BGP RegEx Flashcards

IP address
Terms Definitions
^
Start of string
$
End of string
[]
Range of characters
-
Used to specify range ( i.e. [0-9] )
( )
Logical grouping
.
Any single character
*
Zero or more instances
+
One or more instance
?
Zero or one instance
_
Comma, open or close brace, open or close parentheses, start or end of string, or space
Anything
.*
Locally originated routes
^$
Learned from AS 100
^100_
Originated in AS 100
_100$
Any instance of AS 100
_100_
Directly connected ASes
^[0-9]+$
accept prefixes from [rtrX] that were originated by [AS501] or its directly connected ASes
permit ^501_[0-9]*$
AF11 DSCP 10
001010 is AF XX and DSCP XX
010100
AF XX
DSCP XX
AF 22
DSCP 20
011110
AF XX
DSCP XX
AF 33
DSCP 30
PFR - Create a Zone
zone security zonename
PFR - Assign a Zone to an interface
int fa0/0
zone-member security zone
PFR - Create a Zone Pair
zone-pair security zonename source z1 destination z2
zone-pair security zp source z1 destination z2
[command to apply policy p1]
service-policy type inspect p1
ZBF - Create a Zone
zone security ...
ZBF - Apply Zone to Interface
int fa0/0
zone-member security ...
ZBF - Zone Pair
zone-pair security ...
ZBF - Class Map
class-map type inspect
 


ZBF - Policy Map


 
policy-map type inspect
 

 


ZBF - Actions


 

 
class type inspect class-name
drop - Drops packets that are matched with the defined class
pass - Allows packets that are matched with the defined class.
police rate - Limits traffic matching within a firewall (inspect) policy.
inspect - Enables Cisco IOS stateful packet inspection.
 
Lock and Key - Local Username
username test password test
username test autocommand access-enable host timeout 10
Lock and Key - Interface Access-list
interface Ethernet0/0 
  ip address 10.1.1.1 255.255.255.0 
  ip access-group 101 in 
 
access-list 101 permit tcp any host 10.1.1.1 eq telnet 
 
!--- 15 (minutes) is the absolute timeout.
access-list 101 dynamic testlist timeout 15 permit ip 10.1.1.0 /24 172.16.1.0 /24
rip authentication
int fa0/x
ip rip auth mode md5
ip rip auth key-chain keychain
eigrp auth
ip auth mode eigrp 10 md5
ip auth key-chain eigrp 10 keychain
Reflexive ACLs - Apply to Interface
interface Ethernet0/1
 ip address 172.16.1.2 255.255.255.0
 ip access-group inboundfilters in
 ip access-group outboundfilters out 
 
ip access-list extended outboundfilters
permit icmp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 
permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 reflect tcptraffic
 
 
 
 
ip access-list extended inboundfilters
permit icmp 172.16.1.0 0.0.0.255 10.1.1.0 0.0.0.255
evaluate tcptraffic
Reflexive ACLs - Global Options
ip reflexive-list timeout 120
IOS IPS - 
First, we need a place for IPS configuration files to call home. IPS wants a folder. Lets make a directory on the router flash. Optionally if there were other IOS file systems present, we could use those writable file systems as well.
R6#mkdir ips
Create directory filename [ips]?
Created dir flash:/ips
R6#
IOS IPS uses a crypto key to verify the digital signature for the master signature file, which is signed using a private key. To verify the signature, we need a corresponding public key. This key is available as a text file on Cisco’s site. The file
R6(config)#crypto key pubkey-chain rsa
R6(config-pubkey-chain)#named-key realm-cisco.pub signature
Translating "realm-cisco.pub"
R6(config-pubkey-key)#key-string
Enter a public key as a hexidecimal number ....
R6(config-pubkey)#$2A864886 F70D0101 01050003 82010F00 3082010A 02820101...
Let’s check the ips folder we created on flash. It should still be empty.
R6#cd ips
R6#dir
Directory of flash:/ips/
 
