Quantcast
Channel: IEOC - INE's Online Community
Viewing all 10744 articles
Browse latest View live

Multiple ip adresses over ATM

$
0
0

 

Hi guys this is a question that arises in my head while working on a real world implementation.

Does exists some way to configure multiple ip addresses over multiple ATM subinterfaces but with the same VPI/VCI pair ?

I'm not sure if the cli will complain with the fact that i'm assigning different IP within the same circuit.

Thanks for the help


San Diego / SoCal / PST Study Group or Partners Interest

$
0
0

I'm currently studying for v5 Routing and Switching and wanted to see if there was any interest out there in a Study Group in the San Diego / SoCal area.  I feel meeting in person is best, but nowdays with Skype and Webex, really only the time zone (Pacific US) is important.

 

I've taken the RS v4 Lab twice and I'm going for the v5 late summer / early fall.  I have to take the v5 written again to re-qualify (I took a break).

 

What I hope to get from study partners is:

 

Ability to socialize about the CCIE - most wives aren't interested in hearing about OSPF LSA types. :)

Comparing study strategies

Opportunity to see other angles and ideas about the topics

And other similar benefits.

 

If this is something that seems like a good fit, please reply here or feel free to PM me.

 

thanks in advance for any interest!

 

CCIE v5 home lab

$
0
0

Hi Guys,

 

Will 4948 with IOS cat4500-entservicesk9-mz.150-2.SG9.bin work instead of using 3560G's?

I did a search, but couldn't find much info.

Thanks,

Use a break-out switch to connect CSR1000v to physical switches

$
0
0

I had being trying to connect my physical switches (4x3560 catalysts) using a break-out switch (4948) to the CSR 1000v instances on vmware without any success.

I had successfully on previous occasions connected GNS3 running on CentOS to physical switches via a breakout switch.

 

FOllowing is my setup:

on break_out switch: connecting to the VM_Host

interface GigabitEthernet1/24

 switchport trunk encapsulation dot1q

 switchport trunk allowed vlan 101-104

 switchport mode trunk

 l2protocol-tunnel cdp

 l2protocol-tunnel stp

 l2protocol-tunnel vtp

 no cdp enable

 

break_sw (g1/1) connected to physical SW_1 (fa0/1)

interface GigabitEthernet1/1

 description R1 > SW1

 switchport access vlan 101

 switchport mode dot1q-tunnel

 l2protocol-tunnel cdp

 l2protocol-tunnel lldp

 l2protocol-tunnel stp

 l2protocol-tunnel vtp

 no cdp enable

 spanning-tree portfast

end

 

Port g1/24 of break_SW is connected to eth0 of VM_Host, i create a virtual port group on the vmhost, set vlan_id as 101, assign this vm_net to the csr_1000v(R1) g3

create a dot1q interface on the router:

int g3.300

encap dot1q 300

ip addr 100.0.0.1 255.255.255.0

 

go to physical switch SW1

create vlan 300

enable trunking on fa0/1

int fa0/1

sw trunk encap dot

sw mode trunk

sw trunk allowed vlan 300

 

int vlan 300

ip addr 100.0.0.11 255.255.255.0

 

Did all these steps, i go to CSR1000v (R1) and tried to ping vlan300 interface of physical switch (SW1) with no luck, I do not see any arp on router no mac addr on vlan 300 on the physical switch.

But i can see cdp from both devices (R1) and SW1.

Am i missing a step? I suppose the issue lies on VM host? Is it even possible to use VMhost this way to connect to a break switch and tunnel vlans?

appreciate any help on this.

 

thanks

Ahmed.

VPLS - how to check label stack?

$
0
0

Hi all,

 

Having VPLS configured, is there any way to find out what will be the label stack pushed to a frame coming from CE router? 

In case of MPLS/IP VPN it's possible by doing CEF lookup inside VRF, something like sh cef vrf X <my_destination>.

This will tell me what labels will be imposed.

 

Thanks!

BGP Regular Expressions

$
0
0

Hi guys,

Is this redundant ?

Task:

Traffic to prefixes that transit AS 54 but were not originated in AS 54 is
always sent to R3.

