Re: [cisco-ttl] Re: ATM

From: A.Murat BAYRAM (mbayram_at_yyu.edu.tr)
Date: Wed Oct 22 2003 - 10:12:27 GMT

  • Next message: Vehbi Emiroğlu: "[cisco-ttl] NAT"

    Default route pix'e yapiliyor cunku inside ve outside butun yonlendirmeler
    pix uzerinden saglaniyor. Sizin dediginiz gibi MYO'da 193.140.0.134'de
    default route yaptigimizda 7200'un disaridaki ethernet interface'i olan
    193.255.143.254'e ve 193.140.0.134'e (Ulaknet'in bizdeki 7200'e bagli serial
    interface) ping atamiyorum. routing 10.100.0.5'e olunca atilabiliyor.
    7200'de default route zaten 0.0.0.0 0.0.0.0 193.140.0.133 seklinde.
    10.100.0.254 vlanlarin tanimlandigi switchin ipsi. O route'u deneme için
    yapmıştık, su anda o satir yok...

    > merhaba,
    > >>>ip route 0.0.0.0 0.0.0.0 10.100.0.5 (bu pix'in ipsi)
    >
    > Default route u neden pix e yapıyorsunuz.MYO nda 193.140.0.134 e
    > yapsanız 7200 de de 193.140.0.133 e yapsanız internet için sorun
    > çıkmaz sanırım. intranet için olan yönlendirmeyide 7200 de
    > ayarlarsınız.
    >
    >
    > ip route 10.200.0.0 255.255.0.0 10.100.0.254
    > 10.100.0.254 switch in ipsi mi?
    >
    >
    >
    >
    >
    > --- In cisco-ttl_at_yahoogroups.com, "A.Murat BAYRAM" <mbayram_at_y...>
    > wrote:
    > > Bir nat problemiyle sayfalar dolusu ilgilenildi, bizim sorunumuza
    > tek bir
    > > harf cevap gelmedi. Kiskandim dogrusu. :(
    > > Bu sorunumuzla ilgilenecek yok muu...?
    > >
    > >
    > > > Merhaba,
    > > >
    > > > Merkezimizden uzak birimlere 7200 router ile ATM
    > > > baglanti mevcut. ayni hat uzerinden ayni zamanda ULAKNET'e
    > bagliyiz.
    > > > Pix Firewall kullaniyoruz. Ancak diger birimleri iceri
    > > > yonlendirdikten sonra disariya cikamiyorlar. Birimlerin
    > routerindan
    > > > ulaknetin bagli oldugu 193.140.0.134 bacagina ping atilabiliyor,
    > > > ancak bu routerlardan disariya trace yapildiginda mesela; > >
    > MUS_SAGLIK_MYO#trace 212.156.4.4 > > > > Type escape sequence to abort.
    > > > Tracing the route to 212.156.4.4
    > > >
    > > > 1 10.200.30.1 64 msec 68 msec 64 msec
    > > > 2 * * *
    > > > seklinde devam ediyor. Buradaki kullancilarin disari
    > erisebilmeleri
    > > > icin iceriye proxy server kurmak zorunda kaldik, proxyde sorun
    > > > cikinca baglantilari da kesilmis oluyor. İlker Temir Bey dot1q
    > > > destegi olan bir switch kullaniyorsak, fastethernet0/0da iki
    > > > subinterface tanimlayip bunlardan birini switchte firewall
    > internal,
    > > > digerini de externala koymamizi onermisti. 6006 core switch
    > > > kullaniyoruz. sh ver asagidaki sekilde.. Boylece birimlerden
    > (yani
    > > > Meslek Yuksek Okullarindan -MYO-) gelen trafigi 7200 uzerinde
    > PBR
    > > > (ip policy route-map) kullanarak firewall'in internal ayagina
    > > > yonlendirirsiniz. Bu yontemle MYO'lari bir anlamda internal
    > > > networkunuzun parcasi haline getirmis olursunuz demisti.
    > > >
    > > > VYY_6506 sh ver
    > > > WS-C6006 Software, Version NmpSW: 5.5(1)
    > > > Copyright (c) 1995-2000 by Cisco Systems
    > > > NMP S/W compiled on Jun 8 2000, 21:09:45
    > > >
    > > > System Bootstrap Version: 5.3(1)
    > > >
    > > > Hardware Version: 2.0 Model: WS-C6006 Serial #: TBA04510859
    > > >
    > > > Mod Port Model Serial # Versions
    > > > --- ---- ------------------- ----------- -----------------------
    > --
    > ----------
    > > --
    > > > -
