j*y
2 楼
周末了
x*n
3 楼
不好意思,偷了个懒。我发包子答谢。
interface FastEthernet0/0
ip address 209.254.138.1 255.255.255.224 secondary
ip address 10.16.67.1 255.255.255.0
ip helper-address 10.16.64.20
no ip redirects
no ip proxy-arp
ip nat inside--------------------------
speed auto
half-duplex
no cdp enable
!
interface Serial0/0
bandwidth 1544
no ip address
no ip redirects
encapsulation frame-relay IETF
fair-queue 64 64 0
frame-relay lmi-type ansi
crypto map vpn
!
interface Serial0/0.1 point-to-point
ip address 209.254.131.50 255.255.255.252
ip nat outside----------------------------------------------------
no cdp enable
frame-relay interface-dlci 100
crypto map vpn
!
ip nat inside source list 101 interface Serial0/0.1 overload
ip nat inside source static tcp 10.16.67.42 1500 209.254.138.2 1500
extendable
ip nat inside source static udp 10.16.67.42 1500 209.254.138.2 1500
extendable
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0.1
!
no ip http server
ip http access-class 1
ip http authentication local
ip http secure-server
!
no logging trap
access-list 101 deny ip 10.16.67.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 101 permit ip 10.16.67.0 0.0.0.255 any
access-list 150 permit ip 10.16.67.0 0.0.0.255 10.0.0.0 0.255.255.255
no cdp run
我的理解是NAT只是ip的转换,router的fa0/0inside IP是10.16.67.1,outside就给他
一个代号,209.254.138.1。
那么ip nat inside source static tcp 10.16.67.42 1500 209.254.138.2 1500
extendable是什么意思呢?10.16.67.42是一个dhcp server,然后所有的LAN IP都通过
nat转成209.254.138.2?
interface FastEthernet0/0
ip address 209.254.138.1 255.255.255.224 secondary
ip address 10.16.67.1 255.255.255.0
ip helper-address 10.16.64.20
no ip redirects
no ip proxy-arp
ip nat inside--------------------------
speed auto
half-duplex
no cdp enable
!
interface Serial0/0
bandwidth 1544
no ip address
no ip redirects
encapsulation frame-relay IETF
fair-queue 64 64 0
frame-relay lmi-type ansi
crypto map vpn
!
interface Serial0/0.1 point-to-point
ip address 209.254.131.50 255.255.255.252
ip nat outside----------------------------------------------------
no cdp enable
frame-relay interface-dlci 100
crypto map vpn
!
ip nat inside source list 101 interface Serial0/0.1 overload
ip nat inside source static tcp 10.16.67.42 1500 209.254.138.2 1500
extendable
ip nat inside source static udp 10.16.67.42 1500 209.254.138.2 1500
extendable
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0.1
!
no ip http server
ip http access-class 1
ip http authentication local
ip http secure-server
!
no logging trap
access-list 101 deny ip 10.16.67.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 101 permit ip 10.16.67.0 0.0.0.255 any
access-list 150 permit ip 10.16.67.0 0.0.0.255 10.0.0.0 0.255.255.255
no cdp run
我的理解是NAT只是ip的转换,router的fa0/0inside IP是10.16.67.1,outside就给他
一个代号,209.254.138.1。
那么ip nat inside source static tcp 10.16.67.42 1500 209.254.138.2 1500
extendable是什么意思呢?10.16.67.42是一个dhcp server,然后所有的LAN IP都通过
nat转成209.254.138.2?
l*4
4 楼
找了这么久只有一个面试, 然后也没有下午的, 好歹也要是不是给我个邮件电话什么
的, 鼓励
一下嘛。
大家找工作的情况都一样么?
的, 鼓励
一下嘛。
大家找工作的情况都一样么?
d*h
5 楼
很一般,位置还不好
J*i
6 楼
add one more
【在 j**y 的大作中提到】
: 周末了
【在 j**y 的大作中提到】
: 周末了
x*n
7 楼
NAT具有block IP的作用么?还是只是换个IP?
B*d
8 楼
你啥背景啊?这个行业是不太好找。加油吧。
s*g
9 楼
First line of NAT configuration(ip nat inside) is called PAT, it is mostly
used for Internet access,i.e, flow can only be created when traffic is
initiated from inside, second and third line are called static NAT, your
client must have a TCP/UDP service running on port 1500 which can be
accessible from Internet. When there is a overlapping of NAT rules, static
translation rules take precedence.
PAT will provide basic security, but static NAT does not.
used for Internet access,i.e, flow can only be created when traffic is
initiated from inside, second and third line are called static NAT, your
client must have a TCP/UDP service running on port 1500 which can be
accessible from Internet. When there is a overlapping of NAT rules, static
translation rules take precedence.
PAT will provide basic security, but static NAT does not.
w*3
10 楼
example:
7 months, >100 resumes prepared, 2 onsites, 2 phonecalls,
just got an offer today
how many did u prepare?
【在 l*****4 的大作中提到】
: 找了这么久只有一个面试, 然后也没有下午的, 好歹也要是不是给我个邮件电话什么
: 的, 鼓励
: 一下嘛。
: 大家找工作的情况都一样么?
j*a
11 楼
wa kao, 这个配置好难,谁给小弟弟看看帮帮忙,我是不会。
【在 x*********n 的大作中提到】
: 不好意思,偷了个懒。我发包子答谢。
: interface FastEthernet0/0
: ip address 209.254.138.1 255.255.255.224 secondary
: ip address 10.16.67.1 255.255.255.0
: ip helper-address 10.16.64.20
: no ip redirects
: no ip proxy-arp
: ip nat inside--------------------------
: speed auto
: half-duplex
【在 x*********n 的大作中提到】
: 不好意思,偷了个懒。我发包子答谢。
: interface FastEthernet0/0
: ip address 209.254.138.1 255.255.255.224 secondary
: ip address 10.16.67.1 255.255.255.0
: ip helper-address 10.16.64.20
: no ip redirects
: no ip proxy-arp
: ip nat inside--------------------------
: speed auto
: half-duplex
l*4
12 楼
To bloooood, 我本科环境工程, 污水处理。 硕士水文。 发现没有什么position的
。
。
a*n
13 楼
what is not working?
the ip address 209.254.138.1 255.255.255.224 secondary
looks strange to me on the interface w/ ip nat inside
the ping will use the outgoing interface IP by default.
so if you ping 10.16.67.151, it will originate from fa0/0
primary IP. You can always specify the source int to be sure.
【在 x*********n 的大作中提到】
: 不好意思,偷了个懒。我发包子答谢。
: interface FastEthernet0/0
: ip address 209.254.138.1 255.255.255.224 secondary
: ip address 10.16.67.1 255.255.255.0
: ip helper-address 10.16.64.20
: no ip redirects
: no ip proxy-arp
: ip nat inside--------------------------
: speed auto
: half-duplex
the ip address 209.254.138.1 255.255.255.224 secondary
looks strange to me on the interface w/ ip nat inside
the ping will use the outgoing interface IP by default.
so if you ping 10.16.67.151, it will originate from fa0/0
primary IP. You can always specify the source int to be sure.
【在 x*********n 的大作中提到】
: 不好意思,偷了个懒。我发包子答谢。
: interface FastEthernet0/0
: ip address 209.254.138.1 255.255.255.224 secondary
: ip address 10.16.67.1 255.255.255.0
: ip helper-address 10.16.64.20
: no ip redirects
: no ip proxy-arp
: ip nat inside--------------------------
: speed auto
: half-duplex
l*4
14 楼
wawa,I think I have already submitted more than 100 right now.
one interview under the circumstance that I told them I will be in New York
during the time. Sign.
one interview under the circumstance that I told them I will be in New York
during the time. Sign.
x*n
15 楼
nothing is wrong,just copy from one customer site,and dont know it。
【在 a***n 的大作中提到】
: what is not working?
: the ip address 209.254.138.1 255.255.255.224 secondary
: looks strange to me on the interface w/ ip nat inside
: the ping will use the outgoing interface IP by default.
: so if you ping 10.16.67.151, it will originate from fa0/0
: primary IP. You can always specify the source int to be sure.
【在 a***n 的大作中提到】
: what is not working?
: the ip address 209.254.138.1 255.255.255.224 secondary
: looks strange to me on the interface w/ ip nat inside
: the ping will use the outgoing interface IP by default.
: so if you ping 10.16.67.151, it will originate from fa0/0
: primary IP. You can always specify the source int to be sure.
m*e
16 楼
恭喜啊
【在 w*****3 的大作中提到】
:
: example:
: 7 months, >100 resumes prepared, 2 onsites, 2 phonecalls,
: just got an offer today
: how many did u prepare?
