Re: Cisco Secure VPN 642-511 [7:73919]
Just received e-mail from Cisco that they would send me the INFOSEC letter of recognition after I signed the Cisco Certification Agreement. I am spending time on other interesting stuffs which is not Cisco and not sure if I would sit for recert. Kevin Wigle wrote in message news:[EMAIL PROTECTED] on the same page is an INFOSEC Professional link. Cisco has been granted rights to award this cert. It is NOT a Cisco cert. Which is cool because once it is awarded there is no need to recertify, it is permanent. Which is opposite to everything Cisco does - especially CCSP - to recert CCSP you have to take all 5 exams again. Hopefully by the time people get 3 years in CCSP Cisco will have a single recert exam like they do for CCIE/CCDP/CCNP I might do the security exams once to get the INFOSEC cert and then forget the recert on the Cisco stuff. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=74180t=73919 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Len Lee/CHI/NTRS is out of the office. [7:73712]
I will be out of the office starting August 8, 2003 and will not return until August 18, 2003. I will not be checking my messages periodically . If this is a firecall, please reference the firecall list. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73712t=73712 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re:Information Systems Security (INFOSEC) Professional [7:73514]
I received a e-mail from Cisco on July 1, 2003 about a new cert. : On July 1, 2003, candidates in the Cisco Career Certifications Tracking System who meet the above requirements will be recognized as an Information Systems Security (INFOSEC) Professional and will receive a letter of recognition from Cisco. ++ Has anyone received this said letter of recognition from Cisco yet ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73514t=73514 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Re:Information Systems Security (INFOSEC) Professi [7:73606]
Alan Ho wrote in message news:[EMAIL PROTECTED] No. What are the above requirements? Thanks Alan Content of e-mail from Cisco:- + Cisco Security Training Leads to Information Systems Security (INFOSEC) Professional Certificate In April 2003, the National Security Agency (NSA) and the Committee on National Security Systems (CNSS) awarded Cisco formal certification recognizing that Cisco security courseware meets the 4011 training standard. This standard is intended for Information Systems Security (INFOSEC) Professionals responsible for the security oversight or management of critical networks. This formal NSA and CNSS certification gives Cisco the authority to recognize those candidates who have demonstrated that they have met this training standard. To be eligible for the INFOSEC Professional certificate, candidates must be CCNA certified and pass these security exams: a.. SECUR-Securing Cisco IOS Networks (or MCNS) b.. CSPFA-Cisco Secure PIX Firewall Advanced c.. CSVPN-Cisco Secure Virtual Private Networks d.. CSIDS-Cisco Secure Intrusion Detection System (or IDSPM) This certificate indicates confidence in the competency of your skills. The 4011 standard for INFOSEC Professionals applies to all U.S. Government departments and agencies, as well as to its contractors. Therefore, this certificate will help you meet current or future Federal employment requirements. In environments where these requirements do not apply, you can use this certificate to demonstrate that you possess the knowledge and skills needed to oversee and protect critical information infrastructures and networks. On July 1, 2003, candidates in the Cisco Career Certifications Tracking System who meet the above requirements will be recognized as an Information Systems Security (INFOSEC) Professional and will receive a letter of recognition from Cisco. Candidates who partially meet these requirements can track their progress using the online tracking system as with all Cisco certifications at www.cisco.com/go/certifications/login. To learn more about this and other training standards set forth by the CNSS, go to www.nstissc.gov. Additional information about this INFOSEC certificate can be found on the Certifications Online Support page at www.cisco.com/go/certsupport. +++ Alex Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=73606t=73606 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
BCMSN [7:72144]
Dear all, I am new. My CCNA will expire in August. I will take the BCMSN beta test in 20 Jul. Would you please give me the advice and if possible, any sample questions to my email address : [EMAIL PROTECTED] thanks in advance Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=72144t=72144 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Router question [7:71191]
Hello Group, I want to beef up my 4500M+ to 16MB Flash so I can run 12.2 code on it... Under the show version (as below), I see 2 different flash: 4096K bytes of processor board System flash (Read/Write) 4096K bytes of processor board Boot flash (Read/Write) How does the 4500M+ works? Does it mean that I will need to have both the System Flash Boot Flash up to 16MB? If so, does anyone where I can find some? And if I need to find them, are they just called? 4500M System Flash AND 4500M Boot Flash Thanks so much for the help in advance, Regards, Hunt Router#sh ver Cisco Internetwork Operating System Software IOS (tm) 4500 Software (C4500-I-M), Version 11.1(5), RELEASE SOFTWARE (fc1) Copyright (c) 1986-1996 by cisco Systems, Inc. Compiled Mon 05-Aug-96 13:40 by mkamson Image text-base: 0x600088A0, data-base: 0x6042A000 ROM: System Bootstrap, Version 5.3(16) [richardd 16], RELEASE SOFTWARE (fc1) ROM: 4500 Software (C4500-BOOT-M), Version 11.1(7), RELEASE SOFTWARE (fc2) Router uptime is 1 minute System restarted by reload System image file is flash:c4500-i-mz.111-5, booted via flash cisco 4500 (R4K) processor (revision D) with 16384K/4096K bytes of memory. Processor board ID 05795949 R4700 processor, Implementation 33, Revision 1.0 G.703/E1 software, Version 1.0. Bridging software. X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. 128K bytes of non-volatile configuration memory. 4096K bytes of processor board System flash (Read/Write) 4096K bytes of processor board Boot flash (Read/Write) Configuration register is 0x2102 Router# Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71191t=71191 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Email access over the Internet [7:70753]
Robert, Your security client is using IPSEC with is a layer-3 protocol IP 50/51. This does not play well is NAT due to the fact that you would need a 1:1 static nat from your pc to the NET. Chances are your Hotel's are using 1:Many Nat or Cisco... PAT. (Port Address Translation). IPSEC will not work with PAT because it has NO TCP/UDP Port numbers. There are newer version of NAT Traversal or IPSEC that are starting to use port numbers but that is not a standard as of yet. I would suggest looking into Netilla it's more or less a terminal server used over HTTPS and can be integrated with RSA Secure ID for authentication. Hope this helps. -Original Message- From: McCallum, Robert [mailto:[EMAIL PROTECTED] Sent: Monday, June 16, 2003 2:51 PM To: 'Ccielab' (E-mail); [EMAIL PROTECTED] Com (E-mail); Comserv (E-mail); '[EMAIL PROTECTED]' Subject: Email access over the Internet Folks, I have a problem in my work where for some strange reason I cant access my email over the internet from a hotel. The reason for me not being able to access email is because, oddly enough, the hotel uses NAT. We use checkpoint firewalls and I use securemote software. Now I believe its something to do with the secure ID token that I use and when I type this in there is some form of checksum which is checked at the server end. This of course has changed due to the Nat going on. has anybody out there experience this as well and know what the simple solution is. I'm sure there is a simple solution and its just my company politics which is causing me the problems. Any help will be much appreciated. Robert McCallum CCIE #8757 01415663448 07818002241 ___ You are subscribed to the GroupStudy.com CCIE RS Discussion Group. Subscription information may be found at: http://www.groupstudy.com/list/CCIELab.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70753t=70753 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Len Lee/CHI/NTRS is out of the office. [7:70388]
I will be out of the office starting June 9, 2003 and will not return until June 20, 2003. I will be checking my messages periodically . If this is an emergency, Please contact Joe Pappalardo at extention. 312-444-5365. If this is a firecall, please reference the firecall list. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70388t=70388 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Please help!!!! [7:70369]
Hi, Does anyone knows how can i differentiate a router between Cisco 4000 Cisco 4000M? Also, for a 4000M, what is the max amount of flash it can handle? (I want to load at least IOS 12.1 on it). - Cisco Internetwork Operating System Software IOS (tm) 4000 Software (C4000-DS-M), Version 12.0(23), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2002 by cisco Systems, Inc. Compiled Mon 01-Jul-02 22:19 by srani Image text-base: 0x00012000, data-base: 0x0083DF10 ROM: System Bootstrap, Version 4.14(7), SOFTWARE R6 uptime is 1 minute System restarted by power-on System image file is flash:c4000-ds-mz.120-23.bin cisco 4000 (68030) processor (revision 0xB0) with 16384K/4096K bytes of memory. Processor board ID 5039132 G.703/E1 software, Version 1.0. Bridging software. X.25 software, Version 3.0.0. 1 Token Ring/IEEE 802.5 interface(s) 128K bytes of non-volatile configuration memory. 4096K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Thanks in advance, Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70369t=70369 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Question about Cisco's routers [7:70252]
Hello Team, A quick question for you guys Just by looking at the show ver, how can i differentiate a router between Cisco 4000 Cisco 4000M? Also, for a 4000M, what is the max amount of flash it can handle? (I want to load at least IOS 12.1 on it). - Cisco Internetwork Operating System Software IOS (tm) 4000 Software (C4000-DS-M), Version 12.0(23), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2002 by cisco Systems, Inc. Compiled Mon 01-Jul-02 22:19 by srani Image text-base: 0x00012000, data-base: 0x0083DF10 ROM: System Bootstrap, Version 4.14(7), SOFTWARE R6 uptime is 1 minute System restarted by power-on System image file is flash:c4000-ds-mz.120-23.bin cisco 4000 (68030) processor (revision 0xB0) with 16384K/4096K bytes of memory. Processor board ID 5039132 G.703/E1 software, Version 1.0. Bridging software. X.25 software, Version 3.0.0. 1 Token Ring/IEEE 802.5 interface(s) 128K bytes of non-volatile configuration memory. 4096K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Thanks in advance, H. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70252t=70252 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PAT AFTER NAT...IS IT POSSIBLE??? [7:66672]
Yes you can just take your nat statement (ip nat inside source list 1...) and add the word overload on the end of the command. You will use a 1:1 NAT for the first set of users. Once your IP's are used up you will use PAT. It is important to note that some issues arise with PAT versus NAT like IPSEC or DLSW. just an fyi. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=66685t=66672 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
DNS Proxy [7:64339]
hi, I have a 2621 router connected to a DSL line. I have seen on some small Cisco routers they have he ability to do DNS proxy, I can't ind any commands on how to configure this though. Is this possible to do on a 2621, also if someone could point me in the direction of sample configs then that would be great Thanks Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=64339t=64339 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Novell SAP question [7:63340]
All, I have a question on Novell SAP and need your help: A cisco router is receiving a specific SAP advertisement but the server isnt showing up in the server table. Why are the possible reason for that? Thanks in advance. Cheers, Lee _ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63340t=63340 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE written exercise question-Voice Quality [7:63349]
All, I was searching through internet (include Ciso website)and I can't really find a good source in Padding-Gain terminology for managing voice call quality. Can anyone recommend a good website? I have a question regarding Voice quality... Question: Site B and site C are connected to Site A. Site A complains B and C is too loud. Where as, site C compains the received signal is too low/soft. Option: (Pick 2) a) padding input A, output B, b) gain on C c) padding output at A Thanks, Lee _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63349t=63349 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE written exercise question [7:63247]
All, I'm preparing CCIE written exam and encounter some tricky questions in exercise. Would like to ask for help for those who can solve it: 1) Which one is NOT Well-known attribute for BGP ? - local preference - origin - weight - community - cluster-id You can only choose one out of 5. _ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63247t=63247 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: History of the PIX Firewall [7:62512]
Cool. Richard Deal wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=62540t=62512 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Len Lee/CHI/NTRS is out of the office. [7:61968]
