Re: More debug confusion.. [7:66867]

[Bikespace]

I'm notoriously flaky with dial-up, but still interested.

I haven't got your earlier e-mails. Have we got both configs. Presumably,
for some reason, RouterB doesn't recognise that it is already connected to
RouterA so it dials a second channel for the return traffic. Are the
dialer-map statements spot on. Have you tried using ppp sent username?

Let us know the outcome.

Gaz


""James Gosnold""  wrote in message
news:[EMAIL PROTECTED]
> Show PPP mulitlink says there are no active bundles.
>
> I tried debug isdn q931 and this is what I got:
>
> RouterA#debug isdn q931
> ISDN Q931 packets debugging is on
> RouterA#
> 8w3d: %ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 70 changed to up
> 8w3d: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
> 8w3d: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed
state
> to up
> 8w3d: ISDN BR0: llc valid, speed 64, call type is DATA speed:0 async:N
> 8w3d: ISDN BR0: Event: Received a DATA call from  on B2 at 64 Kb/s
> 8w3d: ISDN BR0: Event: Accepting the call id 0x153C
> 8w3d: %LINK-3-UPDOWN: Interface BRI0:2, changed state to up
> 8w3d: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:2, changed
state
> to up
> 8w3d: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 01419865623
> RouterB
> 8w3d: %ISDN-6-CONNECT: Interface BRI0:2 is now connected to unknown
>
> So, not anywhere near enough debug output AND this also shows how 2 x B
> channels are coming up, BRI0:1 seems to call and then BRI0:2 seems to
> receive a call.
>
> I don't understand why this is happening, the led's confirm there are 2
> channels up, I don't have any callback features configured or anything
like
> that.
>
> It's frustrating really, I'm going over ISDN technologies for my CCNP
exams
> at the moment, you think you understand it and then the only 2 real-life
> Cisco ISDN routers I have to look after don't seem to back up what I've
> learned!




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66960&t=66867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: More debug confusion.. [7:66867]

[James Gosnold]

Show PPP mulitlink says there are no active bundles.

I tried debug isdn q931 and this is what I got:

RouterA#debug isdn q931
ISDN Q931 packets debugging is on
RouterA#
8w3d: %ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 70 changed to up
8w3d: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
8w3d: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state
to up
8w3d: ISDN BR0: llc valid, speed 64, call type is DATA speed:0 async:N
8w3d: ISDN BR0: Event: Received a DATA call from  on B2 at 64 Kb/s
8w3d: ISDN BR0: Event: Accepting the call id 0x153C
8w3d: %LINK-3-UPDOWN: Interface BRI0:2, changed state to up
8w3d: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:2, changed state
to up
8w3d: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 01419865623
RouterB
8w3d: %ISDN-6-CONNECT: Interface BRI0:2 is now connected to unknown

So, not anywhere near enough debug output AND this also shows how 2 x B
channels are coming up, BRI0:1 seems to call and then BRI0:2 seems to
receive a call.

I don't understand why this is happening, the led's confirm there are 2
channels up, I don't have any callback features configured or anything like
that.

It's frustrating really, I'm going over ISDN technologies for my CCNP exams
at the moment, you think you understand it and then the only 2 real-life
Cisco ISDN routers I have to look after don't seem to back up what I've
learned!



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66914&t=66867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: More debug confusion.. [7:66867]

[James Gosnold]

Hi John,

This a cut from my running-config, I have ppp encapsulation specified, why
are the calls HDLC framed?


interface Ethernet0
 ip address 192.168.10.21 255.255.255.0
!
interface BRI0
 ip address 192.168.11.1 255.255.255.0
 encapsulation ppp
 dialer map ip 192.168.11.2 name RouterB 01419865623
 dialer load-threshold 255 outbound
 dialer-group 1
 isdn switch-type basic-net3
!
interface Dialer0
 no ip address
 encapsulation ppp
 dialer in-band
 dialer idle-timeout 450
 dialer hold-queue 2
 dialer load-threshold 254 outbound
 dialer-group 1
 ppp authentication chap




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66913&t=66867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: More debug confusion.. [7:66867]

[MADMAN]

Yes you should see more.  Are you sure you have ppp authenication 
enabled?  For grins try debug isdn q931 and see if you get anything.

   Dave

James Gosnold wrote:
> Dear all, on a Cisco 801 router I am entering 
> 
> #terminal monitor
> #debug ppp negotiation
> #logging monitor debug
> #logging on
> 
> RouterA#show log
> Syslog logging: enabled (0 messages dropped, 0 messages rate-limit
>  0 overruns)
> Console logging: level debugging, 64712 messages logged
> Monitor logging: level debugging, 668 messages logged
> Logging to: vty1(13)
> Buffer logging: level debugging, 64712 messages logged
> Logging Exception size (2048 bytes)
> Count and timestamp logging messages: disabled
> Trap logging: level informational, 64346 message lines logged
> 
> So when I initiate a call I am expecting all this debug output to appear as
> per my CCNP study guide but instead all I get is:
> 
> RouterA#
> 8w2d: %ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 70 changed to up
> 8w2d: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
> 8w2d: BR0 IPCP: Install route to 192.168.10.2
> 8w2d: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state
> to u
> p
> 8w2d: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 01419925482
> RouterB
> 
> As far as I can tell the only line of output included is the IPCP line that
> I wouldn't normally get!
> 
> Yet in my study guide there should be lines and lines of output showing all
> the challenge/response and other various LCP info.
> 
> Is it something to do with the 801 IOS? 
> 
> RouterA#show ver
> Cisco Internetwork Operating System Software
> IOS (tm) C800 Software (C800-Y6-MW), Version 12.2(8)T4,  RELEASE SOFTWARE
> (fc1)
> TAC Support: http://www.cisco.com/tac
> Copyright (c) 1986-2002 by cisco Systems, Inc.
> Compiled Sat 04-May-02 11:28 by ccai
> Image text-base: 0x000F5000, data-base: 0x0077F000
> 
> ROM: TinyROM version 1.4(1)
> RouterA uptime is 8 weeks, 2 days, 23 hours, 12 minutes
> System returned to ROM by power-on
> System image file is "flash:c800-y6-mw.122-8.T4.bin"
> 
> Cisco C801  (MPC850) processor (revision 1) with 44156K bytes of virtual
> memory.
> Processor board ID JAD062508M4 (78753280)
> CPU part number 0x2101
> Bridging software.
> Basic Rate ISDN software, Version 1.1.
> 1 Ethernet/IEEE 802.3 interface(s)
> 1 ISDN Basic Rate interface(s)
> 4M bytes of physical memory (DRAM)
> 8K bytes of non-volatile configuration memory
> 8M bytes of flash on board (4M from flash card)
> 
> Configuration register is 0x102
> 
> 
> 
> Thanks for any advice, James.
-- 
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications
612-664-3367

I would rather have a German division in front of me than a French one 
behind me."
--- General George S. Patton




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66879&t=66867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: More debug confusion.. [7:66867]

[MADMAN]

The channels are not necessarily multilinked, try a "sh ppp 
multilink" to see if they are bundled.

   dave

James Gosnold wrote:
> Actually, while I'm after some advice :-) another thing that confues me
> about these ISDN 801 routers is that I have 2 x B channels up but I don't
> have PPP multilink configured.
> 
> RouterA#show isdn status
> Global ISDN Switchtype = basic-net3
> ISDN BRI0 interface
> dsl 0, interface ISDN Switchtype = basic-net3
> Layer 1 Status:
> ACTIVE
> Layer 2 Status:
> TEI = 70, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
> Layer 3 Status:
> 2 Active Layer 3 Call(s)
> CCB:callid=91BB, sapi=0, ces=1, B-chan=1, calltype=DATA,
> hdlctype=HDLC-
> RUNK
> CCB:callid=1538, sapi=0, ces=1, B-chan=2, calltype=DATA,
> hdlctype=HDLC-
> RUNK
> Active dsl 0 CCBs = 2
> The Free Channel Mask:  0x8000
> Number of L2 Discards = 0, L2 Session ID = 15
> Total Allocated ISDN CCBs = 2
-- 
David Madland
CCIE# 2016
Sr. Network Engineer
Qwest Communications
612-664-3367

I would rather have a German division in front of me than a French one 
behind me."
--- General George S. Patton




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66880&t=66867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: More debug confusion.. [7:66867]

[John Neiberger]

>Actually, while I'm after some advice :-) another thing that confues me
>about these ISDN 801 routers is that I have 2 x B channels up but I don't
>have PPP multilink configured.
>

As I recall, HDLC encapsulation automatically uses both B channels.

John


>RouterA#show isdn status
>Global ISDN Switchtype = basic-net3
>ISDN BRI0 interface
>dsl 0, interface ISDN Switchtype = basic-net3
>Layer 1 Status:
>ACTIVE
>Layer 2 Status:
>TEI = 70, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
>Layer 3 Status:
>2 Active Layer 3 Call(s)
>CCB:callid=91BB, sapi=0, ces=1, B-chan=1, calltype=DATA,
>hdlctype=HDLC-
>RUNK
>CCB:callid=1538, sapi=0, ces=1, B-chan=2, calltype=DATA,
>hdlctype=HDLC-
>RUNK
>Active dsl 0 CCBs = 2
>The Free Channel Mask:  0x8000
>Number of L2 Discards = 0, L2 Session ID = 15
>Total Allocated ISDN CCBs = 2




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66874&t=66867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: More debug confusion.. [7:66867]

[James Gosnold]

Actually, while I'm after some advice :-) another thing that confues me
about these ISDN 801 routers is that I have 2 x B channels up but I don't
have PPP multilink configured.

RouterA#show isdn status
Global ISDN Switchtype = basic-net3
ISDN BRI0 interface
dsl 0, interface ISDN Switchtype = basic-net3
Layer 1 Status:
ACTIVE
Layer 2 Status:
TEI = 70, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
Layer 3 Status:
2 Active Layer 3 Call(s)
CCB:callid=91BB, sapi=0, ces=1, B-chan=1, calltype=DATA,
hdlctype=HDLC-
RUNK
CCB:callid=1538, sapi=0, ces=1, B-chan=2, calltype=DATA,
hdlctype=HDLC-
RUNK
Active dsl 0 CCBs = 2
The Free Channel Mask:  0x8000
Number of L2 Discards = 0, L2 Session ID = 15
Total Allocated ISDN CCBs = 2




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66870&t=66867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

More debug confusion.. [7:66867]

[James Gosnold]

Dear all, on a Cisco 801 router I am entering 

#terminal monitor
#debug ppp negotiation
#logging monitor debug
#logging on

RouterA#show log
Syslog logging: enabled (0 messages dropped, 0 messages rate-limit
 0 overruns)
Console logging: level debugging, 64712 messages logged
Monitor logging: level debugging, 668 messages logged
Logging to: vty1(13)
Buffer logging: level debugging, 64712 messages logged
Logging Exception size (2048 bytes)
Count and timestamp logging messages: disabled
Trap logging: level informational, 64346 message lines logged

So when I initiate a call I am expecting all this debug output to appear as
per my CCNP study guide but instead all I get is:

RouterA#
8w2d: %ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 70 changed to up
8w2d: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
8w2d: BR0 IPCP: Install route to 192.168.10.2
8w2d: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state
to u
p
8w2d: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 01419925482
RouterB

As far as I can tell the only line of output included is the IPCP line that
I wouldn't normally get!

Yet in my study guide there should be lines and lines of output showing all
the challenge/response and other various LCP info.

Is it something to do with the 801 IOS? 

RouterA#show ver
Cisco Internetwork Operating System Software
IOS (tm) C800 Software (C800-Y6-MW), Version 12.2(8)T4,  RELEASE SOFTWARE
(fc1)
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Sat 04-May-02 11:28 by ccai
Image text-base: 0x000F5000, data-base: 0x0077F000

ROM: TinyROM version 1.4(1)
RouterA uptime is 8 weeks, 2 days, 23 hours, 12 minutes
System returned to ROM by power-on
System image file is "flash:c800-y6-mw.122-8.T4.bin"

Cisco C801  (MPC850) processor (revision 1) with 44156K bytes of virtual
memory.
Processor board ID JAD062508M4 (78753280)
CPU part number 0x2101
Bridging software.
Basic Rate ISDN software, Version 1.1.
1 Ethernet/IEEE 802.3 interface(s)
1 ISDN Basic Rate interface(s)
4M bytes of physical memory (DRAM)
8K bytes of non-volatile configuration memory
8M bytes of flash on board (4M from flash card)

Configuration register is 0x102



Thanks for any advice, James.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66867&t=66867
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Confusion on CISSP requirements [7:60997]

[mjans001]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I stand firm behind Will's post.

Martijn Jansen CISSP etc.

www.wortell.nl


- -Oorspronkelijk bericht-
Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Namens William
Gragido
Verzonden: dinsdag 14 januari 2003 18:24
Aan: [EMAIL PROTECTED]
Onderwerp: RE: Confusion on CISSP requirements [7:60997]


Not necessarily Scott.  You've got to be able to prove (in others words have
documentable proof), that you've worked for a cumulative total of 4 years in
the security field.  Now, the caveat is that your work can be spread amongst
the ten domains or relegated to one as long as your total time meets the
minimum criteria.  Then you are eligible to test.  Once you test and pass,
you must then be sponsored by a CISSP in good standing.

Shoot me a note with any questions,

Will Gragido CISSP CCNP CIPTSS CCNA CCDA MCP blah blah blah
NSC
www.ins.com

- -Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Scott
Sent: Monday, January 13, 2003 6:44 PM
To: [EMAIL PROTECTED]
Subject: OT: Confusion on CISSP requirements [7:60997]


I'm a CCIE with over 4 years of experience in networking and a college
degree.  Each position I have had required a small percentage of security
related work.  Does that satisfy the requirements or are they asking for
100% security work?  Any help greatly appreciated.
Version: PGP 8.0

iQA/AwUBPi3H0ndq56XWk+VyEQK0dgCeIcxQJ9SP1PWxATSQ8/DRcBx7mp0AnRCw
KzEAqYs83YjxNpwMPomn/Lxw
=6s/J
-END PGP SIGNATURE-




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61519&t=60997
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Confusion on CISSP requirements [7:60997]

[William Gragido]

Not necessarily Scott.  You've got to be able to prove (in others words have
documentable proof), that you've worked for a cumulative total of 4 years in
the security field.  Now, the caveat is that your work can be spread amongst
the ten domains or relegated to one as long as your total time meets the
minimum criteria.  Then you are eligible to test.  Once you test and pass,
you must then be sponsored by a CISSP in good standing.

Shoot me a note with any questions,

Will Gragido CISSP CCNP CIPTSS CCNA CCDA MCP blah blah blah
NSC
www.ins.com

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Scott
Sent: Monday, January 13, 2003 6:44 PM
To: [EMAIL PROTECTED]
Subject: OT: Confusion on CISSP requirements [7:60997]


I'm a CCIE with over 4 years of experience in networking and a college
degree.  Each position I have had required a small percentage of security
related work.  Does that satisfy the requirements or are they asking for
100% security work?  Any help greatly appreciated.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61035&t=60997
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: OT: Confusion on CISSP requirements [7:60997]

[Aaron Ajello]

I'm studying for the CISSP test right now and have wondered the same thing. 
I've talked to two people that have taken and passed the test (and been
confirmed by ISC2) and their jobs never were entirely security based but
always had some degree of security responsibility, as you're saying.
So I believe your experience meets the requirement.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=61021&t=60997
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OT: Confusion on CISSP requirements [7:60997]

[Scott]

I'm a CCIE with over 4 years of experience in networking and a college
degree.  Each position I have had required a small percentage of security
related work.  Does that satisfy the requirements or are they asking for
100% security work?  Any help greatly appreciated.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=60997&t=60997
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Confusion [7:54875]

[NetEng]

Here's my config

access-list 101 permit icmp any any echo-reply
access-list 101 permit icmp any any source-quench
access-list 101 permit icmp any any unreachable
access-list 101 permit icmp any any time-exceeded
access-list 101 permit tcp any host 192.168.1.2 eq ftp
access-list 101 permit tcp any host 192.168.1.2 eq www
access-list 101 permit tcp any any eq www
pager lines 24
interface ethernet0 10baset
interface ethernet1 10full
mtu outside 1500
mtu inside 1500
ip address outside dhcp setroute
ip address inside 192.168.1.1 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,outside) tcp interface ftp 192.168.1.2 ftp netmask
255.255.255.255 0 0
static (inside,outside) tcp interface www 192.168.1.2 www netmask
255.255.255.255 0 0
access-group 101 in interface outside

I can ping OK, but cant access web or ftp from outside.
""NetEng""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have a PIX 501 and get a single IP from my ISP. I would like to set up
an
> FTP conduit, but on port 5051. I can't find any docs on how to do this.
When
> I play around it it states that I have to change my NAT rules too. I still
> want all inside users access outside. Any info or links are appreciated.
>
> NetEng




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54918&t=54875
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Confusion [7:54875]

[NetEng]

Still confused, I'm using access-lists

Here's the example from cisco:
static (inside, outside) 175.1.1.254 192.168.1.2
access-list 101 permit tcp host any host 192.168.1.2 eq ftp
access-group 101 in interface outside

Here's my questions:
I'm using DHCP for my outside address, can I still PAT the port for FTP?
How do I change the above static line to use the DHCP assigned address?

NetEng

""NetEng""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have a PIX 501 and get a single IP from my ISP. I would like to set up
an
> FTP conduit, but on port 5051. I can't find any docs on how to do this.
When
> I play around it it states that I have to change my NAT rules too. I still
> want all inside users access outside. Any info or links are appreciated.
>
> NetEng




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54913&t=54875
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: PIX Confusion [7:54875]

[Chee, William]

Try this:

static (inside,outside) tcp interface ftp 192.168.1.2(or IP of your internal
host) 5051 netmask 255.255.255.
255 0 0


-Original Message-
From: NetEng [mailto:[EMAIL PROTECTED]]
Sent: Friday, October 04, 2002 11:10 AM
To: [EMAIL PROTECTED]
Subject: PIX Confusion [7:54875]


I have a PIX 501 and get a single IP from my ISP. I would like to set up an
FTP conduit, but on port 5051. I can't find any docs on how to do this. When
I play around it it states that I have to change my NAT rules too. I still
want all inside users access outside. Any info or links are appreciated.

NetEng




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54894&t=54875
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: PIX Confusion [7:54875]

[Robert Edmonds]

>From Cisco's website:



You can use the fixup command to change the default port assignments or to
enable or disable application inspection for the following protocols and
applications:

  a.. FTP


  b.. H.323


  c.. HTTP


  d.. ILS


  e.. RSH


  f.. RTSP


  g.. SIP


  h.. SKINNY (SCCP)


  i.. SMTP


  j.. SQL*Net


The basic syntax for the fixup command is as follows:

[no] fixup protocol [protocol] [port]
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/config/fixu
p.htm#xtocid2

The command would be
fixup protocol ftp 5051
And as far as changing your NAT statements, I believe as long as you use the
keyword ftp
in your commands, it will adjust to the port number change.
""NetEng""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have a PIX 501 and get a single IP from my ISP. I would like to set up
an
> FTP conduit, but on port 5051. I can't find any docs on how to do this.
When
> I play around it it states that I have to change my NAT rules too. I still
> want all inside users access outside. Any info or links are appreciated.
>
> NetEng




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54886&t=54875
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

PIX Confusion [7:54875]

[NetEng]

I have a PIX 501 and get a single IP from my ISP. I would like to set up an
FTP conduit, but on port 5051. I can't find any docs on how to do this. When
I play around it it states that I have to change my NAT rules too. I still
want all inside users access outside. Any info or links are appreciated.

NetEng




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54875&t=54875
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Fast Switching confusion [7:54421]

[B.J. Wilson]

Dear Joel -

I read in the "Switching Services Configuration Guide," page XC-15, that
"Fast switching is not supported on serial interfaces using encapsulations
other than HDLC."  This contradicts earlier examples, particularly where fast
switching is enabled on the "hub" side of a frame relay hub-and-spoke
configuration.  Is this line about HDLC a mistake, or what?

Thanks,

Crow T. Robot




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=54421&t=54421
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: confusion on ppp auth chap callin/ppp auth pap [7:48325]

[Ouellette, Tim]

I prefer to use the terms calling and called.  Such that your statement
would be.

"the calling device places a call to the called device, the called device
receives the call, the called device calls the call initiating (calling)
device back".

Maybe that will help?



-Original Message-
From: Carl Timm [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 09, 2002 10:54 AM
To: [EMAIL PROTECTED]
Subject: RE: confusion on ppp auth chap callin/ppp auth pap [7:48325]


When using PPP callin, it occurs on the receiving device. Conceptually think
of it this way, the calling device places a call, the receiving device
receives the call, the calling device calls the initiating device back. Hope
this helps.

Carl Timm, CCIE# 7149




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48453&t=48325
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: confusion on ppp auth chap callin/ppp auth pap [7:48325]

[Carl Timm]

When using PPP callin, it occurs on the receiving device. Conceptually think
of it this way, the calling device places a call, the receiving device
receives the call, the calling device calls the initiating device back. Hope
this helps.

Carl Timm, CCIE# 7149


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48382&t=48325
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: confusion on ppp auth chap callin/ppp auth pap [7:48325]

[richard dumoulin]

When you are using the callin option, only the one who calls needs to
authenticate himsefl.
You know, when you do not conigure this option, you have to configure chap
username and password for both ends.

Regards.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48391&t=48325
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: confusion on ppp auth chap callin/ppp auth pap [7:48325]

[Carl Timm]

My brain must have been fried last night. I just noticed that I answered the
question about callback, not callin authentication. Sorry if this caused any
confusion. I'm giving up answering questions at 2:30 in the morning.

The actuall answer to the callin question is as follows:

Callin is configured on the receiving device. Typically you will find this
used in ISDN backup scenarios. There's a hub device that remote devices
connect into for ISDN backup. Callin would be used on the hub device to
authenticate icoming calls from the remote devices. By using callin,
authentication only occurs on the hub device and not on the remote devices.
I hope this helps.

Carl


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48440&t=48325
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: confusion on ppp auth chap callin/ppp auth pap [7:48325]

[richard dumoulin]

With the callin option, only the one who is calling needs to authenticate
himsel.
Without it, you have to configure chap usernames and password at both ends.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48392&t=48325
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

confusion on ppp auth chap callin/ppp auth pap cal [7:48325]

[Mirza, Timur]

one cisco doc says that the "callin" keyword is used on "incoming" or
"received" calls (which to me implies the CALLED router), while on another
it lists a config where it is configured on the CALLING router

actually, whatever side it's configured on, it works in my lab! still, i'm
trying to get a grasp of what's conceptually happening

is there a contradiction or am i misunderstanding authentication?

Timur Mirza
Principal Network Engineer
Network Planning & Engineering, West Region
15505-B Sand Canyon Avenue
Irvine, California 92618
Verizon Wireless
949.286.6623 (o)
949.697.7964 (c)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=48325&t=48325
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Confusion: Channelized and Unchannelized T1 [7:47844]

[Wesley]

Hey Matt,

That's exactly where I got my info from. BTW, that's a really good book to
learn about T1, unchannelized or otherwise. And it goes into HDLC, PPP and
Frame Relay as well. The reindeer on the front cover rocks! hehe

Wes


""Matthew Crane""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi John
>
> Thought I would just add a few words from 'T1 A survival guide' from
> O'Reilly.
>
> T1 = DS1 delivered over a 4 wire copper interface
> DS1 = Digital Stream level 1 - 24 DS0's combined into a DS1 which supplies
> 1536 kbps connectivity plus 8 kbps framing and signalling overhead for a
> total of 1544kbps.
> DS0 = A single 64kbps channel.
>
> p149 - "Each time slot in the T1 has the capacity to support one
traditional
> telephone call. Channelised T1 does exactly this - each of the 24 time
slots
> can be treated as a digital telephone line. Each line has a 64kbps raw
> capacity, but since a byte must be used for signalling the maximum
thoughput
> of a cT1 channel is 56kbps. On ther otherhand unchannelised T1 simply
views
> each time slot as the opporunity to send another 8bits of data to the
remote
> end and the enite capacity is one big pipe."
>
> p163 - Configuring cT1...Individual DS0's may be configured for different
> purposes. Some may be used for voice, some for data and different time
slots
> may use different types of signalling.
>
> The book itself concentrates on unchannelised T1 and has been a great help
> to me over the past months working in the States, since in Europe we have
> simple E1
>
> Regards
>
> MFC




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47953&t=47844
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Confusion: Channelized and Unchannelized T1 [7:47949]

[Benjamin Pierce]

I am assuming that this is refering to a
Point-to-Point T1 Circuit.  If so, the telco refers
to
the circuit as unchanelized because they are not
breaking off any channels for you, You are doing
this
yourself with a mux.

Thanks,
Benjamin Pierce
> --- "Steven A. Ridder"  wrote:
> > I think a channelized T1 sends 193 bit frames as
> > well.  8 for each channel
> > plus 1 for timing = 193.
> > 
> > All T1's are channelized, otherwise it would have
> to
> > be some sort of
> > byte-synch communication, which isn't plausible.
> > 
> > I think the tech you spoke to is incorrect as
> well.
> > 
> > 
> > ""John Neiberger""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Just when I thought I understood the T1 world
> > pretty well we've run into
> > >  a situation that is thoroughly confusing me.
> > >
> > > I was under the impression that channelized T1
> > services used 24
> > > timeslots.  I call that 'channelized' because it
> > has 24 distinct
> > > 'channels'.  It's my understanding that
> > unchannelized T1 doesn't use the
> > > 24 timeslots and instead sends one giant 192-bit
> > frame.
> > >
> > > At one of our locations we are muxing voice and
> > data traffic onto a
> > > single T1.  At each end we split off certain
> > channels to a router and
> > > other channels over to the PBX.  To do this,
> > wouldn't the T1 *have* to
> > > be channelized, since we're separating the
> > channels at the CSU/DSU?
> > > According to our provider, that circuit is
> > unchannelized.  If a circuit
> > > is truly unchannelized, how would the CSU/DSU be
> > able to accurately
> > > split the T1 into two separate streams based on
> > channel information?
> > >
> > > To be more clear, let's say we have the CSU/DSU
> > configured to split
> > > channels 1-12 to the router and 13-24 to the
> PBX. 
> > This splitting
> > > function is based on the assumption that
> channels
> > exist on the incoming
> > > T1.  If they don't exist and we have one giant
> > frame instead of 24
> > > smaller frames, how could this possibly be
> > working??
> > >
> > > Yowza...my head hurts.
> > >
> > > John
> [EMAIL PROTECTED]
> 
> 
> __
> Do You Yahoo!?
> Sign up for SBC Yahoo! Dial - First Month Free
> http://sbc.yahoo.com
> 


__
Do You Yahoo!?
Sign up for SBC Yahoo! Dial - First Month Free
http://sbc.yahoo.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47949&t=47949
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Confusion: Channelized and Unchannelized T1 [7:47844]

[Matthew Crane]

Hi John

Thought I would just add a few words from 'T1 A survival guide' from
O'Reilly.

T1 = DS1 delivered over a 4 wire copper interface
DS1 = Digital Stream level 1 - 24 DS0's combined into a DS1 which supplies
1536 kbps connectivity plus 8 kbps framing and signalling overhead for a
total of 1544kbps.
DS0 = A single 64kbps channel.

p149 - "Each time slot in the T1 has the capacity to support one traditional
telephone call. Channelised T1 does exactly this - each of the 24 time slots
can be treated as a digital telephone line. Each line has a 64kbps raw
capacity, but since a byte must be used for signalling the maximum thoughput
of a cT1 channel is 56kbps. On ther otherhand unchannelised T1 simply views
each time slot as the opporunity to send another 8bits of data to the remote
end and the enite capacity is one big pipe."

p163 - Configuring cT1...Individual DS0's may be configured for different
purposes. Some may be used for voice, some for data and different time slots
may use different types of signalling.

The book itself concentrates on unchannelised T1 and has been a great help
to me over the past months working in the States, since in Europe we have
simple E1

Regards

MFC




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47928&t=47844
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Confusion: Channelized and Unchannelized T1 [7:47844]

[Steven A. Ridder]

I think even a "pure data" T1 is channelized.  Even the PRI is as well.

--

RFC 1149 Compliant.



""Wesley""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I think the main thing to note about cT1s is bit robbed signalling i.e
> channel asscociated signalling normally used to transport voice.
Therefore,
> we've got 7 bits of payload, 1 bit for signalling for every timeslot and 1
> bit for framing. Bit robbed signalling would effectively yield a 56 kbps
> pipe as opposed to 64 kbps offered by ISDN PRI. However, 64 kbps (1
> timeslot) of the 24 timeslots is used for signalling. This is also known
as
> common channel signalling. As I understand it, there are three major types
> of services riding on T1 links:
>
> 1. Pure data T1 i.e. unchannelized T1
> 2. Channelized T1 and
> 3. ISDN PRI
>
> Wes
>
>
> ""Steven A. Ridder""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > I think a channelized T1 sends 193 bit frames as well.  8 for each
channel
> > plus 1 for timing = 193.
> >
> > All T1's are channelized, otherwise it would have to be some sort of
> > byte-synch communication, which isn't plausible.
> >
> > I think the tech you spoke to is incorrect as well.
> >
> >
> > ""John Neiberger""  wrote in message
> > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > > Just when I thought I understood the T1 world pretty well we've run
into
> > >  a situation that is thoroughly confusing me.
> > >
> > > I was under the impression that channelized T1 services used 24
> > > timeslots.  I call that 'channelized' because it has 24 distinct
> > > 'channels'.  It's my understanding that unchannelized T1 doesn't use
the
> > > 24 timeslots and instead sends one giant 192-bit frame.
> > >
> > > At one of our locations we are muxing voice and data traffic onto a
> > > single T1.  At each end we split off certain channels to a router and
> > > other channels over to the PBX.  To do this, wouldn't the T1 *have* to
> > > be channelized, since we're separating the channels at the CSU/DSU?
> > > According to our provider, that circuit is unchannelized.  If a
circuit
> > > is truly unchannelized, how would the CSU/DSU be able to accurately
> > > split the T1 into two separate streams based on channel information?
> > >
> > > To be more clear, let's say we have the CSU/DSU configured to split
> > > channels 1-12 to the router and 13-24 to the PBX.  This splitting
> > > function is based on the assumption that channels exist on the
incoming
> > > T1.  If they don't exist and we have one giant frame instead of 24
> > > smaller frames, how could this possibly be working??
> > >
> > > Yowza...my head hurts.
> > >
> > > John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47927&t=47844
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Confusion: Channelized and Unchannelized T1 [7:47844]

[Wesley]

I think the main thing to note about cT1s is bit robbed signalling i.e
channel asscociated signalling normally used to transport voice. Therefore,
we've got 7 bits of payload, 1 bit for signalling for every timeslot and 1
bit for framing. Bit robbed signalling would effectively yield a 56 kbps
pipe as opposed to 64 kbps offered by ISDN PRI. However, 64 kbps (1
timeslot) of the 24 timeslots is used for signalling. This is also known as
common channel signalling. As I understand it, there are three major types
of services riding on T1 links:

1. Pure data T1 i.e. unchannelized T1
2. Channelized T1 and
3. ISDN PRI

Wes


""Steven A. Ridder""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I think a channelized T1 sends 193 bit frames as well.  8 for each channel
> plus 1 for timing = 193.
>
> All T1's are channelized, otherwise it would have to be some sort of
> byte-synch communication, which isn't plausible.
>
> I think the tech you spoke to is incorrect as well.
>
>
> ""John Neiberger""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Just when I thought I understood the T1 world pretty well we've run into
> >  a situation that is thoroughly confusing me.
> >
> > I was under the impression that channelized T1 services used 24
> > timeslots.  I call that 'channelized' because it has 24 distinct
> > 'channels'.  It's my understanding that unchannelized T1 doesn't use the
> > 24 timeslots and instead sends one giant 192-bit frame.
> >
> > At one of our locations we are muxing voice and data traffic onto a
> > single T1.  At each end we split off certain channels to a router and
> > other channels over to the PBX.  To do this, wouldn't the T1 *have* to
> > be channelized, since we're separating the channels at the CSU/DSU?
> > According to our provider, that circuit is unchannelized.  If a circuit
> > is truly unchannelized, how would the CSU/DSU be able to accurately
> > split the T1 into two separate streams based on channel information?
> >
> > To be more clear, let's say we have the CSU/DSU configured to split
> > channels 1-12 to the router and 13-24 to the PBX.  This splitting
> > function is based on the assumption that channels exist on the incoming
> > T1.  If they don't exist and we have one giant frame instead of 24
> > smaller frames, how could this possibly be working??
> >
> > Yowza...my head hurts.
> >
> > John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47922&t=47844
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Confusion: Channelized and Unchannelized T1 [7:47844]

[Steven A. Ridder]

I think a channelized T1 sends 193 bit frames as well.  8 for each channel
plus 1 for timing = 193.

