Saturday, November 14, 2009

Setting up Terminal Server on Cisco Router

To Setup a Terminal server on cisco router you require Async module on the router. Cisco routers like 2511 comes up with such interfaces. You will need Octal cable to connect the console RJ-45 of devices to the Async interface.

The lines for 2511 starts from 2001 to 2008 for an Async interface. Below is the sample config which i use for my Lab's access server.

interface Loopback0
ip address

no ip directed-broadcast

ip host S3 2011
ip host R7 2007
ip host R6 2006
ip host R4 2004
ip host R3 2003
ip host S2 2010
ip host S1 2009
ip host R5 2005
ip host R2 2002
ip host R1 2001
ip host S4 2012
ip host R8 2008

line con 0
exec-timeout 0 0
logging synchronous
transport input none
line 1 16
no exec
transport input all

Now that the router is configured we use the following commands to navigate.
- to access a device

telnet 2001

- to switch between active sessions

ctrl-shift-6-x will bring you back to terminal server
show sessions will display the active sessions
entering a number of a session will let you access that session
- to disconnect a session
use the disconnect command

CCIE R&S 4.0 Lab Blue Print

CCIE Routing & Switching Lab Exam Topics (Blueprint)

Exam Sections and Sub-task Objectives

1.00 Implement Layer 2 Technologies √

1.10 Implement Spanning Tree Protocol (STP)

(a) 802.1d

(b) 802.1w

(c) 801.1s

(d) Loop guard

(e) Root guard

(f) Bridge protocol data unit (BPDU) guard

(g) Storm control

(h) Unicast flooding

(i) Port roles, failure propagation, and loop guard operation

1.20 Implement VLAN and VLAN Trunking Protocol (VTP)

1.30 Implement trunk and trunk protocols, EtherChannel, and load-balance

1.40 Implement Ethernet technologies

(a) Speed and duplex

(b) Ethernet, Fast Ethernet, and Gigabit Ethernet

(c) PPP over Ethernet (PPPoE)

1.50 Implement Switched Port Analyzer (SPAN), Remote Switched Port Analyzer (RSPAN), and flow control

1.60 Implement Frame Relay

(a) Local Management Interface (LMI)

(b) Traffic shaping

(c) Full mesh

(d) Hub and spoke

(e) Discard eligible (DE)

1.70 Implement High-Level Data Link Control (HDLC) and PPP

2.00 Implement IPv4

2.10 Implement IP version 4 (IPv4) addressing, subnetting, and variable-length subnet masking (VLSM)

2.20 Implement IPv4 tunneling and Generic Routing Encapsulation (GRE)

2.30 Implement IPv4 RIP version 2 (RIPv2)

2.40 Implement IPv4 Open Shortest Path First (OSPF)

(a) Standard OSPF areas

(b) Stub area

(c) Totally stubby area

(d) Not-so-stubby-area (NSSA)

(e) Totally NSSA

(f) Link-state advertisement (LSA) types

(g) Adjacency on a point-to-point and on a multi-access network

(h) OSPF graceful restart

2.50 Implement IPv4 Enhanced Interior Gateway Routing Protocol (EIGRP)

(a) Best path

(b) Loop-free paths

(c) EIGRP operations when alternate loop-free paths are available, and when they are not available

(d) EIGRP queries

(e) Manual summarization and autosummarization

(f) EIGRP stubs

2.60 Implement IPv4 Border Gateway Protocol (BGP)

(a) Next hop

(b) Peering

(c) Internal Border Gateway Protocol (IBGP) and External Border Gateway Protocol (EBGP)

2.70 Implement policy routing

2.80 Implement Performance Routing (PfR) and Cisco Optimized Edge Routing (OER)

2.90 Implement filtering, route redistribution, summarization, synchronization, attributes, and other advanced


3.00 Implement IPv6

3.10 Implement IP version 6 (IPv6) addressing and different addressing types

3.20 Implement IPv6 neighbor discovery

3.30 Implement basic IPv6 functionality protocols

3.40 Implement tunneling techniques

3.50 Implement OSPF version 3 (OSPFv3)

3.60 Implement EIGRP version 6 (EIGRPv6)

3.70 Implement filtering and route redistribution

4.00 Implement MPLS Layer 3 VPNs

4.10 Implement Multiprotocol Label Switching (MPLS)

4.20 Implement Layer 3 virtual private networks (VPNs) on provider edge (PE), provider (P), and customer

edge (CE) routers

4.30 Implement virtual routing and forwarding (VRF) and Multi-VRF Customer Edge (VRF-Lite)

5.00 Implement IP Multicast

5.10 Implement Protocol Independent Multicast (PIM) sparse mode

5.20 Implement Multicast Source Discovery Protocol (MSDP)

5.30 Implement interdomain multicast routing

5.40 Implement PIM Auto-Rendezvous Point (Auto-RP), unicast rendezvous point (RP), and bootstrap router


5.50 Implement multicast tools, features, and source-specific multicast

5.60 Implement IPv6 multicast, PIM, and related multicast protocols, such as Multicast Listener Discovery


6.00 Implement Network Security

6.01 Implement access lists

6.02 Implement Zone Based Firewall

6.03 Implement Unicast Reverse Path Forwarding (uRPF)

6.04 Implement IP Source Guard


Implement authentication, authorization, and accounting (AAA) (configuring the AAA server is not

required, only the client-side (IOS) is configured)

