RE: RE: About OSPF and Loopback port
Howard, Chuck et al, Even more strange is if you configure the loopback interface as a point-to-point network - e.g. int lo0 ip address 172.16.1.1 255.255.255.0 ip osdpf network-type point-to-point router ospf 10 network 172.16.1.1 0.0.0.0 area 0 In this configuration, the OSPF process won't use this loopback address as the router id. (See Advanced IP Network Design - ISBN 1-57870-097-3, Retana, SLice and White - Cisco Press p108 for more info) Hope this adds some to the party - I'll have a go at Howard's challenge later when I can get onto my lab, but I suspect the output from "debug ip ospf adjency" might help here. I have included Howard's OSPF router ID selection table as a pointer to why I think this will help. Regards Pete S. >>SNIPed some stuff, this is HCB's bit>> >Unless there have been recent IOS changes (I'm really most >current in >11-something), it's even more unpredictable than just the >highest IP >address: >At the time of OSPF initialization, the router ID is: > >if there are multiple loopback interfaces, the highest >IP address on any > loopback (i.e., not highest loopback interface >number) >if there is a single loopback interface, use its >address >if there are no loopback interfaces, use the highest >IP address on any > active interface (i.e., if all interfaces are in >shutdown, OSPF > can't initialize. Using loopbacks avoids this >because a loopback > cannot be down.) >A fiendish troubleshooting scenario: > >R1 comes up first, then R2. They share an Ethernet. >Neither has >any loopbacks. > >Scenario 1 (R1 is initially misconfigured) >R1 E0: 10.6.0.1 DOWN R2 E0: 10.1.0.1 UP/UP >E1: 10.5.0.2 UP/UP E1: 10.5.0.2 UP/UP >E2: 10.2.0.1 UP/UP E2: 10.2.0.2 UP/UP > >Admin discovers that R1 E1 is misconfigured and should >have been 10.5.0.1. >Our Heroine corrects that interface to 10.5.0.1. > >Assuming both routers had OSPF configured with >network 10.0.0.0 0.255.255.255 area 0.0.0.1 > >Will a device on R1 E2 be able to ping a host on R2 E2? - Sent using MailStart.com ( http://MailStart.Com/welcome.html ) The FREE way to access your mailbox via any web browser, anywhere! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Re: Token Ring Bit Swapping
Mike, Jumping in on the back of Nigel's reply: Canonical to Non-canonical MAC address Conversion Break down MAC address into nibbles, (half a byte, or 4 bits) Convert HEX digit to binary: 0 = , 1 = 0001 2 = 0010 , 3 = 0011 4 = 0100 , 5 = 0101 6 = 0110 , 7 = 0111 8 = 1000 , 9 = 1001 A = 1010 , B = 1011 C = 1100 , D = 1101 E = 1110 , F = Then reverse the pattern of bits for each nibble: = , 0001 = 1000 0010 = 0100 , 0011 = 1100 0100 = 0010 , 0101 = 1010 0110 = 0110 , 0111 = 1110 1000 = 0001 , 1001 = 1001 1010 = 0101 , 1011 = 1101 1100 = 0011 , 1101 = 1011 1110 = 0111 , = The convert back to HEX: = 0 , 1000 = 8 0100 = 4 , 1100 = C 0010 = 2 , 1010 = A 0110 = 6 , 1110 = E 0001 = 1 , 1001 = 9 0101 = 5 , 1101 = D 0011 = 3 , 1011 = B 0111 = 7 , = F Then swap the resulting nibbles (1 with 2, 3 with 4 etc.) to reverse each byte, Do this for all 6 pairs of nibbles, and there you have it! Here's a simpler table to follow, but it's best to be able to learn how to do it from scratch, I suspect. 0 - 0 1 - 8 2 - 4 3 - C 4 - 2 5 - A 6 - 6 7 - E 8 - 1 9 - 9 A - 5 B - D C - 3 D - B E - 7 F - F An example or two might help: Token Ring Address: 40-00-37-46-00-01 Break it down into nibbles: 4 - 0 - 0 - 0 - 3 - 7 - 4 - 6 - 0 - 0 - 0 - 1 Convert them into binary: 0100 0011 0111 0100 0110 0001 Reverse the nibbles: 0010 1100 1110 0010 0110 1000 Convert back to HEX: 2 - 0 - 0 - 0 - C - E - 2 - 6 - 0 - 0 - 0 - 8 Swap each nibble in each pair of nibbles: 02-00-EC-62-00-80 And there you have it! It doesn't matter if you start with Cannonical to Non-canonical, it's the same process each time. If you can handle converting a byte at a time - it's a little quicker than this, and after a while you can do it in your head. (Just don't tell people at parties - normal people regard this as really sad!) Here's a couple of pointers on the web: http://www.cisco.com/warp/public/698/1.html http://www.cisco.com/warp/public/650/37.html More general Token Ring: http://www.faqs.org/faqs/LANs/token-ring-faq/ Someone had a perl script that converted these things AFAIR that they mentioned looongg time ago on this list, might be worth a trawl of the archives. Hope this helps Regards Pete