Hi Kerry,
The easiest way of doing this is just getting a cisco router with numerous
serial interfaces and configure it as a frame relay switch. I uase a Cisco
4500 with 8 serial ports in my lab.
Cheers
Troy
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63250&t=63248
John is right, you can get the mibs off the CSS itself, from CSS/mibs
directory. They are also included in the CSS .GZIP file (when you d/l to do
an upgrade), so you could gunzip that file and pull them out from there too
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63336&t=6
One of the first commands you can use to debug ISDN issues (ie are you
getting anything from the ISDN switch) would to debug isdn q921. You should
get SAPI's from your ISDN switch...something like below (dont forget to have
term mon if you telnet to your router)
Feb 19 11:21:27 GMT: ISDN Se3/0:1
The only realy advantage of using an encrypted GRE tunnel, over a normal
IPSec tunnel, is that GRE tunnelws would be able to pass no ip traffic.
You would use encrypted GRE if you had to pass non-routeable traffic between
the two site (eg Netbios,etc, but also Routing updates). I have use
encryp
If you use an Encrypte GRE tunnel, be wary of MTU sizes. You will need to
drop the MTU size to accomodate both the GRE overhead and the IPSec overhead!
Troy Leliard wrote:
>
> The only realy advantage of using an encrypted GRE tunnel, over
> a normal IPSec tunnel, is that GRE tunne
Hi Kerry,
You are right, OSPF only supports 4 equal cost paths, and doesn't support
unequal load balancing. The easiest way for you to address either of your
options is to manually alter the ospf interface cost.
Under the interface, add
ip ospf cost xxx
Mkae this the same as the other interface
Hi Andrew ..
I presume that your cat is running CAT0S.
What you need to do is basically the following, say for example you only
wanted to allow 192.168.0.0/24 telnet access to your Cat
set ip permint 192.168.0.0 255.255.255.0 telnet
You can also add specific host
set ip permit 192.168.1.5 255.
You get one year from passing your written till sitting the exam.
Suranjith Ariyapperuma wrote:
>
> Dear members
> Once you have completed the written , how long do you get to
> prepare for the
> LAB ?
> Suranjith
>
>
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63426&t=6
Normally you would only get one username / password., and the ISP would
configure CHAP, then PAP authentication, ie if the cllent (user) tries to
authenticate, and CHAP fails, it will then authenticate using PAP. (CHAP
Should always come first as it is the more secure authentication method).
Hope
Correct, FX is Fibre.
SamN wrote:
>
> Hey Guys.
>
> Whats the difference between these two 3600 Modules
>
> 1FE-TX and 1FE-FX
>
> Whenever the word FX comes in, does it mean fiber?
>
> thank you.
>
>
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=63489&t=63443
This would work if you didn't go throgh the switch, ie from the router
console port -> patchpanel -> wall port -> to your PC (with DB converter
obviously).
SamN wrote:
>
> I wish to gain access to a router console but it's in the
> server room while
> I am outside.
> Is it possible to do someth
Hi Sean,
I currently use Cisco IDSM (IDS module for the Cat6500), Nokia IDS, and
Snort on the server themselves. You can never be paranoid enough about
these sort of things. Each vendor has different exploits etc, so by
implementing a multi vendor path to your critical servers, you protect
your
As with most things, you need to way up costs againts your requirements. IN
our case, security is absolutely essential, so having a multivendor security
solutions (and indeed fully redundant) is costly, but we see it as justified.
With regards to action during attacks etc. We mostly rely on manu
Hi Albert,
We have 24x7 cover so that response time is pretty quick. (and a very well
defined escalation procedure).
However at the end of the day you are right, I believe that no systems are
secure, what we do is try to stick up as many deterants as possible to make
it not worth while, and for
HI all,
I am playing around with some Local Director (416's) and would like to konw
if anyone has found a way of doing intelligent health checks (layer 7), of
anything other than HTTP and DNS. Eg I want to have a VIP bound to 3-4 real
servers, and then health check a specific service on the real
HI Brian ..
Where abouts are you based. If you are based in the EU, I have a may be
able to find you some kit ... (give me a kit list and I can get some pricing
done.) Everything will come with warranty and support. Otherwise, the
other option is just to surf EBAY.
Sonic wrote:
>
> Got a fri
e/password for eg: cisco/cisco would be
> used for both CHAP and PAP.
