I am having trouble calculating some real world burst sizes for QoS. My goal
is simply rate limit TCP as closely to 1.0 Mb as possible. I understand the
sawtooth will make this difficult and the fact that packet sizes are ever
changing, but I am basing my caluclation on 1500 byte Ethernet.
the com
Howard,
It would be so much fun to not understand some of this up close. :-)
>>> "Howard C. Berkowitz" 02/18/03 06:42AM >>>
[snip]
Does that make a 7500 with VIPs a L3 switch? A 12000 with
distributed forwarding processors?
Substituting router for L3 switch is a good idea, but go farther th
Now I had definitely heard of the notorios ppp multilink!! Just haven't
nailed it down for now.
Also using peer ip address and no peer neighbor-route.
I will try it later as I am hesitant to use ppp encap right now lest I
get frustrated and lose another hour in my studies. I had to reboot the
swi
Does switching on same card use backplane BW?
If, say, I am doing MLS ( L3 switching ) on a CAT 5000, and I setup two
hosts, one on port 1 and the other one port 2 on the same card ( ws-x5201R
which does the L3 MAC rewrite itself ), does this type of setup use any
backplane bandwidth?
Or does it
Alright!! After many many months of frustration with what I thought was a
problem with ppp encap, it turned out to be something else.
As Stuart correctly pointed me to this url (which I have no idea why I
did not look it up earlier) the problem lies with using LDN along with
the SPID #'s. Thank you
On a 75XX w/ 4-50 cards, where does NAT actually happen at? Does it happen
on the VIPs or on the RSP?
I am hoping that it happens between the VIPs like dCEF
I need to setup a temp link for backup purposes and if the VIPs do the
NATing, If I can get by with an RSP2 with VIP4-50's, I won't have
Han Chuan Alex Ang wrote:
>
> hi, I am trying to have a clearer picture of the layer 3
> switching
>
> concept.
>
> Assuming that I have a Core Catalyst 6 series switch with layer
> 3
>
> switching capabilities, I have a Access layer switch connected
> to the
>
> core with two port label Vlan
At 1:57 AM + 2/19/03, Han Chuan Alex Ang wrote:
>hi, I am trying to have a clearer picture of the layer 3 switching
>
>concept.
>
>Assuming that I have a Core Catalyst 6 series switch with layer 3
>
>switching capabilities, I have a Access layer switch connected to the
>
>core with two port lab
Priscilla,
Ok, you caught me not telling the whole truth. There is a second VLAN
on the switch, but my point was that the MLS cache is full of entries for
one host talking to another host off of the same VLAN interface but on a
secondary subnet, indicating that L3 switching (routing) took plac
Firesox wrote:
>
> I have two ip-helper addresses configured on 2621 which
> connects to another
> 2621 at the HUB where DHCP servers reside.
Do you have two ip helper addresses on the same interface? Does that really
do any good or does the first one just get used all the time? Or do you mean
tw
Check the following link and see if it has the answer to your question:
http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration
_guide_chapter09186a008008d313.html
""Richard Campbell"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi.. Group,
>
> May I kn
What command can i use to tell if my ISDN switch is turned on and operating
properly between two bri0 int on routers?
here is what I have configured
r1
interface BRI0
ip address 150.100.7.1 255.255.255.0
encapsulation ppp
ip ospf demand-circuit
dialer map ip 150.100.7.2 broadcast 2002
dialer-g
I'm fairly certain the answer to your first question is no, the switch will
not be intelligent enough to switch it to the appropriate port
automatically. The reason is that the switch must go through a layer 3
device to get from one VLAN (aka IP subnet) to another. I don't think this
is a real is
I believe the MIBs are on the CSS itself. Use an FTP client to browse the
box and you'll find them somewhere. I'm at home at the moment and I can't
remember which directory they're in but it seems like it's fairly clear when
you see it.
John
""Sam Sneed"" wrote in message
[EMAIL PROTECTED]">ne
Are unintelligent 10 Mbps hubs better than unintelligent 10/100 Mbps
switches when the network cables that connect the PCs to the hub or switch
are Cat3 or Cat4?
I provide network services to dozens of non-profits. Most of the sites have
Cat3 or Cat4 cabling. I have a co-worker who says that 10 M
I'm confused on native vlan and trunking. Can I assign a port to a trunk
(for all the vlans), then assign that port to a vlan100? Does that port
belong to native vlan100? What means native vlan? Thanks. Yoshi
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63309&t=63309
---
Sonic Wall Firewalls can do some content filtering and there is an antivirus
option you can get. No IDS, though. Pix has a rudimentary IDS, as has been
stated. It has 59 signatures or so.
