From: Salahaddin Elshekeil (salah.elshekeil@gmail.com)
Date: Fri Feb 06 2009 - 19:16:35 ARST
Hi mate,
I can answer u about what I know :)
*TOPIC 1: BRIDGING*
mmm really I don't have 100% idea how it works!
*TOPIC 2: MULTICAST*
in Auto RP there is two sides
RP, Mapping agent
ex,
RP SIDE
access-list 1 permit 224.0.0.0 0.255.255.255
ip pim send-rp-announce Loopback0 scope 16 group-list 1
this in the RP-SIDE so it will send a multicast to the mapping agent I'm the
RP
for this groups, this traffic will be Multicast, but in case if u r usen BSR
it will me unicast
Mapping-agent:
ip pim send-rp-discovery Loopback0 scope 16
this command will announce to the pim enabled devices about the RPs
so here in the mapping agent u can filter which groups belonges to which RP
usen the "rp-announce-filter" command
ex:
access-list 11 permit 224.0.0.0 0.255.255.255
access-list 22 permit 2.2.2.2
ip pim rp-announce-filter rp-list 22 group-list 11
the 22 access-list is the RP loopback
the 11 access-list is the Groups of the RP
u can make the mapping agent and the rp in the same box
u can also configure the mapping agent without filtering,
but make sure u give ip pim sparse-mode in the loopback interfaces
*TOPIC 4: IP PREFIX-LISTS*
But Can someone explain to me for instance 192.168.44.0/22 gt 23 le 26 ? How
can i figure out what exactly i am matching?
this will match the first 22 bit of 192.168.44.0/22
which has mask of at least 23 and less than 26!
*TOPIC 5: Protocol Numbers*
u can refer to the NBAR to find the ports !
TOPIC 6: *PPP OVER FRAME-RELAY*
I didn't get the last point!
Salah
On Fri, Feb 6, 2009 at 9:42 PM, karim jamali <karim.jamali@gmail.com> wrote:
> Dear Experts,
>
> I have MANY questions I would like to pose.I would be really glad for your
> help and support.
>
> *TOPIC 1: BRIDGING*
> 1) I do understand how to configure bridging i.e. the three main types
> a) transparent ( it constitutes of forming a bridge-group and assigning the
> interfaces to that bridge-group)
> b) CRB ( A BVI represents the bridged domain to the Layer 3 domain. You can
> run OSPF/RIP/EIGRP..etc on the BVI to communicate with other L3 devices.
> But if another interface on that same router is running a routing
> protocol,there will be no communication between the two domains , i.e. You
> can't come in through the BVI to reach
> the routes learned from the other interface and vice-versa
> c) IRB: similar to CRB but the problem of the communication between the
> two
> domains is solved.
>
> But i don't have a thorough understanding of How BRIDGING Works?If anyone
> can provide me a link/document/explanation i will be thankful.
>
> *TOPIC 2: MULTICAST*
> 1) When Using Auto-RP do i need the rp-announce-filter command if i already
> set the ip pim send-rp-announce (associated with an access-list)?Is there
> any use of having it on both sides?
> 2) ip igmp access-group under an interface will determine whether hosts can
> join/not a certain multicast group.Please correct me if i am wrong.
> 3) What is the difference Between using access-list to deny traffic for
> certain groups and using ip multicast-boundary?
>
> *TOPIC 3: NAC(Network Admission Control)*
> The 3 players which i know about in NAC are Network Access Device( in R&S
> the router),Cisco Trust Agent( software which runs on end point
> clients),ACS.
> The NAC (Router) will challenge the host about its antivirus state, the
> Cisco trust agent is the one responsible for collecting statistics on the
> end machine and sending it
> to the Router.
> FROM DOC CD simply
> The endpoint system is then challenged for its antivirus state over an
> EAPoUDP association. The endpoint system gains access to the network if it
> complies with the network admission control policy as evaluated by the
> Cisco
> Secure ACS. If the endpoint system does not comply, the device is either
> denied access or quarantined.
> **
> *Is this the concept behind NAC?Is it only used for Antivirus checking ??*
> **
> *TOPIC 4: IP PREFIX-LISTS*
>
> I am fine with using simple prefix lists 192.168.1.0/24 or matching simple
> stuff (default route /match any...etc) 0.0.0.0/0 ...0.0.0.0/0 le 32
>
> But Can someone explain to me for instance 192.168.44.0/22 gt 23 le 26 ?
> How
> can i figure out what exactly i am matching?
>
> *TOPIC 5: Protocol Numbers*
>
> I got a task that says to match SMTP/POP3...etc. Should i memorize the port
> numbers?is there a way i can figure it out?I would be grateful for any
> reference.
>
>
>
> TOPIC 6: *PPP OVER FRAME-RELAY*
>
> When I am running PPP Over FRAME-RELAY ON A MULTIPOINT SUBINTERFACE with
> two
> DLCIs (101,102) for instance, I noticed i had two virtual-access interfaces
> came up for each of the two dlcis. show ip route to any route in the domain
> showed me the route repeated twice one per
> dlci(virtual-access1,virtual-access2) . Is this normal behavior?
> How will the router know where to recurse to? What if it recurses to the
> virtual-access interface which corresponds to the wrong dlci. I had
> reachability problems due to this when testing. If someone knows anything
> about this please explain.
>
>
>
>
> I will be grateful for any help i will get.
>
>
>
> --
> KJ
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:10 ARST