30.4 Routing Technology Cisco Forum FAQ - dslreports.com

republican-creole			Search:
	login · register

FAQs

how-to block ads

	Search for: in all FAQs
All FAQs » Cisco Forum FAQ » 30.4 Routing Technology
FAQ Revisions	Editors: skj , Covenant , aryoba , Phraxos Last modified on 2009-12-09 10:16:13

30.4 Routing Technology ·Static Routing ·RIP: An Introduction ·EIGRP: An Introduction ·OSPF: An Introduction ·BGP: An Introduction ·Multicast - Introduction and Sample Configurations
Static Routing (#16409)
Prerequisite Reading »Cisco Forum FAQ »Quick and Easy Subnetting on Routing, Switching and Network Design Relationship Some discussions »[HELP] Static Routing feedback form by aryoba last modified: 2009-11-02 12:13:19
RIP: An Introduction (#16424)
www.cciecandidate.com RIP version 2: Basic Convergence and Loop Prevention Configuration Definitions feedback form by aryoba
EIGRP: An Introduction (#16425)
www.cciecandidate.com Basics Tables, Convergence and Going Active Configuration Definitions Cisco website Metric Computation feedback form by aryoba
OSPF: An Introduction (#16423)
www.cciecandidate.com Basic Database Exchange Designated Routers in LAN Designated Routers in WAN Design, LSA Types, and Stubby Areas Configuration Definitions Redistribution: RIP, EIGRP, OSPF Route Summarization: RIP, EIGRP, OSPF Default Routes: RIP, EIGRP, OSPF feedback form by aryoba
BGP: An Introduction (#16431)
Part 1 Cisco documentations Practical BGP BGP Best Path Selection Algorithm Part 2 www.cciecandidate.com Neighbors Building BGP Table Advertising BGP Routes BGP Synchronizations Building IP Routes Definitions Route Filtering and Summarization Path Attributes and Decision Process Policies and Best Path AS Path Prepend BGP Conditional Advertisements BGP Community BGP Well-Known Communities Routing Policies - Definitions Route Reflectors BGP Confederation Part 3 www.cciecandidate.com MPLS, Frame-Mode Convergence, PHP, and BGP Interaction feedback form by aryoba last modified: 2009-12-09 10:16:13
Multicast - Introduction and Sample Configurations (#16285)
Some Discussions »Broadcasting.... TCP or UDP »[HELP] LLDP Multicast storm »dot11radio, vlans and bridging »[HELP] Limiting Multicast and Half Duplex Collisions »OSPF over a non-multicast link? »[Config] HSRP Config Issue »Odd HSRP multicast traffic »Multicast groups »[HELP] testing a CDN »Boarderware Mail Firewall and PIX configuration »CGMP used by Cisco LAN switches »[Config] Multicast configuration Question »multicast addresses »Forwarding multicast packets »Multicast packets being dropped between cisco rout »Invalid source address error Documentations www.netcraftsmen.net/welcher The Protocols of IP Multicast PIM Dense Mode PIM Sparse Mode IP Multicast and PIM Rendezvous Points Troubleshooting Too Much Multicast IP Multicast, Best Practices and Control www.cciecandidate.com Introduction to Multicasting - Basics Introduction to Multicasting - Addressing IGMP version 1 IGMP version 2 IGMP version 1 and 2 Interoperability and Timers IGMP version 3 and Multicast Listener Discovery Protocol (MLD) CGMP IGMP Snooping RGMP Multicasting - Definitions IP Multicast Routing - Basics Multicast RPF Check IP Multicast Routing - PIM DM Issues of multiple PIM-speaking routers on same subnet: Prune Override, Assert Message, Multicast Designated Router (DR) Distance Vector Multicast Routing Protocol (DVMRP) and Multicast Open Shortest Path First (MOSPF) IP Multicast Routing - PIM SM Part 1 of 2 IP Multicast Routing - PIM SM Part 2 of 2 PIM Sparse: Shared Root = RP RP Discovery and Discovery; Bidirectional PIM IP Multicast Routing - Definitions Multicast Static RP Multicast Redundant