Cart

CCNP and CCIE Enterprise Core & CCNP Enterprise Advanced Routing Portable Command Guide: All ENCOR (350-401) and ENARSI (300-410) Commands in One Compact, Portable Resource, 1st edition

BRAND: PEARSON

Publisher:Cisco Press
Author: Patrick Gargano; Scott Empson
Edition: (March 26, 2020) © 2020
eBook ISBN:9780135768273
Print ISBN: 9780135768167
Type: 1 Year Subscription. Dành cho Cá nhân 

eBook edition. 1 Year Subscription. Dành cho Cá nhân  |  Trường ĐH, Nhóm, Thư Viện: Gọi 0915920514 để báo giá Pearson, Vital Source eBook hoặc mua Sách In  

Số lượng:
Tổng tiền:
Giá có thể thay đổi bất kỳ khi nào.
Thời hạn giao hàng: 03 ngày làm việc với sách eBook và 30 ngày với sách In. Gọi để được Tư vấn Giáo Trình.

Mô tả sản phẩm


Sử dụng tài nguyên tham khảo nhanh được cập nhật đầy đủ này để giúp ghi nhớ các lệnh và khái niệm khi bạn đạt được chứng chỉ CCNP hoặc CCIE. Chứa đầy thông tin có giá trị, dễ truy cập, nó đủ di động để sử dụng ở mọi nơi.
 

Hướng dẫn này tóm tắt tất cả các lệnh, từ khóa, đối số lệnh và lời nhắc liên quan của phần mềm Cisco IOS liên quan đến các kỳ thi chứng chỉ CCNP và CCIE Enterprise Core (ENCOR 350-401) và CCNP Enterprise Advanced Routing and Services (ENARSI 300-410). Các mẹo và ví dụ giúp bạn áp dụng các lệnh vào các tình huống trong thế giới thực và các mẫu cấu hình cho thấy cách sử dụng chúng trong thiết kế mạng.
Bảo hiểm bao gồm:
Lớp 2: Vlan, STP, Định tuyến giữa các Vlan
Lớp 3: EIGRP, OSPF, Phân phối lại, Kiểm soát đường dẫn, BGP
Dịch vụ và quản lý cơ sở hạ tầng
An ninh cơ sở hạ tầng
Bảo đảm mạng
Bảo mật và khắc phục sự cố không dây
Lớp phủ và ảo hóa
Hướng dẫn lệnh di động này cung cấp:
 

Các nhóm chủ đề hướng dẫn hợp lý cho nguồn tài nguyên tổng hợp
Tuyệt vời để ôn tập trước kỳ thi chứng chỉ ENCOR 350-401 và ENARSI 300-410 của bạn
Kích thước nhỏ gọn giúp bạn dễ dàng mang theo bên mình mọi lúc mọi nơi
Phần “Tạo nhật ký của riêng bạn” với các trang trống, có dòng kẻ cho phép bạn cá nhân hóa cuốn sách theo nhu cầu của mình


Introduction     xix
PART I:  LAYER 2 INFRASTRUCTUREChapter 1  VLANs     1

Virtual LANs     1
    Creating Static VLANs Using VLAN Configuration Mode     2
    Assigning Ports to Data and Voice VLANs     2
    Using the range Command     3
    Dynamic Trunking Protocol (DTP)     3
    Setting the Trunk Encapsulation and Allowed VLANs     4
    VLAN Trunking Protocol (VTP)     5
    Verifying VTP     6
    Verifying VLAN Information     7
    Saving VLAN Configurations     7
    Erasing VLAN Configurations     7
    Configuration Example: VLANs     8
Layer 2 Link Aggregation     11
    Interface Modes in EtherChannel     12
    Default EtherChannel Configuration     12
    Guidelines for Configuring EtherChannel     12
    Configuring Layer 2 EtherChannel     14
    Configuring Layer 3 EtherChannel     14
    Configuring EtherChannel Load Balancing     15
    Configuring LACP Hot-Standby Ports     16
    Monitoring and Verifying EtherChannel     17
    Configuration Example: EtherChannel     18
Chapter 2  Spanning Tree Protocol     23

Spanning Tree Protocol Definition     24
Enabling Spanning Tree Protocol     24
Changing the Spanning-Tree Mode     25
Configuring the Root Switch     25
Configuring a Secondary Root Switch     26
Configuring Port Priority     26
Configuring the Path Cost     27
Configuring the Switch Priority of a VLAN     27
Configuring STP Timers     27
Configuring Optional Spanning-Tree Features     28
    PortFast     28
    BPDU Guard (2xxx/older 3xxx Series)     29
    BPDU Guard (3650/9xxx Series)     29
    BPDU Filter     30
    UplinkFast     30
    BackboneFast     31
    Root Guard     31
    Loop Guard     32
    Unidirectional Link Detection     33
Configuring and Verifying Port Error Conditions     33
Enabling Rapid Spanning Tree     36
Rapid Spanning Tree Link Types     36
Enabling Multiple Spanning Tree     37
Verifying the Extended System ID     39
Verifying STP     39
Troubleshooting Spanning Tree Protocol     40
Configuration Example: PVST+     40
Spanning-Tree Migration Example: PVST+ to Rapid-PVST+     43
Chapter 3  Implementing Inter-VLAN Routing     45

