Each CCIE certification requires that the candidate pass both a written and practical lab exam. This digital Quick Reference provides you with detailed, graphical-based information, highlighting only the key topics in cram-style format. With this document as your guide, you will review topics on IP, IP routing, non-IP desktop protocols, bridging and switch-related technologies. This fact-filled Quick Reference allows you to get all-important information at a glance, helping you focus your study on areas of weakness and enhancing your memory retention of essential exam concepts.
Packet Guide to Routing and Switching. Cisco Router Configuration Handbook. Connecting Networks Companion Guide. Understanding Linux Network Internals. Building the Mobile Internet. Mastering Windows Server Hyper-V. Cisco Routers for the Desperate, 2nd Edition. Routing Protocols Companion Guide. Cisco Unified Customer Voice Portal. Optimizing Hadoop for MapReduce. If multiple routing protocols run on the device, and multiple protocols all present routes to the destination with valid next hops, the router examines administrative distance.
The route sourced from the lowest administrative distance protocol or mechanism is installed in the routing table. If no exact match exists in the routing table, the route is installed. This might cause the routing table to fill with the following entries: For the prefix length and the routing table, remember that when a router looks for a match in the IP routing table for the destination address, it always looks for the longest possible prefix match.
For example, if the routing table contains entries of This prefix length rule trumps administrative distance. The default administrative distance values are listed here. A floating static route means the administrator increases the administrative distance of the static route to be greater than the default of 1. The main routing table model, the hop-by-hop routing paradigm, has the routing table list for each destination network of the next-hop address to reach that destination.
If the routing tables are consistent and accurate, with no misinformation, this simple hop-by-hop paradigm works well enough to deliver data to anywhere from anywhere in the network. These technologies enable a simple and efficient label lookup to dictate the next hop that data should follow to reach a specific destination. Although this determination can be based on the routing table information, it can easily be based on other parameters, such as quality of service QoS or other traffic engineering considerations.
MPLS is explored in its own chapter of this Q. Routing Information Base and Forwarding Information Base Interaction The routing and forwarding architecture in Cisco routers and multilayer switches used to be a centralized, cachebased system that combined a control plane and a data plane. The control plane refers to the resources and technologies that create and maintain the routing table. The data plane refers to those resources and technologies needed to actually move data from the ingress port to the egress port on the device.
This centralized architecture has migrated so that the two planes can separate to enhance scalability and availability in the routing environment. The FIB resides in faster hardware resources. Redistribution Redistribution Between Routing Protocols Route redistribution might be required in an internetwork because multiple routing protocols must coexist.
Multiple routing protocols might be a necessity because of an interim period during conversion from one to another, application-specific protocol requirements, political reasons, or a lack of multivendor interoperability. Normally, the seed metric is generated from the originating interface. For example, EIGRP would use the bandwidth and delay of the originating interface to seed the metric. With redistributed routes, however, these routes are not connected to the router.
Some routing protocols feature a default seed metric for redistribution, whereas others do not. Following is a list of the defaults for the various protocols. Infinity indicates a seed metric must be configured; otherwise, the receiving protocol will not use the route. Following is the command to redistribute routes into RIP: For example, you can specify internal, external 1, or external 2.
The route-map keyword enables you to specify a route map for controlling or altering the routes that are redistributed. Type 1 e1 can be optionally used, which means the metric will be based on the total path to the destination. Subnets are not redistributed by default. Following is the command for redistribution into OSPF: The tag value enables the administrator to configure an optional tag value that can be used later to easily identify these routes. You can also perform redistribution in multiple locations throughout the topology.
With one-way redistribution, you typically pass a default route into the edge protocol, and take all the edge protocol routes and redistribute them into the core protocol of the network. With two-way redistribution, all routes from each routing protocol pass into each other. Routing loops are likely to occur because routing information from one autonomous system can easily be passed back into that same autonomous system. The safest way to eliminate the chance for a loop is to redistribute only in one direction one-way redistribution.
