The errata list is a list of errors and their corrections that were found after the product was released. If the error was corrected in a later version or reprint the date of the correction will be displayed in the column titled "Date Corrected".
The following errata were submitted by our customers and approved as valid errors by the author or editor.
| Version |
Location |
Description |
Submitted By |
Date submitted |
Date corrected |
| Printed |
Page 21-22
IN PRINT: last paragraph |
Jeff explains that the default wildcard mask used with an access list it 0.0.0
.0, which will match the exact address only, as in a host address. However he
goes on to explain in the last example:
access-list 2 permit 192.168.30.0
access-list 2 permit 192.168.33.0
includes 192.168.30.0 /24 and 192.168.33.0 24.
If the default wildcard mask is 0.0.0.0 then the above referenced access-list
would match only host 192.168.30.0 and 192.168.33.0 not the class c network
range of 192.168.30.1 to 192.168.30.255.
Am I correct or when the access-list is used in route redistribute is the wild
card mask changed to be the classfull subnet mask, and if it is shouldn't the
resulting access-list with wildcard masks listed on page 22 be correctly listed as:
access-list 2 permit 192.168.30.0 0.0.0.255
access-list 2 permit 192.168.33.0 0.0.0.255
SHOULD BE:
This paragraph is wrong and should be deleted.
|
Anonymous |
|
|
| Printed |
Page 24
IN PRINT: second half of page |
In the section titled "Generic format of standard access lists", the
author gives the following as the generic format of a standard access list:
access-list [list number] [permit | deny] [IP address] [wildcard mask (optional)]
SHOULD BE:
The generic format should read
access-list [list number] [permit | deny] [IP address] [wildcard
mask (optional)] [log (optional)]
with the text in [list number], [IP address], [wildcard mask (optional)],
and [log (optional)] in italics.
There should also be a section after wildcard mask argument definition:
log
The log keyword. If present, it turns on logging every
time the access list entry is matched.
|
Anonymous |
|
|
| Printed |
Page 31
IN PRINT: Last paragraph. |
The line that reads:
"The first line of this access list allows TCP packets from all of network
192.168.30.0/24 to the medical diagnostic host with IP address 192.168.33.5".
SHOULD BE:
The first line of the last paragraph of page 31 should read:
The first line of this access list allows TCP packets from all of network
192.168.30.0/24 to the medical diagnostic host with IP address 192.168.35.1.
|
Anonymous |
|
|
| Printed |
Page 33-34
IN PRINT: 2nd half of page 33. Top of page 34. |
On pages 33-34, the author indicates that one can use the "logging"
keyword to log any matches of an access list entry. According to Cisco
documentation, this should just be "log". (I have verified this on my own
router: using the keyword "logging" results in a syntax error.) Moreover,
there is a slightly different keyword, "log-input" to include the input
interface in the the logging output. This keyword was not mentioned in the text.
SHOULD BE:
The access list generic format should look like the following
access-list [list number] [permit | deny] [protocol] [source specification]
[destination specification] [protocol qualification] [log (optional)]
On page 35, the entry for logging should instead be
log
The log key word. If present, it turns on a log of all packet information
every time the access list entry is matched.
|
Anonymous |
|
|
| Printed |
Page 45
IN PRINT: 2nd configuration example |
The line:
access-group 2 in
should read:
access-class 2 in
|
Anonymous |
|
|
| Printed |
Page 57
IN PRINT: Fig 3-4 & 4th para |
In figure web server facing interface is "Ethernet 0" and in text and
example ACL it is "Ethernet 2".
SHOULD BE:
The ethernet interface in figure 3-4 that connects to the web server should ethernet 2.
|
Anonymous |
|
|
| Printed |
Page 59
IN PRINT: Figure 3-5 |
I believe that Figure 3-5 contains an errors. It is a diagram of an FTP
session between a client and server. While the text seems to indicate that
Data Channel Setup is sent from port 20, the figure seems to indicate that
it is sent from port 21.
SHOULD BE:
It should be port 20 in the figure for the source port on the FTP Serve (on the right)
|
Anonymous |
|
|
| Printed |
Page 70
IN PRINT: Figure 3-9 |
Company C Web server at 192.168.35.1 should have an address of 192.168.30.2
|
Anonymous |
|
|
| Printed |
Page 75
IN PRINT: boxed text |
Huh? Not only are ARP packets not IP packets, so I don't see why an IP
access-list would apply if Cisco syntax made sense, but I certainly don't
have to do this on an operational router, and never have had to. Just to
double check that I wasn't dreaming I just checked on a 7204 running IOS
12.1(6)E. The Internet facing interface is a ethernet interface connected
to redundant upstream routers. The only things the extended IP inbound
ACL on that interface allows to the router itself is ICMP ttl-exceeded so that
I can do traceroutes from the router, and access in from a remote management
network. I can't even ping the upstream routers.
If I do a "sh arp", however, there all the upstream router IP and MAC
addresses are.
BTW, you could filter ARP packets using access lists in the 200-299 range
where you specify the ethernet type-code, but I'm not familiar with those
and suspect that they can only be used with bridging.
SHOULD BE:
This is true, so this box should be deleted.
|
Anonymous |
|
|
| Printed |
Page 76
IN PRINT: There is an access list for OSPF hello packets |
access-list 101 permit ospf 192.168.31.0 0.0.0.255 host 224.0.0.4
SHOULD BE:
On page 76, the access list for OSPF should read:
access-list 101 permit ospf 192.168.31.0 0.0.0.255 host 224.0.0.5
|
Anonymous |
|
|
| Printed |
Page 77
IN PRINT: Example after last paragraph |
The example after the last paragraph isn't correct.
At the bottom of the page, --either--
ip access-group out-to-Internet out
should be
ip access-group out-to-server out
which then would match the text which describes the example (on pg 78) but
in doing so would make the example not "self documentating" (read confusing)
--or--
ip access-list extended out-to-server
should be
ip access-list extended out-to-Internet
which then doesn't match the text on pg 78.
SHOULD BE:
The access list at the bottom of page 77 should read
! access-list out to the Internet
ip access-list extended out-to-Internet
permit tcp host 192.168.35.1 any
evaluate tcp-connections
ip access-list in-from-Internet
permit tcp any any reflect tcp-connections
! interface statements
interface serial 1
ip access-group out-to-Internet out
ip access-group in-from-Internet in
! access-list out tothe
|
Anonymous |
|
|
| Printed |
Page 78
IN PRINT: Second to last paragraph |
The paragraph with first sentence "Reflexive access lists are created ..."
is hard to follow. Is it safe to assume that the next sentence "In our
example ..." refers to the _previous_ example (on the prior page)?
Should inbound have really been outbound?
Regarding the next (and last sentence) in the paragraph (before the IOS ACL
commands, I assume this is a new example "Lets implement the policy ...".
Is this new example showing a outbound access list created using an
inbound ACL?
SHOULD BE:
The last sentence on the second to last paragraph of page 78 should read:
Let's implement the same policy using inbound access lists:
The the list following example should read
! access-list in from the server
ip access-list extended in-from-server
permit tcp host 192.168.35.1 any
evaluate tcp-connections
ip access-list extended out-to-server
permit tcp any any reflect tcp-connections
! interface statements
interface Ethernet 0
ip access-group out-to-server out
ip access-group in-from-server in
|
Anonymous |
|
|
| Printed |
Page 78
IN PRINT: last paragraph |
In the configuration example given at the bottom of the page, there is the
line
permit tcp any host 192.168.35.1 any
From the way that the access list is being used, the first "any" shouldn't
be there. I think the line should read
permit tcp host 192.168.35.1 any
SHOULD BE:
The last sentence of the second to last paragraph (starting with "Reflexive
access lists") and the first part of the following configuration should read:
Let's implement the same policy using inbound access lists:
! access-list in from the server
ip access-list extended in-from-server
permit tcp host 192.168.35.1 any
|
Anonymous |
|
|
| Printed |
Page 79-80
IN PRINT: Access list example that spans from bottom of page 79 to top of |
page 80; In the example describing the use of a Reflexive access list for UDP, the
extended access list going out to the Internet from the server should read "ip
access-list extended in-from-server". This goes along with its description and the
way it's applied to the Ethernet interface later in the example.
SHOULD BE:
The configuration fragment at the start of page 80 should start:
! access list out to the Internet from the server
ip access-list extended in-from-server
|
Anonymous |
|
|
| Printed |
Page 80
IN PRINT: 2nd paragraph |
In the second paragraph, the author states:
"Reflexive access lists have a number a limitations. You cannot use them
on protocols that do not have source ports, such as ICMP."
While I haven't verified this for myself on my own router, this is in
direct conflict with the online Cisco documentation. Here is the text from the
documention for the permit(reflexive) command in IOS version 11.3:
"permit protocol any any reflect name [timeout seconds]
no permit protocol any any reflect name
protocol Name or number of an IP protocol. It can be one of the
keywords gre, icmp, ip, ipinip, nos, tcp, or udp, or an integer in the range 0
to 255 representing an IP protocol number. To match any Internet protocol
(including ICMP, TCP, and UDP), use the keyword ip."
This also holds true in versions 12.0, 12.1, and 12.2. Here is a link to
the latest documentation:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/cs/csprts/
csprts3/csreflex.htm
I would guess that in protocols that don't have ports, then all that
happens is that source and destination IP addresses get reversed. Without
verifying, that's just an educated guess though.
SHOULD BE:
The assertion is correct - other protocols can be used with reflexive access
lists. In protocols without ports, packet characteristics like ICMP packet
type are used.
On page 80, the sentence beginning with "you can't use them on protocols
without source ports like ICMP" should be deleted, along with the sentence
after it that begins with "In the previous entry".
|
Anonymous |
|
|
| Printed |
Page 89
Chapter 3 |
Figure 3-14 :
Arrows for Access List 101 and 104 should be reversed (101 is incoming and 104 is outgoing).
The same applies to Access List 105 and 102 (102 is incoming and 105 is outgoing).
|
Anonymous |
|
|
| Printed |
Page 94
IN PRINT: figure 4-1 |
Routing info uses nets A to D. Associated text refers
to networks 1 to 4 except in the last line of the page which contains a
reference to network X.
SHOULD BE:
In the text of the last paragraph of page 94 through the type of page 95,
'Network 1' should be replaced by 'Network A', 'Network 2' should be
replaced by 'Network B', Network 3 should be replaced by 'Network C', and
Network 4 should be replaced by 'Network D.'
|
Anonymous |
|
|
| Printed |
Page 97
IN PRINT: figure 4-2 |
the interface 3 and 4 label should be swapped in the figure 4-2 in order
to match the description on the paragraph just below.
SHOULD BE:
In figure 4-2, the labels of Interface 3 and Interface 4 should be sapped.
|
Anonymous |
|
|
| Printed |
Page 106
IN PRINT: 1st paragraph at top of page. |
In the second sentence at the top of the page, the author states:
"Since Site E uses network 10.0.0.0/8,..."
However, in Figure 4-9, there is no Site E. Rather, Site P is using
network 10.0.0.0/8. A Similar problem happens a little bit down the page:
"This configuration fragment permits only the route to 10.0.0.0 in through
serial interface 2 of the router, thus permitting only network 10.0.0.0/8
to come in from Site O."
The end of this sentence needs to read "...from Site P." in order to agree
with the figure.
SHOULD BE:
The first complete sentence at the start of page 106 should read:
"Since Site P uses network 10.0.0.0/8, we would set up the following on
Router 4."
The next sentence should read:
"This configuration fragment permits only the route to 10.0.0.0 in
through serial interface 2 of router 4, thus permitting only network
10.0.0.0/8 to come in from site P."
|
Anonymous |
|
|
| Printed |
Page 107
IN PRINT: figure 4-10 |
the two interfaces labeled e1/0 in the middle and lower port on the router box
should read e1/1 and e1/2 respectively to match the description in the
access list on the same page.
SHOULD BE:
The two interfaces labeled e1/0 in the middle and lower port on the router
box should read e1/1 and e1/2 respectively.
|
Anonymous |
|
|
| Printed |
Page 107
IN PRINT: Figure 4-10 at top of page. |
In the figure, all of the ethernet segments are labeled as having the
following network numbers/netmasks:
192.168.20.0/8
192.168.29.0/8
192.168.30.0/8
192.168.31.0/8
I'm guessing that these should be changed to:
192.168.20.0/24
192.168.29.0/24
192.168.30.0/24
192.168.31.0/24
since the way that they are printed in the book, they are all on the same
network! (Namely, 192.0.0.0/8.)
SHOULD BE:
In Figure 4-10, the host segments should read
192.168.20.0/24
192.168.29.0/24
192.168.30.0/24
192.168.31.0/24
Also, the ethernet interface labels from the top down, should be e1/0, e1/1,
and e1/2.
|
Anonymous |
|
|
| Printed |
Page 107
IN PRINT: Just below Figure 4-10 |
The configuration fragment just below Figure 4-10 is:
access-list 1 deny all
This should be chagned to:
access-list 1 deny any
(There is no keyword "all" for access lists.)
SHOULD BE:
The configuration fragment below 4-10 should read
access-list 1 deny any
|
Anonymous |
|
|
| Printed |
Page 108
IN PRINT: Last paragraph |
The configuration fragment near the bottom of the page:
access-list 1 deny all
should read:
access-list 1 deny any
(There is no keyword "all" in access lists.)
SHOULD BE:
The configuration fragment at near the bottoem of page 108 should read
access-list 1 deny any
|
Anonymous |
|
|
| Printed |
Page 108-109
IN PRINT: Figure 4-11 on page 108 and 1st two lines on page 109 |
In Figure 4-11, the author labels the ethernet network connecting the
three routers in the figure as being 192.168.10.0/8. I'm wondering if
the author didn't mean 192.168.10.0/24 because in the configuration fragment
at the bottom of the page has the two lines
router rip
network 192.168.10.0
From the way that RIP works, this command would mean 192.168.10.0/24
without any further information. Likewise, in the first sentenence on page
109, the author states:
"The network statement here says that we broadcast RIP on all interfaces
connected to network 192.168.10.0/8."
The end of this should read "...connected to network 192.168.10.0/24." (I
think you would have to use the command
network 192.0.0.0
to get a /8 with RIP.)
SHOULD BE:
Figure 4-11 should read "hosts on 192.168.10.0/24" on the note at the bottom
of the figure.
The first sentence on page 109 should read:
The network statement here says that we broadcast RIP on all interfaces
connected to network 192.168.10.0/24.
|
Anonymous |
|
|
| Printed |
Page 109
IN PRINT: 2nd paragraph on page |
The author writes:
"...and it was asked to forward a packet to network 198.168.30.0/8."
Does the author mean network 198.168.30.0/24 here? Because if he meant
198.168.30.0/8, why wouldn't he just write 198.0.0.0/8?
SHOULD BE:
The reference to 198.168.30.0 in the second paragraph of page 109 should be
192.168.30.0/24.
|
Anonymous |
|
|
| Printed |
Page 110
IN PRINT: 2nd paragraph no page |
The author writes:
"Since we accept only one route, to network 172.28.0.0/16 as the default
network to other networks, Router 1 doesn't have to accept route 10.0.0.0/8
from Site O."
If this is referring to Figure 4-9 as stated, then I believe that this
should read "...accept route 10.0.0.0/8 from Site P."
SHOULD BE:
The second sentence of the second paragraph should read:
Since we accept only one route, to network 172.28.0.0/16 as the default
network to other networks, router 1 doesn't have to accept route 10.0.0.0/8
from site M or any other route from other sites within the intranet.
|
Anonymous |
|
|
| Printed |
Page 112
IN PRINT: 3rd paragraph |
An an option of the distribute-list statement that lets us reduce the
impact of filtering routes when they are distributed from one routing
process to another.
Please take out the second 'an' here.
SHOULD BE:
"An option of the distribute-list statement...". The second "an" in the
third paragraph of page 112 should be removed.
|
Anonymous |
|
|
| Printed |
Page 117
IN PRINT: 1st paragrpah, just before 1st config fragment on page |
The author writes:
First, let's define a policy set with network 10.0.0.0/8 and another
network 172.20.0.0/8 in it:"
This should be "...and another network 172.20.0.0/16 in it:" in order to
agree with Figure 4-14 and the previous and following text of this example.