Inter-VLAN Communication Using an External Router: Router-on-a-Stick     45
Inter-VLAN Communication Tips     46
Inter-VLAN Communication on a Multilayer Switch Through a Switch Virtual Interface     46
    Configuring Inter-VLAN Communication on an L3 Switch     47
    Removing L2 Switchport Capability of an Interface on an L3 Switch     47
Configuration Example: Inter-VLAN Communication     47
Configuration Example: IPv6 Inter-VLAN Communication     55

PART II:  LAYER 3 INFRASTRUCTUREChapter 4  EIGRP     61

Enhanced Interior Gateway Routing Protocol (EIGRP)     62
Enabling EIGRP for IPv4 Using Classic Mode Configuration     62
Enabling EIGRP for IPv6 Using Classic Mode Configuration     63
EIGRP Using Named Mode Configuration     64
EIGRP Named Mode Subconfiguration Modes     66
Upgrading Classic Mode to Named Mode Configuration     66
EIGRP Router ID     67
Authentication for EIGRP     67
    Configuring Authentication in Classic Mode     67
    Configuring Authentication in Named Mode     68
    Verifying and Troubleshooting EIGRP Authentication     70
Auto-Summarization for EIGRP     70
IPv4 Manual Summarization for EIGRP     70
IPv6 Manual Summarization for EIGRP     71
Timers for EIGRP     71
Passive Interfaces for EIGRP     72
“Pseudo” Passive EIGRP Interfaces     72
Injecting a Default Route into EIGRP: Redistribution of a Static Route     73
Injecting a Default Route into EIGRP: ip default-network     74
Injecting a Default Route into EIGRP: Summarize to 0.0.0.0/0     74
Accepting Exterior Routing Information: default-information     75
Equal-cost Load Balancing: maximum-paths     75
Unequal-cost Load Balancing: variance     76
EIGRP Traffic Sharing     76
Bandwidth Use for EIGRP     77
Stub Routing for EIGRP     77
EIGRP Unicast Neighbors     79
EIGRP Wide Metrics     79
Adjusting the EIGRP Metric Weights     80
Verifying EIGRP     80
Troubleshooting EIGRP     82
Configuration Example: EIGRP for IPv4 and IPv6 Using Named Mode     83
Chapter 5  OSPF     87

Comparing OSPFv2 and OSPFv3     88
Configuring OSPF     89
Configuring Multiarea OSPF     89
Using Wildcard Masks with OSPF Areas     90
Configuring Traditional OSPFv3     91
    Enabling OSPF for IPv6 on an Interface     91
    OSPFv3 and Stub/NSSA Areas     92
    Interarea OSPFv3 Route Summarization     92
    Enabling an IPv4 Router ID for OSPFv3     93
    Forcing an SPF Calculation     93
OSPFv3 Address Families     93
    Configuring the IPv6 Address Family in OSPFv3     94
    Configuring the IPv4 Address Family in OSPFv3     94
    Applying Parameters in Address Family Configuration Mode     94
Authentication for OSPF     95
    Configuring OSPFv2 Authentication: Simple Password     95
    Configuring OSPFv2 Cryptographic Authentication: SHA-256     96
    Configuring OSPFv3 Authentication and Encryption     97
    Verifying OSPFv2 and OSPFv3 Authentication     98
Optimizing OSPF Parameters     98
    Loopback Interfaces     98
    Router ID     99
    DR/BDR Elections     99
    Passive Interfaces     100
    Modifying Cost Metrics     100
    OSPF Reference Bandwidth     101
    OSPF LSDB Overload Protection     101
    Timers     101
    IP MTU     102
Propagating a Default Route     102
Route Summarization     103
    Interarea Route Summarization     103
    External Route Summarization     103
OSPF Route Filtering     104
    Using the filter-list Command     104
    Using the area range not-advertise Command     104
    Using the distribute-list in Command     104
    Using the summary-address not-advertise Command     105
OSPF Special Area Types     105
    Stub Areas     105
    Totally Stubby Areas     106
    Not-So-Stubby Areas (NSSA)     106
    Totally NSSA     107
Virtual Links     108
    Configuration Example: Virtual Links     108
Verifying OSPF Configuration     109
Troubleshooting OSPF     111
Configuration Example: Single-Area OSPF     111
Configuration Example: Multiarea OSPF     114
Configuration Example: Traditional OSPFv3     117
Configuration Example: OSPFv3 with Address Families     120
Chapter 6  Redistribution and Path Control     127

