Toto je vyrovnávacia pamäť Google pre http://wiki.cnl.tuke.sk/DocumentCisco/IEWBv4-L15. Je to snímka stránky, ako sa zobrazila dňa 12. feb. 2009 01:25:54 GMT. Aktuálna stránka sa odvtedy mohla zmeniť. Viac informácií

Len textová verzia
 
IEWBv4-L15 < DocumentCisco < TWiki
EditWYSIWYGAttachPrintable
r2 - 11 Feb 2009 - 09:14:55 - Main.fecilakYou are here: TWiki >  DocumentCisco Web  > IEWBv4-L15

Internetwork Experts LAB 15, verzia 4.0 (experimental solution)

1.1 Vlan asignment

  • vtp domain CISCO ; SW1,SW2,SW3
  • vtp mode server ; SW2
  • vtp mode client ; SW1, SW3

1.2 Trunking

  • switchport mode dot1q-tunnel ; na SW
  • switchport access vlan 245 ; na SW4 pre Fa0/4
  • switchport access vlan 254 ; na SW2 pre Fa0/4
  • switchport access vlan 245 ; na SW4 pre Fa0/19
  • switchport access vlan 254 ; na SW2 pre Fa0/19
  • pre istotu, by som mozno dal switchport nonegotiate a no cdp enable, keby papulovali

1.3 Etherchannel

  • no switchport
  • channel-group X mode active

1.4 STP

  • no spanning-tree vlan 5

1.5 Access-List Maintanance

? no ip access-group?

1.6 Bandwidth limiting

  • storm-control broadcast 750 ; SW3,Fa0/24
  • duplex half ; SW3, Fa0/24
  • speed 10; SW3, Fa0/24

2.1 Hub-and-spoke

  • subrozhranie na R2,R4 - S0/0/0.124 point-to-point
  • fyzicke multipoint rozhranie na R1

2.2 Hub-and-spoke

  • no frame-relay inverse-arp ; na R1 S0/0
  • no frame-relay inverse-arp ip DLCI ; na R2,R4 pre DLCI 401, 201
  • ip route 130.X.234.0 255.255.255.0 S0/0 130.X.124.4 ; na R1
  • ip route 130.X.124.0 255.255.255.0 S1/0 130.X.234.4 ; na R3

2.3 Point-to-point

  • klasika, no frame-relay inverse-arp, frame-relay map ip, pripadne neskor ipv6 pre R3 a R5

2.4 PPP

  • encapsulation ppp
  • ppp authentication pap
  • ppp pap sent-username LOGIN password CISCO
  • vyrobit patricne rozhrania...

3.1 EIGRP

  • zakladne EIGRP

3.2 EIGRP

  • ip eigrp authentication md5 10 CISCO
  • ip summary-address eigrp 10 130.X.0.0 255.255.0.0

3.3 EIGRP

  • route-mapa pre smery prijate od R2, set metric

3.4 OSPF

  • Basic OSPF

3.5 OSPF

  • ip ospf database-filter all out

3.6 OSPF

  • router ospf 1
  • network ...

3.7 OSPF

  • ip ospf authentication message-digest-key 1 md5 CISCO
  • area 51 authentication message diggest

3.8 IGP redistribution

  • router eigrp 10, redistribute eigrp 100 @ R6
  • ospf costy na rozhrania, pri redistribucii z EIGRP do OSPF redistribuovat ako E1, aby bolo mozne z R5 preferovat R3

4.2 BGP Outbound Route Filtering

  • bgp capability orf prefix-list send & receive

4.3 BGP ORF

  • prefix-list na R3 k neighborovi R2

5.1 PIM

  • ip multicast-routing
  • ip pim sparse-mode

5.2 RP Assignment

  • ip pim bsr-candidate lo 0
  • ip pim rp-candidate lo 0 group-list ACL

5.3 Multicast filtering

  • ip igmp limit 3
  • ip igmp filter
  • ip igmp access-group

6.1 IPv6 addressing

  • IPv6 addressing a ipv6 unicast-routing
  • vyber brany cez ; ipv6 nd router-preference high

6.2 IPv6 tunneling

  • klasika tunnel mode ipv6ip
  • preferencia hranim s metrikou, alebo backup interface...

6.3 RIPng

  • zakladne RIPng, nesledujem to detailne ale zrejme s oznamenim do tunela

6.4 IPv6 routing

  • manualna sumarna ipv6 routa odkazujuca sa na rozhranie a link-local adresu

7.1 Legacy QoS? conversion 

class-map QUEUELIST1
  match protocol http
class-map QUEUELIST2
  match protocol ftp
class-map QUEUELIST3
  match protocol telnet

policy-map POLICY
 class QUEUELIST1
    priority 50
 class QUEUELIST2
    priority 30
 class QUEUELIST3
    priority 5
 class class-default

service-policy POLICY in

7.2 Priority queueing

  • priority-list 1 protocol ip high list 100
  • access-list 100 permit udp host ... any eq 8940
  • ip priority-group 1

8.1 Attack mitigation

  • class-map match protocol sql
  • match length min 404 max 404
  • policy-map, class-map DROP, class-default permit

8.2 Firewall feature set 

ip inspect name CBAC tcp
ip inspect name CBAC udp
ip inspect name CBAC icmp
ip inspect name CBAC bgp

R5(config)# interface E0/0.52
R5(config-if)# ip inspect CBAC out

9.1 RMON

  • rmon alarm 1 ifEntry.21.2 60 absolute rising-treshold 750 1 failing-treshold 100 2
  • rmon event 1 trap IETRAP description "WARNING: Frame Relay Circuit is Congested"
  • rmon event 2 trap IETRAP description "NOTICE: Frame Relay Circuit Within Normal Utilization"
  • snmp-server host 130.X.17.100 traps IETRAP
  • snmp-server enable traps

9.2 Banners

  • banner exec
  • privilege level 1
  • no login

9.3 Telnet control

  • transport output none

10.1 Gateway redundancy

  • vrrp preempt
  • vrrp preempt delay minimum 300
  • vrrp ip adresu zobrat z fyzickeho rozhrania mastra
  • mastrovi zlepsit prioritu

10.2 Gateway redundancy

  • track 1 ip route 200.0.0.0/24
  • vrrp track 1 decrement 50

10.3 Traffic Accounting

  • ip accounting access-violations
  • ip accounting-threshold 100

Netusim?

1.5, 7.2
Edit | WYSIWYG | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r2 < r1 | More topic actions
 
Powered by TWiki
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback