RE: Please Help - CIDR - How the bits work [7:75050]
BLIMEY !!! this is getting a little heated L+G`s . i personally believe that when i got my CCNA if i had been asked to configure BGP (even Basic) on an internet connecting router for a small-medium sized company...i would have run away screaming... Ask yourselfs this there are three grade`s of Certifications at cisco Associate Profesisional Expert from a company manager`s point-of-view (no offence fred) Whom would you prefer be touching your internet facing router ... yes i am aware that to most of us they don`t mean tuppence (i.e howard/pris) but the plan truth is people NOT in the know rely on the badges >From: "Howard C. Berkowitz" >Reply-To: "Howard C. Berkowitz" >To: [EMAIL PROTECTED] >Subject: RE: Please Help - CIDR - How the bits work [7:75050] >Date: Wed, 10 Sep 2003 03:36:57 GMT > >At 11:32 PM + 9/9/03, Priscilla Oppenheimer wrote: > >Dom wrote: > >> > >> And one last point, No LAN is an island, why two IG(P) > >> protocols and no > >> EG(P) protocol? > >> > >> A NA should at least a some understanding of how to connect to > >> the > >> outside world - when to use BGP and when not to. > > > >Default routing. Wouldn't we all be better off if CCNAs would stay away >from > >BGP?? :-) > > > >Priscilla > >When fingerpointing in quite a number of external connectivity >problems, I have often found de fault is due to the lack of default. >Cisco hardly helps this by discriminating against static and default >routes in the CCIE lab. >**Please support GroupStudy by purchasing from the GroupStudy Store: >http://shop.groupstudy.com >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html _ Tired of 56k? Get a FREE BT Broadband connection http://www.msn.co.uk/specials/btbroadband Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75166&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: FW: Opinions on running Hybrid vs Native mode [7:73342]
Here is the question/answer note from Cisco: What is the difference in failover behavior or performance in the Catalyst 6500 between IOS (native) and Catalyst OS + MSFC IOS (hybrid)? Answer: The CatOS (hybrid) High Availability feature synchronizes the protocol states between the active and standby supervisor engines, allowing for supervisor failover to take place in 1~3 seconds. IOS Software (native) Enhanced High System Availability (EHSA or RPR) and Route Processor Redundancy Plus (RPR+) do not synchronize protocol state between the active and standby supervisor engines, allowing for supervisor failover to take place in 30~90 seconds. They key here is that IOS Software (native) links the Supervisor and MSFC together as a unit. Therefore, the failover is a more complex process than with simpler distributed components. The CatOS (hybrid) treats the Supervisor and MSFC separately. White Paper Comparison of the Cisco Catalyst and Cisco IOS Operating Systems for the Cisco Catalyst 6500 Series Switch -Version 2 -Original Message- From: David Vital [mailto:[EMAIL PROTECTED] Sent: Friday, August 01, 2003 10:15 AM To: [EMAIL PROTECTED] Subject: RE: FW: Opinions on running Hybrid vs Native mode [7:73342] When you say failover at 2-5 seconds...are you talking about from one Sup mod to another?..or are you talking about convergence in the network? 2-5 seconds makes me think of the sup mods and 90 seconds makes me think of spanning tree. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73351&t=73342 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
FW: Opinions on running Hybrid vs Native mode [7:73342]
> What are some of the pros/cons of switching from Hybrid to Native mode on > a 6500 w/MSFC II? We were going to go that route but I came across a tech > note that said failover would increase from 2-5 seconds to 30-90 seconds > (something like that). That is not good...are there other things to watch > out for? > Thanks, > > Stephen Neal > Lucent Technologies > Network Consultant Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73342&t=73342 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
EIGRP Load Balancing ??'s [7:71607]
Group, I have a customer that has two locations connected via 2-Full point-to-point T1's. The customer has a 1720 at each location. The customer is using EIGRP to load balance the two locations. The networks at each location show in the routing tables with the same administrative distance. Everything is fine up to this point. However, when I look at the traffic statistics for each of the T1's, the first T1 has significantly higher utilization. My research has led me to believe the reason that traffic isn't spread more evenly over the T1's is due to the way the 1720's switch the traffic. It's my understanding that by default the 1720's use per-destination load balancing in the type of scenario my customer has. Since only one network is at each location this would explain the utilization issues. The solution appears to be for the customer to implement per packet load balancing. Am I correct on my points so far ?? If I implement per packet load-balancing for the customer, is the command to do this no ip route-cache ?? If yes, on what interface do I place the command, if not what are the command or commands and how are they implemented ?? One of the warnings I've read about concerning per packet load-balancing is that low end routers like the 1720 may not be able to handle, should I be concerned about the 1720's ?? The customer has a pair of 2621's we could use in place of the 1720's. Bottomline, the customer would like to load balance the two locations via the two T1's move evenly, am I proceeding the right direction ?? If not, what recommendations would others offer. Thanks in advance. Stephen Manuel Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=71607&t=71607 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RTP Cisco User's Group Meeting - June 4 2003 [7:70061]
Folks, The Research Triangle Park (RTP) Cisco User's group will meet on June 4th from 12:00 to 1:00 PM in the first floor conference room of the Lake Building on Cisco's RTP campus. This meeting's topic will be TAC procedures and best practices. The meeting will also include a guided tour through sections of the Cisco.com website. Learn answers to questions such as -- What is the difference between a management escalation and a technical escalation? Which is the best method to use to open a TAC case? Who is "[EMAIL PROTECTED]"? We apologize for the short notice and plan to provide more notice in the future. If you're planning to attend please RSVP to so we can get a good head count. BTW, more info on RTPCiscoUsers can be found at Yahoo Group. I'm a member of the group and will answer what questions I can. Feel free to email me at [EMAIL PROTECTED] Thanks, Steve Alston Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70061&t=70061 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DS3 slow connection problem. [7:65491]
Thanks, We will speak to the Carrier today and find out what their configuration is. We have 3 other DS3 45mbps circuits on the Network connecting through another Carrier and we are NOT seeing the same problems. I'll keep you updated. Thanks Stephen s vermill wrote: > > Stephen, > > Thanks for the update. It sounds as if this circiut is not > back-to-back. Since there is a carrier involved, you might > want to think about how the service might be provisioned. For > example, the carrier may have all the transport equipment set > up to accept a "channelized" DS3 and you might be > "unchannelized." I can't remember what the Cisco default is > off hand and I don't have much time to research it for you at > the moment. Heading for the airport... > > Best of luck! > > Stephen Bailey wrote: > > > > Hello all, > > > > I am a collegue of Mark's who has been working on this fault > > over the weekend with Mark. > > > > We have done some further tests today and we are still > > experiencing errors on the line, here are some of the results > > we have seen: > > > > 1.) Each time we have changed the clocking on the line, we > have > > bounced the link either side. (We used the shut & no shut > > commands) > > > > 2.) With the 7507 set to Internal & the 7204 set to Line, we > > see that the errors build up alot slower on the 7204 end. > > However any other configuration with the clocking seems to > > generate more errors on the 7204 end. > > > > 3.) We have replaced the coax cable from the 7204 to the > > Carrier equipment, but it seems that the new cable is not > > correct, as things get worse. > > > > We are currently in the process of bringing up a 2nd link so > > that we can take this 45mbps circuit down for testing > hopefully > > today. I'll post an update when we get something back from > the > > carrier. > > > > Thanks again > > > > Stephen Baileys vermill wrote: > > > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65591&t=65491 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DS3 slow connection problem. [7:65491]
Hello all, I am a collegue of Mark's who has been working on this fault over the weekend with Mark. We have done some further tests today and we are still experiencing errors on the line, here are some of the results we have seen: 1.) Each time we have changed the clocking on the line, we have bounced the link either side. (We used the shut & no shut commands) 2.) With the 7507 set to Internal & the 7204 set to Line, we see that the errors build up alot slower on the 7204 end. However any other configuration with the clocking seems to generate more errors on the 7204 end. 3.) We have replaced the coax cable from the 7204 to the Carrier equipment, but it seems that the new cable is not correct, as things get worse. We are currently in the process of bringing up a 2nd link so that we can take this 45mbps circuit down for testing hopefully today. I'll post an update when we get something back from the carrier. Thanks again Stephen Baileys vermill wrote: Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65582&t=65491 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Catalyst 2924 XL - ip routing??? [7:63553]
A friend of mine recently purchased a Catalyst 2924 XL switch - 24 port 10/100 Ethernet switch - 1U no expansion ports. We were looking at the IOS configuration and I noticed a line that said "no ip routing." I went into the global config mode and sure enough I could enter the command "ip routing." It didn't appear to do anything, and I know this is only a layer 2 switch - so my question is - why is it an available option? Just curious, don't really need to know - hoping someone familiar with this particular switch could answer it though. Thanks! Stephen Hoover Dallas, Texas Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63553&t=63553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Layer 3 switching and VLANs - an epiphany [7:63240]
Ok, its 1:29AM CST - and I am setting here chewing on this switching study guide information about VLANs. I think I see where my confusion has come from and what the answer is now. Layer 3 switching does not require VLANs, but what is DOES require is a physical port connection on the common L3 switch for every IP network that is connected to the L2 switches. (Hosts on the same L2 switch that are configured to be in 2 different IP networks.) This is not always possible nor administratively friendly. With VLANs, you can create the equivalent of sub interfaces on a single port on the L3 switch - hence trunking. You cannot trunk multiple IP networks (without VLANs) on a single port connection the L3 switch, because you cannot create Ethernet sub-interfaces... That's where I was missing it. I think it both Vicki and Jens mentioned something about this. Of course if I am off-kilter here, someone please slap me about :) Otherwise I am confident this is where my misunderstanding really occurred. Thanks to EVERYONE who responded - you are all a great group of people to stick it out until this was beat into my thick skull!!! Stephen Hoover Dallas, Texas Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63240&t=63240 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
duplicate posts [7:63237]
I apologize for the duplicate posts. I did not realize that when I hit reply, the address [EMAIL PROTECTED] would post back to the list as well. That's what I get for being a listener and not a poster :) Stephen Hoover Dallas, Texas Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63237&t=63237 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Does MLS (Layer 3 switching) require VLANs? [7:63147]
Ken, Thanks for the input on this discussion. I follow and understand your example without any problems. Now if taking it back to the original original question - Does L3 switching require VLANs - produces this question for your example: You state 1 fiber feed for both Science and Engineering in the Labs building. I am then assuming that they are all connected to the same set of switches (Layer 2) in that building. Could you have not just simply assigned the hosts for Science to 1 IP network and the hosts for Engineering to another IP network - then created respective gateway interfaces for each network back on the common Layer 3 switch and accomplished the same thing?? If the answer is yes, I will followup with another question. If the answer is no, then please explain. Thanks!! Stephen - Original Message - From: "Ken Diliberto" To: Sent: Tuesday, February 18, 2003 12:24 AM Subject: Re: Does MLS (Layer 3 switching) require VLANs? [7:63147] > Stephen, > > You're getting there. Let me give an example of how VLANs are used > (I'd draw a picture, but it probably wouldn't look good). > > For this example, let's use two of the colleges on my university > network: Science and Engineering. > > Each has their own block of IP addresses and want their traffic > separate from the other. They also want flat addressing (no > subnetting). > > We have three buildings: Science, Engineering and Labs. Science and > Engineering both have computer labs in the Labs building. Each want > their labs on their respective IP address blocks. > > If money were no object, this would be fairly easy with vanilla > switches and a router with two ethernet interfaces. Multiple fiber > feeds and two sets of switches would be everywhere. > > With budget limitations (for this example), we only have a single fiber > feed to each location. That means each fiber feed needs to carry > traffic for both networks. To keep the traffic separate, we partition > the switch ports into two LANs: LAN 10 and LAN 20. These two LANs in > one switch are treated as unique. To do this, the switch creates > Virtual LANs or VLANs. The fiber feeds are now trunks because a header > is added to each frame to identify the VLAN it belongs to. > > So far so good? > > Why would we need a router? To talk between VLANs. > > Do routers understand trunks? Yes. > > This brings up one more concept: the Router on a Stick. > > A router on a stick is a router with a single network connection. This > single connection is configured as a trunk so the router can see all the > different VLANs. If the router finds a packet on VLAN 10 with a > destination on VLAN 20, it rewrites the headers for the destination and > puts it back on the same trunk with VLAN 20 headers. > > Remember: replace "layer 3 switch" with "router" every time you see > it. That might make more sense. > > Hope this helps. > > Ken > > >>> "Stephen Hoover" 02/17/03 06:55PM >>> > I appreciate everyone's input on this subject to help me understand > this > concept. > > As far as the newbies comment goes - I most definitely am. I'm about > as > green as they come. I have both my CCNA and my CCDA, but my only real > experience is installing 2 T1s (at different locations) and configuring > NAT > for them. I have large amount of knowledge, just no experience. It has > been > my goal and my dream to become a serious network engineer for the last > 6 > years, but I just cannot seem to get a job that offers any experience. > Everytime I get a "network" position, I just seemed to end up doing > desktop > support. > > When I first heard the term Layer 3 switching (some 4 years ago now) > the > first thing that popped into my mind was a switch that can route. I > never > even heard of a VLAN until a couple of years ago. > > The Cisco Study guide starts off talking about VLANs, and moves right > into > Inter-VLAN routing without ever really discussing Layer 3 switching as > a > seperate process. This is really where my confusion started. The book > makes > it sound like L3 switching is directly dependent on VLANs, and I just > didn't > see it - it wasn't something I was just willing to accept. > > Further more, the book states that VLANs allow for physical location > independence, but is also says that VLANs should not cross the core - > those > 2 statements seem partly contradictory to me. > > Here is a summary of how I see VLANs now. > > Layer 3 switching is possible without VLANs (however the opposite is > not > true. Well at least not without some form of Layer 3 intervention.) >
My posts on Layer 3 switching and VLAN [7:63224]
For some reason my responses are taking a REALLY long time to get to the list in relation to other people's responses, so the conversation is losing continuity. I sent an email at 8:55PM CST and I am writing this at 10:19PM CST and my 8:55 post still has not made it to the list. This is adding to the confusion. I think I had it all straight at Priscilla's posting with this history of LANs. Thanks! Stephen Hoover Dallas, Texas Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63224&t=63224 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Understanding VLANs - how they remove the phys [7:63196]
> Emilia Lambros wrote: > > > > Why can't the L3 switches be run as L2 switches (ignoring the > > routing capabilities) in that situation? If those two switches > > were connected in that case, then connected to the core, > > wouldn't that solve the problem of a gateway being 3 or 4 L3 > > switches away? > > Your default gateway can be any number of L2 switches away from you. It just > has to be in your subnet, VLAN, broadcast domain. > > Priscilla > I caused the confusion in this situation - I asked what would happen if your gateway was 3 or 4 L3 switches away. What I should have asked was what would happen if your gateway was 3 or 4 distribution layer switches away. I was referring to the L3 switches as devices instead of function. In my example I was trying to illustrate how extending a VLAN across the core created a poor path for the client on the far side. When I said that the client on the far side is a L3 switch away from it's own gateway, what I meant was that the client's network path would have to cross the L3 switch (but at the L2 level) in building B to get to it's gateway on the L3 switch in building A. In other words the host is crossing the core through the L3 switch in building, but it is crossing that L2 level. Sorry for that. > > > > > > back to switch A to get his routing to > > > the servers? > > > Why would you EVER want a network configured this way?? Or > > even > > > worse, what > > > if your respective gateway was 3 or 4 L3 switches away? > > > > Your gateway can't be any L3 switches (routers) away. It has to > > be on your > > LAN. It has to be in your subnet. It has to be in your > > broadcast domain. It > > has to be in your VLAN. For one thing, a host ARPs for its > > default gateway. > > ARP uses broadcast. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63217&t=63196 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Does MLS (Layer 3 switching) require VLANs? [7:63147]