Defining Seed and Default Metrics     128
Redistributing Connected Networks     129
Redistributing Static Routes     129
Redistributing Subnets into OSPF     130
Assigning E1 or E2 Routes in OSPF     130
Redistributing OSPF Internal and External Routes     131
Configuration Example: Route Redistribution for IPv4     131
Configuration Example: Route Redistribution for IPv6     132
Verifying Route Redistribution     134
Route Filtering Using the distribute-list Command     134
    Configuration Example: Inbound and Outbound Distribute List Route Filters     134
    Configuration Example: Controlling Redistribution with Outbound Distribute Lists     135
    Verifying Route Filters     136
Route Filtering Using Prefix Lists     137
    Configuration Example: Using a Distribute List That References a Prefix List to Control Redistribution     139
    Verifying Prefix Lists     140
Using Route Maps with Route Redistribution     140
    Configuration Example: Route Maps     141
Manipulating Redistribution Using Route Tagging     142
Changing Administrative Distance     143
Path Control with Policy-Based Routing     144
Verifying Policy-Based Routing     145
Configuration Example: PBR with Route Maps     146
Cisco IOS IP SLA     147
    Configuring Authentication for IP SLA     149
    Monitoring IP SLA Operations     150
PBR with Cisco IOS IP SLA     150
    Step 1: Define Probe(s)     151
    Step 2: Define Tracking Object(s)     152
    Step 3a: Define the Action on the Tracking Object(s)     152
    Step 3b: Define Policy Routing Using the Tracking Object(s)     152
    Step 4: Verify IP SLA Operations     152
Chapter 7  BGP     155

Configuring BGP: Classic Configuration     156
Configuring Multiprotocol BGP (MP-BGP)     157
Configuring BGP: Address Families     158
Configuration Example: Using MP-BGP Address Families to Exchange IPv4 and IPv6 Routes     159
BGP Support for 4-Byte AS Numbers     160
BGP Timers     161
BGP and update-source     161
IBGP Next-Hop Behavior     162
EBGP Multihop     162
Attributes     164
    Route Selection Decision Process–The BGP Best Path Algorithm     164
    Weight Attribute     164
    Using AS Path Access Lists to Manipulate the Weight Attribute     166
    Using Prefix Lists and Route Maps to Manipulate the Weight Attribute     166
    Local Preference Attribute     167
    Using AS Path Access Lists with Route Maps to Manipulate the Local Preference Attribute     167
    AS Path Attribute Prepending     169
    AS Path: Removing Private Autonomous Systems     171
    Multi-Exit Discriminator (MED) Attribute     171
Verifying BGP     174
Troubleshooting BGP     175
Default Routes     177
Route Aggregation     177
Route Reflectors     177
Regular Expressions     178
Regular Expressions: Examples     179
BGP Route Filtering Using Access Lists and Distribute Lists     180
Configuration Example: Using Prefix Lists and AS Path Access Lists     181
BGP Peer Groups     182
Authentication for BGP     184
    Configuring Authentication Between BGP Peers     184
    Verifying BGP Authentication     184

PART III:  INFRASTRUCTURE SERVICESChapter 8  IP Services     185

Network Address Translation (NAT)     186
    Private IP Addresses: RFC 1918     186
    Configuring Static NAT     187
    Configuring Dynamic NAT     188
    Configuring Port Address Translation (PAT)     189
    Configuring a NAT Virtual Interface     190
    Verifying NAT and PAT Configurations     190
    Troubleshooting NAT and PAT Configurations     191
    Configuration Example: PAT     191
    Configuration Example: NAT Virtual Interfaces and Static NAT     193
First-Hop Redundancy Protocols     194
    Hot Standby Router Protocol     194
    Virtual Router Redundancy Protocol     201
    IPv4 Configuration Example: HSRP on L3 Switch     204
    IPv4 Configuration Example: VRRPv2 on Router and L3 Switch with IP SLA Tracking     209
    IPv6 Configuration Example: HSRPv2 on Router and L3 Switch     212
Dynamic Host Control Protocol (DHCP)     217
    Implementing DHCP for IPv4     217
    Implementing DHCP for IPv6     221
    Configuration Example: DHCP for IPv4     224
    Configuration Example: DHCP for IPv6     226
Chapter 9  Device Management     231