RP with MSDP Cisco website Introduction IP Multicast Technical Overview IP Multicast Deployment Fundamentals Guidelines for Enterprise IP Multicast Address Allocation IP Multicast Best Practices for Enterprise Customers PIM Configuring IP Multicast Routing IP Multicast Load Splitting - Equal Cost Multipath (ECMP) Using S, G and Next Hop PIM Dense Mode State Refresh PIM Version 2 PIM Sparse: Configuring RP (Rendezvous Point) Configuring RP and related topics PIM Sparse: Switching from Shared Tree (from RP to receiver) to Source Tree or Shortest-Path Tree (from Source directly to receiver) once the threshold in Kbps reaches Bidirectional PIM Anycast RP and Multicast Source Discovery Protocol (MSDP) IGMP, CGMP, and RGMP Customizing IGMP Multicast in a Campus Network: CGMP and IGMP Snooping IGMP State Limit Using RGMP: Basics and Case Study Quick References Configuring IP Multicast Routing Configuration Examples and TechNotes IP Multicast Configuration Guide Cisco IOS IP Multicast Command Reference Multicast Quick-Start Configuration Guide Cisco Multicast Support Matrix Basic Multicast Troubleshooting Tools no ip mroute-cache command in an interface configuration to be sure that you see multicast packets when doing a debug ip mpacket troubleshooting IP Multicast Troubleshooting Guide Tips and Tricks Constraining Multicast Traffic with Source and Receivers on the Same VLAN on Catalyst Switches Running Catalyst OS Using IP Multicast Over Frame Relay Networks Using MSDP to Interconnect Multiple PIM-SM Domains Multicast Source Discovery Protocol SA Filter Recommendations Multicast Support for MPLS VPNs Configuration Example PIM RPF Vector Sample Configurations Scenario 1: There are two redundant routers act as edge routers receiving multicast feed from external network over DS-3 circuits. Router #1 version 12.3 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname R1 ! boot-start-marker boot-end-marker ! card type t3 1 logging buffered 32000 debugging enable secret 5 ***** ! no aaa new-model ! resource policy ! ip subnet-zero no ip source-route ip cef ! ! no ip dhcp use vrf connected ! ! ip ftp username ** ip ftp password 7 *** no ip domain lookup ip domain name yourdomain.com ip multicast-routing ip scp server enable no ftp-server write-enable voice-card 0 no dspfarm ! username Manager privilege 15 secret 5 ** username User privilege 5 secret 5 * ! ! controller T3 1/0 ! ! interface Loopback0 ip address 11.65.64.1 255.255.255.255 ! interface GigabitEthernet0/0 ip address 172.18.18.12 255.255.0.0 ip access-group cust-firewall-in in no ip redirects no ip unreachables ip pim sparse-mode ip nat inside ip igmp version 3 no ip mroute-cache duplex auto speed auto media-type rj45 negotiation auto ntp disable no cdp enable standby 137 ip 172.18.18.11 standby 137 priority 110 standby 137 preempt standby 137 track Serial1/0 ! interface GigabitEthernet0/1 ip address 192.168.239.34 255.255.255.252 ip pim sparse-mode ip nat inside ip igmp version 3 duplex auto speed auto media-type rj45 negotiation auto no cdp enable ! interface Serial1/0 mtu 1950 ip address 128.11.65.66 255.255.255.248 ip pim sparse-mode ip nat outside encapsulation ppp no peer neighbor-route dsu bandwidth 44210 no cdp enable ! router rip version 2 timers basic 30 90 90 120 redistribute connected redistribute static offset-list any out 2 GigabitEthernet0/0 network 11.0.0.0 network 128.11.0.0 network 172.18.0.0 network 192.168.239.0 maximum-paths 3 distribute-list rip-cust-out out GigabitEthernet0/0 distribute-list rip-cust-in in GigabitEthernet0/0 distribute-list rip-peer-out out GigabitEthernet0/1 distribute-list rip-bfin-out out Serial1/0 no auto-summary ! ip classless no ip forward-protocol nd ip route 10.0.0.0 255.0.0.0 172.18.0.1 ip route 11.65.64.0 255.255.248.0 Null0 ip route 172.16.0.0 255.240.0.0 172.18.0.1 ! ! no ip http server no ip http secure-server ip nat translation timeout 3600 ip nat pool customer-nat 11.65.64.2 11.65.71.245 prefix-length 8 ip nat inside source route-map 1-dyna-nat-policy pool customer-nat reversible ! ip access-list standard any permit any ip access-list standard area-mgmt permit 199.105.176.0 0.0.7.255 permit 199.105.184.0 0.0.1.255 permit 205.183.246.0 0.0.0.255 ip access-list standard bfin-mgmt permit 160.43.3.0 0.0.0.255 permit 160.43.4.0 0.0.0.255 ip access-list standard bfin-registered permit 69.184.0.0 0.7.255.255 permit 160.43.0.0 0.0.255.255 permit 199.105.176.0 0.0.7.255 permit 199.105.184.0 0.0.1.255 permit 208.134.161.0 0.0.0.255 ip access-list standard bfin-server permit 69.184.0.0 0.0.255.255 permit 160.43.0.0 0.0.255.255 permit 199.105.176.0 0.0.7.255 permit 199.105.184.0 0.0.1.255 permit 205.183.246.0 0.0.0.255 permit 208.134.161.0 0.0.0.255 ip access-list standard bfin-snmp-mgrs permit 160.43.3.171 permit 160.43.4.171 permit 160.43.3.0 0.0.0.255 permit 160.43.4.0 0.0.0.255 permit 160.43.94.0 0.0.0.255 permit 160.43.166.0 0.0.0.255 permit 160.43.6.0 0.0.0.255 permit 160.43.162.0 0.0.0.255 ip access-list standard corp-mgmt permit 160.43.6.0 0.0.0.255 permit 160.43.162.0 0.0.0.255 ip access-list standard corp-range permit 10.100.0.0 0.0.63.255 permit 10.100.64.0 0.0.63.255 permit 10.100.128.0 0.0.63.255 permit 10.102.0.0 0.0.255.255 permit 10.103.0.0 0.0.255.255 permit 10.104.0.0 0.0.255.255 permit 10.105.0.0 0.0.255.255 permit 10.106.0.0 0.0.255.255 permit 10.107.0.0 0.0.255.255 ip access-list standard cust-natable-range deny 69.184.0.0 0.7.255.255 deny 224.0.0.0 31.255.255.255 permit any ip access-list standard default permit 0.0.0.0 ip access-list standard deny-all deny any ip access-list standard dest-natable-range permit 208.134.161.0 0.0.0.255 permit 199.105.184.0 0.0.1.255 ip access-list standard feed-fe permit 160.43.13.0 0.0.0.255 permit 160.43.14.0 0.0.1.255 permit 160.43.16.0 0.0.1.255 permit 160.43.24.0 0.0.0.255 permit 160.43.90.0 0.0.1.255 permit 160.43.92.0 0.0.3.255 permit 160.43.96.0 0.0.1.255 permit 160.43.98.0 0.0.0.255 permit 160.43.166.0 0.0.0.255 permit 160.43.172.0 0.0.3.255 ip access-list standard feed-mgmt permit 160.43.94.0 0.0.0.255 permit 160.43.166.0 0.0.0.255 ip access-list standard lo0-local permit 11.65.64.1 ip access-list standard peer-local permit 11.209.0.1 ip access-list standard private permit 10.0.0.0 0.255.255.255 permit 172.16.0.0 0.15.255.255 permit 192.168.0.0 0.0.255.255 ip access-list standard rip-bfin-in permit any ip access-list standard rip-bfin-out deny 0.0.0.0 permit 11.65.64.0 permit 11.65.64.1 permit 11.209.0.1 deny 69.184.0.0 0.0.255.255 deny 160.43.0.0 0.0.255.255 deny 199.105.176.0 0.0.7.255 deny 199.105.184.0 0.0.1.255 deny 205.183.246.0 0.0.0.255 deny 208.134.161.0 0.0.0.255 deny any ip access-list standard rip-cust-in deny 69.184.0.0 0.0.255.255 deny 160.43.0.0 0.0.255.255 deny 199.105.176.0 0.0.7.255 deny 199.105.184.0 0.0.1.255 deny 205.183.246.0 0.0.0.255 deny 208.134.161.0 0.0.0.255 permit any ip access-list standard rip-cust-out deny 160.43.3.0 0.0.0.255 deny 160.43.4.0 0.0.0.255 permit 69.184.0.0 0.0.255.255 permit 160.43.0.0 0.0.255.255 permit 199.105.176.0 0.0.7.255 permit 199.105.184.0 0.0.1.255 permit 205.183.246.0 0.0.0.255 permit 208.134.161.0 0.0.0.255 deny any ip access-list standard rip-peer-in permit any ip access-list standard rip-peer-out permit any ip access-list standard shared-nat-local ip access-list standard unshared-nat-local