R3:
interface Loopback1
ip address 3.3.3.3 255.255.255.0
!
ip as-path access-list 1 deny _54$ <-----------  Omitting this would be implicitly denied right?
ip as-path access-list 1 permit _54_
!
ip as-path access-list 2 permit _254$

----------------

I omitted and the Local Pref. was applied correctly:

 

R2#sh ip bgp quote-regexp _54_
BGP table version is 77, local router ID is 150.1.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 * i 28.119.16.0/24   155.1.108.10             0    200      0 54 i
 *>i                  155.1.108.10             0    200      0 54 i
 * i 28.119.17.0/24   155.1.108.10             0    200      0 54 i
 *>i                  155.1.108.10             0    200      0 54 i
 *>i 112.0.0.0        155.1.37.7               0    200      0 300 54 50 60 i
 * i                  155.1.37.7               0    200      0 300 54 50 60 i
 *>i 113.0.0.0        155.1.37.7               0    200      0 300 54 50 60 i
 * i                  155.1.37.7               0    200      0 300 54 50 60 i
 * i 114.0.0.0        155.1.108.10             0    200      0 54 i
 *>i                  155.1.108.10             0    200      0 54 i
 * i 115.0.0.0        155.1.108.10             0    200      0 54 i
 *>i                  155.1.108.10             0    200      0 54 i
 * i 116.0.0.0        155.1.108.10             0    200      0 54 i
 *>i                  155.1.108.10             0    200      0 54 i
     Network          Next Hop            Metric LocPrf Weight Path
 * i 117.0.0.0        155.1.108.10             0    200      0 54 i
 *>i                  155.1.108.10             0    200      0 54 i
 * i 118.0.0.0        155.1.108.10             0    200      0 54 i
 *>i                  155.1.108.10             0    200      0 54 i
 * i 119.0.0.0        155.1.108.10             0    200      0 54 i
 *>i                  155.1.108.10             0    200      0 54 i

CCIE SPv3 Lab

$
0
0

Hi guys

I took couple months  ago Cisco SPv3 lab and failed. I'm planning to take it again next month.  I hope I'm not braaking Cisco policy by asking people who attempted the lab few times if second  ( or even thrid ) lab are similar in form and level of dificulty or Cisco suprises as again with totaly something new?

Thanks in advnace .

Mark

 

BGP conditional advertise with ACL list not working

$
0
0

Hello all,

when i practised with this BGP lab, i found that conditional adv with ACL was not working.

prefix-list was working

 

configration as below. who ever found it ?

thanks

Danny

 

neighbor 155.1.37.7 advertise-map ADVERTISE_MAP non-exist-map NON_EXIST_MAP
 
!
ip forward-protocol nd
!
ip as-path access-list 1 permit 254$
!
no ip http server
no ip http secure-server
!
!
ip prefix-list LINK_R1_R3 seq 5 permit 155.1.13.0/24
!
route-map NON_EXIST_MAP permit 10
 match ip address 11
!
route-map ADVERTISE_MAP permit 10
 match as-path 1
!
!
access-list 11 permit 155.1.13.0


Port forwarding Cisco ASA 5505 ver 9.1

$
0
0

this evening I have been having an issue with portforwarding/NATing on a ASA. Not sure if amyone can help.

I want to setup a mailserver however I only have one static IP address that's used on my outside interface. Am I right in thinking that I will need to setup port forwarding after I created an object and enabled auto nat. I only have the option of putting one port in when I need to use three ports 993/465 and 25.

 

If anyone can help with this it would be greatly appreciated.

need to know how to block connection to proxy servers and also how to block free vpn softwares like hotspotshield, Ultrasurf and FreeGate

$
0
0

In my company we use cisco ASA firewall and we prevent access to some websites like facebook, youtube,...etc but some users connect to proxy servers and use free vpn software like hotspotshield and Ultrasurf to get access to blocked websites.

I need to know how to configure ASA fireware to block conection to proxy servers and also to block free vpn software taffic.

INE rack tokens for sale

$
0
0

Hi,

I passed my CCIE and I have a lot of rack tokens that i do not need any more if anyone is interested just pm me

i have a total of 3000 tokens,  price is 600 USD for 1000 tokens

 

 

My LAB CRASHED DURING MY CCIE EXAM

$
0
0

Hi guys, I had taken my exam on 24th OCT 2014 and during my exam there was power outage and all the PC got rebooted with all other candidated and Proctor struggled 2 hours to make the lab back online but my lab portal was not  opening and again he struggled to make my lab portal open, and he succeeded to bring back me my lab portal but my all results were messed up and the also the router session was messed up , opening R7 making R8 to open , i called Proctor to check and after spending 10 more minutes he told me sorry he cant do anything this is hardware failuer   and i cannot no more longer sit in teh lab and  can leave the exam room , and if i didnt get satisfactory result i may can open the case with cisco . Although i have completed my whole lab and had save each of my topics but they send me failed result. now i had opened my case with cisco and let C what they will do with me . any one can give me suggestions.