【在 w*****3 的大作中提到】
:
: example:
: 7 months, >100 resumes prepared, 2 onsites, 2 phonecalls,
: just got an offer today
: how many did u prepare?
m*t
17 楼
i know little abot cisco router, but this line seems spooky, try removing it
access-list 101 deny ip 10.16.67.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 101 deny ip 10.16.67.0 0.0.0.255 10.0.0.0 0.255.255.255
l*4
18 楼
Microwave, the interview was a long time ago, and never heard back from them
again.
again.
x*n
19 楼
多谢,讲的很好,做了一下笔记。
【在 s*****g 的大作中提到】
: First line of NAT configuration(ip nat inside) is called PAT, it is mostly
: used for Internet access,i.e, flow can only be created when traffic is
: initiated from inside, second and third line are called static NAT, your
: client must have a TCP/UDP service running on port 1500 which can be
: accessible from Internet. When there is a overlapping of NAT rules, static
: translation rules take precedence.
: PAT will provide basic security, but static NAT does not.
【在 s*****g 的大作中提到】
: First line of NAT configuration(ip nat inside) is called PAT, it is mostly
: used for Internet access,i.e, flow can only be created when traffic is
: initiated from inside, second and third line are called static NAT, your
: client must have a TCP/UDP service running on port 1500 which can be
: accessible from Internet. When there is a overlapping of NAT rules, static
: translation rules take precedence.
: PAT will provide basic security, but static NAT does not.
B*d
20 楼
不要泄气。我的方向比你难找多了。想想你自己还是比很多人有优势的。
s*g
21 楼
No, you can not remove it, you want traffic to internal RFC1918 addresses to
be exempted from NAT translation.
it
【在 m**t 的大作中提到】
: i know little abot cisco router, but this line seems spooky, try removing it
: access-list 101 deny ip 10.16.67.0 0.0.0.255 10.0.0.0 0.255.255.255
be exempted from NAT translation.
it
【在 m**t 的大作中提到】
: i know little abot cisco router, but this line seems spooky, try removing it
: access-list 101 deny ip 10.16.67.0 0.0.0.255 10.0.0.0 0.255.255.255
m*e
22 楼
你不是说just got an offer today么,难道不值得恭喜?
them
【在 l*****4 的大作中提到】
: Microwave, the interview was a long time ago, and never heard back from them
: again.
them
【在 l*****4 的大作中提到】
: Microwave, the interview was a long time ago, and never heard back from them
: again.
s*g
23 楼
It is a common configuration when you have public IPs in the LAN also. In this customer's case, their ISP link is
a /30, so they need extra public IPs for NAT, easiest way is to park the IP range in any up interface.
【在 a***n 的大作中提到】
: what is not working?
: the ip address 209.254.138.1 255.255.255.224 secondary
: looks strange to me on the interface w/ ip nat inside
: the ping will use the outgoing interface IP by default.
: so if you ping 10.16.67.151, it will originate from fa0/0
: primary IP. You can always specify the source int to be sure.
a /30, so they need extra public IPs for NAT, easiest way is to park the IP range in any up interface.
【在 a***n 的大作中提到】
: what is not working?
: the ip address 209.254.138.1 255.255.255.224 secondary
: looks strange to me on the interface w/ ip nat inside
: the ping will use the outgoing interface IP by default.
: so if you ping 10.16.67.151, it will originate from fa0/0
: primary IP. You can always specify the source int to be sure.
l*4
24 楼
Microwave, 你好歹也要署名恭喜谁好吧。我还以为恭喜我了。 好莫乱,怎么不能想
xiaonei里 回复谁这个功能了。
xiaonei里 回复谁这个功能了。
j*a
25 楼
we use static route and redistribution
【在 s*****g 的大作中提到】
: It is a common configuration when you have public IPs in the LAN also. In this customer's case, their ISP link is
: a /30, so they need extra public IPs for NAT, easiest way is to park the IP range in any up interface.
【在 s*****g 的大作中提到】
: It is a common configuration when you have public IPs in the LAN also. In this customer's case, their ISP link is
: a /30, so they need extra public IPs for NAT, easiest way is to park the IP range in any up interface.
l*4
26 楼
Wawa, 你什么方向? 能分享一下经验么? 比如面试问题,还有工作什么公司?之类的
。谢谢啦。
。谢谢啦。
m*t
27 楼
hmmm, ACL should have nothing to do with NAT. but anyways I am almost cisco
CLI blind, lol
CLI blind, lol
l*4
28 楼
bloooooooooooood, 一起加油....