All T1's are channelized, otherwise it would have to be some sort of
byte-synch communication, which isn't plausible.

I think the tech you spoke to is incorrect as well.


""John Neiberger""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Just when I thought I understood the T1 world pretty well we've run into
>  a situation that is thoroughly confusing me.
>
> I was under the impression that channelized T1 services used 24
> timeslots.  I call that 'channelized' because it has 24 distinct
> 'channels'.  It's my understanding that unchannelized T1 doesn't use the
> 24 timeslots and instead sends one giant 192-bit frame.
>
> At one of our locations we are muxing voice and data traffic onto a
> single T1.  At each end we split off certain channels to a router and
> other channels over to the PBX.  To do this, wouldn't the T1 *have* to
> be channelized, since we're separating the channels at the CSU/DSU?
> According to our provider, that circuit is unchannelized.  If a circuit
> is truly unchannelized, how would the CSU/DSU be able to accurately
> split the T1 into two separate streams based on channel information?
>
> To be more clear, let's say we have the CSU/DSU configured to split
> channels 1-12 to the router and 13-24 to the PBX.  This splitting
> function is based on the assumption that channels exist on the incoming
> T1.  If they don't exist and we have one giant frame instead of 24
> smaller frames, how could this possibly be working??
>
> Yowza...my head hurts.
>
> John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47888&t=47844
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Confusion: Channelized and Unchannelized T1 [7:47844]

[Nigel Taylor]

John,
 There's nothing wrong with your understanding of channelized vs.
unchannelized.  I believe your provider's tech dosen't understand or is
completely mis-informed.

Nigel

- Original Message -
From: "John Neiberger" 
To: 
Sent: Monday, July 01, 2002 12:10 PM
Subject: Confusion: Channelized and Unchannelized T1 [7:47844]


> Just when I thought I understood the T1 world pretty well we've run into
>  a situation that is thoroughly confusing me.
>
> I was under the impression that channelized T1 services used 24
> timeslots.  I call that 'channelized' because it has 24 distinct
> 'channels'.  It's my understanding that unchannelized T1 doesn't use the
> 24 timeslots and instead sends one giant 192-bit frame.
>
> At one of our locations we are muxing voice and data traffic onto a
> single T1.  At each end we split off certain channels to a router and
> other channels over to the PBX.  To do this, wouldn't the T1 *have* to
> be channelized, since we're separating the channels at the CSU/DSU?
> According to our provider, that circuit is unchannelized.  If a circuit
> is truly unchannelized, how would the CSU/DSU be able to accurately
> split the T1 into two separate streams based on channel information?
>
> To be more clear, let's say we have the CSU/DSU configured to split
> channels 1-12 to the router and 13-24 to the PBX.  This splitting
> function is based on the assumption that channels exist on the incoming
> T1.  If they don't exist and we have one giant frame instead of 24
> smaller frames, how could this possibly be working??
>
> Yowza...my head hurts.
>
> John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47887&t=47844
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Confusion: Channelized and Unchannelized T1 [7:47844]

[John Neiberger]

Just when I thought I understood the T1 world pretty well we've run into
 a situation that is thoroughly confusing me.

I was under the impression that channelized T1 services used 24
timeslots.  I call that 'channelized' because it has 24 distinct
'channels'.  It's my understanding that unchannelized T1 doesn't use the
24 timeslots and instead sends one giant 192-bit frame.

At one of our locations we are muxing voice and data traffic onto a
single T1.  At each end we split off certain channels to a router and
other channels over to the PBX.  To do this, wouldn't the T1 *have* to
be channelized, since we're separating the channels at the CSU/DSU? 
According to our provider, that circuit is unchannelized.  If a circuit
is truly unchannelized, how would the CSU/DSU be able to accurately
split the T1 into two separate streams based on channel information?

To be more clear, let's say we have the CSU/DSU configured to split
channels 1-12 to the router and 13-24 to the PBX.  This splitting
function is based on the assumption that channels exist on the incoming
T1.  If they don't exist and we have one giant frame instead of 24
smaller frames, how could this possibly be working??

Yowza...my head hurts.

John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=47844&t=47844
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DLSW direct encapsulation confusion-->for Experts only [7:41315]

[Johnny Routing]

With DLSW over frame relay, you can use direct encapsulation (frame map
dlsw, with pass thru), or DLSW Lite (frame map llc, no pass thru).  On the
lab I'm sure they would make it clear which one they wanted and if not...
ask the proctor.  Here's a link which explains it pretty well.

JR

http://www.cisco.com/warp/public/cc/pd/ibsw/ibdlsw/tech/dls3_rg.htm





""IT Guy""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> GUys,
>
> A bit confuse abt DLSW+  direct encapsulation. I read on CD that
> it can be configure via 2 ways
>
> (1) DLSW LITe
> (2) PASSTHRU
>
> but I can see that in books dlsw lite is treated as another encapsulation
> type and not the direct encapsulation..
>
> SO If we follow the CD and lets consider that we have 2 kinds of Direct
> encapsulation, what we should configure in exam if they ask as to do so??
>
> I knw the difference of Local acknoledgment..Is there any other criteria
to
> check which option we should configure.
>
> Thkx for help..
>
>
> TOM
>
>
>
> _
> Send and receive Hotmail on your mobile device: http://mobile.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41315&t=41315
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DLSW direct encapsulation confusion-->for Experts only [7:41176]

[Engelhard M. Labiro]

Hi,

I was as confused as you before, because different material
states different definition and categories about DLSw+ direct
encapsulation.
I am stick on the CD`s definition that DLSw+ Lite is one kind
of direct encapsulation over Frame Relay.

The following are my notes and conclusion regarding DLSw+
over Frame Relay, after simulate some scenarios , if you have
any different opinion, please correct me.

1. Direct encapsulation in Frame Relay:

a. DLSW+ Lite or LLC2 , sample config:
dlsw remote-peer 0 frame-relay interface s0/0 100
frame-relay map llc2 100 broadcast
(the above two lines have to be configured together).

b. Pass-thru , sample config:
dlsw remote-peer 0 frame-relay interface s0/0 102 pass-thru
frame-relay map dlsw 102 broadcast
(the above two lines have to be configured together).

2. Direct encapsulation in HDLC:

- pass-thru only , sample config :
dlsw remote-peer 0  interface s0/0 pass-thru 



Engelhard M. Labiro$B!!(B([EMAIL PROTECTED])
Security Group, Technical Solution Center, Netmarks Inc.
2-13-34 Konan, Minato-Ku, Tokyo 108-0075
Tel: +81-3-5461-2575, Fax: +81-3-5461-2093

- Original Message - 
From: "IT Guy" 
To: 
Sent: Thursday, April 11, 2002 5:24 PM
Subject: DLSW direct encapsulation confusion-->for Experts only [7:41164]


> GUys,
> 
> A bit confuse abt DLSW+  direct encapsulation. I read on CD that
> it can be configure via 2 ways
> 
> (1) DLSW LITe
> (2) PASSTHRU
> 
> but I can see that in books dlsw lite is treated as another
> encapsulation type and not the direct encapsulation..
> 
> SO If we follow the CD and lets consider that we have 2 kinds of
> Direct  encapsulation, what we should configure in exam if they ask
> as to do so??
> 
> I knw the difference of Local acknoledgment..Is there any other
> criteria to check which option we should configure.
> 
> Thkx for help..
> 
> 
> TOM




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41176&t=41176
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DLSW direct encapsulation confusion-->for Experts only [7:41164]

[IT Guy]

GUys,

A bit confuse abt DLSW+  direct encapsulation. I read on CD that
it can be configure via 2 ways

(1) DLSW LITe
(2) PASSTHRU

but I can see that in books dlsw lite is treated as another encapsulation 
type and not the direct encapsulation..

SO If we follow the CD and lets consider that we have 2 kinds of Direct 
encapsulation, what we should configure in exam if they ask as to do so??

I knw the difference of Local acknoledgment..Is there any other criteria to 
check which option we should configure.

Thkx for help..


TOM



_
Send and receive Hotmail on your mobile device: http://mobile.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=41164&t=41164
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Gateway/Network Address confusion [7:36400]

[Anil Gupte]

You said: "It is possible to have multiple logical subnets on one physical
network, although not recommended. "  Why not?  The purpose here is to keep
customers from stealing Ips that are not theirs and causing IP conflicts
(Windows Servers die when that happens).  Also, it prevents at least for low
level crackers, the ability to crack into a domain/machine if they are on
different logical subnets.  They are on the same wire in that they all come
off the same switch which in turn is connected to the Ethernet on the
router.

In your exmaple of the two router configuration, ("Then on R2-E0, assign
address 63.142.137.33/27.  ..."), how would packets know how to get to
63.142.137.2/30 from the .33 gateway).  Sorry for the dumb wuestions, but
that is how I learn.

Thanx for your detailed explanations.
Anil Gupte

- Original Message -
From: "Chris Charlebois" 
To: 
Sent: Monday, February 25, 2002 1:25 PM
Subject: RE: Gateway/Network Address confusion [7:36400]


> OK, some terminology.  We've got physical networks.  They are bound by
> routers.  Anytime a packet goes through a router, it is moving from one
> physical network to another. Then you have a logical subnet.  This is what
> actually gets addressed.  It is possible to have multiple logical subnets
on
> one physical network, although not recommended.  Each device can only
> directly communicate with other members of the same logical subnet.  A
> router would have to "translate" between the two logical subnets.
>
> Now, in the scenario you described, you have two logical subnets on one
> physical network (that's what the secondary address does).  Also, the two
> logical subnets consume all your address space.
>
> You mentioned partitioning off subnets for customers.  Does this mean each
> customer gets a seperate physical network?  And do you need to provision
> networks for WAN links?
>
> Here would be one way to do it.  Take the .137.X network off the main
router
> (Call it R1).  Get a second router (R2) for this customer.  Setup a
> point-to-point connection between the two.  Now, R1-E0 has an address of
> 63.142.136.1/24.  Assign R1-S0 to 63.142.137.1/30 and R2-S0 to
> 63.142.137.2/30.  This is the WAN connection.  Then on R2-E0, assign
address
> 63.142.137.33/27.  The default gateway for the hosts on this network would
> be 63.142.137.33 and the broadcast would be 63.142.137.63.  And on a
correct
> built network, the hosts (servers) never need to have route add commands.
>
> Now if you are doing this all on one router, you just need to add a
> secondary address of 63.142.137.33/27 (this would require you take off the
> 63.142.137.1/24 address first).  This creates a logical subnet on your
> existing physical network.
>
> I hope this made some sense to you.  If you have questions, I'll be
lurking
> around here somewhere.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36471&t=36400
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Gateway/Network Address confusion [7:36400]

[Howard C. Berkowitz]

>OK, some terminology.  We've got physical networks.  They are bound by
>routers.  Anytime a packet goes through a router, it is moving from one
>physical network to another. Then you have a logical subnet.  This is what
>actually gets addressed.  It is possible to have multiple logical subnets on
>one physical network, although not recommended.  Each device can only
>directly communicate with other members of the same logical subnet.  A
>router would have to "translate" between the two logical subnets.
>
>Now, in the scenario you described, you have two logical subnets on one
>physical network (that's what the secondary address does).  Also, the two
>logical subnets consume all your address space.

How many illogical subnets share the physical place where Dilbert works? :-)




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36436&t=36400
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Gateway/Network Address confusion [7:36400]

[Chris Charlebois]

OK, some terminology.  We've got physical networks.  They are bound by
routers.  Anytime a packet goes through a router, it is moving from one
physical network to another. Then you have a logical subnet.  This is what
actually gets addressed.  It is possible to have multiple logical subnets on
one physical network, although not recommended.  Each device can only
directly communicate with other members of the same logical subnet.  A
router would have to "translate" between the two logical subnets.

Now, in the scenario you described, you have two logical subnets on one
physical network (that's what the secondary address does).  Also, the two
logical subnets consume all your address space.

You mentioned partitioning off subnets for customers.  Does this mean each
customer gets a seperate physical network?  And do you need to provision
networks for WAN links?

Here would be one way to do it.  Take the .137.X network off the main router
(Call it R1).  Get a second router (R2) for this customer.  Setup a
point-to-point connection between the two.  Now, R1-E0 has an address of
63.142.136.1/24.  Assign R1-S0 to 63.142.137.1/30 and R2-S0 to
63.142.137.2/30.  This is the WAN connection.  Then on R2-E0, assign address
63.142.137.33/27.  The default gateway for the hosts on this network would
be 63.142.137.33 and the broadcast would be 63.142.137.63.  And on a correct
built network, the hosts (servers) never need to have route add commands.

Now if you are doing this all on one router, you just need to add a
secondary address of 63.142.137.33/27 (this would require you take off the
63.142.137.1/24 address first).  This creates a logical subnet on your
existing physical network.

I hope this made some sense to you.  If you have questions, I'll be lurking
around here somewhere.



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36421&t=36400
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Gateway/Network Address confusion [7:36400]

[Anil Gupte]

Trying to apply what I am learning in the CCNA class, I am running into some
confusion regarding some basic concepts.  I am trying to apply what I
learned to our network which has a few colocated customers to whom I want to
assign ips with subnets.

We have a /23 assigned to us, let us call it 63.142.136.0/23.  We have
broken it up into (assigned on our router's etherne port):

  Internet address is 63.142.136.1/24
  Secondary address 63.142.137.1/24

Also, "show ip route static" shows (among other things):
S   63.142.136.0/23 is directly connected, Null0
S*   0.0.0.0/0 [1/0] via 66.100.223.193

Now here is where my confusion begins.  I want to assign a subnet to a
customer, let us say
63.142.136.32/27 which will be 32 - 63 with 32 being the network address and
63 being the broadcast.  I will then add

ip route 63.142.136.32 255.255.255.224

On his Windows server, do I assign 63.142.136.33 as the default gateway?
and now do I need to add a route to route his subnet to 63.142.136.1?

Am I confused about the Gateway vs. network address?  If I could understand
this, I think I would understand everything about routing. :-)  Well maybe
not, but I sure would feel better about it...

Thanx,
Anil Gupte




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=36400&t=36400
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Confusion on permiting SNA [7:30886]

[John Neiberger]

You are correct.  That book, while good, is littered with typos 
and this is definitely one of them.  If your mask were 0x, 
then it would only match 0x0d0d exactly.  Check out the 
following webpage for a great explanation:

http://www.cisco.com/warp/public/698/acl200.html

HTH,
John



Get your own "800" number
Voicemail, fax, email, and a lot more
http://www.ureach.com/reg/tag


 On Thu, 3 Jan 2002, William Lijewski ([EMAIL PROTECTED]) 
wrote:

> Could someone please tell me the correct way to permit just 
SNA.  I have
> read many places that the correct access list to permit just 
SNA is :
> 
> access-list 200 permit 0x 0x0D0D
> 
> I just received the Cisco Practical Studies book and it shows 
it as
> follows:
> 
> access-list 200 permit 0x0D0D 0x
> 
> Which way is correct?!
> 
> Thanks
[EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30888&t=30886
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Confusion on permiting SNA [7:30886]

[William Lijewski]

Could someone please tell me the correct way to permit just SNA.  I have
read many places that the correct access list to permit just SNA is :

access-list 200 permit 0x 0x0D0D

I just received the Cisco Practical Studies book and it shows it as follows:

access-list 200 permit 0x0D0D 0x

Which way is correct?!

