Hi there,
I've got a 515UR failover I jus' upgraded from 5.3(1) to 6.1(4). I'd like
to pop PDM on that system(s) and try that interface out.
I'm a command line kind of guy, so am comfortable with CLI, but, I've heard
that PDM is a worthy utility.
Any words of wisdom on PDM installation?
Best,
and have nothing good to say about them.
What sweet nothings would those be?
On another, but similar, note, what 3d party GBICs for 1000LX single mode
are out there for the Cat 3548 switches? And, are there any sweet
nothings about using those in a Cisco platform?
Very best, G.
Shucks, folks, 'most everyone knows that the real world has its moments.
Users. They generally provide considerable exposure to that which is
perceived as real.
'Course, it's always nice to have a test-bed; but I think lab rat is a
different definition.
So, perhaps to lighten things up,
Sagely advice from some good sources, especially the last one.
---
Try not to become a man of success, but rather try to
become a man of value. - Albert Einstein
Recognition is the greatest motivator. - Gerard C. Eakedale
In a 10Mb environ, what the heck! I would speculate that double-up won't
make an ROI out of consolidation.
However, this brings up a nasty little problem I'm looking at, and I might
phrase this another way. How many cascaded switching devices can exist in a
broadcast domain without creating
I had a similar 'self-inflicted wound' a while back. Seems some dope (that
would be me) had retired some public IP ranges on the inside and needed to
(temporarily) route those to null from his inside router. Otherwise, the
hapless administrator saw these udps denied with the dreaded 'xlate'
Yep, I've used it. There is considerable flexibility in setup. Some
switches take up to several hundred MAC entries, learned or statically
assigned. You can also set the thing up to simply alert through SNMP traps,
and/or administratively shut down that port until you do a 'no shut', or
Interesting, sometimes the obvious can be elusive. Pull more copper, is
the obvious. Depending upon the telco layout, of course.
But, like many of Chuck's musings, this brings up some more real world
questions.
Given: Investment in analog/digital cu based phone sets at buildings.
A
I had a cat named Five once,
but he had an unfortunate collision
Yes.it is Friday.
Best, G.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=38482t=38323
--
FAQ, list archives, and subscription info:
Typical problem. Hopefully an easy answer. The manual says so, but
I've configured interface 3 on a 6 port 515 for a dmz. I needed to change
that segment back to its original 127.0.0.1 255.255.255.255 ip address
assignment. Failover goes just ducky back to 0.0.0.0. I get the infamous
A while back I had the experience of witnessing a large network expenditure
for similar reasons as the below.
Unfortunately, the underlying problems *causing* the collisions and
broadcasts went unaddressed. Raw speed can hide many ills.For a while.
Before moving over to a switched
Sayeth Chuck, esteemed moderator:
The forbidden words are there mainly to stop spam, but also to stop some
of the non-Cisco study messages that occasionally pop up.
But, I see you have given no notice to the George Carlin's 1973 arresting,
Seven words you can't say on television.
I think that
Depends on what you mean by worry.
I've got a couple of Foundry's in addition to the Cisco stuff. Both L2 and
L3.
I like them. I like the support. And I like the company.
Best, G.
-Original Message-
From: Washington Rico [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 25, 2002
Hummm, I too scanned the Cisco site for 6.2 and only found 6.1.2. I'd heard
from the rumor-mill that 6.2 was out, but perhaps that's incorrect.
As I'm about ready to upgrade the failover 515UR, it'd be nice if I only had
to do this once -- this year.
Any speculation on that 6.2 release
The full circle: We now apparently check security clearance so carefully
that fear of compromising the clearance indeed becomes more of a threat than
knowing someone who once was in a room where a known commie breathed the
air.
And inhaled.
Very best, G.
VP OGC
-Original Message-
Ancient wisdom, Who guards the guardians?
If security is defined as abject obedience then my feeling of being
secure in person is misplaced. If security is judged as well as Olympic
Skating competition, then security is a misnomer. If a security
clearance is based on dogma, we are less, not
AND, am I to understand correctly, as the manual is quite vague, that an
upgrade of the primary failover unit also updates the secondary? Or, must
the hapless administrator do each individually?
Best, G.
-Original Message-
From: Jose Celestino [mailto:[EMAIL PROTECTED]]
Sent:
I don't think this was Shoeless Joe Jackson, but rather a self-described
awkward, skinny, asthmatic child who later became a musician/writer. Ref:
google/joe jackson
My own quote:
This thread sounds like running thirty miles and hour on a treadmill going
sixty.
Best, G.