Configuring Passwords     231
    Cleartext Password Encryption     232
Password Encryption Algorithm Types     233
    Configuring SSH     234
    Verifying SSH     235
Boot System Commands     235
The Cisco IOS File System     236
Viewing the Cisco IOS File System     236
Commonly Used URL Prefixes for Cisco Network Devices     236
Deciphering IOS Image Filenames     237
Backing Up Configurations to a TFTP Server     238
Restoring Configurations from a TFTP Server     238
Backing Up the Cisco IOS Software to a TFTP Server     239
Restoring/Upgrading the Cisco IOS Software from a TFTP Server     239
Restoring the Cisco IOS Software Using the ROM Monitor Environmental Variables and tftpdnld Command     240
Secure Copy Protocol (SCP)     241
    Configuring an SCP Server     241
    Verifying and Troubleshooting SCP     241
    Configuration Example: SCP     241
Disabling Unneeded Services     242
Useful Device Management Options     243

PART IV:  INFRASTRUCTURE SECURITYChapter 10  Infrastructure Security     245

IPv4 Access Control Lists (ACLs)     246
    Configuring and Applying Standard IPv4 ACLs     246
Configuring and Applying Extended IPv4 ACLs     247
    Configuring and Applying Time-based ACLs     248
    Configuring and Applying VTY ACLs     249
IPv6 ACLs     250
    Configuring and Applying IPv6 ACLs     250
    Verifying IPv4 and IPv6 ACLs     251
Implementing Authentication Methods     251
    Simple Local Database Authentication     252
    AAA-based Local Database Authentication     252
    RADIUS Authentication     253
    TACACS+ Authentication     255
    Configuring Authorization and Accounting     256
    Troubleshooting AAA     257
Control Plane Policing (CoPP)     257
    Step 1: Define ACLs to Identify Permitted CoPP Traffic Flows     258
    Step 2: Define Class Maps for Matched Traffic     258
    Step 3: Define a Policy Map to Police Matched Traffic     259
    Step 4: Assign a Policy Map to the Control Plane     259
    Verifying CoPP     260
Unicast Reverse Path Forwarding (uRPF)     260
    Configuring uRPF     260
    Verifying and Troubleshooting uRPF     260

PART V:  NETWORK ASSURANCEChapter 11  Network Assurance     261

Internet Control Message Protocol Redirect Messages     262
The ping Command     262
Examples of Using the ping and the Extended ping Commands     263
The traceroute Command     265
The debug Command     265
Conditionally Triggered Debugs     266
Configuring Secure SNMP     267
    Securing SNMPv1 or SNMPv2c     267
    Securing SNMPv3     268
    Verifying SNMP     269
Implementing Logging     269
    Configuring Syslog     269
    Syslog Message Format     269
    Syslog Severity Levels     270
    Syslog Message Example     270
Configuring NetFlow     271
Configuring Flexible NetFlow     272
    Step 1: Configure a Flow Record     272
    Step 2: Configure a Flow Exporter     272
    Step 3: Configure a Flow Monitor     272
    Step 4: Apply the Flow Monitor to an Interface     273
Verifying NetFlow     273
Implementing Port Mirroring     273
    Default SPAN and RSPAN Configuration     273
    Configuring Local SPAN     274
    Local SPAN Guidelines for Configuration     274
    Configuration Example: Local SPAN     274
    Configuring Remote SPAN     277
    Remote SPAN Guidelines for Configuration     278
    Configuration Example: Remote SPAN     278
    Configuring Encapsulated RSPAN (ERSPAN)     280
    Verifying and Troubleshooting Local and Remote SPAN     281
Configuring Network Time Protocol     281
    NTP Configuration     281
    NTP Design     282
    Securing NTP     284
    Verifying and Troubleshooting NTP     286
    Setting the Clock on a Router     286
    Using Time Stamps     290
    Configuration Example: NTP     290
Tool Command Language (Tcl)     294
Embedded Event Manager (EEM)     295
    EEM Configuration Examples     296
    EEM and Tcl Scripts     298
    Verifying EEM     298

PART VI:  WIRELESSChapter 12  Wireless Security and Troubleshooting     299

Authenticating Wireless Clients     299
    Open Authentication     300
    Authenticating with a Pre-shared Key     302
    Authenticating with EAP     304
    Authenticating with WebAuth     310
Troubleshooting from the Wireless LAN Controller     312
Troubleshooting Wireless Client Connectivity     318
    Cisco AireOS Monitoring Dashboard GUI     318
    Cisco IOS XE GUI     322

PART VII:  OVERLAYS AND VIRTUALIZATIONChapter 13  Overlay Tunnels and VRF     325

Generic Routing Encapsulation (GRE)     325
    Configuring an IPv4 GRE Tunnel     326
    Configuring an IPv6 GRE Tunnel     326
    Verifying IPv4 and IPv6 GRE Tunnels     327
    Configuration Example: IPv4 and IPv6 GRE Tunnels with OSPFv3     327
Site-to-Site GRE over IPsec     331
    GRE/IPsec Using Crypto Maps     332
    GRE/IPsec Using IPsec Profiles     333
    Verifying GRE/IPsec     335
Site-to-Site Virtual Tunnel Interface (VTI) over IPsec     335
Cisco Dynamic Multipoint VPN (DMVPN)     336
    Configuration Example: Cisco DMVPN for IPv4     337
    Verifying Cisco DMVPN     342
VRF-Lite     343
    Configuring VRF-Lite     343
    Verifying VRF-Lite     345