I appreciate everyone's input on this subject to help me understand this concept. As far as the newbies comment goes - I most definitely am. I'm about as green as they come. I have both my CCNA and my CCDA, but my only real experience is installing 2 T1s (at different locations) and configuring NAT for them. I have large amount of knowledge, just no experience. It has been my goal and my dream to become a serious network engineer for the last 6 years, but I just cannot seem to get a job that offers any experience. Everytime I get a "network" position, I just seemed to end up doing desktop support. When I first heard the term Layer 3 switching (some 4 years ago now) the first thing that popped into my mind was a switch that can route. I never even heard of a VLAN until a couple of years ago. The Cisco Study guide starts off talking about VLANs, and moves right into Inter-VLAN routing without ever really discussing Layer 3 switching as a seperate process. This is really where my confusion started. The book makes it sound like L3 switching is directly dependent on VLANs, and I just didn't see it - it wasn't something I was just willing to accept. Further more, the book states that VLANs allow for physical location independence, but is also says that VLANs should not cross the core - those 2 statements seem partly contradictory to me. Here is a summary of how I see VLANs now. Layer 3 switching is possible without VLANs (however the opposite is not true. Well at least not without some form of Layer 3 intervention.) VLANs simply the administration behind Layer 3 switching design. Physical location (port location) independence is ok in front of the layer 3 switch that is the the hosts gateway. Up to the hosts distribution switch. VLANs extending beyond the distribution layer switch across the core is generally not a good idea - possible, but not recommended. This is the "flat earth" design that Priscilla mentioned - VLANs that extend across the entire internetwork. Thanks! Stephen Hoover Dallas, Texas - Original Message - From: "Priscilla Oppenheimer" To: Sent: Monday, February 17, 2003 7:04 PM Subject: Re: Does MLS (Layer 3 switching) require VLANs? [7:63147] > This might help. What does the V stand for in VLAN? Virtual. VLANs are a > method for emulating Real LANs in a switched network. The original poster > seems disillusioned with VLANs. Well, I am too. :-) You can't do much with > them that you can't do with a bunch of Real LANs connected by routers. > > Better come up with a way to emulate LAN and IP subnet benefits on a > switched networks. OK, let's invent VLANs! > > But how do the VLANs talk to each other? Oh dear, we better go back to > routers. Nah, still too slow, though it will work in a pinch. I know! We > could speed them up and call them L3 switches. > > > One last rather serious comment. This is not a comment on the newbiness of > the original poster, but I must say that I think it is common for newbies to > get confused by VLANs. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63210&t=63147 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Does MLS (Layer 3 switching) require VLANs? [7:63147]
HTH, Thank you for these comments - this clears up a lot of confusion for me. To sum, just to make sure I really have this: Layer 3 switching is possible without VLANs (however the opposite is not true. Well at least not without some form of Layer 3 intervention.) VLANs simply the administration behind Layer 3 switching design. Physical location (port location) independence is ok in front of the layer 3 switch that is the the hosts gateway. Up to the hosts distribution switch. VLANs extending beyond the distribution layer switch across the core is generally not a good idea - possible, but not recommended. This is the "flat earth" design that Priscilla mentioned - VLANs that extend across the entire internetwork. Thanks! Stephen Hoover Dallas, Texas - Original Message - From: "The Long and Winding Road" To: Sent: Monday, February 17, 2003 6:00 PM Subject: Re: Does MLS (Layer 3 switching) require VLANs? [7:63147] > I've been following this thread, and have offered a comment or two along the > way. Perhaps I should offer some thoughts here at the source. > > note that I have not read any of the exam study materials in question, so I > don't know what is or is not being stated in the courseware. I can offer > that just because it says so in the study materials doesn't mean that's the > way it is. > > comments below > > > ""Stephen Hoover"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I am studying for the CCNP Switching exam and it covers VLANs and layer 3 > > switching moderately. It states that Cisco recommends a 1 to 1 mapping of > > VLANs to subnets. It also states that VLANs can be used to break up > > broadcast domains. > > this is a reasonable, simple approach, and thus one that appeals to my > reasonably simple mind. > > > > > > When you create different subnets, you are already breaking up broadcast > > domains, so does layer 3 switching require the use of VLANs to actually do > > the switching? > > > this is where the confusion, no doubt introduced by the marketing people, > set in. > > suppose you have a router with three ethernet interfaces, and each of these > interfaces is plugged into a different hub ( no switch ) > > hosts on each of these hubs are in the same broadcast domain ( same > collision domain too, but I digress ) hosts in each of these domains cannot > reach hosts ( or servers ) in other domians, on different hubs, without > routing. > > this would be true, even if you had all hosts on the same great big hub with > 500 ports. You could have hosts on the same hub, but having different L3 ( > IP ) addresses. communication between hosts on different subnets, even if > they are on the same hub, require the intrercession of a router. > > vlans, made possible by various 802.1 specifications, are really just a way > of expressing logical broadcast domains. > > layer 3 switching is really routing. an L3 switch has the routing function > built into it, rather than using a separate piece of equipment. > > > > > > Say for instance I have 2 hosts on the same layer 3 switch, but the two > > hosts are on 2 different IP subnets (No VLANs are defined). Host A wants > to > > talk to host B. Can the switch not look up the routing info and then know > to > > switch to that port? I am not seeing where the requirement for the VLAN > > comes into play. > > despite what others have said, you can do this. it is wasteful, in that a > host plugged into an L3 port would require 4 ip addresses because you have a > subnet with two hosts ( the PC and the port, and the net number and the > broadcast address ). whereas if you have a vlan, that vlan is a virutal port > that represents the physical ports as a single subnet to the L3 ( routing ) > function. > > > > > > If VLANs are required for layer 3 switching, is that pretty much standard > > across the industry, or that a Cisco only thing? > > > forget this L3 switch versus router distinction. it is confusing, and > misrepresentational. > > think instead in terms of how traffic moves through a network. > > think instead of a vlan as a virtual logical construct that represents one > or more ports as a single broadcast domain to a router. it doesn't matter > that the router is integrated into the switch hardware with an ASIC and > code, or is an external device. > > HTH > > > > > > Thanks! > > Stephen Hoover > > Dallas, Texas Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63208&t=63147 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Understanding VLANs - how they remove the physical [7:63194]
Ok, let me see if I can simply this: A post that Jens Neelsen made says "a layer3 switch (e.g.3550-EMI) does not have layer3 interfaces. All interfaces (Fastethernet and GigabitEthernet) are layer2 interfaces. They can not have IP addresses." Further he adds "The VLANs are the (virtual) interfaces to the routing engine (=layer3 switch). Layer2 interfaces are grouped into different VLANs and the Layer3 switch (=Router) enables the communications between these VLANs. " Ok then the question is - if you have a LAN with ALL switches and NO routers - how do you define a gateway on the client? Example: 2 L2 switches. All hosts on switch 1 are in IP subnet 192.168.1.0/24 and all hosts on switch 2 are in IP subnet 192.168.2.0/24. Both L2 switches are connected to a single L3 switch with a router engine in it. Where do you define the gateways at? In order for hosts on L2 switch 1 to communicate with hosts L2 switch 2, the client has to have a gateway to forward to correct?? Stephen - Original Message - From: "Priscilla Oppenheimer" To: Sent: Monday, February 17, 2003 4:45 PM Subject: RE: Understanding VLANs - how they remove the physical [7:63173] > Stephen Hoover wrote: > > > > back to switch A to get his routing to > > the servers? > > Why would you EVER want a network configured this way?? Or even > > worse, what > > if your respective gateway was 3 or 4 L3 switches away? > > Your gateway can't be any L3 switches (routers) away. It has to be on your > LAN. It has to be in your subnet. It has to be in your broadcast domain. It > has to be in your VLAN. For one thing, a host ARPs for its default gateway. > ARP uses broadcast. > > I just noticed your comment and wanted to add my comment. Without being able > to decode your drawing, it's hard to tell exactly how to answer, but I'm > just trying to get you to think about what really happens to packets on a > campus network. The network design you're considering isn't just > impractical. It won't work, if I understand it correctly. > > Priscilla > > > > > That > > just doesn't > > seem practical to me. > > > > > > Thanks! > > Stephen Hoover > > Dallas, Texas Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63194&t=63194 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Does MLS (Layer 3 switching) require VLANs? [7:63147]
> > - > > actually it is by doing secondaries, but i would highly recommend doing > > vlans if possible. keep it clean and simple. > > > one may also configure the physical interfaces as L3 interfaces - just as > one might do on a router with several ethernet ports. Oo ok, now THAT statement leads me to believe the L3 switching IS possible without VLANs. -Stephen Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63204&t=63147 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Understanding VLANs - how they remove the physical boundaries [7:63173]
Ok, I am really struggling to understand the usefulness of VLANs here. In the Switching exam book, it states that VLANs remove the physical boundaries of the network and a user anywhere on the network can be a member of any VLAN (IP subnet). Now I do understand this concept, but consider the following scenario.. Building ABuilding B VLAN1-Switch1 Switch 1 VLAN3 || VLAN2Switch 2 Switch 2 VLAN 1 || || L3 switch A--COREL3 switch B (has router engine) (has router engine) \ / \ / \ / \ / \ / \/ Servers VLAN 4 Now lets say that VLAN1 is defined in building A, but some people in building B need to be part of VLAN1. Doesn't that make L3 Switch A the default gateway for the VLAN1 user in building B? In which case that user has to cross the core back to switch A to get his routing to the servers? Why would you EVER want a network configured this way?? Or even worse, what if your respective gateway was 3 or 4 L3 switches away? That just doesn't seem practical to me. Thanks! Stephen Hoover Dallas, Texas Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63173&t=63173 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Does MLS (Layer 3 switching) require VLANs? [7:63147]
> > Say for instance I have 2 hosts on the same layer 3 switch, but the > two > hosts are on 2 different IP subnets (No VLANs are defined). > > That's not possible! if you are talking about 2 IP subnet, than: > - > actually it is by doing secondaries, but i would highly recommend doing > vlans if possible. keep it clean and simple. > Vicki, You mention the use of secondary IP's. On a L3 switch (a switch with the router engine in it) is it not possible to define Ethernet sub interfaces instead of using secondary IPs - without VLANs defined? I'm sorry to be so thick, I'm just not getting it. If a L3 switch (with a routing module/engine in it) is essentially a wire speed router, then the VLAN just seems like an additional identifier on top of the L3 address - and doesn't really serve any purpose. In my previous example, 2 hosts on the same L3 switch, but on 2 different IP subnets - wouldn't a defined Ethernet subinterface be each clients respective gateway, and thus normal L3 routing would occur, just at switch speeds Thanks again! Stephen Hoover Dallas, Texas Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63171&t=63147 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Does MLS (Layer 3 switching) require VLANs? [7:63147]
> > so does layer 3 switching require the use of VLANs to actually do > > the switching? > > It's true the contrary case: the Vlans requires L3 to be routed, or, in > other terms, to comunicate each others. The L3 switching has no sens without > VLAN > Right, I understand that inter-VLAN routing requires L3 switching - but is the opposite also true? Does L3 switching require VLANs to be defined? If that is the case, then it would lead me to believe that L3 switching is based on VLAN info and not on the IP address, but I don't think that is correct. Thanks for the help! Stephen Hoover Dallas, Texas Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63169&t=63147 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Does MLS (Layer 3 switching) require VLANs? [7:63147]
I am studying for the CCNP Switching exam and it covers VLANs and layer 3 switching moderately. It states that Cisco recommends a 1 to 1 mapping of VLANs to subnets. It also states that VLANs can be used to break up broadcast domains. When you create different subnets, you are already breaking up broadcast domains, so does layer 3 switching require the use of VLANs to actually do the switching? Say for instance I have 2 hosts on the same layer 3 switch, but the two hosts are on 2 different IP subnets (No VLANs are defined). Host A wants to talk to host B. Can the switch not look up the routing info and then know to switch to that port? I am not seeing where the requirement for the VLAN comes into play. If VLANs are required for layer 3 switching, is that pretty much standard across the industry, or that a Cisco only thing? Thanks! Stephen Hoover Dallas, Texas Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=63147&t=63147 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Switching exam [7:57981]
I have also got my switching exam tomorrow. I have read both the sybex and cisco press study guides a couple of times each. I have also used all 3 boson tests and rented switching time from netflowtraining.com which was very good. I feel I have done enough preparation what do you people think. Thanks Steve - Original Message - From: "Peter Kingston" To: Sent: Sunday, November 24, 2002 12:02 PM Subject: Re: CCNP Switching exam [7:57981] > Know which switches are IOS based or CLI base, 5 or 6 questions in my exam > were based on knowing this. > > -- > Regards, > > Peter Kingston > Telstra BigPond Direct > Freecall 1800 066 594 > ""Siddiqi Kenan"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Friend, Romans, Countrymen (aka techies ;) ) > > I got my CCNP switching exam tomorrow. Any study tips? I don't feel to > good > > about it 'cos my preparation is over the top. Any help would be much > > appreciated. > > > > Cheers, > > > > Kenan > > > > P.S. I will post whether I passed or failed... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58003&t=57981 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 1924 Switch [7:57017]
I have posted this to the list but havent had one reply surely somone can help me Thanks Stephen - Original Message - From: "Stephen Neville" To: Sent: Wednesday, November 06, 2002 11:17 PM Subject: 1924 Switch [7:57017] > Hello Group > > Can any one help me get my switch working. Its a 1924 with 2 100tx but it > uses a null modem cable for the console port. I have never had it working > since I have had it, it has a orange status light on the front but all the > port lights are blank. When trying to log on to it comes up with the > following: > > > > Diagnostic Console - Systems Engineering > > > > Operation firmware version: 0.00Status: Invalid > > Boot firmware version: 1.08 > > > > > > > > WARNING!!! Operation Firmware is invalid. > > Upgrade firmware to enable switch operation. > > > > [U] Upgrade operation firmware (XMODEM) > > [S] System Debug Interface > > > > Enter Selection: > > > > I have down loaded cat1900A.9.00.04 file from the Cisco website and tried > uploading the image using tera terminal send file option. It then loads the > file and once finished it says upgrade it comes with the following message: > > > > Erasure completed. Waiting for new image... > > System Upgrade failed. > > > > > > > > > > > > > > Diagnostic Console - Systems Engineering > > > > Operation firmware version: 0.00Status: Invalid > > Boot firmware version: 1.08 > > > > > > > > WARNING!!! Operation Firmware is invalid. > > Upgrade firmware to enable switch operation. > > > > [U] Upgrade operation firmware (XMODEM) > > [S] System Debug Interface > > > > Enter Selection: > > > > Has any one got any ideas on how to fix this problem. I am sure I have seen > something like this posted before but at the moment I can not search through > the archives. > > > > Thanks in advance > > > > Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57381&t=57017 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Online rack Switching [7:57016]
I have posted this to the list but havent had one reply surely somone can help me Thanks Stephen - Original Message - From: "Stephen Neville" To: Sent: Wednesday, November 06, 2002 11:14 PM Subject: Online rack Switching [7:57016] > Hi Group > > I am going to sit the new switching exam in a couple of weeks, i am looking > for an online rack to rent aimed at the switching exam to practice a bit more > on. I have had a look at a few web sites but was wondering if any one on the > list can point me in the direction of a good rack to rent. > > Thanks > > Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57382&t=57016 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
1924 Switch [7:57017]
Hello Group Can any one help me get my switch working. Its a 1924 with 2 100tx but it uses a null modem cable for the console port. I have never had it working since I have had it, it has a orange status light on the front but all the port lights are blank. When trying to log on to it comes up with the following: Diagnostic Console - Systems Engineering Operation firmware version: 0.00Status: Invalid Boot firmware version: 1.08 WARNING!!! Operation Firmware is invalid. Upgrade firmware to enable switch operation. [U] Upgrade operation firmware (XMODEM) [S] System Debug Interface Enter Selection: I have down loaded cat1900A.9.00.04 file from the Cisco website and tried uploading the image using tera terminal send file option. It then loads the file and once finished it says upgrade it comes with the following message: Erasure completed. Waiting for new image... System Upgrade failed. Diagnostic Console - Systems Engineering Operation firmware version: 0.00Status: Invalid Boot firmware version: 1.08 WARNING!!! Operation Firmware is invalid. Upgrade firmware to enable switch operation. [U] Upgrade operation firmware (XMODEM) [S] System Debug Interface Enter Selection: Has any one got any ideas on how to fix this problem. I am sure I have seen something like this posted before but at the moment I can not search through the archives. Thanks in advance Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57017&t=57017 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Online rack Switching [7:57016]