Tom Larus
""Gunjan Mathur"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi,
>
> I'm lo
""Ken Diliberto"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Priscilla,
>
> All I want is credit. :-)
if it makes you feel better, Ken, I always credit you with at least two
cents worth
I'm going to be visiting some of your compadres int the next couple of
weeks. Dare
Mr. Berkowitz
If it wasn't for your humor companied with your experience and knowledge, I
would have went into a coma from reading other postings. Keep up the work
and don't stop rocking the boatDUDE.
-Original Message-
From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED]]
Sent:
I thought the PIX can do content filtering if hooked up with websense?
Doesn't it use WCCP to do this.
Sonicwall says it can do inbuilt anti-virus, content filtering. But it looks
like its a subscription based service so it's not really your firewall doing
these functions.
-Original Message--
hi, I am trying to have a clearer picture of the layer 3 switching
concept.
Assuming that I have a Core Catalyst 6 series switch with layer 3
switching capabilities, I have a Access layer switch connected to the
core with two port label Vlan 1 subnet 1 and Vlan 2 subnet 2,
when frames is s
Priscilla,
All I want is credit. :-)
"Some guy on one of the many mailling lists I frequent put it this
way:" (maybe not)
Ken
>>> "Priscilla Oppenheimer" 02/18/03 12:06PM
>>>
[snip]
I think Ken's example is one of the cleanest I've seen. I may have to
borrow it for my classes.
[snip]
I have :Cisco ACS with Aironet 350 and all clients have Avaya Gold card
installed.
Is it possible to use the EAP in this scenario? Could I load the newest
version of client adaptor firmware from Cisco on Avaya cards?
I need to secure the authentication using ACS and EAP using Avaya Cards.
Thanks
Anyone know where I can download these? I couldn't find them on Cisco site.
I'd like to get CPU stats on my CSS11152 via snmp.
thanks
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63300&t=63300
--
FAQ, list archives, and subscr
Not sure if this is possible on PIX, but I've done this with access lists on
routers.
you would need tftp access to the router / pix in question.
copy the running config to the tftp server and modify the copy on the tftp
server.
copy from the tftp server to STARTUP config.
then issue copy start run
Here is a correct statment for Access group
access-group acl_out in interface outside
Rest is correct.
--
Curious
MCSE, CCNP
""Ismail Al-Shelh"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> 10.10.0.0 255.255.0.0---515E PIX FIREWALL--1750
> ROUTER10.15.0.0 2
I have two ip-helper addresses configured on 2621 which connects to another
2621 at the HUB where DHCP servers reside.
I have 2 Novell Netware 5.1 servers as DHPC servers. Lease is set to 3 days
Everthing is working as expected except windows 95 and 98 clients are not
renewing the IP after three d
The PIX does have IDS capabilities, but very rudimentary. no anti-virus or
content filtering.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63296&t=63167
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/lis
At 3:27 PM -0600 2/18/03, Daniel Cotts wrote:
>Problem being that Cisco uses the term "attribute" in the discussion of
>weight. Source BSCN ver1.0 Training Materials.
>There is a page listing the various types of attributes and which attributes
>fall under each type. A "kicker" line states "In addi
Problem being that Cisco uses the term "attribute" in the discussion of
weight. Source BSCN ver1.0 Training Materials.
There is a page listing the various types of attributes and which attributes
fall under each type. A "kicker" line states "In addition, Cisco has defined
a weight attribute for BGP
I would like to buy a flash PC card for my Cat 6000 with Sup1A. I know
there are different file system formats for various devices, but do the 3600
and 6000 cards have the same physical spec? Can I use the same card in both
devices if I reformat?
Thanks,
-Bob Sinclair
Message Posted at:
htt
You first have to set the speed, it currently in auto.
C6509> (enable) set port speed 5/8 auto
Port(s) 5/8 speed set to auto detect.
C6509> (enable) set port duplex 5/8 half
Port 5/8 is in auto-sensing mode.
C6509> (enable) set port speed 5/8 100
Port(s) 5/8 speed set to 100Mbps.
C6509> (enable)
Stephen Hoover wrote:
>
> Ken,
>
> Thanks for the input on this discussion. I follow and
> understand your
> example without any problems.
>
> Now if taking it back to the original original question -
> Does L3
> switching require VLANs - produces this question for your
> example:
>
>
Stephen Hoover wrote:
>
> Ken,
>
> Thanks for the input on this discussion. I follow and
> understand your
> example without any problems.
