I never ran into a bug on both my labs, all things I thought it was a
bug was just me thinking the wrong way :-)
It will not change the point of the conversation. The labs are
developed and tested on the same platform and the same version as
you'll get on your attempt. Therefore minimizing the possibility of
running into a bug.
And please be cautious when calling it a bug, since most times it's a
misconfiguration, misassumption or just a clear or reload would fix
it. I've helped dozens of customers who claimed to have found a bug
which turned out to be something else.
--
Regards,
Rick Mur
CCIE2 #21946 (R&S / Service Provider)
Juniper JNCIA-ER & JNCIA-EX
MCSA:Messaging, MCSE
Sr. Support Engineer � IPexpert, Inc.
URL: http://www.IPexpert.com
On 20 aug 2009, at 18:31, Tony Varriale wrote:
> Again, as I've said, that's a poor assumption. I've run into the
> problem twice.
>
> Sent from my iPhone
>
> On Aug 20, 2009, at 11:22 AM, Rick Mur <rmur_at_ipexpert.com> wrote:
>
>> As I've said it's not very likely since they develop the exams on
>> the same IOS version.
>> The practice labs you make may not be designed on that specific
>> version or platform so it's much more likely to run into a bug.
>>
>> Like I said if you use a different solution than the proctors have
>> thought of you might run into a bug, still I think the questions
>> are specific enough to point you in the right direction.
>>
>>
>> --
>> Regards,
>>
>> Rick Mur
>> CCIE2 #21946 (R&S / Service Provider)
>> Juniper JNCIA-ER & JNCIA-EX
>> MCSA:Messaging, MCSE
>> Sr. Support Engineer b� IPexpert, Inc.
>> URL: http://www.IPexpert.com
>>
>> On 20 aug 2009, at 18:08, Tony Varriale wrote:
>>
>>> You are making a very poor assumption. I assure you that
>>> candidates can and will run into bugs.
>>>
>>> Sent from my iPhone
>>>
>>> On Aug 20, 2009, at 2:11 AM, Rick Mur <rmur_at_ipexpert.com> wrote:
>>>
>>>> Besides that it's forbidden to share that kind of specific
>>>> information, you
>>>> don't need to know.You will hardly ever be able to run into an
>>>> IOS bug if
>>>> you solve the question the way Cisco wants. They develop and test
>>>> the exams
>>>> on the IOS versions that runs on the racks, so if they run into a
>>>> bug,
>>>> they'll change the question.
>>>>
>>>>
>>>>
>>>> --
>>>> Regards,
>>>>
>>>> Rick Mur
>>>> CCIE2 #21946 (R&S / Service Provider)
>>>> Juniper JNCIA-ER & JNCIA-EX
>>>> MCSA:Messaging, MCSE
>>>> Sr. Support Engineer � IPexpert, Inc.
>>>> URL: http://www.IPexpert.com
>>>>
>>>> On Thu, Aug 20, 2009 at 6:17 AM, Ronald Johns <rj686b_at_att.com>
>>>> wrote:
>>>>
>>>>> Good to go. There have been a few labs where I've run into
>>>>> similar NAT
>>>>> issues so I've got a job ahead of me upgrading 7x2811's and a
>>>>> 2651XM
>>>>> tomorrow...
>>>>>
>>>>> Thanks for your help on this!
>>>>>
>>>>> - Ron
>>>>>
>>>>> -----Original Message-----
>>>>> From: Tony Schaffran (GS) [mailto:groupstudy_at_cconlinelabs.com]
>>>>> Sent: Wednesday, August 19, 2009 11:10 PM
>>>>> To: Ronald Johns; ccielab_at_groupstudy.com
>>>>> Subject: RE: Natting multicast problem...
>>>>>
>>>>> Confirmed.
>>>>>
>>>>> Definite NAT problem with that version of IOS.
>>>>>
>>>>> I just tried the same config on a different version and it is
>>>>> working as
>>>>> designed.
>>>>>
>>>>>
>>>>>
>>>>> Tony Schaffran
>>>>> Sr. Network Consultant
>>>>> CCIE #11071
>>>>> CCNP, CCNA, CCDA,
>>>>> NNCDS, NNCSS, CNE, MCSE
>>>>>
>>>>> cconlinelabs.com
>>>>> Your #1 choice for online Cisco rack rentals.
>>>>>
>>>>>
>>>>>
>>>>> -----Original Message-----
>>>>> From: Ronald Johns [mailto:rj686b_at_att.com]
>>>>> Sent: Wednesday, August 19, 2009 9:01 PM
>>>>> To: groupstudy_at_cconlinelabs.com; ccielab_at_groupstudy.com
>>>>> Subject: RE: Natting multicast problem...
>>>>>
>>>>> Yup! That's exactly what I'm seeing.
>>>>>
>>>>> -----Original Message-----
>>>>> From: Tony Schaffran (GS) [mailto:groupstudy_at_cconlinelabs.com]
>>>>> Sent: Wednesday, August 19, 2009 11:00 PM
>>>>> To: Ronald Johns; ccielab_at_groupstudy.com
>>>>> Subject: RE: Natting multicast problem...
>>>>>
>>>>> I seem to be missing the second part of the nat translation in the
>>>>> document.
>>>>>
>>>>> Rack1R1#sh ip nat trans
>>>>> Pro Inside global Inside local Outside local Outside
>>>>> global
>>>>> udp --- --- 224.0.0.9:520
>>>>> 160.1.12.2:520
>>>>> udp 160.1.12.1:520 160.1.12.1:520 224.0.0.9:520
>>>>> 160.1.12.2:520
>>>>>
>>>>> Here is my NAT trans
>>>>>
>>>>> R1#sh ip nat trans
>>>>> Pro Inside global Inside local Outside local
>>>>> Outside global
>>>>> udp --- --- 224.0.0.9:520
>>>>> 160.1.12.2:520
>>>>>
>>>>>
>>>>>
>>>>> Tony Schaffran
>>>>> Sr. Network Consultant
>>>>> CCIE #11071
>>>>> CCNP, CCNA, CCDA,
>>>>> NNCDS, NNCSS, CNE, MCSE
>>>>>
>>>>> cconlinelabs.com
>>>>> Your #1 choice for online Cisco rack rentals.
>>>>>
>>>>>
>>>>>
>>>>> -----Original Message-----
>>>>> From: Ronald Johns [mailto:rj686b_at_att.com]
>>>>> Sent: Wednesday, August 19, 2009 8:40 PM
>>>>> To: groupstudy_at_cconlinelabs.com; ccielab_at_groupstudy.com
>>>>> Subject: RE: Natting multicast problem...
>>>>>
>>>>> Here's what I see:
>>>>>
>>>>> R7's debug IP packet detail:
>>>>>
>>>>> IP: s=150.100.78.8 (Serial0/0/0), d=224.0.0.9, len 92, rcvd 2
>>>>> UDP src=520, dst=520
>>>>> IP: s=150.100.78.7 (local), d=224.0.0.9 (Serial0/0/0), len 52,
>>>>> sending
>>>>> broad/multicast
>>>>> UDP src=520, dst=520
>>>>> IP: s=150.100.78.8 (Serial0/0/0), d=224.0.0.9, len 52, rcvd 2
>>>>> UDP src=520, dst=520
>>>>>
>>>>> R8's:
>>>>>
>>>>> IP: s=150.100.78.8 (local), d=224.0.0.9 (Serial0/0/0), len 92,
>>>>> sending
>>>>> broad/multicast
>>>>> UDP src=520, dst=520
>>>>> IP: s=150.100.78.7 (Serial0/0/0), d=224.0.0.9, len 92, rcvd 2
>>>>> UDP src=520, dst=520
>>>>> IP: s=150.100.78.8 (local), d=224.0.0.9 (Serial0/0/0), len 92,
>>>>> sending
>>>>> broad/multicast
>>>>> UDP src=520, dst=520
>>>>> IP: s=150.100.78.7 (Serial0/0/0), d=224.0.0.9, len 92, rcvd 2
>>>>> UDP src=520, dst=520
>>>>>
>>>>> Nat's configured:
>>>>>
>>>>> R7(config-if)#do sh ip nat trans
>>>>> Pro Inside global Inside local Outside local
>>>>> Outside global
>>>>> udp --- --- 224.0.0.9:520
>>>>> 150.100.78.8:520
>>>>>
>>>>> There's no debug info showing for nat on R7 either with deb ip
>>>>> nat detail
>>>>> configured.
>>>>>
>>>>> -----Original Message-----
>>>>> From: Tony Schaffran (GS) [mailto:groupstudy_at_cconlinelabs.com]
>>>>> Sent: Wednesday, August 19, 2009 10:31 PM
>>>>> To: Ronald Johns; ccielab_at_groupstudy.com
>>>>> Subject: RE: Natting multicast problem...
>>>>>
>>>>> What symptoms are you seeing?
>>>>>
>>>>> I loaded the same IOS and configured as per the document I sent
>>>>> you.
>>>>>
>>>>> I am seeing the unicast on R2, but I am also still seeing the
>>>>> multicast.
>>>>>
>>>>>
>>>>>
>>>>> Tony Schaffran
>>>>> Sr. Network Consultant
>>>>> CCIE #11071
>>>>> CCNP, CCNA, CCDA,
>>>>> NNCDS, NNCSS, CNE, MCSE
>>>>>
>>>>> cconlinelabs.com
>>>>> Your #1 choice for online Cisco rack rentals.
>>>>>
>>>>>
>>>>>
>>>>> -----Original Message-----
>>>>> From: Ronald Johns [mailto:rj686b_at_att.com]
>>>>> Sent: Wednesday, August 19, 2009 8:07 PM
>>>>> To: groupstudy_at_cconlinelabs.com; ccielab_at_groupstudy.com
>>>>> Subject: RE: Natting multicast problem...
>>>>>
>>>>> Advanced Enterprise 12.4(23) on a 2811.
>>>>>
>>>>> Thanks,
>>>>> Ron
>>>>>
>>>>> -----Original Message-----
>>>>> From: Tony Schaffran (GS) [mailto:groupstudy_at_cconlinelabs.com]
>>>>> Sent: Wednesday, August 19, 2009 10:06 PM
>>>>> To: Ronald Johns; ccielab_at_groupstudy.com
>>>>> Subject: RE: Natting multicast problem...
>>>>>
>>>>> What exact IOS version and feature set are you using?
>>>>>
>>>>> Tony Schaffran
>>>>> Sr. Network Consultant
>>>>> CCIE #11071
>>>>> CCNP, CCNA, CCDA,
>>>>> NNCDS, NNCSS, CNE, MCSE
>>>>>
>>>>> cconlinelabs.com
>>>>> Your #1 choice for online Cisco rack rentals.
>>>>>
>>>>>
>>>>>
>>>>> -----Original Message-----
>>>>> From: Ronald Johns [mailto:rj686b_at_att.com]
>>>>> Sent: Wednesday, August 19, 2009 7:57 PM
>>>>> To: groupstudy_at_cconlinelabs.com; ccielab_at_groupstudy.com
>>>>> Subject: RE: Natting multicast problem...
>>>>>
>>>>> Yeah - I tried that too - the config I used is towards the end
>>>>> of the post,
>>>>> and my debug ip packet detail (pasted below as well) shows that
>>>>> it's not
>>>>> working for some reason... I need to try a different version of
>>>>> IOS...
>>>>> I'll do this tomorrow and see what happens. Ultimately, I was
>>>>> curious to
>>>>> know what version of IOS was on the San Jose CCIE R&S lab
>>>>> routers, but like
>>>>> I mentioned previously, I have no idea if this would be a
>>>>> violation of NDA.
>>>>> It'd sure be nice to have the same exact version of code on my lab
>>>>> routers...
>>>>>
>>>>> -----Original Message-----
>>>>> From: Tony Schaffran (GS) [mailto:groupstudy_at_cconlinelabs.com]
>>>>> Sent: Wednesday, August 19, 2009 9:49 PM
>>>>> To: Ronald Johns; ccielab_at_groupstudy.com
>>>>> Subject: RE: Natting multicast problem...
>>>>>
>>>>> Wait.
>>>>>
>>>>> Yes it did.
>>>>>
>>>>> I did not look down far enough.