Appendix A:  Create Your Own Journal Here     347
Index     361
 

TỔNG QUAN SÁCH

Sử dụng tài nguyên tham khảo nhanh được cập nhật đầy đủ này để giúp ghi nhớ các lệnh và khái niệm khi bạn đạt được chứng chỉ CCNP hoặc CCIE. Chứa đầy thông tin có giá trị, dễ truy cập, nó đủ di động để sử dụng ở mọi nơi.
 

Hướng dẫn này tóm tắt tất cả các lệnh, từ khóa, đối số lệnh và lời nhắc liên quan của phần mềm Cisco IOS liên quan đến các kỳ thi chứng chỉ CCNP và CCIE Enterprise Core (ENCOR 350-401) và CCNP Enterprise Advanced Routing and Services (ENARSI 300-410). Các mẹo và ví dụ giúp bạn áp dụng các lệnh vào các tình huống trong thế giới thực và các mẫu cấu hình cho thấy cách sử dụng chúng trong thiết kế mạng.
Bảo hiểm bao gồm:
Lớp 2: Vlan, STP, Định tuyến giữa các Vlan
Lớp 3: EIGRP, OSPF, Phân phối lại, Kiểm soát đường dẫn, BGP
Dịch vụ và quản lý cơ sở hạ tầng
An ninh cơ sở hạ tầng
Bảo đảm mạng
Bảo mật và khắc phục sự cố không dây
Lớp phủ và ảo hóa
Hướng dẫn lệnh di động này cung cấp:
 

Các nhóm chủ đề hướng dẫn hợp lý cho nguồn tài nguyên tổng hợp
Tuyệt vời để ôn tập trước kỳ thi chứng chỉ ENCOR 350-401 và ENARSI 300-410 của bạn
Kích thước nhỏ gọn giúp bạn dễ dàng mang theo bên mình mọi lúc mọi nơi
Phần “Tạo nhật ký của riêng bạn” với các trang trống, có dòng kẻ cho phép bạn cá nhân hóa cuốn sách theo nhu cầu của mình

MỤC LỤC

Introduction     xix
PART I:  LAYER 2 INFRASTRUCTUREChapter 1  VLANs     1

Virtual LANs     1
    Creating Static VLANs Using VLAN Configuration Mode     2
    Assigning Ports to Data and Voice VLANs     2
    Using the range Command     3
    Dynamic Trunking Protocol (DTP)     3
    Setting the Trunk Encapsulation and Allowed VLANs     4
    VLAN Trunking Protocol (VTP)     5
    Verifying VTP     6
    Verifying VLAN Information     7
    Saving VLAN Configurations     7
    Erasing VLAN Configurations     7
    Configuration Example: VLANs     8
Layer 2 Link Aggregation     11
    Interface Modes in EtherChannel     12
    Default EtherChannel Configuration     12
    Guidelines for Configuring EtherChannel     12
    Configuring Layer 2 EtherChannel     14
    Configuring Layer 3 EtherChannel     14
    Configuring EtherChannel Load Balancing     15
    Configuring LACP Hot-Standby Ports     16
    Monitoring and Verifying EtherChannel     17
    Configuration Example: EtherChannel     18
Chapter 2  Spanning Tree Protocol     23

Spanning Tree Protocol Definition     24
Enabling Spanning Tree Protocol     24
Changing the Spanning-Tree Mode     25
Configuring the Root Switch     25
Configuring a Secondary Root Switch     26
Configuring Port Priority     26
Configuring the Path Cost     27
Configuring the Switch Priority of a VLAN     27
Configuring STP Timers     27
Configuring Optional Spanning-Tree Features     28
    PortFast     28
    BPDU Guard (2xxx/older 3xxx Series)     29
    BPDU Guard (3650/9xxx Series)     29
    BPDU Filter     30
    UplinkFast     30
    BackboneFast     31
    Root Guard     31
    Loop Guard     32
    Unidirectional Link Detection     33
Configuring and Verifying Port Error Conditions     33
Enabling Rapid Spanning Tree     36
Rapid Spanning Tree Link Types     36
Enabling Multiple Spanning Tree     37
Verifying the Extended System ID     39
Verifying STP     39
Troubleshooting Spanning Tree Protocol     40
Configuration Example: PVST+     40
Spanning-Tree Migration Example: PVST+ to Rapid-PVST+     43
Chapter 3  Implementing Inter-VLAN Routing     45

