I have a workaround > for that. Instead of registering with the A root DNS server the outside IP > address of your primary 3640 as the resolution to www.yourwebpage.com. Pay > a little extra for a fully meshed ISP to host a static page for you. > Register this static page with Internic. Write the static page to do a > JAVA redirection into your network. The ISP will have the headaches of > running the BGP and even if their link to you fails, chances are that your > static page that they are hosting will still be veiwable to the Internet. > Simply write your JAVA redirector to have your secondary 3640's outside IP > address as a mirror site for immediate redirection. > > > > John Squeo > Technical Specialist > Papa John's Corporation > (502) 261-4035 -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20322&t=20322 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PPP password [7:19837]
Hi, I think you will find once it is encrypted it will stay encrypted. To avoid it becoming encrypted you can use router#no service password=encryption however be aware enable and login passwords might also be visable. There is a program that allows one to decrypt passwords excluding the "secret" password IE encrypted passwords that are identified with a "7". Just a thought Teunis, Hobart, Tasmania Australia On Thursday, September 13, 2001 at 04:10:05 PM, Andy Barkl wrote: > I need to display the PPP password on my ISDN link. > > In the enable mode can I turn off some type of encryption to then display > the encrypted password? -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19878&t=19837 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Multiple ISDN devices [7:19740]
Hi, As each is set up it gets a TEI (Terminal End Identifier) these are used to identify each device. You can have up to 8 devices connected as I understand it. Teunis Hobart, Tasmania Australia On Thursday, September 13, 2001 at 08:07:49 AM, Lists Wizard wrote: > Hello group, > > I am studying for the CIT exam and I have a question > regarding multiple isdn devices sharing a single bri > connection. Assuming a router and ISDN phone sharing a > the same s/t bus, how should I Identify each device so > that when a phone comes in the router does not > respond. Assume that I have only one phone number > assigned by the ISDN service provider. A configuration > sample will be highly appreciated. > > Thanks > Lw > > __ > Terrorist Attacks on U.S. - How can you help? > Donate cash, emergency relief information > http://dailynews.yahoo.com/fc/US/Emergency_Information/ -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19877&t=19740 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Ports and Sockets [7:19701]
Hi, Here is what I found at http://perlfect.com/articles/sockets.shtml Perl, Sockets and TCP/IP Networking. An oversimplified introduction to sockets Sockets are a mechanism that allows programs to communicate, either on the same machine or across a network. The way it works is pretty simple: Each machine on a network is identified by some address. In this tutorial we will talk about tcp/ip networking, so by network address we mean an IP address. (like 192.168.4.4) Apart from the IP address that specifies a machine, each machine has a number of ports that allow handling multiple connections simultaneously. A program that wishes to receive a connection from another program, asks the operating system to create a socket and bind it to some port. Then the program sits and listens on the socket it has created to receive incoming connections. The other program also creates a socket for communicating witht he receiver. The caller needs to specify the IP address and the port number of the receiving end. If all goes well, and as we will see shortly, the two programs establish a communication through the network using their sockets. The two programs may exchange information, each by writing to and reading from the socket it has created. Just to add a bit to all of this Teunis Hobart, Tasmania Australia On Wednesday, September 12, 2001 at 09:53:44 PM, Priscilla Oppenheimer wrote: > Ports are used by TCP and UDP to identify the next layer up in the packet. > > IP has a Protocol field that has a similar function. > > Ethernet II has EtherType. IEEE 802.3 has the 802.2 Service Access Point > (SAP). IPX and AppleTalk have sockets. > > Almost every protocol has some way of specifying what the next layer up is. > The recipient uses it to pass the data to the right process. The sender > also uses it to identify itself. > > Socket has another meaning in the Unix world which I have never quite > understood. Perhaps someone else can explain that. > > Priscilla > > At 08:25 PM 9/12/01, Dennis Laganiere wrote: > >Hopefully this will start a new conversation. I've tried to describe the > >difference between Ports and Sockets. Your thoughts are welcome... > > > >Port Numbers are used by IP to pass information to the upper layers; they > >provide the mechanism for cooperating applications to communicate. Numbers > >below 1024 are well known ports, and above 1024 are dynamically assigned > >ports. You will usually find registered ports are for vendor specific > >applications in the range above 1024. > > > >Here are some common IP Ports: > >20/21 FTP > >23 Telnet > >25 SMTP > >37 Time Service > >49 TACACS > >53 DNS > >67 BootP Server > >68 BootP Client > >69 TFTP > >110 POP3 > >161 SNMP > > > >IPX sockets are part of the IPX stack, and are used much like port numbers > >in IP; they direct data encapsulation in the IPX Header to the appropriate > >upper layer protocols. There are well-known ones, others that are assigned > >to proprietary applications, and a series of numbers used randomly by > >clients, just like in IP. Also like IP ports, they identify the process on > >the server or client that needs to get the data in the packet. > > > > Here are some common IPX sockets: > > 0x451 NCP > > 0x452 SAP > > 0x453 RIP > > 0x455 NetBios > > 0x456 Diagnostic > > 0x457 Serialization > > 0x85be IPX EIGRP > > 0x9001 NLSP > > 0x9004 IPXWAN > > 0x9086 IPX Ping > > > > > >The AppleTalk protocol suite also uses sockets. Socket numbers 1-127 are > >statically assigned (RTMP uses 1, ZIP uses 6, etc). > > > Priscilla Oppenheimer > http://www.priscilla.com -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19725&t=19701 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
sympathy expression [7:19542]
Hi, I would like express sympathy to those hurt in these circumstances. What I find really difficult to grasp is, "why?'. I can't understand any of it. I seems so needless. Teunis -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19542&t=19542 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: transceiver setting. [7:19168]
Hi, On most devices turn the SQE OFF. This can cause heaps of problems particularly on repeaters and bridge devices. Be carefull however on things such as servers some older devices require SQE ON. For example older HP servers might not work with SQE OFF. In general turn SQE OFF. The test is for heart beat and comms devices do not like it. It can slow a network down to a crawl and appear to lift your collision rate through the roof. A sure sign of it being on is when looking at a bridge and you see every packet as a collision even when you have very little traffic. Just some thoughts Teunis, Hobart, Tasmania Australia. On Sunday, September 09, 2001 at 04:07:26 AM, [EMAIL PROTECTED] wrote: > curious to know what do you guys set the SQE setting on your AUI > transceivers? is it in the ON position or OFF? im using these on the 2500 > routers... -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19201&t=19168 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VLANs over WAN links ? [7:18911]
hi, yes using bridging but why would you want to. Teunis, On Friday, September 07, 2001 at 12:20:02 AM, Fuller Michael wrote: > Is it possible for VLANs in the same VTP domain to span WAN links ? > If so, how can this be acheived ? -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18915&t=18911 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Frame Relay - Behind The Scenes... [7:18653]
Hi, I doubt you'll see much change until the PVC is up. This requires the config for the Telco to be completed. For example it to have DLCI 61 on cable Abc23 wanting to connect to DLCI 22 on cable ZX54 the Telco would need to have the two DLCI's connected via the frame switch. Once this occurs assuming both ends are set to "no shut" and are correctly configured the interfaces will come up/up. Just a thought, Teunis, Hobart, Tasmania Australia On Thursday, September 06, 2001 at 02:05:52 AM, EA Louie wrote: > ummm...did you try a 'no shut' on ser0/0? > > - Original Message - > From: "Ole Drews Jensen" > To: > Sent: Wednesday, September 05, 2001 11:16 AM > Subject: Frame Relay - Behind The Scenes... [7:18653] > > > > I am getting a Frame Relay setup and I just got the local loop installed > and > > tested today by the local telco. > > > > I know that the Frame Relay provider hasn't started their configuration > yet, > > but shouldn't I be able to see just one little change on my router when I > > connect the CSU/DSU to the local loop box? > > > > I have done a: > > > > show interface serial 0/0 > > show interface serial 0/0.101 > > show frame-relay lmi > > show controllers serial 0/0 > > > > and everything is exactly the same before and after connecting the cable. > > > > Thanks for any comments on this. > > > > Ole > > > > ~~~ > > Ole Drews Jensen > > Systems Network Manager > > CCNA, MCSE, MCP+I > > RWR Enterprises, Inc. > > [EMAIL PROTECTED] > > ~~~ > > http://www.RouterChief.com > > ~~~ > > NEED A JOB ??? > > http://www.oledrews.com/job > > ~~~ > _ > Do You Yahoo!? > Get your free @yahoo.com address at http://mail.yahoo.com -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18874&t=18653 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What does "a single point of failure" mean? [7:18734]
Hi, A single point of failure is where a network comes back to a single device and/or cable that if it fails the network will fail. I am often amused to see people cross connecting switches in a rack setting them up to have two network cards in servers etc only to plug all the devices into one power supply with on UPS. It gets even better when you have two power supplies in a device plugged into the same power source. The power source is the most likely point of failure and is a single point of failure. Another good one is when having two connections to the WAN via different suppliers. Theory looks good. Often however the cable coming into the site has the same entry point (if not the same cable). A single point of failure. I once came across a fully redundant network all coming back to on card in a chassis. The card had no support and would have taken 4 weeks to get a replacement. Not a good design is it? Just some thoughts Teunis, Hobart, Tasmania Australia On Wednesday, September 05, 2001 at 11:43:19 PM, david wrote: > it usually means a routing or switching device is down,or the link is cut? > > > Thanks, > > David -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18871&t=18734 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: what does "dark fiber" mean? [7:18718]
Hi, Dark fibre is when you have, buy or rent a fibre cable that is terminated but has no equipment connected. Devices using fibre have either infra red or laser light thus making the cale non "dark". Hope this helps. Teunis, Hobart, Tasmania Australia On Wednesday, September 05, 2001 at 10:16:07 PM, david wrote: > Thanks, > > > david -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18869&t=18718 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Traceroute Results [7:18347]
Hi, The !X is a Unix for administratively unreachable (ie and access-list) Here is the extract from the UNIX man page on traceroute Other possible annotations after the time are !H, !N, or !P (got a host, network or protocol unreachable, respec- tively), !S or !F (source route failed or fragmentation needed - neither of these should ever occur and the asso- ciated gateway is busted if you see one), !X (communica- tion administratively prohibited), or ! (ICMP unreach- able code N). If almost all the probes result in some kind of unreachable, traceroute will give up and exit. An * could be due to no device or no valid ICMP message from the remote device. It could be due to an access list denying ICMP messages. Just a thought Teunis Hobart, Tasmania Australia On Tuesday, September 04, 2001 at 09:06:39 PM, Gareth Hinton wrote: > Good point! > > When I looked in to it, I used a sniffer to work out what was happening, by > capturing one of the packets of a traceroute and used the traffic generator > to send the packet at different intervals. > I managed to work out that the cut-off time seemed to be around 500ms but > didn't know why at the time. > > Eventually found a handy little page which described what was happening and > also included various other scenarios. Doesn't rear its head very well when > searching for traceroute, but found it while looking for icmp unreachable. > Taken me a while to sift through for it again tonight. Bookmarked it now - > it's quite handy. > > Worth a look: > > http://www.cisco.com/warp/public/105/traceroute.shtml#unreach > > > Regards, > > Gaz > > > ""Priscilla Oppenheimer"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I agree with everything you say in your answer, Gareth. I noticed he did > > not say if he was doing a trace route to a Cisco router, however, so I > just > > wanted to add that the sending of port unreachable messages is not > reliable > > on other systems also. It's not "reliable" on Cisco routers and other > > devices because they rate limit. It's not reliable on Windows 98 because > it > > seems to simply not send the port unreachable, from my experience. Try a > > Cisco or Unix trace to a Windows 98 device. You'll hear from every router > > on the route and then you'll hear nothing until the trace times out. > > > > Note that Microsoft uses an ICMP echo instead of a UDP probe, so trace > from > > Microsoft doesn't have this problem. > > > > I haven't seen X as a result! That's a new one! Are you sure you saw X? I > > can't find that one documented anywhere, but the Cisco documentation on > > what you see as a result of ping or trace doesn't match what you really > see > > in the field. > > > > Priscilla > > > > At 06:41 PM 9/4/01, Gareth Hinton wrote: > > >One of those that you see happening for years but never really bother to > > >find out. I was on TAC support one day when a customer asked the same so > I > > >had to go and find out: > > > > > >The answer is: > > > > > >On Cisco routers, there is a rate limit on replies of ICMP port > unreachable > > >of 500ms for prevention of DOS attacks. > > >So basically this is what happens with a sequence of 3 packets to the > last > > >hop: > > > > > >CiscoA sends a UDP packet to CiscoB with destination port 33434 and gets > a > > >response, so immediately sends another UDP packet with destination port > > >33435. > > >This time there is no response because the final router will not respond > > >with another ICMP port unreachable for at least 500ms. Router A will wait > > >for 3 seconds for a reply, just in case. > > >CiscoA then sends the third UDP packet with destination port 33436 and > gets > > >a response, because router B's 500ms timeout has expired. > > > > > >The reason that this only happens on the last hop is because all other > > >responses along the way are TTL expired, as opposed to the last hop which > is > > >an ICMP port unreachable. > > > > > >If you've got an IOS of 12.1 or after you can control the timeout with: > > > > > >ip icmp rate-limit unreachable > > >no ip icmp rate-limit unreachable > > > > > >A little bit of useless (or maybe not) information, but amazing how often > > >the question crops up. > > > > > > > > >Hope this helps, > > > > > >Gareth > > > > > >""Tay Chee Yong"" wrote in message > > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > Hi, > > > > > > > > May I know why is it that whenever we do a traceroute to a > destination, > > >the > > > > last hop will sometimes have a "!X" instead of the TTL value returned? > > > > Sometimes it will also have an "*" at the last TTL value, why is this > > so?? > > > > > > > > Is there any document on the net that explains the above mentioned > issue. > > > > Would appreciate some guidance. Thanks. > > > > > > > > Regards, > > > > Cheeyong > > > > > > Priscilla Oppenheimer > > http://www.priscilla.com -
Re: AS5300 [7:18461]
Hi, Check your modems, You might find a number of them in a (P) pending state. These will not be accessed. You can free them again. If this is a regular occurance there may be an IOS change that could help. I can't remember the config change but there is also a way to stop them from going into the pending state. router#modem recovery action none I think is the line you need. Just a thought Teunis Hobart, Tasmania Australia On Tuesday, September 04, 2001 at 02:09:12 PM, Tom Richs wrote: > Does anyone know why on my AS5300 I have to reset the AS5300 maybe every 4-6 > weeks for it to be able to dialout. After the reset it will work fine until > noone can dialout at which time I just need to cycle to get it to work. > It's as if there's some sort of timer. > > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=18508&t=18461 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Edit an ACL Entry [7:17854]
Hi, I would consider this a dangerous way to do it. I would prefer to see: Copy the access-list into an edit (notepad). Change the access-list number. Delete or change what is required. Copy the access-list back into the router. Check the entry. Save the config. THEN Set a reload time for the router (2 Mins) Configure the interface to fire up the new access-list. If you still have access to the router kill the reload request. Test for all conditions. On success SAVE THE CONFIG. Delete second ot third backup access-list keeping the one you have just changed for roll back or historical purposes. This way should you have a flaw in your access-list you can roll back. By not saving the config until after the testing in a worse case scenario you only need to reboot the router to get it back into the previous working mode. When changing access-lists across States or in say from Australia to the US it becomes a bit of a job to fix an error or turn on a router. Just a thought Teunis, Hobart, Tasmania Australia On Thursday, August 30, 2001 at 09:16:08 AM, McCallum. Robert wrote: > copy your access list to say notepad. take out the offending item then copy > the access list to your clipboard. Then go onto the Cisco router say no > access-list blah and then paste the contents of the clipboard in. There is > no other way. > > -Original Message- > From: atram [mailto:[EMAIL PROTECTED]] > Sent: 30 August 2001 13:54 > To: [EMAIL PROTECTED] > Subject: Edit an ACL Entry [7:17854] > > > Simple question that I'm obviously having a brain fart on. > > How to remove an entry from an ACL? > > Is there a specific command or technique for removing an entry. In testing > I have noticed that the "no" command infront of the statement will delete > the entire ACL. > > I'm sure someone can provide the answer pretty quickly. > > Pardon my ingnorance. Kind of blanking out on this for some reason. > > > Thanks in advance! -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17970&t=17854 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Logging traffic [7:17559]
Hi, Depends on what your are really trying to achieve. If you have plenty of head room in your router you could just add stuuf to an access-list and send the list to a syslog. Cheap nasty but a good way to solve issues. access-list 101 permit icmp any any log access-list 101 permit tcp any any lt 100 log access-list 101 permit tcp any any gt 99 log access-list 101 permit udp any any lt 100 log access-list 101 permit udp any any gt 99 log The trick is to put the port numbers in (lt 100 etc) this will then tell you what address/port is talking to address/port. If you put this at the end of an existing access-list in place of the permit ip any any you should get what you need. On a busy link however this generates heaps of information but it is a nice way to find what you don't want on your network BE AWARE OF ANY PRIVACY ISSUES THAT MIGHT ARISE DOING THIS SORT OF STUFF. Just a thought, Teunis, Hobart, Tasmania Australia On Tuesday, August 28, 2001 at 03:03:47 PM, cisco skin wrote: > Here's what I want to do: > > Log all traffic (source/destination ip address/port #) from a specific > subnet (our HQ) to see what's passing through our external router, and where > they're going. > > Any suggestions? > > Thanks, > Jeff -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17772&t=17559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: THEY ARE NOT PORTS THEY ARE INTERFACES! [7:16843]
Hi, ' Well whilst on about ports. How about TCP sockets at least at one stage they used to be. Once upon a time you referred to a funny "D" shaped thing with 25 little holes in it as an RS232 serial port. Another with 15 pins as an AUI port. Yes Cisco refer to them as "interfaces" but others do call them ports. The trick here as I see it is to understand what you really are looking at after all "a rose is a rose ." Just some views, Teunis, Hobart, Tasmania Australia On Wednesday, August 22, 2001 at 02:55:41 PM, Peter Van Oene wrote: > What would you consider interface s0.100 to be? Seems pretty logical to me. > > I think you'll find that both the terms interface and port have context > sensitive meanings. If you've ever configured a 3Com netbuilder you'll be > even more convinced of this. I missed the rest of the thread, but I don't > see how using a term one way or another makes one a dork even though I > believe strongly in technical accuracy. Nor do I see how inferring that > people are spineless dorks contributes positively to the learning process. > > Pete > > > *** REPLY SEPARATOR *** > > On 8/22/2001 at 1:08 PM Peter Slow wrote: > > >an INTERFACE a thing, such as an ethernet or loopback interface. > >a port is a logical device, and NO a loopback does not count. > >i meant like tcp ports, usp ports, and the like. > > > >Stop being d0rks and copying everyone else who does it > >wrong, and dont be afraid to tell people to speak correctly! > > > >c3660#conf t > >Enter configuration commands, one per line. End with CNTL/Z. > >c3660(config)#port fastethernet 0/0 > >^ > >% Invalid input detected at '^' marker. > > > >c3660(config)#interface fastethernet 0/0 > >c3660(config-if)#^Z > >c3660#SEE!? > >% Unrecognized command > >c3660#SEE! > >-humboldt -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=16904&t=16843 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Access Lists On Routers [7:15830]
Hi, This depends on what you are trying to acheive but under most circumstances one would tend to block the traffic at the entry point. For example, if it was traffic from the WAN the block it coming in on the WAN interface. If however you wanted to see the traffic in the router for some reason then you might apply the same access-list on the ethernet going out. So it really depends on what the needs of your access-lists are. Usually on a 1 WAN port to 1 Ethernet port incoming from the WAN do it as INCOMING on the WAN port. Just some long winded thoughts from an older guy. Teunis, Hobart, Tasmania Australia On Monday, August 13, 2001 at 02:25:48 AM, yusuf ujjainwala wrote: > I am a network engineer and have been assigned a task of implementing access > lists on our routers. I have decided on implementing extended access lists > permitting specific ports and restricting the other unwanted ports,but I am > not sure as to where I should apply the access lists ,on the ethernet or > serial interfaces ,and whether inbound or outbound access lists should be > applied. > Can somebody help me . -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=15834&t=15830 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN Charges???? [7:15438]
