Safari Bookshelf - MSDN - Cisco Cookbook
Cisco Cookbook
By Ian J. Brown, Kevin Dooley
Publisher : O'Reilly
Pub Date : July 2003
ISBN : 0-596-00367-6

      What's in This Book
      Comments and Questions
    Chapter 1.  Router Configuration and File Management
      Recipe 1.1.  Configuring the Router via TFTP
      Recipe 1.2.  Saving Router Configuration to Server
      Recipe 1.3.  Booting the Router Using a Remote Configuration File
      Recipe 1.4.  Storing Configuration Files Larger than NVRAM
      Recipe 1.5.  Clearing the Startup Configuration
      Recipe 1.6.  Loading a New IOS Image
      Recipe 1.7.  Booting a Different IOS Image
      Recipe 1.8.  Booting Over the Network
      Recipe 1.9.  Copying an IOS Image to a Server
      Recipe 1.10.  Copying an IOS Image Through the Console
      Recipe 1.11.  Deleting Files from Flash
      Recipe 1.12.  Partitioning Flash
      Recipe 1.13.  Using the Router as a TFTP Server
      Recipe 1.14.  Using FTP from the Router
      Recipe 1.15.  Generating Large Numbers of Router Configurations
      Recipe 1.16.  Changing the Configurations of Many Routers at Once
      Recipe 1.17.  Extracting Hardware Inventory Information
      Recipe 1.18.  Backing Up Router Configurations
    Chapter 2.  Router Management
      Recipe 2.1.  Creating Command Aliases
      Recipe 2.2.  Managing the Router's ARP Cache
      Recipe 2.3.  Tuning Router Buffers
      Recipe 2.4.  Using the Cisco Discovery Protocol
      Recipe 2.5.  Disabling the Cisco Discovery Protocol
      Recipe 2.6.  Using the Small Servers
      Recipe 2.7.  Enabling HTTP Access to a Router
      Recipe 2.8.  Using Static Hostname Tables
      Recipe 2.9.  Enabling Domain Name Services
      Recipe 2.10.  Disabling Domain Name Lookups
      Recipe 2.11.  Specifying a Router Reload Time
      Recipe 2.12.  Creating Exception Dump Files
      Recipe 2.13.  Generating a Report of Interface Information
      Recipe 2.14.  Generating a Report of Routing Table Information
      Recipe 2.15.  Generating a Report of ARP Table Information
      Recipe 2.16.  Generating a Server Host Table File
    Chapter 3.  User Access and Privilege Levels
      Recipe 3.1.  Setting Up User IDs
      Recipe 3.2.  Encrypting Passwords
      Recipe 3.3.  Using Better Encryption Techniques
      Recipe 3.4.  Removing Passwords from a Router Configuration File
      Recipe 3.5.  Deciphering Cisco's Weak Password Encryption
      Recipe 3.6.  Displaying Active Users
      Recipe 3.7.  Sending Messages to Other Users
      Recipe 3.8.  Changing the Number of VTYs
      Recipe 3.9.  Changing VTY Timeouts
      Recipe 3.10.  Restricting VTY Access by Protocol
      Recipe 3.11.  Enabling Absolute Timeouts on VTY Lines
      Recipe 3.12.  Implementing Banners
      Recipe 3.13.  Disabling Banners on a Port
      Recipe 3.14.  Disabling Router Lines
      Recipe 3.15.  Reserving a VTY Port for Administrative Access
      Recipe 3.16.  Restricting Inbound Telnet Access
      Recipe 3.17.  Logging Telnet Access
      Recipe 3.18.  Setting the Source Address for Telnet
      Recipe 3.19.  Automating the Login Sequence
      Recipe 3.20.  Using SSH for Secure Access
      Recipe 3.21.  Changing the Privilege Level of IOS Commands
      Recipe 3.22.  Defining Per-User Privileges
      Recipe 3.23.  Defining Per-Port Privileges
    Chapter 4.  TACACS+
      Recipe 4.1.  Authenticating Login IDs from a Central System
      Recipe 4.2.  Restricting Command Access
      Recipe 4.3.  Losing Access to the TACACS+ Server
      Recipe 4.4.  Disabling TACACS+ Authentication on a Particular Line
      Recipe 4.5.  Capturing User Keystrokes
