Book 2 - Part 3 - IP Services
log message
A message generated by any computer, but including Cisco routers and switches, for which the device OS wants to notify the owner or administrator of the device about some event.
NTP client/server mode
A mode of operation with the Network Time Protocol (NTP) in which the device acts as both an NTP client, synchronizing its time with some servers, and as an NTP server, supplying time information to clients.
Network Time Protocol (NTP)
A protocol used to synchronize time-of-day clocks so that multiple devices use the same time of day, which allows log messages to be more easily matched based on their timestamps.
syslog server
A server application that collects syslog messages from many devices over the network, and provides a user interface so that IT administrators can view the log messages to troubleshoot problems.
interface loopback <number>
Global command that, at first use, creates a loopback interface. At all uses, it also moves the user into interface configuration mode for that interface.
ip nat pool <name> <start-ip> <end-ip> {netmask <netmask> | prefix-length <prefix-length>}
Global command to define a pool of NAT addresses.
[no] service sequence-numbers
Global command to enable or disable (with the 'no' option) the use of sequence numbers in log messages.
SNMP Trap
An unsolicited SNMP message generated by the managed device, and sent to the SNMP manager, to give information to the manager about some event or because a measurement threshold has been passed.
SNMP Inform
An unsolicited SNMP message like a Trap message, except that the protocol requires that the Inform message needs to be acknowledged by the SNMP manager.
NAT overload
Another term for Port Address Translation (PAT). One of several methods of configuring NAT, in this case translating TCP and UDP flows based on port numbers in addition to using one or only a few inside global addresses.
NTP server
Any device that uses Network Time Protocol (NTP) to help synchronize time-of-day clocks for other devices by telling other devices its current time.
private IP network
Any of the IPv4 Class A,B, or C networks as defined by RFC 1918, intended for use inside a company but not used as public IP networks.
Interactive Voice Guidelines
Delay (one-way): 150 ms or less Jitter: 30 ms or less Loss: 1% or less
ip ftp password <pass>
Global command to define the password used when referencing the ftp: IOS file system but not supplying a password.
ip ftp username <name>
Global command to define the username used when referencing the ftp: IOS file system but not supplying a username.
[no] lldp run
Global command to enable and disable (with the 'no' option) LLDP for the entire switch or router.
Port Address Translation
A NAT feature in which one inside global IP address supports over 60,000 concurrent TCP and UDP connections.
IOS file system
A file system created by a Cisco device that uses IOS.
IOS image
A file that contains the IOS.
Cisco supplies two 'ntp' configuration commands that dictate how NTP works on a router or switch, as follows:
'ntp master {<stratum-level>}': NTP server mode-the device acts only as an NTP server, and not as an NTP client. The device gets its time information from the internal clock on the device. 'ntp server {<address> | <hostname>}': NTP client/server mode-the device acts as both client and server. First, it acts as an NTP client, to synchronize time with a server. Once synchronized, the device can then act as an NTP server to supply time to other NTP clients.
FHRP makes the following happen:
1. All hosts act like they always have, with one default router setting that never has to change. 2. The default routers share a virtual IP address in the subnet, defined by the FHRP. 3. Hosts use the FHRP virtual IP address as their default router address. 4. The routers exchange FHRP protocol messages so that both agree as to which router does what work at any point in time. 5. When a router fails or has some other problem, the routers use the FHRP to choose which router takes over responsibilities from the failed router.
Gateway Load Balancing Protocol (GLBP)
A Cisco-proprietary protocol that allows two (or more) routers to share the duties of being the default router on a subnet, with an active/active model, with all routers actively forwarding off-subnet traffic for some hosts in the subnet.
Hot Standby Router Protocol (HSRP)
A Cisco-proprietary protocol that allows two (or more) routers to share the duties of being the default router on a subnet, with an active/standby model, with one router acting as the default router and the other sitting by waiting to take over that role if the first router fails.
HSRP active
A Hot Standby Router Protocol (HSRP) state in which the router actively supports the forwarding of off-subnet packets for hosts in that subnet.
HSRP standby
A Hot Standby Router Protocol (HSRP) state in which the router does not currently support the forwarding of off-subnet packets for hosts in that subnet, instead waiting for the currently active router to fail before taking over that role.
shaping
A QoS tool that monitors the bit rate of the messages exiting networking devices, so that if the bit rate exceeds the shaping rate for a period of time, the shaper can queue the packets, effectively slowing down the sending rate to match the shaping rate.
policing
A QoS tool that monitors the bit rate of the messages passing some point in the processing of a networking device, so that if the bit rate exceeds the policing rate for a period of time, the policer can discard excess packets to lower the rate.
FTP data connection
A TCP connection created by an FTP client and server for the purpose of transferring data.
FTP control connection
A TCP connection initiated by an FTP client to an FTP server for the purpose of sending FTP commands that direct the activities of the connection.