    > > > 1 2 WS-X6K-SUP1A-2GE SAD05020DAT Hw : 7.0
    > > > Fw : 5.3(1)
    > > > Fw1: 5.4(2)
    > > > Sw : 5.5(1)
    > > > Sw1: 5.5(1)
    > > > L3 Switching Engine SAD05020F26 Hw : 1.1
    > > > 3 16 WS-X6416-GBIC SAD043609TJ Hw : 1.2
    > > > Fw : 5.4(2)
    > > > Sw : 5.5(1)
    > > > 4 48 WS-X6348-RJ-45 SAL044111CT Hw : 1.4
    > > > Fw : 5.4(2)
    > > > Sw : 5.5(1)
    > > > 15 1 WS-F6K-MSFC2 SAD05020HPZ Hw : 1.1
    > > > Fw : 12.1(2)E,
    > > > Sw : 12.1(2)E,
    > > >
    > > > DRAM FLASH NVRAM
    > > > Module Total Used Free Total Used Free Total
    > Used Free
    > > > ------ ------- ------- ------- ------- ------- ------- ----- ---
    > --
    > -----
    > > > 1 65408K 38689K 26719K 16384K 6925K 9459K 512K
    > 230K 282K
    > > >
    > > > Uptime is 237 days, 21 hours, 7 minutes
    > > > ---------------------------------------------------------
    > > >
    > > > Peki bunun icin, hem 7200'e hem switche uygulayabilecegimiz bir
    > > > konfigurasyon ornegi yardiminda bulunabilir misiniz? 7200
    > routerin
    > > > sh ver ciktisi ve confu ile bir Yuksek Okulun confu asagidaki
    > sekilde...
    > > >
    > > > > >
    > > > > > VanYYU#sh ver
    > > > > > Cisco Internetwork Operating System Software
    > > > > > IOS (tm) 7200 Software (C7200-IS-M), Version 12.1(9)E3,
    > EARLY
    > > DEPLOYMENT
    > > > > > RELEASE SOFTWARE (fc1)
    > > > > > TAC Support: http://www.cisco.com/tac
    > > > > > Copyright (c) 1986-2002 by cisco Systems, Inc.
    > > > > > Compiled Mon 11-Feb-02 20:39 by eaarmas
    > > > > > Image text-base: 0x60008950, data-base: 0x61178000
    > > > > >
    > > > > > ROM: System Bootstrap, Version 12.2(4r)B2, RELEASE SOFTWARE
    > (fc2) > > > > BOOTLDR: 7200 Software (C7200-KBOOT-M), Version
    > 12.1(8a)E, EARLY > > DEPLOYMENT > > > > RELEASE SOFTWARE (fc1) >
    > > > > > > > > VanYYU uptime is 2 weeks, 2 hours, 35 minutes > > >
    > > System returned to ROM by reload
    > > > > > System restarted at 10:43:52 UTC Sun Aug 31 2003 > > > >
    > System image file is "disk0:c7200-is-mz.121-9.E3.bin" > > > > > >
    > > > cisco 7206VXR (NPE400) processor (revision A) with
    > 114688K/16384K > bytes > > of > > > > memory. > > > > Processor
    > board ID 26807173 > > > > R7000 CPU at 350Mhz, Implementation 39,
    > Rev 3.3, 256KB L2, 4096KB L3 > > Cache > > > > 6 slot VXR
    > midplane, Version 2.6 > > > > > > > > Last reset from power-on >
    > > > > G.703/E1 software, Version 1.0. > > > > G.703/JT2 software,
    > Version 1.0. > > > > Bridging software. > > > > X.25 software,
    > Version 3.0.0. > > > > 2 FastEthernet/IEEE 802.3 interface(s) > >
    > > > 4 Serial network interface(s) > > > > 1 ATM network
    > interface(s) > > > > 125K bytes of non-volatile configuration
    > memory. > > > > > > > > 47040K bytes of ATA PCMCIA card at slot 0
    > (Sector size 512 bytes). > > > > 8192K bytes of Flash internal
    > SIMM (Sector size 256K). > > > > Configuration register is 0x2102 >
    > > > > ------------------------------------------------------ > > >
    > > VanYYU# sh run > > > > > > > > Building configuration... > > >
    > > > > > > Current configuration : 2238 bytes > > > > !
    > > > > > ! Last configuration change at 12:37:19 UTC Sun Sep 14 2003
    > > > > > ! NVRAM config last updated at 11:46:27 UTC Sun Sep 14
    > 2003 > > > > ! > > > > version 12.1 > > > > service timestamps
    > debug uptime > > > > service timestamps log uptime > > > > service
