|
In the lab I was working at we used Spirent SmartBits to generate routes, tcp traffic, layer 2 and everything in between. But that is an expensive solution so I think that disqualifies you. However if you talk to Spirent they will sometimes let you borrow a chassis for awhile, we had one in our lab that we borrowed for so long that they just let us keep it  Of course we spent a crazy amount of money with spirent so that probably had more to do with it.
|
#
¿
Aug 18, 2008 17:49
|
|
|
|
| # ¿ May 15, 2024 06:26 |
|
|
mezoth, what company are you working with? If it is IBM or ATT or Verizon or something like that I might be able to help you out.
|
|
#
¿
Aug 19, 2008 20:02
|
|
|
mezoth posted:jwh, COPP is the 7600 mechanism, and I forget the acronym they use for the CRS - functionally the same in the end, just a slightly different mechanism (and only available in 3.6.0 and later). Well if it's a large American or Canadian SP you might be able to use the Cisco Service Provider labs. There are some located in Herndon, Virginia, as well as Richardson (Dallas), Texas. If you (or your account SE/AM) have CEC access you might try that. They've got all the test equipment you need, but it's typically only for the SP group within Cisco. Anyway it's something to try depending on your needs. They do remote labs as well, so if you just want to run some traffic across a 7600 and a CRS with a particular IOS image, you can certainly do that.
|
|
#
¿
Aug 20, 2008 15:07
|
|
|
ObamaisaTerrist posted:Can someone fill me in on some basic terminology? Google isn't helping. Edge switches are smaller less powerful switches that the users actually plug directly into (2900's, etc). Aggregation are better switches that can do MPLS and usually have fiber uplinks to the core (3560, 3750, 3400 Metro, 4948's). Core are the big switches like 6500s and GSRs (sometimes a 4948). They usually hand off to the main routers 7600, and CRSs. Aggregation isn't always needed on an individual business level. On the Service Provider level the Core is typically made up of routers and the aggregation is 6500's full of 6748 SFPs, with some ES20's thrown in for full line rate handoff to the core. But like everything else in networking this is just a guideline, and there is no hard and fast definition for separating core from edge from aggregation.
|
|
#
¿
Aug 30, 2008 17:12
|
|
|
If there is a duplicate IP on the network and you can't track down what device it is, you can use 'sh mac-address-table' plus 'show arp' and figure out the physical port the duplicate IP is on. Then you can manually trace the wire to the device. I had to do this a few times when I was a Lab COOP. 4 dynamic Class C networks, with about 160 devices each made the likely hood of duplicate addresses common.
|
|
#
¿
Sep 1, 2008 02:59
|
|
|
jwh posted:This is not the IP address on the 2600's Fa0/0, and I didn't think the 2960 could act as a layer-3 router. I thought the SVI interfaces on the 2960 were mostly for management purposes. I could be wrong about this. You are correct. The 2960 is a simple managed switch, not a layer 3 switch.
|
|
#
¿
Sep 5, 2008 04:34
|
|
|
The CCNA isn't a hard test. If you have access to equipment and you actually focus on studying, you'll be fine. If you just sort of skim over the material and don't actually try to apply what you learn to some routers, then you never will. If you can get two 2600's that have a serial port and can do ospf/eigrp then that is all you need for the CCNA. Oh and a book of course. A friend of mine who had zero experience was able to pass the test in a month.
|
|
#
¿
Sep 8, 2008 03:34
|
|
|
Syano posted:Is it possible to assign two IPs to the same interface on an ASA 5510? I'd imagine that you can do sub-interfaces. But I'd have to ask what you are trying to do.
|
|
#
¿
Sep 10, 2008 00:00
|
|
|
debug ip icmp ? I'm not familiar with what the trace command does.
