Re: [cisco-ttl] Re: ATM

From: Duncan Idaho (pegarider_at_yahoo.com)
Date: Wed Oct 22 2003 - 11:16:57 GMT

  • Next message: Coskun Kirac (ckirac): "RE: [cisco-ttl] Re: Router Belirli Araliklarla Reset Veriyor"

    Burda sorun MYO baglantilarinin router in oncesine gecmesi (PIX) e daha sonra tekrar routerdan ulaknet e cikmasi anladigim kadariyla . Def route core router olursa myo'lar firewall suz nete cikacaklar.
     
    Ilker'in soyledigi cozumun anladigim su. Routerin fastethernet portunda subinterface olusturuyoruz. ayni zamanda 802.1q destekleyen switchimizde pix in ic ve dis bacagi icin iki adet vlan yaratiyoruz (ya da var) . Switchde bir adet untagged portu configure edip router in fastethernetini buraya bagliyoruz. Dolayisiyla myo den internete gelen bir istek once core routerin fastethernet portuna gelecek burdan ilgili subinterface ile pix'e gidecek yine ayni sekilde diger subinterface uzerinde router a geri donecek ve internet.
     
    pasabakac <pasa.bakac_at_kaynet.net> wrote:
    merhaba,
    >>>ip route 0.0.0.0 0.0.0.0 10.100.0.5 (bu pix'in ipsi)

    Default route u neden pix e yapıyorsunuz.MYO nda 193.140.0.134 e
    yapsanız 7200 de de 193.140.0.133 e yapsanız internet için sorun
    çıkmaz sanırım. intranet için olan yönlendirmeyide 7200 de
    ayarlarsınız.