>
> Now if taking it back to the original original question -
> Does L3
> switching require VLANs - produces this question for your
> example:
>
>
Your message to [EMAIL PROTECTED] sent Tue, 18 Feb 2003 19:48:02
GMT cannot be delivered because the intended recipient has left the Company.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63289&t=63289
--
FAQ, list archives, and
I've thought of this and will have this in place as well. So then I guess
that there is no way to add to middle of conduit without locking yourself
out.
""Daniel Cotts"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Look at the problem from another direction. How about a modem c
Looks like he has a nice Web site regarding security too. I purchased the
book. It sounds good and very approachable at a low cost and low page-count.
I have no affiliation with the author, having never met him or even
corresponded with him, except maybe a couple e-mails after he published his
firs
Sam,
Speed and Duplex are tied at the hip - if speed is auto, duplex must be
auto. Try hard-coding the speed, first, then the duplex.
-Bob Sinclair
- Original Message -
From: "SamN"
To:
Sent: Tuesday, February 18, 2003 12:18 PM
Subject: Switch Port [7:63275]
> switch1> (enable) se
Look at the problem from another direction. How about a modem connected to a
terminal server. The TS connects to the PIX console port. That way your
connection is out-of-band. I'd agree that the modem should be powered off
except when needed. Local admin staff would have to hit the "big red
switch.
Tried
Nat 0 (inside) access-list_nat0
Nat 1 rest ip traffic to outside(nat id 1 same as global (int)
id 1)
Access-list_nat0 do not nat to ip range 2nd interface
Martijn
-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Namens Robert
Perez
Verzonden: di
At 4:06 PM + 2/18/03, Daniel Cotts wrote:
>In line:
>
>> -Original Message-
>> From: lee wooi keat [mailto:[EMAIL PROTECTED]]
>> Sent: Tuesday, February 18, 2003 4:51 AM
>> To: [EMAIL PROTECTED]
>> Subject: CCIE written exercise question [7:63247]
>>
>>
>> All,
>>
>> I'm preparin
Please help, I went with PIX instead of CP and I cannot
find a way to do this now!!!
Setup
PIX 515E-ur
-
| PIX inside PIX intf2|
| 192.168.25.0/24 10.178.25.25/16 |
|
I4m selling:
2 Wireless cisco PC Cards PCM350 (For laptops)
1 Wireless cisco PC Cards PCM340 (For laptops)
1 Router 1750 2V, CAB-V35MT, 1 FXS, 8-32
If you are interested just write me!
_
Charla con tus amigos en lmnea mediante
Lets say you are administering a PIX remotely. You SSH into a machine on the
PIX's internal network and from there you telnet into the PIX. Security is
via conduits and it might look like this:
conduit permit tcp 192.168.43.0 255.255.255.255 eq 22 any
conduit permit tcp 192.168.43.0 255.255.255.25
PIX does not have Antivirus, IDS, or content filtering bultin. I don't think
I know of any hardware based firewalls that do. You may have to look into a
software based solution. Maybe computer associates or Symantec make such a
suite.
""Gunjan Mathur"" wrote in message
[EMAIL PROTECTED]">news:[EM
You need to change the speed first, then you can change the duplex. It has
to be in that order.
""SamN"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> switch1> (enable) set port duplex 6/8 half
> Port 6/8 is in auto-sensing mode.
>
> The above switch is a 6500. AS i understand,
Very well put Mohamed! Kudos to you for not lowering yourself to his
level in reply.
Unfortunately, I don't have the answer to your S-Register question...
sure wish I did. I haven't tried it myself, but maybe you can do a
search on S Register or S21 and Modem Compression with Cisco (Via
Google).
>are u stupid man?
How would that be demonstrated? Inability to capitalize, to spell
"you", or to use commas?
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63277&t=63253
--
FAQ, list archives, and subscription info: http://www
switch1> (enable) set port duplex 6/8 half
Port 6/8 is in auto-sensing mode.