Hi, This depends on where you are, the supplier you deal with and the actual service type you getting. In some cases it is possible to buy (lease) a permanent ISDN connection that attracts no call or data rate charges. Other case may charge by the time the service is connected. Others only for the inital connection and the second channel is not charged when making a second call to the same number. There are heaps of ways you can charge and it is often confusing to generalise based on what happens via a particular supplier and/or country. Teunis, Hobart, Tasmania Australia On Thursday, August 09, 2001 at 03:25:40 AM, Marc Russell wrote: > It is charged by call. So if you have 2 calls (2-b channels used) then you > get charged for each call. > > Marc Russell > www.ccbootcamp.com > > > wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hello Group, > > I have querry about ISDN lines. > > As you know that it consists of 2 B- Chanels for data transmissions but > > most of the time we use only one channel > > unless it is used for multilink. In such case are we being charged channel > > wise or per ISDN Link ? i.e if I am using 1 channel then i will be charged > > for 1 call and if I am using both the B-channels then I will be charged > for > > 2 calls ? > > Any help on this will be appriciated. -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=15545&t=15438 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ACL log [7:15444]
Hi all again, OOPs! Not reading the access-list too well try something like access-list 101 permit udp any X.X.X.0 0.0.0.255 lt 100 log > access-list 101 permit udp any X.X.X.0 0.0.0.255 gt 99 log access-list 101 permit tcp any X.X.X.0 0.0.0.255 lt 100 log > access-list 101 permit tcp any X.X.X.0 0.0.0.255 gt 99 log > > > access-list 101 deny any any log Yep that looks better, Sorry Teunis > On Thursday, August 09, 2001 at 06:32:26 PM, Tony van Ree wrote: > Hi, > > There are a couple of tricks here. Make sure you have logging on. > > Another nice little trick is to put something like, > > > access-list 1 permit X.X.X.0 0.0.0.255 lt 100 log > access-list 1 permit X.X.X.0 0.0.0.255 gt 99 log > > > access-list 1 deny any log > > By doing it this way you can also see what sockets are being used thus > giving a better indication of stuff like DoS attacks etc. > > Just a thought, > > Teunis, > Hobart, Tasmania > Australia > > > On Thursday, August 09, 2001 at 11:36:14 AM, Patrick Donlon wrote: > > > Thanks got that clear now, it logs it in the show access-list output > > > > > > ""Patrick Donlon"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > I'm experiencing a problem on a 2610 with 12.0 IOS, it seems so simple > > that > > > I must be missing something and it's not even Monday morning. I'm just > > > trying to log the acl activity for the vty access class but I see nothing > > on > > > the console or telnet. > > > The acl has two lines one to permit a network and one to deny anything > > else, > > > both with the log option : > > > > > > access-list 1 permit X.X.X.0 0.0.0.255 log > > > access-list 1 deny any log > > > > > > line vty 0 4 > > > access-class 1 in > > > exec-timeout 0 0 > > > logging synchronous > > > > > > Also debug output works just fine to console or telnet sessions, > > > > > > > > > cheers Pat > -- > www.tasmail.com -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=15550&t=15444 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ACL log [7:15444]
Hi, There are a couple of tricks here. Make sure you have logging on. Another nice little trick is to put something like, > > access-list 1 permit X.X.X.0 0.0.0.255 lt 100 log access-list 1 permit X.X.X.0 0.0.0.255 gt 99 log > > access-list 1 deny any log By doing it this way you can also see what sockets are being used thus giving a better indication of stuff like DoS attacks etc. Just a thought, Teunis, Hobart, Tasmania Australia On Thursday, August 09, 2001 at 11:36:14 AM, Patrick Donlon wrote: > Thanks got that clear now, it logs it in the show access-list output > > > ""Patrick Donlon"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I'm experiencing a problem on a 2610 with 12.0 IOS, it seems so simple > that > > I must be missing something and it's not even Monday morning. I'm just > > trying to log the acl activity for the vty access class but I see nothing > on > > the console or telnet. > > The acl has two lines one to permit a network and one to deny anything > else, > > both with the log option : > > > > access-list 1 permit X.X.X.0 0.0.0.255 log > > access-list 1 deny any log > > > > line vty 0 4 > > access-class 1 in > > exec-timeout 0 0 > > logging synchronous > > > > Also debug output works just fine to console or telnet sessions, > > > > > > cheers Pat -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=15546&t=15444 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DE bits [7:15210]
Hi all, Put simply a DE (Discard Eligible) bit is set on anything above the CIR (Committed Information Rate) ie if it is not committed it is discard eligible. At least that's the way I understand it. Teunis, Hobart, Tasmania Australia On Wednesday, August 08, 2001 at 10:06:06 AM, Brian wrote: > I doubt the cir is set to zero, it almost certainly is set to a value below > the 1.5 meg value, I'd suspect 768k perhaps. Whomever is the circuit owner > can call the telco to find out. > > Brian > > - Original Message - > From: "Mike Mandulak" > To: > Sent: Tuesday, August 07, 2001 9:16 PM > Subject: DE bits [7:15210] > > > > Do discard Eligible bits (DE) get set on lines that are full T1's? The > > circuit I'm looking at is a full T1 to one of my internet providers and > when > > looking at the frame stats (using cisco LMI) I see that that the cir is > set > > to zero which would mean that all frames leave my site with the DE bit > set. > > Am I misunderstanding this? > > > > MikeM -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=15381&t=15210 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: improve lan speed [7:15216]
Oh Chuck, Chuck, You at long last seem like you're annoyed. Surely things such as "why is TCP/IP called software" and "How do you select 10/100 half or full duplex" are vital to becoming a CCIE. I would almost be sure if you did not know these things it would be difficult to pass yourself of as a CCIE. Keep Smilin' Teunis, Hobart, Tasmania Australia ;-) On Wednesday, August 08, 2001 at 01:22:06 AM, Chuck Larrieu wrote: > RTFM! > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, August 07, 2001 10:01 PM > To: [EMAIL PROTECTED] > Subject: improve lan speed [7:15216] > > > how to change from half duplex to full duplex, > and how to change NIC from 10 to 100 -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=15379&t=15216 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: FR ON ISDN [7:15010]
WHY? On Monday, August 06, 2001 at 09:47:44 AM, Adarsh wrote: > Dear ALL > > Can any one help me in knowing how does one configure Frame relay on ISDN. > > The picture is someting like this : > > > router1(BRI)(BRI)router2(Serial)-FR Switch. > > > Now there are 2 pvc from router 2 to fr switch , dlci 10 for the router 2 > itself & the dlci 11 for the bri port for router1. Now the Router2 is > swicthing dlci 11 from the serail port to bri port itself.When ever router > 1 > dials it shd get this dlci from bri port of router 2. Can any one help me > what config does one needs to do on the bri part of router 1 & router 2. > > > > Thanks > Regards > Adarsh -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=15059&t=15010 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: permit ip any any [7:13686]
Hi, It would depend on where you put the access-list. For example if you put this on the WAN side of your router without specifying "incoming" in the access-group statement the it would surely fail. For this access-list to work in an outgoing direction it would need to be on the Ethernet. My guess is that this is the issue in otherwords the access-list is facing the wrong way when applied. Just a thought, Teunis, Hobart, Tasmania Australia On Tuesday, July 24, 2001 at 10:41:44 PM, Guy Russell wrote: > Im not sure what you mean by shutting down the ports, but dont forget the > implicit deny that is not seen... denying all > > can you access the web or mail services etc... on that machine > > Is it applied to the correct interface.. > > Is S1 closer to the destination, or source. > > > > - Original Message - > From: "John Brandis" > To: > Sent: Tuesday, July 24, 2001 9:12 PM > Subject: permit ip any any [7:13686] > > > > Hi ya, > > > > another ACL question > > > > I have a pretty simple ACL at the moment > > > > ip access list 110 > > > > permit tcp any host 203.111.xxx.215 eq 25 > > permit tcp any host 203.111.xxx.215 eq 80 > > permit tcp any host 203.111.xxx.215 eq 25 > > permit tcp any host 203.111.xxx.215 eq 53 > > permit udp any host 203.111.xxx.215 eq 53 > > > > > > I put this on the the s1 int (run a stub network) in. However, the > > second I apply this it actually shuts these ports down, like the > > opposite of what I thought was to happen. I changed the direction of the > > ACL but it did not effect the end result. > > Do I have to use the permit ip any any now, would that not go against > > the use of permitting only certain ports... > > > > Thanks for your help... > > > > John > > Sydney Australia -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=13811&t=13686 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: FrameRelay Over Utilized [7:13349]
Hi, CRC errors and Interface Resets would indicate a line or connection problem. Over utilisation would show up as BECN and FECN's probably having dropped packets on both the DLCI and the Serial Interfaces. The CRC errors and Interface resets are at the line level and not attibutable to a particular DLCI. Just a thought. Teunis Hobart, Tasmania Australia On Monday, July 23, 2001 at 09:37:25 AM, Farhan Ahmed wrote: > send me debug frame-relay lmi output > > -Original Message- > From: Jeff [mailto:[EMAIL PROTECTED]] > Sent: Monday, July 23, 2001 5:20 PM > To: [EMAIL PROTECTED] > Subject: FrameRelay Over Utilized [7:13349] > > > Hello, > If I have a frame relay switch which is being over utilized will that cause > the connection to drop. After looking in the log I see dlci 501 state > changed > to inactive, line protocol on interface s0/0.1 changed to down, dlci 501 > active, this keeps going and going through out the log. The local telco > insists that the circuit is overutilized and this is why the connection is > dropping. I think it is a telco or csu problem. Also doing a show > interface > is showing 3000 crc errors and 500 interface resets for the past 3 days. Is > there any way to tell for sure whether it is overutilization or a telco > problem?? -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=13427&t=13349 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DLCI [7:12679]
Hi, It is common to use the same DLCI numbers on different line numbers. A frame service consists of a physical line and a virtual channel. The DLCI points you to a virtual channel on the physical line. Each physical line will go to a separate interface therefore you can only have a particular DLCI number appearing only once on an interface but a number of different DLCI's per interface. Here are some views of real life, bodgey-router>sh frame pvc 20 PVC Statistics for interface Serial2/0:1 (Frame Relay DTE) DLCI = 20, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial2/0:1 input pkts 582598output pkts 2285783 in bytes 91623851 out bytes 551877150 dropped pkts 0 in FECN pkts 260 in BECN pkts 507 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 0 out bcast bytes 0 pvc create time 2w5d, last time pvc status changed 2w5d PVC Statistics for interface Serial2/1:1 (Frame Relay DTE) DLCI = 20, DLCI USAGE = UNUSED, PVC STATUS = ACTIVE, INTERFACE = Serial2/1:1 input pkts 0 output pkts 0in bytes 0 out bytes 0 dropped pkts 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 0 out bcast bytes 0Num Pkts Switched 0 pvc create time 2w5d, last time pvc status changed 2w5d PVC Statistics for interface Serial2/2:1 (Frame Relay DTE) DLCI = 20, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial2/2:1 input pkts 4559893 output pkts 5103886 in bytes 1007742809 out bytes 754882791 dropped pkts 3 in FECN pkts 885 in BECN pkts 1362out FECN pkts 0 out BECN pkts 0 in DE pkts 334005out DE pkts 0 out bcast pkts 0 out bcast bytes 0 pvc create time 2w5d, last time pvc status changed 2w5d PVC Statistics for interface Serial2/3:1 (Frame Relay DTE) DLCI = 20, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial2/3:1 input pkts 11383948 output pkts 11637970 in bytes 1003156366 out bytes 2681436400 dropped pkts 0 in FECN pkts 55 in BECN pkts 1772out FECN pkts 0 out BECN pkts 0 in DE pkts 31658 out DE pkts 0 out bcast pkts 0 out bcast bytes 0 pvc create time 2w5d, last time pvc status changed 4d01h bodgey-router> bodgey-router>sh frame pvc int Serial2/0:1 PVC Statistics for interface Serial2/0:1 (Frame Relay DTE) Active Inactive Deleted Static Local 13010 Switched 0000 Unused 2000 DLCI = 17, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial2/0:1 input pkts 3219107 output pkts 3135030 in bytes 1008518313 out bytes 929633917 dropped pkts 0 in FECN pkts 370 in BECN pkts 564 out FECN pkts 0 out BECN pkts 0 in DE pkts 8018 out DE pkts 0 out bcast pkts 0 out bcast bytes 0 pvc create time 2w5d, last time pvc status changed 2w5d DLCI = 18, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial2/0:1 input pkts 4026385 output pkts 3963432 in bytes 841616371 out bytes 2803697173 dropped pkts 0 in FECN pkts 1407 in BECN pkts 1704out FECN pkts 0 out BECN pkts 0 in DE pkts 199678out DE pkts 0 out bcast pkts 0 out bcast bytes 0 pvc create time 2w5d, last time pvc status changed 1w4d DLCI = 19, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial2/0:1 input pkts 22750304 output pkts 20094702 in bytes 884957671 out bytes 2065292440 dropped pkts 0 in FECN pkts 2683 in BECN pkts 4477out FECN pkts 0 out BECN pkts 0 in DE pkts 472811out DE pkts 0 out bcast pkts 0 out bcast bytes 0 pvc create time 2w5d, last time pvc status changed 2w5d DLCI = 20, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial2/0:1 input pkts 582633output pkts 2285987 in bytes 91628035 out bytes 551904165 dropped pkts 0 in FECN pkts 260 in BECN pkts 507 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 0 out bcast bytes 0 pvc create time 2w5d, last time pvc status changed 2w5d DLCI = 21, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial2/0:1 input pkts 1977256 output pkts 1851204 in bytes
Re: Off Topic: DNS issue !!! [7:12448]
Hi, I see this problem a lot. The most common resons are that mail relay has not been disallowed and therefore the mail server is black listed. Another common issue is the DNS resolver list on the box providing the Exchange server is not the same as the list on the remote side. For example, the box has a RAS setup dialing into an ISP with a DNS resolver of 172.16.10.2 and yoy can ping, trace even use a browser but not send Email. Checking the network card on the same box it has a resolver of 198.2.2.2. Changing the DNS resolver address on the network card to the 172.16.10.2 all becomes fine. I would see this several times a week. Just a thought Teunis Hobart, Tasmania Australia n Monday, July 16, 2001 at 04:32:24 PM, Dennis Olson wrote: > I too have a similar problem that is yet unresolved. Mine however seems to > be to any site hosted by criticalpathway.net. Try pinging that > smtp.whateversiteitis.com or change smtp to mail and see if > criticalpathway.net ends up in the name. > > - Original Message - > From: "Ayers, Michael" > To: > Sent: Monday, July 16, 2001 10:08 AM > Subject: RE: Off Topic: DNS issue !!! [7:12448] > > > > I've seen this error with the Microsoft DNS caching servers and some > > Internet Unix boxes. Seems to be a DNS compatibility issue. > > > > Here is the Scenario. You have a Microsoft DNS server that your exchange > > server uses? If so, try adding another Internet DNS server to the > Exchange > > server's DNS server search order. > > > > > > > > > > Thank You, > > > > > > Michael Ayers > > Network Engineer > > > OneNeck IT Services > > (480) 539-2203 > > (800) 272-3077 > > > > > > -Original Message- > > From: Raees Ahmed Shaikh [mailto:[EMAIL PROTECTED]] > > Sent: Sunday, July 15, 2001 10:50 PM > > To: [EMAIL PROTECTED] > > Subject: Off Topic: DNS issue !!! [7:12448] > > > > Dear Friends, > > > > I am facing a very strange problem with our Mailing System Exchange5.5sp4. > > The issue is that we are not able to send email message to some of the > sites > > on the internet. Most of the other popular sites , you can say 90% of the > > sites are reachable by our email clients. But when the clients try to > send > > message to those few site, they get and Non-Delivery-Report saying that > the > > mail could not be delivered. Strange enough that email address is > > reachable through yahoo, hotmail and other sites. > > > > I have checked our router for any access-list blocking but I am sure > nothing > > is of that sort, no access-lists are controlling those addresses. Our ISP > > from whom we are connected to the internet is also able to reach that > sites. > > But we using the ISP's DNS servers for name resolution cannot connect to > > those particular hosts. > > > > One strange behavior though, when I tried to trace route a website add, > for > > that particular mail host, I is taking more than 15 hops and then declared > > unreachable by our Static Router, No Dynamic protocol is running between > us > > and our ISP, we are using default route. > > > > Any help or insights would be valuable and really be appreciated. > > > > I know this has nothing to do with Cisco, but the fact is Applications, > and > > User Usability is driving the Technology. so this mail is not so uncommon > > for a Cisco SE. > > > > Thanks and Regards, > > > > S. Raees > > > > [GroupStudy.com removed an attachment of type image/jpeg which had a name > of > > Glacier Bkgrd.jpg] > > Privileged/Confidential Information may be contained in this message or > > attachments hereto. Please advise immediately if you or your employer do > > not consent to Internet email for messages of this kind. Opinions, > > conclusions and other information in this message that do not relate to > the > > official business of this company shall be understood as neither given nor > > endorsed by it. -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=12728&t=12448 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Trace failure indication [7:12191]
Hi, This is Normal behavior. The device exists the port does not. On Friday, July 13, 2001 at 09:43:11 AM, Hire. Ejay wrote: > Pardon my ignorance, but would you happen to be using unnumbered interfaces > to connect theses routers? > > -E > > -Original Message- > From: Joseph Higgins [mailto:[EMAIL PROTECTED]] > Sent: Friday, July 13, 2001 1:24 AM > To: [EMAIL PROTECTED] > Subject: RE: Trace failure indication [7:12191] > > > This problem shows up on any cisco router that I have tried, about 20 > routers. It appears from a debug packet and debug icmp on the final > destination router that the final destination router still has the port open > while it is handling the previous trace probe. I want to know if anyone can > get this to work correctly and if not where is this normal error indication > documented. Following is a trace with a probe count of 15. I have included > the debug output from the destination router. > > termsvr#trace > Protocol [ip]: > Target IP address: 192.168.10.2 > Source address: > Numeric display [n]: > Timeout in seconds [3]: > Probe count [3]: 15 > Minimum Time to Live [1]: > Maximum Time to Live [30]: > Port Number [33434]: > Loose, Strict, Record, Timestamp, Verbose[none]: > Type escape sequence to abort. > Tracing the route to 192.168.10.2 > > 1 192.168.10.2 16 msec * 20 msec * 20 msec * 20 msec * 20 msec * 20 > msec > * 20 msec * 20 msec > termsvr# > > > Result of debug packet and ICMP on 192.168.10.2 > > 01:26:14: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 > 01:26:14: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 > 01:26:14: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, > sending > 01:26:14: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 > 01:26:17: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 > 01:26:17: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 > 01:26:17: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, > sending > 01:26:17: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 > 01:26:20: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 > 01:26:20: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 > 01:26:20: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, > sending > 01:26:20: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 > 01:26:23: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 > 01:26:23: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 > 01:26:23: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, > sending > 01:26:23: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 > 01:26:26: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 > 01:26:26: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 > 01:26:26: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, > sending > 01:26:26: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 > 01:26:29: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 > 01:26:29: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 > 01:26:29: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, > sending > 01:26:29: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 > 01:26:32: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 > 01:26:32: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 > 01:26:32: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, > sending > 01:26:32: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 > 01:26:35: IP: s=192.168.10.1 (Serial0), d=192.168.10.2, len 28, rcvd 0 > 01:26:35: ICMP: dst (192.168.10.2) port unreachable sent to 192.168.10.1 > 01:26:35: IP: s=192.168.10.2 (local), d=192.168.10.1 (Serial0), len 56, > sending > r1# -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=12430&t=12191 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Duplicate Ip addresses ! [7:12100]
Hi, You might find that the HP Openview databse still has an entry for the port in an other layer in the model. Do a search for it in the edit mode and then you will need to delete it. The most common cause for this error is not so much duplicate addresses but duplicated models (in my experience). Just a thought, Teunis, Hobart, Tasmania Australia On Thursday, July 12, 2001 at 02:08:05 PM, Peter Slow wrote: > clear your arp table. > -humboldt > > -Original Message- > From: shella kevin [mailto:[EMAIL PROTECTED]] > Sent: Thursday, July 12, 2001 7:29 AM > To: [EMAIL PROTECTED] > Subject: RE: Duplicate Ip addresses ! [7:12100] > > > mmmhh ! yes i shutdown the interface and then bring it up ... looks like > > the software issue to me too anyother way i can check on the cisco > router if they still exists? > > btw what is NOC ? > > >From: "Chuck Larrieu" > >To: "shella kevin" , > >Subject: RE: Duplicate Ip addresses ! [7:12100] > >Date: Thu, 12 Jul 2001 03:47:34 -0700 > > > >what are you - the night shift in the NOC? > > > >when you say you "decommissioned" the interfaces, did you issue shutdown > >commands? physically pull the wires so they aren't connected to anything? > > > >in general, issuing a shutdown command on an interface prevents it from > >telling the network about itself. I'm wondering if your monitoring software > >has failed to flush the old interfaces, and is complaining when it sees the > >new interfaces come on line when it already has those addresses in its > >database. > > > >Chuck > > > >-Original Message- > >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > >shella kevin > >Sent: Thursday, July 12, 2001 3:42 AM > >To: [EMAIL PROTECTED] > >Subject: Duplicate Ip addresses ! [7:12100] > > > > > >I am monitoring cisco routes via netview. I decommissioned 2 interfaces on > >the cisco router and put it on an other outer. Now I am getting alerts on > >netview " Duplicate Ip addresses".. it's the same ip > >addresses/FastEthernet interface which I decommissioned. > > > >How can I address this problem ? > >How to flush out this on a route ? > > > >Cheers > >Shella k > > > >_ > >Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > _ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=12211&t=12100 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Trace failure indication [7:12191]
