IRC Logs

Network: freenode Channel: #cisco

	Enter your search terms Submit search form
	Web www.irclog.org

[00:00]<vd2r>ewww. a foreign language auto-away.
[00:00]<[mzvzyw]>lol
[00:05]<tyzznz-->Greetings!
[00:05]<tyzznz-->kinda quiet in here...
[00:06]<cjzyrn>Hello, how can i restrict the tftp servers that can be reached over a snmp trigger?
[00:07]<fjsvnf>koriaN: snmp-server tftp-server-list number_of_ACL_that_allows_your_tftp_and_blocks_everything_else
[00:08]<cjzyrn>wow! thanks!
[00:08]<fjsvnf>np
[00:10]<jeeej>kakaroto: do you have to do that?
[00:10]<jeeej>i can't stop you cuz I have no @, but I would sure appreciate it if you would tell your irc client to shut up
[00:10]<fjsvnf>kakaroto: http://sackheads.org/~bnaylor/spew/away_msgs.html
[00:13]<jeeej>nice url
[00:13]<tyzznz-->hehe
[00:16]<tyzznz-->quick n00b question... is asking for CCO stuff allowed on here?
[00:17]<fjsvnf>not without a support contract
[00:17]<jeeej>your looking for a place to download IOS?
[00:18]<jeeej>http://download.chinaitlab.com/cisco-ios.asp
[00:18]<jeeej>I personally would not download IOS from china; ymmv
[00:18]<cjzyrn>postel it works thanks :) bye
[00:18]<fjsvnf>im glad, take care :>
[00:19]<tyzznz-->Cisco IP Phone Stuff. Firmware I have already but was looking for locale files etc
[00:20]<vcul>ozzzo, other than the fact that it's illegal, why wouldn't you? just curious...
[00:20]<[mzvzyw]>Jeesh, can someone kick kakaroto.. that's annoying.
[00:21]<jeeej>same reason I wouldn't download executables from china and run them on my workstation
[00:21]<[mzvzyw]>thanks.
[00:22]<jeeej>i'm not picking on china, I wouldn't get IOS from anywhere besides Cisco
[00:23]<vcul>ozzzo, I don't think that binary code injection on an IOS bin file is possible, if that's what you're worried about
[00:23]<fjzvxnz-wjzc>why wouldn't it be?
[00:23]<fjzvxnz-wjzc>they just do a simple checksum
[00:23]<[mzvzyw]>Wouldn't be easy by any means, but certainly possible.
[00:24]<jeeej>i think that it woudl be possible to make a "hacked" ios and let people download it. Not easy, but possible; why take the chance?
[00:24]<fjzvxnz-wjzc>yeah, just decompress it, disassemble the binary
[00:25]<rnnyn>loather, did you ever try that? :)
[00:25]<fjsvnf>ozzzo: posting links with images for one person would only generate more people asking for them. Please don't do it.
[00:25]<vcul>loather-work, you have to recompute the crc and know how to inject it back in :)
[00:27]<vd2r>ok I have this STRANGE situation. vlan21 can't ping a host on vlan22. on vlan22 I set up an ip int (22.69) that can ping a host on vlan21. from the ip int 22.69 I -can- ping a host on vlan21. if I ping the host on vlan22 from vlan21, one ping succeeds and the rest fail.
[00:27]<rnnyn>recomputing crc is not a big deal. Editing the binary is a way bigger effort
[00:27]<2zrgvj-lw>anyone work for as#19262?
[00:27]<vcul>what's the chance of that :)
[00:27]<vcul>(working for the as)
[00:27]<2zrgvj-l2>it's verizon...
[00:27]<2zrgvj-l2>:)
[00:28]<vd2r>well he has a better chance asking here than in #donk3ypr0nz
[00:29]<fjzvxnz-wjzc>azzie: i've had jobs where i've had to do that before
[00:29]<vd2r>if I keep it between the ip ints for vlan21 and vlan22 then they pass all pings. grrr.
[00:29]<fjzvxnz-wjzc>not specifically IOS, but other firmware
[00:29]<[mzvzyw]>umm, missing a route somewhere?
[00:30]<[mzvzyw]>that one ping thing is pretty whack though
[00:30]<sag>P=0,2%
[00:30]<rnnyn>loather-work, so you know it would not be worth the effort of having another IP relaying your spam for what, few hours? :)
[00:30]<sag>i think
[00:31]<fjzvxnz-wjzc>azzie: depends on what you want to do with the haxx3d ios, obviously
[00:31]<[mzvzyw]>I'll confess, I've broken a few rules to set up some stuff in my lab before.