SHOULD BE:
The last sentence of the first paragraph on page 117 should read:
First, let's define a policy set with network 10.0.0.0/8 and another with
network
172.20.0.0/16 in it:
|
Anonymous |
|
|
| Printed |
Page 123
IN PRINT: last paragraph on page |
Near the bottom of the page, the author writes:
"In Figure 4-17, network 192.168.18.0/16..."
This should be changed to "...network 192.168.18.0/24..." in order to
agree with the figure.
SHOULD BE:
The last sentence on page 123 should read:
In figure 4-17, network 192.168.18.0/24 contains servers dedicated to
anapplication
critical to users on networks 10.0.0.0/8 and 172.28.0.0/16.
|
Anonymous |
|
|
| Printed |
Page 126-127
IN PRINT: Near bottom of page 126 and top of page 127 |
Near the bottom of page 126, the author writes:
"Router 4's serial interface to Site E..."
This should be changed to "Router 4's serial interface to Site P..." in
order to agree with Figure 4-9. Similarly, near the top of page 127, where the
author says:
"We then redistribute our default network within Site D."
This should be "We then redistribute our default network within Site O."
to agree with the figure.
SHOULD BE:
The second to last sentence on page 126 should read:
"Router 4 's serial interface to site P has IP address 192.168.13.1 and
router 6's
serial interface has IP address 192.168.13.2."
The second sentence on page 127 should read:
"We then redistribute our default network within site O."
|
Anonymous |
|
|
| Printed |
Page 130
IN PRINT: 1st paragraph |
The author states that EIGRP is a classful routing protocol, which is
incorrect. RIP and IGRP are classful, however, EIGRP, OSPF, IS-IS, and
BGP are all classless...
SHOULD BE:
This refers to material that does not appear on page 130 or anywhere else
in this book - it may apply to another book, but not this one.
|
Anonymous |
|
|
| Printed |
Page 130
IN PRINT: First config fragment on page |
Part of the first config fragment on the page is:
! no routes from the host segments
distance 192.168.29.0 0.0.0.0 255
distance 192.168.30.0 0.0.0.1 255
This last line should read
distance 192.168.30.0 0.0.1.0 255
in order to agree with previous config statements.
SHOULD BE:
The last distance statement of the first configuration fragment on page
130 should read
distance 192.168.30.0 0.0.1.0 255
|
Anonymous |
|
|
| Printed |
Page 135
IN PRINT In middle of page |
In the middle of the page, the author specifies the following policy:
"All of the hosts with IP addresses 192.168.32.32 through 192.168.32.63
except 192.168.32.40 through 192.168.32.43 can have SNMP read access."
The author then gives an example of implementing this policy incorrectly
as follows:
access-list 1 deny 192.168.40.0 0.0.0.7
access-list 1 permit 192.168.32.0 0.0.0.31
snmp community string public ro 1
While the author was trying to illustrate an incorrect implementation, I
got the impression, that he was merely trying to show an incorrect wild-card
mask. In the access list above, the hosts that are denied are 192.168.40.0
through 192.168.40.7, and the hosts that are permitted are 192.168.32.0 through
192.168.32.31. Note that none of these are in the range that were specifed by
the policy given above. I think that the following would fix this example:
access-list 1 deny 192.168.32.40 0.0.0.7
access-list 1 permit 192.168.32.32 0.0.0.31
Then there seems to be a cut-and-paste error, because the fix to the error
in the access list was given as:
access-list 1 deny 192.168.40.0 0.0.0.3
access-list 1 permit 192.168.32.0 0.0.0.31
This will deny the range 192.168.40.0 through 192.168.40.3, and it will
permit the range 192.168.32.0 through 192.168.32.31, which is not in the
policy given above. I think that this really should read:
access-list 1 deny 192.168.32.40 0.0.0.3
access-list 1 permit 192.168.32.32 0.0.0.31
SHOULD BE:
The first configuration fragment on page 135 should read:
access-list 1 deny 192.168.32.40 0.0.0.7
access-list 1 permit 192.168.32.32 0.0.0.31
The second configuration fragment on page 135 should read:
access-list 1 deny 192.168.32.40 0.0.0.3
access-list 1 permit 192.168.32.32 0.0.0.31
|
Anonymous |
|
|
| Printed |
Page 139
IN PRINT: Middle of the page |
EIGRP does not use the same compound metric as IGRP. In fact, EIGRP
mutlplies the IGRP metric by 256 to provide greater granularity.