VP OGC
Some people
Here's a little tidbit from the Washington Post about battle:
[Cy (Zulu, 1964)] Endfield also finds a quality missing from all too many
battle sequences in millions of movies: that is, the utter physical labor of
battle. It's very hard work to fight, which is why the young are so much
better at
I would pontificate on the below. Several vendors have jumped on the
'training gravy train'. Used to be, vendors would train users with the idea
that a knowledgeable operator would benefit all. Apparently, the huge
training licensing schemes have clouded the original intent of
vendor-specific
Wake up and smell the coffee! Prisoners have been getting costly commercial
diving training for years down in California somewheres. Good job for tough
men.
But CCNP? I'm led to belief that less than 1% of inmates in Federal pens
are white collar types. Maybe the 52% who are there due to the
Would this not also be a function of just what the ISP has/wants on the far
end?
My hookup uses a 3Com Accessbuilder 6100 I-Mux --- HSSI---Cisco 7200. The
three T1's are inverse multiplexed on the 3Com. Scaleable to 7 T1's.
'Couse this is a 'Cisco' newsgroup
Best, G.
-Original
The flag is there. The last great president said we'd put it there.
And we did.
Best, G.
VP OGC
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=33513t=33465
--
FAQ, list archives, and subscription info:
Subject sez pretty much all. Who's got the good/bad/ugly for:
Cisco Secure Pix Firewalls
ISBN 1587050358
Test? Who cares!!! Does the book deliver the how-to goods?
Very best, G.
VP OGC
When your work speaks for itself, don't interrupt.
-Henry J. Kaiser
Message Posted at:
I had Kip for ICRC/ACRC years ago. He was, by far and away, the best
vendor-cert trainer I ever had.
Best, G.
VP OGC
-Original Message-
From: Daniel Cotts [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 22, 2002 8:44 AM
To: [EMAIL PROTECTED]
Subject: RE: Looking for Great CISCO
Don't rightly know, depends. But, for comparison, here's a little quote
from Information Week:
Enron's board members made more than $300,000 per year, for just one board
job.
And just look at their performance! Maybe we should start a board member
study group.
Best, G.
VP OGC
Message
Well, I think that you could have two seperate VLANs with some modifications
of the below. As far as I know, there is no dictate to assign an IP to
those VLANs. While I don't have the need, or lack of need, for the L3 part,
I'm not sure if the IRB command would be required for this seemingly
This is a good question that I've recently been fighting at one of my sites.
The obsoleted-by-the-manufacturer-5-years-ago router, HP, is a primitive,
but reliable device without many bells and whistles. Recently, on it's
logs, I've been getting some unusual 'ARP squeals', as well as the
Well, I have one of those GL3's, and it's a pretty good piece of work. I
would agree that the documentation accompanying that switch is somewhat
sparse. It took me quite a while to 'figure it out' on my first setup. The
below assumes an IP network.
If I remember correctly, those docs talked
I would tend to agree, I have a similar number of WAN sites, and rely
entirely on static routes on the back end.
But! (There's always a 'but', and sometime with an extra 't') As my network
changes, (read fiber and switches)I plan to go more VLANs, and private
address spaces, for separating
I watched, again, the most excellent Flight of the Phoenix over the
weekend. (Yes, folks, I do have a life besides IT..) As sometimes happens
after re-visiting a film, I discovered another perspective, maybe even
relevant to IT engineering.
There was a point, in the movie, that the engineer
I did not note a speed associated with that full-duplex Ethernet spec.
Wouldn't GigE Cu require all eight? And, might a new cable plant effort be
well-served to require all eight conductors per RJ?
Best, G.
VP OGC
-Original Message-
From: Allen May [mailto:[EMAIL PROTECTED]]
Sent:
Hi folks,
Jus' checkin', I'm looking to upgrade my PIX 515UR w/failover from 5.3(1)
wa up to the current 6.2. (Help me, I found myself *liking* the GUI
of that PDM management interface!)
Are there any war stories of note that might save the hapless administrator
hours of time?
Very
And just what does prestigious non-accredited mean, exactly?
The miserable worms who market accredited education for
more-than-exorbitant fees are bad enough. (see previous threads on value of
certifications vs. higher-education diplomas)
I'd highly recommend pursuing industry certs rather than
Actually, understanding Windows browsing implementation can be quite
instructive. There are both WAN and LAN switching gotchas. Keep in mind
that, at least with my NT 4.0 browsing, this is based upon broadcasts.
