IRC Networks
Irc Logs Stats
Start date: 2007-09-27 02:48:27
Last update: 2008-10-24 20:19:38
Channels: 41
Logged Lines: 6230436
Size: 1834.15 MB
Powered by
Channel Info
Network: freenodeChannel: #cisco |
Search in www.irclog.org
Log from #cisco at freenode 2006-05-15
[22:51]<gndyvx>one is a slot the other is a port
[22:51]<dzzzzzzz>Where as old 5484 SX gbics were very easy to identify
[22:51]<dzzzzzzz>big rectangle is hard to miss
[22:51]<gndyvx>if you mistake them, you are a freaking idiot
[22:51]<gndyvx>:)
[22:53]<dzzzzzzz>LOL yeah
[22:53]<dzzzzzzz>just have to be careful with SX and LX
[22:57]<fjzvxnz-wjzc>what connectors do fiber sfps use? mtrj?
[22:58]<2zdsnpzz>LC
[22:58]<fjzvxnz-wjzc>lc, okay.
[22:58]<fjzvxnz-wjzc>there are too many different fiber terminations
[22:59]<dzzzzzzz>LC
[22:59]<dzzzzzzz>5484 = SC
[23:01]<dzzzzzzz>loather-work: u rite about that
[23:01]<fjzvxnz-wjzc>i have a bunch of 5484s at home
[23:02]<dzzzzzzz>u use them?
[23:02]<fjzvxnz-wjzc>three out of four, yeah
[23:02]<dzzzzzzz>at least that
[23:03]<dzzzzzzz>I got mainly all 2500x at home
[23:03]<dzzzzzzz>so no use for GBICs
[23:03]<fjzvxnz-wjzc>i've also got a couple copper GBICs but i rarely use them
[23:03]<dzzzzzzz>SFP?
[23:03]<fjzvxnz-wjzc>no, regular GBICs.
[23:04]<dzzzzzzz>they came in copper?
[23:04]<fjzvxnz-wjzc>yeah
[23:04]<dzzzzzzz>oh wow
[23:04]<dzzzzzzz>I've only been exposed to SX and LX
[23:04]<dzzzzzzz>copper stuff came in shape of a 3550-12G
[23:04]<dzzzzzzz>no
[23:04]<dzzzzzzz>12T
[23:04]<dzzzzzzz>sorry
[23:04]<dzzzzzzz>built in Copper 10/100/1000
[23:05]<fjzvxnz-wjzc>http://cgi.ebay.com/FREE-SHP-WS-G5483-Cisco-GBIC-1000Base-T-Copper-RJ-45_W0QQitemZ9724525368QQcategoryZ44996QQssPageNameZWDVWQQrdZ1QQcmdZViewItem
[23:06]<fjzvxnz-wjzc>(anyone who buys one at that ridiculous price needs to reconsider their ebay skills)
[23:06]<dzzzzzzz>oh ok
[23:06]<dzzzzzzz>yeah I've seen those
[23:06]<dzzzzzzz>lol I can prolly get an SFP at that price
[23:06]<jeeej>http://www.slash7.com/pages/vampires
[23:08]<dzzzzzzz>ozzzo:?
[23:08]<dzzzzzzz>lol
[23:09]<jeeej>from #cisco on undernet
[23:10]<jeeej>but it applies here too, they're everywhere
[23:10]<dzzzzzzz>hmm I guess
[23:16]<dzzc1lyvn>hey loather
[23:16]<dzzc1lyvn>is this a command..o
[23:16]<dzzc1lyvn>on the catos
[23:16]<dzzc1lyvn>show spantree blockedports?
[23:17]<fjzvxnz-wjzc>Yup.
[23:17]<fjzvxnz-wjzc>65091core> (enable) sh spantree blockedports
[23:17]<fjzvxnz-wjzc>Number of blocked ports (segments) in the system : 0
[23:18]<dzzc1lyvn>ahh cool
[23:18]<2zdsnpzz>loather-work: Is that catos?
