Hi guys this is a question that arises in my head while working on a real world implementation.
Does exists some way to configure multiple ip addresses over multiple ATM subinterfaces but with the same VPI/VCI pair ?
I'm not sure if the cli will complain with the fact that i'm assigning different IP within the same circuit.
Thanks for the help
I'm currently studying for v5 Routing and Switching and wanted to see if there was any interest out there in a Study Group in the San Diego / SoCal area. I feel meeting in person is best, but nowdays with Skype and Webex, really only the time zone (Pacific US) is important.
I've taken the RS v4 Lab twice and I'm going for the v5 late summer / early fall. I have to take the v5 written again to re-qualify (I took a break).
What I hope to get from study partners is:
Ability to socialize about the CCIE - most wives aren't interested in hearing about OSPF LSA types. :)
Comparing study strategies
Opportunity to see other angles and ideas about the topics
And other similar benefits.
If this is something that seems like a good fit, please reply here or feel free to PM me.
thanks in advance for any interest!
Hi Guys,
Will 4948 with IOS cat4500-entservicesk9-mz.150-2.SG9.bin work instead of using 3560G's?
I did a search, but couldn't find much info.
Thanks,
I had being trying to connect my physical switches (4x3560 catalysts) using a break-out switch (4948) to the CSR 1000v instances on vmware without any success.
I had successfully on previous occasions connected GNS3 running on CentOS to physical switches via a breakout switch.
FOllowing is my setup:
on break_out switch: connecting to the VM_Host
interface GigabitEthernet1/24
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 101-104
switchport mode trunk
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
break_sw (g1/1) connected to physical SW_1 (fa0/1)
interface GigabitEthernet1/1
description R1 > SW1
switchport access vlan 101
switchport mode dot1q-tunnel
l2protocol-tunnel cdp
l2protocol-tunnel lldp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
spanning-tree portfast
end
Port g1/24 of break_SW is connected to eth0 of VM_Host, i create a virtual port group on the vmhost, set vlan_id as 101, assign this vm_net to the csr_1000v(R1) g3
create a dot1q interface on the router:
int g3.300
encap dot1q 300
ip addr 100.0.0.1 255.255.255.0
go to physical switch SW1
create vlan 300
enable trunking on fa0/1
int fa0/1
sw trunk encap dot
sw mode trunk
sw trunk allowed vlan 300
int vlan 300
ip addr 100.0.0.11 255.255.255.0
Did all these steps, i go to CSR1000v (R1) and tried to ping vlan300 interface of physical switch (SW1) with no luck, I do not see any arp on router no mac addr on vlan 300 on the physical switch.
But i can see cdp from both devices (R1) and SW1.
Am i missing a step? I suppose the issue lies on VM host? Is it even possible to use VMhost this way to connect to a break switch and tunnel vlans?
appreciate any help on this.
thanks
Ahmed.
Hi all,
Having VPLS configured, is there any way to find out what will be the label stack pushed to a frame coming from CE router?
In case of MPLS/IP VPN it's possible by doing CEF lookup inside VRF, something like sh cef vrf X <my_destination>.
This will tell me what labels will be imposed.
Thanks!
Hi guys,
Is this redundant ?
Task:
Traffic to prefixes that transit AS 54 but were not originated in AS 54 is
always sent to R3.
R3:
interface Loopback1
ip address 3.3.3.3 255.255.255.0
!
ip as-path access-list 1 deny _54$ <----------- Omitting this would be implicitly denied right?
ip as-path access-list 1 permit _54_
!
