IRC Networks
Irc Logs Stats
Start date: 2007-09-27 02:48:27
Last update: 2008-10-24 20:19:38
Channels: 41
Logged Lines: 6230436
Size: 1834.24 MB
Powered by
Channel Info
Network: freenodeChannel: #cisco |
Search in www.irclog.org
Log from #cisco at freenode 2006-05-27
[16:34]<vwcd>DouXXX: ip subnet-zero is the default since 12.0.
[16:35]<djuxxx>ok i have another Q
[16:36]<djuxxx>speaking of bin files.. what's the difference between js and c-l??
[16:36]<djuxxx>c2500-c-l.120.4.bin
[16:36]<djuxxx>c2500.js-l.120-10.bin
[16:37]<vwcd>features.
[16:37]<djuxxx>i m afraid to install the wrong bin....
[16:37]<drvxyrsc>DouXXX: comapre them at http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp
[16:37]<drvxyrsc>compare
[16:38]<djuxxx>i bought 2503 router off ebay and it comes with a whole collection of c2500 bin files
[16:38]<djuxxx>in a cd
[16:40]<ydlnvyrj__>nice.
[16:40]<ydlnvyrj__>i did the same for my 5th 2500
[16:40]<ydlnvyrj__>it came with a BRITISH power supply :S
[16:41]<djuxxx>there has to be like over 20 bin files and i cant decide what to use lol
[16:41]<_amjr>research the feature packs on each image
[16:41]<_amjr>less is better, contrary to popular belief
[16:42]<_amjr>especially on a 2500
[16:42]<djuxxx>how much did u pay for your 2500?
[16:42]<djuxxx>40 here ;)
[16:45]<djuxxx>can you set up ipsec on 2500?
[16:51]<djuxxx>it's awfully quiet here
[16:52]<djuxxx>ok i have the bin file for 2500 "enterprise/fw plus ipsec 56 12.1(5)
[16:52]<djuxxx>so i can set up ipsec vpn tunnels?
[16:56]<ydlnvyrj__>layers 1,2,3,4,5,6,7
[16:56]<djuxxx>?
[16:56]<djuxxx>nobody havent answered my Q
[16:58]<ydlnvyrj__>where u settin' up ipsec? and vpn?
[18:42]<mzgsxvz>what exactly this means on a pix:
[18:42]<mzgsxvz>110001: No route to 172.16.20.20 from 195.1.1.1
[18:47]<djuxxx>can i set up ipsec tunnel on 2500 routers?
[18:47]<mzgsxvz>DouXXX: you can
[18:47]<djuxxx>some people says it cant, some can
[18:47]<djuxxx>i m confused
[18:48]<mzgsxvz>If you have the right IOS, then you can do it
[18:49]<mzgsxvz>IOS (tm) 2500 Software (C2500-JK8OS-L), Version 12.2(1d), RELEASE SOFTWARE (fc1)
[18:49]<mzgsxvz>BB2(config)#crypto ipsec ?
[18:49]<mzgsxvz> security-association Security association parameters
[18:49]<mzgsxvz> transform-set Define transform and settings
[18:49]<djuxxx>ok ur the man
[18:50]<mzgsxvz>but you you will have problems with the CPU with heavy loads
[18:50]<ydlnvyrj__>:S
[18:50]<mzgsxvz>no pix people here :(
[18:50]<djuxxx>well it wont be a problem if i have like 3 users
[18:50]<djuxxx>will be using ipsec
[18:50]<djuxxx>right?
[18:50]<ydlnvyrj__>my 2500 adds so much latency even when i debug something such as nat
[18:51]<mzgsxvz>DouXXX: Its not the number tunnels, it how many packets are get encrypted/decrypted
[18:58]<djuxxx>what kind of cisco router should i get for IPsec?
[18:58]<djuxxx>that i dont have to worry bout cpu w/ heavy loads
[18:59]<fjzvxnz>if you want ipsec, get a pix firewall with an encryption accellerator.
[19:01]<djuxxx>501?
