You are previewing Cisco IOS in a Nutshell, 2nd Edition.
O'Reilly logo
Cisco IOS in a Nutshell, 2nd Edition

Book Description

Cisco routers are everywhere that networks are. They come in all sizes, from inexpensive units for homes and small offices to equipment costing well over $100,000 and capable of routing at gigabit speeds. A fixture in today's networks, Cisco claims roughly 70% of the router market, producing high-end switches, hubs, and other network hardware. One unifying thread runs through the product line: virtually all of Cisco's products run the Internetwork Operating System, or IOS.

If you work with Cisco routers, it's likely that you deal with Cisco's IOS software--an extremely powerful and complex operating system, with an equally complex configuration language. With a cryptic command-line interface and thousands of commands--some of which mean different things in different situations--it doesn't have a reputation for being user-friendly.

Fortunately, there's help. This second edition of Cisco IOS in a Nutshell consolidates the most important commands and features of IOS into a single, well-organized volume that you'll find refreshingly user-friendly.

This handy, two-part reference covers IOS configuration for the TCP/IP protocol family. The first section includes chapters on the user interface, configuring lines and interfaces, access lists, routing protocols, and dial-on-demand routing and security. A brief, example-filled tutorial shows you how to accomplish common tasks.

The second part is a classic O'Reilly quick reference to all the commands for working with TCP/IP and the lower-level protocols on which it relies. Brief descriptions and lists of options help you zero in on the commands you for the task at hand. Updated to cover Cisco IOS Software Major Release 12.3, this second edition includes lots of examples of the most common configuration steps for the routers themselves. It's a timely guide that any network administrator will come to rely on.

Table of Contents

  1. Preface
    1. Organization
    2. What’s New in This Edition
    3. Conventions
    4. Safari Enabled
    5. We’d Like to Hear from You
    6. Acknowledgments
  2. 1. Getting Started
    1. 1.1. IOS User Modes
    2. 1.2. Command-Line Completion
    3. 1.3. Get to Know the Question Mark
    4. 1.4. Command-Line Editing Keys
    5. 1.5. Pausing Output
    6. 1.6. show Commands
  3. 2. IOS Images and Configuration Files
    1. 2.1. IOS Image Filenames
      1. 2.1.1. Platform Identifier
      2. 2.1.2. Feature Set
      3. 2.1.3. Image Execution Location
    2. 2.2. The New Cisco IOS Packaging Model
      1. 2.2.1. Example of New Image Name
      2. 2.2.2. Status of the Release
      3. 2.2.3. Finding the Release on Cisco’s Web Site
    3. 2.3. Loading Image Files Through the Network
      1. 2.3.1. Using TFTP to Download Files
      2. 2.3.2. Using RCP to Download Files
      3. 2.3.3. Using SCP to Download Files
    4. 2.4. Using the IOS Filesystem for Images
      1. 2.4.1. Upgrading Flash Memory Using the Filesystem Commands
    5. 2.5. The Router’s Configuration
    6. 2.6. Loading Configuration Files
      1. 2.6.1. Loading the running-config
      2. 2.6.2. Loading the startup-config
      3. 2.6.3. Saving running-config to startup-config
      4. 2.6.4. Viewing a Configuration
        1. 2.6.4.1. Options for the show config command
        2. 2.6.4.2. Stopping the —More— prompt
      5. 2.6.5. Erasing a Stored Configuration
      6. 2.6.6. Saving a Configuration to a Network Server
  4. 3. Basic Router Configuration
    1. 3.1. Setting the Router Name
    2. 3.2. Setting the System Prompt
    3. 3.3. Configuration Comments
    4. 3.4. The Enable Password
    5. 3.5. Mapping Hostnames to IP Addresses
      1. 3.5.1. IP Host Tables
      2. 3.5.2. Enabling DNS
    6. 3.6. Setting the Router’s Time
      1. 3.6.1. The Calendar Versus the Clock
      2. 3.6.2. Configuring NTP
    7. 3.7. Enabling SNMP
    8. 3.8. Cisco Discovery Protocol
    9. 3.9. System Banners
      1. 3.9.1. Creating Banners
      2. 3.9.2. Disabling Banners
  5. 4. Line Commands
    1. 4.1. The line Command
      1. 4.1.1. Absolute and Relative Line Numbering
    2. 4.2. The Console Port
    3. 4.3. Virtual Terminals (VTYs)
    4. 4.4. Asynchronous Ports (TTYs)
    5. 4.5. The Auxiliary (AUX) Port
    6. 4.6. show line
    7. 4.7. Reverse Telnet
    8. 4.8. Common Configuration Items
      1. 4.8.1. Communication Parameters
      2. 4.8.2. Transport Type
      3. 4.8.3. Session Limits and Timeouts
      4. 4.8.4. Special Characters and Key Sequences
  6. 5. Interface Commands
    1. 5.1. Naming and Numbering Interfaces
      1. 5.1.1. Subinterfaces
    2. 5.2. Basic Interface Configuration Commands
      1. 5.2.1. shutdown
      2. 5.2.2. Interface Descriptions
      3. 5.2.3. Setting the IP Address and Subnet Mask
        1. 5.2.3.1. Secondary IP address(es)
      4. 5.2.4. Other Common Interface Commands
    3. 5.3. The Loopback Interface
    4. 5.4. The Null Interface
    5. 5.5. Ethernet, Fast Ethernet, and Gigabit Ethernet Interfaces
    6. 5.6. Token Ring Interfaces
    7. 5.7. ISDN Interfaces
      1. 5.7.1. A Simple ISDN Configuration
    8. 5.8. Serial Interfaces
      1. 5.8.1. Serial Encapsulation
      2. 5.8.2. Serial T1 Connection
      3. 5.8.3. T1 Configuration on a 2524 with a CSU/DSU Card
      4. 5.8.4. Channelized T1
    9. 5.9. Asynchronous Interfaces
      1. 5.9.1. Using the group-async Command
      2. 5.9.2. Specifying an IP Address Pool
      3. 5.9.3. Using BOOTP Configuration Items for Dial-in Connections
      4. 5.9.4. Using DHCP for IP Addresses and Dial-in Configuration Items
    10. 5.10. Interface show Commands
      1. 5.10.1. Clearing the show Command Counters
      2. 5.10.2. Listing All Interfaces
      3. 5.10.3. Using the show interface Commands
        1. 5.10.3.1. show interface accounting
        2. 5.10.3.2. show ip interface
  7. 6. Networking Technologies
    1. 6.1. Frame Relay
      1. 6.1.1. Important Frame Relay Terminology
      2. 6.1.2. Frame Relay Configuration
      3. 6.1.3. Mapping IP Addresses to DLCIs
        1. 6.1.3.1. Explicitly mapping DLCIs
        2. 6.1.3.2. Configuring a multipoint connection
      4. 6.1.4. Frame Relay Traffic Shaping
        1. 6.1.4.1. Enabling traffic-shaping on a frame relay link
        2. 6.1.4.2. Adaptive shaping
      5. 6.1.5. Frame Relay show Commands
    2. 6.2. ATM
      1. 6.2.1. ATM Terminology
      2. 6.2.2. Configuring Permanent Virtual Circuits
        1. 6.2.2.1. Configuring an ATM interface with static IP mapping
        2. 6.2.2.2. Configuring an ATM interface with dynamic IP mapping
      3. 6.2.3. Configuring Switched Virtual Circuits
        1. 6.2.3.1. ATM ARP server
      4. 6.2.4. Configuring with DXI
      5. 6.2.5. ATM show Commands
      6. 6.2.6. LAN Emulation (LANE)
        1. 6.2.6.1. LANE configuration notes
        2. 6.2.6.2. Configuring the LECS
        3. 6.2.6.3. Configuring the LES/BUS
        4. 6.2.6.4. Configuring the LEC
        5. 6.2.6.5. LANE show commands
    3. 6.3. DSL
      1. 6.3.1. Configuring Our DSL Client Router
      2. 6.3.2. Troubleshooting a DSL Connection
    4. 6.4. Cable
    5. 6.5. VoIP
      1. 6.5.1. VoIP Protocols
        1. 6.5.1.1. H.323
        2. 6.5.1.2. MGCP
        3. 6.5.1.3. SIP
      2. 6.5.2. VoIP Terminology
      3. 6.5.3. Examples
        1. 6.5.3.1. FXO Gateway to PSTN
        2. 6.5.3.2. H.323 call routing
        3. 6.5.3.3. MGCP call routing
        4. 6.5.3.4. SIP Configuration for VoIP
  8. 7. Access Lists
    1. 7.1. How Packets Match a List Entry
      1. 7.1.1. Address/Mask Pairs (Wildcards)
      2. 7.1.2. Computing a Wildcard for a Given Subnet Mask
      3. 7.1.3. Access List Processing
      4. 7.1.4. Implicit Deny
      5. 7.1.5. Access Lists Are Additive
      6. 7.1.6. Outbound Access Lists Are More Efficient Than Inbound
    2. 7.2. Types of Access Lists
      1. 7.2.1. Extended Access Lists
        1. 7.2.1.1. Specifying ports
        2. 7.2.1.2. Established connections
        3. 7.2.1.3. ICMP protocol entries
        4. 7.2.1.4. Applying an access list to an interface or line
      2. 7.2.2. Named Access Lists
        1. 7.2.2.1. Entering noncontiguous ports
      3. 7.2.3. Reflexive Access Lists
        1. 7.2.3.1. Creating the outbound reflexive list
        2. 7.2.3.2. Creating the inbound reflexive list
        3. 7.2.3.3. Applying the inbound and outbound reflexive lists to an interface
        4. 7.2.3.4. Setting the reflexive timeout
        5. 7.2.3.5. Reflexive list notes
    3. 7.3. Specific Topics
      1. 7.3.1. Adding Comments to an Access List
      2. 7.3.2. Timed Access Lists
      3. 7.3.3. Building a Gateway Router
        1. 7.3.3.1. IP address spoofing
        2. 7.3.3.2. Permitting FTP through an access list
        3. 7.3.3.3. Passive FTP
        4. 7.3.3.4. The actual access list
      4. 7.3.4. Optimizing Your Access Lists
      5. 7.3.5. Emulating a Packet Sniffer
      6. 7.3.6. Logging Access List Violations
      7. 7.3.7. Securely Updating Access Lists
      8. 7.3.8. Getting the List to a Router with TFTP, RCP, or SCP
  9. 8. IP Routing Topics
    1. 8.1. Autonomous System (AS) Numbers
    2. 8.2. Interior and Exterior Gateway Protocols
    3. 8.3. Distance-Vector and Link-State Routing Protocols
      1. 8.3.1. Distance-Vector Protocols
      2. 8.3.2. Link-State Routing Protocols
      3. 8.3.3. Administrative Distance
      4. 8.3.4. Variable-Length Subnet Masks (VLSM) and Classless Routing
      5. 8.3.5. Protocol Comparison
    4. 8.4. Static Routes
      1. 8.4.1. Default Static Routes
      2. 8.4.2. A Static Route to the Null Interface
      3. 8.4.3. Backup Static Routes
    5. 8.5. Split Horizon
    6. 8.6. Passive Interfaces
      1. 8.6.1. Route Redistribution
      2. 8.6.2. Filtering Routes
        1. 8.6.2.1. Filtering incoming routes
        2. 8.6.2.2. Filtering outgoing routes
        3. 8.6.2.3. Filtering updates during redistribution
        4. 8.6.2.4. Revisiting the example
      3. 8.6.3. Route Maps
        1. 8.6.3.1. Enforcing routing policy with route maps
        2. 8.6.3.2. Enforcing routing policy with the ip policy command
    7. 8.7. Fast Switching and Process Switching
      1. 8.7.1. Fast Switching
      2. 8.7.2. Process Switching
      3. 8.7.3. Useful show Commands
        1. 8.7.3.1. show ip route summary
        2. 8.7.3.2. clear ip route
        3. 8.7.3.3. show ip protocols
  10. 9. Interior Routing Protocols
    1. 9.1. RIP
      1. 9.1.1. Basic RIP Configuration
      2. 9.1.2. Enabling RIPv2 on the Network
      3. 9.1.3. Redistributing Other Routing Protocols into RIP
      4. 9.1.4. RIPv2 Authentication
    2. 9.2. IGRP
      1. 9.2.1. Basic IGRP Configuration
        1. 9.2.1.1. IGRP’s metric
        2. 9.2.1.2. Packet size
        3. 9.2.1.3. Modifying the range of the network
        4. 9.2.1.4. IGRP’s load balancing
      2. 9.2.2. Redistributing Other Protocols into IGRP
    3. 9.3. EIGRP
      1. 9.3.1. Enabling EIGRP on the Network
      2. 9.3.2. EIGRP and Route Summarization
        1. 9.3.2.1. Enabling route summarization on a specific interface
      3. 9.3.3. EIGRP Authentication
      4. 9.3.4. EIGRP Metrics
      5. 9.3.5. Tuning EIGRP
      6. 9.3.6. EIGRP show Commands
        1. 9.3.6.1. show ip eigrp neighbors
        2. 9.3.6.2. show ip eigrp topology
        3. 9.3.6.3. show ip eigrp traffic
      7. 9.3.7. EIGRP Redistribution
        1. 9.3.7.1. RIP
        2. 9.3.7.2. IGRP
      8. 9.3.8. Converting an IGRP Network to EIGRP
    4. 9.4. OSPF
      1. 9.4.1. OSPF Concepts
        1. 9.4.1.1. Areas
        2. 9.4.1.2. Router types
        3. 9.4.1.3. Link-state advertisements (LSAs)
        4. 9.4.1.4. Area types
        5. 9.4.1.5. Router ID
        6. 9.4.1.6. Designated router (DR)
      2. 9.4.2. Enabling OSPF on the Network
      3. 9.4.3. Sample OSPF Configurations
      4. 9.4.4. Route Summarization in OSPF
        1. 9.4.4.1. Inter-area summarization
        2. 9.4.4.2. External summarization
      5. 9.4.5. Virtual Backbone Links
      6. 9.4.6. Interoperability with Other Vendors
      7. 9.4.7. Default Routes in OSPF
      8. 9.4.8. NSSAs (Not-So-Stubby Areas)
      9. 9.4.9. OSPF Configuration Example
        1. 9.4.9.1. Putting route summarization to use
      10. 9.4.10. Redistributing Other Protocols into OSPF
      11. 9.4.11. OSPF show Commands
        1. 9.4.11.1. show ip ospf border routers
        2. 9.4.11.2. show ip ospf neighbor
        3. 9.4.11.3. show ip ospf database
