Print Book $44.99
Print+PDF
$58.49
Print Book £31.99
June 2007
Pages: 598
Cover | Table of Contents | Colophon
Index
[ Numbers ], [ A ], [ B ], [ C ], [ D ], [ E ], [ F ], [ G ], [ H ], [ I ], [ J ], [ K ], [ L ], [ M ], [ N ], [ O ], [ P ], [ Q ], [ R ], [ S ], [ T ], [ U ], [ V ], [ W ], [ X ], [ Y ], [ Z ],
Numbers[ Top ]
1-RU models (single rack unit), multilayer switches, 203
3800 series of routers, 203
4500-series switches, 203
5 minute offered rate, 451
6500-series switches, 203, 204-226
6506 switches, slots, 210
6509 chassis, backplane, 208
6513-chassis slots, 210
architecture, 206-222
modules, 213-222
buses, 207
CatOS vs. IOS, 222-226
enhanced chassis, 210
modules
interaction, 214-217
types, 217
supervisors, 211
MSFC, 211
7500 series of routers, 203
7600 series of routers, 203
802.1Q trunking protocol, 34
configuring for Gibabit port on IOS switch, 38
deciding when to use, 36
ISL vs., 35
trunk configuration, CatOS switches, 40
VLAN tagging, 36
802.3ad IEEE specification for LACP, 60
A[ Top ]
A and B feeds (DC power), 16
AAA authentication, 353-360
applying method lists, 360
configuring security server, 354-356
creating method lists, 356-360
enabling, 353
aaa authentication login default group method, 358
aaa group server command, 356
aaa new-model command, 353
ABR (area border router), OSPF, 121
AC or DC power, 16
AC power supplies, specifying voltage, amperage, and socket for feeds, 17
access (switchport mode), 37
access level, networks, 473
access lists (see ACLs)
access-group command, applying reflexive access lists, 341
access-layer switches
UplinkFast configured on, 82
UplinkFast feature, spanning tree, 81
access-list compiled command, 331
accident chains, 515
Accounting (AAA), 353
ACD (Automatic Call Distributor), 254
ACEs (access-control entries), 323
ACLs (access control lists), 323-342
class maps, 436
converged network, 449
configuring for PIX firewall, 372
designing, 323-334
allowing MTU path discovery packets, 333
allowing outbound traceroute and ping, 332
application points for ACLs, 324
most-used lines at beginning, 327
naming ACLs, 326
top-down processing, 326
Turbo ACLs, 331
using groups in PIX ACLs, 328-331
wildcard masks, 323
function of each entry, 172
GRE and, 161
IP address space allocation and, 492
in multilayer switches, 334-337
configuring port ACLs, 334
configuring router ACLs, 335
configuring VLAN maps, 336
PIX firewall, using object groups for complex lists, 372-375
reflexive access lists, 338-342
configuring, 340-342
active mode (LACP and PAgP), 60
active PIX firewall, 378
failure of
switching roles with standby PIX, 382
forcing standby PIX to become, 383
saving configuration changes to standby, 389
active routers, 164
replacement by standby router, 166
ACTS (Automated Computer Time Service), 511
AD (administrative distance), 108
EIGRP and OSPF, redistributed routes, 142
internal vs. external routes, 105
listed in example routing table entry, 97
redistributed routes, 136
routes learned via EIGRP, 120
summary for different routing protocols, 93
using as route tag, 147
add keyword, using with switchport trunk pruning vlan command (IOS), 53
Add/Drop (telecom terminology), 254
Address Resolution Protocol (see ARP)
addresses and phone numbers of end points (frame relay service), 302
adjacency table (CEF), 189
administrative distance (see AD)
administrator tag, 144
advertisement requests, 46
age of a route, 97
aged out information in route cache, 187
AIS (alarm indication signal), 279
alarms
DS3, channelized DS3, 297
T1, 276-279
blue alarm (AIS), 279
red alarm, 277
yellow alarm (RAI), 278, 285
"Algorhyme", 67
alpha-geek syndrome, 542
AMI (Alternate Mark Inversion) encoding, 270
DS3 links, 292
analog and digital, 254
ARAP (AppleTalk Remote Access Protocol), 357
area border router (ABR), OSPF, 121
ARP (Address Resolution Protocol), 12
changes to ARP table, route cache and, 187
use in Ethernet networks for MAC address to IP address mapping, 302
ASBR (autonomous system border router), OSPF, 121
ASE (autonomous system external) LSAs, 122
ASN (autonomous system number), 104
EIGRP configuration, 117
prefixed onto autonomous system path in BGP, 127
redistribution of IGRP routes from, 135
ATM (Asynchronous Transfer Mode) networks, 3
atomic clocks, 507
authentication, 343-360
AAA (Authentication, Authorization, and Accounting), 353-360
applying method lists, 360
configuring security server, 354-356
creating method lists, 356-360
enabling, 353
basic (non-AAA), 343-353
configuring local users, 344
line passwords, 343
PPP authentication, 347-353
between routers, support by RIPv2, 116
Authentication (AAA), 353
authentication chap command, 351
Authentication, Authorization, and Accounting (see AAA authentication)
Authorization (AAA), 353
authorization acknowledgment (AUTH-ACK), 348
authorization request (AUTH-REQ), 348
auto (dynamic switchport mode), 38
auto mode (PAgP), 60
auto qos voip command, 247
auto-cost reference-bandwidth command (OSPF), 121
Automated Computer Time Service (ACTS), 511
Automatic Call Distributor (ACD), 254
auto-negotiation, 19-23
best practices, 22
configuring, 23
failures of, 20
common failure scenario, 22
how it works, 20
autonomous system border router (ASBR), OSPF, 121
autonomous system external (ASE) LSAs, 122
autonomous system number (see ASN)
autonomous systems
BGP, 127
defined, 110
in EIGRP, 104
linking with EGPs, 110
redistribution of routes between, 132
AutoQoS on 3750 switches, 247
disabling, 249
auto-summarization
EIGRP, 119
RIPv2, 116
B[ Top ]
B3ZS (Bipolar Three Zero Substitution), 292
B8ZS (Binary Eight Zero Substitution), 270, 271
bipolar violation (BPV), 275
backbone and nonbackbone areas, OSPF, 122
backbone routers, OSPF, 121
BackboneFast, 83
backplane in a 6509 chassis, 208
backup designated router (BDR), OSPF, 122, 123
Backward-Explicit Congestion Notification (BECN), 308
balancing algorithms, 398
bandwidth, 255
limiting/guaranteeing with QoS, 421
misconceptions about QoS, 429
requirements for protocols in QoS design, 433-435
sharing in frame relay networks, 302
utilization graph for a frame-relay link, 303
bandwidth command, 437
bandwidth-based metrics
EIGRP
bandwidth in Kbps, 136
effective bandwidth metric (loading), 136
GRE tunnel interface, 156
OSPF, 108, 121, 137
basic (non-AAA) authentication, 343-353
configuring local users, 344
line passwords, 343
PPP authentication, 347-353
Basic Rate Interface (BRI) ISDN links, 259
bay face layouts, 468
B-channels (bearer channels), 259
BDR (backup designated router), OSPF, 122, 123
bearer channels, 259, 270
BECN (Backward-Explicit Congestion Notification), 308
BERT (Bit Error Rate Test), 256
run by CSU/DSUs, 283
BGP (Border Gateway Protocol), 126-129
autonomous systems, 127
paths, 127
prefixes, 127
public IP network lookup, 129
route servers, 128
routing (example), 127
Binary Eight Zero Substitution (see B8ZS)
binary tree (fast switching), 185
binary trie, 188
Bipolar Three Zero Substitution (B3ZS), 292
bipolar violation (BPV), 275
B3ZS line coding, 292
Bit Error Rate Test (BERT), 256
run by CSU/DSUs, 283
bit stuffing, 290
blades (modules), 16
blocking state (ports), 73, 76
blocking nonforwarding ports, 75
blue alarm (AIS), 279
BNC connectors (10Base-2), 6
bootflash: device, 411
Border Gateway Protocol (see BGP)
BPDU Guard, 81
BPDUs (bridge protocol data units), 74
BPV (bipolar violation), 275
B3ZS line coding, 292
break character, terminal server, 514
BRI (Basic Rate Interface) ISDN links, 259
bridge ID, 74
bridge protocol data units (BPDUs), 74
bridged load balancing, 396
bridged networks, 3
e-commerce web site, 479
bridges, 66
root bridge (switch), 73
bridging, 478
British Thermal Unit (BTU) values, 469
broadcast domains, 8
broadcast networks, support by OSPF, 125
broadcast storms, 9, 66, 67-72
controlling, 233
troubleshooting with show process cpu history command, 68
broadcasts, 8
sending useless RIP broadcasts, 134
burst rate (frame relay), 303
buses, 6500-series switches, 207
interaction between, 214
C[ Top ]
C bus (control bus), 207
cables, 6
failover cable for PIX firewall, 378
fiber, unidirectional links, 86
routing to modules on chassis-based switches, 18
stacking, 228
calendar (Cisco devices), 508
ntp update-calendar command, 512
Call Manager, 247
call-control stream, VoIP, 419
calling router, 347
CAM table (content-addressable memory table), 12
CANs (Campus Area Networks), 3
defined, 5
interchangeability with MANs, 4
capacity, increasing, 527
Catalyst 3750 switch, 227-249
flex links, 233
interface ranges, 228
macros, 229-232
port security, 238
QoS (Quality of Service), 247-249
SPAN (Switched Port Analyzer), 241-244
stacking, 227
storm control, 233-238
Voice VLAN, 244-246
Catalyst Operating System (see CatOS)
CatOS, 11
BackboneFast, configuring, 84
BPDU Guard, enabling and disabling, 81
CAM table (content-addressable memory table), 12
channel (EtherChannel), 55
controlling layer-2 operations on MSFCs, 198
determining if a switch can use a trunking protocol, 34
EtherChannel, configuring and managing, 61
hybrid mode switches, 201
IOS vs., 222-226
PortFast, enabling and disabling, 81
switch running, show cam command, 14
trunk configuration, 40
viewing trunk status, 41
UplinkFast, configuring, 82
VLANs, configuring, 28
VTP domain, configuring, 50
VTP modes, 50
VTP password, setting, 51
VTP pruning, 54
C-bit framing, 290
CBWFQ (class-based weighted fair queuing), 426
CEF (Cisco Express Forwarding), 181, 188
configuring and managing switching paths, 193
fast switching and, 192
forwarding and adjacency tables, 189
load balancing over equal-cost paths, 190
performance advantages, 189
trie, 188
central office (CO), 257
Challenge Handshake Authentication Protocol (see CHAP)
change control, 539-541
changeto context command, 218
channel bank, 257
channel group, 295
Channel Service Unit/Data Service Unit (see CSU/DSU)
channelized DS3, 288
clear-channel DS3 vs., 292
configuring, 295-298
line coding, 292
channelized T1, 270
channelized T3, 288
channels
configuring for T1 link, 284
EtherChannel, 55
(see also EtherChannel)
CHAP (Challenge Handshake Authentication Protocol), 347, 349-353
changing sent hostname, 352
one-way authentication, 350
two-way authentication, 351
chassis-based switches
6500 series, enhanced chassis, 210
installation, planning, 16-18
cooling, 17
installing/removing modules, 17
power, 16
rack space, 16
routing cables, 18
layer-3 module to make switch multilayer-capable, 197
with older supervisor modules, router as separate device, 198
CIDR (Classless Internet Domain Routing), 116, 490
CIR (committed information rate), 303
cisco frame-relay encapsulation, 309
class A networks, 114
class C networks, 114
class maps, 435-437
applying to an interface, 438
converged network, 448
Class of Service (see CoS)
class-based weighted fair queuing (CBWFQ), 426
class-default class, 438
converged network policy map, 448
queue too large in converged network, 458
queue too small in converged network, 458
classful networks
route contained in, 97
subnetting rules, 487
wildcard masks, 324
classful routing protocols, 111
RIP, 113
Classless Internet Domain Routing (CIDR), 116, 490
classless network, conversion into classful equivalent in EIGRP, 118
classless routing protocols, 111
EIGRP, 117
OSPF, 125
classless routing, support in RIPv2, 116
clauses, building route maps from, 173
clear trunk command (CatOS), 42
clear vtp pruneeligible command (CatOS), 54
clear xlate command, 391
clear-channel DS3, 288
configuring, 293-294
framing, 292
clear-channel T1, 270
clearing VTP password on CatOS switches, 51
CLI (command-line interpreter), CatOS and IOS, 27
client (VTP mode), 45
CatOS, 50
setting on IOS switch, 50
client VLAN (CSM), 401
clock (Cisco devices), 508
clocking
DS3, 290
configuring, 296
T1, configuring, 284
CMM (Communication Media Module), 222
CO (central office), 257
code examples from this book, xvii
collapsed-core networks
-no distribution, 474
-no distribution or access, 476
collision domains, 8
collisions, 8
full-duplex/half-duplex links, 21
half-duplex environments, 21
late, 9
port in half-duplex mode listening for, 85
command-line interpreter (CLI), CatOS and IOS, 27
committed information rate (CIR), 303
Communication Media Module (CMM), 222
computer jerks, 541-544
conferencing services, 222
congested networks, 440-446
determining if network is congested, 440-445
resolving, 445
congestion avoidance, frame relay, 308
congestion, QoS and, 428
connected interfaces, redistributing in EIGRP, 153
connected routes, 131
redistributing into RIP, 134
redistribution into EIGRP, 144
connections, 3
showing all active connections on PIX firewall, 391
consulting costs, 527
Content Switches, 398
Content Switching Modules (see CSMs)
content-addressable memory table (CAM table), 12
contexts (multiple), support by FWSM, 218
control packets (RIP updates), 135
converged network, 447-458
configuration, 447
monitoring QoS, 449-452
troubleshooting, 452-458
default queue too large, 458
default queue too small, 458
incorrect queue configuration, 452
nonpriority queue too large, 457
nonpriority queue too small, 456
priority queue too large, 455
priority queue too small, 454
convergence, 112
cooling on chassis switches, 17
cooling requirements, documenting in network design, 469-471
copy running startup command, 389
core (network) area, OSPF, 122
core, distribution, and access levels (three-tier network model), 473
corporate networks, 473-477
collapsed core-no distribution, 474
collapsed core-no distribution or access, 476
configuration concerns, 476
NTP hierarchy, 509
three-tier architecture, 473
CoS (Class of Service), 244, 421, 424
priority levels, 425
costs for changing existing network design, 526
costs, path, 73, 75
counting to infinity, 107
couplers, 6
CPE (customer premises equipment), 257
CPU utilization, show process cpu history command, 68-72
CRC6 (Cyclic Redundancy Check (6-bit)), 276
crossbar fabric bus, 207
crossbar switching bus, 206
cryptographic features, IDSMs, 221
CSMs (Content Switching Modules), 204, 219, 396, 398, 405-413
common tasks, 407-411
configuring, 401-404
client VLAN, 402
load-balanced network (example), 405-407
port redirection, 404
real servers, 402
server farms, 403
server VLAN, 402
virtual servers, 403
implementing SLB, 398
upgrading, 411-413
CSU/DSU (Channel Service Unit/Data Service Unit), 257
configuration, 283
integrated CSU/DSU WICs, 282
loopback tests, 280-282
troubleshooting, 284-287
custom queuing, 426
customer premises equipment (CPE), 257
Cyclic Redundancy Check (6-bit) (CRC6), 276
D[ Top ]
D bus (data bus), 207
D4/superframe, 273
DACCS (Digital Access Cross-Connect System), 258
dangers of upgrading, 537
data bus (D bus), 207
data channel, 259, 270
data link control identifiers (see DLCIs)
data port/DTE loopback, 281
Data Service Unit (DSU), 257
(see also CSU/DSU)
data terminal equipment (DTE devices), communication with DCE devices, 307
databases
EIGRP, 120
OSPF, storage of routes in, 126
VLAN, 27
configuring IOS with, 29
DC power, 16
dCEF (distributed Cisco Express Forwarding), 208
D-channel (data channel), 259
DE (discard-eligible) frames, 303
debug auto qos command, 247
debug frame-relay lmi command, 317
debug ip policy command, 179
debug ppp authentication command, 348
CHAP two-way authentication, 351
debugging, using PIX logging output, 390
decrementing priority for tracked interfaces, 168
default gateway, 92
listed in show ip route command output, 96
no default gateway configured or learned, 96
default queue, 458
default route, 95, 100
default-metric command, 133
EIGRP, 136
delay metrics (EIGRP), 136
GRE tunnel interface, 156
demarc (demarcation point), 258
demilitarized zone (see DMZ)
deny clause clauses, 174
designated bridge, 75
designated port, 75
failure of link on, 81
designated root MAC address, 78
designated router (DR), OSPF, 122
designing networks, 461-483
documentation, 461-471
bay face layouts, 468
IP and VLAN layouts, 466
network diagrams, 471
port layout, 463-466
power and cooling requirements, 469-471
driving forces of network design, 521-523
IP network, 484-505
allocating IP address space, 491-494
allocating IP subnets, 494-498
CIDR, 490
IP subnetting made easy, 498-505
public vs. private IP space, 484-487
VLSM, 487-489
naming conventions for devices, 472
network designs, 473-483
corporate networks, 473-477
e-commerce web sites, 477-482
small networks, 482
desirable (dynamic switchport mode), 38
desirable mode (PAgP), 60
CatOS EtherChannel, 61
destination IP address
of GRE tunnel, 153
load balancing with, 58
destination MAC address, load balancing with, 56-60
other options, 58
destination network, description of, 94
destination port, load balancing with, 58
differential service code point (see DSCP)
Digital Access Cross-Connect System (DACCS), 258
digital and analog, 254
digital signal (DS) hierarchy, 258
Digital Signal 3 (see DS3)