>>>>>
>>>>> Tony Schaffran
>>>>> Sr. Network Consultant
>>>>> CCIE #11071
>>>>> CCNP, CCNA, CCDA,
>>>>> NNCDS, NNCSS, CNE, MCSE
>>>>>
>>>>> cconlinelabs.com
>>>>> Your #1 choice for online Cisco rack rentals.
>>>>>
>>>>>
>>>>>
>>>>> -----Original Message-----
>>>>> From: Ronald Johns [mailto:rj686b_at_att.com]
>>>>> Sent: Wednesday, August 19, 2009 7:45 PM
>>>>> To: groupstudy_at_cconlinelabs.com; ccielab_at_groupstudy.com
>>>>> Subject: RE: Natting multicast problem...
>>>>>
>>>>> I sorta added that because I thought without passive interface
>>>>> configured,
>>>>> there'd still be multicasts sent, wouldn't there? The actual
>>>>> task states
>>>>> this:
>>>>>
>>>>> RIP updates from R7 on 150.100.78.0/24 network should not send
>>>>> multicast
>>>>> or
>>>>> broadcast packets. Do NOT use the "neighbor" command to
>>>>> accomplish this.
>>>>>
>>>>> -----Original Message-----
>>>>> From: Tony Schaffran (GS) [mailto:groupstudy_at_cconlinelabs.com]
>>>>> Sent: Wednesday, August 19, 2009 9:42 PM
>>>>> To: Ronald Johns; ccielab_at_groupstudy.com
>>>>> Subject: RE: Natting multicast problem...
>>>>>
>>>>> You said neighbor with passive interface.
>>>>>
>>>>> How about just neighbor statement?
>>>>>
>>>>> Tony Schaffran
>>>>> Sr. Network Consultant
>>>>> CCIE #11071
>>>>> CCNP, CCNA, CCDA,
>>>>> NNCDS, NNCSS, CNE, MCSE
>>>>>
>>>>> cconlinelabs.com
>>>>> Your #1 choice for online Cisco rack rentals.
>>>>>
>>>>>
>>>>>
>>>>> -----Original Message-----
>>>>> From: Ronald Johns [mailto:rj686b_at_att.com]
>>>>> Sent: Wednesday, August 19, 2009 7:37 PM
>>>>> To: groupstudy_at_cconlinelabs.com; ccielab_at_groupstudy.com
>>>>> Subject: RE: Natting multicast problem...
>>>>>
>>>>> Yeah - that was part of the requirement - can't use "neighbor"...
>>>>>
>>>>> -----Original Message-----
>>>>> From: Tony Schaffran (GS) [mailto:groupstudy_at_cconlinelabs.com]
>>>>> Sent: Wednesday, August 19, 2009 9:35 PM
>>>>> To: Ronald Johns; ccielab_at_groupstudy.com
>>>>> Subject: RE: Natting multicast problem...
>>>>>
>>>>> Why use NAT?
>>>>>
>>>>> Wouldn't that just need a neighbor statement in your RIP config
>>>>> to use
>>>>> unicast instead of multicast?
>>>>>
>>>>> Why does it need to be so difficult? Am I reading your
>>>>> requirement wrong?
>>>>>
>>>>>
>>>>>
>>>>> Tony Schaffran
>>>>> Sr. Network Consultant
>>>>> CCIE #11071
>>>>> CCNP, CCNA, CCDA,
>>>>> NNCDS, NNCSS, CNE, MCSE
>>>>>
>>>>> cconlinelabs.com
>>>>> Your #1 choice for online Cisco rack rentals.
>>>>>
>>>>>
>>>>>
>>>>> -----Original Message-----
>>>>> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On
>>>>> Behalf Of
>>>>> Ronald Johns
>>>>> Sent: Wednesday, August 19, 2009 7:15 PM
>>>>> To: ccielab_at_groupstudy.com
>>>>> Subject: Natting multicast problem...
>>>>>
>>>>> Is it possible to find out the specific version of code on the
>>>>> San Jose lab
>>>>> routers? Are they all running the same code? Would this be a
>>>>> violation of
>>>>> NDA to share? The reason I'm asking is I think I'm running into
>>>>> a NAT bug
>>>>> in
>>>>> 12.4(23). At least I think it's a nat bug...