If this is not possible, and two-way redistribution is wanted, try these techniques to ensure a lack of loops: Apply two-way redistribution on all routes, and manipulate administrative distance associated with the external routes so that they are not selected when multiple routes exist for the same destination.wegoup777.online/ok-no-reforma-immigratoria-pero-utilicemos-las-leyes.php
CCIE Routing and Switching v Quick Reference, 2nd Edition
An excellent technique to detect a routing loop during redistribution is to use the debug ip routing command. This command shows all routing table activity as it occurs and demonstrates a loop condition through routing table instability.
In a stable network, little to no output occurs. It is an IEEE standards-based protocol. Over the years, Cisco enhanced this protocol with new features to make much-needed improvements. This chapter discusses those improvements and new IEEE versions of the protocol that dramatically improve the technology. Loops can cause broadcast storms, MAC table corruption, and multiple-frame copies. The default priority is 32, Newer switch operating systems break the priority field into two sections: Path cost is the measure of distance from one bridge to another.
Links are assigned a cost value by STP. This cost value is based on bandwidth. Higher-bandwidth links receive a lower-cost value, and STP deems a lower-cost path as preferred to a higher-cost path. Initially with STP operations, a root bridge must be selected. This root bridge will have all its ports in the forwarding state designated ports and will be the central reference point for the creation of a loop-free Layer 2 topology. The switch with the lowest priority will be the root bridge. If a tie occurs, the switch with the lowest MAC address will be the root bridge.
After the root bridge for the network has been determined, this reference point can create the loop-free topology. This initial creation of the loop-free topology takes place in three steps: Elect a root bridge. The lowest BID wins. Every nonroot bridge selects one root port. Each segment has one designated port the bridge with the designated port is the designated bridge for that segment ; all active ports on the root bridge are designated unless you connect two ports to each other. When convergence occurs, BPDUs radiate out from the root bridge over loop-free paths.
Figure shows an example of STP in action. Ports have a port state under Ports begin life on the switch as disabled and gradually transition to a forwarding state when STP deems it is safe to do so. The possible states are listed here along with the timers that control the transition times. The states are carefully ordered to demonstrate the order of transition: BPDUs received only 20 sec 3.
BPDUs sent and received 15 sec 4. Bridging table is built 15 sec 5. Timer modification is possible from the root bridge. Instead, Cisco mechanisms can improve convergence times without direct manipulation of the timers by the administrator. The TCN process of It takes a port into forwarding and has at least one designated port DP.
TCNs are sent out the root port of nonroot devices; they are sent each hello interval until they are acknowledged by the upstream device. The upstream switch then sends the TCN further upstream. This continues until the root bridge receives the TCN. This instructs all switches to age MAC table address entries faster.
You should also select a secondary root if the primary root fails.
For example, spanning-tree vlan priority sets the priority to for VLAN on the local switch. If all switches are at the default priority value of 32,, the bridge becomes the root. You can use the priority value of in this case on another switch to elect it as the secondary root bridge. If the default is used on the root, the priority is set to To create a secondary root, you can use the following command: You apply the command to specific ports, and that application has two effects: The switch does not generate a TCN when a port configured for PortFast is going up or down—for example, when a workstation power-cycles.
Therefore, consider enabling PortFast on ports connected to end-user workstations. Use caution with PortFast ports to ensure that hubs, switches, bridges, or any other device that might cause a loop do not connect to these ports. When you configure UplinkFast, the local switch has a priority set to 49, and adds to the cost of all links.
Finally, a mechanism is included that causes the manipulation of MAC address tables for other bridges. BackboneFast Configure BackboneFast on all switches to speed convergence when the failure occurs and is indirectly located, such as in the core of the backbone. It reduces convergence from approximately 50 seconds to approximately 30 seconds. The protocol incorporates many new features to speed convergence, including incorporation of the ideas presented by Cisco in its enhancements to Although the new technology has many improvements, , the configuration remains almost identical—and the two technologies can coexist.
Full benefits are not realized until all systems run RSTP, however. RSTP requires full-duplex, point-to-point connections between adjacent switches to achieve fast convergence. Edge ports can be statically configured or will be recognized by the PortFast configuration command. For example, a DP could be Discarding, even though it is destined to transition to the Forwarding state. This port role exists in By default, all ports on the root bridge are DPs. This port role is new to No longer does a reliance on timers for convergence exist as in A proposal and agreement process replaces the timer methodology of STP and flows downstream from the root device.