ip as-path access-list 2 permit _254$
----------------
I omitted and the Local Pref. was applied correctly:
R2#sh ip bgp quote-regexp _54_
BGP table version is 77, local router ID is 150.1.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* i 28.119.16.0/24 155.1.108.10 0 200 0 54 i
*>i 155.1.108.10 0 200 0 54 i
* i 28.119.17.0/24 155.1.108.10 0 200 0 54 i
*>i 155.1.108.10 0 200 0 54 i
*>i 112.0.0.0 155.1.37.7 0 200 0 300 54 50 60 i
* i 155.1.37.7 0 200 0 300 54 50 60 i
*>i 113.0.0.0 155.1.37.7 0 200 0 300 54 50 60 i
* i 155.1.37.7 0 200 0 300 54 50 60 i
* i 114.0.0.0 155.1.108.10 0 200 0 54 i
*>i 155.1.108.10 0 200 0 54 i
* i 115.0.0.0 155.1.108.10 0 200 0 54 i
*>i 155.1.108.10 0 200 0 54 i
* i 116.0.0.0 155.1.108.10 0 200 0 54 i
*>i 155.1.108.10 0 200 0 54 i
Network Next Hop Metric LocPrf Weight Path
* i 117.0.0.0 155.1.108.10 0 200 0 54 i
*>i 155.1.108.10 0 200 0 54 i
* i 118.0.0.0 155.1.108.10 0 200 0 54 i
*>i 155.1.108.10 0 200 0 54 i
* i 119.0.0.0 155.1.108.10 0 200 0 54 i
*>i 155.1.108.10 0 200 0 54 i
Hi guys
I took couple months ago Cisco SPv3 lab and failed. I'm planning to take it again next month. I hope I'm not braaking Cisco policy by asking people who attempted the lab few times if second ( or even thrid ) lab are similar in form and level of dificulty or Cisco suprises as again with totaly something new?
Thanks in advnace .
Mark
Hello all,
when i practised with this BGP lab, i found that conditional adv with ACL was not working.
prefix-list was working
configration as below. who ever found it ?
thanks
Danny
neighbor 155.1.37.7 advertise-map ADVERTISE_MAP non-exist-map NON_EXIST_MAP
!
ip forward-protocol nd
!
ip as-path access-list 1 permit 254$
!
no ip http server
no ip http secure-server
!
!
ip prefix-list LINK_R1_R3 seq 5 permit 155.1.13.0/24
!
route-map NON_EXIST_MAP permit 10
match ip address 11
!
route-map ADVERTISE_MAP permit 10
match as-path 1
!
!
access-list 11 permit 155.1.13.0
this evening I have been having an issue with portforwarding/NATing on a ASA. Not sure if amyone can help.
I want to setup a mailserver however I only have one static IP address that's used on my outside interface. Am I right in thinking that I will need to setup port forwarding after I created an object and enabled auto nat. I only have the option of putting one port in when I need to use three ports 993/465 and 25.
If anyone can help with this it would be greatly appreciated.
In my company we use cisco ASA firewall and we prevent access to some websites like facebook, youtube,...etc but some users connect to proxy servers and use free vpn software like hotspotshield and Ultrasurf to get access to blocked websites.
I need to know how to configure ASA fireware to block conection to proxy servers and also to block free vpn software taffic.
Hi,
I passed my CCIE and I have a lot of rack tokens that i do not need any more if anyone is interested just pm me
i have a total of 3000 tokens, price is 600 USD for 1000 tokens
Hi guys, I had taken my exam on 24th OCT 2014 and during my exam there was power outage and all the PC got rebooted with all other candidated and Proctor struggled 2 hours to make the lab back online but my lab portal was not opening and again he struggled to make my lab portal open, and he succeeded to bring back me my lab portal but my all results were messed up and the also the router session was messed up , opening R7 making R8 to open , i called Proctor to check and after spending 10 more minutes he told me sorry he cant do anything this is hardware failuer and i cannot no more longer sit in teh lab and can leave the exam room , and if i didnt get satisfactory result i may can open the case with cisco . Although i have completed my whole lab and had save each of my topics but they send me failed result. now i had opened my case with cisco and let C what they will do with me . any one can give me suggestions.
