Cisco IOS Cookbook: Field-Tested Solutions to Cisco Router Problems

Cisco IOS Cookbook: Field-Tested Solutions to Cisco Router Problems

by Kevin Dooley, Ian Brown

Paperback(Second Edition)

$53.99 $59.99 Save 10% Current price is $53.99, Original price is $59.99. You Save 10%.
View All Available Formats & Editions
Choose Expedited Shipping at checkout for guaranteed delivery by Monday, December 16


Never has something cried out for a cookbook quite as much as Cisco's Internetwork Operating System (IOS). IOS is powerful and flexible, but also confusing and daunting. Most tasks can be accomplished in several different ways. And you don't want to spend precious time figuring out which way is best when you're trying to solve a problem quickly.

That's what this cookbook is for. Fortunately, most router configuration tasks can be broken down into several more or less independent steps: you configure an interface, you configure a routing protocol, you set up backup links, you implement packet filters and other access control mechanisms. What you really need is a set of recipes that show you how to perform the most common tasks, so you can quickly come up with a good configuration for your site. And you need to know that these solutions work: you don't want to find yourself implementing a backup link at 2 A.M. because your main link is down and the backup link you set up when you installed the router wasn't quite right.

Thoroughly revised and expanded, Cisco IOS Cookbook , 2nd Edition, adds sections on MPLS, Security, IPv6, and IP Mobility, and presents solutions to the most common configuration problems, including:

  • Configuring interfaces of many types, from serial to ATM and Frame Relay
  • Configuring all of the common IP routing protocols (RIP, EIGRP, OSPF, and BGP)
  • Configuring authentication
  • Configuring other services, including DHCP and NTP
  • Setting up backup links, and using HSRP to configure backup routers
  • Managing the router, including SNMP and other solutions
  • Using access lists to control the traffic through the router

If you work with Cisco routers, you need a book like this to help you solve problems quickly and effectively. Even if you're experienced, the solutions and extensive explanations will give you new ideas and insights into router configuration. And if you're not experienced—if you've just been given responsibility for managing a network with Cisco routers—this book could be a job-saver.

Product Details

ISBN-13: 9780596527228
Publisher: O'Reilly Media, Incorporated
Publication date: 01/28/2007
Series: Cookbooks (O'Reilly) Series
Edition description: Second Edition
Pages: 1192
Product dimensions: 7.00(w) x 9.19(h) x 2.60(d)

About the Author

Kevin Dooley has been designing and implementing networks as an independent consultant for more than ten years. He's built large scale Local and Wide Area Networks for several of Canada's largest companies. Kevin holds a PhD in physics from the University of Toronto and is the author of "Designing Large-Scale LANs" (O'Reilly).

Ian J. Brown is a Cisco Certified Internetworking Expert with more than 12 years of experience in the networking industry. His areas of expertise include TCP/IP and IP routing, as well as management, security, design, and troubleshooting for large-scale networks.

Table of Contents

What’s New in This Edition;
What’s in This Book;
Conventions Used in This Book;
Using Code Examples;
We’d Like Your Feedback!;
Safari® Enabled;
Chapter 1: Router Configuration and File Management;
Configuring the Router via TFTP;
Saving Router Configuration to Server;
Booting the Router Using a Remote Configuration File;
Storing Configuration Files Larger Than NVRAM;
Clearing the Startup Configuration;
Loading a New IOS Image;
Booting a Different IOS Image;
Booting over the Network;
Copying an IOS Image to a Server;
Copying an IOS Image Through the Console;
Deleting Files from Flash;
Partitioning Flash;
Using the Router as a TFTP Server;
Using FTP from the Router;
Generating Large Numbers of Router Configurations;
Changing the Configurations of Many Routers atOnce;
Extracting Hardware Inventory Information;
Backing Up Router Configurations;
Warm Reload;
Warm Upgrade;
Configuration Archiving;
Locking Configuration Access;
Chapter 2: Router Management;
Creating Command Aliases;
Managing the Router’s ARP Cache;
Tuning Router Buffers;
Auto Tuning Buffers;
Using the Cisco Discovery Protocol;
Disabling the Cisco Discovery Protocol;
Using the Small Servers;
Enabling HTTP Access to a Router;
Enabling Secure HTTP (HTTPS) Access to a Router;
Using Static Hostname Tables;
Enabling Domain Name Services;
Disabling Domain Name Lookups;
Specifying a Router Reload Time;
Scheduling of Router Commands;
Displaying Historical CPU Values;
Creating Exception Dump Files;
Generating a Report of Interface Information;
Generating a Report of Routing Table Information;
Generating a Report of ARP Table Information;
Generating a Server Host Table File;
Chapter 3: User Access and Privilege Levels;
Setting Up User IDs;
Encrypting Passwords;
Using Better Password-Encryption Techniques;
Removing Passwords from a Router Configuration File;
Deciphering Cisco’s Weak Password Encryption;
Displaying Active Users;
Sending Messages to Other Users;
Changing the Number of VTYs;
Changing VTY Timeouts;
Restricting VTY Access by Protocol;
Enabling Absolute Timeouts on VTY Lines;
Implementing Banners;
Disabling Banners on a Port;
Disabling Router Lines;
Reserving a VTY Port for Administrative Access;
Restricting Inbound Telnet Access;
Logging Telnet Access;
Setting the Source Address for Telnet;
Automating the Login Sequence;
Using SSH for Secure Access;
Changing Privilege Level of IOS Commands;
Defining Per User Privileges;
Defining Per Port Privileges;
Chapter 4: TACACS+;
Authenticating Login IDs from a Central System;
Restricting Command Access;
Losing Access to the TACACS+ Server;
Disabling TACACS+ Authentication onaParticular Line;
Capturing User Keystrokes;
Logging System Events;
Setting the IP Source Address for TACACS+ Messages;
Sample Server Configuration Files;
Chapter 5: IP Routing;
Finding an IP Route;
Finding Types of IP Routes;
Converting Different Mask Formats;
Using Static Routing;
Floating Static Routes;
Using Policy-Based Routing to Route Based onSource Address;
Using Policy-Based Routing to Route Based onApplication Type;
Examining Policy-Based Routing;
Changing Administrative Distances;
Routing Over Multiple Paths with Equal Costs;
Static Routes That Track Interfaces or Other Routes;
Keeping Statistics on Routing Table Changes;
Chapter 6: RIP;
Configuring RIP Version 1;
Filtering Routes with RIP;
Redistributing Static Routes into RIP;
Redistributing Routes Using Route Maps;
Creating a Default Route in RIP;
Disabling RIP on an Interface;
Default Passive Interface;
Unicast Updates for RIP;
Applying Offsets to Routes;
Adjusting Timers;
Configuring Interpacket Delay;
Enabling Nonperiodic Updates;