Hi Group I am going to sit the new switching exam in a couple of weeks, i am looking for an online rack to rent aimed at the switching exam to practice a bit more on. I have had a look at a few web sites but was wondering if any one on the list can point me in the direction of a good rack to rent. Thanks Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57016&t=57016 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
VoIP QoS [7:55597]
Group, Hoping that someone can help me out with a VoIP QoS issue that I am currently dealing with. I work for a service provider, and I am currently troubleshooting a VoIP over frame relay quality complaint. My end user has a 768K host with four 256K drops dedicated solely to VoIP traffic. My customer states that he experiences intermittent jitter on his calls, but they follow no real pattern. We have had his vendor place test calls, and sometimes 7 simultaneous calls can go through fine while 3 simultaneous calls will experience poor call quality and excessive jitter. The end user's vendor is of no real help with this issue stating that his configurations are fine and the trouble must be with the WAN link. I have verified that the entire network is clean, no T1 performance monitor errors , no input errors on the customer's serial interfaces, and no input errors to my frame switch. No apparent utilization issues, the host averaged 50% port utilization during a 24 hour sniff. We have also verified the drops are not receiving any FECNs or BECNs. I have a copy of the customer's router configurations and his map-class statements appear to be correct as well. His CIR and MINCIR are set to match the frame relay PVC CIR in my network (which I believe means that he has configured the statements to prevent any bursting, please correct me if I am wrong). On to my question. The only discrepancy I find with this customer's configuration is his queuing. On all four of his drop routers he has configured WFQ, on his host he has no queuing specified. Could this be the cause of all of his problems? Would WFQ be the most desirable method? What I have read in the past led me to believe that a fragment statement in the map-class was the most desirable because it activated the dual-FIFO feature on the physical interface. I do not have a great deal of experience with VoIP so all I have to go on right now are theories. Any direction is greatly appreciated. Thanks, Steve Lamb CCDA, CCNA Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=55597&t=55597 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: e-mail server for Mac OS [7:54586]
I personally think upgrading to MAC OS X would most definitely offer more choices. I use a combination of Postfix and Qpopper (on FreeBSD) both of which I know will run on MAC OS X. Communicate PRO is supposed to be an EXCELLENT commercial email server with SMTP/POP/IMAP capabilities all built in. I have not used it myself, but it comes highly recommended on my lists. There is an online demo on Stalker's website. http://www.stalker.com/CommuniGatePro/ If you want to go all open source I would use Postfix - as of yet it doesn't have all the bells and whistles of Sendmail and Qmail, but it is ROCK SOLID, and has had no significant security problems. Postfix supports virtual domains, virtual users (non system account users) in LDAP and MySQL. It has various built in anti UCE controls as well. It is also consistently shown to be one of the fastest MTA's out there. Here is a good article on MAC OS X and Postfix.. http://www.stepwise.com/Articles/Workbench/eart.index.html Hope this helps, Stephen Hoover Dallas, Texas - Original Message - From: "Priscilla Oppenheimer" To: Sent: Monday, September 30, 2002 6:52 PM Subject: e-mail server for Mac OS [7:54586] > OK, no laughing or flaming, but I have a customer that is all Mac-based. > They are planning to upgrade their e-mail server. Does anyone have any > suggestions for a good e-mail server that will meet these requirements: > > Must support SMTP and POP, obviously. No need for IMAP. > Should support about 200 users who check e-mail quite often. > E-mail is mission critical (seriously) and the server must be stable. > Must support virtual domains. The customer does e-mail for other customers. > Should have some anti-spam measures and methods for avoiding being > blacklisted as a relay server. > > Currently the customer uses Mac OS 9 and is looking at Eudora Internet Mail > Server (EIMS) and WebStar's e-mail plugin for their Web server. Anyone have > experience with those? > > The customer is open to the idea of upgrading to Mac OS X. Then there are > many more options because Mac OS X is UNIX. > > Would sendmail work?? It may be too complex for this particular customer?? > > Apple also has a product called Mac OS X Server, which has an e-mail server. > Anyone have experience with that? > > I'm open to all ideas. Think outside the box! ;-) > > Thank-you very much. > > ___ > > Priscilla Oppenheimer > www.troubleshootingnetworks.com > www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54602&t=54586 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 9/11 [7:53084]
Before this all gets too out of hand can we just drop this thread. Steve - Original Message - From: Creighton Bill-BCREIGH1 To: [EMAIL PROTECTED] Sent: Wednesday, September 11, 2002 11:29 AM Subject: RE: 9/11 [7:53084] Sell it to the U.N. Make NO mistake who the target of that attack was - the loss of anyone to terror is tragic, but the citizens of foreign countries that were lost were unfortunate collateral damage in the eyes of the soul-less dogs that will die 1000 deaths. Don't confuse today's remembrance with Memorial Day or Veterans' Day. Bill Creighton CCNP -Original Message- From: Lyle Tollefsen [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 11, 2002 10:01 AM To: [EMAIL PROTECTED] Subject: Re: 9/11 [7:53084] Sorry Dave, but as I understand it, citizens from some 70 countries died as a result of the attacks. I'm sure you don't really have as black-and-white a perspective on this issue as your post would suggest. Sujal comment is quite appropriate. Lyle Tollefsen - Original Message - From: "David Armstrong" To: Sent: Wednesday, September 11, 2002 7:34 AM Subject: Re: 9/11 [7:53084] > Sujal, > > No. Today is about remembering the innocent American lives that were lost at > the hands of ruthless terrorists. Those terrorists also thought they were > dying for their country. We will not in any way honor them. > > > ""Sujal G. Ajmera"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Sure. And also for all people who have given their lives for their > > respective countries. > > > > Amen > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > Jake > > Sent: Wednesday, September 11, 2002 5:17 PM > > To: [EMAIL PROTECTED] > > Subject: 9/11 [7:53084] > > > > > > Lets take a moment to remember are fallen heros, all who have parished, > and > > the families they left behind. > > > > Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=53108&t=53084 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 802.11a [7:47594]
Dennis, The 802.11a standard operates in a different part of the broadcast spectrum, 5ghz versus 2.4ghz in the 802.11b standard. It also operates with a high throughput, some vendors are touting a 72mb "turbo rate"versus 11mb for 802.11b. The issus is that the 802.11a and 802.11b standards are not compatible with each other, meaning if you have an AP or wireless card you can't use it to access or accessed with equipment from the other standard. I've seen some vendors announcing equipment that supports both standards but so far this isn't the norm. The IEEE 802.11 committee is supposedly working on a 802.11g standard that makes the A and B standards compatible. Recently when I purchased my Linksys AP and Orinoco Gold cards, I almost went with the A standard simply because of the added speed, but I realized the B standard was installed in far more places. For instance, alot of coffee shops, airports and other businesses are installed AP's as added service, if you plan on using one of these public AP's more than likely it will be of the 802.11b standard. Bottomline, I decided to wait for a more compatible standard before moving away from the 802.11b standard. HTH, Stephen Manuel - Original Message - From: "Dennis Laganiere" To: Sent: Thursday, June 27, 2002 5:16 PM Subject: 802.11a [7:47594] > I've been reading about the new, faster wireless solutions. Is anybody's > 802.11a technology ready-for-prime time? I'm ordering a Aironet 1200 access > point to play with, and it should be capable (with the right antenna), but I > understand Cisco's product is not out yet... Anybody know anything about > the new "a" standard? > > Thanks... > > --- Dennis Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=47602&t=47594 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Rogue Wireless LANs [7:47287]
Tom, I'm not speaking jest, I have used netstumbler to find wireless networks that are wide open, some are in major companies. However, I turn off my client manager before I go wardriving, that way I don't accidentially connect to someone's network without authorization. I can't see how this is considered hacking. When I initially approached the 3 companies I mentioned earlier, I had a developed a 3-page document on the ease of implementation of wireless networks and the inherit security risks associated with wireless networks. I didn't mention to any of the 3 that I had already detected their networks and how wide open they really were. I am toying with the idea of sending specific information to them about their wireless networks, like the MAC address of the AP, the SSID, the network name, the exact location on a map of the AP, the manufacturer of the AP, if WEP is turned on, plus if I really want to get serious I could tell them if the AP is issuing IP addresses via DHCP and their network settings if it is. The question I have is, would the company be happy to know that they have security holes and were alerted to it, would they threaten me by calling law enforcement, or would they ignore me as a nut or go and fix the problem without hiring me to do it for them. I was simply amazed at the shear number of AP's out there and how many were in businesses wide open. Stephen Manuel - Original Message - From: "Thomas E. Lawrence" To: Sent: Tuesday, June 25, 2002 2:09 PM Subject: Re: Rogue Wireless LANs [7:47287] > I realize you are speaking in jest, but for those who might consider this > approach as a means of drumming up business, you may want to give some > thought. > > Connecting to a network to which you have no reason nor any right to connect > can be considered hacking, and you could be subject to prosecution, > ironically by an organization that is asking for trouble anyway.Just because > I don't have locks on my doors does not mean it's ok for you to walk into my > home any time you please. > > Please be careful how you approach a company when you have discovered by > accident a particularly egregious vulnerability. > > Tom > > > ""Dan Penn"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > You have given me an idea. All I need is a laptop now =) I would go > > war driving in the area to specifically find businesses running > > unsecured wireless. I bet I would find some businesses that didn't even > > know they were running wireless such as this thread started out. > > > > Dan > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > > Stephen Manuel > > Sent: Tuesday, June 25, 2002 10:02 AM > > To: [EMAIL PROTECTED] > > Subject: Re: Rogue Wireless LANs [7:47287] > > > > Neil and others, > > > > Recently I installed in my home a linksys wireless router/switch/ap, it > > works great, yes I have wep enabled. > > > > After installing the equipment, I became really interested in wireless > > networking, reading some books, looking for a certification track, > > scouring > > websites, etc... > > > > I downloaded netstumbler and acquired all the necessary equipment to do > > some > > serious wardriving. I've logged over 300 AP's, mapped them using > > Stumverter > > and MS Mappoint 2002, it gets down to what side of the street the AP was > > on, > > just to add a little spice to the situation, I've got netstumbler to > > play a > > .wav file when it finds an AP. > > > > Amazingly, 75% of the AP's I've found don't have web enabled. A rather > > large > > number of the AP's use the company name as the SSID or use the vendor > > default SSID, ie. tsunami for Cisco. > > > > I'm convinced this whole area of wireless networking is wide open to be > > farmed for business. I've been trying formulate a business plan to > > approach > > businesses to help them install a wireless infrastructure properly and > > setup > > security measures for those companies already in the wireless business > > without implementing security. > > > > What my research has shown me so far is that without upper managements > > support for strict policies with regards to the installation of AP's the > > company is playing a game of russian roulette because the current > > Wireless > > Implementation is FULL of security holes. > > > > Depending on how much security you want to implement here's what I would > > recommend. > >
Re: Rogue Wireless LANs [7:47287]
Neil and others, Recently I installed in my home a linksys wireless router/switch/ap, it works great, yes I have wep enabled. After installing the equipment, I became really interested in wireless networking, reading some books, looking for a certification track, scouring websites, etc... I downloaded netstumbler and acquired all the necessary equipment to do some serious wardriving. I've logged over 300 AP's, mapped them using Stumverter and MS Mappoint 2002, it gets down to what side of the street the AP was on, just to add a little spice to the situation, I've got netstumbler to play a .wav file when it finds an AP. Amazingly, 75% of the AP's I've found don't have web enabled. A rather large number of the AP's use the company name as the SSID or use the vendor default SSID, ie. tsunami for Cisco. I'm convinced this whole area of wireless networking is wide open to be farmed for business. I've been trying formulate a business plan to approach businesses to help them install a wireless infrastructure properly and setup security measures for those companies already in the wireless business without implementing security. What my research has shown me so far is that without upper managements support for strict policies with regards to the installation of AP's the company is playing a game of russian roulette because the current Wireless Implementation is FULL of security holes. Depending on how much security you want to implement here's what I would recommend. Enable WEP - however airsnort a linux utility can crack wep in a relatively short time Disable the SSID Broadcast - most AP's have this option, this will prevent netstumbler from picking up the presence of the AP which makes it a little more difficult to associate with the AP. Kismet is a linux utility that will still detect the presence of the AP by passively sniffing for the wireless packets. MAC Filtering - enable it but most AP and Wireless cards allow you to spoof the MAC address, meaning a wireless sniffer like ethereal can sniff out a few MAC addresses and a hacker can use one to gain access. Place the AP outside of the firewall Create VPN access for those wireless clients needing access to internal servers. I'm sure others have done work in this area and can add to the discussion. BTW, interesting enough the first 3 companies I approached about the unsecure AP's, 1 denies having wireless networking installed, 2 ignored me. HTH, Stephen Manuel - Original Message - From: "Neil Borne" To: Sent: Tuesday, June 25, 2002 8:52 AM Subject: Re: Rogue Wireless LANs [7:47287] > The problem that I am coming accross is that some of my customers take the > wireless gear outta the box and plug it in and when they figure that work > with factory defaults they leave it alonethen all of a sudden someone > pulls up in the front yard and starts snooping around. > > One thing you can do is WEP and depending on the vendor try some filtering > by mac, ssid, or protocol... > > > You will have do some serious lockdown measures when its a internal user as > opposed to outside users... > > > But like the last email stated if things get bad use netstumbler but be > careful from the last I heard it works with only some wireless cards... > > > >From: "Patrick Donlon" > >Reply-To: "Patrick Donlon" > >To: [EMAIL PROTECTED] > >Subject: Rogue Wireless LANs [7:47287] > >Date: Mon, 24 Jun 2002 11:48:48 -0400 > > > >I've just found a wireless LAN set up by someone in the building, I found > >it > >by chance when I was checking something with a colleague from another dept. > >The WLAN has zero security which is not a surprise and lets the user into > >the main LAN in the site with a DHCP address served up too! Does anyone > >have > >any tips on preventing users and dept's who don't think about security from > >plugging whatever they like into the network, > > > >Cheers > > > >Pat > > > > > > > >-- > > > >email me on : [EMAIL PROTECTED] > _ > Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=47387&t=47287 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: What do you use to backup your configs? [7:46229]
CW2000 what a joy this is ... it does it automatically to your /var/adm/CSCOpx/files/archive directory. ofcourse you need to be managing these devices cheers steve - Original Message - From: "Craig Columbus" To: Sent: Monday, June 10, 2002 11:04 PM Subject: Poll: What do you use to backup your configs? [7:46229] > Out of curiosity, what do you use to schedule automated backups of your > router / switch configs? Commercial application? Homegrown > application? Trained monkey? > How often are the configs backed up? How do you implement version control? > > I was talking with a guy the other day who maintains a fairly large > corporate network (about 300 routers), and they don't backup the configs at > all. They record the config when it's deployed and trust employees to > update the records if they make a change. This got me wondering what > others were doing. > > Craig Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46335&t=46229 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: BGP addressing..i think i understand but i am not sure [7:45353]