Hi, I think you'll find this is quite normal. The "device exist #msecs" , "port non-existent *", "device exists #msecs" and so on. Basically the device exists but the socket you are attempting is not open. Spot on trace I'd say Just a thoought Teunis, Hobart, Tasmania Australia On Thursday, July 12, 2001 at 04:19:43 PM, Patrick Ramsey wrote: > Have you checked duplex? Sometimes speed and duplex settings have a similar > effect. Things seem to work properly, but you are dropping packets which > slows the application down. Obviously if you have one end at 10 and the > other is at 100, you will run into major issues, but sometimes > autonegotiation is flakey. If you are using auto on both devices, check the > interface for speed and duplex it auto'd to. > > If this is across a serial link, what is the bandwidth? > > Also, is this a core router that stays fairly busy? what is it's > utilization? Sometimes routers will drop pings if they are busy. > > -Patrick > > >>> "JHIGGINS" 07/12/01 04:01PM >>> > When I trace from a cisco router to another Cisco router I get a timeout > failure every other probe on the last hop It fails on every type of > cisco router I have tried, 7513,25xx abd 36xx. I think that it must be > normal but I cannot find anything in the archives here or at the Cisco > site that says it is normal? See following where I do a trace between > two routers on connected interfaces. > > * 4 msec * 4 msec * 8 msec * 8 msec > r1#trace > Protocol [ip]: > Target IP address: 192.168.10.1 > Source address: 192.168.10.1 > % Invalid source address > r1#trace > Protocol [ip]: > Target IP address: 192.168.10.1 > Source address: 192.168.10.2 > Numeric display [n]: > Timeout in seconds [3]: > Probe count [3]: 15 > Minimum Time to Live [1]: > Maximum Time to Live [30]: > Port Number [33434]: > Loose, Strict, Record, Timestamp, Verbose[none]: > Type escape sequence to abort. > Tracing the route to 192.168.10.1 > > 1 192.168.10.1 4 msec 4 msec * 8 msec * 4 msec * 4 msec * 4 msec > * 8 msec > * 4 msec * > r1# -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=12210&t=12191 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Access-list Question [7:12043]
Hi, You have one in and one out. It would seem a bit strange blocking and/or allowing the same stuff in both directions however. Also if you were to monitor your access-list 100 it would not be able to identify which way the data came from easily. Just a thought Teunis, Hobart, Tasmania Australia On Wednesday, July 11, 2001 at 08:12:38 PM, Washington Rico wrote: > Is it true that you can have only one access-list per direction per > interface. If so the below configuration be correct or incorrect. > > Thank you for your input. > > interface BRI0/0:1 > description Connection Segment > bandwidth 64 > ip address X.X.X.X 255.255.255.240 > ip access-group 100 in > ip access-group 100 out > no ip directed-broadcast > encapsulation ppp > no keepalive > no cdp enable > _ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=12071&t=12043 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Completely off topic here... [7:12060]
Hi, This ole guy will make you jealous, I have a Telecaster for over 30 Years now, a Precision Bass a couple of years newer, a 12 String Rickenbacker, and one you won't see outside Australia but is about as good an acoustic aas you'll get a Maton CW80 getting well into it 30's. Just some of a good little collection that I still use when I'm short or just for fun. Teunis, Hobart, Tasmania Asutralia On Wednesday, July 11, 2001 at 11:47:47 PM, [EMAIL PROTECTED] wrote: > Ole - I play a Strat myself, great guitars (and always a fan of Mr. Ray > Vaughn) I just bought a Spyder Line 6 Amp, but my main-stay is an old Fender > 75...Great Amps, but they weigh a ton... > > As for Portland, I just moved up from the Bay Area...This place is rockin' > Good job market, very low cost of living. The only thing you have to get > over is the weather. Granted, it has been 80 - 90 lately, it is usually > overcast and raining. > > I heard Houston was really turning around, and, funny thing, my wife wants > to start looking in Austin.. > > I heard the market is really looking good out there. > > Cheers, > > Duncan > > > -Original Message- > From: Ole Drews Jensen [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, July 11, 2001 8:10 PM > To: '[EMAIL PROTECTED]'; Ole Drews Jensen; [EMAIL PROTECTED] > Subject: RE: Completely off topic here... > > > It sure is Duncan, > > It's my Fender Princeton Chorus which I use with my Standard Fender > Stratocaster, my SRV Signature Fender Stratocaster, my Jackson and my > Epiphone. > > It's always nice to pick the guitar and play some riffs. > > I can see you're from Oregon. That's actually a place my wife and I have > talked about moving to, the day we get really really tired of the traffic > and polution in Houston. How is it workwise - are there some good jobs with > decent salaries up there? > > Thanks, > > Ole > > Ole Drews Jensen > Systems Network Manager > CCNA, MCSE, MCP+I > RWR Enterprises, Inc. > [EMAIL PROTECTED] > http://www.oledrews.com/ccnp > > NEED A JOB ??? > http://www.oledrews.com/job > > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, July 11, 2001 10:08 PM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: Completely off topic here... > > > > Ole - Just curious about the backround of your lab shot...Is that a guitar > amp ??? Looks so much like my lab ??? > > Thanks, > > Duncan > > Duncan Wallace > Sr. Network Engineer > CCNA CCNP > 800.COM Inc. > 1516 NW Thurman St > Portland, OR 97209-2517 > > Direct: 503.944.3671 > Cell: 503.969.8248 > Fax: 503.943.9371 > Web: http://800.com > Email: [EMAIL PROTECTED] > > > > -Original Message- > From: Ole Drews Jensen [ mailto:[EMAIL PROTECTED]] > Sent: Wednesday, July 11, 2001 7:07 PM > To: [EMAIL PROTECTED] > Subject: OSPF Neighbor - I'm confused! [7:12048] > > > Okay. > > Everything works in my new frame relay environment. > > I have followed the "Configuring OSPF for a Single Area in an NBMA > Environment" section of my CiscoPress BSCN book. > > Router 1 is setup as a Frame Relay switch. > > Router 2 and 3 are communicating with eachother on a PVC through Router 1. > > Router 2's connected interface has an OSPF priority of 0, and Router 3 has > therefore been elected as the DR, and I have added Router 2's IP address > manually on Router 3 as it's OSPF neighbor. > > All this works great. > > If I do a "show ip ospf int" on Router 3, it shows that it's the DR, and > that it has one OSPF neighbor - Router 2. > > Now, the book tells me that even though it's not necessary, I should add > Router 3 as the OSPF neighbor on Router 2. I am a very nice guy, so I did > that right away. > > However, this is where I am confused... > > After I have added Router 3 as the OSPF neighbor on Router 2 (and of course > have saved the configuration), it does not show up in my "sh conf" like > Router 2 does on Router 3. > > But, it does show up in "show ip ospf int" on Router 2 as it's neighbor. > > I don't get it. > > Can anyone turn on the light here? > > Thanks, > > Ole > > > Ole Drews Jensen > Systems Network Manager > CCNA, MCSE, MCP+I > RWR Enterprises, Inc. > [EMAIL PROTECTED] > http://www.oledrews.com/ccnp > > NEED A JOB ??? > http://www.oledrews.com/job > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=12069&t=12060 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: tracking rogue dialup users [7:11006]
Hi, Yes, you look at the accounting parts of the user stats. On one system that I worked with some time ago you could tell who was logged in, when, for how long, the ip address allocated, and even the phone cli details to ensure the call was being made from the correct site. The various details were set up in user and/or group profiles. the details were used for both billing and security reasons. Teunis Hobart, Tasmania Australia On Wednesday, July 04, 2001 at 12:59:45 PM, Jonathan M. Slivko wrote: > Most ISP's can't effectively track users like that. However, I could be > mistaken. -- Jonathan > > \|||/ > (o o) > /-ooO-(_)-Ooo\ > | Jonathan M. Slivko E-Mail: [EMAIL PROTECTED]| > | IRC Nick: optix` Backup: [EMAIL PROTECTED] | > | AIM/AOL: JMSNY2001 Web : http://www.jslivko.org | > || > | "History teaches us that days like this are best spent in bed" | > \/ > > > On Tue, 3 Jul 2001, [iso-8859-1] - wrote: > > > Greetz. > > > > Just a matter of interest. > > > > Say there is user A, he dials up to ISP J. > > User A breaks into server X. > > Server X has the ip, he contacts the isp > > How is the user tracked from there on... > > > > Do servers like CiscoSecure ACS keep track of the ip and the time > connected. > > The reason I am asking is in my little experience that I had with > > CiscoSecure ACS and their radius, I could not find such info on the logs. > > Is tacacs perhaps a little better, will it give me more info? Or will this > > user just get away with this -- Doubt it though > > > > Any help will be greatly appreciated. > > > > Ciao -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=11017&t=11006 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN B Channel Disconnecting [7:10593]
Hi, I know this sounds silly and may cause argument but there is a littlie on I would try. We found a number of 1600's and 2600's seemed to play up in this manner. Try creating a dialer interface rather than hard configuring the BRI. You can avaiod some of the issues. Another advantage of using dialer interfaces is that you can alter (creat a different one) without having to drop your existing service. In this way you can more easily make changes remotely. Also there are some bugs when using multiple BRI channels you can overcome using dialer maps. For example setting up a class for the dialer idle timeout which in some IOS versions will revert back to 120 seconds on second (third channel etc). The 20 seconds often inicates an issue finalising the connection and tying the dialer map to an IP address. (username to the IP address) Just some thoughts. Teunis Hobart, Tasmania Australia On Monday, July 02, 2001 at 01:17:20 AM, Sam Deckert wrote: > Hello everyone, > > I am having a bit of an ISDN related problem at the moment and was wondering > if anyone is able to help. > > I am connecting two sites together via 128k isdn, with one site having a 2611 > and the other a 1700. > > I have the two sites permanently connected fine with the first B channel, > however whenever I issue the "dialer load-threshold 1 either" command one > each > router to always have the 2nd B channel up, the second B channel connects and > remains connected for 20 seconds exactly before disconnecting. The 1st B > channel remains connected regardless. > > I have tried changing the idle-timeout values to no avail, and just cant > figure it out. > > I guess it is probably something simple, but just cant work it out. > > Here is the BRI config of the 2611: > > username clarendon2-gw password 7 094E1B040D0210 > ! > hostname clarendon > ip subnet-zero > no ip finger > ! > ipx routing 0030.854f.c9e0 > ipx gns-response-delay 1500 > isdn switch-type basic-net3 > ! > ! > interface BRI0/1 > ip unnumbered BRI0/0 > encapsulation ppp > no ip mroute-cache > dialer idle-timeout 200 > dialer enable-timeout 5 > dialer wait-for-carrier-time 15 > dialer map ip xxx.xxx.xxx.xxx name clarendon2-gw broadcast > dialer map ipx FEEDBEEF.0002.1761.29dd name clarendon2-gw broadcast > dialer load-threshold 1 either > dialer-group 1 > ipx network FEEDBEEF > no ipx route-cache > ipx watchdog-spoof > isdn switch-type basic-net3 > isdn calling-number > no fair-queue > compress stac > no cdp enable > ppp authentication chap > ppp multilink > ! > dialer-list 1 protocol ip permit > dialer-list 1 protocol ipx permit > no cdp run > > > Here is the config of the 1700: > > hostname clarendon2-gw > ! > username clarendon password 7 011153094F0C01 > ! > ! > ipx routing 0002.1761.29dd > ipx gns-response-delay 1500 > isdn switch-type basic-net3 > ! > interface BRI0 > ip unnumbered FastEthernet0 > encapsulation ppp > dialer idle-timeout 200 > dialer map ip xxx.xxx.xxx.xxx name clarendon broadcast > dialer load-threshold 1 either > dialer-group 1 > ipx network FEEDBEEF > no ipx route-cache > ipx watchdog-spoof > isdn switch-type basic-net3 > no fair-queue > compress stac > no cdp enable > ppp authentication chap > ppp multilink > ! > ip classless > no ip http server > ! > dialer-list 1 protocol ip permit > dialer-list 1 protocol ipx permit > no cdp run > ! > no scheduler allocate > end > > > What do you think??? Any advice, suggestions welcome and most appreciated! > > Thanks... > > Sam. -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=10920&t=10593 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OFF TOPIC RANT - Who Cares? WAS: MPLS [7:220]
Hi, I don't know about the lab but I came here to pick up snippets where I can. I feel understanding configs and various methods are fine but what I do pick up is that the Cisco method is the accepted method. ie If it comes out of the CCO or CD then really learn this even though you might not use it in real life. I find some of the technical questions interesting and some of the answers even more interesting. Lately I have not had the time to put in but who cares (only me). I work in an area where my clients have all sorts of routers and/or connection methods, we use Cisco. Understanding Cisco is not enough understanding how things hang together (RFC's, TCP/IP, Ethernet, basic switching, ATM, Frame Relay, ISDN, Microsoft RAS etc.) this to me seems the guts of networking. OSPF, BGP, TCP/IP and the RFC's are not specific to one company so I guess I feel understanding these are important to enhance networking skills. Another rant from Teunis Teunis, Hobart, Tasmania Australia On Saturday, June 30, 2001 at 09:49:54 PM, Cisco Nuts wrote: > Hi Chuck et all, > The more and more I read about your postings, the more confident I feel > about the lab. As I have heard/been told, that the lab is just a mere exam, > half of the configs. which you will not see in the real world. As Chuck so > clearly puts it, if all you want is to pass the lab, read and Memorize > different configs, and practise, practise, practise. This I am sure is > enough to pass the lab-just pass it.. and get that magic number! > Peace!! > Anyone feel differently?? :-) > > > > >From: "John Neiberger" > >Reply-To: "John Neiberger" > >To: [EMAIL PROTECTED] > >Subject: Re: OFF TOPIC RANT - Who Cares? WAS: MPLS [7:220] > >Date: Sat, 30 Jun 2001 02:04:21 -0400 > > > >Yikes, Chuck! I'm usually the grumpy one around here! ;-) Cheer up, my > >man! > > > >But, I know how you feel. Sometimes it seems that all too many people want > >the certifications without having to work at it. (By the way, I completely > >missed the MPLS thread [since I don't know a thing about it] and I'm not > >saying the original poster was being lazy.) > > > >In fact, it sometimes does help me to understand a concept if I see a > >working config all at once. On the other hand, my chances of remembering > >something are infinitely better if I figure it out myself. > > > >For instance, I was reading some Caslow last night and then worked on some > >bridging configs with two 2501s and my PC to generate traffic. I was > >working on transparent bridging but I was running into some problems. As > >it > >turns out, to completely test my config using my current setup, I ended up > >configuring IRB on the remote router (from my PC's perspective.) I will > >now, always and forever, remember how I solved this particular issue > >because > >I figured it out myself. > > > >Okay, I'm now through with my Chuck-inspired partial rant. :-) > > > >We now return to our regular programming. > > > >John > > > >| -Original Message- > >| From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > >| Howard C. Berkowitz > >| Sent: Friday, June 29, 2001 5:25 PM > >| To: [EMAIL PROTECTED] > >| Subject: Re: MPLS [7:220] > >| > >| > >| >Does anyone have a simple MPLS configuration they could post? > >| > >| >To solve what problem with MPLS? > >| > >| Oh give it up, Howard. Nobody cares. All they want is The Answer. > >| > >| I've been kicking around the CCIE list for several months now. People > >who > >| want to be CCIE's but don't read the RFC's. Or Comer. Or Stevens. Or > >| Berkowitz. Or Oppenheimer. Or anything else. Doyle, Halabi, and Caslow - > >| that's what gets you to the CCIE level! And why should they do > >otherwise? > >I > >| don't recall seeing anything on my lab that made me wish I'd spend more > >time > >| studying RFC's. Or TCP/IP theory. In fact just about everything I saw on > >my > >| lab made me wish I'd spent less time with the RFC's and more time doing > >| other things. > >| > >| How does routing work? How does redistribution work? How does OSPF work? > >Who > >| cares? Just give me the configs that will help me pass. If I memorize > >enough > >| variations, I'm ready for anything the lab throws my way. > >| > >| OK. Out of my system. Back to memorizing configs ;-> > >| > >| Chuck > >| > >| > >| > >| > >___ > >Send a cool gift with your E-Card > >http://www.bluemountain.com/giftcenter/ > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=10568&t=220 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 1603 router config - part 2 [7:10304]
Hi, Where to "bob" and "mick" authenticate? The USERNAME * PASSWORD I don't see them Teunis Hobart, Tasmania Australia On Thursday, June 28, 2001 at 05:37:49 PM, Bradley J. Wilson wrote: > I'm not an expert at dial stuff (yet) and don't have a router in front of > me, but my first thought is: is the router sending the correct SPID? Also, > which debug script output are we looking at here, and what other debugs > could you run? Try running both q931 and q921 - that will cover both L3 and > L2. > > BJ > > > > - Original Message - > From: Andrew Lawrence > To: [EMAIL PROTECTED] > Sent: Thursday, June 28, 2001 3:18 PM > Subject: 1603 router config - part 2 [7:10304] > > > I've managed to connect 2 1603 routers together up to a fashion but I > have 2 questions > > >From one router I can ping the other router (it dials the number > connects and then the ping replies) > > >From the other router if I ping it dials but gets disconnected, a debug > shows the following > > 01:50:12: BR0 DDR: rotor dialout [priority] > 01:50:12: BR0 DDR: Dialing cause ip (s=172.30.70.2, d=192.168.10.2) > 01:50:12: BR0 DDR: Attempting to dial 02077394093 > 01:50:12: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up > 01:50:12: %DIALER-6-BIND: Interface BR0:1 bound to profile Di1 > 01:50:12: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to > 02077394093 > 01:50:13: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down > 01:50:13: DDR: Call disconnected, 1 packets unqueued and discarded > 01:50:13: BR0 DDR: has total 2 call(s), dial_out 0, dial_in 0 > 01:50:13: %DIALER-6-UNBIND: Interface BR0:1 unbound from profile Di1 > 01:50:13: BR0:1 DDR: disconnecting call. > > Question 1 Why is it doing this , I haven't really paod much attention > to authentication, is any going on ! > > Question 2 If I have PCs on the network with the router that does dial > out OK and have their default gateway set are they likely to communicate > with a server on the other side (if that has its gateway set as well) > i.e is there any other ip type config required on the routers? > > TIA > > Andy > > Here are the 2 router configs (p.s the 172.30.70.x network wasn't one of > mine !) > > Router one - Can't ping other router > > Current configuration WH > version 12.0 > service timestamps debug uptime > service timestamps log uptime > service password-encryption > hostname Wh > enable secret 5 > username Router password 7 > ip subnet-zero > no ip source-route > isdn switch-type basic-net3 > ! > interface Ethernet0 > ip address 172.30.70.2 255.255.255.0 > no ip directed-broadcast > no ip proxy-arp > interface BRI0 > no ip address > no ip directed-broadcast > encapsulation ppp > dialer pool-member 1 > isdn switch-type basic-net3 > no fair-queue > no cdp enable > ! > interface Dialer1 > description RCN > ip unnumbered Ethernet0 > no ip directed-broadcast > no ip proxy-arp > encapsulation ppp > no ip split-horizon > dialer remote-name Wh > dialer idle-timeout 300 > dialer string 01220394093 > dialer hold-queue 10 > dialer load-threshold 10 either > dialer pool 1 > dialer-group 1 > ppp authentication chap > ppp chap hostname mick > ppp chap password 7 14041D0D0505242437 > ppp pap sent-username mick password 7 120A0A111B0A020B39 > ppp multilink > ! > ip classless > ip route 0.0.0.0 0.0.0.0 Dialer1 > ip route 192.168.10.0 255.255.255.0 Dialer1 > ! > dialer-list 1 protocol ip permit > ! > line con 0 > exec-timeout 120 0 > transport input none > line vty 0 4 > exec-timeout 0 0 > login local > ! > end > > And router 2 - can dial and gets a reply to pings > > Current configuration Bow > ! > version 12.0 > service timestamps debug uptime > service timestamps log uptime > service password-encryption > ! > hostname Bow > ! > enable secret 5 > ! > username Router password 7 023 > username Wh password 7 1522 > ip subnet-zero > no ip source-route > no ip domain-lookup > isdn switch-type basic-net3 > ! > interface Ethernet0 > ip address 192.168.10.2 255.255.255.0 > no ip directed-broadcast > no ip proxy-arp > ! > interface BRI0 > no ip address > no ip directed-broadcast > encapsulation ppp > dialer pool-member 1 > isdn switch-type basic-net3 > no fair-queue > ppp authentication chap pap callin > ppp multilink > ! > interface Dialer1 > description RCN > ip unnumbered Ethernet0 > no ip directed-broadcast > no ip proxy-arp > encapsulation ppp > no ip split-horizon > dialer remote-name bow > dialer idle-timeout 300 > dialer string 0207224680 > dialer hold-queue 10 > dialer pool 1 > dialer-group 1 > ppp authentication chap > ppp chap hostname bob > ppp chap password 7 08264542050A > ppp pap sent-username bob password 7 07082840421A > ppp multilink > ! > ip classless > ip route 0.0.0.0 0.0.0.0 Dialer1 > ip route 172.30.70.0 255.255.255.0 Dialer1 > ! > dialer-list 1 protocol ip permit > ! > line con 0 > exec-timeout 0 0 > transport input none > line vty 0 4 > exec-timeout 0
RE: Access list problem [7:9939]
Hi, This to me would seem to be a fairly standard sort of access-list where you are enforcing all to use internal proxies permit tcp any host 203.111.42.204 eq www permit tcp any host 203.111.42.215 eq www These can then get the required data from the web. I assume these are running proxy services. If you point your browser directly ouit to the web you will get nothing. Just a thought, Teunis Hobart, Tasmania Australia On Tuesday, June 26, 2001 at 04:59:00 AM, Charles Manafa wrote: > It appears that you are allowing web access (www) to only two servers (.204 > and .215). Which direction are you applying this acl, are you hosting the > web services? > > CM > > > -Original Message- > > From: John Brandis [mailto:[EMAIL PROTECTED]] > > Sent: 26 June 2001 09:26 > > To: [EMAIL PROTECTED] > > Subject: Access list problem [7:9939] > > > > > > Hi All, > > > > I thought I was on top of access lists, until today. When ever I apply > > this particualr access list in IOS 11.2 , nothing on the network can > > view internet pages. They can ping no problem but nothing else. Please > > advise if you can, on which line the error is. > > Thanks all, I appreciate it. > > > > Extended IP access list 110 > > deny tcp any any eq 139 > > permit udp any any eq domain > > permit tcp any any eq domain > > permit icmp any any > > permit tcp any host 203.111.42.200 eq ftp-data > > permit tcp any host 203.111.42.200 eq ftp > > permit tcp any host 203.111.42.200 eq 22 > > permit tcp any host 203.111.42.204 eq ftp-data > > permit tcp any host 203.111.42.204 eq ftp > > permit tcp any host 203.111.42.204 eq www > > permit tcp any host 203.111.42.204 eq 3389 > > permit tcp any host 203.111.42.215 eq smtp > > permit tcp any host 203.111.42.215 eq www > > permit tcp any host 203.111.42.215 eq 3389 > > permit ip host 203.111.42.224 any > > permit ip host 203.111.42.225 any > > permit ip host 203.111.42.226 any -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=10029&t=9939 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: dirty e-mails [7:9787]