    ip route 10.200.0.0 255.255.0.0 10.100.0.254
    10.100.0.254 switch in ipsi mi? --- In cisco-ttl_at_yahoogroups.com, "A.Murat BAYRAM" <mbayram_at_y...>
    wrote:
    > Bir nat problemiyle sayfalar dolusu ilgilenildi, bizim sorunumuza
    tek bir
    > harf cevap gelmedi. Kiskandim dogrusu. :(
    > Bu sorunumuzla ilgilenecek yok muu...?
    >
    >
    > > Merhaba,
    > >
    > > Merkezimizden uzak birimlere 7200 router ile ATM
    > > baglanti mevcut. ayni hat uzerinden ayni zamanda ULAKNET'e
    bagliyiz.
    > > Pix Firewall kullaniyoruz. Ancak diger birimleri iceri
    > > yonlendirdikten sonra disariya cikamiyorlar. Birimlerin
    routerindan
    > > ulaknetin bagli oldugu 193.140.0.134 bacagina ping atilabiliyor,
    > > ancak bu routerlardan disariya trace yapildiginda mesela;
    > > MUS_SAGLIK_MYO#trace 212.156.4.4
    > >
    > > Type escape sequence to abort.
    > > Tracing the route to 212.156.4.4
    > >
    > > 1 10.200.30.1 64 msec 68 msec 64 msec
    > > 2 * * *
    > > seklinde devam ediyor. Buradaki kullancilarin disari
    erisebilmeleri
    > > icin iceriye proxy server kurmak zorunda kaldik, proxyde sorun
    > > cikinca baglantilari da kesilmis oluyor. İlker Temir Bey dot1q
    > > destegi olan bir switch kullaniyorsak, fastethernet0/0da iki
    > > subinterface tanimlayip bunlardan birini switchte firewall
    internal,
    > > digerini de externala koymamizi onermisti. 6006 core switch
    > > kullaniyoruz. sh ver asagidaki sekilde.. Boylece birimlerden
    (yani
    > > Meslek Yuksek Okullarindan -MYO-) gelen trafigi 7200 uzerinde
    PBR
    > > (ip policy route-map) kullanarak firewall'in internal ayagina
    > > yonlendirirsiniz. Bu yontemle MYO'lari bir anlamda internal
    > > networkunuzun parcasi haline getirmis olursunuz demisti.
    > >
    > > VYY_6506 sh ver
    > > WS-C6006 Software, Version NmpSW: 5.5(1)
    > > Copyright (c) 1995-2000 by Cisco Systems
    > > NMP S/W compiled on Jun 8 2000, 21:09:45
    > >
    > > System Bootstrap Version: 5.3(1)
    > >
    > > Hardware Version: 2.0 Model: WS-C6006 Serial #: TBA04510859
    > >
    > > Mod Port Model Serial # Versions
    > > --- ---- ------------------- ----------- -------------------------
    ----------
    > --
    > > -
    > > 1 2 WS-X6K-SUP1A-2GE SAD05020DAT Hw : 7.0
    > > Fw : 5.3(1)
    > > Fw1: 5.4(2)
    > > Sw : 5.5(1)
    > > Sw1: 5.5(1)
    > > L3 Switching Engine SAD05020F26 Hw : 1.1
    > > 3 16 WS-X6416-GBIC SAD043609TJ Hw : 1.2
    > > Fw : 5.4(2)
    > > Sw : 5.5(1)
    > > 4 48 WS-X6348-RJ-45 SAL044111CT Hw : 1.4
    > > Fw : 5.4(2)
    > > Sw : 5.5(1)
    > > 15 1 WS-F6K-MSFC2 SAD05020HPZ Hw : 1.1
    > > Fw : 12.1(2)E,
    > > Sw : 12.1(2)E,
    > >
    > > DRAM FLASH NVRAM
    > > Module Total Used Free Total Used Free Total
    Used Free
    > > ------ ------- ------- ------- ------- ------- ------- ----- -----
    -----
    > > 1 65408K 38689K 26719K 16384K 6925K 9459K 512K
    230K 282K
    > >
    > > Uptime is 237 days, 21 hours, 7 minutes
    > > ---------------------------------------------------------
    > >
    > > Peki bunun icin, hem 7200'e hem switche uygulayabilecegimiz bir
    > > konfigurasyon ornegi yardiminda bulunabilir misiniz? 7200
    routerin
    > > sh ver ciktisi ve confu ile bir Yuksek Okulun confu asagidaki
    sekilde...
    > >
    > > > >
    > > > > VanYYU#sh ver
    > > > > Cisco Internetwork Operating System Software
    > > > > IOS (tm) 7200 Software (C7200-IS-M), Version 12.1(9)E3,
    EARLY
    > DEPLOYMENT
    > > > > RELEASE SOFTWARE (fc1)
    > > > > TAC Support: http://www.cisco.com/tac
    > > > > Copyright (c) 1986-2002 by cisco Systems, Inc.
    > > > > Compiled Mon 11-Feb-02 20:39 by eaarmas
    > > > > Image text-base: 0x60008950, data-base: 0x61178000
    > > > >
    > > > > ROM: System Bootstrap, Version 12.2(4r)B2, RELEASE SOFTWARE
    (fc2)