chaps,, many thanks for everyone`s input... it has been extremly insightful./. in answer to howards question the problem i ma tying to solve is this... i wish to effectly (as much as i can )...load balance whilst keeping my redundency to a full ... i want to take the most advantage of my E3`s coming into my UK pop... i had not even considered multi-homing to the same ISP (via different POP`s).. any comments as to the best way to achive thisi I am getting lots of VFM ( Value For Money) request from the directors and i wont to know i am doing as much as is possible to give them that... again many thanks steve - Original Message - From: "dre" To: Sent: Tuesday, May 28, 2002 7:52 PM Subject: Re: BGP addressing..i think i understand but i am not sure [7:45278] > ""Peter van Oene"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I'm not sure where to point you. All I can tell you is that it is > > commonplace and likely will continue to be so. I'm currently not aware of > > any routing issues that this behavior would induce. > ""Howard C. Berkowitz"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I'm not sure I could point you to anything more specific than the > > IDR, NANOG, and RIPE routing group archives. I hadn't noticed this > > desire of the RSNG; the impression I have was the inconsistent routes > > to be reported were those who were NOT registered in the IRR. Such > > unregistered routes are far more likely to be due to error. > > > > RFC 1930, while a wonderful document certainly worth reading by any > > CCIE candidate, is informational rather than standards-track. > > Ahem. > http://www.nanog.org/mtg-0110/lixia.html > > I know of many instances where this has been used to hijack traffic. > It's not just a rumor, this is real. AS3847 used to participate in such > overbearing rediculous practices (for fun and profit). > > Announcing inconsistent routes can also have many operational benefits. > Most of the "why" is included in the NANOG presentation, but not > necesarily the "how". > > -dre Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=45353&t=45353 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Native Vlan [7:45146]
Hi all Can someone tell me what is the purpose of the native vlan in Csico Switch? What is the feature & main usage on that? I am wondering if it is a proprietary feature, it will only work through Cisco Switches only? Thanks. Cheers Stephen Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=45146&t=45146 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP addressing..i think i iunderstadn but i am not sure [7:45127]
Chaps.. can i try to explain something about BGP addressing and you chaps point out were i am or am not going wrong ??.. EG.. i have two bgp routers going to the net ... i am multihomed to 2 service providers...(and accepting FULL routes) i have been issued 2 "sets" of ip address to my service providers.. i am using Private AS`s (internally) ok .. outgoing traffic... i take it ...as i have full routes then outgoing traffic has no issue`s as to how to get anywhere...(i am using gateway of last resort and a DMZ for all my internal stuff) incoming traffic ...routes i advertise out to the net... if i am multihomed... i have two different ip address`s advertising a route to my network ..this would cause no problems as there are simply 2 routes on the net to get to me.. my service providers will use the same private AS number to get to mee ( will it matter if they give me two different private as ...as i want to load balance...).. How would load balancing work.(inbound..)(outbound i understand)... ...the BGP routers are in the same location so it makes no difference localy.. i get the rest it is just this i am bit shakey on...i dont really understand how to different SP can give me load balcning...prehpsa it cant... many thanks steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=45127&t=45127 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
GROUPstudy.com......with the Emphasis on GROUP [7:44969]
you know ,,, i amreally starting to get fed-up with the "lets bash howard" brigade... i have and will continue to put your teaching`s (howard) into practise... this IS A COMMUNITY of professionals who HELP eachother i have been in recept of many tips form a great many CCIE/CCNA/CCNP`s i will happily take any help form anyone regardless of the Cert.i have myself helped a CCIE and i am only a CCNP... this help was provided because as per most of us we dont work in enviroments were we have access to every piece of equipment there is on the planet.. so i help him . i have also been helped by a CCNA is he any less a human bieng.NO let us remeber why we signed up ...to HELP SHARE and LEARN... Pleasent Weekend study.,.. steve - Original Message - From: "Howard C. Berkowitz" To: Sent: Wednesday, May 22, 2002 2:49 PM Subject: Re: Logic and Lab Rats [7:44714] > I'm not saying to close the thread or not, although I think the > moderators (I am one) are starting to block messages that come across > as personal attacks. > > What I see is the fundamental misperception in this thread is an > assumption there is a binary choice between experience and new > training. I freely admit there are experienced people that have had 1 > year of experience 20 times. But other experienced people have BOTH > the experience and the in-depth protocol knowledge, which puts them > in a position to learn even faster -- if they want to. > > Earlier in the thread, someone said "would you put something in > production without lab testing?" As with everything else in > networking, "it depends." A large ISP, for example, will test a new > IOS release in a lab, but they can't possibly have a lab that will > let them see the effects of the change on tens of thousands of > routers. This is true of router manufacturers as well. > > For very large networks, it may be possible to use true (i.e., Monte > Carlo) simulation or mathematical analysis. But experience does have > a major role in Internet backbone engineering. Let me simply say > that backbone engineering is at a level far more specialized and > complex than the CCIE level, and there haven't been formalized ways > to learn it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44969&t=44969 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NBMA SVC problem [7:44529]
Hi all In the book of Cisco Routing TCP/IP Voulme 1, it mentions that the OSPF point-to-multipoint network type treats the underlying network as a collection of point-to-point links rather than a multi-access network, and OSPF packets are multicast to the neighbors. This situation can be problematic for networks whose connections are dynamic, such as frame relay SVCs or ATM SVCs. But it has not mentioned what is the problematic situation. Does anyone know that? I think that it should not be problematic because InverseARP can cater for the mapping of the DLCI to the remote IP address even the underlying network built on SVCs. Is that right? Thanks. Cheers Stephen Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44529&t=44529 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NAT & Access List question [7:44357]
All, I need to setup my first real NAT statement (as opposed to just a PAT statement) and I need some help with the Access List config. I have a T1 with 6 public IP's, with all my users nat'ing through the last 2 IP's with an ip nat pool/source list statement. The list basically blocks outgoing kazaa, netbios, and morpheus. I have my email server pat'd to another IP higher in the list and the problem I am running in to is that the mail server uses the same IP's in the nat pool statement when it sends mail out - which is causing me reverse lookup headaches. So I want to do a true nat statement for the mail server so it's sending and receiving IP's are the same and I can get a reverse lookup setup for it. If I understand IP/TCP/UDP correctly, the client establishes a connection to the service port on the remote computer and the remote computer in turn establishes a connection to some random port > 1024 on the client. Is that correct? So the issue for now becomes, how to restrict access to the mail server for just 22, (for remote management) 25, 110, and 6169 (a webmail server) and still allow the returning nat connections to the clients? This is what I picture so far. access-list 101 permit tcp any (external ip) eq 22 access-list 101 permit tcp any (external ip) eq 25 access-list 101 permit tcp any (external ip) eq 110 access-list 101 permit tcp any (external ip) eq 6169 access-list 101 deny tcp any any lt 1024 access-list 101 deny udp any any lt 1024 then I start to get a bit hazy as to the returning nat connections for the clients..perhaps access-list 101 permit tcp/upd any any range 1025-65535? I'm assuming also that this will be applied in on the Serial interface. Any help greatly appreciated!!! Stephen Hoover Dallas, Texas Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44357&t=44357 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #2078 (Vacation) [7:44352]
I will be on vacation from 5-7-02 to 5-22-02. Any matter regarding network management please forward to Bob Taylor @ 213-979-0032. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44352&t=44352 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #2077 (Vacation) [7:44280]
I will be on vacation from 5-7-02 to 5-22-02. Any matter regarding network management please forward to Bob Taylor @ 213-979-0032. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44280&t=44280 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #2076 (Vacation) [7:44238]
I will be on vacation from 5-7-02 to 5-22-02. Any matter regarding network management please forward to Bob Taylor @ 213-979-0032. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44238&t=44238 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #2075 (Vacation) [7:44211]
I will be on vacation from 5-7-02 to 5-22-02. Any matter regarding network management please forward to Bob Taylor @ 213-979-0032. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44211&t=44211 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE- I WILL BE [7:43969]
OK..lets get it all OUT come on ...deep breath`s... check this... not only are they cranky ...but some stupid old manager had decieded to give various groups our passwords and have locked out there own switch es ...wont tell us the passwords...which are located in secure rooms for which we CANT GET ACCESS !! BREATH.In.OUT. (by the way i AM JOKING and mean no offence ) CU steve - Original Message - From: "Chuck" To: Sent: Tuesday, May 14, 2002 3:28 AM Subject: Re: CCIE- I WILL BE [7:43969] > my favorite story was the company whose network went down every morning for > a few minutes just about the time the work force was sitting down, turning > on their PC's, and getting ready for the day. Now the obvious conclusion is > "it's just busy that time of day" Except that it didn't necessarily happen > every day. > > To make a long story short, a couple of power users had decided they needed > more data jacks in their area, had purchased some switch or other at one of > the chain stores, and dual homed it into the LAN infrastructure. Being > conservation conscious folks, they powered down all their equipment when > they went home for the day, and turned it on every morning when they came > in. > > the result was a campus wide spanning tree recalculation every time they > brought their switch on line. > > I forget how the customer told me this was discovered. > > > ""Priscilla Oppenheimer"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > And add to that cranky users who are entirely dependent on the network but > > won't tell you the whole story when reporting problems. ;-) > > > > Priscilla > > > > At 09:52 PM 5/12/02, Michael L. Williams wrote: > > >"Larry Letterman" wrote in message > > >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > > A 40 router lab is nice, but its not the same as troubleshooting a > > > > production network with 20,000 + users at multiple sites. > > > > > >Here here and to add to that. "... a production network with > > >20,000+ users at multiple sites..." running a variety of multiprotocol, > > >quirky, sometimes custom-written (read: homemade) applications that are > > >trying to do whatever on the network coupled with devices from > whatever > > >manufacturers that don't play nice ("oh, you need this device in it's own > > >VLAN because broadcast traffic makes it crash"), etc, etc > > > > > >Mike W. > > > > > > Priscilla Oppenheimer > > http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44205&t=43969 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #2073 (Vacation) [7:44147]
I will be on vacation from 5-7-02 to 5-22-02. Any matter regarding network management please forward to Bob Taylor @ 213-979-0032. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44147&t=44147 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #2074 (Vacation) [7:44172]
I will be on vacation from 5-7-02 to 5-22-02. Any matter regarding network management please forward to Bob Taylor @ 213-979-0032. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44172&t=44172 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #2072 (Vacation) [7:44076]
I will be on vacation from 5-7-02 to 5-22-02. Any matter regarding network management please forward to Bob Taylor @ 213-979-0032. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44076&t=44076 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #2071 (Vacation) [7:43984]
I will be on vacation from 5-7-02 to 5-22-02. Any matter regarding network management please forward to Bob Taylor @ 213-979-0032. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43984&t=43984 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #2070 (Vacation) [7:43931]
I will be on vacation from 5-7-02 to 5-22-02. Any matter regarding network management please forward to Bob Taylor @ 213-979-0032. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43931&t=43931 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #2069 (Vacation) [7:43886]
I will be on vacation from 5-7-02 to 5-22-02. Any matter regarding network management please forward to Bob Taylor @ 213-979-0032. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43886&t=43886 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #2068 (Vacation) [7:43860]
I will be on vacation from 5-7-02 to 5-22-02. Any matter regarding network management please forward to Bob Taylor @ 213-979-0032. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43860&t=43860 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #2067 (Vacation) [7:43791]
I will be on vacation from 5-7-02 to 5-22-02. Any matter regarding network management please forward to Bob Taylor @ 213-979-0032. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43791&t=43791 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #2062 (Vacation) [7:43524]
I will be on vacation from 5-7-02 to 5-22-02. Any matter regarding network management please forward to Bob Taylor @ 213-979-0032. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43524&t=43524 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certification Digest V2 #2061 (Vacation) [7:43462]
I will be on vacation from 5-7-02 to 5-22-02. Any matter regarding network management please forward to Bob Taylor @ 213-979-0032. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43462&t=43462 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Teltone TLS-4...Can it Simulate ISDN BRI of just POTS [7:42660]
Guess that sums up my question. Think I remember a reference a while back in one post that it was able to do ISDN BRI. Thanks Stephen Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=42660&t=42660 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: TAC [7:42141]
Group, Sorry to be a little late to the topic, but I've not kept up lately :-) About 1 year ago I left a company that provided a TAC for Cisco, I don't know if alot of people know it or not, but Cisco outsources alot of the TAC support. When I worked at the TAC we were rated on two things, the number of cases closed and our Bingo Score. The Bingo score is you average rating from the surveys each of you have gotten when a case is closed. They're were small monetary rewards for having the highest number of closed cases accompanied by the number of High 5 Bingo scores you had received. BTW, a HIGH 5 Bingo is when a customer gave you all 5's on the survey. What happens alot is the lesser quality engineers who have been lazy all month, all of a sudden get serious at the end of the month realizing they don't have the cases closed numbers and start taking and immediately closing the cases, only to have them reopened later by another engineer, eventually this catches up to the person but it went on alot more frequently that it should have. Another thing that happens for instance, the team I worked on initially supported the 1600-3600 Routers for ISDN, Frame-Relay, NAT, Access-lists, and other general purpose IOS issues. In the span of a week, management said you will start getting 700 router cases, my team got about 1 hour's worth of training and then were charged with solving 700 cases, of course the 700 router is a completely different IOS which took a little while to get use to. I suspect that's what happened, a team was given a new techonology to support, received little training and then were asked to start solving cases and maintain the same Bingo Scores, etc The reason I left the TAC I worked for was monetary, the pay was low, but the experience was invaluable. Hope this helps. Stephen Manuel -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Steven A. Ridder Sent: Sunday, April 21, 2002 9:10 PM To: [EMAIL PROTECTED] Subject: Re: TAC [7:42141] What I meant was in the past, I have opened up cases for customers on a weekday, then come a weekend, the TAC engineer is gone until the next Mon. I was just curious if this was the norm. ""Chuck"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I would presume that if you have a 7x24 onsite contract, you could expect > engineering support on a weekend. > > Do you mean someone looking at configurations, checking for bugs, replacing > failed hardware, what specifically? > > > > > ""Steven A. Ridder"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Has anyone ever had TAC work on a weekend? How can I get an engineer on a > > weekend if I ever needed one? > > > > -- > > > > RFC 1149 Compliant. > > Get in my head: > > http://sar.dynu.com > > > > > > ""Craig Columbus"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > In my experience, either side can close the case. > > > > > > I've had TAC close cases that were not even close to being resolved. I > > > assume that there's some type of reward structure for closing cases > > quickly. > > > > > > On another topic, has anyone had the experience that TAC is perhaps > > > slipping a bit when it comes to the quality of the first line engineers? > > I > > > don't remember having any problems with TAC until about the time Cisco's > > > stock price started seriously dropping. Since that time, I've had > several > > > occurrences where I've had extremely rude and/or incompetent people > > > initially handle my TAC cases. In each instance, I've had to get rude > > back > > > and insist that they drop the case and transfer me to their > > > supervisor. Once transferred, I got the superior TAC support that I'm > > used > > > to. I spoke with a colleague about this, and he told me that he's had > > > exactly the same experience. What's been your experience? Has this > > > happened with increasing frequency to any of you? > > > > > > Craig > > > > > > > > > > > > At 10:28 AM 4/21/2002 -0400, you wrote: > > > >You have worked with TAC on a case. The problem is resolved. > > > > > > > >Who will close the case? The TAC engineer or the customer > > > > > > > >Thanks, > > > > > > > >Pierre-Alex Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=42423&t=42141 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
ISDN Simulator [7:41896]
Ok, I give up. I am tired of being unable to simulate ISDN on my rack. Been having to go over to the school to do labs and that is hit or miss on a person with keys. I would love to buy an Adtran Atlas 550 as configured by Cisco for the Academies, who wouldn't. But the money tree just can't grow it that fast and even thirteen bills (SlimLine 2) is a bit steep for the ol wallet. What is the "shoe string" option or is there? Stephen Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=41896&t=41896 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
1600 pppoe [7:41687]
