By: Krzysztof Załęski
CCIE R&S #24081
CCIE Routing and Swithing
Quick Review Kit
Page 3 of 57
By Krzysztof Zaleski, CCIE #24081. This Booklet is available for free and can be freely distributed in a form as is. Selling is prohibited.
Copyright information
CCIE Quick Review Kit
By Krzysztof Załęski
CCIE R&S #24081, CCVP
http://www.inetcon.org
cshyshtof@gmail.com
ver. 20091116
This Booklet is NOT sponsored by, endorsed by or affiliated with Cisco Systems, Inc.
Cisco, Cisco Systems, CCIE, CCVP, CCIP, CCNP, CCNA, the Cisco Systems logo, the CCVP logo, the CCIE logo are trademarks or registered trademarks of Cisco
Systems, Inc. in the United States and certain other countries.
All terms mentioned in this book, known to be trademarks or service marks belong to their appropriate right owners.
This Booklet is designed to help CCIE candidates to prepare themselves for the CCIE written exam and the lab exam. However, this is not a complete study
reference. It is a series of the author’s personal notes, written down during his studies, in a form of mind maps, based mainly on CISCO Documentation for
IOS 12.4. The main goal of this material is to provide quick and easy-to-skim method of refreshing cadidate’s existing knowledge. All effort has been made to
make this Booklet as precise and correct as possible, but no warranty is implied. CCIE candidates are strongly encouradged to prepare themselves using other
comprehensive study materials like Cisco Documentation (www.cisco.com/web/psa/products/index.html), Cisco Press books (www.ciscopress.com), and other
well-known vendor’s products, before going through this Booklet. The autor of this Booklet takes no responsibility, nor liablity to any person or entity with
respect to loss of any information or failed tests or exams arising from the information contained in this Booklet.
This Booklet is available for free, and can be freely distributed in the form as is. Selling this Booklet in any printed or electroic form i prohibited. For the most
recent version of this document, please visit http://www.inetcon.org
Page 4 of 57
By Krzysztof Zaleski, CCIE #24081. This Booklet is available for free and can be freely distributed in a form as is. Selling is prohibited.
Data-link technologies
Frame Relay 5
PPP 6
PPPoE 7
Switching
VLAN 8
PVST 9
MST 10
PortChannel 11
L2 Port protection 11
L2 Convergence 11
SPAN 12
Macro 12
Bridging 12
35x0 features 12
IP Services
NTP 13
ARP 13
CDP 13
WCCP 13
Routing features 14
OER/PfR basics 15
OER/PfR measuring 16
OER/PfR learning 16
OER/PfR policy 17
OER/PfR control 17
1st hop redundancy 18
NAT 19
Management 20
DNS 21
DHCP 21
Routing
RIPv2 22
EIGRP part 1 23
EIGRP part 2 24
OSPFv2 25
OSPF filtering 26
OSPF neighbors 27
OSPF LSAs 28
BGP 29
BGP route origin 30
BGP aggregation 30
BGP convergence 30
BGP filtering 31
BGP scalability 31
BGP stability 31
BGP attributes 32
IPv6
IPV6 addressing 33
IPV6 routing 34
IPv6 tunneling 35
Multicast
PIM 36
PIM-SM 37
PIM-DM 37
Auto-RP 38
Bootstrap 38
MSDP 38
IGMPv2 39
Mcast features 40
IPv6 multicast 41
MLD 42
Quality-of-Service
QoS Classify 43
CBWFQ 44
FIFO 44
WRED 45
Shaping 46
Policing 47
35x0 QoS 48
3560 QoS 49
3550 QoS 50
Compression 51
LFI 51
Legacy Queueing 51
RSVP 52
Security
L3 security 53
Zone-based FW 54
IOS IPS 55
L2 security 56
Other security 57
Table of Contents
Page 5 of 57
By Krzysztof Zaleski, CCIE #24081. This Booklet is available for free and can be freely distributed in a form as is. Selling is prohibited.
FRAME-RELAY
LMI
F
RAGMENTATION
S
TATUS
E
NQUIRY
DTE->FR S
WITCH
; S
TATUS
FR S
WITCH
->DTE
T
YPE
-1 –
KEEPALIVE
(10
SEC
) 3
MISSES
, LMI
IS DOWN
E
NABLED BY
keepalive
COMMAND ON INTERFACE
T
YPE
-0 - F
ULL
S
TATUS EVERY
6
TH MESSAGE
frame-relay lmi-type <type>
cisco: DLCI 16-1007 (LMI-1023)
ansi: A
NEX
D, DLCI 16-991 (LMI-0)
q933a: ITU A
NEX
A, DLCI 16-991 (LMI-0)
H
EADER
LAPF
HEADER
– L
INK
A
CCESS
P
ROCEDURE FOR
F
RAME
-R
ELAY
E
NCAP
.