        4. 9.4.11.4. show ip ospf interface
    5. 9.5. IS-IS
      1. 9.5.1. IS-IS Concepts
        1. 9.5.1.1. Level 1 and level 2
        2. 9.5.1.2. NSAP addressing
        3. 9.5.1.3. Enabling an interface for IS-IS
      2. 9.5.2. IS-IS configuration example
      3. 9.5.3. Show Commands
      4. 9.5.4. Authentication
      5. 9.5.5. Metric Tuning
      6. 9.5.6. Injecting a Default Route
      7. 9.5.7. IS-IS Route Leaking
  11. 10. Border Gateway Protocol
    1. 10.1. Introduction to BGP
      1. 10.1.1. How BGP Selects Routes
      2. 10.1.2. Basic Configuration Commands
        1. 10.1.2.1. The router and network commands
        2. 10.1.2.2. The neighbor command
        3. 10.1.2.3. Local-AS numbers
        4. 10.1.2.4. Synchronization
        5. 10.1.2.5. Automatic summary
        6. 10.1.2.6. default-originate
        7. 10.1.2.7. next-hop-self
        8. 10.1.2.8. BGP route dampening
        9. 10.1.2.9. iBGP checklist
    2. 10.2. A Simple BGP Configuration
    3. 10.3. Route Filtering
      1. 10.3.1. AS Path Filters
      2. 10.3.2. Community Filters
      3. 10.3.3. Aggregate Filters
    4. 10.4. An Advanced BGP Configuration
      1. 10.4.1. Adding a Preference
    5. 10.5. Neighbor Authentication
    6. 10.6. Peer Groups
    7. 10.7. Route Reflectors
    8. 10.8. BGP Confederacies
    9. 10.9. BGP TTL Security
  12. 11. Quality of Service
    1. 11.1. Marking
      1. 11.1.1. Different Types of ToS
        1. 11.1.1.1. IPv4 ToS Byte
        2. 11.1.1.2. Differentiated Services Codepoint (DSCP)
        3. 11.1.1.3. Assured Forwarding
        4. 11.1.1.4. Expedited Forwarding
        5. 11.1.1.5. DSCP example
    2. 11.2. Older Queuing Methods
      1. 11.2.1. FIFO
      2. 11.2.2. Priority Queuing
        1. 11.2.2.1. Monitoring priority queueing
      3. 11.2.3. Custom Queuing
        1. 11.2.3.1. Setting the queue size
        2. 11.2.3.2. Applying a queue to an interface
        3. 11.2.3.3. Assigning packets to queues by protocol type
      4. 11.2.4. Weighted Fair Queuing (WFQ)
        1. 11.2.4.1. Monitoring WFQ
    3. 11.3. Modern IOS QoS Tools
      1. 11.3.1. Network-Based Application Recognition (NBAR)
        1. 11.3.1.1. NBAR in action
        2. 11.3.1.2. NBAR protocol discovery
      2. 11.3.2. Modular QoS CLI (MQC)
        1. 11.3.2.1. Step One: Defining the class maps
        2. 11.3.2.2. Step Two: Defining the QoS policy
        3. 11.3.2.3. Step 3: Defining where to apply the service policy
      3. 11.3.3. Implementing Class-Based Weighted Fair Queuing with MQC
      4. 11.3.4. Low-Latency Queuing (LLQ)
    4. 11.4. Congestion Avoidance
      1. 11.4.1. Weighted Random Early Detection (WRED)
        1. 11.4.1.1. Configuring WRED on an interface
        2. 11.4.1.2. Using WRED instead of Tail-drop in CBWFQ
    5. 11.5. Traffic Policing
      1. 11.5.1. MQC Policing
      2. 11.5.2. Committed Access Rate (CAR)
        1. 11.5.2.1. Rate-limit example
    6. 11.6. Traffic Shaping
      1. 11.6.1. Traffic Shaping Example
      2. 11.6.2. Frame-Relay Shaping
    7. 11.7. AutoQoS
      1. 11.7.1. What Does AutoQoS Enable?
      2. 11.7.2. AutoQoS Command Usage
        1. 11.7.2.1. Command syntax
        2. 11.7.2.2. AutoQoS discovery
        3. 11.7.2.3. AutoQoS show command
    8. 11.8. QoS Device Manager
  13. 12. Dial-on-Demand Routing
    1. 12.1. Configuring a Simple DDR Connection
    2. 12.2. Sample Legacy DDR Configurations
      1. 12.2.1. DDR Backup Links
        1. 12.2.1.1. Backup interface commands
        2. 12.2.1.2. DDR bandwidth on demand with backup interface commands
        3. 12.2.1.3. DDR backup with floating static routes
      2. 12.2.2. Dialer Maps
        1. 12.2.2.1. The most basic form of this command
        2. 12.2.2.2. A more complicated use of dialer maps
    3. 12.3. Dialer Interfaces (Dialer Profiles)
      1. 12.3.1. Rotary Groups
      2. 12.3.2. Dialer Pools
    4. 12.4. Multilink PPP
    5. 12.5. Snapshot DDR
      1. 12.5.1. Useful show Commands
        1. 12.5.1.1. show dialer
        2. 12.5.1.2. show dialer map
        3. 12.5.1.3. show isdn active
        4. 12.5.1.4. show snapshot
  14. 13. Specialized Networking Topics
    1. 13.1. Bridging
      1. 13.1.1. Concurrent Routing and Bridging (CRB)
      2. 13.1.2. Integrated Routing and Bridging (IRB)
      3. 13.1.3. Bridging show Commands
        1. 13.1.3.1. show bridge
        2. 13.1.3.2. show bridge group
      4. 13.1.4. DLSw+
    2. 13.2. Hot Standby Routing Protocol (HSRP)
      1. 13.2.1. Tracking Another Interface
      2. 13.2.2. Naming Our HSRP Configuration
      3. 13.2.3. Multiple-Group Hot Standby Routing
      4. 13.2.4. Load Sharing with Hot Standby
      5. 13.2.5. HSRP show Commands
    3. 13.3. Network Address Translation (NAT)
      1. 13.3.1. Overloading NAT Address Space
        1. 13.3.1.1. Mapping incoming ports to different NAT addresses
      2. 13.3.2. NAT show Commands
      3. 13.3.3. Stateful NAT (SNAT)
        1. 13.3.3.1. Configuring SNAT with HSRP
        2. 13.3.3.2. Configuring SNAT without HSRP
    4. 13.4. Tunnels
      1. 13.4.1. show Commands for Tunnels
    5. 13.5. Encrypted Tunnels
      1. 13.5.1. Tunnel Encryption with DSS and DES
        1. 13.5.1.1. Generating keys
        2. 13.5.1.2. Configuring encryption on the tunnel
      2. 13.5.2. DES Tunnel show Commands
        1. 13.5.2.1. show crypto engine connections active
        2. 13.5.2.2. show crypto engine configuration
      3. 13.5.3. IPSec Tunneling
      4. 13.5.4. Dynamic Multipoint VPN
        1. 13.5.4.1. Configuring DMVPN
          1. 13.5.4.1.1. Configuring an IPSec profile
          2. 13.5.4.1.2. Configuring the hub for DMVPN
          3. 13.5.4.1.3. Configuring a spoke router for DMVPN
          4. 13.5.4.1.4. Verifying DMVPN configuration
    6. 13.6. Multicast Routing
      1. 13.6.1. IGMP
      2. 13.6.2. Reverse Path Forwarding
      3. 13.6.3. Dense Mode
        1. 13.6.3.1. Configuring multicast for dense mode
      4. 13.6.4. Sparse Mode
        1. 13.6.4.1. Configuring multicast for sparse mode
        2. 13.6.4.2. Auto-RP configuration and sparse-dense mode
        3. 13.6.4.3. BSR
      5. 13.6.5. Cisco Group Management Protocol (CGMP)
    7. 13.7. Multiprotocol Label Switching (MPLS)
      1. 13.7.1. MPLS Terminology
      2. 13.7.2. How Does It Work?