Increasing the RIP Input Queue;
Configuring RIP Version 2;
Enabling RIP Authentication;
RIP Route Summarization;
Route Tagging;
Chapter 7: EIGRP;
Configuring EIGRP;
Filtering Routes with EIGRP;
Redistributing Routes into EIGRP;
Redistributing Routes into EIGRP Using Route Maps;
Disabling EIGRP on an Interface;
Adjusting EIGRP Metrics;
Adjusting Timers;
Enabling EIGRP Authentication;
EIGRP Route Summarization;
Logging EIGRP Neighbor State Changes;
Limiting EIGRP’s Bandwidth Utilization;
EIGRP Stub Routing;
Route Tagging;
Viewing EIGRP Status;
Chapter 8: OSPF;
Configuring OSPF;
Filtering Routes in OSPF;
Adjusting OSPF Costs;
Creating a Default Route in OSPF;
Redistributing Static Routes into OSPF;
Redistributing External Routes into OSPF;
Manipulating DR Selection;
Setting the OSPF RID;
Enabling OSPF Authentication;
Selecting the Appropriate Area Types;
Using OSPF on Dial Interfaces;
Summarizing Routes in OSPF;
Disabling OSPF on Certain Interfaces;
Changing the Network Type on an Interface;
OSPF Route Tagging;
Logging OSPF Adjacency Changes;
Adjusting OSPF Timers;
Reducing OSPF Traffic in Stable Networks;
OSPF Virtual Links;
Viewing OSPF Status with Domain Names;
Debugging OSPF;
Chapter 9: BGP;
Configuring BGP;
Using eBGP Multihop;
Adjusting the Next-Hop Attribute;
Connecting to Two ISPs;
Connecting to Two ISPs with Redundant Routers;
Restricting Networks Advertised to a BGP Peer;
Adjusting Local Preference Values;
Removing Private ASNs from the AS Path;
Filtering BGP Routes Based on AS Paths;
Reducing the Size of the Received Routing Table;
Summarizing Outbound Routing Information;
Prepending ASNs to the AS Path;
Redistributing Routes with BGP;
Using Peer Groups;
Authenticating BGP Peers;
Using BGP Communities;
Using BGP Route Reflectors;
Putting It All Together;
Chapter 10: Frame Relay;
Setting Up Frame Relay with Point-to-Point Subinterfaces;
Adjusting LMI Options;
Setting Up Frame Relay with Map Statements;
Using Multipoint Subinterfaces;
Configuring Frame Relay SVCs;
Simulating a Frame Relay Cloud;
Compressing Frame Relay Data on a Subinterface;
Compressing Frame Relay Data with Maps;
PPP over Frame Relay;
Viewing Frame Relay Status Information;
Chapter 11: Handling Queuing and Congestion;
Fast Switching and CEF;
Setting the DSCP or TOS Field;
Using Priority Queuing;
Using Custom Queuing;
Using Custom Queues with Priority Queues;
Using Weighted Fair Queuing;
Using Class-Based Weighted Fair Queuing;
Using NBAR Classification;
Controlling Congestion with WRED;
Using RSVP;
Manual RSVP Reservations;
Aggregating RSVP Reservations;
Using Generic Traffic Shaping;
Using Frame-Relay Traffic Shaping;
Using Committed Access Rate;
Implementing Standards-Based Per-Hop Behavior;
Viewing Queue Parameters;
Chapter 12: Tunnels and VPNs;
Creating a Tunnel;
Tunneling Foreign Protocols in IP;
Tunneling with Dynamic Routing Protocols;
Viewing Tunnel Status;
Creating an Encrypted Router-to-Router VPN inaGRE Tunnel;
Creating an Encrypted VPN Between the LAN Interfaces of Two Routers;
Generating RSA Keys;
Creating a Router-to-Router VPN with RSA Keys;
Creating a VPN Between a Workstation andaRouter;
Creating an SSL VPN;
Checking IPSec Protocol Status;
Chapter 13: Dial Backup;
Automating Dial Backup;
Using Dialer Interfaces;
Using an Async Modem on the AUX Port;
Using Backup Interfaces;
Using Dialer Watch;
Using Virtual Templates;
Ensuring Proper Disconnection;
View Dial Backup Status;
Debugging Dial Backup;
Chapter 14: NTP and Time;
Time-Stamping Router Logs;
Setting the Time;
Setting the Time Zone;
Adjusting for Daylight Saving Time;
Synchronizing the Time on All Routers (NTP);
Configuring NTP Redundancy;