    > password-encryption > > > > ! > > > > hostname VanYYU > > > > ! >
    > > > > enable password 7 ********* > > > > ! > > > > ip subnet-
    > zero > > > > ip cef > > > > ! > > > > ! > > > > ! > > > > ! > >
    > > > ! > > > > ! > > > > > > > > ! > > > > interface FastEthernet0/0
    > > > > > description connected to FIREWALL OUTSIDE
    > > > > > ip address 193.255.143.254 255.255.255.0
    > > > > > duplex auto
    > > > > > speed auto
    > > > > > !
    > > > > > interface FastEthernet0/1
    > > > > > description buradan core switche bir baglanti yaptik
    > > > > > ip address 10.100.0.200 255.255.255.0
    > > > > > duplex auto
    > > > > > speed auto
    > > > > > !
    > > > > > interface Serial2/0
    > > > > > no ip address
    > > > > > encapsulation atm-dxi
    > > > > > no keepalive
    > > > > > serial restart-delay 0
    > > > > > !
    > > > > > interface Serial2/1
    > > > > > no ip address
    > > > > > shutdown
    > > > > > serial restart-delay 0
    > > > > > !
    > > > > > interface Serial2/2
    > > > > > no ip address
    > > > > > shutdown
    > > > > > serial restart-delay 0
    > > > > > !
    > > > > > interface Serial2/3
    > > > > > no ip address
    > > > > > shutdown
    > > > > > serial restart-delay 0
    > > > > > !
    > > > > > interface ATM3/0
    > > > > > bandwidth 8129
    > > > > > ip address 193.140.0.134 255.255.255.252
    > > > > > no atm sonet ilmi-keepalive
    > > > > > no atm ilmi-keepalive
    > > > > > pvc 0/34
    > > > > > protocol ip 193.140.0.133
    > > > > > encapsulation aal5snap
    > > > > > !
    > > > > > !
    > > > > > interface ATM3/0.1 point-to-point
    > > > > > description Bitlis MYO
    > > > > > ip address 10.200.50.1 255.255.255.0
    > > > > > pvc 0/151
    > > > > > protocol ip 10.200.50.2
    > > > > > encapsulation aal5snap
    > > > > > !
    > > > > > !
    > > > > > interface ATM3/0.2 point-to-point
    > > > > > description Mus MYO
    > > > > > ip address 10.200.30.1 255.255.255.0
    > > > > > pvc 0/35
    > > > > > protocol ip 10.200.30.2
    > > > > > broadcast
    > > > > > encapsulation aal5snap
    > > > > > !
    > > > > > !
    > > > > > interface ATM3/0.3 point-to-point
    > > > > > description Hakkari MYO
    > > > > > ip address 10.200.40.1 255.255.255.0
    > > > > > pvc 0/36
    > > > > > protocol ip 10.200.40.2
    > > > > > broadcast
    > > > > > encapsulation aal5snap
    > > > > > !
    > > > > > !
    > > > > > interface Virtual-Template2
    > > > > > no ip address
    > > > > > !
    > > > > > router eigrp 100
    > > > > > network 10.0.0.0
    > > > > > no auto-summary
    > > > > > no eigrp log-neighbor-changes
    > > > > > !
    > > > > > ip classless
    > > > > > ip route 0.0.0.0 0.0.0.0 193.140.0.133
    > > > > > ip route 10.200.0.0 255.255.0.0 10.100.0.254
    > > > > > no ip http server
    > > > > > !
    > > > > > ip access-list logging interval 3
    > > > > > snmp-server community *** RO
    > > > > > snmp-server community *** RW
    > > > > > snmp-server contact webmaster_at_y...
    > > > > > snmp-server host 10.140.0.5 ****
    > > > > > banner login ^CWelcome Van Yuzuncu Yil Universitesi
    > Router^C > > > > ! > > > > line con 0 > > > > line aux 0 > > > >
    > line vty 0 4 > > > > exec-timeout 0 0 > > > > password 7 ***********
    > > > > > login
    > > > > > line vty 5 15
    > > > > > password 7 ***********
    > > > > > login
    > > > > > !
    > > > > > end
    > > > > >