Virtual Router Redundancy Protocol (VRRP)
A TCP/IP RFC protocol that allows two (or more) routers to share the duties of being the default router on a subnet, with an active/standby model, with one router acting as the default router and the other sitting by waiting to take over that role if the first router fails.
First Hop Redundancy Protocol (FHRP)
A class of protocols that includes HSRP, VRRP, and GLBP, which allows multiple redundant routers on the same subnet to act as a single default router (first-hop router).
Differentiated Services Code Point (DSCP)
A field existing as the first 6 bits of the ToS byte, as defined by RFC 2474, which redefined the original IP RFC's definition for the IP header ToS byte. The field is used to mark a value in the header for the purpose of performing later QoS actions on the packet.
round robin
A queue scheduling algorithm in which the scheduling algorithm services one queue, then the next, then the next, and so on, working through the queues in sequence.
loss
A reference to packets in a network that are sent but do not reach the destination host.
SNMP community
A simple password mechanism in SNMP in which either the SNMP agent or manager defines a community string (password), and the other device must send that same password value in SNMP messages, or the messages are ignored. See also read-only community, read-write community, and notification community.
code integrity
A software security term that refers to how likely that the software (code) being used is the software supplied by the vendor, unchanged, with no viruses or other changes made to the software.
flash memory
A type of read/write permanent memory that retains its contents even with no power applied to the memory, and uses no moving parts, making the memory less likely to fail over time.
SNMPv2c
A variation of the second version of SNMP. SNMP Version 2 did not originally support communities; the term SNMPv2c refers to SNMP version 2 with support added for SNMP communities (which were part of SNMPv1).
FTP over TLS
An FTP standard defined by RFC 4217, also known as FTP Secure (FTPS), which adds a variety of security features to the somewhat insecure original FTP standard (RFC 957), including the addition of the encryption of all data as well as username/password information using Transport Layer Security (TLS).
Simple Network Management Protocol (SNMP)
An Internet standard protocol for managing devices on IP networks. It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention.
read-only community
An SNMP community (a value that acts as a password), defined on an SNMP agent, which then must be supplied by any SNMP manager that sends the agent any messages asking to learn the value of a variable (like SNMP Get and GetNext requests).
read-write community
An SNMP community (a value that acts as a password), defined on an SNMP agent, which then must be supplied by any SNMP manager that sends the agent any messages asking to set the value of a variable (like SNMP Set requests).
notification community
An SNMP community (a value that acts as a password), defined on an SNMP manager, which then must be supplied by any SNMP agent that sends the manager any unsolicited SNMP notifications (like SNMP Trap and Notify requests).
Differentiated Services (DiffServ)
An approach to QoS, originally defined in RFC 2475, that uses a model of applying QoS per classification, with planning of which applications and other traffic types are assigned to each class, with each class given different QoS per-hop behaviors at each networking device in the path.
Requirements for Video
Bandwidth: 384 Kbps to 20+ Mbps Delay (one-way): 200-400 ms Jitter: 30-50 ms Loss: 0.1%-1%
Types of TCP Connections that FTP uses:
Control Connection: Used to exchange FTP commands Data Connection: Used for sending and receiving data, both for file transfers and for output to display to a user
CDP discovers several useful details from the neighboring Cisco devices:
Device identifier: Typically the host name. Address list: Network and data-link addresses Port identifier: The interface on the remote router or switch on the other end of the link that sent the CDP advertisement Capabilities list: Information on what type of device it is (for example, a router or a switch) Platform: The model and OS level running on the device
show cdp | lldp traffic
Displays global statistics for the number of CDP or LLDP advertisements sent and received.
show ip nat translations [verbose]
Displays the NAT table
show cdp | lldp entry <name>
Displays the same information as 'show cdp|lldp neighbors detail' but only for the name neighbor.
copy <from-location> <to-location>
Enable mode EXEC command that copies files from one file location to another. Locations include the startup-config and running-config files, files on TFTP and RPC servers, and flash memory.
FTP
File Transfer Protocol. An application protocol, part of the TCP/IP protocol stack, used to transfer files between network nodes. FTP is defined in RFC 959.
virtual MAC address
For any FHRP protocol, a MAC address that the FHRP uses to receive frames from hosts.
virtual IP address
For any FHRP protocol, an IP address that the FHRP shares between multiple routers so that they appear as a single default router to hosts on that subnet.
boot system {tftp | ftp} <filename> [<ip-address>]
Global command that identifies an external server, protocol, and filename to use to load an IOS from an external server.
boot system flash [<flash-fs>:][<filename>]
Global command that identifies the location of an IOS image in flash memory.
Three FHRP Options: Acronym - Full Name - Origin - Redundancy Approach - Load Balancing Per ...
