Re: smtp - IEWB lab 2, task 9.10

From: ccie2be (ccie2be@nyc.rr.com)
Date: Mon Nov 15 2004 - 12:24:31 GMT-3

Brian,

According to the note in SG on page 2-59, "Be sure to set the appropriate
bandwidth value when configuring the MQC on an interface"

When the interface in question is a F/R interface with sub-interfaces, at
which level, the physical or sub-interface should the bandwidth be set?

Thanks, Tim
----- Original Message -----
From: "Brian McGahan" <bmcgahan@internetworkexpert.com>
To: "John Matus" <jmatus@pacbell.net>
Cc: "lab" <ccielab@groupstudy.com>
Sent: Monday, November 15, 2004 9:36 AM
Subject: RE: smtp flow

> John,
>
> Yes there was a previous typo in this solution that was fixed.
> The correct ACLs read as follows:
>
> R3#
> ip access-list extended SMTP_FROM_SERVER
> permit tcp host 132.1.3.100 eq smtp any
>
> R5#
> ip access-list extended SMTP_TO_SERVER
> permit tcp any host 132.1.3.100 eq smtp
>
> See this post for reference:
>
> http://forum.internetworkexpert.com/ubbthreads/showflat.php?Cat=&Board=I
> EWB_RS_LAB2&Number=4830&Forum=All_Forums&Words=smtp&Searchpage=0&Limit=2
> 5&Main=1570&Search=true&where=bodysub&Name=&daterange=1&newerval=1&newer
> type=y&olderval=&oldertype=&bodyprev=#Post4830
>
> And no this isn't a CCNP level question ;)
>
> Thanks,
>
> Brian McGahan, CCIE #8593
> bmcgahan@internetworkexpert.com
>
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987 x 705
> Outside US: 775-826-4344 x 705
> 24/7 Support: http://forum.internetworkexpert.com
> Live Chat: http://www.internetworkexpert.com/chat/
>
>
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of
> > John Matus
> > Sent: Monday, November 15, 2004 12:29 AM
> > To: marc van hoof; ccie2be
> > Cc: lab
> > Subject: Re: smtp flow
> >
> > yes, that was my initial thinking, however internetwork experts had it
> > ass-backwards in their solution guide and i just wanted to make sure i
> was
> > correct <and they had a typo>
> >
> >
> > Regards,
> >
> > John D. Matus
> > MCSE, CCNP
> > Office: 818-782-2061
> > Cell: 818-430-8372
> > jmatus@pacbell.net
> > ----- Original Message -----
> > From: "marc van hoof" <mvh@marcvanhoof.com>
> > To: "ccie2be" <ccie2be@nyc.rr.com>
> > Cc: "John Matus" <jmatus@pacbell.net>; "lab" <ccielab@groupstudy.com>
> > Sent: Sunday, November 14, 2004 8:50 PM
> > Subject: Re: smtp flow
> >
> >
> > > oh, and to answer the question, i would probably go with:
> > >
> > > deny tcp any eq smtp any
> > >
> > > given that you have to look at the terms "server" and "client" from
> the
> > > perspective of the transaction, rather than the functions of the
> > > hardware...
> > >
> > > in a traditional transaction, a client will be the originator of a
> > > session, and the server will be the recipient...
> > >
> > > so PC 1 creates a tcp connection from some random source port to
> another
> > > computer on port 25... in this transaction, i'd interpret that as
> the
> > > "server"
> > >
> > > to block the return traffic, you need to stop it flowing from the
> > "server"
> > > on port 25 to the client's variable port, hence it must be
> unspecified
> > in
> > > the acl.
> > >
> > > the definition of "server" and "client" are something you could
> probably
> > > ask the proctor though - just to clarify your understanding of the
> > > question. "proctor - should we assume that the client is the
> originator
> > of
> > > the connection - i'm a bit confused because smtp is often used
> between
> > > mail servers"...
> > >
> > > -marc (#13832)
> > >
> > > On Sun, 14 Nov 2004, ccie2be wrote:
> > >
> > >> John,
> > >>
> > >> I don't know the answer for sure. But, in the lab, if something
> like
> > >> that
> > >> comes and the wording of the task didn't forbid it, what I would do
> is
> > >> use
> > >> both. Youdon't lose points for extra config commands which aren't
> > needed
> > >> as
> > >> long as the extra commands don't break or violate anything else.
> > >>
> > >> If one of those entries is the right entry but you don't know which
> one
> > >> and
> > >> just guess, you've got a 50% chance of being right. If you put in
> both
> > >> entries and the wrong entry does no harm, you've increase your odds
> to
> > >> 100%.
> > >>
> > >> FYI, smtp is usually not used between a server and a client.
> Usually,
> > >> it's
> > >> something like pop, (or imap?).
> > >>
> > >> HTH, Tim
> > >> ----- Original Message -----
> > >> From: "John Matus" <jmatus@pacbell.net>
> > >> To: "lab" <ccielab@groupstudy.com>
> > >> Sent: Sunday, November 14, 2004 10:09 PM
> > >> Subject: smtp flow
> > >>
> > >>
> > >>> if you are writing an acl that is denying a smpt flow from a
> server to
> > a
> > >>> client would it be:
> > >>>
> > >>> deny tcp any eq smtp any?..........(or deny tcp any any eq smtp)?
> > >>>
> > >>>
> > >>> Regards,
> > >>>
> > >>> John D. Matus
> > >>> MCSE, CCNP
> > >>> Office: 818-782-2061
> > >>> Cell: 818-430-8372
> > >>> jmatus@pacbell.net
> > >>>
> > >>>
> >
> _______________________________________________________________________
> > >>> Subscription information may be found at:
> > >>> http://www.groupstudy.com/list/CCIELab.html
> > >>
> > >>
> _______________________________________________________________________
> > >> Subscription information may be found at:
> > >> http://www.groupstudy.com/list/CCIELab.html
> >
> >
> _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:45 GMT-3