[23:18]<fjzvxnz-wjzc>CatOS Software Release 7.6(1)
[23:19]<dzzc1lyvn>that's the latest?
[23:19]<fjzvxnz-wjzc>probably not, that switch has been running for almost four years without a reboot
[23:19]<dzzc1lyvn>haha
[23:19]<dzzc1lyvn>lol
[23:19]<dzzc1lyvn>Vulns vulns
[23:19]<dzzc1lyvn>holes
[23:19]<dzzc1lyvn>holes
[23:20]<fjzvxnz-wjzc>i'm sorry, almost three years.
[23:20]<fjzvxnz-wjzc>Uptime is 914 days, 6 hours, 34 minutes
[23:21]<dzzc1lyvn>Switch uptime is 19 weeks, 2 days, 11 hours, 14 minutes
[23:21]<af0um>from "almost four years" down to 2.5 :)
[23:22]<dzzc1lyvn>ohh
[23:22]<dzzc1lyvn>loather
[23:22]<dzzc1lyvn>it's available in IOS too
[23:22]<dzzc1lyvn>Switch#show spanning-tree blockedports
[23:22]<dzzc1lyvn>Name Blocked Interfaces List
[23:22]<dzzc1lyvn>-------------------- ------------------------------------
[23:22]<dzzc1lyvn>Number of blocked ports (segments) in the system : 0
[23:23]<kzfdzyzg>How do you dead-end private networks?
[23:23]<kzfdzyzg>Here's the problem. I have EIGRP distributing my internal (private-address) networks.
[23:24]<kzfdzyzg>Those networks within the private address space that are not in use (and therefore not distributed) hit the default routes.
[23:25]<kzfdzyzg>And, eventually, hit my border firewall.
[23:25]<fjzvxnz-wjzc>cl0ud: i was thinking of another piece of hardware -- i know i have one with >3 year uptime in here.
[23:25]<kzfdzyzg>There, they generate a log event that says, basically, that a packet sourced on an interface wants to go back out the same interface (the firewall does not participate in EIGRP and sends the entire private space back to the network).
[23:26]<kzfdzyzg>I want to kill all packets destined for undistributed networks within the private address space I use before they go anywhere - or, at least, kill them before they make a mess of the firewall ruleset.
[23:27]<kzfdzyzg>I could use an ACL, but that's messy. Is there a better way?
[23:27]<cxrjs>Kalmairn: you can use a route to null0 at the router just inside the firewall. any private addresses in the DMZ you static route toward the firewall
[23:28]<kzfdzyzg>Chaos: but it's a static, how do I make sure it doesn't override all the distributed routes in EIGRP?
[23:28]<cxrjs>any more specific routes are kept in the routing table.
[23:29]<kzfdzyzg>Sure, but the static wins the metric war.
[23:29]<cxrjs>so, route 10/8 to null0 but 10.1.1.0/24 will be in the routing table.
[23:30]<cxrjs>do you use auto-summary?
[23:30]<kzfdzyzg>no.
[23:31]<cxrjs>It should work then. More specific trumps general with a better metric.
[23:31]<kzfdzyzg>Hm, good point, didn't think about that.
[23:31]<kzfdzyzg>Specific to general, then low to high metric.
[23:32]<cxrjs>I PM'ed our eigrp setup and it works like that.
[23:34]<cxrjs>add your default route and your null routes. If you are not sure, check it out in a lab using 2 router.
[23:34]<cxrjs>(null route on one, specific route on other.
[23:34]<cxrjs>)
[23:35]<cxrjs>I will also conceed that our eigrp config could be cleaner. but even doing that, it should still work the same.
[23:42]<kzfdzyzg>form following function.
[23:42]<kzfdzyzg>It works, right?
[23:43]<kzfdzyzg>Oh, ok.