I will be out of the office starting January 27, 2003 and will not return until February 3, 2003. I will respond to your message when I return. If this is an emergency, Please contact Joe Pappalardo at extention. 312-444-5365 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61968t=61968 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: calling sydney [7:60055]
Hello Amer, I'm in Brisbane. Let me know if you are still interested ;-) Best Regards, Hunt Lee amer kulaif wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... i am preparing myself for the CCIE exam. any one in sydney wants to study togather. please respond to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=60060t=60055 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN over DLSW [7:59967]
Hi Group, I am very very confused about DLSW over ISDN. I tried to simulate the CCO example at:- http://www.cisco.com/en/US/customer/tech/tk331/tk336/technologies_tech_note0 9186a0080093ecb.shtml Firstly, by following the example exactly, I managed to get everything to work. However, according to Solie (p923), I have also read up lots of GroupStudy posts, in order for ISDN to work with DLSW, one would need these keywords on both ISDN routers:- keeplive 0 on Local-peer statement Timeout 90 on Remote-peer statement Yet on this CCO e.g., neither of these are used. Why Second Question, to make matter worse, after I have tried to put these two keywords on the 2 ISDN routers, RTA don't even dial to RTC anymore... Any ideas would be greatly appreciated. On RTA - Tatiasaurus (Loopback int - 1.1.1.1 for simplicity) dlsw local-peer peer-id 1.1.1.1 keepalive 0 dlsw remote-peer 0 tcp 2.2.2.2 timeout 90 dlsw remote-peer 0 tcp 3.3.3.3 backup-peer 2.2.2.2 timeout 90 dlsw bridge-group 1 RTB - Diplodocus (Loopback int - 2.2.2.2) dlsw local-peer peer-id 2.2.2.2 dlsw remote-peer 0 tcp 1.1.1.1 dlsw bridge-group 1 RTC - Tanius (Loopback int - 3.3.3.3) dlsw local-peer peer-id 3.3.3.3 keepalive 0 promiscuous dlsw remote-peer 0 tcp 1.1.1.1 timeout 90 dlsw bridge-group 1 Thanks. H. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59967t=59967 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Len Lee/CHI/NTRS is out of the office. [7:59774]
I will be out of the office starting December 23, 2002 and will not return until December 31, 2002. I will respond to your message when I return. If this is an emergency, Please contact Bill Jarrett at extention. 312-557-0390 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=59774t=59774 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP addressing..i think i understand but i am not sure [7:57569]
- Original Message - From: Peter van Oene To: Sent: Wednesday, May 29, 2002 1:11 AM Subject: Re: BGP addressing..i think i understand but i am not sure [7:45235] Hey Nigel, I'm not sure where to point you. All I can tell you is that it is commonplace and likely will continue to be so. I'm currently not aware of any routing issues that this behavior would induce. Pete At 08:04 PM 5/27/2002 -0400, Nigel Taylor wrote: Peter, It would seem that CableWireless and Above along with RIPE are the main culprits. It would seem to me that this inconsistent route issue would present problems, what I'm I missing? It maybe that I'm not totally clear on what constitutes an inconsistent route. RFC 1930 clearly states that one-prefix, one originating AS. I know it's been mentioned in this thread and I see it noted that the RSNG Project will notify peers of inconsistent policies registered in the IRR. So, how effective is this initiative if most of the community feels it's not something to be worried about. Anyone care to point me in a specific direction. thanks Nigel - Original Message - From: Peter van Oene To: Sent: Monday, May 27, 2002 6:31 PM Subject: Re: BGP addressing..i think i understand but i am not sure [7:45169] quick comment in line. At 04:53 PM 5/27/2002 -0400, Chuck wrote: I have a question, Howard - in line: Howard C. Berkowitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... This is one of those posts where the attributions have gotten very confused. Comments inline. snip for brevity It can be done, if both ISPs agree to it and coordinate their routing policies. A public AS, however, is justified in this circumstance. While doesn't quite describe this situation, look at RFC 2270 for the general strategy. Both ISPs have to remove private AS. This will also cause more than one ISP to appear to originate the route, which is a technical violation of BGP (i.e., it's an inconsistent route), but that isn't that uncommon and doesn't seem to break anything. Question: in an ideal world, what would happen when an inconsistant route shows up? idealy, would that route be black holed? Since it is common and since it doesn't seem to break anything in ral terms, what happens? BGP advertises reachability to other BGP routers, be they internal or external. But in terms of a packet traveling from my house to a destination that is inconsistant what happens? What matters? My packet continues to be passed from here to there until some directly connected router receives it. I'm assuming that inconsistant does not imply loop thanks. You are correct in that inconsistent advertisements do not represent looped routes. In the case of a prefix seemingly existing in two AS's, a remote router simply passes that prefix through the basic BGP path selection algorithm and selects the more preferable of the two for export to the main routing table. Once a route hits the routing table, transiting packets are forwarded as usual. Any potential concern lies in the handling of routes that show up as inconsistent. I have seen discussions from various communities (RIPE comes first to mind) about specifying a globally accepted behavior for such routes, but haven't seen a consensus on this issue other than to leave it alone. Howard probably has somewhat more detailed insight here. At present, inconsistent advertisements are accepted and many feel are valid and should not be handled differently from normal announcements. Customers who think that connecting to two providers is generally better than two pops from a single provider and providers who are too about nervous about losing customer revenue to force customers to properly multi-home (PI space/ASN) or not multi-home to different providers at all are likely the cause of this situation. So long as this continues to be the norm, we'll likely see more and more of these type announcements and the likelihood of routers dealing with them differently (dropping for example) will similarly decrease. Hit a route server (say route-server.exodus.net) and do a show ip bgp incon and you'll see just how many of these routes we are dealing with. Pete snip for brevity Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57569t=57569 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Single Point Route Redistribution Question [7:57350]
Hello everyone, I tried searching the archives for some explaination on how route feedbacks occur during redistribution. The search kept timing out so here I am asking you guys about this. For example, a scenario concerning RIP and OSPF redistributing thru a single router. 'Routing TCP/IP Vol I' explains that distribute lists should be configured to prevent redistributed RIP routes to be injected back into the RIP domain and vice versa. OK, if split horizon is disabled in the RIP domain then maybe OSPF routes may have a chance of being redistributed back to OSPF. However, I cannot understand how OSPF can redistribute RIP learnt routes back into RIP. Considering a scenario where the ASBR is in area 0 and redistributing the RIP routes into OSPF. The ASBR would originate Type 5 LSAs and send them throughout area 0 which eventually would reach the ABRs. Unless the ABRs are able to send an update back to the ASBR indicating that RIP routes are reachable via the ABRs, I don't see how route feedback would occur from OSPF. I must be missing something here. I would really appreciate it if someone can point this out. Thanks In Advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=57350t=57350 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Friday Follies On Wednesday - what's the problem? [7:55218]
I guess you suddenly remembered that this company must be the one which has filed bankruptcy and has let all their BGP gurus to greener pastures. The Long and Winding Road wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Saw this one today. It caused me to scratch my head in puzzlement for a moment, until I remembered something. Today's puzzle - why was I scratching my head in puzzlement, and what was it I remembered? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=55221t=55218 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: slightly OT: Pingflood [7:54334]
This is man ping under OBSD 3.2 -stable, i386 arch +++ -f Flood ping. Outputs packets as fast as they come back or one hundred times per second, whichever is more. For every ECHO_REQUEST sent a period ``.'' is printed, while for every ECHO_REPLY received a backspace is printed. This provides a rapid display of how many packets are being dropped. Only the superuser may use this option. This can be very hard on a net- work and should be used with caution. OBSD can be downloaded from www.openbsd.org sam sneed wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Does anyone know where I can get a copy of this or something similiar for Linux. I found a windoze version but I need linux or UNIX. My ping versions of linux and SunOS do not have the -f option. The only version of pingflood I found on google is crap, the source code reads: Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54348t=54334 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PPPoE on Cisco 2500 [7:54139]
Rahul, I looked at the features listed for this ios image at the feature navigator also but could not find anything which says 'pppoe client'. Have I missed anything ? Thanks. Alex Lee Rahul Kachalia wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Yes it does. thanks, rahul. lab# lab#s ver Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-IS-L), Version 12.2(8)T, RELEASE SOFTWARE (fc2) TAC Support: http://www.cisco.com/tac Copyright (c) 1986-2002 by cisco Systems, Inc. Compiled Wed 13-Feb-02 21:11 by ccai Image text-base: 0x0306DA78, data-base: 0x1000 ROM: System Bootstrap, Version 11.0(10c)XB1, PLATFORM SPECIFIC RELEASE SOFTWARE (fc1) BOOTLDR: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c)XB1, PLATFORM SP ECIFIC RELEASE SOFTWARE (fc1) lab uptime is 18 weeks, 5 days, 4 hours, 50 minutes System returned to ROM by reload System image file is flash:c2500-is-l.122-8.T cisco AS2511-RJ (68030) processor (revision K) with 14336K/2048K bytes of memory FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=54250t=54139 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Token Ring [7:53774]
What kind of cable are you using? DC to rj-45? dump your mau and buy a cabletron hub like a sthi. They are dirt cheap on ebay. You won't have to worry about media filters anymore. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Juan Blanco Sent: Friday, September 20, 2002 9:22 PM To: [EMAIL PROTECTED] Subject: RE: Token Ring [7:53774] This is what I am getting r3# 00:10:17: %LINK-3-UPDOWN: Interface TokenRing0, changed state to up 00:10:18: %LINEPROTO-5-UPDOWN: Line protocol on Interface TokenRing0, changed state to up 00:10:26: %TR-6-STATRING: TR0: Ring Status: Down 00:10:26: %TR-3-WIREFAULT: Unit 0, wire fault: check the lobe cable MAU connection. 00:10:28: %LINK-3-UPDOWN: Interface TokenRing0, changed state to down 00:10:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface TokenRing0, changed state to down 00:10:34: %LINK-5-CHANGED: Interface TokenRing0, changed state to initializing 00:10:42: To0: Failed to initialize, shutting down 00:10:44: %LINK-5-CHANGED: Interface TokenRing0, changed state to reset 00:10:48: %LINK-3-UPDOWN: Interface TokenRing0, changed state to down Yes I hear a click after a few seconds when the interface is trying to comes up I changed the cable, i connect to a diferent port. Question, the adapter that I have in my tr interface on my router is the following: Token ring - 4/16 mb - media filter, do you think that is the correct adapter for my router. Juan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, September 20, 2002 9:23 PM To: [EMAIL PROTECTED] Subject: RE: Token Ring [7:53774] Are you sure it's a 16 Mbps MAU? Try setting the speed to 4 Mbps with the ring-speed command. If that doesn't work, try hardcoding it back to 16 Mbps. Other than that, it's time for the swap 'til you drop troubleshooting methodology. Try a different: cable router interface MAU Do you hear a click after a few seconds when the interface tries to come up? That's the relay opening. If you don't hear it, then I would suspect bad hardware or hardware that's in a weird state. Years ago, Token Ring troubleshooters carried around a little reset tool, but I haven't seen one of those in years. The tool reset the port on MAUs. Mabye there's some other way to do that on your SMC MAU. Is there a reset button or anything? A couple years ago there was a discussion on Group Study regarding the same MAU, and the resolution I think was that the MAU was bad. _ Priscilla Oppenheimer www.troubleshootingnetworks.com www.priscilla.com Juan Blanco wrote: Team, Could any tell me what I am doing wrongI am trying to bring up my token-ring interface up? I connect the TR interface with a Token Ring 4-16 - media filter via a rj45 strait cable to mau(smc elite mau 4016rn), but the interface is always in init mode and the port status light on the mau is switching between on and off repeatedly. r3#show int token0 TokenRing0 is initializing, line protocol is down Hardware is TMS380, address is 0008.de1c. (bia 0008.de1c.) MTU 4464 bytes, BW 16000 Kbit, DLY 630 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation SNAP, loopback not set Keepalive set (10 sec) ARP type: SNAP, ARP Timeout 04:00:00 Ring speed: 16 Mbps Duplex: half Mode: Classic token ring station Group Address: 0x, Functional Address: 0x0800 Ethernet Transit OUI: 0x00 Last input 00:01:27, output 00:01:26, output hang never Last clearing of show interface counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 10 packets input, 304 bytes, 0 no buffer Received 6 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 24 packets output, 5932 bytes, 0 underruns 0 output errors, 0 collisions, 54 interface resets 0 output buffer failures, 0 output buffers swapped out 87 transitions # r3#show ip int brief Interface IP-Address OK? Method Status Protocol Ethernet0 unassigned YES NVRAM administratively down down Serial0unassigned YES NVRAM administratively down down Serial1unassigned YES NVRAM administratively down down TokenRing0 unassigned YES NVRAM initializing down r3# r3# Thanks, JB Juan Blanco The greatest glory in living lies not in never falling, but in rising every time we fall . -- Nelson Mandela Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53787t=53774