permit 11.65.64.0 ! ip access-list extended cust-firewall-in deny ip any 160.43.3.0 0.0.0.255 deny ip any 160.43.4.0 0.0.0.255 deny udp any any eq tftp permit ip any any ip access-list extended source-dest-nat deny ip 128.11.65.64 0.0.0.7 any deny ip host 11.65.64.1 any deny ip 11.65.64.0 0.0.7.255 any deny ip 128.11.209.0 0.0.0.7 any deny ip host 11.209.0.1 any permit ip any any ! logging 160.43.3.171 logging 160.43.4.171 snmp-server community * RW bfin-snmp-mgrs snmp-server location * snmp-server contact Your Network Administrator snmp-server enable traps tty no cdp run route-map rip-bfin-out deny 10 match ip address default ! route-map rip-bfin-out deny 20 match ip address bfin-server ! route-map rip-bfin-out permit 30 match ip address peer-local ! route-map rip-bfin-out permit 40 match ip address lo0-local ! route-map rip-bfin-out permit 55 match ip address unshared-nat-local ! route-map rip-bfin-out deny 200 match ip address any ! route-map rip-peer-out permit 10 match ip address any ! route-map rip-cust-out deny 10 match ip address bfin-mgmt ! route-map rip-cust-out permit 20 match ip address bfin-server ! route-map rip-cust-out deny 100 match ip address any ! route-map rip-peer-in permit 10 match ip address any ! route-map rip-bfin-in permit 10 match ip address any ! route-map 1-dyna-nat-policy permit 20 match ip address source-dest-nat ! route-map 1-dyna-nat-policy deny 30 ! route-map 2-stat-nat-policy permit 20 match ip address source-dest-nat ! route-map 2-stat-nat-policy deny 30 ! route-map rip-cust-in deny 10 match ip address bfin-server ! route-map rip-cust-in permit 100 match ip address any ! control-plane ! line con 0 exec-timeout 0 0 password 7 * login stopbits 1 line aux 0 stopbits 1 line vty 0 4 password 7 ** logging synchronous login ! scheduler allocate 20000 1000 ! end Router #2 version 12.3 service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname R2 ! boot-start-marker boot-end-marker ! card type t3 1 logging buffered 32000 debugging enable secret 5 * ! no aaa new-model ! resource policy ! ip subnet-zero no ip source-route ip cef ! ! no ip dhcp use vrf connected ! ! ip ftp username ip ftp password 7 * no ip domain lookup ip domain name yourdomain.com ip multicast-routing ip scp server enable no ftp-server write-enable voice-card 0 no dspfarm ! username Manager privilege 15 secret 5 * username User privilege 5 secret 5 * ! ! controller T3 1/0 ! interface Loopback0 ip address 11.65.64.1 255.255.255.255 ! interface GigabitEthernet0/0 ip address 172.18.18.13 255.255.0.0 ip access-group cust-firewall-in in no ip redirects no ip unreachables ip pim sparse-mode ip nat inside ip igmp version 3 no ip mroute-cache duplex auto speed auto media-type rj45 negotiation auto ntp disable no cdp enable standby 137 ip 172.18.18.11 standby 137 priority 105 standby 137 preempt standby 137 track Serial1/0 ! interface GigabitEthernet0/1 ip address 192.168.239.34 255.255.255.252 ip pim sparse-mode ip nat inside ip igmp version 3 duplex auto speed auto media-type rj45 negotiation auto no cdp enable ! interface Serial1/0 mtu 1950 ip address 128.11.65.66 255.255.255.248 ip pim sparse-mode ip nat outside encapsulation ppp no peer neighbor-route dsu bandwidth 44210 no cdp enable ! router rip version 2 timers basic 30 90 90 120 redistribute connected redistribute static offset-list any out 2 GigabitEthernet0/0 network 11.0.0.0 network 128.11.0.0 network 172.18.0.0 network 192.168.239.0 maximum-paths 3 distribute-list rip-cust-out out GigabitEthernet0/0 distribute-list rip-cust-in in GigabitEthernet0/0 distribute-list rip-peer-out out GigabitEthernet0/1 distribute-list rip-bfin-out out Serial1/0 