1.

1 Layer 2 Access Switchports

1.2 Layer 2 Dynamic Switchports
1.3 ISL Trunking
1.4802.1q Trunkin
1.5802.1q Native VLA
1.6Disabling DTP Negotiatio
1.7Router-On-A-Stic
1.8VTP7
1.9VTP Transpare
1.10VTP Pruning8
1.11VTP Prune-Eligible Lit
1.12Layer 2 EtherChanne
1.13Layer 2 EtherChannel with Pag
1.14Layer 2 EtherChannel with LAC
1.15Layer 3 EtherChannl
1.16802.1q Tunnelig
1.17EtherChannel over 802.1q Tunnelin
1.18STP Root Bridge Election 10
1.19STP Load Balancing with Port Cost 11
1.20STP Load Balancing with Port Priority 11
1.21Tuning STP Convergence Timers 11
1.22STP PortFast11
1.23STP PortFast Default 11
1.24STP UplinkFast12
1.25STP BackboneFast12
1.26STP BPDU Guard12
1.27STP BPDU Guard Default 12
1.28STP BPDU Filter12
1.29STP BPDU Filter Default13
1.30STP Root Guard13
1.31STP Loop Guard13
1.32Unidirectional Link Detection 13
1.33MST Root Bridge Election 14
1.34MST Load Balancing with Port Cost 14
1.35MST Load Balancing with Port Priority 14
1.36MST and Rapid Spanning Tree 15
1.37Protected Ports15
1.38Storm Control15
1.39MAC-Address Table Static Entries & Aging 15
1.40SPAN15
1.41RSPAN16
1.42Voice VLAN16
1.43IP Phone Trust and CoS Extend 16
1.44Smartport Macros 17
1.45Flex Links17
1.46Fallback Bridging17
1.47Private VLANs18
1.48PPP18
1.49PPP AAA Authentication 19
1.50PPPoE19
Frame Relay20
2.1 Inverse-ARP20
2.2 Static Mappings20
2.3 Point-to-Point Subinterfaces20
2.4 Multipoint Subinterfaces & Inverse-ARP 21
2.5 Multipoint Subinterfaces & Static Mappings 21
2.6 Hub-and-Spoke & Static Mappings 21
2.7 Hub-and-Spoke & Inverse-ARP 22
2.8 Hub-and-Spoke & Point-to-Point Subinterfaces 22
2.9 Disabling Inverse-ARP23
2.10Back-to-Back Frame Relay23
2.11Frame Relay End-to-End Keepalives 24
2.12Frame Relay Broadcast Queue 24
2.13Frame Relay TCP & RTP Header Compression 24
2.14PPP over Frame Relay 24
2.15Bridging over Frame Relay 25
2.16Frame-Relay Switching 25
IP Routing26
3.1 Routing to Multipoint Broadcast Interfaces 26
3.2 Routing to NBMA Interfaces 26
3.3 Longest Match Routing27
3.4 Floating Static Routes 27
3.5 Backup Interface27
3.6 Reliable Static Routing with Enhanced Object Tracking 28
3.7 Policy Routing28
3.8 Reliable Policy Routing 29
3.9 Local Policy Routing30
3.10GRE Tunneling30
3.11GRE Tunneling and Recursive Routing 30
3.12Reliable Backup Interface with GRE 31
3.13On-Demand Routing (ODR) 31
3.14OER Components Setup 33
3.15OER Profile Phase33
3.16OER Measure Phase33
3.17OER Apply Policy Phase 34
3.18OER Control & Verify Phase 34
RIP36
4.1 Basic RIP Configuration36
4.2 RIPv2 Authentication36
4.3 RIPv2 Split Horizon36
4.4 RIPv2 Auto-Summary36
4.5 RIP Send and Receive Versions 37
4.6 RIPv2 Manual Summarization 37
4.7 RIPv2 Convergence Timers 37
4.8 RIPv2 Offset List37
4.9 RIPv2 Filtering with Passive Interface 37
4.10RIPv2 Filtering with Prefix-Lists 37
4.11RIPv2 Filtering with Standard Access-Lists 38
4.12RIPv2 Filtering with Extended Access-Lists 38
4.13RIPv2 Filtering with Offset Lists 38
4.14RIPv2 Filtering with Administrative Distance 38
4.15RIPv2 Filtering with Per Neighbor AD 38
