Cisco IOS Cookbook
Cisco IOS Cookbook, Second Edition By Kevin Dooley, Ian J. Brown
December 2006
Pages: 1236

| Table of Contents | Index | Sample Chapter

Table of Contents

  1. Chapter 1 Router Configuration and File Management

    1. Introduction

    2. Configuring the Router via TFTP

    3. Saving Router Configuration to Server

    4. Booting the Router Using a Remote Configuration File

    5. Storing Configuration Files Larger Than NVRAM

    6. Clearing the Startup Configuration

    7. Loading a New IOS Image

    8. Booting a Different IOS Image

    9. Booting over the Network

    10. Copying an IOS Image to a Server

    11. Copying an IOS Image Through the Console

    12. Deleting Files from Flash

    13. Partitioning Flash

    14. Using the Router as a TFTP Server

    15. Using FTP from the Router

    16. Generating Large Numbers of Router Configurations

    17. Changing the Configurations of Many Routers at Once

    18. Extracting Hardware Inventory Information

    19. Backing Up Router Configurations

    20. Warm Reload

    21. Warm Upgrade

    22. Configuration Archiving

    23. Locking Configuration Access

  2. Chapter 2 Router Management

    1. Introduction

    2. Creating Command Aliases

    3. Managing the Router’s ARP Cache

    4. Tuning Router Buffers

    5. Auto Tuning Buffers

    6. Using the Cisco Discovery Protocol

    7. Disabling the Cisco Discovery Protocol

    8. Using the Small Servers

    9. Enabling HTTP Access to a Router

    10. Enabling Secure HTTP (HTTPS) Access to a Router

    11. Using Static Hostname Tables

    12. Enabling Domain Name Services

    13. Disabling Domain Name Lookups

    14. Specifying a Router Reload Time

    15. Scheduling of Router Commands

    16. Displaying Historical CPU Values

    17. Creating Exception Dump Files

    18. Generating a Report of Interface Information

    19. Generating a Report of Routing Table Information

    20. Generating a Report of ARP Table Information

    21. Generating a Server Host Table File

  3. Chapter 3 User Access and Privilege Levels

    1. Introduction

    2. Setting Up User IDs

    3. Encrypting Passwords

    4. Using Better Password-Encryption Techniques

    5. Removing Passwords from a Router Configuration File

    6. Deciphering Cisco’s Weak Password Encryption

    7. Displaying Active Users

    8. Sending Messages to Other Users

    9. Changing the Number of VTYs

    10. Changing VTY Timeouts

    11. Restricting VTY Access by Protocol

    12. Enabling Absolute Timeouts on VTY Lines

    13. Implementing Banners

    14. Disabling Banners on a Port

    15. Disabling Router Lines

    16. Reserving a VTY Port for Administrative Access

    17. Restricting Inbound Telnet Access

    18. Logging Telnet Access

    19. Setting the Source Address for Telnet

    20. Automating the Login Sequence

    21. Using SSH for Secure Access

    22. Changing Privilege Level of IOS Commands

    23. Defining Per User Privileges

    24. Defining Per Port Privileges

  4. Chapter 4 TACACS+

    1. Introduction

    2. Authenticating Login IDs from a Central System

    3. Restricting Command Access

    4. Losing Access to the TACACS+ Server

    5. Disabling TACACS+ Authentication on a Particular Line

    6. Capturing User Keystrokes

    7. Logging System Events

    8. Setting the IP Source Address for TACACS+ Messages

    9. Sample Server Configuration Files

  5. Chapter 5 IP Routing

    1. Introduction

    2. Finding an IP Route

    3. Finding Types of IP Routes

    4. Converting Different Mask Formats

    5. Using Static Routing

    6. Floating Static Routes