Thanks





Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=30886&t=30886
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Nat confusion [7:26484]

[Daniel Cotts]

How easy it is to forget that our native tongue is foreign to others.
Try this page: http://www.cisco.com/warp/public/556/12.html#0

Let's call E0 the external interface and E1 the internal.

ip nat inside source list 1 interface ethernet 0 overload
!
int e0
ip address 192.168.1.1 255.255.255.0
ip nat outside
!
int e1
ip address 10.10.10.1 255.255.255.0 (or whatever)
ip nat inside
!
access-list 1 permit 10.10.10.0 0.0.0.255

This should work just fine for those inside wishing to initiate
communication outside. Those outside cannot initiate communication to inside
machines as there is no static mapping of addresses with this config.

> -Original Message-
> From: Provost, Robert [mailto:[EMAIL PROTECTED]]
> Sent: Friday, November 16, 2001 10:27 AM
> To: [EMAIL PROTECTED]
> Subject: Nat confusion [7:26484]
> 
> 
> I am trying to setup NAT translation.  here is the setup.  I 
> want to NAT any
> local address, to the IP address of my external ethernet interface
> (many-to-one).  10.0.0.0 is the internal network.  
> 192.168.1.1 is the IP
> address of the external ethernet port.
> 
> I am on the cisco page and I am confused.  I have done NAT on 
> 3Com routers,
> but never on Cisco.
> 
> Any config help would be appreciated.
> 
> Thanks,
> 
> Rob Provost




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26501&t=26484
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

FW: Nat confusion [7:26484]

[Provost, Robert]

Ignore this post.  I figured it out.  For anyone who is interested:

http://www.cisco.com/warp/public/556/12.html#2

Thanks

-Original Message-
From: Provost, Robert [mailto:[EMAIL PROTECTED]]
Sent: Friday, November 16, 2001 11:27 AM
To: [EMAIL PROTECTED]
Subject: Nat confusion [7:26484]


I am trying to setup NAT translation.  here is the setup.  I want to NAT any
local address, to the IP address of my external ethernet interface
(many-to-one).  10.0.0.0 is the internal network.  192.168.1.1 is the IP
address of the external ethernet port.

I am on the cisco page and I am confused.  I have done NAT on 3Com routers,
but never on Cisco.

Any config help would be appreciated.

Thanks,

Rob Provost




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26498&t=26484
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Nat confusion [7:26484]

[VoIP Guy]

ip nat pool Name 192.168.1.1 192.168.1.1 mask 255.255.255.0
! creates a pool that defines what the addresses will be translated into

ip nat inside source list 1 pool Name overload
! tells the router that addresses defined in acl1 will use the pool Name to
translate into when leaving the router.
access-list 1 permit 10.0.0.0 0.255.255.255.0
! Defines that candidate addresses to be NAT'ted

ip nat inside
! Apply to internal network int
ip nat outside
!Apply to external interface

Didn't seem to come out right last time.


""Provost, Robert""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am trying to setup NAT translation.  here is the setup.  I want to NAT
any
> local address, to the IP address of my external ethernet interface
> (many-to-one).  10.0.0.0 is the internal network.  192.168.1.1 is the IP
> address of the external ethernet port.
>
> I am on the cisco page and I am confused.  I have done NAT on 3Com
routers,
> but never on Cisco.
>
> Any config help would be appreciated.
>
> Thanks,
>
> Rob Provost




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26490&t=26484
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Nat confusion [7:26484]

[VoIP Guy]

ip nat inside source list 1 pool NatPool  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I am trying to setup NAT translation.  here is the setup.  I want to NAT
any
> local address, to the IP address of my external ethernet interface
> (many-to-one).  10.0.0.0 is the internal network.  192.168.1.1 is the IP
> address of the external ethernet port.
>
> I am on the cisco page and I am confused.  I have done NAT on 3Com
routers,
> but never on Cisco.
>
> Any config help would be appreciated.
>
> Thanks,
>
> Rob Provost




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26488&t=26484
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Nat confusion [7:26484]

[Provost, Robert]

I am trying to setup NAT translation.  here is the setup.  I want to NAT any
local address, to the IP address of my external ethernet interface
(many-to-one).  10.0.0.0 is the internal network.  192.168.1.1 is the IP
address of the external ethernet port.

I am on the cisco page and I am confused.  I have done NAT on 3Com routers,
but never on Cisco.

Any config help would be appreciated.

Thanks,

Rob Provost




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=26484&t=26484
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

custom Queue Confusion [7:21656]

[Cisco Lover]

Hi guys,

Just a  little confusion regarding CQ.
As far as I know when we are going to implement custome queueing for 
different protocols,we are suppose to consider frame size for every protocol 
and than find the accurate bandwidth each queu should have??

On the other hand, I saw in many test labs that they just consider the 
bandwidth of interface and divide this among the traffic as per given 
percentage?

Now I get confuse??Wht the way we suppose to use in exam?
Are we suppose to remember max frame sizes for diff protocols and use them 
in lab to calculate actual amount allocated to each queue.


Thanks for the help

A Cisco lover



_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=21656&t=21656
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DLSW Confusion [7:18304]

[Donny Mateo]

DLSW+ is supposed to be a method to encapsulate sna packet over IP network. 
and to do so, you need to create a virtual ring and join all the token ring 
into that ring( the Source-bridge ring-group command), DLSW will pick up  
the packet from the virtual ring and send them through the IP network.

And since most sna originate from Mainframe network which reside on Token 
Ring based network, and thus the source-route bridge command will make sense 
to bridge the token ring network to the virtual ring.
if there is no source-route bridge , won't it be a little bit misleading in 
term of why you need DLSW in the first place ?

my 0.01

Donny
CCDA CCNP



>From: "Cisco Lover" 
>Reply-To: "Cisco Lover" 
>To: [EMAIL PROTECTED]
>Subject: DLSW Confusion [7:18304]
>Date: Mon, 3 Sep 2001 08:41:49 -0400
>
>Hi guys,
>
>I am still revolving around an stupid DLSW confusion.
>I found in many 3rd party labs and other configurations that they are
>using  SOURCE-ROUTE BRIDGE x command even when configuring DLSW+ between 2
>ethernet segments..
>
>Do we really need to put  this command even when we are not dealing with
>TR??
>
>I am not agree with this
>
>Any idea?
>
>Thanks.
>
>_
>Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18364&t=18304
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: DLSW Confusion [7:18304]

[Lance]

I have this set up in my lab right now, and I left the source-route commands
off on all the Ethernet routers and it worked fine.

Lance

""Cisco Lover""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi guys,
>
> I am still revolving around an stupid DLSW confusion.
> I found in many 3rd party labs and other configurations that they are
> using  SOURCE-ROUTE BRIDGE x command even when configuring DLSW+ between 2
> ethernet segments..
>
> Do we really need to put  this command even when we are not dealing with
> TR??
>
> I am not agree with this
>
> Any idea?
>
> Thanks.
>
> _
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18326&t=18304
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: DLSW Confusion [7:18304]

[McCallum, Robert]

no, this is not needed when only dealing with ethernets.  Although arguing
that it doesn't do any harm

-Original Message-
From: Cisco Lover [mailto:[EMAIL PROTECTED]]
Sent: 03 September 2001 13:42
To: [EMAIL PROTECTED]
Subject: DLSW Confusion [7:18304]


Hi guys,

I am still revolving around an stupid DLSW confusion.
I found in many 3rd party labs and other configurations that they are
using  SOURCE-ROUTE BRIDGE x command even when configuring DLSW+ between 2 
ethernet segments..

Do we really need to put  this command even when we are not dealing with 
TR??

I am not agree with this

Any idea?

Thanks.

_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18306&t=18304
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

DLSW Confusion [7:18304]

[Cisco Lover]

Hi guys,

I am still revolving around an stupid DLSW confusion.
I found in many 3rd party labs and other configurations that they are
using  SOURCE-ROUTE BRIDGE x command even when configuring DLSW+ between 2 
ethernet segments..

Do we really need to put  this command even when we are not dealing with 
TR??

I am not agree with this

Any idea?

Thanks.

_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18304&t=18304
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 6500 Confusion [7:9983]

[dre]

I would say that the overall architecture of the Catalyst 5x00/6x00
series is definitely overcomplicated.

I personally think that because it's so overcomplicated, it has to
have less performance and reliability, etc than other products that
do Layer 3 switching.  This is not verified completely, but if you
look at just the basic specifications for what a packet does in
hardware for Catalyst 6500 vs. other vendors (i.e. Foundry)
you will begin to understand that the Cisco approach is probably
not all it's cracked up to be.  However, Cisco definitely has some
distinct advantages in many environments, and with the SUP2
MSFC2 + dual DFC and PXF enabled linecards they claim
15 million access-lists at line rate.  We'll see how they perform
in real networks in this upcoming year.

I don't think Cisco is making things more complicated; I am
beginning to think that they don't understand it either.  And
that is scary.

-dre

""John Neiberger""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Believe me, it all looks funny to me, too!I think this is Cisco's
> attempt to make things more complicated than they need to be.
>
> Perhaps deciphering acronyms will be on the revised CCIE exam.




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=10020&t=9983
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 6500 Confusion [7:9983]

[dre]

""John Neiberger""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

> In the first configuration, the Sup1A can use CatOS or SupIOS.  The
> MSFC operates as the MLS-RP and the Sup1A is the MLS-SE, right?
> InterVLAN traffic is routed initially by the MSFC until a flow is
> established, at which point the rest of the flow is hardware switched.

Basically, yes.  Unless you exceed the 128k max flows or hit the hashing
collision.  And other situations might exist as well.  On CCO you could
read:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_5_2/layer3/m
ls.htm
which gives a little bit of details on this.

> In the second configuration, instead of MLS we're using CEF and the
> MSFC2 config looks just like a router with multiple interfaces running
> CEF.  There are no MLS-related configuration commands needed.  Hmm...at
> the moment I'm actually having a hard time differentiating between the
> operation of MLS and CEF in this context.

Yes, but in CatOS, you can still do the MLS commands, there just isn't
anything there because it's not running MLS anymore.  Even stranger,
you can look inside CEF on the MSFC2 with "show ip cef internal" or
whatever your favorite CEF command is *AND* you can also do a
"show mls cef" or something like that under CatOS.  I find this extremely
strange.  I would guess that with the Sup IOS architecture you will be
able to attach or exec commands on the OSM cards or DFC-enabled
line cards to show their CEF table.  But I don't think you can with the
CatOS MSFC IOS.

> I think I need to brush up on MLS (since I haven't researched it since
> last year) and then read through CCO to see how they're implementing CEF
> on these switches.

Don't worry about MLS unless you already have SUP1A's.  If you are
considering buying soon, don't evaluate the older product, just evaluate
the SUP2 MSFC2 for Layer 3 switching.  And go with Sup IOS, since
that's what is going to be supported in the long run.

Here's some good reading
http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/prodlit/supe_ds.htm
http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/tech/c65sp_wp.htm
http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/prodlit/65dfc_ds.htm
http://www.cisco.com/warp/public/cc/pd/rt/7600osr/prodlit/76osr_ov.htm
http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/prodlit/msfc2_ds.htm
http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/prodlit/c6sfm_ds.htm

> If Cisco is moving toward using only the SupIOS, I may have to start
> thinking of the 6500 as a router with a bunch of switch ports instead of
> a switch with some L3 routing functions built in.  :-)

I hear it's kind of like the 8540 or even like the 2900XL/3500XL switches.
That first document I listed just above covers a lot of the feature
differences
between CatOS and Sup IOS.

-dre




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=10018&t=9983
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Catalyst 6500 Confusion [7:9983]

[John Neiberger]

Believe me, it all looks funny to me, too!I think this is Cisco's
attempt to make things more complicated than they need to be.

Perhaps deciphering acronyms will be on the revised CCIE exam.

>>> "Allen May"  6/26/01 2:22:21 PM >>>
ROFL..I'm sorry but with all the CEF IOS CatOS SUP1 MSM VLAN stuff it
just
looked funny to me...I'm easily amused ;)  I guess it's just the way
every
other word came out an acronym...heh.
- Original Message -
From: "dre" 
To: 
Sent: Tuesday, June 26, 2001 2:49 PM
Subject: Re: Catalyst 6500 Confusion [7:9983]


> ""John Neiberger""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Okay, I'm thoroughly confused.  I'm doing some research on this
platform
> > because we'll be purchasing one later this year or early next year.
 The
> > documentation seems to be quite murky and the more I read, the
less
> > clear the picture is.
>
> The entire Catalyst architecture is strange and piecemeal.  I
understand
> your
> confusion and frustration.
>
> > I see a few different issues that I need help with.  The first is
> > software.  Which one to use?  CatOS?  Supervisor IOS?  If I can
only do
> > CEF with IOS, then if we get CatOS are we totally hosed and limited
to
> > software forwarding of interVLAN traffic?
>
> The original SUP1 MSM architecture of the Layer 3 Catalyst 6500 is
> different than the SUP1A MSFC architecture is different than the
SUP2
> MSFC2 architecture.  You can use the MSFC2 on the SUP1A, but you
> don't get the advantage of CEF in Layer 3 switching like you would
with
> the SUP2 MSFC2 combination.  SUP1A has to use MLS.  SUP2 has
> to use CEF.
>
> In the SUP2 MSFC2 architecture, CEF is downloaded from the MSFC2
> to the PFC2 (another card on the SUP2), so CEF now forwards in
> hardware.  This happens whether you are running CatOS (Hybrid) or
> Sup IOS (Native).  If you are using DFC-enabled linecards, the CEF
> table is also downloaded to each DFC (there can be up to two per
> linecard, depending on which ones you are using).  It is actually
even
> more complex than this, but I don't want to make your head spin.
>
> The only real difference between CatOS and Sup IOS is support and
> features.
>
> CatOS + MSFC IOS is currently the software for the SUP2 MSFC2
> architecture.  This is changing in the next three months. 
Everything
> currently only works properly for SUP2 MSFC2 under CatOS.
>
> But three months from now, Cisco is changing directions with the
product
> and moving completely to Sup IOS.  All future work will be done for
Sup
> IOS, but it is not available fully yet.  The newest features are
being
> developed for Sup IOS like EoMPLS (which Cisco demonstrated on the
> Catalyst 6500 / 7600 OSR at SuperComm).  I believe that the Catalyst
> 6500 / 7600 OSR is the only product currently supporting EoMPLS (or
> any of the AToM technologies), even though it doesn't yet support
> MPLS-TE or MPLS-VPN.  More details on EoMPLS are available at
>
http://www.cisco.com/warp/public/cc/pd/rt/7600osr/prodlit/emp76_tc.htm

>
> > I see that the MSFC2 can do 650 Mbps+ of software-based forwarding.
 Is
> > this only referring to first-time routing of packets when no MLS
entries
> > are present in the cache?  If there are cached entries are they
> > hardware-forwarded or are we still limited by the performance of
the
> > MSFC?
>
> MSFC2 only does forwarding when there are no MLS entries in the
> cache, yes, but this only would occur on the SUP1A architecture. 
With
> SUP2, the MSFC2 would only do forwarding when there are no CEF
> adjacencies or when packets are not-cef-switched (first packet
generally).
>
> The benefit of having the Catalyst 6500 would be to use MLS with
SUP1A
> whenever possible and CEF with SUP2 (or to the DFC-enabled
linecards)
> whenever possible.  This maximizes performance, because it's all done
in
> hardware forwarding.
>
> > We have a lot of interVLAN traffic and my worry is that as traffic
> > volumes increase that our performance will suffer due to
restraints
> > present in the MSFC.
>
> As long as everything stays in MLS (SUP1A) you will be ok.  There is
> a hashing algorithm problem that causes a maximum of 128k
destination-only
> based flows, but many people have found that realisitically this
number is
> much lower due to a hash collision that will result in packets forced
up
to
> the MSFC (1 or 2, doesn't matter).  More details can be found at:
> http://www.cisco.com/warp/public/473/35.html (at the bottom of the
> page).  Setting destination-only based flows (the default) and by
tuning
> with MLS fast aging, you can possi

Re: Catalyst 6500 Confusion [7:9983]

[John Neiberger]

Thanks, that does help to clear some things up...sort of.  :-)  Let me
see if I really understand the differences between Sup1A+MSFC and
Sup2+MSFC2.  