disabled state (ports), 76
disaster chains, 515
discard-eligible (DE) frames, 303
distance-vector routing protocols, 107
EIGRP features, 117
route poisoning, 111
distributed Cisco Express Forwarding (dCEF), 208
distribution level, networks, 473
divide by half IP subnet allocation, 496
DLCIs (data link control identifiers), 301
assigned to subinterface and mapped to IP address, 315
mapping IP addresses to, 312
mapping IP addresses to, using Inverse ARP, 302
status information from LMI, 310
DMZ (demilitarized zone), 363-367
connectivity to a third party, 365
firewall configuration, 364
allowing services only as needed, 365
multiple DMZ example, 366
NAT example, 387
DNS load balancing, 396
documentation, 461-471
bay face layouts, 468
IP and VLAN spreadsheets, 466
network diagrams, tips for, 471
port layout spreadsheets, 463-466
power and cooling requirements, 469-471
requirements document, 462
domain names, fully qualified, 472
domains, VTP, 44
configuring, 49
DR (designated router), OSPF, 122, 123
drop rate, 451
converged network, too small priority queue, 454
DS (digital signal) hierarchy, 258
DS2 (Digital Signal 2), speed, 290
DS3 (Digital Signal 3), 288-298
configuring, 292-298
channelized DS3, 295-298
clear-channel DS3, 293-294
framing, 288-292
C-bits, 290
clear-channel DS3 framing, 292
M13, 289
DS3 networks, 3
DSCP (differential service code point), 423
class maps, 435
priority levels, 425
DSU (Data Service Unit), 257
(see also CSU/DSU)
DTP (Dynamic Trunking Protocol), 37
trunk configuration, CatOS switches, 40
duplex command (IOS), 23
duplex links (T1), 268
duplex mode, 19
configuring for PIX firewall interfaces, 371
mismatch, causing spanning tree problem, 85
dynamic (switchport mode), 37
dynamic routing protocols, 102
dynamic secure MAC addresses, 238
Dynamic Trunking Protocol (DTP), 37
trunk configuration, CatOS switches, 40
E[ Top ]
E-carrier hierarchy, 259
echo reply messages, 333
e-commerce web sites, 477-482
benefits of 6509 chassis-based solution, 205
firewalls, 368
IP scheme, 482
systems considerations, 482
three-tier architecture, 478
bridged, 479
management network, 480
routed, 480
EES (extreme errored seconds), 276
EGPs (external gateway protocols), 110
EHLO command, preventing execution of, 376
EIGRP (Enhanced Internal Gateway Routing Protocol), 117
administrative distances, 120
ASN identifying EIGRP instance, 117
autonomous systems, 104
combining features of distance-vector and link-state protocols, 117
databases used to store information, 120
failover design using, 171
GRE tunnels and, 157-161
information table, 92
listing network interfaces to include, 118
metrics
determining costs, 108
GRE tunnel interface, 156
mutual redistribution with OSPF, 139, 147
neighbors, sending update packets to, 119
redistributing connected interfaces, 153
redistributing into, 135-137
metrics, 135
OSPF routes, 137
RIP routes, 137
redistributing routes into RIP, 133
redistribution into OSPF, resulting redistribution loop, 140
route summarization, 119
route tags, setting with route maps, 143
routes redistributed into OSPF, using route tags, 142
email
bandwidth requirements in QoS scheme, 434
class maps, 436
priority in QoS scheme, 433
encapsulation frame-relay command, 309
encapsulation frame-relay ietf command, 309
encoding
DS3 line coding, 292
channelized DS3, 297
T1, 270-272
AMI (Alternate Mark Inversion), 270
B8ZS (Binary Eight Zero Substitution), 271
CSU/DSU configuration, 283
encryption
password, 344
VTP password on CatOS switches, 51
Enhanced FlexWAN modules, 222
Enhanced Internal Gateway Routing Protocol (see EIGRP)
EOBC (Ethernet Out-of-Band Channel), 207
equipment costs, 526
errdisable recovery cause psecure-violation command, 240
ErrDisable state (ports), 81
error-based Top-N report on CatOS, 226
error-disabled state, 240
errors, framing, 274
ES (errored seconds), 276
EtherChannel, 55-65
channel on CatOS, 55
configuring and managing, 60-65
CatOS example, 61
IOS example, 62-65
protocols, 60
corporate network design, 476
differences in terminology, Cisco and Solaris, 56
as flex-link backup, 233
load balancing, 56-60
packet distribution on physical links, 57
port channel interface on IOS, 55
speed of single logical link, 55
Ethernet
10/100 links, auto-negotiation failures, 20
frame check sequence (FCS), 35
resilient, 163-171
HSRP, 163-166
speeds, 19
support for full-duplex on 10Base-T and 100Base-T, 20
Ethernet interfaces, 481
Ethernet modules, 217
Ethernet networks, 3
multilayer switches, benefits of, 198
multiple routing protocols on single network, 104
resilient
HSRP interface tracking, 166-168
when HSRP isn't enough, 168-171
support by OSPF, 125
Ethernet Out-of-Band Channel (EOBC), 207
Ethernet switch, 11
ETRN deque command, 375
European E-carrier hierarchy, 259
Exchange
bandwidth requirements in QoS scheme, 434
priority in QoS, 433
express forwarding packets, 135
extended superframe (ESF), 274
external gateway protocols (EGPs), 110
BGP (Border Gateway Protocol), 126
external routes, 105, 131
excluding from redistribution, 149
OSPF, type-1 and type-2, 138
redistributed routes, 136
extreme errored seconds (EES), 276
F[ Top ]
fabric bus, 206
fabric-enabled modules, 213
connectors, 213
fabric-only modules, 213
connectors, 214
fabrics, 208
interactions between different module types, 214-217
nonfabric, fabric-enabled and fabric-only modules, 213
failed state, CSM servers, 409
failover
CSMs
fault tolerance, 401
primary and secondary IP addresses, 402
no failover testing, 516
PIX firewall, 377-383
configuring, 380
monitoring, 381
terminology, 377
understanding, 378-380
failover active command, 383
failover command, 380
failover lan unit primary command, 377
failover link command, 381
failures, 513-520
disaster chains, 515
human error, 513
multiple component failure, 514
no failover testing, 516
troubleshooting, 516-520
assuming nothing; proving everything, 518
checking physical layer first, 518
don't look for zebras, 519
escalating to someone else, 520
finding out what changed, 517
isolating the problem, 519
Janitor Principle, 520
logging your actions, 517
performing a physical audit, 519
remaining calm, 517
in a team environment, 520
far-end alarm and control (FEAC) codes, 291
far-end block errors (FEBEs), 290, 294
far-end out-of-frame (FEOOF) signals, 290
Fast EtherChannel (FEC) (see EtherChannel)
fast switching, 181, 185-187
binary tree format for route cache information, 185
configuring and managing switching paths, 192
disadvantages of route cache, 186
fault tolerance, 401
replicating changes in primary CSM to secondary, 408
FCS (frame check sequence), ISL and Ethernet, 35
FDDI (Fiber Distributed Data Interface), 3
FDDI networks, support by OSPF, 125
FEAC (far-end alarm and control) codes, 291
FEBE (far-end block errors), 290, 294
FEC (Fast EtherChannel) (see EtherChannel)
FECN (Forward-Explicit Congestion Notification), 308
Federal Standard 1037C, "Telecommunications: Glossary of Telecommunication Terms", 254
FEOOF (far-end out-of-frame) signals, 290
Fiber Distributed Data Interface (FDDI), 3
Fiber Distributed Data Interface (FDDI) networks, support by OSPF, 125
FIFO (First In First Out), 443
packets through serial interface, 420
filtering redistributed routes (see route maps)
Firewall Services Modules (FWSMs), 204
firewalls, 361-368
alternate designs, 367-368
best practices, 361-363
deny everything, permit what you need, 362
everything not yours belongs outside, 363
monitor the logs, 362
simple is good, 362
configuring to allow GRE, 161
DMZ, 363-367
connectivity to a third party, 365
firewall configuration, 364
multiple DMZ example, 366
rules allowing services as needed, 365
(see also PIX firewalls)
five-minute offered rate, 451
fixed-configuration switches, 14
benefits of, 14
fixup command, 376
fixups (PIX firewall), 375
default on Version 6.2, 376
SMTP fixup, 375
viewing status of, 376
flex links, 233
FlexWAN modules, 222
Foreign eXchange Service (FXS) modules, 222
Forward-Explicit Congestion Notification (FECN), 308
forwarding state (ports), 76
forwarding table (CEF trie), 189
FQDN (fully qualified domain name), 472
frame check sequence (FCS), ISL and Ethernet, 35
frame relay, 299-319
bandwidth utilization graph for a link, 303
benefits of, 302
configuring, 309-316
network with more than two nodes, 311-314
simple two-node network, 309-311
subinterfaces, 314-316
DLCIs (data link control identifiers), 301
mapping to IP addresses, 302
LMI (Local Management Interface), 307-308
congestion avoidance in frame relay, 308
network design, 303-305
ordering service, necessary information, 302
oversubscription, 306
troubleshooting, 316-319
problem isolation, steps in process, 316
frame-relay interface-dlci command, 315
frame-relay lmi-type command, 307
frame-relay map command, 315
frame-relay networks, 3
NBMA (nonbroadcast multiaccess), 125
frames, 10
sent over a trunk, adding VLAN information in ISL, 35
framing
DS3 (Digital Signal 3), 288-292
C-bits, 290
channelized DS3, 297
clear-channel DS3 framing, 292
configuring for clear-channel DS3, 293
M13, 289
M23, 296
errors, 274
T1, 272-274
CSU/DSU configuration, 284
D4/superframe, 273
ESF (extended superframe), 274
LOF (loss of frame) errors, 285
OOF (out-of-frame) condition, 275
frustration, avoiding, 529-544
benefits of change control, 539-541
not being a computer jerk, 541-544
selling your ideas to management, 532-536
when to upgrade and why, 536-539
why everything is messed up, 529-532
inability of engineers to communicate needs to management, 531
lack of knowledge or caring about problems, 532
network design low in upper management priorities, 530
piecing together rather than designing networks, 530
rapid growth of small companies, 530
ft command, 401
FTP, 419
QoS priority over HTTP, 428
full-duplex links, 19
example, 21
support by 10Base-T and 100Base-T Ethernet, 20
fully meshed network (frame relay), 304
fully qualified domain name (FQDN), 472
FWSMs (Firewall Services Modules), 204, 217, 369
FXS (Foreign eXchange Service) modules, 222
G[ Top ]
GAD's Maxims, 521-528
driving forces of network design, 521-523
reasons for company to fund changes to existing network, 525-528
valid reasons to change properly sized production network, 524
gateways, 91
default gateways
router with two, 101
Generic Routing Encapsulation (see GRE tunneling protocol)
Gigabit Ethernet, 19
auto-negotiation, 22
gigabit GBIC slots, stacking GBICs in, 227
global command, 384
inside network using the Internet, 387
global macros, 229
GPS (Global Positioning System), 511
GRE (Generic Routing Encapsulation) tunneling protocol, 151-162
access lists and, 161
creating tunnels, 153
defined, 150
tunnels and routing protocols, 156-161
running GRE through VPN tunnel, 160
gre keyword, configuring access lists, 161
group of major networks (see supernets)
group of subnets (see summary routes)
groups
in access lists, 328-331
HSRP, 163
object groups, 372-375
H[ Top ]
half-duplex links, 19
default on 100Base-T Ethernet, 20
example, 21
half-duplex mode, spanning tree problem caused by, 85
hashing algorithm determining physical link to be used for a packet, 56
HDB3 (High-Density Bipolar Three) line coding, 292
hit counts for access list lines, 328
hop count metrics, 106
maximum count in RIPv2, 116
RIP Version 2, 107
host keyword (tacacs-server command), 355
host networks, RIP and, 114
host routes, 95
being received by RIP (example), 115
hostnames, 472
Hot Standby Router Protocol (see HSRP)
HSRP (Hot Standby Router Protocol), 163-166
configuration, 165
interface tracking, 166-168
limitations of, 168-171
RFC 2281, 164
simple design (example), 164
viewing status on routers, 166
HTTP, 419
bandwidth requirements in QoS scheme, 434
class maps, 436
converged network policy map, 448
lower QoS priority than FTP, 428
QoS priorities and, 432
hub and spoke network, 304
hubs, 6-10
broadcast storms, 9
connecting multiple hosts to network, 7
network of hubs connected by a central hub, 9
repeaters vs., 6
replacement by switches, 10
switches vs., 10
human error, 513
human resource costs, 527
hw-module csm module# standby config-sync command, 408
hw-module module module# reset command, 412
hybrid mode, 198
SVIs, 201-203
hybrid protocol (EIGRP), 108
I[ Top ]
IANA (Internet Assigned Numbers Authority), multicast addresses, 103
ICMP
allowing MTU path discovery packets, 333
allowing types needed for ping and traceroute, 332
unreachable types, 332
IDS (intrusion detection system), using with SPAN, 241
IDSM (intrusion detection system modules), 220
ietf frame-relay encapsulation, 309
IGPs (internal gateway protocols), 110
IGRP (Internal Gateway Routing Protocol)
EIGRP, 117
(see also EIGRP)
IMAP
bandwidth requirements in QoS scheme, 434
priority in QoS, 433
in-band signaling, 270, 272
indirect link failures, 83
initializing state (ports), 76
inservice command, 408
inside interface (PIX firewall), 369, 381
integrated CSU/DSU WICs, 282
Integrated Services Digital Network (ISDN), 259
interexchange carrier (IXC), 260
interface command
configuring speeds and duplex modes of PIX firewall interfaces, 371
point-to-point and multipoint keywords, 314
interface macros, 229
interface range command (IOS), 32
interface ranges, 228
interface-dlci command, using subinterfaces, 315
interfaces
24-port 3750 switch, 228
Ethernet, applying policy routing to, 178
interface through which router will forward the packet, 97
loopback, 151
macro description, 231
PIX firewall, 369-371
configuring name and priority, 370
configuring speeds and duplex modes, 371
failover IP address, 380
priority, 370
showing status, 371
port-channel interface (IOS EtherChannel), 55, 62
showing interface information, 64
PVCs mapped to, reporting on, 319
router interface priority in OSPF, 123
storm control, 235
SVIs on FWSM, 217
tracking in HSRP, 166-168
virtual tunnel interface, 155
interface-type description, 3750 switch, 228
interior gateway protocols (IGPs), solution to link-failover, 170
internal gateway protocols (IGPs), 110
Internal Gateway Routing Protocol (see IGRP)
internal router (OSPF), 121
internal routes, 105
limiting redistribution to, 149
Internet Assigned Numbers Authority (IANA), multicast addresses, 103
INTERNET PROTOCOL (RFC 781), definition of gateway, 91
Internet service providers, use of BGP, 128
internetwork control, 431
Internetwork Operating System (see IOS)
interrupt context switching, 181, 184-190
CEF (Cisco Express Forwarding), 188
disabling all paths, 190
fast switching, 185-187
configuring and managing switching paths, 192
disadvantages of, 186
optimum switching, 187
steps, 184
interrupt process switching (CEF), configuring/managing switching paths, 193
Inter-Switch Link (see ISL)
intrusion detection system (IDS), using with SPAN, 241
intrusion detection system modules (IDSM), 220
Inverse ARP, 302
IP address-to-DLCI mappings on frame relay networks, 312
inverse subnet masks, 323
using in EIGRP, 118
using in OSPF, 125
IOS, 11
BackboneFast, configuring, 84
BPDU Guard, enabling and disabling, 81
CatOS vs., 222-226
configuring auto-negotiation speed and duplex mode, 23
controlling layer-3 routing on MSFCs, 198
creating SVI for a VLAN in hybrid mode switches, 201
determining if a switch can use a trunking protocol, 34
disabling DTP, 37
EtherChannel, configuring and managing, 62-65
MAC address table, 12
password-encryption service, 344
port channel interface (EtherChannel), 55
PortFast, enabling/disabling, 80
router command, configuring routing protocols, 114
show mac-address-table | include mac-address command, 13
SLB, configuring, 399-401
subnets keyword, using with redistribute command, 139
trunk configuration, 38-40
UplinkFast, configuring, 83
VLANs
configuring using global commands, 31
configuring using VLAN database, 29
VTP domain, configuring, 49
VTP modes, 50
VTP password, setting, 51
VTP pruning, 52
IOS IP server load balancing, 397
IP addresses
assigning on two-node frame relay network, 310
configuration for frame relay network of more than two nodes, 311
displaying as names in PIX firewall, 371
e-commerce web site, 482
failover, for PIX firewall interfaces, 380
global PAT, configuring outside PIX interface as, 384
grouping in object group, 374
HSRP on Ethernet network, 164
load balancing using source or destination address, 58
mapping to DLCIs, 312
in frame-relay networks, 302
mapping to VCs when using subinterfaces, 315
primary and secondary, CSM server VLAN, 402
referenced by multicast packets, 103
tunnels, 153
ip cef command, 193
ip load-sharing per-packet command, 193
IP networks
designing, 484-505
allocating IP address space, 491-494
allocating IP subnets, 494-498
CIDR, 490
IP subnetting made easy, 498-505
public vs. private IP space, 484-487
VLSM, 487-489
layout worksheets, 466
ip ospf priority command, 123
IP phones, 244
ip policy command, applying route maps to interfaces, 178
IP precedence, 423
class maps, 435
levels, determining, 431
priority levels, 425
ip reflexive-list timeout seconds command, 342
ip route-cache cef command, 193
ip route-cache command
enabling fast switching, 192
IP routing table, 95-101
default route, 100
host route, 97
major network route, 99
subnet route, 98
summary (group of subnets) route, 98
supernet route, 100
ip slb command, 399
ip slb serverfarm command, 399
ip slb vserver command, 400
IP SLB, configuring, 398
IP subnet allocation, 494-498
divide-by-half method, 496
reverse binary method, 497
sequential method, 494
IP TOS field, 422-425
ip_input process, 183
CPU utilization, showing, 191
performance penalties in process switching, 184
ISDN (Integrated Services Digital Network), 259
ISL (Inter-Switch Link), 34
802.1Q protocol vs., 35
adding VLAN information to frame sent over a trunk, 35
deciding when to use, 36
trunk configuration, CatOS switches, 40
isolating the problem, 519
IXC (interexchange carrier), 260
J[ Top ]
Janitor Principle (in troubleshooting), 520
Japanese J-carrier hierarchy, 260
J-carrier hierarchy, 260
K[ Top ]
Kbps, bandwidth in (EIGRP), 136
KVM (Keyboard Video Monitor) switch, 480
L[ Top ]
LACP (Link Aggregation Control Protocol), 60
LANs (Local Area Networks), 3
defined, 4
virtual LANs (see VLANs)
last mile, 264
LATA (local access and transport area), 260
late collisions, 9
latency, 261
layer-2 loops, 10
layer-2 switches
packets crossing from one VLAN to another, 25
three-tier switched network (example), 43
layer-3 switches, 11, 27
redundancy, using routing rather than switching for, 87
(see also multilayer switches)
learning state (ports), 76
least-used algorithm, 399
LEC (local exchange carrier), 264
level of logging, specifying for logging destinations, 389
line authentication, 357
line cards, 217
line coding, DS3, 292
channelized DS3, 297
line loopback, 280, 281
line passwords, 343
lines, 343
Link Aggregation Control Protocol (LACP), 60
link state advertisements (LSAs), OSPF, 122
types of, 122
link-state routing protocols, 107
EIGRP features, 117
OSPF, 121
listening state (ports), 76
LLQ (low-latency queuing), 426, 428
configuring, 435-439
class maps, 435-437
policy maps, 437
service policies, 438
LMI (Local Management Interface), 307-308
congestion avoidance in frame relay, 308
determining if you're receiving, 317
types available on Cisco routers, 307
load balancing, 56-60
CSMs, load-balanced network (example), 405-407
over switching paths, 190-194
CEF, 193
fast switching, 192
process switching, 190-192
server load balancing (see SLB)
types of, 396-398
Cisco technologies, 397
local access and transport area (LATA), 260
Local Area Networks (see LANs)
Local Directors, 397
local exchange carrier (LEC), 264
local loop, 264
local loopback, 281
LOF (loss of frame), 275, 285
logging
configuring destinations and specifying level of logging, 389
PIX firewalls, 389
troubleshooting actions, 517
logging on command, 389
login authentication, 356
method list
applying, 360
creating, 357
log-neighbor-changes command, EIGRP installations, 119
looking-glass routers, 128
loopback interfaces, 151
adding to network routers, 153
loopback testing (T1), 279-282
integrated CSU/DSU WICs, 282
testing progression, 282
loops
broadcast storms and, 67-72
layer-2, 10
MAC address table instability, 72
preventing among bridges with spanning tree, 66
preventing with spanning tree, 73-76
redistribution, 140-142
LOS (loss of signal), 275, 285
low-latency queuing (see LLQ)
LSAs (link state advertisements), OSPF, 122
types of, 122
M[ Top ]
M13 (Multiplexed DS1 to DS3), 289
MAC address tables, 12
instability in looped environment, 72
MAC addresses
ACLs based on, 335, 336
designated root, all zeros, 78
format on different systems, 13
getting for a device on Solaris (example), 13
load balancing with, 56-60
options, 58
referenced by multicast packets, 103
root bridge, 74
secure, 238-241
aging out, 240
show mac-address-table command on IOS-based switch, 12
macro command, 229
macro description command, 231
macros, 229-232
major networks, 95, 99
group of (see supernets)
malformed packets, causing process switching, 192
management network, e-commerce web site, 481
MANs (Metropolitan Area Networks), 3
defined, 5
interchangeability with CANs, 4
mark (T1 signaling), 270
marking of frames to be sent over a trunk, 34
marking packets (QoS), 422
match command (in route maps), 174
matching packet destination address, 177
match keyword, using with redistribute command
redistributing OSPF routes into another protocol, 149
match keyword, using with redistribute ospf command, 137
max_age timeout (best bridge), 83
Maximum Transmission Units (MTUs), 108
EIGRP metric of the path, 136
max-reserved-bandwidth command, 433
Mbps (megabits per second), 19
megabits per second (Mbps), 19
meshed networks
frame relay, 304
point-to-point T1, 304
six-node fully meshed networks, frame relay and point-to-point T1s, 305
method lists
applying, 360
creating, 356-360
login authentication, 357
PPP authentication, 359
router authentication methods, 356
metrics, 92
bandwidth-based, OSPF, 121
defined, 106
defined for static routes injected into RIP, 133
OSPF, for redistributed routes, 137
redistribution of other protocols into EIGRP, 135
routing protocol differences, redistribution and, 130
routing protocols and, 106
distance-vector protocols, 107
link-state routing protocols, 107
RIP hop count, 106
shown in example routing table entry, 97
metric-type keyword, using with redistribute command in OSPF, 138
Metropolitan Area Networks (see MANs)
microseconds, EIGRP delay metric in, 136
mls qos trust cos command, 245
modular switches, 14
chassis-based, advantages of, 15
power requirements for modules, 16
router contained in supervisor (CPU), 197
module ContentSwitchingModule module# command, 401
module CSM module# command, 401
module csm module# command, 407
modules
6500-series switches, 213-222
chassis-based switches
installing and removing, 17
routing cables to, 18
interaction, 214-217
stacking GBICs, 227
types of, 217
money, driving network design, 523
monitor command, 241
monitor commands, negating, 243
most specific route, 94
MRTG (Multi Router Traffic Grapher), 269, 442
MSFCs (multilayer switch function cards), 198, 204, 211
connecting to with session command, 201
MTU path discovery packets, allowing, 333
MTUs (Maximum Transmission Units), 108
EIGRP metric of the path, 136
Multi Router Traffic Grapher (MRTG), 269, 442
multicast addresses, 103
multicast packets, 103
multicast storms, controlling, 233
multicasts, RIPv2 updates, 116
multilayer switch function cards (see MSFCs)
multilayer switches, 11, 197-203
6500, 204-226
ACLs (access control lists), 334-337
configuring port ACLs, 334
configuring router ACLs, 335
configuring VLAN maps, 336
configuring SVIs, 198-201
hybrid mode, 201-203
native mode, 199
converting switch port to router port, 198
models, 203
router contained within, 197
multiple component failure, 514
Multiplexed DS1 to DS3 (M13), 289
multiplexing, 264
multipoint subinterfaces, 314
multitiered architectures, firewalls in, 368
multiway tree
used in CEF switching, 188
used in optimum switching, 187
mutual redistribution, 139
limiting using route tags and route maps, 147-149
two routers performing (example), 146
N[ Top ]
N connectors, 6
name command, specifying VLAN name in IOS, 31
nameif command, 370
names command (PIX firewall), 371
naming conventions for devices, 472
NAMs (Network Analysis Modules), 204, 219
NAS (network attached storage) device attached to single server via EtherChannel, 59
NASI (NetWare Asynchronous Services Interface), 357
NAT (Network Address Translation), 383-388
commands, 383
examples, 384-388
DMZ, 387
port redirection, 386
simple PAT using outside interface, 384
simple PAT with public servers on inside, 385
logging, 389
remote access to PIX firewall, 388
saving configuration changes, 388
nat command, 384
inside network using the Internet, 387
overridden by static command, 385
nat server command, 403
National Institute of Standards and Technology (NIST), 511
native mode (single OS model on chassis switches), 198
native mode (SVIs), 199
NBMA (nonbroadcast multiaccess) networks, 125
NEBS (Network Equipment Building System), 204
negotiation, trunk, 37
neighbor adjacency (EIGRP), 119
neighbor database (EIGRP), 120
neighbors
BGP, 128
discovering, 103
routers running EIGRP, 119
NetWare Asynchronous Services Interface (NASI), 357
Network Address Translation (see NAT)