>
> Regards
> Deepak
>
>
> Troy Leliard wrote:
> >
> > Normally you would only get one username / password., and the
> > ISP would configure CHAP, then PAP authentication, ie if the
> >
I used Caslow, found it really good, also used the new Cisco Press book
(both the R&S,l and the lab). Even if you are studying for your written
exam, it sometimes really helps to go through what you are learning in a
lab environment
The Long and Winding Road wrote:
>
> a couple of comments in-
Hi there,
AH wont work with NATAH does a digest copmutation on the entire IP
packet, including dest / src IP's. When this passes through NAT, the IP
header changes, and thus the apcket will be dropped.
BJ Rice wrote:
>
> To clarify, my PIX sits behind a DSL modem, not router.
Message Po
Depends on what you are trying to do and what your budget is. You could
always make use of commercial software such as NetCool (Micromuse etc), or
just have a good old syslog server, and configure the pix / checkpoint etc,
to log to the syslog using the same facility. This would merge all the dat
And if you are even more paranoid like I am, you can ensure that your
original VTP domain is password proteceted, that way if you in "forget" to
"reset" the version counter of your new switch, it wont automatically del
all the existing info. I also tend to alway add new switched as client and
the
By the sounds of your email, it appears as though you where able to connect,
but have since connected and abnormally exited .. Use the command show
sessions to list all the open connections. Then you can use the command
disconnect to disconnect whatever session you want.
To prevent this sort of
Hi Doyley ...
What are you trying to achieve, by the sounds of it you want to set an ip
address for the Cat so you can telnet to it? This is done my setting the
sc0 interface on the catOS.
Eg. (CatOS)
set int sc0
If you want to set IP's for the actual VLAN interfaces you need to do this
on t
It depends if you are after theoritical advice, or practical advice. I have
found it rare to have only L2 in the core (other than when using MPLS). The
focus of the exam is that the core should add minimum latency to forwarding
decisions, and thus the empahsis on why ACL's, VLAN aggregation etc,
Hi Ken,
What is connecting to this interface...you may want to manually configure
the duplex and speed settings on this interface to match that of the device
that is connecting to it. Also be very wary if you have a hub connected.!!!
Let me know if this helps !
Troy
Ken Diliberto wrote:
>
>
Hi Stuart,
One of the easiest ways to gather this sort of info is to use something like
MRTG (or even better Cricket, using RRD Tool). These free programs
periodically gather stats from the router and store it. You can then query
this data and it would draw nice pretty graphs showing you exact
What you want to do is possibleinfact I demo'd something similar. I
used the MXL-2300 from tut systems ...
http://www.tutsys.com/mtu/products/ethernetworking/mxl_2300/index.cfm
at anything under 3.5km you can get about 2MB. I haven't tried it this
using any cisco kit,
Ismail Al-Shelh wrot
I think you will find that AH cannot be used with NAT. AH does a has on the
entire packet, including IP SRC and DST, and NAT would modify this thus
invalidatin the packet!. For VPN's that are behind a NAT device, be it a
firewall, router or what ever, the transport mechanism would be ESP, or
inde
Why not try ethereal .. its free!!
PacketEXPERTS wrote:
>
> Have anyone gotten NetXray 3.0 or Sniffer Pro 4.5 to
> work with XP.
>
> Thanks
>
> ___
> Sent by ePrompter, the premier email notification
> software.
> Free download at http://w
Is your video delivery method unicast or multicast. If it is multicast you
may need to enable m/cast routing.
Terry Martin wrote:
>
> I have set up in my lab, bridging over a point to point T1. I
> am now trying to pass video traffic over this link, and it is
> not working. I can ping from a p
Redistributing IGP's into EGP's, while possible is not always the best
solution. If you IGP (in this case RIP), is not stable it can cause route
flapping in BGP (which has greater consequences than for IGP's. in that
upstream BGP peers would route dampen your flapping routes.) You would also
want
Hi there all,
I've got a couple of Local Director's, and am trying to find a way of doing
intelligent "layer7) health checks of real servers. eg for ftp, the LD will
probe port 21 on eht real server...if this port is not in a listening stated
the LD will remove the real server from the binding t
>From the cisco website
Error Message
%BGP-5-ADJCHANGE: neighbor [chars][chars][chars][chars] [chars]
Explanation A BGP neighbor has either come up or gone down. This message
describes the change for the BGP neighbor and appears only if the
log-neighbor-changes command is configured fo
gt; like Cisco DSL
> products cause to be honest I have lost in Cisco site searching
> for the
> right product to implement my solution , I am still interested
> to look for
> the equivalent product from Cisco, but if I did not find it
> then I will go
> for MXL-2300.