Question, I have a 1600 and have it almost working with sympatico. Problem is, some sites are accessable and others are not. The news server times out. Spoke to a neighbor using a linksys router and he has no problem. Any suggestions. config included. This was a config from a buddies 2621. Thanks Steve ! version 12.2 no parser cache no service single-slot-reload-enable service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname 1600a ! logging rate-limit console 10 except errors enable secret enable password ! ip subnet-zero ! ip cef no ip dhcp-client network-discovery vpdn enable ! vpdn-group 1 request-dialin protocol pppoe ! vpdn-group pppoe ! ! ! ! interface Ethernet0 no ip address pppoe enable pppoe-client dial-pool-number 1 no cdp enable ! interface Ethernet1 ip address 10.1.1.1 255.255.255.0 ip nat inside no cdp enable hold-queue 32 in ! interface Dialer1 ip address negotiated ip mtu 1492 ip nat outside encapsulation ppp dialer pool 1 dialer vpdn dialer-group 1 ppp authentication pap callin ppp pap sent-username password ! ip nat inside source list 100 interface Dialer1 overload ip nat inside source static tcp 10.0.0.2 8080 interface Dialer1 8080 ip nat inside source static tcp 10.0.0.4 113 interface Dialer1 113 ip nat inside source static tcp 10.0.0.2 21 interface Dialer1 21 ip nat inside source static tcp 10.0.0.2 20 interface Dialer1 20 ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 no ip http server ! access-list 100 permit ip 10.0.0.0 0.0.0.255 any dialer-list 1 protocol ip permit dialer-list 1 protocol ipx permit ! ! snmp-server community 001001 RO 4 ! line con 0 exec-timeout 120 0 stopbits 1 line vty 0 4 exec-timeout 0 0 password moler1 login ! scheduler max-task-time 5000 ntp clock-period 17168797 ntp source Dialer1 end Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=41687&t=41687 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IPX EIGRP Metrics [7:41585]
Is there any way to alter the metrics of IPX EIGRP other than changing the bandwidth on an interface? Specifically, I want to route IPX traffic over a 40Mbs link instead of a 100Mbs temporarily, and I don't want to alter the bandwidth on the interface as it will affect the IP routing. Thank you in advance. Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=41585&t=41585 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: PAT port range on a Cisco 1604? [7:41001]
Well I was looking for a way to specify a port range in a nat statement. For example: standart nat/pat statement. ip nat inside source static tcp 10.0.0.1 21 208.192.100.100 21 I need something like this: ip nat inside source static tcp 10.0.0.1 64300-64400 208.192.100.100 64300-64400 What I am trying to do is open up a PASV FTP data port range for use on a FTP server with non standard ports. As long as I have the server on 20/21 PASV and PORT seem to work fine, but when I move the ports to something non standard, I cannot connect on the PASV command without having the ports specified and nat'd. I tried using cisco's ip nat service command as referenced: http://www.cisco.com/warp/public/556/6.html but apparently I am a gump and can't make it work :) Stephen -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Georg Pauwen Sent: Wednesday, April 10, 2002 4:14 AM To: [EMAIL PROTECTED] Subject: RE: PAT port range on a Cisco 1604? [7:41001] Hi Stephen, are you looking for a command to limit the ports used by PAT ? AFAIK, this is not possible through the 'overload' command. If you know exactly which ports your hosts use, you could set up an extended access list specifying the ports that you want to allow. Regards, Georg Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=41050&t=41001 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
PAT port range on a Cisco 1604? [7:41001]
Is it possible to specify a port range in IOS 12.0(15) on a Cisco 1604? Could some point me in the right direction for the command format is possible? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=41001&t=41001 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
aux - aux 2501-2501 frame relay switch [7:40026]
Hi group Someone posted sometime ago how to configure two 2501 to act as a frame relay switch by connecting them via the aux ports can someone please post the configuration again please. Thanks Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40026&t=40026 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Console Cable [7:39585]
Hi group Iam having trouble with using a console cable into any of my routers. The problem is when I power on the router, I can see it loading on the screen but when it comes up press return to get started nothing happens when I do press return. I have tried this on all my routers, using hyper terminal and tera term. I have made sure the cable is fitted right. The keyboards return key works on other applications. This has only just started to happen. Any ideas? 2nd Question Iam trying to connect 2 2501 by the aux port and use them as a frame relay switch does any one know the configuration for this? Thanks Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39585&t=39585 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
516-CS Terminal Server Configuration ??'s [7:35225]
I have recent come into posession of a Cisco 516-CS Terminal Server. I want to use this device to control a rack of 8-9 routers, switches, etc I am using a standard Cisco Console Roll-Over cable to connect a port of the 516-CS to the Console Port the Router. In my setup I'm using port 5 of the 516-CS. The loopback address is 192.168.1.1 I have setup a loopback interface on the 516-CS. I then issue the following command telnet 192.168.1.1 2005, I get an immediate respone that the connection is open and nothing else happpens, I then hit enter a couple of times on the 516-CS which eventually hangs the device and it has to be rebooted. Here are the config's for the 516-CS and one router. Any help, ideas and suggestions are greatly welcome. sh config Using 394 out of 32512 bytes ! version 9.21 no service pad ! hostname CS ! enable password cisco ! ! interface Loopback1 ip address 192.168.1.1 255.255.255.0 ! interface Ethernet0 ip address 172.13.2.251 255.255.255.0 ! ! line con 0 line 1 8 no exec session-timeout 30 transport input telnet stopbits 1 line 9 16 no exec exec-timeout 0 0 session-timeout 30 transport input telnet line vty 0 4 password cisco login ! end urrent configuration : 1876 bytes ! version 12.1 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname cisco2621 ! enable secret 5 $1$.hWv$a/EZI7ljy6CyqTvL/kobp/ ! username 2611 password 0 cisco username 2621 password 0 cisco username itc2611 password 0 cisco ! ! ! ! ip subnet-zero no ip finger ! isdn switch-type basic-ni ! ! ! interface FastEthernet0/0 ip address 172.13.2.252 255.255.255.0 duplex auto speed auto ! interface BRI0/0 no ip address encapsulation ppp dialer pool-member 1 isdn switch-type basic-ni isdn spid1 0835866101 8358661 isdn spid2 0835866301 8358663 ppp authentication chap ! interface Serial0/0 no ip address encapsulation frame-relay ! interface Serial0/0.1 point-to-point ip address 1.1.1.1 255.255.255.252 frame-relay interface-dlci 100 ! interface Serial0/0.2 point-to-point ip address 1.1.1.5 255.255.255.252 frame-relay interface-dlci 101 ! interface Serial0/0.3 point-to-point ip address 1.1.1.9 255.255.255.252 frame-relay interface-dlci 102 ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Dialer1 ip address 10.1.1.1 255.255.255.252 encapsulation ppp dialer pool 1 dialer idle-timeout 1 dialer string 8358662 dialer load-threshold 3 either dialer-group 1 ppp chap hostname 2621 ppp chap password 7 030752180500 ppp multilink ! router eigrp 100 redistribute static network 1.0.0.0 network 10.0.0.0 network 100.0.0.0 auto-summary no eigrp log-neighbor-changes ! ip classless ip route 0.0.0.0 0.0.0.0 10.1.1.2 120 no ip http server ! access-list 100 deny eigrp any any access-list 100 permit ip any any dialer-list 1 protocol ip list 100 banner exec ^CHello Welcome to the Lab^C banner motd ^CHello Welcome to the Cisco 2621 Router^C ! line con 0 exec-timeout 0 0 transport input none line aux 0 line vty 0 4 password cisco login ! end cisco2621# Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=35225&t=35225 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
IS-IS BSCN [7:27955]
Hi group Iam currently studying for the BSCN, i am using the sybex study guide. My question is i have gone through the book and cant see any sections on IS-IS, yet the books practice exams has questions reguarding IS-IS. I have looked on the cisco web site but cant see anything about IS-IS being in the BSCN exam. Can any one clear this up is IS-IS a topic in the BSCN exam. Thanks in advance - Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27955&t=27955 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP question [7:27879]
Ask and you shall recieve ... cisco 2503 ... not on Internet, no passwords, my own rack Router-A#show runn Building configuration... Current configuration : 1209 bytes ! version 12.2 no service single-slot-reload-enable service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Router-A ! logging rate-limit console 10 except errors ! ip subnet-zero no ip finger ! no ip dhcp-client network-discovery ! ! ! ! interface Ethernet0 ip address 192.168.1.1 255.255.255.0 ! interface Serial0 ip address 200.200.2.2 255.255.255.0 no fair-queue clockrate 56000 ! interface Serial1 ip address 200.200.1.2 255.255.255.0 ! interface BRI0 no ip address shutdown isdn x25 static-tei 0 cdapi buffers regular 0 cdapi buffers raw 0 cdapi buffers large 0 ! router ospf 1 log-adjacency-changes network 192.168.1.0 0.0.0.255 area 0 ! router bgp 200 no synchronization bgp log-neighbor-changes network 200.200.1.0 network 200.200.2.0 neighbor 200.200.1.1 remote-as 100 neighbor 200.200.2.1 remote-as 100 ! ip kerberos source-interface any ip classless ip http server ! ! ! line con 0 transport input none line aux 0 line vty 0 4 login ! end -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Mcfadden, Chuck Sent: Friday, November 30, 2001 3:21 PM To: [EMAIL PROTECTED] Subject: RE: BGP question [7:27879] Can we see your whole config? ccie1ab -Original Message- From: Bill Carter [mailto:[EMAIL PROTECTED]] Sent: Friday, November 30, 2001 4:44 PM To: [EMAIL PROTECTED] Subject: RE: BGP question [7:27879] You have to have IP connectivity to your neighbor before BGP will work. Static routes will get you the same thing as RIP. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Stephen C Sent: Friday, November 30, 2001 2:37 PM To: [EMAIL PROTECTED] Subject: BGP question [7:27879] When configuring BGP on a "singlehome" net, everything I read says the basic config commands are ... for S 0\0 to S 0\0 (200.200.1.1 to 200.200.1.2) wire 200.200.1.0 Router-A(config)#router bgp [as#] Router-A(config-router)#network [subnet#] Router-A(config-router)#neighbor [subnet#] remote-as [as#] now filling in the blanks Router-A(config)#router bgp [200] Router-A(config-router)#network [200.200.1.0] Router-A(config-router)#neighbor [200.200.1.1] remote-as [100] unless I configure RIP on the same wire I get nothing. No mention of RIP in any of the books I reference. I config RIP and get a "from show ip route" this C200.200.1.0/24 is directly connected, Serial1 R200.200.100.0/24 [120/1] via 200.200.1.1, 00:00:14, Serial1 [120/1] via 200.200.2.1, 00:00:14, Serial0 C200.200.2.0/24 is directly connected, Serial0 C192.168.1.0/24 is directly connected, Ethernet0 O192.168.2.0/24 [110/74] via 192.168.1.2, 01:54:20, Ethernet0 O E2 192.168.3.0/24 [110/20] via 192.168.1.2, 01:54:20, Ethernet0 Not showing bgp on the connections the Show ip bgp yields . Router-A#show ip bgp BGP table version is 3, local router ID is 200.200.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path * 200.200.1.0 200.200.2.1 0 0 100 i * 200.200.1.1 0 0 100 i *> 0.0.0.0 0 32768 i Where did I pick up the Static/Default paths from * 200.200.2.0 200.200.2.1 0 0 100 i * 200.200.1.1 0 0 100 i *> 0.0.0.0 0 32768 i Where did I pick up the Static/Default paths from Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27890&t=27879 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: BGP question [7:27879]
by entering these commands di I inject a static route? I can't figure out where they came from. Are they a normal consequence of BGP or ??? -Original Message- From: Bill Carter [mailto:[EMAIL PROTECTED]] Sent: Friday, November 30, 2001 2:45 PM To: Stephen C; [EMAIL PROTECTED] Subject: RE: BGP question [7:27879] You have to have IP connectivity to your neighbor before BGP will work. Static routes will get you the same thing as RIP. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Stephen C Sent: Friday, November 30, 2001 2:37 PM To: [EMAIL PROTECTED] Subject: BGP question [7:27879] When configuring BGP on a "singlehome" net, everything I read says the basic config commands are ... for S 0\0 to S 0\0 (200.200.1.1 to 200.200.1.2) wire 200.200.1.0 Router-A(config)#router bgp [as#] Router-A(config-router)#network [subnet#] Router-A(config-router)#neighbor [subnet#] remote-as [as#] now filling in the blanks Router-A(config)#router bgp [200] Router-A(config-router)#network [200.200.1.0] Router-A(config-router)#neighbor [200.200.1.1] remote-as [100] unless I configure RIP on the same wire I get nothing. No mention of RIP in any of the books I reference. I config RIP and get a "from show ip route" this C200.200.1.0/24 is directly connected, Serial1 R200.200.100.0/24 [120/1] via 200.200.1.1, 00:00:14, Serial1 [120/1] via 200.200.2.1, 00:00:14, Serial0 C200.200.2.0/24 is directly connected, Serial0 C192.168.1.0/24 is directly connected, Ethernet0 O192.168.2.0/24 [110/74] via 192.168.1.2, 01:54:20, Ethernet0 O E2 192.168.3.0/24 [110/20] via 192.168.1.2, 01:54:20, Ethernet0 Not showing bgp on the connections the Show ip bgp yields . Router-A#show ip bgp BGP table version is 3, local router ID is 200.200.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path * 200.200.1.0 200.200.2.1 0 0 100 i * 200.200.1.1 0 0 100 i *> 0.0.0.0 0 32768 i Where did I pick up the Static/Default paths from * 200.200.2.0 200.200.2.1 0 0 100 i * 200.200.1.1 0 0 100 i *> 0.0.0.0 0 32768 i Where did I pick up the Static/Default paths from Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27884&t=27879 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
BGP question [7:27879]
When configuring BGP on a "singlehome" net, everything I read says the basic config commands are ... for S 0\0 to S 0\0 (200.200.1.1 to 200.200.1.2) wire 200.200.1.0 Router-A(config)#router bgp [as#] Router-A(config-router)#network [subnet#] Router-A(config-router)#neighbor [subnet#] remote-as [as#] now filling in the blanks Router-A(config)#router bgp [200] Router-A(config-router)#network [200.200.1.0] Router-A(config-router)#neighbor [200.200.1.1] remote-as [100] unless I configure RIP on the same wire I get nothing. No mention of RIP in any of the books I reference. I config RIP and get a "from show ip route" this C200.200.1.0/24 is directly connected, Serial1 R200.200.100.0/24 [120/1] via 200.200.1.1, 00:00:14, Serial1 [120/1] via 200.200.2.1, 00:00:14, Serial0 C200.200.2.0/24 is directly connected, Serial0 C192.168.1.0/24 is directly connected, Ethernet0 O192.168.2.0/24 [110/74] via 192.168.1.2, 01:54:20, Ethernet0 O E2 192.168.3.0/24 [110/20] via 192.168.1.2, 01:54:20, Ethernet0 Not showing bgp on the connections the Show ip bgp yields . Router-A#show ip bgp BGP table version is 3, local router ID is 200.200.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path * 200.200.1.0 200.200.2.1 0 0 100 i * 200.200.1.1 0 0 100 i *> 0.0.0.0 0 32768 i Where did I pick up the Static/Default paths from * 200.200.2.0 200.200.2.1 0 0 100 i * 200.200.1.1 0 0 100 i *> 0.0.0.0 0 32768 i Where did I pick up the Static/Default paths from Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27879&t=27879 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: T1 install; issue resolved. [7:22162]
Thanks again to all of you who responded. Someone had mentioned the number of timeslots as being a probable cause. I apologize for forgetting the name of the person who posted that. You were close - we had the number of timeslots configured correctly, but the person on the remote end of the link had the wrong speed set - 56 instead of 64. I did not have access to his configuration and I have not worked with this person enough to be brass enough to ask for it. Being an individual and far from being an "expert" I was not prepared to ask a Cisco "guru" in a larger IT dept to allow me to review his configuration. Obviously if I had had it, I probably would have caught it. Thanks again everyone! Stephen Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=22162&t=22162 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: T1 install; line protocol going down and up every 30 [7:22068]
Thanks to all of you who have responded. Here's where I'm at: The Telco's (two telcos involved) have both said the circuit is sound and correct. We can loopback both ways down the length of the circuit and it works ok. To eliminate hardware problems on my end, I have tested this router and DSU on the T1 in my office. It is a point to point to our ISP. The router came up, I plugged in our IP's, NAT, ACL info and we were surfing. My hardware/configuration seems to be working ok. The only thing left is their hardware/configuration, so I feel that's where the problem lies. The company I am trying to connect to has over 50 T1's going into their facility - this is not exactly a new configuration for them. Admittedly I am not the most seasoned field person. I have installed some T1's, but not 100's. I feel I must be missing something simple, but I don't what it is. The default configuration for this DSU is: clock source - line encoding - b8za framing - esf timeslots/channels - all 24 speed - 64k I have not modified any of these settings execpt changing the clock source, trying it both ways. In our office I know the ISP is providing the timing, so I just left everyting on the DSU to default and it worked beautifully. Any other ideas? Thanks, Stephen Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=22068&t=22068 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: T1 install; line protocol going down and up every 30 [7:21872]
I am using an internal DSU on my end. I am not sure what they are using on their end. I have checked and double checked the linecoding and framing. This is a SouthWestern Bell circuit, but it passes through a different long distance carrier. It should be B8ZS, ESF, and HDLC on the layer 2. Again, when the remote end is set to line, they seem to be fine. When they go to internal they cause framing errors. This leads me to believe that there already is a clock signal on their end of the link. Regardless of whether I go to line or internal my line protocol bounces. Stephen - Original Message - From: To: Sent: Wednesday, October 03, 2001 10:50 AM Subject: RE: T1 install; line protocol going down and up every 30 [7:21863] > Sounds like a clocking issue to me. Are you using internal or external > CSU/DSU? > > -Eric > > -Original Message----- > From: Stephen Hoover [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, October 03, 2001 9:47 AM > To: [EMAIL PROTECTED] > Subject: T1 install; line protocol going down and up every 30 seconds > [7:21848] > > > I am working on point to point T1 install at a small office. The line > protocol keeps going up and down every 30 seconds and I cannot ping myself. > My keepalive timers are not incrementing. The telco provider says that they > are not providing the clock on this line and that we need to do so > ourselves. My condition remains the same whether I set my clock to line or > internal. The router on the remote end however seems to be ready to go when > they set their clock source to line. When they set to internal, the telco > provider sees framing errors on the line. > > Does it seem feasible that there is a clock source somewhere back towards > there end of the line that their router can receive and mine cannot? I am > working with the IT staff on the remote end of the link, but none of us seem > to have any idea where else to go with this problem. > > My system works fine when I put my DSU in local loopback and it works when I > put their DSU in remote loopback - so I *think* the hardware is sound. > > Any help is appreciated! > > Thanks, > Stephen Hoover Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21872&t=21872 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