In the first configuration, the Sup1A can use CatOS or SupIOS.  The
MSFC operates as the MLS-RP and the Sup1A is the MLS-SE, right? 
InterVLAN traffic is routed initially by the MSFC until a flow is
established, at which point the rest of the flow is hardware switched.

In the second configuration, instead of MLS we're using CEF and the
MSFC2 config looks just like a router with multiple interfaces running
CEF.  There are no MLS-related configuration commands needed.  Hmm...at
the moment I'm actually having a hard time differentiating between the
operation of MLS and CEF in this context.  

I think I need to brush up on MLS (since I haven't researched it since
last year) and then read through CCO to see how they're implementing CEF
on these switches.

If Cisco is moving toward using only the SupIOS, I may have to start
thinking of the 6500 as a router with a bunch of switch ports instead of
a switch with some L3 routing functions built in.  :-)

thanks,
John

>>> "dre"  6/26/01 1:49:37 PM >>>
""John Neiberger""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Okay, I'm thoroughly confused.  I'm doing some research on this
platform
> because we'll be purchasing one later this year or early next year. 
The
> documentation seems to be quite murky and the more I read, the less
> clear the picture is.

The entire Catalyst architecture is strange and piecemeal.  I
understand
your
confusion and frustration.

> I see a few different issues that I need help with.  The first is
> software.  Which one to use?  CatOS?  Supervisor IOS?  If I can only
do
> CEF with IOS, then if we get CatOS are we totally hosed and limited
to
> software forwarding of interVLAN traffic?

The original SUP1 MSM architecture of the Layer 3 Catalyst 6500 is
different than the SUP1A MSFC architecture is different than the SUP2
MSFC2 architecture.  You can use the MSFC2 on the SUP1A, but you
don't get the advantage of CEF in Layer 3 switching like you would
with
the SUP2 MSFC2 combination.  SUP1A has to use MLS.  SUP2 has
to use CEF.

In the SUP2 MSFC2 architecture, CEF is downloaded from the MSFC2
to the PFC2 (another card on the SUP2), so CEF now forwards in
hardware.  This happens whether you are running CatOS (Hybrid) or
Sup IOS (Native).  If you are using DFC-enabled linecards, the CEF
table is also downloaded to each DFC (there can be up to two per
linecard, depending on which ones you are using).  It is actually even
more complex than this, but I don't want to make your head spin.

The only real difference between CatOS and Sup IOS is support and
features.

CatOS + MSFC IOS is currently the software for the SUP2 MSFC2
architecture.  This is changing in the next three months.  Everything
currently only works properly for SUP2 MSFC2 under CatOS.

But three months from now, Cisco is changing directions with the
product
and moving completely to Sup IOS.  All future work will be done for
Sup
IOS, but it is not available fully yet.  The newest features are being
developed for Sup IOS like EoMPLS (which Cisco demonstrated on the
Catalyst 6500 / 7600 OSR at SuperComm).  I believe that the Catalyst
6500 / 7600 OSR is the only product currently supporting EoMPLS (or
any of the AToM technologies), even though it doesn't yet support
MPLS-TE or MPLS-VPN.  More details on EoMPLS are available at
http://www.cisco.com/warp/public/cc/pd/rt/7600osr/prodlit/emp76_tc.htm


> I see that the MSFC2 can do 650 Mbps+ of software-based forwarding. 
Is
> this only referring to first-time routing of packets when no MLS
entries
> are present in the cache?  If there are cached entries are they
> hardware-forwarded or are we still limited by the performance of the
> MSFC?

MSFC2 only does forwarding when there are no MLS entries in the
cache, yes, but this only would occur on the SUP1A architecture.  With
SUP2, the MSFC2 would only do forwarding when there are no CEF
adjacencies or when packets are not-cef-switched (first packet
generally).

The benefit of having the Catalyst 6500 would be to use MLS with SUP1A
whenever possible and CEF with SUP2 (or to the DFC-enabled linecards)
whenever possible.  This maximizes performance, because it's all done
in
hardware forwarding.

> We have a lot of interVLAN traffic and my worry is that as traffic
> volumes increase that our performance will suffer due to restraints
> present in the MSFC.

As long as everything stays in MLS (SUP1A) you will be ok.  There is
a hashing algorithm problem that causes a maximum of 128k
destination-only
based flows, but many people have found that realisitically this number
is
much lower due to a hash collision that will result in packets forced
up to
the MSFC (1 or 2, 

Re: Catalyst 6500 Confusion [7:9983]

[Allen May]

ROFL..I'm sorry but with all the CEF IOS CatOS SUP1 MSM VLAN stuff it just
looked funny to me...I'm easily amused ;)  I guess it's just the way every
other word came out an acronym...heh.
- Original Message -
From: "dre" 
To: 
Sent: Tuesday, June 26, 2001 2:49 PM
Subject: Re: Catalyst 6500 Confusion [7:9983]


> ""John Neiberger""  wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Okay, I'm thoroughly confused.  I'm doing some research on this platform
> > because we'll be purchasing one later this year or early next year.  The
> > documentation seems to be quite murky and the more I read, the less
> > clear the picture is.
>
> The entire Catalyst architecture is strange and piecemeal.  I understand
> your
> confusion and frustration.
>
> > I see a few different issues that I need help with.  The first is
> > software.  Which one to use?  CatOS?  Supervisor IOS?  If I can only do
> > CEF with IOS, then if we get CatOS are we totally hosed and limited to
> > software forwarding of interVLAN traffic?
>
> The original SUP1 MSM architecture of the Layer 3 Catalyst 6500 is
> different than the SUP1A MSFC architecture is different than the SUP2
> MSFC2 architecture.  You can use the MSFC2 on the SUP1A, but you
> don't get the advantage of CEF in Layer 3 switching like you would with
> the SUP2 MSFC2 combination.  SUP1A has to use MLS.  SUP2 has
> to use CEF.
>
> In the SUP2 MSFC2 architecture, CEF is downloaded from the MSFC2
> to the PFC2 (another card on the SUP2), so CEF now forwards in
> hardware.  This happens whether you are running CatOS (Hybrid) or
> Sup IOS (Native).  If you are using DFC-enabled linecards, the CEF
> table is also downloaded to each DFC (there can be up to two per
> linecard, depending on which ones you are using).  It is actually even
> more complex than this, but I don't want to make your head spin.
>
> The only real difference between CatOS and Sup IOS is support and
> features.
>
> CatOS + MSFC IOS is currently the software for the SUP2 MSFC2
> architecture.  This is changing in the next three months.  Everything
> currently only works properly for SUP2 MSFC2 under CatOS.
>
> But three months from now, Cisco is changing directions with the product
> and moving completely to Sup IOS.  All future work will be done for Sup
> IOS, but it is not available fully yet.  The newest features are being
> developed for Sup IOS like EoMPLS (which Cisco demonstrated on the
> Catalyst 6500 / 7600 OSR at SuperComm).  I believe that the Catalyst
> 6500 / 7600 OSR is the only product currently supporting EoMPLS (or
> any of the AToM technologies), even though it doesn't yet support
> MPLS-TE or MPLS-VPN.  More details on EoMPLS are available at
> http://www.cisco.com/warp/public/cc/pd/rt/7600osr/prodlit/emp76_tc.htm
>
> > I see that the MSFC2 can do 650 Mbps+ of software-based forwarding.  Is
> > this only referring to first-time routing of packets when no MLS entries
> > are present in the cache?  If there are cached entries are they
> > hardware-forwarded or are we still limited by the performance of the
> > MSFC?
>
> MSFC2 only does forwarding when there are no MLS entries in the
> cache, yes, but this only would occur on the SUP1A architecture.  With
> SUP2, the MSFC2 would only do forwarding when there are no CEF
> adjacencies or when packets are not-cef-switched (first packet generally).
>
> The benefit of having the Catalyst 6500 would be to use MLS with SUP1A
> whenever possible and CEF with SUP2 (or to the DFC-enabled linecards)
> whenever possible.  This maximizes performance, because it's all done in
> hardware forwarding.
>
> > We have a lot of interVLAN traffic and my worry is that as traffic
> > volumes increase that our performance will suffer due to restraints
> > present in the MSFC.
>
> As long as everything stays in MLS (SUP1A) you will be ok.  There is
> a hashing algorithm problem that causes a maximum of 128k destination-only
> based flows, but many people have found that realisitically this number is
> much lower due to a hash collision that will result in packets forced up
to
> the MSFC (1 or 2, doesn't matter).  More details can be found at:
> http://www.cisco.com/warp/public/473/35.html (at the bottom of the
> page).  Setting destination-only based flows (the default) and by tuning
> with MLS fast aging, you can possibly acheive up to 128k flows in MLS.
> The MSFC will handle a lot of packets, still, however the performance is
> not optimal compared to MLS.
>
> Even better would be to use SUP2 MSFC2 with DFC-enabled linecards.
> They do not suffer from the problems of ML

Re: Catalyst 6500 Confusion [7:9983]

[dre]

""John Neiberger""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Okay, I'm thoroughly confused.  I'm doing some research on this platform
> because we'll be purchasing one later this year or early next year.  The
> documentation seems to be quite murky and the more I read, the less
> clear the picture is.

The entire Catalyst architecture is strange and piecemeal.  I understand
your
confusion and frustration.

> I see a few different issues that I need help with.  The first is
> software.  Which one to use?  CatOS?  Supervisor IOS?  If I can only do
> CEF with IOS, then if we get CatOS are we totally hosed and limited to
> software forwarding of interVLAN traffic?

The original SUP1 MSM architecture of the Layer 3 Catalyst 6500 is
different than the SUP1A MSFC architecture is different than the SUP2
MSFC2 architecture.  You can use the MSFC2 on the SUP1A, but you
don't get the advantage of CEF in Layer 3 switching like you would with
the SUP2 MSFC2 combination.  SUP1A has to use MLS.  SUP2 has
to use CEF.

In the SUP2 MSFC2 architecture, CEF is downloaded from the MSFC2
to the PFC2 (another card on the SUP2), so CEF now forwards in
hardware.  This happens whether you are running CatOS (Hybrid) or
Sup IOS (Native).  If you are using DFC-enabled linecards, the CEF
table is also downloaded to each DFC (there can be up to two per
linecard, depending on which ones you are using).  It is actually even
more complex than this, but I don't want to make your head spin.

The only real difference between CatOS and Sup IOS is support and
features.

CatOS + MSFC IOS is currently the software for the SUP2 MSFC2
architecture.  This is changing in the next three months.  Everything
currently only works properly for SUP2 MSFC2 under CatOS.

But three months from now, Cisco is changing directions with the product
and moving completely to Sup IOS.  All future work will be done for Sup
IOS, but it is not available fully yet.  The newest features are being
developed for Sup IOS like EoMPLS (which Cisco demonstrated on the
Catalyst 6500 / 7600 OSR at SuperComm).  I believe that the Catalyst
6500 / 7600 OSR is the only product currently supporting EoMPLS (or
any of the AToM technologies), even though it doesn't yet support
MPLS-TE or MPLS-VPN.  More details on EoMPLS are available at
http://www.cisco.com/warp/public/cc/pd/rt/7600osr/prodlit/emp76_tc.htm

> I see that the MSFC2 can do 650 Mbps+ of software-based forwarding.  Is
> this only referring to first-time routing of packets when no MLS entries
> are present in the cache?  If there are cached entries are they
> hardware-forwarded or are we still limited by the performance of the
> MSFC?

MSFC2 only does forwarding when there are no MLS entries in the
cache, yes, but this only would occur on the SUP1A architecture.  With
SUP2, the MSFC2 would only do forwarding when there are no CEF
adjacencies or when packets are not-cef-switched (first packet generally).

The benefit of having the Catalyst 6500 would be to use MLS with SUP1A
whenever possible and CEF with SUP2 (or to the DFC-enabled linecards)
whenever possible.  This maximizes performance, because it's all done in
hardware forwarding.

> We have a lot of interVLAN traffic and my worry is that as traffic
> volumes increase that our performance will suffer due to restraints
> present in the MSFC.

As long as everything stays in MLS (SUP1A) you will be ok.  There is
a hashing algorithm problem that causes a maximum of 128k destination-only
based flows, but many people have found that realisitically this number is
much lower due to a hash collision that will result in packets forced up to
the MSFC (1 or 2, doesn't matter).  More details can be found at:
http://www.cisco.com/warp/public/473/35.html (at the bottom of the
page).  Setting destination-only based flows (the default) and by tuning
with MLS fast aging, you can possibly acheive up to 128k flows in MLS.
The MSFC will handle a lot of packets, still, however the performance is
not optimal compared to MLS.

Even better would be to use SUP2 MSFC2 with DFC-enabled linecards.
They do not suffer from the problems of MLS and things like OSPF ECMP
work a lot better using CEF.  The performance of CEF is much better.

Also, SUP2 MSFC2 with Sup IOS seems to be the product's overall
direction.

> Without IOS and CEF, once the MLS cache is populated, aren't any
> further packets hardware switched?  If that's the case, I don't see much
> need to get the Sup IOS.  I seem to remember someone complaining about
> the Sup IOS but I don't remember the details.  Hmm...I suppose I ought
> to check the archives, huh?  :-)
>
> Anyway, any help anyone could offer would be greatly appreciated!

CatOS is what most people are comfortable with.  It also support the
most features currently, but probably won't s

Catalyst 6500 Confusion [7:9983]

[John Neiberger]

Okay, I'm thoroughly confused.  I'm doing some research on this platform
because we'll be purchasing one later this year or early next year.  The
documentation seems to be quite murky and the more I read, the less
clear the picture is.  

I see a few different issues that I need help with.  The first is
software.  Which one to use?  CatOS?  Supervisor IOS?  If I can only do
CEF with IOS, then if we get CatOS are we totally hosed and limited to
software forwarding of interVLAN traffic?

I see that the MSFC2 can do 650 Mbps+ of software-based forwarding.  Is
this only referring to first-time routing of packets when no MLS entries
are present in the cache?  If there are cached entries are they
hardware-forwarded or are we still limited by the performance of the
MSFC?

We have a lot of interVLAN traffic and my worry is that as traffic
volumes increase that our performance will suffer due to restraints
present in the MSFC.

Without IOS and CEF, once the MLS cache is populated, aren't any
further packets hardware switched?  If that's the case, I don't see much
need to get the Sup IOS.  I seem to remember someone complaining about
the Sup IOS but I don't remember the details.  Hmm...I suppose I ought
to check the archives, huh?  :-)

Anyway, any help anyone could offer would be greatly appreciated!

Thanks,
John




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=9983&t=9983
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Pix command confusion [7:9275]

[Chuck Larrieu]

Cut and paste to and from a text editor. Keep the text files for reference.

Chuck

-Original Message-
From:   [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
NP-BASS LEON
Sent:   Thursday, June 21, 2001 7:48 AM
To: [EMAIL PROTECTED]
Subject:RE: Pix command confusion [7:9275]

can anyone direct me on the best way to edit conduit and static list when
they get up to 150-200 entries

-Original Message-
From: Allen May [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 21, 2001 10:33 AM
To: [EMAIL PROTECTED]
Subject: Re: Pix command confusion [7:9275]


Even better, start using access-list instead of conduit before it's phased
out.

static (inside,outside) 210.110.xx.xx 192.168.xx.xx netmask 255.255.255.255
access-list inbound_list permit tcp host 210.110.xx.xx any eq www
access-group inbound_list in interface outside

On your access-list inbound_list just put whatever protocol and port you
want to replace the tcp and www.  access-group only needs to be bound once
per access-list name & then any changes are done to the interface when you
add another to the list.