Network Analysis Modules (NAMs), 204
network areas in OSPF, 122
specifying, 125
network attached storage (NAS) device attached to single server via EtherChannel, 59
network command, 114
BGP, 128
classful addresses, required for RIPv2, 116
EIGRP, 118
OSPF, 125
network control, 431
network diagrams, 471
Network Equipment Building System (NEBS), 204
network interfaces
enabling in a routing protocol, 114
enabling in OSPF, 125
listing for inclusion in EIGRP, 118
network LSAs, 122
Network Time Protocol (see NTP)
network-address/prefix-length (network description), 94
network-object command, 374
networks
converged, 112
definitions of LANs, WANs, CANs, and MANs, 4
designing, 461-483
documentation, 461-471
driving forces of network design, 521
naming conventions for devices, 472
network designs, 473-483
major network, 99
OSPF network, common design, 124
prefixes in BGP, 127
subnets, 95
supernet (group of major networks), 100
three-tier switched network, 43
types of, 3
types supported by OSPF, 124
next hop
changing with policy routing, 177
changing with route maps, 173
shown in example routing table entry, 97
NIST (National Institute of Standards and Technology), 511
no auto-summary command, 116
no failover active command, 383
no inservice command, 408
no ip route-cache command, 190
no login command, 344
no nat client command, 403
no redistribute igrp autonomous-system command (EIGRP), 135
no spanning-tree portfast command (IOS), 80
no spanning-tree uplinkfast command (IOS), 83
no vtp pruning command (IOS), 52
non-AAA authentication (see basic authentication)
nonbackbone and backbone areas, OSPF, 122
nonbroadcast multiaccess networks, 125
none method, 358
nonfabric-enabled modules, 213
nonfabric-enabled modules, connectors, 213
nonpriority queue
converged network, too large, 457
converged network, too small, 456
nontriggered (timed) updates, 112
normal area, OSPF, 122
NSSA (Not So Stubby Area), 123
NSSA (Not So Stubby Area) LSAs, 122
NSSA totally stub area, 123
NTP (Network Time Protocol), 506-512
accurate time, defining, 506
configuring, 510-512
NTP client, 510
NTP server, 512
design, 508
hierarchy in corporate network, 509
ntp master command, 512
ntp peer ip-address command, 512
ntp server command, 510
ntp update-calender command, 512
null VTP domain, 49
O[ Top ]
object groups, 372-375
port-object object-group commands, 374
object-group command, 373
off (VTP mode), CatOS, 50
on mode (LACP and PAgP), 60
OOF (out-of-frame), 275
Open Shortest Path First routing protocol (see OSPF)
operating systems
Cisco switches and routers, 11
single vs. multiple on switches, 198
(see also CatOS; IOS)
operational state, CSM vservers, 409
optimum switching, 181, 187
OSPF (Open Shortest Path First), 121-126
bandwidth-based metrics, 108
DR (designated router), 123
link-cost formula, changing for links faster than 100 Mbps, 121
link-state routing, 107
LSAs (link state advertisements), 122
mutual redistribution with EIGRP, 139, 147
network design (example), 124
network types supported, 124
OSPF database, 92
processes, 104
redistributing into, 137-139
external route types in OSPF, 138
metrics, 137
route tags, setting, 142
redistributing routes into another protocol, 137
limiting to internal routes, 149
redistribution into EIGRP, resulting redistribution loop, 140
router classifications, 121
routes in the routing table, 125
separation of networks into areas, 122
storage of route information in databases, 126
two processes on single network, 104
out-of-band signaling, 270, 273
outside interface (PIX firewall), 369, 381
configuring for use as IP address for global PAT, 384
overclocking T1s, 290
overflow condition, 418
oversubscribed link, using QoS for, 420
oversubscription, frame-relay links, 306
P[ Top ]
packets, 10
altering with route maps, 173
categories of, 419
multicast, 103
PAgP (Port Aggregation Control Protocol), 60
CatOS EtherChannel, 61
PAP (Password Authentication Protocol), 347
debugging PPP authentication, 348
one-way authentication, 347
two-way authentication, 348
parallel detection, 20
parameter-problem ICMP messages, 333
partial mesh network, 304
passive mode (LACP and PAgP), 60
passive-interface command, 115
Password Authentication Protocol (see PAP)
passwords
password command, 343
VTP, 51
(see also authentication)
PAT (Port Address Translation), 338, 383
global command, 384
outside interface, using, 384
port redirection vs., 386
simple PAT with public servers on inside, 385
paths
best path to root bridge, 75
BGP, 127
switching, configuring and managing, 190-194
payload loopback, 280, 281
Payment Card Industry (PCI), user data storage and access, 359
PBX (private branch exchange), 264
PCI (Payment Card Industry), user data storage and access, 359
per-destination load balancing, 193
performance
increasing, 527
monitoring for T1 links, 274
bipolar violation (BPV), 275
CRC6 (Cyclic Redundancy Check (6-bit)), 276
EES (extreme errored seconds), 276
ES (errored seconds), 276
LOS (loss of signal), 275
OOF (out-of-frame), 275
Perlman, Radia, 67
permanent virtual circuits (see PVCs)
permit clauses, 174
per-packet load balancing in CEF, 193
persistent command, 403
Per-VLAN Spanning Tree (PVST), 77
phase-locked loop (PLL), 284
physical audit, performing, 519
physical connections, network machines, 3
physical layer first (in problem isolation), 316, 518
physical links (EtherChannel), load balancing on, 56-60
PID (process ID), 104
ping command
allowing ICMP packet types needed for, 332
pinging your own interface on frame relay, 313
PIX firewalls, 369-392
access lists, naming, 326
ACLs
Turbo ACLs, 331
using groups, 328-331
allowing MTU path discovery packets, 333
failover, 377-383
configuring, 380
monitoring, 381
terminology, 377
understanding, 378-380
fixups, 375
default on Version 6.2, 376
SMTP fixup, 375
viewing status of, 376
ICMP packet filters, 333
interfaces and priorities, 369-371
configuring interface name and priority, 370
configuring speed and duplex mode, 371
showing status of interfaces, 371
traffic flow, 370
names feature, 371
NAT (Network Address Translation), 383-388
examples, 384-388
logging, 389
NAT commands, 383
remote access to PIX firewall, 388
saving configuration changes, 388
object groups, 372-375
support for gre keyword, 162
troubleshooting, 391
showing all active connections, 391
translations, 391
PLL (phase-locked loop), 284
plugs and receptacles for AC power feeds, 17
point-to-multipoint networks, support by OSPF, 125
point-to-point networks, 3
support by OSPF, 124
VPNs (virtual private networks), 150
point-to-point subinterfaces, 314
no IP address-to-DLCI mapping, 315
Point-to-Point Tunneling Protocol (PPTP), 162
poison reverse, 111
policing packets (QoS), 422
policy maps, 437
applying to an interface, 438
converged network, 448
showing specified queues, 450
policy routing, 173
example, 175-180
applying policy to Ethernet interfaces, 178
monitoring policy routing, 178-180
politics in network design, 521-523
POP (Post Office Protocol)
bandwidth requirements in QoS scheme, 434
priority in QoS, 433
port ACLs, 334
port adapters, CMM, 222
Port Address Translation (see PAT)
Port Aggregation Control Protocol (PAgP), 60
CatOS EtherChannel, 61
port channel interface (IOS EtherChannel), 55, 62
port layout spreadsheets, 463-466
port redirection, 386
configuring in CSMs, 404
port security, 238
port speed (frame relay), 302
port translation using SLB, 400
PortFast, 80
port-object object-group commands, 374
ports
assigning to VLANs in CatOS, 28
assigning to VLANs in IOS, 32
blocked uplink port, bypassing listening and learning states when designated port fails, 81
blocking state, 73
configured for PortFast, preventing from receiving BPDUs, 81
designated port on each segment, 75
information about, in CatOS, 223
load balancing using source and/or destination port, 58
root port on each bridge, 75
security, shutting down switch ports not in use, 49
spanning tree states, 76
switch port, changing to router port on switches, 198
trunk ports, 25
port-security violations, actions taken in response, 239
Post Office Protocol (POP)
bandwidth requirements in QoS, 434
priority in QoS, 433
POTS (plain-old telephone service), 264
power requirements, 469-471
planning for chassis switch, 16
PPP (Point-to-Point Protocol) authentication, 347-353, 356
CHAP (Challenge Handshake Authentication Protocol), 349-353
changing sent hostname, 352
one-way authentication, 350