Hi, I had fun with this (I think) the one I had uses a thing called HKK32.exe this thens send of to others on the mail list. In the case I had it sent it to the recipent on his secondary mail server this sent it back to him and he sent it back to himself on the secondary mail server that sent it back to him. 50,000 mail messages later he had little to no service. Nasty little trick. Teunis On Monday, June 25, 2001 at 01:18:24 PM, Jack Nalbandian wrote: > Seems to be generated by a trojan. > > -Original Message- > From: Robert (BOB) Perez [mailto:[EMAIL PROTECTED]] > Sent: Monday, June 25, 2001 7:42 AM > To: [EMAIL PROTECTED] > Subject: dirty e-mails [7:9787] > > > Anyone keep getting mail from ***@sexyfun.net ? > I noticed that they sent [EMAIL PROTECTED] > an e-mail the other day and now they are being directed to my inbox? > > > Bob Perez > EPX Network Support > 302-326-0700 x4242 > Cell 302-420-6883 -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=9859&t=9787 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: cant access WAn from PC but can from router [7:3958]
Hi, The most common cause here is the default gateway on your PC pointing to the wrong address. This will allow you to go to the router but no further. 1. check you can get out from the router. 2. check your default gateway on your PC is the router address. 3. another one I strike a lot is people have not got the DNS settings on the PC correct they can therefore not "get out on the Net" but if they used addresses they may be able to ping etc. Just some of the more common ones I strike daily. Teunis Hobart, Tasmania Australia On Thursday, May 10, 2001 at 04:13:24 AM, Rashid Lohiya wrote: > If it was me I would try an extended ping from my router giving my LAN > address as source and also double check I have my default gateway set in my > PC. > > Rashid > > ""John Brandis"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > G'Day all for the second time today. > > 2 questions: > > > > Question 1: I have a 4MB HDSL link coming into my 2503 serial 0 port. Can > I > > check the bandwidth to make sure that this is what I really have in terms > of > > BW... > > > > Question 2: Have configured the router to connect to the HDSL network and > the > > ethernet network. That part is fine, I can access hosts on both networks > > (ping) from the router. However, when I go to my workstation and I > CORRECTLY > > configure the IP settings, all I can access is the router and nothing over > > the > > WAN link. I made sure that there are NO ACL's going against me and I have > the > > route static route configured correctly. What can I try now / > > > > thanks > > [EMAIL PROTECTED] > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=4092&t=3958 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ACL problem [7:3039]
Hi, Am I reading what you have correctly, It seems to me on one line you have the source address of 192.168.5.xxx and in the next statement 192.168.10.xxx. My guess is the second line should be more like access-list 110 permit tcp host 192.168.5.65 192.168.10.0 0.0.0.255 eq 1433 Or the first line to be the other way around depending on how you have the access-list applied to your interface. Just a thought Teunis Hobart, Tasmania Australia On Thursday, May 03, 2001 at 11:17:41 AM, Dwayne Saunders wrote: > Hi all, > Just wondering if you can help me I have a small problem with a ACL, > below you see that ip from 192.168.5.0 network is allowed to send to > anything and the next line > allows the 10 network to send to 5.65 on port 1433. My problem is that with > this in place I can get from the 5 network to the 10 but I do not get a > reply. I have another box with the ip of 192.168.5.66 with exactly the same > rule as the 192.168.5.65 box and this works. > Would anyone have any ideas on this > > access-list 110 permit ip 192.168.5.0 0.0.0.255 any > access-list 110 permit tcp 192.168.10.0 0.0.0.255 host 192.168.5.65 eq 1433 > > > D'Wayne Saunders > Senior MIS Operator, CCNA > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=3113&t=3039 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: FastEthernet is up, Line protocol down [7:1828]
Hi, On an ethernet the router will say it is admin up and connection down when nothing is seen at the end. This is common on most devices Cisco and non Cisco. Most SNMP managed devices show this. It is a way of knowing the service is avalable for use. In the Hub (repeater) days it was possible to turn ports on and off even as a security arrangement (run different configs for different times) This saves a lot of errors on SNMP as you can tell the difference in the states easily. Just some thoughts. (I think the up down is always the case if the link is not there) Teunis, Hobart, Tasmania Australia On Thursday, April 26, 2001 at 05:47:34 PM, Priscilla Oppenheimer wrote: > I tried to do some more research on this and couldn't get a good answer. > > Does anyone know exactly in which cases the router reports the interface > up, down even if there is no cable attached? Looking at show interface > ethernet, > > Router reports up, down with no cable for AUI. > > How about RJ45? > > How about MII? > > GMII? > > Others? > > Thanks > > Priscilla > > > > > > Priscilla > > > > > > At 08:21 PM 4/25/01, md. nazri wrote: > > > >thanks for the answer... > > > >i understand that LP will down if no connection attach, but why FE still > >up, > > > >does it up forever until we shut it down? Does it apply the same to > > > >Ethernet..? > > > >- Original Message - > > > >From: "Vincent Chong" > > > >To: > > > >Sent: Wednesday, April 25, 2001 3:48 PM > > > >Subject: Re: FastEthernet is up, Line protocol down [7:1828] > > > > > > > > > > > > > 1) I guess you enable the fastethernet port in the running > > > > > configuration. You have to > > > > > shutdown the port, so the port will administrative shut down and > >line > > > > > protocol down. > > > > > > > > > > 2)Line protocol will up if there is any phyiscal connection > >attached > > > >to > > > > > Fastethernet. > > > > > Becasue the port in your router will detect keepalive signal, > when > >it > > > > > detected, it will > > > > > up.You can type no keepalive under interface configuration, > >the > > > > > ethernet interface > > > > > will keep up even no physical connection. You have to enable the > > > > > interface, of courese. > > > > > > > > > > Hope this help > > > > > Vincent Chong > > > > > > > > > > > > > > > > > > > > ""md. nazri"" hi all, > > > > > > got one question regarding FastEthernet on Cisco 2620.. > > > > > > why the status showed FastEthernet is up, Line protocol down > >although > > > >the > > > > > > cable was pulled out from the port...in what cases the port will > > > >down..any > > > > > > help appreciated > > > > > > > > > > > > tq > > > > > > FAQ, list archives, and subscription info: > > > > > http://www.groupstudy.com/list/cisco.html > > > > > > Report misconduct and Nondisclosure violations to > >[EMAIL PROTECTED] > > > > > FAQ, list archives, and subscription info: > > > >http://www.groupstudy.com/list/cisco.html > > > > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > >FAQ, list archives, and subscription info: > > > >http://www.groupstudy.com/list/cisco.html > > > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > > > > > > > > > Priscilla Oppenheimer > > > http://www.priscilla.com > > > FAQ, list archives, and subscription info: > >http://www.groupstudy.com/list/cisco.html > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > >FAQ, list archives, and subscription info: > >http://www.groupstudy.com/list/cisco.html > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > Priscilla Oppenheimer > http://www.priscilla.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=2195&t=1828 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: FastEthernet is up, Line protocol down [7:1828]
Hi, True!! Only 100Meg in and 100Meg out but on a 100Meg Half duplex connection at best you get less than 50Meg. You must listen to your own signal anything over 50% in one direction is pure rubbish. In reality over 30% of the specified bandwidth you are probably already retransmitting heaps. I therefore disagree that there is no significant difference in network performance. However, the ability of the server and or the network cards ability to pull data off the network and deliver it to the server is a different matter. A good example is from back in the old days with an 8bit 10Meg Half duplex card into a I386 a real speed of 280K was more the reality. Just some thoughts. Teunis, Hobart, Tasmania Australia On Thursday, April 26, 2001 at 03:14:50 PM, David Chandler wrote: > hey! somebody gets it! Thanks Priscilla: > > It always bothers me that full-duplex is refereed to as 200 meg. The > server folks always think that all their performance issues will go away > when they go to "full-duplex". Sure, no collision, but considering the > unbalanced nature of client/server traffic it doesn't make that big of a > throughput difference. > > I'm surprised that my T1's are not referred to as 3 mbps links. They are > full-duplex too :-> > > DaveC > > Oppenheimer wrote: > > > > At 12:23 AM 4/26/01, md. nazri wrote: > > >if it's true..that's a good indicator for hardware health checkup. > > >another Q, if we set the FE to be full-duplex, does it mean we get 100meg > > >for tx and 100meg for rx, so total 200meg for a connection...? > > > > Each of the two stations on a point-to-point FE full-duplex link get > > dedicated 100 Mbps bandwidth for transmitting. One station's transmit > > medium is the other's receive medium. Some people call this 200 Mbps. In > > actuality most traffic types don't take advantage of this. > > > > >- Original Message - > > >From: "Priscilla Oppenheimer" > > >To: > > >Sent: Thursday, April 26, 2001 9:07 AM > > >Subject: Re: FastEthernet is up, Line protocol down [7:1828] > > > > > > > > > > I don't think it's just Fast Ethernet. I've seen "Slow" Ethernet report > > > > that the interface is up, down when nothing was attached. It seems to > > just > > > > be an indication that the interface passed a hardware check. > > > > > > > > Priscilla > > > > > > > > At 08:21 PM 4/25/01, md. nazri wrote: > > > > >thanks for the answer... > > > > >i understand that LP will down if no connection attach, but why FE > still > > >up, > > > > >does it up forever until we shut it down? Does it apply the same to > > > > >Ethernet..? > > > > >- Original Message - > > > > >From: "Vincent Chong" > > > > >To: > > > > >Sent: Wednesday, April 25, 2001 3:48 PM > > > > >Subject: Re: FastEthernet is up, Line protocol down [7:1828] > > > > > > > > > > > > > > > > 1) I guess you enable the fastethernet port in the running > > > > > > configuration. You have to > > > > > > shutdown the port, so the port will administrative shut down > and > > >line > > > > > > protocol down. > > > > > > > > > > > > 2)Line protocol will up if there is any phyiscal connection > > >attached > > > > >to > > > > > > Fastethernet. > > > > > > Becasue the port in your router will detect keepalive signal, > > when > > >it > > > > > > detected, it will > > > > > > up.You can type no keepalive under interface configuration, > > >the > > > > > > ethernet interface > > > > > > will keep up even no physical connection. You have to enable > the > > > > > > interface, of courese. > > > > > > > > > > > > Hope this help > > > > > > Vincent Chong > > > > > > > > > > > > > > > > > > > > > > > > ""md. nazri"" hi all, > > > > > > > got one question regarding FastEthernet on Cisco 2620.. > > > > > > > why the status showed FastEthernet is up, Line protocol down > > >although > > > > >the > > > > > > > cable was pulled out from the port...in what cases the port will > > > > >down..any > > > > > > > help appreciated > > > > > > > > > > > > > > tq > > > > > > > FAQ, list archives, and subscription info: > > > > > > http://www.groupstudy.com/list/cisco.html > > > > > > > Report misconduct and Nondisclosure violations to > > >[EMAIL PROTECTED] > > > > > > FAQ, list archives, and subscription info: > > > > >http://www.groupstudy.com/list/cisco.html > > > > > > Report misconduct and Nondisclosure violations to > > [EMAIL PROTECTED] > > > > >FAQ, list archives, and subscription info: > > > > >http://www.groupstudy.com/list/cisco.html > > > > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > Priscilla Oppenheimer > > > > http://www.priscilla.com > > > > FAQ, list archives, and subscription info: > > >http://www.groupstudy.com/list/cisco.html > > > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > >FAQ, list archives, and subscription info: > > >http://www.groupstudy.com/list/cisco.htm
Re: IP routing is enabled by default on Cisco 2600's [7:1821]
Hi, It has always been my understanding that by default it is off but others disagree. I has in fact cost me time troubleshooting. Teunis, Hobart, Tasmnaia Australia On Wednesday, April 25, 2001 at 02:29:08 AM, Colin wrote: > Hi > > I have read in numerous places that IP routing is enabled by default on > Cisco routers. Is this is true? The reason I ask is because the last > 3 Cisco 2600's I've received (new routers straight from a VAR) have > had IP routing disabled? > > Thanks > > Colin > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=2053&t=1821 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 2503 - Finding Serial Number [7:1777]
Hi, A show ver gives you a "processor board ID" this is the same as the serial number on the outside on the 1000 series. Off memory it is also on the 2500's Teunis Hobart, Tasmania Australia On Tuesday, April 24, 2001 at 05:59:54 PM, Circusnuts wrote: > I don't have anything on the outside of my 2511 either, unlike the easy to > find & read labels on my 4500's. I'd say to pop the case & see if their are > stickers on the motherboard. I believe they're usually orange-ish/ yellow, > much like on the CAM's, PAM's, & Catalyst cards. > > Phil > > - Original Message - > From: perryb > To: > Sent: Tuesday, April 24, 2001 5:01 PM > Subject: 2503 - Finding Serial Number [7:1777] > > > > Hello all, > > > > I have a 2503 without the little serial number sticker on the outside...I > > want to get SmartNet, but they need the SN for the router. Is there any > way > > to determine the serial number for the router ? > > > > tia > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=2051&t=1777 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Failed CCDA [7:1698]
Hi, I have a kid sitting alongside me (he just turned 18). At 17 he qualified as a CCNA and has some CCNP subjects under his belt. I rely on him for good advice when I'm stuck. What I hope to give him in return is the value of my experience and a way to formulate a methodology in troubleshooting etc. What this guy lacks is experience. The main issue here is customer relations and what to do when the books don't have an answer. By the same token what he lacks in experience he makes up for in enthusiasm and knowlege of the technology. I support young people having a go. That's where most of us started (young that is). Just a thought Teunis, Hobart, Tasmania Australia On Wednesday, April 25, 2001 at 05:18:11 PM, Jack W. Williams wrote: > Nobody who's secure in their talents is "offended" by your age. It > might be a reminder for some of us > fogies to stay on our toes, though! > > I remember the age of not being taken seriously - knock 'em dead, Dude. > > > - Original Message - > From: Russ Kreigh > To: > Sent: Tuesday, April 24, 2001 6:49 PM > Subject: RE: Failed CCDA [7:1698] > > > > I too am only 17 years old and like Priscilla I think this is a > > controversial topic. However, I have a very strong opinion, therefore am > > going to express it. :-) I currently work for an local ISP and have quite > a > > bit of Cisco experience along with very much UNIX (BSDi, Linux, HP-UX, > > Solaris), HTML, JavaScript, ASP, PERL, etc etc. However, I make > > significantly less that a new guy that was hired to work along with me. I > am > > just as qualified, if not more. Of course, there are other issues to > > consider; I am part-time and he is full time, I know that makes a > > difference, that part I understand. But, I feel that a large portion of it > > has to do with my age, not based on my ability to perform my job. > > > > On a Cisco related note, I am going to schedule my CCDA exam within the > next > > month, along with my CCNA. I am very confident that I will do good on my > > CCNA, and have been studying CCDA material and getting some real-life > > experience in my job. > > > > The message I am trying to point out is that just because we may be young > > doesn't mean that we should not be taken seriously. Also, I know that my > age > > also offends some people who have been in the field a long time. I can't > > really speak from expeirence here, but I know that more women have choosen > > careers in the Technology field in the past 10 years. Just as their > > co-workers have come to accept it more, they are going to have to accept > > that us young adults can be capable of doing the same job. > > > > -Russ > > > > > > > > > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > Priscilla Oppenheimer > > Sent: Tuesday, April 24, 2001 1:03 PM > > To: [EMAIL PROTECTED] > > Subject: Re: Failed CCDA [7:1698] > > > > > > I'm going to say something Very controversial here, which is that I think > > it's a good sign that a 17-year old had a hard time with the CCDA test. It > > validates the test a bit. Design requires experience. Can someone who has > > just learned to drive, design a car? Can someone who has just started > > learning networking, design a network? > > > > Remember that I teach (part-time) at the high school level and I love the > > energy, quick thinking, and creativity of that age group. I strongly > > believe that the inventions that they will develop will be even more > > amazing than the ones our generation came up with. So I do not make this > > comment out of prejudice. > > > > Aaron, it sounds like you know which areas you need to study a bit more in > > order to pass the test, so I'm sure you'll do well next time. Good luck! > > > > Priscilla > > > > At 09:02 AM 4/24/01, you wrote: > > >Hey guys, this is Aaron again. I failed my CCDA by 37 points. I made a > > 718 > > >and i needed a 755 to pass Bah, out 100$.. I did rescedule it for a > > >couple of weeks from now, and now that i know what sections i'm weak in, > i > > >think i might be able to make this up. My worst section was WAN > > >Technologies with a 40%. My best was Network Management with a 100%. So > i > > >guess i had quite a range of scores. Anyways, back to the books and > sample > > >tests for me. Thanks guys. > > > > > >~Aaron Vose > > >FAQ, list archives, and subscription info: > > >http://www.groupstudy.com/list/cisco.html > > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > > > > > > Priscilla Oppenheimer > > http://www.priscilla.com > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list ar
Re: Career/education recommendations after High School [Re: [7:2000]
Hi all, I would say go for whatever as soon as you can. At 15 (1965) I started as a Telecommunications Tech in Training. After leaving and going back I qualified in 1973. This gave me a good qualification in Telecommunications. (as good as could be at the time) A short time later the requirements changed. Once again back to books and got a bunch of Electronic and Communications qualifications from several institutes. Mid 80's As soon as this finished off to University a get a qualification in computing as this is where Communications was heading. Several courses later now a CCNP is not quite enough I need to be a CCIE but my guess is that no sooner will I get there then the next requirement (Probably Nortel and/or Juniper) will emerge. The good thing is that any knowlege I have gained has been easy to carry. I do find however, in the past year os so I am starting to lose both motivation and more importantly the abitily to absorb knowledge. Go for it early College might not teach you the technical stuff you need but it will teach you how to learn and a methodology. One of the dissapointments is to have someone that appears to be technically smart but can't figure out where to start or more importantly where to end. Just some thoughts, Teunis Hobart, Tasmania Australia On Wednesday, April 25, 2001 at 06:56:29 PM, Circusnuts wrote: > Gotta agree- college is a wonderful thing to have available to your > children, but I see more & more (not counting professional degrees) > companies wanting results... not just that degree. In the late 80's when I > was jockeying college & the Army, it seemed as though a degree was the > minimum... just to get a ticket to play in the game of life. My PreMed > without the medical school got me managing (baby sitting) tire stores for 5 > years. In IT, I've worked with contractors that range from Yale to Jail. > Seems as though Amway can't be the only one to tout that statement as their > success group anymore > > The whole experience sure confuses me when I pay my school loans every month > :o) > Phil > > - Original Message - > From: Jason J. Roysdon > To: > Sent: Wednesday, April 25, 2001 6:21 PM > Subject: OT: Career/education recommendations after High School [Re: > [7:1978] > > > > Of course, those that have gone to college value it more, but I say forget > > college and don't waste 4+ years of your life if you know what you want to > > do and don't need it. > > > > I've seen a number of pay-scale tables, and here's an example of what I've > > seen a number of places: 2 years of experience is worth a 4 year BA/BS > > degree. > > > > Now if you can swing working part-time in your field, nail some good certs > > along the way, AND do college, I say go for it. Especially if you're > single > > and unencumbered. > > > > If you can swing it, check out your local junior/community colleges. Here > > in California they're dirt cheap (a very small fraction of the cost of > > 4-year schools). The best thing is that if you get tired of the school > > thing after 2-3 years, you should at least have your AA/AS, versus all > those > > folks that stop college half-way through and have nothing to show but > > student loans. > > > > Depending on how you work, most have night classes to cover most of your > > low-end prereqs so you can work during the day and do school at night. If > > you can pull "light" work during the day and do night classes, I'd say > this > > is the way to go (you get the "experience" credits people looks for, and > the > > degree). > > > > Plus, if you want to do the BA/BS thing, you can easily transfer after > your > > AA/AS. My brother has done this (he actually took 3 years to get his AA, > > but took it slow and took a lot of extra classes that interested him > > (electrical, engineering, compsci), and didn't count much toward his > > journalism/communication degree). The best thing of all is that when he > > graduated, he owed nothing, and in fact had saved up enough money to pay > for > > two years of state college. > > > > > > -- > > Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ > > List email: [EMAIL PROTECTED] > > Homepage: http://jason.artoo.net/ > > > > > > > > wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > One more thing to add to that Phil. > > > > > > Russ... at 17, let me make one suggestion to you... put some money away > > now > > > for your college years! I too had a similar job to Russ, but I spent my > > > money on stupid things that I thought were important at 17 and then > > when > > > the real fun hits you in college, you are already tapped out! Put in > your > > > time, put some money away and it will all come around!! > > > > > > Good luck dude! > > > > > > > > > > > > > [EMAIL PROTECTED] > > > > For information on our award winning server & storage products: > > > > Dell Server Site: http://www.dell.com/products/poweredge/index.htm > > > > > > > > > -Ori
