IRC Logs

Network: freenode Channel: #cisco

	Enter your search terms Submit search form
	Web www.irclog.org

[18:38]<dzzc1lyvn>across campus..
[18:38]<dzzc1lyvn>he nemith
[18:38]<dzzc1lyvn>new project for the semester
[18:38]<dzzc1lyvn>summer rather
[18:39]<dzzc1lyvn>Xiruss 3900's deployed to all Dorms :P
[18:39]<dzzc1lyvn>we bought the management unit for $30K
[18:47]<vd2r>dog: IOS on the 6509 is going to be a fairly unique IOS since it's running off of the msfc on the sup. it's sort of a switch IOS and an MSFC IOS smashed together. unless you're doing hybrid mode which is ios on the msfc and catos on the sup.
[18:54]<gndyvx>ooh.. i think we are going to do mpls in our network
[18:56]<dzzc1lyvn>neat..
[18:58]<dzzc1lyvn>nemith: you don't have it in place yet?
[18:59]<gndyvx>well the SP side does of course
[18:59]<gndyvx>so we use a L3 VPN connection from them to use our network
[19:00]<gndyvx>but we are thinking of running our own MPLS on top of that :)
[19:02]<gnnzv>nemith: which ASN are you?
[19:03]<gndyvx>TWTC is 4323
[19:03]<gnnzv>:)
[19:05]<gnnzv>1289 prefixes, not bad :p
[19:06]<gndyvx>for a small SP/ISP not bad at all
[19:07]<pypypy>TWTC as in Time Warner ?
[19:07]<pypypy>i doubt your going to say Yes, im just double checking
[19:07]<vd2r>anyone have visio? zoom in 2000% on a media converter. it's under network devices stencils. it's hilarious. they have the LEDs and stuff, the label with power requirements, etc.
[19:08]<gnnzv>you don't aggregate your prefixes! cheating :p
[19:08]<jygc>Heh, has anyone ever got this message ? *Mar 7 01:46:09: NAT: ipnat_allocate_port: wanted 48801 got 1072
[19:08]<pypypy>ok no you are Time Warner
[19:08]<gndyvx>PiPiPi: Time Warner Telecom
[19:08]<jygc>Actually, it breaks PAT.
[19:08]<pypypy>yeah
[19:08]<gndyvx>which is not Time Warner
[19:08]<pypypy>OrgName: Time Warner Telecom, Inc.
[19:08]<gnnzv>still, your defenition of small it rather strange, I don't even want to know what you consider big :p
[19:08]<pypypy>oh
[19:08]<pypypy>i didn't know that
[19:09]<gndyvx>we only share a name, nothing else
[19:09]<vd2r>twtc are not near as retarded as tw.
[19:09]<gndyvx>all we do is telecom too
[19:09]<vd2r>I was just talking to a twtc guy putting in a ds3 over here, he was fairly up to speed.
[19:09]<gndyvx>we don't own warner brothers or aol or whatelse
[19:10]<pypypy>right, gotya
[19:10]<pypypy>i was just confused for a second there :P
[19:10]<pypypy>your not pretty small by the looks of you
[19:10]<pypypy>i would consider you Mid-size
[19:10]<pypypy>but i could be wrong
[19:10]<gndyvx>well, alright mid-sized
[19:10]<gndyvx>we take the scrap from the big guys :)
[19:10]<vd2r>small medium.
[19:11]<vd2r>reminds me of a red green joke. what's a meeting building for midget clairvoyants called? small medium lodge.
[19:15]<zzwffzdnz>its wierd
[19:27]<xud2jfv>I seem to remember that there were some restrictions on which VLANs I can use as a management VLAN for catalyst 2900 switches. Something like the management VLAN can only be VLAN 1. Am I right there?
[19:30]<vcul>humbolt, show vlan should give you that information
[19:37]<gndyvx>humbolt: it dones't have to be vlan 1
[19:37]<gndyvx>but there are certain things that only work over vlan 1
[19:38]<vd2r>doesn't cdp sometimes require vlan1?
[19:39]<gndyvx>vtp is one that comes to mind
[19:39]<dffnw>I think management can be on any vlan between 1-1005, it just has to be set as the native vlan, hence, no encapsulation on that vlan
[19:39]<gndyvx>native vlan doesn't apply, as that is only on trunks