    7. Using Policy-Based Routing to Route Based on Source Address

    8. Using Policy-Based Routing to Route Based on Application Type

    9. Examining Policy-Based Routing

    10. Changing Administrative Distances

    11. Routing Over Multiple Paths with Equal Costs

    12. Static Routes That Track Interfaces or Other Routes

    13. Keeping Statistics on Routing Table Changes

  6. Chapter 6 RIP

    1. Introduction

    2. Configuring RIP Version 1

    3. Filtering Routes with RIP

    4. Redistributing Static Routes into RIP

    5. Redistributing Routes Using Route Maps

    6. Creating a Default Route in RIP

    7. Disabling RIP on an Interface

    8. Default Passive Interface

    9. Unicast Updates for RIP

    10. Applying Offsets to Routes

    11. Adjusting Timers

    12. Configuring Interpacket Delay

    13. Enabling Nonperiodic Updates

    14. Increasing the RIP Input Queue

    15. Configuring RIP Version 2

    16. Enabling RIP Authentication

    17. RIP Route Summarization

    18. Route Tagging

  7. Chapter 7 EIGRP

    1. Introduction

    2. Configuring EIGRP

    3. Filtering Routes with EIGRP

    4. Redistributing Routes into EIGRP

    5. Redistributing Routes into EIGRP Using Route Maps

    6. Disabling EIGRP on an Interface

    7. Adjusting EIGRP Metrics

    8. Adjusting Timers

    9. Enabling EIGRP Authentication

    10. EIGRP Route Summarization

    11. Logging EIGRP Neighbor State Changes

    12. Limiting EIGRP’s Bandwidth Utilization

    13. EIGRP Stub Routing

    14. Route Tagging

    15. Viewing EIGRP Status

  8. Chapter 8 OSPF

    1. Introduction

    2. Configuring OSPF

    3. Filtering Routes in OSPF

    4. Adjusting OSPF Costs

    5. Creating a Default Route in OSPF

    6. Redistributing Static Routes into OSPF

    7. Redistributing External Routes into OSPF

    8. Manipulating DR Selection

    9. Setting the OSPF RID

    10. Enabling OSPF Authentication

    11. Selecting the Appropriate Area Types

    12. Using OSPF on Dial Interfaces

    13. Summarizing Routes in OSPF

    14. Disabling OSPF on Certain Interfaces

    15. Changing the Network Type on an Interface

    16. OSPF Route Tagging

    17. Logging OSPF Adjacency Changes

    18. Adjusting OSPF Timers

    19. Reducing OSPF Traffic in Stable Networks

    20. OSPF Virtual Links

    21. Viewing OSPF Status with Domain Names

    22. Debugging OSPF

  9. Chapter 9 BGP

    1. Introduction

    2. Configuring BGP

    3. Using eBGP Multihop

    4. Adjusting the Next-Hop Attribute

    5. Connecting to Two ISPs

    6. Connecting to Two ISPs with Redundant Routers

    7. Restricting Networks Advertised to a BGP Peer

    8. Adjusting Local Preference Values

    9. Load-Balancing

    10. Removing Private ASNs from the AS Path

    11. Filtering BGP Routes Based on AS Paths

    12. Reducing the Size of the Received Routing Table

    13. Summarizing Outbound Routing Information

    14. Prepending ASNs to the AS Path

    15. Redistributing Routes with BGP

    16. Using Peer Groups

    17. Authenticating BGP Peers

    18. Using BGP Communities

    19. Using BGP Route Reflectors

    20. Putting It All Together

  10. Chapter 10 Frame Relay

    1. Introduction

    2. Setting Up Frame Relay with Point-to-Point Subinterfaces

    3. Adjusting LMI Options

    4. Setting Up Frame Relay with Map Statements

    5. Using Multipoint Subinterfaces

    6. Configuring Frame Relay SVCs

    7. Simulating a Frame Relay Cloud

    8. Compressing Frame Relay Data on a Subinterface

    9. Compressing Frame Relay Data with Maps

    10. PPP over Frame Relay

    11. Viewing Frame Relay Status Information

  11. Chapter 11 Handling Queuing and Congestion