no auto-summary ! ip classless no ip forward-protocol nd ip route 10.0.0.0 255.0.0.0 172.18.0.1 ip route 11.65.64.0 255.255.248.0 Null0 ip route 172.16.0.0 255.240.0.0 172.18.0.1 ! ! no ip http server no ip http secure-server ip nat translation timeout 3600 ip nat pool customer-nat 11.65.64.2 11.65.71.245 prefix-length 8 ip nat inside source route-map 1-dyna-nat-policy pool customer-nat reversible ! ip access-list standard any permit any ip access-list standard area-mgmt permit 199.105.176.0 0.0.7.255 permit 199.105.184.0 0.0.1.255 permit 205.183.246.0 0.0.0.255 ip access-list standard bfin-mgmt permit 160.43.3.0 0.0.0.255 permit 160.43.4.0 0.0.0.255 ip access-list standard bfin-registered permit 69.184.0.0 0.7.255.255 permit 160.43.0.0 0.0.255.255 permit 199.105.176.0 0.0.7.255 permit 199.105.184.0 0.0.1.255 permit 208.134.161.0 0.0.0.255 ip access-list standard bfin-server permit 69.184.0.0 0.0.255.255 permit 160.43.0.0 0.0.255.255 permit 199.105.176.0 0.0.7.255 permit 199.105.184.0 0.0.1.255 permit 205.183.246.0 0.0.0.255 permit 208.134.161.0 0.0.0.255 ip access-list standard bfin-snmp-mgrs permit 160.43.3.171 permit 160.43.4.171 permit 160.43.3.0 0.0.0.255 permit 160.43.4.0 0.0.0.255 permit 160.43.94.0 0.0.0.255 permit 160.43.166.0 0.0.0.255 permit 160.43.6.0 0.0.0.255 permit 160.43.162.0 0.0.0.255 ip access-list standard corp-mgmt permit 160.43.6.0 0.0.0.255 permit 160.43.162.0 0.0.0.255 ip access-list standard corp-range permit 10.100.0.0 0.0.63.255 permit 10.100.64.0 0.0.63.255 permit 10.100.128.0 0.0.63.255 permit 10.102.0.0 0.0.255.255 permit 10.103.0.0 0.0.255.255 permit 10.104.0.0 0.0.255.255 permit 10.105.0.0 0.0.255.255 permit 10.106.0.0 0.0.255.255 permit 10.107.0.0 0.0.255.255 ip access-list standard cust-natable-range deny 69.184.0.0 0.7.255.255 deny 224.0.0.0 31.255.255.255 permit any ip access-list standard default permit 0.0.0.0 ip access-list standard deny-all deny any ip access-list standard dest-natable-range permit 208.134.161.0 0.0.0.255 permit 199.105.184.0 0.0.1.255 ip access-list standard feed-fe permit 160.43.13.0 0.0.0.255 permit 160.43.14.0 0.0.1.255 permit 160.43.16.0 0.0.1.255 permit 160.43.24.0 0.0.0.255 permit 160.43.90.0 0.0.1.255 permit 160.43.92.0 0.0.3.255 permit 160.43.96.0 0.0.1.255 permit 160.43.98.0 0.0.0.255 permit 160.43.166.0 0.0.0.255 permit 160.43.172.0 0.0.3.255 ip access-list standard feed-mgmt permit 160.43.94.0 0.0.0.255 permit 160.43.166.0 0.0.0.255 ip access-list standard lo0-local permit 11.65.64.1 ip access-list standard peer-local permit 11.209.0.1 ip access-list standard private permit 10.0.0.0 0.255.255.255 permit 172.16.0.0 0.15.255.255 permit 192.168.0.0 0.0.255.255 ip access-list standard rip-bfin-in permit any ip access-list standard rip-bfin-out deny 0.0.0.0 permit 11.65.64.0 permit 11.65.64.1 permit 11.209.0.1 deny 69.184.0.0 0.0.255.255 deny 160.43.0.0 0.0.255.255 deny 199.105.176.0 0.0.7.255 deny 199.105.184.0 0.0.1.255 deny 205.183.246.0 0.0.0.255 deny 208.134.161.0 0.0.0.255 deny any ip access-list standard rip-cust-in deny 69.184.0.0 0.0.255.255 deny 160.43.0.0 0.0.255.255 deny 199.105.176.0 0.0.7.255 deny 199.105.184.0 0.0.1.255 deny 205.183.246.0 0.0.0.255 deny 208.134.161.0 0.0.0.255 permit any ip access-list standard rip-cust-out deny 160.43.3.0 0.0.0.255 deny 160.43.4.0 0.0.0.255 permit 69.184.0.0 0.0.255.255 permit 160.43.0.0 0.0.255.255 permit 199.105.176.0 0.0.7.255 permit 199.105.184.0 0.0.1.255 permit 205.183.246.0 0.0.0.255 permit 208.134.161.0 0.0.0.255 deny any ip access-list standard rip-peer-in permit any ip access-list standard rip-peer-out permit any ip access-list standard shared-nat-local ip access-list standard