Things like netmasks, VLANs and routers can do funny things to, and with,
broadcast
The term to search on at CCO is 'break key sequence' which should bring up
the following page:
http://www.cisco.com/warp/customer/701/61.html
I'd cut-n-paste, but there is a wealth of information there, with many
different hardware and applications documented.
Best, G.
VP OGC
-Original
Here's a little story from the Bering Sea. Bear with me and you'll see why
the 'thread' fits.
The Anacortes, Washington fishing family had been very successful in the
late 1980's. Early 1990 saw four brand-new crab boats ready to plunder the
king crab population in an area the coast guard
There are, I hope, perspective employers looking at this service. They can
make up their own minds about folks who are looking for a 'quick fix' and
their motivations.
But I would not hire, or even look at, people who make a practice of
belittlement and sarcasm. I'd rather hire a person who
Ah, the intolerance of it all...
I answered this guy because he needed help. I did the research long ago,
and put him in the ballpark. Of course, the rest of the knowledge is up to
him. By the .signature involved I surmised this was a 'working stiff'.
Have a little empathy.
Some here have
Speaking as the chief smut-buster at my site for the fed's typical effort
with the Children's Internet Protection Act, you have a hard road coming.
This is a high-profile and thankless duty.
My solution is to go to a commercial provider, make it very clear that the
filtering choice is their
Trip over the same rock fantastic
Spanning Tree Protocol is where you want to go. Here's a typical symptom:
Install new workstation on high end switch to troubleshoot multimedia
through firewall. Connection fails. Link light fine. Realize all other cu
ports are static address servers.
A very distant shout from the lives of some of those we owe...
Thomas Hobbs, Charles Babbage, Albert Smee, Alan Turing. It never ceases to
amaze me that 'success', in modern America, equals money. It used to equate
with knowledge and the gaining thereof. Though some of the early digital
Well, my paycheck crack didn't seem to satisfy the mark. I know it's a
tough job. Old readers will note my previous, and current, affiliation with
commercial salmon fishing. Nowadays it is for relaxation. That smallish
break in the summer has had its moments, and I'm grateful for the escape
I look very much forward to continuing picking up my paycheck every
month
Very best, G.
VP OGC
Youth is wasted on the wrong people.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=24568t=24549
--
FAQ, list archives, and
Can you give me the url for this WUG product.
-
WhatsUp Gold. www.ipswitch.com
A very decent product for the price. Simple, yet effective, ICMP polling
plus some SNMP Get additions. Mapping is good. Graphing available. The
notification
Two thousand year-old wisdom:
Who guards the guardians?
Best, G.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=22246t=22208
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report
And, speaking of our neighbors to the north...
I've heard some very discouraging news from Canada about their new nuclear
menace.
They've had the 'eh' bomb for quite some time.
Best, G.
-Original Message-
From: Chuck Larrieu [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October
I have the most unsightly wad of V.35 Y cables you ever saw. Eighteen, last
time I counted; all for a single Network General DSS WAN Sniffer that I
absolutely, positively, cannot live without.
I plug in the Ys when I have to sniff one of those T1 links. Otherwise, I
try and neatly hang them up
Hummm, with those kinds of credentials those guys shouldn't have to work.
They could teach.
Best, G.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=17443t=17141
--
FAQ, list archives, and subscription info:
On this date in 1775, England declared the colonies in a 'state of
rebellion'.
Let's all keep up the good work!
Best, G.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=16928t=16928
--
FAQ, list archives, and subscription info:
Below is a nice read. Very helpful. Can someone translate this for me from
RouterTalk into PIXese?
Best, G.
Subject: code red [7:15286]
I wanted to share this with the group:
Hummm, imagine my disappointment when looking for an actual evaluation of
the product.
Can someone enlighten me as to the value of (the new) RouterSim on it's
merits?
Best, G.
VP OGC
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=11556t=11342
Cisco agreement!!??? Cheating must be discouraged, everywhere. See below;
yet another reason Cisco certs are becoming 'required' while advanced
degrees are 'preferred' in those lucrative job postings
From the Bellingham [Washington State] Herald, June 17, 2001, Editorial
Opinion:
In an
I like that plain English part; the computer people I know do not normally
speak plain English.
Actually, I've had some fascinating (to a computer person) times with a
Sniffer and retransmissions. My aging DSS' expert analysis feature does
allow for quick 'drill downs', and is vastly superior,
It's all due to the latitudinal locations of both Canada and Australia, both
former British colonies. Because of these extremes, and the northerly
location of the British Isles themselves, they use the 20 hour day, instead
of the more conventional 24 hour period. Canada, particularly, I have
A couple of 5-4-3 refinements:
Try this picture:
MORE HOSTS
\.../
hosts HUB(s) hosts
\|/\|/\|/
host --- hub --- repeat --- SWITCH --- repeat-- hub --- hub etc...