4.16RIPv2 Default Routing 38
4.17RIPv2 Conditional Default Routing 38
4.18RIPv2 Reliable Conditional Default Routing 39
4.19RIPv2 Unicast Updates 39
4.20RIPv2 Broadcast Updates 39
4.21RIPv2 Triggered Updates 39
4.22RIPv2 Source Validation 39
EIGRP40
5.1 EIGRP Network Statement 40
5.2 EIGRP Auto-Summary 40
5.3 EIGRP Split Horizon40
5.4 EIGRP MD5 Authentication40
5.5 EIGRP Key Chain Rotation 41
5.6 EIGRP Unicast Updates 41
5.7 EIGRP Default Network41
5.8 EIGRP Summarization 41
5.9 EIGRP Summarization with Default Routing 42
5.10EIGRP Summarization with Leak Map 42
5.11EIGRP Floating Summarization 42
5.12EIGRP Poisoned Floating Summarization 42
5.13EIGRP Metric Weights43
5.14EIGRP Traffic Engineering with Metric 43
5.15EIGRP Unequal Cost Load Balancing 43
5.16EIGRP Convergence Timers 43
5.17EIGRP Stub Routing43
5.18EIGRP Stub Routing with Leak Map 44
5.19EIGRP Filtering with Passive Interface 44
5.20EIGRP Filtering with Prefix-Lists 44
5.21EIGRP Filtering with Standard Access-Lists 44
5.22EIGRP Filtering with Extended Access-Lists 44
5.23EIGRP Filtering with Offset Lists 45
5.24EIGRP Filtering with Administrative Distance 45
5.25EIGRP Filtering with Per Neighbor AD 45
5.26EIGRP Filtering with Route Maps 45
5.27EIGRP Bandwidth Pacing 45
5.28EIGRP Default Metric 45
5.29EIGRP Neighbor Logging46
5.30EIGRP Router-ID46
5.31EIGRP Maximum Hops46
OSPF48
6.1 OSPF over Broadcast Media 48
6.2 OSPF over Non-Broadcast Media 49
6.3 OSPF DR/BDR Election Manipulation 49
6.4 OSPF Network Point-to-Point 49
6.5 OSPF Network Point-to-Multipoint 49
6.6 OSPF Network Point-to-Multipoint Non-Broadcast 49
6.7 OSPF Network Loopback 50
6.8 OSPF Path Selection with Auto-Cost 50
6.9 OSPF Path Selection with Cost 50
6.10OSPF Path Selection with Bandwidth 50
6.11OSPF Path Selection with Per-Neighbor Cost 50
6.12Repairing Discontiguous OSPF Areas with Virtual-Links 50
6.13OSPF Path Selection with Non-Backbone Transit Areas 51
6.14OSPF Path Selection with Virtual-Links 51
6.15OSPF Demand Circuit 51
6.16OSPF Flooding Reduction 51
6.17OSPF Clear Text Authentication 51
6.18OSPF MD5 Authentication51
6.19OSPF Null Authentication52
6.20OSPF MD5 Authentication with Multiple Keys 52
6.21OSPF Internal Summarization 52
6.22OSPF Path Selection with Summarization 52
6.23OSPF External Summarization 52
6.24OSPF Stub Areas53
6.25OSPF Totally Stubby Areas 53
6.26OSPF Not-So-Stubby Areas 53
6.27OSPF Not-So-Stubby Areas and Default Routing 53
6.28OSPF Not-So-Totally-Stubby Areas 53
6.29OSPF Stub Areas with Multiple Exit Points 54
6.30OSPF NSSA Type-7 to Type-5 Translator Election 54
6.31OSPF NSSA Redistribution Filtering 54
6.32OSPF LSA Type-3 Filtering54
6.33OSPF Forwarding Address Suppression 55
6.34OSPF Default Routing 55
6.35OSPF Conditional Default Routing 55
6.36OSPF Reliable Conditional Default Routing 55
6.37OSPF Filtering with Distribute-Lists 56
6.38OSPF Summarization and Discard Routes 56
6.39OSPF Filtering with Administrative Distance 56
6.40OSPF Filtering with Route-Maps 56
6.41OSPF NSSA ABR External Prefix Filtering 56
6.42OSPF Database Filtering 56