Inter-VLAN Communication Using an External Router: Router-on-a-Stick     45
Inter-VLAN Communication Tips     46
Inter-VLAN Communication on a Multilayer Switch Through a Switch Virtual Interface     46
    Configuring Inter-VLAN Communication on an L3 Switch     47
    Removing L2 Switchport Capability of an Interface on an L3 Switch     47
Configuration Example: Inter-VLAN Communication     47
Configuration Example: IPv6 Inter-VLAN Communication     55

PART II:  LAYER 3 INFRASTRUCTUREChapter 4  EIGRP     61

Enhanced Interior Gateway Routing Protocol (EIGRP)     62
Enabling EIGRP for IPv4 Using Classic Mode Configuration     62
Enabling EIGRP for IPv6 Using Classic Mode Configuration     63
EIGRP Using Named Mode Configuration     64
EIGRP Named Mode Subconfiguration Modes     66
Upgrading Classic Mode to Named Mode Configuration     66
EIGRP Router ID     67
Authentication for EIGRP     67
    Configuring Authentication in Classic Mode     67
    Configuring Authentication in Named Mode     68
    Verifying and Troubleshooting EIGRP Authentication     70
Auto-Summarization for EIGRP     70
IPv4 Manual Summarization for EIGRP     70
IPv6 Manual Summarization for EIGRP     71
Timers for EIGRP     71
Passive Interfaces for EIGRP     72
“Pseudo” Passive EIGRP Interfaces     72
Injecting a Default Route into EIGRP: Redistribution of a Static Route     73
Injecting a Default Route into EIGRP: ip default-network     74
Injecting a Default Route into EIGRP: Summarize to 0.0.0.0/0     74
Accepting Exterior Routing Information: default-information     75
Equal-cost Load Balancing: maximum-paths     75
Unequal-cost Load Balancing: variance     76
EIGRP Traffic Sharing     76
Bandwidth Use for EIGRP     77
Stub Routing for EIGRP     77
EIGRP Unicast Neighbors     79
EIGRP Wide Metrics     79
Adjusting the EIGRP Metric Weights     80
Verifying EIGRP     80
Troubleshooting EIGRP     82
Configuration Example: EIGRP for IPv4 and IPv6 Using Named Mode     83
Chapter 5  OSPF     87

Comparing OSPFv2 and OSPFv3     88
Configuring OSPF     89
Configuring Multiarea OSPF     89
Using Wildcard Masks with OSPF Areas     90
Configuring Traditional OSPFv3     91
    Enabling OSPF for IPv6 on an Interface     91
    OSPFv3 and Stub/NSSA Areas     92
    Interarea OSPFv3 Route Summarization     92
    Enabling an IPv4 Router ID for OSPFv3     93
    Forcing an SPF Calculation     93
OSPFv3 Address Families     93
    Configuring the IPv6 Address Family in OSPFv3     94
    Configuring the IPv4 Address Family in OSPFv3     94
    Applying Parameters in Address Family Configuration Mode     94
Authentication for OSPF     95
    Configuring OSPFv2 Authentication: Simple Password     95
    Configuring OSPFv2 Cryptographic Authentication: SHA-256     96
    Configuring OSPFv3 Authentication and Encryption     97
    Verifying OSPFv2 and OSPFv3 Authentication     98
Optimizing OSPF Parameters     98
    Loopback Interfaces     98
    Router ID     99
    DR/BDR Elections     99
    Passive Interfaces     100
    Modifying Cost Metrics     100
    OSPF Reference Bandwidth     101
    OSPF LSDB Overload Protection     101
    Timers     101
    IP MTU     102
Propagating a Default Route     102
Route Summarization     103
    Interarea Route Summarization     103
    External Route Summarization     103
OSPF Route Filtering     104
    Using the filter-list Command     104
    Using the area range not-advertise Command     104
    Using the distribute-list in Command     104
    Using the summary-address not-advertise Command     105
OSPF Special Area Types     105
    Stub Areas     105
    Totally Stubby Areas     106
    Not-So-Stubby Areas (NSSA)     106
    Totally NSSA     107
Virtual Links     108
    Configuration Example: Virtual Links     108
Verifying OSPF Configuration     109
Troubleshooting OSPF     111
Configuration Example: Single-Area OSPF     111
Configuration Example: Multiarea OSPF     114
Configuration Example: Traditional OSPFv3     117
Configuration Example: OSPFv3 with Address Families     120
Chapter 6  Redistribution and Path Control     127