|
|
#
¿
Sep 17, 2008 00:08
|
|
|
Luigi Thirty posted:Recently, I picked up three 2500-series routers formerly owned by the local school board, and so far I've recovered the passwords thanks to Google. However, I can't access any Cisco support stuff like IOS upgrades (the one I'm lookin at now is copyright 1997) since I obviously don't have an order number or service contract. Is there a way I can still get upgrades or am I stuck with trying to buy stuff from them directly before I can get anything? Even with full CCO and support access you cannot get any IOS for the 2500 series routers. I would suggest looking for an old version depository for old IOS code. I believe the latest that will run on a 2500 series is a 12.2 release, which is nice because 12.0 finally has all the usability features that you take for granted these days. The file name will be in a format like "c2500-x" Good luck finding it though. e:Hmm. Actually now that I check. It seems that engineering access has a backlog of EOL software. Tell me what kind of 2500s you have and I can get you the software if you'd like. Oh and apparently the latest version is "c2500-is-l.123-26.bin" So look for that. ate shit on live tv fucked around with this message at 19:58 on Sep 22, 2008 |
|
#
¿
Sep 22, 2008 19:53
|
|
|
Luigi Thirty posted:Thanks. I've got two 2524s and a 2501. I only paid $15 for the set so it's not like it's a big loss. Apparently all 2500's use the same IOS release. I'll give you a link in a bit gotta host it real quick.
|
|
#
¿
Sep 23, 2008 05:05
|
|
|
Here is the latest 2500 image (12.3-26). I figure its EoL so I shouldn't get in trouble for the link. http://pcrules.yourconsolesucks.com/c2500-is-l.123-26.bin I'll take it down in a few days.
|
|
#
¿
Sep 25, 2008 04:32
|
|
|
Ok I want to say this is possible, but... What I want to do is make a layer 2 network over my existing internet connection. The terminating points will be either 2x851s (ISR) or 2x3560's (layer 3 switch) or both if needed. My gut tells me there should be a way to encapsulate a layer 2 payload into ip, and have it come out one of the interfaces on my router, or a separate vlan on my switch. Unfortunelty I don't know if it's possible, or if it is, how to even start doing it. Can anyone point me in the right direction?
|
|
#
¿
Oct 14, 2008 20:36
|
|
|
I found L2TP after I posted, but it doesn't look like quite what I'm looking for. That seems to be some kind of dial in tunnel. I just want to connect to a remote IP (cisco router) and have it pipe a layer 2 connection from one of my router's ports to one of it's ports. I looked at something called a "pseudo-wire" and I know that has to do with MPLS but I'm wondering if I can use it for my purposes. Anyone have any experience with pseudo wires? Or a suggestion for what I'm trying to do, or a way to do the L2TP but without the dial in authentication? I'll check those configs you posted jwh. Thanks.
|
|
#
¿
Oct 15, 2008 04:13
|
|
|
jwh posted:L2TPv3 will do what you want, without the dial-in stuffs. Here's a direct link. Ah, cool. I missed that when I was looking last night. Thanks again.
|
|
#
¿
Oct 15, 2008 14:51
|
|
|
jwh posted:Those are nice switches to inherit. Looking at Cisco.com the newest version of IOS you can get for them is 12.1.22. There isn't an Advanced IP services release, so either the Crypto Base release supports it, or you are SOL. Looking at my 3560G with IP Base w/crypto, there isn't an SSH option. Oh well just set up RADIUS and use that instead. They are nice switches though.
|
|
#
¿
Oct 27, 2008 06:31
|
|
|
inignot posted:Either move your links to L3, or keep the links L2 & move your L3 interfaces all onto the core with HSRP between the core switches. This is the suggested method for L2 access. Honestly you should be running HSRP at the core anyway.
|
|
#
¿
Nov 4, 2008 05:15
|
|
|
jbusbysack posted:Completely anectdotal, but have you ever had issues with the 3750Es in stacking or standalone format? I have never had issues with them, but standard 3750s I have seen stack flaps several times. 3750Es are totally different beasts. They use "stackwise+" Which aside from being a marketing term has 64GB bandwidth as well as protection similar to "BLSR" . The E series of switches are really awesome and it wouldn't surprise me if it fixed those problems. 3750's have been around for a long time, and are just generally old switches. Of course the price premium for a stack of E's is "significant."