6.43OSPF Stub Router Advertisement 56
6.44OSPF Interface Timers 57
6.45OSPF Global Timers 57
6.46OSPF Resource Limiting 57
6.47Miscellaneous OSPF Features 58
BGP60
7.1 Establishing iBGP Peerings 60
7.2 Establishing EBGP Peerings 60
7.3 BGP Update Source Modification60
7.4 Multihop EBGP Peerings 60
7.5 Neighbor Disable-Connected-Check 61
7.6 Authenticating BGP Peerings 61
7.7 iBGP Route Reflection61
7.8 Large Scale iBGP Route Reflection with Clusters 62
7.9 iBGP Confederation63
7.10BGP Next-Hop Processing - Next-Hop-Self 64
7.11BGP Next-Hop Processing - Manual Modification 64
7.12iBGP Synchronization 64
7.13BGP over GRE65
7.14BGP Redistribute Internal 65
7.15BGP Peer Groups 66
7.16BGP Network Statement 66
7.17BGP Auto-Summary66
7.18BGP Bestpath Selection - Weight 68
7.19BGP Bestpath Selection - Local Preference 68
7.20BGP Bestpath Selection - AS-Path Prepending 68
7.21BGP Bestpath Selection - Origin 68
7.23BGP Bestpath Selection - MED 68
7.24BGP Bestpath Selection - Always Compare MED 68
7.25BGP Bestpath Selection - AS-Path Ignore 68
7.26BGP Bestpath Selection - Router-IDs 69
7.27BGP Bestpath Selection - DMZ Link Bandwidth 69
7.28BGP Bestpath Selection - Maximum AS Limit 69
7.29BGP Backdoor 69
7.30BGP Aggregation69
7.31BGP Aggregation - Summary Only 69
7.32BGP Aggregation - Suppress Map 69
7.33BGP Aggregation - Unsuppress Map 70
7.34BGP Aggregation - AS-Set 70
7.35BGP Aggregation - Attribute-Map 70
7.36BGP Aggregation - Advertise Map 70
7.37BGP Communities 71
7.38BGP Communities - No-Advertise 71
7.39BGP Communities - No-Export71
7.40BGP Communities - Local-AS71
7.41BGP Communities - Deleting 71
7.42BGP Conditional Advertisement 72
7.43BGP Conditional Route Injection 72
7.44BGP Filtering with Prefix-Lists 72
7.45BGP Filtering with Standard Access-Lists 73
7.46BGP Filtering with Extended Access-Lists 73
7.47BGP Regular Expressions 73
7.49BGP Default Routing74
7.50BGP Local AS74
7.51BGP Local AS Replace-AS/Dual-AS 74
7.52BGP Remove Private AS 74
7.53BGP Dampening74
7.54BGP Dampening with Route-Map 75
7.55BGP Timers Tuning 75
7.56BGP Fast Fallover75
7.57BGP Outbound Route Filtering75
7.58BGP Soft Reconfiguration 75
7.59BGP Next-Hop Trigger 75
7.60BGP TTL Security76
7.61BGP AllowAS in 76
Multicast78
8.1 PIM Dense Mode 79
8.2 Multicast RPF Failure79
8.3 PIM Sparse Mode79
8.4 PIM Sparse-Dense Mode 79
8.5 PIM Assert80
8.6 PIM Accept RP 80
8.7 PIM DR Election80
8.8 PIM Accept Register80
8.9 Multicast Tunneling80
8.10PIM NBMA Mode80
8.11Auto-RP80
8.12Auto-RP - Multiple Candidate RPs 81
8.13Auto-RP - Filtering Candidate RPs 81
8.14Auto-RP Listener81
8.15Auto-RP and RP/MA Placement 81
8.16Filtering Auto-RP Messages 81
8.17Multicast Boundary81
8.18PIM Bootstrap Router 81
8.19BSR - Multiple RP Candidates 82
8.20Filtering BSR Messages 82
8.21Stub Multicast Routing & IGMP Helper 82
8.22IGMP Filtering 82
8.23IGMP Timers 82
8.24Multicast Helper Map83
8.25Multicast Rate Limiting 83
8.26Bidirectional PIM 83
8.27Source Specific Multicast 83
8.28DVMRP Interoperability83
8.29Multicast BGP Extension 85