The originator of a TC is now responsible for flooding it through the network. Enter MST configuration submode: Set the MST region name: Set a configuration revision number: Even though STP guards against such loops, they can still occur because of things such as unidirectional link failures or switch congestion issues. Loop Guard prevents loops conservatively by preventing alternative or root ports from becoming DPs in the topology. Loop Guard operates only on ports considered point-to-point by the spanning tree and cannot be run with Root Guard on an interface. To enable Loop Guard, use the following global configuration mode command: A unidirectional link occurs when traffic transmitted from the local switch is received by the neighbor, but traffic sent from the neighbor is not.
Unidirectional links can cause a variety of problems, including spanning-tree loops. UDLD performs tasks that autonegotiation cannot perform.
- Go Get Mothers Picket Sign: Crossing Spheres With the Material Culture of Suffrage.
- Russian Military Reform, 1992-2002 (Soviet (Russian) Military Experience);
- How to Do Everything with Microsoft Office Access 2003?
Therefore, both sides of the link must support UDLD. By default, UDLD is locally disabled on copper interfaces and is locally enabled on all Ethernet fiber-optic interfaces. Service providers that connect switches to customer networks are often interested in this technology because they want to ensure that no customer device inadvertently or otherwise becomes the root of the spanning tree. This root-inconsistent state is effectively equal to the Listening port state. No traffic is forwarded across this port. This protects the current placement of the root bridge in the infrastructure.
You can enable this feature on a port with the following interface configuration command: Because BPDUs should never arrive at these ports, their reception indicates a misconfiguration or a security breach. BPDU Guard causes the port to error-disable upon the reception of these frames. Following is the command to do this: Again, the receipt of a BPDU causes the port to error-disable.
Storm Control The Storm Control feature protects a LAN from being affected by unicast, broadcast, or multicast storms that might develop. The switch implements storm control by counting the number of packets of a specified type received within the one-second time interval and compares the measurement with a predefined suppression-level threshold. Storm Control can typically enable the administrator to control traffic by a percentage of total bandwidth or the traffic rate at which packets are received.
When the rate of multicast traffic exceeds a set threshold, all incoming traffic broadcast, multicast, and unicast is dropped until the level drops below the specified threshold level. Only spanning-tree packets are forwarded in this situation. When broadcast and unicast thresholds are exceeded, traffic is blocked for only the type of traffic that exceeded the threshold.
Storm Control is configured at the interface level with the following command: Although some flooding is unavoidable and expected, excessive flooding might be caused by asymmetric routing, STP topology changes, or forwarding table overflow. Also, flooding can result from attacks on the network, especially if denial-of-service DoS attacks occur. Switches can now implement a unicast flood-prevention feature. This is implemented through the following global configuration command: Connected switches exchange DTP messages that indicate their desirability to create a trunk.
The DTP port state dictates its capability to create a trunk. Following are the possible states: Enables the switch to create a trunk if initiated from the other switch. Actively tries to create a trunk link with the peer. DTP messages are sent, and a trunk will be formed unless the peer explicitly forbids it. Trunking is not allowed on the switchport regardless of the DTP status of the peer. Disables DTP and will not form a trunk link with a peer which requires trunk negotiation. These components of an The Canonical Format Indicator is a single-bit flag, always set to 0 for Ethernet switches.
Two of these identifications are reserved, permitting the creation of VLANs. Following are the aspects of the native VLAN: Cisco switches produce errors if the native VLAN does not match at each end of the link. You can control the The command that creates and controls trunks on Cisco IOS-based switches is the interface command: To enjoy the benefits of VTP, your switches must meet the following requirements: Generally, you find four items in all VTP messages: This value determines whether a switch has stale information about VLANs and ultimately controls whether the switch overwrites its VLAN database with new information.