ASA inspection policies

$
0
0

Hi all; 

I changed my ASA to work in "transparent mode". now I can issue telnet from internal to dmz and outside. but after adding ICMP inspection rule, ICMP reply packets don't pass through ASA in return direction. my config is:

 

ciscoasa(config)# sh run

access-list TEST_ACL extended permit icmp 1.1.1.0 255.255.255.0 interface DMZ

!

class-map icmp-class

 match access-list TEST_ACL

!

policy-map ICMP_INSPECTION

 class ICMP_CLASS

  inspect icmp 

!

interface BVI1

 ip address 1.1.1.254 255.255.255.0 

!

firewall transparent

!

service-policy ICMP_INSPECTION interface INTERNAL

 

 

do I miss something?!

Per-user expectations: internet bandwidth needs

$
0
0

This may need to be in the Service-Provider sub-forum.

Does anyone have any insight into these numbers and predictions?    I am thinking that these numbers are really high, unless workers are always on the Internet.   If these numbers are real, there may be a lot of opportunity for local multimedia servers/gateways.

Any feedback is appreciated.  Thanks.

 

http://www.e-vergent.com/how-much-bandwidth-business-need/

A report call “The Broadband Imperative” shows that schools need 100Mbps for every 1,000 Internet users. The call for robust broadband in schools comes from the shift of learning to online platforms. The same is true for business.

Businesses that rely on online applications can fairly compare a student’s broadband bandwidth needs to the bandwidth needs of an employee. By comparing businesses to the well-researched education sector we can lay some ground rules for bandwidth demands today and in the future:

  • Businesses need 100Mbps per 1,000 users or 100Kbps per user.
  • By 2017 the report projects users will require 1Gbps per 1,000 students or 1Mbps per user
  • For high-definition video streaming each person requires 4Mbps of download speed.
  • For video conferencing (Skype, Google Hangouts, Go To Meeting, etc.) each person requires about 8Mbps of download speed.

6PE

$
0
0

I did not quite understand why we need to generate a  label for the ipv6 prefix.

 

Once packet reaches the PE, cannot it not just look at the ipv6 address and route the packet?

 

But it does not seem to work unless you send ipv6 label via bgp.


4/24/2015 2:45:23 PM

Bootcamp timing and strategy

$
0
0

Hi,

I wanted some advice from some of the experienced guys on the forum. I have completed my written and am studying hard for the lab with a view of sitting the exam (hopefully) in December this year. I have purchased the INE R&S bootcamp and currently trying to debate when I should do it. I am in currently in the midst of going through the ATC videos and Advanced Technologies Labs. My current plan of action is:

ATC videos/Theory/Advanced Technology Labs -> Bootcamp -> Foundation Labs -> Troubleshooting Labs -> Full Scale Labs

So the question is, does the order in this strategy/plan look reasonable or would you advise changing it?

Breakout Switch initial config

$
0
0

 

its a basic question but at the moment im a novice . so help really appreciated as just started my ccna journey  

during my free time im putting up my home lab with mixed hardware real routers +csr1000v and real switches .following is the list

Home pc with amd 8 core +16gb which will run

8 x CSR1000v (running on vmware workstion all bridged to one physical nic which gets plugged in sw1)

12 x 1841 (got it at the cost of upgrading the ram to 64 gb)(each router gets plugged in sw1)

so that completes the router

4 switches are:-

2 x 3550 24port

2 x 3750g 24 port

NOw i dont wann invest in breakout switch so plaaning to use sw1 (3750g) for the same

the following are the two inital config for the sw1 .(for interface 1-14)

 

 

http://ieoc.com/forums/p/29291/241264.aspx#241264

interface range fa0/1 - 14

switchport trunk encapsulation dot1q

switchport mode trunk


 

http://ieoc.com/forums/t/29291.aspx?PageIndex=38

Switchport mode dot1q-tunnel

Switchport access vlan 1

 

My question is which initial config need to be used and if its as per scenario can someone give me an example.

 

Also have a 2950switch if I use it as breakout switch Wat feature will I loose

 

 

CCNA Security - 640-554 IINS

$
0
0

Hello Christian,

I know this is not the right forum to check this but I could see you are active on this forum so just want to check with you.

Do you have any idea when videos for CCNA Security - 640-554 IINS will be released.

I am an AAP member and it says the videos will be released in April 2015, so I would like to sit on a live class for this.

 

Task 7.1

$
0
0

Task 7.1 has you configure LDP between Routers 3, 9 and 10.  My R10 has no output in 'show mpls forwarding-table', possibly because it really only has a default-route, due to Area 51 being a totally stubby area.

The task solutions show a /32 route (and label) for R9's loopback, but I can't find any other task anywhere that would have created this route.

Am I missing something?

Viewing all 10744 articles
Browse latest View live