8.30MSDP85
8.31Anycast RP85
8.32Catalyst IGMP Snooping 85
8.33Catalyst Multicast VLAN Registration 86
8.34Catalyst IGMP Profiles 86
IPv688
9.1 IPv6 Link-Local Addressing88
9.2 IPv6 Unique Local Addressing 88
9.3 IPv6 Global Aggregatable Addressing 88
9.4 IPv6 EUI-64 Addressing 88
9.5 IPv6 Auto-Configuration89
9.6 RIPng89
9.7 RIPng over NBMA89
9.8 RIPng Summarization89
9.9 RIPng Prefix Filtering90
9.10RIPng Metric Manipulation90
9.11RIPng Default Routing90
9.12EIGRPv690
9.13EIGRPv6 Summarization 90
9.14EIGRPv6 Prefix Filtering 90
9.15EIGRPv6 Metric Manipulation 91
9.16EIGRPv6 Default Routing91
9.17OSPFv391
9.18OSPFv3 over NBMA 91
9.19OSPFv3 Virtual Links 91
9.20OSPFv3 Summarization91
9.21IPv6 Redistribution92
9.22IPv6 Filtering92
9.23IPv6 NAT-PT92
9.24IPv6 MP-BGP92
9.25IPv6 PIM and MLD 92
9.26IPv6 PIM BSR93
9.27IPv6 Embedded RP93
9.28IPv6 SSM93
9.29IPv6 Tunneling93
9.30Automatic 6to4 Tunnels 94
9.31ISATAP Tunnels94
Quality of Service96
10.1Hold-Queue and Tx-Ring 96
10.2Weighted Fair Queuing (WFQ)96
10.3Legacy RTP Reserved Queue 96
10.4Legacy RTP Prioritization 96
10.5Legacy Custom Queueing 97
10.6Legacy Custom Queueing with Prioritization 97
10.7Legacy Priority Queueing 97
10.8Legacy Random Early Detection 97
10.9Legacy Flow-Based Random Early Detection 98
10.10Selective Packet Discard98
10.11Payload Compression on Serial Links 98
10.12Generic TCP/UDP Header Compression 98
10.13MLP Link Fragmentation and Interleaving 98
10.14Legacy Generic Traffic Shaping 99
10.15Legacy CAR for Admission Control 99
10.16Oversubscription with Legacy CAR and WFQ 99
10.17Legacy CAR for Rate Limiting 99
10.18Legacy CAR Access-Lists99
10.19Legacy GTS for Frame Relay 100
10.20Legacy Frame Relay Traffic Shaping 100
10.21Legacy Adaptive FRTS 100
10.22Legacy FRTS with Per-VC WFQ 100
10.23Legacy FRTS with Per-VC PQ 101
10.24Legacy FRTS with Per-VC CQ 101
10.25Legacy FRTS with Per-VC Fragmentation 101
10.26Legacy FRTS with Per-VC IP RTP Priority 101
10.27Frame-Relay RTP/TCP Header Compression 101
10.28Frame-Relay Broadcast Queue 102
10.29Frame-Relay DE Marking 102
10.30Legacy FRTS PVC Interface Priority Queue 102
10.31Frame-Relay Priority to DLCI Mapping 102
10.32Frame-Relay Traffic Policing & Congestion Mgmt 103
10.33MQC Classification and Marking 104
10.34MQC Bandwidth Reservations and CBWFQ 104
10.35MQC Bandwidth Percent 104
10.36MQC LLQ and Remaining Bandwidth Reservations 105
10.37MQC WRED 105
10.38MQC Dynamic Flows and WRED 105
10.39MQC WRED with ECN 105
10.40MQC Class-Based Generic Traffic Shaping 105
10.41MQC Class-Based GTS and CBWFQ 106
10.42MQC Single-Rate Three-Color Policer 106
10.43MQC Hierarchical Policers 106
10.44MQC Two-Rate Three-Color Policer 107
10.45MQC Peak Shaping 107
10.46MQC Percent-Based Policing 107
10.47MQC Header Compression 107
10.48Using Class-Based GTS for FRTS 108
10.49MQC Based Frame-Relay DE-Marking 108
10.50Using MQC CBWFQ with Legacy FRTS 108
10.51MQC Compatible FRF.12 Fragmentation 108
10.52MQC Based Frame-Relay Traffic Shaping 109
10.53Voice Adaptive Traffic Shaping 109