Hi all;
I changed my ASA to work in "transparent mode". now I can issue telnet from internal to dmz and outside. but after adding ICMP inspection rule, ICMP reply packets don't pass through ASA in return direction. my config is:
ciscoasa(config)# sh run
access-list TEST_ACL extended permit icmp 1.1.1.0 255.255.255.0 interface DMZ
!
class-map icmp-class
match access-list TEST_ACL
!
policy-map ICMP_INSPECTION
class ICMP_CLASS
inspect icmp
!
interface BVI1
ip address 1.1.1.254 255.255.255.0
!
firewall transparent
!
service-policy ICMP_INSPECTION interface INTERNAL
do I miss something?!
This may need to be in the Service-Provider sub-forum.
Does anyone have any insight into these numbers and predictions? I am thinking that these numbers are really high, unless workers are always on the Internet. If these numbers are real, there may be a lot of opportunity for local multimedia servers/gateways.
Any feedback is appreciated. Thanks.
http://www.e-vergent.com/how-much-bandwidth-business-need/
A report call “The Broadband Imperative” shows that schools need 100Mbps for every 1,000 Internet users. The call for robust broadband in schools comes from the shift of learning to online platforms. The same is true for business.
Businesses that rely on online applications can fairly compare a student’s broadband bandwidth needs to the bandwidth needs of an employee. By comparing businesses to the well-researched education sector we can lay some ground rules for bandwidth demands today and in the future:
- Businesses need 100Mbps per 1,000 users or 100Kbps per user.
- By 2017 the report projects users will require 1Gbps per 1,000 students or 1Mbps per user
- For high-definition video streaming each person requires 4Mbps of download speed.
- For video conferencing (Skype, Google Hangouts, Go To Meeting, etc.) each person requires about 8Mbps of download speed.
I did not quite understand why we need to generate a label for the ipv6 prefix.
Once packet reaches the PE, cannot it not just look at the ipv6 address and route the packet?
But it does not seem to work unless you send ipv6 label via bgp.
Hi,
I wanted some advice from some of the experienced guys on the forum. I have completed my written and am studying hard for the lab with a view of sitting the exam (hopefully) in December this year. I have purchased the INE R&S bootcamp and currently trying to debate when I should do it. I am in currently in the midst of going through the ATC videos and Advanced Technologies Labs. My current plan of action is:
ATC videos/Theory/Advanced Technology Labs -> Bootcamp -> Foundation Labs -> Troubleshooting Labs -> Full Scale Labs
So the question is, does the order in this strategy/plan look reasonable or would you advise changing it?
its a basic question but at the moment im a novice . so help really appreciated as just started my ccna journey
during my free time im putting up my home lab with mixed hardware real routers +csr1000v and real switches .following is the list
Home pc with amd 8 core +16gb which will run
8 x CSR1000v (running on vmware workstion all bridged to one physical nic which gets plugged in sw1)
12 x 1841 (got it at the cost of upgrading the ram to 64 gb)(each router gets plugged in sw1)
so that completes the router
4 switches are:-
2 x 3550 24port
2 x 3750g 24 port
NOw i dont wann invest in breakout switch so plaaning to use sw1 (3750g) for the same
the following are the two inital config for the sw1 .(for interface 1-14)
http://ieoc.com/forums/p/29291/241264.aspx#241264
interface range fa0/1 - 14
switchport trunk encapsulation dot1q
switchport mode trunk
http://ieoc.com/forums/t/29291.aspx?PageIndex=38
Switchport mode dot1q-tunnel
Switchport access vlan 1
My question is which initial config need to be used and if its as per scenario can someone give me an example.
Also have a 2950switch if I use it as breakout switch Wat feature will I loose
Hello Christian,
I know this is not the right forum to check this but I could see you are active on this forum so just want to check with you.
Do you have any idea when videos for CCNA Security - 640-554 IINS will be released.
I am an AAP member and it says the videos will be released in April 2015, so I would like to sit on a live class for this.
Task 7.1 has you configure LDP between Routers 3, 9 and 10. My R10 has no output in 'show mpls forwarding-table', possibly because it really only has a default-route, due to Area 51 being a totally stubby area.
The task solutions show a /32 route (and label) for R9's loopback, but I can't find any other task anywhere that would have created this route.
Am I missing something?