      3. 13.7.3. Configuring MPLS
        1. 13.7.3.1. Incrementally deploying MPLS
        2. 13.7.3.2. Verifying the MPLS configuration
      4. 13.7.4. MPLS VPN
  15. 14. Switches and VLANs
    1. 14.1. Switch Terminology
      1. 14.1.1. Layer-2 and Layer-3 Switching
      2. 14.1.2. Learning MAC Addresses
      3. 14.1.3. VLAN
      4. 14.1.4. Broadcast Domain
      5. 14.1.5. Collision Domain
      6. 14.1.6. Spanning Tree Protocol
        1. 14.1.6.1. Spanning Tree Port States
        2. 14.1.6.2. Bridge Protocol Data Units
        3. 14.1.6.3. STP selects the root bridge
        4. 14.1.6.4. Selecting a root port and a designated port
        5. 14.1.6.5. Convergence in STP
        6. 14.1.6.6. Speeding up STP convergence
        7. 14.1.6.7. show spanning-tree
    2. 14.2. IOS on Switches
    3. 14.3. Basic Switch Configuration
      1. 14.3.1. Configuring the Management Port (VLAN 1)
      2. 14.3.2. Simple Switch Configuration
      3. 14.3.3. Auto Detection
      4. 14.3.4. Sample VLAN Configuration
      5. 14.3.5. VLAN Interface Commands
    4. 14.4. Trunking
      1. 14.4.1. Restricting VLANs on a Trunk
      2. 14.4.2. Finishing Our Previous Network
      3. 14.4.3. Added Port Security
      4. 14.4.4. VLAN Trunking Protocol
      5. 14.4.5. VTP Modes
      6. 14.4.6. VLAN Database
      7. 14.4.7. Configuring VTP
        1. 14.4.7.1. Setting the VTP mode
        2. 14.4.7.2. Setting the VTP domain
        3. 14.4.7.3. Setting the VTP password
        4. 14.4.7.4. Creating a VLAN
        5. 14.4.7.5. Configuration example
      8. 14.4.8. Backing Up the VLAN Database
    5. 14.5. Switch Monitor Port for IDS or Sniffers
    6. 14.6. Troubleshooting Switches
  16. 15. Router Security
    1. 15.1. Securing Enable Mode Access
      1. 15.1.1. Setting the Enable Password
      2. 15.1.2. The More Secure enable secret Command
      3. 15.1.3. Privilege Levels for enable access
    2. 15.2. Routine Security Measures
      1. 15.2.1. Features to Disable
      2. 15.2.2. Features to Enable
        1. 15.2.2.1. Deny local IP addresses coming from outside
        2. 15.2.2.2. Use a warning banner
      3. 15.2.3. AutoSecure: Letting the Router Do the Work
    3. 15.3. Restricting Access to Your Router
      1. 15.3.1. Virtual Terminal Access
        1. 15.3.1.1. Protecting VTY with an access list
        2. 15.3.1.2. Allowing SSH connections to the router
        3. 15.3.1.3. Enabling SSH
      2. 15.3.2. Users and Authentication
        1. 15.3.2.1. Adding users with the user command
        2. 15.3.2.2. Using the AAA framework
        3. 15.3.2.3. User management with AAA
        4. 15.3.2.4. Restricting dial-in user access with AAA
  17. 16. Troubleshooting and Logging
    1. 16.1. ping
      1. 16.1.1. Ping the Broadcast Address
      2. 16.1.2. Extended ping
        1. 16.1.2.1. What can we test with the source address?
    2. 16.2. trace
    3. 16.3. Debugging
      1. 16.3.1. Using Debugging in Practice
        1. 16.3.1.1. The debug list command
    4. 16.4. Logging
      1. 16.4.1. Configuring Logging
      2. 16.4.2. Severity Levels
      3. 16.4.3. Buffering Logging and Debug Output
      4. 16.4.4. XML Output of Logging Messages
  18. 17. Quick Reference
    1. aaa accounting — global
    2. aaa accounting delay-start — global
    3. aaa accounting gigawords — global
    4. aaa accounting nested — global
    5. aaa accounting resource — global
    6. aaa accounting send stop-record authentication failure — global
    7. aaa accounting session-duration ntp-adjusted — global
    8. aaa accounting suppress null-username — global
    9. aaa accounting update — global
    10. aaa authentication attempts login — global
    11. aaa authentication banner — global
    12. aaa authentication enable default — global
    13. aaa authentication fail-message — global
    14. aaa authentication local-override — global
    15. aaa authentication login — global
    16. aaa authentication password-prompt — global
    17. aaa authentication ppp — global
    18. aaa authentication username-prompt — global
    19. aaa authorization — global
    20. aaa authorization config-commands — global
    21. aaa authorization reverse-access — global
    22. aaa authorization template — global
    23. aaa configuration route — global
    24. aaa group server radius — global
    25. aaa group server tacacs+ — global
    26. aaa new-model — global
    27. absolute-timeout — line
    28. access-class — line
    29. access-enable — command
    30. access-list — global
    31. access-list rate-limit — global
    32. access-template — command
    33. activation-character — line
    34. aggregate-address — router, BGP
    35. alias — global
    36. area authentication — router, OSPF
    37. area default-cost — router, OSPF
    38. area nssa — router, OSPF
    39. area-password — router, IS-IS
    40. area range — router, OSPF
    41. area stub — router, OSPF
    42. area virtual-link — router, OSPF
    43. arp (global) — global
    44. arp (interface) — interface
    45. arp timeout — interface
    46. async-bootp — global
    47. async default ip address — interface
    48. async default routing — interface
    49. async dynamic address — interface
    50. async dynamic routing — interface
    51. async mode — interface
    52. atm address — global
    53. atm arp-server — interface
    54. atm esi-address — interface
    55. atm lecs-address — interface
    56. atm lecs-address-default — global
    57. atm nsap-address — interface
    58. atm pvc — interface
    59. atm-vc — map-list
    60. autobaud — line
    61. autocommand — line
    62. autodetect encapsulation — interface
    63. autohangup — line
    64. auto discovery qos — QoS
    65. auto qos voip — interface
    66. auto secure — EXEC command
    67. autoselect — line
    68. auto-summary — router
    69. backup — interface
    70. bandwidth (interface) — interface
    71. bandwidth (policy-map) — policy-map
    72. banner exec — global
    73. banner incoming — global
    74. banner login — global
    75. banner motd — global
    76. bgp always-compare-med — router, BGP
    77. bgp bestpath as-path ignore — router, BGP
    78. bgp bestpath med-confed — router, BGP
    79. bgp bestpath missing-as-worst — router, BGP
    80. bgp client-to-client reflection — router, BGP
    81. bgp cluster-id — router, BGP
    82. bgp confederation identifier — router, BGP
    83. bgp confederation peers — router, BGP
    84. bgp dampening — global
    85. bgp default local-preference — router, BGP
    86. bgp default route-target filter — router, BGP
    87. bgp deterministic med — router, BGP
    88. bgp fast-external-fallover — router, BGP
    89. bgp log-neighbor-changes — router, BGP
    90. bgp-policy — interface
    91. bridge acquire — global
    92. bridge address — global
    93. bridge cmf — global
    94. bridge crb — global
    95. bridge forward-time — global
    96. bridge-group — interface
    97. bridge-group aging-time — global
    98. bridge-group circuit-group — interface
    99. bridge-group input-address-list — interface
    100. bridge-group input-lsap-list — interface
    101. bridge-group input-pattern — interface
    102. bridge-group input-type-list — interface
    103. bridge-group output-address-list — interface
    104. bridge-group output-lsap-list — interface
    105. bridge-group output-pattern — interface
    106. bridge-group output-type-list — interface
    107. bridge-group path-cost — interface
    108. bridge-group priority — interface
