The command 'show ip ospf interfaces' shows the summary information for OSPF interfaces. The information provided include autonomous system number, router id, designated router id, backup designated router id, hello time, and adjacent neighbors.

A point-to-point link uses only two IP addresses. Therefore, a subnet mask that makes available 2 host IP addresses is sufficient for use on serial links. 255.255.255.252 has 2 bits in the host portion, allowing only two usable host IP addresses (leaving out all zeros and all ones host addresses).

A single physical port on a router can support one or more VLANs by use of sub-interfaces. There is no need to have as many physical ports on a router as that of VLANs. Inter-VLAN communication can occur only if the router is configured with appropriate sub-interfaces. For example, if there are 4 VLANs (say, VLANs 100,200,300, and 400), in addition to VLAN 1 (management VLAN), 5 sub-interfaces have to be configured on the router interface connecting the switch.

A switch, participating in Spanning-Tree protocol, passes through the following states:
1. Blocked state: This is the initial state. All ports are put in a blocked state to prevent bridging loops.
2. Listen state: This is the second state of switch ports. Here all the ports are put in listen mode. The port can listen to frames but can't send. The period of time that a switch takes to listen is set by "fwd delay" .
3. Learn state: Learn state comes after Listen state. The only difference is that the port can add information that it has learned to its address table. The period of time that a switch takes to learn is set by "fwd delay".
4. Forward state: A port can send and receive data in this state. Before placing a port in forwarding state, Spanning-Tree Protocol ensures that there are no redundant paths or loops.
5. Disabled state: This is the state when the switch port is disabled. A switch port may be disabled due to administrative reasons or due to switch specific problems.

A vlan belongs to a specific network number. To move traffic from one vlan (one broadcast domain) to another vlan (another broadcast domain) a router is required.

A VTP advertisement necessarily consists of "Configuration revision number". Every time a VTP server updates its VLAN information, it increments the configuration revision number by one count. VTP clients use the revision number to enforce the VLAN configuration Update.

Access lists are  used for two purposes on a router:
1. Controlling traffic through a router, and
2. Controlling VTY access to a router’s VTY ports

All switches participating in STP exchange information with other switches in the network through messages known as Bridge Protocol Data Units (BDPUs). BDPUs are sent out at 2 second time intervals on every port.

All the following are possible solutions for preventing routing loops.
1. Split Horizon - based on the principle that it is not useful to send the information about a route back in the direction from which the information originally came.
2. Poison Reverse - A router that discovers an inaccessible route sets a table entry consistent state (infinite metric) while the network converges.
3. Hold-down Timers - Holddown timers prevent regular update messages from reinstating a route that has gone bad. Here, if a route fails, the router waits a certain amount of time before accepting any other routing information about that route.
4. Triggered Updates - Normally, new routing tables are sent to neighboring routers at regular intervals (IP RIP every 30 sec / and IPX RIP every 60 sec). A triggered update is an update sent immediately in response to some change in the routing table. Triggered updates along with Hold-down timers can be used effectively to counter routing loops.

An interface can be shut down by the administrator manually by issuing shutdown command. In such case, the command
show interfaces displays the status as 'administratively down'.

An Intrusion Prevention System (IPS) is a computer security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities.

Intrusion Detection Systems (IDS) detect unauthorized access attempts. There are basically two main types of IDS being used today: Network based (a packet monitor), and Host based (looking for instance at system logs for evidence of malicious or suspicious application activity in real time).
Both IPS and IDS are closely related, and IPS is considered as an extension of IDS.

An OSPF area is a collection of networks and routers that have the same area identification.

OSPF process identifier is locally significant. Two neighboring router interfaces can have same or different process ids. It is required to identify a unique instance of OSPF database.

At times it may be necessary to upgrade the IOS software. You cannot load the router from Flash, and upgrade the flash at the same time. You need to load from other sources such as tftp server or ROM. To load the image from ROM, there are two ways:
1. By using config-register 0X2101 command. This will enable the router to load the IOS from the ROM and Flash image is not used. This way we can load the upgrade to flash, and set back the configuration register to load from flash as usual after the upgrade is completed.
2. By adding the command BOOT SYSTEM ROM to the startup configuration file.

By default, there are no passwords in VTP informational updates, and any switch that has no VTP domain name can join the VTP domain when trunking is enabled. Also any switch that has the same VTP domain name will join and exchange VTP information. This could enable an unwanted switch in your network to manage the VLAN database on each of the switches. To prevent this from occurring, set a VTP password on the switches you want to exchange information.

Cisco router supports two types of Frame-Relay encapsulation:
1. Cisco: use if you are connecting to another Cisco router.
2. IETF: use if you are connecting to a non-Cisco router.

If you are connecting Cisco-only devices, Cisco encapsulation may be used. This is the default encapsulation type on Cisco routers. If you are connecting to hardware from other vendors, IETF encapsulation should be used.

Cisco switches can be managed out-of-band or In-band. Examples of Out-of-band management are:
1. Console 0
2. Auxiliary 0
Examples of in-band management are;
1. TFTP servers
2. Network management software like CiscoWorks,
3. Virtual terminal (vty) ports.

Cisco Visual Switch Manager (CVSM) is software that allows access to Cisco switches over the internet using a web browser, such as Internet Explorer or Netscape Navigator. You can monitor and configure the CVSM compatible switches over the network (remotely). The requirement is that the IP address, gateway and CVSM must be configured on the switch, so that it is accessible over the network using a web browser.

Congestion avoidance, Windowing, and Buffering are three types of flow control.

Convergence is the term used to describe the state at which all the internetworking devices, running specific routing protocol, are having the same information about the internetwork in their routing tables. The time it takes to arrive at common view of the internetwork is called Convergence Time.

copy running-config startup-config
-allows the running configuration file to be saved onto the startup configuration file on the switch. Make sure that you use this command whenever you have made any configuration changes to the switch. Otherwise, your configuration command are not permanently saved in the switch memory, and lost soon after power cycling the switch.
The command:
copy startup-config running-config
-allows startup configuration file to be copied into the current running configuration file.
copy running-config tftp:
-Copies the running configuration of a switch to a TFTP server. You will be prompted for the server address and destination filename.
copy tftp: startup-config
-This command is useful to restore the startup-config file incase the original is lost or corrupt. The command loads the startup-config file from a remote tftp server.

Debug commands are useful to observe the switch responses in real time. To disable a debug command use “no debug” command. Using “no debug all” or “undebug all” command can disable all currently running debug commands.

Previous        Next