10.54Voice Adaptive Fragmentation 109
10.55MLPPP LFI over Frame Relay 110
10.56QoS Pre-Classify 110
10.57RSVP and WFQ 111
10.58RSVP and SBM 111
10.59RSVP and CBWFQ 111
10.60RSVP and LLQ 111
10.61RSVP and Per-VC WFQ 112
10.62Catalyst QoS Port-Based Classification 112
10.63Catalyst QoS Marking Pass-Through 112
10.64Catalyst QoS ACL Based Classification & Marking 113
10.65Catalyst 3550 Per-Port Per-VLAN Classification 113
10.66Catalyst 3560 Per-VLAN Classification 113
10.67Catalyst QoS Port-Based Policing and Marking 114
10.68Catalyst 3560 Per-Port Per-VLAN Policing 114
10.69Catalyst 3550 Per-Port Per-VLAN Policing 114
10.70Catalyst QoS Aggregate Policers 115
10.71Catalyst 3560 Ingress Queueing 115
10.72Catalyst 3560 Ingress Queue Tuning 115
10.73Catalyst 3550 Egress Queueing 116
10.74Catalyst 3550 Regular Queues Tuning 116
10.75Catalyst 3550 Gigabit Interface Queues Tuning 116
10.76Catalyst 3550 Egress Policing 117
10.77Catalyst 3560 SRR Shared Mode 117
10.78Catalyst 3560 SRR Shaped Mode 117
10.79Catalyst 3560 Egress Queues Tuning 118
10.80Catalyst QoS DSCP Mutation 118
10.81Advanced HTTP Classification with NBAR 118
Security120
11.1AAA Authentication Lists 120
11.2AAA Exec Authorization 120
11.3AAA Local Command Authorization 121
11.3AAA Local Command Authorization 121
11.4Traffic Filtering with Standard Access-Lists 121
11.5Traffic Filtering with Extended Access-Lists 121
11.6Traffic Filtering with Reflexive Access-Lists 122
11.7Filtering Fragmented Packets 122
11.8Access Control with Dynamic Access-Lists 122
11.9Traffic Filtering with Time-Based Access-Lists 122
11.10Traffic Filtering with Policy-Based Routing 123
11.11Preventing Spoofing with uRPF 123
11.12Using NBAR for Content-Based Filtering 123
11.13TCP Intercept 123
11.14TCP Intercept Watch Mode 124
11.15Packet Logging with Access-Lists 124
11.16Stateful Filtering with CBAC 124
11.17Advanced CBAC Features 125
11.18CBAC TCP/UDP Intercept Feature 125
11.19VLAN Filters for IP Traffic 125
11.20VLAN Filters for Non-IP Traffic 126
11.21Port Security126
11.22HSRP and Port-Security 126
11.23DHCP Snooping 127
11.24DHCP Snooping and the Information Option 127
11.25Dynamic ARP Inspection 127
11.26IP Source Guard 127
11.27Using Catalyst Ingress Access-Lists 128
11.28Controlling Terminal Line Access 128
11.29IOS Login Enhancements 128
11.30Role Based CLI 128
11.31IP Source Tracker 129
11.32Router IP Traffic Export 129
11.33Controlling the ICMP Messages Rate 129
11.34Control Plane Policing 129
11.35Control Plane Protection 130
11.36IOS ACL Selective IP Option Drop 130
11.37BGP Generic TTL Security Mechanism 130
11.38Flexible Packet Matching 130
11.39Zone Based Firewall 131
11.40ZFW Rate Limiting 131
11.41ZFW Application Inspection 131
11.42Classic IOS Transparent Firewall 132
11.43ZFW-Based IOS Transparent Firewall 132
11.44IOS IPS132
System Management134
12.1Exec Aliases134
12.2System Message Logging 134
12.3Syslog Logging 135
12.4Logging Counting and Timestamps 135
12.5Logging to Flash Memory 135
12.6Configuration Change Notification and Logging 135