The number is from 0 to 4,,, Introducing new switches in Transparent mode helps ensure that this problem never results. You have three possible modes for your VTP servers: Permits the addition, deletion, and modification of VLAN information, but the information resides only locally on the Transparent device; these systems forward advertisements from servers but do not process them. Note that changing the VTP domain on this system resets the configuration revision number to 0: It limits the distribution of flooded frames to only switches that have members of the particular VLAN.
You can enable VTP pruning with this command: You can change this behavior by making select VLANs you choose prune-ineligible. This is done with the following command: It is often advisable to use an EtherChannel for key trunks in your campus design. Notice that EtherChannel affects STP because ordinarily one or more of the links would be disabled to prevent a loop. Be aware of the following guidelines for EtherChannel: Assign all EtherChannel ports to the same VLAN or ensure they are all set to the same trunk encapsulation and trunk mode.
EtherChannel load balancing can use MAC addresses, IP addresses, or Layer 4 port numbers—either source, destination, or both source and destination addresses. Here is an example: Four data rates are currently defined for operation over optical fiber and twisted-pair cables: Fast Ethernet n Mbps: Gigabit Ethernet n 10, Mbps: This early Ethernet specification runs at 10 Mbps. Ethernet can run over various media such as twisted pair and coaxial. You often see Ethernet over Thick Coaxial Media This reuse of the existing infrastructure helps make As the name conveys, this Ethernet-like performance extends to feet.
This flexibility enables you to inexpensively adapt your network equipment to any changes in the physical media that might be introduced. Upgrading to the latest interface technologies is simple because of these GBICs.
Addresses are typically represented in dotted-decimal notation. The address classes defined for IP networks consist of the following subnet masks: Class B addresses begin with 10 and range from to Class C addresses begin with and range from to Class D and Class E addresses also are defined. The Class D address space has the first 4 bits set to and has a first octet of to These addresses are used for IP multicast.
Class E addresses have the first 4 bits set to and have a first octet of to These addresses are reserved for experimental use. Of the entire IPv4 address space, several blocks of IPs have been reserved for a specific use. The private IP space, which should not be used outside of an administrative domain, has been allocated the following blocks: Subnetting Subnetting enables for the creation of smaller, more-efficient networks. Overall network traffic is reduced, and security measures can be easily introduced in a subnetted network.
The IP address is 32 bits in length. It has a network ID portion and a host ID portion. The number of bits used for the host ID dictates the number of hosts possible on the network or subnetwork. One address is reserved for the network ID all host bits set to 0 , and one address is reserved for a subnet broadcast all host bits set to 1. The number of subnets that can be created depends on the number of bits borrowed. Take the address First note that this mask uses 18 bits. Fourteen bits remain for host addressing. That is, 16, host addresses are possible.
A default Class A network uses 8 bits for the mask. VLSM One of the fundamental concepts in networking is subnetting, that is, breaking one subnet into smaller pieces. VLSM enables a network administrator to choose subnetting boundaries based on the requirements of the network, rather than being forced to design around the constraints of IP addressing. In other words, the order of the subnets matter. They are related but refer to different IP addressing concepts. In a classless network, a subnet within the CIDR is a method in which subnets can be grouped together.
It provides a way to refer a list of consecutive subnets without having to list each one individually. For example, the subnets of It is massively useful in large networks where large groups of IP address ranges can be aggregated together within a routing table or access lists. Then the IP datagram is encapsulated in a link-layer frame and sent over the network. If the router receives an ARP request for a host not on the same network as the ARP request sender, and if the router has all its routes to that host through other interfaces, it generates a proxy ARP reply packet, giving its own local MAC address.
The host that sent the ARP request then sends its packets to the router, which forwards them to the intended host. Proxy ARP is enabled by default. To enable proxy ARP if it has been disabled, use the following command: You can change this encapsulation method to SNAP or HP Probe, as required by your network, to control the interface-specific handling of IP address resolution into bit Ethernet hardware addresses. To specify the ARP encapsulation type, use the following command: HSRP is used in a group of routers to select an active router and a standby router.