two-way authentication, 351
method list, 359
applying to an interface, 360
PAP (Password Authentication Protocol), 347
debugging PPP authentication, 348
ppp chap hostname command, 352
ppp chap interface commands, 353
ppp pap sent-username command, 347
two-way authentication, 348
PPTP (Point-to-Point Tunneling Protocol), 162
preemption, configuring in CSM fault tolerance, 401
prefix, 94, 127
host route, 97
route with longest prefix length, 94
PRI (Primary Rate Interface), 260, 270
primary CSM, 401
configuring IP address, 402
replicating changes to secondary CSM, 408
primary PIX firewall, 377
failure of, showing, 382
interface configuration, 381
priorities
fault tolerance in CSMs, 401
HSRP
decrementing, 168
influencing based on status of another interface, 167
PIX firewall interfaces, 370
configuring, 370
QoS, 422-425
deciding whether traffic should be prioritized, 421
determining, 431
marking packets, 422
priority levels for different QoS types, 425
root bridge, 74
router interface
OSPF, 123
standby, 165
priority command (in QoS policy maps), 437
priority queue
converged network, too large, 455
too small in converged network, 454
priority queuing, 426
private branch exchange (PBX), 264
privilege levels, 345
problem isolation in troubleshooting, 316
process ID (PID), 104
process switching, 181, 183
benefits of, 184
configuring and managing switching paths, 190-192
performance penalties from, 184
steps, 183
processes (OSPF), 104
processing delay, 262
propagation delay, 261
pruning, VTP, 46
configuring, 51-54
public vs. private IP space, 484-487
PVCs (permanent virtual circuits), 299
assigned to subinterfaces, status of, 319
configured as subinterfaces, 305
configuring virtual interfaces for each PVC, 314
mapped to interfaces, reporting on, 319
show frame-relay PVC command, 309
PVST (Per-VLAN Spanning Tree), 77
Q[ Top ]
QoS (Quality of Service), 247-249, 417-429
changing values with route maps, 173
common misconceptions, 427
designing a scheme, 430-439
bandwidth requirements for protocols, determining, 433-435
configuring the routers, 435-439
priorities, determining, 431
protocol requirements, determining, 430
mechanics of, 422
monitoring on converged network, 449-452
packet types, 419
packets through serial interface, 420
priorities, 422-425
reasons for using, 420
resolution of congested network problem, 445
types of, 421, 426
queuing, 421
converged network
default queue too large, 458
default queue too small, 458
incorrect configuration, 452
nonpriority queue too large, 457
nonpriority queue too small, 456
priority queue too large, 455
priority queue too small, 454
in different flavors of QoS, 426
FIFO, 443
R[ Top ]
R bus (results bus), 207
rack space, planning for chassis switch installation, 16
RADIUS, 354
differences from TACACS+, 354
server groups
custom, 356
default, 355
radius-server host command, 355
RAI (remote alarm indication), 278, 285
ratios, subnet octet, 501
RBOC (Regional Bell Operating Company), 264-266
real command, 400, 402
real servers, 398
configuring in IOS SLB, 399
CSM
configuring, 402
detailed status information, 409
putting into/out of service in server farm, 403
removing from service, 408
residing in server VLAN, 401
showing status of, 408
Real-Time Protocol (see RTP)
receive interrupt, 183
receive load (rxload), 441
receiving line (RX line), half- and full-duplex links, 21
receptacles for AC power feeds, 17
recurring costs, 526
recursive routing (example), 156-160
red alarm (T1), 277
redistribute command
match keyword, using in OSPF, 149
metric-type keyword, using with, 138
route map applied to, 174
route-map keyword, using in EIGRP, 143
tag tag# keyword, using, 142
using subnets keyword in OSPF, 138
redistribute connected command, 134, 140
redistribute igrp autonomous-system command (EIGRP), 135
redistribute ospf command, using match keyword, 137
redistribute static metric command, 132
redistributed connected command, 144
redistribution, 104, 130-149
into EIGRP, 135-137
limiting using route tags and route maps, 142-146
real-world example, 146-149
loops, 140-142
mutual, 139
into OSPF, 137-139
into RIP, 132-135
sources of routes that can be redistributed, 131
redundancy
power supplies for modular switches, 16
on routers, 163
using routing instead of switching for, 87
reference bandwidth, changing in OSPF, 121
reflexive access lists, 338-342
configuring, 340-342
limitations, 339
temporary permit statements, 339
Regional Bell Operating Company (RBOC), 264-266
reliability metric, EIGRP, 136
reliability, increasing, 528
reload cancel command, 514
reload command, 514
remote access VPNs, 150
remote alarm indication (RAI), 278, 285
remote line loopback, 281
remote monitoring (RMON) probe, 219
remote payload loopback, 281
Remote Switched Port Analyzer (see RSPAN)
remove keyword, switchport trunk pruning vlan command (IOS), 53
repeaters, 6
extending single 10Base-T link, 7
replicate command, 403
requirements documents, 462
resilient Ethernet networks, 163-171
HSRP, 163-166
HSRP interface tracking, 166-168
when HSRP isn't enough, 168-171
results bus (R bus), 207
reverse binary IP subnet allocation, 497
revised configuration (VTP), 45
RIB (routing information base), 181
bypassed in interrupt context switching, 185
(see also routing tables)
right way to do it (network design), 523
RIP (Routing Information Protocol), 112-116
classful design problem, 113
configuring, 114
enabling network interfaces
removing interface included in network statement, 115
GRE tunnels and, 157-161
hop count metrics, 106
maximum hop count, 107
network interfaces, enabling, 114
redistributing into, 132-135
connected routes, 134
default metrics for protocols, 133
static routes, 132
redistributing into EIGRP, 137
RIPv2, 107, 116
advantages over RIPv1, 116
specifying RIPv1, 114
RMON (remote monitoring) probe, 219
root bridge, 73
configuring, importance of, 75, 88
determining best path to, 75
election of, 74
showing for every VLAN on IOS, 79
root ID, 75
root link query PDUs, 84
root port, 75
round-robin algorithm, 398
route cache, 185
disadvantages of, 186
route database (EIGRP), 120
route maps, 143-149, 172-180
advantages over access lists, 172
altering packets, 173
building, 173-175
denying certain routes while permitting all others, 175
route map applied to redistribute command, 174
checking for an incoming route tag, 144
instructing router to call, 145
limiting mutual redistribution, real world example, 146-149
limiting to internal routes, 149
policy routing, 173
policy routing example, 175-180
applying route maps to Ethernet interfaces, 178
matching destination address and setting next hop, 177
monitoring policy routing, 178-180
route of last resort (see default route)
route poisoning, 111
route servers, 128
route tags, 142-149
checking implementation in EIGRP topology database, 144
limiting mutual redistribution, real world example, 146-149
permitting/denying redistributions, 144
setting in EIGRP, using route maps, 143
routed load balancing, 397
routed mode (PIX firewall), 379
routed networks, 3
routed three-tier e-commerce network, 480
route-map keyword, using with redistribute command in EIGRP, 143
router ACLs, 334
configuring, 335
router command (IOS), 114
router eigrp autonomous-system-number command, 117
router ID (OSPF), 123
router LSAs, 122
router on a stick configuration, 26
router-id command (OSPF), 123
routers
allowing MTU path discovery packets, 333
communication between, 103-105
discovering neighbors, 103
defined, 102
ICMP packet filters, 333
with limited switching capabilities, 203
OSPF, types of, 121
switching algorithms
interrupt context switching, 184-190
process switching, 183
switching requirements, 182
routes
automatic summarization in EIGRP, 119
external, 105
internal, 105
redistribution, 104
route shown in example entry from routing table, 97
summarization in RIPv2, 116
types of, 95
routing, 91-101, 478
defined, 91, 181
definitions of key terms, 111
external router connecting VLANs on layer-2 switch, 25
between multiple VLANs, 26
routers contained in layer-3 switches, 27
using instead of switching for redundancy, 87
between VLANs, using multilayer switches, 197
routing information base (see RIB; routing tables)
Routing Information Protocol (see RIP; RIPv2)
routing protocols, 92, 102-129
administrative distances, 93, 108
summary of, 109
BGP, 126-129
classful and classless, 111
communication between routers, 103-105
discovering neighbors, 103
