The errata list is a list of errors and their corrections that were found after the product was released.
The following errata were submitted by our customers and have not yet been approved or disproved by the author or editor. They solely represent the opinion of the customer.
Version |
Location |
Description |
Submitted by |
Date submitted |
Printed |
Page 2
after 2nd paragraph |
It would have been helpful if at this point it was explained how to make the initial
connection to the router using the console port and rs-232 cable, eg. setting the
speed to 9600/8/none/1. I know this info is listed later on p. 35 but it would have
been helpful to have it in the getting started section - because without it, you
can't get started!
|
Anonymous |
|
Printed |
Page 11
Third row from bottom of table 2-1 |
The "mc8310" identifier should be "mc3810" for the "Ardent Multiservice Cisco 3810"
platform.
|
Anonymous |
|
Printed |
Page 15
item 3. Load the new IOS; Line 2 |
Is:
#config-reg 0x2102
Should be:
#config-reg 0x2142
|
Anonymous |
|
Printed |
Page 36
Near bottom, VTY configuration example |
Router(config-line)#exec-timeout 0 30 Set the timeout to 30 minutes
This sets the timeout to 30 *SECONDS*. For 30 minutes:
Router(config-line)#exec-timeout 30 0 Set the timeout to 30 minutes
|
Anonymous |
|
Printed |
Page 36
router config at bottom of page |
Without the "login" command users will not be able to logon via telnet even if a
password is set.
|
Anonymous |
|
Printed |
Page 49
Middle of the page |
The "ip source-route" command is not an interface configuration command and should
not be included in this list of ineterface based commands. Later on in the book it
is properly describe as a global command...
Example:
hostname boston
!
enable secret 5 $1$SyZt$gO1Ou0sJHspLe0lfe2w7Z.
!
ip subnet-zero
no ip source-route
|
Anonymous |
|
Printed |
Page 51
Table 5-3 |
Table 5-3 shows three possible Ethernet encapsulation types, but "isol" is incorrect.
Example:
boston#conf t
Enter configuration commands, one per line. End with CNTL/Z.
boston(config)#int e 0
boston(config-if)#encapsulation snap
boston(config-if)#encapsulation isol
^
% Invalid input detected at '^' marker.
boston(config-if)#encapsulation arpa
boston(config-if)#end
Looks like the router will accept "iso" nut not "isol".
|
Anonymous |
|
Printed |
Page 55
Middle of the page |
The following statement is incorrect "HDLC ... is proprietary to Cisco". HDLC is in
fact an open standard developed by International Organization for
Standardization(ISO). It falls under the ISO standards ISO 3309 and ISO 4335.
Cisco does use a proprietary version of HDLC, but still uses the standards based
framing (just changes the packet contents).
|
Anonymous |
|
Printed |
Page 61-62
Table 5.-5 |
Request complete definitions in table 5-5. The following are missing
"ARP type:"
"Queueing strategy"
"throttles"
"dribble condition"
"babbles"
"interface resets"
"deferred"
"lost carrier"
"no carrier"
"output buffer failures"
"output buffers swapped out"
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/inter_r/irshowin.htm#xtocid190849
Thanks for a handy reference guide...
|
Anonymous |
|
Printed |
Page 99
2nd set of code and again in 4th set of code |
In the section "Emulating a Packet Sniffer", the command syntax is incorrect:
debug ip packet list 110
Should read:
debug ip packet 110
Again, the "undebug ip packet list 110" should read "undebug ip packet 110"
Example:
Router#debug ip packet list 110
^
% Invalid input detected at '^' marker.
Router#debug ip packet 110
IP packet debugging is on for access list 110
Router#
Notice the the router rejects the command with the keyword "list" in it but accepts
the command without it. The undebug syntax is exactly the same...
|
Anonymous |
|
Printed |
Page 115
Very first line of the page. |
The output from the "show ip route" that's shown at the top of the page is incorrect.
The router is reporting that the Gateway of last resort is not set, even though the
last line of the command output shows a default route that's flagged with an asterisk
"*". Clearly the Gateway of last resort is set...
|
Anonymous |
|
Printed |
Page 116
3rd line of code |
passive-interface serial0
should read:
passive-interface ethernet0
|
Anonymous |
|
Printed |
Page 119
14th line from the bottom in Revisiting the example |
passive-interface serial0
should read:
passive-interface ethernet0
|
Anonymous |
|
Printed |
Page 119
5th line from the bottom |
!Define access list 10
should read:
!Define access list 11
|
Anonymous |
|
Printed |
Page 147
paragraph "show ip eigrp topology" |
The text before the example output should be
"If the reported distance is LESS than the feasible distance, the path becomes the
feasible successor for the route"
|
Anonymous |
|
Printed |
Page 152
Top of the page, heading called "Type 6" |
The book incorrectly names Type 6 LSAs as NSSA LSA. Truth is that NSSA use type-7
LSAs.
Example, here is a snippet from RFC-1587:
3.3 Type-7 LSAs: NSSA External Link-State Advertisements
External routes are imported into NSSAs as type-7 LSAs by the NSSA's
AS boundary routers. An NSSA AS boundary routers is a router which
has an interface associated with the NSSA and is exchanging routing
information with routers belonging to another AS. As with type-5
LSAs a separate type-7 LSA is originated for each destination
network. To support NSSA areas, the link-state database must
therefore be expanded to contain a type-7 LSA.
Type 7-LSAs are identical to type-5 LSAs except for the following
(see section 12.3.4 "AS external links" in the OSPF
specification).
1. The type field in the LSA header is 7.
2. Type-7 LSAs are only flooded within the NSSA.
The flooding of type-7 LSAs follow the same rules
as the flooding of type 1-4 LSAs.
3. Type-7 LSAs are kept within the NSSA's LSDB (are
area specific) whereas because type-5 LSAs are
flooded to all type-5 capable areas, type-5 LSAs
global scope in the router's LSDB.
4. At the area border router, selected type-7 LSAs are
translated into type 5-LSAs and flooded into the
backbone.
|
Anonymous |
|
Printed |
Page 152
Top of the page |
A type-6 OSPF LSA carries Multicast specific information for MOSPF. The definition
in the book is incorrect.
|
Anonymous |
|
Printed |
Page 152
Bottom of the page under the heading Area types. |
The book fails to mention one other type of Area that Cisco supports, called a
"Totally-Sutbby Not-So-Stubby-Area". Basically, the "no-summary" option can be added
to the "area nssa" command to block type-3 and type-4 LSAs into a NSSA area.
Example:
router ospf 55
network 10.0.0.0 0.0.0.255 area 0
network 172.25.0.0 0.0.255.255 area 100
area 100 nssa no-summary
|
Anonymous |
|
Printed |
Page 157
The configuration examples in the middle of the page. |
There are two serious flaws with the virtual-link example. First, router1 and
router2 both have their Loopback0 interface assigned to the same subnet (this is
wrong).
Example:
Router1
inteface Loopback0
ip address 10.10.7.4 255.255.255.0
Router2
inteface Loopback0
ip address 10.10.7.5 255.255.255.0
Secondly, neither router is distributing their loopback subnet within OSPF. (i.e.
there is no network statement for the loopback0 subnets)
If the routers don't advertise their loopback0 address, which would become their
router-ID and their virtual-link end point, then the example would fail.
Both issues would have to be corrected before the example would work correctly...
|
Anonymous |
|
Printed |
Page 170
first command example |
The example is supposed to illustrate the advertisement of a 10.10.2.0/23 network,
however the subnet mask in the example is not the correct subnet mask for a /23
network. Based on the example commands, the author is advertising a /19 network. To
properly advertise the /23 network, it should read:
network 10.10.2.0 mask 255.255.254.0
^
The error occurs at the carrat where the author has a "2" instead of the correct "5".
|
Anonymous |
|
Printed |
Page 194
Example configuration at the bottom of the page |
In the example the eigrp timers are adjusted on interface serial 0 but they use the
wrong EIGRP AS number.
Example from the book:
interface Serail1
ip hello-interval eigrp 1 5
ip hold-time eigrp 1 15
!
router eigrp 100
Both of the EIGRP interface timing commands use AS 1 whereas the router is configured
to use AS 100.
Also, the timers picked are incorrect. The default timers for an normal point-to-
point EIGRP interface are hello 5 sec, hold 15 secs. If the author wants to speed up
dialling, then the timers should be adjusted downwards (eg. hello 3 sec, and hold 9
sec for instance).
|
Anonymous |
|
Printed |
Page 195
Example at the top of the page |
The following access-list entry is incorrect:
access-list 101 permit deny eigrp any any
Should be:
access-list 101 deny eigrp any any
Looks like a typo, since an ACL can either permit or deny but not both...
|
Anonymous |
|
Printed |
Page 196
The last line fo the confguration example. |
The dialer list is configured incorrectly.
dialer-list 1 list 110
The example above, taken from the book, shows the incorrect syntax.
Should be:
dialer-list 1 protocol ip list 101
Example:
Router(config)#dialer-list 1 ?
protocol Permit or Deny based on protocols
Router(config)#
|
Anonymous |
|
Printed |
Page 198
lines 12, 15, 18 of the listing, and line 1 in the first paragraph |
The "rotary-group" command is used in the listing, and mentioned in the paragraph,
but the correct command seems to be "dialer rotary-group."
For confirmation, see the entry for "dialer rotary-group" in chapter 15 (there is no
entry for "rotary-group"), and the following from the Cisco website:
For "dialer rotary-group":
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/dial_r/dia_d1g.htm#1019346
For "rotary-group":
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123cgcr/dial_r/dia_p1g.htm#1107745
|
Anonymous |
|
Printed |
Page 217
1st line |
The IP address should be 10.10.1.4 and not 10.1.1.4.
|
Anonymous |
|
Printed |
Page 217
Last line of the first router configuration |
The assumption is :
In this example, we have one public IP address (172.168.1.2) that is shared by all
our hosts on the 10.10.1.0/24 private network:
The configuration gives :
! Access list for our pool, which is used to select which IP addresses
! should be translated
access-list 20 permit 10.10.0.0 0.0.255.255
Even if it does work in practical if the subnet is 10.10.1.0/24, then the access-list
should be :
access-list 20 permit 10.10.1.0 0.0.0.255.
|
Anonymous |
|
Printed |
Page 219
Second Paragraph under "Tunnels" |
The second IP address assigned by the ISP should be 192.168.2.1, not 192.168.10.2.1
(which isn't even a valid IP address.)
|
Anonymous |
|
Printed |
Page 220
Fifth line from the bottom of the page |
The IP address should be 192.168.1.1, not 198.168.1.1.
|
Anonymous |
|
Printed |
Page 220
First line under "interface serial0" |
The IP address should be 192.168.1.1, not 198.168.1.1.
|
Anonymous |
|
Printed |
Page 221
Fifth line from the top of the page |
The IP address should be 192.168.2.1, not 198.168.2.1.
|
Anonymous |
|
Printed |
Page 221
Tenth line from the top of the page |
The subnet mask should be 255.255.255.0, not 255.255.255.255.
|
Anonymous |
|
Printed |
Page 233
The line before the second paragraph |
In the "Protect VTYs with an Access List" paragraph, the last line of the example (Users and Authentication) looks like it's part o
f the it but, in fact it should be the title of the next paragraph, isn't it?
|
Anonymous |
|
Printed |
Page 237
Last sentence in the "Ping the Broadcast Adress" |
The author states that "show ip arp"
"This commmand lists all the machines from which the router has seen packets in the
last 30 minutes"
The above statement is wrong. The default timeout for an ARP entry is 4 hours as the
author correctly notes on page 262.