12.7Configuration Archive & Rollback 136
12.8Logging with Access-Lists 136
12.9TCP Keepalives 136
12.10Generating Exception Core Dumps 136
12.11Conditional Debugging 136
12.12Telnet Service Options 137
12.13Tuning Packet Buffers 137
12.14Terminal Line Settings 137
12.15SNMPv2c Server 138
12.16SNMPv2c Access Control 138
12.17SNMP Traps and Informs 138
12.18CPU and Memory Thresholds 138
12.19SNMPv3 139
12.20SNMP MAC Address Notifications 139
12.21SNMP Notifications of Syslog Messages 139
12.22CDP140
12.23RMON Alarms 140
12.24RMON Statistics Collection 140
12.25HTTP Server and Client 140
12.26FTP Server and Client 141
12.27TFTP Server and Client 141
12.28Remote Shell 141
12.29NTP 141
12.30NTP Authentication 142
12.31NTP Access Control 142
12.32Auto-Install over LAN Interfaces using DHCP 142
12.33Auto-Install over Frame-Relay 142
12.34Auto-Install over LAN Interfaces using RARP 143
12.35IOS Menus 143
12.36IOS Banners 144
12.37KRON Command Schedule 144
12.38EEM Scripting: Interface Events 144
12.39EEM Scripting: Syslog Events 144
12.40EEM Scripting: CLI Events 145
12.41EEM Scripting: Periodic Scheduling 145
12.42EEM Scripting: Advanced Features 145
IP Services146
13.1Proxy ARP 146
13.2DHCP Server 146
13.3DHCP Client 147
13.4DHCP Relay147
13.5DHCP Host Pool 147
13.6DHCP On-Demand Pool 147
13.7DHCP Proxy 147
13.8DHCP Information Option 148
13.9DHCP Authorized ARP 148
13.10IP SLA148
13.11Object Tracking 148
13.12HSRP 149
13.13VRRP 149
13.14GLBP 149
13.15Router Redundancy and Objects Tracking 149
13.16IRDP150
13.17Router ICMP Settings 150
13.18Basic NAT150
13.19NAT Overload 150
13.20NAT with Route Maps 150
13.21Static NAT 151
13.22Static PAT 151
13.23NAT and IP Aliasing 151
13.24Static Policy NAT 151
13.25NAT with Overlapping Subnets 151
13.26TCP Load Distribution with NAT 152
13.27Stateful NAT with HSRP 152
13.28Stateful NAT Primary/Backup 152
13.29NAT Virtual Interface 153
13.30NAT Default Interface 153
13.31Reversible NAT 153
13.32Static Extendable NAT 153
13.33IP Precedence Accounting 154
13.34IP Output Packets Accounting 154
13.35IP Access Violation Accounting 154
13.36MAC Address Accounting 154
13.37TCP Optimization 154
13.38IOS Small Services & Finger 155
13.39Directed Broadcasts & UDP Forwarding 155
13.40DRP Server Agent 155
13.41WCCPv1 Web-Cache 155
13.42WCCPv2 Services 156
13.43NBAR Protocol Discovery 156
13.44Netflow Ingress & Egress 156
13.45Netflow Top Talkers 157
13.46Netflow Aggregation Cache 157
13.47Netflow Random Sampling 157
13.48Netflow Input Filters 157
13.49IOS Authoritative DNS Server 158
13.50IOS Caching DNS Server 158
13.51IOS DNS Spoofing 158
13.52IP Event Dampening 158
MPLS VPN160
14.1VRF Lite160
14.2MPLS LDP160
14.3MPLS Label Filtering 160
14.4MP-BGP VPNv4 161
14.5MP-BGP Prefix Filtering 161
14.6PE-CE Routing with RIP 161
14.7PE-CE Routing with OSPF 161
14.8OSPF Sham-Link 162
14.9PE-CE Routing with EIGRP 162
14.10EIGRP Site-of-Origin 162
14.11PE-CE Routing with BGP 162
14.12BGP SoO Attribute 162
14.13Internet Access 163
14.14AToM 163
14.15L2TPV3163
14.16MPLS VPN Performance Tuning 163