    109. bridge-group spanning-disabled — interface
    110. bridge hello-time — global
    111. bridge irb — global
    112. bridge max-age — global
    113. bridge multicast-source — global
    114. bridge priority — global
    115. bridge protocol — global
    116. bridge route — global
    117. busy-message — global
    118. cable helper-address — interface
    119. calendar set — command
    120. callback forced-wait — global
    121. cd — command
    122. cdp advertise-v2 — global
    123. cdp enable — interface
    124. cdp holdtime — global
    125. cdp run — global
    126. cdp timer — global
    127. channel-group (controller) — controller
    128. channel-group (interface) — interface
    129. chat-script — global
    130. class (frame-relay) — frame-relay
    131. class (MPLS) — CoS map, MPLS
    132. class (policy-map) — policy-map
    133. class-map — global
    134. clear — command
    135. client-atm-address name — LANE database
    136. clock calendar-valid — global
    137. clock rate — interface
    138. clock read-calendar — command
    139. clock set — command
    140. clock summer-time — global
    141. clock timezone — global
    142. clock update-calendar — command
    143. compress — interface
    144. config-register — global
    145. configure — command
    146. controller — global
    147. copy — command
    148. crc — interface
    149. custom-queue-list — interface
    150. databits — line
    151. data-character-bits — line
    152. dce-terminal-timing enable — interface
    153. debug — global
    154. default-information — router, EIGRP, IGRP
    155. default-information originate — router, BGP, OSPF
    156. default-metric — router
    157. default-name — LANE database
    158. delay — interface
    159. delete — command
    160. description — interface
    161. dialer aaa — interface
    162. dialer callback-secure — interface
    163. dialer callback-server — interface
    164. dialer caller — interface
    165. dialer dtr — interface
    166. dialer enable-timeout — interface
    167. dialer fast-idle — interface, map-class
    168. dialer-group — interface
    169. dialer hold-queue — interface
    170. dialer idle-timeout — interface, map-class
    171. dialer in-band — interface
    172. dialer isdn — map-class, dialer
    173. dialer-list — global
    174. dialer load-threshold — interface
    175. dialer map — interface
    176. dialer map snapshot — interface
    177. dialer max-link — interface
    178. dialer pool — interface
    179. dialer pool-member — interface
    180. dialer priority — interface
    181. dialer remote-name — interface
    182. dialer rotary-group — interface
    183. dialer rotor — interface
    184. dialer string — interface
    185. dialer wait-for-carrier-time — interface, map-class
    186. dialer watch-disable — interface
    187. dialer watch-group — interface
    188. dialer watch-list — global
    189. dir — command
    190. disable — command
    191. disconnect — command
    192. disconnect-character — line
    193. disconnect ssh — command
    194. dispatch-character — line
    195. distance — router
    196. distance bgp — router, BGP
    197. distance eigrp — router, EIGRP
    198. distribute-list in — router
    199. distribute-list out — router
    200. domain-password — router, IS-IS
    201. downward-compatible-config — global
    202. down-when-looped — interface
    203. drop — policy-map
    204. dte-invert-txc — interface
    205. early-token-release — interface
    206. editing — line
    207. eigrp log-neighbor-changes — router, EIGRP
    208. enable — command
    209. enable last-resort — global
    210. enable password — global
    211. enable secret — global
    212. enable use-tacacs — global
    213. encapsulation (ATM/MPLS) — ATM/MPLS
    214. encapsulation (interface) — interface
    215. end — any configuration mode
    216. erase — command
    217. escape-character — line
    218. exception core-file — global
    219. exception dump — global
    220. exception memory — global
    221. exception protocol — global
    222. exception spurious-interrupt — global
    223. exec — line
    224. exec-timeout — line
    225. exit — command
    226. fair-queue (policy-map class) — policy-map
    227. fair-queue (interface) — interface
    228. fair-queue aggregate-limit — interface
    229. fair-queue individual-limit — interface
    230. fair-queue limit — interface
    231. fair-queue qos-group — interface
    232. fair-queue tos — interface
    233. fair-queue weight — interface
    234. fddi burst-count — interface
    235. fddi c-min — interface
    236. fddi cmt-signal-bits — interface
    237. fddi duplicate-address-check — interface
    238. fddi encapsulate — interface
    239. fddi frames-per-token — interface
    240. fddi smt-frames — interface
    241. fddi tb-min — interface
    242. fddi tl-min-time — interface
    243. fddi token-rotation-time — interface
    244. fddi t-out — interface
    245. fddi valid-transmission-time — interface
    246. flowcontrol — line
    247. format — command
    248. frame-relay adaptive-shaping — map-class
    249. frame-relay [ bc | be] — map-class
    250. frame-relay becn-response-enable — map-class
    251. frame-relay broadcast-queue — interface
    252. frame-relay cir — map-class
    253. frame-relay class — interface
    254. frame-relay custom-queue-list — map-class
    255. frame-relay de-group — interface
    256. frame-relay de-list — global
    257. frame-relay idle-timer — map-class
    258. frame-relay interface-dlci — interface
    259. frame-relay intf-type — interface
    260. frame-relay inverse-arp — interface
    261. frame-relay ip rtp header-compression — interface
    262. frame-relay ip tcp header-compression — interface
    263. frame-relay lmi-type — interface
    264. frame-relay local-dlci — interface
    265. frame-relay map — interface
    266. frame-relay map bridge — interface
    267. frame-relay map clns — interface
    268. frame-relay map ip compress — interface
    269. frame-relay map ip rtp header-compression — interface
    270. frame-relay map ip tcp header-compression — interface
    271. frame-relay mincir — interface
    272. frame-relay multicast-dlci — interface
    273. frame-relay payload-compress packet-by-packet — interface
    274. frame-relay priority-dlci-group — interface
    275. frame-relay priority-group — interface
    276. frame-relay route — interface
    277. frame-relay svc — interface
    278. frame-relay switching — global
    279. frame-relay traffic-rate — map-class
    280. frame-relay traffic-shaping — interface
    281. fsck — command
    282. ftp-server enable — global
    283. ftp-server topdir — global
    284. full-duplex — interface
    285. full-help — line configuration
    286. group-range — interface
    287. half-duplex — interface
    288. half-duplex controlled-carrier — interface
    289. help — command
    290. history — global
    291. hold-character — line
    292. hold-queue — interface
    293. hostname — global
    294. hssi external-loop-request — interface
    295. hssi internal-clock — interface
    296. hub — global
    297. ignore-dcd — interface
    298. interface — global
    299. interface bvi — global
    300. interface dialer — global
    301. interface group-async — global
    302. ip access-group — interface
    303. ip access-list — global
    304. ip accounting — interface
    305. ip accounting-list — global
    306. ip accounting-threshold — global