      Recipe 4.6.  Logging System Events
      Recipe 4.7.  Setting the IP Source Address for TACACS+ Messages
      Recipe 4.8.  Obtaining Free TACACS+ Server Software
      Recipe 4.9.  Sample Server Configuration Files
    Chapter 5.  IP Routing
      Recipe 5.1.  Finding an IP Route
      Recipe 5.2.  Finding Types of IP Routes
      Recipe 5.3.  Converting Different Mask Formats
      Recipe 5.4.  Using Static Routing
      Recipe 5.5.  Floating Static Routes
      Recipe 5.6.  Using Policy-Based Routing to Route Based on Source Address
      Recipe 5.7.  Using Policy-Based Routing to Route Based on Application Type
      Recipe 5.8.  Examining Policy-Based Routing
      Recipe 5.9.  Changing Administrative Distances
      Recipe 5.10.  Routing Over Multiple Paths with Equal Costs
    Chapter 6.  RIP
      Recipe 6.1.  Configuring RIP Version 1
      Recipe 6.2.  Filtering Routes with RIP
      Recipe 6.3.  Redistributing Static Routes into RIP
      Recipe 6.4.  Redistributing Routes Using Route Maps
      Recipe 6.5.  Creating a Default Route in RIP
      Recipe 6.6.  Disabling RIP on an Interface
      Recipe 6.7.  Unicast Updates for RIP
      Recipe 6.8.  Applying Offsets to Routes
      Recipe 6.9.  Adjusting Timers
      Recipe 6.10.  Configuring Interpacket Delay
      Recipe 6.11.  Enabling Triggered Updates
      Recipe 6.12.  Increasing the RIP Input Queue
      Recipe 6.13.  Configuring RIP Version 2
      Recipe 6.14.  Enabling RIP Authentication
      Recipe 6.15.  RIP Route Summarization
      Recipe 6.16.  Route Tagging
    Chapter 7.  EIGRP
      Recipe 7.1.  Configuring EIGRP
      Recipe 7.2.  Filtering Routes with EIGRP
      Recipe 7.3.  Redistributing Routes into EIGRP
      Recipe 7.4.  Redistributing Routes into EIGRP Using Route Maps
      Recipe 7.5.  Creating a Default Route in EIGRP
      Recipe 7.6.  Disabling EIGRP on an Interface
      Recipe 7.7.  EIGRP Route Summarization
      Recipe 7.8.  Adjusting EIGRP Metrics
      Recipe 7.9.  Adjusting Timers
      Recipe 7.10.  Enabling EIGRP Authentication
      Recipe 7.11.  Logging EIGRP Neighbor State Changes
      Recipe 7.12.  Limiting EIGRP's Bandwidth Utilization
      Recipe 7.13.  EIGRP Stub Routing
      Recipe 7.14.  Route Tagging
      Recipe 7.15.  Viewing EIGRP Status
    Chapter 8.  OSPF
      Recipe 8.1.  Configuring OSPF
      Recipe 8.2.  Filtering Routes in OSPF
      Recipe 8.3.  Adjusting OSPF Costs
      Recipe 8.4.  Creating a Default Route in OSPF
      Recipe 8.5.  Redistributing Static Routes into OSPF
      Recipe 8.6.  Redistributing External Routes into OSPF
      Recipe 8.7.  Manipulating DR Selection
      Recipe 8.8.  Setting the OSPF RID
      Recipe 8.9.  Enabling OSPF Authentication
      Recipe 8.10.  Selecting the Appropriate Area Types
      Recipe 8.11.  Summarizing Routes in OSPF
      Recipe 8.12.  Disabling OSPF on Certain Interfaces
      Recipe 8.13.  OSPF Route Tagging
      Recipe 8.14.  Logging OSPF Adjacency Changes
      Recipe 8.15.  Adjusting OSPF Timers
      Recipe 8.16.  Viewing OSPF Status with Domain Names
      Recipe 8.17.  Debugging OSPF
    Chapter 9.  BGP
      Recipe 9.1.  Configuring BGP
      Recipe 9.2.  Using eBGP Multihop
      Recipe 9.3.  Adjusting the Next-Hop Attribute
      Recipe 9.4.  Connecting to Two ISPs
      Recipe 9.5.  Connecting to Two ISPs with Redundant Routers
      Recipe 9.6.  Restricting Networks Advertised to a BGP Peer
      Recipe 9.7.  Adjusting Local Preference Values
      Recipe 9.8.  Load Balancing
      Recipe 9.9.  Removing Private ASNs from the AS Path
      Recipe 9.10.  Filtering BGP Routes Based on AS Paths