    1. Introduction

    2. Fast Switching and CEF

    3. Setting the DSCP or TOS Field

    4. Using Priority Queuing

    5. Using Custom Queuing

    6. Using Custom Queues with Priority Queues

    7. Using Weighted Fair Queuing

    8. Using Class-Based Weighted Fair Queuing

    9. Using NBAR Classification

    10. Controlling Congestion with WRED

    11. Using RSVP

    12. Manual RSVP Reservations

    13. Aggregating RSVP Reservations

    14. Using Generic Traffic Shaping

    15. Using Frame-Relay Traffic Shaping

    16. Using Committed Access Rate

    17. Implementing Standards-Based Per-Hop Behavior

    18. AutoQoS

    19. Viewing Queue Parameters

  12. Chapter 12 Tunnels and VPNs

    1. Introduction

    2. Creating a Tunnel

    3. Tunneling Foreign Protocols in IP

    4. Tunneling with Dynamic Routing Protocols

    5. Viewing Tunnel Status

    6. Creating an Encrypted Router-to-Router VPN in a GRE Tunnel

    7. Creating an Encrypted VPN Between the LAN Interfaces of Two Routers

    8. Generating RSA Keys

    9. Creating a Router-to-Router VPN with RSA Keys

    10. Creating a VPN Between a Workstation and a Router

    11. Creating an SSL VPN

    12. Checking IPSec Protocol Status

  13. Chapter 13 Dial Backup

    1. Introduction

    2. Automating Dial Backup

    3. Using Dialer Interfaces

    4. Using an Async Modem on the AUX Port

    5. Using Backup Interfaces

    6. Using Dialer Watch

    7. Using Virtual Templates

    8. Ensuring Proper Disconnection

    9. View Dial Backup Status

    10. Debugging Dial Backup

  14. Chapter 14 NTP and Time

    1. Introduction

    2. Time-Stamping Router Logs

    3. Setting the Time

    4. Setting the Time Zone

    5. Adjusting for Daylight Saving Time

    6. Synchronizing the Time on All Routers (NTP)

    7. Configuring NTP Redundancy

    8. Setting the Router As the NTP Master for the Network

    9. Changing NTP Synchronization Periods

    10. Using NTP to Send Periodic Broadcast Time Updates

    11. Using NTP to Send Periodic Multicast Time Updates

    12. Enabling and Disabling NTP Per Interface

    13. NTP Authentication

    14. Limiting the Number of Peers

    15. Restricting Peers

    16. Setting the Clock Period

    17. Checking the NTP Status

    18. Debugging NTP

    19. NTP Logging

    20. Extended Daylight Saving Time

    21. NTP Server Configuration

  15. Chapter 15 DLSw

    1. Introduction

    2. Simple Bridging

    3. Configuring DLSw

    4. Using DLSw to Bridge Between Ethernet and Token Ring

    5. Converting Ethernet and Token Ring MAC Addresses

    6. Configuring SDLC

    7. Configuring SDLC for Multidrop Connections

    8. Using STUN

    9. Using BSTUN

    10. Controlling DLSw Packet Fragmentation

    11. Tagging DLSw Packets for QoS

    12. Supporting SNA Priorities

    13. DLSw+ Redundancy and Fault Tolerance

    14. Viewing DLSw Status Information

    15. Viewing SDLC Status Information

    16. Debugging DSLw

  16. Chapter 16 Router Interfaces and Media

    1. Introduction

    2. Viewing Interface Status

    3. Configuring Serial Interfaces

    4. Using an Internal T1 CSU/DSU

    5. Using an Internal ISDN PRI Module

    6. Using an Internal 56 Kbps CSU/DSU

    7. Configuring an Async Serial Interface

    8. Configuring ATM Subinterfaces

    9. Setting Payload Scrambling on an ATM Circuit

    10. Classical IP Over ATM

    11. Configuring Ethernet Interface Features

    12. Configuring Token Ring Interface Features

    13. Connecting VLAN Trunks with ISL

    14. Connecting VLAN Trunks with 802.1Q

    15. LPD Printer Support

  17. Chapter 17 Simple Network Management Protocol