HSRP - Hot Standby Router Protocol - Cisco - active/standby - subnet VRRP Virtual Router Redundancy Protocol - RFC 5798 - active/standby - subnet GLBP - Gateway Load Balancing Protocol - Cisco - active/active - host
priority queue
In Cisco queuing systems, another term for a low latency queue (LLQ).
delay
In QoS, the amount of time it takes for a message to cross a network. Delay can refer to one-way delay (the time required for the message to be sent from the source host to the destination host) or two-way delay (the delay from the source to the destination host and then back again).
IP Precedence (IPP)
In the original definition of the IP header's Type of Service (ToS) byte, the first 3 bits of the ToS byte, used for marking IP packets for the purpose of applying QoS actions.
Key Features of Policing:
It measures the traffic rate over time for comparison to the configured policing rate. It allows for a burst of data after a period of inactivity. It is enabled on an interface, in either direction, but typically at ingress. It can discard excess messages but can also re-mark the message so that it is a candidate for more aggressive discard later in its journey.
sh ip nat statistics
Lists counters for packets and NAT table entries, as well as basic configuration information.
show cdp | lldp neighbors details
Lists one large set of information (approximately 15 lines) for every neighbor.
show cdp | lldp neighbors [<type> <number>]
Lists one summary line of information about each neighbor; optionally, lists neighbors off the listed interface.
show logging
Lists the current logging configuration and lists buffered log messages at the end.
dir <filesystem>: dir <filesystem>:<directory>
Lists the files in the referenced file system or file system directory.
show flash
Lists the names and size of the files in flash memory, and notes the amount of flash memory consumed and available.
show clock
Lists the time-of-day and the date per the local device.
SNMPv3 Features that Replace Communities
Message integrity: This mechanism, applied to all SNMPv3 messages, confirms whether or not each message has been changed during transit. Authentication: This optional feature adds authentication with both a username and password, with the password never sent as clear text. Instead, it uses a hashing method like many other modern authentication processes. Encryption (privacy): This optional feature encrypts the contents of SNMPv3 messages so that attackers who intercept the messages cannot read their contents.
SNMP Get
Message used by SNMP to read from variables in the MIB.
Some FTP actions:
Navigate directories: List the current directory, change the current directory to a new directory, go back to the home directory, all on both the server and client side of the connection. Add/remove directories: Create new directories and remove existing directories on both the client and server. List files: List files on both the client and server. File transfer: Get (client gets a copy of the file from the server), Put (client takes a file that exists on the client and puts a copy on the FTP server).
verify /md5 <filesystem>:<name> [<MD5-has>]
Performs an MD5 hash of the referenced file and displays the results. If listed, the command compares the MD5 hash in the command with the results of performing MD5 on the local file.
SNMP Set
SNMP message to set the value in variables of the MIB. These messages are the key to an administrator configuring the managed device using SNMP.
Key Features of Shapers:
Shapers measure the traffic rate over time for comparison to the configured shaping rate. Shapers allow for bursting after a period of inactivity. Shapers are enabled on an interface for egress (outgoing packets). Shapers slow down packets by queuing them and over time releasing them from the queue at the shaping rate. Shapers use queuing tools to create and schedule the shaping queues, which is very important for the same reasons discussed for output queuing.
Network Management System (NMS)
Software that manages the network, often using SNMP and other protocols.
SNMP agent
Software that resides on the managed device and processes the SNMP messages sent by the Network Management Station (NMS).
Process to upgrade an IOS image into flash memory:
Step 1. Obtain the IOS image from Cisco, usually by downloading the IOS image from Cisco.com using HTTP or FTP. Step 2. Place the IOS image someplace that the router can reach. Locations include TFTP or FTP servers in the network or a USB flash drive that is then inserted into the router. Step 3. Issue the 'copy' command from the router, copying the file into the flash memory that usually remains with the router on a permanent basis. (Routers usually cannot boot from the IOS image in a USB flash drive).
policing rate
The bit rate at which a policer compares the bit rate of packets passing through a policing function, for the purpose of taking a different action against packets that conform (are under) to the rate versus those that exceed (go over) the rate.
shaping rate
The bit rate at which a shaper compares the bit rate of packets passing through the shaping function, so that when the rate is exceeded, the shaper enables the queuing of packets, resulting in slowing the bit rate of the collective packets that pass through the shaper, so the rate of bits getting through the shaper does not exceed the shaping rate.
Management Information Base (MIB)
The data structures defined by SNMP to define a hierarchy (tree) structure with variables at the leaves of the tree, so that SNMP messages can reference the variables.
per-hop behavior (PHB)
The general term used to describe the set of QoS actions a device can apply to a message from the time it enters a networking device until the device forwards the message. PHBs include classification, marking, queuing, shaping, policing, and congestion avoidance.
Class of Service (CoS)
The informal term for the 3-bit field in the 802.IQ header intended for marking and classifying Ethernet frames for the purposes of applying QoS actions. Another term for Priority Code Point (PCP).