z*r
29 楼
ACL和NAT很相关呀,确定哪些traffic应该被translate,哪些不应该
cisco
【在 m**t 的大作中提到】
: hmmm, ACL should have nothing to do with NAT. but anyways I am almost cisco
: CLI blind, lol
cisco
【在 m**t 的大作中提到】
: hmmm, ACL should have nothing to do with NAT. but anyways I am almost cisco
: CLI blind, lol
m*e
30 楼
扫里扫里,我祝福你好啦。加油加油
【在 l*****4 的大作中提到】
: Microwave, 你好歹也要署名恭喜谁好吧。我还以为恭喜我了。 好莫乱,怎么不能想
: xiaonei里 回复谁这个功能了。
【在 l*****4 的大作中提到】
: Microwave, 你好歹也要署名恭喜谁好吧。我还以为恭喜我了。 好莫乱,怎么不能想
: xiaonei里 回复谁这个功能了。
x*n
31 楼
嗯。
【在 z**r 的大作中提到】
: ACL和NAT很相关呀,确定哪些traffic应该被translate,哪些不应该
:
: cisco
【在 z**r 的大作中提到】
: ACL和NAT很相关呀,确定哪些traffic应该被translate,哪些不应该
:
: cisco
w*3
32 楼
air permitting/modeling/GHG
Interview questions are pretty straightforward:
why change job?
tell me about urself?
project management skill?
organization skill?
any achievement?
any questions?
I am going to an energy company in TX. more questions?
【在 l*****4 的大作中提到】
: Wawa, 你什么方向? 能分享一下经验么? 比如面试问题,还有工作什么公司?之类的
: 。谢谢啦。
m*t
33 楼
明白了,这里ACL 是个 source pool.
如果我有个ACL 给安全用的:
access-list 110 permit host 192.168.1.100 eq ftp-data any
把这个放到 ip nat rule 里会怎么死法?
如果我有个ACL 给安全用的:
access-list 110 permit host 192.168.1.100 eq ftp-data any
把这个放到 ip nat rule 里会怎么死法?
S*9
34 楼
给大家分享下你的回答思路也是很受欢迎的啊。
x*n
35 楼
nat里面有个功能是pool的,可以直接定义。
ACL不是global config,有direction,你得apply到interface下,才有用,和poliy-
map一样,不service-policy under interface,就是nothing。
access-map是global的,没有direction的,用了,直接就block了。
说错了还请大侠指正啊。
【在 m**t 的大作中提到】
: 明白了,这里ACL 是个 source pool.
: 如果我有个ACL 给安全用的:
: access-list 110 permit host 192.168.1.100 eq ftp-data any
: 把这个放到 ip nat rule 里会怎么死法?
ACL不是global config,有direction,你得apply到interface下,才有用,和poliy-
map一样,不service-policy under interface,就是nothing。
access-map是global的,没有direction的,用了,直接就block了。
说错了还请大侠指正啊。
【在 m**t 的大作中提到】
: 明白了,这里ACL 是个 source pool.
: 如果我有个ACL 给安全用的:
: access-list 110 permit host 192.168.1.100 eq ftp-data any
: 把这个放到 ip nat rule 里会怎么死法?
w*k
36 楼
祝贺Wawa。你有卡没?TX的能源公司最近基本不考虑没卡的申请人。
m*t
37 楼
看了juniper 也类似的设计. 就是各种RULE 和policy 在data plane 顺序或并行处理的问
题。 具体到ACCESS LIST, 有多种ACCESS LIST, 大概在CLI 有SYNTAX 检查,MATCH
OPTIONS 在不同CONTEXT 下有不同。 在DATA PLANE 都可以做到ASIC 或 NPU 里面,最好不
要太复杂。
【在 x*********n 的大作中提到】
: nat里面有个功能是pool的,可以直接定义。
: ACL不是global config,有direction,你得apply到interface下,才有用,和poliy-
: map一样,不service-policy under interface,就是nothing。
: access-map是global的,没有direction的,用了,直接就block了。
: 说错了还请大侠指正啊。
题。 具体到ACCESS LIST, 有多种ACCESS LIST, 大概在CLI 有SYNTAX 检查,MATCH
OPTIONS 在不同CONTEXT 下有不同。 在DATA PLANE 都可以做到ASIC 或 NPU 里面,最好不
要太复杂。
【在 x*********n 的大作中提到】
: nat里面有个功能是pool的,可以直接定义。
: ACL不是global config,有direction,你得apply到interface下,才有用,和poliy-
: map一样,不service-policy under interface,就是nothing。
: access-map是global的,没有direction的,用了,直接就block了。
: 说错了还请大侠指正啊。
w*3
38 楼
No GC but TN and got several years experience too.