Anyone has a Cisco 2620 or 2621 for sale? [7:53594]
Hello, I am currently looking for either a Cisco 2620 or 2621 for my study. If you have a 2nd hand one for sale, please email me offline. Sellers within Australia are preferable. Thanks so much for your help in advance. Best Regards, Hunt Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53594t=53594 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OSPF Stub area [7:52781]
Hi, I have a network (Area 3) that has 2 connections to my OSPF area 0. One via 2mb ATM the other via VPN. I would like to configure this as a stub area, however, with multiple exit points, will my traffic go via the ATM or VPN or both. I would prefer the route via ATM, and only use VPN if ATM goes down. What do I need to do to achive this ? Regards LM Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52781t=52781 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Internet control [7:52663]
Hi, We use Superscout by Surfcontrol, quite cheap, easy to configure, plus good reporting tools. Worth a look HTH LM Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52783t=52663 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OSPF Stub area [7:52781]
Paul, Thanks for the reply, I think you may have misunderstood my network topology. Illustrated below Area0RouterAArea3RouterB Both the ATM link and VPN begin and end at the above routers(via different interfaces) Therefore if Area 3 is a stub (or totally stubby), router B will have 2 0.0.0.0 routes to the networks in Area 0. My question is, which interface will traffic from router B go over when going to destinations in Area0. I believe it will prefer the ATM over the tunnel interface because Tunnel interfaces have a higher cost. Although I'm a bit unsure Hope this makes things clearer LM Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52790t=52781 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Staic Routes on 1605 Router [7:52340]
A few things to try. 1. In EXEC mode type: sh ip int brief. confirm both ethernet interfaces are Up Up. If line is down check cabling 2. type debug ip packet and do a ping from a host on one subnet to a host on the other subnet. You should get a good idea form the output where the problem is. 3. If this doesn't work paste your config here for us all to see, would be easier to troubleshoot that way. One final thought, make sure your router interfaces are set to the correct speed/duplex on your hubs, take off auto-sensing if need be HTH Lee Craig Robertson wrote: Hi guys, I am having a problem with routing on a Cisco1605 router. Ethernet0 is set to 10.1.1.17 255.255.255.0 and ethernet1 is set to 10.128.52.1 255.255.255.0 My problem is: From the 10.1.1.0 network i can ping 10.1.1.17 (ethernet0) From the 10.1.1.0 network i can ping 10.128.52.1 (ethernet1) From the 10.1.1.0 network I can NOT ping 10.258.52.101 (pc on subnet) I have enabled ip routing on the router, however, nothing has changed. Can anyone please advise of the command(s) for a static route, if indeed this is the problem. Any suggestions would be appreciated. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52544t=52340 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Len Lee/CHI/NTRS is out of the office. [7:52213]
I will be out of the office starting August 28, 2002 and will not return until September 3, 2002. I will respond to your message when I return. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52213t=52213 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE R/S Cert. Guide Book [7:52052]
Hi, I'm currently studying for the CCIE R/S written exam. Could somebody please give me an opinion on the CCIE RS Exam Certification Guide Book by A. Brune (Cisco Press) It has just been released in the UK and I am considering getting it to add to my never ending collection of reading material. If any of you guys recommend other books then I would be interested to know about them as well. Thanks Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52052t=52052 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Recommendation on Ramp;S lab boot camp [7:51746]
IP Expert offers an excellent bootcamp. Dave was a great instructor and really helped me unterstand the little things that kept slipping me. I take the lab in Nov and feel very confident that I can be a first time pass now. Seth Lee CCNP, CCDP, RS written passedKevin Hunt wrote: I'm looking to hear any experiences people have had with any of the RS boot camps. My lab date is Dec. 9 and I'm looking to attend a camp in Oct. or Nov. I was impressed with GlobalNet's CCNP boot camp, but would like some input regarding the other camps available, especially the 5 day camps as to whether or not it is enough time to get a good grasp on the lab. KH CCNP, Linux+ SME Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51802t=51746 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Recommendation on Ramp;S lab boot camp [7:51746]
Kevin, IP Expert has an excellent RS bootcamp. Dave was a great instructor and always willing to help me understand the little things that kept slipping me. I take the lab in a couple of months, but I feel much more confident going in now. Hopefully I can get that first time pass!!! Good Luck to you - Seth CCNP, CCDP RS written passed Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51801t=51746 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Security Specialist 1 [7:51643]
No, it is expired. Juan Blanco wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Does the following is still available: For a limited time, candidates holding an active CCNP Security Specialization may obtain a Cisco Security Specialist 1 certification by passing the 9E0-571 CSPFA and 9E0-570 CSVPN exams. Thanks, Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51685t=51643 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: MCNS and CSPFA exams testing software [7:51581]
Thanks! Which exams should I look at? They seem to have 3 for each exam. -Original Message- From: Mark Smith [mailto:[EMAIL PROTECTED]] Sent: Saturday, August 17, 2002 11:07 PM To: adam lee Cc: [EMAIL PROTECTED] Subject: Re: MCNS and CSPFA exams testing software [7:51581] Boson Software http://www.boson.com/tests/routermfg.htm Quoting adam lee : I tried searching the archive but all I received back was an error. I am wondering who writes a good practice exam(s) for the MCNS and CSPFA exams. TIA [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51583t=51581 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CSIDS, self-study CD ROM [7:50287]
Has anyone used this self-study tool (TRNG-800237, CSIDS 2.1) ? Does it help in getting familiar with the CSPM's GUI interfaces if one does not have hand-on experience in config 4200 series sensors and CSPM ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50287t=50287 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Cross Over command for ethernet ports.. [7:50310]
I believe you can change the console port to use either a straight or cross cable. Could this be what you heard because I have not heard of that feature in a cisco switch. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Greene, Patrick Sent: Wednesday, July 31, 2002 1:38 PM To: [EMAIL PROTECTED] Subject: Cross Over command for ethernet ports.. [7:50310] Do any of the Catalyst switches support the ability to change a port from straigth through to a cross-over port via command line? Somebody told me some of the switches do but I have never seen it before. Thanks, Patrick Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50348t=50310 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT: Priscilla [7:50077]
I bought a copy a minute ago. Alex Lee Priscilla Oppenheimer wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... My new book has a troubleshooting focus. It will help people pass the Support Exam. It's called Troubleshooting Campus Networks. It's shipping finally! There's more info here: http://www.troubleshootingnetworks.com/ Thanks for asking! ;-) Priscilla Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=50106t=50077 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Book Advice [7:49865]
Hi All, Has anyone read the OSPF Command Reference book by Parkhurst?? Is it any good?? I'd appreciate any comments. Best Regards, Hunt Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49865t=49865 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
How to use tftp server?? [7:49651]
Hi Group, Can anyone please explain to me what command syntax to boot up a router using TFTP stftp c2500-jk8os-l.122-1d 172.16.0.1erver? I can do a copy tftp flash, but when I tried to set up a boot system, it keeps on failing to boot... Is this correct?? boot system c2500-jk8os-l.122-1d 172.16.0.1 Any help will be greatly appreciated. Best Regards, H. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49651t=49651 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP Next-hop reachability [7:48761]
Hi Group, 199.172.1.0 / 24 --- RTA --- RTB --- RTC RTA's interface - 172.17.1.2 (connecting to RTB) RTB's interface - 172.17.1.1 (connecting to RTA) RTB's interface - 10.1.1.1 (connecting to RTC) RTC's interface - 10.1.1.2 (connecting to RTB) RTA is in AS 1 RTB RTC are both in AS 2 I understand that for a router to learn and install an IBGP route from an IBGP neighbor, it will need either no sync command or learnt via any IGP. But for the BGP route's next-hop reachability, I have searched on Cisco books CCO website, but they only said either advertised the next-hop to the IBGP router (in this case, RTC) with IGP routes, or use next-hop-self command (on RTB). However, I found that if I advertise the next-hop reachability (the 172.17.1.0/24 subent) via BGP's network command, it would also work. Is this ok to use?? Is there any gotcha on this?? I just thought it is pretty handy to just use BGP, without relying on any IGP. RouterB#sh ip bgp BGP table version is 4, local router ID is 192.168.0.1 Status codes: s suppressed, d damped, h history, * valid, best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path * 10.1.1.0/30 0.0.0.0 0 32768 i * 172.17.1.0/240.0.0.0 0 32768 i * 199.172.1.0 172.17.1.2 0 0 1 i RouterB#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 172.17.0.0/24 is subnetted, 1 subnets C 172.17.1.0 is directly connected, Ethernet0 10.0.0.0/30 is subnetted, 1 subnets C 10.1.1.0 is directly connected, Serial0 B199.172.1.0/24 [20/0] via 172.17.1.2, 01:34:38 C192.168.0.0/24 is directly connected, Loopback0 RouterB# And at RTC, it would be able to reach 199.172.1.0 /24 via next hop of 172.17.1.2, which in turn is reached via 10.1.1.1. RouterC#sh ip bgp BGP table version is 4, local router ID is 172.16.3.1 Status codes: s suppressed, d damped, h history, * valid, best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path *i10.1.1.0/30 10.1.1.1 0100 0 i *i172.17.1.0/2410.1.1.1 0100 0 i *i199.172.1.0 172.17.1.2 0100 0 1 i RouterC#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR Gateway of last resort is not set 172.17.0.0/24 is subnetted, 1 subnets B 172.17.1.0 [200/0] via 10.1.1.1, 00:26:57 172.16.0.0/24 is subnetted, 2 subnets C 172.16.2.0 is directly connected, Loopback1 C 172.16.3.0 is directly connected, Loopback0 10.0.0.0/30 is subnetted, 1 subnets C 10.1.1.0 is directly connected, Serial0 B199.172.1.0/24 [200/0] via 172.17.1.2, 00:25:57 RouterC# Any ideas will be greatly appreciated. Thanks!!! H. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48761t=48761 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
All ones subnet [7:48503]
Hello ppl, I seem to have a problem grasping what happens when we use an all ones subnet. I remember a while ago someone posted a link to CCO concerning this. The link is as below http://www.cisco.com/warp/public/105/40.html My questions are: 1. In case 1, when host 195.1.1.24 sends a local broadcast to 195.1.1.255, do all hosts attached to the async lines on Router 2 receive that packet? I believe they do. 2. Why does router 2 forward the packet out to router 1 via the default route? 3. After router 1 receives the packet, it bounces between router 1 and 5. Why? Does this have to do with router 5 forwarding the broadcast packet out using the default route again? Do the hosts attached to router 5's async lines receive the packet as well? I ask this because the writer did not specify whether the hosts received the broadcast packet or not. This stuff may be elementary but I really need to know. Any help would be much appreciated. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48503t=48503 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CA , FQDN [7:48032]
If an entity does not have a registered domain name and has no desire to get one, how would one configure a router's FQDN for CA support assuming using in-house CA server. Can I do this :- hostname whatever_host_name ip domain-name whatever_domain_name.foo Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=48032t=48032 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Distribute-list with Extended ACL [7:47920]