[00:31]<[mzvzyw]>lab != production
[00:33]<fjzvxnz-wjzc>i honestly don't think cisco has a problem with techs downloading ios for which they have no featureset license if they just want to learn the features in a lab environment (of course, I'm not cisco's legal department)
[00:33]<vd2r>the vlan21 and vlan22 l2 and l3 are run off of the same switch. they both show as directly connected off of the same multilayer switch.
[00:33]<[mzvzyw]>Hmm, can you post the relevant config?
[00:33]<vd2r>nope. proprietary.
[00:33]<fjzvxnz-wjzc>although, the second you put that stuff into production -- you had better damned well have your feature licenses
[00:35]<tyzznz-->cisco certainly don't make it easy especially as you already pay a premium for their hardware
[00:35]<vd2r>it's fairly vanilla though. there's hsrp on the 21 but not on the 22, that's about the only difference. aside from that they're just a pair of class C's
[00:35]<jeeej>hsrp can cause pings to act funny
[00:35]<[mzvzyw]>damn, accidentally close the channel
[00:36]<[mzvzyw]>with hsrp you get responses from the real IP
[00:36]<vd2r>yeah I've been using the real IP as the source interface in my pings
[00:37]<[mzvzyw]>http://vaderfortune.ytmnd.com/
[00:37]<[mzvzyw]>unrelated to anything, but funny
[00:37]<jeeej>usually, but I've seen issues pinging the real IP from devices connected to the routers
[00:37]<vd2r>and the hsrp is configured there, but there is no actual redundant anything anywhere, so it's basically just like an alternate ip
[00:39]<vd2r>you know since the hsrp isn't doing anything maybe I should just blow it away
[00:39]<jeeej>try removing the hsrp stuff and see if the problem goes away
[00:45]<vd2r>yes, no.
[00:45]<vd2r>I was doing exactly that before I saw that you typed it, heh.
[00:45]<z2zzvus>hey speaking of hsrp, i just setup a new one... but on both sides its stuck in the Init state
[00:46]<vd2r>it's still busted.
[00:46]<z2zzvus>is there a 'sho debug hsrp' or something?
[00:46]<z2zzvus>(obviously not that)
[00:47]<vd2r>you turn debug on and off, and then turn messages on and off to see the debug. if you're processing much traffic, beware of debug. it can drop a switch/router/whatever.
[00:48]<z2zzvus>yea that would totaly kill this thing, i've made that mistake before
[00:48]<vd2r>so I think (from memory) it'd be along the lines of debug ip hsrp; terminal monitor; (or config t; logging console; if you're in console)
[00:48]<z2zzvus>ahhh debug ip
[00:49]<vd2r>if you're specific enough in the debug, you can get away with it.
[00:49]<z2zzvus>drat, no debug ip hsrp
[00:49]<vd2r>debug standby. my bad.
[00:50]<vd2r>I knew it was someplace odd.
[00:50]<z2zzvus>ah hah!
[00:50]<z2zzvus>good call
[00:56]<vd2r>the thing that bugs me is I obviously route fine from one vlan to the other since I can ping using one vlan's ip to the other vlan's ip no problem. even set up a vlan interface on the remote switch so that I could ping to that from the other vlan and it works fine.
[01:01]<gndyvx>dude i need an assitant
[01:02]<[mzvzyw]>Sign me up for one of those also.
[01:16]<vd2r>so easy to take that sentence out of context. <nemith> dude i need an assistant ..... becomes <nemith> dude i need an ass .... becomes <nemith> dude i need ass
[01:16]<tyzznz-->hehehehhe
[01:16]<gndyvx>the last two are a givin
[01:17]<[mzvzyw]>Sign me up for some of that also.
[01:17]<gndyvx>you ever work and irc at the same time.. you type something in click on another window and then 5 minutes later return
[01:18]<[mzvzyw]>I have a dedicated IRC monitor.
[01:18]<gndyvx>you read the last line on the screen and say "What the hell is that guy trying to say, and then you see your name next to it"

Back to #cisco
Or go to some related logs:
#gentoo
#gentoo
#gentoo
#blender
#gentoo