Currently working for an oil company so switch to another one for better pay
.I am not familiar with US job market but got an impression, for entry level
, might have to pay more attention to consulting firms since they need
peoples with strong tech skills. Industry like oil companies look for
experienced peoples with management skills. Especially in air quality field
with oil companies, hard to see Chinese for this reason ( I guess ).
Regarding to interview questions,
my language skill is so so so no too much thoughts. Just follow the guidance
on the internet and customized it to fit my situation. I always answer
questions in this way:
2 or 3 sentences statement by following an example:
Situation,prepare report
Task,finish by deadline
Action, plan, data collection, calculation, report, review
Result, done.
Currently working for an oil company so switch to another one for better pay
.I am not familiar with US job market but got an impression, for entry level
, might have to pay more attention to consulting firms since they need
peoples with strong tech skills. Industry like oil companies look for
experienced peoples with management skills. Especially in air quality field
with oil companies, hard to see Chinese for this reason ( I guess ).
Regarding to interview questions,
my language skill is so so so no too much thoughts. Just follow the guidance
on the internet and customized it to fit my situation. I always answer
questions in this way:
2 or 3 sentences statement by following an example:
Situation,prepare report
Task,finish by deadline
Action, plan, data collection, calculation, report, review
Result, done.
l*4
39 楼
wawa, 你太厉害了。膜拜ing
l*4
40 楼
明天又是周一了。 害怕周一到周五。周末自己比较轻松一点, 因为就算没有结果的话
, 也是周末嘛。 负罪感少点。 不过weekdays压力就比较大了。 希望这周有点好消息
吧。 不然就要考虑归了。
, 也是周末嘛。 负罪感少点。 不过weekdays压力就比较大了。 希望这周有点好消息
吧。 不然就要考虑归了。
w*9
41 楼
我也和你情况差不多,我也是做水的。我在西部,你在什么地方?上次和CDM的人扯淡
,他们说东部和中部都好奇来了
,他们说东部和中部都好奇来了
l*4
42 楼
wangjun7679, 我在南部。 CDM我投的简历, 都没有回信的。 搞的我都以为他们不
招人。
招人。
l*4
43 楼
wangjun7679, 我在南部。 CDM我投的简历, 都没有回信的。 搞的我都以为他们不
招人。 为什么呀为什么压
招人。 为什么呀为什么压
l*4
44 楼
wangjun7679, 我在南部。 CDM我投的简历, 都没有回信的。 搞的我都以为他们不
招人。 凭什么呀?
招人。 凭什么呀?
l*4
45 楼
wangjun7679, 我在南部。 CDM我投的简历, 都没有回信的。 搞的我都以为他们不
招人。 为什么呀为什么压
招人。 为什么呀为什么压
l*4
46 楼
wangjun7679, 我在南部。 CDM我投的简历, 都没有回信的。 搞的我都以为他们不
招人。 为什么呀为什么压
招人。 为什么呀为什么压
l*4
47 楼
wangjun7679, 我在南部。 CDM我投的简历, 都没有回信的。 搞的我都以为他们不
招人。 为什么呀为什么压
招人。 为什么呀为什么压
l*4
48 楼
wangjun7679, 我在南部。 CDM我投的简历, 都没有回信的。 搞的我都以为他们不
招人。 为什么呀为什么压
招人。 为什么呀为什么压
l*4
49 楼
wangjun7679, 我在南部。 CDM我投的简历, 都没有回信的。 搞的我都以为他们不
招人。 为什么呀为什么压
招人。 为什么呀为什么压
l*4
50 楼
wangjun7679, 我在南部。 CDM我投的简历, 都没有回信的。 搞的我都以为他们不
招人。 为什么呀为什么压
招人。 为什么呀为什么压
相关阅读
美国污水排海方面的法规 讨论CO2 capture 就业前景 请问做一般的环境consultant需要会什么软件吗Ned help on projection (Arcview 3.2a)问一下一些气体的分析仪生产单位 (转载)George Hornberger去Vanderbilt了大家觉得美国的环保比中国先进在哪些方面大家有在公司外接私活的经验吗?Env. Eng. PH.D (Remediation) job hunting experience东南大学交通学院招聘交通能源环境研究人员Re: Job Listing Sharingsome other positions (转载)表妹考北大研,专业课是环境科学综合,请过来人指点请问有人对ENVIRON和Golder Associates熟吗?考pe,居然要我verify大学的学历。有美国环工的博士。。大家都要花400块钱做这个马?PBS 90-MIN DOCUMENTARY: LIQUID ASSET请指教mid-level环境工程师的面试应该注意些什么呢?Ground water / surface water MODELER今天瞎琢磨俩问题有没有做大气的phd position啊