&g
I'm never a big fan of having backup sites that lie active | standby! You
may want to look at getting a CSS and doing GSLB (Global Server Load
Balancing!)
Anyway, back to your question ...How much of the traffic is local ? You say
that you have a peak of 152MB's, but you will only have 3 x 5MB P
... mmm perhaps its
time to do some LD416 tossing! :)
Troy Leliard wrote:
>
> Hi there all,
>
> I've got a couple of Local Director's, and am trying to find a
> way of doing intelligent "layer7) health checks of real
> servers. eg for ftp, the LD will probe port
I have got this working by configuring a VPN pool on the Pix, and assigning
these addresses to the vpn clients. IE your home pc will have an DHCP
address from your ISP, but also an "internal" IP address assigned from the
Pix VPN pool. The Pix sees traffic as going from your network to this
"intern
Try set prommpt "" or set prompt " " something like that .. :)
Eagles Fan wrote:
>
> is it possible to clear the prompt after manually setting it?
>
> _
> Protect your PC - get McAfee.com VirusScan Online
> http://clinic.mcafee.
HI Tigers,
First things, are the interfaces in a administratively shut or are the
down|down ?
If admin shut, then all you need to do is do a no shut under each of the
interfaces you want to enable.
If you do that and they are now down|down or where orginally down|down, you
are not even getting a
Are you looking for new or 2nd hand? (With warranty / support ? etc )(
Cheers
Troy
Steiven Poh-\(Jaring MailBox\) wrote:
>
> Dear Groups,
>
> I'm looking below used cisco item, please look in to it and let
> me know asap.
> My location is Malaysia. Thanks
>
>
*
Your AARIN / RIPE whois, that should tell you who the IP block belongs to
and where to direct abuse complaints!
Steiven Poh-\(Jaring MailBox\) wrote:
>
> Dear All,
>
> I believe some one always try hacking my private network,
> I got the ip address and how am I check who they are?
>
> Please h
I think it is up to individual companies to be responsible for their own AS,
and should filter what routes and AS's they accept from peers! Ideally we
would want to "authenticate" our peers etc, but considering the expense etc
in rolling out this sort of technology you could also make use of
Not sure about Citrix, but have run into MTU issues when using IPSec and GRE
... and did indeed have to drop the MTU size on the network to allow for
the "double" encapsulation (GRE heard and IPSec header)
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64251&t=64185
--
Hi Randy,
You will need authentication for the BRI interface for OSPF area 0, an dyou
definatley only need the deman circuit to be on one side, not both. What
errors are you getting ? Presumaly since you are asking about passwods, I
assume the BRI interfaces are not connecting? Have you config
Hi Sam,
To answer your question, yet some people do use public address space in
their private networks, but generally they would use RFC1918 with NAT / PAT.
Secondly, you can use your Pix to connect the two networks together,
although you wont be able to do any advance routing functions. But yo
You need a RPS. It converts AC to DC and can be used for a number of
chassis (2500,3600, 2950 etc) Not too cheap / or common (on ebay etc), but
you may want a look! New DC power for the 2600 is just under £300.
How many DC routers do you have ?
Simon Watson wrote:
>
> Hi Guys I am based in th
When deploying my VPN3000, I have put it behind the Pix firewall (ie on a
DMZ), and I only allow IPSEC / ISAKMP throught the pix to the VPN3K. I
guess it depends on how much traffic you are expecting to pass over the VPN,
obviously in my setup, all traffic noew has to go through the pix, but, in
m
Split Horizon for EIGRP ... dont think so. !!!
Larry Letterman wrote:
>
> r3 sends to r2, then r2 sends back to r3..
> you sure about that...split horizon should be enabled for
> eigrp and igrp..and igrp and eigrp will work together in the
> same as number..not sure about different as #'s
>
TTY are any async lines that you may have. Do a show line and see what is
connected (if anything) to your tty lines?
Cheers
T
Elizabeth McCord wrote:
>
> Hi there,
>
> Does anybody know what the "TTY Background" process does and
> what it is
> responsible for?
>
> Is it normal that such a pr
If I follow, you have two wan conncetions providing access to you server
farm. Some of the servers on this farm will have 2 public IP address, one
from each of your providers?
Presumably you aren't of a large enough size to warrant applying for you own
AS, and using BGP,m which is the preferred so
Yup, I think we have just come off a big thread of RIP and OSPF
redistribution! With the risk of sparking it all off again, the main issue
is that RIP (v1) is classefull while OSPF it not. IE RIP doesn't pass
subnet mask prefixes in its updates!
