IP CEF in a router
Hi Guys,
I am trying to understand more about how cef works in a router.
If we disable, cef and fast switching in a router, then all the packet will be processed by the hardware itself. ie, processing switching means the actual router hardware is taking care of the packets
CEF and fast-switching are software based packet switching. ie, in software, they have written which outgoing interface to select and how the L2 header is to be re-written.
Am I correct in my understanding?
CF
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
BTW, using Jon's example of the EoL 7200, all the NPEs did all packet forwarding using the main CPU. However the NSE-1 (and 7300s' NSE-100 and NSE-150) had special hardware, their PXF, to accelerate packet forwarding. (Also BTW, the ASR1K series, with its Quantum Flow hardware, is also special hardware to accelerate packet forwarding.)
Again, you need to examine sales literature and/or datasheets. Hardware acceleration is usually listed as a major feature. (Oh, one clue, if overall performance starts to exceed a couple of gig, special hardware is usually doing it.)
Similar Messages
-
How to allow ping from inside to outside in 2900 router?
Hi,
I have a Cisco router 2900 with firewall, i need to know how can i allow the ping from self zone to outside zone, i trried to create policy from self to outside but i still didn't allow ping or tracert, i get that message when i try to ping from cisco router:
"Unrecognized host or address, or protocol not running"
any help will be appreciated.
Thank youHi jcarvaja
here is the used configuration:
Building configuration...
Current configuration : 5584 bytes
! Last configuration change at 09:00:20 UTC Tue Apr 9 2013 by admin
version 15.1
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
no service password-encryption
service udp-small-servers
service tcp-small-servers
service sequence-numbers
hostname Router
boot-start-marker
boot-end-marker
security authentication failure rate 3 log
security passwords min-length 6
no logging buffered
no logging console
enable secret 5
no aaa new-model
no ipv6 cef
ip source-route
ip gratuitous-arps
ip icmp rate-limit unreachable 1
ip cef
ip name-server 163.121.128.134
ip name-server 163.121.128.135
ip port-map user-custom-fleet port tcp 2000 list 1
multilink bundle-name authenticated
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-324261422
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-324261422
revocation-check none
crypto pki certificate chain TP-self-signed-324261422
certificate self-signed 01
30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33323432 36313432 32301E17 0D313330 34303930 38343034
375A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3332 34323631
34323230 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
B8ABD60F 8C879B3B BC1C1643 48059AD2 F940A700 6D58161E 37D53E6E E028B806
61EAA942 CED2A3C6 3FB3A47E 20E05B10 0941A9D8 38FFA6F9 D2B9E52C 225A57BA
14F8842A A26E7E02 38E9F7C8 328504D0 5C3EEE41 CC75B237 BBD07CBA 1A850540
2A5AAFAD 4553FB03 0E366211 9AC09967 4DC03082 0AF546A3 F6AA2739 1D8A8AA9
02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F 0603551D
23041830 16801428 FEEB3910 B7A1D374 1F86BCD5 96CEDF75 8DF11E30 1D060355
1D0E0416 041428FE EB3910B7 A1D3741F 86BCD596 CEDF758D F11E300D 06092A86
4886F70D 01010405 00038181 006BBF7A 430905F6 D5B27B0D 96315504 87816DAA
B5EA86D9 6E9A1D58 7B328C88 A6A358D0 00D035A9 8CDDEC41 15AF0108 F5CB1072
B0485D7D CFC0D0CB 71E9B153 FB7B8B40 40C157E4 B254D01C 890D615F D8395545
F0B47E0B 57341EB2 C0CE0039 DC18EAD6 078986F0 A5A5D04F D5041DB6 23CAA002
4901248C 95B61A0B 3ED5B26A EF
quit
license udi pid CISCO2901/K9 sn FCZ1526C3JL
object-group service Outside-Reply
icmp echo-reply
username admin privilege 15 secret 5
redundancy
ip finger
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
class-map type inspect match-any Deny_ALL
match access-group name dwdwd
class-map type inspect match-any Inside-Outside
match protocol http
match protocol https
match protocol dns
class-map type inspect match-any ICMP_RQST
match protocol icmp
policy-map type inspect Inside-Outside
class type inspect Inside-Outside
inspect
class class-default
drop
policy-map type inspect Self_to_Outside
class type inspect ICMP_RQST
inspect
class class-default
drop
policy-map type inspect Outside_to_Self
class type inspect Deny_ALL
pass log
class class-default
drop
zone security IN
zone security OUT
zone-pair security Self_to_Outside source self destination OUT
service-policy type inspect Self_to_Outside
zone-pair security Outside_to_Self source OUT destination self
service-policy type inspect Outside_to_Self
zone-pair security Inside-Outside source IN destination OUT
service-policy type inspect Inside-Outside
interface GigabitEthernet0/0
ip address 101.101.100.245 255.255.255.0
ip mask-reply
ip directed-broadcast
ip flow ingress
duplex auto
speed auto
interface GigabitEthernet0/1
description $FW_INSIDE$
ip address 49.31.152.80 255.255.255.248
ip mask-reply
ip directed-broadcast
ip flow ingress
zone-member security IN
duplex auto
speed auto
interface Serial0/0/0
no ip address
ip mask-reply
ip directed-broadcast
ip flow ingress
encapsulation frame-relay IETF
no fair-queue
frame-relay lmi-type q933a
interface Serial0/0/0.16 point-to-point
description $FW_OUTSIDE$
ip address 172.17.18.122 255.255.255.252
ip mask-reply
ip directed-broadcast
ip flow ingress
ip verify unicast reverse-path
zone-member security OUT
frame-relay interface-dlci 16
interface Serial0/0/1
no ip address
ip mask-reply
ip directed-broadcast
ip flow ingress
shutdown
clock rate 2000000
ip forward-protocol nd
ip http server
ip http access-class 2
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 Serial0/0/0.16
ip identd
ip access-list extended ICMP
remark CCP_ACL Category=128
permit ip any any
ip access-list extended deeef
remark CCP_ACL Category=128
permit ip any any
ip access-list extended dwdwd
remark CCP_ACL Category=1
permit object-group Outside-Reply any any
access-list 1 remark CCP_ACL Category=1
access-list 1 permit 196.219.234.77
access-list 2 remark Auto generated by SDM Management Access feature
access-list 2 remark CCP_ACL Category=1
access-list 2 permit 101.101.100.0 0.0.0.255
access-list 2 permit 10.20.10.0 0.0.1.255
no cdp run
control-plane
line con 0
login local
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
login local
transport input all
line vty 5 15
login local
transport input all
scheduler allocate 20000 1000
end -
How to get the number of routes in MLS L3SW table with SNMP
Hello experts,
Is there any way to get the number of routes in the MLS-hardware Layer 3-switching table with SNMP, like with CLI command "show mls cef summary"?
If possible, please let me know the OID and which MIB do I use.
[e.g.]
#show mls cef summary
Total routes: 400000
<omit>
====
Device : C6509E
IOS : s72033-advipservicesk9_wan-mz.122-33.SXH3a.bin
====
Thank you,function buttonClick()
var table = profileTable;
var lnRow = table.rows.length;
var insertedRow = table.insertRow(parseFloat(lnRow));
var cell1 = insertedRow.insertCell();
cell1.innerHTML ="<tr><td><Input type=\"hidden\" >>>name=\"rowNum\" value="+cnt"+></td></tr>";
document.profileform.submit;
on submit it goes to the second page, but the value i got using >>>System.out.println("row number from text >>>box"+request.getParameter("rowNum")); is null. What is wrong with >>>my coding. Can anyone solve this.HI carry
Check the value of bold data
function buttonClick()
var table = profileTable;
var lnRow = table.rows.length;
var insertedRow = table.insertRow(parseFloat(lnRow));var cnt=inRow
var cell1 = insertedRow.insertCell();
cell1.innerHTML ="<tr><td><Input type=\"hidden\" >>>name=\"rowNum\" value="+cnt+"></td></tr>";
document.profileform.submit;
}try with it -
CALL DOES NOT ROUTE OUT THE LOCAL GATEWAY
Local calls will not route out the local Gateway of branch1 to the PSTN or from the PSTN back to branch1, however they will route out either CorpHQ or branch2 backup gateways. When I go into the route group configuration for branch1, and remove the backup gateways, I get a fast busy tone when I dial the local number. I know the MGCP Gateway at branch1 is functioning because when I dial 911 and run debug ISDN Q931, the call routes properly through branch1, so I have a call routing problem. I ran DNA and it came back as ROUTE THIS PATTERN and all of the number translations looked accurate, so I didn't have to check for any block patterns. I'm not getting any errors on the calling party phone display. When I deleted the route pattern for the branch1 site and forced it to use the global route pattern, I received a debug output on branch1. I do not know a debug command (such as debug voip dial-peer or debug ccsip messages) to use for an MGCP Gateway to see if the call is actually reaching the Gateway.
I have checked the following:
the route pattern configuration
the translation pattern configuration
the called party transformation pattern configuration
the route list configuration to make sure the correct route group for branch1 was selected
the route group configuration to make sure that the branch1 Gateway was first in the order of selected devices
the route pattern configuration to make sure the correct route list for branch1 ist selected
the Gateway configuration to make sure it's using the device pool for branch1 and to make sure the called party transformation CSS for the branch1 Gateway is applied
the device pool configuration to make sure it's using the route group branch1
Any assistance would be greatly appreciated
Regards,
RonHi Nishant:
Please see the attachments for the Gateway pages
The significant digits for inbound calls for all 3 gateways is '4'
Please see the running-configs of the 3 gateways and the PSTN
Please see the debugs for the INBOUND calls
Many Thanks,
Ron
The following INBOUND call from the PSTN to 2065011001 is now working, however it is supposed to be routing through CorpHQ and is instead routing through Branch1. Please see 'DEBUG VOIP CCAPI INOUT' & 'DEBUG ISDN Q931'
Branch1#
ISDN Se0/0/0:23 Q931: RX <- DISCONNECT pd = 8 callref = 0x0096
Cause i = 0x8290 - Normal call clearing
//22/xxxxxxxxxxxx/CCAPI/ccCallReportDigits:
(callID=0x16, digit_event=0x0, enable=FALSE, consume=FALSE)
//22/5A001212800B/CCAPI/ccCallReportDigits:
Enabled=TRUE, Call Id=22
//22/xxxxxxxxxxxx/CCAPI/cc_api_call_report_digits_done:
(vdbPtr=0x49E07FD4, callID=0x16, disp=0, digit_event=0x0, enable=FALSE, consume=FALSE)
//22/5A001212800B/CCAPI/cc_api_call_report_digits_done:
Enabled=TRUE, Disposition=0x0, Interface=0x49E07FD4, Call Id=22
//22/5A001212800B/CCAPI/cc_api_call_report_digits_done:
Call Entry(Initial Digit Timeout=4000(ms), Inter Digit Timeout=4000(ms))
//22/5A001212800B/CCAPI/ccGenerateToneInfo:
Stop Tone On Digit=FALSE, Tone=Null,
Tone Direction=Network, Params=0x0, Call Id=22
//23/5A001212800B/CCAPI/ccGetCallStatistics:
Call Stats=0x4A5346FC, Call Id=23
//22/5A001212800B/CCAPI/ccConferenceDestroy:
Conference Id=0xC, Tag=0x0
//22/xxxxxxxxxxxx/CCAPI/cc_api_bridge_drop_done:
Conference Id=0xC, Source Interface=0x49E07FD4, Source Call Id=22,
Destination Call Id=23, Disposition=0x0, Tag=0x0
//23/xxxxxxxxxxxx/CCAPI/cc_api_bridge_drop_done:
Conference Id=0xC, Source Interface=0x495BABA4, Source Call Id=23,
Destination Call Id=22, Disposition=0x0, Tag=0x0
//22/5A001212800B/CCAPI/cc_generic_bridge_done:
Conference Id=0xC, Source Interface=0x495BABA4, Source Call Id=23,
Destination Call Id=22, Disposition=0x0, Tag=0x0
//22/5A001212800B/CCAPI/ccCallDisconnect:
Cause Value=16, Tag=0x0, Call Entry(Previous Disconnect Cause=0, Disconnect Cause=0)
//22/5A001212800B/CCAPI/ccCallDisconnect:
Cause Value=16, Call Entry(Responsed=TRUE, Cause Value=16)
//22/5A001212800B/CCAPI/cc_api_get_transfer_info:
Transfer Number Is Null
//23/5A001212800B/CCAPI/ccCallDisconnect:
Cause Value=16, Tag=0x0, Call Entry(Previous Disconnect Cause=0, Disconnect Cause=0)
//23/5A001212800B/CCAPI/ccCallDisconnect:
Cause Value=16, Call Entry(Responsed=TRUE, Cause Value=16)
