From: Gopala Naganab (netlanceconsulting@xxxxxxxxx)
Date: Fri Feb 09 2001 - 21:54:31 GMT-3
you need to have the matching encapsulation to be able
to see the ipx packets. so you must try your intf with
different encaps. use subintf to troubleshoot in one
shot.
rgds, gopal
--- Robert DeVito <robertdevito@hotmail.com> wrote:
> Any ideas on finding a unkown IPX network number and
> encap type? Would debug
> ipx packet details give the same results?
>
> Robert
>
>
> ----Original Message Follows----
> From: Gopala Naganab <netlanceconsulting@yahoo.com>
> Reply-To: Gopala Naganab
> <netlanceconsulting@yahoo.com>
> To: ccielab@groupstudy.com
> CC: devender.singh@cmc.cwo.net.au,
> ashort@wingedwheel.net
> Subject: ct: Re: BGP
> Date: Fri, 9 Feb 2001 16:14:39 -0800 (PST)
>
> sho ip pack detail ----->gave me the following.
>
> s2-r2-2500-2501C#u all
> All possible debugging has been turned off
> s2-r2-2500-2501C#deb ip pa det------------>DEBUG
> IP packet debugging is on (detailed)
> s2-r2-2500-2501C#
> 21:28:54: IP: s=142.108.10.8 (Ethernet0),
> d=142.108.10.7, len 44, rcvd 0------------> LOOK FOR
> S= ADDR
> 21:28:54: TCP src=11200, dst=179,
> seq=2225043935,
> ack=0, win=16384 SYN-------------->LOOK FOR DST=179
> TCP PORT FOR BGP
> 21:28:54: IP: s=142.108.10.7 (local), d=142.108.10.8
> (Ethernet0), len 40, sending
> 21:28:54: TCP src=179, dst=11200, seq=0,
> ack=2225043936, win=0 ACK RST
>
> SOURCE IP IS THE ONE YOU SHD USE IN NEIGHBOR CMND.
> DEST IP ADDR IS SUPPOSED TO BE 'UPDATE SOURCE' IN
> THE
> NEIGHBOR STATEMENT..
>
> CHEERS,
> GOPAL
>
>
>
> *****************
> If I knew the IP address, I would attempt to peer
> with
> it and then sniff
> the reply packets for the remote ASN. I don't know
> if
> that would work but
> I would TRY it. Also...there may are arin records
> on
> who owns which
> address space and you might be able to match THAT
> with
> an ASN as well.
>
> Not knowing the IP address...you'd have to make a
> few
> assumptions about
> the remote router's medium and work with that. If
> it's ethernet...ping
> the subnet broadcast to see if any routers return an
> icmp reply. If it's
> frame relay, try inverse arp...if it's ATM...you're
> on
> your own. =-)
>
> Also...look for the remote router trying to
> establish
> a session with your
> router, that would most definitely have the remote
> ASN
> in the packet.
>
>
> BUT...without knowledge of the IP and of the ASN's
> involved...you really
> SHOULDN'T be trying to establish a peering session.
> Unless it's for lab
> purposes. And I CAN tell you, that they do NOT
> withhold information from
> you in the lab that isn't TOO difficult to find out
> for yourself. =-)
>
>
> On Mon, 5 Feb 2001, Devender Singh wrote:
>
> > How would you know AS number of the remote AS,
> or/and also ip address. Given
> > that you cannot have any kind of access into the
> router and cdp is disabled.
> >
> > I donnot know. Any suggestions.
> >
> > Devender Singh
> > BE(Hons), CCNP
> > IP Solution Specialist
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:28:44 GMT-3