No files in directory
 
255967232 bytes total (187428864 bytes free)
R6#cd ..
Once we complete the IPS configuration, the router can monitor all traffic on the interface and direction we specify. If we want to limit the traffic that goes through the IPS processing, we can use an access-list to filter. Only traffic permitted in the
R6(config)#access-list 123 permit ip any host 6.6.6.6
Next we will create an IPS rule named “IOS-IPS”, and associate the ACL(123) we just created. In a later step, we will apply IPS rule to an interface.
R6(config)#ip ips name IOS-IPS list 123
IPS needs to know where to keep it’s signature definitions and configurations. It just so happens that we have a folder on flash we created earlier named “ips”. We will use that directory.
R6(config)#ip ips config location flash:/ips
IOS IPS - The router can send alerts using Security Device Event Exchange (SDEE) and/or Syslog. We will configure both, and allow up to 2 simultaneous SDEE managers to setup up requests for alerts called subscriptions. To use SDEE, http server must be en
R6(config)#ip ips notify sdee
R6(config)#ip sdee subscriptions 2
R6(config)#ip ips notify log
R6(config)#ip http server
IOS IPS - Before we apply the IPS rule to an interface, we are going to set up some safety. We will retire all the signatures, and then enable just the signatures in the “advanced” default set. If we un-retired the “all” category, it is possible t
R6(config)#ip ips signature-category
R6(config-ips-category)#category all
R6(config-ips-category-action)#retired true
R6(config-ips-category-action)#exit
R6(config-ips-category)#
R6(config-ips-category)#category ios_ips advanced
R6(config-ips-category-action)#retired false
R6(config-ips-category-action)#end
Do you want to accept these changes? [confirm]
R6#
Applying Category configuration to signatures ...
R6#
Next we will apply the ips (name is IOS-IPS) rule we created to an interface. We also enable virtual-reassembly so that IPS can better analyze sessions and attacks that comprise multiple packets.
R6(config)#interface FastEthernet0/0
R6(config-if)#ip ips IOS-IPS in
R6(config-if)#ip virtual-reassembly
EEM
event manager applet EEM-NAME
 event cli pattern "tclsh" sync yes
 action 1.0 syslog msg "Attempted to tclsh at  $_event_pub_time"
 set 2.0 _exit_status 0

What does the sync yes do?
When you use the sync yes option in the event cli command, the EEM applet runs before the CLI command is executed. 
EEM
 
event manager applet EEM-NAME
 event cli pattern "tclsh" sync yes
 action 1.0 syslog msg "Attempted to tclsh at  $_event_pub_time"
 set 2.0 _exit_status 0

What does the _exit_status 0 do?
 
The EEM applet should set the _exit_status variable to indicate whether the CLI command should be executed (_exit_status set to one) or not (_exit_status set to zero).
Make sure that it‟s not possible to use the “tclsh” feature on R9. Also make sure that the when the “tclsh” feature is trying to be used a syslog message is generated and this is sent to the logging server. The syslog message needs to be: "Att
 
event manager applet EEM-NAME
 event cli pattern "tclsh" sync yes
 action 1.0 syslog msg "Attempted to tclsh at $_event_pub_time"
 set 2.0 _exit_status 0
 
With the sync no option, the EEM applet is executed in
background in parallel with the CLI command. 
As the CLI command starts at the same time as the EEM applet, you cannot use the _exit_status variable anymore; you have to specify whether you want the CLI command to execute with the
skip yes|no option of the event cli command. 
EEM
Name it NoReload.
Ensure that when this command is entered EEM kicks in in-Parrallel but the command does not execute. A syslog msg with a priority of "errors" and a message about what you cannot do should appear
 
event manager applet NoReload
 event cli pattern "reload" sync no skip yes
 action 1.0 syslog priority errors msg "Cannot reload this router"
 
EEM
Name the applet EEM-NAME
when a user enters "tclsh" the router should execute EEM before the command takes place. A syslog message should say "Attempted to tclsh at " with the last word a variable that puts the time when the event occured. The comma
event manager applet EEM-NAME
event cli pattern "tclsh" sync yes
action 1.0 syslog msg "Attempted to tclsh at $_event_pub_time"
set 2.0 _exit_status 0
 