Quality of Service (QoS)
The performance of a message, or the messages sent by an application, in regard to the bandwidth, delay, jitter, or loss characteristics experienced by the message(s).
queuing
The process by which networking devices hold packets in memory while waiting on some constrained resource; for example, when waiting for the outgoing interface to become available when too many packets arrive in a short period of time.
marking
The process of changing one of a small set of fields in various network protocol headers, including the IP header's DSCP field, for the purpose of later classifying a message based on that marked value.
classification
The process of examining various fields in networking messages in an effort to identify which messages fit into certain predetermined groups (classes).
bandwidth
The speed at which bits can be sent and received over a link.
SNMPv3
The third version of SNMP, with the notable addition of several security features as compared to SNMPv2c, specifically message integrity, authentication, and encryption.
jitter
The variation in delay experienced by successive packets in a single application flow.
TFTP
Trivial File Transfer Protocol. An application protocol that allows files to be transferred from one computer to another over a network, but with only a few features, making the software require little storage space.
SNMP manager
Typically a Network Management System (NMS), with this term specifically referring to the use of SNMP and the typical role of the manager, which retrieves status information with SNMP Get requests, sets variables with the SNMP Set requests, and receives unsolicited notifications from SNMP agents by listening for SNMP Trap and Notify messages.
outside global
With source NAT, the one address used by the host that resides outside the enterprise, which NAT does not change, so there is no need for a contrasting term.
An FTP client connects to an FTP server using active mode and retrieves a copy of a file from the server. Which of the answers describes a TCP connection initiated by the FTP client? a. The FTP control connection b. The FTP data connection c. The FTP TLS connection d. None of the other answers are correct.
a. The FTP control connection
Which of the following attributes do QoS tools manage? (Choose three answers.) a. Bandwidth b. Delay c. Load d. MTU e. Loss
a. Bandwidth b. Delay e. Loss
Which of the following are available methods of classifying packets in DiffServ on Cisco routers? (Choose three answers.) a. Matching the IP DSCP field b. Matching the 802.1p CoS field c. Matching fields with an extended IP ACL d. Matching the SNMP Location variable
a. Matching the IP DSCP field b. Matching the 802.1p CoS field c. Matching fields with an extended IP ACL
Examine the following configuration commands: interface Ethernet0/0 ip address 10.1.1.1 255.255.255.0 ip nat inside interface Serial0/0 ip address 200.1.1.249 255.255.255.252 ip nat inside source list 1 interface Serial0/0 access-list 1 permit 10.1.1.0 0.0.0.255 If the configuration is intended to enable source NAT overload, which of the following command could be useful to complete the configuration? (Choose two answers.) a. The 'ip nat outside' command b. The 'ip nat pat' command c. The 'overload' keyword d. The 'ip nat pool' command
a. The 'ip nat outside' command c. The 'overload' keyword
Which of the following SNMP messages are typically sent by an SNMP agent? a. Trap b. Get Request c. Inform d. Set Request
a. Trap c. Inform
Which of the following functions are supported by FTP but not by TFTP? (Choose two answers.) a. Transferring files from client to server b. Changing the current directory on the server c. Transferring files from server to client d. Listing directory contents of a server's directory
b. Changing the current directory on the server d. Listing directory contents of a server's directory
A Network Management Station (NMS) is using SNMP to manage some Cisco routers and switches with SNMPv2c. Which of the following answers most accurately describes how the SNMP agent on a router authenticates any SNMP Get requests received from the NMS? a. Using a username and hashed version of a password b. Using either the read-write or read-only community string c. Using only the read-write community string d. Using only the read-only community string
b. Using either the read-write or read-only community string
R1 and R2 attach to the same Ethernet VLAN, with subnet 10.1.19.0/25, with addresses 10.1.19.1 and 10.1.19.2, respectively, configured with the 'ip address' interface subcommand. The routers use HSRP. The network engineer prefers to have R1 be the default router when both R1 and R2 are up. Which of the following is the likely default router setting for hosts in this subnet? a. 10.1.19.1 b. 10.1.19.2 c. Another IP address in subnet 10.1.19.0/25 other than 10.1.19.1 and 10.1.19.2 d. A host name that the FHRP mini-DNS will initially point to 10.1.19.1
c. Another IP address is subnet 10.1.19.0/25 other than 10.1.19.1 and 10.1.19.2
R1 and R2 attach to the same Ethernet VLAN, with subnet 10.1.19.0/25, with addresses 10.1.19.1 and 10.1.19.2, respectively, configured with the 'ip address' interface subcommand. The routers use an FHRP. Host A and host B attach to the same LAN and have correct default router settings per the FHRP configuration. Which of the following statements is true for this LAN? a. The design breaks IPv4 addressing rules because two routers cannot connect to the same LAN subnet. b. If one router fails, neither host can send packets off-subnet. c. If one router fails, both hosts will use the one remaining router as a default router. d. If one router fails, only one of the two hosts will still be able to send packets off-subnet.
c. If one router fails, both hosts will use the one remaining router as default router.