Defining Seed and Default Metrics     128
Redistributing Connected Networks     129
Redistributing Static Routes     129
Redistributing Subnets into OSPF     130
Assigning E1 or E2 Routes in OSPF     130
Redistributing OSPF Internal and External Routes     131
Configuration Example: Route Redistribution for IPv4     131
Configuration Example: Route Redistribution for IPv6     132
Verifying Route Redistribution     134
Route Filtering Using the distribute-list Command     134
    Configuration Example: Inbound and Outbound Distribute List Route Filters     134
    Configuration Example: Controlling Redistribution with Outbound Distribute Lists     135
    Verifying Route Filters     136
Route Filtering Using Prefix Lists     137
    Configuration Example: Using a Distribute List That References a Prefix List to Control Redistribution     139
    Verifying Prefix Lists     140
Using Route Maps with Route Redistribution     140
    Configuration Example: Route Maps     141
Manipulating Redistribution Using Route Tagging     142
Changing Administrative Distance     143
Path Control with Policy-Based Routing     144
Verifying Policy-Based Routing     145
Configuration Example: PBR with Route Maps     146
Cisco IOS IP SLA     147
    Configuring Authentication for IP SLA     149
    Monitoring IP SLA Operations     150
PBR with Cisco IOS IP SLA     150
    Step 1: Define Probe(s)     151
    Step 2: Define Tracking Object(s)     152
    Step 3a: Define the Action on the Tracking Object(s)     152
    Step 3b: Define Policy Routing Using the Tracking Object(s)     152
    Step 4: Verify IP SLA Operations     152
Chapter 7  BGP     155

Configuring BGP: Classic Configuration     156
Configuring Multiprotocol BGP (MP-BGP)     157
Configuring BGP: Address Families     158
Configuration Example: Using MP-BGP Address Families to Exchange IPv4 and IPv6 Routes     159
BGP Support for 4-Byte AS Numbers     160
BGP Timers     161
BGP and update-source     161
IBGP Next-Hop Behavior     162
EBGP Multihop     162
Attributes     164
    Route Selection Decision Process–The BGP Best Path Algorithm     164
    Weight Attribute     164
    Using AS Path Access Lists to Manipulate the Weight Attribute     166
    Using Prefix Lists and Route Maps to Manipulate the Weight Attribute     166
    Local Preference Attribute     167
    Using AS Path Access Lists with Route Maps to Manipulate the Local Preference Attribute     167
    AS Path Attribute Prepending     169
    AS Path: Removing Private Autonomous Systems     171
    Multi-Exit Discriminator (MED) Attribute     171
Verifying BGP     174
Troubleshooting BGP     175
Default Routes     177
Route Aggregation     177
Route Reflectors     177
Regular Expressions     178
Regular Expressions: Examples     179
BGP Route Filtering Using Access Lists and Distribute Lists     180
Configuration Example: Using Prefix Lists and AS Path Access Lists     181
BGP Peer Groups     182
Authentication for BGP     184
    Configuring Authentication Between BGP Peers     184
    Verifying BGP Authentication     184

PART III:  INFRASTRUCTURE SERVICESChapter 8  IP Services     185

Network Address Translation (NAT)     186
    Private IP Addresses: RFC 1918     186
    Configuring Static NAT     187
    Configuring Dynamic NAT     188
    Configuring Port Address Translation (PAT)     189
    Configuring a NAT Virtual Interface     190
    Verifying NAT and PAT Configurations     190
    Troubleshooting NAT and PAT Configurations     191
    Configuration Example: PAT     191
    Configuration Example: NAT Virtual Interfaces and Static NAT     193
First-Hop Redundancy Protocols     194
    Hot Standby Router Protocol     194
    Virtual Router Redundancy Protocol     201
    IPv4 Configuration Example: HSRP on L3 Switch     204
    IPv4 Configuration Example: VRRPv2 on Router and L3 Switch with IP SLA Tracking     209
    IPv6 Configuration Example: HSRPv2 on Router and L3 Switch     212
Dynamic Host Control Protocol (DHCP)     217
    Implementing DHCP for IPv4     217
    Implementing DHCP for IPv6     221
    Configuration Example: DHCP for IPv4     224
    Configuration Example: DHCP for IPv6     226
Chapter 9  Device Management     231

Configuring Passwords     231
    Cleartext Password Encryption     232
Password Encryption Algorithm Types     233
    Configuring SSH     234
    Verifying SSH     235
Boot System Commands     235
The Cisco IOS File System     236
Viewing the Cisco IOS File System     236
Commonly Used URL Prefixes for Cisco Network Devices     236
Deciphering IOS Image Filenames     237
Backing Up Configurations to a TFTP Server     238
Restoring Configurations from a TFTP Server     238
Backing Up the Cisco IOS Software to a TFTP Server     239
Restoring/Upgrading the Cisco IOS Software from a TFTP Server     239
Restoring the Cisco IOS Software Using the ROM Monitor Environmental Variables and tftpdnld Command     240
Secure Copy Protocol (SCP)     241
    Configuring an SCP Server     241
    Verifying and Troubleshooting SCP     241
    Configuration Example: SCP     241
Disabling Unneeded Services     242
Useful Device Management Options     243