Hi, I have an e.g. on neighbor distribute list with Extended ACL (2 lines in total) but I'm not too sure whether I'm heading the right way... access-list 101 permit ip 131.108.0.0 0.0.0.0 255.255.255.0 0.0.0.0 In this line, I understand that since the wildcard mask for both network mask are 0.0.0.0, it means that it will permit only 131.108.0.0 /24 access-list 101 deny ip 131.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255 So does this mean it will deny 131.108.0.1 to 131.108.255.254, while the prefix being deny is between /16 - /32. Am I correct?? Thanks for your help again. Best Regards, Hunt Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47920t=47920 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Neighbor distribute-list command w/ Extended ACL [7:47272]
Hello Charles, Sorry to do this to you, but I still have one more e.g. that I'm not too sure (I found this on CCO) :( access-list 101 permit ip 131.108.0.0 0.0.0.0 255.255.255.0 0.0.0.0 In this line, I understand that since the wildcard mask for both network mask are 0.0.0.0, it means that it will permit only 131.108.0.0 /24 access-list 101 deny ip 131.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255 And in this line which is what I'm confused abt, I thought that on network, it will deny 131.108.0.1 to 131.108.255.254, while the prefix being deny is between /16 - /32. However, Cisco CCO said it will permit route 131.108.0/24 (which I understand), ... but deny 131.108/16 and all other subents of 131.108.0.0 Thanks for your help again. Best Regards, Hunt Lee Charles D Hammonds wrote in message news:[EMAIL PROTECTED]... Hunt- access-list 100 deny ip 192.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255 Remember that the wildcard mask is used to define which bits of the network and mask fields to ignore. These bits are set to '1'. So, in this example, the last 2 octets in both the src(network) and dest(mask) fields are ignored as all the bits in these octets are set to 1. Only the first 2 octets are compared so that any subnet/mask combo beneath the /16 will be denied. Hope this helps. Regards, Charles -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Hunt Lee Sent: Tuesday, June 25, 2002 4:58 PM To: [EMAIL PROTECTED] Subject: Re: Neighbor distribute-list command w/ Extended ACL [7:47272] Hi Charles, Thanks so much for your explanation. I understand your first eg., but I'm still confused how you get to the answer to the 2nd e.g., can you please elaborate a bit more on the steps for the 2nd e.g.?? Thanks for your help again. Best Regards, Hunt Lee Charles D Hammonds wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The statement access-list 100 permit ip 192.108.0.0 0.0.0.0 255.255.0.0 0.0.0.0 could also be re-written as: access-list 100 permit ip host 192.108.0.0 host 255.255.0.0 which means that only the aggregate /16 will be accepted. The second statement: access-list 100 deny ip 192.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255 denies the VLSM networks under the /16. Charles -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dain Deutschman Sent: Sunday, June 23, 2002 9:05 PM To: [EMAIL PROTECTED] Subject: Re: Neighbor distribute-list command w/ Extended ACL [7:47272] It's kind of wierd. The source portion of the access list defines the network whose updates are permited/denied...no suprise...the wierd part is that the destination portion specifies the subnet mask of that network. So, in your example; access-list 100 permit ip 192.108.0.0 0.0.0.0 255.255.0.0 0.0.0.0 ( 192.108.0.0 [wildcard] 0.0.0.0 [subnet mask] 255.255.0.0 [wildcard] 0.0.0.0) ( 192.108.0.0/16 will be advertised ) Maybe someone else can jump in...because the wildcard is 0.0.0.0 does it mean that any other VLSM networks under the 192.108.0.0/16 supernet would also be advertised? access-list 100 deny ip 192.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255 ( 192.108.0.0 [wildcard] 0.0.255.255 [ subnet mask ] 255.255.0.0 [wildcard ] 0.0.255.255) (192.108.0.0/16 would be denied...the last two octets are ignored ) I'm new to all this and learning it myself...so please...someone correct me if I am wrong or add to my comments. Thanks. Dain. Hunt Lee wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all, Can anyone please explain this to me?? I have read some examples regarding neighbor x.x.x.x distribute-list in | out using extended Access-List from CCO, Internet Routing Arch (by Halabi) BGP 4 Command Reference (by Parkhurst), yet I'm still very confused. Below is one of them neighbor 120.23.4.1 distribute-list 100 in access-list 100 permit ip 192.108.0.0 0.0.0.0 255.255.0.0 0.0.0.0 access-list 100 deny ip 192.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255 How do you read these things?? Any help will be greatly appreciated. Thanks, Hunt Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47620t=47272 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco VPN client and NAT [7:47430]
So how does the Linksys or cisco 800 handles the IPSec thru PAT then ? Thanks. Alex Lee Lidiya White wrote in message news:[EMAIL PROTECTED]... PIX doesn't support IPSec transparency/IPSec over TCP. Concentrators do. It all depends on the device that is between your client and PIX, that is doing PAT. IPSec uses ESP protocol, that doesn't have ports, so how can you perform PAT (port address translation) for a protocol that doesn't understand port concept? Some routers can pass IPSec through the PAT (like Linksys, Cisco 800). So if the router/device that is doing PAT is IPSec aware, then you should be able to pass IPSec through. If not, then you have to make sure that one-to-one address translation happens for your VPN clients, not one-to-many (PAT)... Hope this helps... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47476t=47430 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CSS1 exams [7:47308]
It is still there. Make sure you select 'show all topics'. John Kaberna wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... It used to be up on securityie.com but it got taken down. I would rather not post it here. Email me off list. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47428t=47308 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
OT: remote router IOS upgrade best practice [7:47283]
Hi group, I am trying to get info from the Groupstudy mail list archive as I remember this was posted several times before. It seems that the archive is having problem, gives me error message 'Glimpse Index Not found'. Can anyone offer some insight ? I have two 1720, each in a different subnet. One router had two 'memory allocation error' problem in two months. Both times required power-cycle the router. Opened a TAC case but could not find any memory hardware issue. The two 1720 are linked by a fractional frame-relay with an ISDN BRI dial backup. TAC said there could be IOS bug related to ISDN BRI, recommended us to upgrade from 12.1.1 to 12.1.15. Anyone has similar problem ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47283t=47283 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Neighbor distribute-list command w/ Extended ACL [7:47272]
Hi all, Can anyone please explain this to me?? I have read some examples regarding neighbor x.x.x.x distribute-list in | out using extended Access-List from CCO, Internet Routing Arch (by Halabi) BGP 4 Command Reference (by Parkhurst), yet I'm still very confused. Below is one of them neighbor 120.23.4.1 distribute-list 100 in access-list 100 permit ip 192.108.0.0 0.0.0.0 255.255.0.0 0.0.0.0 access-list 100 deny ip 192.108.0.0 0.0.255.255 255.255.0.0 0.0.255.255 How do you read these things?? Any help will be greatly appreciated. Thanks, Hunt Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47272t=47272 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cable Modem DHCP problem [7:47175]
config t int e0 (whichever is connected to cable modem) mac-address .. I usally just change my mac-address and it will get a new ip and then you can change it back after that. Rick McHugh Randy wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Does anyone know how to release a DHCP lease on a 2514 eth interface? I would like to release the lease recieved from the cable modem (comcast) . I have tried powercycling the modem, router, reload, shuting the interface ect and nothing works. I get the same lease all the time and cant get out to the internet. thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47206t=47175 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP Next-Hop [7:47216]
Hey all, I'm probably missing some fairly simple concept here. I have setup 4 routers as follows:- RTB / RTD --- RTA \ RTC Both RTB RTC are connected (via Eth) to a network called 172.17.1.0 /24. RTA RTD are both in AS2 RTB RTC are both in AS1 The connection between RTA RTD is via Ethernet RouterA#sh ip bgpBGP table version is 9, local router ID is 25.25.25.2 Status codes: s suppressed, d damped, h history, * valid, best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete NetworkNext HopMetricLocPrfWeight Path * 10.1.1.0/30 10.1.1.20 0 1 i * 10.1.2.20 1 i * 10.1.2.0/30 10.1.1.20 1 i * 10.1.2.20 0 1i * 25.25.25.0/240.0.0.00 32768i * 172.17.1.0/24 10.1.1.2 0 0 1 i *10.1.2.2 0 0 1 i RouterA#sh running-config router bgp 2 network 25.25.25.0 mask 255.255.255.0 neighbor 10.1.1.2 remote-as 1 neighbor 10.1.2.2 remote-as 1 neighbor 25.25.25.1 remote-as 2 maximum-paths 6 When I lookup RTD's BGP table (shown below), for the route 172.17.1.0/24, instead of via 10.1.1.2 or 10.1.2.2, it is 25.25.25.2. Ok - here's what I'm confused about. Since I thought that in EBGP peering, the next hop is usually the IP address of the neighbor that announced the route, but IBGP peering preserve the Next-hop attribute learned from EBGP peers. So in the case, if I haven't use next-hop-self on RTA, I would think the EBGP next hop in RTD's BGP table would be either 10.1.1.2 or 10.1.2.2, but why is the EBGP next-hop is 25.25.25.2? RouterD#sh ip bgp BGP table version is 6, local router ID is 172.16.0.2 Status codes: s suppressed, d damped, h history, * valid, best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path *i10.1.1.0/30 25.25.25.2 0100 0 1 i*i10.1.2.0/30 25.25.25.2 100 0 1 i*i25.25.25.0/24 25.25.25.2 0100 0 1 i *i172.17.1.0/24 25.25.25.2 0100 0 1 i Thanks, H. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47216t=47216 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP Next-Hop [7:47217]
Sorry, the bgp output stuffs up before, so here's a repost ;) Hey all, I'm probably missing some fairly simple concept here. I have setup 4 routers as follows:- RTB / RTD --- RTA \ RTC Both RTB RTC are connected (via Eth) to a network called 172.17.1.0 /24. RTA RTD are both in AS2 RTB RTC are both in AS1 The connection between RTA RTD is via Ethernet RouterA#sh ip bgpBGP table version is 9, local router ID is 25.25.25.2 Status codes: s suppressed, d damped, h history, * valid, best, i -internal Origin codes: i - IGP, e - EGP, ? - incomplete NetworkNext HopMetricLocPrfWeight Path * 10.1.1.0/30 10.1.1.20 0 1 i * 10.1.2.20 1 i * 10.1.2.0/30 10.1.1.201 i * 10.1.2.20 0 1i * 25.25.25.0/240.0.0.00 32768 i * 172.17.1.0/24 10.1.1.2 0 0 1 i *10.1.2.2 0 0 1 i RouterA#sh running-config router bgp 2 network 25.25.25.0 mask 255.255.255.0 neighbor 10.1.1.2 remote-as 1 neighbor 10.1.2.2 remote-as 1 neighbor 25.25.25.1 remote-as 2 maximum-paths 6 When I lookup RTD's BGP table (shown below), for the route 172.17.1.0/24, instead of via 10.1.1.2 or 10.1.2.2, it is 25.25.25.2. Ok - here's what I'm confused about. Since I thought that in EBGP peering, the next hop is usually the IP address of the neighbor that announced the route, but IBGP peering preserve the Next-hop attribute learned from EBGP peers. So in the case, if I haven't use next-hop-self on RTA, I would think the EBGP next hop in RTD's BGP table would be either 10.1.1.2 or 10.1.2.2, but why is the EBGP next-hop is 25.25.25.2? RouterD#sh ip bgp BGP table version is 6, local router ID is 172.16.0.2 Status codes: s suppressed, d damped, h history, * valid, best, i -internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path *i10.1.1.0/30 25.25.25.2 0100 0 1 i*i10.1.2.0/30 25.25.25.2 100 0 1 i*i25.25.25.0/24 25.25.25.2 0100 0 1 i *i172.17.1.0/24 25.25.25.2 0100 0 1 i Thanks, H. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47217t=47217 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP Next-hop [7:47219]
Sorry, the bgp output stuffs up before, so here's a repost ;) Hey all, I'm probably missing some fairly simple concept here. I have setup 4 routers as follows:- RTB / RTD --- RTA \ RTC Both RTB RTC are connected (via Eth) to a network called 172.17.1.0 /24. RTA RTD are both in AS2 RTB RTC are both in AS1 The connection between RTA RTD is via Ethernet RouterA#sh ip bgp BGP table version is 9, local router ID is 25.25.25.2 Status codes: s suppressed, d damped, h history, * valid, best,i -internal Origin codes: i - IGP, e - EGP, ? - incomplete NetworkNext HopMetric LocPrf Weight Path * 10.1.1.0/30 10.1.1.2 0 0 1 i * 10.1.2.2 0 1 i * 10.1.2.0/30 10.1.1.2 01 i * 10.1.2.2 0 0 1 i * 25.25.25.0/240.0.0.0 0 32768 i * 172.17.1.0/24 10.1.1.2 0 01 i *10.1.2.2 0 0 1 i RouterA#sh running-config router bgp 2 network 25.25.25.0 mask 255.255.255.0 neighbor 10.1.1.2 remote-as 1 neighbor 10.1.2.2 remote-as 1 neighbor 25.25.25.1 remote-as 2 maximum-paths 6 When I lookup RTD's BGP table (shown below), for the route 172.17.1.0/24, instead of via 10.1.1.2 or 10.1.2.2, it is 25.25.25.2. Ok - here's what I'm confused about. Since I thought that in EBGP peering, the next hop is usually the IP address of the neighbor that announced the route, but IBGP peering preserve the Next-hop attribute learned from EBGP peers. So in the case, if I haven't use next-hop-self on RTA, I would think the EBGP next hop in RTD's BGP table would be either 10.1.1.2 or 10.1.2.2, but why is the EBGP next-hop is 25.25.25.2? RouterD#sh ip bgp BGP table version is 6, local router ID is 172.16.0.2 Status codes: s suppressed, d damped, h history, * valid, best,i -internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path *i10.1.1.0/30 25.25.25.2 0100 0 1 i*i10.1.2.0/30 25.25.25.2 100 0 1 i*i25.25.25.0/24 25.25.25.2 0100 0 1 i *i172.17.1.0/24 25.25.25.2 0100 0 1 i Thanks, H. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47219t=47219 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Switch Messages [7:47005]