>>>>>
>>>>> R7 s0/0/0 (150.100.78.7/24)--------------R8 s0/0/0
>>>>> (150.100.78.8/24)
>>>>>
>>>>> Running RIP between the routers, the requirement is to not send
>>>>> multicasts
>>>>> or
>>>>> broadcasts across the link and you can't use "neighbor" w/passive
>>>>> interface.
>>>>> Here's the related parts of the NAT config:
>>>>>
>>>>> int s0/0/0
>>>>> ip nat outside
>>>>>
>>>>> access-list 101 permit udp host 150.100.78.8 eq 520 host
>>>>> 224.0.0.9 eq 520
>>>>>
>>>>> ip nat pool rip 224.0.0.9 224.0.0.9 netmask 255.255.255.0
>>>>> ip nat outside source list 101 pool rip
>>>>>
>>>>> Here's what debug ip nat detail shows:
>>>>>
>>>>> Aug 20 01:51:57.291: NAT: failed to allocate address for
>>>>> 150.100.78.8,
>>>>> list/map 101
>>>>> *Aug 20 01:51:57.291: NAT: failed to allocate address for
>>>>> 150.100.78.8,
>>>>> list/map 101
>>>>> *Aug 20 02:02:39.599: NAT: translation failed (B), dropping packet
>>>>> s=150.100.78.8 d=224.0.0.9
>>>>>
>>>>> I thought it might have had to do with the pool referencing
>>>>> multicast space
>>>>> or
>>>>> something like that so I tried a different pool with a random
>>>>> unicast IP
>>>>> and
>>>>> got the same "failed to allocate..." error.
>>>>>
>>>>> I found this bug, but it only refers to this being a problem
>>>>> when natting
>>>>> at
>>>>> a
>>>>> GRE tunnel (Bug ID CSCsy97506
>>>>> <
>>>>> http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fe
>>>>> t
>>>>> chBugDetails&bugId=CSCsy97506&from=summary> ) so I tried
>>>>> disabling ip cef
>>>>> and
>>>>> ip mroute cache on the interface, but that didn't make any
>>>>> difference. I
>>>>> also
>>>>> tried a static translation:
>>>>>
>>>>> ip nat outside source static udp 150.100.78.8 520 224.0.0.9 520
>>>>>
>>>>> That didn't work either, but I didn't see any errors show up in
>>>>> my "debug
>>>>> ip
>>>>> nat detail"... I see the translation:
>>>>>
>>>>> Pro Inside global Inside local Outside local
>>>>> Outside global
>>>>> udp --- --- 224.0.0.9:520
>>>>> 150.100.78.8:520
>>>>>
>>>>> but it's not getting used:
>>>>>
>>>>> *Aug 20 02:05:49.123: IP: s=150.100.78.8 (Serial0/0/0),
>>>>> d=224.0.0.9, len
>>>>> 92,
>>>>> rcvd 2
>>>>> *Aug 20 02:05:49.123: UDP src=520, dst=520
>>>>> *Aug 20 02:05:59.155: IP: s=150.100.78.7 (local), d=224.0.0.9
>>>>> (Serial0/0/0),
>>>>> len 412, sending broad/multicast
>>>>> *Aug 20 02:05:59.155: UDP src=520, dst=520
>>>>>
>>>>> Any ideas? Is my config jacked?
>>>>>
>>>>> Thanks,
>>>>>
>>>>> Ron Johns
>>>>> Sr. Network Engineer
>>>>> IT Department
>>>>> CCNP, CCDP, CCSP, CISSP
>>>>> AT&T WiFi Services
>>>>>
>>>>>
>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>
>>>>> _______________________________________________________________________
>
>>>
>>>>> Subscription information may be found at:
>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>>
>>>>>
>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>
>>>>> _______________________________________________________________________
>
>>>
>>>>> Subscription information may be found at:
>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>
>>>>
>>>> Blogs and organic groups at http://www.ccie.net
>>>>
>>>> _______________________________________________________________________
>
>>>
>>>> Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>
>>> Subscription information may be found at:http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Thu Aug 20 2009 - 18:54:21 ART