T1 install; line protocol going down and up every 30 seconds [7:21848]
I am working on point to point T1 install at a small office. The line protocol keeps going up and down every 30 seconds and I cannot ping myself. My keepalive timers are not incrementing. The telco provider says that they are not providing the clock on this line and that we need to do so ourselves. My condition remains the same whether I set my clock to line or internal. The router on the remote end however seems to be ready to go when they set their clock source to line. When they set to internal, the telco provider sees framing errors on the line. Does it seem feasible that there is a clock source somewhere back towards there end of the line that their router can receive and mine cannot? I am working with the IT staff on the remote end of the link, but none of us seem to have any idea where else to go with this problem. My system works fine when I put my DSU in local loopback and it works when I put their DSU in remote loopback - so I *think* the hardware is sound. Any help is appreciated! Thanks, Stephen Hoover Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21848&t=21848 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I'm a CCNP today. [7:21693]
well done tim >From: "Tim Booth" >Reply-To: "Tim Booth" >To: [EMAIL PROTECTED] >Subject: I'm a CCNP today. [7:21693] >Date: Tue, 2 Oct 2001 12:12:45 -0400 > >Hello All, > > Today is a good day. Just passed Support with 85%. I didn't find this >test >"easy" by any stretch of the imagination. > > I am now a CCNP. Thanks to all for any direct or indirect help in >passing >these tests. Now on to the D's...then the I's. > >Have a good one, >Tim Booth _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21829&t=21693 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help with huge amount of Input/Frame and some CRC errors [7:21826]
Hi , i still think it`s the link..i have been told loads of times links are fine but they arn`t get THEM to run and END-to-END test... if you got an int resetand you didn`t touch the box the line is up the stuff.. from memory.. last 9 times .(ove 6mths...we have about 300 lines)...7 times BT line.once bad configHDLC-SDLC once fauly port on cisco switch. let us know how you get on >From: "Symon Thurlow" >Reply-To: "Symon Thurlow" >To: [EMAIL PROTECTED] >Subject: Re: Help with huge amount of Input/Frame and some CRC errors >[7:21811] >Date: Wed, 3 Oct 2001 04:01:58 -0400 > >Thanks for the input Les, > >This isn't the case here, because if I get them around the wrong way, >there is no link at all. > >I do get some traffic down this connection, probably about equivalent >to 14.4k... > >Symon > >--- > > Hi people, > > I have experienced a similar problem using G703 cards in a cisco >2620, in > > this case it was a transposed pair in the building > > wiring. That is the transmit and receive pairs were transmit to >transmit and > > receive to receive rather than transmit to > > receive. Works fine with a loopback plug at either end but doesn't >play > > when interconnected. > > HTH > > Les > > > > Symon Thurlow wrote: > > > > > > Hi Stephen, > > > > > > There are almost no resets all day, only 1 per router. > > > > > > > that FUNNY you know ...al the BT CSU/DSU (for there 2 meg >leased) > > > have an > > > > X21 port built in > > > > > > The ones we have are only BNC, we have fibre coming in. >[EMAIL PROTECTED] > > >Cheers, > >Symon _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21826&t=21826 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help with huge amount of Input/Frame and some CRC errors [7:21825]
Hi , i still think it >From: "Symon Thurlow" >Reply-To: "Symon Thurlow" >To: [EMAIL PROTECTED] >Subject: Re: Help with huge amount of Input/Frame and some CRC errors >[7:21811] >Date: Wed, 3 Oct 2001 04:01:58 -0400 > >Thanks for the input Les, > >This isn't the case here, because if I get them around the wrong way, >there is no link at all. > >I do get some traffic down this connection, probably about equivalent >to 14.4k... > >Symon > >--- > > Hi people, > > I have experienced a similar problem using G703 cards in a cisco >2620, in > > this case it was a transposed pair in the building > > wiring. That is the transmit and receive pairs were transmit to >transmit and > > receive to receive rather than transmit to > > receive. Works fine with a loopback plug at either end but doesn't >play > > when interconnected. > > HTH > > Les > > > > Symon Thurlow wrote: > > > > > > Hi Stephen, > > > > > > There are almost no resets all day, only 1 per router. > > > > > > > that FUNNY you know ...al the BT CSU/DSU (for there 2 meg >leased) > > > have an > > > > X21 port built in > > > > > > The ones we have are only BNC, we have fibre coming in. >[EMAIL PROTECTED] > > >Cheers, > >Symon _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21825&t=21825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Dial up and Leased Lines Solution [7:21660]
500 leased linesHellthat`s a lot of leased lines i don`t know of any single cisco device with 500 serial interfacess.. ( and yes i am aware of ways round that ...bit i am going on what he has said in his post) so the question begs "as howard" what problem are you trying to solve ? >From: "ashraf awadalla" >Reply-To: "ashraf awadalla" >To: [EMAIL PROTECTED] >Subject: Dial up and Leased Lines Solution [7:21660] >Date: Tue, 2 Oct 2001 08:55:51 -0400 > >Hello everyone >I have an issue finding the correct Cisco equipment >solution for the following requirements: > >1. Support for up to 1500 Dial Up Users >2. Support for up to 500 Leased Lines. > >Can anyone suggest a Cisco solution please? I have >looked at the AS5xxx but was not able to conclude that >the above are supported and on what modules. >Thank you very much for your time in advance. >Regards >Ash > >__ >Do You Yahoo!? >Listen to your Yahoo! Mail messages from any phone. >http://phone.yahoo.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21664&t=21660 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help with huge amount of Input/Frame and some CRC errors [7:21657]
symon... sorryi am asleep i don`t like the amount of interface resets you are getting... can you clear counters and watch the amount you are gettingon both sides.. int resets cum from the line bieng dropped (g703/line) i have smds/leased lines and you should not get ANY int resets on a good line. the last time i had this problem it was the BT CSU/DSU that was at fault that FUNNY you know ...al the BT CSU/DSU (for there 2 meg leased) have an X21 port built in you could also try swapping the ints (S0-S1)on both sides to see if that makes a difference... Is this a new install?? it IS possible that the G703 converter is stuffedwe use BlackBox ones...and they SHOULD work straight out of the box... HTH steve >From: Symon Thurlow >To: [EMAIL PROTECTED] >Subject: Re: Help with huge amount of Input/Frame and some CRC errors >[7:21647] >Date: Tue, 02 Oct 2001 23:05:07 +1130 > >It is a straight leased line, not Frame > >Cheers, > >Symon > >--- > > in your config > > > > what is your LMI.(autosence) > > > > have you set the encapsulation command on the int`s > > > > see this link > > > > >http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgc >r/wan_c/wcdfrely.htm#xtocid221854 > > > > > > > > input errors usually mean that there is some kind of encap >error...(int > > doesn`t understand the packet/frame it`s recieving) > > > > CU > > > > steve > > >From: "Symon Thurlow" > > >Reply-To: "Symon Thurlow" > > >To: [EMAIL PROTECTED] > > >Subject: Help with huge amount of Input/Frame and some CRC errors >[7:21647] > > >Date: Tue, 2 Oct 2001 04:47:46 -0400 > > > > > >Hi All, > > > > > >I have a 2MB leased line (UK Megastream) line between two sites. > > > > > >One site has a 3640, the other a 2621. > > > > > >The line is presented as G703 both ends. > > > > > >I have PDA DC2020 G703 to X21 converters at both ends. > > > > > >so connection is: > > > > > >SITE A > > >Cisco 3640 (WIC-1T) > > >PDA DC2020 X21 to G703 Converter > > >Megastream box (CSU/DSU) > > >Carriers network > > >Megastream Box (CSU/DSU) > > >PDA DC2020 X21 to G703 Converter > > >Cisco 2621 (WIC-1T) > > > > > >When I do local and remote loopback tests, using extended pings, >there > > >are no errors. This is true from both ends. > > > > > >As soon as I take the line off loopback, the activity light on the > > >2621 goes crazy, and I get about 500 input errors per second on one > > >end, and about 300 or so per second on the other end. > > > > > >Keepalives are incrementing, I have tried invert txclock, although > > >probably didn't need to. > > > > > >Here is a sh int from each end, ip addresses changed: > > > > > >2621 end: > > > > > > >sh int s0/0 > > >Serial0/0 is up, line protocol is up > > > Hardware is PowerQUICC Serial > > > Description: > > > Internet address is 10.10.10.2/30 > > > MTU 1500 bytes, BW 2048 Kbit, DLY 2 usec, > > > reliability 157/255, txload 1/255, rxload 1/255 > > > Encapsulation HDLC, loopback not set > > > Keepalive set (10 sec) > > > Last input 00:00:08, output 00:00:00, output hang never > > > Last clearing of "show interface" counters 17:21:37 > > > Queueing strategy: fifo > > > Output queue 0/40, 0 drops; input queue 0/75, 0 drops > > > 5 minute input rate 0 bits/sec, 0 packets/sec > > > 5 minute output rate 0 bits/sec, 0 packets/sec > > > 7055 packets input, 433584 bytes, 0 no buffer > > > Received 7055 broadcasts, 0 runts, 0 giants, 0 throttles > > > 30613034 input errors, 4438685 CRC, 26174345 frame, 0 >overrun, 0 > > >ignored, 4 > > > abort > > > 8850 packets output, 838333 bytes, 0 underruns > > > 0 output errors, 0 collisions, 3 interface resets > > > 0 output buffer failures, 0 output buffers swapped out > > > 0 carrier transitions > > > DCD=up DSR=up DTR=up RTS=up CTS=up > > > > > >3640 end: > > > > > > >sh int s0/0 > > >Serial0/0 is up, line protocol is up > > > Hardware is QUICC Serial > > > Description: > > > Internet address is 10.10.10.1/30 > > > MTU 1500 bytes, BW 2048 Kbit, DLY 2 usec, rely 161/255, load > > >1/255 > > > Encapsulation HDLC, loopback not set, keepalive set (10 sec) > > > Last input 00:00:00, output 00:00:00, output hang never > > > Last clearing of "show interface" counters 17:22:15 > > > Queueing strategy: fifo > > > Output queue 0/40, 0 drops; input queue 0/75, 0 drops > > > 5 minute input rate 0 bits/sec, 1 packets/sec > > > 5 minute output rate 0 bits/sec, 1 packets/sec > > > 8485 packets input, 778380 bytes, 0 no buffer > > > Received 7961 broadcasts, 0 runts, 0 giants, 0 throttles > > > 18292244 input errors, 5169 CRC, 18287064 frame, 0 overrun, 0 > > >ignored, 11 a > > >bort > > > 7324 packets output, 462192 bytes, 0 underruns > > > 0 output errors, 0 collisions, 10 interface resets > > > 0 output buffer failures, 0 output
Re: Help with huge amount of Input/Frame and some CRC errors [7:21649]
in your config what is your LMI.(autosence) have you set the encapsulation command on the int`s see this link http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/wan_c/wcdfrely.htm#xtocid221854 input errors usually mean that there is some kind of encap error...(int doesn`t understand the packet/frame it`s recieving) CU steve >From: "Symon Thurlow" >Reply-To: "Symon Thurlow" >To: [EMAIL PROTECTED] >Subject: Help with huge amount of Input/Frame and some CRC errors [7:21647] >Date: Tue, 2 Oct 2001 04:47:46 -0400 > >Hi All, > >I have a 2MB leased line (UK Megastream) line between two sites. > >One site has a 3640, the other a 2621. > >The line is presented as G703 both ends. > >I have PDA DC2020 G703 to X21 converters at both ends. > >so connection is: > >SITE A >Cisco 3640 (WIC-1T) >PDA DC2020 X21 to G703 Converter >Megastream box (CSU/DSU) >Carriers network >Megastream Box (CSU/DSU) >PDA DC2020 X21 to G703 Converter >Cisco 2621 (WIC-1T) > >When I do local and remote loopback tests, using extended pings, there >are no errors. This is true from both ends. > >As soon as I take the line off loopback, the activity light on the >2621 goes crazy, and I get about 500 input errors per second on one >end, and about 300 or so per second on the other end. > >Keepalives are incrementing, I have tried invert txclock, although >probably didn't need to. > >Here is a sh int from each end, ip addresses changed: > >2621 end: > > >sh int s0/0 >Serial0/0 is up, line protocol is up > Hardware is PowerQUICC Serial > Description: > Internet address is 10.10.10.2/30 > MTU 1500 bytes, BW 2048 Kbit, DLY 2 usec, > reliability 157/255, txload 1/255, rxload 1/255 > Encapsulation HDLC, loopback not set > Keepalive set (10 sec) > Last input 00:00:08, output 00:00:00, output hang never > Last clearing of "show interface" counters 17:21:37 > Queueing strategy: fifo > Output queue 0/40, 0 drops; input queue 0/75, 0 drops > 5 minute input rate 0 bits/sec, 0 packets/sec > 5 minute output rate 0 bits/sec, 0 packets/sec > 7055 packets input, 433584 bytes, 0 no buffer > Received 7055 broadcasts, 0 runts, 0 giants, 0 throttles > 30613034 input errors, 4438685 CRC, 26174345 frame, 0 overrun, 0 >ignored, 4 > abort > 8850 packets output, 838333 bytes, 0 underruns > 0 output errors, 0 collisions, 3 interface resets > 0 output buffer failures, 0 output buffers swapped out > 0 carrier transitions > DCD=up DSR=up DTR=up RTS=up CTS=up > >3640 end: > > >sh int s0/0 >Serial0/0 is up, line protocol is up > Hardware is QUICC Serial > Description: > Internet address is 10.10.10.1/30 > MTU 1500 bytes, BW 2048 Kbit, DLY 2 usec, rely 161/255, load >1/255 > Encapsulation HDLC, loopback not set, keepalive set (10 sec) > Last input 00:00:00, output 00:00:00, output hang never > Last clearing of "show interface" counters 17:22:15 > Queueing strategy: fifo > Output queue 0/40, 0 drops; input queue 0/75, 0 drops > 5 minute input rate 0 bits/sec, 1 packets/sec > 5 minute output rate 0 bits/sec, 1 packets/sec > 8485 packets input, 778380 bytes, 0 no buffer > Received 7961 broadcasts, 0 runts, 0 giants, 0 throttles > 18292244 input errors, 5169 CRC, 18287064 frame, 0 overrun, 0 >ignored, 11 a >bort > 7324 packets output, 462192 bytes, 0 underruns > 0 output errors, 0 collisions, 10 interface resets > 0 output buffer failures, 0 output buffers swapped out > 0 carrier transitions > DCD=up DSR=up DTR=up RTS=up CTS=up > >Carrier (NTL) say that line is fine. Remote loopback test sort of >point to this as being true (to my limited knowledge). > >Any assistance greatly appreciated. > >Cheers, > >Symon _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21649&t=21649 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Fastethernet failover [7:21177]
hi, with my new found knowledge on this subject... why don`t you load share your HSRP by using the standby preempt and standby track commands..then simply connect the other ethernet interface to the other switch running HSRP ...job done... ~BTW I THINK.i`m not sure List??? CU steve >From: "David C Prall" >Reply-To: "David C Prall" >To: [EMAIL PROTECTED] >Subject: Re: Fastethernet failover [7:21177] >Date: Wed, 26 Sep 2001 22:54:45 -0400 > >I'd start looking at IRB. > >David C Prall [EMAIL PROTECTED] http://dcp.dcptech.com >- Original Message - >From: "Steve Smith" >To: >Sent: Wednesday, September 26, 2001 12:43 PM >Subject: Fastethernet failover [7:21177] > > > > Hey gang this may sound strange but it was just a thought. I have a 3640 > > that has two separate Ethernet interfaces. I have one that runs into one > > of our cats running HSRP. Is there a way to run the second one to the > > other cat as a fail over path? Can this be done with weights or anything > > like that? > > > > Thanks in advance! > > > > Steve _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21276&t=21177 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: policy route [7:21044]
my appologies. i always presumed it worked in the same way as unix-HA... thanks for the correction steve >From: "Kent Hundley" >Reply-To: "Kent Hundley" >To: [EMAIL PROTECTED] >Subject: RE: policy route [7:21044] >Date: Wed, 26 Sep 2001 13:52:32 -0400 > >Stephen, > >Your statement is incorrect. Enabling HSRP on a router does not cause the >standby router to send all packets to the primary. The only things that >enabling HSRP does is: > >1) Enable the primary router to answer arp replies and accept/return >packets >for the virtual IP address (it does this by creating a virtual MAC to match >the virtual IP) >2) Enable a hearbeat signal so that secondaries can takeover for the >primary >in the event of failure > >Neither of these things has any effect on the backup HSRP routers ability >to >forward IP packets as it normally would. You can still use the secondary >HSRP router as you normally would by sending packets to its real IP. The >secondary routers will forward packets sent to them based on the contents >of >their routing table, they will not simply send all traffic over to the >primary router. > >I've tested this in real world scenarios before and just re-confirmed it in >my lab. > >-Kent > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of >Stephen Skinner >Sent: Wednesday, September 26, 2001 8:12 AM >To: [EMAIL PROTECTED] >Subject: RE: policy route [7:21044] > > >i have to diasgreeevery 3 secs a pulse is sent from the active to >standby.even if you have a route connected to your standbywhen >thestandby gets any routed packets HSRP (which is layer 1/2) will send >it to the active master..this wil then route the packets accordingly... > >i`m told ther is a way around this but you will have to search the >archives...it was only a couple of weeks ago > >Cheers > >steve > > >From: "Jim Bond" > >Reply-To: "Jim Bond" > >To: [EMAIL PROTECTED] > >Subject: RE: policy route [7:21044] > >Date: Tue, 25 Sep 2001 17:15:07 -0400 > > > >I have to disagree. The standby router has static > >route point to the other side. Once traffic gets to > >standby, it should route... > > > >Jim > > > >--- Liang Mark J Civ AFRL/PROI > > wrote: > > > Standby is stanby, it doesn't do any routing until > > > the active router goes > > > down. > > > > > > Regards, > > > > > > Mark, > > > > > > -Original Message- > > > From: Jim Bond [mailto:[EMAIL PROTECTED]] > > > Sent: Tuesday, September 25, 2001 11:52 AM > > > To: [EMAIL PROTECTED] > > > Subject: policy route [7:21044] > > > > > > > > > Hello, > > > > > > I have 2 routers running HSRP in a small office. I > > > want SMTP traffic go through standby router so I > > > configured policy route on active router that all > > > SMTP > > > traffic, send to standby router. But it doesn't > > > work. > > > I'm wondering if policy route will work this way? > > > > > > At active router: > > > interface e0 > > > ip address 10.1.1.2 255.255.255.0 > > > ip policy route-map SMTP > > > standby ip 10.1.1.1 > > > ... > > > route-map SMTP permit 10 > > > match ip address 102 > > > set ip next-hop 10.1.1.3 !standby router ethernet > > > ... > > > access-list 102 permit tcp any any eq 25 > > > > > > Thanks in advance. > > > > > > Jim > > > > > > __ > > > Do You Yahoo!? > > > Get email alerts & NEW webcam video instant > > > messaging with Yahoo! Messenger. > > > http://im.yahoo.com > >[EMAIL PROTECTED] > > > > > >__ > >Do You Yahoo!? > >Get email alerts & NEW webcam video instant messaging with Yahoo! > >Messenger. > >http://im.yahoo.com >_ >Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21275&t=21044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Equipment [7:21127]