    307. ip accounting-transits — global
    308. ip address — interface
    309. ip address negotiated — interface
    310. ip address-pool — global
    311. ip alias — global
    312. ip as-path access-list — global
    313. ip authentication — interface
    314. ip bandwidth-percent eigrp — interface, EIGRP
    315. ip bgp-community new-format — global
    316. ip bootp server — global
    317. ip broadcast-address — interface
    318. ip cef — global
    319. ip cef traffic-statistics — global
    320. ip cgmp — interface
    321. ip classless — global
    322. ip community-list — global
    323. ip default-gateway — global
    324. ip default-network — global
    325. ip dhcp-server — global
    326. ip directed-broadcast — interface
    327. ip domain-list — global
    328. ip domain-lookup — global
    329. ip domain-name — global
    330. ip dvmrp accept-filter — interface
    331. ip dvmrp auto-summary — interface
    332. ip dvmrp default-information — interface
    333. ip dvmrp metric — interface
    334. ip dvmrp metric-offset — interface
    335. ip dvmrp output-report-delay — interface
    336. ip dvmrp reject-non-pruners — interface
    337. ip dvmrp routehog-notification — global
    338. ip dvmrp route-limit — global
    339. ip dvmrp summary-address — interface
    340. ip dvmrp unicast-routing — interface
    341. ip forward-protocol — global
    342. ip ftp passive — global
    343. ip ftp password — global
    344. ip ftp source-interface — global
    345. ip ftp username — global
    346. ip hello-interval eigrp — interface
    347. ip helper-address — interface
    348. ip hold-time eigrp — interface
    349. ip host — global
    350. ip http — global
    351. ip identd — global
    352. ip igmp access-group — interface
    353. ip igmp explicit-tracking — interface
    354. ip igmp helper-address — interface
    355. ip igmp join-group — interface
    356. ip igmp query-interval — interface
    357. ip igmp query-max-response-time — interface
    358. ip igmp query-timeout — interface
    359. ip igmp static-group — interface
    360. ip igmp version — interface
    361. ip irdp — interface
    362. ip load-sharing — interface
    363. ip local policy route-map — global
    364. ip local pool — global
    365. ip mask-reply — interface
    366. ip mroute — global
    367. ip mroute-cache — interface
    368. ip mtu — interface
    369. ip multicast boundary — interface
    370. ip multicast cache-headers — global
    371. ip multicast helper-map — interface
    372. ip multicast rate-limit — interface
    373. ip multicast-routing — global
    374. ip multicast ttl-threshold — interface
    375. ip name-server — global
    376. ip nat — interface
    377. ip nat inside destination — global
    378. ip nat inside source — global
    379. ip nat outside source — global
    380. ip nat pool — global
    381. ip nat stateful id — global
    382. ip nat translation — global
    383. ip nbar pdlm — global
    384. ip nbar port-map — global
    385. ip nbar protocol-discovery — interface
    386. ip netmask-format — line
    387. ip nhrp authentication — interface
    388. ip nhrp holdtime — interface
    389. ip nhrp interest — interface
    390. ip nhrp map — interface
    391. ip nhrp map multicast — interface
    392. ip nhrp max-send — interface
    393. ip nhrp network-id — interface
    394. ip nhrp nhs — interface
    395. ip nhrp record — interface
    396. ip nhrp responder — interface
    397. ip nhrp server-only — interface
    398. ip nhrp trigger-svc — interface
    399. ip nhrp use — interface
    400. ip ospf authentication — interface
    401. ip ospf authentication-key — interface
    402. ip ospf cost — interface
    403. ip ospf dead-interval — interface
    404. ip ospf demand-circuit — interface
    405. ip ospf hello-interval — interface
    406. ip ospf message-digest-key — interface
    407. ip ospf name-lookup — global
    408. ip ospf network — interface
    409. ip ospf priority — interface
    410. ip ospf retransmit-interval — interface
    411. ip ospf transmit-delay — interface
    412. ip pim — interface
    413. ip pim accept-rp — global
    414. ip pim message-interval — global
    415. ip pim minimum-vc-rate — interface
    416. ip pim multipoint-signalling — interface
    417. ip pim nbma-mode — interface
    418. ip pim neighbor-filter — interface
    419. ip pim query-interval — interface
    420. ip pim rp-address — global
    421. ip pim rp-announce-filter — global
    422. ip pim send-rp-announce — global
    423. ip pim send-rp-discovery — global
    424. ip pim vc-count — interface
    425. ip pim version — interface
    426. ip policy-list — policy map mode
    427. ip policy route-map — interface
    428. ip proxy-arp — interface
    429. ip radius source-interface — global
    430. ip rarp-server — interface
    431. ip rcmd rcp-enable — global
    432. ip rcmd remote-host — global
    433. ip rcmd remote-username — global
    434. ip rcmd rsh-enable — global
    435. ip redirects — interface
    436. ip rip authentication — interface
    437. ip rip receive version — interface
    438. ip rip send version — interface
    439. ip rip triggered — interface
    440. ip rip v2-broadcast — interface
    441. ip route — global
    442. ip route-cache — interface
    443. ip route-cache policy — interface
    444. ip route priority high — router
    445. ip route profile — global
    446. ip router isis — interface
    447. ip routing — global
    448. ip rtp compression-connections — interface
    449. ip rtp header-compression — interface
    450. ip rtp priority — interface
    451. ip scp server enable — global
    452. ip source-route — global
    453. ip split-horizon — interface
    454. ip ssh — global
    455. ip subnet-zero — global
    456. ip summary-address eigrp — interface
    457. ip summary-address rip — interface
    458. ip tcp chunk-size — global
    459. ip tcp compression-connections — interface
    460. ip tcp header-compression — interface
    461. ip tcp mtu-path-discovery — interface
    462. ip tcp queuemax — global
    463. ip tcp synwait-time — global
    464. ip tcp window-size — global
    465. ip telnet source-interface — global
    466. ip tftp source-interface — global
    467. ip unnumbered — interface
    468. ip unreachables — interface
    469. isdn answer1, isdn answer2 — interface
    470. isdn autodetect — interface
    471. isdn bchan-number-order — interface
    472. isdn busy — interface
    473. isdn caller — interface
    474. isdn call interface — command
    475. isdn calling-number — interface
    476. isdn conference-code — interface
    477. isdn disconnect interface — command
    478. isdn fast-rollover-delay — interface
    479. isdn incoming-voice — interface
    480. isdn leased-line bri 128 — global
    481. isdn not-end-to-end — interface
    482. isdn nsf-service — interface
    483. isdn outgoing-voice — interface
    484. isdn overlap-receiving — interface
    485. isdn send-alerting — interface
    486. isdn sending-complete — interface
    487. isdn service — interface
    488. isdn spid1 (spid2) — interface
    489. isdn switch-type — global
    490. isdn tei — global
    491. isdn tei-negotiation — global, interface
    492. isdn transfer-code — interface
    493. isdn twait-disable — interface
    494. isdn voice-priority — interface
    495. isis advertise-prefix — interface
    496. isis authentication key-chain — interface
    497. isis authentication mode — interface