unshared-nat-local permit 11.65.64.0 ! ip access-list extended cust-firewall-in deny ip any 160.43.3.0 0.0.0.255 deny ip any 160.43.4.0 0.0.0.255 deny udp any any eq tftp permit ip any any ip access-list extended source-dest-nat deny ip 128.11.65.64 0.0.0.7 any deny ip host 11.65.64.1 any deny ip 11.65.64.0 0.0.7.255 any deny ip 128.11.209.0 0.0.0.7 any deny ip host 11.209.0.1 any permit ip any any ! logging 160.43.3.171 logging 160.43.4.171 snmp-server community RW bfin-snmp-mgrs snmp-server location * snmp-server contact Your Network Administrator snmp-server enable traps tty no cdp run route-map rip-bfin-out deny 10 match ip address default ! route-map rip-bfin-out deny 20 match ip address bfin-server ! route-map rip-bfin-out permit 30 match ip address peer-local ! route-map rip-bfin-out permit 40 match ip address lo0-local ! route-map rip-bfin-out permit 55 match ip address unshared-nat-local ! route-map rip-bfin-out deny 200 match ip address any ! route-map rip-peer-out permit 10 match ip address any ! route-map rip-cust-out deny 10 match ip address bfin-mgmt ! route-map rip-cust-out permit 20 match ip address bfin-server ! route-map rip-cust-out deny 100 match ip address any ! route-map rip-peer-in permit 10 match ip address any ! route-map rip-bfin-in permit 10 match ip address any ! route-map 1-dyna-nat-policy permit 20 match ip address source-dest-nat ! route-map 1-dyna-nat-policy deny 30 ! route-map 2-stat-nat-policy permit 20 match ip address source-dest-nat ! route-map 2-stat-nat-policy deny 30 ! route-map rip-cust-in deny 10 match ip address bfin-server ! route-map rip-cust-in permit 100 match ip address any ! control-plane ! line con 0 exec-timeout 0 0 password 7 * login stopbits 1 line aux 0 stopbits 1 line vty 0 4 password 7 *** logging synchronous login ! scheduler allocate 20000 1000 ! end Scenario 2: Sample configuration on Catalyst 4500 series switch, act as MDF; contribution of mplex . Note: Anyone using this should be aware that multicast is not configured for redundancy at the MDF level here, and you need to make sure your primary HSRP router has a higher PIM DR priority than default to avoid flooding. version 12.2 no service pad service timestamps debug datetime localtime show-timezone service timestamps log datetime localtime show-timezone service password-encryption service compress-config ! hostname ...mdf ! boot-start-marker boot-end-marker ! logging buffered 32768 debugging no logging console no logging monitor enable secret 5 ... ! username ... password 7 ... aaa new-model aaa authentication login default group tacacs+ local aaa authentication login no_tacacs line aaa authentication enable default group tacacs+ enable aaa authorization exec default local group tacacs+ aaa accounting exec default start-stop group tacacs+ aaa accounting commands 0 default start-stop group tacacs+ aaa accounting commands 1 default start-stop group tacacs+ aaa accounting commands 2 default start-stop group tacacs+ aaa accounting commands 3 default start-stop group tacacs+ aaa accounting commands 4 default start-stop group tacacs+ aaa accounting commands 5 default start-stop group tacacs+ aaa accounting commands 6 default start-stop group tacacs+ aaa accounting commands 7 default start-stop group tacacs+ aaa accounting commands 8 default start-stop group tacacs+ aaa accounting commands 9 default start-stop group tacacs+ aaa accounting commands 10 default start-stop group tacacs+ aaa accounting commands 11 default start-stop group tacacs+ aaa accounting commands 12 default start-stop group tacacs+ aaa accounting commands 13 default start-stop group tacacs+ aaa accounting commands 14 default