//23/5A001212800B/CCAPI/cc_api_call_disconnect_done:
Disposition=0, Interface=0x495BABA4, Tag=0x0, Call Id=23,
Call Entry(Disconnect Cause=16, Voice Class Cause Code=0, Retry Count=0)
//23/5A001212800B/CCAPI/cc_api_call_disconnect_done:
Call Disconnect Event Sent
//-1/xxxxxxxxxxxx/CCAPI/cc_free_feature_vsa:
:cc_free_feature_vsa freeing 4821DDE8
//-1/xxxxxxxxxxxx/CCAPI/cc_free_feature_vsa:
vsacount in free is 1
//22/5A001212800B/CCAPI/cc_api_call_disconnect_done:
Disposition=0, Interface=0x49E07FD4, Tag=0x0, Call Id=22,
Call Entry(Disconnect Cause=16, Voice Class Cause Code=0, Retry Count=0)
//22/5A001212800B/CCAPI/cc_api_call_disconnect_done:
Call Disconnect Event Sent
//-1/xxxxxxxxxxxx/CCAPI/cc_free_feature_vsa:
:cc_free_feature_vsa freeing 4821DEC8
//-1/xxxxxxxxxxxx/CCAPI/cc_free_feature_vsa:
vsacount in free is 0
ISDN Se0/0/0:23 Q931: TX -> RELEASE pd = 8 callref = 0x8096
ISDN Se0/0/0:23 Q931: RX <- RELEASE_COMP pd = 8 callref = 0x0096
ISDN Se0/0/0:23 Q931: RX <- SETUP pd = 8 callref = 0x0097
Bearer Capability i = 0x8090A2
Standard = CCITT
Transfer Capability = Speech
Transfer Mode = Circuit
Transfer Rate = 64 kbit/s
Channel ID i = 0xA18381
Preferred, Channel 1
Progress Ind i = 0x8183 - Origination address is non-ISDN
Display i = 'Seattle US Phone'
Calling Party Number i = 0x4180, '2065015111'
Plan:ISDN, Type:Subscriber(local)
Called Party Number i = 0xC1, '2065011001'
Plan:ISDN, Type:Subscriber(local)
//-1/xxxxxxxxxxxx/CCAPI/ccIFCallSetupRequestPrivate:
Interface=0x49E07FD4, Interface Type=6, Destination=, Mode=0x9,
Call Params(Calling Number=,(Calling Name=)(TON=Unknown, NPI=Unknown, Screening=Not Screened, Presentation=Allowed),
Called Number=(TON=Unknown, NPI=Unknown), Calling Translated=FALSE,
Subscriber Type Str=, FinalDestinationFlag=FALSE, Outgoing Dial-peer=0, Call Count On=FALSE,
Source Trkgrp Route Label=, Target Trkgrp Route Label=, tg_label_flag=0, Application Call Id=D000000002f5368f000000F580000097)
//-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:
:cc_get_feature_vsa malloc success
//-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:
cc_get_feature_vsa count is 1
//-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:
:FEATURE_VSA attributes are: feature_name:0,feature_time:1210179280,feature_id:24
//24/74820328800C/CCAPI/ccIFCallSetupRequestPrivate:
SPI Call Setup Request Is Success; Interface Type=6, FlowMode=1
//24/74820328800C/CCAPI/ccCallSetContext:
Context=0x4A524790
//-1/xxxxxxxxxxxx/CCAPI/ccIFCallSetupRequestPrivate:
Interface=0x495BABA4, Interface Type=9, Destination=0.0.0.0, Mode=0x9,
Call Params(Calling Number=,(Calling Name=)(TON=Unknown, NPI=Unknown, Screening=Not Screened, Presentation=Allowed),
Called Number=(TON=Unknown, NPI=Unknown), Calling Translated=FALSE,
Subscriber Type Str=, FinalDestinationFlag=FALSE, Outgoing Dial-peer=0, Call Count On=TRUE,
Source Trkgrp Route Label=, Target Trkgrp Route Label=, tg_label_flag=0, Application Call Id=D000000002f5368f000000F580000097)
//-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:
:cc_get_feature_vsa malloc success
//-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:
cc_get_feature_vsa count is 2
//-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:
:FEATURE_VSA attributes are: feature_name:0,feature_time:1210179056,feature_id:25
//25/74820328800C/CCAPI/ccIFCallSetupRequestPrivate:
SPI Call Setup Request Is Success; Interface Type=9, FlowMode=1
//25/74820328800C/CCAPI/ccCallSetContext:
Context=0x4A524580
//25/74820328800C/CCAPI/cc_api_call_connected:
Interface=0x495BABA4, Data Bitmask=0x0, Progress Indication=NULL(0),
Connection Handle=0
//25/74820328800C/CCAPI/cc_api_call_connected:
Call Entry(Connected=TRUE, Responsed=TRUE, Retry Count=0)
//24/74820328800C/CCAPI/cc_api_call_proceeding:
Interface=0x49E07FD4, Progress Indication=NULL(0)
//24/74820328800C/CCAPI/cc_api_call_connected:
Interface=0x49E07FD4, Data Bitmask=0x1, Progress Indication=DESTINATION IS NON ISDN(2),
Connection Handle=0
//24/74820328800C/CCAPI/cc_api_call_connected:
Call Entry(Connected=TRUE, Responsed=TRUE, Retry Count=0)
//24/74820328800C/CCAPI/ccCallModify:
Nominator=0x1000, Params=0x4A2E7368, Call Id=24
//24/xxxxxxxxxxxx/CCAPI/ccCallReportDigits:
(callID=0x18, digit_event=0x1, enable=TRUE, consume=FALSE)
//24/74820328800C/CCAPI/ccCallReportDigits:
Enabled=TRUE, Call Id=24
//24/xxxxxxxxxxxx/CCAPI/cc_api_call_report_digits_done:
(vdbPtr=0x49E07FD4, callID=0x18, disp=0, digit_event=0x1, enable=TRUE, consume=FALSE)
//24/74820328800C/CCAPI/cc_api_call_report_digits_done:
Enabled=TRUE, Disposition=0x0, Interface=0x49E07FD4, Call Id=24
//24/74820328800C/CCAPI/cc_api_call_report_digits_done:
Call Entry(Initial Digit Timeout=15000(ms), Inter Digit Timeout=10000(ms))
//24/xxxxxxxxxxxx/CCAPI/ccConferenceCreate:
(confID=0x4A2E757C, callID1=0x18, callID2=0x19, tag=0x0)
//24/xxxxxxxxxxxx/CCAPI/ccConferenceCreate:
(confID=0x4A2E757C, callID1=0x18, gcid=0-0-0-0, tag=0x0)
//25/xxxxxxxxxxxx/CCAPI/ccConferenceCreate:
(confID=0x4A2E757C, callID2=0x19, gcid=0-0-0-0, tag=0x0)
//24/74820328800C/CCAPI/ccConferenceCreate:
Conference Id=0x4A2E757C, Call Id1=24, Call Id2=25, Tag=0x0
//24/xxxxxxxxxxxx/CCAPI/cc_api_bridge_done:
Conference Id=0xD, Source Interface=0x49E07FD4, Source Call Id=24,
Destination Call Id=25, Disposition=0x0, Tag=0xFFFFFFFF
//25/xxxxxxxxxxxx/CCAPI/cc_api_bridge_done:
Conference Id=0xD, Source Interface=0x495BABA4, Source Call Id=25,
Destination Call Id=24, Disposition=0x0, Tag=0x0
//24/74820328800C/CCAPI/cc_generic_bridge_done:
Conference Id=0xD, Source Interface=0x495BABA4, Source Call Id=25,
Destination Call Id=24, Disposition=0x0, Tag=0x0
//24/74820328800C/CCAPI/ccConferenceCreate:
Call Entry(Conference Id=0xD, Destination Call Id=25)
//25/74820328800C/CCAPI/ccConferenceCreate:
Call Entry(Conference Id=0xD, Destination Call Id=24)
//24/74820328800C/CCAPI/cc_api_caps_ind:
Destination Interface=0x495BABA4, Destination Call Id=25, Source Call Id=24,
Caps(Codec=0x1, Fax Rate=0x1, Vad=0x1,
Modem=0x2, Codec Bytes=20, Signal Type=3)
//24/74820328800C/CCAPI/cc_api_caps_ind:
Caps(Playout Mode=1, Playout Initial=60(ms), Playout Min=40(ms),
Playout Max=1000(ms), Fax Nom=300(ms))
//25/74820328800C/CCAPI/cc_api_caps_ind:
Destination Interface=0x49E07FD4, Destination Call Id=24, Source Call Id=25,
Caps(Codec=0x4, Fax Rate=0x2, Vad=0x1,
Modem=0x0, Codec Bytes=20, Signal Type=2)
//25/74820328800C/CCAPI/cc_api_caps_ind:
Caps(Playout Mode=1, Playout Initial=60(ms), Playout Min=40(ms),
Playout Max=1000(ms), Fax Nom=300(ms))
//25/74820328800C/CCAPI/cc_api_caps_ack:
Destination Interface=0x49E07FD4, Destination Call Id=24, Source Call Id=25,
Caps(Codec=g729r8(0x4), Fax Rate=FAX_RATE_VOICE(0x2), Vad=OFF(0x1),
Modem=OFF(0x0), Codec Bytes=20, Signal Type=2, Seq Num Start=9314)
//24/74820328800C/CCAPI/cc_api_caps_ack:
Destination Interface=0x495BABA4, Destination Call Id=25, Source Call Id=24,
Caps(Codec=g729r8(0x4), Fax Rate=FAX_RATE_VOICE(0x2), Vad=OFF(0x1),
Modem=OFF(0x0), Codec Bytes=20, Signal Type=2, Seq Num Start=9314)
//24/74820328800C/CCAPI/cc_api_call_modify_done:
Result=0, Interface=0x49E07FD4, Call Id=24
//24/74820328800C/CCAPI/cc_api_voice_mode_event:
Call Id=24
//24/74820328800C/CCAPI/cc_api_voice_mode_event:
Call Entry(Context=0x4A524790)
//24/74820328800C/CCAPI/cc_process_notify_bridge_done:
Conference Id=0xD, Call Id1=24, Call Id2=25
//24/74820328800C/CCAPI/ccSetDigitTimeouts:
Initial Digit Timeout=4000(ms), Inter Digit Timeout=4000(ms)
//24/74820328800C/CCAPI/ccSetDigitTimeouts:
Call Entry(Inter Digit Timeout=4000(ms), Initial Digit Timeout=4000(ms))
//24/74820328800C/CCAPI/ccRestartDigitTimeoutMsec:
Digit Timeout=0, Call Id=24
//24/xxxxxxxxxxxx/CCAPI/ccCallReportDigits:
(callID=0x18, digit_event=0x1, enable=TRUE, consume=FALSE)
//24/74820328800C/CCAPI/ccCallReportDigits:
Enabled=TRUE, Call Id=24
//24/xxxxxxxxxxxx/CCAPI/cc_api_call_report_digits_done:
(vdbPtr=0x49E07FD4, callID=0x18, disp=0, digit_event=0x1, enable=TRUE, consume=FALSE)
//24/74820328800C/CCAPI/cc_api_call_report_digits_done:
Enabled=TRUE, Disposition=0x0, Interface=0x49E07FD4, Call Id=24
//24/74820328800C/CCAPI/cc_api_call_report_digits_done:
Call Entry(Initial Digit Timeout=4000(ms), Inter Digit Timeout=4000(ms))
ISDN Se0/0/0:23 Q931: TX -> CALL_PROC pd = 8 callref = 0x8097
Channel ID i = 0xA98381
Exclusive, Channel 1
//24/74820328800C/CCAPI/ccCallModify:
Nominator=0x1000, Params=0x4A2E6E68, Call Id=24
//24/74820328800C/CCAPI/cc_api_call_modify_done:
Result=0, Interface=0x49E07FD4, Call Id=24
ISDN Se0/0/0:23 Q931: TX -> ALERTING pd = 8 callref = 0x8097
Progress Ind i = 0x8088 - In-band info or appropriate now available
//24/74820328800C/CCAPI/ccGenerateToneInfo:
Stop Tone On Digit=FALSE, Tone=Ring Back,
Tone Direction=Network, Params=0x0, Call Id=24
//24/74820328800C/CCAPI/cc_handle_inter_digit_timer:
Generate inter-digit timeout CC_EV_CALL_DIGIT_END event
The following INBOUND call from the PSTN to 5126022001 fails and is supposed to be routing through Branch1 and is instead routing through CorpHQ. Please see 'DEBUG VOIP CCAPI INOUT'
CorpHQ#
//-1/A31ADF52800B/CCAPI/cc_api_display_ie_subfields:
cc_api_call_setup_ind_common:
cisco-username=
----- ccCallInfo IE subfields -----
cisco-ani=5126026222
cisco-anitype=4
cisco-aniplan=1
cisco-anipi=0
cisco-anisi=0
dest=5126022001
cisco-desttype=4
cisco-destplan=1
cisco-rdie=FFFFFFFF
cisco-rdn=
cisco-lastrdn=
cisco-rdntype=-1
cisco-rdnplan=-1
cisco-rdnpi=-1
cisco-rdnsi=-1
cisco-redirectreason=-1 fwd_final_type =0
final_redirectNumber =
hunt_group_timeout =0
//-1/A31ADF52800B/CCAPI/cc_api_call_setup_ind_common:
Interface=0x49F42894, Call Info(
Calling Number=5126026222,(Calling Name=)(TON=Subscriber, NPI=ISDN, Screening=Not Screened, Presentation=Allowed),
Called Number=5126022001(TON=Subscriber, NPI=ISDN),
Calling Translated=FALSE, Subscriber Type Str=RegularLine, FinalDestinationFlag=TRUE,
Incoming Dial-peer=1, Progress Indication=ORIGINATING SIDE IS NON ISDN(3), Calling IE Present=TRUE,
Source Trkgrp Route Label=, Target Trkgrp Route Label=, CLID Transparent=FALSE), Call Id=-1
//-1/A31ADF52800B/CCAPI/ccCheckClipClir:
In: Calling Number=5126026222(TON=Subscriber, NPI=ISDN, Screening=Not Screened, Presentation=Allowed)
//-1/A31ADF52800B/CCAPI/ccCheckClipClir:
Out: Calling Number=5126026222(TON=Subscriber, NPI=ISDN, Screening=Not Screened, Presentation=Allowed)
//-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:
:cc_get_feature_vsa malloc success
//-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:
cc_get_feature_vsa count is 1
//-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:
:FEATURE_VSA attributes are: feature_name:0,feature_time:1241383960,feature_id:13
//13/A31ADF52800B/CCAPI/cc_api_call_setup_ind_common:
Set Up Event Sent;
Call Info(Calling Number=5126026222(TON=Subscriber, NPI=ISDN, Screening=Not Screened, Presentation=Allowed),
Called Number=5126022001(TON=Subscriber, NPI=ISDN))
//13/A31ADF52800B/CCAPI/cc_process_call_setup_ind:
Event=0x497D0010
//-1/xxxxxxxxxxxx/CCAPI/cc_setupind_match_search:
Try with the demoted called number 5126022001
//13/A31ADF52800B/CCAPI/ccCallSetContext:
Context=0x4A131A54
//13/A31ADF52800B/CCAPI/cc_process_call_setup_ind:
>>>>CCAPI handed cid 13 with tag 1 to app "_ManagedAppProcess_Default"
//13/A31ADF52800B/CCAPI/ccCallProceeding:
Progress Indication=NULL(0)
//13/A31ADF52800B/CCAPI/ccCallDisconnect:
Cause Value=1, Tag=0x0, Call Entry(Previous Disconnect Cause=0, Disconnect Cause=0)
//13/A31ADF52800B/CCAPI/ccCallDisconnect:
Cause Value=1, Call Entry(Responsed=TRUE, Cause Value=1)
//13/A31ADF52800B/CCAPI/cc_api_get_transfer_info:
Transfer Number Is Null
//13/A31ADF52800B/CCAPI/cc_api_call_disconnect_done:
Disposition=0, Interface=0x49F42894, Tag=0x0, Call Id=13,
Call Entry(Disconnect Cause=1, Voice Class Cause Code=0, Retry Count=0)
//13/A31ADF52800B/CCAPI/cc_api_call_disconnect_done:
Call Disconnect Event Sent
//-1/xxxxxxxxxxxx/CCAPI/cc_free_feature_vsa:
:cc_free_feature_vsa freeing 49FE0410
//-1/xxxxxxxxxxxx/CCAPI/cc_free_feature_vsa:
vsacount in free is 0
PSTN#sh run
Building configuration...