[19:02]<fjacmjwgq>on a pix you can't go out the same interface you came in on, the 501 only has 2 interfaces, if you want to vpn in to your ntework and thats all you are fine, if you want to be able to get back out it won't let you
[19:03]<mzgsxvz>DouXXX: how much traffic do you think you will have?
[19:03]<djuxxx>a lot
[19:04]<fjzvxnz>DouXXX: go with a 515E. You can add additional ethernet interfaces to them.
[19:06]<mzgsxvz>lockdown2: can you help me with pix routing problem
[19:06]<fjzvxnz>bbl.
[19:06]<mzgsxvz>DouXXX: 128K?
[19:08]<mzgsxvz>can i split E0 to vlans on 6.3?
[19:23]<mzgsxvz>it was a bug:CSCee75667
[20:08]<gnvvyn>hey guys, anyone know where is the correct place to apply a service policy for LLQ QoS please? the dialer interface or the atm interface?
[20:08]<gnvvyn>I have a cisco 877w
[20:09]<mzgsxvz>nemith: the dialer
[20:09]<mzgsxvz>ops
[20:09]<mzgsxvz>nettie: the dialer
[20:09]<gnvvyn>danshtr thanx, that's exaclty what I did but LLQ seems too permissive imho
[20:10]<qwnff>Would anybody happen to have a ccm (or similar) box, and feel like getting me one single line from an ethereal dump?
[20:10]<gnvvyn>I have a very limited outbound, we use it for voice as well and when ppl uplaod with ftp or send email the LLQ QoS works indeed but the data traffic still gets too much priority imho.
[20:12]<gnvvyn>danshtr do you know how could I enforce a more aggressive bandwidth takeover in the voice class?
[20:17]<qwnff>Nobody, eh? I can give you the command and all. :)
[20:17]<mzgsxvz>nettie: dont give LLQ to data
[20:17]<gnvvyn>danshtr I just have 1 voice class
[20:18]<gnvvyn>and class-default
[20:18]<gnvvyn>configured as fair queue
[20:18]<gnvvyn>the funny thing is that when I do a show policy-map interface di0
[20:18]<gnvvyn>I can see packets going around in the proper class the acl matches them as wel
[20:18]<gnvvyn>well
[20:19]<mzgsxvz>nettie: you will have to make sure you configure the right bandwidth on the diler interface
[20:19]<gnvvyn>but I dont see pkts matched/dropped in the respective queues
[20:19]<gnvvyn>I did
[20:19]<gnvvyn>at leas tI think :)
[20:19]<gnvvyn>I configured
[20:19]<gnvvyn>bandwidth 256
[20:20]<gnvvyn>and bandwidth receive 1280
[20:20]<gnvvyn>I put 192Kbit on the voice class
[20:20]<qwnff>Well, if anybody feels like helping out...I need the following command run, somewhere where the capture box can see the traffic between ccm and a skinny phone. tethereal -V -f "src port 2000 or dst port 2000" | grep -B2 SetRingerMessage
[20:21]<qwnff>I just need to know what "Data Length: " is for one single message.
[20:21]<mzgsxvz>Qwell: ask cisco. if you are a partner then you can ask cisco such question
[20:21]<qwnff>danshtr: I highly doubt they'd give me that information, without signing NDAs and such
[20:22]<fjacmjwgq>why would a field length require a NDA?
[20:22]<fjacmjwgq>its not code
[20:22]<mzgsxvz>Qwell: then wait for ccm5 SIP :)
[20:22]<qwnff>danshtr: not an option.
[20:22]<qwnff>SIP is easy, and open.
[20:22]<mzgsxvz>Qwell: I was joking
[20:22]<qwnff>:p
[20:23]<qwnff>I'm just trying to get my phone to not reset itself when I send it a ringing message.
[20:23]<gnvvyn>danshtr anything else I could check please? my phone shows me 160ms jitter :( I really dont know what else I could try.. doh
[20:23]<mzgsxvz>nemith: what is the load of the dialer interface?