encapsulation frame-relay ietf
(IF) frame-relay map dlci ... ietf
(IF) frame-relay interface-dlci <#> ietf
A
NY
DLCI
ANNOUNCED BY
LMI,
NOT ASSOCIATED WITH SUBINTF ARE ASSUMED TO BE ASSOCIATED WITH PHYSICAL INTF
L
EGACY
–
REQUIRES SHAPING WITH
DUAL
FIFO
FOR INTERLEAVING
map-class frame-relay <name>
frame-lreay fragment-size <#>
M
UST BE ADDED ON BOTH SIDES
,
AS
2
BYTES FRAGMENTATION HEADER IS ADDED
F
RAGMENTATION CONFIGURED DIRECTLY ON
INTERFACE WITH NO
FRTS (>12.2.13T)
frame-relay fragment <#>
IOS
AUTOMATICALY CREATES DUAL
FIFO
MLPPP
REQUIRED FOR
FRF.8 FR-
TO
-ATM
INTERWORKING
show frame-relay fragment
T
YPES
P
OINT
-
TO
-
POINT
P
HYSICAL
O
R
M
ULTIPOINT
L2-
TO
-L3
MAPPING NOT REQUIRED
,
AS ONLY ONE
DLCI
IS ALLOWED ON P
2
P INTF
.
interface serial0/0.1 point-to-point
B
ROADCAST CAPABILITY IS AUTOMATICALY ENABLED
interface serial0/0.1 multipoint
frame-relay interf-dlci <id>
I
NVERSE
-
ARP IS ENABLED ONLY ON THAT
DLCI
R
EQUIRES
L2-
TO
-L3
MAPPING
,
EITHER VIA INVERSE
-
ARP OR BY STATIC MAPPING
frame-relay map ip <ip> <dlci> [broadcast]
H
UB
-
AND
-
SPOKE
S
POKES CAN TALK TO EACH OTHER ONLY VIA
H
UB
. W
HEN STATIC MAPPING IS
ENABLED ONLY MAPPING FOR
H
UB NEEDS BROADCAST KEYWORD
.
W
HEN INARP IS USED
,
IT CAN MAP
DLCI-
TO
-IP
ONLY FROM SPOKES
TO HUB
. I
N
ARP
IS NOT PASSED THROUGH HUB ROUTER
,
SO FOR
SPOKES TO COMMUNICATE SEPARATE STATIC MAPPING IS REQUIRED
E
ND
-
TO
-
END
K
EEPALIVE
(EEK)
map-class frame-relay <name>
frame-relay end-to-end keepalive mode {reply | request | bidir}
frame-relay end-to-end keepalive timer {recv | send} <sec>
frame-relay end-to-end keepalive event-window {recv | send} <#>
frame-relay end-to-end keepalive error-threshold {recv | send} <#>
frame-relay end-to-end keepalive success-events {recv | send} <#>
PPP
O
FR
V
IRTUAL
-
ACCESS INTERFACE IS CREATED AFTER VIRTUAL
-
TEMPLATE IS BOUND TO
DLCI. A
S THIS INTERFACE
IS P
2
P THEN NO
L2-
TO
-L3
MAPPING IS REQUIRED EVEN IF USED ON PHYSICAL MULTIPOINT INTERFACE
interface serial0/0
frame-relay interface-dlci <dlci> ppp virtual-template <id>
interface virtual-template <id>
ip address <ip> <mask> | ip unnumbered loopback0
R
EMOTE PEER
’
S
/32 IP
IS SHOWN IN ROUTING TABLE AS CONNECTED
(PPP
BEHAVIOUR
)
B
RIDGING
bridge <id> protocol ieee
interface <intf>
bridge-group <id>
frame-relay map bridge <dlci> broadcast
S
TATIC MAPPING IS REQUIRED ON MULTIPOINT INTERFACES
I
N
ARP
LMI
TRIGGERS
I
N
ARP. I
F
LMI
IS DISABLED
, I
N
ARP
WILL NOT WORK
clear frame-relay inarp
P2P
INTERFACES IGNORE
I
N
ARP
MESSAGES AS THEY ONLY HAVE ONE
DLCI
SO THEY KNOW
L2
MAPPING
I
N
ARP
FLOWS ONLY ACROSS
VC,
IT IS NOT FORWARDER BY ROUTERS
. IP
IS REQUIRED ON INTF TO SEND
I
N
ARP.
frame-relay map ip <remote-ip> <dlci> [broadcast]
Y
OU MAY ALSO NEED MAPPING FOR LOCAL
IP
TO BE ABLE TO PING IT
(L2->L3
MAPPING IS ALSO REQUIRED FOR OWN
IP)
no frame-relay inverse-arp ip <dlci>
N
OT ONLY STOPS SENDING MAPPING ON THAT
DLCI,
BUT ALSO IGNORES
I
N
ARP
BY DEFAULT SUPPORTS
B
ROADCAST CAPABILITY AND IS GENERATED ONLY BY PHYSICAL INTERFACE
no frame-relay inverse-arp
I
N
ARP
IS DISABLED WHEN SUBINTF ARE CREATED
,
SO THIS COMMAND IS
NOT REQUIRED ON PHYSICAL INTF
,
UNLESS ALL
DLCI
S ARE ON PHYSICAL
.