    498. isis authentication send-only — interface
    499. isis circuit-type — interface
    500. isis csnp-interval — interface
    501. isis hello-interval — interface
    502. isis hello-multiplier — interface
    503. isis lsp-interval — interface
    504. isis metric — interface
    505. isis password — interface
    506. isis priority — interface
    507. isis retransmit-interval — interface
    508. isis retransmit-throttle-interval — interface
    509. is-type — router
    510. keepalive — interface
    511. key — key chain configuration mode
    512. key chain — global
    513. key config-key — global
    514. key-string — key chain configuration mode
    515. lane auto-config-atm-address — interface
    516. lane bus-atm-address — interface
    517. lane client — interface
    518. lane client-atm-address — interface
    519. lane config-atm-address — interface
    520. lane config database — interface (major only; no subinterface)
    521. lane database — global
    522. lane fixed-config-atm-address — interface
    523. lane global-lecs-address — interface
    524. lane le-arp — interface
    525. lane server-atm-address — interface
    526. lane server-bus — interface
    527. line — global
    528. linecode — controller
    529. link-test — interface (hub)
    530. location — line
    531. logging — global
    532. logging buffered — global
    533. logging buffered xml — global
    534. logging console — global
    535. logging console xml — global
    536. logging count — global
    537. logging facility — global
    538. logging history — global
    539. logging history size — global
    540. logging host — global
    541. logging monitor — global
    542. logging on — global
    543. logging source-interface — global
    544. logging synchronous — line
    545. logging trap — global
    546. login — line
    547. login authentication — line
    548. logout-warning — line
    549. loopback — interface
    550. mac-address-table aging-time — global
    551. mac-address-table dynamic — global
    552. mac-address-table secure — global
    553. mac-address-table static — global
    554. map-class dialer — global
    555. map-class frame-relay — global
    556. map-group — interface
    557. map-list — global
    558. match access-group — class-map
    559. match any — class-map
    560. match as-path — route-map
    561. match class-map — class-map
    562. match community-list — route-map
    563. match cos — class-map
    564. match destination-address mac — class-map
    565. match discard-class — class-map
    566. match dscp — class-map
    567. match fr-dlci — class-map
    568. match input-interface — class-map
    569. match interface — route-map
    570. match ip address — route-map
    571. match ip dscp — class-map
    572. match ip next-hop — route-map
    573. match ip precedence — class-map
    574. match ip route-source — route-map
    575. match ip rtp — class-map
    576. match length — route-map
    577. match metric — route-map
    578. match mpls experimental — class-map
    579. match mpls-label — route-map
    580. match not — class-map
    581. match packet length — class-map
    582. match precedence — class-map
    583. match protocol — class-map
    584. match qos-group — class-map
    585. match route-type — route-map
    586. match source-address mac — class-map
    587. match tag — route-map
    588. maximum-paths — router
    589. max-reserved-bandwidth — interface
    590. media-type — interface
    591. member — interface
    592. menu — global
    593. menu command — global
    594. menu text — global
    595. menu title — global
    596. metric holddown — router, IGRP
    597. metric maximum-hops — router, IGRP, EIGRP
    598. metric weights — router
    599. mkdir — command
    600. modem
    601. monitor session — global
    602. more — EXEC
    603. motd-banner — line
    604. mpls atm control-vc — interface
    605. mpls atm cos — global
    606. mpls atm disable-headend-vc — global
    607. mpls atm multi-vc — ATM subinterface
    608. mpls atm vpi — interface
    609. mpls atm vp-tunnel — interface
    610. mpls cos-map — global
    611. mpls ip — interface, global
    612. mpls ip default-route — global
    613. mpls ip encapsulate explicit-null — interface
    614. mpls ip ttl-expiration pop — global
    615. mpls label protocol — global, interface
    616. mpls label range — global
    617. mpls mtu — interface
    618. mpls prefix-map — interface
    619. mpls request-labels for — global
    620. mrinfo — command
    621. mstat — command
    622. mtrace — command
    623. mtu — interface
    624. name elan-id — LANE database configuration (ATM)
    625. name local-seg-id — LANE database
    626. name preempt — LANE database configuration (ATM)
    627. name server-atm-address — LANE database
    628. neighbor — router
    629. neighbor advertisement-interval — router, BGP
    630. neighbor database-filter — router, OSPF
    631. neighbor default-originate — router, BGP
    632. neighbor description — router, BGP
    633. neighbor distribute-list — router, BGP
    634. neighbor filter-list — router, BGP
    635. neighbor maximum-prefix — router, BGP
    636. neighbor next-hop-self — router, BGP
    637. neighbor password — router, BGP
    638. neighbor peer-group — router, BGP
    639. neighbor prefix-list — router, BGP
    640. neighbor remote-as — router, BGP
    641. neighbor route-map — router, BGP
    642. neighbor route-reflector-client — router, BGP
    643. neighbor send-community — router, BGP
    644. neighbor send-label — router, BGP
    645. neighbor shutdown — router, BGP
    646. neighbor soft-reconfiguration inbound — router, BGP
    647. neighbor ttl-security — · BGP
    648. neighbor timers — router, BGP
    649. neighbor ttl-security — BGP
    650. neighbor update-source — router, BGP
    651. neighbor version — router, BGP
    652. neighbor weight — router, BGP
    653. net — router, IS-IS
    654. network — router
    655. network backdoor — router, BGP
    656. network weight — router, BGP
    657. nrzi-encoding — interface
    658. ntp access-group — global
    659. ntp authenticate — global
    660. ntp authentication-key — global
    661. ntp broadcast — interface
    662. ntp broadcast client — interface
    663. ntp broadcastdelay — global
    664. ntp disable — interface
    665. ntp master — global
    666. ntp peer — global
    667. ntp server — global
    668. ntp source — global
    669. ntp trusted-key — global
    670. ntp update-calendar — global
    671. offset-list — router
    672. ospf auto-cost reference-bandwidth — router
    673. ospf log-adj-changes — router
    674. output-delay — router
    675. padding — line
    676. parity — line
    677. passive-interface — router
    678. password — line
    679. peer default ip address — interface
    680. peer neighbor-route — interface
    681. physical-layer — interface
    682. ping — command
    683. police — policy-map
    684. policy-map — global
    685. ppp — command
    686. ppp authentication — interface
    687. ppp bridge ip — interface
    688. ppp chap — interface
    689. ppp compress — interface
    690. ppp multilink — interface
    691. ppp quality — interface
    692. ppp reliable-link — interface
    693. ppp use-tacacs — interface
    694. priority-group — interface
    695. priority-list — global
    696. privilege level (global) — global
    697. privilege level (line) — line
    698. prompt — global