|
|
#
¿
Jan 4, 2009 04:23
|
|
|
jbusbysack posted:My problem with the E-series aside from cost is that afaik you cant get a switch that will put out 18.4mW or whatever the 1252 802.11n APs need on PoE. Daisy-chaining injectors isnt a particularly good solution either. Correct me if im wrong about the PoE capabilities of other devices though, I'd be interested in hearing about them. quote:That is why Cisco developed Cisco Enhanced PoE, Cisco's extension to the IEEE 802.3af standard that delivers as much as 20W per port of inline power for devices that support Cisco Discovery Protocol (CDP). Cisco Enhanced PoE is offered on Catalyst 3750-E and Catalyst 3560-E switches starting in February 2008 with Cisco IOSŪ Software Release 12.2(44)SE. The Catalyst 6500 Series10/100/100 PoE linecards support Enhanced PoE with 12.2(33)SXH2 or later and the Catalyst 4500 E-Series support Enhanced PoE with 12.2(44)SG or later. From here. http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps5023/White_Paper_C11-453743-00.html Basically wait about 2 months and your 3750-Es will support the new 802.11n APs.
|
|
#
¿
Jan 4, 2009 08:04
|
|
|
jbusbysack posted:Yeah, I'm sorry - mistyped. My issue is that no other device besides the -E series will do enhanced PoE when that class of switch is complete overkill for your typical access port/WAP needs. Well the idea is that if you are running a full wireless mesh infrastructure it is assumed you have wiring closets and have drops running to cubicles etc. Thus you will have either a small stack of 3750s, or a 4500 or 6500 chassis. Where else would you want to run n APs? Also its definitely a selling point, want to support n APs? Then you need the new top of line switches. The E's also support full line rate GigE which is pretty cool.
|
|
#
¿
Jan 4, 2009 19:42
|
|
|
Interesting scenario. 'n' is perfect for what you are describing. I'd say you do something like a centrally located switch with a fiber run to the aggregation switch. Thus you'd have around 600 feet to place APs. Depending on the size of the warehouse you could get away with only a few switches. OR you could daisy chain a few switches in a row across the warehouse and hang the APs off those. But yea, you'll have a lot of wasted ports unfortunately. You might just have to use plug-in APs. However remember the 802.3at and the 802.11n standard is still pretty new, just give it some time and I bet there will be smaller switches that will do ePoE/802.3at. As fast as technology moves, the market still moves faster.
|
|
#
¿
Jan 4, 2009 23:59
|
|
|
Wicaeed posted:Quick question: I've got some Cisco FLASH Intel Series 2+ memory cards that my work had laying around, is there any way I can get these to be read in any PCMCIA slot in a laptop so that I can put a more recent IOS image on them? without having any of my Cisco devices connected to a network? Most likely not, in order to read the cards you have to format them to FAT or FAT32, the older cisco routers cannot read FAT or FAT32. However, I think you might be able to do a "raw write" to them and put an image on it that way. And of course there is always zmodem.
|
|
#
¿
Jan 6, 2009 17:18
|
|
|
nex posted:We have several Xenpaks and SFPs that support Digital Optical Monitoring(DOM) that are used ad-hoc to get a overview in error situations. If you are using these optics on CRS-1s or 7600's then I believe there is already a utility that runs in IOS-XR, and perhaps a module on the 7600 that allows you to monitor the degradation before traffic loss. Unfortunately I don't remember how we did it when we were testing failover for video streams. I'll check around.
|
|
#
¿
Jan 22, 2009 00:28
|
|
|
nex posted:Our core is 7600 and CRS-1 only so that would be really awesome, thanks. The major concern for us too is the IP-TV part, so it seems we have a pretty similar scenario. Bad news, but hopefully you figured out the problem. What we were doing didn't use DoM. We used a feature that was created specifically for SAVVIS in the CRS only. It worked by monitoring FEC Errors, when the number of errors got too high it would fail over. I'm not sure if this feature has been implemented in the mainline IOX code. If you are interested in the feature and it isn't implemented yet, see if you can talk to a Cisco rep about Service Provider .pie files for your CRS. You'll need to talk to a Verizon, AT&T, or SAVVIS SE. Though I assume if you bought several CRS's you might actually have access to it, and just didn't know. Hopefully that will help for what you guys want to do.