    > > > > BOOTLDR: 7200 Software (C7200-KBOOT-M), Version 12.1(8a)E,
    EARLY
    > > DEPLOYMENT
    > > > > RELEASE SOFTWARE (fc1)
    > > > >
    > > > > VanYYU uptime is 2 weeks, 2 hours, 35 minutes
    > > > > System returned to ROM by reload
    > > > > System restarted at 10:43:52 UTC Sun Aug 31 2003
    > > > > System image file is "disk0:c7200-is-mz.121-9.E3.bin"
    > > > >
    > > > > cisco 7206VXR (NPE400) processor (revision A) with
    114688K/16384K
    > bytes
    > > of
    > > > > memory.
    > > > > Processor board ID 26807173
    > > > > R7000 CPU at 350Mhz, Implementation 39, Rev 3.3, 256KB L2,
    4096KB L3
    > > Cache
    > > > > 6 slot VXR midplane, Version 2.6
    > > > >
    > > > > Last reset from power-on
    > > > > G.703/E1 software, Version 1.0.
    > > > > G.703/JT2 software, Version 1.0.
    > > > > Bridging software.
    > > > > X.25 software, Version 3.0.0.
    > > > > 2 FastEthernet/IEEE 802.3 interface(s)
    > > > > 4 Serial network interface(s)
    > > > > 1 ATM network interface(s)
    > > > > 125K bytes of non-volatile configuration memory.
    > > > >
    > > > > 47040K bytes of ATA PCMCIA card at slot 0 (Sector size 512
    bytes).
    > > > > 8192K bytes of Flash internal SIMM (Sector size 256K).
    > > > > Configuration register is 0x2102
    > > > > ------------------------------------------------------
    > > > > VanYYU# sh run
    > > > >
    > > > > Building configuration...
    > > > >
    > > > > Current configuration : 2238 bytes
    > > > > !
    > > > > ! Last configuration change at 12:37:19 UTC Sun Sep 14 2003
    > > > > ! NVRAM config last updated at 11:46:27 UTC Sun Sep 14 2003
    > > > > !
    > > > > version 12.1
    > > > > service timestamps debug uptime
    > > > > service timestamps log uptime
    > > > > service password-encryption
    > > > > !
    > > > > hostname VanYYU
    > > > > !
    > > > > enable password 7 *********
    > > > > !
    > > > > ip subnet-zero
    > > > > ip cef
    > > > > !
    > > > > !
    > > > > !
    > > > > !
    > > > > !
    > > > > !
    > > > >
    > > > > !
    > > > > interface FastEthernet0/0
    > > > > description connected to FIREWALL OUTSIDE
    > > > > ip address 193.255.143.254 255.255.255.0
    > > > > duplex auto
    > > > > speed auto
    > > > > !
    > > > > interface FastEthernet0/1
    > > > > description buradan core switche bir baglanti yaptik
    > > > > ip address 10.100.0.200 255.255.255.0
    > > > > duplex auto
    > > > > speed auto
    > > > > !
    > > > > interface Serial2/0
    > > > > no ip address
    > > > > encapsulation atm-dxi
    > > > > no keepalive
    > > > > serial restart-delay 0
    > > > > !
    > > > > interface Serial2/1
    > > > > no ip address
    > > > > shutdown
    > > > > serial restart-delay 0
    > > > > !
    > > > > interface Serial2/2
    > > > > no ip address
    > > > > shutdown
    > > > > serial restart-delay 0
    > > > > !
    > > > > interface Serial2/3
    > > > > no ip address
    > > > > shutdown
    > > > > serial restart-delay 0
    > > > > !
    > > > > interface ATM3/0
    > > > > bandwidth 8129
    > > > > ip address 193.140.0.134 255.255.255.252
    > > > > no atm sonet ilmi-keepalive
    > > > > no atm ilmi-keepalive
    > > > > pvc 0/34
    > > > > protocol ip 193.140.0.133
    > > > > encapsulation aal5snap
    > > > > !
    > > > > !
    > > > > interface ATM3/0.1 point-to-point
    > > > > description Bitlis MYO
    > > > > ip address 10.200.50.1 255.255.255.0
    > > > > pvc 0/151
    > > > > protocol ip 10.200.50.2
    > > > > encapsulation aal5snap
    > > > > !
    > > > > !
    > > > > interface ATM3/0.2 point-to-point
    > > > > description Mus MYO
    > > > > ip address 10.200.30.1 255.255.255.0
    > > > > pvc 0/35
    > > > > protocol ip 10.200.30.2
    > > > > broadcast
    > > > > encapsulation aal5snap
    > > > > !
    > > > > !