SHOULD BE:
This refers to material that does not appear on page 139 or anywhere else
in this book - it may apply to another book, but not this one.
|
Anonymous |
|
|
| Printed |
Page 139
IN PRINT: middle of the page |
The author states that EIGRP " is pretty much loop-free". This is
misleading. EIGRP is guarenteed loop free at every instance due to its
routing algorithm.
SHOULD BE:
This refers to material that does not appear on page 139 or anywhere else
in this book - it may apply to another book, but not this one.
|
Anonymous |
|
|
| Printed |
Page 150
IN PRINT: Just above Figure 5-3 |
Just above Figure 5-3, the author writes:
"The first example in Chapter 4 deals with the network shown in Figure
5-3."
Then in Figure 5-3, the two sites are labeled as being Site D and Site B.
However, the example in Chapter 4 uses Sites L, M, N, O, and P. Judging from
the IP addresses given, did the author mean Site O where he says Site D and
Site M where he says Site B in the figure. (All by itself, the figure and
the text are entirely self-consistent. I'm just question the reference to the
example in Chapter 4.)
SHOULD BE:
To make this consistent with the references, we need to do the following.
In Figure 5-3, Site D should be site O, and Site M should be site M.
The first two sentences of the paragraph under figure 5-3 should read:
"Router 3, located in Site M, seeks to restrict the routes that it receives
from site O. Since site O uses only one network 19.0.0.0/8 and does not
transit any traffic from any other sites, site M should only hear about
network 19.0.0.0/8 in the routing updates that it hears from router 1."
The second and third sentences of the second paragraph on page 152 should
read:
"Our policy requires this is to be the only route learned from site O.
In looking at the show ip route output, note that the only route learned
via EIGRP from site O's router 1 is 19.0.0.0/8, and the next hop for the
network is
192.168.3.2, the serial interface of router 1."
|
Anonymous |
|
|
| Printed |
Page 154
IN PRINT: Last paragraph |
The author states in the last paragraph:
"In Chapter 4, I showed an example of Site D filtering the routes it
distributes in order to prevent any routing problems from within Site
D from spreading to other sites."
Does the author mean Site O here? (At least that is what I would guess
from the configuration block that follows this statement.) I don't think
that there are any figures in Chapter 4 that mention a "Site D".
SHOULD BE:
The last two sentences on page 154 should read:
"In chapter 4, I showed an example of site O filtering the routes that it
distributes in order to prevent any routing problems within site O from
spreading other sites. Only network 19.0.0.0/8 should be advertised from
site O, so I configured the following on router 1:"
|
Anonymous |
|
|
| Printed |
Page 156
IN PRINT: Figure 5-4 |
If this is the example that we have been working with since Chapter 4,
then there seem to be some site naming problems. In Figure 4-9, the sites
are named L, M, N, O, and P. In this figure, they are named A, B, C, D, and E.
SHOULD BE:
In figure 5-4, the sites should be labeled L, M, N, O, and P, instead of
A, B, C, D, and E respectively.
The first sentence of the paragraph under 5-4 should read as:
"Let's say that an interface of router 6 has IP address 10.1.1.2 and that
the router1 interface going to Site M has an IP address of 192.168.3.2."
|
Anonymous |
|
|
| Printed |
Page 161
IN PRINT: 2nd half of page |
Near the bottom of page 161, there is the output block:
RIP: received update from 192.168.2.1 on Serial0
network 10.0.0.0 in 1 hops
network 192.168.3.0 in 1 hops
RIP: received update from 192.168.1.1 on Serial1
network 10.0.0.0 in 2 hops
network 192.168.3.0 in 1 hops
RIP: sending update to 192.168.1.255 via Serial0 (192.168.2.2)
network 172.20.0.0, metirc 4
network 192.168.1.0, metric 1
network 192.168.3.0, metric 2
RIP: sending update to 192.168.2.255 via Serial1 (192.168.1.2)
netowrk 172.20.0.0, metric 1
network 192.168.2.0, metric 2
According to Figure 5-5, however, Serial0 has IP address 192.168.1.2 and
Serial1 has IP address 192.168.2.2. So there seems to be some mixing up
of which IP address goes to which interface. Also, on page 160, there is
the code block:
router rip
network 192.168.1.0
netowrk 192.168.2.0
network 172.20.0.0
offset-list 1 in 3 serial 0
offset-list 2 out 3 serial 0
where access lists 1 and 2 are as follows (from page 159):
access-list 1 permit 10.0.0.0
access-list 2 permit 172.20.0.0
Wouldn't this mean that the output above should have network 10.0.0.0 as
being 4 hops coming into Serial 0?