If R7 receives the prefix 150.50.66.6/32 from OSPF and it is added to the routing table. R7 should fire a log message saying: “Evil prefix received”
After bootup R7 should wait 5 minutes before enabling the routing Event Detector.
 
event manager applet 63
 event routing prot ospf netw 150.50.66.6/32 type add
 action 1 syslog msg “Evil prefix received”
 exit
 
event manager detector routing bootup-delay 300
Loopback0 interface on R1 must always be up. Configure appropriate feature on R1 to monitor if
Loopback0 is disabled and reconfigure it if it happens.
first action "Re-Enabling Loopback0"
next actions  - turn it back on
event syslog occurs 1 pattern "Loopback0.*down"
 action 1.0 syslog msg "Re-Enabling Loopback0"
 action 1.1 cli command "enable"
 action 1.2 cli command "configure terminal"
 action 1.3 cli command "interface Loopback0"
 action 1.4 cli command "no shutdown"
PPPoE - Client
int fa0/0
 no ip address
 pppoe enable
 pppoe-client dial-pool-number 1
 
int dialer1
 mtu 1492
 encapsulation ppp
 ip add negotiated
 dialer pool 1
PPPoE - Server
bba-group pppoe global
 virtual-template 1
 
int virtual-template 1
 mtu 1492
 encapsulation ppp
 ip add 192.168.60.1 255.255.255.0
 peer default ip address pool pool1

ip local pool pool1 192.168.60.6 192.168.60.6
PPP Authentication
(plain text)
- Configure a maximum of 3 bad authentication retries
- configure Link control and IP control to predict peer responses
Your router hostname is R1
int s0/0/0
 ip add 192.168.60.1 255.255.255.0
 encapsulation ppp
 ppp authentication pap
 ppp pap sent-username R1 password ipexpert
 ppp lcp predictive
 ppp ipcp predictive
 ppp max-bad-auth 3
 no shut
PPP over Frame Relay
Username to use for chap authentication: T3ST123
username T3ST123 password ipexpert
int s0/0/0
 encapsulation frame-relay
 frame-relay interface-dlci 102 ppp virtual-template 1
 
int virtual-template 1
 ip add 192.168.60.1 255.255.255.0
 ppp authentication chap
 ppp chap hostname T3ST123
MPLS Password Configuration
-Configure the MPLS password for your neighbor. do not use "neighbor password" command. Ensure Both sides require authentication. Use a source of the loopback.
ip cef
mpls label protocol ldp
mpls ldp password option 1 for 1 cisco
mpls ldp router-id lo0
mpls ldp password required
 
access-list 1 permit 7.7.7.7
int fa0/0
mpls ip
PPP authentication using PAP with same username (from remote host) configured locally.
 
no ppp chap ignoreus
 
[/32] (ppp: ip address negotiated)--[/24]
Using RIP authentication neighbor does not form.
To correct this...
no validate-update-source
Make this acl as small as possible:
 
access-list 5 permit 172.20.33.2 0.0.0.0
access-list 5 permit 172.20.34.2 0.0.1.0
access-list 5 permit 172.20.36.2 0.0.3.0
access-list 5 permit 172.20.40.2 0.0.3.0
access-list 5 permit 172.20.44.2 0.0.1.0
acce
access-list 5 deny 172.20.32.0 0.0.0.255
access-list 5 deny 172.20.47.0 0.0.0.255
access-list 5 permit 172.20.32.0 0.0.15.255
area 256 virtual-link 5.5.5.5 [authentication practice]
OSPF rfc1587
 
configure this area according to this RFC
area x nssa
configuring a router to OSPF with a switch
 
what should you ALWAYS DO!!??
int fa0/0
ip ospf mtu-ignore
OSPF Frame Relay Network
R1 - Serial s0/1/0
R2  Serial s0/1/0 (hub)
R3 - Serieal s0/1/0.1 multipoint
 
What are the network types and priorities
R1 - ip ospf network broadcast (pri 0)
R2 - ip ospf network broadcast (pri 255)
R3 - ip ospf network broadcast (pri 0)
set mtu on switch just for routing protocols
system mtu routing
quick way for pinging
192.168.60.1
192.168.60.2
192.168.60.3
 
variable IP
tclsh
foreach IP {
192.168.60.1
192.168.60.2
192.168.60.3
} { ping $IP }
When you configure an OSPF area to NSSA (ABR R2) then in another part of the network you configure EIGRP and redistribute that into the OSPF network, the NSSA area would NOT see the routes.
 