Re: Strange Configuration, Strange Result [7:1763]
Hi, With the radio links, are both on the same LAN. The various radio links I worked on acted as remote bridges and were therefore in the same LAN and needed to be configured that way. Just a thought, Teunis Hobart, Tasmania Australia On Tuesday, April 24, 2001 at 03:42:36 PM, Mr. Oletu Hosea Godswill. CCNA wrote: > Am trying to connect two cisco routers each on both side of two speedlan > radios and antenna. In place of the second router was a 3com switch before > now, and with that connection I can browse the internet. > > I now replace the switch with a router, the connection from the radio into > the > router was made using a cross connect rj45 cable. After all configuration, > show ip route duplicates all the routes from the first router into the second > router. Everything seem okay. But outside the route I cannot browse the > internet. > > Both routers were connected together via the radios through their ethernet > interfaces. The questions now is, 1. Can't I connect two routers via a radio > through their ethernet interfaces? 2. If the answer is NO, why then was 'show > cdp neighbor' showed me the second router, why was the line protocol up, why > was the routing table forwarded to my second router? 3. Is there anything I > am > missingup? > > Thanks > Oletu H. G. > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=1987&t=1763 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Maximum Serial bandwidth = inbound + outbound rate? [7:864]
Hi, Usually the service would be a full duplex WAN service that is capable of 256K in each direction at the same time. I hope the capture below is not real. If it is I would be concerned about the errors. I hate giants and stuff like that. Just some toughts from an old guy. Teunis, Hobart, Tasmania Australia n Monday, April 16, 2001 at 09:48:21 PM, Sim. CT (Chee Tong) wrote: > Hi.. group > > May I ask if a serial link is said to be 256K, does it mean that the both > input and output rate cannot exceed 256K or the SUM of input rate and output > rate cannot exceed 256K. > > What is the Duplex type of Serial link as shown below? > > Why some of the serial link traffic rate are based on 5 minute in/output > rate, but some of them are based on 10 minute in/output rate. How to > change it? Does it shown the same info? How they count? They determined > the number of bits in 5 minute and divided by the number of second in 5 > minute 5X60s?? > > > > SIN01>sh int s2/0 > Serial2/0 is up, line protocol is up > Hardware is M4T > Description: --- Connects to LON01 S2/0 - MCI Circuit ID W0B73202 --- > Internet address is 57.192.240.70/30 > MTU 1500 bytes, BW 256 Kbit, DLY 2 usec, > reliability 255/255, txload 77/255, rxload 49/255 > Encapsulation HDLC, crc 16, loopback not set > Keepalive set (10 sec) > Last input 00:00:01, output 00:00:00, output hang never > Last clearing of "show interface" counters never > Input queue: 0/75/0 (size/max/drops); Total output drops: 14248 > Queueing strategy: weighted fair > Output queue: 0/1000/64/0 (size/max total/threshold/drops) > Conversations 0/20/256 (active/max active/max total) > Reserved Conversations 0/0 (allocated/max allocated) > 5 minute input rate 5 bits/sec, 28 packets/sec > 5 minute output rate 78000 bits/sec, 32 packets/sec > 101610672 packets input, 3280206236 bytes, 0 no buffer > Received 872308 broadcasts, 1 runts, 35 giants, 0 throttles > 5313 input errors, 4073 CRC, 0 frame, 7 overrun, 0 ignored, 1233 abort > 115170761 packets output, 3847528448 bytes, 0 underruns > 0 output errors, 0 collisions, 547 interface resets > 0 output buffer failures, 0 output buffers swapped out > 554 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up > > == > De informatie opgenomen in dit bericht kan vertrouwelijk zijn en > is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht > onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en > de afzender direct te informeren door het bericht te retourneren. > == > The information contained in this message may be confidential > and is intended to be exclusively for the addressee. Should you > receive this message unintentionally, please do not use the contents > herein and notify the sender immediately by return e-mail. > > > == > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=868&t=864 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Building catalyst config files? [7:848]
Hi, When ever I have had to set up multiple routers and/or switches I went about it in the following steps. 1. Find a good version of the IOS or switch code I wanted to use and set it up. 2. Created a text file that I loaded into the device to install the new IOS. IE gave the device a temp IP address, tftp to the server with the IOS install it and reload. 3. I created a text file with the standard config data I wanted. I would usually edit stuff such as interface addresses for each device and keep a copy. My backup for each device. 4. I would then copy the data to the device, check the config was in correctly. 5. MOST IMPORTANT Test the device to see the config worked as it should. 6. NOW SAVE THE CONFIG. (why this order? so worst case scenario a reload would have me back to a method of getting in) 7. Onto the next device. Just some thoughts, Teunis, Hobart, Tasmania Australia On Monday, April 16, 2001 at 07:39:46 PM, Richard Fulton wrote: > I have ordered a gaggle of 4908-L3 and 3548 switches and I would like to > start > building what I believe to be the configurations for these beasties... > Since I > do not currently have either of these switches available to me I am looking > for > suggestions on how I can get a template config to start adding stuff to. > > Thx > Rick Fulton > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=867&t=848 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: access list rearrange? [7:861]
Hi, I don't think the IOS reorders access-lists after all what if it was required in the order it is. eg deny some addresses then permit any. Teunis Hobart, Tasmania Australia On Monday, April 16, 2001 at 08:45:39 PM, Scott Meyer wrote: > I was reading Sybex's old ACRC book. One of the study questions, as well as > a tip in the chapter indicate that the IOS will reorder an access list to > make more sense. > > For example, an access list entered as: > access-list 1 deny 172.16.20.0 0.0.0.255 > access-list 1 deny 172.16.30.0 0.0.0.255 > access-list 1 permit 172.16.40.0 0.0.0.255 > > would be re-ordered as : > access-list 1 permit 172.16.40.0 0.0.0.255 > access-list 1 deny 172.16.20.0 0.0.0.255 > access-list 1 deny 172.16.30.0 0.0.0.255 > > I played around a bit and could not confirm this. show ip access list showed > the access-list exactly as I entered it. > I had always thought that IOS would never re-arrange the list, no matter how > stupid it was entered. > > Am I on crack or is the book wrong? > > Scott Meyer > [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=866&t=861 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Question [7:640]
Hi all, I thought IP routing was "not on by default" as a matter of fact that thought can bring you unglued when trying to work out way some issues as to why routers don't route IP. So I think (d) would be approriate. Why would a router "learn about a static route". So (c) goes out the window. Maybe I have a twisted view? Teunis, Hobart, Tasmania Australia On Saturday, April 14, 2001 at 03:00:21 PM, Jason J. Roysdon wrote: > If 3 must be true, I'd say start with getting rid of the ones that aren't: > Routing is enabled by default (may not have always been true, but as of > 12.x) > The command to enable routing is 'ip routing' > > That leaves you with three left. Of course, the exam could be wrong. a,c,e > sound correct though, just skimming and not thinking too hard. > > -- > Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+ > List email: [EMAIL PROTECTED] > Homepage: http://jason.artoo.net/ > > > > ""Victim"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Exam 1.11. Which three statements about Cisco Implementation of IP routing > > are ture: > > > > a. Routers can learn next hops dynamically > > b. IP routing is disabled by default on Cisco routers > > c. Routers can learn next hops through static routes > > d. Entering ip route in global configuration mode enables IP routing > > e. Routers learn next hops by receiving periodic updates from other > routers > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=850&t=640 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Routing Performance Perspective [7:495]
Hi all, Various providers can use different suppliers to provide backbone type services. An example could be where a person has 2 networks configured in the same building, even on the same cable (Hub) with two routers one going via a wan link to supplier A the other on a wan link to suplier B. Supplier A use an ISP in the USA and supplier B uses a New Zealand supplier. It is quite feasible to have 25+ hops to get to a PC sitting beside you. Just a thought. By the way I have seen similar actually happen. Teunis, Hobart, Tasmania Australia On Friday, April 13, 2001 at 05:57:56 PM, Kane. Christopher A. wrote: > Matt, > > I don't think you would be out of line asking the ISP why so many hops are > needed. I would run traceroutes from hosts and the WAN terminating router > first and make sure you are routing well inhouse. Identify if/where packets > are being dropped. Make note of all the hops and if/where the latency is > being introduced. Is any hop in particular constantly giving higher times. > Then call your ISP and send them copies of your traceroutes as proof. Are > you responsible for your own router? If so, check the BGP tables, are your > table versions incrementing often? What sites do you route to most often? > Are those sites on the ISP's network or do they hand-off the traffic at a > peering point? This greatly introduces latency and can make for difficult > discussions regarding peering conditions from one ISP to another. Often > people criticize the larger ISPs. But it's nice when the source and > destination are on the same ISP network. You can then expect them to carry > your traffic in a timely manner. And they can't cop out saying it's the > other ISPs fault. > > Coming from the ISP world, I always appreciate when the customer does their > homework rather than automatically blaming the ISP. > > All IMHO and HTH, > Chris > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 13, 2001 2:20 PM > To: [EMAIL PROTECTED] > Subject: Routing Performance Perspective [7:495] > > > I am hoping someone could provide me some experienced perspective for the > following situation: > > We utilize a somewhat 'new on the block' co-location facility, and while > they otherwise provide fantastic service I have some questions about the > routing performance. > Over the past few weeks, I have noticed a degradation of service on our > colocator-provided connection. (significant latency, and loss of packets) > As a result, I have been tracerouting our corporate offices from our > co-location facility (only 30 miles away) and it takes anywhere from 13 to > 16 hops to reach it's destination. I have been doing this on a > semi-scientific basis (whenever I remember) and the results are usually the > same, but closer to 16 hops than 13.When I traceroute from our corporate > offices to our co-location facility the results are usually 6 to seven hops > using the same semi-scientific methodology as stated above. > > My concerns are that end-user experience are being affected by apparent > sub-optimal routing. > > The question I ask of the Grand-Master BGP geniuses is: do I have a valid > complaint regarding sub-optimal routing from our co-locator? > > Thanks! > Matthew > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=844&t=495 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: subnets [7:638]
The most acurate address mask (prefix) would win. Even if you had
172.16.0.0/16 then put in an address of 172.16.20.0/24 the /24 would get a
choice over the /16.
That's what I understood and has been done a lot with EIGRP.
Teunis,
Hobart, Tasmania
Australia
On Sunday, April 15, 2001 at 11:31:38 AM, David Chandler wrote:
> No problem:
>
> #1. The addresses listed do not overlap (all different class Bs), and EIGRP
> handles
> VLSM. **see #2**
>
> #2. EIGRP by default auto-summarizes at classful boundries, so either use:
>
> (config-router)#NO AUTO-SUMMARY {on all eigrp routers.}
>
> Or make just make sure you don't create multiple clouds of
172.20.xxx.xxx/24
> networks.
>
>
>
> DaveC
>
>
>
>
>
> SH Wesson wrote:
>
> > Our existing network consists of a flat network at 172.16.0.0 with a mask
> of
> > 255.255.0.0 and 172.31.0.0 with a mask of 255.255.0.0. Since it is flat,
> > the networks are 172.16.2.0 - 172.16.12.0 mask 255.255.0.0. EIGRP is
> > running. Now, the question I have is, if I create new subnets to segment
> > the place with networks like 172.20.10.0, 172.20.11.0, 172.12.0, etc all
> > with masks of 255.255.255.0 and if I run EIGRP also. If I were to run
both
> > the above networks at once and within the same EIGRP process, would it
> cause
> > any problems. Thanks.
> >
> > _
> > Get your FREE download of MSN Explorer at http://explorer.msn.com
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
>
--
www.tasmail.com
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=840&t=638
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: rely & load [7:88]
Hi, First of all note the present details then do a clear on the interface counters. Looking at some of the stuff below I would be concerned about the state of your LAN but there is no indication of how long a period this was over or when errors might have occured. Sh ver will let you know the period the port has been there assuming it was always connected. Right now your port is running at moderate levels however there have been times when the LAN disappeared "366 lost carrier". Output errors are always a concern the input errors are probably due to busrty traffic. Clear the counters, look again, check your LAN connection. Just some ideas, Teunis, Hobart, Tasmania Australia On Tuesday, April 10, 2001 at 02:30:30 PM, MIKE NDABARASA wrote: > hello, > how do i interpret these parameters from a " show inter eth x " > > > > beacon-gw#sh interfaces ethernet 1 > Ethernet1 is up, line protocol is up > Description: LOCAL NETWORK at XYZ > Internet address is 192.168.2.1/24 > MTU 1500 bytes, BW 1 Kbit, DLY 1000 usec, rely 255/255, load 3/255 > Encapsulation ARPA, loopback not set, keepalive set (10 sec) > ARP type: ARPA, ARP Timeout 04:00:00 > Last input 00:00:00, output 00:00:00, output hang never > Last clearing of "show interface" counters never > Queueing strategy: fifo > Output queue 0/40, 0 drops; input queue 0/75, 0 drops > 5 minute input rate 6 bits/sec, 30 packets/sec > 5 minute output rate 15 bits/sec, 29 packets/sec > 18686339 packets input, 3880653480 bytes, 0 no buffer > Received 1382337 broadcasts, 0 runts, 0 giants, 0 throttles > 4065 input errors, 0 CRC, 0 frame, 0 overrun, 4065 ignored, 0 abort > 0 input packets with dribble condition detected > 16787143 packets output, 836961434 bytes, 0 underruns > 429 output errors, 487140 collisions, 9 interface resets > 0 babbles, 0 late collision, 144826 deferred > 366 lost carrier, 0 no carrier > 0 output buffer failures, 0 output buffers swapped out > beacon-gw# > > > NDABARASA MIKE > NATIONAL UNIVERSITY OF RWANDA > COMPUTING CENTRE > Email:[EMAIL PROTECTED] > Voice: >Office:(250)530666 >Ext:1031 >Mobile:(250)08510951 > > = > PREDICTION IS HARD , ESPECIALLY THE FUTURE > >&&&NIELS BOHR&& > > IL EST DIFFICILE DE PREDIRE , SURTOUT L'AVENIR > > own translation :) > = > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=160&t=88 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: FECN's and Dropped Packets... [7:110]
Hi, How can one tell if this is indeed a problem? Without knowing the period of time the FECN's occured it is not really possible to tell. It is important to realise that the serial port can deliver much faster than the frame services ability to deal with it. A serial port can burst far beyond and this might cause a packet to drop. Given the details below how can we see what is happening. Say the total packets was 5000 times the FECN's then this would not be a problem unless the FECN's are really climbing now. I would sugest a clear count on the interface than have another look in a few minutes. Do this when experiencing the slowing on the link. Check the interface load and errors. Check the DE as well as FECN's total packets and dropped packets. Do this at both ends of the link. This might give a better idea of where your service is slowing. Just a thought, Teunis, Hobart, Tasmania Australia On Tuesday, April 10, 2001 at 04:59:09 PM, Rizzo Damian wrote: > Hi all...When I do a "show frame-relay pvc" on our Internet Router, the > following statistics bother me; > > in FECN pkts 12974 > dropped pkts 27 > > > We have recently been experiencing some noticeable slow downs on our > Internet connection, do these statistics prove that we have a problem > somewhere, or should I not be so concerned with these? Thanks! > > > > -Rizzo > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=156&t=110 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SYNC Modem [7:146]
Hi, Quite a number of top brand modems can be used for synch operation. There are a number that have a switch option and/or a soft option to turn the clock on. The real secret is to ensure only one ends is clocking. IE a slave master relationship must occur. Just some thoughts, Teunis, Hobart, Tasmania Australia On Monday, April 09, 2001 at 09:56:18 AM, Tariq Bin Azad wrote: > Hello Everybody. > > I am looking for SYNC modem to connect with my serial ports of 2500 series > router > Can anybody tell me any good online store from where I can buy SYNC modems > to do some labs of BCRAN ? > > Let me know please > > Thanks > Tariq -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=146&t=146 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Access-list , Cisco exam question [7:41]
Hi, I would answer a. telnet sessions will be denied if initiated from any address other than 172.16.0.0 network Afterall the access list specifically says permit those sessions established by the 172.16.0.0 network and nothing else is specified therefore I would assume the implicit deny at this point. Just a thought. Teunis Hobart, Tasmania Australia On Tuesday, April 10, 2001 at 12:32:08 PM, COULOMBE. TROY wrote: > Poorly worded, > I would have answered (C); because of the keyword (to). > > But I guess it depends! > What I see this access list doing is: allowing return packets of any telnet > session established from 172.16.x.x to _any_ other network. > > If 172.16.x.x is an external network, then I might (struggle &) say (D). > Then what the access-list is really saying, and I am assuming that it is > applied on in interface as "in", is that any telnet session created from > internal network to the 172.16.x.x net may come back in (established). And > any telnet session created to another network (172.31.x.x) would not be > allowed--return packets dropped, but the initial outgoing packet to > establish the connection would go out to 172.31.x.x. > > > If 172.16.x.x is an internal network, then I would say (C). > Then the access-list would be saying, and with another assumption that it is > also applied on an interface as "in", is that any telnet session return > packets may come back to the 172.16.x.x (established). > > established : For the TCP protocol only; indicates an > established connection. A match occurs > if the TCP datagram has the ACK or RST > bits set. The nonmatching case is that of > the initial TCP datagram to form a connection. > > > HTH, > TroyC > > > > -Original Message- > From: Arthur Simplina [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, April 10, 2001 3:49 AM > To: [EMAIL PROTECTED] > Subject: Access-list , Cisco exam question [7:41] > > > What is the result of the command? > > access-list 101 permit tcp any 172.16.0.0 0.0.255.255 establisbed > > a. telnet sessions will be denied if initiated from any address other than > 172.16.0.0 network > b. telnet sessions will be denied to the 172.16.0.0 network only > c. telnet sessions will be permitted regardless of the source address > d. telnet sessions will be permitted to the 172.16.0.0 network only > e. telnet sessions will be denied regardless of the source address > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=135&t=41 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Stop multicast to router
Hi all, I have been presented a problem I'm not sure of the answer. I have a CAT5000 switch connecting several VLAN's and a Cisco2948 providing routing/switching. One of the VLAN's has a process that uses a multicasts. These multicasts cause the Cisco2948 a little grief. I do not want the Cisco2980 to see the multicast traffic. Any clues would be appreciated. Teunis Hobart, Tasmania Australia -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Allen May - Rich man 2 cents at a time (was Re: Cisco Certs
Hi, Yeh, but the way our Aussie dollar is going the 2bobs are not going to be worth much more that 2cents US. Teunis Hobart, Tasmania Australia On Tuesday, April 03, 2001 at 02:03:07 PM, Allen May wrote: > My nickname on boards (back in the BBS days) wasn't MegaBite for nothin' ;) > > - Original Message - > From: "EA Louie" <[EMAIL PROTECTED]> > To: "Allen May" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Tuesday, April 03, 2001 1:03 PM > Subject: Allen May - Rich man 2 cents at a time (was Re: Cisco Certs > Becoming Paper CCXX - Senior Citizen Reply) > > > > I think you're up to 2 bits now, Allen...2 more bits and you'll be up to a > > nibble. > > > > ;-) > > > > At 08:04 AM 4/3/01, Allen May wrote: > > >Hey...isn't this the thread that went on for days a couple weeks ago and > I > > >cashed in on all the 2 cents and the 2 bobs? I'm gonna be rich! > > > > > >[snip] > > > > > > > > > > > > > > That's my 2 cents. > > > > > > > > Greg Macaulay, CCNP, CCDP, MCSE > > > > Attorney/Law Professor (Retired) > > > > Lifetime member of AARP > > > > Oldest CCNP/CCDP in existence > > > > > > > > > > > > -Original Message- > > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > > > The.Rock > > > > Sent: Monday, March 19, 2001 12:33 PM > > > > To: [EMAIL PROTECTED] > > > > Subject: Re: Cisco Certs Becoming Paper CCXX - Reply to The Rock > > > > > > > > > > > > oh yeah one more thing...In case you forgot, certs don't prove > anything > > > > you really are an idiot if you think they "prove " something). The > only > > > > prove your ability to regurgitate info that you supposedly learned. > Having > > > > the know how, and knowing how to use are two different things. Lets > say > > >your > > > > 8 years old and I give you a bunch of craftsman tools, does that mean > you > > > > certainly can't handle responsibility if your a "victim". -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cannot ping switch in a inter-vlan setup??