|
|
#
¿
Jan 23, 2009 23:33
|
|
|
How to stop ARP Spam? So I get home from work and my internet is going slow as poo poo. I assume it is my roomate bit torrenting so I log into my Cisco851w just to look at the traffic. But then I notice something odd:quote:ARP statistics: Obviously that is a little excessive. Since the ARP is coming from the internet I can't actually stop it at the source, but I figure I can at least stop my router from processing all the requests. But I'm not sure how to do it. I want to receive one arp from my cable modem which we will assume is 20.20.20.20 but I want to block all others. I'm getting ARPs from both the same subnet as well as some apparently unrelated addresses from elsewhere. So I know the solution is Access-lists, but how would I configure it to only apply to ARPs? Also is there another way to do it? Semi-related, does anyone have a "hardened" IOS config they can post? You know the usual stuff, outbound ACLs, Inbound ACLs appropiate services disabled etc? Whatever other "tricks" there are. I'm not very security savvy, so any help would be appreciated.
|
|
#
¿
Feb 4, 2009 03:36
|
|
|
QoS is hard, and I'm practicing, but I have some questions. I have an 851w for an internet router. I can't do custom QoS on it (Software image doesn't support it because Cisco wants you to buy an 871 for that), but I know that it supports QoS from say a Cisco IP Phone or something like that. However I can't define Class-maps or Policy-maps on it. I do have a 3560G switch though, and it does support full QoS etc. So what I want to do is prioritize all traffic over bittorrent traffic. I'm thinking that because the port is 100Mb to the router and my internet connection is around 6mb down and 512kb up that I can simulate congestion on that link by limiting the bandwidth of the switchport. Not sure if I can make it only limit the upload though. The problem with bittorrent is saturating the upstream. The downstream rarely gets overwhelmed, but I know the 512up gets obliterated pretty good. I also know that I can limit my upload via the bittorrent client, but I'd rather have a more flexible solution so that during the day when no one is home we can get our full 40K up. So does someone know how to make this work? If I can just figure out how to make the 851 think I've got some Cisco IP Phones connected or some otherway of enabling QoS that will help a lot too. Any ideas?
|
|
#
¿
Feb 11, 2009 00:18
|
|
|
Yea. I'm not to familiar with setting up QoS for an IP Phone via the 851. Also I don't KNOW that it supports QoS, but I assume it does because of all the literature. The 851 does have some options as far as QoS is concerned, but all the commands are different. I'm not sure how to setup PQ because none of the standard commands work to enable it. Also ironically enough, when I googled for 851 QoS, it brought me to this thread on page 3, where I'm asking the same question. With my better experience and overall knowledge I'm able to understand better the solutions that were presented to me, or rather understand why they won't work on my router. I wonder if I could talk to one of my IOS programmer buddies and get him to compile me a special advanced IP services 851 image, it would be trivial to do since the 851 and 871 are basically the same...probably a pipe dream. Anyway, I think I'm going to adopt this as a long(er) term project. Because I know its possible to do somehow, but the device is so small scale that none of the technical aptitude at Cisco has much interest in it. So I'll be mostly on my own.... Also the K9-mz has to do with basic security features. The IOS I need is an "Advanced ip services" image. That image contains all the fun stuff like IPV6 routing, ISIS, BGP, EIGRP, OSPF, QOS etc. Basically if you are doing any kind of ISP interaction that is beyond a simple point to point or static route you probably need Advanced IP Services. Advanced Enterprise Services would work as well. e: I wonder if I could find a "voice" image for this thing, and if that would have the QoS stuff that I need...hmm. ate shit on live tv fucked around with this message at 09:07 on Feb 11, 2009 |
|
#
¿
Feb 11, 2009 09:00
|
|
|
2 2600 routers and 2 2900 switchs with maybe a 2500 router for a console server is all you need for the CCNA. But honestly you don't even need that, just use Dynamips or something. The CCNA can be passed even without even passing the sims.
|
|
#
¿
Feb 11, 2009 20:25
|
|
|
Whats the point of Vlans? Just run layer 3 everywhere.
|
|
#
¿
Feb 12, 2009 05:10
|
|
|
InferiorWang posted:What? haha Well as I think about it a little more, there are several good reasons to have vlans depending on your topology, so never mind
|
|
#
¿
Feb 12, 2009 20:43
|
|
|
Best practice says to avoid ACLs in the Core. But I think wireless is the exception. However depending on your controller, if it will let you do ACLs on it, then go for it.