PART IV:  INFRASTRUCTURE SECURITYChapter 10  Infrastructure Security     245

IPv4 Access Control Lists (ACLs)     246
    Configuring and Applying Standard IPv4 ACLs     246
Configuring and Applying Extended IPv4 ACLs     247
    Configuring and Applying Time-based ACLs     248
    Configuring and Applying VTY ACLs     249
IPv6 ACLs     250
    Configuring and Applying IPv6 ACLs     250
    Verifying IPv4 and IPv6 ACLs     251
Implementing Authentication Methods     251
    Simple Local Database Authentication     252
    AAA-based Local Database Authentication     252
    RADIUS Authentication     253
    TACACS+ Authentication     255
    Configuring Authorization and Accounting     256
    Troubleshooting AAA     257
Control Plane Policing (CoPP)     257
    Step 1: Define ACLs to Identify Permitted CoPP Traffic Flows     258
    Step 2: Define Class Maps for Matched Traffic     258
    Step 3: Define a Policy Map to Police Matched Traffic     259
    Step 4: Assign a Policy Map to the Control Plane     259
    Verifying CoPP     260
Unicast Reverse Path Forwarding (uRPF)     260
    Configuring uRPF     260
    Verifying and Troubleshooting uRPF     260

PART V:  NETWORK ASSURANCEChapter 11  Network Assurance     261

Internet Control Message Protocol Redirect Messages     262
The ping Command     262
Examples of Using the ping and the Extended ping Commands     263
The traceroute Command     265
The debug Command     265
Conditionally Triggered Debugs     266
Configuring Secure SNMP     267
    Securing SNMPv1 or SNMPv2c     267
    Securing SNMPv3     268
    Verifying SNMP     269
Implementing Logging     269
    Configuring Syslog     269
    Syslog Message Format     269
    Syslog Severity Levels     270
    Syslog Message Example     270
Configuring NetFlow     271
Configuring Flexible NetFlow     272
    Step 1: Configure a Flow Record     272
    Step 2: Configure a Flow Exporter     272
    Step 3: Configure a Flow Monitor     272
    Step 4: Apply the Flow Monitor to an Interface     273
Verifying NetFlow     273
Implementing Port Mirroring     273
    Default SPAN and RSPAN Configuration     273
    Configuring Local SPAN     274
    Local SPAN Guidelines for Configuration     274
    Configuration Example: Local SPAN     274
    Configuring Remote SPAN     277
    Remote SPAN Guidelines for Configuration     278
    Configuration Example: Remote SPAN     278
    Configuring Encapsulated RSPAN (ERSPAN)     280
    Verifying and Troubleshooting Local and Remote SPAN     281
Configuring Network Time Protocol     281
    NTP Configuration     281
    NTP Design     282
    Securing NTP     284
    Verifying and Troubleshooting NTP     286
    Setting the Clock on a Router     286
    Using Time Stamps     290
    Configuration Example: NTP     290
Tool Command Language (Tcl)     294
Embedded Event Manager (EEM)     295
    EEM Configuration Examples     296
    EEM and Tcl Scripts     298
    Verifying EEM     298

PART VI:  WIRELESSChapter 12  Wireless Security and Troubleshooting     299

Authenticating Wireless Clients     299
    Open Authentication     300
    Authenticating with a Pre-shared Key     302
    Authenticating with EAP     304
    Authenticating with WebAuth     310
Troubleshooting from the Wireless LAN Controller     312
Troubleshooting Wireless Client Connectivity     318
    Cisco AireOS Monitoring Dashboard GUI     318
    Cisco IOS XE GUI     322

PART VII:  OVERLAYS AND VIRTUALIZATIONChapter 13  Overlay Tunnels and VRF     325

Generic Routing Encapsulation (GRE)     325
    Configuring an IPv4 GRE Tunnel     326
    Configuring an IPv6 GRE Tunnel     326
    Verifying IPv4 and IPv6 GRE Tunnels     327
    Configuration Example: IPv4 and IPv6 GRE Tunnels with OSPFv3     327
Site-to-Site GRE over IPsec     331
    GRE/IPsec Using Crypto Maps     332
    GRE/IPsec Using IPsec Profiles     333
    Verifying GRE/IPsec     335
Site-to-Site Virtual Tunnel Interface (VTI) over IPsec     335
Cisco Dynamic Multipoint VPN (DMVPN)     336
    Configuration Example: Cisco DMVPN for IPv4     337
    Verifying Cisco DMVPN     342
VRF-Lite     343
    Configuring VRF-Lite     343
    Verifying VRF-Lite     345

Appendix A:  Create Your Own Journal Here     347
Index     361
 

-%
0₫ 0₫
0915920514
0915920514