Current configuration : 13975 bytes
! No configuration change since last restart
version 12.4
no service pad
no service timestamps debug uptime
no service timestamps log uptime
no service password-encryption
hostname PSTN
boot-start-marker
boot-end-marker
card type e1 0 0
card type t1 0 1
logging message-counter syslog
no aaa new-model
clock timezone EST -5
clock summer-time EST recurring
network-clock-participate wic 0
network-clock-participate wic 1
no network-clock-participate aim 0
dot11 syslog
ip source-route
ip cef
no ip domain lookup
ip domain name att.com
ip name-server 177.1.100.110
ip multicast-routing
no ipv6 cef
multilink bundle-name authenticated
isdn switch-type primary-ni
voice service voip
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
redirect ip2ip
fax protocol cisco
sip
bind control source-interface Loopback10
bind media source-interface Loopback10
header-passing
voice translation-rule 101
rule 1 /^\+.*/ //
rule 2 /^501.*/ //
rule 3 /^1206.*/ //
rule 4 /^00.*/ //
rule 5 /^0011.*/ //
rule 6 /^206/ /1206/
rule 7 /^1512.*/ /\0/
rule 8 /^011\(.*\)/ /\1/
voice translation-rule 102
rule 1 /^1\(2065015111\)$/ /\1/ type any subscriber plan any isdn
rule 2 /^1\(2065015555\)$/ /\1/ type any subscriber plan any isdn
rule 3 /^1\(2065015151\)$/ /\1/ type any subscriber plan any isdn
rule 4 /^1\(5126026222\)$/ /\1/ type any national plan any isdn
rule 5 /^31670357575$/ /&/ type any international plan any isdn
rule 6 /^31207037333$/ /&/ type any international plan any isdn
rule 7 /^31107047444$/ /&/ type any international plan any isdn
rule 8 /^911$/ /&/ type any unknown plan any unknown
rule 9 /^15126022.../ /&/ type any unknown plan any unknown
rule 10 /^31207033.../ /&/ type any unknown plan any unknown
rule 11 /^....$/ /&/ type any unknown plan any unknown
voice translation-rule 103
rule 1 /^206.*/ /&/ type any subscriber plan any isdn
rule 2 /^1/ // type any national plan any isdn
rule 3 /^00/ // type any international plan any isdn
voice translation-rule 201
rule 1 /^\+.*/ //
rule 2 /^602.*/ //
rule 3 /^1512.*/ //
rule 4 /^00.*/ //
rule 5 /^0011.*/ //
rule 6 /^512/ /1&/
rule 7 /^1206.*/ /&/
rule 8 /^011\(31.*\)/ /\1/
voice translation-rule 202
rule 1 /^1\(5126026222\)$/ /\1/ type any subscriber plan any isdn
rule 2 /^1\(2065015555\)$/ /\1/ type any national plan any isdn
rule 3 /^1\(2065015151\)$/ /\1/ type any national plan any isdn
rule 4 /^1\(2065015111\)$/ /\1/ type any national plan any isdn
rule 5 /^31670357575$/ /&/ type any international plan any isdn
rule 6 /^31207037333$/ /&/ type any international plan any isdn
rule 7 /^31107047444$/ /&/ type any international plan any isdn
rule 8 /^911$/ /&/ type any unknown plan any unknown
rule 9 /^12065011.../ /&/ type any unknown plan any unknown
rule 10 /^31207033.../ /&/ type any unknown plan any unknown
rule 11 /^....$/ /&/ type any unknown plan any unknown
voice translation-rule 203
rule 1 /^512.*/ /&/ type any subscriber plan any isdn
rule 2 /^1/ // type any national plan any isdn
rule 3 /^00/ // type any international plan any isdn
voice translation-rule 301
rule 1 /^\+.*/ //
rule 2 /^20.*/ //
rule 3 /^0\([1-8].*\)/ /31\1/
rule 4 /^011/ //
rule 5 /^0031/ //
rule 6 /^703..../ /3120&/
rule 7 /^00\(1.*\)/ /\1/
voice translation-rule 302
rule 1 /^31207037333$/ /7037333/ type any subscriber plan any isdn
rule 2 /^7033\(...\)$/ /0207033\1/
rule 3 /^911$/ /112/ type any unknown plan any unknown
rule 4 /^31\(670357575\)$/ /0\1/ type any national plan any isdn
rule 5 /^31\(107047444\)$/ /0\1/ type any national plan any isdn
rule 6 /^12065015555$/ /&/ type any international plan any isdn
rule 7 /^12065015151$/ /&/ type any international plan any isdn
rule 8 /^12065015111$/ /&/ type any international plan any isdn
rule 9 /^15126026222$/ /&/ type any international plan any isdn
rule 10 /^12065011...$/ /&/ type any unknown plan any unknown
rule 11 /^15126022...$/ /&/ type any unknown plan any unknown
rule 12 /^....$/ /&/ type any unknown plan any unknown
voice translation-rule 303
rule 1 /^703.*/ /&/ type any subscriber plan any isdn
rule 2 /^010/ // type any national plan any isdn
rule 3 /^1/ // type any international plan any isdn
voice translation-rule 1000
rule 1 /.*\(1...$\)/ /206501\1/
rule 2 /.*\(2...$\)/ /512602\1/
rule 3 /.*\(45..$\)/ /020757\1/
voice translation-rule 1001
rule 1 /^1206...5...$/ /+&/
rule 2 /^1512...6...$/ /+&/
rule 3 /^31.0...7...$/ /+&/
voice translation-profile 1-HQ-Change_DNIS-Check_ANI
translate called 101
voice translation-profile 1-HQ-Proper_Types
translate calling 102
translate called 103
voice translation-profile 2-BR1-Change_DNIS-Check_ANI
translate called 201
voice translation-profile 2-BR1-Proper_Types
translate calling 202
translate called 203
voice translation-profile 3-BR2-Change_DNIS-Check_ANI
translate called 301
voice translation-profile 3-BR2-Proper_Types
translate calling 302
translate called 303
voice translation-profile SIP-NORMALIZE-DNIS-ANI
translate calling 1001
translate called 1000
voice-card 0
dspfarm
archive
log config
hidekeys
controller E1 0/0/0
clock source internal
pri-group timeslots 1-3,16
description == Voice Circuit to Branch2
controller T1 0/1/0
clock source internal
cablelength long 0db
pri-group timeslots 1-3,24
description == Voice Circuit to CorpHQ
controller T1 0/1/1
clock source internal
cablelength long 0db
pri-group timeslots 1-3,24
description == Voice Circuit to Branch1
interface Loopback0
ip address 177.1.254.254 255.255.255.255
interface Loopback10
ip address 177.1.254.250 255.255.255.255
interface Loopback11
ip address 177.1.254.251 255.255.255.255
interface FastEthernet0/0
description ==TO INTERNET==
ip address 192.168.1.150 255.255.255.0
duplex auto
speed auto
interface FastEthernet0/1
description === To HQ
ip address 177.1.19.1 255.255.255.0
duplex auto
speed auto
interface Serial0/0/0:15
description == PRI Circuit to R3-BR2
no ip address
encapsulation hdlc
isdn switch-type primary-net5
isdn protocol-emulate network
isdn incoming-voice voice
isdn negotiate-bchan resend-setup
no isdn outgoing ie network-facility
isdn outgoing display-ie
no cdp enable
interface Serial0/1/0:23
description == PRI Circuit to R1-HQ
no ip address
encapsulation hdlc
isdn switch-type primary-5ess
isdn protocol-emulate network
isdn incoming-voice voice
isdn negotiate-bchan
isdn outgoing display-ie
no cdp enable
interface Serial0/1/1:23
description == PRI Circuit to R2-BR1
no ip address
encapsulation hdlc
isdn switch-type primary-ni
isdn protocol-emulate network
isdn incoming-voice voice
isdn supp-service name calling
isdn negotiate-bchan resend-setup
isdn outgoing ie network-facility
no cdp enable
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip http server
ip http authentication local
no ip http secure-server
ip http path flash:
control-plane
voice-port 0/0/0:15
translation-profile incoming 3-BR2-Change_DNIS-Check_ANI
description == Voice PRI to Branch2
voice-port 0/1/0:23
translation-profile incoming 1-HQ-Change_DNIS-Check_ANI
description == Voice PRI to CorpHQ
voice-port 0/1/1:23
translation-profile incoming 2-BR1-Change_DNIS-Check_ANI
description == Voice PRI to Branch1
dial-peer voice 1 pots
description == All inbound calls from HQ BR1 BR2 into PSTN
incoming called-number .
direct-inward-dial
dial-peer voice 101 pots
description == Subscriber Calls from PSTN into CorpHQ
translation-profile outgoing 1-HQ-Proper_Types
preference 1
destination-pattern ^2065011...$
direct-inward-dial
port 0/1/0:23
forward-digits 10
dial-peer voice 102 pots
description == National Calls from PSTN into CorpHQ
translation-profile outgoing 1-HQ-Proper_Types
preference 1
destination-pattern ^12065011...$
direct-inward-dial
port 0/1/0:23
forward-digits 10
dial-peer voice 103 pots
description == International Calls into CorpHQ from PSTN Coming from NL Ph
translation-profile outgoing 1-HQ-Proper_Types
preference 1
destination-pattern ^0012065011...$
direct-inward-dial
port 0/1/0:23
forward-digits 10
dial-peer voice 104 pots
description == + Calls into CorpHQ from PSTN Coming from Mobiles
translation-profile outgoing 1-HQ-Proper_Types
preference 1
destination-pattern +12065011...$
direct-inward-dial
port 0/1/0:23
forward-digits 10
dial-peer voice 201 pots
description == Subscriber Calls from PSTN into Branch1
translation-profile outgoing 2-BR1-Proper_Types
preference 1
destination-pattern ^5126022...$
direct-inward-dial
port 0/1/1:23
forward-digits 10
dial-peer voice 202 pots
description == National Calls from PSTN into Branch1
translation-profile outgoing 2-BR1-Proper_Types
preference 1
destination-pattern ^15126022...$
direct-inward-dial
port 0/1/1:23
forward-digits 10
dial-peer voice 203 pots
description == International Calls into Branch1 from PSTN Coming from NL Ph
translation-profile outgoing 2-BR1-Proper_Types
preference 1
destination-pattern ^0015126022...$
direct-inward-dial
port 0/1/1:23
forward-digits 10
dial-peer voice 204 pots
description == + Calls into Branch1 from PSTN Coming from Mobiles
translation-profile outgoing 2-BR1-Proper_Types
preference 1
destination-pattern +15126022...$
direct-inward-dial
port 0/1/1:23
forward-digits 10
dial-peer voice 301 pots
description == Subscriber Calls from PSTN into Branch2
translation-profile outgoing 3-BR2-Proper_Types
destination-pattern ^7033...$
direct-inward-dial
port 0/0/0:15
forward-digits 7
dial-peer voice 302 pots
description == National Calls from PSTN into Branch2
translation-profile outgoing 3-BR2-Proper_Types
destination-pattern ^0207033...$
direct-inward-dial
port 0/0/0:15
forward-digits 10
dial-peer voice 303 pots
description == International Calls into Branch2 from PSTN Coming from US Ph
translation-profile outgoing 3-BR2-Proper_Types
destination-pattern ^01131207033...$
direct-inward-dial
port 0/0/0:15
forward-digits 9
prefix 0
dial-peer voice 304 pots
description == International Calls into Branch2 from PSTN Coming from US Ph
translation-profile outgoing 3-BR2-Proper_Types
destination-pattern ^31207033...$
direct-inward-dial
port 0/0/0:15
forward-digits 9
prefix 0
dial-peer voice 305 pots
description == + Calls into Branch2 from PSTN Coming from Mobiles
translation-profile outgoing 3-BR2-Proper_Types
destination-pattern +31207033...$
direct-inward-dial
port 0/0/0:15
forward-digits 9
prefix 0
dial-peer voice 1000 voip
description == Calls into AT&T SIP ITSP for VC Week1 Lab1
rtp payload-type nse 99
rtp payload-type nte 100
voice-class sip localhost dns:sip1.att.com
session protocol sipv2
incoming called-number .