Why not?
What would you need to configure to fix this
The routes would be type 5 LSA and not propagated in the  area.
 
Configure ABR (R2) to: nssa no-summary
on two interfaces running EIGRP
 
int s0/0/0
int s0/1/0
 
how would you balance traffic accross both links per packet?
int s0/0/0
ip load-sharing per-packet
int s0/1/0
ip load-sharing per-packet
For Multicast
R2 is loopback is RP
what do you configure under the interface?
ip pim sparse-mode
For Multicast
For A multicast network; a router R3 has the following config:
 
int lo1
ip igmp join-group 2.2.2.2
 
Do we configure pim on this interface?
no; do not put "ip pim sparse-mode"
Multicast over a frame-relay hub and spoke configuration; what do you configure on the interface going to the frame cloud?
ip pim nbma
 
This will help prevent failures and treat each connection to the spokes (for multicast) as point-to-point connections.
ipv6 link local
 
starts with
use ::2
 
 
ipv6 add ?
ipv6 add fe80::2 link-local
with ospf and eigrp ipv6 under the routing process you should ALWAYS set:
a router-id
 
ipv6 router eigrp 256
 eigrp router-id 5.5.5.5
QoS - Set the precedence to 5 under a class map
class-map test
set precedence 5
icmp type 0
icmp echo-reply
icmp type 8
icmp echo
The “rotary” command, when applies to a “line vty” paragraph, sets that router’s telnet daemon listening on port

for port 3005 the config is:
 3000 + the rotary number

line vty 0 5
rotary 5
ZBF - To police
 
class type inspect ftp
police rate 2000000 bursts 250000
 
what must be put in the class first?
inspect
 
class type inspect ftp
 inspect
 police rate 2000000 burst 250000
ZBF - Even loopback interface should be on the inside network
 
int lo1
zone-member security inside
int lo1
zone-member security inside
ZBF - p2p
 
there are how many?
5
 
class-map type inspect match-any p2p
match protocol bittorrent
match protocol edonkey
match protocol fasttrack
match protocol gnutella
match protocol kazaa2
ZBF - Drop then log under a p2p class
class type inspect p2p
 drop log
Custom Queu 8.4 Qos Lab 1
Pri Queu
ZBF with http & local traffic example (see favorites)
RSVP
EIGPR FD/RD
ford (show command placement)
Configure a switchport where
"I want to be a trunk, but if you don't want to, then I won't"
 
ensure that if trunking is enable, the trunking will be dot1q
int fa0/0
switchport mode dynamic desirable
switchport trunk encapsulation dot1q
Configure a switchport where, "It's all up to you, I don't want to be a trunk but if you insist, I will"
int fa0/0
switchport mode dynamic auto
On a switchport, how do you remove a VLAN from an existing list of allowed vlans?
int fa0/0
switchport trunk allowed vlan remove x
On a switchport, how do you allow all vlans on a port but not vlans 3 and 4
int fa0/0
switchport trunk allowed vlan except 3,4
Disable flow control on an ethernet interface
int fa0/0
flowcontrol receive off
After reviewing a CCIE lab you see that EXTENDED VLANs will be used throught, which VTP mode MUST you use?
vtp mode transparent
What's the default VTP version of a switch
VTP version 1
Your using MST - -'optimize' BPDU transmission in the network. there are never going to be any addional switches added to any interfaces. there are 4 switches (1 is root)
spanning-tree mst 0 root primary diameter 3
ensure all devices can communicate immediately when their interfaces are enabled (even in trunk mode)
int fa0/0
spanning-tree portfast trunk
practice this:
configure spanning-tree that uses less CPU
all VLANs should be mapped to the default
set the revision to be 1
 
spanning-tree mode mst
spanning-tree mst configuration
instance 0 vlan 1-4094
revision 1
 
on a multilink with an mu69 interface with two s0/0/0 / s0/0/1 interfaces part of the bundle.
 