start-stop group tacacs+ aaa accounting commands 15 default start-stop group tacacs+ ! aaa session-id common clock timezone EST -5 clock summer-time EST recurring qos qos dbl exceed-action ecn qos dbl qos map dscp 0 to tx-queue 2 qos map dscp 16 18 20 22 24 25 26 32 to tx-queue 4 qos map dscp 34 36 38 to tx-queue 4 qos map dscp policed 0 24 32 34 40 46 48 to dscp 8 qos map cos 5 6 to dscp 46 ip subnet-zero ip domain-name ....com ip name-server .... ip name-server .... ! ip dhcp snooping vlan 1-1005 no ip dhcp snooping information option no ip dhcp snooping verify mac-address ip dhcp snooping ip multicast-routing ip ssh version 2 ! ! ! errdisable recovery cause bpduguard errdisable recovery cause dhcp-rate-limit errdisable recovery cause unicast-flood errdisable recovery cause storm-control errdisable recovery cause arp-inspection errdisable recovery interval 1800 power redundancy-mode redundant ! macro name access no macro description no switchport mode trunk no switchport trunk all vlan 1-1005 no switchport trunk enc dot1q no qos trust dscp no ip dhcp snooping trust no storm-control broadcast level 0.10 no tx-queue 1 no tx-queue 2 no tx-queue 3 no tx-queue 4 no service-policy output DBL no ip dhcp snooping trust switchport mode access switchport host storm-control broadcast level 0.10 ip dhcp snooping limit rate 5 service-policy input ACCESS-LAYER-QOS qos trust cos @ macro name uplink no macro description no switchport mode access no switchport access vlan no switchport voice vlan no spanning-tree portfast no service-policy input ACCESS-LAYER-QOS no storm-control broadcast level 0.10 no ip dhcp snooping limit rate 5 no qos trust cos ip dhcp snooping trust qos trust dscp tx-queue 1 bandwidth percent 5 tx-queue 2 bandwidth percent 25 tx-queue 3 bandwidth percent 30 priority high shape percent 30 tx-queue 4 bandwidth percent 40 service-policy output DBL switchport trunk enc dot1q switchport mode trunk switchport trunk allowed vlan 1-1005 @ macro name downlink no macro description no switchport mode access no switchport access vlan no switchport voice vlan no spanning-tree portfast no service-policy input ACCESS-LAYER-QOS no storm-control broadcast level 0.10 no ip dhcp snooping limit rate 5 no ip dhcp snooping trust no qos trust cos qos trust dscp tx-queue 1 bandwidth percent 5 tx-queue 2 bandwidth percent 25 tx-queue 3 bandwidth percent 30 priority high shape percent 30 tx-queue 4 bandwidth percent 40 service-policy output DBL switchport trunk enc dot1q switchport mode trunk switchport trunk allowed vlan 1-1005 @ ! ! spanning-tree mode rapid-pvst spanning-tree portfast bpduguard default spanning-tree extend system-id spanning-tree vlan 200 priority 4096 spanning-tree vlan 400 priority 20480 ! vlan internal allocation policy ascending ! vlan 2200 name core1 ! vlan 3200 name core2 ! class-map match-any H323-VIDEO match access-group name H323-VIDEO class-map match-all VOIP-PHONE match access-group name VOIP-PHONE ! ! policy-map ACCESS-LAYER-QOS class VOIP-PHONE police 128000 bps 8000 byte conform-action transmit exceed-action policed-dscp-transmit class H323-VIDEO police 20000000 bps 8000 byte conform-action transmit exceed-action policed-dscp-transmit policy-map DBL class class-default dbl ! ! interface Loopback0 ip address .... 