The errata list is a list of errors and their corrections that were found after the product was released.
The following errata were submitted by our customers and have not yet been approved or disproved by the author or editor. They solely represent the opinion of the customer.
| Version |
Location |
Description |
Submitted by |
Date submitted |
| Printed |
Page 8
Top third of page. Regular expression used in include. |
The line in question is:
bottom-ssg140-> get route | inc "159.24.{1,3}[[:digit:]].{1,3}[[:digit:]]\/32"
What the author wants to do is "include all /32 routes within the 159.24.0.0 Class B range".
The regular expression listed breaks down as the following.
159 # Match "159"
. # Match any character
24 # Match "24"
.{1,3} # Match any character 1 to 3 times
[[:digit:]] # Match any digit character once
.{1,3} # Match any character 1 to 3 times
[[:digit:]] # Match any digit character once
\/32 # Match the string "/32".
So it - for example - would match this: 159z24t!e9f2s1/32
It matches all of the examples in the book. But it's not the correct regex!
A simple version of a regex to fulfil the requirement follows:
159 # Match "159"
\. # Match a literal "."
24 # Match "24"
\. # Match a literal "."
[[:digit:]]{1,3} # Match a digit 1 to 3 times
\. # Match a literal "."
[[:digit:]]{1,3} # Match a digit 1 to 3 times
\/32 # Match the string "/32"
Complete regex = "159\.24\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\/32"
Or you could do this:
159 # Match "159"
\. # Match a literal "."
24 # Match "24"
\. # Match a literal "."
([[:digit:]]{1,3}\.?){2} # Match 2 groups of one to three
# digits with zero or 1 "."
# at the end of each.
\/32 # Match the string "/32"
Complete regex = "159\.24\.([[:digit:]]{1,3}\.?){2}\/32"
|
Simon Mullis |
Nov 11, 2010 |
| Printed |
Page 10.x
All Section Headers |
All of the section headers in the 10th chapter have incorrect numbering. Starting in the introduction (10.0) the number jumps from 10.0 to 10.1.1 I am assuming this is supposed to be 10.0.1, however the number from the point of error is incrementing correctly.
Please note the major sections of the chapter have the numbering correct:
10.0
10.1
10.2
All sub-headings within these chapters are incorrect, for example:
10.1 Create Simple User-to-Site VPN
But the first sub-heading in 10.1 is:
10.2.1 Problem
|
Anonymous |
|
|
10.3
United States |
Recipe 10.3. Route-Based IPSec Tunneling with Static Peers and Static Routes
Figure 10-18 appears to be incorrect.
On the right hand side "Hub site Corp"
The interface listed under Untrust should probably be "eth0/3"
Additionally, I believe the interface listed under Trust as "eth0/0" is just additional, unnecessary information that confuses could confuse the discussion.
|
Steven Hawkins |
Oct 04, 2011 |
| Printed |
Page 23
First paragraph under "Tunnel" |
The wording of the third sentence ("...in that they do get assigned to a physical (or logical) interface until the IKE gateway is defined") and the sentence following ("Tunnel interfaces by default do not get assigned IP addresses either...") suggests that it should instead read "they do NOT get assigned...".
|
Eric Knibbe |
Mar 12, 2011 |
| Printed |
Page 490
4th paragraph, 2nd sentence |
States "If a traffic stream should always stay within the GBW, you should never see borrowed tokens", but all the examples show no regular tokens, all borrowed, for example, the example on page 476 has
tokens (regular/borrowd): 0/5341
but above it
PostShapingBytes(total/borrowed): 5341/0
Does that mean the text should say "If a traffic stream should always stay within the GBW, you should never see borrowed PostShapingBytes" ? In that case, does the "tokens" line indicate /unused/ tokens?
|
David Yerger |
Jul 06, 2009 |
| Printed |
Page 626
second configuration block |
The line to synchonise Firewall B wit hFirewall A is printed as:
FWCLUSTER:FIREWALL-B(B)-> exec nsrp sync global-config saved
there's an extra d at the end. The line should read:
FWCLUSTER:FIREWALL-B(B)-> exec nsrp sync global-config save
The same error is printed on page 644 in the second last configuration statement
|
Kai Krebber |
Apr 22, 2009 |
| Printed |
Page 641
second last line |
In the commands for setting up a transparent cluster, the vlan1 manage-ip for the Backup is set to 1.1.1.11 too. This should be 1.1.1.12.
On the next page in figure 18-4, the ips are then printed correctly.
|
Kai Krebber |
Apr 21, 2009 |
| Printed |
Page 680
FIg 19-2 |
for PBR section on Page 679 it states you should refer to Figure 19-2 for the network topology explaining how to load balance across two ISP links.
The box is empty.
|
Robert Parten |
Jun 15, 2012 |