R1 and R2 attach to the same Ethernet VLAN, with subnet 10.1.19.0/25, with addresses 10.1.19.1 and 10.1.19.2, respectively, configured with the 'ip address' interface subcommand. Host A refers to 10.1.19.1 as its default router, and host B refers to 10.1.19.2 as its default router. The routers do not use an FHRP. Which of the following is a problem for this LAN? a. The design breaks IPv4 addressing rules, because two routers cannot connect to the same LAN subnet. b. If one router fails, neither host can send packets off subnet. c. If one router fails, both hosts will use the one remaining router as a default router. d. If one router fails, the host that uses that router as a default router cannot send packets off-subnet.
d. If one router fails, the host that uses that router as a default router cannot send packets off-subnet.
The three LLDP configuration commands are as follows:
'[no] lldp run': A global configuration command that sets the default mode of LLDP operation for any interface that does not have more specific LLDP subcommands ('lldp transmit', 'lldp receive'). The ''lldp run' global command enables LLDP in both directions on those interfaces, while 'no lldp run' disables LLDP. '[no] lldp transmit': An interface subcommand that defines the operation of LLDP on the interface regardless of the global '[no] lldp run' command. The 'lldp transmit' interface subcommand causes the device to transmit LLDP messages, while 'no lldp transmit' causes it to not transmit LLDP messages. '[no] lldp receive': An interface subcommand that defines the operation of LLDP on the interface regardless of the global '[no] lldp run' command. The 'lldp receive' interface subcommand causes the device to process received LLDP messages, while 'no lddp receive' causes it to not process received LLDP messages.
'show cdp' Commands That List Information About Neighbors: Command - Description
'show cdp neighbors [<type> <number>]' - Lists one summary line of information about each neighbor or just the neighbor found on a specific interface if an interface was listed. 'show cdp neighbors detail' - Lists one large set (approximately 15 lines) of information, one set for every neighbor. 'show cdp entry <name>' - Lists the same information as the 'show cdp neighbors detail' command, but only for the named neighbor (case sensitive).
Basic question that Shaping and Policing ask:
1. Does this next packet push the measured rate past the configured shaping rate or policing rate? 2. If no: a. Let the packet keep moving through the normal path and do nothing extra to the packet. 3. If yes: a. If shaping, delay the message by queuing it. b. If policing, either discard the message or mark it differently.
Prioritization Strategy for Data, Voice, and Video
1. Use a round-robin queuing method like CBWFQ for data classes and for noninteractive voice and video. 2. If faced with too little bandwidth compared to the typical amount of traffic, give data classes that support business-critical applications much more guaranteed bandwidth than is given to less important data classes. 3. Use a priority queue with LLQ scheduling for interactive voice and video, to achieve low delay, jitter, and loss. 4. Put voice in a separate queue from video so that the policing function applies separately to each. 5. Define enough bandwidth for each priority queue so that the built-in policer should not discard any messages from the priority queues. 6. Use Call Admission Control (CAC) tools to avoid adding too much voice or video to the network, which would trigger the policer function.
RFC 1918 Private Address Space: Range of IP addresses - Network(s) - Class of Networks - Number of Networks
10.0.0.0 to 10.255.255.255 - 10.0.0.0 - A - 1 172.16.0.0 to 172.31.255.255 - 172.16.00-172.31.0.0 - B - 16 192.168.0.0 to 192.168.255.255 - 192.168.0.0-192.168.255.0 - C - 256
NTP client
Any device that attempts to use the Network Time Protocol (NTP) to synchronize its time by adjusting the local device's time based on NTP messages received from a server.
Characteristics of Network Traffic:
Bandwidth Delay Jitter Loss
CDP
Cisco Discovery Protocol. A media- and protocol-independent device-discover protocol that runs on most Cisco-manufactured equipment, including routers, access servers, and switches. Using CDP, a device can advertise its existence to other devices and receive information about other devices on the same LAN or on the remote side of a WAN.
CIDR
Classles interdomain route. An RFC-standard tool for global IP address range assignment. CIDR reduces the size of Internet routers' IP routing tables, helping deal with the rapid growth of the Internet. The term classless refers to the fact that the summarized groups of networks represent a group of addresses that do no conform to IPv4 classful (Class A, B, and C) grouping rules.
clear ip nat translation {* | [inside <global-ip> <local-ip>] [outside <local-ip> <global-ip>]}
Clears all or some of the dynamic entries in the NAT table, depending on which parameters are used.
clear ip nat translation <protocol> inside <global-ip> <global-port> <local-ip> <local-port> [outside <local-ip> <global-ip>]
Clears some of the dynamic entries in the NAT table, depending on which parameters are used.