6.06 Implement Control Plane Policing (CoPP)

6.07 Implement Cisco IOS Firewall

6.08 Implement Cisco IOS Intrusion Prevention System (IPS)

6.09 Implement Secure Shell (SSH)

6.10 Implement 802.1x

6.11 Implement NAT

6.12 Implement routing protocol authentication

6.13 Implement device access control

6.14 Implement security features

7.00 Implement Network Services

7.10 Implement Hot Standby Router Protocol (HSRP)

7.20 Implement Gateway Load Balancing Protocol (GLBP)

7.30 Implement Virtual Router Redundancy Protocol (VRRP)

7.40 Implement Network Time Protocol (NTP)

7.50 Implement DHCP

7.60 Implement Web Cache Communication Protocol (WCCP)

8.00 Implement Quality of Service (QoS)

8.10 Implement Modular QoS CLI (MQC)

(a) Network-Based Application Recognition (NBAR)

(b) Class-based weighted fair queuing (CBWFQ), modified deficit round robin (MDRR), and low latency

queuing (LLQ)

(c) Classification

(d) Policing

(e) Shaping

(f) Marking

(g) Weighted random early detection (WRED) and random early detection (RED)

(h) Compression

8.20 Implement Layer 2 QoS: weighted round robin (WRR), shaped round robin (SRR), and policies

8.30 Implement link fragmentation and interleaving (LFI) for Frame Relay

8.40 Implement generic traffic shaping

8.50 Implement Resource Reservation Protocol (RSVP)

8.60 Implement Cisco AutoQoS

9.00 Troubleshoot a Network

9.10 Troubleshoot complex Layer 2 network issues

9.20 Troubleshoot complex Layer 3 network issues

9.30 Troubleshoot a network in response to application problems

9.40 Troubleshoot network services

9.50 Troubleshoot network security

10.00 Optimize the Network

10.01 Implement syslog and local logging

10.02 Implement IP Service Level Agreement SLA

10.03 Implement NetFlow

10.04 Implement SPAN, RSPAN, and router IP traffic export (RITE)

10.05 Implement Simple Network Management Protocol (SNMP)

10.06 Implement Cisco IOS Embedded Event Manager (EEM)

10.07 Implement Remote Monitoring (RMON)

10.08 Implement FTP

10.09 Implement TFTP

10.10 Implement TFTP server on router

10.11 Implement Switch-module Configuration Protocol (SCP)

10.12 Implement HTTP and HTTPS

10.13 Implement Telnet

Friday, November 13, 2009

Whats first.. Route-map, Distribute-list, Filter-list, Prefix-list..??

Easy way to memorize which will be selected first among Route-map, Distribute-list, Filter-list, Prefix-list is

RFPD (Relate this abbreviation to any thing that you can memorize, for me "River Front Police Department" worked fine)


BGP - Route Dampening .. Exponential Decay / Half life.!!

In BGP Dampening, Suppose they ask that " Route should be reused after 5 minutes "and all other parameters are default
than as per formula for BGP dampening

Max penalty = reuse-limit *2^(maximum suppress time/half time)

Suppose it flapped twice than max penalty will be 2000
2000 = 750 * 2 ^( 5mins / half life)
2000/750 = 2 ^ ( 5 / half life) { simplify 2000/750 = 8/3 }
8/3 = 2 ^ ( 5 / half life)
Take logarithm on both sides
Log (8/3) = Log 2 ^ 5/halflife)

{ Logarithms formulas Log x/y = (Log x - Log y) and
Log x^a = a.Log x }

after applying the log formula
Log 8 - Log 3 = (5xLog 2)/halflife
0.9030 - 0.4771 = 5x0.3010/halflife
0.4259 = 1.505/halflife
0.4259/1.505 = Halflife
3.53 = Halflife
Round it off

Half life = 4 ... Configuring Half life as 4 will ensure that suppressed prefix will be advertised after 5 mins.

Restrict SSH access to Management IP address ranges - Juniper EX Switches

People from Cisco world would always wonder that how to restrict ssh access to a Juniper EX switch to fewer hosts or ranges Here is how y...