SHOULD BE:
The debug output on page 161 should have the following 4 lines:
RIP: received update from 192.168.1.1 on Serial0
network 10.0.0.0 in 4 hops
network 192.168.3.0 in 1 hops
RIP: received update from 192.168.2.1 on Serial1
|
Anonymous |
|
|
| Printed |
Page 166
IN PRINT: Just past the first output block |
The author writes:
"...a static route excludes any routing advertisement of network 10.0.0.0
since static routes have a higher administrative distance then any dynamic
protocol."
Shouldn't this read:
...a static route excludes any routing advertisement of network 10.0.0.0
since static routes have a lower administrative distance than any dynamic
protocol."
Since static routes have a default administrative distance of 1, which is
lower than any routing protocol. But this gives static routes a HIGHER
priority.
SHOULD BE:
The phrase on page 166 after the first output block should read:
a static route excludes any routing advertisement of network 10.0.0.0
since static routes have a lower administrative distance then any
dynamic routing protocol.
|
Anonymous |
|
|
| Printed |
Page 171
IN PRINT: 1st output block |
On page 170, in the last output block, it says:
ip prefix-list Net-10-prefixes: 4 entries
seq 5 permit 10.204.23.0/24
seq 10 permit 10.204.28.0/24
seq 15 deny 10.204.0.0/16
seq 20 permit 10.0.0.0/8
But then in the first output block on page 171, you have the line:
seq 15 permit 10.204.0.0/16 (hit count: 0, refcount: 1)
Shouldn't the permit in this line be changed to a deny?
SHOULD BE:
In the first output block on page 171, the out with sequence 15 should read:
seq 15 deny 10.204.0.0/16 (hit count: 0, refcount: 1)
|
Anonymous |
|
|
| Printed |
Page 176
IN PRINT: Very bottom, last output block |
On page 172, the author states that AS numbers are stored as 16-bit
values. In the last output block on page 176, the author shows the
output of the EXEC command "show ip bgp regex ^(66000)$". The last
five lines of this output are as follows:
Network Next Hop Metric LocPrf Weight Path
*> 172.15.0.0/16 192.168.248.252 0 (66000) i
*> 172.18.0.0/16 192.168.248.252 0 (66000) i
*> 192.168.72.0/24 192.168.248.252 0 (66000) i
*> 172.20.0.0/16 192.168.248.252 0 (66000) i
My only question about this example is how could you ever get an AS that
was equal to 66000 if AS numbers only have 16 bits. (This creates a maximum
AS number of 65535.)
SHOULD BE:
In the last paragraph and output display on page 176, all 66000 appearances
should be replaced with 65000.
|
Anonymous |
|
|
| Printed |
Page 182
IN PRINT: Example "interface Ethernet0/1" |
The example:
interface ethernet 0/0
ip policy route FROM-ETHERNET-0-0
interface Ethernet0/1
ip policy route FROM-ETHERNET-0-0
should be:
interface ethernet 0/0
ip policy route FROM-ETHERNET-0-0
interface Ethernet0/1
ip policy route FROM-ETHERNET-0-1 (change 0-0 to 0-1)
SHOULD BE:
The first part ofthe example on page 182 should read:
interface ethernet 0/0
ip policy route FROM-ETHERNET-0-0
interface Ethernet0/1
ip policy route FROM-ETHERNET-0-1
|
Anonymous |
|
|
| Printed |
Page 182
IN PRINT: 2nd half of config block |
The code:
route-map FROM-ETHERNET-0-0 permit 10
match interface 0/0
should read:
route-map FROM-ETHERNET-0-0 permit 10
match interface Ethernet0/0
SHOULD BE:
On page 182, the first route map in the example should read as:
route-map FROM-ETHERNET-0-0 permit 10
match interface Ethernet0/0
set next-hop Serial1/0
|
Anonymous |
|
|
| Printed |
Page 191
IN PRINT: Figure 6-2 |
In Figure 6-2, both ends of the 45Mbit line have the same IP address,
192.168.30.1. Judging from the following configs, I would guess that
the end of the line that is near the router (opposite of AS 2) should
have the IP address 192.168.30.2.