dtmf-relay rtp-nte
codec g711ulaw
dial-peer voice 5000 voip
service aa
destination-pattern A5000
session target ipv4:177.1.254.254
incoming called-number A5000
dtmf-relay h245-alphanumeric
codec g711ulaw
no vad
num-exp 1888....... 911
num-exp 1900....... 911
num-exp 1976....... 911
num-exp 1777....... 911
num-exp 1444....... 911
num-exp 0800....... 911
num-exp 0900....... 911
sip-ua
telephony-service
no auto-reg-ephone
max-ephones 1
max-dn 10
ip source-address 177.1.254.254 port 2000
caller-id block code *67
system message You WILL PASS this Exam!
voicemail A5000
max-conferences 8 gain -6
call-forward pattern .T
dn-webedit
transfer-system full-consult
transfer-pattern .T
create cnf-files version-stamp 7960 Sep 01 2012 15:29:37
ephone-dn 1 dual-line
number 12065015111 secondary +12065015111
label Seattle, US +1 206 501 5111
description INE PSTN Phone
name Seattle US Phone
ephone-dn 2 dual-line
number 15126026222 secondary +15126026222
label Austin, US +1 512 602 6222
name Austin TX Phone
ephone-dn 3 dual-line
number 31207037333 secondary +31207037333
label Amsterdam, NL +31 20 703 73 33
name Amsterdam NL Phone
ephone-dn 4 dual-line
number 12065015555 secondary +12065015555
label Hurley Mobile +1 206 501 5555
name Hurley's Mobile
call-forward busy A5000
call-forward noan A5000 timeout 16
ephone-dn 5 dual-line
number 12065015151 secondary +12065015151
label Hurley's Home +1 206 501 5151
name Hurley's Home
call-forward busy A5000
call-forward noan A5000 timeout 12
ephone-dn 6 dual-line
number 31670357575 secondary +31670357575
label Sawyer's Mobile +31 6 70357575
name Sawyer's Mobile
call-forward busy A5000
call-forward noan A5000 timeout 16
ephone-dn 7 dual-line
number 911 secondary 112
label US/EU Emer/FreePhone/Prem
name Emergency Services
ephone-dn 8 dual-line
number 15126026262 secondary +15126026262
label BLinus Mobile +1 512 602 6262
name Benjamin Linus Mobile
call-forward busy A5000
call-forward noan A5000 timeout 16
ephone-dn 9 dual-line
number 31207037373 secondary +31207037373
label DHume Home +31 20 703 73 73
name Desmond Hume Home
call-forward busy A5000
call-forward noan A5000 timeout 16
ephone-dn 10 dual-line
number 31107047444 secondary +31107047444
label Rotterdam, NL +31 10 704 74 44
name Rotterdam NL Phone
ephone 1
device-security-mode none
mac-address A456.3040.0DAA
type 7975
button 1:1 2:2 3:3 4:10
button 5:6 6o7,8,5,4
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous level 0 limit 20
line aux 0
line vty 0 4
exec-timeout 0 0
privilege level 15
logging synchronous
no login
line vty 5 15
exec-timeout 0 0
privilege level 15
logging synchronous
no login
scheduler allocate 20000 1000
ntp source Loopback0
ntp master 10
ntp server 64.90.182.55
end
CorpHQ#sh run
Building configuration...
Current configuration : 6353 bytes
! No configuration change since last restart
version 12.4
no service pad
no service timestamps debug uptime
no service timestamps log uptime
no service password-encryption
hostname CorpHQ
boot-start-marker
boot-end-marker
logging message-counter syslog
no aaa new-model
clock timezone PST -8
clock summer-time PDT recurring
network-clock-participate wic 0
network-clock-select 1 T1 0/0/0
dot11 syslog
ip source-route
ip cef
ip dhcp excluded-address 177.1.11.1 177.1.11.14
ip dhcp excluded-address 177.1.11.21 177.1.11.254
ip dhcp excluded-address 177.2.11.1 177.2.11.14
ip dhcp excluded-address 177.2.11.21 177.2.11.254
ip dhcp pool CorpHQ-Phones
network 177.1.11.0 255.255.255.0
option 150 ip 177.1.10.10 177.1.10.20
default-router 177.1.11.1
dns-server 177.1.100.110
ip dhcp pool Branch1-Phones
network 177.2.11.0 255.255.255.0
option 150 ip 177.1.10.10 177.1.10.20
default-router 177.2.11.1
dns-server 177.1.100.110
no ip domain lookup
ip multicast-routing
no ipv6 cef
multilink bundle-name authenticated
isdn switch-type primary-ni
voice service voip
allow-connections h323 to h323
fax protocol cisco
sip
bind control source-interface Loopback0
bind media source-interface Loopback0
no update-callerid
voice class codec 1
codec preference 1 g711ulaw
codec preference 2 g711alaw
codec preference 3 g729r8
voice translation-rule 1
rule 1 // // type any subscriber plan any isdn
voice translation-rule 2
rule 1 // // type any national plan any isdn
voice translation-rule 3
rule 1 // // type any international plan any isdn
voice translation-rule 10
rule 1 /^[2-9].........$/ /9&/
rule 2 /^1[2-9].........$/ /9&/
rule 3 /^011/ /9&/
voice translation-profile MakeInternational
translate called 3
voice translation-profile MakeNational
translate called 2
voice translation-profile MakeSubscriber
translate called 1
voice translation-profile Prefix9_InFrom_CUCM
translate called 10
voice-card 0
dsp services dspfarm
archive
log config
hidekeys
controller T1 0/0/0
pri-group timeslots 1-3,24
description == Voice Circuit to PSTN
interface Loopback0
ip address 177.1.254.1 255.255.255.255
ip pim dense-mode
interface FastEthernet0/0
description == To CorpHQ-Switch
no ip address
duplex auto
speed auto
interface FastEthernet0/0.10
description == Server VLAN
encapsulation dot1Q 10
ip address 177.1.10.1 255.255.255.0
ip pim dense-mode
interface FastEthernet0/0.11
description == Voice VLAN
encapsulation dot1Q 11
ip address 177.1.11.1 255.255.255.0
ip helper-address 177.1.10.10
ip nbar protocol-discovery
ip pim dense-mode
interface FastEthernet0/0.12
description == Data VLAN
encapsulation dot1Q 12
ip address 177.1.12.1 255.255.255.0
interface FastEthernet0/0.13
description == PSTN PHONE VLAN
encapsulation dot1Q 13
ip address 177.1.13.1 255.255.255.0
interface FastEthernet0/1
description === To PSTN
ip address 177.1.19.254 255.255.255.0
duplex auto
speed auto
interface Serial0/0/0:23
no ip address
encapsulation hdlc
isdn switch-type primary-ni
isdn incoming-voice voice
no cdp enable
interface Serial0/1/0
description == Frame-Relay Circuit to WAN
no ip address
encapsulation frame-relay
fair-queue 64 256 36
cdp enable
frame-relay lmi-type ansi
ip rsvp bandwidth
interface Serial0/1/0.1 point-to-point
description == FR To BR1
bandwidth 384
ip address 177.0.101.1 255.255.255.0
ip pim dense-mode
snmp trap link-status
frame-relay interface-dlci 101
ip rsvp bandwidth 136
interface Serial0/1/0.2 point-to-point
description == FR To BR2
ip address 177.0.201.1 255.255.255.0
snmp trap link-status
frame-relay interface-dlci 102
ip rsvp bandwidth 136
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 177.1.19.1
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0.10
no ip http server
no ip http secure-server
control-plane
voice-port 0/0/0:23
voice-port 0/3/0
voice-port 0/3/1
ccm-manager music-on-hold
sccp local Loopback0
sccp ccm 177.1.10.10 identifier 1 priority 1 version 5.0.1
sccp ccm 177.1.10.20 identifier 2 priority 2 version 5.0.1
sccp ccm 177.1.254.3 identifier 3 priority 3 version 5.0.1
sccp
sccp ccm group 1
bind interface Loopback0
associate ccm 2 priority 1
associate ccm 1 priority 2
associate ccm 3 priority 3
associate profile 1 register CorpHQ-729-MTP
associate profile 2 register CorpHQ-711-MTP
associate profile 3 register CorpHQ-HW-Xcode
dspfarm profile 3 transcode
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
codec g729r8
codec g729br8
codec ilbc
maximum sessions 2
associate application SCCP
dspfarm profile 1 mtp
codec g729ar8
codec g729r8
rsvp
maximum sessions software 10
associate application SCCP
dspfarm profile 2 mtp
codec g711ulaw
rsvp
maximum sessions software 10
associate application SCCP
dial-peer voice 1 pots
incoming called-number .
direct-inward-dial
dial-peer voice 10 pots
translation-profile outgoing MakeSubscriber
destination-pattern 911
no digit-strip
port 0/0/0:23
dial-peer voice 11 pots
translation-profile outgoing MakeSubscriber
destination-pattern 9[2-9]..[2-9]......$
port 0/0/0:23
dial-peer voice 12 pots
translation-profile outgoing MakeNational
destination-pattern 91[2-9]..[2-9]......$
port 0/0/0:23
forward-digits 11
dial-peer voice 13 pots
translation-profile outgoing MakeInternational
destination-pattern 9011T
port 0/0/0:23
prefix 011
dial-peer voice 100 voip
description == Inbound/Outbound SIP PSTN GW From/To CUCM Pub
translation-profile incoming Prefix9_InFrom_CUCM
destination-pattern ^2065011...$
voice-class codec 1
session protocol sipv2
session target ipv4:177.1.10.10
incoming called-number .
ip qos dscp cs3 signaling
dial-peer hunt 1
sip-ua
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous level 0 limit 20
line aux 0
line vty 0 4
exec-timeout 0 0
privilege level 15
logging synchronous
no login
line vty 5 15
exec-timeout 0 0
privilege level 15
logging synchronous
no login
scheduler allocate 20000 1000
ntp source Loopback0
ntp master 2
ntp server 177.1.254.254
end
Branch1#sh run
Building configuration...