Setting the Router As the NTP Master fortheNetwork;
Changing NTP Synchronization Periods;
Using NTP to Send Periodic Broadcast Time Updates;
Using NTP to Send Periodic Multicast Time Updates;
Enabling and Disabling NTP Per Interface;
NTP Authentication;
Limiting the Number of Peers;
Restricting Peers;
Setting the Clock Period;
Checking the NTP Status;
Debugging NTP;
NTP Logging;
Extended Daylight Saving Time;
NTP Server Configuration;
Chapter 15: DLSw;
Simple Bridging;
Configuring DLSw;
Using DLSw to Bridge Between Ethernet andToken Ring;
Converting Ethernet and Token Ring MAC Addresses;
Configuring SDLC;
Configuring SDLC for Multidrop Connections;
Using STUN;
Using BSTUN;
Controlling DLSw Packet Fragmentation;
Tagging DLSw Packets for QoS;
Supporting SNA Priorities;
DLSw+ Redundancy and Fault Tolerance;
Viewing DLSw Status Information;
Viewing SDLC Status Information;
Debugging DSLw;
Chapter 16: Router Interfaces and Media;
Viewing Interface Status;
Configuring Serial Interfaces;
Using an Internal T1 CSU/DSU;
Using an Internal ISDN PRI Module;
Using an Internal 56 Kbps CSU/DSU;
Configuring an Async Serial Interface;
Configuring ATM Subinterfaces;
Setting Payload Scrambling on an ATM Circuit;
Classical IP Over ATM;
Configuring Ethernet Interface Features;
Configuring Token Ring Interface Features;
Connecting VLAN Trunks with ISL;
Connecting VLAN Trunks with 802.1Q;
LPD Printer Support;
Chapter 17: Simple Network Management Protocol;
Configuring SNMP;
Extracting Router Information via SNMP Tools;
Recording Important Router Information for SNMP Access;
Using SNMP to Extract Inventory Information from a List of Routers;
Using Access Lists to Protect SNMP Access;
Logging Unauthorized SNMP Attempts;
Limiting MIB Access;
Using SNMP to Modify a Router’s Running Configuration;
Using SNMP to Copy a New IOS Image;
Using SNMP to Perform Mass Configuration Changes;
Preventing Unauthorized Configuration Modifications;
Making Interface Table Numbers Permanent;
Enabling SNMP Traps and Informs;
Sending Syslog Messages As SNMP Traps andInforms;
Setting SNMP Packet Size;
Setting SNMP Queue Size;
Setting SNMP Timeout Values;
Disabling Link Up/Down Traps per Interface;
Setting the IP Source Address for SNMP Traps;
Using RMON to Send Traps;
Enabling SNMPv3;
Strong SNMPv3 Encryption;
Using SAA;
Chapter 18: Logging;
Enabling Local Router Logging;
Setting the Log Size;
Clearing the Router’s Log;
Sending Log Messages to Your Screen;
Using a Remote Log Server;
Enabling Syslog on a Unix Server;
Changing the Default Log Facility;
Restricting What Log Messages Are Sent totheServer;
Setting the IP Source Address for Syslog Messages;
Logging Router Syslog Messages in Different Files;
Maintaining Syslog Files on the Server;
Testing the Syslog Sever Configuration;
Preventing the Most Common Messages fromBeing Logged;
Rate-Limiting Syslog Traffic;
Enabling Error Log Counting;
XML-Formatted Log Messages;
Modifying Log Messages;
Chapter 19: Access-Lists;
Filtering by Source or Destination IP Address;
Adding a Comment to an ACL;
Filtering by Application;
Filtering Based on TCP Header Flags;
Restricting TCP Session Direction;
Filtering Multiport Applications;
Filtering Based on DSCP and TOS;
Logging When an Access-List Is Used;
Logging TCP Sessions;
Analyzing ACL Log Entries;
Using Named and Reflexive Access-Lists;
Dealing with Passive Mode FTP;
Using Time-Based Access-Lists;
Filtering Based on Noncontiguous Ports;
Advanced Access-List Editing;
Filtering IPv6;
Chapter 20: DHCP;
Using IP Helper Addresses for DHCP;
Limiting the Impact of IP Helper Addresses;
Using DHCP to Dynamically Configure Router IP Addresses;