The above switch is a 6500. AS i understand, the ports can be set to
full,half or auto but when i try setting it to half, it doesn't allow me to.
thank you
Message Posted at:
http://www.groupstudy.com/form/read.php?f
I frequently have trouble when I go from hdlc to ppp. Usually it's
something I didn't configure with the ppp. I take one command out at a
time that I added until things come back up. I start with removing ppp
multilink.
also you may want to turn on some debugs
debug dialer
debug ppp negot
debug p
Although the destination address 172.2.x.x are showed on the switch mls
entries, it is not exported. I tested many flows generated by Flow-Tools
and there is no network 172.2.x.x as the destination; there are lots of
data sent to that network
I am wondering if it is a bug on the CATOS version 6.1
I ran into a similar problem. I converted to PPP from HDLC, as well as
to dialer profiles from legacy ddr. The problem was I forgot to put
"ppp authentication chap" on the bri interface. It was there on the
dialer
Interface, but not in both places. Adding it to the bri interface fixed
it. I rem
For more information;
http://www.cisco.com/warp/public/129/bri_invalid_spid.html
regards
/Stuart
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
MADMAN
Sent: 18 February 2003 15:06
To: [EMAIL PROTECTED]
Subject: Re: Isdn error with PPP - Why always?? [7
In line:
> -Original Message-
> From: lee wooi keat [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, February 18, 2003 4:51 AM
> To: [EMAIL PROTECTED]
> Subject: CCIE written exercise question [7:63247]
>
>
> All,
>
> I'm preparing CCIE written exam and encounter some tricky
> questions in
First man you are so polite so i have to apologize concerning the way we
have to talk with each other, but this Access Server infront of me (Ebn el
Gazma) mosh rady yeping a3mel leomoh eih???
Can u tell me howa mashy rady yeping leih??
BTW what i wrote to you was habal don't ever try to run on yo
Dear Scott,
Your advise would be great helpful to me!
Thanks a lot!
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63268&t=63163
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report miscon
Hi all,
I have a 2620 series running IOS (C2600-I-M), Version 12.2(8)T4. I also have
2 x WIC-1T installed. When I do this both of the interfaces show as down /
down. However when I install either interface on its own (In either slot)
they work fine. Is this a limitation of the 2600, I cannot find
Hi.. Group,
May I know whether the SYN Floodguard is enabled on PIX outside interface or
I have to manually enable by the following command
PIX(config)#nat (outside) 1 0.0.0.0 0.0.0.0 8000 8000
Is the command correct? assuming my nat_id is 1.
Thanks a lot
__
Dear wise man,
First of all ,I think there's a more polite way we can discuss such issues
with each other.
Second none of those S register parameters is related to the modem
compression
S27 > enable/disable V.25 calling tone
S28--> Guard tone
S30---> Max connect rate
S43-
try debug isdn q931, this may give you some more info.
Dave
Cisco Nuts wrote:
> Hello, Just set up basic Isdn b/w 2 routers using the default hdlc encap
> and was working perfectly fine till I changed the encap to ppp, ppp auth
> chap, ppp multilink and ppp chap hostname R7. Then it just stopp
are u stupid man?
it is very very easy
modemcap entry elkomy s27=12s28=12s30=13&&s43=67
interface group-async 0
ip unnumbered fastethernet x/x
encapsulation ppp
group-range x/x y/y
compress stac
ip tcp header-compression
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63263&t=
The Long and Winding Road wrote:
> hey, Dave, request for clarification
>
>
> whenever I run my config tools ( either CCO or NetFormX, which validates
> against Cisco's config server anyway ), the requirement is CAT OS plus IOS.
> I can go CAT OS only, but I cannot get a validation using IOS only
At 10:50 AM + 2/18/03, lee wooi keat wrote:
>All,
>
>I'm preparing CCIE written exam and encounter some tricky questions in
>exercise. Would like to ask for help for those who can solve it:
>1) Which one is NOT Well-known attribute for BGP ?
>- local preference
>- origin
>- weigh
At 5:30 AM + 2/18/03, Ken Diliberto wrote:
>The nit I'm picking is inline... (I'm feeling like chipping in tonight)
>
"The Long and Winding Road"
>02/17/03 06:13PM >>>
>
>[snip]
>
>if I have a 75xx router with 300 ethernet ports, and I bridge all
>those
>ports, do I have an L3 switch, or
>"Vicky Rode" shaped photons and electrons to say:
>
>
>see comments in-line:
>
>
>-Original Message-
>From: Stephen Hoover [mailto:[EMAIL PROTECTED]]
>Sent: Monday, February 17, 2003 11:20 AM
>To: Vicky Rode
>Cc: [EMAIL PROTECTED]
>Subject: Re: Does MLS (Layer 3 switching) require VLANs?
cluster id looks a little out of place for me
- Original Message -
From: "lee wooi keat"
To:
Sent: Tuesday, February 18, 2003 10:50 AM
Subject: CCIE written exercise question [7:63247]
> All,
>
> I'm preparing CCIE written exam and encounter some tricky questions in
> exercise. Would li
weight is not an attribute carried in BGP. It's a cisco
specific mechanism that is local to a router, and when
configured, may impact the BGP path selection on that router.
lee wooi keat wrote:
>
> All,
>
> I'm preparing CCIE written exam and encounter some tricky questions in
> exercise. Woul
Hello, Just set up basic Isdn b/w 2 routers using the default hdlc encap
and was working perfectly fine till I changed the encap to ppp, ppp auth
chap, ppp multilink and ppp chap hostname R7. Then it just stopped
working :-< This has been very frustrating!! It started spitting
out this msg.