      Recipe 9.11.  Reducing the Size of the Received Routing Table
      Recipe 9.12.  Summarizing Outbound Routing Information
      Recipe 9.13.  Prepending ASNs to the AS Path
      Recipe 9.14.  Redistributing Routes with BGP
      Recipe 9.15.  Using Peer Groups
      Recipe 9.16.  Authenticating BGP Peers
      Recipe 9.17.  Putting It All Together
    Chapter 10.  Frame Relay
      Recipe 10.1.  Setting Up Frame Relay withPoint-to-Point Subinterfaces
      Recipe 10.2.  Adjusting LMI Options
      Recipe 10.3.  Setting Up Frame Relay with Map Statements
      Recipe 10.4.  Using Multipoint Subinterfaces
      Recipe 10.5.  Configuring Frame Relay SVCs
      Recipe 10.6.  Simulating a Frame Relay Cloud
      Recipe 10.7.  Compressing Frame Relay Data on a Subinterface
      Recipe 10.8.  Compressing Frame Relay Data with Maps
      Recipe 10.9.  Viewing Frame Relay Status Information
    Chapter 11.  Queueing and Congestion
      Recipe 11.1.  Fast Switching and CEF
      Recipe 11.2.  Setting the DSCP or TOS Field
      Recipe 11.3.  Using Priority Queueing
      Recipe 11.4.  Using Custom Queueing
      Recipe 11.5.  Using Custom Queues with Priority Queues
      Recipe 11.6.  Using Weighted Fair Queueing
      Recipe 11.7.  Using Class-Based Weighted Fair Queueing
      Recipe 11.8.  Controlling Congestion with WRED
      Recipe 11.9.  Using RSVP
      Recipe 11.10.  Using Generic Traffic Shaping
      Recipe 11.11.  Using Frame-Relay Traffic Shaping
      Recipe 11.12.  Using Committed Access Rate
      Recipe 11.13.  Implementing Standards-BasedPer-Hop Behavior
      Recipe 11.14.  Viewing Queue Parameters
    Chapter 12.  Tunnels and VPNs
      Recipe 12.1.  Creating a Tunnel
      Recipe 12.2.  Tunneling Foreign Protocols in IP
      Recipe 12.3.  Tunneling with Dynamic Routing Protocols
      Recipe 12.4.  Viewing Tunnel Status
      Recipe 12.5.  Creating an EncryptedRouter-to-Router VPN
      Recipe 12.6.  Generating RSA Keys
      Recipe 12.7.  Creating a Router-to-Router VPN with RSA Keys
      Recipe 12.8.  Creating a VPN Between a Workstation and a Router
      Recipe 12.9.  Check IPSec Protocol Status
    Chapter 13.  Dial Backup
      Recipe 13.1.  Automating Dial Backup
      Recipe 13.2.  Using Dialer Interfaces
      Recipe 13.3.  Using an Async Modem on the AUX Port
      Recipe 13.4.  Using Backup Interfaces
      Recipe 13.5.  Using Dialer Watch
      Recipe 13.6.  Ensuring Proper Disconnection
      Recipe 13.7.  View Dial Backup Status
      Recipe 13.8.  Debugging Dial Backup
    Chapter 14.  NTP and Time
      Recipe 14.1.  Timestamping Router Logs
      Recipe 14.2.  Setting the Time
      Recipe 14.3.  Setting the Time Zone
      Recipe 14.4.  Adjusting for Daylight Saving Time
      Recipe 14.5.  Synchronizing the Time on All Routers (NTP)
      Recipe 14.6.  Configuring NTP Redundancy
      Recipe 14.7.  Setting the Router as the NTP Master for the Network
      Recipe 14.8.  Changing NTP Synchronization Periods
      Recipe 14.9.  Using NTP to Send Periodic Broadcast Time Updates
      Recipe 14.10.  Using NTP to Send Periodic Multicast Time Updates
      Recipe 14.11.  Enabling and Disabling NTP Per Interface
      Recipe 14.12.  NTP Authentication
      Recipe 14.13.  Limiting the Number of Peers
      Recipe 14.14.  Restricting Peers
      Recipe 14.15.  Setting the Clock Period
      Recipe 14.16.  Checking the NTP Status
      Recipe 14.17.  Debugging NTP
    Chapter 15.  DLSw
      Recipe 15.1.  Configuring DLSw
      Recipe 15.2.  Using DLSw to Bridge Between Ethernet and Token Ring
      Recipe 15.3.  Converting Ethernet and Token Ring MAC Addresses
      Recipe 15.4.  Configuring SDLC
      Recipe 15.5.  Configuring SDLC for Multidrop Connections
      Recipe 15.6.  Using STUN
      Recipe 15.7.  Using BSTUN
      Recipe 15.8.  Controlling DLSw Packet Fragmentation
      Recipe 15.9.  Tagging DLSw Packets for QoS
      Recipe 15.10.  Supporting SNA Priorities
      Recipe 15.11.  DLSw+ Redundancy and Fault Tolerance
      Recipe 15.12.  Viewing DLSw Status Information
      Recipe 15.13.  Viewing SDLC Status Information
      Recipe 15.14.  Debugging DSLw
    Chapter 16.  Router Interfaces and Media
      Recipe 16.1.  Viewing Interface Status
      Recipe 16.2.  Configuring Serial Interfaces
      Recipe 16.3.  Using an Internal T1 CSU/DSU
      Recipe 16.4.  Using an Internal ISDN PRI Module
      Recipe 16.5.  Using an Internal 56Kbps CSU/DSU
      Recipe 16.6.  Configuring an Async Serial Interface
      Recipe 16.7.  Configuring ATM Subinterfaces
      Recipe 16.8.  Setting Payload Scrambling on an ATM Circuit
      Recipe 16.9.  Configuring Ethernet Interface Features
      Recipe 16.10.  Configuring Token Ring Interface Features
      Recipe 16.11.  Connecting VLAN Trunks With ISL
      Recipe 16.12.  Connecting VLAN Trunks with 802.1Q
    Chapter 17.  Simple Network Management Protocol
      Recipe 17.1.  Configuring SNMP
      Recipe 17.2.  Extracting Router Information via SNMP Tools
      Recipe 17.3.  Recording Important Router Information for SNMP Access
      Recipe 17.4.  Extracting Inventory Information from a List of Routers with SNMP
      Recipe 17.5.  Using Access Lists to Protect SNMP Access
      Recipe 17.6.  Logging Unauthorized SNMP Attempts
      Recipe 17.7.  Limiting MIB Access
      Recipe 17.8.  Using SNMP to Modify a Router's Running Configuration
      Recipe 17.9.  Using SNMP to Copy a New IOS Image
      Recipe 17.10.  Using SNMP to Perform Mass Configuration Changes
      Recipe 17.11.  Preventing Unauthorized Configuration Modifications
      Recipe 17.12.  Making Interface Table Numbers Permanent
      Recipe 17.13.  Enabling SNMP Traps and Informs
      Recipe 17.14.  Sending syslog Messages as SNMP Traps and Informs
      Recipe 17.15.  Setting SNMP Packet Size
      Recipe 17.16.  Setting SNMP Queue Size
      Recipe 17.17.  Setting SNMP Timeout Values
      Recipe 17.18.  Disabling Link Up/Down Traps per Interface
      Recipe 17.19.  Setting the IP Source Address for SNMP Traps
      Recipe 17.20.  Using RMON to Send Traps
      Recipe 17.21.  Enabling SNMPv3
      Recipe 17.22.  Using SAA
    Chapter 18.  Logging
      Recipe 18.1.  Enabling Local Router Logging
      Recipe 18.2.  Setting the Log Size
      Recipe 18.3.  Clearing the Router's Log
      Recipe 18.4.  Sending Log Messages to Your Screen
      Recipe 18.5.  Using a Remote Log Server
      Recipe 18.6.  Enabling Syslog on a Unix Server
      Recipe 18.7.  Changing the Default Log Facility
      Recipe 18.8.  Restricting What Log Messages Are Sent to the Server
      Recipe 18.9.  Setting the IP Source Address for Syslog Messages
      Recipe 18.10.  Logging Router Syslog Messages in Different Files
      Recipe 18.11.  Maintaining Syslog Files on the Server
      Recipe 18.12.  Testing the Syslog Sever Configuration
      Recipe 18.13.  Preventing the Most Common Messages from Being Logged
      Recipe 18.14.  Rate-Limiting Syslog Traffic
    Chapter 19.  Access Lists
      Recipe 19.1.  Filtering by Source or Destination IP Address
      Recipe 19.2.  Adding a Comment to an ACL
      Recipe 19.3.  Filtering by Application
      Recipe 19.4.  Filtering Based on TCP Header Flags
      Recipe 19.5.  Restricting TCP Session Direction
      Recipe 19.6.  Filtering Multiport Applications
      Recipe 19.7.  Filtering Based on DSCP and TOS
      Recipe 19.8.  Logging when an Access List Is Used
      Recipe 19.9.  Logging TCP Sessions
      Recipe 19.10.  Analyzing ACL Log Entries
      Recipe 19.11.  Using Named and Reflexive Access Lists
      Recipe 19.12.  Dealing with Passive Mode FTP
      Recipe 19.13.  Using Context-Based Access Lists
    Chapter 20.  DHCP
      Recipe 20.1.  Using IP Helper Addresses for DHCP
      Recipe 20.2.  Limiting the Impact of IP Helper Addresses
      Recipe 20.3.  Using DHCP to Dynamically Configure Router IP Addresses
      Recipe 20.4.  Dynamically Allocating Client IP Addresses via DHCP
      Recipe 20.5.  Defining DHCP Configuration Options
      Recipe 20.6.  Defining DHCP Lease Periods
      Recipe 20.7.  Allocating Static IP Addresses with DHCP
      Recipe 20.8.  Configuring a DHCP Database Client
      Recipe 20.9.  Configuring Multiple DHCP Servers per Subnet
      Recipe 20.10.  Showing DHCP Status
      Recipe 20.11.  Debugging DHCP
    Chapter 21.  NAT
      Recipe 21.1.  Configuring Basic NAT Functionality
      Recipe 21.2.  Allocating External Addresses Dynamically
      Recipe 21.3.  Allocating External Addresses Statically
      Recipe 21.4.  Translating Some Addresses Statically and Others Dynamically
      Recipe 21.5.  Translating in Both Directions Simultaneously
      Recipe 21.6.  Rewriting the Network Prefix
      Recipe 21.7.  Adjusting NAT Timers
      Recipe 21.8.  Changing TCP Ports for FTP
      Recipe 21.9.  Checking NAT Status
      Recipe 21.10.  Debugging NAT
    Chapter 22.  Hot Standby Router Protocol
      Recipe 22.1.  Configuring Basic HSRP Functionality
      Recipe 22.2.  Using HSRP Preempt
      Recipe 22.3.  Making HSRP React to Problems on Other Interfaces
      Recipe 22.4.  Load Balancing with HSRP
      Recipe 22.5.  Redirecting ICMP with HSRP
      Recipe 22.6.  Manipulating HSRP Timers
      Recipe 22.7.  Using HSRP on a Token Ring Network
      Recipe 22.8.  HSRP SNMP Support
      Recipe 22.9.  Increasing HSRP Security
      Recipe 22.10.  Showing HSRP State Information
      Recipe 22.11.  Debugging HSRP
    Chapter 23.  IP Multicast
      Recipe 23.1.  Configuring Basic Multicast Functionality with PIM-DM
      Recipe 23.2.  Routing Multicast Traffic with PIMSM and BSR
      Recipe 23.3.  Routing Multicast Traffic with PIM-SM and Auto-RP
      Recipe 23.4.  Configuring Routing for a Low Frequency Multicast Application
      Recipe 23.5.  Configuring CGMP
      Recipe 23.6.  Static Multicast Routes and Group Memberships
      Recipe 23.7.  Routing Multicast Traffic with MOSPF
      Recipe 23.8.  Routing Multicast Traffic with DVMRP
      Recipe 23.9.  DVMRP Tunnels
      Recipe 23.10.  Controlling Multicast Scope with TTL
      Recipe 23.11.  Using Administratively Scoped Addressing
      Recipe 23.12.  Exchanging Multicast Routing Information with MBGP
      Recipe 23.13.  Using MSDP to Discover External Sources
      Recipe 23.14.  Converting Broadcasts to Multicasts
      Recipe 23.15.  Showing Multicast Status
      Recipe 23.16.  Debugging Multicast Routing
    Appendix A.  External Software Packages
      Section A.1.  Perl
      Section A.2.  Expect
      Section A.3.  NET-SNMP
      Section A.4.  PuTTY
      Section A.5.  OpenSSH
      Section A.6.  Ethereal
    Appendix B.  IP Precedence, TOS, and DSCP Classifications
      Section B.1.  Combining TOS and IP Precedence to Mimic DSCP
      Section B.2.  RSVP
      Section B.3.  Queueing Algorithms
      Section B.4.  Dropping Packets and Congestion Avoidance