Current configuration : 3838 bytes
! Last configuration change at 01:19:02 CDT Thu Oct 10 2013
version 12.4
no service pad
no service timestamps debug uptime
no service timestamps log uptime
no service password-encryption
hostname Branch1
boot-start-marker
boot-end-marker
logging message-counter syslog
no aaa new-model
clock timezone CST -6
clock summer-time CDT recurring
network-clock-participate wic 0
network-clock-select 1 T1 0/0/0
dot11 syslog
ip source-route
ip cef
ip multicast-routing
no ipv6 cef
ntp update-calendar
ntp server 177.1.254.1
multilink bundle-name authenticated
isdn switch-type primary-ni
voice-card 0
dsp services dspfarm
archive
log config
hidekeys
controller T1 0/0/0
pri-group timeslots 1-3,24 service mgcp
interface Loopback0
ip address 177.1.254.2 255.255.255.255
interface FastEthernet0/0
no ip address
duplex auto
speed auto
interface FastEthernet0/0.11
description == Voice VLAN
encapsulation dot1Q 11
ip address 177.2.11.1 255.255.255.0
ip helper-address 177.1.254.1
ip pim dense-mode
interface FastEthernet0/0.12
description == Data VLAN
encapsulation dot1Q 12
ip address 177.2.12.1 255.255.255.0
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
interface Serial0/0/0:23
no ip address
encapsulation hdlc
isdn switch-type primary-ni
isdn incoming-voice voice
isdn supp-service name calling
isdn bind-l3 ccm-manager
isdn outgoing ie facility
isdn outgoing display-ie
isdn outgoing ie redirecting-number
no cdp enable
interface Serial0/1/0
description == Frame-Relay Circuit to WAN
no ip address
encapsulation frame-relay
fair-queue 64 256 37
cdp enable
no frame-relay inverse-arp
frame-relay lmi-type ansi
ip rsvp bandwidth
interface Serial0/1/0.1 point-to-point
description == FR To HQ
ip address 177.0.101.2 255.255.255.0
ip pim dense-mode
snmp trap link-status
frame-relay interface-dlci 101
ip rsvp bandwidth 136
interface Serial0/1/1
no ip address
shutdown
clock rate 2000000
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
voice-port 0/0/0:23
ccm-manager fallback-mgcp
ccm-manager redundant-host 177.1.10.10
ccm-manager mgcp
no ccm-manager fax protocol cisco
ccm-manager music-on-hold
mgcp
mgcp call-agent 177.1.10.20 service-type mgcp version 0.1
mgcp dtmf-relay voip codec all mode out-of-band
mgcp fax t38 ecm
mgcp bind control source-interface Loopback0
mgcp bind media source-interface Loopback0
mgcp profile default
sccp local Loopback0
sccp ccm 177.1.254.3 identifier 3 priority 3 version 5.0.1
sccp ccm 177.1.10.10 identifier 1 priority 1 version 5.0.1
sccp ccm 177.1.10.20 identifier 2 priority 2 version 5.0.1
sccp
sccp ccm group 1
bind interface Loopback0
associate ccm 2 priority 1
associate ccm 1 priority 2
associate ccm 3 priority 3
associate profile 3 register Br1-HW-Xcode
associate profile 1 register Br1-729-MTP
associate profile 2 register Br1-711-MTP
dspfarm profile 3 transcode
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
codec g729r8
codec g729br8
maximum sessions 2
associate application SCCP
dspfarm profile 1 mtp
codec g729ar8
codec g729r8
rsvp
maximum sessions software 10
associate application SCCP
dspfarm profile 2 mtp
codec g711ulaw
rsvp
maximum sessions software 10
associate application SCCP
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous level 0 limit 20
line aux 0
line vty 0 4
exec-timeout 0 0
privilege level 15
logging synchronous
no login
line vty 5 15
exec-timeout 0 0
privilege level 15
logging synchronous
no login
scheduler allocate 20000 1000
end
Branch2#sh run
Building configuration...
Current configuration : 5789 bytes
! No configuration change since last restart
version 12.4
no service pad
no service timestamps debug uptime
no service timestamps log uptime
no service password-encryption
hostname Branch2
boot-start-marker
boot system flash:c2800nm-advipservicesk9-mz.124-24.T7.bin
boot system flash:
boot-end-marker
card type e1 0 0
logging message-counter syslog
no aaa new-model
clock timezone CEST 1
clock summer-time CEDT recurring
network-clock-participate wic 0
no network-clock-participate aim 0
dot11 syslog
ip source-route
ip cef
no ip domain lookup
no ipv6 cef
multilink bundle-name authenticated
isdn switch-type primary-net5
voice service voip
no supplementary-service h225-notify cid-update
fax protocol cisco
voice class codec 1
codec preference 1 g711ulaw
codec preference 2 g711alaw
codec preference 3 g729r8
voice class custom-cptone JOIN-TONE
dualtone conference
frequency 300 3600
cadence 150 100 500
voice class custom-cptone LEAVE-TONE
dualtone conference
frequency 300 3600
cadence 500 100 150
voice translation-rule 1
rule 1 /^7033...$/ /020&/
voice translation-rule 10
rule 1 /^0/ /0&/
voice translation-rule 200
rule 1 /^206501...$/ /1&/
voice translation-profile 7DigitDNIS-to-10Digit
translate called 1
voice translation-profile Prefix0_InFrom_CUCM
translate called 10
voice translation-profile Prefix1-toCorpHQ-ANI
translate calling 200
voice-card 0
dsp services dspfarm
archive
log config
hidekeys
controller E1 0/0/0
pri-group timeslots 1-3,16
description == Voice Circuit to PSTN
controller E1 0/0/1
interface Loopback0
ip address 177.1.254.3 255.255.255.255
h323-gateway voip bind srcaddr 177.1.254.3
interface FastEthernet0/0
no ip address
duplex auto
speed auto
interface FastEthernet0/0.11
encapsulation dot1Q 11
ip address 177.3.11.1 255.255.255.0
ip helper-address 177.1.10.10
interface FastEthernet0/0.12
encapsulation dot1Q 12
ip address 177.3.12.1 255.255.255.0
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
interface Serial0/0/0:15
no ip address
encapsulation hdlc
isdn switch-type primary-net5
isdn incoming-voice voice
isdn bchan-number-order ascending
no cdp enable
interface Serial0/1/0
description == Frame-Relay Circuit to WAN
no ip address
encapsulation frame-relay
fair-queue 64 256 37
cdp enable
no frame-relay inverse-arp
frame-relay lmi-type ansi
ip rsvp bandwidth
interface Serial0/1/0.1 point-to-point
description == FR To HQ
ip address 177.0.201.2 255.255.255.0
snmp trap link-status
frame-relay interface-dlci 102
ip rsvp bandwidth 136
interface Serial0/1/1
no ip address
shutdown
clock rate 2000000
interface Service-Engine1/0
no ip address
shutdown
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
ip forward-protocol nd
ip http server
ip http authentication local
no ip http secure-server
ip http path flash:
control-plane
voice-port 0/0/0:15
translation-profile incoming 7DigitDNIS-to-10Digit
ccm-manager music-on-hold
sccp local Loopback0
sccp ccm 177.1.10.20 identifier 2 priority 2 version 5.0.1
sccp ccm 177.1.10.10 identifier 1 priority 1 version 5.0.1
sccp ccm 177.1.254.3 identifier 3 priority 3 version 5.0.1
sccp
sccp ccm group 1
bind interface Loopback0
associate ccm 2 priority 1
associate ccm 1 priority 2
associate ccm 3 priority 3
associate profile 4 register Br2-HW-Conf
associate profile 3 register Br2-HW-Xcode
associate profile 2 register Br2-711-MTP
associate profile 1 register Br2-729-MTP
dspfarm profile 3 transcode
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
codec g729r8
codec g729br8
maximum sessions 2
associate application SCCP
dspfarm profile 4 conference
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
codec g729r8
codec g729br8
maximum sessions 1
conference-join custom-cptone JOIN-TONE
conference-leave custom-cptone LEAVE-TONE
associate application SCCP
dspfarm profile 1 mtp
codec g729ar8
codec g729r8
rsvp
maximum sessions software 10
associate application SCCP
dspfarm profile 2 mtp
codec g711ulaw
rsvp
maximum sessions software 10
associate application SCCP
dial-peer voice 1 pots
incoming called-number .
direct-inward-dial
dial-peer voice 10 pots
destination-pattern 112
no digit-strip
port 0/0/0:15
dial-peer voice 11 pots
destination-pattern 00[1-9]T
port 0/0/0:15
prefix 0
dial-peer voice 12 pots
translation-profile outgoing Prefix1-toCorpHQ-ANI
destination-pattern 000T
port 0/0/0:15
prefix 00
dial-peer voice 100 voip
description == Inbound/Outbound H323 PSTN GW From/To GK and CUCM Pub
translation-profile incoming Prefix0_InFrom_CUCM
destination-pattern 0207033...$
voice-class codec 1
session target ipv4:177.1.10.10
incoming called-number .
ip qos dscp cs3 signaling
dial-peer voice 101 voip
description == Outbound H323 PSTN GW To CUCM Sub
destination-pattern 0207033...$
voice-class codec 1
session target ipv4:177.1.10.20
ip qos dscp cs3 signaling
dial-peer hunt 1
telephony-service
max-ephones 1
max-dn 1
ip source-address 177.1.254.3 port 2000
max-conferences 8 gain -6
moh test.au
multicast moh 239.2.1.1 port 16384 route 177.1.254.3 177.3.11.1
transfer-system full-consult
create cnf-files version-stamp 7960 Sep 13 2013 18:55:27
line con 0
exec-timeout 0 0
line aux 0
line 66
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
line vty 0 4
login
scheduler allocate 20000 1000
ntp source Loopback0
ntp update-calendar
ntp server 177.1.254.1
end -
2611XM refuses to grab a DHCP address from an upper router.
HI, first time here. Im a homeschooled student and trying to work on getting a CCNA. I ran into an issue which puts me in a stopping point. I have a Cisco 2611XM router in which im trying to pass internet traffic to a few select computers. The problem is the WAN (fa0/1) will not get an address from the d-link router which is handing out dhcp addresses to all my computers in the main network. Ive watched lots of youtube videos but only to validate Ive used the same methods they did. SO here is a quick run down of the topology.
cable modem>dlink router>cisco2611XM>dumbSwitch>Computer#3
> >LinksysSLMG224G 24 port switch>computers 1,2
As you can see my network splits off from the dlink into what needs to be 2 networks.
So why cant I get the WAN interface of the 2611XM to grab a dhcp address?
config
secureROUTER#sh run
Building configuration...
Current configuration : 1031 bytes
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname secureROUTER
boot-start-marker
boot-end-marker
enable secret 5 $1$fq4Z$ty8gmQfFw6v0sM2O0rW2D1
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
ip cef
no ip domain lookup
interface FastEthernet0/0
description LAN
ip address 10.0.0.1 255.255.255.0
ip nat inside
duplex auto
speed auto
no cdp enable
interface FastEthernet0/1
description WAN
ip address dhcp
ip nat outside
no ip route-cache cef
no ip route-cache
duplex auto
speed auto
no cdp enable
ip nat inside source list 1 interface FastEthernet0/0 overload
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/1
access-list 1 permit 10.0.0.0 0.0.0.255
no cdp run
banner motd ^CGet the fuck out!!^C
line con 0
line aux 0
line vty 0 4
password 7 111B1F5244000D
logging synchronous
login
endDuplicate post.
Go HERE. -
Cisco 876w: wlan client - routing problem
I configured a Cisco 876w to connect to an existing WLAN as a client. Now I would like to connect 3 PCs to the 876w which should be able to access the internet via the 876w.
Problem:
Being at the console (ssh) of the 876w, I can ping hosts in the internet (even with their name like www.google.com) but when I'm using a client PC, I can't... What am I missing here? Could it be a NAT problem?
Config:
Internet <---> DSL Router 192.168.1.1 (and WLAN AccessPoint) <---> Cisco 876w (gets IP per DHCP, VLAN1 IP: 10.10.10.1) <---> PC (10.10.10.101)
Current configuration : 9897 bytes
version 12.4
no service pad...dot11 vlan-name wlan-lan vlan 1
dot11 ssid WLAN
vlan 1
authentication open
authentication key-management wpa
wpa-psk ascii 7 0923467F1B2E52789807132F7A202E3D31
no ip source-route
ip dhcp excluded-address 10.10.10.1 10.10.10.9
ip dhcp excluded-address 10.10.10.101 10.10.10.254
ip dhcp pool ccp-pool1
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
domain-name cisco.test.com
dns-server 208.67.222.222
ip cef
no ip bootp server
ip domain name test.com
ip name-server 208.67.222.222ip ddns update method sdm_ddns1
HTTP
add http://[email protected]/nic/update?system=dyndns&hostname=//[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
remove http://[email protected]/nic/update?system=dyndns&hostname=//[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
no ipv6 cef
multilink bundle-name authenticated
isdn switch-type basic-net3
username admin privilege 15 secret 5 $1$uiouLKjbLIUBlKbj
username service privilege 15 secret 5 $1$LKjblkJNBLKkjlbkm
archive
log config
hidekeys
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
class-map type inspect match-all sdm-cls--1
match access-group name AllowAny
policy-map type inspect sdm-policy-sdm-cls--1
class type inspect sdm-cls--1
inspect
class class-default
drop
zone security wan
zone security lan
zone-pair security sdm-zp-lan-wan source lan destination wan
service-policy type inspect sdm-policy-sdm-cls--1
interface BRI0
description <--
no ip address
ip flow ingress
ip virtual-reassembly
encapsulation ppp
shutdown
dialer pool-member 1
isdn switch-type basic-net3
isdn point-to-point-setup
ppp multilink!
interface ATM0
backup interface BRI0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
shutdown
no atm ilmi-keepalive
interface ATM0.3 point-to-point
description <--
ip flow ingress
shutdown
pvc 1/32
pppoe-client dial-pool-number 2
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface Dot11Radio0
description <--
no ip address
no ip proxy-arp
ip flow ingress
ip virtual-reassembly
no ip route-cache cef
no ip route-cache
encryption mode ciphers aes-ccm
encryption vlan 1 mode ciphers aes-ccm
ssid WLAN
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role non-root
no cdp enable
interface Dot11Radio0.1
encapsulation dot1Q 1 native
ip address dhcp
ip nat outside
ip virtual-reassembly
no ip route-cache
no cdp enable
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 10.10.10.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
zone-member security lan
ip tcp adjust-mss 1412
interface Dialer0
ip ddns update hostname blahblah.dnsalias.com
ip ddns update sdm_ddns1
ip address negotiated
ip nat outside
ip virtual-reassembly
zone-member security wan
encapsulation ppp
shutdown
dialer pool 1
dialer idle-timeout 600
dialer string 01919214124
dialer load-threshold 20 outbound
dialer watch-group 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname asfa
ppp chap password 7 128763520
ppp pap sent-username asfa password 7 0302141555
ppp multilink
interface Dialer2
ip ddns update sdm_ddns1
ip address negotiated
ip mtu 1452
ip nat outside
ip virtual-reassembly
zone-member security wan
encapsulation ppp
dialer pool 2
dialer-group 2
no cdp enable
ppp authentication chap pap callin
ppp chap hostname gast
ppp chap password 7 095B239876473F06090A
ppp pap sent-username gast password 7 1239847629873693D
router rip
network 10.0.0.0
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip http server
ip http access-class 23ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 105 interface Dialer0 overload
ip nat inside source list 106 interface Dot11Radio0.1 overload
ip access-list extended AllowAny
remark CCP_ACL Category=128
permit ip 10.10.10.0 0.0.0.255 any
ip access-list extended nix
remark tut nix
remark CCP_ACL Category=2
permit tcp any any
permit udp any any
permit icmp any any
permit ip any any
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 100 remark CCP_ACL Category=2
access-list 100 permit ip any any
access-list 101 remark CCP_ACL Category=2
access-list 101 permit ip 10.10.10.0 0.0.0.255 any
access-list 102 remark CCP_ACL Category=2
access-list 102 permit ip 10.10.10.0 0.0.0.255 any
access-list 103 remark CCP_ACL Category=2
access-list 103 permit ip 10.10.10.0 0.0.0.255 any
access-list 105 remark Alles
access-list 105 remark CCP_ACL Category=2
access-list 105 permit ip 10.10.10.0 0.0.0.255 any
access-list 105 permit icmp 10.10.10.0 0.0.0.255 any
access-list 105 permit udp 10.10.10.0 0.0.0.255 any
access-list 105 permit tcp 10.10.10.0 0.0.0.255 any
access-list 106 remark NAT wlan
access-list 106 remark CCP_ACL Category=2
access-list 106 permit ip 10.10.10.0 0.0.0.255 any
access-list 106 permit icmp 10.10.10.0 0.0.0.255 any
access-list 106 permit udp 10.10.10.0 0.0.0.255 any
access-list 106 permit tcp 10.10.10.0 0.0.0.255 any
dialer watch-list 1 ip 208.67.222.222 255.255.255.255
dialer-list 1 protocol ip permit
no cdp run
radius-server attribute 32 include-in-access-req format %h
radius-server vsa send accounting
control-plane
banner exec ^C
% Password expiration warning.
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you
want to use.
^C
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
line con 0
no modem enable
transport output telnet
line aux 0
transport output telnet
line vty 0 4
transport input telnet ssh
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
#sh ip int brief
ndrmedienturm#sh ip int brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0 unassigned YES unset up up
FastEthernet1 unassigned YES unset up down
FastEthernet2 unassigned YES unset up down
FastEthernet3 unassigned YES unset up down
BRI0 unassigned YES NVRAM standby mode/disabled down
BRI0:1 unassigned YES unset administratively down down
BRI0:2 unassigned YES unset administratively down down
Dot11Radio0 unassigned YES TFTP up up
Dot11Radio0.1 unassigned YES DHCP up up
ATM0 unassigned YES NVRAM administratively down down
ATM0.3 unassigned YES unset administratively down down
SSLVPN-VIF0 unassigned NO unset up up
Vlan1 10.10.10.1 YES NVRAM up up
NVI0 unassigned YES unset administratively down down
Dialer0 unassigned YES NVRAM administratively down down
Dialer2 unassigned YES NVRAM up up
Virtual-Dot11Radio0 unassigned YES TFTP up up
Virtual-Dot11Radio0.1 192.168.1.54 YES DHCP up upHi,
Just check it out few things from client are you able to ping the wan interface of the cisco 876w and when you ping the internt address from client pc what is the out put of the nat translation in router.
The command to check the same is show ip nat translation is packet is gettin translated or not.
Hope to Help !!
Ganesh.H -
Cisco 877W router and external ADSL modem
Cisco 877W router and external ADSL modem
In order to support ADSL2+ on a pre ADSL2+ router and in preparation for a later migration to BT infinity I am trying to configure the Router using an external adsl2+ modem appropriately.
The original configuration had 3 ports configured as one (internal lan) vlan and bridge group together with one wireless sub-interface, the remaining port configured a second vlan and bridge group with a second wireless sub- interface. The Dialer was a member of the second bridge group. This way the second wireless interface and associated bridge group provided a kind of DMZ for outbound access.
The configuration I am attempting is similar the lan ports remain the same, but port 0 as a member of the vlan and bridge group (now a pppoe client) associated with one of the wireless sub interfaces as per above. The ATM interface is downed. This nearly works except that if the wireless subinterface on this bridge group is configured the dialer no longer dials giving a 'no dialer string' error. If I do not configure that wireless sub interface all works well.
If anyone is interested to look I would appreciate any comments. I enclose a sanitised config in which you will note the 'commented out' wireless subnet interface (in red).
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname xxxxxxxxxxxxxxxxxxxxx
boot-start-marker
boot-end-marker
logging buffered 4096 warnings
enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxxxx
aaa new-model
aaa group server radius sdm-vpn-server-group-2
aaa group server radius rad_eap
server 192.168.253.1 auth-port 1812 acct-port 1813
server 192.168.253.1 auth-port 1645 acct-port 1646
aaa group server radius rad_mac
aaa group server radius rad_acct
aaa group server radius rad_admin
aaa group server tacacs+ tac_admin
aaa group server radius rad_pmip
aaa group server radius dummy
aaa authentication login default local
aaa authentication login sdm_vpn_xauth_ml_2 group sdm-vpn-server-group-2
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default local
aaa authorization ipmobile default group rad_pmip
aaa authorization network sdm_vpn_group_ml_2 local
aaa accounting network acct_methods start-stop group rad_acct
aaa session-id common
clock timezone PCTime 0
clock summer-time PCTime date Mar 30 2003 1:00 Oct 26 2003 2:00
crypto pki trustpoint TP-self-signed-2834265337
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2834265337
revocation-check none
rsakeypair TP-self-signed-2834265337
crypto pki certificate chain TP-self-signed-2834265337
certificate self-signed 01 nvram:IOS-Self-Sig#2F.cer
dot11 syslog
dot11 ssid GuestAP
vlan 101
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 7 113B162712001F4A2D2B25
dot11 ssid LanAP
vlan 100
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa
mbssid guest-mode
no ip source-route
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 192.168.252.1 192.168.252.8
ip dhcp excluded-address 192.168.252.15 192.168.252.254
ip dhcp pool sdm-pool1
import all
network 192.168.252.0 255.255.255.0
domain-name XXX.Local
dns-server xxx.xxx.xxx.xxx
default-router 192.168.252.254
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
no ip bootp server
no ip domain lookup
ip domain name XXX.Local
ip name-server xxx.xxx.xxx.xxx
ip name-server xxx.xxx.xxx.xxx
ip reflexive-list timeout 120
vpdn enable
vpdn-group 1
request-dialin
protocol pppoe
username administrator privilege 15 secret 5 £££££££££££££££££££££
class-map type inspect match-any IN_to_OUT_CLASS
match protocol tcp
match protocol udp
match protocol icmp
class-map type inspect match-any OUT_to_IN_CLASS
match protocol https
match protocol smtp extended
class-map type inspect match-any DMZ_to_IN_CLASS
match protocol http
match protocol https
match protocol smtp extended
policy-map type inspect DMZ_to_IN_POL
class type inspect DMZ_to_IN_CLASS
inspect
class class-default
drop log
policy-map type inspect IN_to_OUT_POL
class type inspect IN_to_OUT_CLASS
inspect
class class-default
drop log
policy-map type inspect OUT_to_IN_POL
class type inspect OUT_to_IN_CLASS
inspect
class class-default
drop log
zone security INSIDE
zone security OUTSIDE
zone security DMZ
zone-pair security OUT_TO_IN source OUTSIDE destination INSIDE
service-policy type inspect OUT_to_IN_POL
zone-pair security IN_TO_OUT source INSIDE destination OUTSIDE
service-policy type inspect IN_to_OUT_POL
zone-pair security DMZ_TO_OUT source DMZ destination OUTSIDE
service-policy type inspect IN_to_OUT_POL
zone-pair security DMZ_TO_IN source DMZ destination INSIDE
service-policy type inspect DMZ_to_IN_POL
bridge irb
interface Loopback0
no ip address
interface Null0
no ip unreachables
interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
interface FastEthernet0
description Outside Interface (PPPoE)
interface FastEthernet1
description Inside Interface
switchport access vlan 10
interface FastEthernet2
description Inside Interface
switchport access vlan 10
spanning-tree portfast
interface FastEthernet3
description Inside Interface
switchport access vlan 10
spanning-tree portfast
interface Dot11Radio0
no ip address
no ip route-cache cef
no ip route-cache
encryption vlan 100 mode ciphers aes-ccm tkip
encryption vlan 101 mode ciphers aes-ccm tkip
ssid GuestAP
ssid LanAP
mbssid
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
channel 2437
station-role root
interface Dot11Radio0.100
description LanAP
encapsulation dot1Q 100
no ip route-cache
no cdp enable
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 spanning-disabled
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
!interface Dot11Radio0.101
! description GuestAP
! encapsulation dot1Q 101
! no ip route-cache
! no cdp enable
! bridge-group 1
! bridge-group 1 subscriber-loop-control
! bridge-group 1 spanning-disabled
! bridge-group 1 block-unknown-source
! no bridge-group 1 source-learning
! no bridge-group 1 unicast-flooding
interface Vlan1
description $ES_LAN$
no ip address
ip virtual-reassembly
pppoe enable group global
pppoe-client dial-pool-number 1
bridge-group 1
interface Vlan10
no ip address
ip virtual-reassembly
bridge-group 10
interface Dialer1
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1452
ip nat outside
ip virtual-reassembly
zone-member security OUTSIDE
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname XXXXXXX
ppp chap password 7 xxxxxxxxxxxxxxxxxxx
ppp pap sent-username xxxxxxxxxxxxxxxxxx password 7 xxxxxxxxxxxxxxxxxxxxx
ppp ipcp dns request
ppp ipcp wins request
hold-queue 224 in
interface Dialer0
no ip address
interface BVI10
description Inside Interface
ip address 192.168.253.254 255.255.255.0
ip access-group 101 in
ip helper-address 192.168.253.1
ip nat inside
ip virtual-reassembly
zone-member security INSIDE
interface BVI1
description DMZ Interface
ip address 192.168.252.254 255.255.255.0
ip nat inside
ip virtual-reassembly
zone-member security DMZ
ip local pool SDM_POOL_1 192.168.20.9 192.168.20.14
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
ip http server
ip http access-class 1
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
ip nat inside source list Inside_Clients_NAT interface Dialer1 overload
ip nat inside source static 192.168.253.10 xxx.xxx.xxx.xxx
ip access-list extended DMZ_to_IN_POL
remark SDM_ACL Category=128
permit ip any any
ip access-list extended Inside_Clients_NAT
remark SDM_ACL Category=2
permit ip 192.168.253.0 0.0.0.255 any
logging 192.168.253.10
access-list 1 remark Auto generated by SDM Management Access feature
access-list 1 remark SDM_ACL Category=1
access-list 1 permit 192.168.253.0 0.0.0.255
access-list 100 remark VTY Access-class list
access-list 100 remark SDM_ACL Category=1
access-list 100 permit ip 192.168.253.0 0.0.0.255 any
access-list 100 deny ip any any
access-list 101 remark Auto generated by SDM Management Access feature
access-list 101 remark SDM_ACL Category=1
access-list 101 remark Auto generated by SDM for NTP (123) xxx.xxx.xxx.xxx
access-list 101 permit udp host xxx.xxx.xxx.xxx eq ntp host 192.168.253.254 eq ntp
access-list 101 permit tcp 192.168.253.0 0.0.0.255 host 192.168.253.254 eq telnet
access-list 101 permit tcp 192.168.253.0 0.0.0.255 host 192.168.253.254 eq 22
access-list 101 permit tcp 192.168.253.0 0.0.0.255 host 192.168.253.254 eq www
access-list 101 permit tcp 192.168.253.0 0.0.0.255 host 192.168.253.254 eq 443
access-list 101 permit tcp 192.168.253.0 0.0.0.255 host 192.168.253.254 eq cmd
access-list 101 deny tcp any host 192.168.253.254 eq telnet
access-list 101 deny tcp any host 192.168.253.254 eq 22
access-list 101 deny tcp any host 192.168.253.254 eq www
access-list 101 deny tcp any host 192.168.253.254 eq 443
access-list 101 deny tcp any host 192.168.253.254 eq cmd
access-list 101 deny udp any host 192.168.253.254 eq snmp
access-list 101 permit ip any any
access-list 199 permit ip any host 10.1.1.1
dialer-list 1 protocol ip permit
no cdp run
radius-server attribute 32 include-in-access-req format %h
radius-server host 192.168.253.1 auth-port 1812 acct-port 1813 key 7 XXXXXXXXXXXXXXXXXX
radius-server host 192.168.253.1 auth-port 1645 acct-port 1646 key 7 XXXXXXXXXXXXXXXXXX
radius-server vsa send accounting
control-plane
bridge 1 protocol ieee
bridge 1 route ip
bridge 10 protocol ieee
bridge 10 route ip
banner login C Border Router
line con 0
no modem enable
transport output telnet
line aux 0
transport output telnet
line vty 0 4
access-class 100 in
privilege level 15
length 0
transport input telnet ssh
scheduler max-task-time 5000
scheduler interval 500
ntp server xxx.xxx.xxx.xxx source Dialer0 prefer
ntp server xxx.xxx.xxx.xxx source Dialer0 prefer
sntp server xxx.xxx.xxx.xxx
endHi Jody,
Apologies delay in replying. I have done the following:
Made two of the FE ports vlan1,BVI1 (for LAN traffic)
Left one port as VLAN10 as the pppoe client conected to the externalmodem
Made the last port VLAN10 as well and gave it an IP addess as for a DMZ client.
I have DHCP configured to serve the DMZ addresses.
This all works for LAN clients and also works for a client attachedto that physical DMZ port.
When I added a dot11radio sub interface into VLAN 10 the wireless client did not get an IP lease. Everything else continued to work.
I had never thought about this before, but if a dot11radio interface is on the same vlan (but not being part ofa bridge group) why are DHCP broadcasts not propogating to all the vlan members as I would have expected. I recognise that this isa limit in my understanding.
If I then made VLAN10 a member of a new Bridge Group, I lost WAN connectivity as per original posting.
I cannot add another VLAN due to the 2 vlan limit in this image.
Finally regarding your comment about giving it what it wants, what exactly did you have in mind. The dialer already has a dial string parameters configured.
Think I am about to give upon this.
Regards, -
%IPRT-3-RIB_LOOP: Resolution loop formed by routes in RIB
Does someone know how to debug this error message please?
%IPRT-3-RIB_LOOP: Resolution loop formed by routes in RIB
This error message spread everywhere inside my network.
thanks!!Hello Vincent,
This error mean that RIB route producers have installed routes in the RIB that form a loop during resolution. But, there could be several reasons for this. For. eg: a route received from a neighboring device and being installed in the RIB that conflicted with an already known/installed path.
When were these logs observed? Are there any other logs alongside this which can shed some more light on the actual problem. The supporting logs can tell which component is triggering this (like CEF discovering the routing for a prefix has recursive paths that lead back to itself). These logs are merely symptoms.
"show log" and "show ip route loops" will be good to have to start with!
Regards,
Imran -
857 Router Dot11Radio0 reset - problem
Hi all
I have just upgraded the IOS in a 857 Router to this:
ROUTER#sh version
Cisco IOS Software, C850 Software (C850-ADVSECURITYK9-M), Version 12.4(15)T7, RELEASE SOFTWARE (fc3)
but now I can't get the dot11radio 0 interface to come up. I just get a message saying the interface is reset and line protocol is down. I get this error message when I remove and re-insert the SSID -
ROUTER(config)#int dot11radio 0
ROUTER(config-if)#no ssid SSID
*Mar 1 04:04:24.655: %DOT11-4-NO_SSID: No SSID configured. Dot11Radio0 not started.
ROUTER(config-if)#ssid SSID
ROUTER(config-if)#
*Mar 1 04:04:24.655: %DOT11-4-NO_SSID: No SSID configured. Dot11Radio0 not started.
'Show run' shows the ssid is configured on the interface but the error message is saying that it doesn't have an ssid, even after a 'copy run start' and a 'reload'
I have spent hours on this and I can't find the problem. I have done numerous 'write erase' and 'reload' as well as re-installing the IOS twice.
Any advice would be very appreciated.
--- show output ---
ROUTER# sh ip int dot11Radio 0
Dot11Radio0 is reset, line protocol is down
Internet protocol processing disabled
ROUTER#sh int dot
ROUTER#sh int dot11Radio 0
Dot11Radio0 is reset, line protocol is down
Hardware is 802.11G Radio, address is xxxx.xxxx.xxxx (bia xxxx.xxxx.xxxx)
Description: WLAN
MTU 1500 bytes, BW 54000 Kbit/sec, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/30 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
ROUTER#
--- show run summary ---
dot11 syslog
dot11 ssid SSID
vlan 1
authentication open
authentication key-management wpa
wpa-psk ascii 0 ppppppppppp
bridge irb
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
interface ATM0.1 point-to-point
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface Dot11Radio0
description WLAN
no ip address
encryption vlan 1 mode ciphers tkip
ssid SSID
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
infrastructure-client
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Vlan1
description Bridged LAN and WLAN
no ip address
ip virtual-reassembly
ip tcp adjust-mss 1452
bridge-group 1
bridge-group 1 spanning-disabled
interface Dialer1
description $OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
ip nat outside
ip virtual-reassembly
encapsulation ppp
no ip route-cache cef
no ip route-cache
ip tcp adjust-mss 1242
no ip mroute-cache
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap ppppppp
ppp chap refuse
ppp pap sent-username uuuuuuuuu password 0 ppppppp
interface BVI1
ip address xxx.xxx.xxx.xxx 255.255.255.0
ip nat inside
ip virtual-reassemblyNot to worry everyone. I have figured it out. I replaced the dot11radio 0 intface with this config
interface Dot11Radio0
description WLAN
no ip address
encryption vlan 1 mode ciphers tkip
ssid SSID
no cdp enable
no ip address
no shutdown
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
infrastructure-client
and added in this config for the sub interface which was missing:
interface Dot11Radio0.1
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
Thanks anyway. -
7200 intervlan routing question
Hi experts, look this.
I have 7200 router conect to a switch with two interfaces Giga, trunk dot1q.
My problem is I lost traffic in my LAN, physical problems are discarded.
?This can be the source of the problem, two uplinks trunk with the same switch?
This is my config.
interface GigabitEthernet0/2
no ip address
no ip unreachables
no ip route-cache cef
no ip route-cache
load-interval 30
duplex full
speed 1000
media-type rj45
negotiation auto
no cdp enable
interface GigabitEthernet0/2.1
encapsulation dot1Q 1 native
ip address 200.235.110.1 255.255.255.192
no ip unreachables
no ip route-cache
no cdp enable
interface GigabitEthernet0/2.2
encapsulation dot1Q 2
ip address 200.235.110.65 255.255.255.224
no ip unreachables
no ip route-cache
ipv6 address 2910:1F0:FEFE:FEFE::1/48
no cdp enable
interface GigabitEthernet0/2.3
encapsulation dot1Q 3
ip address 200.235.110.97 255.255.255.224
no ip unreachables
no ip route-cache
no cdp enable
interface GigabitEthernet0/3
no ip address
no ip unreachables
no ip route-cache cef
no ip route-cache
load-interval 30
duplex auto
speed auto
media-type rj45
negotiation auto
no cdp enable
interface GigabitEthernet0/3.1
encapsulation dot1Q 23
ip address 200.230.64.41 255.255.255.252
no ip route-cache
no cdp enable
interface GigabitEthernet0/3.24
encapsulation dot1Q 24
ip address 200.235.110.201 255.255.255.248
no ip route-cache
no cdp enable
debug arp
*Feb 28 11:18:46.270: IP ARP: rcvd req src 206.23.14.139 0022.90f8.388e, dst 206.23.14.178 GigabitEthernet0/1
*Feb 28 11:18:46.294: IP ARP: rcvd req src 206.23.14.135 001e.f7f6.6280, dst 206.23.14.178 GigabitEthernet0/1
*Feb 28 11:18:46.294: IP ARP req filtered src 192.168.1.201 0030.48d8.5f80, dst 192.168.1.201 0000.0000.0000 wrong cable, interface GigabitEthernet0/2.11
*Feb 28 11:18:46.578: IP ARP: creating incomplete entry for IP address: 200.235.110.16 interface GigabitEthernet0/2.19
*Feb 28 11:18:46.578: IP ARP: sent req src 200.235.110.254 001a.2fe1.c71a,
dst 200.235.110.16 0000.0000.0000 GigabitEthernet0/2.19
*Feb 28 11:18:46.646: IP ARP: sent req src 200.235.119.254 001a.2fe1.c71a,
dst 200.25.9.84 0000.0000.0000 GigabitEthernet0/2.19
*Feb 28 11:18:46.670: IP ARP throttled out the ARP Request for 200.235.225.25
*Feb 28 11:18:46.670: IP ARP throttled out the ARP Request for 200.235.226.26
*Feb 28 11:18:46.710: IP ARP: sent req src 200.235.209.254 001a.2fe1.c71a,
dst 200.25.9.140 0000.0000.0000 GigabitEthernet0/2.19
*Feb 28 11:18:46.738: IP ARP: sent req src 200.235.224.1 001a.2fe1.c71a,
dst 200.25.24.51 0000.0000.0000 GigabitEthernet0/2.20
*Feb 28 11:18:46.742: IP ARP throttled out the ARP Request for 200.235.229.84The default gateway statement does not provided routing capability. You need to create a static default route for this to happen:
ip route 0.0.0.0 0.0.0.0 164.156.24.1
However, if you are unable to ping work station to workstation that are connected to ports directly on the switch then there is another problem.
With the workstations connected are you able to ping the respective Vlan interfaces associated with these devices?
If you do a "show IP interface brief" do the VLAN interfaces indicate they are up?
Are the workstations connected to ports in the appropriate VLAN and are these interfaces up and do they have the proper default gateway (VLAN IP) configured?
All things to check at this point, and then proceed form there. -
Cisco 3945 Policy Base Routing
I have a Cisco 3945, it has on it two DS3 lines which I like to treat independent from each other.
I can ping both Serial interfaces from the internet, and I can ping only GIG 0/0 from the internet. but since the router is configured with one static route, GIG 0/1 can't be ping from the outside
Any help would be greatly appreciated
This is my current config:
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname MOVLABT3-CA-ES
boot-start-marker
boot-end-marker
card type t3 1
card type t3 2
enable secret 4 oMCBqgRTCeX5XeEW3HsBW6zI763Fibuq/UrLhF/91Rs
no aaa new-model
no ipv6 cef
ip source-route
ip cef
multilink bundle-name authenticated
crypto pki token default removal timeout 0
crypto pki trustpoint TP-self-signed-1015775704
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1015775704
revocation-check none
rsakeypair TP-self-signed-1015775704
crypto pki certificate chain TP-self-signed-1015775704
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31303135 37373537 3034301E 170D3132 30393237 31383132
32305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 30313537
37353730 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
810097B2 EE9BF6EF F19DDD93 71CA6D5B D672A749 6997BB7E 81256BFA A2BE8B0F
E8EC5D36 F8618878 88C7016D D8998B95 293DE6F3 C0BB5CFE F2356AFD 26645A29
F3BB69C9 46B6959B 98F35193 9729499A 8C9097FE BD0A80A4 727C87F8 963200CE
E852DD3E 1F9F3B97 1DA1902D 7B352FAE 4FA08D32 95362373 887C6D02 6209152F
73850203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14BCCEA0 AF8EBDF2 05F01968 14CAE720 A41AE8FE EA301D06
03551D0E 04160414 BCCEA0AF 8EBDF205 F0196814 CAE720A4 1AE8FEEA 300D0609
2A864886 F70D0101 05050003 81810066 18505A9D 0D3C4C8F 0C90108D F0606014
0EAE4129 2908928E D4DA7FDC 17D2A21A 4B2689F3 AF6CA062 82A5E7EF 1A0EDA37
297AE79B 65F7182E ED4A57D7 081EC729 A85F2AFB 5A46136A F0F91853 46C89FA7
A1D9F67F 83961EFF E92D7363 D2862517 D1214501 84D675A0 8561891F 4E791F32
6E67990A 9A7B49F9 8D1A8CA0 51AAF2
quit
license udi pid C3900-SPE150/K9 sn FOC16313DE8
hw-module sm 1
hw-module sm 2
controller T3 1/0
cablelength 75
controller T3 2/0
cablelength 75
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
ip address 207.168.4.49 255.255.255.240
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/1
ip address 206.135.120.114 255.255.255.240
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
interface Serial1/0
ip address 206.135.100.202 255.255.255.252
ip nat outside
ip virtual-reassembly in
dsu bandwidth 44210
interface Serial2/0
ip address 205.214.40.6 255.255.255.252
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dsu bandwidth 44210
no ip classless
ip forward-protocol nd
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 206.135.100.201
access-list 1 permit 10.0.0.0 0.0.0.255
snmp-server community RO-N1mS0ft RO
control-plane
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
login
transport input all
scheduler allocate 20000 1000
endThis is what it looks like now, and I still can't ping gig 0/1 from the internet
interface GigabitEthernet0/0
ip address 207.168.4.49 255.255.255.240
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/1
ip address 206.135.120.114 255.255.255.240
ip virtual-reassembly in
ip policy route-map pbr
duplex auto
speed auto
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
interface Serial1/0
ip address 206.135.100.202 255.255.255.252
ip virtual-reassembly in
dsu bandwidth 44210
interface Serial2/0
ip address 205.214.40.6 255.255.255.252
ip virtual-reassembly in
encapsulation ppp
dsu bandwidth 44210
ip local policy route-map PBR
no ip classless
ip forward-protocol nd
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 206.135.100.201
access-list 1 permit 10.0.0.0 0.0.0.255
access-list 101 permit ip 206.135.120.112 0.0.0.15 any
route-map pbr permit 10
match ip address 101
set ip next-hop 205.214.40.5
snmp-server community RO-N1mS0ft RO
control-plane
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
login
transport input all
scheduler allocate 20000 1000
end -
i configured cef and vrf routing:
ip cef
ip vrf lan
rd 300:1
route-target export 300:1
route-target import 300:1
route-target import 200:1
ip vrf vrf1
rd 100:1
route-target export 100:1
route-target import 100:1
route-target import 300:1
ip vrf vrf2
rd 200:1
route-target export 200:1
route-target import 200:1
route-target import 300:1
interface GigabitEthernet0/0
ip vrf forwarding lan
interface GigabitEthernet0/1
ip vrf forwarding vrf1
interface GigabitEthernet1/0
ip vrf forwarding vrf2
ip route vrf lan 0.0.0.0 0.0.0.0 GigabitEthernet0/1
ip route vrf lan 0.0.0.0 0.0.0.0 GigabitEthernet1/0
when i send ping from vrf lan to vrf1, it doesn't work so well:
if i disable cef, it work fine.
i tried to delete vrf 2 and just route to vrf1, still no luck.
i used 3825 with ios 12.3, ip base. i upgraded to 12.4 spservices, and now it works.
same thing happend to me with 3845.
by the way, it does work with 3845 12.4 ipbase ios.Hi RJ ,
The private config contains data that can never be displayed , these are keys and certificates used by crypto image.