Dynamically Allocating Client IP Addresses viaDHCP;
Defining DHCP Configuration Options;
Defining DHCP Lease Periods;
Allocating Static IP Addresses with DHCP;
Configuring a DHCP Database Client;
Configuring Multiple DHCP Servers per Subnet;
DHCP Static Mapping;
DHCP-Secured IP Address Assignment;
Showing DHCP Status;
Debugging DHCP;
Chapter 21: NAT;
Configuring Basic NAT Functionality;
Allocating External Addresses Dynamically;
Allocating External Addresses Statically;
Translating Some Addresses Statically and Others Dynamically;
Using Route Maps to Refine Static Translation Rules;
Translating in Both Directions Simultaneously;
Rewriting the Network Prefix;
Using NAT for Server Load Distribution;
Stateful NAT Failover;
Adjusting NAT Timers;
Changing TCP Ports for FTP;
Checking NAT Status;
Debugging NAT;
Chapter 22: First Hop Redundancy Protocols;
Configuring Basic HSRP Functionality;
Using HSRP Preempt;
Making HSRP React to Problems on Other Interfaces;
Load-Balancing with HSRP;
Redirecting ICMP with HSRP;
Manipulating HSRP Timers;
Using HSRP on Token Ring;
HSRP SNMP Support;
Increasing HSRP Security;
Showing HSRP State Information;
Debugging HSRP;
HSRP Version 2;
Gateway Load-Balancing Protocol;
Chapter 23: IP Multicast;
Configuring Basic Multicast Functionality withPIM-DM;
Routing Multicast Traffic with PIM-SM and BSR;
Routing Multicast Traffic with PIM-SM andAuto-RP;
Filtering PIM Neighbors;
Configuring Routing for a Low-Frequency Multicast Application;
Multicast over Frame Relay or ATM WANs;
Configuring CGMP;
Using IGMP Version 3;
Static Multicast Routes and Group Memberships;
Routing Multicast Traffic with MOSPF;
Routing Multicast Traffic with DVMRP;
DVMRP Tunnels;
Configuring Bidirectional PIM;
Controlling Multicast Scope with TTL;
Controlling Multicast Scope with Administratively Scoped Addressing;
Exchanging Multicast Routing Information withMBGP;
Using MSDP to Discover External Sources;
Configuring Anycast RP;
Converting Broadcasts to Multicasts;
Showing Multicast Status;
Debugging Multicast Routing;
Chapter 24: IP Mobility;
Local Area Mobility;
Home Agent Configuration;
Foreign Agent Configuration;
Making a Router a Mobile Node;
Reverse-Tunnel Forwarding;
Using HSRP for Home Agent Redundancy;
Chapter 25: IPv6;
Automatically Generating IPv6 Addresses foranInterface;
Manually Configuring IPv6 Addresses onanInterface;
Configuring DHCP for IPv6;
Dynamic Routing with RIP;
Modifying the Default RIP Parameters;
IPv6 Route Filtering and Metric Manipulation inRIP;
Using OSPF for IPv6;
IPv6 Route Filtering and Metric Manipulation inOSPF;
Route Redistribution;
Dynamic Routing with MBGP;
Tunneling IPv6 Through an Existing IPv4 Network;
Translating Between IPv6 and IPv4;
Chapter 26: MPLS;
Configuring a Basic MPLS P Router;
Configuring a Basic MPLS PE Router;
Configuring Basic MPLS CE Routers;
Configuring MPLS over ATM;
PE-CE Communication via RIP;
PE-CE Communication via OSPF;
PE-CE Communication via EIGRP;
PE-CE Communication via BGP;
QoS over MPLS;
MPLS Traffic Engineering with Autoroute;
Multicast Over MPLS;
Your Service Provider Doesn’t Do What You Want;
Chapter 27: Security;
Using AutoSecure;
Using Context-Based Access-Lists;
Transparent Cisco IOS Firewall;
Stopping Denial of Service Attacks;
Inspecting Applications on Different Port Numbers;
Intrusion Detection and Prevention;
Login Password Retry Lockout;
Authentication Proxy;
Appendix 1: External Software Packages;
Appendix 2: IP Precedence, TOS, and DSCP Classifications;
IP Precedence, TOS, and DSCP Classifications;
Queueing Algorithms;
Dropping Packets and Congestion Avoidance;

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews