From: Ravi Singh (way2ccie@googlemail.com)
Date: Sat Feb 07 2009 - 06:05:19 ARST
I can help with the Bridging part. I have it with examples and in easy to
understand terms on my blog here :
http://myway2ccie.blogspot.com/2009/01/bridging-explained-with-configuration.html
P.S -: Please bear with the almost empty & dull blog. I have recently
started this blog so its the only technical post there as of now. ( and
looks like will remain the only one unless I hire myself a typist to do the
job for me :-) )
HTH,
Ravi
On Fri, Feb 6, 2009 at 6:42 PM, karim jamali <karim.jamali@gmail.com> wrote:
> Dear Experts,
>
> I have MANY questions I would like to pose.I would be really glad for your
> help and support.
>
> *TOPIC 1: BRIDGING*
> 1) I do understand how to configure bridging i.e. the three main types
> a) transparent ( it constitutes of forming a bridge-group and assigning the
> interfaces to that bridge-group)
> b) CRB ( A BVI represents the bridged domain to the Layer 3 domain. You can
> run OSPF/RIP/EIGRP..etc on the BVI to communicate with other L3 devices.
> But if another interface on that same router is running a routing
> protocol,there will be no communication between the two domains , i.e. You
> can't come in through the BVI to reach
> the routes learned from the other interface and vice-versa
> c) IRB: similar to CRB but the problem of the communication between the
> two
> domains is solved.
>
> But i don't have a thorough understanding of How BRIDGING Works?If anyone
> can provide me a link/document/explanation i will be thankful.
>
> *TOPIC 2: MULTICAST*
> 1) When Using Auto-RP do i need the rp-announce-filter command if i already
> set the ip pim send-rp-announce (associated with an access-list)?Is there
> any use of having it on both sides?
> 2) ip igmp access-group under an interface will determine whether hosts can
> join/not a certain multicast group.Please correct me if i am wrong.
> 3) What is the difference Between using access-list to deny traffic for
> certain groups and using ip multicast-boundary?
>
> *TOPIC 3: NAC(Network Admission Control)*
> The 3 players which i know about in NAC are Network Access Device( in R&S
> the router),Cisco Trust Agent( software which runs on end point
> clients),ACS.
> The NAC (Router) will challenge the host about its antivirus state, the
> Cisco trust agent is the one responsible for collecting statistics on the
> end machine and sending it
> to the Router.
> FROM DOC CD simply
> The endpoint system is then challenged for its antivirus state over an
> EAPoUDP association. The endpoint system gains access to the network if it
> complies with the network admission control policy as evaluated by the
> Cisco
> Secure ACS. If the endpoint system does not comply, the device is either
> denied access or quarantined.
> **
> *Is this the concept behind NAC?Is it only used for Antivirus checking ??*
> **
> *TOPIC 4: IP PREFIX-LISTS*
>
> I am fine with using simple prefix lists 192.168.1.0/24 or matching simple
> stuff (default route /match any...etc) 0.0.0.0/0 ...0.0.0.0/0 le 32
>
> But Can someone explain to me for instance 192.168.44.0/22 gt 23 le 26 ?
> How
> can i figure out what exactly i am matching?
>
> *TOPIC 5: Protocol Numbers*
>
> I got a task that says to match SMTP/POP3...etc. Should i memorize the port
> numbers?is there a way i can figure it out?I would be grateful for any
> reference.
>
>
>
> TOPIC 6: *PPP OVER FRAME-RELAY*
>
> When I am running PPP Over FRAME-RELAY ON A MULTIPOINT SUBINTERFACE with
> two
> DLCIs (101,102) for instance, I noticed i had two virtual-access interfaces
> came up for each of the two dlcis. show ip route to any route in the domain
> showed me the route repeated twice one per
> dlci(virtual-access1,virtual-access2) . Is this normal behavior?
> How will the router know where to recurse to? What if it recurses to the
> virtual-access interface which corresponds to the wrong dlci. I had
> reachability problems due to this when testing. If someone knows anything
> about this please explain.
>
>
>
>
> I will be grateful for any help i will get.
>
>
>
> --
> KJ
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:10 ARST