* You are viewing Posts Tagged ‘CCIE Bootcamps’

Using an Async Modem on the AUX Port

February 11th, 2012by  William

Many Cisco routers include an AUX port that is a low-speed asynchronous serial interface that can connect to a standard modem and support PPP:

Router1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router2(config)#interface Async65
Router2(config-if)#encapsulation ppp
Router2(config-if)#dialer in-band
Router2(config-if)#dialer pool-member 1
Router2(config-if)#ppp authentication chap
Router2(config-if)#async default routing
Router2(config-if)#exit
Router2(config)#interface Dialer1
Router2(config-if)#ip address 10.1.99.56 255.255.255.0
Router2(config-if)#encapsulation ppp
Router2(config-if)#dialer remote-name dialhost
Router2(config-if)#dialer pool 1
Router2(config-if)#dialer idle-timeout 300
Router2(config-if)#dialer string 95551212
Router2(config-if)#dialer-group 1
Router2(config-if)#ppp authentication chap
Router2(config-if)#exit
Router2(config)#line aux 0
Router2(config-line)#modem inout
Router2(config-line)#transport input all
Router2(config-line)#no exec
Router2(config-line)#speed 115200
Router2(config-line)#exit
Router2(config)#username dialhost password dialpassword
Router2(config)#ip route 0.0.0.0 0.0.0.0 10.1.99.1 180
Router2(config)#dialer-list 1 protocol ip list 101
Router2(config)#access-list 101 deny eigrp any any
Router2(config)#access-list 101 permit ip any any
Router2(config)#router eigrp 55
Router2(config-router)#network 10.0.0.0
Router2(config-router)#exit
Router2(config)#end
Router2#

Much of this configuration is similar to the ISDN configuration. It uses a dialer interface in exactly the same way. But here, because there is only one async modem in this example, we can't benefit from PPP multilink.

The first part of this configuration example sets up the AUX port to run PPP and associates it with a dialer pool:

Router2(config)#interface Async65
Router2(config-if)#encapsulation ppp
Router2(config-if)#dialer in-band
Router2(config-if)#dialer pool-member 1
Router2(config-if)#ppp authentication chap
Router2(config-if)#async default routing

The only thing here that hasn't appeared in a previous example is the async default routing command. This command allows the async interface to support a routing protocol such as EIGRP. By default, routing protocols are disabled on async interfaces, so you need to enable it.

The number of this particular interface, Async65, wasn't selected at random. The router automatically assigns a line number to every interface that can be used for terminal access (including VTY lines, AUX lines, and Console lines), and it varies from router to router, depending on the hardware configuration. So we used the show line command to see which line number corresponded to the AUX port on this router:

Router1#show line
   Tty Typ     Tx/Rx    A Modem  Roty AccO AccI   Uses   Noise  Overruns   Int
     0 CTY              -    -      -    -    -      0       0     0/0       -
    65 AUX   9600/9600  -    -      -    -    -      0       0     0/0       -
*   66 VTY              -    -      -    -    -     10       0     0/0       -
*   67 VTY              -    -      -    -    -     19       0     0/0       -
    68 VTY              -    -      -    -    -      3       0     0/0       -
    69 VTY              -    -      -    -    -      0       0     0/0       -
    70 VTY              -    -      -    -    -      0       0     0/0       -
    71 VTY              -    -      -    -    -      0       0     0/0       -
    72 VTY              -    -      -    -    -      0       0     0/0       -
    73 VTY              -    -      -    -    -      0       0     0/0       -
    74 VTY              -    -      -    -    -      0       0     0/0       -
    75 VTY              -    -      -    -    -      0       0     0/0       -


Line(s) not in async mode -or- with no hardware support:


1-64




Router1#


As you can see, the AUX port is on line 65 on this router. It's important to do this before you attempt any of the rest of the configuration, so you know what to configure.


When you use the AUX port for dial backup, you also need to configure the terminal line information for this physical port:


Router2(config)#line aux 0


Router2(config-line)#modem inout


Router2(config-line)#transport input none


Router2(config-line)#no exec


Router2(config-line)#speed 115200


The first command here is modem inout, which configures the router to allow access to the modem, as well as allowing the modem access to the router. Then we added the command transport input none. By default, the router will act as a terminal server and allow you to connect through protocols like telnet to the AUX port. In this case, though, we want the router to reserve this port for routed traffic, so we disable all remote terminal access to the interface.


The no exec command is extremely important when using async dial, and almost universally ignored in Cisco references. By default, the router will start an EXEC session on your AUX port. So if you plug a terminal into this port, you will get a login prompt. Unfortunately, your modem doesn't know what to do with a login prompt. At best, it will just ignore it, so disabling the EXEC session is simply good form. But, at worst, we have seen problems where the modem attempts to respond to the login prompt, the EXEC session interprets this as a bad login attempt, and puts up a new prompt, to which the modem again attempts to respond. The result can be high CPU utilization and, more importantly, this activity will prevent the router from dialing. We strongly recommend disabling the EXEC session on any async dial ports, as we have done here.