Cheers
John Neiberger wrote:
>
> The first step
True, getting a AS for a /27 could be quiet a challenge, and even harder
trying to convince your bgp peers to advertise that. Fortunatley, I know
play with a /16 and a /19. BUt when I was contracting for another compnay,
I managed to get an AS for a /24, and get our peers to advertise it (was
fac
Hi Robert,
Your first static line wont work .. if you think about it, you will be
trying to pass an IP address (which the pix thinks is on the inside
interface), in from the outside interface. The Pix will see this as
spoofing and drop the packet.
What are you trying to achieve ?
Robert Pere
Not 100% sure if this is a full authentiaction error, but am alarmed by the
protocol=cdp section. I would guess that your dial list doesn't allow CDP ??/
Just a thought
#
Ants wrote:
>
> Hi,
> we have an ISDN dial in site setup and getting following error
> every couple
> of minutes..
> this sit
Strange that you would want to sumarise from an EBGP ro iBGP,, nomrally the
other way around :) . Withought using summary address command, you could
inject the /22 route into your local router table (eg route to null0 with
high metric), then have a distribute list which filters out any more
specif
You could use some form of policy routing !
Stuart Pittwood wrote:
>
> Is it possible to limit the amount of bandwidth used for
> traffic sent
> from 10.1.1.2/16 to 10.3.3.x/16 if so how would I go about this
>
>
>
> Thanks
>
>
>
> Stu
>
>
Message Posted at:
http://www.groupstudy.com/
You can always try a brute force password attack. Solarwinds have some apps
that do this, (that you can get on 30 day trial too )
M.C. van den Bovenkamp wrote:
>
> oscar wrote:
>
> > SNMP is not an option because it is disabled. In fact the
> > startup-configuration wasn't erased by mistake. The
Yes you can,
Do a search on IRB and CRB.
James Gosnold wrote:
>
> Excellent, thanks Priscilla.
>
> Can you configure a router to be a bridge AND a router?
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=64611&t=64516
--
FAQ, li
Just a side note . .you can't use pvlans on vlan 1 (management vlan). I
have gone to a number of customer sites, where often they have just used
vlan 1 to put some of their servers on, and thus run into these sort of
comlications later!
Ken Diliberto wrote:
>
> This sounds like a job for priva
Could be that you have directed broadcast enabled.
The Long and Winding Road wrote:
>
> ""Mossburg, Geoff (MAN-Corporate)""
> wrote in
> message news:[EMAIL PROTECTED]
> > I'm full of questions tonight...
> > My company's Catalyst 6509's MSFC has VLANs configured with
> IP addresses
> in
> > the
Looks like you have it configured correctly, and that they are forming
"adjacencies". At the risk of offending, but always best to start right at
the beginning, the gateway on your hosts are set to the HSRP address correct?
When you unplug any of the 4 cables, you can no longer ping the either s
You can always query ARIN or RIPE whois database.
Jim Devane wrote:
>
> hi,
>
> i am wondering if anyone knows how the route is able to provide
> the AS in a traceroute. I figure that it is querying it's own
> BGP table, kinda doinga mini-"sh ip bgp x.x.x.x" sort of deal.
>
> the reason I am a
I guess this would depend on the media / interface that you are applying the
ACL to? EG for TR, you would use non-canonical, and if applying the address
to ethernet interface canonical.
Presumably, inbound packets from TR pass "through" any inbound ACL's, then
get converted to canonical and passe
First big question, are your T1's from the same provider, or from a
different provider, and thus different "public" ip address space? If it is
from a different provider, you may well run into some problems with NAT.
Say for example, client A connects to your webserver (via ISP A's public IP
addre
Hi Terry,
I think I have already responded to a similar, if not the same question.
You wont be able to use NAT, as you can have a many-to-one NAT statement on
your router. IE Qwest IP and Sprint IP, both NAT to the same server.
The only way I can see you getting this working is if you get a /3
A bit off topic, but wondering if any of you send posts directly to this
group through you nntp clients? I have tried (using mozilla mail& news) and
am failing. At the moment I have to nake all my posts via the WWW front end.
Any ideas, recommmendations!
Message Posted at:
http://www.groupst
I think you should be asking good books? :) I am currently using Bruces
Caslows, Routing and Switching, New Cisco Press CCIE book, and the Cisco
Press CCIE - Practical Book.