S. --- Original Message --- "Nigel Taylor" <[EMAIL PROTECTED]> Wrote on Fri, 1 Dec 2000 02:57:48 - -- Mike, When I was trying to get a grasp on this topic I had some questions a some different areas but found the White paper on CertificationZone to make all the difference. Both the Token ring and the Bridging really help me grasp the topic. Of course you'll need a subscription to view it now. I know http://www.ccprep.com/ has some whitepapers available on there site maybe there's something there that can shed some light on this subject for you... HTH Nigel.. - Original Message - From: Mike Neal <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, November 30, 2000 5:05 PM Subject: Token Ring Bit Swapping > Can anyone help me with Bit swapping from Token to Ethernet. > I can't seem to grasp how it is done. > > Thanks, > Mike > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] - Sent using MailStart.com ( http://MailStart.Com/welcome.html ) The FREE way to access your mailbox via any web browser, anywhere! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Re: OSPF question
Silvia, It is possible if you configure the loopback as a point to point network. e.g. int lo0 ip ospf network point-to-point ip address 172.16.1.1 255.255.255.0 router ospf 1 network 172.16.1.0 0.0.0.255 area 0 Requires IOS 11.3T or 12.0. Stops the loopback from being used as the router ID though. >From http://www.cisco.com/warp/public/104/9.html Q: Why are loopbacks advertised as /32 host routes in OSPF? A: Loopbacks are considered host routes in OSPF, and they're advertised as /32. For more information, see section 9.1 of RFC 2328. In Cisco IOS ® version 11.3T and 12.0, if the ip ospf network point-to-point command is configured under loopbacks, then OSPF advertises the loopback subnet as the actual subnet configured on loopbacks. See "Advanced IP Network Design" Cisco Press for more details. Hope this helps. Regards Pete S. --- Original Message --- "Adam Hickey" <[EMAIL PROTECTED]> Wrote on Mon, 4 Dec 2000 07:06:19 -0800 -- Correct me if I am wrong, but I don't think you can advertise a class C if the address is assigned to the loopback. Because the router is not aware of any network, only that address. I believe you would have to assign the ip to an eth interface (or any other besides lo0) which would be known to the router as a network directly connected and thus able to be advertised. Please correct this if it is incorrect. Adam Hickey [EMAIL PROTECTED] - Original Message - From: "Elaluf, Sylvia," <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, December 04, 2000 6:10 AM Subject: OSPF question > Hello everybody > > I need some help with the following: > > Given the following > > loopback 0 > ip address 10.10.10.1 255.255.255.0 > > router ospf 1 > network 10.0.0.0 0.0.0.255 area 0 > > sh ip route 10.10.10.1 > known via connected loopback 0 > distributed via ospf 1 > 10.10.10.1 255.255.255.255 > > what I want is to Advertise the loopback interface as class C and not host > specific route. > > distributed via ospf 1 > 10.10.10.1 255.255.255.0 > > How do I do that? > > Silvia Elaluf-Calderwood > [EMAIL PROTECTED] > > "Only two things are infinite, the universe and human stupidity, and I'm not > sure about the former." > - Albert Einstein > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] - Sent using MailStart.com ( http://MailStart.Com/welcome.html ) The FREE way to access your mailbox via any web browser, anywhere! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: What is the problem with my 2621? - continued
Bilge, I notice that you have spped and duplex set to "auto". Are the FE interfaces running at 100Mb/s? If not, might explain 10 time slower throughput. "Show int" might help here. Hope this helps. Regards Pete S. --- Original Message --- Bilge Karabacak <[EMAIL PROTECTED]> Wrote on Mon, 06 Dec 1999 16:07:25 +0200 -- Here you can find the output of "sh interfaces switching" ---SHOW INTERFACES SWITCHING FastEthernet0/0 Throttle count 0 Drops RP 0 SP 0 SPD Flushes Fast 0SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 0 Drops 0 Protocol PathPkts In Chars In Pkts Out Chars Out OtherProcess 92701271276 43202 2592120 Cache misses 0 Fast 0 0 0 0 Auton/SSE 0 0 0 0 IPProcess 315822805762 8549 1442358 Cache misses 0 Fast 1210 78738 0 0 Auton/SSE 0 0 0 0 ARPProcess 3204 192240 1085 65100 Cache misses 0 Fast 0 0 0 0 Auton/SSE 0 0 0 0 