Where do you apply the configuration to not automatically create a /32 route for the neighbor
int mu69
no peer neighbor-route
you have a point-to-point PPP interface s0/0/0 and you want to ensure that a /32 route for your neighbor does not appear. where and what do you configure? 
int s0/0/0
no peer neighbor-route
 
If you have an area 1332 and a virtual link between that area (R1 > R2) and you need to make the area a stub, how do you do it?
 
-you can't, virtual-links can't traverse stub areas
Your requirements: all redistributed routes should have a tag of 1
 
router ospf 1
redistribute static subnets tag 1
 
You need to know create a summary route for those redistributed /24's. The summary would be a /23
10.5.5.0/24, 10.5.6.0/24. How
router ospf 1
summary-address 10.5.5.0 255.255.254.0 tag 1
You advertised a summary address via EIGRP, how do you prevent the null0 from appearing in the routing table?
 
it's a switch. Your interface is vlan 1122. That's the same as your routing protocol
int vlan 1122
ip summary-address eigrp 1122 10.0.0.0 255.255.255.0 255
 
- where 255 is the AD 
router rip
network 166.6.0.0
redistribute connecte route-map loopback
route-map loopback permit 10
match interface lo0
set tag 77
int lo0
ip add 166.6.6.6 255.255.255.255
would you/your neighbors see the tag?
Nope! - they are covered by network statement
 
whenever doing mutual redistribution in more than one place - that means your opening up the possibility of a ____. what do you need to do?
opens a possibility of routing loops
we need to tag and filter
BGP Template
router bgp 1220
bgp router-id 166.2.2.2
 
template peer-session AS1220-session
 remote-as 1220
 update-source lo0
 password ipexpert
 
template peer-policy AS1220-policy
 route-reflector-client
 next-hop-self
 
neighbor 166.1.1.1 inherit peer-session AS1220-session
neighbor 166.1.1.1 inherit peer-policy AS1220-policy
neighbor 166.12.21.21 inherit peer-session AS1220-session
neighbor 166.12.21.21 inherit peer-policy AS1220-policy
neighbor 166.12.21.21 password ipexpert?
when they say peer using minimal configuration on all routers
 
if it's one neighbor - don't use peer groups
more than one - use peer-groups (but not always)
fix
Prevent BGP transit using community
route-map no-transit permit 10
set community no-export
224.0.0.0/4
 
what's the wild card
permit 224.0.0.0 15.255.255.255
configure this router's loopback 0 interface as a BSR RP
ip pim bsr-candidate lo0 ( me first)
ip pim rp-candidate lo0   (To be a PIMv2 RP candidate)
(To be a PIMv2 RP candidate)
ip pim rp-candidate          To be a PIMv2 RP candidate
R7(config-pmap-c)#int fa0/0.789
R7(config-subif)#service-policy output allocate-SMTP
 CBWFQ : Not supported on subinterfaces
 
what do we do?
int fa0/0
service-policy output allocate-SMTP
set your ntp server to be 166.21.21.21
ntp server 166.21.21.21 prefer
configure router 1 on interface fa0/0 to be a learn it's time using the multicast address 224.21.21.21
ip multicast-routing
 
int fa0/0
ntp multicast client 224.21.21.21
ip pim sparse-dense-mode
Jul 23 01:27:36.487: OSPF: Rcv pkt from 223.5.6.6, Serial0/1/0, area 0.0.0.0
      mismatch area 0.0.2.57 in the header
 
but no virtual links created?
All routers have frame-relay connected between them and getting the error from an unused pvc!
.9 [ r9 ] ---s0/2/0--- [ r6] .6 (223.9.6.0/27)
 

.9 [ r9 ] ---s0/2/1--- [ r6] .6 (223.6.9.0/27)
 
We need to configure back-to-back frame-relay!
 