    699. pulse-time — interface
    700. pvc — interface
    701. qos pre-classify — interface
    702. queue-limit — policy-map class
    703. queue-list — global
    704. radius-server — global
    705. random-detect — interface
    706. random-detect discard-class — policy-map
    707. random-detect discard-class-based — policy-map
    708. random-detect dscp — policy-map
    709. random-detect ecn — policy-map
    710. random-detect exponential-weighting-constant — interface
    711. random-detect flow — interface
    712. rate-limit — interface
    713. redistribute — router
    714. refuse-message — line
    715. reload — command
    716. rename — command
    717. ring-speed — interface
    718. rlogin — command
    719. rmdir — command
    720. route-map — global
    721. router — global
    722. rsh — command
    723. rxspeed — line
    724. send — command
    725. service — global
    726. service compress-config — global
    727. service linenumber — line
    728. service-module 56k — interface
    729. service-module t1 — interface
    730. service-policy (interface) — interface
    731. service-policy (policy-map) — policy-map
    732. service timestamps — global
    733. session-limit — line
    734. session-timeout — line
    735. set as-path — route-map
    736. set atm-clp — policy-map
    737. set automatic-tag — route-map
    738. set community — route-map
    739. set cos — policy-map
    740. set default interface — route-map
    741. set discard-class — policy-map
    742. set dscp — policy-map
    743. set fr-de — policy-map
    744. set interface — route-map
    745. set ip default next-hop — route-map
    746. set ip next-hop — route-map
    747. set ip precedence — route-map
    748. set ip tos — route-map
    749. set level — route-map
    750. set local-preference — route-map
    751. set metric — route-map
    752. set metric-type — route-map
    753. set metric-type internal — route-map
    754. set mpls-label — route-map
    755. set origin — route-map
    756. set ospf router-id — route-map
    757. set-overload-bit — router, IS-IS
    758. set precedence — policy-map
    759. set qos-group — policy-map
    760. set tag — route-map
    761. setup — command
    762. set weight — route-map
    763. shape — policy-map
    764. show — command
    765. shutdown — interface
    766. smt-queue-threshold — global
    767. snapshot — interface
    768. snmp-server — command
    769. snmp-server chassis-id — global
    770. snmp-server community — global
    771. snmp-server contact — global
    772. snmp-server enable traps — global
    773. snmp-server engine-id — global
    774. snmp-server group — global
    775. snmp-server host — global
    776. snmp-server location — global
    777. snmp-server packetsize — global
    778. snmp-server queue-length — global
    779. snmp-server system-shutdown — global
    780. snmp-server tftp-server-list — global
    781. snmp-server trap-source — global
    782. snmp-server trap-timeout — global
    783. snmp-server user — global
    784. snmp-server view — global
    785. snmp trap link-status — interface
    786. source-address — interface (hub)
    787. spanning-tree backbonefast — global
    788. spanning-tree cost — interface
    789. spanning-tree port-priority — interface
    790. spanning-tree vlan — global
    791. speed — line
    792. squeeze — command
    793. squelch — interface
    794. sscop cc-timer — interface
    795. sscop keepalive-timer — interface
    796. sscop max-cc — interface
    797. sscop poll-timer — interface
    798. sscop rcv-window — interface
    799. sscop send-window — interface
    800. standby authentication — interface
    801. standby ip — interface
    802. standby preempt — interface
    803. standby priority — interface
    804. standby timers — interface
    805. standby track — interface
    806. stopbits — line
    807. summary-address — router, OSPF, IS-IS, BGP
    808. synchronization — BGP
    809. table-map — router, BGP
    810. tacacs-server attempts — global
    811. tacacs-server authenticate — global
    812. tacacs-server directed-request — global
    813. tacacs-server extended — global
    814. tacacs-server host — global
    815. tacacs-server key — global
    816. tacacs-server last-resort — global
    817. tacacs-server notify — global
    818. tacacs-server optional-passwords — global
    819. tacacs-server retransmit — global
    820. tacacs-server timeout — global
    821. tag-switching — global
    822. terminal editing — command
    823. terminal escape-character — command
    824. terminal history — command
    825. terminal length — command
    826. terminal monitor — command
    827. tftp-server — global
    828. timers basic — router
    829. timers bgp — router, BGP
    830. timers spf — router
    831. trace, traceroute — command
    832. traffic-shape adaptive — interface
    833. traffic-shape fecn-adapt — interface
    834. traffic-shape group — interface
    835. traffic-shape rate — interface
    836. traffic-share — router, IGRP, EIGRP
    837. transport — line
    838. tunnel checksum — interface
    839. tunnel destination — interface
    840. tunnel key — interface
    841. tunnel mode — interface
    842. tunnel sequence-datagrams — interface
    843. tunnel source — interface
    844. txspeed — line
    845. undebug — command
    846. undelete — command
    847. username — global
    848. vacant-message — line
    849. validate-update-source — router
    850. variance — EIGRP, IGRP
    851. verify — command
    852. version — router (RIP)
    853. vlan — vlan config mode
    854. vlan database — EXEC
    855. vtp client — vlan configuration mode
    856. vtp domain — vlan configuration mode
    857. vtp password — vlan configuration mode
    858. vtp server — vlan configuration mode
    859. vtp transparent — vlan configuration mode
    860. vtp v2-mode — vlan configuration mode
    861. vty-async — global
    862. vty-async dynamic-routing — global
    863. vty-async header-compression — global
    864. vty-async keepalive — global
    865. vty-async mtu — global
    866. vty-async ppp authentication — global
    867. vty-async ppp use-tacacs — global
    868. width — line
    869. write — command
  19. A. Appendix: Network Basics
    1. A.1. IPv4 Subnetting
      1. A.1.1. Classless Inter-Domain Routing
        1. A.1.1.1. CIDR notation
      2. A.1.2. Subnet Math
        1. A.1.2.1. Subnet zero reminder
        2. A.1.2.2. Calculating a network address from a host address
        3. A.1.2.3. Calculating the broadcast address of a subnet
        4. A.1.2.4. Calculating available subnets
        5. A.1.2.5. Calculating the number of hosts per subnet
      3. A.1.3. More about Subnets
        1. A.1.3.1. Private address space
        2. A.1.3.2. Changing the way the router displays subnet information
        3. A.1.3.3. Variable Length Subnet Masks (VLSM)
    2. A.2. OSI Reference Model
      1. A.2.1. Application Layer
      2. A.2.2. Presentation Layer
      3. A.2.3. Session Layer
      4. A.2.4. Transport Layer
      5. A.2.5. Network Layer
      6. A.2.6. Data Link Layer
      7. A.2.7. Physical Layer
    3. A.3. IPv6
      1. A.3.1. IPv6 Notation
        1. A.3.1.1. Shorthand rule one
        2. A.3.1.2. Shorthand rule two
      2. A.3.2. Important IPv6 Addresses
      3. A.3.3. Enabling IPv6 on a Router
      4. A.3.4. Using an IPv6 Address in a URL
  20. 18. About the Author
  21. Index
  22. About the Author
  23. Colophon
  24. Copyright