The new PIX Firewall manuals available for download have step by step
instructions on converting your old conduits to access-list statements.

Hope that helps

Allen

- Original Message -
From: "Greg"
To:
Sent: Wednesday, June 20, 2001 7:17 PM
Subject: Pix command confusion [7:9275]


> I have a pix 520 running version 5.2. I have to let a vendor come in to do
> some work on a Unix box. I'm a little confused as to what commands I need
to
> execute to do this (Nat, static, and/or conduit). For example how do I get
> pix to show 197.168.xx.xx to 210.110.xx.xx? Any info would be appreciated.
> Thanks
> Greg
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.230 / Virus Database: 111 - Release Date: 1/25/01




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=9341&t=9275
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: Pix command confusion [7:9275]

[NP-BASS LEON]

can anyone direct me on the best way to edit conduit and static list when
they get up to 150-200 entries

-Original Message-
From: Allen May [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 21, 2001 10:33 AM
To: [EMAIL PROTECTED]
Subject: Re: Pix command confusion [7:9275]


Even better, start using access-list instead of conduit before it's phased
out.

static (inside,outside) 210.110.xx.xx 192.168.xx.xx netmask 255.255.255.255
access-list inbound_list permit tcp host 210.110.xx.xx any eq www
access-group inbound_list in interface outside

On your access-list inbound_list just put whatever protocol and port you
want to replace the tcp and www.  access-group only needs to be bound once
per access-list name & then any changes are done to the interface when you
add another to the list.

The new PIX Firewall manuals available for download have step by step
instructions on converting your old conduits to access-list statements.

Hope that helps

Allen

- Original Message -
From: "Greg" 
To: 
Sent: Wednesday, June 20, 2001 7:17 PM
Subject: Pix command confusion [7:9275]


> I have a pix 520 running version 5.2. I have to let a vendor come in to do
> some work on a Unix box. I'm a little confused as to what commands I need
to
> execute to do this (Nat, static, and/or conduit). For example how do I get
> pix to show 197.168.xx.xx to 210.110.xx.xx? Any info would be appreciated.
> Thanks
> Greg
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.230 / Virus Database: 111 - Release Date: 1/25/01




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=9325&t=9275
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix command confusion [7:9275]

[Allen May]

Even better, start using access-list instead of conduit before it's phased
out.

static (inside,outside) 210.110.xx.xx 192.168.xx.xx netmask 255.255.255.255
access-list inbound_list permit tcp host 210.110.xx.xx any eq www
access-group inbound_list in interface outside

On your access-list inbound_list just put whatever protocol and port you
want to replace the tcp and www.  access-group only needs to be bound once
per access-list name & then any changes are done to the interface when you
add another to the list.

The new PIX Firewall manuals available for download have step by step
instructions on converting your old conduits to access-list statements.

Hope that helps

Allen

- Original Message -
From: "Greg" 
To: 
Sent: Wednesday, June 20, 2001 7:17 PM
Subject: Pix command confusion [7:9275]


> I have a pix 520 running version 5.2. I have to let a vendor come in to do
> some work on a Unix box. I'm a little confused as to what commands I need
to
> execute to do this (Nat, static, and/or conduit). For example how do I get
> pix to show 197.168.xx.xx to 210.110.xx.xx? Any info would be appreciated.
> Thanks
> Greg
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.230 / Virus Database: 111 - Release Date: 1/25/01




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=9322&t=9275
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Pix command confusion [7:9275]

[Sam]

static (inside,outside) 210.110.xx.xx 192.168.xx.xx netmask 255.255.255.255
conduit permit tcp host 210.110.xx.xx eq [port] host 210.xxx.xx.xx

The conduit permit command restricts access to the port specified.  It also
restricts access by foreign IP

If you want to open it the port to any IP (I wouldn't do this)
conduit permit tcp host 210.110.xx.xx eq [port] any

you should search cisco.com for the commands for more info.
Hope it helps

""Greg""  wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I have a pix 520 running version 5.2. I have to let a vendor come in to do
> some work on a Unix box. I'm a little confused as to what commands I need
to
> execute to do this (Nat, static, and/or conduit). For example how do I get
> pix to show 197.168.xx.xx to 210.110.xx.xx? Any info would be appreciated.
> Thanks
> Greg
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.230 / Virus Database: 111 - Release Date: 1/25/01




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=9278&t=9275
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Pix command confusion [7:9275]

[Greg]

I have a pix 520 running version 5.2. I have to let a vendor come in to do
some work on a Unix box. I'm a little confused as to what commands I need to
execute to do this (Nat, static, and/or conduit). For example how do I get
pix to show 197.168.xx.xx to 210.110.xx.xx? Any info would be appreciated.
Thanks
Greg

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.230 / Virus Database: 111 - Release Date: 1/25/01




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=9275&t=9275
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

sh ip eigrp topology confusion [7:4363]

[Dennis R]

I'm chewing on my BSCN studies, any help appreciated.

BSCN book (Paquet/Teare, p. 254, last paragraph), "The topology table 
contains all destinations advertised by the neighboring routers. The show ip 
eigrp topology all-links command displays all the IP entries in the topology 
table. The show ip eigrp topology command displays only the successor and 
feasible successor for IP routes."

Real world production environment output from these commands (names and such 
altered to protect the guilty). I've chosen 1 network from the output for 
the example.

ReallyBigHost#sh ip ei top
IP-EIGRP Topology Table for AS(15)/ID(10.15.8.51)

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
   r - Reply status

P 10.1.55.60/30, 1 successors, FD is 6026496
 via 10.5.8.52 (6026496/6023936), FastEthernet0/0


BigHost1#sh ip ei top all
P 10.1.55.60/30, 1 successors, FD is 6026496, serno 4232337
 via 10.5.8.52 (6026496/6023936), FastEthernet0/0
 via 10.2.54.66 (161536000/161024000), Serial2/2:0.245

 via 10.2.55.2 (41536000/41024000), Serial2/2:0.323

 via 10.2.54.78 (41536000/41024000), Serial2/2:0.248
 via 10.2.54.70 (21536000/21024000), Serial2/2:0.246

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
   r - Reply status

My questions: Where are the feasible successors in the output from sh ip ei 
top? There is one very obvious FS candidate in the topology all listing -- 
(21536000/21024000) on Serial2/2:0.246 is a better metric than anything but 
fa0/0. Is this an error in the Cisco book, or am I missing something? Is 
there some way to get the router to display the FS? Or doesn't this router 
think there IS an FS (and if so, why not)?

Related bonus question: How on earth is THIS possible? (Again, real world 
output):

ReallyBigHost#sh ip ei top all
P 10.1.37.44/30, 1 successors, FD is 4357120, serno 3900620
 via 10.1.36.2 (4357120/3845120), Serial2/2:0.28
 via 10.1.36.2 (4382720/3870720), Serial2/2:0.28

How can there be two different metrics for the same destination via the same 
neighbor if the route is passive? The K values in this network are set to 
the defaults, so it's not a matter of the load or reliability changing and 
rejiggering the metric ... and even in that case, why would the router keep 
both metrics instead of the newest one?

Puzzled and such,
doctorcisco
_
Get your FREE download of MSN Explorer at http://explorer.msn.com




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=4363&t=4363
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Async, Dialers and Line Confusion [7:1488]

[David Chandler]

You have hit on the most difficult thing to keep straight for the BCRAN test.

First my ramblings:
I am probably wrong but it seems that somewhere around 10.3 code the IOS
command
"structures" were changed.  For example Async-Groups are very similar in
function to the Dialer Groups.  For some reason instead of expanding the
capabilities for the old commands they re-wrote them and left the old stuff
in
the IOS for backward compatibility.  So now there is a odd mix of commands
which
do almost the same thing; makes it very confusing.

TO ALL: PLEASE CORRECT ME IF I AM OFF MY NUT ;-}

Lines:  TTY  (VTY is a little different)
The Line is like a software driver for your modem.
Lines correspond to the software that directly controls the Physical Layer of
the ports.  "Sh Line" will indicate the relation between line # and physical
port #.  Line commands control the physical aspects  of the line.  Many of
the
line commands are obviously meant to control physical aspects of the ports.  
Others like autoselect, autocommand, login, are not so obvious; but really
direct data received on the port to other control functions.  Example
autoselect
PPP tells the TTY port to read the characters as part of a PPP frame.  You
don't
have to do this for other type interfaces on a router becasue the Physical
characteristics are hardcoded into the port.

Async Int:
The Async Int are like the protocol drivers on your PC.  
It binds the protocol services (IP, IPX, etc) to a line.  Async int defines
the
layer 2 (PPP or SLIP etc..) encapsulation and the layer 3 protocols.  

*note if dialer interfaces or Aysnc-groups are used you may see commands
duplicated between the async interfaces and the dialer Int/Async Group. 
Depending on the situation inbound call, outboud, DDR etc,; only one of the
two
duplicated commands are looked at by the router.  Also a confusing issue  :}
   
Dialer interfaces and Async-Groups:
They tie several Async ports together to allow you to access the async/lines
in
a flexible manner.   


It sounds that your are doing fine; It is confusing but sound like you have a
pretty fair grasp on it.  If you do start to "Truly Understand" this stuff;
you
need to take a LONG Vacation..


DaveC

Albert Lu wrote:
> 
> Hello Group,
> 
> I'm getting a little confused about configuring Async, Dialers and Lines.
> 
> I've been reading the BCRAN book and looking at the sample config
>
http://www.cisco.com/warp/public/779/smbiz/service/configs/async/async_ip_st
> atic_aux.htm
> 
> I'm not sure how to configure 'Line' for modems. There are a few ways of
> doing it that I have seen, using 'modem autoconfigure discovery', setting
> speed/stopbits/flowcontrol, and specifying a modem type from the modemcap.
> I'm confused by the various ways, and would like to know what really is
> necessary.
> 
> Secondly, the relation between Lines and Async interfaces are abit blurry
> for me as well. From my knowledge, Lines are used to configure modem
related
> stuff and Async are used to config higher level things such as ppp and
> dialer. Am I close?
> 
> Finally, I see in the config from the Cisco site that they use an Async
> interface and a Dialer interface. I was trying to configure the Async
> interface and putting the 'dial map' command in the Async interface, and
now
> I see it in the Dialer interface. Isn't Dialer interfaces only necessary if
> you want to bundle multiple Async/BRI interfaces together into one logical
> Dialer interface?
> 
> I must say that Line/Async/Dialer configs are the most longest, confusing
> and least intituitive for something this simple. Most of the time I
remember
> most of the configs that are necessary, but sometimes miss out on a few
> which makes it not work.
> 
> Anyone have any tips they wish to share to help remember, or is it just
> something I will get a hang of after awhile?
> 
> Thanks
> 
> Albert
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1496&t=1488
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Async, Dialers and Line Confusion [7:1488]

[Albert Lu]

Hello Group,

I'm getting a little confused about configuring Async, Dialers and Lines.

I've been reading the BCRAN book and looking at the sample config
http://www.cisco.com/warp/public/779/smbiz/service/configs/async/async_ip_st
atic_aux.htm

I'm not sure how to configure 'Line' for modems. There are a few ways of
doing it that I have seen, using 'modem autoconfigure discovery', setting
speed/stopbits/flowcontrol, and specifying a modem type from the modemcap.
I'm confused by the various ways, and would like to know what really is
necessary.

Secondly, the relation between Lines and Async interfaces are abit blurry
for me as well. From my knowledge, Lines are used to configure modem related
stuff and Async are used to config higher level things such as ppp and
dialer. Am I close?

Finally, I see in the config from the Cisco site that they use an Async
interface and a Dialer interface. I was trying to configure the Async
interface and putting the 'dial map' command in the Async interface, and now
I see it in the Dialer interface. Isn't Dialer interfaces only necessary if
you want to bundle multiple Async/BRI interfaces together into one logical
Dialer interface?

I must say that Line/Async/Dialer configs are the most longest, confusing
and least intituitive for something this simple. Most of the time I remember
most of the configs that are necessary, but sometimes miss out on a few
which makes it not work.

Anyone have any tips they wish to share to help remember, or is it just
something I will get a hang of after awhile?

Thanks

Albert




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1488&t=1488
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: WIC Confusion

[tv]

I think you answered this yourself.  Find out what type of line it is.  Is
it a DDS, or T-1 access?  That will tell you which mod to use.

tv
- Original Message -
From: "David Sanderson" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, January 17, 2001 8:40 PM
Subject: WIC Confusion


> My telco has installed a 64K line.  I thought I could use a T1 WIC, and
set
> the bandwidth to 64 and/or use the command service-module timeslot 1 to
run
> this point-to-point leased line.  Is this only possible if the line is
> fractional T1?(the question probably should be "what is the line, 64K or
> fract. T1)  But my telco provider says that the cisco 1602 built-in 56K
> module should be used for this line(the 1602 has a T1 module that I bought
> for this line; and of course the built-in 56K).  A Cisco rep. said no, it
> has to be a T1 module.  I also have another available module in my 3640
here
> at work that has a 56/64K stamped on the back of the hardware module
itself.
> But when I show int. for that module it says 56K module(bandwidth 1544,
> unless I set it to 64k).  Which should I use or can I use either/all if
> configured correctly? Can someone help clear this up?  Thanks for any
help.
>
> _
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: WIC Confusion

[ItsMe]

A 56/64k 4 wire will only work with the same interface. Its not T1 timing
signal compatable.
A Fract/T1 is usually provisioned at 128K and above but is configurable at
64K with one timeslot.
Its much more expensive/month so unless you know the potential for needed
bandwith increases are a given, it won't warrent the added monthly expense.

"David Sanderson" <[EMAIL PROTECTED]> wrote in message
EF2576A9A885D311A4930090278A3B185C544F@EXCHANGE">news:EF2576A9A885D311A4930090278A3B185C544F@EXCHANGE...
> My telco has installed a 64K line.  I thought I could use a T1 WIC, and
set
> the bandwidth to 64 and/or use the command service-module timeslot 1 to
run
> this point-to-point leased line.  Is this only possible if the line is
> fractional T1?(the question probably should be "what is the line, 64K or
> fract. T1)  But my telco provider says that the cisco 1602 built-in 56K
> module should be used for this line(the 1602 has a T1 module that I bought
> for this line; and of course the built-in 56K).  A Cisco rep. said no, it
> has to be a T1 module.  I also have another available module in my 3640
here
> at work that has a 56/64K stamped on the back of the hardware module
itself.
> But when I show int. for that module it says 56K module(bandwidth 1544,
> unless I set it to 64k).  Which should I use or can I use either/all if
> configured correctly? Can someone help clear this up?  Thanks for any
help.
>
> _
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

WIC Confusion

[David Sanderson]

My telco has installed a 64K line.  I thought I could use a T1 WIC, and set
the bandwidth to 64 and/or use the command service-module timeslot 1 to run
this point-to-point leased line.  Is this only possible if the line is
fractional T1?(the question probably should be "what is the line, 64K or
fract. T1)  But my telco provider says that the cisco 1602 built-in 56K
module should be used for this line(the 1602 has a T1 module that I bought
for this line; and of course the built-in 56K).  A Cisco rep. said no, it
has to be a T1 module.  I also have another available module in my 3640 here
at work that has a 56/64K stamped on the back of the hardware module itself.
But when I show int. for that module it says 56K module(bandwidth 1544,
unless I set it to 64k).  Which should I use or can I use either/all if
configured correctly? Can someone help clear this up?  Thanks for any help.