And the last command in this section sets the line speed. It's important to remember that this is the speed between the router and the modem. The actual dial session will have a much lower net speed, likely less than 56 Kbps. However, it's a good idea to make the line speed as fast as the modem can support. This will ensure that you get the best possible speed. Note that the default speed here is only 9.6 Kbps. So, if you don't increase this value, you will not be able to get the full advantage of the compression capabilities of modern modems.


Post in  CCIE SP LabNo Comments
Tags: ,,


sense of understanding. The CCIE labs variety
February 9th, 2012by  William
Implementing CCIE,  pros have a chance to determine  by themselves in the discipline of  networking. Only a few thousand individuals are  considered to clear the CCIE test. CCIE labs  are considered to impart  higher  stage of training  atmosphere, which functions for a  important  gain for candidates.


CCIE examination  entails two assessments, that are a CCIE  penned  investigate  plus a CCIE lab examination. In order to endeavor the lab  examination, you need to  obvious the  prepared  examination. When you are not inside a position to  very clear the  penned  examination the initial  time, you need to look at to  get a hundred and eighty days for  retaking it. Subsequent to clearing  the  published  examine, it truly is perfect to  help make an test for the CCIE  lab test in  18 months. It you might be  unable to very clear the lab examination, then you definately need to re-try inside twelve months with a  view to maintain the  prepared  examination outcome valid.


It's a time prohibit of two hours  and is carried out in  multiple take a look at centers across the  world. The  subjects lined inside the  composed  exam rely upon the  specialization or track you select. For provider  provider, you might  pick from  categories like Cable, DSL, IP Telephony, Dial,  Content material  content Networking, Optical, WAN  switching, and Metro Ethernet. Every  single  created  exam is  designed  available throughout the beta  type at a value of $50  USD.


The CCIE lab exam is  exclusive in nature, as  it is an eight-hour test, which  checks the facility  of your candidate to configure and  troubleshoot networking  tools. Cisco has  large  degree of package in its CCIE labs for use  around the lab exams. The blue print on the lab examination is available on  its web site. The lab  examination isn't  out there by any means Pearson VUE or Prometric testing  centers.


A standard  CCIE R&S lab examination contains a two-hour hassle-taking pictures  section by which you might be presented a  collection of tickets for preconfigured networks in the CCIE labs. It is best to have the ability to identify  and resolve the faults. You can proceed towards the configuration part  upon you end the  troubleshooting part.


A sound passing score is critical to aim a CCIE Labs examination. Cisco uses the help of proctors to guage the  candidates around the preliminary rounds in its CCIE labs  located worldwide. Factors are awarded when a criterion is met and  grading is carried out implementing some  computerized tools. The outcomes of a lab examination are mirrored  within forty eight hrs. A  move/fail is projected inside the end  end result and in case of a fail, the  areas where you're lacking  behind are talked about so as to put together properly earlier than a  re-try.


Cisco stands out inside the subject of networking by providing  a CCIE certification so that you can pursue your education as well as  get acknowledged by a reputed organization. The CCIE lab  exam can be utilized like a platform to challenge your capability in varied tracks provided  by Cisco. Attempting a lab examination requires rigorous  exercise  and  large  sense of understanding. The CCIE labs  sort step one to your  high  potential career.


Post in  CCIE labNo Comments
Tags: ,,


Controlling Congestion with WRED
February 8th, 2012by  William
The syntax for configuring WRED changed with the introduction of class-based QoS. The old method defined WRED across an entire interface:


Router#configure terminal


Enter configuration commands, one per line.  End with CNTL/Z.


Router(config)#interface HSSI0/0


Router(config-if)#random-detect


Router(config-if)#random-detect precedence 0 10 20 10


Router(config-if)#random-detect precedence 1 12 20 10


Router(config-if)#random-detect precedence 2 15 25 15


Router(config-if)#random-detect precedence 3 18 25 15


Router(config-if)#random-detect precedence 4 20 30 20


Router(config-if)#random-detect precedence 5 22 30 20


Router(config-if)#random-detect precedence 6 30 40 25


Router(config-if)#random-detect precedence 7 40 50 100


Router(config-if)#random-detect precedence RSVP 45 50 100


Router(config-if)#exit


Router(config)#end


Router#


The new configuration method uses the same syntax as CBWFQ:


Router#configure terminal


Enter configuration commands, one per line.  End with CNTL/Z.


