RE: Please Help - CIDR - How the bits work [7:75050]
At 5:32 PM + 9/10/03, Priscilla Oppenheimer wrote: >Reimer, Fred wrote: >> >> I've always liked hex myself. A hex mask of FF.FF.F8.00 can be >> written as >> F800 and still mean the same thing. You obviously can't do >> that with >> 255.255.128.0 (255.255.128.0 != 2,552,551,280). While binary >> works the same >> way as hex in this manner, it is much to long for my tastes. >> Plus, hex is >> used a lot in programming languages when using values in >> bitmasks, so I'm >> more familiar with it. Also, there are only 5 hex numbers that >> you need to >> memorize for masks, F 0 8 C and E. > >And binary is going to be pretty hard to deal with when we get to 128-bit >IPv6 addresses!? Indeed, hex is the IPv6 convention except for some special cases like embedded IPv4 addresses. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75203&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
I was more referring to "core" ISP routers than edge (and I've certainly never worked for an ISP before, so I'm going on my experience and knowledge of routing protocols to surmise [guess] at what would be reasonable or not). If you have ISP engineers configuring the "ISP" router that is at the customer premise, then yes I would concede that there are probably a lot of default static routes, if not being the majority. As far as non-default static routes with different AD's, then I would certainly agree with you. I've used them myself extensively in multiple customer WAN configurations. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 12:57 PM To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] At 11:34 AM -0400 9/10/03, Reimer, Fred wrote: >Yes, but the CCIE labs are supposed to be for ISP level engineers, who >almost certainly won't be using default routes most of the time. It should >be assumed that by the time you get to the CCIE level you have much >experience in default routing. > First, ISP level engineers are going to configure default routes for customers, and, indeed, there often are default routes in POPs, or in smaller ISPs. Second, the combination of static default routes with multiple administrative distances can get quite complex. Third, I am more bothered by the lack of static routes than defaults. Complex static routes, with alternatives, are common for traffic engineering. Blackhole static routes are extensively used. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75202&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
Funny thing about this is that most "experts" that I've dealt with working at major ISPs who do nothing but deal with BGP and routing daily still don't get the configurations right the first time. I've never had a BGP neighbor setup go smoothly (i.e. take less than 2 hours), and it was never a problem on my side of the configuration. So don't blame yourself if you don't get it right the first time. And don't be afraid of it... Most "experts", in my experiences, still make mistakes with BGP. -Original Message- From: Reimer, Fred [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 11:26 AM To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] Yes! Even I would not feel comfortable configuring BGP in a production environment yet, and although I don't have my CCNP yet, I did pass the routing and switching tests. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 7:32 PM To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] Dom wrote: > > And one last point, No LAN is an island, why two IG(P) > protocols and no > EG(P) protocol? > > A NA should at least a some understanding of how to connect to > the > outside world - when to use BGP and when not to. Default routing. Wouldn't we all be better off if CCNAs would stay away from BGP?? :-) Priscilla > > Sorry Fred, not having a go at you personally, but these are > points we > all need to think about. > > Best regards, > > Dom Stocqueler > SysDom Technologies > Visit our website - www.sysdom.org > > > -Original Message- > From: Dom [mailto:[EMAIL PROTECTED] > Sent: 09 September 2003 23:37 > To: 'Reimer, Fred'; '[EMAIL PROTECTED]' > Subject: RE: Please Help - CIDR - How the bits work [7:75050] > > > Oh, and while I'm on the subject - why EIGRP? This is a > proprietary > Cisco Protocol. OK, I believe that Juniper may have implemented > it, but > to the best of my knowledge no one else has. > > Best regards, > > Dom Stocqueler > SysDom Technologies > Visit our website - www.sysdom.org > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of > Reimer, Fred > Sent: 09 September 2003 22:03 > To: [EMAIL PROTECTED] > Subject: RE: Please Help - CIDR - How the bits work [7:75050] > > > I guess my expectation and Cisco's, or at least their current > expectations as listed on their web site, don't match then. By > my > definition a beginner should know about CIDR, EIGRP, and OSPF. > It's not > like they are inherently difficult to understand. People tend > to make > it sound like rocket science or voodoo magic. It's just a > routing > protocol folks. > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA > 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary > information > which may be legally privileged. It is intended only for the > named > recipient(s). If an addressing or transmission error has > misdirected the > email, please notify the author by replying to this message. If > you are > not the named recipient, you are not authorized to use, > disclose, > distribute, copy, print or rely on this email, and should > immediately > delete it from your computer. > > > -Original Message- > From: "Chuck Whose Road is Ever Shorter" > [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 3:56 PM > To: [EMAIL PROTECTED] > Subject: Re: Please Help - CIDR - How the bits work [7:75050] > > ""Reimer, Fred"" wrote in message > news:[EMAIL PROTECTED] > > May be I had advanced access to the new NA material then ;-) > In my > > view, > a > > NA should be able to handle basic RIP, OSPF, EIGRP in a small > to > > medium sized network. That would certainly include CIDR. A > NP, IMO, > > would be >
RE: Please Help - CIDR - How the bits work [7:75050]
Reimer, Fred wrote: > > I've always liked hex myself. A hex mask of FF.FF.F8.00 can be > written as > F800 and still mean the same thing. You obviously can't do > that with > 255.255.128.0 (255.255.128.0 != 2,552,551,280). While binary > works the same > way as hex in this manner, it is much to long for my tastes. > Plus, hex is > used a lot in programming languages when using values in > bitmasks, so I'm > more familiar with it. Also, there are only 5 hex numbers that > you need to > memorize for masks, F 0 8 C and E. And binary is going to be pretty hard to deal with when we get to 128-bit IPv6 addresses!? Dotted decimal notation is really an awful thing. I agree with Howard that it confuses people and should be taught after the binary representation of addresses (and maybe hex?) Not only does dotted decimal notation confuse people with addresses, but it gets them thinking 8 bits at a time, when programming languages, protocol analyzers, debuggers, etc. think 4 bits at a time. Priscilla > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA > 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary > information which > may be legally privileged. It is intended only for the named > recipient(s). > If an addressing or transmission error has misdirected the > email, please > notify the author by replying to this message. If you are not > the named > recipient, you are not authorized to use, disclose, distribute, > copy, print > or rely on this email, and should immediately delete it from > your computer. > > > -Original Message- > From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 11:32 PM > To: [EMAIL PROTECTED] > Subject: RE: Please Help - CIDR - How the bits work [7:75050] > > At 10:36 PM + 9/9/03, Dom wrote: > >Fred, check out the archives for Howard's piece on the > difference > >between 'Rocket Science' and 'BGP' when at NASA. > > > >Best regards, > > > >Dom Stocqueler > >SysDom Technologies > >Visit our website - www.sysdom.org > > > Seriously, I've fought a battle for many years with Cisco > Training. I > believe the fundamental problem they _create_ is insisting on > teaching classful and dotted decimal notation first. > > When I've given private classes -- ICRC, the older RSC, etc. -- > I > always began discussing addressing in binary, got people used > to the > idea of prefix length, then introduced dotted decimal as a > means of > representation, and then introduced classful addressing as a > historic > concept. Students were always able to go right into classless > routing without any trouble. > > There are some nice examples in RFC 1878. RFCs 1517-1520 give > the > main background, although there are some earlier papers on > "supernetting". > > With all mercenary disclaimers, I also recommend my book, > _Designing > Addressing Architectures for Routing and Switching_, and my > recent > IPv4/IPv6 tutorial on Certification Zone. > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75199&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
At 11:34 AM -0400 9/10/03, Reimer, Fred wrote: >Yes, but the CCIE labs are supposed to be for ISP level engineers, who >almost certainly won't be using default routes most of the time. It should >be assumed that by the time you get to the CCIE level you have much >experience in default routing. > First, ISP level engineers are going to configure default routes for customers, and, indeed, there often are default routes in POPs, or in smaller ISPs. Second, the combination of static default routes with multiple administrative distances can get quite complex. Third, I am more bothered by the lack of static routes than defaults. Complex static routes, with alternatives, are common for traffic engineering. Blackhole static routes are extensively used. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75193&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
At 11:40 AM -0400 9/10/03, Reimer, Fred wrote: >I've always liked hex myself. A hex mask of FF.FF.F8.00 can be written as >F800 and still mean the same thing. You obviously can't do that with >255.255.128.0 (255.255.128.0 != 2,552,551,280). While binary works the same >way as hex in this manner, it is much to long for my tastes. Plus, hex is >used a lot in programming languages when using values in bitmasks, so I'm >more familiar with it. Also, there are only 5 hex numbers that you need to >memorize for masks, F 0 8 C and E. > >Fred Reimer - CCNA I can live very easily with hex or binary. The problem is dotted decimal. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75194&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
Oh, it's just getting fun. It's not like we are flaming anyone. We are just expressing our opinions! ;-) I'd agree with you. No BGP for NA's. And as far as who I'd want touching my Internet facing router, it would depend on what type of business it was. If it was a small business, where all they need is a default router that is propagated, I sure as heck would think that an NA would be able to handle that. If it was a large business with say a semi-extensive private WAN with multiple entries into the Internet, I'd definitely prefer at least a NP. If it was a company with dual ISP routing that incorporated BGP, then a NP might be able to handle it, but I would definitely prefer an IE. For ISP's, anyone that would even think of touching the backbone routers I would hope would be IE level, if not certified. It's the experience that counts to me, not necessarily the cert level. Heck, I only have my CCNA so far, but I'd hazard to guess that I have more practical experience than a certain double CCIE that I know. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Stephen Skinner [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 6:33 AM To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] BLIMEY !!! this is getting a little heated L+G`s . i personally believe that when i got my CCNA if i had been asked to configure BGP (even Basic) on an internet connecting router for a small-medium sized company...i would have run away screaming... Ask yourselfs this there are three grade`s of Certifications at cisco Associate Profesisional Expert from a company manager`s point-of-view (no offence fred) Whom would you prefer be touching your internet facing router ... yes i am aware that to most of us they don`t mean tuppence (i.e howard/pris) but the plan truth is people NOT in the know rely on the badges >From: "Howard C. Berkowitz" >Reply-To: "Howard C. Berkowitz" >To: [EMAIL PROTECTED] >Subject: RE: Please Help - CIDR - How the bits work [7:75050] >Date: Wed, 10 Sep 2003 03:36:57 GMT > >At 11:32 PM + 9/9/03, Priscilla Oppenheimer wrote: > >Dom wrote: > >> > >> And one last point, No LAN is an island, why two IG(P) > >> protocols and no > >> EG(P) protocol? > >> > >> A NA should at least a some understanding of how to connect to > >> the > >> outside world - when to use BGP and when not to. > > > >Default routing. Wouldn't we all be better off if CCNAs would stay away >from > >BGP?? :-) > > > >Priscilla > >When fingerpointing in quite a number of external connectivity >problems, I have often found de fault is due to the lack of default. >Cisco hardly helps this by discriminating against static and default >routes in the CCIE lab. >**Please support GroupStudy by purchasing from the GroupStudy Store: >http://shop.groupstudy.com >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html _ Tired of 56k? Get a FREE BT Broadband connection http://www.msn.co.uk/specials/btbroadband **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75188&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
I've always liked hex myself. A hex mask of FF.FF.F8.00 can be written as F800 and still mean the same thing. You obviously can't do that with 255.255.128.0 (255.255.128.0 != 2,552,551,280). While binary works the same way as hex in this manner, it is much to long for my tastes. Plus, hex is used a lot in programming languages when using values in bitmasks, so I'm more familiar with it. Also, there are only 5 hex numbers that you need to memorize for masks, F 0 8 C and E. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 11:32 PM To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] At 10:36 PM + 9/9/03, Dom wrote: >Fred, check out the archives for Howard's piece on the difference >between 'Rocket Science' and 'BGP' when at NASA. > >Best regards, > >Dom Stocqueler >SysDom Technologies >Visit our website - www.sysdom.org Seriously, I've fought a battle for many years with Cisco Training. I believe the fundamental problem they _create_ is insisting on teaching classful and dotted decimal notation first. When I've given private classes -- ICRC, the older RSC, etc. -- I always began discussing addressing in binary, got people used to the idea of prefix length, then introduced dotted decimal as a means of representation, and then introduced classful addressing as a historic concept. Students were always able to go right into classless routing without any trouble. There are some nice examples in RFC 1878. RFCs 1517-1520 give the main background, although there are some earlier papers on "supernetting". With all mercenary disclaimers, I also recommend my book, _Designing Addressing Architectures for Routing and Switching_, and my recent IPv4/IPv6 tutorial on Certification Zone. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75185&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
Yes, but the CCIE labs are supposed to be for ISP level engineers, who almost certainly won't be using default routes most of the time. It should be assumed that by the time you get to the CCIE level you have much experience in default routing. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 11:37 PM To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] At 11:32 PM + 9/9/03, Priscilla Oppenheimer wrote: >Dom wrote: >> >> And one last point, No LAN is an island, why two IG(P) >> protocols and no >> EG(P) protocol? >> >> A NA should at least a some understanding of how to connect to >> the >> outside world - when to use BGP and when not to. > >Default routing. Wouldn't we all be better off if CCNAs would stay away from >BGP?? :-) > >Priscilla When fingerpointing in quite a number of external connectivity problems, I have often found de fault is due to the lack of default. Cisco hardly helps this by discriminating against static and default routes in the CCIE lab. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75184&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
True. The primary reasons would be that Cisco is the market leader, especially in SMB, and 2nd would be that while proprietary, the workings of the protocol certainly are not. It is well-documented. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Dom [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 6:37 PM To: 'Reimer, Fred'; [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] Oh, and while I'm on the subject - why EIGRP? This is a proprietary Cisco Protocol. OK, I believe that Juniper may have implemented it, but to the best of my knowledge no one else has. Best regards, Dom Stocqueler SysDom Technologies Visit our website - www.sysdom.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: 09 September 2003 22:03 To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] I guess my expectation and Cisco's, or at least their current expectations as listed on their web site, don't match then. By my definition a beginner should know about CIDR, EIGRP, and OSPF. It's not like they are inherently difficult to understand. People tend to make it sound like rocket science or voodoo magic. It's just a routing protocol folks. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: "Chuck Whose Road is Ever Shorter" [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 3:56 PM To: [EMAIL PROTECTED] Subject: Re: Please Help - CIDR - How the bits work [7:75050] ""Reimer, Fred"" wrote in message news:[EMAIL PROTECTED] > May be I had advanced access to the new NA material then ;-) In my > view, a > NA should be able to handle basic RIP, OSPF, EIGRP in a small to > medium sized network. That would certainly include CIDR. A NP, IMO, > would be for > advanced RIP, OSPF, EIGRP, and basic BGP, like for configuring a > mid-large sized network for connection to the Internet including > minimal BGP. IE, IMO, is for ISP engineers that have to deal with > extensive IS-IS, BGP using > all options, etc, and large to huge (global) networks. > > May be I'm just expecting too much, but if you don't understand CIDR > you shouldn't be allowed anywhere near a router, let alone be > responsible for configuring them. with all due respect, I disagree. CCNA is promoted by Cisco as being someone capable of designing and configuring a small network. http://www.cisco.com/en/US/learning/le3/le2/le0/le9/learning_certificati on_t ype_home.html "The CCNA certification (Cisco Certified Network Associate) indicates a foundation in and apprentice knowledge of networking. CCNA certified professionals can install, configure, and operate LAN, WAN, and dial access services for small networks (100 nodes or fewer), including but not limited to use of these protocols: IP, IGRP, Serial, Frame Relay, IP RIP, VLANs, RIP, Ethernet, Access Lists." my experience has been that small nets have less if any need for CIDR knowledge or expertise. Cisco has over the past couple of years been slowly upping the ante, and I wish Cisco would get clear as to what skill sets are appropriate at what certification level. Cisco tends to be all over the map on this, and has been the netire time I have been playing at certification. But in general, I believe the idea is that CCxA is beginner, CCxP is intermediate, and CCIE is high level. as with all things certification related, YMMV. I've known CCNA's who manage large networks, and I've known CCIE's whose knowledge of certain specific areas was less than expert. As can be expected, depending on experience, job, place of employment, years in the field, etc. Chuck >
RE: Please Help - CIDR - How the bits work [7:75050]
Yes! Even I would not feel comfortable configuring BGP in a production environment yet, and although I don't have my CCNP yet, I did pass the routing and switching tests. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 7:32 PM To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] Dom wrote: > > And one last point, No LAN is an island, why two IG(P) > protocols and no > EG(P) protocol? > > A NA should at least a some understanding of how to connect to > the > outside world - when to use BGP and when not to. Default routing. Wouldn't we all be better off if CCNAs would stay away from BGP?? :-) Priscilla > > Sorry Fred, not having a go at you personally, but these are > points we > all need to think about. > > Best regards, > > Dom Stocqueler > SysDom Technologies > Visit our website - www.sysdom.org > > > -Original Message- > From: Dom [mailto:[EMAIL PROTECTED] > Sent: 09 September 2003 23:37 > To: 'Reimer, Fred'; '[EMAIL PROTECTED]' > Subject: RE: Please Help - CIDR - How the bits work [7:75050] > > > Oh, and while I'm on the subject - why EIGRP? This is a > proprietary > Cisco Protocol. OK, I believe that Juniper may have implemented > it, but > to the best of my knowledge no one else has. > > Best regards, > > Dom Stocqueler > SysDom Technologies > Visit our website - www.sysdom.org > > -Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of > Reimer, Fred > Sent: 09 September 2003 22:03 > To: [EMAIL PROTECTED] > Subject: RE: Please Help - CIDR - How the bits work [7:75050] > > > I guess my expectation and Cisco's, or at least their current > expectations as listed on their web site, don't match then. By > my > definition a beginner should know about CIDR, EIGRP, and OSPF. > It's not > like they are inherently difficult to understand. People tend > to make > it sound like rocket science or voodoo magic. It's just a > routing > protocol folks. > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA > 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary > information > which may be legally privileged. It is intended only for the > named > recipient(s). If an addressing or transmission error has > misdirected the > email, please notify the author by replying to this message. If > you are > not the named recipient, you are not authorized to use, > disclose, > distribute, copy, print or rely on this email, and should > immediately > delete it from your computer. > > > -Original Message- > From: "Chuck Whose Road is Ever Shorter" > [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 3:56 PM > To: [EMAIL PROTECTED] > Subject: Re: Please Help - CIDR - How the bits work [7:75050] > > ""Reimer, Fred"" wrote in message > news:[EMAIL PROTECTED] > > May be I had advanced access to the new NA material then ;-) > In my > > view, > a > > NA should be able to handle basic RIP, OSPF, EIGRP in a small > to > > medium sized network. That would certainly include CIDR. A > NP, IMO, > > would be > for > > advanced RIP, OSPF, EIGRP, and basic BGP, like for > configuring a > > mid-large sized network for connection to the Internet > including > > minimal BGP. IE, IMO, is for ISP engineers that have to deal > with > > extensive IS-IS, BGP > using > > all options, etc, and large to huge (global) networks. > > > > May be I'm just expecting too much, but if you don't > understand CIDR > > you shouldn't be allowed anywhere near a router, let alone be > > responsible for configuring them. > > > with all due respect, I disagree. CCNA is promoted by Cisco as > being > someone capable of designing and configuring a small network. > > http:/
RE: Please Help - CIDR - How the bits work [7:75050]
No reason to be sorry! I'm all for "vigorous" discussion ;-)
No BGP in the NA because we are talking about SMALL to medium business.
Yes, they should know about how to connect up to the Internet, using a
default route, etc. But you are not going to find that many ISPs, if any,
that are willing to setup a BGP peer with a store-front business with a 16
address space public network (or even granted they are given a /24 public
subnet). If you find any, let me know!
That's why I say EGP for NP. A medium to large business certainly may need
EGP expertise.
And I suppose that's a slight difference in the way people think about the
different certification levels. When I say RIP, IGRP, EIGRP, OSPF should be
requirements for a NA I mean the candidates should be }experts{ in those
protocols. Not just having a passing understanding, have read about it in a
book once, or used some study guide to rote-memorize answers to common
questions.
So, on the one hand I think the standards should be tougher, requiring
"expert" level knowledge for the IGP's, and on the other I don't think a NA
needs to know anything about EGP's.
Fred Reimer - CCNA
Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050
NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.
-Original Message-
From: Dom [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 09, 2003 6:59 PM
To: [EMAIL PROTECTED]; 'Reimer, Fred'; [EMAIL PROTECTED]
Subject: RE: Please Help - CIDR - How the bits work [7:75050]
And one last point, No LAN is an island, why two IG(P) protocols and no
EG(P) protocol?
A NA should at least a some understanding of how to connect to the
outside world - when to use BGP and when not to.
Sorry Fred, not having a go at you personally, but these are points we
all need to think about.
Best regards,
Dom Stocqueler
SysDom Technologies
Visit our website - www.sysdom.org
-Original Message-
From: Dom [mailto:[EMAIL PROTECTED]
Sent: 09 September 2003 23:37
To: 'Reimer, Fred'; '[EMAIL PROTECTED]'
Subject: RE: Please Help - CIDR - How the bits work [7:75050]
Oh, and while I'm on the subject - why EIGRP? This is a proprietary
Cisco Protocol. OK, I believe that Juniper may have implemented it, but
to the best of my knowledge no one else has.
Best regards,
Dom Stocqueler
SysDom Technologies
Visit our website - www.sysdom.org
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Reimer, Fred
Sent: 09 September 2003 22:03
To: [EMAIL PROTECTED]
Subject: RE: Please Help - CIDR - How the bits work [7:75050]
I guess my expectation and Cisco's, or at least their current
expectations as listed on their web site, don't match then. By my
definition a beginner should know about CIDR, EIGRP, and OSPF. It's not
like they are inherently difficult to understand. People tend to make
it sound like rocket science or voodoo magic. It's just a routing
protocol folks.
Fred Reimer - CCNA
Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050
NOTICE; This email contains confidential or proprietary information
which may be legally privileged. It is intended only for the named
recipient(s). If an addressing or transmission error has misdirected the
email, please notify the author by replying to this message. If you are
not the named recipient, you are not authorized to use, disclose,
distribute, copy, print or rely on this email, and should immediately
delete it from your computer.
-Original Message-
From: "Chuck Whose Road is Ever Shorter" [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 09, 2003 3:56 PM
To: [EMAIL PROTECTED]
Subject: Re: Please Help - CIDR - How the bits work [7:75050]
""Reimer, Fred"" wrote in message
news:[EMAIL PROTECTED]
> May be I had advanced access to the new NA material then ;-) In my
> view,
a
> NA should be able to handle basic RIP, OSPF, EIGRP in a small to
> medium sized network. That would certainly include CIDR. A NP, IMO,
> would be
for
> advanced RIP, OSPF, EIGRP, and basic BGP, like for configuring a
> mid-large sized network for connection to the Internet including
> minimal BGP. IE, IMO, is for ISP engineers that have to deal with
> extensive IS-IS, BGP
using
> all options, etc, and large to huge (global) networks.
>
> May be I'm just exp
Re: Please Help - CIDR - How the bits work [7:75050]
I get the same results as Marko, but this may lay it out so you (and others) can see the development: IP address = 32 bits Network portion = 22 bits Host portion = 10 bits Total addresses for host portion = 2^10 = 1024 Start with 192.168.24.0/22 Focus on the 3rd octet (network_host): 000110_00 400 hosts requires 9 bits (2^8 = 256, 2^9 = 512) and you will have some left in this block divide the /22 into two blocks of 512 addresses each: 0001100_0 (.24/23) and 000_0 (.26/23) use .24/23 for the 400-host network 200 hosts requires 8 bits (2^7 = 128, 2^8 = 256) and there will be some left in this block, too divide the .26/25 into 2 blocks of 256 addresses each: 0000 (.26/24) and 0001 (.27/24) use .26/24 for the 200-host network 50 hosts requires 6 bits (2^5 = 32, 2^6 = 64) and you will again have some leftovers divide the .27/24 into 4 blocks of 64 addresses each now looking at the 4th octet: 00_00 (.0/26), 01_00 (.64/26), 10_00 (.128/26), and 11_00 (.192/26) use the first two for the 50-host networks and the rest is easy My personal rule is to always start with the biggest blocks and work down from there. HTH Annlee Steven Aiello wrote: > I just started my routing class for my CCNP. We are covering CIDR. The > book is VEERY vague on how the bit patterns break down and are used. > > > This was a problem posed in one of my CCNP labs > > I have network number > > 192.168.24.0 / 22 > > from this I need > networks with > > 400 hosts > 200 hosts > 50 hosts > 50 hosts > 2 hosts (for serial int - no ip un-numbered allowed ) > 2 hosts > 2 hosts > > Also no NATing > > Thanks all I really could use the help > > Steve > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html This email has been scanned for all viruses by the MessageLabs Email Security System. For more information on a proactive email security service working around the clock, around the globe, visit http://www.messagelabs.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75172&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work What I figured out [7:75173]
>From what you say, I think you have it, but I'm not sure. Starting from the
bottom of a /24 subnet (Class C), you could have a /26 subnet, then two /27
subnets, then four /28 subnets, and finally another /26 subnet. Or you
could have two /28 subnets, one /27 subnet, one /26 subnet, followed by a
/25 subnet. The combination, and order, does not really matter, as long as
no IP addresses within the subnets overlap.
For instance, you couldn't have a /26 (64 addresses) followed by a /25 (128
addresses), followed by a /26 (64 addresses). Why? Because there can't be
any overlaps. The 64 would start at .0 and go to .63. The 128 would
start... Where? It can't start at .64, because that's in the middle of say
192.168.24.0/25 (which is 192.168.24.0-192.168.24.127). It would need to
start at .0 or .128. If it started at .128 then it would extend to .255, in
which case there wouldn't be room for the last /26 subnet. So, you re-order
them and use either a /26, /26, and /25, or /25, /26, and /26.
Remember, the whole classful/classless thing is routing protocol specific.
It has nothing to do with how hosts view IP addresses, or make "routing"
decisions (meaning whether to send it to a router or if the address is
local). The source code for a TCP/IP stack may look something like this:
# Assuming addresses/masks are 32-bit numbers, not dotted decimal
# string representations of addresses/masks.
# $ip_src is the IP address of the outgoing interface on the host
# $ip_dst is the IP address of the destination
# $ip_mask is the subnet mask on the outgoing interface
# $ip_gateway is the IP address of the default gateway
# check to see if destination address is in same subnet as our interface
if (($ip_src & $ip_mask) == ($ip_dst & $ip_mask)) {
# send directly to destination, possibly arping out first
} else {
# send to default gateway, $ip_gateway,
# possibly arping out first
}
There would obviously be more logic in there as you may have more than one
route and not a single default gateway, but the important point is that it
does not matter about the "classfulness" or "classlessness" of the subnet
mask. The host doesn't give a hoot. As long as the source and the
destination both agree whether they are in the same subnet or not everything
works fine. If they don't, you may need some ancient hack like proxy ARP,
but I don't know anyone in their right mind that would recommend
purposefully MIS-configuring a network so that it is required.
Fred Reimer - CCNA
Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050
NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.
-Original Message-
From: Steven Aiello [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 09, 2003 1:21 PM
To: [EMAIL PROTECTED]
Subject: Re: Please Help - CIDR - How the bits work What I figured out
[7:75087]
I was stuck on the idea that you could ONLY re subnet a remaining piece
of a subnetwork. And not apply a mask to the whole span of the total
available network. You can (unless I'm incorrect here) you just have to
watch out for address over lap neer your subnetwork boundries.
I think I got it.
Man I love this news group!
Steve
Priscilla Oppenheimer wrote:
> Reimer, Fred wrote:
>
>>No offense, but this is CCNA material.
>
>
> Do they still teach classful for CCNA, though? Perhaps the only thing
that's
> hard for him is that 192.168.24.0 has a mask of 255.255.255.0 in a
classful
> system. Moving the prefix over to the left of that classful boundary isn't
> something they teach for CCNA yet. (They will soon. The new Networking
> Academy books teach it from the start now.)
>
> Priscilla
>
>
>>If you are going for
>>your CCNP, then
>>you should already have your CCNA and know the answer. But
>>anyway...
>>
>>If you need a network with 400 hosts, the smallest subnet would
>>have a /23
>>mask. So take the first part of your given network and assign
>>it to that:
>>
>>192.168.24.0/23 (192.168.24.0-192.168.25.255)
>>
>>Then you need one with 200 hosts. Well, that could fit within
>>a /24 subnet,
>>so assign the next available to that:
>>
>>192.168.26.0/24 (192.168.26.0-192.168.26.255)
>>
>>Now you only have 192.168.27.0/24 left from the original
>>192.168.24.0/23
>>(whic
RE: Please Help - CIDR - How the bits work [7:75050]
Here's a great resource: pad http://www.nanog.org/isp.html#cidr scroll down to CIDR and download "Understanding IP Addressing: Everything You Ever Wanted to Know" by Chuck Semeria Looking at your specific problem - think in powers of two. 400 nodes is greater than 256 but less than 512. Use /23 out of your allocation. 200 is less than 256 so use a /24. 50 is greater than 32 and less than 64 so use a /26 for each. The serial links each need a /30. Probably best to take the last /28 from the allocation and break it down into four /30s. > -Original Message- > From: Steven Aiello [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 7:02 AM > To: [EMAIL PROTECTED] > Subject: Please Help - CIDR - How the bits work [7:75050] > > > I just started my routing class for my CCNP. We are covering > CIDR. The > book is VEERY vague on how the bit patterns break down > and are used. > > > This was a problem posed in one of my CCNP labs > > I have network number > > 192.168.24.0 / 22 > > from this I need > networks with > > 400 hosts > 200 hosts > 50 hosts > 50 hosts > 2 hosts (for serial int - no ip un-numbered allowed ) > 2 hosts > 2 hosts > > Also no NATing > > Thanks all I really could use the help > > Steve **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html This email has been scanned for all viruses by the MessageLabs Email Security System. For more information on a proactive email security service working around the clock, around the globe, visit http://www.messagelabs.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75171&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
Hi there, There is a great link for al this you should check out: http://www.3com.com/other/pdfs/infra/corpinfo/en_US/501302.pdf Cheers, Kenan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75174&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Please Help - CIDR - How the bits work [7:75050]
Fred, OSPF was just moved into the CCNA 3.0 Acad. which is JUST being released now. I wish we would have coverd that, and other things you mention. Steve Reimer, Fred wrote: > May be I had advanced access to the new NA material then ;-) In my view, a > NA should be able to handle basic RIP, OSPF, EIGRP in a small to medium > sized network. That would certainly include CIDR. A NP, IMO, would be for > advanced RIP, OSPF, EIGRP, and basic BGP, like for configuring a mid-large > sized network for connection to the Internet including minimal BGP. IE, > IMO, is for ISP engineers that have to deal with extensive IS-IS, BGP using > all options, etc, and large to huge (global) networks. > > May be I'm just expecting too much, but if you don't understand CIDR you > shouldn't be allowed anywhere near a router, let alone be responsible for > configuring them. > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary information which > may be legally privileged. It is intended only for the named recipient(s). > If an addressing or transmission error has misdirected the email, please > notify the author by replying to this message. If you are not the named > recipient, you are not authorized to use, disclose, distribute, copy, print > or rely on this email, and should immediately delete it from your computer. > > > -Original Message- > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 12:33 PM > To: [EMAIL PROTECTED] > Subject: RE: Please Help - CIDR - How the bits work [7:75050] > > Reimer, Fred wrote: > >>No offense, but this is CCNA material. > > > Do they still teach classful for CCNA, though? Perhaps the only thing that's > hard for him is that 192.168.24.0 has a mask of 255.255.255.0 in a classful > system. Moving the prefix over to the left of that classful boundary isn't > something they teach for CCNA yet. (They will soon. The new Networking > Academy books teach it from the start now.) > > Priscilla > > >>If you are going for >>your CCNP, then >>you should already have your CCNA and know the answer. But >>anyway... >> >>If you need a network with 400 hosts, the smallest subnet would >>have a /23 >>mask. So take the first part of your given network and assign >>it to that: >> >>192.168.24.0/23 (192.168.24.0-192.168.25.255) >> >>Then you need one with 200 hosts. Well, that could fit within >>a /24 subnet, >>so assign the next available to that: >> >>192.168.26.0/24 (192.168.26.0-192.168.26.255) >> >>Now you only have 192.168.27.0/24 left from the original >>192.168.24.0/23 >>(which covered 192.168.24.0-192.168.27.255). You need two >>50's, so that >>should fit within /26 subnets each. Assign them: >> >>192.168.27.0/26 (192.168.27.0-192.168.27.63) >>192.168.27.64/26 (192.168.27.64-192.168.27.191) >> >>Finally, you need three subnets that can have two hosts each, >>which would >>fit within /30 subnets. So assign: >> >>192.168.27.192/30 >>192.168.27.196/30 >>192.168.27.200/30 >> >> >>Fred Reimer - CCNA >> >> >>Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA >>30338 >>Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 >> >> >>NOTICE; This email contains confidential or proprietary >>information which >>may be legally privileged. It is intended only for the named >>recipient(s). >>If an addressing or transmission error has misdirected the >>email, please >>notify the author by replying to this message. If you are not >>the named >>recipient, you are not authorized to use, disclose, distribute, >>copy, print >>or rely on this email, and should immediately delete it from >>your computer. >> >> >>-Original Message- >>From: Steven Aiello [mailto:[EMAIL PROTECTED] >>Sent: Tuesday, September 09, 2003 8:02 AM >>To: [EMAIL PROTECTED] >>Subject: Please Help - CIDR - How the bits work [7:75050] >> >>I just started my routing class for my CCNP. We are covering >>CIDR. The >>book is VEERY vague on how the bit patterns break down and >>are used. >> >> >>This was a problem posed in one of my CCNP labs >> >>I have network number >> >>192.168.24.0 / 22 >> >>from this I need >>networks with >> >>400 hosts
RE: Please Help - CIDR - How the bits work [7:75050]
BLIMEY !!! this is getting a little heated L+G`s . i personally believe that when i got my CCNA if i had been asked to configure BGP (even Basic) on an internet connecting router for a small-medium sized company...i would have run away screaming... Ask yourselfs this there are three grade`s of Certifications at cisco Associate Profesisional Expert from a company manager`s point-of-view (no offence fred) Whom would you prefer be touching your internet facing router ... yes i am aware that to most of us they don`t mean tuppence (i.e howard/pris) but the plan truth is people NOT in the know rely on the badges >From: "Howard C. Berkowitz" >Reply-To: "Howard C. Berkowitz" >To: [EMAIL PROTECTED] >Subject: RE: Please Help - CIDR - How the bits work [7:75050] >Date: Wed, 10 Sep 2003 03:36:57 GMT > >At 11:32 PM + 9/9/03, Priscilla Oppenheimer wrote: > >Dom wrote: > >> > >> And one last point, No LAN is an island, why two IG(P) > >> protocols and no > >> EG(P) protocol? > >> > >> A NA should at least a some understanding of how to connect to > >> the > >> outside world - when to use BGP and when not to. > > > >Default routing. Wouldn't we all be better off if CCNAs would stay away >from > >BGP?? :-) > > > >Priscilla > >When fingerpointing in quite a number of external connectivity >problems, I have often found de fault is due to the lack of default. >Cisco hardly helps this by discriminating against static and default >routes in the CCIE lab. >**Please support GroupStudy by purchasing from the GroupStudy Store: >http://shop.groupstudy.com >FAQ, list archives, and subscription info: >http://www.groupstudy.com/list/cisco.html _ Tired of 56k? Get a FREE BT Broadband connection http://www.msn.co.uk/specials/btbroadband Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75166&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
No offense, but this is CCNA material. If you are going for your CCNP, then you should already have your CCNA and know the answer. But anyway... If you need a network with 400 hosts, the smallest subnet would have a /23 mask. So take the first part of your given network and assign it to that: 192.168.24.0/23 (192.168.24.0-192.168.25.255) Then you need one with 200 hosts. Well, that could fit within a /24 subnet, so assign the next available to that: 192.168.26.0/24 (192.168.26.0-192.168.26.255) Now you only have 192.168.27.0/24 left from the original 192.168.24.0/23 (which covered 192.168.24.0-192.168.27.255). You need two 50's, so that should fit within /26 subnets each. Assign them: 192.168.27.0/26 (192.168.27.0-192.168.27.63) 192.168.27.64/26 (192.168.27.64-192.168.27.191) Finally, you need three subnets that can have two hosts each, which would fit within /30 subnets. So assign: 192.168.27.192/30 192.168.27.196/30 192.168.27.200/30 Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Steven Aiello [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 8:02 AM To: [EMAIL PROTECTED] Subject: Please Help - CIDR - How the bits work [7:75050] I just started my routing class for my CCNP. We are covering CIDR. The book is VEERY vague on how the bit patterns break down and are used. This was a problem posed in one of my CCNP labs I have network number 192.168.24.0 / 22 from this I need networks with 400 hosts 200 hosts 50 hosts 50 hosts 2 hosts (for serial int - no ip un-numbered allowed ) 2 hosts 2 hosts Also no NATing Thanks all I really could use the help Steve **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html This email has been scanned for all viruses by the MessageLabs Email Security System. For more information on a proactive email security service working around the clock, around the globe, visit http://www.messagelabs.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75164&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
>Oh, and while I'm on the subject - why EIGRP? This is a proprietary >Cisco Protocol. OK, I believe that Juniper may have implemented it, but >to the best of my knowledge no one else has. Can we say account control? EIGRP is somewhat less resource intensive than link state protocols under some circumstances, and may be more tolerant of certain errors. Since AppleTalk and IPX have been deemphasized, it's harder and harder to justify. Yes, it's topologically more flexible than OSPF and ISIS, but that, IMHO, is not necessarily a good thing for someone who doesn't really understand when not to use hierarchical topology. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75152&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
At 11:32 PM + 9/9/03, Priscilla Oppenheimer wrote: >Dom wrote: >> >> And one last point, No LAN is an island, why two IG(P) >> protocols and no >> EG(P) protocol? >> >> A NA should at least a some understanding of how to connect to >> the >> outside world - when to use BGP and when not to. > >Default routing. Wouldn't we all be better off if CCNAs would stay away from >BGP?? :-) > >Priscilla When fingerpointing in quite a number of external connectivity problems, I have often found de fault is due to the lack of default. Cisco hardly helps this by discriminating against static and default routes in the CCIE lab. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75153&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
At 10:36 PM + 9/9/03, Dom wrote: >Fred, check out the archives for Howard's piece on the difference >between 'Rocket Science' and 'BGP' when at NASA. > >Best regards, > >Dom Stocqueler >SysDom Technologies >Visit our website - www.sysdom.org Seriously, I've fought a battle for many years with Cisco Training. I believe the fundamental problem they _create_ is insisting on teaching classful and dotted decimal notation first. When I've given private classes -- ICRC, the older RSC, etc. -- I always began discussing addressing in binary, got people used to the idea of prefix length, then introduced dotted decimal as a means of representation, and then introduced classful addressing as a historic concept. Students were always able to go right into classless routing without any trouble. There are some nice examples in RFC 1878. RFCs 1517-1520 give the main background, although there are some earlier papers on "supernetting". With all mercenary disclaimers, I also recommend my book, _Designing Addressing Architectures for Routing and Switching_, and my recent IPv4/IPv6 tutorial on Certification Zone. >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of >Reimer, Fred >Sent: 09 September 2003 22:03 >To: [EMAIL PROTECTED] >Subject: RE: Please Help - CIDR - How the bits work [7:75050] > > >I guess my expectation and Cisco's, or at least their current >expectations as listed on their web site, don't match then. By my >definition a beginner should know about CIDR, EIGRP, and OSPF. It's not >like they are inherently difficult to understand. People tend to make >it sound like rocket science or voodoo magic. It's just a routing >protocol folks. > >Fred Reimer - CCNA > >-Original Message- >From: "Chuck Whose Road is Ever Shorter" [mailto:[EMAIL PROTECTED] >Sent: Tuesday, September 09, 2003 3:56 PM >To: [EMAIL PROTECTED] >Subject: Re: Please Help - CIDR - How the bits work [7:75050] > >""Reimer, Fred"" wrote in message >news:[EMAIL PROTECTED] >> May be I had advanced access to the new NA material then ;-) In my >> view, >a >> NA should be able to handle basic RIP, OSPF, EIGRP in a small to >> medium sized network. That would certainly include CIDR. A NP, IMO, >> would be >for >> advanced RIP, OSPF, EIGRP, and basic BGP, like for configuring a >> mid-large sized network for connection to the Internet including >> minimal BGP. IE, IMO, is for ISP engineers that have to deal with >> extensive IS-IS, BGP >using >> all options, etc, and large to huge (global) networks. Historically, the R&S CCIE has been aimed at large, or medium to large, enterprises. It doesn't begin to explore real-world BGP. > > >> May be I'm just expecting too much, but if you don't understand CIDR >> you shouldn't be allowed anywhere near a router, let alone be >> responsible for configuring them. > > >with all due respect, I disagree. CCNA is promoted by Cisco as being >someone capable of designing and configuring a small network. > >http://www.cisco.com/en/US/learning/le3/le2/le0/le9/learning_certificati >on_t >ype_home.html > >"The CCNA certification (Cisco Certified Network Associate) indicates a >foundation in and apprentice knowledge of networking. CCNA certified >professionals can install, configure, and operate LAN, WAN, and dial >access services for small networks (100 nodes or fewer), including but >not limited to use of these protocols: IP, IGRP, Serial, Frame Relay, IP >RIP, VLANs, RIP, Ethernet, Access Lists." > >my experience has been that small nets have less if any need for CIDR >knowledge or expertise. > >Cisco has over the past couple of years been slowly upping the ante, and >I wish Cisco would get clear as to what skill sets are appropriate at >what certification level. Cisco tends to be all over the map on this, >and has been the netire time I have been playing at certification. But >in general, I believe the idea is that CCxA is beginner, CCxP is >intermediate, and CCIE is high level. > >as with all things certification related, YMMV. I've known CCNA's who >manage large networks, and I've known CCIE's whose knowledge of certain >specific areas was less than expert. As can be expected, depending on >experience, job, place of employment, years in the field, etc. > >Chuck > > >> >> Fred Reimer - CCNA >> >> >> Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 >> Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 >> >> >>
Re: Please Help - CIDR - How the bits work [7:75050]
No, the new curriculum recognizes the subnet zero command. Prof. Tom Lisa, CCAI Community College of Southern Nevada Cisco ATC/Regional Networking Academy "Cunctando restituit rem" Daniel Cotts wrote: > Tom, > In the old CCNA books if a question came up about how many subnets could be > formed from a block - the all zeros and all ones subnets were not counted. > Does this still hold with the new curriculum? > > > -Original Message- > > From: Tom Lisa [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, September 09, 2003 3:54 PM > > To: [EMAIL PROTECTED] > > Subject: Re: Please Help - CIDR - How the bits work [7:75050] > > > > > > We are now teaching VLSM/CIDR in the CCNA curriculum. > > > > Prof. Tom Lisa, CCAI > > Community College of Southern Nevada > > Cisco ATC/Regional Networking Academy > > "Cunctando restituit rem" > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75149&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
Tom, In the old CCNA books if a question came up about how many subnets could be formed from a block - the all zeros and all ones subnets were not counted. Does this still hold with the new curriculum? > -Original Message- > From: Tom Lisa [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 3:54 PM > To: [EMAIL PROTECTED] > Subject: Re: Please Help - CIDR - How the bits work [7:75050] > > > We are now teaching VLSM/CIDR in the CCNA curriculum. > > Prof. Tom Lisa, CCAI > Community College of Southern Nevada > Cisco ATC/Regional Networking Academy > "Cunctando restituit rem" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75142&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
Priscilla, As much as I respect your great knowledge I must disagree. If CCNAs had some small amount of understanding of BGP (and I mean small) they would stop asking about registered AS numbers etc when trying to set up so-called resilient connections, usually to/from the same providers. Can we not tell them that it is grown up stuff and they will learn ***more*** about it later - Just give them an overview. Just my 0.02 GPBs Dom -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: 10 September 2003 00:32 To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] Dom wrote: > > And one last point, No LAN is an island, why two IG(P) protocols and > no > EG(P) protocol? > > A NA should at least a some understanding of how to connect to the > outside world - when to use BGP and when not to. Default routing. Wouldn't we all be better off if CCNAs would stay away from BGP?? :-) Priscilla > > Sorry Fred, not having a go at you personally, but these are points we > all need to think about. > > Best regards, > > Dom Stocqueler > SysDom Technologies > Visit our website - www.sysdom.org > > > -Original Message- > From: Dom [mailto:[EMAIL PROTECTED] > Sent: 09 September 2003 23:37 > To: 'Reimer, Fred'; '[EMAIL PROTECTED]' > Subject: RE: Please Help - CIDR - How the bits work [7:75050] > > > Oh, and while I'm on the subject - why EIGRP? This is a proprietary > Cisco Protocol. OK, I believe that Juniper may have implemented > it, but > to the best of my knowledge no one else has. > > Best regards, > > Dom Stocqueler > SysDom Technologies > Visit our website - www.sysdom.org > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf > Of Reimer, Fred > Sent: 09 September 2003 22:03 > To: [EMAIL PROTECTED] > Subject: RE: Please Help - CIDR - How the bits work [7:75050] > > > I guess my expectation and Cisco's, or at least their current > expectations as listed on their web site, don't match then. By my > definition a beginner should know about CIDR, EIGRP, and OSPF. > It's not > like they are inherently difficult to understand. People tend > to make > it sound like rocket science or voodoo magic. It's just a > routing > protocol folks. > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary information > which may be legally privileged. It is intended only for the > named > recipient(s). If an addressing or transmission error has > misdirected the > email, please notify the author by replying to this message. If > you are > not the named recipient, you are not authorized to use, > disclose, > distribute, copy, print or rely on this email, and should > immediately > delete it from your computer. > > > -Original Message- > From: "Chuck Whose Road is Ever Shorter" > [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 3:56 PM > To: [EMAIL PROTECTED] > Subject: Re: Please Help - CIDR - How the bits work [7:75050] > > ""Reimer, Fred"" wrote in message > news:[EMAIL PROTECTED] > > May be I had advanced access to the new NA material then ;-) > In my > > view, > a > > NA should be able to handle basic RIP, OSPF, EIGRP in a small > to > > medium sized network. That would certainly include CIDR. A > NP, IMO, > > would be > for > > advanced RIP, OSPF, EIGRP, and basic BGP, like for > configuring a > > mid-large sized network for connection to the Internet > including > > minimal BGP. IE, IMO, is for ISP engineers that have to deal > with > > extensive IS-IS, BGP > using > > all options, etc, and large to huge (global) networks. > > > > May be I'm just expecting too much, but if you don't > understand CIDR > > you shouldn't be allowed anywhere near a router, let alone be > > responsible for configuring them. > > > with all due respect, I disagree. CCNA is promoted by Cisco as being > someone capable of designing and configuring a small network. > > http://www.cisco.com/en/US/learning/le3/le2/le0/le9/learning_certifica > ti > on_t > ype_home.html > > "The CCNA certification (Cisco Certified Network Associate) indicates > a foundation in and apprentice knowledge of networking. CCNA > certified > professionals can install, configure, and operate LAN, WAN, and > dial > access services for small networks (10
RE: Please Help - CIDR - How the bits work [7:75050]
Dom wrote: > > And one last point, No LAN is an island, why two IG(P) > protocols and no > EG(P) protocol? > > A NA should at least a some understanding of how to connect to > the > outside world - when to use BGP and when not to. Default routing. Wouldn't we all be better off if CCNAs would stay away from BGP?? :-) Priscilla > > Sorry Fred, not having a go at you personally, but these are > points we > all need to think about. > > Best regards, > > Dom Stocqueler > SysDom Technologies > Visit our website - www.sysdom.org > > > -Original Message- > From: Dom [mailto:[EMAIL PROTECTED] > Sent: 09 September 2003 23:37 > To: 'Reimer, Fred'; '[EMAIL PROTECTED]' > Subject: RE: Please Help - CIDR - How the bits work [7:75050] > > > Oh, and while I'm on the subject - why EIGRP? This is a > proprietary > Cisco Protocol. OK, I believe that Juniper may have implemented > it, but > to the best of my knowledge no one else has. > > Best regards, > > Dom Stocqueler > SysDom Technologies > Visit our website - www.sysdom.org > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of > Reimer, Fred > Sent: 09 September 2003 22:03 > To: [EMAIL PROTECTED] > Subject: RE: Please Help - CIDR - How the bits work [7:75050] > > > I guess my expectation and Cisco's, or at least their current > expectations as listed on their web site, don't match then. By > my > definition a beginner should know about CIDR, EIGRP, and OSPF. > It's not > like they are inherently difficult to understand. People tend > to make > it sound like rocket science or voodoo magic. It's just a > routing > protocol folks. > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA > 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary > information > which may be legally privileged. It is intended only for the > named > recipient(s). If an addressing or transmission error has > misdirected the > email, please notify the author by replying to this message. If > you are > not the named recipient, you are not authorized to use, > disclose, > distribute, copy, print or rely on this email, and should > immediately > delete it from your computer. > > > -Original Message- > From: "Chuck Whose Road is Ever Shorter" > [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 3:56 PM > To: [EMAIL PROTECTED] > Subject: Re: Please Help - CIDR - How the bits work [7:75050] > > ""Reimer, Fred"" wrote in message > news:[EMAIL PROTECTED] > > May be I had advanced access to the new NA material then ;-) > In my > > view, > a > > NA should be able to handle basic RIP, OSPF, EIGRP in a small > to > > medium sized network. That would certainly include CIDR. A > NP, IMO, > > would be > for > > advanced RIP, OSPF, EIGRP, and basic BGP, like for > configuring a > > mid-large sized network for connection to the Internet > including > > minimal BGP. IE, IMO, is for ISP engineers that have to deal > with > > extensive IS-IS, BGP > using > > all options, etc, and large to huge (global) networks. > > > > May be I'm just expecting too much, but if you don't > understand CIDR > > you shouldn't be allowed anywhere near a router, let alone be > > responsible for configuring them. > > > with all due respect, I disagree. CCNA is promoted by Cisco as > being > someone capable of designing and configuring a small network. > > http://www.cisco.com/en/US/learning/le3/le2/le0/le9/learning_certificati > on_t > ype_home.html > > "The CCNA certification (Cisco Certified Network Associate) > indicates a > foundation in and apprentice knowledge of networking. CCNA > certified > professionals can install, configure, and operate LAN, WAN, and > dial > access services for small networks (100 nodes or fewer), > including but > not limited to use of these protocols: IP, IGRP, Serial, Frame > Relay, IP > RIP, VLANs, RIP, Ethernet, Access Lists." > > my experience has been that small nets have less if any need > for CIDR > knowledge or expertise. > > Cisco has over the past couple of years been slowly upping the > ante, and > I wish Cisco would get clear as to what skill sets are > appropriate at > what certification level. Cisco tends to be all over the map on > this, > and has been the netire time I have been playing
RE: Please Help - CIDR - How the bits work [7:75050]
And one last point, No LAN is an island, why two IG(P) protocols and no EG(P) protocol? A NA should at least a some understanding of how to connect to the outside world - when to use BGP and when not to. Sorry Fred, not having a go at you personally, but these are points we all need to think about. Best regards, Dom Stocqueler SysDom Technologies Visit our website - www.sysdom.org -Original Message- From: Dom [mailto:[EMAIL PROTECTED] Sent: 09 September 2003 23:37 To: 'Reimer, Fred'; '[EMAIL PROTECTED]' Subject: RE: Please Help - CIDR - How the bits work [7:75050] Oh, and while I'm on the subject - why EIGRP? This is a proprietary Cisco Protocol. OK, I believe that Juniper may have implemented it, but to the best of my knowledge no one else has. Best regards, Dom Stocqueler SysDom Technologies Visit our website - www.sysdom.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: 09 September 2003 22:03 To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] I guess my expectation and Cisco's, or at least their current expectations as listed on their web site, don't match then. By my definition a beginner should know about CIDR, EIGRP, and OSPF. It's not like they are inherently difficult to understand. People tend to make it sound like rocket science or voodoo magic. It's just a routing protocol folks. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: "Chuck Whose Road is Ever Shorter" [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 3:56 PM To: [EMAIL PROTECTED] Subject: Re: Please Help - CIDR - How the bits work [7:75050] ""Reimer, Fred"" wrote in message news:[EMAIL PROTECTED] > May be I had advanced access to the new NA material then ;-) In my > view, a > NA should be able to handle basic RIP, OSPF, EIGRP in a small to > medium sized network. That would certainly include CIDR. A NP, IMO, > would be for > advanced RIP, OSPF, EIGRP, and basic BGP, like for configuring a > mid-large sized network for connection to the Internet including > minimal BGP. IE, IMO, is for ISP engineers that have to deal with > extensive IS-IS, BGP using > all options, etc, and large to huge (global) networks. > > May be I'm just expecting too much, but if you don't understand CIDR > you shouldn't be allowed anywhere near a router, let alone be > responsible for configuring them. with all due respect, I disagree. CCNA is promoted by Cisco as being someone capable of designing and configuring a small network. http://www.cisco.com/en/US/learning/le3/le2/le0/le9/learning_certificati on_t ype_home.html "The CCNA certification (Cisco Certified Network Associate) indicates a foundation in and apprentice knowledge of networking. CCNA certified professionals can install, configure, and operate LAN, WAN, and dial access services for small networks (100 nodes or fewer), including but not limited to use of these protocols: IP, IGRP, Serial, Frame Relay, IP RIP, VLANs, RIP, Ethernet, Access Lists." my experience has been that small nets have less if any need for CIDR knowledge or expertise. Cisco has over the past couple of years been slowly upping the ante, and I wish Cisco would get clear as to what skill sets are appropriate at what certification level. Cisco tends to be all over the map on this, and has been the netire time I have been playing at certification. But in general, I believe the idea is that CCxA is beginner, CCxP is intermediate, and CCIE is high level. as with all things certification related, YMMV. I've known CCNA's who manage large networks, and I've known CCIE's whose knowledge of certain specific areas was less than expert. As can be expected, depending on experience, job, place of employment, years in the field, etc. Chuck > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary information > which may be legally privileged. It is intended only for the named > recipient(s). If an addressing or transmission error has misdirected > the email
Re: Please Help - CIDR - How the bits work What I figured out [7:75129]
Another way to look at it is that you have one long contiguous line of addresses that you need to break up into different size groups that must also be contiguous. For example: 192.168.1.0 /24 Assume we need three networks (nets a&b) with 40 hosts, two networks (nets c&d) with 25 hosts, and 3 networks (nets e,f,&g) with 12 hosts. Our available subnet area is 192.168.1.0 - 192.168.1.255 Shown graphically (hope this doesn't get munged in transmission; if so copy and paste into word using fixed width and 10). .0 .255 /24: |---| .128 /25: |-|-| .64 .192 /26: |-|---|---|-| (a)( b) .160 .224 /27: |-|---|-|-|--|--| (c) (d) .208 .240 /28: |-|---|-|-|-|||-| (e) (f) (g) >From this we can see that Subnet blocks 192.168.1.0 & .64 are used for nets a & b. Blocks .128 & .160 are used for nets c & d, while blocks .192, 208 & 224 are used for nets e, f, & g. This leaves one block, .240 for future use or to further subnet for /30's to address serial links. By looking at it visually, there isn't any danger of overlapping previously assigned blocks. It also shows us where supernetting will occur so we can properly assign the blocks for easy aggregation. Since the blocks must be recombined for supernetting in the same manner they were subnetted, we can see that nets a & b could be put on one router and we would only advertise a /25 (192.168.1.0) upstream. Likewise, blocks .128 & .160 could be on a second router and advertised as a /26 (192.168.1.128). We can also see that we couldn't put nets a-d on the same router and advertise as a /25 because they don't all come from the same /25 block. We would have to use two advertisements, a /25 & /26, if they were on the same router. The same method can be used for address ranges that cross octet boundries: 172.16.0.0 /16 0.0 255.255 /16: |---| 128.0 /17: |---|---| and so on. I find showing it visually to my students makes understanding a lot easier. HTH, Prof. Tom Lisa, CCAI Community College of Southern Nevada Cisco ATC/Regional Networking Academy "Cunctando restituit rem" John Neiberger wrote: > The key is that you must completely unlearn classful thinking. Forget > that > you ever learned it. Completely ignore any prior classful subnet > boundaries > that you were forced to memorize. It's all just one big IP address > space > that you choose to carve up any way you like. As long as you do it > correctly > and don't have any overlap the subnetting scheme is up to you. > > Another helpful tip: don't ever use classful terminology any more! > Don't say > "Class A" to refer to an 8-bit prefix or subnet mask; don't say "Class > C" to > refer to a 24-bit mask, or /24. That will help move your brain away > from > that type of thinking. > > Think of your address space as a big pie, and each time you cut a > segment in > half you're adding one more bit to the subnet mask. Here's an example: > > You start with 10.20.30.0/24 (255.255.255.0) and we'll think of that > as a > whole pie. You don't need that many addresses in your subnet so you > decide > to break it up into smaller pieces. What do you do? Cut your pie in > half > (draw this out, it helps!). > > Your pie now has two halves and these represent two subnets with /25 > masks > with no overlap. Let's say you want to further subnet one of those > subnets. > Cut it in half again! You now have a /25 and two /26s with no overlap. > If > you further cut one of those /26 subnets into two pieces you have two > /27s. > See how easy that is? > > Draw this out on paper and write down your subnet information as you > go, > like this: > > 10.20.30.0/24 (10.20.30.0-255) becomes > 10.20.30.0/25 (10.20.30.0-127) and 10.20.30.128/25 (10.20.30.128-255) > 10.20.30.128/25 further subnetted becomes 10.20.30.128/26 > (10.20.30.128-191) > and 10.20.30.192/26 (10.20.30.192-255) > > And so on... practice it this way for a while and after a short time > it > will be second nature for you to subnet existing networks without > accidentally overlapping them. > > HTH, > John > > >>> Steven Aiello 9/9/03 12:03:06 PM >>> > I was stuck on the idea that you could ONLY re subnet a remaining > piece > of a subnetwork. And not apply a
Re: Please Help - CIDR - How the bits work What I figured out [7:75127]
Another way to look at it is that you have one long contiguous line of addresses that you need to break up into different size groups that must also be contiguous. For example: 192.168.1.0 /24 Assume we need three networks (nets a&b) with 40 hosts, two networks (nets c&d) with 25 hosts, and 3 networks (nets e,f,&g) with 12 hosts. Our available subnet area is 192.168.1.0 - 192.168.1.255 Shown graphically (hope this doesn't get munged in transmission; if so copy and paste into word using fixed width and 10). .0 .255 /24: |---| .128 /25: |-|-| .64 .192 /26: |-|---|---|-| (a)( b) .160 .224 /27: |-|---|-|-|--|--| (c) (d) .208 .240 /28: |-|---|-|-|-|||-| (e) (f) (g) >From this we can see that Subnet blocks 192.168.1.0 & .64 are used for nets a & b. Blocks .128 & .160 are used for nets c & d, while blocks .192, 208 & 224 are used for nets e, f, & g. This leaves one block, .240 for future use or to further subnet for /30's to address serial links. By looking at it visually, there isn't any danger of overlapping previously assigned blocks. It also shows us where supernetting will occur so we can properly assign the blocks for easy aggregation. Since the blocks must be recombined for supernetting in the same manner they were subnetted, we can see that nets a & b could be put on one router and we would only advertise a /25 (192.168.1.0) upstream. Likewise, blocks .128 & .160 could be on a second router and advertised as a /26 (192.168.1.128). We can also see that we couldn't put nets a-d on the same router and advertise as a /25 because they don't all come from the same /25 block. We would have to use two advertisements, a /25 & /26, if they were on the same router. The same method can be used for address ranges that cross octet boundries: 172.16.0.0 /16 0.0 255.255 /16: |---| 128.0 /17: |---|---| and so on. I find showing it visually to my students makes understanding a lot easier. HTH, Prof. Tom Lisa, CCAI Community College of Southern Nevada Cisco ATC/Regional Networking Academy "Cunctando restituit rem" John Neiberger wrote: The key is that you must completely unlearn classful thinking. Forget that you ever learned it. Completely ignore any prior classful subnet boundaries that you were forced to memorize. It's all just one big IP address space that you choose to carve up any way you like. As long as you do it correctly and don't have any overlap the subnetting scheme is up to you. Another helpful tip: don't ever use classful terminology any more! Don't say "Class A" to refer to an 8-bit prefix or subnet mask; don't say "Class C" to refer to a 24-bit mask, or /24. That will help move your brain away from that type of thinking. Think of your address space as a big pie, and each time you cut a segment in half you're adding one more bit to the subnet mask. Here's an example: You start with 10.20.30.0/24 (255.255.255.0) and we'll think of that as a whole pie. You don't need that many addresses in your subnet so you decide to break it up into smaller pieces. What do you do? Cut your pie in half (draw this out, it helps!). Your pie now has two halves and these represent two subnets with /25 masks with no overlap. Let's say you want to further subnet one of those subnets. Cut it in half again! You now have a /25 and two /26s with no overlap. If you further cut one of those /26 subnets into two pieces you have two /27s. See how easy that is? Draw this out on paper and write down your subnet information as you go, like this: 10.20.30.0/24 (10.20.30.0-255) becomes 10.20.30.0/25 (10.20.30.0-127) and 10.20.30.128/25 (10.20.30.128-255) 10.20.30.128/25 further subnetted becomes 10.20.30.128/26 (10.20.30.128-191) and 10.20.30.192/26 (10.20.30.192-255) And so on... practice it this way for a while and after a short time it will be second nature for you to subnet existing networks without accidentally overlapping them. HTH, John >>> Steven Aiello 9/9/03 12:03:06 PM >>> I was stuck on the idea that you could ONLY re subnet a remaining piece of a subnetwork. And not apply a mask to the whole span of the total available network. You can (unless I'm incorrect here) you just have to watch out for address over lap neer your subnetwork boundri
RE: Please Help - CIDR - How the bits work [7:75050]
Fred, check out the archives for Howard's piece on the difference between 'Rocket Science' and 'BGP' when at NASA. Best regards, Dom Stocqueler SysDom Technologies Visit our website - www.sysdom.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: 09 September 2003 22:03 To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] I guess my expectation and Cisco's, or at least their current expectations as listed on their web site, don't match then. By my definition a beginner should know about CIDR, EIGRP, and OSPF. It's not like they are inherently difficult to understand. People tend to make it sound like rocket science or voodoo magic. It's just a routing protocol folks. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: "Chuck Whose Road is Ever Shorter" [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 3:56 PM To: [EMAIL PROTECTED] Subject: Re: Please Help - CIDR - How the bits work [7:75050] ""Reimer, Fred"" wrote in message news:[EMAIL PROTECTED] > May be I had advanced access to the new NA material then ;-) In my > view, a > NA should be able to handle basic RIP, OSPF, EIGRP in a small to > medium sized network. That would certainly include CIDR. A NP, IMO, > would be for > advanced RIP, OSPF, EIGRP, and basic BGP, like for configuring a > mid-large sized network for connection to the Internet including > minimal BGP. IE, IMO, is for ISP engineers that have to deal with > extensive IS-IS, BGP using > all options, etc, and large to huge (global) networks. > > May be I'm just expecting too much, but if you don't understand CIDR > you shouldn't be allowed anywhere near a router, let alone be > responsible for configuring them. with all due respect, I disagree. CCNA is promoted by Cisco as being someone capable of designing and configuring a small network. http://www.cisco.com/en/US/learning/le3/le2/le0/le9/learning_certificati on_t ype_home.html "The CCNA certification (Cisco Certified Network Associate) indicates a foundation in and apprentice knowledge of networking. CCNA certified professionals can install, configure, and operate LAN, WAN, and dial access services for small networks (100 nodes or fewer), including but not limited to use of these protocols: IP, IGRP, Serial, Frame Relay, IP RIP, VLANs, RIP, Ethernet, Access Lists." my experience has been that small nets have less if any need for CIDR knowledge or expertise. Cisco has over the past couple of years been slowly upping the ante, and I wish Cisco would get clear as to what skill sets are appropriate at what certification level. Cisco tends to be all over the map on this, and has been the netire time I have been playing at certification. But in general, I believe the idea is that CCxA is beginner, CCxP is intermediate, and CCIE is high level. as with all things certification related, YMMV. I've known CCNA's who manage large networks, and I've known CCIE's whose knowledge of certain specific areas was less than expert. As can be expected, depending on experience, job, place of employment, years in the field, etc. Chuck > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary information > which may be legally privileged. It is intended only for the named > recipient(s). If an addressing or transmission error has misdirected > the email, please notify the author by replying to this message. If > you are not the named recipient, you are not authorized to use, > disclose, distribute, copy, print > or rely on this email, and should immediately delete it from your computer. > > > -Original Message- > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 12:33 PM > To: [EMAIL PROTECTED] > Subject: RE: Please Help - CIDR - How the bits work [7:75050] > > Reimer, Fred wrote: > > > > No offense, but this is CCNA material. > > Do they still teach classful for CCNA, though? Perhaps the only thing
RE: Please Help - CIDR - How the bits work [7:75050]
Oh, and while I'm on the subject - why EIGRP? This is a proprietary Cisco Protocol. OK, I believe that Juniper may have implemented it, but to the best of my knowledge no one else has. Best regards, Dom Stocqueler SysDom Technologies Visit our website - www.sysdom.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Reimer, Fred Sent: 09 September 2003 22:03 To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] I guess my expectation and Cisco's, or at least their current expectations as listed on their web site, don't match then. By my definition a beginner should know about CIDR, EIGRP, and OSPF. It's not like they are inherently difficult to understand. People tend to make it sound like rocket science or voodoo magic. It's just a routing protocol folks. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: "Chuck Whose Road is Ever Shorter" [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 3:56 PM To: [EMAIL PROTECTED] Subject: Re: Please Help - CIDR - How the bits work [7:75050] ""Reimer, Fred"" wrote in message news:[EMAIL PROTECTED] > May be I had advanced access to the new NA material then ;-) In my > view, a > NA should be able to handle basic RIP, OSPF, EIGRP in a small to > medium sized network. That would certainly include CIDR. A NP, IMO, > would be for > advanced RIP, OSPF, EIGRP, and basic BGP, like for configuring a > mid-large sized network for connection to the Internet including > minimal BGP. IE, IMO, is for ISP engineers that have to deal with > extensive IS-IS, BGP using > all options, etc, and large to huge (global) networks. > > May be I'm just expecting too much, but if you don't understand CIDR > you shouldn't be allowed anywhere near a router, let alone be > responsible for configuring them. with all due respect, I disagree. CCNA is promoted by Cisco as being someone capable of designing and configuring a small network. http://www.cisco.com/en/US/learning/le3/le2/le0/le9/learning_certificati on_t ype_home.html "The CCNA certification (Cisco Certified Network Associate) indicates a foundation in and apprentice knowledge of networking. CCNA certified professionals can install, configure, and operate LAN, WAN, and dial access services for small networks (100 nodes or fewer), including but not limited to use of these protocols: IP, IGRP, Serial, Frame Relay, IP RIP, VLANs, RIP, Ethernet, Access Lists." my experience has been that small nets have less if any need for CIDR knowledge or expertise. Cisco has over the past couple of years been slowly upping the ante, and I wish Cisco would get clear as to what skill sets are appropriate at what certification level. Cisco tends to be all over the map on this, and has been the netire time I have been playing at certification. But in general, I believe the idea is that CCxA is beginner, CCxP is intermediate, and CCIE is high level. as with all things certification related, YMMV. I've known CCNA's who manage large networks, and I've known CCIE's whose knowledge of certain specific areas was less than expert. As can be expected, depending on experience, job, place of employment, years in the field, etc. Chuck > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary information > which may be legally privileged. It is intended only for the named > recipient(s). If an addressing or transmission error has misdirected > the email, please notify the author by replying to this message. If > you are not the named recipient, you are not authorized to use, > disclose, distribute, copy, print > or rely on this email, and should immediately delete it from your computer. > > > -Original Message- > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 12:33 PM > To: [EMAIL PROTECTED] > Subject: RE: Please Help - CIDR - How the bits work [7:75050] > > Reimer, Fred wrote: > > > > No offense, but this is CCNA material. > > Do they still tea
RE: Please Help - CIDR - How the bits work [7:75050]
I guess my expectation and Cisco's, or at least their current expectations as listed on their web site, don't match then. By my definition a beginner should know about CIDR, EIGRP, and OSPF. It's not like they are inherently difficult to understand. People tend to make it sound like rocket science or voodoo magic. It's just a routing protocol folks. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: "Chuck Whose Road is Ever Shorter" [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 3:56 PM To: [EMAIL PROTECTED] Subject: Re: Please Help - CIDR - How the bits work [7:75050] ""Reimer, Fred"" wrote in message news:[EMAIL PROTECTED] > May be I had advanced access to the new NA material then ;-) In my view, a > NA should be able to handle basic RIP, OSPF, EIGRP in a small to medium > sized network. That would certainly include CIDR. A NP, IMO, would be for > advanced RIP, OSPF, EIGRP, and basic BGP, like for configuring a mid-large > sized network for connection to the Internet including minimal BGP. IE, > IMO, is for ISP engineers that have to deal with extensive IS-IS, BGP using > all options, etc, and large to huge (global) networks. > > May be I'm just expecting too much, but if you don't understand CIDR you > shouldn't be allowed anywhere near a router, let alone be responsible for > configuring them. with all due respect, I disagree. CCNA is promoted by Cisco as being someone capable of designing and configuring a small network. http://www.cisco.com/en/US/learning/le3/le2/le0/le9/learning_certification_t ype_home.html "The CCNA certification (Cisco Certified Network Associate) indicates a foundation in and apprentice knowledge of networking. CCNA certified professionals can install, configure, and operate LAN, WAN, and dial access services for small networks (100 nodes or fewer), including but not limited to use of these protocols: IP, IGRP, Serial, Frame Relay, IP RIP, VLANs, RIP, Ethernet, Access Lists." my experience has been that small nets have less if any need for CIDR knowledge or expertise. Cisco has over the past couple of years been slowly upping the ante, and I wish Cisco would get clear as to what skill sets are appropriate at what certification level. Cisco tends to be all over the map on this, and has been the netire time I have been playing at certification. But in general, I believe the idea is that CCxA is beginner, CCxP is intermediate, and CCIE is high level. as with all things certification related, YMMV. I've known CCNA's who manage large networks, and I've known CCIE's whose knowledge of certain specific areas was less than expert. As can be expected, depending on experience, job, place of employment, years in the field, etc. Chuck > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary information which > may be legally privileged. It is intended only for the named recipient(s). > If an addressing or transmission error has misdirected the email, please > notify the author by replying to this message. If you are not the named > recipient, you are not authorized to use, disclose, distribute, copy, print > or rely on this email, and should immediately delete it from your computer. > > > -Original Message- > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 12:33 PM > To: [EMAIL PROTECTED] > Subject: RE: Please Help - CIDR - How the bits work [7:75050] > > Reimer, Fred wrote: > > > > No offense, but this is CCNA material. > > Do they still teach classful for CCNA, though? Perhaps the only thing that's > hard for him is that 192.168.24.0 has a mask of 255.255.255.0 in a classful > system. Moving the prefix over to the left of that classful boundary isn't > something they teach for CCNA yet. (They will soon. The new Networking > Academy books teach it from the start now.) > > Priscilla > > > If you are going for > > your CCNP, then > > you should already have your CCNA and know the answer. But > > anyway... &
Re: Please Help - CIDR - How the bits work [7:75050]
We are now teaching VLSM/CIDR in the CCNA curriculum. Prof. Tom Lisa, CCAI Community College of Southern Nevada Cisco ATC/Regional Networking Academy "Cunctando restituit rem" Priscilla Oppenheimer wrote: Reimer, Fred wrote: > > No offense, but this is CCNA material. Do they still teach classful for CCNA, though? Perhaps the only thing that's hard for him is that 192.168.24.0 has a mask of 255.255.255.0 in a classful system. Moving the prefix over to the left of that classful boundary isn't something they teach for CCNA yet. (They will soon. The new Networking Academy books teach it from the start now.) Priscilla > If you are going for > your CCNP, then > you should already have your CCNA and know the answer. But > anyway... > > If you need a network with 400 hosts, the smallest subnet would > have a /23 > mask. So take the first part of your given network and assign > it to that: > > 192.168.24.0/23 (192.168.24.0-192.168.25.255) > > Then you need one with 200 hosts. Well, that could fit within > a /24 subnet, > so assign the next available to that: > > 192.168.26.0/24 (192.168.26.0-192.168.26.255) > > Now you only have 192.168.27.0/24 left from the original > 192.168.24.0/23 > (which covered 192.168.24.0-192.168.27.255). You need two > 50's, so that > should fit within /26 subnets each. Assign them: > > 192.168.27.0/26 (192.168.27.0-192.168.27.63) > 192.168.27.64/26 (192.168.27.64-192.168.27.191) > > Finally, you need three subnets that can have two hosts each, > which would > fit within /30 subnets. So assign: > > 192.168.27.192/30 > 192.168.27.196/30 > 192.168.27.200/30 > > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA > 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary > information which > may be legally privileged. It is intended only for the named > recipient(s). > If an addressing or transmission error has misdirected the > email, please > notify the author by replying to this message. If you are not > the named > recipient, you are not authorized to use, disclose, distribute, > copy, print > or rely on this email, and should immediately delete it from > your computer. > > > -Original Message- > From: Steven Aiello [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 8:02 AM > To: [EMAIL PROTECTED] > Subject: Please Help - CIDR - How the bits work [7:75050] > > I just started my routing class for my CCNP. We are covering > CIDR. The > book is VEERY vague on how the bit patterns break down and > are used. > > > This was a problem posed in one of my CCNP labs > > I have network number > > 192.168.24.0 / 22 > > from this I need > networks with > > 400 hosts > 200 hosts > 50 hosts > 50 hosts > 2 hosts (for serial int - no ip un-numbered allowed ) > 2 hosts > 2 hosts > > Also no NATing > > Thanks all I really could use the help > > Steve > **Please support GroupStudy by purchasing from the GroupStudy > Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75118&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Please Help - CIDR - How the bits work [7:75050]
""Reimer, Fred"" wrote in message news:[EMAIL PROTECTED] > May be I had advanced access to the new NA material then ;-) In my view, a > NA should be able to handle basic RIP, OSPF, EIGRP in a small to medium > sized network. That would certainly include CIDR. A NP, IMO, would be for > advanced RIP, OSPF, EIGRP, and basic BGP, like for configuring a mid-large > sized network for connection to the Internet including minimal BGP. IE, > IMO, is for ISP engineers that have to deal with extensive IS-IS, BGP using > all options, etc, and large to huge (global) networks. > > May be I'm just expecting too much, but if you don't understand CIDR you > shouldn't be allowed anywhere near a router, let alone be responsible for > configuring them. with all due respect, I disagree. CCNA is promoted by Cisco as being someone capable of designing and configuring a small network. http://www.cisco.com/en/US/learning/le3/le2/le0/le9/learning_certification_type_home.html "The CCNA certification (Cisco Certified Network Associate) indicates a foundation in and apprentice knowledge of networking. CCNA certified professionals can install, configure, and operate LAN, WAN, and dial access services for small networks (100 nodes or fewer), including but not limited to use of these protocols: IP, IGRP, Serial, Frame Relay, IP RIP, VLANs, RIP, Ethernet, Access Lists." my experience has been that small nets have less if any need for CIDR knowledge or expertise. Cisco has over the past couple of years been slowly upping the ante, and I wish Cisco would get clear as to what skill sets are appropriate at what certification level. Cisco tends to be all over the map on this, and has been the netire time I have been playing at certification. But in general, I believe the idea is that CCxA is beginner, CCxP is intermediate, and CCIE is high level. as with all things certification related, YMMV. I've known CCNA's who manage large networks, and I've known CCIE's whose knowledge of certain specific areas was less than expert. As can be expected, depending on experience, job, place of employment, years in the field, etc. Chuck > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary information which > may be legally privileged. It is intended only for the named recipient(s). > If an addressing or transmission error has misdirected the email, please > notify the author by replying to this message. If you are not the named > recipient, you are not authorized to use, disclose, distribute, copy, print > or rely on this email, and should immediately delete it from your computer. > > > -Original Message----- > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 12:33 PM > To: [EMAIL PROTECTED] > Subject: RE: Please Help - CIDR - How the bits work [7:75050] > > Reimer, Fred wrote: > > > > No offense, but this is CCNA material. > > Do they still teach classful for CCNA, though? Perhaps the only thing that's > hard for him is that 192.168.24.0 has a mask of 255.255.255.0 in a classful > system. Moving the prefix over to the left of that classful boundary isn't > something they teach for CCNA yet. (They will soon. The new Networking > Academy books teach it from the start now.) > > Priscilla > > > If you are going for > > your CCNP, then > > you should already have your CCNA and know the answer. But > > anyway... > > > > If you need a network with 400 hosts, the smallest subnet would > > have a /23 > > mask. So take the first part of your given network and assign > > it to that: > > > > 192.168.24.0/23 (192.168.24.0-192.168.25.255) > > > > Then you need one with 200 hosts. Well, that could fit within > > a /24 subnet, > > so assign the next available to that: > > > > 192.168.26.0/24 (192.168.26.0-192.168.26.255) > > > > Now you only have 192.168.27.0/24 left from the original > > 192.168.24.0/23 > > (which covered 192.168.24.0-192.168.27.255). You need two > > 50's, so that > > should fit within /26 subnets each. Assign them: > > > > 192.168.27.0/26 (192.168.27.0-192.168.27.63) > > 192.168.27.64/26 (192.168.27.64-192.168.27.191) > > > > Finally, you need three subnets that can have two hosts each, > > which would > > fit within /30 subnets. So assign: > > > > 192.168.27.192/30 > > 192.168.27.196/30 > > 192.168.27.200/30 > > > > > > Fred Reimer - CCNA > > > > > > Eclipsy
RE: Please Help - CIDR - How the bits work What I figured out [7:75101]
>From what you say, I think you have it, but I'm not sure. Starting from the
bottom of a /24 subnet (Class C), you could have a /26 subnet, then two /27
subnets, then four /28 subnets, and finally another /26 subnet. Or you
could have two /28 subnets, one /27 subnet, one /26 subnet, followed by a
/25 subnet. The combination, and order, does not really matter, as long as
no IP addresses within the subnets overlap.
For instance, you couldn't have a /26 (64 addresses) followed by a /25 (128
addresses), followed by a /26 (64 addresses). Why? Because there can't be
any overlaps. The 64 would start at .0 and go to .63. The 128 would
start... Where? It can't start at .64, because that's in the middle of say
192.168.24.0/25 (which is 192.168.24.0-192.168.24.127). It would need to
start at .0 or .128. If it started at .128 then it would extend to .255, in
which case there wouldn't be room for the last /26 subnet. So, you re-order
them and use either a /26, /26, and /25, or /25, /26, and /26.
Remember, the whole classful/classless thing is routing protocol specific.
It has nothing to do with how hosts view IP addresses, or make "routing"
decisions (meaning whether to send it to a router or if the address is
local). The source code for a TCP/IP stack may look something like this:
# Assuming addresses/masks are 32-bit numbers, not dotted decimal
# string representations of addresses/masks.
# $ip_src is the IP address of the outgoing interface on the host
# $ip_dst is the IP address of the destination
# $ip_mask is the subnet mask on the outgoing interface
# $ip_gateway is the IP address of the default gateway
# check to see if destination address is in same subnet as our interface
if (($ip_src & $ip_mask) == ($ip_dst & $ip_mask)) {
# send directly to destination, possibly arping out first
} else {
# send to default gateway, $ip_gateway,
# possibly arping out first
}
There would obviously be more logic in there as you may have more than one
route and not a single default gateway, but the important point is that it
does not matter about the "classfulness" or "classlessness" of the subnet
mask. The host doesn't give a hoot. As long as the source and the
destination both agree whether they are in the same subnet or not everything
works fine. If they don't, you may need some ancient hack like proxy ARP,
but I don't know anyone in their right mind that would recommend
purposefully MIS-configuring a network so that it is required.
Fred Reimer - CCNA
Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338
Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050
NOTICE; This email contains confidential or proprietary information which
may be legally privileged. It is intended only for the named recipient(s).
If an addressing or transmission error has misdirected the email, please
notify the author by replying to this message. If you are not the named
recipient, you are not authorized to use, disclose, distribute, copy, print
or rely on this email, and should immediately delete it from your computer.
-Original Message-
From: Steven Aiello [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 09, 2003 1:21 PM
To: [EMAIL PROTECTED]
Subject: Re: Please Help - CIDR - How the bits work What I figured out
[7:75087]
I was stuck on the idea that you could ONLY re subnet a remaining piece
of a subnetwork. And not apply a mask to the whole span of the total
available network. You can (unless I'm incorrect here) you just have to
watch out for address over lap neer your subnetwork boundries.
I think I got it.
Man I love this news group!
Steve
Priscilla Oppenheimer wrote:
> Reimer, Fred wrote:
>
>>No offense, but this is CCNA material.
>
>
> Do they still teach classful for CCNA, though? Perhaps the only thing
that's
> hard for him is that 192.168.24.0 has a mask of 255.255.255.0 in a
classful
> system. Moving the prefix over to the left of that classful boundary isn't
> something they teach for CCNA yet. (They will soon. The new Networking
> Academy books teach it from the start now.)
>
> Priscilla
>
>
>>If you are going for
>>your CCNP, then
>>you should already have your CCNA and know the answer. But
>>anyway...
>>
>>If you need a network with 400 hosts, the smallest subnet would
>>have a /23
>>mask. So take the first part of your given network and assign
>>it to that:
>>
>>192.168.24.0/23 (192.168.24.0-192.168.25.255)
>>
>>Then you need one with 200 hosts. Well, that could fit within
>>a /24 subnet,
>>so assign the next available to that:
>>
>>192.168.26.0/24 (192.168.26.0-192.168.26.255)
>>
>>Now you only have 192.168.27.0/24 left from the original
>>192.168.24.0/23
>>(whic
Re: Please Help - CIDR - How the bits work What I figured out [7:75094]
The key is that you must completely unlearn classful thinking. Forget that you ever learned it. Completely ignore any prior classful subnet boundaries that you were forced to memorize. It's all just one big IP address space that you choose to carve up any way you like. As long as you do it correctly and don't have any overlap the subnetting scheme is up to you. Another helpful tip: don't ever use classful terminology any more! Don't say "Class A" to refer to an 8-bit prefix or subnet mask; don't say "Class C" to refer to a 24-bit mask, or /24. That will help move your brain away from that type of thinking. Think of your address space as a big pie, and each time you cut a segment in half you're adding one more bit to the subnet mask. Here's an example: You start with 10.20.30.0/24 (255.255.255.0) and we'll think of that as a whole pie. You don't need that many addresses in your subnet so you decide to break it up into smaller pieces. What do you do? Cut your pie in half (draw this out, it helps!). Your pie now has two halves and these represent two subnets with /25 masks with no overlap. Let's say you want to further subnet one of those subnets. Cut it in half again! You now have a /25 and two /26s with no overlap. If you further cut one of those /26 subnets into two pieces you have two /27s. See how easy that is? Draw this out on paper and write down your subnet information as you go, like this: 10.20.30.0/24 (10.20.30.0-255) becomes 10.20.30.0/25 (10.20.30.0-127) and 10.20.30.128/25 (10.20.30.128-255) 10.20.30.128/25 further subnetted becomes 10.20.30.128/26 (10.20.30.128-191) and 10.20.30.192/26 (10.20.30.192-255) And so on... practice it this way for a while and after a short time it will be second nature for you to subnet existing networks without accidentally overlapping them. HTH, John >>> Steven Aiello 9/9/03 12:03:06 PM >>> I was stuck on the idea that you could ONLY re subnet a remaining piece of a subnetwork. And not apply a mask to the whole span of the total available network. You can (unless I'm incorrect here) you just have to watch out for address over lap neer your subnetwork boundries. I think I got it. Man I love this news group! Steve Priscilla Oppenheimer wrote: > Reimer, Fred wrote: > >>No offense, but this is CCNA material. > > > Do they still teach classful for CCNA, though? Perhaps the only thing that's > hard for him is that 192.168.24.0 has a mask of 255.255.255.0 in a classful > system. Moving the prefix over to the left of that classful boundary isn't > something they teach for CCNA yet. (They will soon. The new Networking > Academy books teach it from the start now.) > > Priscilla > > >>If you are going for >>your CCNP, then >>you should already have your CCNA and know the answer. But >>anyway... >> >>If you need a network with 400 hosts, the smallest subnet would >>have a /23 >>mask. So take the first part of your given network and assign >>it to that: >> >>192.168.24.0/23 (192.168.24.0-192.168.25.255) >> >>Then you need one with 200 hosts. Well, that could fit within >>a /24 subnet, >>so assign the next available to that: >> >>192.168.26.0/24 (192.168.26.0-192.168.26.255) >> >>Now you only have 192.168.27.0/24 left from the original >>192.168.24.0/23 >>(which covered 192.168.24.0-192.168.27.255). You need two >>50's, so that >>should fit within /26 subnets each. Assign them: >> >>192.168.27.0/26 (192.168.27.0-192.168.27.63) >>192.168.27.64/26 (192.168.27.64-192.168.27.191) >> >>Finally, you need three subnets that can have two hosts each, >>which would >>fit within /30 subnets. So assign: >> >>192.168.27.192/30 >>192.168.27.196/30 >>192.168.27.200/30 >> >> >>Fred Reimer - CCNA >> >> >>Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA >>30338 >>Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 >> >> >>NOTICE; This email contains confidential or proprietary >>information which >>may be legally privileged. It is intended only for the named >>recipient(s). >>If an addressing or transmission error has misdirected the >>email, please >>notify the author by replying to this message. If you are not >>the named >>recipient, you are not authorized to use, disclose, distribute, >>copy, print >>or rely on this email, and should immediately delete it from >>your computer. >> >> >>-Original Message- >>From: Steven Aiello [mailto:[EMAIL PROTECTED] >>Sent: Tuesday, September 09, 2003 8:02 AM >>To: [EMAIL PROTECTED] >>Subject: Please Help - CIDR - How the bits work [7:75050] >> >>I just started my routing class for my CCNP. We are covering >>CIDR. The >>book is VEERY vague on how the bit patterns break down and >>are used. >> >> >>This was a problem posed in one of my CCNP labs >> >>I have network number >> >>192.168.24.0 / 22 >> >>from this I need >>networks with >> >>400 hosts >>200 hosts >>50 hosts >>50 hosts >>2 hosts (for serial int - no ip un-numbered allowed ) >>2 hosts >>2 hosts >> >>Also no NATing >> >>Tha
RE: Please Help - CIDR - How the bits work [7:75050]
May be I had advanced access to the new NA material then ;-) In my view, a NA should be able to handle basic RIP, OSPF, EIGRP in a small to medium sized network. That would certainly include CIDR. A NP, IMO, would be for advanced RIP, OSPF, EIGRP, and basic BGP, like for configuring a mid-large sized network for connection to the Internet including minimal BGP. IE, IMO, is for ISP engineers that have to deal with extensive IS-IS, BGP using all options, etc, and large to huge (global) networks. May be I'm just expecting too much, but if you don't understand CIDR you shouldn't be allowed anywhere near a router, let alone be responsible for configuring them. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 12:33 PM To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] Reimer, Fred wrote: > > No offense, but this is CCNA material. Do they still teach classful for CCNA, though? Perhaps the only thing that's hard for him is that 192.168.24.0 has a mask of 255.255.255.0 in a classful system. Moving the prefix over to the left of that classful boundary isn't something they teach for CCNA yet. (They will soon. The new Networking Academy books teach it from the start now.) Priscilla > If you are going for > your CCNP, then > you should already have your CCNA and know the answer. But > anyway... > > If you need a network with 400 hosts, the smallest subnet would > have a /23 > mask. So take the first part of your given network and assign > it to that: > > 192.168.24.0/23 (192.168.24.0-192.168.25.255) > > Then you need one with 200 hosts. Well, that could fit within > a /24 subnet, > so assign the next available to that: > > 192.168.26.0/24 (192.168.26.0-192.168.26.255) > > Now you only have 192.168.27.0/24 left from the original > 192.168.24.0/23 > (which covered 192.168.24.0-192.168.27.255). You need two > 50's, so that > should fit within /26 subnets each. Assign them: > > 192.168.27.0/26 (192.168.27.0-192.168.27.63) > 192.168.27.64/26 (192.168.27.64-192.168.27.191) > > Finally, you need three subnets that can have two hosts each, > which would > fit within /30 subnets. So assign: > > 192.168.27.192/30 > 192.168.27.196/30 > 192.168.27.200/30 > > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA > 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary > information which > may be legally privileged. It is intended only for the named > recipient(s). > If an addressing or transmission error has misdirected the > email, please > notify the author by replying to this message. If you are not > the named > recipient, you are not authorized to use, disclose, distribute, > copy, print > or rely on this email, and should immediately delete it from > your computer. > > > -Original Message- > From: Steven Aiello [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 8:02 AM > To: [EMAIL PROTECTED] > Subject: Please Help - CIDR - How the bits work [7:75050] > > I just started my routing class for my CCNP. We are covering > CIDR. The > book is VEERY vague on how the bit patterns break down and > are used. > > > This was a problem posed in one of my CCNP labs > > I have network number > > 192.168.24.0 / 22 > > from this I need > networks with > > 400 hosts > 200 hosts > 50 hosts > 50 hosts > 2 hosts (for serial int - no ip un-numbered allowed ) > 2 hosts > 2 hosts > > Also no NATing > > Thanks all I really could use the help > > Steve > **Please support GroupStudy by purchasing from the GroupStudy > Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75092&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Please Help - CIDR - How the bits work What I figured out [7:75087]
I was stuck on the idea that you could ONLY re subnet a remaining piece of a subnetwork. And not apply a mask to the whole span of the total available network. You can (unless I'm incorrect here) you just have to watch out for address over lap neer your subnetwork boundries. I think I got it. Man I love this news group! Steve Priscilla Oppenheimer wrote: > Reimer, Fred wrote: > >>No offense, but this is CCNA material. > > > Do they still teach classful for CCNA, though? Perhaps the only thing that's > hard for him is that 192.168.24.0 has a mask of 255.255.255.0 in a classful > system. Moving the prefix over to the left of that classful boundary isn't > something they teach for CCNA yet. (They will soon. The new Networking > Academy books teach it from the start now.) > > Priscilla > > >>If you are going for >>your CCNP, then >>you should already have your CCNA and know the answer. But >>anyway... >> >>If you need a network with 400 hosts, the smallest subnet would >>have a /23 >>mask. So take the first part of your given network and assign >>it to that: >> >>192.168.24.0/23 (192.168.24.0-192.168.25.255) >> >>Then you need one with 200 hosts. Well, that could fit within >>a /24 subnet, >>so assign the next available to that: >> >>192.168.26.0/24 (192.168.26.0-192.168.26.255) >> >>Now you only have 192.168.27.0/24 left from the original >>192.168.24.0/23 >>(which covered 192.168.24.0-192.168.27.255). You need two >>50's, so that >>should fit within /26 subnets each. Assign them: >> >>192.168.27.0/26 (192.168.27.0-192.168.27.63) >>192.168.27.64/26 (192.168.27.64-192.168.27.191) >> >>Finally, you need three subnets that can have two hosts each, >>which would >>fit within /30 subnets. So assign: >> >>192.168.27.192/30 >>192.168.27.196/30 >>192.168.27.200/30 >> >> >>Fred Reimer - CCNA >> >> >>Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA >>30338 >>Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 >> >> >>NOTICE; This email contains confidential or proprietary >>information which >>may be legally privileged. It is intended only for the named >>recipient(s). >>If an addressing or transmission error has misdirected the >>email, please >>notify the author by replying to this message. If you are not >>the named >>recipient, you are not authorized to use, disclose, distribute, >>copy, print >>or rely on this email, and should immediately delete it from >>your computer. >> >> >>-Original Message- >>From: Steven Aiello [mailto:[EMAIL PROTECTED] >>Sent: Tuesday, September 09, 2003 8:02 AM >>To: [EMAIL PROTECTED] >>Subject: Please Help - CIDR - How the bits work [7:75050] >> >>I just started my routing class for my CCNP. We are covering >>CIDR. The >>book is VEERY vague on how the bit patterns break down and >>are used. >> >> >>This was a problem posed in one of my CCNP labs >> >>I have network number >> >>192.168.24.0 / 22 >> >>from this I need >>networks with >> >>400 hosts >>200 hosts >>50 hosts >>50 hosts >>2 hosts (for serial int - no ip un-numbered allowed ) >>2 hosts >>2 hosts >> >>Also no NATing >> >>Thanks all I really could use the help >> >>Steve >>**Please support GroupStudy by purchasing from the GroupStudy >>Store: >>http://shop.groupstudy.com >>FAQ, list archives, and subscription info: >>http://www.groupstudy.com/list/cisco.html > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75087&t=75087 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Please Help - CIDR - How the bits work What I figured out [7:75086]
Priscilla Oppenheimer wrote: > Reimer, Fred wrote: > >>No offense, but this is CCNA material. > > > Do they still teach classful for CCNA, though? Perhaps the only thing that's > hard for him is that 192.168.24.0 has a mask of 255.255.255.0 in a classful > system. Moving the prefix over to the left of that classful boundary isn't > something they teach for CCNA yet. (They will soon. The new Networking > Academy books teach it from the start now.) > > Priscilla > > >>If you are going for >>your CCNP, then >>you should already have your CCNA and know the answer. But >>anyway... >> >>If you need a network with 400 hosts, the smallest subnet would >>have a /23 >>mask. So take the first part of your given network and assign >>it to that: >> >>192.168.24.0/23 (192.168.24.0-192.168.25.255) >> >>Then you need one with 200 hosts. Well, that could fit within >>a /24 subnet, >>so assign the next available to that: >> >>192.168.26.0/24 (192.168.26.0-192.168.26.255) >> >>Now you only have 192.168.27.0/24 left from the original >>192.168.24.0/23 >>(which covered 192.168.24.0-192.168.27.255). You need two >>50's, so that >>should fit within /26 subnets each. Assign them: >> >>192.168.27.0/26 (192.168.27.0-192.168.27.63) >>192.168.27.64/26 (192.168.27.64-192.168.27.191) >> >>Finally, you need three subnets that can have two hosts each, >>which would >>fit within /30 subnets. So assign: >> >>192.168.27.192/30 >>192.168.27.196/30 >>192.168.27.200/30 >> >> >>Fred Reimer - CCNA >> >> >>Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA >>30338 >>Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 >> >> >>NOTICE; This email contains confidential or proprietary >>information which >>may be legally privileged. It is intended only for the named >>recipient(s). >>If an addressing or transmission error has misdirected the >>email, please >>notify the author by replying to this message. If you are not >>the named >>recipient, you are not authorized to use, disclose, distribute, >>copy, print >>or rely on this email, and should immediately delete it from >>your computer. >> >> >>-Original Message- >>From: Steven Aiello [mailto:[EMAIL PROTECTED] >>Sent: Tuesday, September 09, 2003 8:02 AM >>To: [EMAIL PROTECTED] >>Subject: Please Help - CIDR - How the bits work [7:75050] >> >>I just started my routing class for my CCNP. We are covering >>CIDR. The >>book is VEERY vague on how the bit patterns break down and >>are used. >> >> >>This was a problem posed in one of my CCNP labs >> >>I have network number >> >>192.168.24.0 / 22 >> >>from this I need >>networks with >> >>400 hosts >>200 hosts >>50 hosts >>50 hosts >>2 hosts (for serial int - no ip un-numbered allowed ) >>2 hosts >>2 hosts >> >>Also no NATing >> >>Thanks all I really could use the help >> >>Steve >>**Please support GroupStudy by purchasing from the GroupStudy >>Store: >>http://shop.groupstudy.com >>FAQ, list archives, and subscription info: >>http://www.groupstudy.com/list/cisco.html > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75086&t=75086 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
Reimer, Fred wrote: > > No offense, but this is CCNA material. Do they still teach classful for CCNA, though? Perhaps the only thing that's hard for him is that 192.168.24.0 has a mask of 255.255.255.0 in a classful system. Moving the prefix over to the left of that classful boundary isn't something they teach for CCNA yet. (They will soon. The new Networking Academy books teach it from the start now.) Priscilla > If you are going for > your CCNP, then > you should already have your CCNA and know the answer. But > anyway... > > If you need a network with 400 hosts, the smallest subnet would > have a /23 > mask. So take the first part of your given network and assign > it to that: > > 192.168.24.0/23 (192.168.24.0-192.168.25.255) > > Then you need one with 200 hosts. Well, that could fit within > a /24 subnet, > so assign the next available to that: > > 192.168.26.0/24 (192.168.26.0-192.168.26.255) > > Now you only have 192.168.27.0/24 left from the original > 192.168.24.0/23 > (which covered 192.168.24.0-192.168.27.255). You need two > 50's, so that > should fit within /26 subnets each. Assign them: > > 192.168.27.0/26 (192.168.27.0-192.168.27.63) > 192.168.27.64/26 (192.168.27.64-192.168.27.191) > > Finally, you need three subnets that can have two hosts each, > which would > fit within /30 subnets. So assign: > > 192.168.27.192/30 > 192.168.27.196/30 > 192.168.27.200/30 > > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA > 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary > information which > may be legally privileged. It is intended only for the named > recipient(s). > If an addressing or transmission error has misdirected the > email, please > notify the author by replying to this message. If you are not > the named > recipient, you are not authorized to use, disclose, distribute, > copy, print > or rely on this email, and should immediately delete it from > your computer. > > > -Original Message- > From: Steven Aiello [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 8:02 AM > To: [EMAIL PROTECTED] > Subject: Please Help - CIDR - How the bits work [7:75050] > > I just started my routing class for my CCNP. We are covering > CIDR. The > book is VEERY vague on how the bit patterns break down and > are used. > > > This was a problem posed in one of my CCNP labs > > I have network number > > 192.168.24.0 / 22 > > from this I need > networks with > > 400 hosts > 200 hosts > 50 hosts > 50 hosts > 2 hosts (for serial int - no ip un-numbered allowed ) > 2 hosts > 2 hosts > > Also no NATing > > Thanks all I really could use the help > > Steve > **Please support GroupStudy by purchasing from the GroupStudy > Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75080&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
Woops, one of the ranges is wrong. Should be 192.168.27.64/26 (192.168.27.64-192.168.27.127) and not: 192.168.27.64/26 (192.168.27.64-192.168.27.191) like I said. Given that you could move all of the latter subnets up, or leave open 192.168.27.128 for another /26 subnet. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Reimer, Fred [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 10:26 AM To: [EMAIL PROTECTED] Subject: RE: Please Help - CIDR - How the bits work [7:75050] No offense, but this is CCNA material. If you are going for your CCNP, then you should already have your CCNA and know the answer. But anyway... If you need a network with 400 hosts, the smallest subnet would have a /23 mask. So take the first part of your given network and assign it to that: 192.168.24.0/23 (192.168.24.0-192.168.25.255) Then you need one with 200 hosts. Well, that could fit within a /24 subnet, so assign the next available to that: 192.168.26.0/24 (192.168.26.0-192.168.26.255) Now you only have 192.168.27.0/24 left from the original 192.168.24.0/23 (which covered 192.168.24.0-192.168.27.255). You need two 50's, so that should fit within /26 subnets each. Assign them: 192.168.27.0/26 (192.168.27.0-192.168.27.63) 192.168.27.64/26 (192.168.27.64-192.168.27.191) Finally, you need three subnets that can have two hosts each, which would fit within /30 subnets. So assign: 192.168.27.192/30 192.168.27.196/30 192.168.27.200/30 Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Steven Aiello [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 8:02 AM To: [EMAIL PROTECTED] Subject: Please Help - CIDR - How the bits work [7:75050] I just started my routing class for my CCNP. We are covering CIDR. The book is VEERY vague on how the bit patterns break down and are used. This was a problem posed in one of my CCNP labs I have network number 192.168.24.0 / 22 from this I need networks with 400 hosts 200 hosts 50 hosts 50 hosts 2 hosts (for serial int - no ip un-numbered allowed ) 2 hosts 2 hosts Also no NATing Thanks all I really could use the help Steve **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75077&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
Here's a great resource: pad http://www.nanog.org/isp.html#cidr scroll down to CIDR and download "Understanding IP Addressing: Everything You Ever Wanted to Know" by Chuck Semeria Looking at your specific problem - think in powers of two. 400 nodes is greater than 256 but less than 512. Use /23 out of your allocation. 200 is less than 256 so use a /24. 50 is greater than 32 and less than 64 so use a /26 for each. The serial links each need a /30. Probably best to take the last /28 from the allocation and break it down into four /30s. > -Original Message- > From: Steven Aiello [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 09, 2003 7:02 AM > To: [EMAIL PROTECTED] > Subject: Please Help - CIDR - How the bits work [7:75050] > > > I just started my routing class for my CCNP. We are covering > CIDR. The > book is VEERY vague on how the bit patterns break down > and are used. > > > This was a problem posed in one of my CCNP labs > > I have network number > > 192.168.24.0 / 22 > > from this I need > networks with > > 400 hosts > 200 hosts > 50 hosts > 50 hosts > 2 hosts (for serial int - no ip un-numbered allowed ) > 2 hosts > 2 hosts > > Also no NATing > > Thanks all I really could use the help > > Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75070&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
No offense, but this is CCNA material. If you are going for your CCNP, then you should already have your CCNA and know the answer. But anyway... If you need a network with 400 hosts, the smallest subnet would have a /23 mask. So take the first part of your given network and assign it to that: 192.168.24.0/23 (192.168.24.0-192.168.25.255) Then you need one with 200 hosts. Well, that could fit within a /24 subnet, so assign the next available to that: 192.168.26.0/24 (192.168.26.0-192.168.26.255) Now you only have 192.168.27.0/24 left from the original 192.168.24.0/23 (which covered 192.168.24.0-192.168.27.255). You need two 50's, so that should fit within /26 subnets each. Assign them: 192.168.27.0/26 (192.168.27.0-192.168.27.63) 192.168.27.64/26 (192.168.27.64-192.168.27.191) Finally, you need three subnets that can have two hosts each, which would fit within /30 subnets. So assign: 192.168.27.192/30 192.168.27.196/30 192.168.27.200/30 Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Steven Aiello [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 09, 2003 8:02 AM To: [EMAIL PROTECTED] Subject: Please Help - CIDR - How the bits work [7:75050] I just started my routing class for my CCNP. We are covering CIDR. The book is VEERY vague on how the bit patterns break down and are used. This was a problem posed in one of my CCNP labs I have network number 192.168.24.0 / 22 from this I need networks with 400 hosts 200 hosts 50 hosts 50 hosts 2 hosts (for serial int - no ip un-numbered allowed ) 2 hosts 2 hosts Also no NATing Thanks all I really could use the help Steve **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75066&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Please Help - CIDR - How the bits work [7:75050]
I get the same results as Marko, but this may lay it out so you (and others) can see the development: IP address = 32 bits Network portion = 22 bits Host portion = 10 bits Total addresses for host portion = 2^10 = 1024 Start with 192.168.24.0/22 Focus on the 3rd octet (network_host): 000110_00 400 hosts requires 9 bits (2^8 = 256, 2^9 = 512) and you will have some left in this block divide the /22 into two blocks of 512 addresses each: 0001100_0 (.24/23) and 000_0 (.26/23) use .24/23 for the 400-host network 200 hosts requires 8 bits (2^7 = 128, 2^8 = 256) and there will be some left in this block, too divide the .26/25 into 2 blocks of 256 addresses each: 0000 (.26/24) and 0001 (.27/24) use .26/24 for the 200-host network 50 hosts requires 6 bits (2^5 = 32, 2^6 = 64) and you will again have some leftovers divide the .27/24 into 4 blocks of 64 addresses each now looking at the 4th octet: 00_00 (.0/26), 01_00 (.64/26), 10_00 (.128/26), and 11_00 (.192/26) use the first two for the 50-host networks and the rest is easy My personal rule is to always start with the biggest blocks and work down from there. HTH Annlee Steven Aiello wrote: > I just started my routing class for my CCNP. We are covering CIDR. The > book is VEERY vague on how the bit patterns break down and are used. > > > This was a problem posed in one of my CCNP labs > > I have network number > > 192.168.24.0 / 22 > > from this I need > networks with > > 400 hosts > 200 hosts > 50 hosts > 50 hosts > 2 hosts (for serial int - no ip un-numbered allowed ) > 2 hosts > 2 hosts > > Also no NATing > > Thanks all I really could use the help > > Steve > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75069&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please Help - CIDR - How the bits work [7:75050]
Let me give you a bit of a clue - For the 400 hosts you will need a /23 200 hosts you will need a /24 50 hosts you will need a /26 50 hosts you will need another /26 2 hosts (for serial int - no ip un-numbered allowed )and for these you will need /30s (/32s are possible but probably not what your class requires. If you need more help, please let me know, but try and work it out for yourself first. Best regards, Dom Stocqueler SysDom Technologies Visit our website - www.sysdom.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steven Aiello Sent: 09 September 2003 13:02 To: [EMAIL PROTECTED] Subject: Please Help - CIDR - How the bits work [7:75050] I just started my routing class for my CCNP. We are covering CIDR. The book is VEERY vague on how the bit patterns break down and are used. This was a problem posed in one of my CCNP labs I have network number 192.168.24.0 / 22 from this I need networks with 400 hosts 200 hosts 50 hosts 50 hosts 2 hosts (for serial int - no ip un-numbered allowed ) 2 hosts 2 hosts Also no NATing Thanks all I really could use the help Steve **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=75064&t=75050 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Please Help - CIDR - How the bits work [7:75050]
> I have network number > > 192.168.24.0 / 22 > > from this I need > networks with > > 400 hosts > 200 hosts > 50 hosts > 50 hosts > 2 hosts (for serial int - no ip un-numbered allowed ) > 2 hosts > 2 hosts 192.168.24.0/23 - 512 (400 hosts fit nicely) 192.168.26.0/24 - 256 (200 hosts fit nicely) 192.168.27.0/26 - 64 (50 hosts -"-) 192.168.27.64/26 - 64 (50 hosts -"-) 192.168.27.128/30 - 4 (I'm assuming /31 is not allowed, also) **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Please help!!!! [7:70369]
Not much! You can run 12.x code on the 4000s, but the semi-modern stuff like Fast Ethernet and ATM modules started with the 4500 series. Concerning the 4000, the maximum I have seen from the factory of the EPROM chip type FLASH board is 8 Megs and RAM has always been capped at 16 Megs. Around Y2K timeframe, I was contracting for a large government agency (with a lot of 4x00 routers) and we received Cisco SmartNet upgrade kits that provided us the ability to use (2) 8 Meg 2500 series FLASH sticks (new style FLASH board) and also included replacement 10.X boot ROMs. This really did very little for the routers, since the feature rich IOS needed 32 Megs of RAM (which is where the 4000M comes in). The 4000Ms are 16 FLASH and 32 RAM limited. All the best! Phil "The Who's Who of So and So, and best know for Such and Such" -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lee Sent: Sunday, June 08, 2003 8:10 PM To: [EMAIL PROTECTED] Subject: Please help [7:70369] Hi, Does anyone knows how can i differentiate a router between Cisco 4000 & Cisco 4000M? Also, for a 4000M, what is the max amount of flash it can handle? (I want to load at least IOS 12.1 on it). - Cisco Internetwork Operating System Software IOS (tm) 4000 Software (C4000-DS-M), Version 12.0(23), RELEASE SOFTWARE (fc1) Copyright (c) 1986-2002 by cisco Systems, Inc. Compiled Mon 01-Jul-02 22:19 by srani Image text-base: 0x00012000, data-base: 0x0083DF10 ROM: System Bootstrap, Version 4.14(7), SOFTWARE R6 uptime is 1 minute System restarted by power-on System image file is "flash:c4000-ds-mz.120-23.bin" cisco 4000 (68030) processor (revision 0xB0) with 16384K/4096K bytes of memory. Processor board ID 5039132 G.703/E1 software, Version 1.0. Bridging software. X.25 software, Version 3.0.0. 1 Token Ring/IEEE 802.5 interface(s) 128K bytes of non-volatile configuration memory. 4096K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Thanks in advance, Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70376&t=70369 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help!!!! [7:70369]
I think my last post was a bit messed up. try this: http://www.cisco.com/en/US/products/hw/routers/ps5199/products_tech_note0918 6a008009486a.shtml watch the wrap. Kevin Wigle - Original Message - From: "Lee" To: Sent: Sunday, June 08, 2003 8:10 PM Subject: Please help [7:70369] > Hi, > > Does anyone knows how can i differentiate a router between Cisco 4000 & > Cisco 4000M? > > Also, for a 4000M, what is the max amount of flash it can handle? (I want to > load at least IOS 12.1 on it). > > - > > Cisco Internetwork Operating System Software > > IOS (tm) 4000 Software (C4000-DS-M), Version 12.0(23), RELEASE SOFTWARE > (fc1) > > Copyright (c) 1986-2002 by cisco Systems, Inc. > > Compiled Mon 01-Jul-02 22:19 by srani > > Image text-base: 0x00012000, data-base: 0x0083DF10 > > ROM: System Bootstrap, Version 4.14(7), SOFTWARE > > R6 uptime is 1 minute > > System restarted by power-on > > System image file is "flash:c4000-ds-mz.120-23.bin" > > cisco 4000 (68030) processor (revision 0xB0) with 16384K/4096K bytes of > memory. > > Processor board ID 5039132 > > G.703/E1 software, Version 1.0. > > Bridging software. > > X.25 software, Version 3.0.0. > > 1 Token Ring/IEEE 802.5 interface(s) > > 128K bytes of non-volatile configuration memory. > > 4096K bytes of processor board System flash (Read/Write) > > Configuration register is 0x2102 > > > > > > Thanks in advance, > Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70377&t=70369 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help!!!! [7:70369]
I forget where I got this but have a look: Q: How do you distinguish a 4500 from a 4500-M and a 4700 from a 4700-M? Does an -M version show up in show version? A: There are two methods you can use to determine the 4x00 model: 1.Use SNMP and do an snmpget for the following mib attribute: chassis.cardTable.cardTableEntry.cardType 2.Enter the show version command and use the command output and the table below to identify the 4x00 model: Model Revsion Serial Number Label Cisco 4000 Revision A0 440x C4000 Cisco 4000-M Revision B0, C 445x C4000 M+ Cisco 4500 Revision 0x00 450x C4500 Cisco 4500-M Revision B, C, D, E 455x C4500 M+ Cisco 4700 Revision B 470x C4700 Cisco 4700-M Revision C, D, E, F 475x C4700 M+ Kevin Wigle - Original Message - From: "Lee" To: Sent: Sunday, June 08, 2003 8:10 PM Subject: Please help [7:70369] > Hi, > > Does anyone knows how can i differentiate a router between Cisco 4000 & > Cisco 4000M? > > Also, for a 4000M, what is the max amount of flash it can handle? (I want to > load at least IOS 12.1 on it). > > - > > Cisco Internetwork Operating System Software > > IOS (tm) 4000 Software (C4000-DS-M), Version 12.0(23), RELEASE SOFTWARE > (fc1) > > Copyright (c) 1986-2002 by cisco Systems, Inc. > > Compiled Mon 01-Jul-02 22:19 by srani > > Image text-base: 0x00012000, data-base: 0x0083DF10 > > ROM: System Bootstrap, Version 4.14(7), SOFTWARE > > R6 uptime is 1 minute > > System restarted by power-on > > System image file is "flash:c4000-ds-mz.120-23.bin" > > cisco 4000 (68030) processor (revision 0xB0) with 16384K/4096K bytes of > memory. > > Processor board ID 5039132 > > G.703/E1 software, Version 1.0. > > Bridging software. > > X.25 software, Version 3.0.0. > > 1 Token Ring/IEEE 802.5 interface(s) > > 128K bytes of non-volatile configuration memory. > > 4096K bytes of processor board System flash (Read/Write) > > Configuration register is 0x2102 > > > > > > Thanks in advance, > Lee Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=70374&t=70369 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help: 2600 console lost [7:58889]
Thanks Daniel, I've tried that already but still the same... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59051&t=58889 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help: 2600 console lost [7:58889]
We're assuming that the console port is toast. Just in case there is some life in it try the speed jumper on the motherboard. Watch the wrap: http://www.cisco.com/en/US/products/hw/routers/ps259/products_tech_note09186 a008009433b.shtml#band_reset > -Original Message- > From: R M [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, December 10, 2002 9:58 AM > To: [EMAIL PROTECTED] > Subject: Please help: 2600 console lost [7:58889] > > > I've been working a few hours with a 2610 when suddenly, > boom!!, I lost my > console connection, now it doesn't respond to Ctrl-Break nor > anything, I've > rebooted it several times but it doesn't shows any single character on > HyperTerminal. Unfortunately, the equipment is running > (almost) default > configuration, so now I can't get in through Aux or Vty. My > Aux port respond > but can't do much through it since no 'enable password' has > been provided by > default, so can't get to privileged mode. Once the box is > booted, it looks > good, its eth and serial interfaces comes up, so it doesn't > looks like a > flash or IOS corruption problem. > > Do you guys have any clue why I'm suffering this? > Any workaround to at least have privileged access through Aux?? > Maybe nvram got corrupted? there's any way to 'hard' reset > nvram through > internal jumpers?? > > Thanks very much in advance, > > RM. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58991&t=58889 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help: 2600 console lost [7:58889]
good question ;-)... 'cause at that point I was testing my box as a pure bridge (without IRB or CRB)... I guess I'll have to replace the box. Thanks for your answers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58978&t=58889 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help: 2600 console lost [7:58889]
Well if you had set any write snmp community strings you could try an upload a config into the router that would allow you to get in via the vty. John -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 10, 2002 10:58 AM To: [EMAIL PROTECTED] Subject: Please help: 2600 console lost [7:58889] I've been working a few hours with a 2610 when suddenly, boom!!, I lost my console connection, now it doesn't respond to Ctrl-Break nor anything, I've rebooted it several times but it doesn't shows any single character on HyperTerminal. Unfortunately, the equipment is running (almost) default configuration, so now I can't get in through Aux or Vty. My Aux port respond but can't do much through it since no 'enable password' has been provided by default, so can't get to privileged mode. Once the box is booted, it looks good, its eth and serial interfaces comes up, so it doesn't looks like a flash or IOS corruption problem. Do you guys have any clue why I'm suffering this? Any workaround to at least have privileged access through Aux?? Maybe nvram got corrupted? there's any way to 'hard' reset nvram through internal jumpers?? Thanks very much in advance, RM. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58963&t=58889 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help: 2600 console lost [7:58889]
I had a similar problem on my 2610 , I bought a smartnet package and got the box replaced from Cisco . Navin Parwal ""R M"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I've been working a few hours with a 2610 when suddenly, boom!!, I lost my > console connection, now it doesn't respond to Ctrl-Break nor anything, I've > rebooted it several times but it doesn't shows any single character on > HyperTerminal. Unfortunately, the equipment is running (almost) default > configuration, so now I can't get in through Aux or Vty. My Aux port respond > but can't do much through it since no 'enable password' has been provided by > default, so can't get to privileged mode. Once the box is booted, it looks > good, its eth and serial interfaces comes up, so it doesn't looks like a > flash or IOS corruption problem. > > Do you guys have any clue why I'm suffering this? > Any workaround to at least have privileged access through Aux?? > Maybe nvram got corrupted? there's any way to 'hard' reset nvram through > internal jumpers?? > > Thanks very much in advance, > > RM. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58955&t=58889 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help: 2600 console lost [7:58889]
I guess my first question would be how, after a few HOURS, there is no IP address assigned and vty config? have you tried connecting from different computers? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=58951&t=58889 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: please help with vlan scenario [7:57245]
Thanks Peter for your help. That makes sense. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57287&t=57245 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: please help with vlan scenario [7:57245]
Barry, You can enable a trunk on the 3548, and create subinterfaces on the 3550 at site A. I don't know the exact configuration details about a 3550, but it should be something like: interface gigabitethernet 0/2 no switchport ! interface gigabitethernet 0/2.10 encapsulation dot1q 10 -Original Message- > From: Barry Warrick [mailto:nobody@;groupstudy.com] > Sent: Monday, November 11, 2002 11:23 PM > To: [EMAIL PROTECTED] > Subject: please help with vlan scenario [7:57245] > > > I have Site A which acts as a host for incoming fiber connections from > Site's B,C, and D. All 4 sites are on different subnets. At Site A a > Catalyst 3550G with 12 available fiber GBIC connections is what the 3 > incoming sites B,C, and D connect to on GBIC interfaces 1,2, and 3, > respectively.. The 3550G also has two Ethernet ports on it, > one which has a > crossover to a Catalyst 3548 switch, which feeds the local > LAN users at Site > A itself. > > Interface GBIC 4 on the 3550G has a fiber link connecting to > Site E, which > is then routed over ATM. So basically the 3550 at Site A > routes traffic > between itself and the B,C, and D sites and over to Site E. Site E is > actually our core router site (Cisco 3540) but Site A was > chosen to hosts > the other 3 sites (B,C,and D) due to logistics. > > Now what I need to do back at Site A is segment the local LAN > on the 3548 > switch into two vlans. Both vlans need to pass traffic across > the network. > Remember one port on the 3548 has a crossover to the 3550G > switch. The 3550G > is not set up with vlans. If I break the ports on the 3548 to > the vlan's I > want, I assume I set the crossover port to be a trunk? And if > so, do I need > to setup the other end of the crossover on the 3550 with any vlan's or > trunking??? No other subnets will be broken into vlan's so I > want to make > sure any change I may have to make on the 3550 to support the > local vlans on > the 3548 do not hinder traffic flow to and from the other > sites interfaces > on the 3550. Am I over complicating this setup? I know my description > probably is confusing. I guess in simple terms I just need to > make sure how > I set up vlans on the local Site A without affecting the > other sites that > Site A supports? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=57279&t=57245 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help!!! [7:53664]
one last thing to note, is that mixed mode nm's (ie: have both wan and lan capabilities) are NOT supported on the 2600's -Original Message- From: Ian Henderson [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 19, 2002 11:18 PM To: Steve Boer Cc: [EMAIL PROTECTED] Subject: RE: Please help!!! [7:53664] On Fri, 20 Sep 2002, Steve Boer wrote: > 1e2w's would be for use in 3600 series routers, and are NOT compatible in > 2600's. They include 1 ethernet port and 2 wic slots. In these WIC slots, > you can use any of the wics that are out there (wic-1t wic-1dsu-t1 wic-1b, > etc etc), but are blank until populated with modules. Note that not all WICs work in the older NM's. For example, to use a WIC-1ADSL in an NM, it must be a model that has a FastEthernet port (newer revision, provides the voltage the aDSL card needs). Rgds, - I. -- Ian Henderson CCNA, CCNP Senior Network Engineer, Chime Communications Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=53680&t=53664 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help!!! [7:53664]
As Steve pointed out, I had a brain-fart. The NM-1E2W does not work with the 2600 series. You can, however, get a NM-1E, or an NM-4E 10BaseT module for the 2600, and then use its (the 2600) other WIC slots above the built-in Ethernet/FastEthernet interfaces for WAN connectivity. My apologies for my misinformation. Mark -Original Message- From: L [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 19, 2002 8:09 PM To: [EMAIL PROTECTED] Subject: Please help!!! [7:53664] Hello, I oftern see on selling posts that some routers comes with 1E2W module. Is this referring to the on-borad built in interfaces?? With the 1E2W, would I need any extra modules (like WIC-1T or WIC-2T) to use the 2W, or can it be used for connecting serial cables striaght away? Sorry for my stupid question. Best Regards, L Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=53679&t=53664 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help!!! [7:53664]
On Fri, 20 Sep 2002, Steve Boer wrote: > 1e2w's would be for use in 3600 series routers, and are NOT compatible in > 2600's. They include 1 ethernet port and 2 wic slots. In these WIC slots, > you can use any of the wics that are out there (wic-1t wic-1dsu-t1 wic-1b, > etc etc), but are blank until populated with modules. Note that not all WICs work in the older NM's. For example, to use a WIC-1ADSL in an NM, it must be a model that has a FastEthernet port (newer revision, provides the voltage the aDSL card needs). Rgds, - I. -- Ian Henderson CCNA, CCNP Senior Network Engineer, Chime Communications Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=53676&t=53664 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help!!! [7:53664]
The 1E2W Module refers to a NM-1E2W Slot module that fits into the 2600/3600 series routers... and it has an 10BaseT port integrated. The 2W refers to the fact that you could put 2 WICs (WAN Interface Cards) into it, and if I'm not mistaken, you could put 2 WIC-2Ts into that NM-1E2W Module. It will not have the WICs already installed, unless specified by the seller of the module. ... Never a stupid question... we all start somewhere. :) Regards, Mark -Original Message- From: L [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 19, 2002 8:09 PM To: [EMAIL PROTECTED] Subject: Please help!!! [7:53664] Hello, I oftern see on selling posts that some routers comes with 1E2W module. Is this referring to the on-borad built in interfaces?? With the 1E2W, would I need any extra modules (like WIC-1T or WIC-2T) to use the 2W, or can it be used for connecting serial cables striaght away? Sorry for my stupid question. Best Regards, L Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=53673&t=53664 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help!!! [7:53664]
Here is a good starting point to read up on.. http://www.cisco.com/warp/public/107/nm-e2w.shtml NM-1E2W has an 'onboard' 10BaseT interface.. also, you have 2 WIC options so you could install a WIC-1T or WIC-2T or a combination of both.. hth, Mark. > -Original Message- > From: L [mailto:[EMAIL PROTECTED]] > Sent: Friday, 20 September 2002 11:09 > To: [EMAIL PROTECTED] > Subject: Please help!!! [7:53664] > > > Hello, > > I oftern see on selling posts that some routers comes with > 1E2W module. Is > this referring to the on-borad built in interfaces?? With the > 1E2W, would I > need any extra modules (like WIC-1T or WIC-2T) to use the 2W, > or can it be > used for connecting serial cables striaght away? > > Sorry for my stupid question. > > Best Regards, > L Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=53670&t=53664 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help!!! [7:53664]
1e2w's would be for use in 3600 series routers, and are NOT compatible in 2600's. They include 1 ethernet port and 2 wic slots. In these WIC slots, you can use any of the wics that are out there (wic-1t wic-1dsu-t1 wic-1b, etc etc), but are blank until populated with modules. hope this helps (check out http://www.cisco.com/go/module/ to see the different modules for the different technologies) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of L Sent: Thursday, September 19, 2002 9:09 PM To: [EMAIL PROTECTED] Subject: Please help!!! [7:53664] Hello, I oftern see on selling posts that some routers comes with 1E2W module. Is this referring to the on-borad built in interfaces?? With the 1E2W, would I need any extra modules (like WIC-1T or WIC-2T) to use the 2W, or can it be used for connecting serial cables striaght away? Sorry for my stupid question. Best Regards, L Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=53669&t=53664 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please Help ASAP: Routing on a secondary inter [7:51534]
Clayton, please let us know what finally happened ? Thx. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=51564&t=51534 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please Help ASAP: Routing on a secondary inter [7:51542]
I got it... I forgot to change the access list...duh Clayton Dukes CCNA, CCDA, CCDP, CCNP, NCC -=]-Original Message- -=]From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of -=]Clayton Dukes -=]Sent: Friday, August 16, 2002 3:39 PM -=]To: [EMAIL PROTECTED] -=]Subject: Please Help ASAP: Routing on a secondary interface [7:51534] -=] -=]Having a bad day, could someone please help me figure this out? -=] -=] -=] -=]I have a secondary interface configured on my router: -=] -=] -=] -=]interface Ethernet1/0 -=] -=] description connected to EthernetLAN -=] -=] ip address 10.82.67.193 255.255.255.224 secondary -=] -=] ip address 10.0.0.1 255.255.255.0 -=] -=] -=] -=]I have another interface connected to a DSL line (this is working, so -=]it's not the issue) -=] -=]interface FastEthernet0/0 -=] -=] description connected to Internet -=] -=] no ip address -=] -=] ip route-cache flow -=] -=] no keepalive -=] -=] duplex auto -=] -=] speed auto -=] -=] pppoe enable -=] -=] pppoe-client dial-pool-number 1 -=] -=] -=] -=]interface Dialer1 -=] -=] description connected to Internet -=] -=] ip address negotiated -=] -=] ip mtu 1492 -=] -=] ip nat outside -=] -=] encapsulation ppp -=] -=] ip route-cache flow -=] -=] dialer pool 1 -=] -=] dialer-group 2 -=] -=] ppp authentication chap pap callin -=] -=] ppp chap hostname zzz -=] -=] ppp chap password 7 zzz -=] -=] ppp pap sent-username zzz password 7 zzz -=] -=] -=] -=]I have a default route: -=] -=]ip route 0.0.0.0 0.0.0.0 Dialer1 -=] -=] -=] -=] -=] -=]Here's the problem: -=] -=] -=] -=]I have two systems: -=] -=]10.0.0.99 (PC) -=] -=]and -=] -=]10.82.67.215 (Solaris) -=] -=] -=] -=]from 10.0.0.99 I can ping everywhere, all local nets, all internet, etc. -=](No problems) -=] -=]from 10.82.67.215 I can ping the default gateway (10.82.67.193), I can -=]ping 10.0.0.1, I can ping 10.0.0.99..basically everything internally, -=]but not out to the internet. -=] -=] -=] -=]Can someone please tell me what I am missing? -=] -=] -=] -=]Clayton Dukes -=] -=]CCNA, CCDA, CCDP, CCNP, NCC -=] -=] -=] -=] [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=51542&t=51542 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please Help ASAP: Routing on a secondary inter [7:51553]
Clayton- The following excerpt from a web site posting found via Google.com... It may be your problem, and has the answer... "... Finally we need to specify a route onto the network over our ethernet card. The command # netstat -r will list the current routes on your machine. You can remove any unwanted routes with the route del command. To create a route onto your local network enter the command, # route add -net 128.240.0.0 netmask 255.255.0.0 eth0 which tells your machine that all network traffic for machines in the 128.240.x.x address range can be reached over the network interface eth0. For every other address we need to create a default route, # route add default gw 128.240.233.251 eth0 Substitute your gateway address for 128.240.233.251, this means for all other traffic send it to the gateway which you can reach over eth0. The gateway will pass on the traffic to other gateways on other networks until it reaches it's final destination. A correct configuration would look something like, # netstat -rn Destination GatewayGenmask Flags MSS Window irtt Iface 128.240.0.0 *255.255.0.0 U 0 0 0 eth0 127.0.0.0 *255.0.0.0 U 0 0 0 lo default 128.240.3.251 0.0.0.0 UG0 0 0 eth0 There is a loopback address, a route onto the local network and a default route specifying the local gateway." HTH's. If not, check your NAT/PAT pool/configuration on your Router. -Mark -Original Message- From: Clayton Dukes [mailto:[EMAIL PROTECTED]] Sent: Friday, August 16, 2002 2:39 PM To: [EMAIL PROTECTED] Subject: Please Help ASAP: Routing on a secondary interface [7:51534] Having a bad day, could someone please help me figure this out? I have a secondary interface configured on my router: interface Ethernet1/0 description connected to EthernetLAN ip address 10.82.67.193 255.255.255.224 secondary ip address 10.0.0.1 255.255.255.0 I have another interface connected to a DSL line (this is working, so it's not the issue) interface FastEthernet0/0 description connected to Internet no ip address ip route-cache flow no keepalive duplex auto speed auto pppoe enable pppoe-client dial-pool-number 1 interface Dialer1 description connected to Internet ip address negotiated ip mtu 1492 ip nat outside encapsulation ppp ip route-cache flow dialer pool 1 dialer-group 2 ppp authentication chap pap callin ppp chap hostname zzz ppp chap password 7 zzz ppp pap sent-username zzz password 7 zzz I have a default route: ip route 0.0.0.0 0.0.0.0 Dialer1 Here's the problem: I have two systems: 10.0.0.99 (PC) and 10.82.67.215 (Solaris) from 10.0.0.99 I can ping everywhere, all local nets, all internet, etc. (No problems) from 10.82.67.215 I can ping the default gateway (10.82.67.193), I can ping 10.0.0.1, I can ping 10.0.0.99..basically everything internally, but not out to the internet. Can someone please tell me what I am missing? Clayton Dukes CCNA, CCDA, CCDP, CCNP, NCC Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=51553&t=51553 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please Help ASAP: Routing on a secondary inter [7:51534]
I suppose ip nat inside is configured on ethernet 1/0. So as Priscilla states, try deb ip nat det to see what's going on. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=51546&t=51534 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please Help ASAP: Routing on a secondary interface [7:51534]
NAT issue? Obviously there must be some NAT going on if you're using addresses in the 10.0.0.0 network. Priscilla Clayton Dukes wrote: > > Having a bad day, could someone please help me figure this out? > > > > I have a secondary interface configured on my router: > > > > interface Ethernet1/0 > > description connected to EthernetLAN > > ip address 10.82.67.193 255.255.255.224 secondary > > ip address 10.0.0.1 255.255.255.0 > > > > I have another interface connected to a DSL line (this is > working, so > it's not the issue) > > interface FastEthernet0/0 > > description connected to Internet > > no ip address > > ip route-cache flow > > no keepalive > > duplex auto > > speed auto > > pppoe enable > > pppoe-client dial-pool-number 1 > > > > interface Dialer1 > > description connected to Internet > > ip address negotiated > > ip mtu 1492 > > ip nat outside > > encapsulation ppp > > ip route-cache flow > > dialer pool 1 > > dialer-group 2 > > ppp authentication chap pap callin > > ppp chap hostname zzz > > ppp chap password 7 zzz > > ppp pap sent-username zzz password 7 zzz > > > > I have a default route: > > ip route 0.0.0.0 0.0.0.0 Dialer1 > > > > > > Here's the problem: > > > > I have two systems: > > 10.0.0.99 (PC) > > and > > 10.82.67.215 (Solaris) > > > > from 10.0.0.99 I can ping everywhere, all local nets, all > internet, etc. > (No problems) > > from 10.82.67.215 I can ping the default gateway > (10.82.67.193), I can > ping 10.0.0.1, I can ping 10.0.0.99..basically everything > internally, > but not out to the internet. > > > > Can someone please tell me what I am missing? > > > > Clayton Dukes > > CCNA, CCDA, CCDP, CCNP, NCC > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=51539&t=51534 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help me with my new baby(Pix 501) [7:48760]
conduit permit icmp any any -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Juan Blanco Sent: Sunday, July 14, 2002 9:24 AM To: [EMAIL PROTECTED] Subject: Please help me with my new baby(Pix 501) [7:48760] Team, I just got my new baby Pix 501 (wow...how small it is, it looks like a toy)Below is my configuration, my problem is that Pat does not seems to be able to work, I have cable-modem and they only provided one ip, I am able to ping from the firewall to any pc on my LAN, I am able to ping from the firewall to any ip on the Internet but I am not able to ping from any PC on my LAN to any ip on the Internet, Be aware that this id the first time I am using a Cisco Firewall, This morning I got the book Cisco Secure PIX Firewall. Your help is very appreciated as always...Another question, The ios on this baby is the same on the high end firewalls, If I am able to learn as much as my brain can take will I be able to configure a high-end pix and feel comfortable. Thanks, (What I am doing wrong..) JB pixfirewall# show config : Saved : PIX Version 6.1(1) nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password MTz0ptrM4U8gsjGv encrypted passwd 2KFQnbNIdI.2KYOU encrypted hostname pixfirewall fixup protocol ftp 21 fixup protocol http 80 fixup protocol h323 1720 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol sip 5060 fixup protocol skinny 2000 names pager lines 24 interface ethernet0 10baset interface ethernet1 10full mtu outside 1500 mtu inside 1500 ip address outside dhcp setroute ip address inside 192.168.74.11 255.255.255.0 ip audit info action alarm ip audit attack action alarm pdm logging informational 100 pdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 0 0 timeout xlate 0:05:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server RADIUS protocol radius http server enable http 192.168.74.11 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable no sysopt route dnat telnet timeout 5 ssh timeout 5 dhcpd auto_config outside terminal width 80 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49024&t=48760 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help me with my new baby(Pix 501) [7:48760]
You need to setup access lists for inside and outside traffic. Assuming that you're just playing with this at home, only want to allow established traffic into your network, and want to let all traffic out of your LAN to the world, do something like: access-list acl_inside permit ip any any access-group acl_inside in interface inside DISCLAIMER: This is bad practice for most all production networks. Only in rare cases would you really want to allow unrestricted access from the LAN to the Internet. For a home / test network, it's probably not a big deal. Good luck, Craig At 02:24 PM 7/14/2002 +, you wrote: >Team, >I just got my new baby Pix 501 (wow...how small it is, it looks like a >toy)Below is my configuration, my problem is that Pat does not seems to >be able to work, I have cable-modem and they only provided one ip, I am able >to ping from the firewall to any pc on my LAN, I am able to ping from the >firewall to any ip on the Internet but I am not able to ping from any PC on >my LAN to any ip on the Internet, Be aware that this id the first time I am >using a Cisco Firewall, This morning I got the book Cisco Secure PIX >Firewall. Your help is very appreciated as always...Another question, >The ios on this baby is the same on the high end firewalls, If I am able to >learn as much as my brain can take will I be able to configure a high-end >pix and feel comfortable. > > >Thanks, (What I am doing wrong..) > > >JB > >pixfirewall# show config >: Saved >: >PIX Version 6.1(1) >nameif ethernet0 outside security0 >nameif ethernet1 inside security100 >enable password MTz0ptrM4U8gsjGv encrypted >passwd 2KFQnbNIdI.2KYOU encrypted >hostname pixfirewall >fixup protocol ftp 21 >fixup protocol http 80 >fixup protocol h323 1720 >fixup protocol rsh 514 >fixup protocol rtsp 554 >fixup protocol smtp 25 >fixup protocol sqlnet 1521 >fixup protocol sip 5060 >fixup protocol skinny 2000 >names >pager lines 24 >interface ethernet0 10baset >interface ethernet1 10full >mtu outside 1500 >mtu inside 1500 >ip address outside dhcp setroute >ip address inside 192.168.74.11 255.255.255.0 >ip audit info action alarm >ip audit attack action alarm >pdm logging informational 100 >pdm history enable >arp timeout 14400 >global (outside) 1 interface >nat (inside) 1 0.0.0.0 0.0.0.0 0 0 >timeout xlate 0:05:00 >timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 >0:05:00 sip 0:30:00 sip_media 0:02:00 >timeout uauth 0:05:00 absolute >aaa-server TACACS+ protocol tacacs+ >aaa-server RADIUS protocol radius >http server enable >http 192.168.74.11 255.255.255.0 inside >no snmp-server location >no snmp-server contact >snmp-server community public >no snmp-server enable traps >floodguard enable >no sysopt route dnat >telnet timeout 5 >ssh timeout 5 >dhcpd auto_config outside >terminal width 80 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=48772&t=48760 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help me with my new baby(Pix 501) [7:48760]
Oh yeahI forgot to mention that if you want to ping the world from your LAN, you'll also need to add an outside access list, like: access-list acl_outside permit icmp any any echo-reply access-group acl_outside in interface outside Sorry about leaving that out of the first message. Craig At 02:24 PM 7/14/2002 +, you wrote: >Team, >I just got my new baby Pix 501 (wow...how small it is, it looks like a >toy)Below is my configuration, my problem is that Pat does not seems to >be able to work, I have cable-modem and they only provided one ip, I am able >to ping from the firewall to any pc on my LAN, I am able to ping from the >firewall to any ip on the Internet but I am not able to ping from any PC on >my LAN to any ip on the Internet, Be aware that this id the first time I am >using a Cisco Firewall, This morning I got the book Cisco Secure PIX >Firewall. Your help is very appreciated as always...Another question, >The ios on this baby is the same on the high end firewalls, If I am able to >learn as much as my brain can take will I be able to configure a high-end >pix and feel comfortable. > > >Thanks, (What I am doing wrong..) > > >JB > >pixfirewall# show config >: Saved >: >PIX Version 6.1(1) >nameif ethernet0 outside security0 >nameif ethernet1 inside security100 >enable password MTz0ptrM4U8gsjGv encrypted >passwd 2KFQnbNIdI.2KYOU encrypted >hostname pixfirewall >fixup protocol ftp 21 >fixup protocol http 80 >fixup protocol h323 1720 >fixup protocol rsh 514 >fixup protocol rtsp 554 >fixup protocol smtp 25 >fixup protocol sqlnet 1521 >fixup protocol sip 5060 >fixup protocol skinny 2000 >names >pager lines 24 >interface ethernet0 10baset >interface ethernet1 10full >mtu outside 1500 >mtu inside 1500 >ip address outside dhcp setroute >ip address inside 192.168.74.11 255.255.255.0 >ip audit info action alarm >ip audit attack action alarm >pdm logging informational 100 >pdm history enable >arp timeout 14400 >global (outside) 1 interface >nat (inside) 1 0.0.0.0 0.0.0.0 0 0 >timeout xlate 0:05:00 >timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 >0:05:00 sip 0:30:00 sip_media 0:02:00 >timeout uauth 0:05:00 absolute >aaa-server TACACS+ protocol tacacs+ >aaa-server RADIUS protocol radius >http server enable >http 192.168.74.11 255.255.255.0 inside >no snmp-server location >no snmp-server contact >snmp-server community public >no snmp-server enable traps >floodguard enable >no sysopt route dnat >telnet timeout 5 >ssh timeout 5 >dhcpd auto_config outside >terminal width 80 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=48773&t=48760 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help!!! [7:42411]
Try removing the default routing statement from Gw2.bne cause that looks like a potential cause. Also, you said that the network statements you added were not in the routing table for gw2.bne. Can you also post a show ip route for gw2.bne? Another interesting question is why gw1.bne doesnt see the summary route from mls2 as a better route than the static entries you made to area 203.147.188.0 You can email me the show ip routes for gw1.bne and gw2.bne I would like to look into this more with you. Regards, Ed. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=42692&t=42411 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help!!! [7:42411]
Firstly, I must say thank you so much for getting back to me :-) Sorry about this, but the network is actually like this: Gw1.bne2 - Gw2.bne Gw1.bne MLS2 (cat 6500) - Avior (Linux) | | |--- | Tunnel >I agree. Are you terminiating the tunnel on gw1.bne? Or do you have >another route from gw1.bne2 to gw1.bne? Becuase it looks like gw1.bne is >learning it's route directly from gw1.bne2. If you could include the config >from gw1.bne, it would help. So the tunnel actually terminates at the other end of the network. After I've done some more investigation, I have found that the gw2.bne is taking the Inter-Area summary route advertised by MLS2 instead of learning it directly from gw1.bne2:- At Gw2.bne:- gw2.bne#sh ip route 203.147.154.136 Routing entry for 203.147.144.0/20, supernet Known via "ospf 7496", distance 110, metric 3, type inter area Last update from 202.139.236.254 on FastEthernet0/0, 01:29:27 ago Routing Descriptor Blocks: * 202.139.236.254, from 203.147.255.156, 01:29:27 ago, via FastEthernet0/0 wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I agree. Are you terminiating the tunnel on gw1.bne? Or do you have > another route from gw1.bne2 to gw1.bne? Becuase it looks like gw1.bne is > learning it's route directly from gw1.bne2. If you could include the config > from gw1.bne, it would help. ""Wallace Lee"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hunt, > I guess you don't have the 203.147.154.0 route in the middle router. > however, you have a > defaut route in it. So, you will experience a routing loop. Check you tunnel > configuration as well. see the following from u : > > I have an OSPF connectivity problem. I have 3 routers as follows: > > > > OSPF Area 203.147.188.0 OSPF Area 0 > > Gw1.bne2 Gw2.bne ---Gw1.bne > > > > Gw1.bne2 is connecting to Gw2.bne with Serial 0/0:0 (203.147.255.186 /30) > > Gw2.bne is connecting back to Gw1.bne2 with Serial 0/0:0 (203.147.255.185 > > /30) > > > > Gw2.bne is also connected to Gw1.bne with FastEth 0/0 (202.139.236.2 /24) > > Gw1.bne is connecting back to Gw2.bne with FastEth 0/1 (202.139.236.254 > /24) > > > > Now I have 5 static routes at Gw1.bne2 (the left most Router) that I want > to > > redistributed into OSPF. > > > > ip route 203.147.154.0 255.255.255.128 203.147.188.65 > > ip route 203.147.154.128 255.255.255.248 203.147.188.68 > > ip route 203.147.154.136 255.255.255.248 203.147.188.69 > > ip route 203.147.154.144 255.255.255.252 203.147.188.66 > > ip route 203.147.154.148 255.255.255.252 203.147.188.67 > > > > controller E1 0/0 > > channel-group 0 timeslots 1-31 > > ! > > ! > > interface Tunnel0 > > description BNE2->Avior > > ip address 10.255.255.2 255.255.255.252 > > no ip route-cache cef > > tunnel source 203.147.255.186 > > tunnel destination 203.147.190.4 > > ! > > interface FastEthernet0/0 > > no ip address > > ip route-cache flow > > speed 100 > > full-duplex > > ! > > interface FastEthernet0/0.5 > > encapsulation dot1Q 5 > > ! > > interface FastEthernet0/0.10 > > encapsulation dot1Q 10 > > ip address 10.15.15.254 255.255.255.0 secondary > > ip address 203.147.188.254 255.255.255.0 > > ip access-group pfilter in > > ip accounting access-violations > > ip nbar protocol-discovery > > ! > > interface FastEthernet0/0.999 > > encapsulation dot1Q 999 > > ip address 10.2.101.1 255.255.0.0 > > ! > > interface Serial0/0:0 > > description N7065870L to 96 Lytton Rd > > ip address 203.147.255.186 255.255.255.252 > > ip nbar protocol-discovery > > ip route-cache flow > > load-interval 30 > > service-policy output voippol > > ! > > router ospf 7496 > > log-adjacency-changes > > redistribute connected > > redistribute static subnets > > passive-interface FastEthernet0/0.999 > > network 203.147.188.0 0.0.0.255 area 203.147.188.0 > > network 203.147.255.184 0.0.0.3 area 203.147.188.0 > > > > At Gw1.bne2, it shows the subnets are learned via "statics" > > > > gw1.bne2#sh ip route 203.147.154.136 > > Routing entry for 203.147.154.136/29 > > Known via "static", distance 1, metric 0 > > Redistributing via ospf 7496 > > Advertised by ospf 7496 subnets > > Routing Descriptor Blocks: > > * 203.147.188.69 > > Route metric is 0, traffic share count is 1 > > > > When I goto Gw2.bne (middle router), I can see the routes in the OSPF > > Topology Table (all of them are learned from 203.147.255.186 - Gw1.bne2), > > but not the its routing table:- > > > > N.B: I also tried to do a clear ip route 203.147.144.0/20, but no help. > > The same route came straight back > > > > Type-5 AS External Link States > > > > 203.147.154.0 203.147.255.186 572 0x8002 0xAC01 0 > > 203.147.154.128 203.147.255.186 573
Re: Please help!!! [7:42411]
""Wallace Lee"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hunt, > I guess you don't have the 203.147.154.0 route in the middle router. > however, you have a > defaut route in it. So, you will experience a routing loop. Check you tunnel > configuration as well. see the following from u : > > I have an OSPF connectivity problem. I have 3 routers as follows: > > > > OSPF Area 203.147.188.0 OSPF Area 0 > > Gw1.bne2 Gw2.bne ---Gw1.bne > > > > Gw1.bne2 is connecting to Gw2.bne with Serial 0/0:0 (203.147.255.186 /30) > > Gw2.bne is connecting back to Gw1.bne2 with Serial 0/0:0 (203.147.255.185 > > /30) > > > > Gw2.bne is also connected to Gw1.bne with FastEth 0/0 (202.139.236.2 /24) > > Gw1.bne is connecting back to Gw2.bne with FastEth 0/1 (202.139.236.254 > /24) > > > > Now I have 5 static routes at Gw1.bne2 (the left most Router) that I want > to > > redistributed into OSPF. > > > > ip route 203.147.154.0 255.255.255.128 203.147.188.65 > > ip route 203.147.154.128 255.255.255.248 203.147.188.68 > > ip route 203.147.154.136 255.255.255.248 203.147.188.69 > > ip route 203.147.154.144 255.255.255.252 203.147.188.66 > > ip route 203.147.154.148 255.255.255.252 203.147.188.67 > > > > controller E1 0/0 > > channel-group 0 timeslots 1-31 > > ! > > ! > > interface Tunnel0 > > description BNE2->Avior > > ip address 10.255.255.2 255.255.255.252 > > no ip route-cache cef > > tunnel source 203.147.255.186 > > tunnel destination 203.147.190.4 > > ! > > interface FastEthernet0/0 > > no ip address > > ip route-cache flow > > speed 100 > > full-duplex > > ! > > interface FastEthernet0/0.5 > > encapsulation dot1Q 5 > > ! > > interface FastEthernet0/0.10 > > encapsulation dot1Q 10 > > ip address 10.15.15.254 255.255.255.0 secondary > > ip address 203.147.188.254 255.255.255.0 > > ip access-group pfilter in > > ip accounting access-violations > > ip nbar protocol-discovery > > ! > > interface FastEthernet0/0.999 > > encapsulation dot1Q 999 > > ip address 10.2.101.1 255.255.0.0 > > ! > > interface Serial0/0:0 > > description N7065870L to 96 Lytton Rd > > ip address 203.147.255.186 255.255.255.252 > > ip nbar protocol-discovery > > ip route-cache flow > > load-interval 30 > > service-policy output voippol > > ! > > router ospf 7496 > > log-adjacency-changes > > redistribute connected > > redistribute static subnets > > passive-interface FastEthernet0/0.999 > > network 203.147.188.0 0.0.0.255 area 203.147.188.0 > > network 203.147.255.184 0.0.0.3 area 203.147.188.0 > > > > At Gw1.bne2, it shows the subnets are learned via "statics" > > > > gw1.bne2#sh ip route 203.147.154.136 > > Routing entry for 203.147.154.136/29 > > Known via "static", distance 1, metric 0 > > Redistributing via ospf 7496 > > Advertised by ospf 7496 subnets > > Routing Descriptor Blocks: > > * 203.147.188.69 > > Route metric is 0, traffic share count is 1 > > > > When I goto Gw2.bne (middle router), I can see the routes in the OSPF > > Topology Table (all of them are learned from 203.147.255.186 - Gw1.bne2), > > but not the its routing table:- > > > > N.B: I also tried to do a clear ip route 203.147.144.0/20, but no help. > > The same route came straight back > > > > Type-5 AS External Link States > > > > 203.147.154.0 203.147.255.186 572 0x8002 0xAC01 0 > > 203.147.154.128 203.147.255.186 573 0x8002 0xA40D 0 > > 203.147.154.136 203.147.255.186 573 0x8002 0x6246 0 > > 203.147.154.144 203.147.255.186 573 0x8002 0xFF9F 0 > > 203.147.154.148 203.147.255.186 573 0x8002 0xE5B4 0 > > > > gw2.bne# sh ip route 203.147.154.136 > > Routing entry for 203.147.144.0/20, supernet > > Known via "ospf 7496", distance 110, metric 3, type inter area > > Last update from 202.139.236.254 on FastEthernet0/0, 00:17:48 ago > >Routing Descriptor Blocks: > > * 202.139.236.254, from 203.147.255.156, 00:17:48 ago, via > FastEthernet0/0 > > Route metric is 3, traffic share count is 1 > > > > However, if I goto Gw1.bne (the rightmost router), it can see all 5 subnets > > in the OSPF Topoloy Table and Routing Table > > > > Type-5 AS External Link States > > > > 203.147.154.0 203.147.255.186 867 0x8002 0xAC01 0 > > 203.147.154.128 203.147.255.186 867 0x8002 0xA40D 0 > > 203.147.154.136 203.147.255.186 867 0x8002 0x6246 0 > > 203.147.154.144 203.147.255.186 867 0x8002 0xFF9F 0 > > 203.147.154.148 203.147.255.186 867 0x8002 0xE5B4 0 > > > > gw1.bne#sh ip route 203.147.154.136 > > Routing entry for 203.147.154.136/29 > > Known via "ospf 7496", distance 110, metric 20, type extern 2, forward > > metric 52 > > Redistributing via ospf 7496 > > Last update from 202.139.236.2 on FastEthernet0/1, 00:49:30 ago > >Routing Descriptor Blocks: > > * 202.139.236.2, from 203.147.255.186, 00:
Re: Please help!!! [7:42411]
I agree. Are you terminiating the tunnel on gw1.bne? Or do you have another route from gw1.bne2 to gw1.bne? Becuase it looks like gw1.bne is learning it's route directly from gw1.bne2. If you could include the config from gw1.bne, it would help. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=42441&t=42411 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help!!! [7:42411]
Hunt, I guess you don't have the 203.147.154.0 route in the middle router. however, you have a defaut route in it. So, you will experience a routing loop. Check you tunnel configuration as well. see the following from u : I have an OSPF connectivity problem. I have 3 routers as follows: > > OSPF Area 203.147.188.0 OSPF Area 0 > Gw1.bne2 Gw2.bne ---Gw1.bne > > Gw1.bne2 is connecting to Gw2.bne with Serial 0/0:0 (203.147.255.186 /30) > Gw2.bne is connecting back to Gw1.bne2 with Serial 0/0:0 (203.147.255.185 > /30) > > Gw2.bne is also connected to Gw1.bne with FastEth 0/0 (202.139.236.2 /24) > Gw1.bne is connecting back to Gw2.bne with FastEth 0/1 (202.139.236.254 /24) > > Now I have 5 static routes at Gw1.bne2 (the left most Router) that I want to > redistributed into OSPF. > > ip route 203.147.154.0 255.255.255.128 203.147.188.65 > ip route 203.147.154.128 255.255.255.248 203.147.188.68 > ip route 203.147.154.136 255.255.255.248 203.147.188.69 > ip route 203.147.154.144 255.255.255.252 203.147.188.66 > ip route 203.147.154.148 255.255.255.252 203.147.188.67 > > controller E1 0/0 > channel-group 0 timeslots 1-31 > ! > ! > interface Tunnel0 > description BNE2->Avior > ip address 10.255.255.2 255.255.255.252 > no ip route-cache cef > tunnel source 203.147.255.186 > tunnel destination 203.147.190.4 > ! > interface FastEthernet0/0 > no ip address > ip route-cache flow > speed 100 > full-duplex > ! > interface FastEthernet0/0.5 > encapsulation dot1Q 5 > ! > interface FastEthernet0/0.10 > encapsulation dot1Q 10 > ip address 10.15.15.254 255.255.255.0 secondary > ip address 203.147.188.254 255.255.255.0 > ip access-group pfilter in > ip accounting access-violations > ip nbar protocol-discovery > ! > interface FastEthernet0/0.999 > encapsulation dot1Q 999 > ip address 10.2.101.1 255.255.0.0 > ! > interface Serial0/0:0 > description N7065870L to 96 Lytton Rd > ip address 203.147.255.186 255.255.255.252 > ip nbar protocol-discovery > ip route-cache flow > load-interval 30 > service-policy output voippol > ! > router ospf 7496 > log-adjacency-changes > redistribute connected > redistribute static subnets > passive-interface FastEthernet0/0.999 > network 203.147.188.0 0.0.0.255 area 203.147.188.0 > network 203.147.255.184 0.0.0.3 area 203.147.188.0 > > At Gw1.bne2, it shows the subnets are learned via "statics" > > gw1.bne2#sh ip route 203.147.154.136 > Routing entry for 203.147.154.136/29 > Known via "static", distance 1, metric 0 > Redistributing via ospf 7496 > Advertised by ospf 7496 subnets > Routing Descriptor Blocks: > * 203.147.188.69 > Route metric is 0, traffic share count is 1 > > When I goto Gw2.bne (middle router), I can see the routes in the OSPF > Topology Table (all of them are learned from 203.147.255.186 - Gw1.bne2), > but not the its routing table:- > > N.B: I also tried to do a clear ip route 203.147.144.0/20, but no help. > The same route came straight back > > Type-5 AS External Link States > > 203.147.154.0 203.147.255.186 572 0x8002 0xAC01 0 > 203.147.154.128 203.147.255.186 573 0x8002 0xA40D 0 > 203.147.154.136 203.147.255.186 573 0x8002 0x6246 0 > 203.147.154.144 203.147.255.186 573 0x8002 0xFF9F 0 > 203.147.154.148 203.147.255.186 573 0x8002 0xE5B4 0 > > gw2.bne# sh ip route 203.147.154.136 > Routing entry for 203.147.144.0/20, supernet > Known via "ospf 7496", distance 110, metric 3, type inter area > Last update from 202.139.236.254 on FastEthernet0/0, 00:17:48 ago >Routing Descriptor Blocks: > * 202.139.236.254, from 203.147.255.156, 00:17:48 ago, via FastEthernet0/0 > Route metric is 3, traffic share count is 1 > > However, if I goto Gw1.bne (the rightmost router), it can see all 5 subnets > in the OSPF Topoloy Table and Routing Table > > Type-5 AS External Link States > > 203.147.154.0 203.147.255.186 867 0x8002 0xAC01 0 > 203.147.154.128 203.147.255.186 867 0x8002 0xA40D 0 > 203.147.154.136 203.147.255.186 867 0x8002 0x6246 0 > 203.147.154.144 203.147.255.186 867 0x8002 0xFF9F 0 > 203.147.154.148 203.147.255.186 867 0x8002 0xE5B4 0 > > gw1.bne#sh ip route 203.147.154.136 > Routing entry for 203.147.154.136/29 > Known via "ospf 7496", distance 110, metric 20, type extern 2, forward > metric 52 > Redistributing via ospf 7496 > Last update from 202.139.236.2 on FastEthernet0/1, 00:49:30 ago >Routing Descriptor Blocks: > * 202.139.236.2, from 203.147.255.186, 00:49:30 ago, via FastEthernet0/1 > Route metric is 20, traffic share count is 1 > > As a result, when I do a trace from Gw1.bne (the rightmost router), it > points it to Gw2.bne, but Gw2.bne points it back - Routing Loop :( > > gw1.bne#trace 203.147.154.136 > > Type escape sequence to abort. > Tracing the route to 203.147.154.136 >
Re: Please help!!! [7:41002]
I seem to remember having a bit of a mare with similar. If you have no luck,
is using one of the async ports an option?
This is a working config from a 2509 using first async port:
line 1
autoselect ppp
modem Dialin
modem autoconfigure discovery
transport input all
stopbits 1
speed 115200
flowcontrol hardware
Gaz
""Hunt Lee"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I need some help for a Access Server setup.
>
> I am trying to setup a modem (netcomm 56.6k) to connect to a 2511. The
> modem is currently connected to the AUX port. However, no matter what I
> tried from my PC, everytime I make a connection, it comes up with a whole
> bunch of garbage.
>
> OK
>
> OK
>
> OK
>
> CARRIER 31200
>
> PROTOCOL: NONE
>
> CONNECT 31200
>
> __sSM~ErX9D`?ro"x`?@!S,@@`# B
>#o `@DZG?@"Z(S(?|p?
>cF42EmXUj"hYLh8[$ DD<>>06#"\(sqOKobt^U"Bt08
> S,,R '! P kfh(?L^H
> &E`jeDL?ez^P}}N\NAs-)
> ^al8b.ZTa!('P"Q-7sE-aOP> qGU!'!8"d/^erK?
Oni`Stn!ma}8.e"j? zCg_$!hG"3gO?P
> g77 (FE. FpO]%?XB^P
> S.TS&eT8'
>
> 1gciz$F~?*@yV
>-=T
>
>
> And here is the config for the 2511 -
>
>
> con1.hkg#sh run
> Building configuration...
>
> Current configuration:
> !
> ! Last configuration change at 16:58:36 AEST Wed Apr 10 2002
> ! NVRAM config last updated at 16:58:49 AEST Wed Apr 10 2002
> !
> version 11.2
> no service pad
> service timestamps debug datetime msec show-timezone
> service timestamps log datetime msec show-timezone
> service password-encryption
> no service udp-small-servers
> no service tcp-small-servers
> !
> hostname con1.hkg
> !
> aaa new-model
> aaa authentication login default enable
> aaa authentication login tacacs-login tacacs+ enable
> aaa authentication login NO_AUTHEN none
> aaa authorization exec tacacs+ if-authenticated
> aaa authorization commands 0 tacacs+ if-authenticated
> aaa authorization commands 1 tacacs+ if-authenticated
> aaa authorization commands 15 tacacs+ if-authenticated
> aaa accounting exec start-stop tacacs+
> aaa accounting commands 0 start-stop tacacs+
> aaa accounting commands 1 start-stop tacacs+
> aaa accounting commands 15 start-stop tacacs+
> enable secret 5 $1$oWH7$vULnq40DABAEnJCyCzTR4.
> !
> ip subnet-zero
> no ip domain-lookup
> ip host br1.hkg 2001 172.16.1.1
> ip host br2.hkg 2002 172.16.1.1
> ip host dist-sw1.hkg 2003 172.16.1.1
> ip host sw1.hkg 2004 172.16.1.1
> ip host sw2.hkg 2005 172.16.1.1
> ip host sw3.hkg 2006 172.16.1.1
> ip host sw4.hkg 2007 172.16.1.1
> ip host modem 2017 172.16.1.1
> ip name-server 10.1.0.1
> clock timezone AEST 10
> !
> interface Loopback0
> ip address 172.16.1.1 255.255.255.255
> no ip redirects
> no ip unreachables
> no ip directed-broadcast
> no ip proxy-arp
> no ip route-cache
> no ip mroute-cache
> !
> interface Ethernet0
> ip address 10.6.255.1 255.255.0.0
> no ip redirects
> no ip unreachables
> no ip directed-broadcast
> no ip proxy-arp
> no ip route-cache
> no ip mroute-cache
> !
> interface Serial0
> no ip address
> no ip redirects
> no ip unreachables
> no ip directed-broadcast
> no ip proxy-arp
> no ip route-cache
> no ip mroute-cache
> shutdown
> !
> interface Serial1
> no ip address
> no ip redirects
> no ip unreachables
> no ip directed-broadcast
> no ip proxy-arp
> no ip route-cache
> no ip mroute-cache
> shutdown
> !
> interface Async17
> ip unnumbered Loopback0
> no ip redirects
> no ip unreachables
> no ip directed-broadcast
> no ip proxy-arp
> encapsulation ppp
> no ip route-cache
> no ip mroute-cache
> peer default ip address pool NetOpspool
> ppp authentication chap pap
> !
> ip local pool NetOpspool 10.6.255.17
> ip default-gateway 10.6.255.252
> ip classless
> ip route 0.0.0.0 0.0.0.0 10.6.255.252
> logging buffered 2 debugging
> logging trap debugging
> logging 10.1.0.1
> access-list 11 deny any
> access-list 12 permit 172.16.1.1
> access-list 12 deny any
> access-list 99 permit 10.0.0.0 0.255.255.255
> access-list 99 permit x.x.x.x y.y.y.y
> access-list 99 deny any
> tacacs-server host 10.1.0.1
> tacacs-server key xx
> snmp-server community roxwap37 RW 99
> snmp-server community tobyup91 RO 99
> snmp-server trap-authentication
> snmp-server system-shutdown
> snmp-server enable traps config
> banner motd ^C
>
> con1.hkg
>
>
> ^C
> !
> line con 0
> exec-timeout 0 0
> login authentication NO_AUTHEN
> transport input none
> line 1 16
> session-timeout 60
> no exec
> exec-timeout 0 0
> transport input all
> line aux 0
> password 7 030752180500
> login authentication NO_AUTHEN
> modem InOut
> modem autoconfigure type default
> transport input all
> stopbits 1
> rxspeed 38400
> txspeed 38400
> flowcontrol hardware
> line vty 0 4
> access-class 99 in
> pas
Re: please help [7:41363]
Please provide following output from client router: show int atm show controller atm show diag show run int atm show ver thanks, rahul. ""xie rootstock"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > i have a client who bought our 155M atm service > > and the problem is the line is unstable, symptom is fitfull, average 24 once > > i have tested the line from the client port to my company's port with the > professional equipmeht, all is ok, what is wrong, any suggestion? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=41372&t=41363 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help!!! [7:41002]
Hi Lee, if you can reverse telnet into the modem, try to reset the modem to factory defaults with the 'at&f' command, that might help. Regards, Georg Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=41010&t=41002 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: please help **location migration** [7:40162]
Kevin, Check out "local area mobility", it looks like it may fit your needs: http://www.cisco.com/warp/public/cc/pd/iosw/ioft/lam/tech/lamso_wp.htm HTH, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Kevin Campbell Sent: Tuesday, April 02, 2002 2:49 AM To: [EMAIL PROTECTED] Subject: please help **location migration** [7:40162] I work for a collocation and bandwidth provider and need help with an issue for a migration. We need to move about 30 servers from a offsite location to our data center. The move of the servers needs to be done over the period of a month. We need to do this without changing the ip addresses of the servers. so either through an internet connection or wan link (both possible) we need to share the ip block. It cannot be subnetted and must remain a single ip block. We have ruled out the use of bridge groups across a T1 circuit and would like a better option than using a VPN. If you have any ideas please help. thanks for the help and all the useful post. I have been in this group for about 6 months and have made very few posts but have benefited immensely from users in this group. I thank you for that. Kevin Campbell MCSE, MCT, CCNP [GroupStudy.com removed an attachment of type application/ms-tnef which had a name of winmail.dat] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40214&t=40162 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: please help **location migration** [7:40162]
You can do this two ways, either over a VPN or a WAN link over a tunnel interface. The tunnel interface will probably be a little less overhead nsince you don't need encryption. ""Kevin Campbell"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I work for a collocation and bandwidth provider and need help with an issue > for a migration. > > We need to move about 30 servers from a offsite location to our data center. > The move of the servers needs to be done over the period of a month. We > need to do this without changing the ip addresses of the servers. so either > through an internet connection or wan link (both possible) we need to share > the ip block. It cannot be subnetted and must remain a single ip block. We > have ruled out the use of bridge groups across a T1 circuit and would like a > better option than using a VPN. If you have any ideas please help. > > thanks for the help and all the useful post. I have been in this group for > about 6 months and have made very few posts but have benefited immensely > from users in this group. I thank you for that. > > Kevin Campbell MCSE, MCT, CCNP > > [GroupStudy.com removed an attachment of type application/ms-tnef which had > a name of winmail.dat] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40175&t=40162 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: please help **location migration** [7:40162]
I'm not sure if this will help but here goes: I used to work for a dotcom and we had to move our Datacenter from SiteA to SiteB with 2 different address blocks. The problem you might say is if you move the website what happens? Well we made a duplicate copy of the website (minus the database) at site B and then used IIS forwarding to point to the new site and put the Database under maintenance until we got it transferred to Site B. Then we changed our DNS entries for the website and left the IIS forwarding on for a few days. I now this doesn't actually answer your question but it could solve your problem. -Original Message- From: Kevin Campbell [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 02, 2002 5:49 AM To: [EMAIL PROTECTED] Subject: please help **location migration** [7:40162] I work for a collocation and bandwidth provider and need help with an issue for a migration. We need to move about 30 servers from a offsite location to our data center. The move of the servers needs to be done over the period of a month. We need to do this without changing the ip addresses of the servers. so either through an internet connection or wan link (both possible) we need to share the ip block. It cannot be subnetted and must remain a single ip block. We have ruled out the use of bridge groups across a T1 circuit and would like a better option than using a VPN. If you have any ideas please help. thanks for the help and all the useful post. I have been in this group for about 6 months and have made very few posts but have benefited immensely from users in this group. I thank you for that. Kevin Campbell MCSE, MCT, CCNP [GroupStudy.com removed an attachment of type application/ms-tnef which had a name of winmail.dat] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40174&t=40162 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: please help **location migration** [7:40162]
See comments inline. Basically, I think you need to explain your restrictions. My experience working with clients is that sometimes perceived restrictions, i.e - "We CAN'T do that!", really aren't restrictions at all, i.e. - "We don't WANT to do that because we really don't understand how it works and we're not comfortable." Thanks, Craig P.S. - You appear to be in my area. Shoot me an e-mail off-list and maybe we can sit down to discuss your issue if you're close to me. At 05:49 AM 4/2/2002 -0500, you wrote: >I work for a collocation and bandwidth provider and need help with an issue >for a migration. > >We need to move about 30 servers from a offsite location to our data center. >The move of the servers needs to be done over the period of a month. We >need to do this without changing the ip addresses of the servers. Why can't you change the IP addresses? Are there hardcoded applications? Is time required for DNS cache expiration a problem? Is the same provider servicing the offsite and onsite locations? Is the IP block portable? >so either >through an internet connection or wan link (both possible) we need to share >the ip block. It cannot be subnetted and must remain a single ip block. So you need a single, non-subnetted IP block to be at two physically remote locations, but one logical location. Why can't the IP block be subnetted? Can it be summarized? >We >have ruled out the use of bridge groups across a T1 circuit and would like a >better option than using a VPN. If you have any ideas please help. > >thanks for the help and all the useful post. I have been in this group for >about 6 months and have made very few posts but have benefited immensely >from users in this group. I thank you for that. > >Kevin Campbell MCSE, MCT, CCNP > >[GroupStudy.com removed an attachment of type application/ms-tnef which had >a name of winmail.dat] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=40170&t=40162 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help me answer this question [7:36295]
On Jul 16, 11:56am, "Priscilla Oppenheimer" wrote: } } It sounds like you're trying to pass the CID test. You should have signed } an NDA that says that you won't disclose questions on the test. This reply isn't aimed at any single person, since several people did the same thing. The original poster did not specify the source of the question. Therefore, he did not disclose that it is a question on the test, so unless the reader has already taken the test, they wouldn't know that it is a question on the test. Several people responded claiming that the question came from a test, thus disclosing a question on the test, thus breaking NDA. Ironic, isn't it? Without the whistle blowers, nobody would have been the wiser. I haven't taken any Cisco exams yet (mainly due to lack of time); but, I have taken Microsoft exams. I found a couple of questions that were on Microsoft exams that were exactly the same as some questions in the official Microsoft study material. So, without asking the person, we can't be sure what the source of the question was. Another thing I noticed is that all the people replying kept the question, thus circulating the question more and adding more copies of it to the archives. If you really must be a whistle blower, then it would be best do directly so you can avoid the above problems. }-- End of excerpt from "Priscilla Oppenheimer" Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36455&t=36295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help me answer this question [7:36295]
I think Answer C mentions just one site, not multiple sites. It could be done on a single router with a simple ACL that doesn't allow access to the host that has the software. So, C is right. How would you do Answer A with a simple firewall system? If you can answer that, then I'll agree with you that A is right, but I bet you can't come up with a simple solution to the problem that needs to be solved in A. And how about Answer B and D? What are your solutions to those problems? And are your solutions simple? This is the sort of thinking that you need for CID. And it is real-world, by the way. Let's say that the people who will be implementing and maintaining the security system are just barely out of school or just recently got their CCNA. There are no software developers or senior network engineers to get the system working. A design requirement and priority in this case is simplicity. Of course, "simplicity" is somewhat subjective, and that is a legitimate complaint about the question. But it's all relative. If test takers actually do the work required to envision actual solutions, they can easily determine which one is simplest. If test takers try to memorize answers or determine answers without much analysis, not only will they find the test frustrating and possibly unpassable, they will suck as network designers, (to be blunt! ;-) Priscilla At 06:24 PM 2/23/02, Russ Kreigh wrote: >I think A would be right, because C would not be a "simple" solution, ex. >they would have to maintain a list of unauthorized sites. > > > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of >Love Cisco >Sent: Friday, February 22, 2002 10:16 PM >To: [EMAIL PROTECTED] >Subject: Please help me answer this question [7:36295] > > >1. Which of the following customers can probably meet their security >requirements with a simple firewall system? >A. Company ABC wants to make sure customers can see public marketing data >but not proprietary sales figures. >B. University ABC want to make sure students can see but not change their >grades in administrative database. >C. Company XYZ wants to make sure employees do not download software from >unauthorized site. >D. University XYZ wants to make sure that public central software developed >at the university stops working after a period of time if the user does not >pay shareware fees. >= >I think C is right. But some people think A. > >What do you think? Why? Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36414&t=36295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help me answer this question [7:36295]
C. A firewall has the capability of blocking traffic from certain sites. A. This is incorrect because the firewall cannot distinguish between a SEC-filed Annual report placed on a public internet website and a Work-in-progress-next-year's-Annual-Report placed on an intranet website on the same server. -Original Message- From: Love Cisco [mailto:[EMAIL PROTECTED]] Sent: Friday, February 22, 2002 10:16 PM To: [EMAIL PROTECTED] Subject: Please help me answer this question [7:36295] 1. Which of the following customers can probably meet their security requirements with a simple firewall system? A. Company ABC wants to make sure customers can see public marketing data but not proprietary sales figures. B. University ABC want to make sure students can see but not change their grades in administrative database. C. Company XYZ wants to make sure employees do not download software from unauthorized site. D. University XYZ wants to make sure that public central software developed at the university stops working after a period of time if the user does not pay shareware fees. = I think C is right. But some people think A. What do you think? Why? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36383&t=36295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help me answer this question [7:36295]
No, just wishful thinking. -- RFC 1149 Compliant. ""ko haag"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Any News on when Cisco may fix it? I was planning on take the CID test on > Wednesday. > Is there another test I could take to get the CCDP? > > Ko > > "Steven A. Ridder" wrote: > > > With all these conflicting answers, it just proves my point that the CID is > > a crummy, poorly worded test. Don't give Cisco the $125 until the fix it! > > > > ""Russ Kreigh"" wrote in message > > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > > I think A would be right, because C would not be a "simple" solution, ex. > > > they would have to maintain a list of unauthorized sites. > > > > > > > > > > > > -Original Message- > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > > Love Cisco > > > Sent: Friday, February 22, 2002 10:16 PM > > > To: [EMAIL PROTECTED] > > > Subject: Please help me answer this question [7:36295] > > > > > > > > > 1. Which of the following customers can probably meet their security > > > requirements with a simple firewall system? > > > A. Company ABC wants to make sure customers can see public marketing data > > > but not proprietary sales figures. > > > B. University ABC want to make sure students can see but not change their > > > grades in administrative database. > > > C. Company XYZ wants to make sure employees do not download software from > > > unauthorized site. > > > D. University XYZ wants to make sure that public central software > > developed > > > at the university stops working after a period of time if the user does > > not > > > pay shareware fees. > > > = > > > I think C is right. But some people think A. > > > > > > What do you think? Why? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36341&t=36295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help me answer this question [7:36295]
Any News on when Cisco may fix it? I was planning on take the CID test on Wednesday. Is there another test I could take to get the CCDP? Ko "Steven A. Ridder" wrote: > With all these conflicting answers, it just proves my point that the CID is > a crummy, poorly worded test. Don't give Cisco the $125 until the fix it! > > ""Russ Kreigh"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I think A would be right, because C would not be a "simple" solution, ex. > > they would have to maintain a list of unauthorized sites. > > > > > > > > -Original Message- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > Love Cisco > > Sent: Friday, February 22, 2002 10:16 PM > > To: [EMAIL PROTECTED] > > Subject: Please help me answer this question [7:36295] > > > > > > 1. Which of the following customers can probably meet their security > > requirements with a simple firewall system? > > A. Company ABC wants to make sure customers can see public marketing data > > but not proprietary sales figures. > > B. University ABC want to make sure students can see but not change their > > grades in administrative database. > > C. Company XYZ wants to make sure employees do not download software from > > unauthorized site. > > D. University XYZ wants to make sure that public central software > developed > > at the university stops working after a period of time if the user does > not > > pay shareware fees. > > = > > I think C is right. But some people think A. > > > > What do you think? Why? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36332&t=36295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help me answer this question [7:36295]
With all these conflicting answers, it just proves my point that the CID is a crummy, poorly worded test. Don't give Cisco the $125 until the fix it! ""Russ Kreigh"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I think A would be right, because C would not be a "simple" solution, ex. > they would have to maintain a list of unauthorized sites. > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Love Cisco > Sent: Friday, February 22, 2002 10:16 PM > To: [EMAIL PROTECTED] > Subject: Please help me answer this question [7:36295] > > > 1. Which of the following customers can probably meet their security > requirements with a simple firewall system? > A. Company ABC wants to make sure customers can see public marketing data > but not proprietary sales figures. > B. University ABC want to make sure students can see but not change their > grades in administrative database. > C. Company XYZ wants to make sure employees do not download software from > unauthorized site. > D. University XYZ wants to make sure that public central software developed > at the university stops working after a period of time if the user does not > pay shareware fees. > = > I think C is right. But some people think A. > > What do you think? Why? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36329&t=36295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help me answer this question [7:36295]
I think A would be right, because C would not be a "simple" solution, ex. they would have to maintain a list of unauthorized sites. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Love Cisco Sent: Friday, February 22, 2002 10:16 PM To: [EMAIL PROTECTED] Subject: Please help me answer this question [7:36295] 1. Which of the following customers can probably meet their security requirements with a simple firewall system? A. Company ABC wants to make sure customers can see public marketing data but not proprietary sales figures. B. University ABC want to make sure students can see but not change their grades in administrative database. C. Company XYZ wants to make sure employees do not download software from unauthorized site. D. University XYZ wants to make sure that public central software developed at the university stops working after a period of time if the user does not pay shareware fees. = I think C is right. But some people think A. What do you think? Why? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36328&t=36295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help me answer this question [7:36295]
It sounds like you're trying to pass the CID test. You should have signed an NDA that says that you won't disclose questions on the test. This is one of those questions that you can most easily answer if you have read the CID course materials. The Cisco Press book edited by Birkner won't help because for some reason he left out the security chapter when he ported the CID course to book format. (I think Cisco was thinking about removing security from CID at the time, but never synced up with the test writers on this.) Other CID books might help though. Priscilla At 10:15 PM 2/22/02, Love Cisco wrote: >1. Which of the following customers can probably meet their security >requirements with a simple firewall system? >A. Company ABC wants to make sure customers can see public marketing data >but not proprietary sales figures. >B. University ABC want to make sure students can see but not change their >grades in administrative database. >C. Company XYZ wants to make sure employees do not download software from >unauthorized site. >D. University XYZ wants to make sure that public central software developed >at the university stops working after a period of time if the user does not >pay shareware fees. >= >I think C is right. But some people think A. > >What do you think? Why? Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36325&t=36295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help me answer this question [7:36295]
The catch in that question is the word 'Simple' For you to implement option A, you must have a Firewall system having at least three interface(inside,outside,dmz) so that you can utilize the DMS concept and put the public marketing data (The word 'Public' is another word for dmz-The 3rd interface, where public data in a good Security design should be kept) there and put the proprietary sales figures in your inside (Private) network. That is the only way the firewall can help control access to these two set of data. For option C, a Firewall with just two interface(inside and outside) or even a Cisco Router with Cisco Firewall IOS will do the job, just implement CBAC or a websense Server to filter out the unwanted site. Again more configurations would be needed to achieve the goal stipulated in option A, at least you would configure the dmz interface parameters, etc; while one or just two lines of command would accomplish the goal in option C. So it is obvious that from hardward and software point of view, option C is the more 'simple firewall' aproach for any one. Enjoy Godswill Oletu CCNP,CCDP,CSS1. - Original Message - From: Brian To: Sent: Saturday, February 23, 2002 12:39 AM Subject: Re: Please help me answer this question [7:36295] > to me b and d are out of the running because they are looking to prevent > people from modifying data, thats an application issue. So youre left > with a and c. A seems to be a problem best solved by putting the info on > separate drives or devices, so I vote c. A case could be made for a > however, if you say put the data on separate devices then use the firewall > to permit some access and prevent others. I'm stickin with c. > > Brian > > On Sat, 23 Feb 2002, Clayton Dukes wrote: > > > Hmmm > > > > > > Clayton Dukes > > CCNA, CCDA, CCDP, CCNP, NCC > > (h) 904-292-1881 > > (c) 904-477-7825 > > #rm -rf /bin/laden > > #kill -9 /bin/laden > > > > > > - Original Message - > > From: "Love Cisco" > > To: > > Sent: Friday, February 22, 2002 10:15 PM > > Subject: Please help me answer this question [7:36295] > > > > > > > 1. Which of the following customers can probably meet their security > > > requirements with a simple firewall system? > > > A. Company ABC wants to make sure customers can see public marketing data > > > but not proprietary sales figures. > > > B. University ABC want to make sure students can see but not change their > > > grades in administrative database. > > > C. Company XYZ wants to make sure employees do not download software from > > > unauthorized site. > > > D. University XYZ wants to make sure that public central software > > developed > > > at the university stops working after a period of time if the user does > > not > > > pay shareware fees. > > > = > > > I think C is right. But some people think A. > > > > > > What do you think? Why? _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36309&t=36295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help me answer this question [7:36295]
Ask the question again...h - Original Message - From: Love Cisco To: Sent: Friday, February 22, 2002 7:15 PM Subject: Please help me answer this question [7:36295] > 1. Which of the following customers can probably meet their security > requirements with a simple firewall system? > A. Company ABC wants to make sure customers can see public marketing data > but not proprietary sales figures. > B. University ABC want to make sure students can see but not change their > grades in administrative database. > C. Company XYZ wants to make sure employees do not download software from > unauthorized site. > D. University XYZ wants to make sure that public central software developed > at the university stops working after a period of time if the user does not > pay shareware fees. > = > I think C is right. But some people think A. > > What do you think? Why? _ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36308&t=36295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help me answer this question [7:36295]
to me b and d are out of the running because they are looking to prevent people from modifying data, thats an application issue. So youre left with a and c. A seems to be a problem best solved by putting the info on separate drives or devices, so I vote c. A case could be made for a however, if you say put the data on separate devices then use the firewall to permit some access and prevent others. I'm stickin with c. Brian On Sat, 23 Feb 2002, Clayton Dukes wrote: > Hmmm > > > Clayton Dukes > CCNA, CCDA, CCDP, CCNP, NCC > (h) 904-292-1881 > (c) 904-477-7825 > #rm -rf /bin/laden > #kill -9 /bin/laden > > > - Original Message - > From: "Love Cisco" > To: > Sent: Friday, February 22, 2002 10:15 PM > Subject: Please help me answer this question [7:36295] > > > > 1. Which of the following customers can probably meet their security > > requirements with a simple firewall system? > > A. Company ABC wants to make sure customers can see public marketing data > > but not proprietary sales figures. > > B. University ABC want to make sure students can see but not change their > > grades in administrative database. > > C. Company XYZ wants to make sure employees do not download software from > > unauthorized site. > > D. University XYZ wants to make sure that public central software > developed > > at the university stops working after a period of time if the user does > not > > pay shareware fees. > > = > > I think C is right. But some people think A. > > > > What do you think? Why? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36307&t=36295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help me answer this question [7:36295]
Hmmm Clayton Dukes CCNA, CCDA, CCDP, CCNP, NCC (h) 904-292-1881 (c) 904-477-7825 #rm -rf /bin/laden #kill -9 /bin/laden - Original Message - From: "Love Cisco" To: Sent: Friday, February 22, 2002 10:15 PM Subject: Please help me answer this question [7:36295] > 1. Which of the following customers can probably meet their security > requirements with a simple firewall system? > A. Company ABC wants to make sure customers can see public marketing data > but not proprietary sales figures. > B. University ABC want to make sure students can see but not change their > grades in administrative database. > C. Company XYZ wants to make sure employees do not download software from > unauthorized site. > D. University XYZ wants to make sure that public central software developed > at the university stops working after a period of time if the user does not > pay shareware fees. > = > I think C is right. But some people think A. > > What do you think? Why? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36305&t=36295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Re: Please help me answer this question [7:36295]
Chuck, I was thinking exactly the same thing! John Get your own "800" number Voicemail, fax, email, and a lot more http://www.ureach.com/reg/tag On Fri, 22 Feb 2002, Chuck ([EMAIL PROTECTED]) wrote: > I think you're a bad boy, and you know exactly what I mean. > > Chuck > > > ""Love Cisco"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > 1. Which of the following customers can probably meet their security > > requirements with a simple firewall system? > > A. Company ABC wants to make sure customers can see public marketing > data > > but not proprietary sales figures. > > B. University ABC want to make sure students can see but not change > their > > grades in administrative database. > > C. Company XYZ wants to make sure employees do not download software > from > > unauthorized site. > > D. University XYZ wants to make sure that public central software > developed > > at the university stops working after a period of time if the user > does > not > > pay shareware fees. > > = > > I think C is right. But some people think A. > > > > What do you think? Why? [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36297&t=36295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please help me answer this question [7:36295]
I think you're a bad boy, and you know exactly what I mean. Chuck ""Love Cisco"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > 1. Which of the following customers can probably meet their security > requirements with a simple firewall system? > A. Company ABC wants to make sure customers can see public marketing data > but not proprietary sales figures. > B. University ABC want to make sure students can see but not change their > grades in administrative database. > C. Company XYZ wants to make sure employees do not download software from > unauthorized site. > D. University XYZ wants to make sure that public central software developed > at the university stops working after a period of time if the user does not > pay shareware fees. > = > I think C is right. But some people think A. > > What do you think? Why? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=36296&t=36295 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help : OSPF summary route cost. [7:30297]
Thank you to everybody who responded to my earlier email. I realize that a picture says more than a thousand words, therfore I am supplementing my earlier questions with the following scenario: -- Here are my router configurations: -- hostname RouterA ! interface Serial0 description connected to RouterB via network 1 ip address 192.168.1.2 255.255.255.0 ip ospf cost 1 no fair-queue ! router ospf 10 network 192.168.1.0 0.0.0.255 area 1 -- hostname RouterB ! interface Ethernet0 description connected to RouterC via network 2 ip address 192.168.2.1 255.255.255.0 ip ospf cost 4 ! interface Serial0 description connected to RouterA via network 1 ip address 192.168.1.1 255.255.255.0 ip ospf cost 1 ! router ospf 10 network 192.168.1.0 0.0.0.255 area 1 network 192.168.2.0 0.0.0.255 area 0 -- hostname RouterC ! interface Ethernet0 description connected to RouterB via network 2 ip address 192.168.2.2 255.255.255.0 ip ospf cost 4 ! interface Serial0 description connected to RouterD via network 3 ip address 192.168.3.1 255.255.255.0 ip ospf cost 64 ! router ospf 10 network 192.168.2.0 0.0.0.255 area 0 network 192.168.3.0 0.0.0.255 area 2 -- hostname RouterD ! interface Ethernet0 description network 4 ip address 192.168.4.1 255.255.255.0 ip ospf cost 16 ! interface Serial0 description connected to RouterC via network 3 ip address 192.168.3.2 255.255.255.0 ip ospf cost 64 no fair-queue ! router ospf 10 network 192.168.3.0 0.0.0.255 area 2 network 192.168.4.0 0.0.0.255 area 2 -- The network diagram follows: netw 1 netw 2 netw 3netw 4 [ A ][ B ][ C ]-[ D ]-| cost 1 cost 4 cost 64 cost 16 --- If we do a "show ip route" at routerA we get the following output: RouterA>show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR Gateway of last resort is not set C192.168.1.0/24 is directly connected, Serial0 O IA 192.168.2.0/24 [110/5] via 192.168.1.1, 00:23:26, Serial0 O IA 192.168.3.0/24 [110/133] via 192.168.1.1, 00:18:51, Serial0 O IA 192.168.4.0/24 [110/85] via 192.168.1.1, 00:18:56, Serial0 Now for my problem: Looking at the diagram above, the metric from Router A to network 4 is 85. This is perfectly understandable (sumtotal of all the costs: 85 = 1+4+64+16). BUT NOW: The metric from RouterA to network 3 is 133!!! This is higher than the metric to network 4 even though we access network 4 via network 3. Logically I would have thought the cost to network 3 has to be 69 (64+4+1), not 133. Where does the cost-difference of 64 come from? The only rational explanation I have for this is that the ABR for area 2 added it, but why??? And why only add this cost factor for network 3 (and not for network 4)??? Please assist me if you know the answers since I cannot figure out a reasonable explanation. Thank you for your support. Abraham de Villiers Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=30523&t=30297 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Please help : OSPF summary route cost. [7:30297]
Can you send the config for this scenario ? Nick Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=30421&t=30297 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Please Help me. [7:30031]
Hi, you need to configure dial-peers on your router, depends on what you want to do. 1. if you need just to receive calls on your router, you just have to configure dial-peer voice # pots destination-pattern #phone number port #of port to which you assigned the phone number 2. if you need to initiate voip calls from your router, you have to configure dial-peer voip dial-peer voice # voip destination-pattern # phone number that you want to attempt session target ipv4:@ip of destination tese are basic commands that you have to enter, now you may need additional commands, for this, refer to cisco web site. you have fxo ports, that means that you'll connect a pbx to your router I think, and not a phone, some other comands will be needed ""Hamed"" a icrit dans le message news: [EMAIL PROTECTED] > Hi > We want to configure cisco3660 for VOIP termination(Just Termination) > We have 6 VIC-2FXO (12 Line PSTN) . > our router has 2 LAN port that one of them is connected to Internet and one > another is shutdown. > A company would like to send their traffic for termination. > Please help me to configure this router for termination and tell me how can > I configure it. (Which commands are necessary for termination) > > Regards. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=30175&t=30031 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