    1. Introduction

    2. Configuring SNMP

    3. Extracting Router Information via SNMP Tools

    4. Recording Important Router Information for SNMP Access

    5. Using SNMP to Extract Inventory Information from a List of Routers

    6. Using Access Lists to Protect SNMP Access

    7. Logging Unauthorized SNMP Attempts

    8. Limiting MIB Access

    9. Using SNMP to Modify a Router’s Running Configuration

    10. Using SNMP to Copy a New IOS Image

    11. Using SNMP to Perform Mass Configuration Changes

    12. Preventing Unauthorized Configuration Modifications

    13. Making Interface Table Numbers Permanent

    14. Enabling SNMP Traps and Informs

    15. Sending Syslog Messages As SNMP Traps and Informs

    16. Setting SNMP Packet Size

    17. Setting SNMP Queue Size

    18. Setting SNMP Timeout Values

    19. Disabling Link Up/Down Traps per Interface

    20. Setting the IP Source Address for SNMP Traps

    21. Using RMON to Send Traps

    22. Enabling SNMPv3

    23. Strong SNMPv3 Encryption

    24. Using SAA

  18. Chapter 18 Logging

    1. Introduction

    2. Enabling Local Router Logging

    3. Setting the Log Size

    4. Clearing the Router’s Log

    5. Sending Log Messages to Your Screen

    6. Using a Remote Log Server

    7. Enabling Syslog on a Unix Server

    8. Changing the Default Log Facility

    9. Restricting What Log Messages Are Sent to the Server

    10. Setting the IP Source Address for Syslog Messages

    11. Logging Router Syslog Messages in Different Files

    12. Maintaining Syslog Files on the Server

    13. Testing the Syslog Sever Configuration

    14. Preventing the Most Common Messages from Being Logged

    15. Rate-Limiting Syslog Traffic

    16. Enabling Error Log Counting

    17. XML-Formatted Log Messages

    18. Modifying Log Messages

  19. Chapter 19 Access-Lists

    1. Introduction

    2. Filtering by Source or Destination IP Address

    3. Adding a Comment to an ACL

    4. Filtering by Application

    5. Filtering Based on TCP Header Flags

    6. Restricting TCP Session Direction

    7. Filtering Multiport Applications

    8. Filtering Based on DSCP and TOS

    9. Logging When an Access-List Is Used

    10. Logging TCP Sessions

    11. Analyzing ACL Log Entries

    12. Using Named and Reflexive Access-Lists

    13. Dealing with Passive Mode FTP

    14. Using Time-Based Access-Lists

    15. Filtering Based on Noncontiguous Ports

    16. Advanced Access-List Editing

    17. Filtering IPv6

  20. Chapter 20 DHCP

    1. Introduction

    2. Using IP Helper Addresses for DHCP

    3. Limiting the Impact of IP Helper Addresses

    4. Using DHCP to Dynamically Configure Router IP Addresses

    5. Dynamically Allocating Client IP Addresses via DHCP

    6. Defining DHCP Configuration Options

    7. Defining DHCP Lease Periods

    8. Allocating Static IP Addresses with DHCP

    9. Configuring a DHCP Database Client

    10. Configuring Multiple DHCP Servers per Subnet

    11. DHCP Static Mapping

    12. DHCP-Secured IP Address Assignment

    13. Showing DHCP Status

    14. Debugging DHCP

  21. Chapter 21 NAT

    1. Introduction

    2. Configuring Basic NAT Functionality

    3. Allocating External Addresses Dynamically

    4. Allocating External Addresses Statically

    5. Translating Some Addresses Statically and Others Dynamically

    6. Using Route Maps to Refine Static Translation Rules

    7. Translating in Both Directions Simultaneously

    8. Rewriting the Network Prefix

    9. Using NAT for Server Load Distribution

    10. Stateful NAT Failover

    11. Adjusting NAT Timers

    12. Changing TCP Ports for FTP