Interface Serial0/0 is disabled FastEthernet0/1 Throttle count 0 Drops RP 0 SP 0 SPD Flushes Fast 0SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 0 Drops 0 Protocol PathPkts In Chars In Pkts Out Chars Out OtherProcess 658467862889 44130 2609371 Cache misses 0 Fast 0 0 0 0 Auton/SSE 0 0 0 0 IPProcess 380884002553190 13123 Cache misses 0 Fast 245624 42909834 1210 78738 Auton/SSE 0 0 0 0 ARPProcess 238106 14285130 58 3480 Cache misses 0 Fast 0 0 0 0 Auton/SSE 0 0 0 0 Interface Serial0/1 is disabled Loopback0 Throttle count 0 Drops RP 0 SP 0 SPD Flushes Fast 0SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 0 Drops 0 Protocol PathPkts In Chars In Pkts Out Chars Out No traffic sent or received on this interface. Brian wrote: > On Mon, 6 Dec 1999, Bilge Karabacak wrote: > > > I configured a Cisco 2621 router. The problem with this router is its > > throughput. It is ten times slower than a linux machine acting as a > > gateway with two ethernet interfaces. The properties of linux machine is > > Intel celeron 400, 64 MByte RAM. The second important point is that, > > the router gave this result with no access-lists. The last one to say is > > that,, NAT operation at this cisco 2621 degrades performance by 60% > > percent. This is ridicilous, if all cisco routers are like this one. > > May you please comment on this, after examining the configuration of the > > router? Is it normal? What should I do to increase performance? > > Below, you will find > > Interesting, > > Please show us the output of "sh interfaces switching". Also you may wish > to check bugs on ciscos site since NAT bugs are common in 12.0 > > Brian > > > > > -SHOW STARTUP-CONFIG > > ! > > ! Last configuration change at 12:20:40 UTC Thu Nov 30 2000 > > ! NVRAM config last updated at 13:01:17 UTC Thu Nov 30 2000 > > ! > > version 12.0 > > service tcp-keepalives-in > > service timestamps debug datetime msec > > service timestamps log datetime msec > > service password-encryption > > ! > > hostname router2 > > ! > > no logging buffered > > no logging console > > no logging monitor > > enable secret 5 *** > > ! > > ! > > ! > > ! > > ! > > memory-size iomem 15 > > ip subnet-zero > > no ip source-route > > no ip finger > > ip tcp selective-ack > > ip tcp path-mtu-discovery > > ip telnet quiet > > ! > > no ip bootp server > > ip audit notify log > > ip audit po max-events 100 > > ! > > ! > > ! > > ! > > ! > > ! > > ! > > ! > > interface FastEthernet0/0 > > ip address 192.168.1.89 255.255.255.0 > > no ip unreachables > > no ip directed-broadcast > > ip nat inside > > no ip mroute-cache > > duplex auto > > speed auto > > no cdp
RE: What is the problem with my 2621? - continued
Bilge, I presume all traffic is being process switched because you are running IDS commands on this router. This excerpt is from http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t5/iosfw2/ios_ids.htm (watch the wrap) "Memory and Performance Impact The performance impact of intrusion detection will depend on the number of signatures enabled, the level of traffic on the router, the router platform, and other individual features enabled on the router such as encryption, source route bridging, and so on. Because this router is being used as a security device, no packet will be allowed to bypass the security mechanisms. The IDS process in the Cisco IOS Firewall router sits directly in the packet path and thus will search each packet for signature matches. In some cases, the entire packet will need to be searched, and state information and even application state and awareness must be maintained by the router." I infer from this that all traffic will be process switched - i.e. take the lowest performance path through the router. >From http://195.116.208.9/cheat/router_performance.htm (Watch the wrap) Throughput in PPS for various platforms: ID Process Fast 2500 800 4,400 2610 1,500 15,000 2620 1,500 25,000 3620 2,000 40,000 3640 4,000 80,000 3660 12,000 120,000 4500 5,000 40,000 4700 7,000 50,000 If you're seeing these kind of numbers, then this may be the cause. Let us know what happens. Regards Pete S. --- Original Message --- Bilge Karabacak <[EMAIL PROTECTED]> Wrote on Mon, 06 Dec 1999 16:07:25 +0200 -- Here you can find the output of "sh interfaces switching" ---SHOW INTERFACES SWITCHING FastEthernet0/0 Throttle count 0 Drops RP 0 SP 0 SPD Flushes Fast 0SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 