This would allow each (chosen dlci) to be in it's own VRF/etc!
 
Less commands on R9!

 
R6 (switch/server)
frame-relay switching
default int s0/2/0
deault int s0/2/1

int s0/2/0
encapsulation frame-relay
frame-relay intf-type dce
no shut

int s0/2/0.609 point-to-point
ip add 223.9.6.6 255.255.255.224
frame-relay interface-dlci 609

int s0/2/1
encapsulation frame-relay
frame-relay intf-type dce
no shut

int s0/2/1.906 point-to-point
ip add 223.6.9.6 255.255.255.224
frame-relay interface-dlci 906
 
r9
default int s0/2/0
default int s0/2/1

int s0/2/0
encapsulation frame-relay
no shut
int s0/2/1
encapsulation frame-relay
no shut

int s0/2/0.609 point-to-point
ip add 223.6.9.9 255.255.255.224
frame-relay interface-dlci 609
int s0/2/1.906 point-to-point
ip add 223.9.6.9.255.255.255.224
frame-relay interface-dlci 906
 
EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
 
This is the default metric weights. What are the values K1 , and K3?
K1 = Bandwidth = 1
 
K2 = load = 0 
 
K3 = Delay = 1
 
K4 = Reliability = 0
 
K5 = MTU = 0
make sure eigrp takes bandwidth, delay ,  reliability, load into account when calculating metric
Cisco.com > metric weights tos k1 k2 k3 k4 k5
 
answer: metric weights 0 1 1 1 1 1
bgp - 
 
using confederations
you are asked to prepend your local loopback.you are in sub-as 6. your loop back is 215.0.0.6. Your pre-pend is supposed to be 66. What will your bgp confederation configuration look like? Your real as is 55 and your nei
router bgp 55
bgp bestpath med missing-as-worst
bgp confederation identifier 66 4678
bgp confederation peers 478
bgp router-id 215.0.0.6
r6 should not accept peering sessions from as478 is hold-time is configured to a value lower than 30 seconds.
 
your neighbor is 215.0.0.4
 
Do you configure this on r6 only or on r6 and it's neighbor?
neighbor 215.0.0.4 timers 60 180 30
 
r6 only!
bgp - with confederation sub-as eBGP peering should you set the next-hop-self?
yes!
bgp - on your router loopback 0 (215.1.1.1/32) needs to be advertised using bgp. 
 
Also you need to pre-pend as 77 to it.
 
How would you do it?
router bgp as
 network 215.1.1.1 mask 255.255.255.255
 neighbor 1.1.1.1 route-map my-as out
 
ip prefix-list loopback0 permit 215.1.1.1/32
 
route-map my-as permit 10
 match ip address prefix-list loopback0
 set as-path prepend 77
route-map my-as permit 20
bgp - always watch out for what when peering?
neighbor [n] next-hop-self
configuration to join the group 239.0.0.4 on loopback0
int lo0
ip pim sparse-mode
ip igmp join-group 239.0.0.4
R7(config)#ip pim bsr-candidate lo0 ?
  <0-32>  Hash Mask length for RP selection
  <cr>
ip pim bsr-candidate lo0 0 255
R7(config)#ip pim bsr-candidate lo0 0 ?
  <0-255>  Priority value for candidate bootstrap router
  <cr>
 
Default boostrap priority?
0
Do not initiate BGP sessions to BB1 but wait for BB1 (215.0.0.21) to initiate it. Your as is 478.
router bgp 478
neighbor 215.0.0.21 transport connection-mode passive
Filter pim neighbors to specific ip. What is the command?
 