|
|
#
¿
Feb 17, 2009 18:00
|
|
|
Scripting for Routers/Switches. I've never done anything like this before but I was wondering how I would setup a script that I could run from the windows command line, that would connect to a switch and automatically execute some basic configuration. Basically I want to connect to my switch and shutdown or bring up an interface, by just running a simple command. I use VNC to connect to the remote system and when I have that interface operational I've got torrents etc blasting away at full speed which cripples my VNC connection. So ideally I'd like to connect to the remote system run a file called "stop" and it would automatically disable the switch port and that would clear up my bandwidth. Then when I'm done I could run "go" and the port would be reenabled. So what would be the best way to do that?
|
|
#
¿
Mar 9, 2009 18:00
|
|
|
Martytoof posted:Sorry, I don't have anything useful to add to your scripting question, but wouldn't this a perfect test case for QoS? It sure would, assuming my 851 wasn't software crippled 
|
|
#
¿
Mar 9, 2009 19:33
|
|
|
inignot posted:I'm currently sitting in a colo cage exploring the dark heart of the sup2. I need a particular IOS version to support the FWSM. I have it on a 64M flash card in the Sup. However there is a minimum rommon version required to boot from the 64M flash card. This is awful. Is it a CatOS or Hybrid sup? Because if it is, hooboy, are you in for a world of poo poo.
|
|
#
¿
Mar 19, 2009 13:43
|
|
|
Lowen SoDium posted:On Callmanager 6.1.3, I can not get calls to us g722 for the life of me. I am trying to use some wideband handsets but they don't do much with out g722. Are these local calls, or going over your wan? If they are going over your wan you have to do some configuration on your voice gateways. If they are local, then I'm not sure what the problem is. Maybe reboot the phones so they can download their new configurations?
|
|
#
¿
Apr 7, 2009 16:43
|
|
|
Lowen SoDium posted:Local calls. What kind of phones are they? Just because you have a wideband handset, doesn't mean the phone can actually do Wideband.
|
|
#
¿
Apr 7, 2009 17:53
|
|
|
Lowen SoDium posted:They are 7941 phones. They are supposed to support wideband and g722. Hmm. I don't think the 7941's support Wideband. 7941G's do as well as 7942's and higher but the normal 7941, doesn't. Check Settings > User Preferences > Audio Preferences > Wideband Headset on the phone. If the Wideband Headset option isn't there then you are sol.
|
|
#
¿
Apr 7, 2009 23:29
|
|
|
Lowen SoDium posted:The setting is there. The are 7941G. I have not ever seen a 7941 nonG except for the 7941GE. Either way, these phones are supposed to support the handset and the codec. Ah I understand then. I'm not super familiar with UC 6.0 so I can't help you anymore than that, good luck
|
|
#
¿
Apr 8, 2009 04:43
|
|
|
Agrikk posted:Help me troubleshoot a NAT problem in my Cisco 2600 series router. The other thing is to make sure that you are forwarding tcp connections if you need them. Otherwise make srue you've got the correct ports forwarded, get rid of extendable, and save the config, then reload the router. I know you shouldn't have to reload it with Cisco gear, but you aren't exactly a service provider, so just do it anyway. Oh also instead of using an external IP Address you might try just using an interface. For mine I use sometihng like this: code:ate shit on live tv fucked around with this message at 08:20 on Apr 16, 2009 |
|
#
¿
Apr 16, 2009 08:15
|
|
|
|
| # ¿ May 15, 2024 06:26 |
|
|
StabbinHobo posted:Is there a default management IP address for a 2960G? My usb to serial adapter won't arrive till wednesday, so I'm gonna spend all tomorrow in the colo staring at this switch I can't configure. Is it a brand new 2960G, cleared config and everything? Because if so, it will only have VLAN1 with no IP address set. I had a similar problem with a 3560G. Depending on the infrastructure you have around, you could make it join a VTP/SNMP domain, default name cisco for both, and from there maybe nudge some configuration onto it. Otherwise I think you might be SOL. You could also try setting up a DHCP server and see if it grabs an IP Address, but if its default config, then you will be SOL for that as well.
|
|
#
¿
May 19, 2009 06:06
|
|