The active router is the router of choice for routing packets; a standby router is a router that takes over the routing duties when an active router fails or when other preset conditions are met. One of these devices is selected by the protocol to be the active router. A new standby router is also selected at that time. You can configure multiple Hot Standby groups on an interface, thereby making fuller use of redundant routers and load sharing. To do so, specify a group number for each Hot Standby command you configure for the interface. To enable the HSRP on an interface, use the following command: To configure the time between hello packets and the hold time before other routers declare the active router to be down, use the following command: The priority value range is from 1 to , in which 1 denotes the lowest priority, and denotes the highest priority: In addition, you can configure a preemption delay after which the Hot Standby router preempts and becomes the active router: Instead of just providing backup for a failed router, it can also handle the load balancing between multiple routers.
Workstations are configured with the same virtual IP address, and all routers in the virtual router group participate in forwarding packets. GLBP members communicate with each other using hello messages sent every 3 seconds to the multicast address Although many customization commands exist, the command to enable the protocol is just like that of the other redundancy protocols in structure: Organizations might use NAT for the following purposes: Internal addresses must be changed, and this creates a large administrative burden.
NAT is used instead to translate addresses. To do basic load sharing of TCP traffic. The IP address assigned to a host on the inside network.
Often, this is a nonregistered IP address. A legitimate IP address that represents one or more inside local IP addresses to the outside world. The IP address of an outside host as it appears to the inside network. The IP address assigned to a host on the outside network by the owner of the host.
For a depiction of this NAT terminology, see Figure Static translation is useful when a host on the inside must be accessible by a fixed address from the outside. Dynamic translation establishes a mapping between an inside local address and a pool of global addresses. Configuring Static Translations To establish a static translation between an inside local address and an inside global address, use the following global configuration command: When multiple local addresses map to one global address, the TCP or UDP port numbers of each inside host distinguish between the local addresses.
To permit this behavior, use the dynamic translations configuration from the previous section and include the overload keyword as follows: Use this feature if your IP addresses in the stub network are legitimate IP addresses belonging to another network and you want to communicate with those hosts or routers. You can configure the translations using static or dynamic means. TCP Load Distribution If your organization has multiple hosts that must communicate with a heavily used host, you can establish a virtual host on the inside network that coordinates load sharing among real hosts.
Destination addresses that match an access list are replaced with addresses from a rotary pool. Allocation is done on a round-robin basis and only when a new connection is opened from the outside to the inside. First, define a pool of addresses containing the addresses of the real hosts in global configuration mode: ICMP includes functions for the following: Such as host or network unreachable. An example is the ICMP Source Quench messages used to cause a sender to slow down transmission because of a router buffering too many packets. The Echo function is used by the ping utility to test connectivity between two systems.
Communicate timeouts in the network: Similarly, if the device receives a packet that it cannot deliver to the ultimate destination because it knows of no route to the destination address, it sends an ICMP host unreachable message to the source. This feature is enabled by default. Network Time Protocol NTP assists the administrator in this goal by automatically synchronizing the time between network devices. Devices in the network running NTP can receive the correct time from an authoritative time source, such as a Cisco router, a radio clock, or an atomic clock attached to a timeserver.
To configure a router to receive the time from an authoritative time source on the network, use the following command: The hardware clock runs continuously, even if the router is powered off or rebooted. It is a good practice to periodically update the hardware clock with the time learned from NTP. To do this, use this command: Consider it like a hop count. If you set the stratum to 1 on the router, you indicate that it is the authoritative time source.
You can also have the router synchronize the clock of a peer router, or be synchronized from that peer. The command to configure this is as follows: Figure shows the four-step process that the router participates in to provide DHCP services. To do so, use the following command: Router config ip dhcp excluded-address low-address [high-address] To configure a subnet and mask for the DHCP address pool, use the following command in DHCP pool configuration mode: The Cisco cache engine reduces transmission costs and downloading time for clients.
When users request web pages, the WCCP-capable router sends the requests to a cache engine. If the cache engine has a copy of the requested page in storage, the cache engine sends the user that page. If there is no cached copy, the cache engine retrieves the requested page from the web server, stores a copy, and forwards the page to the user. The routers and the cache engine operate transparently from the perspective of end users. End users do not know that the page came from the cache engine rather than the web server.