    > > > > > -----------------------------------------------------------
    > --
    > --------
    > > > > > MUS_SAGLIK_MYO#sh run
    > > > > > Building configuration...
    > > > > >
    > > > > > Current configuration : 1894 bytes
    > > > > > !
    > > > > > version 12.1
    > > > > > service timestamps debug uptime
    > > > > > service timestamps log uptime
    > > > > > no service password-encryption
    > > > > > !
    > > > > > hostname MUS_SAGLIK_MYO
    > > > > > !
    > > > > > enable password ****
    > > > > > !
    > > > > > !
    > > > > > !
    > > > > > !
    > > > > > !
    > > > > > memory-size iomem 25
    > > > > > ip subnet-zero
    > > > > > no ip finger
    > > > > > no ip domain-lookup
    > > > > > !
    > > > > > !
    > > > > > !
    > > > > > interface Serial0
    > > > > > no ip address
    > > > > > encapsulation frame-relay IETF
    > > > > > frame-relay lmi-type ansi
    > > > > > !
    > > > > > interface Serial0.1 point-to-point
    > > > > > ip address 10.200.30.2 255.255.255.0
    > > > > > frame-relay interface-dlci 35
    > > > > > !
    > > > > > interface Serial1
    > > > > > no ip address
    > > > > > no keepalive
    > > > > > shutdown
    > > > > > !
    > > > > > interface FastEthernet0
    > > > > > ip address 10.1.30.254 255.255.255.0
    > > > > > speed auto
    > > > > > !
    > > > > > router eigrp 100
    > > > > > network 10.0.0.0
    > > > > > no auto-summary
    > > > > > no eigrp log-neighbor-changes
    > > > > > !
    > > > > > ip classless
    > > > > > ip route 0.0.0.0 0.0.0.0 10.100.0.5 (bu pix'in ipsi)
    > > > > > no ip http server
    > > > > > !
    > > > > > snmp-server community *** RW
    > > > > > snmp-server community *** RO
    > > > > > banner login ^CMUS SAGLiK^C
    > > > > > !
    > > > > > line con 0
    > > > > > transport input none
    > > > > > line aux 0
    > > > > > line vty 0 4
    > > > > > password ***
    > > > > > login
    > > > > > !
    > > > > > end
    > > > > >
    > > >
    > > > Tesekkurler...
    > > >
    > > >
    > > > Bu listenin Cisco Systems ile dogrudan herhangi bir baglantisi
    > > > bulunmamaktadir.
    > > >
    > > > Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com
    > adresine
    > > > bir e-posta gönderebilirsiniz.
    > > >
    > > > Your use of Yahoo! Groups is subject to
    > > > http://docs.yahoo.com/info/terms/
    > > ------- End of Original Message -------
    >
    >
    >
    > Yahoo! Groups Sponsor
    >
    > ADVERTISEMENT
    >
    >
    > Bu listenin Cisco Systems ile dogrudan herhangi bir baglantisi
    > bulunmamaktadir.
    >
    > Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine
    > bir e-posta gönderebilirsiniz.
    >
    > Your use of Yahoo! Groups is subject to the Yahoo! Terms of
    > Service.
    ------- End of Original Message -------

    ------------------------ Yahoo! Groups Sponsor ---------------------~-->
    Buy Ink Cartridges or Refill Kits for your HP, Epson, Canon or Lexmark
    Printer at MyInks.com. Free s/h on orders $50 or more to the US & Canada.
    http://www.c1tracking.com/l.asp?cid=5511
    http://us.click.yahoo.com/mOAaAA/3exGAA/qnsNAA/26EolB/TM
    ---------------------------------------------------------------------~->

    Bu listenin Cisco Systems ile dogrudan herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

    Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/



    This archive was generated by hypermail 2.1.5 : Wed Oct 22 2003 - 14:32:19 GMT