-Laxmi -
Setup 1941 router with cable modem and 2 vlan?
hello everyone,
i need a little help setting up my new 1941 router with cable modem using 2 vlns.
this is what i have:
1- 1941 router configured as g0/0 wan port facing isp configured as (dhcp). g0/1 is lan facing the switch (192.168.1.1)
dhcp pool (192.168.1.x)
2- sg300-28pp switch.
3- wap371 AP/ 11pcs..
now everything is working perfect except sometimes we have more than 250 to 300 people trying to connect to the wifi, the router will have no enough ip addresses.
i heard that i can setup 2 vlans to solve this problem? and is there any setup that i have to do on switch and Access points?
please i will appreciate any little help
Regardshello Andre Neethling i added network 192.168.0.0 255.255.254.0 to dhcp pool config and it seems that it is working but i am concern that i am going to have problem in the future so please take a look at the running config and let me know if i have everything done right. also we want to order static ip address from the provider for our security camera system and we will not longer receive dhcp ip from them and my router setup is to receive it as dhcp on g0/0 so what i should do about changing the settings on g0/0?
i appreciate your help
Building configuration...
Current configuration : 1163 bytes
! Last configuration change at 00:46:35 UTC Wed Apr 15 2015
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Abdullah
boot-start-marker
boot-end-marker
no aaa new-model
no ipv6 cef
ip source-route
ip cef
ip dhcp excluded-address 192.168.1.1 192.168.1.50
ip dhcp pool Local
import all
network 192.168.0.0 255.255.254.0
default-router 192.168.1.1
multilink bundle-name authenticated
license udi pid CISCO1941/K9 sn FTX1523022E
redundancy
interface GigabitEthernet0/0
ip address dhcp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
interface GigabitEthernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
ip forward-protocol nd
no ip http server
no ip http secure-server
ip nat inside source list 101 interface GigabitEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
control-plane
line con 0
line aux 0
line vty 0 4
login
scheduler allocate 20000 1000
end -
How to find all routes that are going out an interface in IOS-XR.
Hi all,
So if I have the following set up in IOS:
interface GigabitEthernet7/0/0.265
encapsulation dot1Q 265
ip vrf forwarding test
ip address 1.1.1.1 255.255.255.252
ip verify unicast reverse-path
end
ip route vrf Apollo 2.2.2.0 255.255.255.248 1.1.1.2
I can see all the routes that are going out the interface using show ip cef command:
ios-router#show ip cef vrf test GigabitEthernet7/0/0.265
2.2.2.0/29
nexthop 1.1.1.2 GigabitEthernet7/0/0.265
1.1.1.0/30
attached to GigabitEthernet7/0/0.265
1.1.1.2/32
attached to GigabitEthernet7/0/0.265
In case of IOS-XR (ASR9K 4.3.2 or 4.3.1) the same setup and command shows only
attached routes:
router static
vrf test
address-family ipv4 unicast
2.2.2.0/29 1.1.1.2
RP/0/RSP0/CPU0:TST_riga-sb7-pe-asr9#show cef vrf test bundle-ether2.265
Prefix Next Hop Interface
1.1.1.0/30 attached Bundle-Ether2.2220333
1.1.1.0/32 broadcast Bundle-Ether2.2220333
1.1.1.1/32 receive Bundle-Ether2.2220333
1.1.1.2/32 1.1.1.2 Bundle-Ether2.2220333
1.1.1.3/32 broadcast Bundle-Ether2.2220333
Is there any command to see all the routes that are going out an interface without complicated parsing
of the configuration, recursive show cef commands etc.?You can accomplish this with the "show route" command. Here is an example:
P/0/RSP1/CPU0:ASR9006-E#sh route next-hop tenGigE 0/3/0/2
Tue Oct 8 15:34:58.046 UTC
Codes: C - connected, S - static, R - RIP, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - ISIS, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, su - IS-IS summary null, * - candidate default
U - per-user static route, o - ODR, L - local, G - DAGR
A - access/subscriber, - FRR Backup path
Gateway of last resort is 172.18.87.1 to network 0.0.0.0
D 10.95.248.1/32 [90/128512] via 10.129.56.210, 4d00h, TenGigE0/3/0/2
C 10.129.56.208/30 is directly connected, 4d00h, TenGigE0/3/0/2
L 10.129.56.209/32 is directly connected, 4d00h, TenGigE0/3/0/2
O 10.242.142.240/30 [110/20] via 10.129.56.210, 3d11h, TenGigE0/3/0/2
[110/20] via 10.129.56.214, 3d11h, TenGigE0/3/0/3
D 192.168.1.16/32 [90/128512] via 10.129.56.210, 4d00h, TenGigE0/3/0/2
D 192.168.20.39/32 [90/128512] via 10.129.56.210, 4d00h, TenGigE0/3/0/2
RP/0/RSP1/CPU0:ASR9006-E#
Thanks,
Bryan -
I'm not new to Cisco routing and switching by any means, but I seem to be missing a basic routing issue somewhere. It looks like a rookie mistake, probably. I could use a second set of eyes on it. Basically, I have a remote switch that I cannot ping or telnet/ssh into directly. I have to get into the router in that remote office, then telnet into the switch from the router. That switch also cannot ping back to the gateway in my office. Here is a diagram of the situation:
Basically, I have a 3750X layer 3 switch acting as my core network router. It is the gateway for many of my subnets that traverse my network, such as 10.1.250.0 and 10.1.252.0. That switch is directly connected to a 2811 router that terminates a few Point to Point T1's. One of those T1's in question goes to a remote office and terminates on a 2820XM router. That router is then connected to a 3524PWR switch. It is the 3524 that I cannot ping or manage from my corporate office.
Connectivity:
The remote 2620 can ping and telnet into the 3524 (10.1.250.50)
Neither the local 2811 nor the local 3570x can ping the remote 3524
The remote 3524 cannot ping either of the local devices
I am using eigrp as my standard dynamic routing protocol
Configs
Below are the main portions of my configs, including interfaces and route entries. I have also listed pertinent portions of my route tables.
Local 3750x:
interface FastEthernet0
no ip address
no ip route-cache cef
no ip route-cache
interface GigabitEthernet1/0/8
switchport access vlan 252
speed 100
duplex full
interface Vlan30
description Management VLAN 30
ip address 10.1.250.1 255.255.255.0
interface Vlan252
ip address 10.1.252.101 255.255.255.252
router eigrp 7
network 10.0.0.0
redistribute static
Gateway of last resort is 10.1.252.250 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 10.1.252.250
10.0.0.0/8 is variably subnetted, 42 subnets, 5 masks
D 10.1.24.0/22 [90/2181376] via 10.1.252.102, 4w6d, Vlan252
C 10.1.250.0/24 is directly connected, Vlan30
L 10.1.250.1/32 is directly connected, Vlan30
C 10.1.252.100/30 is directly connected, Vlan252
L 10.1.252.101/32 is directly connected, Vlan252
D 10.1.252.112/30 [90/2178816] via 10.1.252.102, 4w6d, Vlan252
Local 2811:
interface FastEthernet0/0
ip address 10.1.252.102 255.255.255.252
duplex full
speed 100
interface Serial0/1/0:0
ip address 10.1.252.113 255.255.255.252
router eigrp 7
network 10.0.0.0
redistribute static
Gateway of last resort is 10.1.252.101 to network 0.0.0.0
D*EX 0.0.0.0/0 [170/28416] via 10.1.252.101, 3d15h, FastEthernet0/0
10.0.0.0/8 is variably subnetted, 37 subnets, 5 masks
D 10.1.24.0/22 [90/2181120] via 10.1.252.114, 3d15h, Serial0/1/0:0
D 10.1.250.0/24 [90/28416] via 10.1.252.101, 3d15h, FastEthernet0/0
D 10.1.250.16/29 [90/31232] via 10.1.252.101, 3d15h, FastEthernet0/0
D 10.1.250.24/29 [90/28928] via 10.1.252.101, 3d15h, FastEthernet0/0
C 10.1.252.112/30 is directly connected, Serial0/1/0:0
L 10.1.252.113/32 is directly connected, Serial0/1/0:0
D 10.1.252.248/29 [90/28416] via 10.1.252.101, 3d15h, FastEthernet0/0
Remote 262XM:
interface FastEthernet0/0
no ip address
speed 100
full-duplex
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 10.1.24.1 255.255.255.0
ip helper-address 10.1.2.10
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 10.1.25.1 255.255.255.0
ip helper-address 10.1.2.10
interface FastEthernet0/0.30
encapsulation dot1Q 30
ip address 10.1.250.49 255.255.255.0
interface Serial0/0
ip address 10.1.252.114 255.255.255.252
ip summary-address eigrp 7 10.1.24.0 255.255.252.0 5
router eigrp 7
passive-interface FastEthernet0/0.10
passive-interface FastEthernet0/0.20
passive-interface FastEthernet0/0.30
network 10.0.0.0
no auto-summary
Gateway of last resort is 10.1.252.113 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 35 subnets, 4 masks
D 10.1.252.248/29 [90/2181376] via 10.1.252.113, 6d21h, Serial0/0
C 10.1.25.0/24 is directly connected, FastEthernet0/0.20
C 10.1.24.0/24 is directly connected, FastEthernet0/0.10
D 10.1.24.0/22 is a summary, 4w6d, Null0
C 10.1.252.112/30 is directly connected, Serial0/0
D 10.1.252.100/30 [90/2181120] via 10.1.252.113, 6d21h, Serial0/0
D 10.1.252.108/30 [90/2690560] via 10.1.252.113, 3d15h, Serial0/0
D 10.1.252.104/30 [90/2690560] via 10.1.252.113, 6d21h, Serial0/0
D 10.1.250.56/29 [90/2181888] via 10.1.252.113, 6d21h, Serial0/0
D 10.1.250.32/29 [90/2184192] via 10.1.252.113, 6d21h, Serial0/0
D 10.1.250.16/29 [90/2184192] via 10.1.252.113, 6d21h, Serial0/0
D 10.1.250.24/29 [90/2181888] via 10.1.252.113, 6d21h, Serial0/0
C 10.1.250.0/24 is directly connected, FastEthernet0/0.30
D 10.1.248.0/24 [90/2181632] via 10.1.252.113, 6d21h, Serial0/0
D*EX 0.0.0.0/0 [170/2181376] via 10.1.252.113, 6d21h, Serial0/0
Remote 3524PWR
interface VLAN30
description Management Interface
ip address 10.1.250.50 255.255.255.252
no ip directed-broadcast
no ip route-cache
ip default-gateway 10.1.250.1
Can anyone see what I'm missing? I'm thinking the problem is probably with my 2620XM.
ThanksIn addition to the issues that Reza identifies I see this issue. You have configured this on the 3750
interface Vlan30
description Management VLAN 30
ip address 10.1.250.1 255.255.255.0
and then on the 3524 you have configured vlan 30 and subnet 10.1.250.0. The use of vlan 30 in two different parts of the network may be a bit confusing but it is not necessarily a problem. But the fact that you have the same subnet in two different parts of the network is a big problem. The 3750 believes that 10.1.250.0 is locally connected and will never go to the 2811 or over the T1 to try to get to that subnet somewhere else.
HTH
Rick
Maybe you are looking for
-
Table controlled partitioning - please share your experiences.
hello , is anyone using table controlled partitioning in the sap on db2 for z/os enviroment? can you please share your [good/bad]experiences on the subject ? is there anything we should all watchout for ? thanks omer brandis visit the sap on db2 for
-
Installed firefox 4 and now mouse wheel doesn't scroll in browser
I upgraded to the Firefox 4 browser, and since then I cannot scroll using the "mouse wheel" on my laptop's touch pad in the browser window. It works fine in other applications. I tried the tips suggested for a similar problem with version 3.etc, etc,
-
2007 imac shuts down intermittently mountain lion
I recently upgraded my mid 2007 from snow leopard to mountain lion and have noticed a few times since then that my mac shuts itself down if I leave it for a spell without using it (with safari pages open). I have it set to use screensaver after 15 m
-
Trouble shoot mac problems on a pc?
I am developing my AIR project on a PC, the project runs as desired on the PC, but is having several problems on the Mac I am testing on. It is becoming extremely painful trying to trouble shoot the problem, I have to change 1 line at a time, then co
-
hey, im doing a school project in iMovie on Jimi Hendrix. so i downloaded a few of his videos, and im going to make something out of it. but when i import it into iMovie, the 600 meg file ends up being 10 gig. it takes about 50 minutes to import, and