Hi www.network-sol.com very big europe secondhand reseller or ebay are quite good... HTH steve >From: "Derek Gaff" >Reply-To: "Derek Gaff" >To: [EMAIL PROTECTED] >Subject: Cisco Equipment [7:21127] >Date: Wed, 26 Sep 2001 07:41:55 -0400 > >Hello all > >I have being reading the posts that have being posted in this list for the >last few weeks. If anybody can help me, I am trying to purchase some >secondhand Cisco Equipment in Ireland to prepare for the CCIE Written and >Lab. At this time I cannot find anywere that resells secondhand equipment. >Does anybody from this part of the world have any ideas. > >Cheers >Derek _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21148&t=21127 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: which layer do the ospf bgp rip work on [7:20953]
HorrayTally-ho.Chin-chin and all that ..us brits are first at something Marvelous... >From: "MADMAN" >Reply-To: "MADMAN" >To: [EMAIL PROTECTED] >Subject: Re: which layer do the ospf bgp rip work on [7:20953] >Date: Wed, 26 Sep 2001 10:17:16 -0400 > >Ya that may be been since when has ANSI been the authoritative source >for correct spelling, I trust Merriam-Webster more... > >http://www.m-w.com/cgi-bin/dictionary > > fibre is a variant of fiber > > Dave > >Dr Rita Puzmanova wrote: > > > > Keeping myself - hopefully - unbiased in this spelling discussion (not > > being native English speaker) I would like to point out - FYI - that > > FIBRE CHANNEL is the ANSI standard?! > > > > Rita > > > > MADMAN wrote: > > > > > > Ah yes I should have known it was a British spelling, like centre, > > > fibre, behaviour etc... When they gonna learn some good English ;) > >David Madland >Sr. Network Engineer >CCIE# 2016 >Qwest Communications Int. Inc. >[EMAIL PROTECTED] >612-664-3367 > >"Emotion should reflect reason not guide it" _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21169&t=20953 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Quick TFTP question [7:21139]
if you have downloaded the cisco tftp server you have the choice to select a local/network drive and folder...# the cisco box just sends itits upto the tftp server to put the file in a directory hth steve >From: "suleman ibrahim aboo" >Reply-To: "suleman ibrahim aboo" >To: [EMAIL PROTECTED] >Subject: Quick TFTP question [7:21139] >Date: Wed, 26 Sep 2001 10:15:25 -0400 > >I would like to know about the tftp server for back ups- how does the >router >know the location on the machine used for the storages of images. I know >you >give the address- ie domain name or IP address but what about the >directory? > >Thanks in advance > >suleman _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21164&t=21139 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Purchase Routers in Ireland [7:21109]
www.network-sol.com >From: "Derek Gaff" >Reply-To: "Derek Gaff" >To: [EMAIL PROTECTED] >Subject: Purchase Routers in Ireland [7:21109] >Date: Wed, 26 Sep 2001 07:39:35 -0400 > >Hello all > >I have being reading the posts that have being posted in this list for the >last few weeks. If anybody can help me, I am trying to purchase some >secondhand Cisco Equipment in Ireland to prepare for the CCIE Written and >Lab. At this time I cannot find anywere that resells secondhand equipment. >Does anybody from this part of the world have any ideas. > >Cheers >Derek _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21167&t=21109 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: policy route [7:21044]
i have to diasgreeevery 3 secs a pulse is sent from the active to standby.even if you have a route connected to your standbywhen thestandby gets any routed packets HSRP (which is layer 1/2) will send it to the active master..this wil then route the packets accordingly... i`m told ther is a way around this but you will have to search the archives...it was only a couple of weeks ago Cheers steve >From: "Jim Bond" >Reply-To: "Jim Bond" >To: [EMAIL PROTECTED] >Subject: RE: policy route [7:21044] >Date: Tue, 25 Sep 2001 17:15:07 -0400 > >I have to disagree. The standby router has static >route point to the other side. Once traffic gets to >standby, it should route... > >Jim > >--- Liang Mark J Civ AFRL/PROI > wrote: > > Standby is stanby, it doesn't do any routing until > > the active router goes > > down. > > > > Regards, > > > > Mark, > > > > -Original Message- > > From: Jim Bond [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, September 25, 2001 11:52 AM > > To: [EMAIL PROTECTED] > > Subject: policy route [7:21044] > > > > > > Hello, > > > > I have 2 routers running HSRP in a small office. I > > want SMTP traffic go through standby router so I > > configured policy route on active router that all > > SMTP > > traffic, send to standby router. But it doesn't > > work. > > I'm wondering if policy route will work this way? > > > > At active router: > > interface e0 > > ip address 10.1.1.2 255.255.255.0 > > ip policy route-map SMTP > > standby ip 10.1.1.1 > > ... > > route-map SMTP permit 10 > > match ip address 102 > > set ip next-hop 10.1.1.3 !standby router ethernet > > ... > > access-list 102 permit tcp any any eq 25 > > > > Thanks in advance. > > > > Jim > > > > __ > > Do You Yahoo!? > > Get email alerts & NEW webcam video instant > > messaging with Yahoo! Messenger. > > http://im.yahoo.com >[EMAIL PROTECTED] > > >__ >Do You Yahoo!? >Get email alerts & NEW webcam video instant messaging with Yahoo! >Messenger. >http://im.yahoo.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21161&t=21044 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP Support 640-506 exam difficulty [7:21060]
the support exam is as hard as your support knowledge is week...( a crsap answer i know).. i spent most of my time supporting networks and i found it quite easy.. you will get lots of question about reading sniffer`s ,,basic fault finding..and so on the lamme series is OK...but i like the support exam cram(it`s all i used to pass and ofcourse the mighty boson) HTH steve >From: "Tim Booth" >Reply-To: "Tim Booth" >To: [EMAIL PROTECTED] >Subject: CCNP Support 640-506 exam difficulty [7:21060] >Date: Tue, 25 Sep 2001 17:07:02 -0400 > >Hello, > > I have taken Routing, Switching, and Remote Access. I am wondering about >the >difficulty level of the Support exam as compared to the others. I feel as >though I know most of the material when reading through the Support book >(Lammle series). > > Also, I'd like to know if the CCIE book (Lammle series) is sufficient to >pass the CCIE *written* exam. > >Thanks, >Tim Booth _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21160&t=21060 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can I configure 2 leased line for single channel ? [7:21147]
not as far as i am aware What you COULD do ..is set them up as seperate lines ...and then run eigrp/ospf betweeen them ...this will load balance the lines.. you could just upgrade your one line to 256k...also but there is no serial "etherchannel" varient.. you can do it with isdn using dialer channel`s HTH steve >From: "[EMAIL PROTECTED]" > >Reply-To: "[EMAIL PROTECTED]" > >To: [EMAIL PROTECTED] >Subject: Can I configure 2 leased line for single channel ? [7:21105] >Date: Wed, 26 Sep 2001 02:26:48 -0400 > >Hello all >I have 128 KBPS leased line between 2 routers and I want to enhance the >performance of the same using one more leased line . Can anyboby suggest me >whether is there any command which will make these 2 lines to work as 1 >logical line as is the case with etherchannel ? >Thanks in advance. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21147&t=21147 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: 6509 L 3 module [7:20997]
i9f i get what you ask correctly ... the L3 module is a MSFC/RSM this is either a daughterboard on the supervisor cards or a seperate card.. basically they are a 2600 router on a card here are some links to cisco configs http://www.cisco.com/warp/public/473/23.html http://www.cisco.com/warp/customer/473/35.html >From: "chris" >Reply-To: "chris" >To: [EMAIL PROTECTED] >Subject: 6509 L 3 module [7:20997] >Date: Tue, 25 Sep 2001 10:41:56 -0400 > >Where can I find well documented configuration information about the 6509 >with Layer 3 module? E.g. like routing between 2 6509 with layer L3 >modules. I believe it is a little different than connecting two 3600 back >to back because they are switched ports first. Any info will help. Thanks >Chris _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=21145&t=20997 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: I want some help about this 504 questions [7:20767]
i see where you are cominbg from my friend i believe you are correct on Q2 but incorrect on Q1 if the packets are perfectly formed they will be transported through the internetwork.. but as Q1 says "would cause broadcast >traffic to be contained within the physical segment?" from a physical standpoint it is correct..if the gateway you are sending frames to dosent understand those frame it will drop them "Host interface is constantly sending frame fragments Host interface is constantly sending frames with CRC errors" these hosts are basically sending garbage to the gateway and as such the gateway won`t know what to do with them ..so it will drop them .. all brodcast igmp and icmp request`s aslong as properly formatted will traverse the internet ok yes there are ways and means around this but from the point of view of the questionQ1 is correct Anyone Else ?. steve >From: "ou henry" >Reply-To: "ou henry" >To: [EMAIL PROTECTED] >Subject: I want some help about this 504 questions [7:20767] >Date: Sat, 22 Sep 2001 03:39:59 -0400 > >1. In a switch internetwork, which two situations would cause broadcast >traffic to be contained within the physical segment? >a. Host interface is constantly sending IGMP requests. >b. Host interface is constantly sending frame fragments. >c. Host interface is constantly sending IP echo requests. >d. Host interface is constantly sending broadcast frames. >e. Host interface is constantly sending frames with CRC errors. >Cheetsheet's answer: be >my choise: cd > >2. In which two situations would cause broadcast traffic NOT be contained >within the VLAN boundries? >a. Host interface is constantly sending IGMP requests. >b. Host interface is constantly sending frame fragments. >c. Host interface is constantly sending IP echo requests. >d. Host interface is constantly sending broadcast frames. >e. Host interface is constantly sending frames with CRC errors. >I still choose: cd _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20976&t=20767 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: set port host [7:20591]
guys, a quick quiery i am running several 6509`s ..about 50 in different sites..and i can `t see this "set port host " command >WS-C6509 Software, Version NmpSW: 5.3(2)CSX >6509_3> (enable) set port host >Unknown command "set port host". Use 'set port help' for more info. > >6509_3> (enable) set spantree portfast ? >Usage: set spantree portfast what Gives...or have i just got a crappy Catos cheers steve >From: "Nigel Taylor" >Reply-To: "Nigel Taylor" >To: [EMAIL PROTECTED] >Subject: Re: set port host [7:20591] >Date: Thu, 20 Sep 2001 18:25:02 -0400 > >MADMAN, >Well it looks from this search on CCO that you were right in that >this command does turn off PAgP. > >Also, by using the CatOS PortFast mechanism, you can configure the phone >access port to move into a forwarding state immediately, thereby decreasing >IP phone boot time. To perform this configuration, use the set port host >command on the Catalyst 4000 and 6000 or the spanning-tree portfast >command >on the 2900 XL and 3500 XL, which turns off Dynamic Trunking Protocol (DTP) >and Port Aggregation Protocol (PAgP) and enables PortFast. > >However, in doing so it does seems like although PagP is turned off it is >the mechnism used to provide informational status of FEC capable links. >Here's a link that provides some info that might help. Perform a "find on >page" using the "%PAGP-5-PORTFROMSTP". > >http://www.cisco.com/warp/public/473/34.shtml > >If you want to suppress these syslog messages, you can modify the logging >level for the "PAGP" facility to 4 or lower using the command set logging >level pagp 4 default (the default logging level for "PAGP" is 5). > >HTH > >Nigel > > > >From: "MADMAN" > >Reply-To: "MADMAN" > >To: [EMAIL PROTECTED] > >Subject: set port host [7:20591] > >Date: Thu, 20 Sep 2001 15:31:49 -0400 > > > >I got a question today from a customer who had seen a > >%PAGP-5-PORTFROMSTP: error message on his 6509. I explained it was > >mostly informational, the device connected to that port was either > >disconnected or shutdown. > > > > I then thought I had a good idea, do a "set port host" on our lab > >switch on a port connected to a router. My reasoning was that this, > >among other things, disables PAGP, auto port channeling, so if I > >disconnect a device on a port with port host enabled I should not see > >PAGP error messages. Wrong, I still get them > > > > Thought I would throw that out to see if I'm smokin crack with my > >logic. > > > > Thanks > > > > Dave > >-- > >David Madland > >Sr. Network Engineer > >CCIE# 2016 > >Qwest Communications Int. Inc. > >[EMAIL PROTECTED] > >612-664-3367 > > > >"Emotion should reflect reason not guide it" >_ >Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20697&t=20591 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Whats wrong with my PING [7:20556]
ermmm there is an encap ppp statement on 2511 s1but your mask 255.255.255.252...the binary states 1100 last two will give you 4 ip`s and 2 useable ones.. try using ip address 172.16.10.6 and 172.16.10.7 and c how you go Cheers steve >From: "news.groupstudy.com" >Reply-To: "news.groupstudy.com" >To: [EMAIL PROTECTED] >Subject: Re: Whats wrong with my PING [7:20556] >Date: Thu, 20 Sep 2001 11:31:15 -0400 > >Hi there, > > 1) You misconfigured the IP on 2511's S1 interface. > 2) 2511's S1 is missing an "enc ppp" command. > >Regards, >Gary > >""Gaz"" wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Should be a very simple one this don't know what I'm doing wrong. Why >can't > > I ping my own interface or the remote end. Back to back serial cable > > > > Here is the config of router gazdav attatched via s0 to S1 of router >2511. > > > > gazdav#sh ru > > Building configuration... > > > > Current configuration: > > ! > > version 12.0 > > service timestamps debug datetime msec > > service timestamps log uptime > > service password-encryption > > ! > > hostname gazdav > > ! > > enable secret 5 $1$FgI.$bygzIO/R77k37T.qfBWhH. > > ! > > username gazdav password 7 > > username pinger password 7 xxx > > username ping privilege 5 password 7 xxx! > > ! > > ! > > ! > > ip subnet-zero > > no ip finger > > no ip domain-lookup > > ! > > isdn switch-type basic-net3 > > isdn voice-call-failure 0 > > ! > > ! > > ! > > interface Ethernet0 > > ip address 10.10.1.1 255.255.255.0 > > no ip directed-broadcast > > ip nat inside > > no ip route-cache > > no ip mroute-cache > > ! > > interface Serial0 > > ip address 172.16.10.6 255.255.255.252 > > no ip directed-broadcast > > encapsulation ppp > > ! > > interface BRI0 > > bandwidth 64 > > ip address negotiated > > no ip directed-broadcast > > ip nat outside > > encapsulation ppp > > no ip route-cache > > no ip mroute-cache > > no keepalive > > dialer idle-timeout 150 > > dialer string 08089933000 > > dialer-group 2 > > isdn switch-type basic-net3 > > ppp authentication chap callin > > ppp chap hostname gazdav > > ppp chap password 7 xx > > ! > > router ospf 101 > > network 10.10.1.0 0.0.0.255 area 0 > > network 172.16.10.4 0.0.0.0 area 0 > > ! > > ip nat inside source list 100 interface BRI0 overload > > ip classless > > no ip http server > > ! > > logging 10.10.1.2 > > access-list 1 permit 10.10.1.2 > > access-list 100 permit ip 10.10.1.0 0.0.0.255 any > > access-list 101 deny udp any any eq snmp > > access-list 101 deny udp any any eq ntp > > access-list 101 permit ip any any > > access-list 110 deny udp 10.10.1.0 0.0.0.255 eq netbios-ns any log > > dialer-list 1 protocol ip list 110 > > dialer-list 2 protocol ip permit > > snmp-server engineID local 000902605CBC2B55 > > snmp-server community public RW > > ! > > line con 0 > > exec-timeout 0 0 > > transport input none > > line vty 0 > > exec-timeout 0 0 > > privilege level 5 > > password 7 xxx > > no login > > length 25 > > transport input telnet > > line vty 1 4 > > exec-timeout 0 0 > > privilege level 5 > > password 7 xxx > > no login > > transport input telnet > > ! > > end > > > > > > And here is the config of the router at the other end. > > > > 2511#sh ru > > Building configuration... > > > > Current configuration : 968 bytes > > ! > > version 12.2 > > service timestamps debug uptime > > service timestamps log uptime > > no service password-encryption > > service udp-small-servers > > service tcp-small-servers > > ! > > hostname 2511 > > ! > > enable secret 5 $1$aJT7$r0fZD.akp8IAaWZEYJuxD1 > > ! > > ip subnet-zero > > no ip domain-lookup > > ! > > ip ssh time-out 120 > > ip ssh authentication-retries 3 > > ! > > ! > > ! > > ! > > interface Ethernet0 > > ip address 10.10.1.10 255.255.255.0 > > no ip route-cache > > no ip mroute-cache > > shutdown > > ! > > interface Serial0 > > ip address 172.16.10.5 255.255.255.252 > > encapsulation ppp > > no ip route-cache > > no ip mroute-cache > > no fair-queue > > clockrate 64000 > > ! > > interface Serial1 > > ip address 172.16.20.5 255.255.255.252 > > no ip route-cache > > no ip mroute-cache > > clockrate 64000 > > ! > > router ospf 100 > > log-adjacency-changes > > network 172.16.10.4 0.0.0.0 area 0 > > network 172.16.20.4 0.0.0.0 area 0 > > ! > > ip classless > > no ip http server > > ! > > ! > > line con 0 > > exec-timeout 0 0 > > line 1 16 > > transport input all > > line aux 0 > > transport input all > > line vty 0 4 > > no login > > ! _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20569&t=20556 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to
Re: Dual FIFO: An Answer [7:20308]
thanks for the update john . as always ...most appreciated steve >From: "John Neiberger" >Reply-To: "John Neiberger" >To: [EMAIL PROTECTED] >Subject: Dual FIFO: An Answer [7:20308] >Date: Tue, 18 Sep 2001 14:45:46 -0400 > >No, Dual FIFO does not mean "a pair of poodles." That would be Dual >FOOFOO. Then again, it may be Dual FIDO. Anyway > >While browsing on CCO I found a better explanation of the Dual FIFO >queue. This excerpt is taken from: > >http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/qossol/qosvoip.htm#xtocid635517 > > >At the interface level, a FIFO queue is set up unless you have enabled >FRF.12 fragmentation. In that case, a dual FIFO system is set up with a >high priority queue and a low priority queue. The high priority queue >receives the PQ traffic from all PVCs plus Layer 2 control traffic. The >low priority queue receives all other traffic from all PVCs. Remember >that Frame Relay traffic shaping (FRTS) is required for Frame Relay >circuits whether FRF.12 fragmentation is enabled or not. FRTS provides >the back-pressure mechanism to detect congestion per PVC. Support for >ATM PVCs is available in Cisco IOS Release 12.2(1)T. > >HTH, >John _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20395&t=20308 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SNMP index numbering [7:19866]