How to Configure Logging Message Levels for Each Log Service: Service - To Enable Logging - To set Message Levels
Console - 'logging console' - 'logging console <level-name> | <level-number>' Monitor - 'logging monitor' - 'logging monitor <level-name> | <level-number>' Buffered - 'logging buffered' - 'logging buffered <level-name> | <level-number>' Syslog - 'logging host <address> | <hostname>' - 'logging trap <level-name> | <level-number>'
[no] debug {<various>}
EXEC command to enable or disable (with the 'no' option) one of a multitude of debug options.
Syslog Message Severity Levels by Keyword and Numeral: Keyword - Numeral - Description
Emergency - 0 - System unusable Alert - 1 - Immediate action required Critical - 2 - Critical Event (Highest of 3) Error - 3 - Error Event (Middle of 3) Warning - 4 - Warning Event (Lowest of 3) Notification 5 - Normal, More Important Informational - 6 - Normal, Less Important Debug - 7 - Requested by User Debug
terminal monitor no terminal monitor
For a user (SSH or Telnet) session, toggles on ('terminal monitor') or off ('terminal no monitor') the receipt of log messages, for that one session, if 'logging monitor' is also configured.
inside local
For packets sent to and from a host that resides inside the trusted part of a network that uses NAT, a term referring to the IP address used in the headers of those packets when those packets traverse the enterprise (private) part of the network.
inside global
For packets sent to and from a host that resides inside the trusted part of a network that uses NAT, a term referring to the IP address used in the headers of those packets when those packets traverse the global (public) Internet.
cdp holdtime <seconds>
Global command that changes how long CDP waits since the last received message from a neighbor before believing the neighbor has failed, removing the neighbor's information from the CDP table.
lldp holdtime <seconds>
Global command that changes how long LLDP waits since the last received message from a neighbor before believing the neighbor has failed, removing the neighbor's information from the LLDP table.
cdp timer <seconds>
Global command that changes the CDP send timer (the frequency at which CDP sends messages).
lldp timer <seconds>
Global command that changes the LLDP send timer (the frequency at which LLDP sends messages).
ntp server <address> | <hostname>
Global command that configures the device as an NTP client by referring to the address or name of an NTP server.
ntp master <stratum-level>
Global command that configures the device as an NTP server and assigns its local clock stratum level.
[no] logging buffered
Global command that enables (or disables with the 'no' option) logging to an internal buffer.
[no] logging console
Global command that enables (or disables with the 'no' option) logging to the console device.
[no] logging monitor
Global command that enables (or disables with the 'no' option) logging to users connected to the device with SSH or Telnet.
ip nat inside source {list {<access-list-number> | <access-list-name>}} {interface <type> <number | pool <pool-name>} [overload]
Global command that enables NAT globally, referencing the ACL that defines which source address to NAT, and the interface or pool from which to find global addresses.
[no] cdp run
Global command that enables and disables (with the 'no' option) CDP for the entire switch or router.
logging [host] <ip-address> | <hostname>
Global command that enables logging to a syslog server.
ip nat inside source <inside-local> <inside-global>
Global command that lists the inside and outside address (or, an outside interface whose IP address should be used) to be paired and added to the NAT translation table.
clock summertime <name> recurring
Global command that names a daylight savings time for a timezone and tells IOS to adjust the clock automatically.
clock timezone <name> <+-><number>
Global command that names a timezone and defines the +/- offset versus UTC.
logging buffered <level-name> | <level-number>
Global command that sets the log message level for buffered log messages displayed later by the 'show logging' command.
logging console <level-name> | <level-number>
Global command that sets the log message level for console log messages.
logging monitor <level-name> | <level-number>
Global command that sets the log message level for log messages sent to SSH and Telnet users.
logging trap <level-name> | <level-number>
Global command that sets the log message level for messages sent to syslog servers.
ntp source <name>/<number>
Global command that tells NTP to use the listed interface (by name/number) for the source IP address for NTP messages.
NAT Addressing Terms: Term - Values in Figures - Meaning
Inside local - 10.1.1.1 - Inside: Refers to the permanent location of the host, from the enterprise's perspective: it is inside the enterprise. Local: Means not global; that is, local. It is the address used for that host while the packet flows in the local enterprise rather than the global Internet Alternative: Think of it as inside private, because this address is typically a private address. Inside global - 200.1.1.1 - Inside: refers to the permanent location of the host, from the enterprise's perspective. Global: Means global as in the global Internet. It is the address used for that host while the packet flows in the Internet. Alternative: Think of it as inside public, because the address is typically a public IPv4 address. Outside global - 170.1.1.1 - With source NAT, the one address used by the host that resides outside the enterprise, which NAT does not change, so there is no need for a contrasting term. Alternative: Think of it as outside public, because the address is typically a public IPv4 address. Outside local - - - This term is not used with source NAT. with destination NAT, the address would represent a host that resides outside the enterprise, but the address used to represent that host as packets pass through the local enterprise.
ip nat {inside | outside}
Interface subcommand to enable NAT and identify whether the interface is in the inside or outside of the network.