I think the best way to tackle the "big one" is to start a file yourself, an
in it have a chapter for each topic that appe
I dont think you can do it with out some form of in-line analyser?
kuma kk wrote:
> Hi Group,
>
> Is there any way to capture the traffic on a WAN link using the sniffer
> software. I am able to capture the traffic on Ethernet connecting Router
and
> Switch port by mirroring the port.
>
> Appre
FR relay is quiet effective, especially with hub and multi-spoke
deployemnts. One of the big advantages as well, reducing interface costs on
the Hub end, as you onely have one serial interface with multiple FR PVC's?
A further solution is to have a xDSL / Cable installation at the remote
sites, an
You should definatley be getting output from debug isdn Q921 . This in
effect is the D=Channel connectivity to the ISDN switch, and should always
be up. If you are not getting SPI's when you debug this, then there is
definatley a connectivity issue between your router and the ISDN switch?
You al
To many late nights watching the cricket perhaps? LOL. What reference
material did you use to prepare. I too am looking to upgrade from CSS1.
Andrew Larkins wrote:
>
> Bad news all - failed. I got 803 from the required 825.
>
> Comments:
> Another nasty exam comparable to the old design (CCDA
FR is usefull when youhave hub and spoke deployments. By making use of
shared circuit your bandwidth costs are normally a lot less thatn Leased
lines.
Another solution would possibl the use of VPN. WIth the price of broadband
coming down, you could probably have a broadband connection at the rem
I dont think this solution would work. You outisde address and the host 2
address I presume are on the same subnet? Why would you want to vpn from a
device that is on your outside network anyway ?
[EMAIL PROTECTED] wrote:
>
> Hi,
>
> This must be an easy one for the PIX experts.
>
> I have a
Ihave previously used the PM2's as a terminal server, to connect to both Sun
and cisco equipment and it worked fine. They are ofcouse quiet a lot larger
than the 2500's?, probably about 3U
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=65730&t=65675
Correct me if I am wrong, but does the CCIE have a IOS based switched or a
CatOS? I thought it was CatOS
> I know this question probably has been asked here before, so
> forgive me. I
> already have three routers (2x2514 and a 2509) and a Catalyst
> 1900 in my
> home lab. I want to get a switch th
A PVC is a virtual point-to-point circuit, that is established, data flows
and then lays in an idle state waiting for more data etc. a Switched
virtual circuit, is torn down after the data is sent, and then
re-established when more data is required to be sent.
dkshin wrote:
>
> What is differenc
A default route, aka a route of last resort. For BGP, route to the next
hope must be explicitly in the routing table. This is one of the pre-reqs
for BGP to advertise its own routes as well (unless you have synchronisation
turned off).
In my deployments of BPG, we alway suse the loopbak interfac
Good thing I asked .. Oh well, back to the original question .. where can i
find a cheap 3550 ??
hehehe
Orlando Palomar Jr CCIE#11206 wrote:
>
> Troy Leliard wrote:
> >
> > Correct me if I am wrong, but does the CCIE have a IOS based
> > switched or a CatOS? I thought
Whie I agree that by compriming the switch, the intruder can bypass the
firewall, I dont feel that it is of siginificant concern to warrant the
purchase of an addiitianal switch to seperate the two.
The big drive here is that you must secure your switch at L2, and if you do
so, I feel that is is p
A couple of reasons why its not enough .. imagine you inadvertently run and
execute a trojan on your home pc. This will then connect out to the
internet and would be valid remote control access. Often these trojans head
out to IRC, where peolpe can actually access / manage your computer user
var
Look ok to me, just a pity that there isnt a CIP card for the 6509 chassis
:)
[EMAIL PROTECTED] wrote:
>
> This is a network requirement:
>
> It is a Farm Site, with Channel interfaces, connection to
> Mainframe (OSA
> FETCH and OSA ATM),
> 215 other server (Windows 2000 and Unix) and 31 serial
Another thing that you may want to do is to condigure ftp crashdump.
Basically with the router crashes, it will dump logs / error etc onto a ftp
servr. I have found this quiet uesfull when trying to debug random router
crashes
neil K. wrote:
>
> Hi Folks,
>
> I got two 1720's connected with a
Depends on your budget, what growth and what reporting functionatily you
want. From one extreme you have HP Openview, netcool etc, all the way down
to something like Nagios / Big Brother etc?