hi, according to our NNM ...it Does do that with Sub-int ,port-channels and loopback...it just treats them as ordinary interfaces... on one of our msm it says port channel1.5 is if index 9...we have other int`s HTH steve >From: "Sean Knox" >Reply-To: "Sean Knox" >To: [EMAIL PROTECTED] >Subject: SNMP index numbering [7:19866] >Date: Thu, 13 Sep 2001 18:01:26 -0400 > >One question: how are devices refigured when virtual devices are added? >I.e. I have interfaces 1, 2, 3 in the ifIndex, and I create subinterface >1.1. What will that device be listed as in ifIndex? 4? > >Sean _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=20161&t=19866 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
this will try and cheer everyone up...or i will never be spoken [7:19920]
thingsd are getting a bit heavy on the list ...and i am trying to releave some of the tension felt by our list brothers... PLEASE i am not making light of the situation.. just trying to help...in my own way === i was recently selling someone some equipment ...and the guy is NOt very computer litarate..(atleast he can spell)... and he asked about a warranty... i said 1 week return to Base he said "Ohhh.." and sounded quite dissapointed and i said "if that no goodwe could go for 2 day RTB.." he again said Ohhh sounding really very dissapointed ... so i gave in and asked what wrong he said" i was hopeing for atleast a year warrenty on the equipment".. i looked at him funny then realised what he said ...and had to explain to him that the warranty was for a year ..this is just the turn around for repair`s... the guy looked very happy ...and i continued talking for 10 mins before i realised what he said and spent the next two hours trying not to cry with laughter( i know it`s not his fault it`s just no-one has ever said that to me before...i suppose it makes sence ,,) later (this was last week) i told a collugue this and he didn`t understand why i found it funny.. 2 hrs later ...he rang me up laughing...because he could see the logic in what he saidand agin found it funny... Ahh Well and yes we will be observing a 3 minute silence at 11:00 am today... Thanks and my prayers go with you steve _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19920&t=19920 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Policy Based Routing...."ive had enough and i`m not going [7:19918]
Ah.What a Bozo.. my access-lists are just plain poor... i have also found out that the "ip route-cache policy"...command should ONLY (int this case) go on the int the traffic is coming from (eth0) many thanks to all who replyed especially jenny (we have a history. i was very insulting ..and have never Really appologised.) jenny i appologiese...i was very.immatureand quite foolish. CU steve >From: "Jins Varghese" >Reply-To: "Jins Varghese" >To: [EMAIL PROTECTED] >Subject: Re: Policy Based Routing"ive had enough and i`m not going >[7:19808] >Date: Thu, 13 Sep 2001 13:52:26 -0400 > >Hi, > >I think the problem is with your access list. >Try configuring like this, > >access-list 101 permit ip 10.10.10.0 0.0.0.127 any >access-list 102 permit ip 10.10.10.0 0.0.0.255 any > >Good Luck > >Jins Varghese > > wrote in message >[EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Memo from Steve Skinner of PricewaterhouseCoopers > > > > Start of message text > > > > > > > > > > chaps + chapes`ss > > > > i am having a slight problem with my Policy based routing config and >would > > be gratefull for your help.. > > > > what i am trying to do is this (its quite simple ...it`s just so am i ) > > > > all user`s are coming in on the 10.10.10.0 subnet (Eth0) ... > > > > i have two outbound int`s > > > > 11.11.11.11 (S0) > > 12.12.12.12.(bri0) > > > > what i want to do is split the 10.10.10.0 subnet and policy based route > > everything from 10.10.10.1-10.10.10.127 out S0, > > and route 10.10.10.128-10.10.10.256 out the bri0 > > > > this doesn`t seem to be working .here is my config .. > > > > thanks in advance steve (i have sent this to the right mailing list >haven`t > > I..?) > > > > P.S i think it`s the wildcard mask that is stuffedand i also have >EIGRP > > running on the router (old senario test) > > > > version 12.2 > > service timestamps > > debug uptimeservice timestamps > > log uptime no > > service password-encryption > > ! > > hostname Router > > !! > > memory-size iomem 25 > > ip subnet-zero > > ! > > ip audit notify log > > ip audit po max-events 100 > > call rsvp-sync!! > > ! > > ! > > interface BRI0 no ip address > > ip address 12.12.12.12 255.255.255.0 > > ip route-cache policy > > ip policy route-map POLICY > > no shutdown > > ! > > interface FastEthernet0 > > ip address 10.10.10.10 255.255.255.0 > > ip route-cache policy (enables fast switching of policy routing...for >speed) > > ip policy route-map POLICY (create a policy called POLICY) > > ! > > interface Serial0 > > ip address 12.12.12.12 255.255.255.0 > > ip route-cache policy (enable fast switching of policy routing) > > (create a policy called POLICY) > > ! > > ip classless > > ip route 0.0.0.0 0.0.0.0 12.12.12.20 > > no ip http serverip > > pim bidir-enable > > ! > > access-list 101 permit ip 10.10.10.0 0.0.0.128 any > > access-list 102 permit ip 10.10.10.0 0.0.0.127 any > > > > route-map POLICY permit 10 > > match ip address 101 > > set ip next-hop 11.11.11.20 > > ! > > route-map POLICY permit 20 > > match ip address 102 > > set ip next-hop 12.12.12.20 > > ! > > ! > > line con 0 > > line aux 0 > > line vty 0 4 > > ! > > no scheduler allocate > > end > > > > > > > > - End of message text > > > > The principal place of business of PricewaterhouseCoopers and its >associate > > partnerships is 1 Embankment Place, London WC2N 6NN where lists of the > > partners' names are available for inspection. All partners in the >associate > > partnerships are authorised to conduct business as agents of, and all > > contracts for services to clients are with, PricewaterhouseCoopers. The >UK > > firm of PricewaterhouseCoopers is authorised by the Institute of >Chartered > > Accountants in England and Wales to carry on investment business. > > PricewaterhouseCoopers is a member of the world-wide > > PricewaterhouseCoopers organisation. > > > > The information transmitted is intended only for the person or entity to > > which it is addressed and may contain confidential and/or privileged > > material. Any review, retransmission, dissemination or other use of, or > > taking of any action in reliance upon, this information by persons or > > entities other than the intended recipient is prohibited. If you >received > > this in error, please contact the sender and delete the material from >any > > computer. _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19918&t=19918 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: A plan to rebuild.... [7:19611]
Take a freakin hike Dipshit. What? they wouldn't have found another way in? - Original Message - From: "Leigh Anne Chisholm" To: Sent: Wednesday, September 12, 2001 11:14 PM Subject: RE: A plan to rebuild [7:19611] > I guess you're not aware of Canada's reputation as being a haven for > murderers and terrorists. Once these people are here, we can't deport them > because of goofy Canadian politics. When these people come into Canada, > Canada has a responsibility to ensure these people don't have undesirable > backgrounds. Then when they're here, it's easy for them to get forged > documents indicating that they are Canadian citizens. That makes the US > immigration department's job more difficult because of the free flowing > policy of letting Canadians pass through the US border with a minimum of > background checking. It's the freedom that Canada enjoys with the US that's > at risk unless our Government steps up to the plate and tightens things up. > How often have you heard after the fact that Canada Immigration didn't > investigate into people's backgrounds properly? Far too often I'm afraid. > > It wasn't the Canadian immigration department that stopped the guy heading > into the US to blow up LAX on the millenium... it was the US immigration > department. > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > Torren Craigie-Manson > > Sent: Wednesday, September 12, 2001 8:22 PM > > To: [EMAIL PROTECTED] > > Subject: Re: A plan to rebuild [7:19611] > > > > > > > > --- Leigh Anne Chisholm wrote: > > {snip} > > > > > I would really hope that of all the things that come out of this, if > > it's > > > > > found that the terrorists came through Canada, the US > > whacks Canadian > > > > > politicians upside the head for their lax immigration policies and > > > > > incompetent information service (Canada's version of the FBI). They > > should > > > > > have been tracking those terrorists the second they entered Canada. > > > > > > > > > > **I** am not impressed... > > > > > > > > > Leigh Anne, > > > > Perhaps you can explain to me why you feel that Canadian > > authorities should > > have spotted these terrorists, but you make no mention of the > > failure of US > > authorities to spot them. Your statement is illogical and insulting to the > > integrity of Canada. > > > > This is an emotionally charged situation for people around the > > world. Please > > take a minute to stop and think before you appoint yourself judge > > and jury, > > and begin pointing fingers at _anyone_. > > > > Torren Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19745&t=19611 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Dual FIFO? [7:19691]
the only thing i could find was this http://www.cisco.com/warp/public/788/voice-qos/voip-ov-fr-qos.pdf which says "Turn on fragmentation for low speed links (less than 1.5Mbps). Set the fragment size so voice packets are not fragmented and do not experience a serialization delay greater than 20 ms. Lowest Link Speed in Path Recommended Fragmentation Size 56Kbps 70 bytes 64Kbps 80 bytes 128Kbps 160 bytes 256Kbps 320 bytes 512Kbps 640 bytes 768Kbps 1000 bytes 1536Kbps 1600 bytes Note: For 1536 Kbps, no fragmentation is technically needed, but fragmentation is needed to enable the dual first-in, first-out (FIFO) queueing system to ensure voice quality. A fragment size of 1600 bytes enables the dual FIFO, but since 1600 bytes is higher than the typical serial interface maximum transmission unit (MTU), large data packets are not fragmented. from what it says it`s just multple "stack" queue sorry i can`t be of more help.. Cheers steve >From: "John Neiberger" >Reply-To: "John Neiberger" >To: [EMAIL PROTECTED] >Subject: Dual FIFO? [7:19691] >Date: Wed, 12 Sep 2001 18:34:53 -0400 > >When configuring VoIP on T-1 links, I see that CCO suggests turning on >frame relay fragmentation with a fragment size of 1600 simply to turn on >the dual fifo queue. What is that? I'm familiar with the single fifo >but what is dual fifo and how does it work? > >I've searched CCO and all I can find is how to turn it on. I have yet >to find any sort of explanation. > >thanks! > >John _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19737&t=19691 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: US Stock [7:19433]
In the words of the great Man himself " these arn`t the droids your looking for ..we don`t need to see his paper`s.he can GO ABOUT HIS BUISNESS ..move alongMOVE ALONG. guys ... i don`t think all this is helping.best leave it for a couple of week`s thanks for listening steve >From: "Matthew Crane" >Reply-To: "Matthew Crane" >To: [EMAIL PROTECTED] >Subject: Re: US Stock [7:19433] >Date: Wed, 12 Sep 2001 09:19:25 -0400 > >To be precise the actual quote reads as follows > >"In the year of the new century and nine months, >From the sky will come a great King of Terror... >The sky will burn at forty-five degrees. >Fire approaches the great new city..." > >"In the city of york there will be a great collapse, >2 twin brothers torn apart by chaos >while the fortress falls the great leader will succumb >third big war will begin when the big city is burning" > > > >Vilas Nafde wrote: > > > > Thisis what i received from one newsgroup: > > > > Some Prophesies about USA bombing > > The Nostradamus prediction:(Nostradamus September 11th, 1651) > > It has been foreseen that exactly three hundred and fifty years > > into the > > future, silver phoenixes shall strike down the twin brothers of > > oppression > > that carried the king's nation, which shall bring upon the > > apocalypse." - > > > > Thanks & Regards > > > > - Original Message - > > From: "Donny Mateo" > > To: > > Sent: Wednesday, September 12, 2001 7:50 AM > > Subject: Re: US Stock [7:19433] > > > > > > > common guys..stop pointing finger and stuff.. there is enough > > problem out > > > there already. Just do what you can to make things better, be > > it praying > > or > > > donating blood, as long as it's for the better than it's a > > good thing. > > > > > > As for God, I think we are not in the place to tell him what > > He should do > > > and what He shouldn't do. He has his purpose and that is > > beyond our > > > understanding. > > > > > > BTW: my deepest condolence to all of you out there who are > > affected by > > this > > > tragedy one way or another. I hope they pay for what they did. > > > > > > > > > Donny > > > > > > >From: "B.J. Wilson" > > > >Reply-To: "B.J. Wilson" > > > >To: [EMAIL PROTECTED] > > > >Subject: Re: US Stock [7:19433] > > > >Date: Tue, 11 Sep 2001 14:27:13 -0400 > > > > > > > >Well, since we're off-topic anyway...maybe if God existed, > > this > > incredible > > > >loss of life wouldn't have occurred in the first place. > > Part of > > rebuilding > > > >our society involves rebuilding our economy, so it's worth > > discussing. > > As > > > >far as life is concerned, I'm donating blood later today, > > and I've made > > > >sure > > > >my two friends who live in NYC are okay. What are you doing > > besides > > > >praying? > > > > > > > > > > > >- Original Message - > > > >From: "Juan Blanco" > > > >To: > > > >Sent: Tuesday, September 11, 2001 1:05 PM > > > >Subject: RE: US Stock [7:19433] > > > > > > > > > > > > > Thanks Priscilla, you are %100 correct, these people here > > are thinking > > > > > about the economic...when they shoulb be thinking about > > rebuilding > > > > > families.they should be thinking about a prayer to > > God in order to > > > >save > > > > > as many peoples as posible > > > > > > > > > > My prayer to those that did not make it in the terror > > atack > > > > > > > > > > God bless america.. > > > > > > > > > > -Original Message- > > > > > From: Priscilla Oppenheimer > > > > > To: [EMAIL PROTECTED] > > > > > Sent: 9/11/2001 12:45 PM > > > > > Subject: RE: US Stock [7:19433] > > > > > > > > > > We're talking about rebuilding the economy? How about > > rebuilding > > > > > families > > > > > (if that can even be done??) > > > > > > > > > > Priscilla > > > > > > > > > > At 01:25 PM 9/11/01, Chuck Larrieu wrote: > > > > > >since you asked - this is real bad news for the economy. > > there are a > > > > > number > > > > > >of major financial firms located in the twin towers, all > > of whom have > > > > > >probably lost key people. These are firms that drive the > > economy in > > > > > terms of > > > > > >investment and investment capital. how long will it take > > to get > > things > > > > > >straight? you will see spillovers into the stock market, > > into > > planning, > > > > > into > > > > > >corporate spending. that translates into jobs. > > > > > > > > > > > >yes there will be rebuilding that must take place, and > > this will > > > > > eventually > > > > > >mean an economic boost. but maybe not for New York City. > > If I were a > > > > > >survivor of one of these firms, and had the chance to > > build from > > > > > scratch, I > > > > > >would seriously consider relocating to Kansas. And I do > > not say that > > > > > >sarcastically. > > > > > > > > > > > >this tragedy spills way beyond what one might think. In > > an economy as > > > > > weak > > > > > >as ours is now, this is real bad news indeed. > > > > > > > >
Re: Appletalk Zone filtering [7:19392]
thank you priscilla ... i have been trying to understand this for weeks and you have FINALLY helped me figure it out CU steve >From: "Priscilla Oppenheimer" >Reply-To: "Priscilla Oppenheimer" >To: [EMAIL PROTECTED] >Subject: Re: Appletalk Zone filtering [7:19392] >Date: Tue, 11 Sep 2001 13:32:14 -0400 > >When a Macintosh pulls up the Chooser, the Mac sends out a request to get >zones. A router responds. You can tell the router not to respond with a >GetZoneList filter. > >When a router learns from another router about a new network, the router >asks the other router for the zones associated with that network. You can >make sure the router doesn't respond by doing a ZIPReplyFilter. The result >is that the network doesn't end up in the routing table because a network >without a zone doesn't "exist" in Cisco's implementation. Because the >network doesn't end up in the routing table, routers downstream don't ever >hear about it. This means that there's no need to do the ZIPReplyFilter on >routers downstream. > >ZIPReplyFilter is more scalable because you don't have to run around to >each router that may have Macintoshes nearby and set up the GetZoneList >filter. > >Priscilla > >At 11:01 AM 9/11/01, Donny Mateo wrote: > >Dear List, > > > >got a little problem in understanding the real difference of using > >Getzonelist-filter and zip-reply-filter. The way I see it is both are >doing > >exactly the same thing. CID by cisco press stated that zip-reply-filter >is > >recommended to be used over GZL since GZL is not scallable and must be > >configure on every router. Doesn't the same thing also applies to > >zip-reply-filter ? > > > >Thanks in advance > > > >dmateo > > > >_ > >Get your FREE download of MSN Explorer at >http://explorer.msn.com/intl.asp > > >Priscilla Oppenheimer >http://www.priscilla.com _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19550&t=19392 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: quetion of catalyst 5505 [7:19519]
you have a hardware error either the backplane slot is damaged (not likely) ...or the card is faulty.. try moving the card to a different slot and see ..if not order spare card .. i think(am trying my best to understandit`s been a long day (already!!!) and i have a hangover) CU steve >From: "[EMAIL PROTECTED]" >Reply-To: "[EMAIL PROTECTED]" >To: [EMAIL PROTECTED] >Subject: quetion of catalyst 5505 [7:19519] >Date: Tue, 11 Sep 2001 22:16:35 -0400 > >Dear Group >I have catalyst 5505 with erro when I turrn on power It runing about 3 >minute >then repetive reset and the light in the erthernet module blink yellow >In my catalyst include module card supervisor and 3 module card erthernet >.When I pull out 3 module erthernet it run normal >no reset >it is log when i show flash > >onsole> (enable) show fla >FileVersion SizeBuilt >--- --- - >c5000 nmp 5.1(2a) 2509406 07/29/99 12:32:27 > lcp 5.1(2a)26064 07/29/99 12:10:41 > lcp 360 5.1(2a) 139848 07/29/99 12:18:58 > atm/fddi 5.1(2a)26583 07/29/99 12:10:44 > lcp 64k 5.1(2a)57502 07/29/99 12:17:10 > lcp c5ip 5.1(2a)25855 07/29/99 12:17:12 > lcp tr5.1(2a)32479 07/29/99 12:12:02 > mcp 360 5.1(2a) 251124 07/29/99 12:27:36 > lcp atm 5.1(2a)26556 07/29/99 12:27:39 > lcp xa1 5.1(2a)91108 07/29/99 12:23:08 > lcp xa2 5.1(2a)61088 07/29/99 12:26:54 > mcp3g 5.1(2a)61281 07/29/99 12:06:52 > mcp2g 5.1(2a)56473 07/29/99 12:01:35 > mcp2g s4a 5.1(2a)60698 07/29/99 11:55:44 > mcp2g s4b32628 07/29/99 11:55:44 > tremblc6.30(ff.ff)9216 > trembl2 6.30(4.1) 9216 > banff 3.ff(ff.ff) 9216 > banff26.7(0.f) > >pls show for me where is erro > >thanks ! _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=19551&t=19519 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]