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: confusion

[Mr.K.RAMESH BABU]

You have to enter ur sylven number to login.
Logo they will mail you if u give ur details in that site
Congratulations on ur success and new year wishes

Rameshbabu

On Fri, 29 Dec 2000, Kamran Sheikh wrote:

> Dear Sir /Madam,
> 
> I have some confusion on registration on cisco
> tracking system. Kindly tell me i have my cisco ID i
> have cleared the CCNA 2.0 exam in previous month.
> 
> I have tried on tracking system but it cannot be
> login. please help me.
> 
> And another thing where CCNA 2.0 logo resides ?
> 
> Waiting of your response.
> 
> Regards,
> Kamran
> 
> __
> Do You Yahoo!?
> Yahoo! Photos - Share your holiday photos online!
> http://photos.yahoo.com/
> 
> _
> FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: confusion

[Chuck Larrieu]

The CCNA logo can be downloaded once you are logged into the tracking
system.  Catch 22.

It's been a while, but my recollection is that the login is your SSN or test
i.d.  I may have had to call Sylvan to get the information.

Congratulations on your achievement.

Chuck


-Original Message-
From:   [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Kamran Sheikh
Sent:   Friday, December 29, 2000 11:11 PM
To: Cisco System
Subject:    confusion

Dear Sir /Madam,

I have some confusion on registration on cisco
tracking system. Kindly tell me i have my cisco ID i
have cleared the CCNA 2.0 exam in previous month.

I have tried on tracking system but it cannot be
login. please help me.

And another thing where CCNA 2.0 logo resides ?

Waiting of your response.

Regards,
Kamran

__
Do You Yahoo!?
Yahoo! Photos - Share your holiday photos online!
http://photos.yahoo.com/

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

confusion

[Kamran Sheikh]

Dear Sir /Madam,

I have some confusion on registration on cisco
tracking system. Kindly tell me i have my cisco ID i
have cleared the CCNA 2.0 exam in previous month.

I have tried on tracking system but it cannot be
login. please help me.

And another thing where CCNA 2.0 logo resides ?

Waiting of your response.

Regards,
Kamran

__
Do You Yahoo!?
Yahoo! Photos - Share your holiday photos online!
http://photos.yahoo.com/

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: QoS Confusion!

[Cory Cipra]

Basically, with frame-relay you will want to do a few things:

1.)  Insure a layer 3 QoS method

Since you are going to use both video and voice, you will want to use LLQ.
LLQ is basically CBWFQ + a priority queue.  With LLQ you make policy maps
and class maps.  The policy consists of being able to assign bandwith
queuing types for traffic classified by an access-list.  For example, say
you have data, voice, and video on a lower speed frame-relay PVC.  You can
create a policy map and within that policy map have different class maps.
The class maps define what traffic is "interesting."  This is done with
ACLs.  The policy map take each class map and defines potential queueing
types, bandwidth allotment, and potentially priority queue assignment.

2.)  Insure a layer 2 QoS method

With frame relay, you will be subject to serialization delay.  Since
frame-relay has a variable packet size, even if you are using a good layer 3
QoS mechanism, you will be prone to jitter and delay without link
fragmentation and interleaving (LFI).  LFI is the basis which you can
fragment packets to be then placed on the link to insure that one large
packet does not cause the others to suffer a delay.  With frame relay FRF.12
is the recommended LFI mechanism.

3.)  Traffic shape to the CIR

Lastly, frame-relay is a packet based service.  Since it is as such, it is
subject to network oversubscription and packet discard.  The carrier that
you get your frame relay service from will give you a CIR.  The CIR will be
your guaranteed traffic rate.  Anything above the CIR will be discard
eligible.  To insure that you do not exceed your CIR with voice, you must
use frame relay traffic shaping.

These are all IOS features that enable you to adequately classify,
prioritize, queue, shape, and send your voice, video, and data.

Here is a good link on CCO

http://www.cisco.com/univercd/cc/td/doc/product/voice/ip_tele/network/dgqos.
htm

You can also do searches on LLQ, CBWFQ, FRF.12, frame-relay traffic shaping,
etc...

Good luck.

Cory Cipra
[EMAIL PROTECTED]


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
John Neiberger
Sent: Saturday, December 02, 2000 12:15 AM
To: [EMAIL PROTECTED]
Subject: QoS Confusion!


[Warning:  I should have broken this up into several separate questions, but
it's late and I'm feeling lazy.]

We are currently implementing video over IP over frame relay.  Our video
conferencing units have the capability to set the IP precedence of their
traffic.  I initially thought that we'd have to configure custom queueing to
adequately address any congestion problems, but I've now decided to use
simple WFQ since it takes IP precedence into account.

This is working, but I wish I could find more documentation about the
different queueing mechanisms and the details of their operation and
configuration.  I've scoured CCO and can't find any understandable
explanations of custom queueing.

I'm also confused about when these queueing mechanims activate.  Take WFQ,
for instance.  I can tell by typing "show queue s0/0" that there are no
conversations in queue, and I understand this to mean that the link is so
far from being congested that we're not really queueing anything and doing
FIFO instead.  Now, from time to time, I see a few conversations in the
queue and notice that the video packets are marked correctly and do not get
dropped, at the expense of some other less important traffic.

At what point does queueing actually begin?  At full link congestion?  That
would be a little late, in my opinion.

To those of you with experience in such things:  do you feel that WFQ is
adequate in this situation?  It appears to be working great so far, but our
links are generally not very congested...yet.

Now, the kicker.  In the not-so-distant-future we are moving to voice over
IP, as well, except this is over our entire network instead of just 3 or 4
locations.  The phone system we use sets the IP precedence of the voice
packets before they enter the network.  Would WFQ be enough for all of our
traffic?  We've got a lot of different traffic types on our links, and
though they are not currently overtaxed (unlike me) I am worried about
congestion.

Should I consider custom or priority queueing when we implement VoIP?  And
what are the implications of trying to configure any type of queueuing on
frame relay interfaces that have several subinterfaces?

This could turn into one big hairy mess!

Okay, I'm done raving for the time being.  Any advice from the battle-worn
veterans would be greatly appreciated.

Thanks!

John





___
Tired of slow Internet? Get @Home Broadband Internet
http://www.home.com/xinbox/signup.html

_
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violat

Re: QoS Confusion!

[Kevin Wigle]

go and download a presentation about QoS and testing VoIP:

http://www.empowerednetworks.com/notes

Excellent discussion on the effects of jitter and bandwidth with diagrams
using WFQ

Kevin Wigle

- Original Message -
From: John Neiberger <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, December 02, 2000 1:14 AM
Subject: QoS Confusion!


> [Warning:  I should have broken this up into several separate questions,
but
> it's late and I'm feeling lazy.]
>
> We are currently implementing video over IP over frame relay.  Our video
> conferencing units have the capability to set the IP precedence of their
> traffic.  I initially thought that we'd have to configure custom queueing
to
> adequately address any congestion problems, but I've now decided to use
> simple WFQ since it takes IP precedence into account.
>




_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

QoS Confusion!

[John Neiberger]

[Warning:  I should have broken this up into several separate questions, but
it's late and I'm feeling lazy.]

We are currently implementing video over IP over frame relay.  Our video
conferencing units have the capability to set the IP precedence of their
traffic.  I initially thought that we'd have to configure custom queueing to
adequately address any congestion problems, but I've now decided to use
simple WFQ since it takes IP precedence into account.

This is working, but I wish I could find more documentation about the
different queueing mechanisms and the details of their operation and
configuration.  I've scoured CCO and can't find any understandable
explanations of custom queueing.  

I'm also confused about when these queueing mechanims activate.  Take WFQ,
for instance.  I can tell by typing "show queue s0/0" that there are no
conversations in queue, and I understand this to mean that the link is so
far from being congested that we're not really queueing anything and doing
FIFO instead.  Now, from time to time, I see a few conversations in the
queue and notice that the video packets are marked correctly and do not get
dropped, at the expense of some other less important traffic.

At what point does queueing actually begin?  At full link congestion?  That
would be a little late, in my opinion.

To those of you with experience in such things:  do you feel that WFQ is
adequate in this situation?  It appears to be working great so far, but our
links are generally not very congested...yet.

Now, the kicker.  In the not-so-distant-future we are moving to voice over
IP, as well, except this is over our entire network instead of just 3 or 4
locations.  The phone system we use sets the IP precedence of the voice
packets before they enter the network.  Would WFQ be enough for all of our
traffic?  We've got a lot of different traffic types on our links, and
though they are not currently overtaxed (unlike me) I am worried about
congestion.

Should I consider custom or priority queueing when we implement VoIP?  And
what are the implications of trying to configure any type of queueuing on
frame relay interfaces that have several subinterfaces?  

This could turn into one big hairy mess!

Okay, I'm done raving for the time being.  Any advice from the battle-worn
veterans would be greatly appreciated.  

Thanks!

John





___
Tired of slow Internet? Get @Home Broadband Internet
http://www.home.com/xinbox/signup.html

_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: TCN BPDU confusion

[Bob Watson]

In my experience you would always want to turn portfast on in end point
segments especially those simply connected to workstations and servers
since they shouldn't be participating in creating ne type of bridging loop
issues
"Rampley, Jim" wrote:
 
I'm reading the Cisco LAN switching
book (great book)!  I've got a question about topology change notification
BPDU's.  If you have a port on a switch that is NOT using portfast
with say a workstation or server connected.  When that port comes
up spanning tree will run.  My question is once it goes into the forwarding
state will a TCN BPDU be sent?  There are three rules that say when
a TCN BPDU will be sent.  The rule that I think applies is "When a
port is put in the forwarding state and the bridge has at least one designated
port."
I realize most of the time you would
want to use portfast in this situation since you don't want to be running
spanning tree while the machine is trying to booting up.  I just didn't
realize you would actually be saving traffic on your network and also the
effects of having to flush the CAM quicker.  Someone could actually
tweak the STP timers down so they wouldn't have to use portfast, but you
could have a flood of TCN BPDU's every morning.
Jim
 
***
WARNING: All e-mail sent to and from this address
will be received or
otherwise recorded by the A.G. Edwards corporate
e-mail system and is
subject to archival, monitoring or review by, and/or
disclosure to,
someone other than the recipient.
***

TCN BPDU confusion

[Rampley, Jim]

Title: TCN BPDU confusion






I'm reading the Cisco LAN switching book (great book)!  I've got a question about topology change notification BPDU's.  If you have a port on a switch that is NOT using portfast with say a workstation or server connected.  When that port comes up spanning tree will run.  My question is once it goes into the forwarding state will a TCN BPDU be sent?  There are three rules that say when a TCN BPDU will be sent.  The rule that I think applies is "When a port is put in the forwarding state and the bridge has at least one designated port."

I realize most of the time you would want to use portfast in this situation since you don't want to be running spanning tree while the machine is trying to booting up.  I just didn't realize you would actually be saving traffic on your network and also the effects of having to flush the CAM quicker.  Someone could actually tweak the STP timers down so they wouldn't have to use portfast, but you could have a flood of TCN BPDU's every morning.

Jim




***
WARNING:  All e-mail sent to and from this address will be received or
otherwise recorded by the A.G. Edwards corporate e-mail system and is
subject to archival, monitoring or review by, and/or disclosure to,
someone other than the recipient.
***

Re: confusion on bandwidth

[Justin Marcus]

hey :)

its um bandwidth 19200 for 19.2mb
if u wanted it 64k then u'd do 'bandwidth 64'

Justin... :)

On Mon, 25 Sep 2000, Wale Jones wrote:

> Hello group,
> 
> Can anyone out there shed a light on the right format to configure a 
> bandwidth on a serial interface.
> 
> ie, to configure say 19200 on an interface, do you input
> 
>   #bandwidth 19200
> 
> OR
> 
>  #bandwidth 19
> 
> As the IOS do not support decimal, and when you do a show interface with 
> 19200 configured what you see is 19200Kbs; meaning that the bandwidth has 
> therefor been configured for 19.2Mbs
> 
> 
> Regards.
> 
> Ejola, T
> 
> 
> _
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
> 
> Share information about yourself, create your own public profile at 
> http://profiles.msn.com.
> 
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> 

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

confusion on bandwidth

[Wale Jones]

Hello group,

Can anyone out there shed a light on the right format to configure a 
bandwidth on a serial interface.

ie, to configure say 19200 on an interface, do you input

  #bandwidth 19200

OR

 #bandwidth 19

As the IOS do not support decimal, and when you do a show interface with 
19200 configured what you see is 19200Kbs; meaning that the bandwidth has 
therefor been configured for 19.2Mbs


Regards.

Ejola, T


_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF AREA Confusion

[Atul Udupi]

Ok,
  When both the links are active ,  How will the internal router comes to know
that which link to use ?  To be specific, If a make a router ( Internal router )
to be present in area 1 and area 2,  I want This Internal router to take the
link through the area1 and not area 2. In case the link which is in area 1 fails
then only My router to go through the area 2 link.
   Hope i am clear in giving all the details. If you need some more details
please ask me.

Atul Kumar.U



"Cthulu, CCIE Candidate" wrote:

> If I read your message correctly, you have:
>
> Internal Routers(2)   Area 1   ABRArea0  ABR Area 2 Internal Routers(2)
>
> A router in area 1 now has a link to area 2 (in other words, it has an
> interface in area 1 and 2).
>
> What you want will happen automatically.  Remember that OSPF enabled routers
> have a complete picture of the network with themselves as the chewy creamy
> center.   If a link goes down, that Dij algorithm gets recalculated, and
> voila, a new picture of the network, with the failed link kicked aside.
>
> Did I understand your question correctly?  If not, let me know.
>
> HTH,
>
> Charles
>
> "vasu" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Greetings,
> > Guys
> >  I am little bit confused with OSPF Configuration.   Please help me
> > out.
> >  1.Just imagine that i need 3 area's to be configured including area
> > 0.
> >  2. Assume that i have 2 routers in area 0
> > and  Area 1 and  Area 2  are having  2 routers each.
> >  3. Just imagine one of the router which was in area 1 gets new
> > link and that to
> > be  connceted to area 2  for fault tolerance.  That means i want
> > the serial link which was only in area 1 to be functional by default
> > and suppose if the link which is configured in area 1 fails the router
> > should take area 2 link.
> >  4. All  these areas are interconnected via serial links.
> >
> >  Hope this is sufficient to get the best solution
> >   This is the problem what i am facing. Help me out.
> >
> > Atul
> >
> >
> >
> > **NOTE: New CCNA/CCDA List has been formed. For more information go to
> > http://www.groupstudy.com/list/Associates.html
> > _
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF AREA Confusion

[Cthulu, CCIE Candidate]

Ed,

You have a point... I answered this too thoughtlessly.

Internal Routers(2)   Area 1   ABRArea0  ABR Area 2 Internal Routers(2)
ABR Area 1

The basic question is if there is an ABR that has interfaces in area 1 and
2, will it send the updates to area 0 once area 0 loses its interface to
area 1?

If the ABR of area 2 has an interface in area 1 and area 0, then area 0 will
learn about area 1 routes via this ABR even if the ABR of area 0 loses its
link to area 1. (ABR is connecting 3 areas)

If the ABR of area 2 has an interface in area 1 but not in area 0 (assuming
area 2 has another ABR with an interface in area 2 and in area 0, then area
0 will not learn about the route in area 1. You can implement virtual links
to work around this.

I violated OSPF's most fundamental principle with my quick answer:  all
areas must touch area 0.

Sorry for any confusion, and thanks Ed for calling me on it!