Chris Penrose wrote:
>
> Does anyone have any good advice on choice of network
> management/monitoring s
There is another forumm, @!#$.com :)
[EMAIL PROTECTED] wrote:
>
> Hi Listers:
>
> Are there any other listserver for Cisco related issues?
>
> Thanks
>
> YC
>
>
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66123&t=66081
-
You could get around this by doing a two way nat, or as cisco calls it,
nating for overlapping networks ..
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080093f30.shtml
JP wrote:
>
> I have the following scenario
>
> 0---0-
There are limited log files saved on the router. Since their is no hDD
> On Cisco routers and switches are there log files? How do I
> view them?
>
>
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=66121&t=66070
--
FAQ, list arc
Are both side of the link on sub interfaces? Do you have anything configure
on the main interface or any unassigned DLCI's, which are automatically
assigned to the default interface?
With OSPF I tend to only inlcude networks to which the router is directly
attached, so in your case, network x.x.x
Are both side of the link on sub interfaces? Do you have anything configure
on the main interface or any unassigned DLCI's, which are automatically
assigned to the default interface?
With OSPF I tend to only inlcude networks to which the router is directly
attached, so in your case, network x.x.x
Something like Nagios / big brother would be able to alert you (these
products are free and very usefull)
Link Teo wrote:
>
> I am using leased line to connect my remote offices to HQ. All
> the leased line are backup by ISDN. Is there any tools which
> can inform me via email or other means abou
ONe would hazard a guess ... when you initiate you orginal ping a nat
translation is built using the outside address of your leased line, when you
pull ou the leased lin cable, this translation is still present and that is
why you pings are failing. By tearing down the connectiong and restarting
y
Not necessarily, it could just mean that ICMP replies are disabled.
Traceroute doesn't use the same mechanism as ping, and thus traceroute will
give you end to end connectivity, but by trying to get response times using
ICMP ping wont work as many people disable this. (Meant to minimise
reconaissa
Yes it can be done, you just need to redefine you pool, for 1-1 nat, use all
but 1 of your available IP's, then do another nat with overload on the last
ip address.
=?iso-8859-1?q?ciscoGo2002?= wrote:
>
> Hello folks,
> I have question for you, we want to do dynamic NAT
> with a pool of 128 publi
You should be able to use your normal pool and overload command,
eg ip nat inside source list 1 pool POOL overload,
You pool, for eg is 192.168.0.60->10.168.0.99, then the first 39 IP's would
be used for NAT, and the last will be use for PAT
=?iso-8859-1?q?ciscoGo2002?= wrote:
>
> Hello friend
You are correct, the card can aggregate the dandwidth as long as you dont
use the second port .. you can also do this on 8 port sync/async
cards...have used this for high speed frame-relay !
Andrew Larkins wrote:
>
> I noticed the same thing. From my understanding it works great
> but the
> prob
When I wrote in November pass mark was 58%, 150? and 3 hours!
[EMAIL PROTECTED] wrote:
>
> when i failed in november, it was 150 questions/3 hours/58%
> pass mark
>
> -Original Message-
> From: alaerte Vidali [mailto:[EMAIL PROTECTED]
> Sent: Thursday, April 03, 2003 6:58 AM
> To: [EMA
Well loads of answers already, but my £0.02-> Routes to null can be used to
blackhole traffic with lower overhead that an ACL, but obviously with less
granuality.
You could also use routes to null for redistribution, I have used this in
the case of EIGRP when I wanted to redistribute static routes
i agree with Jeff, try and get slightly newer kit if you can, or anything
that will at least run 12.2. Nothing wrong with the 4000 tho, if you are
using it as a FR switch.
jeff sicuranza wrote:
>
> do not bother with any 2500 series if you are starting out now.
> IOS improvements and requriement
Folllowing on from everyone else, we often make use of loopbacks for
internal peering, that way you will always have redundant paths to iBGP
peers, however when peering with external peers / isp we make use of the
external facing interface ip.
Message Posted at:
http://www.groupstudy.com/form/r
I have seen this too, and like Ian I would normally go with 100/Full
manually configured on botht he Cat and the end device (obviously assuming
both devices support this settings). In real life, I have often found that
setting the cat to Auto will often lead to duplex / speed mismatches
(especiall
Dont really have time at the moment to look into this, but something that
you may want to investigate is the different LSA adverts sent out by
different interface types in OSPF. Depending on the type of interface OSPF
behaves different;y, ie different HELO timers, differnet DEAD timers etc.
You n
1 - 100 of 115 matches
Mail list logo