SHOULD BE:
On Figure 6-2, the IP address at the end of the 45Mbit line ending at
the router should be 192.168.30.2.
|
Anonymous |
|
|
| Printed |
Page 193
IN PRINT: In1st config block |
On page 193, there is the config line:
neighbor 192.168.30.1 weight 30
On page 192, this weight had been 20. I was wondering why it had changed,
when the text immediately previous had said that changing the wieght wouldn't work
for that example?
SHOULD BE:
On page 193, in the first configuration section, the first two neighbor
statements should read:
neighbor 192.168.30.1 remote-as 2
neighbor 192.168.30.1 weight 20
|
Anonymous |
|
|
| Printed |
Page 194
IN PRINT: Figure 6-3 |
Both ends of the 45Mbit line in Figure 6-3 have the same IP address,
192.168.30.1. Judging from both previous text and the following text,
the end that is next to Router 1 should have the IP address 192.168.30.2.
SHOULD BE:
The IP adress on router 1 at the end ofthe 45 Mbit line should 192.168.30.2
|
Anonymous |
|
|
| Printed |
Page 194
IN PRINT: Figure 6-4 |
There seems to be a cut-and-paste error here. Again, both ends of
the 45 Mbit line have the same IP address, 192.168.30.1. Judging from
the following configs, router 1's interface should have the IP address
192.168.30.2.
|
Anonymous |
|
|
| Printed |
Page 197
IN PRINT: at the end of the first config block |
In the first config block, there is a comment in the block that to me
indicates that all of the following config applies to router 2 from
Figure 6-4. However, the last two lines of the config block are:
neighbor 192.168.30.1 remote-as 2
neighbor 192.168.30.1 route-map ROUTES-OUT out
If this is config for router 2, then shouldn't these lines read:
neighbor 192.168.31.1 remote-as 2
neighbor 192.168.31.1 route-map ROUTES-OUT out
SHOULD BE:
The last two lines of the first configuration block on page 197 should read:
neighbor 192.168.31.1 remote-as 2
neighbor 192.168.31.1 route-map ROUTES-OUT out
|
Anonymous |
|
|
| Printed |
Page 229
IN PRINT: 2nd paragraph, 24th line of program listing on this page |
ip policy route FROM-LOW-PRIORTY-WEB-SERVERS
no ip directed-broadcast
> 'PRIORTY' looks like a typo to me.
SHOULD BE:
The policy route statement for Fast Ethernet 2/1 should read
ip policy route FROM-LOW-PRIORITY-WEB-SERVERS
|
Anonymous |
|
|
| Printed |
Page 246
IN PRINT: from /25 and down |
subnet masks are all incorrect from /25 down.
For example /27 is 255.255.255.224 not 255.255.224.0
Also not all valid networks are there, e.g. for /28 the .208 'net is valid.
SHOULD BE:
The subnet masks for prefixes /25 through /31 should read:
Mask Correct Subnet Mask
/25 255.255.255.128
/26 255.255.255.192
/27 255.255.255.224
/28 255.255.255.240
/29 255.255.255.248
/30 255.255.255.252
/31 255.255.255.254
/32 255.255.255.255
|
Anonymous |
|
|
| Printed |
Page 246
IN PRINT: Table B-2, Prefix length /28 |
Prefix length /28, second column
Reads now:
255.255.240.0
Should read:
255.255.255.240
Prefix /25 to Prefix /31 have errors.
SHOULD BE:
The subnet masks for prefixes /25 through /31 should read:
Mask Correct Subnet Mask
/25 255.255.255.128
/26 255.255.255.192
/27 255.255.255.224
/28 255.255.255.240
/29 255.255.255.248
/30 255.255.255.252
/31 255.255.255.254
/32 255.255.255.255
|
Anonymous |
|
|