access-list 1 permit host 1.1.1.1
int fa0/1.821
ip pim neighbor-filter 1
Re: Police vs police cir vs police rate
1st option
police 96(Kbps i.e)
This means SINGLE RATE TWO COLOR(One Bucket)
in this option u define only
confirm action = (mostly transmite)
exced action= (mostly  drop)
2nd Option
Police CIR 96(kbps ie) bc xxxx be xxxx
This is called Single Rate Three Color Policer (Two Buckets)
in this option u define
police cir xxx bc xxx be
confirm action, Exced action violate action
3rd Option
Two Rate Three-color policer(Two Buckets)
in this u define CIR and PIR
police rate (cir)xxxx (pir) xxxx and than confirm action, Exced action violate action
Your on a switch:
you issue the command - 
 
interface FastEthernet0/7
mls qos trust dscp
 
Is QoS enabled on this switch globally?
Cat2#sh mls qos
QoS is disabled
QoS ip packet dscp rewrite is enabled
configure netflow export on r2 [215.12.34.28].
 
export version 5 packets using fully reliable method and port 3434. if the primary server is not reachable in 3 seconds, use [215.12.34.27] as destination. When the primary server comes back into operati
ip flow-export version 5
ip flow-export source lo0
ip flow-export destination 215.12.34.28 3434 sctp
reliability full
backup mode fail-over
backup destination 215.12.34.27 3434
backup fail-over 3000
backup restore-time 30
 
int s0/1/0.204
 ip flow ingress
int s0/1/0.206
 ip flow ingress
RIP TO EIGRP
MTU: 1500
Realiability: Maximum
load: minimum
delay: 10 milliseconds
bandwidth: 100 mb/s
 
what's the default metric?
default-metric 100000 1000 255 1 1500
Eigrp 10 milliseconds is expressed as?
 
 
"1000"
If you have a "frame-relay MESH"
the interfaces should be either what or what?
 
also should have the appropriate?
as well as have what disabled?
multipoint sub interfaces or main interfaces
 
appropriate map statements
inverse arp disabled
using a class-map; this PVC has 48 Kb/s CIR guarantee, with CIR peak to 64 Kb/s.
map-class frame-relay FR-QoS
 frame-relay cir 64000
 frame-relay mincir 48000
Practice conversion from milliseconds/microseconds bits/bits/mbits etc.
when you see:
 
router ospf 1
distance ospf intra-area 255 external 109
 
how would you remove this line of command?
router ospf 1
default distance ospf
neighbor 86.87.232.23 local-as 2 no-prepend replace-as dual-as

What does each bold item do?
no-prepend  Do not prepend local-as to updates from ebgp peers
replace-as  Replace real AS with local AS in the EBGP updates
dual-as  Accept either real AS or local AS from the ebgp peer
show ip bgp 86.87.0.0 255.255.255.0 longer-prefixes
 
shows what?
all BGP routes in the bgp table that start with 86.87.0.
 
-- GENIUS
Configure a kron policy name Save
 
this should reoccur every 3 minutes
the config should be saved
the router should be reloaded
kron occurrence Save in 3 recurring
 policy-list Save
 
kron policy-list Save
 cli write memory
 cli reload running-config
spanning-tree mode mst
spanning-tree mst configuration
>
>
 
What's missing?
spanning-tree mode mst
spanning-tree mst configuration
 name IPexpert
 revision 1
Rate Limit
 
2000 Kb/s
 
rate-limit output 2000000 a b
 
a = <1000-512000000>  Normal burst bytes
b = <2000-1024000000>  Maximum burst bytes
What is the result of a and b? What is the formula?
rate-limit output 2000000 375000 750000
 
Normal burst bytes: CAR x (1/8) x 1.5
Maximum burst bytes: double the above value
Rate Limit
 
you have a router r8
 
[fa0/0]--attached to interface dialer1
 
Where do you place the rate-limit command?
on the interface fa0/0
EIGRP - 
r7 should perform equal-cost load-sharing traffic to lo0 of r4
 
How do we solve this?
equal-cost!!!! Means we DO NOT use variance
/ 140
Term:
Definition:
Definition:

Leave a Comment ({[ getComments().length ]})

Comments ({[ getComments().length ]})

{[comment.username]}

{[ comment.comment ]}

View All {[ getComments().length ]} Comments
Ask a homework question - tutors are online