The global configuration command used on the router to enable the protocol follows: For example, you can specify a default domain name that the Cisco IOS Software uses to complete domain name requests. You can specify either a single domain name or a list of domain names. Any IP hostname that does not contain a domain name has the domain name you specify appended to it before being added to the host table.
To specify this domain name, use the following command: These system messages are typically sent to a logging process, so they are most often called syslog messages. Logging is enabled by default. The no logging on command actually forces system messages to the console. This can impede the performance of the Cisco device because processes must wait for messages to be written to the console before the processes can continue their operations. It is recommended that the administrator leave the logging process enabled the default behavior ; that way logging messages can be written to the console more efficiently.
Because there is no way to stop the sending of system messages to the console, administrators should use the logging synchronous command inline configuration mode. This can be changed by specifying an optional size at the end of the logging buffered command. To view the contents of the buffer, use the show logging command. The oldest messages display first. When the buffer fills to capacity, new messages overwrite the oldest messages. You can clear the buffer anytime with the clear logging command. It enables the filtering of messages, reporting on messages, and even action filters that enable automated responses to certain messages, including pages and emails.
To send system messages to a UNIX or CiscoWorks syslog server, ensure the logging process is enabled and then issue the command logging x. The command can be entered multiple times to configure multiple destinations for the messages. To limit the sending of all messages, use the logging trap level command, in which level is the number or the name of the severity level.
For example, logging trap notifications restricts the messages sent to only those of level 0 through 5. This keeps debugging and informational messages from being sent to the server. UDP port is used for syslog messages, so be sure that your firewalls permit this port if you need the messages to pass through such devices. UNIX syslog servers use a facility code to identify the source of syslog messages.
They use this code to create different logs for the different sources of messages. Sample facilities include lpr for the Line Printer System and mail for the email system. UNIX syslog servers reserve the facility codes local0 through local7 for log messages received from remote servers and network devices. To have switches use one log file on the server and routers use another, change the facility code for switches using the logging facility local6 command. By default, Cisco devices use local7 for their messages so that your router messages will be in a different log. CiscoWorks requires the use of local7.
CCIE Routing and Switching v4.0 Quick Reference
Some devices enable logging of system messages to a file in flash memory. The command to do this is simply logging file flash: This command can also set size limits on the file and control the types of messages sent to flash. This is accomplished with the service timestamps log datetime command. For an example, see Figure Here are typical Cisco IOS global configuration commands for setting strings that permit configuration and monitoring, respectively: Disables SNMP agent operation show snmp engineid: Displays the identification of the local SNMP engine and all remote engines configured on the router show management event: Checks the status of SNMP communications show snmp group: Displays the names of groups on the router and the security model, the status of the different views, and the storage type of each group n show snmp pending: Displays the current set of pending SNMP requests n show snmp sessions: Displays the current SNMP sessions n show snmp user: Whereas previous versions used clear-text passwords, SNMP Version 3 provides for authentication and encryption of network management information.
Here is the syntax to create a view. All the commands that follow are global configuration mode commands: This is basically the entire MIB structure: Use the syntax shown here: Traffic is mirrored from source ports to a destination port on the switch; a network analyzer should be located at the destination switch. SPAN is available in several forms: SPAN source ports and the destination port are located on the same device. The example in this book are few and far between and everything is 1, foot view. Its way easier to just learn by?
Most topics are solidified by doing rather than reading. After my CCIE experience I am a firm believer that practice tests timed and workbooks are the only way to pass a CCIE and books are just fillers on topics you are brushing up on. If you really want to know how it works reading the RFC is literally easy most of the time.
Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more about Amazon Giveaway. Set up a giveaway. Feedback If you need help or have a question for Customer Service, contact us. Would you like to report poor quality or formatting in this book? Click here Would you like to report this content as inappropriate?
Click here Do you believe that this item violates a copyright? There's a problem loading this menu right now. Get fast, free shipping with Amazon Prime. Your recently viewed items and featured recommendations. View or edit your browsing history. Get to Know Us. English Choose a language for shopping.
Not Enabled Word Wise:
Related CCIE Routing and Switching v4.0 Quick Reference
Copyright 2019 - All Right Reserved