STFW? LOL? My fifty plus years are showing. While I once used familiar
jargon like 'far out', 'spacy' and some others, I find myself puzzled by
some of the new acronyms used by the YPKs.
Is there some dictionary of current acronyms used by my younger colleagues
sos't I can communicate?
It is
Don't forget the public sector entities. Metropolitan, campus and
government networks can offer some great exposure.
The pay, on the other hand.
Best, G.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=4442t=4420
--
I came into IT from commercial fishing almost 20 years ago. Kept my fingers
in that exercise, as much as possible, over the years. I work in education,
so summers, in the past, have had some time to get out on the boat. I had
to give that up, recently; just not enough time for both IT and that
I note with interest that the 4 year degree is "preferred" whilst the CCIE
is a "must have".
Four year institutions need to scrutinize their heretofore stranglehold on
credentials. To little bang for too many bucks with a mini portion of
relevance in the real world.
Best, G.
-stuff
Having just installed 5.3(1) on a replacement 515. I am seeing what I
believe(d) to be logical icmp denies on a regular basis. Can anyone point
me to the right TAC (or other) spot for analysis of these rumored maladies?
I've searched the bug reports And yes, one of the 'shotgun' solutions
It *was* broke.
After much wailing and gnashing of teeth, I finally tried shutting down the
primary.
Bandwidth was immediately improved.
S, I'm calling this a faulty 515 primary system E0 interface.
Best, G.
_
FAQ, list archives, and subscription info:
How's about a little 'real-life' observation on a 515UR/failover package:
Problem:
external limited to ~850Kbit/s since install. Normal range, 2.5-3.5Mbits/s
internal ether on 515 does not exceed 140-160KBytes/s
internal ether has unusual number of IP transport retransmissions.
no apparent
Well, I've looked there, at the CCO, and the documentation I've found is
'ok'.
By 'ok' I mean that you *can* successfully set up the PIX from those docs.
The PIX, however, isn't there for just NAT, it's there to help secure your
network. To that end there seems, to me, to be very little in the
"I read in an article that Michael Muuss has died in a car accident. He is
the person who gave us a tool called "PING" to make our lives easier when
troubleshooting our networks."
-
And he is now surrounded by his loved ones,
and his loved zeros.
Happy Friday! (sent during the recent
Hi Muhammad,
I just put up a 515-UR, OS 5.3(1). Quoth the manual, "Cisco recommends that
you do not use the access-list command with the conduit and outbound
commands." There are some evaluation sequence issues.
That said, from configuration mode:
access-list acl_out permit tcp any any eq
That Priscilla is a real jewel, eh? I think I'll add this formula to my
*must know* list.
The one tid-bit I might include, though not reputed to be 'test centric', is
to *memorize* (I say this as a member in good standing of the O)ld G)eezer's
C)lub) the binary numeric for HEX digits. The
Please sign me up for the OGC, as I more than qualify.
'Round here we chew up and sipt out the YPK's Those that stick around might
learn enough to qualify for OGC membership when their time comes.
Very best, G.
"Be strict in what you send, and forgiving in what you receive."
I'm fifty-two.
The memory does become more of a challenge. The quick uptake takes a hit.
The twenty-hour days take days of recuperation.
But the knowledge chase is still very satisfying. It comes in a more
relaxed and in-perspective kind of way. I enjoy mastery of the thing, and,
looked at
Hi,
I jus' happen to have a couple of 2600 series routers, 2610 2611, as well
as a Network General WAN Sniffer. I also have a 'Y' cable, with V.35
female-female ends. The third 'Y' leg goes to the WAN Sniffer. I have one
(1) Cisco V.35 DTE serial cable, male.
There are a smattering of
Quoth someone earlier:
"If you work for the state or your county, you can make
a LOT of dough. They tend to overpay for most
positions."
Could someone tell me just what that state or country that is?
Best, G. (A third generation government technical employee.)
Somewhat more seriously,
Well, I used to live near DC -- traveled up there quite a bit, in my 18-21
days. Long time ago. But, I wonder, what was said there in DC about
certificationzone?
Best, G.
-Original Message-
From: Steve Jacks [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 19, 2000 1:39 PM
To:
Hi,
Let's imagine that you have a L3 switch with a segment (x) serving a
(actually more) router feeding another segment (y). The L3 has other BVIs
(w and z).