Charles








>From: "Edward Moss" <[EMAIL PROTECTED]>
>To: "\"Cthulu, CCIE Candidate\"" <[EMAIL PROTECTED]>
>Subject: Re: OSPF AREA Confusion
>Date: Sun, 24 Sep 2000 19:05:36 -0500
>
>I dont think the statement is quite true
>If the link between area 0 and 1 goes down,
>There is still a link between area 1 and 2.
>
>But area 0 will have no knowledge of area 1 any more since the link is
down.
>A virtual link would be needed to connect area 1 and 0 via area 2.
>
>Ed
>
>

""Cthulu, CCIE Candidate"" <[EMAIL PROTECTED]> wrote in message
8qid12$2qi$[EMAIL PROTECTED]">news:8qid12$2qi$[EMAIL PROTECTED]...
>
>
> If I read your message correctly, you have:
>
> Internal Routers(2)   Area 1   ABRArea0  ABR Area 2 Internal
Routers(2)
>
> A router in area 1 now has a link to area 2 (in other words, it has an
> interface in area 1 and 2).
>
> What you want will happen automatically.  Remember that OSPF enabled
routers
> have a complete picture of the network with themselves as the chewy creamy
> center.   If a link goes down, that Dij algorithm gets recalculated, and
> voila, a new picture of the network, with the failed link kicked aside.
>
> Did I understand your question correctly?  If not, let me know.
>
> HTH,
>
> Charles
>
>
>
> "vasu" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Greetings,
> > Guys
> >  I am little bit confused with OSPF Configuration.   Please help me
> > out.
> >  1.Just imagine that i need 3 area's to be configured including area
> > 0.
> >  2. Assume that i have 2 routers in area 0
> > and  Area 1 and  Area 2  are having  2 routers each.
> >  3. Just imagine one of the router which was in area 1 gets new
> > link and that to
> > be  connceted to area 2  for fault tolerance.  That means i want
> > the serial link which was only in area 1 to be functional by default
> > and suppose if the link which is configured in area 1 fails the router
> > should take area 2 link.
> >  4. All  these areas are interconnected via serial links.
> >
> >  Hope this is sufficient to get the best solution
> >   This is the problem what i am facing. Help me out.
> >
> > Atul
> >
> >
> >
> > **NOTE: New CCNA/CCDA List has been formed. For more information go to
> > http://www.groupstudy.com/list/Associates.html
> > _
> > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info: http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> >
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CDP Confusion

[Lauren Child]

"Scoles, Damian" wrote:

> routers).  What I am confused about is that I read somewhere that it can
> pick up the layer 3 (or was it layer 2?) address on interface cards on the
> devices it discovers. 

CDP includes information on layer 3 addresses etc. but doesnt use them
to transmit the CDP frame, so its a layer 2 protocol, that just makes a
note of layer 3 info and lets the other routers its sent to know so they
can put the extra info in their cdp tables.

TTFN
Lauren

--
[EMAIL PROTECTED]   Lauren Child, BSc. CCNP-ATM & CCDP Certified
http://www.laurenchild.net/  http://www.routerfaq.net/


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CDP Confusion

[Ejay Hire]

_Cisco _Discovery _Protocol is a Cisco proprietary protocol for neighbor 
discovery.  It transmits a Layer-2 Multicast out of all enable interfaces at 
regular intervals.  These multicasts contain (among other things) an 
interface list, Layer 3 addresses, and the router hostname.  When a router 
recieves the CDP multicast, It adds the neighbor to it's CDP table.

CDP cannot enable two devices to route to each other.  This functionality is 
provided by a routing protocol.

A similar function to the one you are asking about is Proxy ARP.  Take a 
look at www.cisco.com for more information on Proxy Arp and CDP.
Original Message Follows
From: "Scoles, Damian" <[EMAIL PROTECTED]>
Reply-To: "Scoles, Damian" <[EMAIL PROTECTED]>
To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
Subject: CDP Confusion
Date: Sat, 23 Sep 2000 19:20:03 -0500

I am trying to figure out exactly what CDP does.  IF I understand it
correctly it simply finds fellow cisco devices on the network (switches,
routers).  What I am confused about is that I read somewhere that it can
pick up the layer 3 (or was it layer 2?) address on interface cards on the
devices it discovers.  If this is true and 2 routers, who are in the same
network, discover each other, could they route packets to each other without
a routing process installed?  Thanks.


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

_
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CDP Confusion

[vlan2]

CDP does not "find fellow devices", it is more like a beacon, periodically
anouncing itself to anyone who would listen.  If you would like to listen,
type in:

show cdp neighbors

If CDP is enabled on other Cisco network devices, you will see something
like:

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
   S - Switch, H - Host, I - IGMP, r - Repeater

 Device IDLocal Intrfce HoldtmeCapability  Platform
Port ID
 069031368(5505a)Vlan1   131 T B S  WS-C5500
7/1
 069031369(5505b)Vlan1   131 T B S  WS-C5500
7/2
 069031275(5505c)Vlan1   131 T B S  WS-C5500
7/3
 069031219(5505d)Vlan1   131 T B S  WS-C5500
7/4

In the above example, it found a switch.  If it finds a router, and the
interface has an IP address assigned to it and the interface is up, CDP will
indicate the IP address of that interface.  CDP only shows you Cisco devices
that are neighbors, you can't see the entire networkor can you?

You can telnet to the neighboring router, then from that router, enter "sh
cdp nei" and see who is adjacent to *that* router, and telnet to them and do
it over and over until you have mapped the entire network!  But wait, the
downside is it doesn't always work.  ;(

To see CDPs variables enter:  sh cdp

  Global CDP information:
  Sending CDP packets every 60 seconds
  Sending a holdtime value of 180 seconds


Even though Cisco calls it a "discovery" protocol, if there is going to be
any discovery, you are going to have to do the work.

HTH.vlan2






> I am trying to figure out exactly what CDP does.  IF I understand it
> correctly it simply finds fellow cisco devices on the network (switches,
> routers).  What I am confused about is that I read somewhere that it can
> pick up the layer 3 (or was it layer 2?) address on interface cards on the
> devices it discovers.  If this is true and 2 routers, who are in the same
> network, discover each other, could they route packets to each other
without
> a routing process installed?  Thanks.
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: CDP Confusion

[Erick B.]

CDP is a data-link layer protocol and includes
information such as interface address's, IOS version,
etc. If you use On demand routing then the router
configured for ODR will place routes in the routing
table from CDP packets. ODR is configured on one
router only - not both ends. 

--- "Scoles, Damian" <[EMAIL PROTECTED]> wrote:
> I am trying to figure out exactly what CDP does.  IF
> I understand it
> correctly it simply finds fellow cisco devices on
> the network (switches,
> routers).  What I am confused about is that I read
> somewhere that it can
> pick up the layer 3 (or was it layer 2?) address on
> interface cards on the
> devices it discovers.  If this is true and 2
> routers, who are in the same
> network, discover each other, could they route
> packets to each other without
> a routing process installed?  Thanks.
> 
> 
> **NOTE: New CCNA/CCDA List has been formed. For more
> information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines:
> http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]


__
Do You Yahoo!?
Send instant messages & get email alerts with Yahoo! Messenger.
http://im.yahoo.com/

**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

CDP Confusion

[Scoles, Damian]

I am trying to figure out exactly what CDP does.  IF I understand it
correctly it simply finds fellow cisco devices on the network (switches,
routers).  What I am confused about is that I read somewhere that it can
pick up the layer 3 (or was it layer 2?) address on interface cards on the
devices it discovers.  If this is true and 2 routers, who are in the same
network, discover each other, could they route packets to each other without
a routing process installed?  Thanks.


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: OSPF AREA Confusion

[Cthulu, CCIE Candidate]

If I read your message correctly, you have:

Internal Routers(2)   Area 1   ABRArea0  ABR Area 2 Internal Routers(2)

A router in area 1 now has a link to area 2 (in other words, it has an
interface in area 1 and 2).

What you want will happen automatically.  Remember that OSPF enabled routers
have a complete picture of the network with themselves as the chewy creamy
center.   If a link goes down, that Dij algorithm gets recalculated, and
voila, a new picture of the network, with the failed link kicked aside.

Did I understand your question correctly?  If not, let me know.

HTH,

Charles



"vasu" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Greetings,
> Guys
>  I am little bit confused with OSPF Configuration.   Please help me
> out.
>  1.Just imagine that i need 3 area's to be configured including area
> 0.
>  2. Assume that i have 2 routers in area 0
> and  Area 1 and  Area 2  are having  2 routers each.
>  3. Just imagine one of the router which was in area 1 gets new
> link and that to
> be  connceted to area 2  for fault tolerance.  That means i want
> the serial link which was only in area 1 to be functional by default
> and suppose if the link which is configured in area 1 fails the router
> should take area 2 link.
>  4. All  these areas are interconnected via serial links.
>
>  Hope this is sufficient to get the best solution
>   This is the problem what i am facing. Help me out.
>
> Atul
>
>
>
> **NOTE: New CCNA/CCDA List has been formed. For more information go to
> http://www.groupstudy.com/list/Associates.html
> _
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

OSPF AREA Confusion

[vasu]

Greetings,
Guys
 I am little bit confused with OSPF Configuration.   Please help me
out.
 1.Just imagine that i need 3 area's to be configured including area
0.
 2. Assume that i have 2 routers in area 0
and  Area 1 and  Area 2  are having  2 routers each.
 3. Just imagine one of the router which was in area 1 gets new
link and that to
be  connceted to area 2  for fault tolerance.  That means i want
the serial link which was only in area 1 to be functional by default
and suppose if the link which is configured in area 1 fails the router
should take area 2 link.
 4. All  these areas are interconnected via serial links.

 Hope this is sufficient to get the best solution
  This is the problem what i am facing. Help me out.

Atul



**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: "Multiring All" Confusion

[Flem]

Kent ,

In the case of just ip then multiring ip will do .
Multiring will force the router to send out arp as an
SRE ( default ) . In this case you gather a path (RIF)
to the end device . It will show up in 'sh rif'

Procedure in TR is to first send the arp local to the
ring . If you don't have multiring on then this is all
you will get . It you have multiring then the router
will explore localy and if no reply it will send out
the arp as a SRE . This enables you to ping devices
behind SR-bridges .


Inline ..

--- Kent <[EMAIL PROTECTED]> wrote:
> Hi All,
> 
> Never worked with Token Ring in the real life, do

too bad , you miss a lot of fun :)

> not understand why we need to have 'multiring all' 
> there to route ip, does it just enalbe the all route
> explorer of ip traffic? If it does, can I say if I
> have two cisco routers hooked up on a hub(or MAU),
> and
> give them ip address in the same lan, say 1.1.1.1/8
> and 1.1.1.2/8, I can not ping one from one the other
> before put 'multiring ip ' under their interfaces?

not true , you can ping the routers if they are
connected to the same ring .


flem
> 
> Thanks
> 
> Kent 
> 
> __
> Do You Yahoo!?
> Yahoo! Mail - Free email you can access from
> anywhere!
> http://mail.yahoo.com/
> 
> ___
> UPDATED Posting Guidelines:
> http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]


__
Do You Yahoo!?
Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: "Multiring All" Confusion

[Kent]

Hi All,

Never worked with Token Ring in the real life, do not
understand why we need to have 'multiring all' there
to route ip, does it just enalbe the all route
explorer of ip traffic? If it does, can I say if I
have two cisco routers hooked up on a hub(or MAU), and
give them ip address in the same lan, say 1.1.1.1/8
and 1.1.1.2/8, I can not ping one from one the other
before put 'multiring ip ' under their interfaces?

Thanks

Kent 

__
Do You Yahoo!?
Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Software release confusion

[Flem]

That is correct , in 11.2 it was called 'P' .
Avoid using T or P releases if you do not need the new
features .


flem

--- Kevin Mitchell <[EMAIL PROTECTED]> wrote:
> "T" releases refer to "Technology" releases. In
> other words, new technology
> feature or functionality will first appear in a "T"
> release, and then be
> incorporated in to a standard release train in a
> later version/release. That
> is why you will not see a "T" release go into
> General Deployment (GD).
> 
> Some folk interpret "T" as being Telephony which is
> incorrect.
> 
> ""Gabriel Nickel"" <[EMAIL PROTECTED]> wrote in message
> 002201c013ec$b793cbe0$12e6a8c0@Westend">news:002201c013ec$b793cbe0$12e6a8c0@Westend...
> >
> > Please could someone clarify the difference
> between IOS "T" and non-"T"
> releases ?
> > Thanks in advance,
> >
> > /gabriel
> >
> > ___
> > UPDATED Posting Guidelines:
> http://www.groupstudy.com/list/guide.html
> > FAQ, list archives, and subscription info:
> http://www.groupstudy.com
> > Report misconduct and Nondisclosure violations to
> [EMAIL PROTECTED]
> >
> 
> 
> ___
> UPDATED Posting Guidelines:
> http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]


__
Do You Yahoo!?
Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: Software release confusion

[Kevin Mitchell]

"T" releases refer to "Technology" releases. In other words, new technology
feature or functionality will first appear in a "T" release, and then be
incorporated in to a standard release train in a later version/release. That
is why you will not see a "T" release go into General Deployment (GD).

Some folk interpret "T" as being Telephony which is incorrect.

""Gabriel Nickel"" <[EMAIL PROTECTED]> wrote in message
002201c013ec$b793cbe0$12e6a8c0@Westend">news:002201c013ec$b793cbe0$12e6a8c0@Westend...
>
> Please could someone clarify the difference between IOS "T" and non-"T"
releases ?
> Thanks in advance,
>
> /gabriel
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Software release confusion

[Gabriel Nickel]

Please could someone clarify the difference between IOS "T" and non-"T" releases ?
Thanks in advance,

/gabriel

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Re: wan LAN confusion!

[Sean Byrne]

You will need to remove your PCMCIA network  adapter rom your
notebook when you leave the office.

Both  Win95 and Win98 are broken in that they will still try to send
traffic to a down connected network.  (ie. it still thinks it can hit your
office network with the PCMCIA network card.)

Sean

tayta wrote:

> sorry normaly I ask only router stuff here but I'm desperate
>
> have MS messed up TCP or did I miss something
>
> does anybody know how I can get traffic destined for my LAN to go over my
> WAN gateway when I am out o the office, notebook win98 (shame on me)
>
> all traffic destined for what is normaly my LAN will not use the WAN
> gateway,
>
> not very good with windows, tried  to edit the Route table without success
>
> Plees
>
> Murt
>
> ___
> UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
> FAQ, list archives, and subscription info: http://www.groupstudy.com
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
> ---

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

wan LAN confusion!

[tayta]

sorry normaly I ask only router stuff here but I'm desperate

have MS messed up TCP or did I miss something

does anybody know how I can get traffic destined for my LAN to go over my
WAN gateway when I am out o the office, notebook win98 (shame on me)

all traffic destined for what is normaly my LAN will not use the WAN
gateway,

not very good with windows, tried  to edit the Route table without success

Plees

Murt


___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Confusion

[Shoaib Waqar]

Anyone of u can tell me that i read on the official web site of cisco
regarding CCNP cert, than it can also be achieved by a mixture of CCNP 1.0 and
2.0 tracks, that is if one got ACRC and CLSC of 1.0 track and Remote Access
and Support 2.0 of CCNP 2.0 then u will be certifie as CCNP 1.0, so plz tell
me about it, is it really what i am understanding??? 

Regards,

Shoaib Waqar


Get free email and a permanent address at http://www.netaddress.com/?N=1

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Syntax confusion

[Dan West]

Can anyone tell me why Cisco made the bit syntax
different between access lists and the "ip route"
command???

Example: 

permit ip any host 10.1.1.0 0.0.0.255

In this case, the zeros in the second column match
exactly and the 255 is a wildcard.

BUT then:

ip route 10.1.1.0 255.255.255.0 w.x.y.z

Here, the 255 matches exactly and the zero looks like
wildcard. Is it just me or is this unnecessarily
absurd?

Any help is appreciated.

=
Dan West -- CCNA

__
Do You Yahoo!?
Send instant messages with Yahoo! Messenger.
http://im.yahoo.com/

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ACRC sample question confusion

[Warren Shubin]

Taken from sample questions:

1. Command to show access-list 107

I often see the right answer as:

show ip access-list 107

but, if the test wants the full answer wouldn't it be:

show ip access-lists 107

What is the command to keep a route permanent even if the link fails?

I also have some confusion over which of the follwoing are required for a
router to route?

possible routes
best route
encrypt key
destination address
Verify route is current

Some sample tests list destination address and best route as the only
choice, but I believe the Chappel book lists everything but encrypt.

Thanks for the help! Testing on Tuesday!



___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

ppp callback confusion

[adrian smith]

I'm a little confused about ppp callback, given several key sources of 
information.  Fatkid.com includes a username and callback dial-string global 
command, however, Cisco docs do not.  As well, I have configured dial 
callback without this global command and it seemed to work fine.  Any ideas?

TIA.

Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

___
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]