0 Drops 0 Protocol PathPkts In Chars In Pkts Out Chars Out OtherProcess 92701271276 43202 2592120 Cache misses 0 Fast 0 0 0 0 Auton/SSE 0 0 0 0 IPProcess 315822805762 8549 1442358 Cache misses 0 Fast 1210 78738 0 0 Auton/SSE 0 0 0 0 ARPProcess 3204 192240 1085 65100 Cache misses 0 Fast 0 0 0 0 Auton/SSE 0 0 0 0 Interface Serial0/0 is disabled FastEthernet0/1 Throttle count 0 Drops RP 0 SP 0 SPD Flushes Fast 0SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 0 Drops 0 Protocol PathPkts In Chars In Pkts Out Chars Out OtherProcess 658467862889 44130 2609371 Cache misses 0 Fast 0 0 0 0 Auton/SSE 0 0 0 0 IPProcess 380884002553190 13123 Cache misses 0 Fast 245624 42909834 1210 78738 Auton/SSE 0 0 0 0 ARPProcess 238106 14285130 58 3480 Cache misses 0 Fast 0 0 0 0 Auton/SSE 0 0 0 0 Interface Serial0/1 is disabled Loopback0 Throttle count 0 Drops RP 0 SP 0 SPD Flushes Fast 0SSE 0 SPD Aggress Fast 0 SPD Priority Inputs 0 Drops 0 Protocol PathPkts In Chars In Pkts Out Chars Out No traffic sent or received on this interface. Brian wrote: > On Mon, 6 Dec 1999, Bilge Karabacak wrote: > > > I configured a Cisco 2621 router. The problem with this router is its > > throughput. It is ten times slower than a linux machine acting as a > > gateway with two ethernet interfaces. The properties of linux machine is > > Intel celeron 400, 64 MByte RAM. The second important point is that, > > the router gave this result with no access-lists. The last one to say is > > that,, NAT operation at this cisco 2621 degrades performance by 60% > > percent. This is ridicilous, if all cisco routers are like this one. > > May you please comment on this, after examining the configuration of the > > router? Is it normal? What
RE: RE: WIC 2T module question
I have a couple of these beauties running in a 2621, where they run quite happily in the built in WIC slots. They also run in a variety of 2600 Network Modules. They only run on a 3600 series router in a FE Network Module, as Robert stated,(sorry Brad). They DON@T work in anything like a NM2e2w or NM1e1r2w, which I have. They have the "new" smart-serial interfaces, so standard cisco 60 pin cables don't fit, and I have yet to find somewhere selling "cheap" smart-serial back to back cables for a lab environment, but the SS cables are the same price as the DB60 cables. The compatibility options for these little darlings are buried in a footnote to a table in the IOS release notes for 12.1 something, which took me about three days of searching to find. The Cisco site says they ARE supported in a 3600 , but neglects to add the kicker that you need a 1FE2W or something similar. . As a result of this, I'm using my nice shiny 2621 as a 6 port frame-switch until I can buy a second-hand FE module for the 3620. Hope this helps. Regards Pete S. --- Original Message --- "McCallum, Robert" <[EMAIL PROTECTED]> Wrote on Fri, 10 Nov 2000 08:57:58 - -- Afraid not Brad, I am sitting next to a 3620 with 2 * Wic 2t's in it. I have a 1FE2W module insert into the 3600 which allows the addition of 2 WIC cards of various flavours. -Original Message- From: Brad Ellis [mailto:[EMAIL PROTECTED]] Sent: 10 November 2000 05:57 To: [EMAIL PROTECTED] Subject: Re: WIC 2T module question Also, I believe you can NOT use a WIC-2T in a 36xx router. -Brad Ellis CCIE#5796 [EMAIL PROTECTED] "Bill Sucevic" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Actually, the WIC-1T has a DB60, and the WIC-2T has an SS (Super Serial) > connector. > > At 01:55 PM 11/9/00 -0600, Brian wrote: > >On Thu, 9 Nov 2000, Frank Wells wrote: > > > >> Do the WIC 1T and 2T modular cards for the 2600/3600 routers have db 60 > >> sync/async ports just like a 2500 series router? > > > >yes > > > >> > >> > >> - Sent using MailStart.com ( http://MailStart.Com/welcome.html ) The FREE way to access your mailbox via any web browser, anywhere! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: WIC 2T module question
Bad form, I know, to reply to your own post, but here is the link for IOS 12.1T / c3600 that lists the compatibility options for the WIC-2T http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121relnt/3600/rn3600t.htm Hope this helps someone! Regards Pete S. - Sent using MailStart.com ( http://MailStart.Com/welcome.html ) The FREE way to access your mailbox via any web browser, anywhere! _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