255.255.255.255 ! interface GigabitEthernet1/1 description [core1] switchport trunk encapsulation dot1q switchport trunk native vlan 2200 switchport trunk allowed vlan 34,2200 switchport mode trunk qos trust dscp tx-queue 1 bandwidth percent 5 tx-queue 2 bandwidth percent 25 tx-queue 3 bandwidth percent 30 priority high shape percent 30 tx-queue 4 bandwidth percent 40 service-policy output DBL ip dhcp snooping trust ! interface GigabitEthernet1/2 description [core2] switchport trunk encapsulation dot1q switchport trunk native vlan 3200 switchport trunk allowed vlan 34,3200 switchport mode trunk qos trust dscp tx-queue 1 bandwidth percent 5 tx-queue 2 bandwidth percent 25 tx-queue 3 bandwidth percent 30 priority high shape percent 30 tx-queue 4 bandwidth percent 40 service-policy output DBL ip dhcp snooping trust ! interface GigabitEthernet2/1 description [Sample Trunk Port] switchport trunk encapsulation dot1q switchport trunk allowed vlan 1-1005 switchport mode trunk qos trust dscp tx-queue 1 bandwidth percent 5 tx-queue 2 bandwidth percent 25 tx-queue 3 bandwidth percent 30 priority high shape percent 30 tx-queue 4 bandwidth percent 40 service-policy output DBL ! interface GigabitEthernet4/1 description [Sample Access Port] switchport access vlan 200 switchport mode access switchport voice vlan 400 no snmp trap link-status storm-control broadcast level 0.10 storm-control broadcast level 0.10 spanning-tree portfast service-policy input ACCESS-LAYER-QOS ip dhcp snooping limit rate 5 ! interface Vlan1 ip address ..200.1 255.255.255.0 no ip redirects no ip proxy-arp ! interface Vlan200 description [-Access] ip address ..200.51 255.255.255.0 ip helper-address .... ip helper-address .... no ip redirects no ip proxy-arp ip pim sparse-dense-mode standby 200 ip .... standby 200 timers 1 3 standby 200 priority 190 standby 200 preempt delay minimum 30 ! interface Vlan400 description [-Access-VOICE] ip address .... 255.255.255.0 ip helper-address .... ip helper-address .... no ip redirects no ip proxy-arp standby 200 ip .... standby 200 priority 150 standby 200 preempt delay minimum 30 ! interface Vlan2200 description [core1] ip address ..200.11 255.255.255.254 ip pim sparse-dense-mode ip ospf network point-to-point ! interface Vlan3200 description [core2] ip address ..200.21 255.255.255.254 ip pim sparse-dense-mode ip ospf network point-to-point ! router ospf 100 log-adjacency-changes timers throttle spf 5 1000 60000 passive-interface default no passive-interface Vlan2200 no passive-interface Vlan3200 network .... 0.0.255.255 area 0 ! no ip http server no ip http secure-server ! ip ospf name-lookup ! ip access-list extended H323-VIDEO permit ip any any dscp cs3 permit ip any any dscp cs4 permit ip any any dscp cs5 permit ip any any dscp af31 permit ip any any dscp af41 permit ip any host 128.23.1.59 ip access-list extended VOIP-PHONE permit ip any any dscp ef permit ip any any dscp cs5 ! ip access-list extended MANAGEMENT-NETS permit ip .... 0.0.0.255 any ! logging facility local2 logging source-interface Loopback0 logging .... tacacs-server host .... tacacs-server directed-request tacacs-server key 7 .... radius-server source-ports 1645-1646 ! alias configure sh do sh alias exec ps show proc cpu \| excl 0.00%__0.00%__0.00% alias exec acl sh ip access-lists alias exec mem sh proc mem alias exec rates sh int \| include (protocol\|rate) alias exec stp sh spanning-tree detail \| i changes\|exec ! line con 0 exec-timeout 15 0 password 7 .... logging synchronous transport preferred none escape-character 3 stopbits 1 line vty 0 4 access-class MANAGEMENT-NETS in exec-timeout 15 0 password 7 .... logging synchronous transport preferred none escape-character 3 line vty 5 15 access-class MANAGEMENT-NETS in exec-timeout 15 0 password 7 .... logging synchronous transport preferred none escape-character 3 ! ntp server .... ntp server .... end feedback form by aryoba** last modified: 2009-12-04 08:38:57


Thursday, 10-Dec 00:00:31	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. republican-creole