In fact the entries in "show ip arp" will only timeout if the device responding to
the arp is removed from the network. Just prior to an arp entry timeout the router
performs a unicast arp to refresh the entry. This behavior can be observed with the
"clear arp" in conjunction with "debug arp"
r2#sh ip arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 181.16.12.1 7 aabb.cc00.1500 ARPA Ethernet0/0
Internet 181.16.12.2 - aa00.0400.0204 ARPA Ethernet0/0
Internet 181.16.24.4 7 aabb.cc00.1802 ARPA Ethernet1/0
Internet 181.16.24.2 - aa00.0400.0204 ARPA Ethernet1/0
r2#debug arp
ARP packet debugging is on
r2#clear arp
r2#
*Mar 3 18:05:50.623: IP ARP: sent req src 181.16.12.2 aa00.0400.0204,
dst 181.16.12.1 aabb.cc00.1500 Ethernet0/0
*Mar 3 18:05:50.623: IP ARP: sent req src 181.16.24.2 aa00.0400.0204,
dst 181.16.24.4 aabb.cc00.1802 Ethernet1/0
*Mar 3 18:05:50.623: IP ARP: sent rep src 181.16.12.2 aa00.0400.0204,
dst 181.16.12.2 ffff.ffff.ffff Ethernet0/0
*Mar 3 18:05:50.623: IP ARP: sent rep src 181.16.24.2 aa00.0400.0204,
dst 181.16.24.2 ffff.ffff.ffff Ethernet1/0
*Mar 3 18:05:50.683: IP ARP: rcvd rep src 181.16.12.1 aabb.cc00.1500, dst
181.16.12.2 Ethernet0/0
*Mar 3 18:05:50.683: IP ARP: creating entry for IP address: 181.16.12.1,hw:
aabb.cc00.1500
*Mar 3 18:05:50.683: IP ARP: rcvd rep src 181.16.24.4 aabb.cc00.1802, dst
181.16.24.2 Ethernet1/0
*Mar 3 18:05:50.683: IP ARP: creating entry for IP address: 181.16.24.4,hw:
aabb.cc00.1802
r2#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 181.16.12.1 0 aabb.cc00.1500 ARPA Ethernet0/0
Internet 181.16.12.2 - aa00.0400.0204 ARPA Ethernet0/0
Internet 181.16.24.4 0 aabb.cc00.1802 ARPA Ethernet1/0
Internet 181.16.24.2 - aa00.0400.0204 ARPA Ethernet1/0
|
Anonymous |
|
Printed |
Page 251
Under the heading "access-list" |
One important keyword is left out of the standard access-list discussion and that
keyword is log. Since 12.0, standard access-lists also support the keyword "log".
Example:
Router:67#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#access-list 1 permit any ?
log Log matches against this entry
<cr>
|
Anonymous |
|
Printed |
Page 253
Bottom of page |
The book fails to list several access-list keywords such as, ack, dscp, fin,
fragments, log-input, psh, rst, syn, time-range, and urg.
|
Anonymous |
|
Printed |
Page 329
The description for the "encasulation" command. |
The possible values for the encapsulation command talk only about serial
encapsulation but include some, but not all, ethernet encapsulations. For example:
isl and dot1q are both Ethernet trunking encapsulation types and don't belong with
serial encapsulation types.
On the other hand, the author could list the other ethernet type encapsulation types
such as ARPA and SNAP, but he didn't...
|
Anonymous |
|
Printed |
Page 378
Top of the page |
The description of Passive FTP is incorrect. The statement "With passive FTP, the
file transfer occurs on the same port as the initial [control] connection" is simply
not true. Passive FTP uses separate ports to transfer data then the initial control
session.
A normal FTP data session initiates from the server's port 20 back to the client
(port 1024+) which can confuse Firewalls. However, on a passive FTP session the data
session originate from the client to the server in the same direction as the original
control session. Even though the sessions initiate in the same direction they use
different port numbers (generally 1024+ to 1024+)...
|
Anonymous |
|
Printed |
Page 402
Bottom of the page, Section named "ip ospf network" |
The book omitted the most common type of OSPF network, "point-to-point".