    13. Checking NAT Status

    14. Debugging NAT

  22. Chapter 22 First Hop Redundancy Protocols

    1. Introduction

    2. Configuring Basic HSRP Functionality

    3. Using HSRP Preempt

    4. Making HSRP React to Problems on Other Interfaces

    5. Load-Balancing with HSRP

    6. Redirecting ICMP with HSRP

    7. Manipulating HSRP Timers

    8. Using HSRP on Token Ring

    9. HSRP SNMP Support

    10. Increasing HSRP Security

    11. Showing HSRP State Information

    12. Debugging HSRP

    13. HSRP Version 2

    14. VRRP

    15. Gateway Load-Balancing Protocol

  23. Chapter 23 IP Multicast

    1. Introduction

    2. Configuring Basic Multicast Functionality with PIM-DM

    3. Routing Multicast Traffic with PIM-SM and BSR

    4. Routing Multicast Traffic with PIM-SM and Auto-RP

    5. Filtering PIM Neighbors

    6. Configuring Routing for a Low-Frequency Multicast Application

    7. Multicast over Frame Relay or ATM WANs

    8. Configuring CGMP

    9. Using IGMP Version 3

    10. Static Multicast Routes and Group Memberships

    11. Routing Multicast Traffic with MOSPF

    12. Routing Multicast Traffic with DVMRP

    13. DVMRP Tunnels

    14. Configuring Bidirectional PIM

    15. Controlling Multicast Scope with TTL

    16. Controlling Multicast Scope with Administratively Scoped Addressing

    17. Exchanging Multicast Routing Information with MBGP

    18. Using MSDP to Discover External Sources

    19. Configuring Anycast RP

    20. Converting Broadcasts to Multicasts

    21. Showing Multicast Status

    22. Debugging Multicast Routing

  24. Chapter 24 IP Mobility

    1. Introduction

    2. Local Area Mobility

    3. Home Agent Configuration

    4. Foreign Agent Configuration

    5. Making a Router a Mobile Node

    6. Reverse-Tunnel Forwarding

    7. Using HSRP for Home Agent Redundancy

  25. Chapter 25 IPv6

    1. Introduction

    2. Automatically Generating IPv6 Addresses for an Interface

    3. Manually Configuring IPv6 Addresses on an Interface

    4. Configuring DHCP for IPv6

    5. Dynamic Routing with RIP

    6. Modifying the Default RIP Parameters

    7. IPv6 Route Filtering and Metric Manipulation in RIP

    8. Using OSPF for IPv6

    9. IPv6 Route Filtering and Metric Manipulation in OSPF

    10. Route Redistribution

    11. Dynamic Routing with MBGP

    12. Tunneling IPv6 Through an Existing IPv4 Network

    13. Translating Between IPv6 and IPv4

  26. Chapter 26 MPLS

    1. Introduction

    2. Configuring a Basic MPLS P Router

    3. Configuring a Basic MPLS PE Router

    4. Configuring Basic MPLS CE Routers

    5. Configuring MPLS over ATM

    6. PE-CE Communication via RIP

    7. PE-CE Communication via OSPF

    8. PE-CE Communication via EIGRP

    9. PE-CE Communication via BGP

    10. QoS over MPLS

    11. MPLS Traffic Engineering with Autoroute

    12. Multicast Over MPLS

    13. Your Service Provider Doesn’t Do What You Want

  27. Chapter 27 Security

    1. Introduction

    2. Using AutoSecure

    3. Using Context-Based Access-Lists

    4. Transparent Cisco IOS Firewall

    5. Stopping Denial of Service Attacks

    6. Inspecting Applications on Different Port Numbers

    7. Intrusion Detection and Prevention

    8. Login Password Retry Lockout

    9. Authentication Proxy

  1. Appendix 1 External Software Packages

    1. Perl

    2. Expect

    3. NET-SNMP

    4. PuTTY

    5. OpenSSH

    6. Ethereal

  2. Appendix 2 IP Precedence, TOS, and DSCP Classifications

    1. IP Precedence, TOS, and DSCP Classifications

    2. Queueing Algorithms

    3. Dropping Packets and Congestion Avoidance

  3. Colophon

Return to Cisco IOS Cookbook