Hi, Don't you need each VLAN's subnet configured in your router? As each is now a separate VLAN (Virtual LAN) each VLAN would become a different subnet. Unless the router knows how to switch (route) between the subnets how can you possibly hope to ping between them. Aren't we in luck, the router is directly connected and it will allow devices each VLAN to talk to the router albeit this tends to make the issue more confusing. Just a view Teunis Hobart, Tasmania Australia On Tuesday, April 03, 2001 at 05:07:33 PM, Niraj Palikhey wrote: > Hi, > I have setup a 1912 switch with 8 vlans. I have 8 pc's with 8 different ip's > plugged into the switch along with a 2620. I have an ip of 10.1.1.2 to the > switch and a default-gateway of 10.1.1.1. I can ping any computer in any > vlan through the 2620 but one strange thing is that I cannot ping the switch > from any pc or the router itself no can I ping the switch's ip on the switch > itself or the default gateway. The first pc's ip=10.1.1.10 with a gwy of > 10.1.1.1 on f0/0.10 on the router. I thought that atleast this pc would be > able to ping the switch since they are in the same network but this is not > the case. What am I doing wrong? > Please advise. > Thank you. > Kind regards, > [EMAIL PROTECTED] > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN BRI Channel Separation
Hi, If you configure your router without a threshold statement only one channel will come up. The channel it choses is dependant on the ISDN switch as I understand it. You can configure the BRI to place two separate calls. Teunis Hobart, Tasmania Australia On Thursday, March 29, 2001 at 03:17:23 PM, Ash Aslam wrote: > Hi Group!! > > I would like to know if it's possible to separate the two ISDN B Channels so > that one remains active whilst the other one is free. I have checked on the > Cisco web site and Cisco press books but could not find anything on how to > configure the BRI Channels separately. > > Can someone pls shed some light by providing a small config or point me in > the right direction. > > Thanks & kind Regards, > Ash > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Tacacs and dialup authentication
Hi, Where is the TACACS configured. I would have thought you would need a reference to TACACS in your AAA statements and a refernce to the TACACS server address. aaa new-model aaa authentication login default tacacs+ local aaa authentication login console tacacs+ enable aaa authentication ppp default if-needed tacacs+ local aaa authentication ppp routers if-needed local aaa authorization exec default tacacs+ if-authenticated local aaa authorization network default tacacs+ local if-authenticated ! OTHER ROUTER STUFF ! tacacs-server host 192.168.0.1 tacacs-server timeout 10 tacacs-server key akeyword Just a thought. It seems you don't say to use TACACS in your AAA statements. Teunis Hobart, Tasmania Australia On Wednesday, March 28, 2001 at 11:27:08 AM, Radford Dion wrote: > Hi Everyone. > > I am having trouble trying to work out why I cannot get a router to connect > via ISDN to another router when tacacs is configured. I want to use the > local Tacacs database and I have followed the instructions on the cisco web > site > http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/aaaisg/c262c2.htm. > I would appreciate any feedback that anyone has. > > This is the scenario > > RouterA ---> dials into > RouterB > > When I remove the aaa configuration parameters from router A it works fine. > > Router A config: > username RouterB password x > > aaa new-model > aaa authentication enable default enable > aaa authentication ppp default local > > int bri 0/0 > no ip address > no ip redirects > no ip directed-broadcast > encapsulation ppp > dialer pool-member 1 > isdn switch-type basic-net3 > no fair-queue > ppp authentication chap > ! > interface Dialer1 > ip address 192.168.0.186 255.255.255.252 > no ip redirects > no ip directed-broadcast > encapsulation ppp > dialer remote-name RouterB > dialer pool 1 > dialer idle-timeout 60 > dialer string 555 > dialer hold-queue 10 > dialer-group 1 > no fair-queue > ppp authentication chap > > > Router B config: > username RouterA password x > > aaa new-model > aaa authentication enable default enable > aaa authentication ppp default local > > int bri 3/1 > ip address 192.168.0.186 255.255.255.252 > encapsulation ppp > dialer idle-timeout 60 > dialer map ip 192.168.0.186 name RouterA 5554324 > dialer-group 2 > ppp authentication chap > > This is the debug output - I tried using debug aaa authentication but there > was no output from either router. > > Debug ppp authentication on Router A: > *Mar 21 23:30:17: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to up > *Mar 21 23:30:17: %DIALER-6-BIND: Interface BR0/0:1 bound to profile Di1 > *Mar 21 23:30:17: %ISDN-6-CONNECT: Interface BRI0/0:1 is now connected to > 555 . > *Mar 21 23:30:17: BR0/0:1 PPP: Treating connection as a callout > *Mar 21 23:30:17: BR0/0:1 CHAP: O CHALLENGE id 142 len 31 from "RouterA" > *Mar 21 23:30:17: BR0/0:1 CHAP: I CHALLENGE id 227 len 31 from "RouterB" > *Mar 21 23:30:17: BR0/0:1 CHAP: Unable to authenticate for peer > *Mar 21 23:30:17: BR0/0:1 PPP: Treating connection as a callout > *Mar 21 23:30:17: %DIALER-6-UNBIND: Interface BR0/0:1 unbound from profile > Di1 > *Mar 21 23:30:18: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to down > *Mar 21 23:30:19: %LINK-3-UPDOWN: Interface BRI0/0:2, changed state to up > *Mar 21 23:30:19: %DIALER-6-BIND: Interface BR0/0:2 bound to profile Di1. > *Mar 21 23:30:19: BR0/0:2 PPP: Treating connection as a callout > *Mar 21 23:30:19: BR0/0:2 CHAP: O CHALLENGE id 66 len 31 from "RouterA" > *Mar 21 23:30:19: BR0/0:2 CHAP: I CHALLENGE id 228 len 31 from "RouterB" > *Mar 21 23:30:19: BR0/0:2 CHAP: Unable to authenticate for peer > *Mar 21 23:30:19: BR0/0:2 PPP: Treating connection as a callout > *Mar 21 23:30:19: %DIALER-6-UNBIND: Interface BR0/0:2 unbound from profile > Di1 > *Mar 21 23:30:20: %LINK-3-UPDOWN: Interface BRI0/0:2, changed state to down > *Mar 21 23:30:21: %LINK-3-UPDOWN: Interface BRI0/0:1, changed state to up > *Mar 21 23:30:21: %DIALER-6-BIND: Interface BR0/0:1 bound to profile Di1 > *Mar 21 23:30:21: BR0/0:1 PPP: Treating connection as a callout > *Mar 21 23:30:21: BR0/0:1 CHAP: O CHALLENGE id 143 len 31 from "RouterA" > *Mar 21 23:30:21: BR0/0:1 CHAP: I CHALLENGE id 229 len 31 from "RouterB" > ..*Mar 21 23:30:21: BR0/0:1 CHAP: Unable to authenticate for peer > > > Debug ppp authentication on Router B: > *May 14 07:46:25: %LINK-3-UPDOWN: Interface BRI3/1:1, changed state to up > *May 14 07:46:25: BR3/1:1 PPP: Treating connection as a callin > *May 14 07:46:26: BR3/1:1 PPP: Phase is AUTHENTICATING, by both > *May 14 07:46:26: BR3/1:1 CHAP: O CHALLENGE id 217 len 31 from "RouterB" > *May 14 07:46:26: BR3/1:1 CHAP: I CHALLENGE id 136 len 31 from "RouterA" > *May 14 07:46:26: BR3/1:1 CHAP: Waiting for peer to authenticate first > *May 14 07:46:26: %LINK-3-UPDOWN: Interface BRI3/1:1, changed state to down > *May 14 07:46:27: %LINK-3-UPDOW
RE: a strange question!
Hi, My guess is you have replaced your router and used the same IP address. Then not restarted the Solaris box. The Solaris box has the old routers MAC address in its arp table. You will need to restart the Solaris box to get rid of the old ARP entries. This is quite common on Solaris boxes. Teunis Hobart, Tasmania Australia On Wednesday, March 21, 2001 at 09:24:25 PM, Daniel Cotts wrote: > My first guess would be to blame the configuration of the solaris box. I do > not know the details of that OS. Check your IP address, subnet mask, and > default gateway (or whatever the solaris equivalent is). > For fun find out what is the MAC address of the solaris box. Then do a "show > arp" on the router to see if the solaris box's IP and MAC addresses are > present. > > > -Original Message- > > From: Zhiping Li [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, March 21, 2001 8:32 PM > > To: [EMAIL PROTECTED] > > Subject: a strange question! > > > > > > hi,everyone > > I encountered a strange question. > > I can ping and telnet my router from Windows2K, > > but I can't ping and telnet the router from solaris. > > Why? > > The IOS is "IOS (tm) C2600 Software (C2600-JS-M), > > Version 12.0(4)T, RELEASE SOFTWARE (fc1)" > > > > Waiting your help. > > > > > > __ > > Do You Yahoo!? > > Get email at your own domain with Yahoo! Mail. > > http://personal.mail.yahoo.com/ > > > > _ > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct > > and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Whew! Can you smell that VLan?
Hi, Be careful trying to sniff all packets you can come unglued. eg, I have a sinffer with a 100Meg card and a switch set to span say 6 ports capable of 100Meg. All 6 ports talk at the same time simple maths tells me that is 600Meg. I will drop a bundle of packets to my sniffer. This can cause some heartache if one is not aware of it happening. Teunis Hobart, Tasmania Australia On Wednesday, March 21, 2001 at 04:22:01 PM, Allen May wrote: > You're both right. Normally plugged into the switch you only see traffic > passing through the port on the switch you're on. > > HOWEVER, you can plug into most switches with a special configuration that > allows a workstation to sniff all packets on that switch. It requires 2 > NICs configured in a specific way and for the switch to support it. Switch > needs to have VLANs mirrored, a regular TCP/IP port plugged in, and the 2nd > NIC configured according to documentation of your sniffer. > > Here's a link for how Sniffer Pro does it: > http://www.findarticles.com/cf_0/m0IFW/16_21/54434926/p2/article.jhtml?term= > See previous page on that article for a little more info. > > I did this once and it worked like a charm after I finally gave in & read > the docs ;) > > SO, unless they have access to the switch & VLAN configuration, they can't. > That is, unless the uplink for the switch has a hub. Then you can see > anything going into or out of the switch, but not within the switch from > port-port ;) > > Allen > - Original Message - > From: "NetEng" <[EMAIL PROTECTED]> > Newsgroups: groupstudy.cisco > To: <[EMAIL PROTECTED]> > Sent: Wednesday, March 21, 2001 3:45 PM > Subject: Whew! Can you smell that VLan? > > > > We have had a pissing match lately and here's the details. One person > states > > that a VLan can not be sniffed because it is on a different subnet. The > > other person says it can becuase it's physically on the same switch. I > think > > you can to a point. Here's what I mean; let's say we have a 3524 with two > > Vlans, VLAN1 (we'll call it InfoSys), and VLAN2 (called HR). If I have a > > sniffer running on InfoSys, I should be able to sniff traffic on my subnet > > as well as traffic from HR to InfoSys (ie HR employee accessing mail > server > > on InfoSys), right? The only difference is that the source MAC address > would > > change. I should not be able to sniff traffic local to HR (ie an employee > > accessing accounting software) right? What's the rub? > > > > > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ping dialer in IP address
Hi, As I understand it an interface needs to be up to ping it. You can come unglued from time to time also. We have a heap of people connected to an access router (we have 100's of them) The access routers have a dialer interface is unnumbered with the ip address pointed to loopback 1 eg 10.10.10.1/25. Loopback 0 has an address in a separate subnet eg 192.168.3.4/32. Each of the clients on the dialer has an ip address allocated eg 10.10.10.26. I could ping this guy from anywhere but not from the direct interface or loopback 1 (the same network). Strange you might think. All it is some one else on the dialer interface came in and asked the access router to provide an address. What address does it provide? 10.10.10.1. Therefore when you do a ping it does not reply to the correct place. Loverly little trick. Another rambling that may save you one day. Teunis Hobart, Tasmania Australia On Wednesday, March 21, 2001 at 02:40:08 PM, John Brandis wrote: > Hey all, > > I have assigned my dialer int 0 an IP address (10.10.64.2/19) What I > want to know is if I can ping it when the physical int , in my case bri0 > is not connected to another network thus no calls made ? > > > Thanks > > John B > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Question regarding DLCI's...
Hi all, The DLCI's are still of local significance as I understand it. When the company I belong to provide links we might use 17, 18,19 & 20 at the core site on line C12345. At remote end 1 we would most likely use DCLI 17 as the first instance on each remote site. For example, remote site 1 could be R1 on DLCI 17, remote site 2 could be RG23419 on DCLI. You could for some reason want to go from remote sites 1 -> 2 so here you could use R1 DLCI 18 -> RG23419 DCLI 18. Basically I like to think of it as a physical line from the frame switch to your site R1 the a channel (permanent in most cases) PVC relates to the DCLI eg 17. Once into the frame switch all the rules change as it could pass down a very different link on a different PVC between switches. Frome end to end it could look like C123245 DLCI 20 -> sw S1234 DLCI 25 -> sw S4567 DLCI 50 -> sw R4 DLCI 17. You as a client would only know about C12345 DLCI 20 and R4 17. Just a thought I hope helps. Teunis, Hobart, Tasmania Australia On Wednesday, March 21, 2001 at 11:33:31 AM, Steve Smith wrote: > If they are doing global addressing then YES! > > -Original Message- > From: John Gotti [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, March 21, 2001 11:13 AM > To: [EMAIL PROTECTED] > Subject: Question regarding DLCI's... > > > Hi all...quick question; We have 4 offices, NY, Chicago, Stamford and > San=20 > Francisco, we just got our T1 turned on and will have a point to point=20 > Frame-Relay connection between all of us in a Hub & Spoke topology with=20 > Stamford being the Hub. The question I have is, our Frame-relay provider > > gaves us the following DLCI's; NY-104, CH-101, SF-103 and=20 > Stamford-100...When your configuring each locations' router, am I > correct in=20 > assuming all the remote routers will have DLCI 100 pointing them to > Stamford=20 > and Stamford would have 4 entries each with the remotes' respective > DLCI's?=20 > Does this make sense? Thanks a bunch! > > > JG > > > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Secondary IP add
Hi, You might want to add a secondary address to pick up another network on the same lan. You might for example have 16 addresses available on a network and have them on a lan. You might increase your network by another 50 people and therefore require extra addresses. These could be added as a secondary address range. You might want to do it for security reasons. Have a secure subnet and a secondary network. This would allow you to do some access-list stuff and stop users on the LAN from accessing other devices on the LAN. router#(config-if) ip address 10.10.10.0 255.255.255.224 secondary (beware of the line wrap) Teunis, Hobart, Tasmania Australia On Tuesday, March 20, 2001 at 04:00:57 PM, Frank Mendoza wrote: > Hi there, > > Could someone explain why (in some cases) is required to configure secondary ip add >and how to do it?. Is there any good doco (URL) you may point me to. > > Thanks, > > Frank. > > > Are you a web investor? Free email at http://www.webinvestor.com.au > EquityCafe: for web investors. Click here: http://www.equitycafe.com.au > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Questions for Cisco switches
Hi all, It's funny how the poor little 1900's don't get a mention. They have a different OS again to either the CAT5000 style or the IOS. Just a thought, Teunis, Hobart, Tasmania Australia On Monday, March 19, 2001 at 11:17:17 PM, Shreerang Vaidya wrote: > Hi there, > Yes there are 2 kinds OS that run on switches > > 1)IOS based- They use CLI like the one used on routers , eg 1900,2900. > > 2) The other ones are the older SET based CLI configuration commands. e.g > 2926 series , the 4000, and the 5000 and the 6000 series. > > > Anything else u want to know , lemme know > > Regards, > Shreerang Vaidya > Networks Manager > CyberQuest Systems Ltd. > > > > Hunt Lee <[EMAIL PROTECTED]> wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Can anyone please tell me if there are 2 types of Cisco switches? Is it > > one uses Set commands, while the other is IOS based? Any help is greatly > > appreciated. > > > > Regards, > > Hunt Lee > > IP Solution Analyst > > Cable and Wireless (Sydney) > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Economic downturn--Impact on Cisco Certification aspirations?