Hi,
Normally, the CPE router would be the border router that gives you the
global IP address range to access. However, in this case it looks like you
essentially have 2 border routers.
You can get your border router to route the global ip range to the PIX, so
the PIX outside interface will have a
Dear all,
If I'd like to enable compression for my analog dial-up customers what
will be the recommended method??
Is it via Layer1 compression (controlling compression via S Register
parameters) or via L2 compression via STAC,Predictor.,??
and plz recommend the necessary configuration fo
Hi,
I need to connect two offices with VPN. They both can only get an
Internet Connection with dynamic IP addresses, static addressing is not
possible.
Is there a possibility to establish a connection?
Thanks in advance.
Tarry
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=
The best way is to get a box with multiple serial interfaces such as a 2522
or 2523 and configure it as a frame switch. This seems to be the most common
way, anyway.
--
Johnny Routin
)?)
-
""Kerry Ogedegbe [ MTN - Portharcourt ]"" wrote in
message [EMAIL PROTECTED]">news:[EMAIL PR
Hi Kerry,
The easiest way of doing this is just getting a cisco router with numerous
serial interfaces and configure it as a frame relay switch. I uase a Cisco
4500 with 8 serial ports in my lab.
Cheers
Troy
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63250&t=63248
With 12.2 use the police command within a policy map not rate-limit
HTH
Dom Stocqueler
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
[EMAIL PROTECTED]
Sent: 17 February 2003 16:27
To: [EMAIL PROTECTED]
Subject: Re: Bandwidth limitation [7:63154]
Use
Hi,
I want to set up frame relay in a lab, are there any emulation software to
mimic the frame relay cloud?
if not, what's the best was of doing this
___
Kerry
[GroupStudy removed an attachment of type image/jpeg which had a name of
Clear Day Bkgrd.JPG]
Message Posted at:
All,
I'm preparing CCIE written exam and encounter some tricky questions in
exercise. Would like to ask for help for those who can solve it:
1) Which one is NOT Well-known attribute for BGP ?
- local preference
- origin
- weight
- community
- cluster-id
You can only
If you have CCO access, you can use feature navigator:
http://www.cisco.com/go/fn/ to quickly find information of this kind. I'm
fairly certain that there is non-cco version, but I can't seem to be able to
find it now.
Regarding your original question, I believe you're fairly safe with
any
Bill,
In reference to your other questions
> 2) Conceptual questions on PIX (i am learning pix in a lab
> environment)
> a)will a higher-security interface always be able to initiate
> connections
> to a lower-security interface without configuration of an
> access-list,etc ?
> So, with a pix co
I have a case with a customer that I am installing a PIX and a border
router for, He want´s to have controle over the border router, but the
Service Provider, is providing their router as the CPE. one interface
on the Service Providers router has an ip address from the customers public
ip address r
your still a little off target...
Layer 2 interfaces can be access ports or trunks for vlans
Layer 2 or Layer 3 switch interfaces dont need to be
sub-interfaces..
Layer 3 vlan interfaces(svi) require layer 2 trunk
interfaces to interconnect vlans in other switches
Layer 3 interfaces only require a
Which IOS I need on 1003 to use it as ISDN gateway to Internet? IOS should
support NAT and dynamic IP addressing on WAN port.
Regards.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63242&t=63242
--
FAQ, list archives, and subscr
I have a data center on the cisco campus that has well over
80 subnets in it, using L3 routing
and no vlans on the 6509 gateways(routers)..
We also have a production data center that uses 6509's with
vlans that span different areas in
the data center...due to the application structure of the
serve
Ok, its 1:29AM CST - and I am setting here chewing on this switching study
guide information about VLANs. I think I see where my confusion has come
from and what the answer is now.
Layer 3 switching does not require VLANs, but what is DOES require is a
physical port connection on the common L3 swi
83 matches
Mail list logo