frame-relay interface-dlci <dlci> - R
E
-
ENABLES
I
N
ARP
FOR THAT PARTICULAR
DLCI
B
ACK
2B
ACK
R
OUTER
A:
frame-relay map ip <ip> 102 (
ENCAPSULATE
)
frame-relay interface-dlci 201 (
EXPECT
)
1) T
HE SAME
DLCI
ON BOTH SIDES
D
ISABLE
LMI (no keepalive)
2) I
F
DLCI
S ARE TO BE
DIFFERENT ON BOTH SIDES
R
OUTER
B:
frame-relay map ip <ip> 201 (
ENCAPSULATE
)
frame-relay interface-dlci 102 (
EXPECT
)
3) F
RAME
-
RELAY SWITCHING
R
OUTER
A:
frame-relay switching
frame-relay intf-type dce
frame-relay map ip <ip> 102
frame-relay interface-dlci 201
I
F KEEPALIVE IS RCVD WITHIN DEFINED TIMERS
,
SUCCESS
-
EVENT IS LOGGED
. O
THERWISE
,
ERROR
-
EVENT IS LOGGED
.
T
O BRING UP INTF
, 3
SUCCESSES IN A ROW MUST APPEAR
. T
O BRING DOWN
,
ANY
3
EVENTS WITHIN EVENT
-
WINDOW
keepalive
MUST BE ENABLED ON BOTH SIDES
frame-relay lmi-n391dte <count> -
FULL STATUS
(
TYPE
0)
MESSAGES FREQUENCY
(
DEFAULT EVERY
6
CYCLES
)
O
N MULTIPOINT INTERFACE EACH
DLCI
MUST BE ASSIGNED TO THE SAME VIRTUAL
-
TEMPLATE INTERFACE BECAUSE ALL
ENDPOINTS MUST BE IN THE SAME SUBNET
. S
EPARATE VIRTUAL
-
ACCESS INTERFACE WILL BE CREATED FOR EACH
DLCI
interface multilink <ML-id>
ppp multilink
ppp multilink group <ML-id>
interface virtual-template <VT-id>
ppp multilink group <ML-id>
F
RAGMENT SIZE
=
DELAY
* BW
R
OUTER
A
AND
B:
frame-relay interface-dlci 101
DLCI – 10
BITS
(0-1023) –
IDENTIFIER LOCAL TO EACH INTERFACE
EA – E
XTENDED ADDRESS
–
UP TO
2
ADDITIONAL BYTES OF HEADER
FECN – F
ORWARD
E
XPLICIT
C
ONGESTION
N
OTIFICATION
–
SET TOWARD RECEIVER
BECN – B
ACKWARD
E
XPLICIT
C
ONGESTION
N
OTIFICATION
–
SET TOWARD SENDER
DE – D
ISCARD
E
LIGIBLE
–
FRAME MAY BE DROPPED BY THE
FR
SWITCH
D
EFAULT
FR
ENCAPSULATION IS
CISCO
C
ONGESTION CONTROL
B
ROADCAST
Q
UEUE
M
ANAGED INDEPENDENTLY OF THE NORMAL INTERFACE QUEUE
STP
AND
BPDU
S ARE NOT TRANSMITTED USING THE BROADCAST QUEUE
(IF) frame-relay broadcast-queue <size> <Bps> <packet-rate>
DLCI C/R EA
12345678
DLCI FECN BECN DE EA
C
AN BE USED TO EMULATE P
2
P LINK ON MULTIPOINT INTERFACE OR
TO ENABLE
LFI
ON
FRF.8
LINKS
(FR
TO
ATM
INTERWORKING
)
X X X
X X X
E
VENT WINDOW
I
NTF GOES UP
I
NTF GOES DOWN
FR
A
UTOINSTALL
R
OUTER BEING CONFIGURED WILL SEND
BOOTP
REQUEST FOR
IP
ADDRESS OVER
FR
S
TAGING ROUTER MUST HAVE
FR
MAP CONFIGURED
fram-relay map ip <remote IP> <DLCI> broadcast (NBMA)
frame-relay interface-dlci <dlci> protocol ip <ip> (P2P)
H
ELPER
-
ADDRESS ON STAGING ROUTER IS REQUIRED IF CONFIGURED ROUTER NEEDS TO UPLOAD CONFIG
FIA
TFTP. R
OUTER WITH
TFTP
SERVER SHOULD HAVE DIRECTED
-
BROADCAST ENABLED ON
E
THERNET