Let's also imagine that one has a server belonging to the routed segment y,
(y.1) Let's also imagine that the server has crashed, and
Not with copper. Single mode fiber with LX modules work for me. You can
buy 100Mb/sec cu to single mode fiber media converters. I don't think you
can 'get there from here' with multimode fiber, or, as aforementioned,
copper.
Oddly enough, it seemed (to me) that gigabit LX gbic modules for
Been here before, but bears repeating:
http://eff5.csuchico.edu/bellingham/silver/staff.html
Subject: Re: T3- DS3
No, they are identical. I'm sure someone else will respond with some more
history on the reasons they are named the different things. The DS is
digital signal and T I assume has
Ah, the many varied duties of the harried network supervisor:
The ACTUAL link on the T3-DS3 conundrum is:
http://www.dcbnet.com/notes/9611t1.html
Thanks to Jon McC for the correction.
Subject: RE: T3- DS3
Been here before, but bears repeating:
http:// bad address! no biscuit!
Subject:
It is becoming an irritation that what some consider history, I consider
memories.
Dylan.
Very best, (getting ready for those geriatric wheel-chair races) G.
-Original Message-
From: Dan Henry [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 13, 2000 11:14 PM
To: whatshakin
Cc:
I've been perusing the trial version of CiscoWorks 5.0 w/What's Up Gold.
I'm finding that I might want to invest in a more robust Network Management
System, and/or add-ons. I notice a couple of things at the Cisco site:
The CiscoWorks2000 Campus Bundle.
For Unix boxes, several parts:
Of course, there
is mail, a web server, and one or two other systems needing external access.
Is that Unrestricted license really necessary? What might I loose down the
road if I decide on the restricted license?
Best, G.
-Original Message-----
From: Hartnell, George
Sent: Tuesday, November 14, 20
Any wonderful references out there for good usage of CiscoWorks?
Best, G.
_
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Ah, yes, another lost soul in G-L3 land.
My 2948G-L3 is, indeed, at the core. Quite a useful multilayer model
device. I like it.
You can divide your class B into those 8 subnets, assign a BVI to each, and
then attach whatever ports to that bridge-group that you need. Nice for
servers back
Sorry about the Aussie Dollars. Someday I have great hope to fly down there
and spread some greenbacks about.
Anyway, what, dear readers, might you recommend for a 24 class C segmented
network with about 3000 to 4000 hosts? Metropolitan area. Fiber. *Mostly*
Cisco stuff. NT. IP only. *Some*
Want some advice? Pay your dues in a K-12 public sector job. Lots of
action in today's educational technology buzz-word world. Pay is generally
terrible, but the exposure can be significant.
A good resume stuffer.
Best, G.
_
FAQ, list archives, and
I have used my Network General (now, alas, Network Associates) WAN sniffer
with great success. I have used the V.35 connector to the router for full
and muxed T1s. This is a great, must-have, keep-'em-honest tool.
War stories? I've locked three vendors in my MDF and bluntly said, "No one
Recently, someone querried about the location of a trail version of
CiscoWorks 5.0. The very next thread entry was, "Never mind, I found it!"
The actual location, however, remained an unpublished mystery.
Who might share the authenticity and actualy location of such an offer?
Best, G.
"A kinder and gentler nation."
I've used Sniffers since the (long lamented) Network General days. Support
before, during and after sales was one of N.G.'s best traits.
As far as useage is concerned, try and get some training. N.G. had very
good training, at one time, in geographically
I'm having some difficulty getting bridge-group routing to happen. Static
routing happens just ducky between two IP addressed interfaces. IRB is
enabled. Bridge group 64 (my number of the month) remains painfully silent
as the packets bounce back and forth, back and forth, between a routed port
The easy config -- switch = router gives the 24 collision domains. The easy
config, give one interface one network address, route somehow (static --
OSPF), and off you go.
What if, say, you want two (or three or ten) switch/router ports as a single
virtual bridge/hub/switch? The not-unusual
The theory of layer 3 switching is fairly straightforward, logically and
physically. The implementation of a well designed network integrating L3
with VLANs/BVIs, channels and tunnels is less immediately apparent.
As aforementioned in a previous thread comment, Cisco does have some setup
Quoth someone below:"2948G-L3 -- Basically a 48-port router!"
Yes, as aforementioned, the 2948G-L3 *can* reside quite readily in Layer 3
land, and configured that way, per port.
But, L3 land isn't really switch land, and to just view the G-L3 as a 48
port high-speed router is not getting
90 matches
Mail list logo