[no] cdp enable
Interface subcommand to enable and disable (with the 'no' option) CDP for a particular interface.
[no] lldp receive
Interface subcommand to enable and disable (with the 'no' option) the processing of received LLDP messages on the interface.
[no] lldp transmit
Interface subcommand to enable and disable (with the 'no' option) the transmission of LLDP messages on the interface.
debug ip nat
Issues a log message describing each packet whose IP address is translated with NAT.
The LLDP output differs from CDP in a few important ways:
LLDP uses B as the capability code for switching, referring to bridge, a term for the device type that existed before switches that performed the same basic functions. LLDP does not identify IGMP as a capability, while CDP does (I). CDP lists the neighbor's platform, a code that defines the device type, while LLDP does not. LLDP lists capabilities with different conventions
LLDP
Link Layer Discovery Protocol. An IEEE standard protocol (IEEE 802.1AB) that defines messages, encapsulated directly in Ethernet frames so they do not rely on a working IPv4 or IPv6 network, for the purpose of giving devices a means of announcing basic device information to other devices on the LAN. It is a standardized protocol similar to Cisco Discovery Protocol (CDP).
show ntp associations
Shows all NTP clients and servers with which the local device is attempting to synchronize with NTP.
show ntp status
Shows current NTP client in detail.
show interfaces loopback <number>
Shows the current status of the listed loopback interface.
show cdp | lldp interface [<type> <number>]
States whether CDP or LDP is enabled on each interface or a single interface if the interface is listed.
show cdp | lldp
States whether CDP or LLDP is enabled globally and lists the default update and holdtime timers.
NAT Overload (PAT) Configuration
Step 1. As with dynamic and static NAT, configure the 'ip nat inside' interface subcommand to identify inside interfaces. Step 2. As with dynamic and static NAT, configure the 'ip nat outside' interface subcommand to identify outside interfaces. Step 3. As with dynamic NAT, configure an ACL that matches the packets entering inside interfaces. Step 4. Configure the 'ip nat inside source list <acl-number> interface <type>/<number> overload' global configuration command, referring to the ACL created in step 3 and to the interface whose IP address will be used for translation.
Dynamic NAT Configuration
Step 1. Use the 'ip nat inside' command in interface configuration mode to configure interfaces to be in the inside part of the NAT design (just like with static NAT). Step 2. Use the 'ip nat outside' command in interface configuration mode to configure interfaces to be in the outside part of the NAT design (just like with static NAT). Step 3. Configure an ACL that matches the packets entering inside interfaces for which NAT should be performed. Step 4. Use the 'ip nat pool <name> <first-address> <last-address> netmask <subnet-mask>' command in global configuration mode to configure the pool of public registered IP addresses. Step 5. Use the 'ip nat inside source list <acl-number> pool <pool-name>' command in global configuration mode to enable dynamic NAT. Note the command references the ACL (step 3) and pool (step 4) per previous steps.
Static NAT Configuration
Step 1. Use the 'ip nat inside' command in interface configuration mode to configure interfaces to be in the inside part of the NAT design. Step 2. Use the 'ip nat outside' command in interface configuration mode to configure interfaces to be in the outside part of the NAT design. Step 3. Use the 'ip nat inside source static <inside-local> <inside-global>' command in global configuration mode to configure the static mappings.
NTP syncronization
The process with the Network Time Protocol (NTP) by which different devices send messages, exchanging the devices' current time-of-day clock information and other data, so that some devices adjust their clocks to the point that the time-of-day clocks list the same time (often accurate to at least the same second).
A loopback interface can be assigned an IP address, routing protocols can advertise about the subnet, and you can ping/traceroute to that address. It acts like other physical interfaces in many ways, but once configured, it remains in an up/up state as long as:
The router remains up. You do not issue a 'shutdown' command on that loopback interface.
source NAT
The type of Network Address Translation (NAT) used most commonly in networks (as compared to destination NAT), in which the source IP address of packets entering an inside interface is translated.
Which of the following is accurate about the NTP client function on a Cisco router? a. The client synchronizes its time-of-day clock based on the NTP server. b. It counts CPU cycles of the local router CPU to more accurately keep time. c. The client synchronizes its serial line clock rate based on the NTP server. d. The client must be connected to the same subnet as an NTP server.
a. The client synchronizes its time-of-day clock based on the NTP server.
With dynamic NAT, performing translation for inside addresses only, what causes NAT table entries to be created? a. The first packet from the inside network to the outside network. b. The first packet from the outside network to the inside network. c. Configuration using the 'ip nat inside source' command. d. Configuration using the 'ip nat outside source' command.
a. The first packet from the inside network to the outside network.