Example:
boston(config-subif)#ip ospf network ?
broadcast Specify OSPF broadcast multi-access network
non-broadcast Specify OSPF NBMA network
point-to-multipoint Specify OSPF point-to-multipoint network
point-to-point Specify OSPF point-to-point network
|
Anonymous |
|
Printed |
Page 402
Section called ip ospf name-lookup |
The ip ospf name-lookup command is not a line based configuration command. It is a
global configuration command.
Example:
router ospf 55
log-adjacency-changes
area 0 authentication message-digest
network 172.16.0.0 0.0.255.255 area 0
network 172.25.1.0 0.0.0.255 area 0
network 172.25.2.0 0.0.0.255 area 100
network 172.25.25.0 0.0.0.255 area 0
!
ip classless
no ip http server
ip ospf name-lookup
|
Anonymous |
|
Printed |
Page 410
entry following "ip proxy-arp" and before "ip rarp-server" |
Appears to be missing an entry for "ip radius source-interface" command.
|
Anonymous |
|
Printed |
Page 457
Near the top of the page, the first example. |
The "media-tpe" example is incorrect. An Ethernet interface cannot hve a media-type
setting of 100baset. A FastEthernet interface can have a setting of 100baset but you
can't force a 10M ethernet interface to run at 100M (I wish I could).
|
Anonymous |
|
Printed |
Page 490
Heading "Privilege level (line)" |
Cisco Routers support 16 privilege levels, 0-15. The book says 1-15. By default,
the router comes with three predefined user-levels, 0,1, & 15, although 0 isn't
assigned at first.
Example:
boston(config-line)#privilege level ?
<0-15> Default privilege level for line
|
Anonymous |
|
Printed |
Page 492
Very top of the page |
The default prompt on a Cisco Router is "%h%p" and not "%h".
|
Anonymous |
|
Printed |
Page 502
top of the page |
Missing description of "scheduler allocate" configuration setting. Normally, this is
configured as "no scheduler allocate" to use the default CPU scheduling (allows 5% of
CPU time for low-priority tasks).
|
Anonymous |
|
Printed |
Page 537
Bottom of page, "standby timers" section. |
The default timers for HSRP are incorrect. The book quotes, "hello seconds, 1; hold
seconds, 3" when in actual fact the default timers are Hello 3 seconds and holdtime
10 seconds.
Example:
Router:66#sh stand
FastEthernet0/0.2 - Group 0
Local state is Listen, priority 100
Hellotime 3 sec, holdtime 10 sec
Virtual IP address is 172.26.2.22 configured
Active router is unknown
Standby router is unknown
0 state changes, last state change never
|
Anonymous |
|
Printed |
Page 540
Middle of page |
Regarding the command "tacacs-server attempts", the author incorrectly identifies the
meaning of this command. This command does not modify the number of attempts to
reach the tacacs server before deciding the server is unavailable. Instead, it
modifies the number of incorrect login attempts the router will allow (while using
TACACS) before it terminates the session.
Example:
Router1(config)#tacacs-server ?
attempts Number of login attempts via TACACS
|
Anonymous |
|
Printed |
Page 548
Second section |
In the timers spf section, the book incorrectly identifies BGP as using the shortest
path first calculation. The correct protocol would be OSPF.
"...and the time BGP starts the SPF calculation."
|
Anonymous |
|
Printed |
Page 548
Bottom of page |
Cisco replaced the "trace" command with "traceroute" in version 11 of IOS.
|
Anonymous |
|
Printed |
Page 551
"transport" Section |
ssh is missing from the valid list of protocols.
|
Anonymous |
|
Printed |
Page 555
Bottom of the page. |
There is at least one missing keyword for the command "username" and it is privilege.
The keyword privilege is important because it can be used to assign privilege levels
to users.
Example:
boston(config)#username ijbrown privilege ?
<0-15> User privilege level
boston(config)#username ijbrown privilege 12
boston(config)#
|
Anonymous |
|