multiple routing protocols on single network, 104
EIGRP, 117
load balancing, switching level vs., 190
metrics, 92
distance-vector protocols, 107
link-state protocols, 107
protocol types and, 106
OSPF, 121-126
redistributing routes, 130
between protocols, 131
within a protocol, 132
RIP, 112-116
configuring, 114
RIPv2, 116
route maps, using, 173
routing tables (see routing tables)
spanning tree vs., 93
routing tables, 92-95
for different routing protocols, 92
example single entry, examining, 97
host route (example), 97
IP routing table, 95-101
default route, 100
host route, 97
major network route, 99
subnet route, 98
summary (group of subnets) route, 98
supernet route, 100
OSPF routes, 125
external routes, type-1 and type-2, 138
RIP routes, 115
RIPv1 and RIPv2, 116
RSPAN (Remote Switched Port Analyzer), 241
creating RSPAN VLAN, 244
removing sessions as a group, 243
RTP (Real-Time Protocol), 419
bandwidth requirements for voice RTP in QoS scheme, 434
converged network policy map, Voice-RTP, 448
QoS priority for voice RTP, 432
RX (receiving) line, half- and full-duplex links, 21
rxload (receive load), 441
S[ Top ]
scheduling packets (QoS), 422
secondary CSM
IP address, 402
replicating changes to primary CSM, 408
secondary PIX firewall, 378
configuring failover IP address for each interface, 381
seconds, defining, 507
secret and privilege commands, 346
Secure Shell (see SSH)
security
level for PIX firewall interfaces, 370
port, 238
VTP, dangers of, 48
segments, 7
collisions, 8
designated bridge, electing, 75
designated port, determining, 75
selling your ideas to management, 532-536
sequential IP subnet allocation, 494
serial interface, packets sent through, 420
serial link, troubleshooting in frame relay, 316
server (VTP mode), 45
CatOS, 50
setting on IOS switch, 50
server farms, 398
configuring in IOS SLB, 399
CSM
configuring, 403
removing from service, 408
showing status of, 410
where they belong, 475
server groups, 355
custom, 356
default, RADIUS and TACACS, 355
tacacs+ and radius, 358
server load balancing (see SLB)
server VLAN (CSM), 401
serverfarm command, 403
server-private command, 356
service mappings (IP precedence), 423
service modules, 217
service password-encryption command, 344
service policies, 438
service-module t1 clock source command, 284
service-module t1 framing command, 284
service-module t1 linecode command, 283
service-module t1 timeslots command, 284
service-policy command, 438, 448
SES (severely errored seconds), 276
session command, 411
session command, connecting to MSFC, 201
session slot module# processor processor# command, 221
set command (in clauses), 174
setting next hop, 177
set port channel command (CatOS), 55
set route map command, 173
set spantree backbonefast enable/disable command (CatOS), 84
set spantree bpdu-guard <mod/port> enable command (CatOS), 81
set spantree portfast <mod/port> disable command (CatOS), 81
set spantree portfast <mod/port> enable command (CatOS), 81
set spantree uplinkfast enable/disable command (CatOS), 82
set trunk command (CatOS), 40
specifying VLANs on a trunk, 41
set vlan command (CatOS), 28
set vtp domain command (CatOS), 50
set vtp pruneeligible command (CatOS), 54
set vtp pruning disable command (CatOS), 54
set vtp pruning enable command (CatOS), 54
SFMs (Switch Fabric Modules), 206
combined with crossbar fabric bus and Supervisor-2, 208
supervisors vs., 213
show access-list command, 327, 330, 342
object group expansion, 374
show auto qos command, 249
show channel command (CatOS), 55, 62
show channel info command (CatOS), 62
show channel traffic command (CatOS), 62
show clock detail command, 511
show command (IOS, VLANS configured from VLAN database mode), 30
show conn command, 391
detail keyword, 392
show controllers command
channelized DS3, 297
clear-channel DS3 configuration, 293
FEAC codes, 291
show etherchannel command (IOS), 64
show etherchannel summary command (IOS), 63
show fabric status command, 215
show fabric switching-mode command, 215
show fabric utilization command, 215
show failover command, 381
show fixup command, 376
show frame-relay map command, 311
VCs mapped to interfaces, reporting on, 319
show frame-relay pvc command, 309
PVCs not mapped to interfaces, 319
status of all known frame relay PVCs on router, 318
show interface capabilities command (IOS), 34
show interface command, 68
bandwidth, showing in EIGRP, 136
delay of an interface in EIGRP, 136
determining if serial link is up, 316
EtherChannel information in IOS, 65
LMI type and PVC in use, 307
monitoring QoS in converged network, 449
status of PIX firewall interfaces, 371
show interface description command, 224
show interface interface# command (IOS), 224
show interface interface-id switchport command (IOS), 52
checking addition/removal of VLANs in VTP pruning, 54
show interface interface-name switchport command, 246
show ip bgp command, 129
show ip bgp summary command, 128
show ip cef command, 194
show ip eigrp neighbors command, 120
show ip eigrp topology command, 120, 155
show ip interface brief command
channelized DS3, 297
configured to run upon authentication, 346
SVIs, 199
show ip interface command
determining if policy routing is enabled, 179
showing switching path, 190
show ip ospf database command, 126
viewing route tags in OSPF routes, 142
show ip policy command
viewing policies applied to interfaces, 178
show ip protocols command
default metric for routing protocols, 133
show ip route command, 92, 95
show mac-address-table | include mac-address command, 13
show mac-address-table command (IOS-based switch), 12
show module command
CSM upgrade, checking, 412
number of a module, 201
show module csm module# ft command, 407
show module csm module# real command, 408
show module csm module# real detail command, 409
show module csm module# serverfarms command, 410
show module csm module# serverfarms detail command, 410
show module csm module# vserver command, 409
show module module# vserver detail command, 409
show monitor command, examining SPAN sessions, 243
show names command, 372
show ntp associations command, 510
show ntp status command, 511
show parser macro brief command, 232
show parser macro name macroname command, 232
show policy-map interface interface# command, 450
show port capabilities command (CatOS), 34
show port channel command (CatOS), 55, 61
show port command (CatOS), 223
show port port# command (CatOS), 225
show port trunk command (CatOS), 41
show port-security command, 240
show processes cpu history command, 68-72
show processes cpu sorted command, 191
show route-map command, viewing and monitoring applied policies, 179
show running-config command, PIX OS, 369
show service-module interface command, 285
show service-module interface performance-statistics command, 286
show spanning-tree command (IOS), 77
show spanning-tree root command (IOS), 79
show spanning-tree summary command (IOS), 78
show spantree command (CatOS), 78
show spantree summary (CatOS), 79
show standby command, 166
show storm-control command, 237
show top error all back interval 60 command, 226
show top feature command, 226
show trunk command (CatOS), 42
show version command
channelized DS3, 296
PIX firewall failover capability, 377
show vlan command (CatOS), 28, 199
show vlan command (IOS), 224
show vlan filter command, 337
show vtp password command (IOS), 51
show xlate command, 391
sidereal day, 507
signaling
in-band, 272
LOS (loss of signal), 285
out-of-band, 273
T1 AMI signaling, 270
simplifying properly sized production network, 525
single rack unit (1-RU) models (multilayer switches), 203
SLB (server load balancing), 395-404
alternative types of load balancing, 396-398
configuring, 399-404
CSMs, 401-404
IOS SLB, 399-401
how it works, 398
slots in 6509 switches, 209
small networks, 482
smart jack, 266
smartport macros, 229
SMDS (Switched Multimegabit Data Service) networks, 125
SMTP
bandwidth requirements in QoS scheme, 434
PIX firewall fixup, 375
priority in QoS, 433
SNMP traps
sending for storm control, 235
standards for use in (RFC 1232), 275
solar day, 507
Solaris
getting MAC address for a device, 13
group of physical Ethernet links bonded together (trunk), 56
negotiation of EtherChannel links with Cisco switch via LACP, 60
SONET (synchronous optical network), 266
source IP address of GRE tunnel, 153
source IP address, load balancing with, 58
source MAC address, load balancing with, 58
source port,