Hi all, Economic downturn. I feel that with all the economic downturn the technology won't change. If anything there will be a greater requirement for good, smart, open minded technicians. I use the term technicians as there are lots of Information Technology and Information Management functions involved. Good well designed and constructed implementations or solutions will indeed help pull some of the same companies out of the mire. Just some thoughts Teunis Hobart, Tasmania Australia On Tuesday, March 20, 2001 at 08:37:26 AM, Rich Chang wrote: > I thought IS would be a solid career, but now with some of the unpleasant > DOT.COM stories in the news, is everyone cranking out the exams still? > Hasthis had an impact on your morale? > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cisco Certs Becoming Paper CCXX
Hi, My two bobs worth, Any qualification is as good as the paper it is written on. In my experience someone with an open mind, willing to learn, has acquired knowledge, shares knowledge and works smart in an effort to acheive excellence is what really counts. The paper does indicate the person has at least seen the words and knows the lingo, probably the acromymns and often has some understanding. I have seen many a good technical person, well qualified, knowledgable and understanding come copletely unglued when put in a situation the person was not familiar with. The mark of the real expert is 'the real expert will seek, ask and find' the details. He knows how to extract the details. Paper qualifications particularly at a degree level indicates the person can usually do this. I understand the pride of having a bunch of letters after your name. Personally I don't use them although I do have a copy of some of the certs I have gained on my wall. These are for my pride not to show others. I have lost the pride in my qualifications because some have them and do not share, care or attempt to understand. Teunis, Hobart, Tasmania Australia PS. I did think it strange when I read something by a Dr. Icant Remember the name CCIE. On Tuesday, March 20, 2001 at 08:01:23 AM, Liang Mark J Civ AFRL/PROI wrote: > Bravo! > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Monday, March 19, 2001 4:22 PM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: RE: Cisco Certs Becoming Paper CCXX > > This issue is turning thisgs upside down from point of view. > > I would like to tell you my opinion. If CCNA, NP, DA, DP and IE written > are not worth then your Bachelors and Graduate studies worth the same. Just > papers. > > I learn to configure a cisco router before knowing all the cisco stuff. > I have a CCDA, CCNP and going for the complete set CCDA, CCNP and CCIE > complete. > > I knew frame relay,atm, sna, dlsw, sdlc, ppp, ipx, switching, etc before > taking any cisco course. I took all cisco traning path version 11.2 and > just recently obtain my degrees and working for the big one. > > What will be your opinion Do I know something or I am just papers? > > You sould be carefull on your opinion about this things, all the knowledge > since a long time ago has been paper, No one has achieve glory after years > of practice and experience. > > I was thinking that you are trying to do the same that the shareowners are > doing with the internet economy, you are devaluating the value of the > Certifications, > why don't you do the same with the college and and graduate degrees, they > are very similar just studying and passing examns not real life thing until > you pass all the levels (semesters and big exam thesis). > > Giga Internetworking > > Fer Saldana > > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IPX Help
Hi, Yes there is caching 'sh ipx cache' The main commands to view IPX are: show ipx servers (this shows the networks and SAP's) show ipx route (this shows the routes networks to interface) show ipx interface ## (show the IPX options on interfaces) show ipx traffic (give useful detail on the routing traffic) Show ipx cache (I have only used to confirm where stuff is going.) Just some ideas. Teunis Hobart, Tasmania Australia On Monday, March 19, 2001 at 05:54:14 PM, Bradley J. Wilson wrote: > The command "no ipx routing" will clear up *all* your troubles. ;-) > > BJ > > - Original Message - > From: Nabil Fares > To: [EMAIL PROTECTED] > Sent: Monday, March 19, 2001 5:32 PM > Subject: IPX Help > > > Greetings all, > > I'm trying to find out how routers treat IPX traffic, is there any type of > switching or optimization taking place. I hope my questions is clear! > > Thanks, > > Nabil > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Dialer problems
Hi, How many 'B' channels do you have to dial out on. More than two on a BRI. I don't think so. I would assume then your third call is waiting for a spare channel. You might need more than one BRI. Just some thoughts, Teunis, Hobart, Tasmania Australia On Monday, March 19, 2001 at 06:28:21 PM, Javier Castillo Alcibar wrote: > Hi there, > > I have a problem with my dialer: > > 00:17:57: BR1/1 DDR: has 2 ongoing call(s), maximum allowed call(s) 2 = > on > pool 5, exceeded max > 00:17:58: BRI1/1: wait for isdn carrier timeout, call id=3D0x803D > 00:17:58: BR1/1 DDR: Attempting to dial 884400507 > 00:18:04: BRI1/1: wait for isdn carrier timeout, call id=3D0x803E > > interface BRI1/1 > no ip address > encapsulation ppp > load-interval 30 > dialer pool-member 5 priority 90 max-link 2 > isdn switch-type basic-net3 > ppp authentication chap callin > > interface Dialer1 > ip address 192.168.20.2 255.255.255.0 > encapsulation ppp > no ip route-cache > no ip mroute-cache > load-interval 30 > dialer pool 5 > dialer remote-name pppSERVER > dialer idle-timeout 18000 > dialer enable-timeout 2 > dialer string 884401044 > dialer string 884401000 > dialer string 884400507 > dialer hold-queue 100 > dialer load-threshold 1 outbound > dialer max-call 6 > dialer-group 1 > ppp authentication chap callin > ppp multilink > > > Any ideas? Should I use a "dialer wait-for-carrier"?? > > Thanks in advance. > > > Javier Castillo Alc=EDbar - [EMAIL PROTECTED] > Alhambra Systems, S.A. - www.alhsys.com > c/Albasanz 14, 28037 Madrid > Tel.: +34 91 787 23 00 > Fax.: +34 91 787 23 01 > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: loopback test
Hi, If you want to check your protocol stack you should be able to ping yourself, check you ip interfaces and/or check your route table (assuming IP is used). There are a number of utilities that check network cards. Teunis Hobart, Tasmania Australia On Monday, March 19, 2001 at 07:56:26 AM, David A. Lauer wrote: > > Why would you need to? Do you have a link light at the interface port and > the hub/switch? Does the interface show Interface UP line Protocol up? > > Cat 5 ethernet uses the 568B pinout for the RJ45 connectors. You could > create loopback plug by cross-connecting pins 1-3 and 2-6. > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > zd z > Sent: Monday, March 19, 2001 4:26 AM > To: [EMAIL PROTECTED] > Subject: loopback test > > > Is there any one knows how to do the > loopback test on ethernet or fastethernet port ? > > > __ > Do You Yahoo!? > Get email at your own domain with Yahoo! Mail. > http://personal.mail.yahoo.com/ > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please Help me with this lab --- Im stuck
Hi, I'm confused. Why the ugly subnet masks on the Serial Interfaces? Teunis, Hobart, Tasmania Australia On Friday, March 16, 2001 at 06:50:29 PM, Arthur Simplina wrote: > It seems to me that there is nothing wrong with your configuration. The > network 10.1.0.0 is reachable from R2 based on the routing table. > > on R2,try : ping 10.1.5.1 (the e0/0 of R1) > > If this is successful, then something could be wrong with your LAN > connections. > > >From R1, can you ping the connected devices at the LAN? > > Comment: Your Ethernet network 10.1.0.0 is part of Area 0? Is this a good > design? > > Arthur > > > >From: "MJL" <[EMAIL PROTECTED]> > >Reply-To: "MJL" <[EMAIL PROTECTED]> > >To: [EMAIL PROTECTED] > >Subject: Please Help me with this lab --- Im stuck > >Date: Fri, 16 Mar 2001 17:32:37 -0500 > > > >Hi gang... > > > > > > I have a problem that is driving me nutz. Take a look at my configs and > > > see > > > if you can figure it out. > > > > > > Diagram: > > > > > > > > > |___| ethernet LAN > > > | > > > R1 --serial--R2 > > > > > > > > > > > > Problem: I can't ping anything on the LAN from R2 > > > > > > > > > > > > R1#sh run > > > Building configuration... > > > > > > Current configuration: > > > ! > > > version 11.2 > > > no service password-encryption > > > no service udp-small-servers > > > no service tcp-small-servers > > > ! > > > hostname R1 > > > ! > > > ! > > > ! > > > interface Ethernet0 > > > ip address 10.1.5.1 255.255.0.0 > > > ! > > > interface Serial0 > > > ip address 10.128.1.1 255.128.0.0 > > > bandwidth 56 > > > clockrate 56000 > > > ! > > > interface Serial1 > > > no ip address > > > shutdown > > > ! > > > router ospf 200 > > > network 10.1.0.0 0.0.255.255 area 0 > > > network 10.128.0.0 0.0.255.255 area 0 > > > ! > > > ip classless > > > ! > > > ! > > > line con 0 > > > logging synchronous > > > line aux 0 > > > line vty 0 4 > > > login > > > ! > > > end > > > > > > > > > > > > R1 Routing Table: > > > > > > R1#sh ip route > > > Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP > > > D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area > > > N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 > > > E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP > > > i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate > > > default > > > U - per-user static route, o - ODR > > > > > > Gateway of last resort is not set > > > > > > 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks > > > C 10.1.0.0/16 is directly connected, Ethernet0 > > > C 10.128.0.0/9 is directly connected, Serial0 > > > 172.16.0.0/32 is subnetted, 1 subnets > > > O 172.16.25.1 [110/1786] via 10.128.1.2, 00:04:20, Serial0 > > > > > > > > > > >-- > > > -- > > > - > > > > > > Router #2 > > > > > > R2#sh > > > %SYS-5-CONFIG_I: Configured from console by console run > > > Building configuration... > > > > > > Current configuration: > > > ! > > > version 11.2 > > > no service password-encryption > > > no service udp-small-servers > > > no service tcp-small-servers > > > ! > > > hostname R2 > > > ! > > > enable password ccna > > > ! > > > ! > > > interface Loopback0 > > > ip address 172.16.25.1 255.255.0.0 > > > ! > > > interface Ethernet0 > > > no ip address > > > shutdown > > > ! > > > interface Serial0 > > > ip address 10.128.1.2 255.128.0.0 > > > ! > > > interface Serial1 > > > no ip address > > > shutdown > > > ! > > > router ospf 200 > > > network 10.128.0.0 0.0.255.255 area 0 > > > network 172.16.0.0 0.0.255.255 area 0 > > > ! > > > ip classless > > > ! > > > ! > > > line con 0 > > > line aux 0 > > > line vty 0 4 > > > password cisco > > > login > > > ! > > > end > > > > > > > > > R2 Routing Table: > > > > > > > > > R2#sh ip route > > > Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP > > > D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area > > > N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 > > > E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP > > > i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate > > > default > > > U - per-user static route, o - ODR > > > > > > Gateway of last resort is not set > > > > > > 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks > > > O 10.1.0.0/16 [110/74] via 10.128.1.1, 00:06:04, Serial0 > > > C 10.128.0.0/9 is directly connected, Serial0 > > > C 172.16.0.0/16 is directly connected, Loopback0 > > > > > > > >_ > >FAQ, list archives, and subscription info: > >http://www.groupstudy.com/list/cisco.html > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com > > _ > FAQ, list archives, and subscr
Re: network response time
Hi, We have had some success in measuring various aspects of application -> network perfomance using Compuware 'EcoScope'. As with anything else you get what you pay for, how much you understand about your needs and how to use the products you have. Teunis, Hobart, Tasmania Australia On Friday, March 16, 2001 at 09:40:21 AM, EA LOUIE wrote: > You're describing two different problems. > > Problem One is network utilization on a LAN for a particular application, > which you can easily monitor by attaching a packet monitoring device on a port > that mirrors your application server. That will measure the data in/data out > at the focal point. A packet capture may indicate the nature of any response > time problems from a TCP perspective, too, if you're using Network Associates' > Sniffer Pro. > > Problem Two is network response time on a LAN for a particular application. > The tool I know of is CompuWare's EcoProfiler, which puts an agent on both the > server and the client and then measures application response including network > latency, host response, and client response times. The caveat is that > EcoProfiler is meant to be used in a sterile (that is, non-production or > development) environment, which removes any other variables (network load, > server contention, etc.) from the equation. From a presentation perspective, > it give you bounce charts and CSV-formatted sheets with the breakdown of > client, network, and server latency. > > "Gayathri" <[EMAIL PROTECTED]> wrote: > > Hi , > > > > I am trying to monitor network utilization on LAN for a particular > > application. > > > > The server is connected to a CAT55 switch . The intention here is to see > the > > response time from the time the users starts using the application, till > the > > server replies. > > > > When I contacted my vendor, they said I have to use a software called end > > point. But he also mentioned this can go upto the network layer only. > > Moreover, this utilization is for the whole vlan. > > > > But the end result I want is , how much time the server has taken to reply > > back to the client? What is the network response time and breakdown of the > > time by server, network and application. > > > > is there any way to acheive this result? > > > > thanks and regards > > > > Gayathri > > > > > > > > > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > Get free email and a permanent address at http://www.netaddress.com/?N=1 > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: help : one isdn problem with ddr and nat
ok, I can live with the answer of 42 but what was the qestion again. On Friday, March 16, 2001 at 01:02:39 AM, Gareth Hinton wrote: > I've had quite a few beers, so maybe it's me, but your punctuation is > terrible. > > I think I know what you're getting at and the answer is 42 or E (again). > > ""xuyong"" <[EMAIL PROTECTED]> wrote in message > 002901c0adaf$3890ce30$[EMAIL PROTECTED]">news:002901c0adaf$3890ce30$[EMAIL PROTECTED]... > > > DQpIZWxsbywNCiAgICBJIGhhdmUgYSBwcm9ibGVtIGFib3V0IGlzZG4gRERSPw0KDQogICAgT25l > > > IENpc2NvIDM2MjAgcm91dGVyLCBpc2RuIGJyaSBpbnRlcmZhY2UuSSBjb25maWcgaXQgYXMgRERS > > > LiBJIHVzZWQgZHluYW1pYyBOQVQuVGhlIHB1YmxpYyBpbnRlcmZhY2UoYnJpIDAvMCkgaXAgaXMg > > > bmVnb3RpYXRlZC4NCiAgICAgTm93IEkgY2FuIHBpbmcgdGhlIGludGVybmV0IHdlYnNpZGUgb24g > > > bXkgcm91dGVyLkJ1dCBJIGNhbid0IHBpbmcgaXQgc3VjY2Vzc2Z1bGx5IG9uIG15IHdvcmtzdGF0 > > > aW9uLiBJIGRlYnVnIE5BVC4gSSBmaW5kIHRoZSBmaXJzdCBwYWNrZXQgaXMgc3VjY2Vzc2Z1bGx5 > > > IHRyYW5zbGF0ZWQgZm9yIHJlcXVlc3QgYW5kIHJlcGx5IHdoZW4gSSBwaW5nIHdlYnNpZGUgZnJv > > > bSBteSB3b3Jrc3RhdGlvbiwgYnV0IHRoZSBvdGhlciB0aHJlZSBhcmUgb25seSB0cmFuc2xhdGVk > > > IGZvciByZXF1ZXN0LCBubyByZXBseS4gIFdoYXQncyB0aGUgcHJvYmxlbT8NCiAgICANCiANCiAg > > ICAgVGhhbmtzIGEgbG90DQogDQogc2luY2VyZWx5LA0Kc3RlcGhlbiB4dQ0KDQoNCg0K > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISL & VLANS between routers
Hi, Probably the best way is to bridge them. Use IRB, create a bridge group for the VLAN's and you should be in business. You can indeed run them as far apart as you like. Be aware of the broadcast consequences. Just a thought. Teunis, Hobart, Tasmania Australia On Tuesday, March 13, 2001 at 12:11:42 PM, Jack wrote: > 2 sites, about 10 blocks apart. > VLAN info needs to be routed over the wan because there are members of the > same VLAN in both locations. > "Mask Of Zorro" wrote in message ... > >Good God Man! Why are you routing VLAN's over a WAN. What is the problem > you > >are trying to solve??? > > > >Z > > > > > >>From: "Jack" <[EMAIL PROTECTED]> > >>Reply-To: "Jack" <[EMAIL PROTECTED]> > >>To: [EMAIL PROTECTED] > >>Subject: ISL & VLANS between routers > >>Date: Tue, 13 Mar 2001 11:29:05 -0800 > >> > >>Anyone know of a way to route Vlans over a WAN other than using Cisco ISL? > >> > >>I have customer with two sites, a 7204 on each site connected with a DS3 > >>but > >>Cisco says that his VLAN info can only be passed over Ethernet > interfaces. > >>He has a 6509 behind each router and the VLAN's are defined in those > >>switches. > >> > >>Anyone had any experience with GIGAMAN from PacBell or Yipes.com ? > >> > >> > >>_ > >>FAQ, list archives, and subscription info: > >>http://www.groupstudy.com/list/cisco.html > >>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > >_ > >Get your FREE download of MSN Explorer at http://explorer.msn.com > > > >_ > >FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to delete a specific entry in access list ?
my oh my, This one comes up occasionally. DO NOT SIMPLY GO "no ip access-list xxx" and enter a noew one. You might get away with it but how about if your access list is on the port you are connected to and your addess is 10,10,10,10 So here we are and we type 'no access-list xxx' The next line is a permit to 10.10.11.0 0.0.0.255 (for example) Waht has happened you can no longer talk to the router. Bad blue!! Always create a new access-list, check it once it has been written to the router, Save the config NOW!. Then if it is a remote site put in the reload in x minutes, apply the new access-list. If you can still talk to the router cancel the reload "NOW". Finish testing the access-list for failure as well as success. When all seems fine save the config. The biggest heart ache is locking yourself out of a router and having to go out on site to reload an access-list. Worse still is a reload that locks you out because the access-list was written to memory prior to reload and/or testing. Experience beats all, Teunis Hobart, Tasmania Australia On Thursday, March 08, 2001 at 08:44:13 AM, Buri. Heather H wrote: > In order to edit an access list, the easiest thing to do is to copy the > access list to notepad, make your changes then remove the access list in > global config mode with the "no access-list" command and then paste in your > new access list. > > I believe that is the only way you can "edit" an access list. However, if I > am wrong I am sure someone will let me know. :) > > Heather > > > -Original Message- > From: YY [mailto:[EMAIL PROTECTED]] > Sent: Thursday, March 08, 2001 5:18 AM > To: Cisco Group Study > Subject: How to delete a specific entry in access list ? > > > Hi, > > How to delete a specific entry in access list ? > If no way, what's the more efficient alternative ? > > Thanks in advance. > > Regards, > YY > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN 22 second PPP Negotiation Time-out, help...
Hi, This sort of thing (22 Seconds) often happens when a remote device is attempting to authenticate say a Cisco router. Linux is often one I come across another is when logging into a group of routers then using RDIUS or similar to allow access. The remote device attemts to authenticate the called router but it does not necessarily reply the way the remote device wants to see it. In a number of cases it is easier to have the called device to the 'chap' authentication and not have the remote device do the authentication as well (no auth in Linux ppp setup) don't add the 'ppp auth chap' in the dialer of the calling router. This of course assumes you are only interested in a remote connection calling to central site and the central site being the device interested in controlling security. Debug PPP neg shows the attempt. Just a thought, It is one I have come across on several occasions. Teunis, Hobart, Tasmania Australia On Friday, March 09, 2001 at 09:09:50 AM, [EMAIL PROTECTED] wrote: > I have no experience with the US telco environment, but looking at this > from another angle... > You say that the PPP negotiation is timing out. Is this because the > negotiation traffic is being dropped (dodgy ISDN line), or is it because > it's not negotiating properly in the first place? > Debug ppp negotiation and debug ppp packet (I think - going from memory > here) can be quite useful if you haven't already used them. At both ends. > I have had problems with a bug where prioritisation and PPP multilink could > not be used on the same link. If they were, PPP negotiation failed (timed > out after about 22 seconds) - one side simply failed to reply to the other > once the virtual link was set up. Similarly, changing the encapsulation of > an interface to PPP without shutting/no shutting the interface can give > negotiation problems. If this is a new link, what order did you enter > commands in? Was 'no shut' the first or last thing you did? > If the problem is with the negotiation process itself, then you can > probably stop pestering the telco and start pestering the TAC instead. > > JMcL > > -- Forwarded by Jenny Mcleod/NSO/CSDA on 09/03/2001 > 09:01 am --- > > > Dan West <[EMAIL PROTECTED]>@groupstudy.com on 09/03/2001 03:15:44 am > > Please respond to Dan West <[EMAIL PROTECTED]> > > Sent by: [EMAIL PROTECTED] > > > > To: Kurt Bailey <[EMAIL PROTECTED]> > [EMAIL PROTECTED] > cc: > > > Subject: Re: ISDN 22 second PPP Negotiation Time-out, help... > > > I have done this *type* of work before Get ready. > Ask telco to trace out the carrier for you from their > demarc and find every mux point or switch AND ask them > IF the circuit gets HANDED OFF to another CARRIER at > some point. > > If so, your nice 64k digital line might be stepping > down to analog within another telco (CARRIER) so your > LEC might not even care or say they have control over > it It's oh so much fun working with the phone > companies. Although I must say I have worked with some > really good, qualified people there who have been > extremely helpful > > > --- Kurt Bailey <[EMAIL PROTECTED]> wrote: > > I have mutliple ISDN lines in the US that seem to be > > UN-Fixable... > > Calls time-out after 22 seconds. We use Cisco. Some > > locations work when you > > call in-bound but fail on out bound calls, while > > others fail both in and out > > bound. We order the ISDN 64k DATA/DATA. It must be > > 64k DATA/DATA in order to > > work with our access-servers, VOICE/DATA will not > > work. Local and Long > > distance teclo SAY they are configured right... Long > > distance telco says > > they are handing a 64k data call to local and local > > says they are recieving > > a 64k data call and vise versa. Now for some issues > > I have been able to set > > the call speed to 56k to get the call working. My > > main point for posting > > this is to find help in how I can talk to the telco > > and make them look at > > the line and be absolutly sure that our calls are > > traveling a 64k DATA/DATA > > trunk and not being routed over ANALOG or > > VOICE/DATA. Or if there are any > > config changes that can be made local or on the > > access-servers. > > > > Thanks, > > > > Kurt > > > _ > > Get your FREE download of MSN Explorer at > > http://explorer.msn.com > > > > _ > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to > [EMAIL PROTECTED] > > > = > from The Big Lebowski... > > The Dude: You sure he won't mind? > Bunny: Dieter doesn't care about anything. He's a nihilist. > The Dude: Ohhh, that must be exhausting... > > __ > Do You Yahoo!? > Get email at your own domain with Yahoo! Mail. > http://personal.mail.yaho
RE: IPX Question
Both is best, Run something like IPX EIGRP make sure you turn IPX Rip off on your WAN links. Run a filter at every point to filter SAP and networks. After all, do all the sites need to see the devices on all other sites. The best way to get nice results are to "DESIGN YOUR IPX WAN" don't let it design itself. That way you can make 'nice filters' that allow you to group networks etc. Each region might might use code say north = 2, south = 5, East = E. You could then use another for towns in a region A, B, C, whatever. Then similar for sites. You might run accounts on 3xxx, networks and sales on 4xxx networks. Using a stucture like this will allow you to filter at access and core points and direct your SAP's etc much better. This can create a little more work but can be worth it. You can use it as a form of router/sap summarisation. Just some thoughts, Teunis, Hobart, Tasmania Australia On Thursday, March 08, 2001 at 03:36:49 PM, Stull. Cory wrote: > Upgrade to netware 5 and use IP... If not you should always try to filter > as close to the source of the traffic as you can. If your using Cisco I > would recommend using EIGRP with incremental SAP updates. > > Cory > > -Original Message- > From: KOLIY [mailto:[EMAIL PROTECTED]] > Sent: Thursday, March 08, 2001 3:19 PM > To: [EMAIL PROTECTED] > Subject: IPX Question > > > I am responsible for design a IPX network... We have a a 56k line > connects remote sites and there are about 6000 IPX services on a network > where would should I filter the saps at? the central router or the remote > router? > thanks > Koliy > > > Get free email and a permanent address at http://www.netaddress.com/?N=1 > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Serial port Full Duplex or Half duplex?
Hi, Best look at Full Duplex and what it means. I think either could be a more appropriate answer. Depending on the device connecting to the serial port. Most devices you connect to a V.35 interface will indeed run at full duplex. Dulpex is not an ethernet thing but a comms thing that allows a connection to transmit on one cct and receive on another. It might use some form of modulation to separate one cct from another or could use a 4 wire connection as in ethernet as long as both circuits are separated. Just some thoughts, Teunis Hobart, Tasmania Australia On Thursday, February 08, 2001 at 04:59:05 PM, Circusnuts wrote: > neither- I can't think of any type Serial interfaces that pay much attention > to Ethernet duplex :o) If you meant Ethernet, I don't know that I have ever > seen that ability on the routers (switches yes)... > > Phil > > - Original Message - > From: "Kiran Kumar M" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, March 08, 2001 4:56 PM > Subject: Serial port Full Duplex or Half duplex? > > > > > > Hi, > > > > Can anyone tell me In cisco routers, serial interface with v.35 will work > > in Full Deuplex or Half Duplex? > > > > Thanks, > > Kiran > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to upgrade IOS remotely?
Hi, Be very careful with the 2500's particularly if they are using BRI ports. The old boot versions of code did not support the BRI so you load in the new image and lose contact, get embarassed, swear out loud, drive for five or six hours, learn new words you won't repeat to mum and spend quite a time getting it going again. Just a little thought from Teunis. Teunis, Hobart, Tasmania Australia On Wednesday, March 07, 2001 at 11:27:56 AM, Andrew Larkins Hi, wrote: > A 2600 can be upgraded while on line. The router copies the image to the > flash, but the systems runs on memory. On a reload the new software is > activated > A 2500 will go into a "boot mode" to receive the flash file. when you enter > copy tftp flash, the router restarts and enter this mode, then copies the > flash and only then reboots again > > -Original Message- > From: Jason Baker [mailto:[EMAIL PROTECTED]] > Sent: 07 March 2001 03:07 > To: 'Thomas'; [EMAIL PROTECTED] > Subject: RE: How to upgrade IOS remotely? > > > setup up a Tftp server on your network. Copy the ios from the tftp server > adn then simply reload. > > Regards, > > Jason Baker > Network Engineer > > > > > > > > -Original Message- > From: Thomas [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, March 07, 2001 11:40 AM > To: [EMAIL PROTECTED] > Subject: How to upgrade IOS remotely? > > > Hi Group - I have couple of 2600 and 2500 routers in production. I wonder > if there is a way to upgrade the IOS for these router remotely (or through > the modem...)? I know that I cannot upgrade the IOS when I am running on > the running-config Thanks in advance! > > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CRC errors on ISDN Interface
Hi, There are several places this can break. IF the line tests ok I can understand this. Here is a couple of things you might look at. Are the CRC's seen on both ends of the link. (If so then there is a chance it is on the line side) If not then almost certainly the problem will be at the end with the CRC's between the NT1 and the router. My experience has been most often this is a cable and/or the comb in the RJ45 socket. Another common problem is dry joints in the building wiring. Often these are not picked up in tests as the voltages used by test equipment 'blows trhe dust out'. In one case I had it was indeed water. We are really trying to identfy is it in the two wire cct between the sites or the 4 wire cct within a site. Just some thoughts. Teunis Hobart, Tasmania Australia On Tuesday, March 06, 2001 at 01:38:35 PM, Stephen Robichaud wrote: > I have a problem with an ISDN circuit that keeps on dropping off. When I > look at the BRI interface I see CRC errors. I have swapped out the patch > cable going to the providers jack, I swapped out the router and the ISDN WIC > but I still keep on getting the CRC errors. The provider has checked the > line and they said the line is ok. This router keeps on dropping off and the > customer is now getting upset. Any idea have any ideas what I can check or > try next? > > Thanks > _ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Catalyst 2926 and 2901 Sup Versions
Hi, I think what this is saying is that the 2901 can only use a supervisor I and the 2926T can use either a SUP I or II Just a thought. Teunis Hobart, Tasmania Australia On Tuesday, March 06, 2001 at 09:25:33 AM, Mark Holloway wrote: > I researched the archives and saw a conflict. Anyone mind advising? > > > Catalyst 2901 = Sup I > > Catalyst 2926T = Sup ? (I or II) > > > Regards, > Mark > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: MRTG / SNMP Monitor
Hi, GetIF This has some graphing capabilities. Be aware the SNMP graphing like this goes out and does an SNMP 'get' this can generate some extra traffic and load particularly on WAN links that are already busy. This stuff is like insurance 'those that need it most can least afford it' Just some thoughts, Teunis Hobart, Tasmania Australia On Tuesday, March 06, 2001 at 01:24:26 PM, Warrick FitzGerald wrote: > Hi All, > > I am trying to find an SNMP agent that is easier to manage that MRTG, but > that will give me the same graphing funtionality. I know many of you have > already sugested SNMP agents and servers although I dont seem to be able to > find one that offers the graphing functionality. > > Thanks > Warrick FitzGerald > LiveTechnology International Inc. > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Frame Relay Charges
Hi, To cut costs some people use Zero CIR. BUT, this might connect to a remote end that bases it's utilisation on CIR. For example, a supplier might run a service from the core to a frame switch at 2Meg with a CIR of 2Meg this will then cope with the entire commited range to the serial port. Say you have 10 people with Zero CIR connected and 4 with 512K. The switch sees the ZERO with DE bits (all packets) what happens. On the floor they go. Ring the supplier he might be symathetic to your problem. My guess is he will not only recommend you up your CIR but also charge you for the inconvenience. Remember there are two ends to all of this plus a middle you have no control over. The CIR gives you the little control you might like. The secret with CIR is to cover yourself without buying more than you need. Just some thoughts. Teunis, Hobart, Tasmania Australia On Monday, March 05, 2001 at 12:35:24 PM, Nguyen_Trang wrote: > 0 CIR, must be SPRINT. > > How FR providers base their charges? > It depends on the provider and also if you are > talking about Internet access or private frame. > > Some charges nothing for bursting over the CIR, > others charges based on how much and how long > you bursted over CIR. You need to ask the > provider for the detail of their charges. > > 0 CIR for 8-5, it depends on the type of data > you want to transmit. Example: You can't > afford frame dropping if you transmit video or > voice. > > Trang > > > > -Original Message- > > From: Nabil Fares [mailto:[EMAIL PROTECTED]] > > Sent: Friday, March 02, 2001 2:26 PM > > To: [EMAIL PROTECTED] > > Subject: Frame Relay Charges > > > > > > Greetings all, > > > > Can you guys shed some light on how FR providers base their > > charges. How > > they charge when going above CIR (etc...)? > > > > also, if I have site with network access between 8-5, is it > > worth risking a > > zero CIR? > > > > We had a meeting with an account rep for a FR provider, he > > kept pressing on > > 0 CIR. This is a new trend? > > > > Thanks, > > > > Nabil > > > > > > _ > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How would you Explain it.
Hi All, We supply quite a lot on 'LAN' connect services. These have a Gig coming back to a core with a number of 100Meg ports some to various clients 'a shared connection' others going to a site operated by the one orgaisation. These come bace into a core and do so in the couple of major cores we provide this network. The cores are connected using several ATM links thus providing a number of VLAN's statewide. In a number of cases the 'backbone' ie the links between sites provides less of a bottleneck than the LAN's they connect. This will however change as the LAN's are upgraded. Typically we would have something like a 2928G. This might provide several VLAN's including 'public' and 'private' address space. These would be connected using 'BVI' interfaces thus allowing integrated bridging and routable networks. This works well and is being extended to others faster than I could imagine. My to bob's worth, Teunis Hobart, Tasmania Australia On Friday, March 02, 2001 at 02:28:01 PM, Howard C. Berkowitz wrote: > >I have a customer who wants to upgrade his 128K ISDN point to point > >connections to at lease a 10mbps connection. He is thinking along the lines > >of LAN technologies. He idea connection is a 1gb connection. How would go > >about explaining to this guy that he is out of his mind without damaging his > >ego. His the IT manager and thinks he's knowledgeable about networks. > > I wouldn't say he is totally out of his mind, if he's in a geographic > area served by one of the bleeding edge Optical Ethernet providers. > Very rare so far, but there are 100 or 1000 Mbps physical facilities > over which the user pays for the amount of bandwidth he needs. Most > of the ones I'm aware of are in Europe. > > In the vast majority of locations, he is out of his mind. Assuming > he needs 10 Mbps, your choices include inverse multiplexed T1 and > ATM, fractional T3, or 10 Mbps over OC-3 facilities. I had a design > not too long ago where we were able to bring in some of the voice as > well, and found that OC-3 was quite cost-effective. It ran into a > 7200. A 3600 is probably the lowest end router to consider. > > > > >btw... > > > >I've gone ahead and gotten quotes on a t1 and t3 lines. I know I can use a > >2600 for the T1 connection but what is there a adapter for taking a clear > >channel T3 for the 2600 or do I have to look at a 7000 series router. > > > >Thanks, > > > >Keith Townsend > >www.townsendconsulting.com > \ > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Acess list (only for me)
Hi, Do you mean telnet into the router ie EXEC. if so define your access-list as a standard list say access-list 1 permit 192.168.1.52 then on your line vty as well as your usual login password details add line vty 0 4 (usual login stuff) access-class 1 in If you mean to gain access beyond your router (ie through) access-list 100 permit tcp host 192.168.1.52 any eq telnet access-list 100 deny ip any any on your ethernet ip access-group 100 in Be aware however all is denied except telnet from the one host. I like to add the deny any any to let all and sundry know it is there implicit or not. After all it is only one line. Just some thoughts. Hope the syntax is correct. Teunis Hobart, Tasmania Australia n Thursday, March 01, 2001 at 05:28:54 PM, jeongwoo park wrote: > didn't work > anyway thanks for your reply. > J > > ""Johnny Sun"" <[EMAIL PROTECTED]> wrote in message > 000601bf73a6$f70f3e80$[EMAIL PROTECTED]">news:000601bf73a6$f70f3e80$[EMAIL PROTECTED]... > > Hi Jeongwoo, > > > > Just change the access-list like this: > > access-list 101 permit tcp host 192.168.1.52 any eq telnet > > > > regards. > > > > Johnny Sun > > > > > > -Original Message- > > ·¢¼þÈË: jeongwoo park <[EMAIL PROTECTED]> > > ÐÂÎÅ×é: groupstudy.cisco > > ÊÕ¼þÈË: [EMAIL PROTECTED] <[EMAIL PROTECTED]> > > ÈÕÆÚ: 2001Äê3ÔÂ1ÈÕ 16:47 > > Ö÷Ìâ: Acess list (only for me) > > > > > > >Hi all > > >I am playing with 3620 router that has an ethernet. > > >There are several hosts hanging off the ethernet. > > >I want nobody but myself to telnet to this router. > > >So, I made access list as following; > > > > > >access-list 101 permit tcp host 192.168.1.52 eq telnet any > > >! > > >ip access-group 101 in > > > > > >192.168.1.52 is my ip address > > > > > >I couldn't telnet in. > > >What am I missing? > > > > > >Thanks in adv. > > > > > > > > > > > >-- > > >jeongwoo > > > > > > > > >_ > > >FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ISDN B Chanell
Hi, I'm a little confused about your ISDN numbers. On all the services I have from one router to another I use the one number for example 64353423 both channels call 6399900. I dont understand why you are calling the same router on two numbers. I would have thought the NT1 is one number. Teunis Hobart, Tasmania Australia On Thursday, March 01, 2001 at 08:37:26 PM, Santosh Koshy wrote: > Hello All, > > I am setting up a simple point to point ISDN BRI connection. It > works like a charm, but for the life of me, I cannot get the secondary B > chanell to come up. When I initiate a ping, it brings up the first B chanell > instantaneously, but it wont bring up the secondary. > > ROUTER 1 > interface BRI0 > ip address 10.10.10.1 255.255.255.240 > no ip directed-broadcast > encapsulation ppp > dialer idle-timeout 86400 > dialer map ip 10.10.10.2 name ABC broadcast 9032031701 > dialer map ip 10.10.10.2 name ABC broadcast 9032031704 > dialer hold-queue 1 > dialer load-threshold 1 either > dialer-group 1 > isdn switch-type basic-ni > isdn spid1 90319074001 > isdn spid2 903319074101 > compress stac > ppp authentication chap > ppp multilink > > ROUTER 2 > interface BRI0 > ip address 10.10.10.2 255.255.255.240 > no ip directed-broadcast > encapsulation ppp > dialer idle-timeout 86400 > dialer map ip 10.10.10.1 name XYZ broadcast 9033190740 > dialer map ip 10.10.10.1 name XYZ broadcast 9033190741 > dialer hold-queue 1 > dialer load-threshold 1 either > dialer-group 1 > isdn switch-type basic-ni > isdn spid1 903203170101 > isdn spid2 903203170401 > compress stac > ppp authentication chap > ppp multilink > > Thanx, > Santosh > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VLANS and DHCP
Hi, Using a helper-address on the interfaces where you don't have the DHCP server. The helper-address points to the DHCP server. This can even happen across a WAN. Teunis, Hobart, Tasmania Australia On Thursday, March 01, 2001 at 12:09:31 PM, W. Alan Robertson wrote: > Chris, > > While that would certainly work, it's not the most elegant way of meeting your > requirement. > > DHCP servers support different Scopes (think ranges of addresses, or different > subnets). When you enable the 'ip helper address' on an interface supporting a > network where no DHCP or BOOTP server resides, the broadcast DHCP request is > repackaged as a unicast message with the destination address you provide in the > helper address statement. The 'source ip address' field of that unicast packet > is the IP address of the router inteface from which the request originated, and > the DHCP uses it to determine which Scope (Pool of addresses, or Subnet range) > to allocate the new address from. > > The DHCP forwards the DHCP response back to the router that handled the request, > and the router dumps it back onto the segment from which it came. > > Presumably, the next step is the limit network access based on user class > (Administrative, Regular, Etc.). Simply build your access-lists to suit your > needs. > > Hope this helps, > > Alan > > - Original Message - > From: "Chris Sees" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, March 01, 2001 11:15 AM > Subject: VLANS and DHCP > > > > HI, > > Does anyone have suggestions for implementing DHCP in an enterprise > > environment that wants to use VLAN's (for administratve, regular users, > > etc. - for security purposes) and DHCP at the same time? It seems like you > > would need multiple DHCP servers (carefully placed). ? > > Thanks in advance. > > > > > > Chris > > > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: package lose
Hi, The packet loss might not be due to an error. A link that is really busy will drop packets because they timeout. The remote device maybe too busy once again timeouts. Not all loss is due to an error condition. Teunis Hobart, Tasmania Australia On Thursday, March 01, 2001 at 06:38:30 PM, shanjun zou wrote: > hello,every one: > > In my Cisco 4500 router, I ping my s0 interface, it reported that the losing > rate is 4%, but use the command "show interface s0", you could see "no > error". I was confused. > > why? could anyone tell me the truth? > > > thanks very much. > > > shanjun zou > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: ATM Vs Frame-relay
Hi, Frame relay and ATM do use different technologies. Different switches. Differnet ways data is put on a link. Different framing. Teunis Hobart, Tasmania Australia On Thursday, March 01, 2001 at 08:43:19 AM, Howard C. Berkowitz wrote: > >Hi, > > > >Why ATM can go upto 10 Gbps whereas Frame-relay upto > >45 Mbps only? > > There isn't market demand to do so, so carriers don't offer it. > There is no inherent reason why it can't, but I would tend to > say that the demand for frame relay aggregate bandwidth is being > outstripped by MPLS demands. > > At the US Y2K information center, we had OC-3 interfaces to the > routers, the ATM PVCs on which included 15 Mbps pipes to the hosting > centers, and dozens of channels which started as frame relay but were > mapped to ATM at the far end. > > >If so, please explain why it's impossible > >to build a frame-relay interface to deliver 1 Gbps. > > It isn't. > > I could argue, however, that there is no such thing as a frame relay > interface. Frame relay is layer 2, while interfaces are layer 1. > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Telnet Bandwidth
Hi, It depends on how fast you can type and how fast the screen comes back from your server. Telnet is quite low in bandwidth but high in packets. Often each character typed becomes a packet therefore you produce a high number of small packets. This however is usually still far slower than the ability of a server to return large ftp packets. Teunis Hobart, Tasmania Australia On Thursday, March 01, 2001 at 10:16:08 AM, Christopher Supino wrote: > > Hey all, > > > Slightly off topic(maybe not). How much bandwidth does your average telnet > session take up? > > Christopher Supino > Senior System Engineer, > CCNA, MCSE, CNA5, ASE > TransNet Corp. > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > -- www.tasmail.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