Think about a policing function that is currently working, and also think about a shaping function that is also currently working. That is, the current bit rate of traffic exceeds the respective policing and shaping rates. Which statements are true about these features? (Choose two answers.) a. The policer may or may not be discarding packets. b. The policer is definitely discarding packets. c. The shaper may or may not be queuing packets to slow down the sending rate. d. The shaper is definitely queuing packets to slow down the sending rate.
a. The policer may or may not be discarding packets. d. The shaper is definitely queueing packets to slow down the sending rate.
NAT has been configured to translate source address of packets for the inside part of the network, but only for some hosts as identified by an access control list. Which of the following command indirectly identifies the hosts? a. ip nat inside source list 1 pool barney b. ip nat pool barney 200.1.1.1 200.1.1.254 netmask 255.255.255.0 c. ip nat inside d. ip nat inside 200.1.1.1 200.1.1.2
a. ip nat inside source list 1 pool barney
Which of the following are not private addresses according to RFC 1918? (Choose two answers.) a. 172.31.1.1 b. 172.33.1.1 c. 10.255.1.1 d. 10.1.255.1 e. 191.168.1.1
b. 172.33.1.1 e. 191.168.1.1
Which of the following QoS marking fields could remain with a packet while being sent through four different routers, over different LAN and WAN links? (Choose two answers.) a. CoS b. IPP c. DSCP d. MPLS EXP
b. IPP c. DSCP
Which of the following behaviors are applied to a low latency queue in a Cisco router or switch? (Choose two answers.) a. Shaping b. Policing c. Priority scheduling d. Round-robin scheduling
b. Policing c. Priority scheduling
Examine the following 'show' command output on a router configured for dynamic NAT: -- Inside Source access-list 1 pool fred refcount 2288 pool fred: netmask 255.255.255.240 start 200.1.1.1 end 200.1.1.7 type generic, total addresses 7, allocated 7 (100%), misses 965 Users are complaining about not being able to reach the Internet. Which of the following is the most likely cause? a. The problem is not related to NAT, based on the information in the command output. b. The NAT pool does not have enough entries to satisfy all requests. c. Standard ACL 1 cannot be used; an extended ACL must be used. d. The command output does not supply enough information to identify the problem.
b. The NAT pool does not have enough entries to satisfy all requests.
The only NTP configuration on router R1 is the 'ntp server 10.1.1.1' command. Which answers describe how NTP works on the router? a. As an NTP server only. b. As an NTP client only. c. As an NTP server only after the NTP client synchronizes with NTP server 10.1.1.1 d. As an NTP server regardless of whether the NTP client synchronizes with NTP server 10.1.1.1
c. As an NTP server only after the NTP client synchronizes with NTP server 10.1.1.1
With static NAT, performing translation for inside addresses only, what causes NAT table entries to be created? a. The first packet from the inside network to the outside network b. The first packet from the outside network to the inside network c. Configuration using the 'ip nat inside source' command d. Configuration using the 'ip nat outside source' command
c. Configuration using the 'ip nat inside source' command
A queuing system has three queues serviced with round-robin scheduling and one low latency queue that holds all voice traffic. Round-robin queue 1 holds predominantly UDP traffic, while round-robin queues 2 and 3 hold predominantly TCP traffic. The packets in each queue happen to have a variety of DSCP markings per the QoS design. In which queues would it make sense to use a congestion avoidance (drop management) tool? (Choose two answers.) a. The LLQ b. Queue 1 c. Queue 2 d. Queue 3
c. Queue 2 d. Queue 3
What command limits the messages sent to a syslog server to levels 4 through 0? a. logging trap 0-4 b. logging trap 0,1,2,3,4 c. logging trap 4 d. logging trap through 4
c. logging trap 4
Which of the following summarized subnets represent routes that could have been created for CIDR's goal to reduce the size of Internet routing tables? a. 10.0.0.0 525.255.255.0 b. 10.1.0.0 255.255.0.0 c. 200.1.1.0 255.255.255.0 d. 200.1.0.0 255.255.0.0
d. 200.1.0.0 255.255.0.0
What level of logging to the console is the default for a Cisco device? a. Informational b. Errors c. Warnings d. Debugging
d. Debugging
Image that a switch connects through an Ethernet cable to a router, and the router's host name is Hannah. Which of the following commands could tell you information about the IOS version on Hannah without establishing a Telnet connection to Hannah? (Choose two answers.) a. show neighbors Hannah b. show cdp c. show cdp neighbors d. show cdp neighbors Hannah e. show cdp entry Hannah f. show cdp neighbors detail
e. show cdp entry Hannah f. show cdp neighbors detail
A switch is cabled to a router whose host name is Hannah. Which of the following LLDP commands could identify Hannah's model of hardware? (Choose two answers.) a. show neighbors b. show neighbors Hannah c. show lldp d. show lldp interface e show lldp neighbors f. show lldp entry Hannah
e. show lldp neighbors f. show lldp entry Hannah