Let me guess, 4000 switches ? I would open up a TAC case, and get the blades changed. This is what we had to do. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47158t=47005 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
GOOD LINK [7:46974]
JUST TRY THIS LINK http://www.mcmi.com/forums/aplus/index.cgi?read=33 LEE Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=46974t=46974 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
STUDY MATERIALS [7:46975]
HI JUST CLICK ON THE LINK http://www.mcmi.com/forums/aplus/index.cgi?read=33 LEE Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=46975t=46975 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP w/ no synchronization [7:46707]
Okay folks, starting off some late nite studying and just noticed something weird. Got a Confederation setup like: 150.150.150.0/24---RTA ---RTB ---RTD---RTF | | RTC RTE RTA, B, C, D, E are in a Confederation called AS 1, in which:- RTA is sub-AS 65530 RTB RTC are both in sub-AS 65531 RTD RTE are both in sub-AS 65532 RTF is in AS 2 RTB, C, D E are running OSPF as IGP. And OSPF is being redistributed into BGP at RTB. The network 150.150.150.0/24 is being advertised into BGP by BGP network command on RTA. Ok, here is the thing. The 150.150.150.0/24 network is being seen by RTA, RTB, RTD, RTF. I could ping 150.150.150.1 from these four routers. However, it can't be seen by RTC RTE (shown as follows). But when I put no synchronization on the middle four routers (RTB, RTC, RTD, RTE), then everything becomes fine again...I thought since I used IGP (OSPF), and if the router can see the EBGP Next-Hop (193.16.0.2) in their routing table, then the synch. rule shouldn't apply anymore. Am I missing something here? RouterC#sh ip bgp BGP table version is 4, local router ID is 172.16.0.2 Status codes: s suppressed, d damped, h history, * valid, best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path * i150.150.150.0/24 193.16.0.2 0100 0 (65530) i i172.16.0.0/30172.16.0.1 0100 0 ? * i172.16.0.12/30 172.16.0.18 30100 0 ? *i172.16.0.16/30 172.16.0.1 0100 0 ? *i193.16.0.0/30172.16.0.1 0100 0 ? * i193.16.0.8/30172.16.0.18 0100 0 (65532) i RouterC#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR Gateway of last resort is not set 172.16.0.0/30 is subnetted, 3 subnets O 172.16.0.16 [110/128] via 172.16.0.1, 01:35:04, Serial1 O 172.16.0.12 [110/192] via 172.16.0.1, 01:35:04, Serial1 C 172.16.0.0 is directly connected, Serial1 193.16.0.0/30 is subnetted, 1 subnets O 193.16.0.0 [110/74] via 172.16.0.1, 01:35:04, Serial1 RouterC# RouterC#ping 193.16.0.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 193.16.0.2, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/32/36 ms RouterC# Thanks all! Hunt Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=46707t=46707 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Route Reflectors Peer-Group [7:46464]
Hi, I have read both BGP 4 Command Reference + CCNP Building Scable Cisco Networks, they both state that peer-group and route reflectors are not compatible to each other. Yet, when I tried to configure both together... it seems to work for me :( Am I missing something important here? RouterB#sh ip bgp ne BGP neighbor is 172.16.0.2, remote AS 1, internal link Index 1, Offset 0, Mask 0x2 Route-Reflector Client group1 peer-group member BGP version 4, remote router ID 172.16.0.2 BGP state = Established, table version = 1, up for 00:28:41 Last read 00:00:40, hold time is 180, keepalive interval is 60 seconds Minimum time between advertisement runs is 5 seconds Received 36 messages, 0 notifications, 0 in queue Sent 36 messages, 0 notifications, 0 in queue Prefix advertised 0, suppressed 0, withdrawn 0 Connections established 2; dropped 1 Last reset 00:28:52, due to RR client config change 0 accepted prefixes consume 0 bytes 0 history paths consume 0 bytes Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Local host: 172.16.0.1, Local port: 11003 Foreign host: 172.16.0.2, Foreign port: 179 Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes) Event Timers (current time is 0x263A98): Timer StartsWakeupsNext Retrans32 0 0x0 TimeWait0 0 0x0 AckHold31 19 0x0 SendWnd 0 0 0x0 KeepAlive 0 0 0x0 GiveUp 0 0 0x0 PmtuAger0 0 0x0 DeadWait0 0 0x0 iss: 904884479 snduna: 904885079 sndnxt: 904885079 sndwnd: 15785 irs: 3309753480 rcvnxt: 3309754096 rcvwnd: 15769 delrcvwnd:615 SRTT: 310 ms, RTTO: 780 ms, RTV: 80 ms, KRTT: 0 ms minRTT: 24 ms, maxRTT: 300 ms, ACK hold: 200 ms Flags: higher precedence, nagle Datagrams (max data segment is 1460 bytes): Rcvd: 44 (out of order: 0), with data: 31, total data bytes: 615 Sent: 52 (retransmit: 0), with data: 31, total data bytes: 599 BGP neighbor is 193.16.0.2, remote AS 1, internal link Index 1, Offset 0, Mask 0x2 Route-Reflector Client group1 peer-group member BGP version 4, remote router ID 0.0.0.0 BGP state = Active, table version = 0 Last read 00:04:24, hold time is 180, keepalive interval is 60 seconds Minimum time between advertisement runs is 5 seconds Received 33 messages, 0 notifications, 0 in queue Sent 37 messages, 1 notifications, 0 in queue Prefix advertised 0, suppressed 0, withdrawn 0 Connections established 2; dropped 2 Last reset 00:04:45, due to BGP Notification sent, hold time expired 0 accepted prefixes consume 0 bytes 0 history paths consume 0 bytes No active TCP connection RouterB# Any ideas would be greatly appreciated. Thanks -- Hunt Lee WebCentral Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=46464t=46464 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE home lab [7:46395]
Hi, I know that this may have come up many times. But since I'm about to start preparing for the CCIE lab, it would be great if anyone could give me some suggestions on this. I'm planning to continue to build up my lab. Currently, I have the following: 2 x 1603R 3 x 2501 2 x 2503 2 x 2511 1 x Cat 5000 I'm thinking whether I should get the below:- 2 x Token routers - maybe 2 x 2502?? MAU?? What else do I need for Token?? I really don't know what else I need... 1 x Frame switch - 1 x ISDN Simulator (do u know which one is good?) And I probably need to upgrade RAM / Flash on my routers... since most of them only had 4MB Flash on the moment... Any ideas would be greatly appreciated. Thanks -- Hunt Lee WebCentral Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=46395t=46395 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP Question [7:46255]
Hello, I have 3 routers:- 150.150.150.0/24 | | | | R1 R2R3 (AS1)(AS2) (AS3) R1 - R2, R2 - R3 are using EBGP I injected the network 150.150.150.0/24 into BGP from both R1 R3. I have enabled bgp always-compare-med to allow R2 to compare the MED from AS 1 AS 3. I have also set a route-map on R3 so that when it advertise 150.150.150.0/24 to R2, it would have a metric of 20, as compared to 0 from R1. The thing I'm confused is that after I have enabled the command bgp bestpath med missing-as-worst, according to CCO, the MED of 0 from R1 would now be considered as infinity (as confirmed by the debug messages), but why is R2 still prefers the route from R1 instead of from R3? Best Regards, Hunt RouterB#sh ip bgp 150.150.150.0/24 BGP routing table entry for 150.150.150.0/24, version 3 Paths: (2 available, best #1, table Default-IP-Routing-Table) Advertised to non peer-group peers: 10.1.1.2 1 172.17.1.2 from 172.17.1.2 (20.20.20.1) Origin IGP, metric 0, localpref 100, valid, external, best 3 10.1.1.2 from 10.1.1.2 (15.15.15.1) 10.1.1.2 to main IP table 02:58:54: BGP: 172.17.1.2 rcv message type 4, length (excl. header) 0 02:58:54: BGP(0): 172.17.1.2 computing updates, afi 0, neighbor version 0, table version 2, starting at 0.0.0.0 02:58:54: BGP(0): 172.17.1.2 send UPDATE (format) 150.150.150.0/24, next 172.17.1.1, metric 0, path 3 02:58:54: BGP(0): 172.17.1.2 1 updates enqueued (average=47, maximum=47) 02:58:54: BGP(0): 172.17.1.2 update run completed, afi 0, ran for 12ms, neighbor version 0, start version 2, throttled to 2 02:58:54: BGP: 10.1.1.2 rcv message type 4, length (excl. header) 0 02:58:54: BGP(0): 172.17.1.2 rcvd UPDATE w/ attr: nexthop 172.17.1.2, origin i, metric 0, path 1 02:58:54: BGP(0): 172.17.1.2 rcvd 150.150.150.0/24 02:58:54: BGP(0): Revise route installing 150.150.150.0/24 - 172.17.1.2 to main IP table 02:59:17: BGP: Performing BGP general scanning 02:59:17: BGP(0): scanning IPv4 Unicast routing tables 02:59:17: BGP(IPv4 Unicast): Performing BGP Nexthop scanning for general scan 02:59:17: BGP(1): scanning VPNv4 Unicast routing tables 02:59:17: BGP(VPNv4 Unicast): Performing BGP Nexthop scanning for general scan 02:59:17: BGP(2): scanning IPv4 Multicast routing tables 02:59:18: BGP(IPv4 Multicast): Performing BGP Nexthop scanning for general scan 02:59:22: BGP(0): 10.1.1.2 computing updates, afi 0, neighbor version 1, table version 3, starting at 0.0.0.0 02:59:22: BGP(0): 10.1.1.2 send UPDATE (format) 150.150.150.0/24, next 10.1.1.1, metric 0, path 1 02:59:22: BGP(0): 10.1.1.2 1 updates enqueued (average=47, maximum=47) 02:59:22: BGP(0): 10.1.1.2 update run completed, afi 0, ran for 12ms, neighbor version 1, start version 3, throttled to 3 02:59:23: BGP(0): 172.17.1.2 computing updates, afi 0, neighbor version 2, table version 3, starting at 0.0.0.0 02:59:23: BGP(0): 172.17.1.2 send unreachable 150.150.150.0/24 02:59:23: BGP(0): 172.17.1.2 send UPDATE 150.150.150.0/24 -- unreachable Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=46255t=46255 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP MED Question [7:46321]
Hello, I have 3 routers:- 150.150.150.0/24 --- | | | | R1 R2R3 (AS1)(AS2) (AS3) R1 - R2, R2 - R3 are using EBGP I injected the network 150.150.150.0/24 into BGP from both R1 R3. I have enabled bgp always-compare-med to allow R2 to compare the MED from AS 1 AS 3. I have also set a route-map on R3 so that when it advertise 150.150.150.0/24 to R2, it would have a metric of 20, as compared to 0 from R1. The thing I'm confused is that after I have enabled the command bgp bestpath med missing-as-worst, according to CCO, the MED of 0 from R1 would now be considered as infinity (as confirmed by the debug messages), but why is R2 still prefers the route from R1 instead of from R3? I realized that Weight, Local Pref, AS-Path, Origin are used before MED for best path selection by BGP. However, they are all left at default and are the same on both R1 R3/ Best Regards, Hunt RouterB#sh ip bgp 150.150.150.0/24 BGP routing table entry for 150.150.150.0/24, version 3 Paths: (2 available, best #1, table Default-IP-Routing-Table) Advertised to non peer-group peers: 10.1.1.2 1 172.17.1.2 from 172.17.1.2 (20.20.20.1) Origin IGP, metric 0, localpref 100, valid, external, best 3 10.1.1.2 from 10.1.1.2 (15.15.15.1) 10.1.1.2 to main IP table 02:58:54: BGP: 172.17.1.2 rcv message type 4, length (excl. header) 0 02:58:54: BGP(0): 172.17.1.2 computing updates, afi 0, neighbor version 0, table version 2, starting at 0.0.0.0 02:58:54: BGP(0): 172.17.1.2 send UPDATE (format) 150.150.150.0/24, next 172.17.1.1, metric 0, path 3 02:58:54: BGP(0): 172.17.1.2 1 updates enqueued (average=47, maximum=47) 02:58:54: BGP(0): 172.17.1.2 update run completed, afi 0, ran for 12ms, neighbor version 0, start version 2, throttled to 2 02:58:54: BGP: 10.1.1.2 rcv message type 4, length (excl. header) 0 02:58:54: BGP(0): 172.17.1.2 rcvd UPDATE w/ attr: nexthop 172.17.1.2, origin i, metric 0, path 1 02:58:54: BGP(0): 172.17.1.2 rcvd 150.150.150.0/24 02:58:54: BGP(0): Revise route installing 150.150.150.0/24 - 172.17.1.2 to main IP table 02:59:17: BGP: Performing BGP general scanning 02:59:17: BGP(0): scanning IPv4 Unicast routing tables 02:59:17: BGP(IPv4 Unicast): Performing BGP Nexthop scanning for general scan 02:59:17: BGP(1): scanning VPNv4 Unicast routing tables 02:59:17: BGP(VPNv4 Unicast): Performing BGP Nexthop scanning for general scan 02:59:17: BGP(2): scanning IPv4 Multicast routing tables 02:59:18: BGP(IPv4 Multicast): Performing BGP Nexthop scanning for general scan 02:59:22: BGP(0): 10.1.1.2 computing updates, afi 0, neighbor version 1, table version 3, starting at 0.0.0.0 02:59:22: BGP(0): 10.1.1.2 send UPDATE (format) 150.150.150.0/24, next 10.1.1.1, metric 0, path 1 02:59:22: BGP(0): 10.1.1.2 1 updates enqueued (average=47, maximum=47) 02:59:22: BGP(0): 10.1.1.2 update run completed, afi 0, ran for 12ms, neighbor version 1, start version 3, throttled to 3 02:59:23: BGP(0): 172.17.1.2 computing updates, afi 0, neighbor version 2, table version 3, starting at 0.0.0.0 02:59:23: BGP(0): 172.17.1.2 send unreachable 150.150.150.0/24 02:59:23: BGP(0): 172.17.1.2 send UPDATE 150.150.150.0/24 -- unreachable Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=46321t=46321 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Lab Mailing List problem!!! [7:46235]
To all, It would be greatly appreciated if someone can shed some light on this :) I subscribed to the CCIE RS Lab Mailing List with my Hotmail account about a month ago (or maybe longer). I can receive messages fine, but I can't post message to the board (i.e. Everytime I sent a message to [EMAIL PROTECTED], when I checked my email a few days later, my message never come up on the mailing list. I tried to lookup for the WebMaster email address, but I can't find it anywhere on the GroupStudy website. Any ideas?? Thanks in advance, Best Regards, Hunt Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=46235t=46235 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP scenario (a bit lenghty - sorry) [7:46131]
Hi group, RotuerC - RouterA RouterB On p9 of BGP 4 Command Configuration Handbook (by Parkhurst), I follow the exercise on Aggregating the BGP Learning Routes, everything seems well except I can't ping from Router C to any of the 4 Loopback Interfaces I created on Router B, even though I can see the routes fine on both Router C's BGP table and Routing Table: RouterCsh ip bgp BGP table version is 6, local router ID is 172.17.1.2 Status codes: s suppressed, d damped, h history, * valid, best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * 172.16.0.0/24172.17.1.1 0 1 2 i * 172.16.0.0/22172.17.1.1 0 1 i * 172.16.1.0/24172.17.1.1 0 1 2 i * 172.16.2.0/24172.17.1.1 0 1 2 i * 172.16.3.0/24172.17.1.1 0 1 2 i RouterC RouterCsh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route Gateway of last resort is not set 172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks B 172.16.0.0/22 [20/0] via 172.17.1.1, 00:00:55 B 172.16.0.0/24 [20/0] via 172.17.1.1, 02:19:56 B 172.16.1.0/24 [20/0] via 172.17.1.1, 02:19:56 B 172.16.2.0/24 [20/0] via 172.17.1.1, 02:19:56 B 172.16.3.0/24 [20/0] via 172.17.1.1, 02:19:56 172.17.0.0/24 is subnetted, 1 subnets C 172.17.1.0 is directly connected, Serial0 RouterC When I tried to do a trace to say 172.16.0.1 (which is one of the loopback interface created on Router B), the packets was stuck on Router A RouterCtrace 172.16.0.1 Type escape sequence to abort. Tracing the route to 172.16.0.1 1 RouterA (172.17.1.1) 16 msec 16 msec 20 msec 2 * * * 3 However, on Router A, I can ping fine to all 4 loopback interfaces advertised by Router B:- RouterA#ping 172.16.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.0.1, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms RouterA#ping 172.16.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms RouterA#ping 172.16.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.2.1, timeout is 2 seconds: ! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/54/148 ms RouterA# So if Router A can get to the Loopback interfaces advertised by Router B, and Router C have got the routes in the Routing Table, why can't Router C trace or ping to Router B's Loopback interfaces?? Please find attached a copy of the configs for the 3 routers:- RouterC#sh run Building configuration... Current configuration: ! version 11.1 service timestamps debug datetime msec show-timezone service timestamps log datetime msec show-timezone service udp-small-servers service tcp-small-servers ! hostname RouterC ! enable secret 5 $1$R1vV$Ld5F0ueggoSyb4z/goBGF. ! ! interface Ethernet0 no ip address ! interface Serial0 ip address 172.17.1.2 255.255.255.0 ! interface Serial1 no ip address ! router bgp 65530 neighbor 172.17.1.1 remote-as 1 ! ip host RouterA 172.17.1.1 ip classless logging buffered ! line con 0 line aux 0 line vty 0 4 password cisco login ! end RouterC# - RouterA#sh run Building configuration... Current configuration : 907 bytes ! version 12.2 no service single-slot-reload-enable service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname RouterA ! logging rate-limit console 10 except errors enable secret 5 $1$hCDv$aQ/xa.CZ7YloCaNRpAaI90 ! ip subnet-zero no ip finger no ip domain-lookup ip host RouterC 172.17.1.2 ip host RouterB 10.1.1.2 ! no ip dhcp-client network-discovery ! ! ! ! interface Ethernet0 no ip address ! interface Serial0 ip address 172.17.1.1 255.255.255.0 clockrate 64000 ! interface Serial1 ip address 10.1.1.1 255.255.255.252 clockrate 64000 ! router bgp 1 bgp log-neighbor-changes aggregate-address 172.16.0.0 255.255.252.0 neighbor 10.1.1.2 remote-as 2 neighbor 172.17.1.2 remote-as 65530 ! ip kerberos source-interface any ip classless ip http server ! ! ! line con 0 transport input none line 1 16 line aux 0 line vty 0 4 password cisco login ! end RouterA# --- RouterB#sh run Building
RE: 40x/50x counting towards CCNP [7:45993]
According to the website, the 50x exams can be substituted for 60x exams towards your ccnp. It doesnt mention the 40x anymore. So i think you need to take 3 more to get your ccnp. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=46050t=45993 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCNP exam path question [7:45839]
Any order is okay. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Paulo Roque Sent: Wednesday, June 05, 2002 9:52 AM To: [EMAIL PROTECTED] Subject: CCNP exam path question [7:45839] Hi all, Must the exam path for CCNP be Routing, Switching, Remote Access and Support or the exams could be taken in any order? Thanks in advance!! -- Eng. Paulo Roque Network Engineer Cisco Certified Network Associate [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45917t=45839 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Lab Question [7:45815]
All, I want to start practising on how to search / use the Cisco's Documentation CD for the CCIE Lab. I have 2 CDs called Cisco Product Documentation (Oct 2001). Are they the ones?? If not, how about can I order the Cisco's Documentation CD from Cisco? Thanks, Hunt Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45815t=45815 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: It's Official - CCNP 6xx series [7:45867]
You can still take the 640-500 series for CCNP. You just have to take it in Japanese. Kanichiwa! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45900t=45867 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: static route for port 21 [7:45682]
Yes, I do remember seeing that thread when I first joined the group. Just can't find it now. Daniel Cotts wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Time to restart the blueberry thread. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45759t=45682 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
trying to test ISDN [7:45786]
Im trying to get ISDN backup to work, but as i am debugging dialer packets, I am seeing this. BRI0: Dialing cause ip (s=10.3.101.13, d=224.0.0.10) BRI0: Already 255 call(s) in progress on BRI0, dialing not allowed I have never seen this msg before. Anyone know what this means? Is there a loop somewhere? Thanks In Advance James Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45786t=45786 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: trying to test ISDN [7:45786]
Yes, we are running EIGRP, and someone put in an permit any any statement in. I removed that but ISDN is still not dialing. if i look at the history, it shows it has dialed successfully a few weeks ago. The IOS is 11.2(5)P so i cannot force a call to test connectivity with the carrier switch. layer 1 is active, spids are assigned, Im pretty much at a loss. The person on the other end did say that on the external NT1 the LP LED was lit. I will follow through with the carrier. Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45794t=45786 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: trying to test ISDN [7:45786]
WE have serveral branches that have passive int on the bri0 and we do use floating static routes. What i ended up doing was removing the config from the bri, reloading the router, entered the switch type and spids and it dialed fine. Thanks all for the suggestions. James Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45800t=45786 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: 640-605 BCRAN Beta PASSED!! [7:45777]
Hi Bill, I am curious how the new test differs from the old exam. I take the remote exam almost a year ago. Thanks. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Creighton Bill-BCREIGH1 Sent: Tuesday, June 04, 2002 4:03 PM To: [EMAIL PROTECTED] Subject: 640-605 BCRAN Beta PASSED!! [7:45777] I'd like to thank EVERYONE in this group. Very difficult exam! but I somehow feel prouder having passed this monster instead of the current 640-505.The scenarios and ideas presented here are better than anything seen in a lab and more diverse than anything seen in my workplace. I was wondering if anyone could tell me if this will count toward the existing CCNP track if my other exams are the current standard (640-50x) in which case I'M DONE!!! Finally, if I am in fact done, can anyone tell me if it's more advantageous to go after CCDA/P or just chase the CCIE written (before the new version of that exam is introduced). Bill Creighton Senior System Engineer CCNP(?) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45809t=45777 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Basic ISDN BRI config needed [7:45416]
Can we see the rest of your configs. If you have a passive interface, without a static route, you wont be able to ping. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45435t=45416 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE Lab Reading [7:45486]
Hi All, I just started preparing for the CCIE Lab. I have already read Caslow, TCP/IP Vol 1 (by Jeff Doyle), Internet Routing Arch (by Halabi), as well as LAN Switching (by Clark). I'm just wondering what books I should get in additional to these to prepare for the lab?? Please help... Thanks! Hunt Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45486t=45486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN Client failing to connect to PIX using rsa-sig [7:45371]
Can you share your insight ? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45371t=45371 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Emergency: HOw to extend the telnet timeout for a router? [7:45249]
yes , exec-timeout 0 0 rgds Dain Deutschman wrote: Is it line vty 0 4 exec-timeout ?? I could be misunderstanding the question. Please correct me if I am wrong. Dain Ocsic wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, all the default timeout for a telnet session is 300 sec Any command can extend the telnet timeout time ? Please mail me [EMAIL PROTECTED] Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45249t=45249 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Passed BCRAN [7:45182]
So what's your point? Give him some props and stop being a weenie. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, May 27, 2002 8:40 PM To: [EMAIL PROTECTED] Subject: Re: Passed BCRAN [7:45182] I passed it in 3 days reading the book. Its easy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45322t=45182 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Token Ring cable [7:45018]
That's a type 2 cable that connects to a router with a db9? Or is that RJ-45 on the 2521? Depends on how much time you want to spend on making/searching for a cable, I would suggest upgrading to a msau that uses rj-45. Cabletron hubs such as the STHI-24 are plentiful on ebay and probably will cost you about $15-20 bucks. You can pick some madge cards on ebay as well and connect your pcs to it as well. Plus, you can management the hub and if you have errors you can console into the hub and see what they are..IE burst, congestion, fc, etc. Of course, the sh controller command on the router will do the same thing. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Frankie Chiang Sent: Saturday, May 25, 2002 1:12 AM To: [EMAIL PROTECTED] Subject: Re: Token Ring cable [7:45018] You can make it by your self. http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2600/c26userg/cables. htm Best Regard, Frankie Kenneth Yeung wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, Just start to prepare home lab, I got token ring interface (C2521) and MAU Hub. Where can I get the cable? What should I use? Any comment! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45032t=45018 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SYSLOG time stamp problem [7:44949]
My take is that the time stamp is correct but it is using UTC time which is 4 hour ahead of U.S. East Coast's Day Light Saving Time. Jeffrey Reed wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I set up a syslog server and have a problem with the time stamp in a sys log message. When a message is sent to my syslog server (using solar winds syslog monitor) the date/time field is correct, but the time stamp with the message itself is not, its 4 hours ahead. I show calendar and clock on the 6500 MSFC and they are both set correctly. I have the system set up for EST and daylight savings, so I think the syslog facility is not factoring in those settings. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44950t=44949 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ISDN BRI Simulator Comparison - way to expensi [7:44767]
I wonder if you can write the isdn lines off as a learning expense. Equipment might be harder to do though. If you can't write it off, the sim comes out ahead because it's portable and has resale value. (but that could change) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Treptow, Georg Sent: Wednesday, May 22, 2002 5:02 PM To: [EMAIL PROTECTED] Subject: RE: ISDN BRI Simulator Comparison - way to expensi [7:44767] For that price you might as well order 2 ISDN lines from your local telco. That should only cost you about $80.00 a month as you don't need to get ISP service with it. You would be able to use those for 17 months until coming up even. Georg Treptow -Original Message- From: Dennis Laganiere [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 22, 2002 6:34 PM To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]; '[EMAIL PROTECTED]' Subject: RE: ISDN BRI Simulator Comparison Earlier today I proposed putting together some comparative information on the various ISDN Simulators available. Since the question which simulator do I buy? comes up regularly on the list, I though a cooperative effort to develop an answer would be an interesting exercise for the group. Just to start the conversation, here's a review of the two that I have in my home pod... Arca Emutel Lite Recent e-bay sales: $1,250 - $1,400 Features: * 2 port BRI * Switch types supported: NAT-1, DMS100 and 5ESS Default settings (just because I think its useful): PortB-channel DN SPID 1 1 384000 384001 1 2 384010 384002 2 1 384020 384021 2 2 384030 384022 The default ISDN switch-type is basic-dms100 Pro: * Been using it for a year without a problem * Built-in battery backup means you can use it without AC power for a quick demonstration * Supports either S (4-wire) or U (2-wire) interfaces (selected through software) * Simple console-like configuration Con: * Since I'm using 2503's, it requires 2 x NT1 (approx $30 each on ebay) * Power supply is an external brick. Minor thing, but kind of annoying. Teltone ILS-B-01 ISDN Demonstrator Recent e-bay sales: $1,225 - $1,599 (New from the manufacture, $1,855.00) Features: * 2 port BRI * Switch types supported: NAT-1, ATT Custom Default settings (just because I think its useful): PortB-channel DN SPID 1 1 835-86610835866101 1 2 835-86630835866301 2 1 835-86620835866201 2 2 835-86640835866401 The default ISDN switch-type is basic-nil Pro: * Built in power supply. * Windows-based configuration (I haven't tried it yet, but the book makes it look easy) Con: * Since I'm using 2503's, it requires 2 x NT1 (approx $30 each on ebay) * Only has U Interfaces I look forward to seeing what other people have used... Thanks... --- Dennis -Original Message- From: Dennis Laganiere [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 22, 2002 2:36 PM To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED] Subject:ISDN BRI Simulator Comparison This brings to mind an interesting side-project, if anybody has the time and inclination to help out. I've not seen a comprehensive comparison between the various simulators that are available, factoring in features and approximate cost. Myself personality, I've got an Emutel Lite at home that I've had a for while, and I just picked up a Teltone ISDN Demonstrator that I'm going to start playing with this weekend. I could probably put together a quick write up on those if it were a conversation that other people would like to contribute too. Anybody what to play? Let me know... --- Dennis From: Dennis Laganiere [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 22, 2002 1:48 PM To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED] Subject:RE: ISDN BRI Simulator Um... I'll pay $125... Next bidder... :) I don't believe you'll find too many in this range, but I'd love to learn that I'm wrong... Thanks... --- Dennis -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 22, 2002 1:16 PM To: [EMAIL PROTECTED] Subject:ISDN BRI Simulator I am looking for a 2 port ISDN BRI Simulator for under $100. Does anyone know where I can get one? Thanks, Bill Cook, Network Project Manager _ Commercial lab list: http://www.groupstudy.com/list/commercial.html Please discuss commercial lab solutions on this list. _ Commercial lab list: http://www.groupstudy.com/list/commercial.html Please discuss commercial lab solutions on this list. _
Len Lee/CHI/NTRS is out of the office. [7:44790]
I will be out of the office starting May 23, 2002 and will not return until June 10, 2002. I will respond to your message when I return. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44790t=44790 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Support Passed [7:44599]
Read the RA book and you'll be fine. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, May 20, 2002 10:02 PM To: [EMAIL PROTECTED] Subject: Support Passed [7:44599] Ok, well I started kinda backward, but I passed my CCNP Support test, and I'm now working on my Remote Access. I have the cisco press books, which I love, but is there anything I should know about the remote access test? Cody Lerum, CCNA, (1/4)CCNP Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44600t=44599 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Logic and Lab Rats [7:44653]
Whadda ya mean remember? We still have them and we have to support them as well as TR, Ethernet , SNA, Cisco,IP,Cabletron, Coax, etc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, May 21, 2002 12:57 PM To: [EMAIL PROTECTED] Subject: RE: Logic and Lab Rats [7:44653] Do you remember Mainframe systems??? Do you remember LU and PU and logic controllers?? Do they all work the same as IP networks or VOIP and IP telephony networks? Do you know all the traffic in your data network??? You seem to be bitter about something. Do you want someone with 20 years experience Appling a network change without testing out first in a lab environment??? Last but certainly not least, how many mainframe guys know IP networking. You provide me a listAnswer is very few. Many PBX or Telecomm Engineer knows VOIP or IP Telephony?? Answer is very few. Giving me dates when things start is like tell me that we still need to go print a circuit board for two days and use tubes, diodes, and transistors, instead a sing microprocessor. Finally, There are many people with 20 years of experience who feel that they dont need to learn new technologies and therefore still trying fight progress. We do not know every thing out there but at least we can try to be knowledge as possible. You need to be more appreciative of people who want to be the best. Be weather it be CCIE or Cissp. They have to study just like any other professional. If my doctor doesnt put in at least 100 hours of training and giving me a diagnostic, I will sue his pants off. Stop being an idiot Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44676t=44653 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Fans too Noisey (2500 Series Router) [7:44571]
Take the covers off and take a big, giant fat and blow, baby, blow. Are better yet, how about moving it out of the living room or put some insulation in the room that it's in. But then again, 2500's are so cheap these days why bother. Remove the fans and buy another one when it melts! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Kent Hundley Sent: Tuesday, May 21, 2002 7:19 AM To: [EMAIL PROTECTED] Subject: RE: Fans too Noisey (2500 Series Router) [7:44571] Maybe not if you keep the room temperature low enough, but your going to need a lot of air conditioning. ;-) Seriously, disconnecting fans will eventually cause your router, or any computer, to fry. Without heat dissapation, your components will eventually just quit working and fill your house with the lovely smell of burning circuits. You might try buying/building some sort of enclosure, but that enclosure will likely need a fan as well. Regards, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Will Francis Sent: Monday, May 20, 2002 3:07 PM To: [EMAIL PROTECTED] Subject: Fans too Noisey (2500 Series Router) [7:44571] Hi Guys I've got 7 2500 Series routers in my home lab but its just getting a bit too noisey, if the fans are unplug will this affect the routers. cheers Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44677t=44571 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: preffered order in taking ccnp exams [7:44511]
I took the exams in this order remote access routing cit switching -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of ashish Sent: Monday, May 20, 2002 9:45 AM To: [EMAIL PROTECTED] Subject: Re: preffered order in taking ccnp exams [7:44511] yeah, as such order does not matter much. I passed routing last week.and now i am studying for remote access.I have found that there are somethings which are assumed that reader understands like redistribution,route filtering etc.. I can only say I am glad that I did routing before remote access. - Original Message - From: Thomas Larus To: Sent: Monday, May 20, 2002 7:55 AM Subject: Re: preffered order in taking ccnp exams [7:44511] I think you can switch them around as you like except that Support should come last. Once you have studied for the other three, Support just follows naturally, because you should have gotten practice using the debugging commands and show commands and other troubleshooting tools. [EMAIL PROTECTED], Divakaran (GEAE, GTS India) wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi, Is there a prefferred order in which to tkae the ccnp exams ? like 1.routing 2.switching 3.remote access 4.support ? or can it be taken in any order ? Does taking the exams in the above order have any advantages ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44582t=44511 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: L3 Between VLANS- no RSM or MSFC [7:44462]
A 2600 with a FE interface will do trunking and be the router on a stick. I haven't tried a 3600 but it should work as well. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael L. Williams Sent: Saturday, May 18, 2002 7:35 PM To: [EMAIL PROTECTED] Subject: Re: L3 Between VLANS- no RSM or MSFC [7:44462] But if he's trying to practice doing FastEthernet VLAN trunking. =) But I agree, if you're looking to simply route, get a router with 2 ethernet interfaces and connect one to each VLAN. if you need to route between more than 2 VLANs, then you'll need a router that supports trunking on the FastEthernet port (I know the 4000 series supports this, but not for sure about anything lower. wouldn't be surprised if the 2600/3600 series supported this) Mike W. nrf wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... If you want to do it really simply, just use a router that has 2 ethernet interfaces. Phil Lorenz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I'm looking to mock up RSM/ MSFC type routing between VLANs. If my memory serves me correctly, can't I do this with a 4500 (or better) router outfitted with an FE module ??? Can anyone elaborate and/ or offer a few clues to get me researching in the right area ??? Thanks !!! Phil Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44474t=44462 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: cheapest router supporting two ethernet ports [7:44061]
They are real cheap. I paid $1200 and I would be lucking to get $500 for it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Monday, May 13, 2002 12:26 PM To: [EMAIL PROTECTED] Subject: RE: cheapest router supporting two ethernet ports [7:44061] 2514's have fallen quite a bit on Ebay of late. They roughly the same as a 1605 nowdays. Figure right about 500ish.. my quick numbers show that the average price PAID on Ebay for the last 30 days is 409.00 MikeS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44185t=44061 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Wireless LAN for Home [7:44234]
Any recommendation on PCI type cards ? Roberts, Larry wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I use the BEFW11S4 and the Orinoco silver/gold cards. I have a couple of the aironet cards on order for testing, but I can say that the WPC11 ( linksys ) Card is something that you DON'T want. My range was doubled just by changing cards. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44260t=44234 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: VPN client Cisco Concentrator 3030 [7:43675]
Great info. You mentioned that the tweaking will work if one installed Cisco VPN client before installing EnterNet. Does it mean that one will be have to un-install the EnterNet PPPoE client if it was installed before the Cisco VPN client ? Elijah Savage wrote in message news:[EMAIL PROTECTED]... This is not in refernce to certification but this is great information for our field. My company is rolling out a load balancing cisco vpn solution for our company using 3030 concentrators. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43767t=43675 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CSS1 [7:43405]
Try this one http://www.securityie.com/ Brian Zeitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I started a yahoo group called CSS1 if anyone is interested. Currently it has 1 member, me :-) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43406t=43405 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CCIE LAB Prep!!! [7:43055]
Perhaps I didn't give you any details... we have 19xx,29xx,39xx,5500,6500,8500, and the GSR 12000 Gbs/r also have 1700's,26xx,3600,7200,VPN3001,IDS,Avvid,Pix 525. just on the cisco side... please check out our web... www.ictp.com regards, Jason Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43132t=43055 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: VLANS [7:42932]
Damian Rizzo is the vlan man. If he can't do it Noone can. Uh Rich. Mind if i call you dick. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43159t=42932 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: CIT exam [7:43100]
I just took the exam today after studying for about 30 hours using the cisco press book and the course material. It wasn't that hard but it wasn't that easy because some of the wording got me. Considering what I studied, I expected more in different areas. Oh, well, a pass is a pass. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 02, 2002 3:54 AM To: [EMAIL PROTECTED] Subject: CIT exam [7:43100] I have taken the router, switching and remote access exams, and am about to take the support exam. I have heard from some that the CIT exam is the easiest and I have heard from others that it is one of the hardest. I would like to get the boards perspective on this. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43189t=43100 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: switching exam [7:43038]