    > > > > interface ATM3/0.3 point-to-point
    > > > > description Hakkari MYO
    > > > > ip address 10.200.40.1 255.255.255.0
    > > > > pvc 0/36
    > > > > protocol ip 10.200.40.2
    > > > > broadcast
    > > > > encapsulation aal5snap
    > > > > !
    > > > > !
    > > > > interface Virtual-Template2
    > > > > no ip address
    > > > > !
    > > > > router eigrp 100
    > > > > network 10.0.0.0
    > > > > no auto-summary
    > > > > no eigrp log-neighbor-changes
    > > > > !
    > > > > ip classless
    > > > > ip route 0.0.0.0 0.0.0.0 193.140.0.133
    > > > > ip route 10.200.0.0 255.255.0.0 10.100.0.254
    > > > > no ip http server
    > > > > !
    > > > > ip access-list logging interval 3
    > > > > snmp-server community *** RO
    > > > > snmp-server community *** RW
    > > > > snmp-server contact webmaster_at_y...
    > > > > snmp-server host 10.140.0.5 ****
    > > > > banner login ^CWelcome Van Yuzuncu Yil Universitesi Router^C
    > > > > !
    > > > > line con 0
    > > > > line aux 0
    > > > > line vty 0 4
    > > > > exec-timeout 0 0
    > > > > password 7 ***********
    > > > > login
    > > > > line vty 5 15
    > > > > password 7 ***********
    > > > > login
    > > > > !
    > > > > end
    > > > >
    > > > > -------------------------------------------------------------
    --------
    > > > > MUS_SAGLIK_MYO#sh run
    > > > > Building configuration...
    > > > >
    > > > > Current configuration : 1894 bytes
    > > > > !
    > > > > version 12.1
    > > > > service timestamps debug uptime
    > > > > service timestamps log uptime
    > > > > no service password-encryption
    > > > > !
    > > > > hostname MUS_SAGLIK_MYO
    > > > > !
    > > > > enable password ****
    > > > > !
    > > > > !
    > > > > !
    > > > > !
    > > > > !
    > > > > memory-size iomem 25
    > > > > ip subnet-zero
    > > > > no ip finger
    > > > > no ip domain-lookup
    > > > > !
    > > > > !
    > > > > !
    > > > > interface Serial0
    > > > > no ip address
    > > > > encapsulation frame-relay IETF
    > > > > frame-relay lmi-type ansi
    > > > > !
    > > > > interface Serial0.1 point-to-point
    > > > > ip address 10.200.30.2 255.255.255.0
    > > > > frame-relay interface-dlci 35
    > > > > !
    > > > > interface Serial1
    > > > > no ip address
    > > > > no keepalive
    > > > > shutdown
    > > > > !
    > > > > interface FastEthernet0
    > > > > ip address 10.1.30.254 255.255.255.0
    > > > > speed auto
    > > > > !
    > > > > router eigrp 100
    > > > > network 10.0.0.0
    > > > > no auto-summary
    > > > > no eigrp log-neighbor-changes
    > > > > !
    > > > > ip classless
    > > > > ip route 0.0.0.0 0.0.0.0 10.100.0.5 (bu pix'in ipsi)
    > > > > no ip http server
    > > > > !
    > > > > snmp-server community *** RW
    > > > > snmp-server community *** RO
    > > > > banner login ^CMUS SAGLiK^C
    > > > > !
    > > > > line con 0
    > > > > transport input none
    > > > > line aux 0
    > > > > line vty 0 4
    > > > > password ***
    > > > > login
    > > > > !
    > > > > end
    > > > >
    > >
    > > Tesekkurler...
    > >
    > >
    > > Bu listenin Cisco Systems ile dogrudan herhangi bir baglantisi
    > > bulunmamaktadir.
    > >
    > > Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com
    adresine
    > > bir e-posta gönderebilirsiniz.
    > >
    > > Your use of Yahoo! Groups is subject to
    > > http://docs.yahoo.com/info/terms/
    > ------- End of Original Message -------

    Yahoo! Groups SponsorADVERTISEMENT

    Bu listenin Cisco Systems ile dogrudan herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

    Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.

    ---------------------------------
    Do you Yahoo!?
    The New Yahoo! Shopping - with improved product search



    This archive was generated by hypermail 2.1.5 : Wed Oct 22 2003 - 15:18:10 GMT