[19:40]<dffnw>well, whats the point of a management vlan if you are not trunking?
[19:44]<gndyvx>mplex: you can have multiple vlans across one switch
[19:46]<dffnw>true, but in that case, I wouldnt worry about it much
[19:47]<gndyvx>anywho, the native vlan that you choose doesn't have to match the native vlan
[19:47]<gndyvx>er the management vlan
[19:48]<dffnw>thats true too, but it is best practice
[19:48]<dffnw>that way if you lose your vtp db or something along those lines, you can get to your devices
[19:48]<gndyvx>vtp always uses vlan 1
[19:48]<gndyvx>it doesn't quite care if it is tagged or not
[19:50]<dffnw>I didnt know it was vlan1 only, but I still think management should always be untagged, in general
[19:50]<pzgrcdgf>need some help on better understanding vlan's. if i would have port 24 in trunk mode, vlans 10 (Default), 20, 30 and I would put in an untagged packet into port 24, would it be spit out on all vlan's, or only on the default vlan 10?
[19:50]<pzgrcdgf>err all vlan's being vlan's 10, 20 & 30
[19:50]<gndyvx>freakynl: it would appear on vlan 24's native vlan
[19:50]<gndyvx>which is 1 by default
[19:50]<dffnw>bbl, work...
[19:51]<pzgrcdgf>nemith: hmm essentially i'm screwed then, unless my firewall starts unstanding vlan's :/
[19:52]<pzgrcdgf>thx
[19:52]<gndyvx>right
[19:52]<gndyvx>you will need a layer 3 device to route between vlans
[19:52]<vcul>doesn't dot1q use 1023 rather than 1?
[19:54]<gndyvx>for what?
[19:54]<gndyvx>native vlan? no
[19:55]<pzgrcdgf>well i have a managed switch (dell tho' :D) but the idea was we could seperate hosts based on their subnet and port, only the firewall doesn't support vlan's, so we figured we just put the firewall port in all vlan's, so it would be able to communicate with all of them disallowing it to route between them, next to that, at the end of several ports there will be machines running vmware workstation (just for a while until we get enough customers to
[19:55]<pzgrcdgf>think we'll just have to drop the vlan's for now :/
[19:56]<vcul>you can do that
[19:56]<gndyvx>swtichport mutli vlan is not a good answer
[19:56]<gndyvx>and should never be used
[19:56]<pzgrcdgf>until there's esx and a firewall with vlan support, unless one of you guys has a solution
[19:56]<vcul>the firewall doesn't have to understand vlans if you put it in each vlan
[19:57]<gndyvx>well if you had 3 physical interfaces on your firewall
[19:57]<pzgrcdgf>tkup: well appearantly it does, cause nemith just stated that it will only go out on the default vlan, which would mean all other vlan's will never be able to communicate with the firewall. the packets from the other machines will get to the firewall, but the firewall can't get to them as it doesn't tag
[19:57]<pzgrcdgf>nemith: err, it are actually like 7 subnets :)
[19:58]<zzwffzdnz>i can buy a 2621 with 64mb ram / 8mb flash for 125 euro with 12.3 ip/fw/ids IOS.
[19:58]<pzgrcdgf>with 2 interfaces :)
[19:58]<zzwffzdnz>its worth it right?
[19:58]<gndyvx>what kind of firewall?
[19:58]<vcul>oh you need 7 ints
[19:58]<pzgrcdgf>nemith: smoothwall standard
[19:58]<pzgrcdgf>nemith: advanced has vlan's, but i'd still have huge issues with vmware
[19:58]<pzgrcdgf>until we switch to esx
[19:59]<gndyvx>yeah, vlans with esx works great
[19:59]<gndyvx>i've done it before
[19:59]<pzgrcdgf>then i can put ports in multiple vlan's and have vmware tag traffic from host 1 to vlan 20 and from host 2 to vlan 30 and do it on smoothwall based on the subnet it's destined for
[19:59]<pzgrcdgf>then it should be safe

Back to #cisco
Or go to some related logs:
#gentoo
#gentoo
#blender
#netbsd
#netbsd