I guess it depends on who pays for toner and the paper it's printed on. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Kaminski, Shawn G Sent: Thursday, May 02, 2002 5:18 PM To: [EMAIL PROTECTED] Subject: RE: switching exam [7:43038] Tim is actually right. Everything you need to pass these exams is free on Cisco's website. The only problem is that the site is so huge, you don't know where to start! Shawn K. -Original Message- From: timothy thielen [SMTP:[EMAIL PROTECTED]] Sent: Thursday, May 02, 2002 3:02 PM To: [EMAIL PROTECTED] Subject: RE: switching exam [7:43038] You people spend MONEY on certification prep materials? I'm sorry. :-) --Tim Kaminski, Shawn G wrote: It's sad, the true signs of brainwashing :-) I never said anything was wrong with them. The proven track record comes from the fact that they've done a great job marketing their products. Boson has quality products, BUT, BUT, BUT, as I've mentioned before, there are other companies out there that offer materials that are just as good if not better than Boson and the prices are about 80% cheaper. I would mention the companies, but I have a financial interest in these companies and I'd get flamed to death (believe it or not, I also have a financial interest in Boson/Quizware, but not anywhere near as much as I'd like :-) ) You can't really blame Boson for their high prices because they have to pay a percentage to their authors. Plus, like you said, people have been brainwashed into believing that Boson is the only company out there, which allows Boson to charge higher prices. So, look around a little and take a chance on some of these other companies. Don't worry, no one is going to yell at you for spending less money on certification materials :-) I'm just trying to save people some money while at the same time hoping that I make a little, as well! Shawn K. -Original Message- From: Jon Krabbenschmidt [SMTP:[EMAIL PROTECTED]] Sent: Wednesday, May 01, 2002 8:28 PM To: [EMAIL PROTECTED] Subject: RE: switching exam [7:43038] Boson worked well for me too, but I hardly consider $40 expensive especially given the cost of others. Jon -Original Message- From: Adam Hickey [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 01, 2002 4:22 PM To: [EMAIL PROTECTED] Subject: Re: switching exam [7:43038] I don't think I could have gotten through my tests without Boson's help - other than being expensive, what is wrong with them? I don't think I see a cult here but I do see the proven track record and the quality name Boson has developed for themselves. High price is a direct result of high demand - simple economics. Adam Hickey [EMAIL PROTECTED] - Original Message - From: Kaminski, Shawn G To: Sent: Wednesday, May 01, 2002 3:31 PM Subject: RE: switching exam [7:43038] Please, people, snap out of the Boson trance. I can't take it anymore. :-) I just had a discussion with Paul Borghese a few days ago about how Boson always gets through the filters but other vendors don't. Hopefully, that will change soon and we'll start to see better and less expensive options come through the list without being filtered. In fact, I wonder if this will make it through the filter since I'm saying something bad about the Boson cult? :-) Please proceed with flaming, ragging, name calling, tar and feathering, etc. However, one of these days you'll thank me from preventing you from getting that Boson tattoo on your chest ( on the ankle for the ladies) :-) If you're up for an argument, please email me offline :-) Shawn K. -Original Message- From: NetEng [SMTP:[EMAIL PROTECTED]] Sent: Wednesday, May 01, 2002 5:18 PM To: [EMAIL PROTECTED] Subject: switching exam [7:43038] just took that switching exam: 79 ?'s, 90 minutes and 699 to pass. pretty easy test, boson's were great as usual. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43190t=43038 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Building a Cisco Lab [7:43072]
We have quite a few Cisco 4k and they are pretty reliable. In a year and a half we have only replaced one 4k in our data center, and the only others we have touched are the ones we have deinstalled and replaced with 3600's. I think we have a hundred or so. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Howard C. Berkowitz Sent: Thursday, May 02, 2002 6:23 PM To: [EMAIL PROTECTED] Subject: Re: Building a Cisco Lab [7:43072] Wayne, Ive had nothing but problems with 4000 series modular routers. So many problems, in fact, that I've stopped selling them. Too many hardware failures. Stick with the 2500 series thanks, -Brad Ellis CCIE#5796 (RS / Security) [EMAIL PROTECTED] Cisco home labs: www.optsys.net Brad, I don't doubt your current experience is accurate, but I'm curious. When I was on the road teaching Cisco courses, the 2500's seemed to fail more than the 4000's. Probably the most persistent 4000 problem was one of the ports failing on the dual-Ethernet module. Is there any pattern to what you are seeing? I'm wondering if it's just a mechanical problem with wear on the slot modules, or something else that's aging. Howard Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43197t=43072 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
CCIE LAB Prep!!! [7:43055]
If you need a lab to study CCIE lab, I can give you a special discount... We have the worlds biggest Cisco Lab.. here located in city of anaheim Ca, if you are interested please feel free to email me. Jason Lee [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=43055t=43055 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help!!! [7:42411]
Wallace Lee wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hunt, I guess you don't have the 203.147.154.0 route in the middle router. however, you have a defaut route in it. So, you will experience a routing loop. Check you tunnel configuration as well. see the following from u : I have an OSPF connectivity problem. I have 3 routers as follows: OSPF Area 203.147.188.0 OSPF Area 0 Gw1.bne2 Gw2.bne ---Gw1.bne Gw1.bne2 is connecting to Gw2.bne with Serial 0/0:0 (203.147.255.186 /30) Gw2.bne is connecting back to Gw1.bne2 with Serial 0/0:0 (203.147.255.185 /30) Gw2.bne is also connected to Gw1.bne with FastEth 0/0 (202.139.236.2 /24) Gw1.bne is connecting back to Gw2.bne with FastEth 0/1 (202.139.236.254 /24) Now I have 5 static routes at Gw1.bne2 (the left most Router) that I want to redistributed into OSPF. ip route 203.147.154.0 255.255.255.128 203.147.188.65 ip route 203.147.154.128 255.255.255.248 203.147.188.68 ip route 203.147.154.136 255.255.255.248 203.147.188.69 ip route 203.147.154.144 255.255.255.252 203.147.188.66 ip route 203.147.154.148 255.255.255.252 203.147.188.67 controller E1 0/0 channel-group 0 timeslots 1-31 ! ! interface Tunnel0 description BNE2-Avior ip address 10.255.255.2 255.255.255.252 no ip route-cache cef tunnel source 203.147.255.186 tunnel destination 203.147.190.4 ! interface FastEthernet0/0 no ip address ip route-cache flow speed 100 full-duplex ! interface FastEthernet0/0.5 encapsulation dot1Q 5 ! interface FastEthernet0/0.10 encapsulation dot1Q 10 ip address 10.15.15.254 255.255.255.0 secondary ip address 203.147.188.254 255.255.255.0 ip access-group pfilter in ip accounting access-violations ip nbar protocol-discovery ! interface FastEthernet0/0.999 encapsulation dot1Q 999 ip address 10.2.101.1 255.255.0.0 ! interface Serial0/0:0 description N7065870L to 96 Lytton Rd ip address 203.147.255.186 255.255.255.252 ip nbar protocol-discovery ip route-cache flow load-interval 30 service-policy output voippol ! router ospf 7496 log-adjacency-changes redistribute connected redistribute static subnets passive-interface FastEthernet0/0.999 network 203.147.188.0 0.0.0.255 area 203.147.188.0 network 203.147.255.184 0.0.0.3 area 203.147.188.0 At Gw1.bne2, it shows the subnets are learned via statics gw1.bne2#sh ip route 203.147.154.136 Routing entry for 203.147.154.136/29 Known via static, distance 1, metric 0 Redistributing via ospf 7496 Advertised by ospf 7496 subnets Routing Descriptor Blocks: * 203.147.188.69 Route metric is 0, traffic share count is 1 When I goto Gw2.bne (middle router), I can see the routes in the OSPF Topology Table (all of them are learned from 203.147.255.186 - Gw1.bne2), but not the its routing table:- N.B: I also tried to do a clear ip route 203.147.144.0/20, but no help. The same route came straight back Type-5 AS External Link States 203.147.154.0 203.147.255.186 572 0x8002 0xAC01 0 203.147.154.128 203.147.255.186 573 0x8002 0xA40D 0 203.147.154.136 203.147.255.186 573 0x8002 0x6246 0 203.147.154.144 203.147.255.186 573 0x8002 0xFF9F 0 203.147.154.148 203.147.255.186 573 0x8002 0xE5B4 0 gw2.bne# sh ip route 203.147.154.136 Routing entry for 203.147.144.0/20, supernet Known via ospf 7496, distance 110, metric 3, type inter area Last update from 202.139.236.254 on FastEthernet0/0, 00:17:48 ago Routing Descriptor Blocks: * 202.139.236.254, from 203.147.255.156, 00:17:48 ago, via FastEthernet0/0 Route metric is 3, traffic share count is 1 However, if I goto Gw1.bne (the rightmost router), it can see all 5 subnets in the OSPF Topoloy Table and Routing Table Type-5 AS External Link States 203.147.154.0 203.147.255.186 867 0x8002 0xAC01 0 203.147.154.128 203.147.255.186 867 0x8002 0xA40D 0 203.147.154.136 203.147.255.186 867 0x8002 0x6246 0 203.147.154.144 203.147.255.186 867 0x8002 0xFF9F 0 203.147.154.148 203.147.255.186 867 0x8002 0xE5B4 0 gw1.bne#sh ip route 203.147.154.136 Routing entry for 203.147.154.136/29 Known via ospf 7496, distance 110, metric 20, type extern 2, forward metric 52 Redistributing via ospf 7496 Last update from 202.139.236.2 on FastEthernet0/1, 00:49:30 ago Routing Descriptor Blocks: * 202.139.236.2, from 203.147.255.186, 00:49:30 ago, via FastEthernet0/1 Route metric is 20, traffic share count is 1 As a result, when I do a trace from Gw1.bne (the rightmost router), it points it to Gw2.bne, but Gw2.bne points it back - Routing Loop :( gw1.bne#trace 203.147
Re: Please help!!! [7:42411]
Firstly, I must say thank you so much for getting back to me :-) Sorry about this, but the network is actually like this: Gw1.bne2 - Gw2.bne Gw1.bne MLS2 (cat 6500) - Avior (Linux) | | |--- | Tunnel I agree. Are you terminiating the tunnel on gw1.bne? Or do you have another route from gw1.bne2 to gw1.bne? Becuase it looks like gw1.bne is learning it's route directly from gw1.bne2. If you could include the config from gw1.bne, it would help. So the tunnel actually terminates at the other end of the network. After I've done some more investigation, I have found that the gw2.bne is taking the Inter-Area summary route advertised by MLS2 instead of learning it directly from gw1.bne2:- At Gw2.bne:- gw2.bne#sh ip route 203.147.154.136 Routing entry for 203.147.144.0/20, supernet Known via ospf 7496, distance 110, metric 3, type inter area Last update from 202.139.236.254 on FastEthernet0/0, 01:29:27 ago Routing Descriptor Blocks: * 202.139.236.254, from 203.147.255.156, 01:29:27 ago, via FastEthernet0/0 wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I agree. Are you terminiating the tunnel on gw1.bne? Or do you have another route from gw1.bne2 to gw1.bne? Becuase it looks like gw1.bne is learning it's route directly from gw1.bne2. If you could include the config from gw1.bne, it would help. Wallace Lee wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hunt, I guess you don't have the 203.147.154.0 route in the middle router. however, you have a defaut route in it. So, you will experience a routing loop. Check you tunnel configuration as well. see the following from u : I have an OSPF connectivity problem. I have 3 routers as follows: OSPF Area 203.147.188.0 OSPF Area 0 Gw1.bne2 Gw2.bne ---Gw1.bne Gw1.bne2 is connecting to Gw2.bne with Serial 0/0:0 (203.147.255.186 /30) Gw2.bne is connecting back to Gw1.bne2 with Serial 0/0:0 (203.147.255.185 /30) Gw2.bne is also connected to Gw1.bne with FastEth 0/0 (202.139.236.2 /24) Gw1.bne is connecting back to Gw2.bne with FastEth 0/1 (202.139.236.254 /24) Now I have 5 static routes at Gw1.bne2 (the left most Router) that I want to redistributed into OSPF. ip route 203.147.154.0 255.255.255.128 203.147.188.65 ip route 203.147.154.128 255.255.255.248 203.147.188.68 ip route 203.147.154.136 255.255.255.248 203.147.188.69 ip route 203.147.154.144 255.255.255.252 203.147.188.66 ip route 203.147.154.148 255.255.255.252 203.147.188.67 controller E1 0/0 channel-group 0 timeslots 1-31 ! ! interface Tunnel0 description BNE2-Avior ip address 10.255.255.2 255.255.255.252 no ip route-cache cef tunnel source 203.147.255.186 tunnel destination 203.147.190.4 ! interface FastEthernet0/0 no ip address ip route-cache flow speed 100 full-duplex ! interface FastEthernet0/0.5 encapsulation dot1Q 5 ! interface FastEthernet0/0.10 encapsulation dot1Q 10 ip address 10.15.15.254 255.255.255.0 secondary ip address 203.147.188.254 255.255.255.0 ip access-group pfilter in ip accounting access-violations ip nbar protocol-discovery ! interface FastEthernet0/0.999 encapsulation dot1Q 999 ip address 10.2.101.1 255.255.0.0 ! interface Serial0/0:0 description N7065870L to 96 Lytton Rd ip address 203.147.255.186 255.255.255.252 ip nbar protocol-discovery ip route-cache flow load-interval 30 service-policy output voippol ! router ospf 7496 log-adjacency-changes redistribute connected redistribute static subnets passive-interface FastEthernet0/0.999 network 203.147.188.0 0.0.0.255 area 203.147.188.0 network 203.147.255.184 0.0.0.3 area 203.147.188.0 At Gw1.bne2, it shows the subnets are learned via statics gw1.bne2#sh ip route 203.147.154.136 Routing entry for 203.147.154.136/29 Known via static, distance 1, metric 0 Redistributing via ospf 7496 Advertised by ospf 7496 subnets Routing Descriptor Blocks: * 203.147.188.69 Route metric is 0, traffic share count is 1 When I goto Gw2.bne (middle router), I can see the routes in the OSPF Topology Table (all of them are learned from 203.147.255.186 - Gw1.bne2), but not the its routing table:- N.B: I also tried to do a clear ip route 203.147.144.0/20, but no help. The same route came straight back Type-5 AS External Link States 203.147.154.0 203.147.255.186 572 0x8002 0xAC01 0 203.147.154.128 203.147.255.186 573 0x8002 0xA40D 0 203.147.154.136 203.147.255.186 573 0x8002 0x6246 0 203.147.154.144 203.147.255.186 573 0x8002 0xFF9F 0 203.147.154.148 203