Router(config)#class-map Prec5


Router(config-cmap)#description Critical


Router(config-cmap)#match ip precedence 5


Router(config-cmap)#exit


Router(config)#policy-map cb_wred


Router(config-pmap)#class Prec5


Router(config-pmap-c)#random-detect dscp-based


Router(config-pmap-c)#exit


Router(config-pmap)#class class-default


Router(config-pmap-c)#fair-queue 512


Router(config-pmap-c)#queue-limit 96


Router(config-pmap-c)#random-detect dscp-based


Router(config-pmap-c)#exit


Router(config-pmap)#exit


Router(config)#interface HSSI0/1


Router(config-if)#service-policy output cb_wred


Router(config-if)#exit


Router(config)#end


Router#


For the older method, you can set up the drop probabilities according to IP Precedence values by using the following command:


Router(config-if)#random-detect precedence 7 40 50 100


The first argument after the precedence keyword here is the IP Precedence value. The options are any integer between 0 and 7, or the keyword RSVP. After this are the minimum threshold, maximum threshold, and the so-called mark probability denominator.


The minimum threshold is the number of packets that must be in the queue before the router starts to discard. The probability at the minimum threshold is essentially zero, but it rises linearly as the number of packets in the queue rises. The maximum probability occurs at the maximum threshold. You specify the actual value of the probability at this maximum by using the mark probability denominator. In this case we have set the value to 100, which means that, at the maximum, we will discard one packet in 100. This means that halfway between the maximum and minimum thresholds, the router will drop one packet in 200.


Rather, it uses a moving average so that temporary bursts of data are not dropped. This configured minimum is the lower limit of this moving average, which is reached only when the congestion continues for a longer period of time.


If you do not change these values, the defaults take IP Precedence values into account. The default mark probability denominator is 10, so the router will discard one packet in 10. The default maximum threshold depends on the speed of the interface and the router's capacity for buffering packets, but it is the same for all Precedence values. So, by default, the only differences between WRED's treatment of different IP Precedence levels is in the minimum threshold. The default minimum threshold for packets with an IP Precedence of 0 is 50 percent of the maximum threshold. This value rises linearly with Precedence so that the minimum threshold for Precedence 7 and packets with RSVP reserved bandwidth allocations are almost the same as the maximum threshold.


In the new-style example, we have created only one class-based queue to show the principle. In practice, of course, you would probably want to create more than this. All of the traffic that doesn't have an IP Precedence value of 5 uses the default queue, where we have configured both WFQ and WRED.


This example uses DSCP-based random detection. WRED has a built-in ability to discriminate based on DSCP value, so that traffic streams with higher drop precedence values are more likely to drop packets. The default WRED settings when using DSCP-based random detection are shown in Table 11-1.








Table 11-1.    Default WRED settins








DSCP value




Minimum threshold queue depth




Maximum threshold queue depth




Drop probability at maximum








AFx1
32
40
1/10




AFx2
28
40
1/10




AFx3
24
40
1/10






As Table 11-1 shows, the default DSCP-based thresholds are the same for every class. So, for example, AF12, AF22, AF32, and AF42 all begin dropping packets in a sustained congestion situation when the queue depth reaches 28 packets. They reach their maximum drop probability when there are 40 packets in the queue. In all cases, the drop probability at the maximum threshold value is 1/10 (the mark probability), meaning that the router will randomly drop one packet in 10.


You can change these values in a policy map as follows:


Router(config-pmap)#class AF1x


Router(config-pmap-c)#bandwidth percent 20


Router(config-pmap-c)#random-detect dscp-based


Router(config-pmap-c)#random-detect dscp af13 10 20


Router(config-pmap-c)#random-detect dscp af12 20 50


Router(config-pmap-c)#random-detect dscp af11 50 100 50


Router(config-pmap-c)#exit


In each of the random-detect dscp commands, the first argument is the DSCP value, followed by the minimum threshold, the maximum threshold, and the denominator of the mark probability. In the case of the AF11 entry, the router will start dropping these packets when there are more than 50 packets in the queue, and increase the probability until the number reaches 100. At that point, the probability of dropping a packet of this type will be one in 50.


Note that these thresholds apply to all traffic in the queue, not just traffic with this particular DSCP value. So there may be 20 AF11 packets, 10 AF12, and 20 more marked with the AF13 DSCP value. Since this adds up to 50 packets, the router will start to drop the AF11 packets. However, because the maximum thresholds for AF12 and AF13 packets are 50 and 20, respectively, the router will already be dropping packets of these types at the full rate (1 packet in 10 by default) before it starts to drop any AF11 packets.


This example assumes that you want to use DSCP values to control the WRED thresholds. This is not necessary, however. You can also use an unweighted version of the command as follows:


Router(config)#class-map AF11


Router(config-cmap)#match ip dscp af11


Router(config-cmap)#exit


Router(config)#policy-map example


Router(config-pmap)#class AF11


Router(config-pmap-c)#bandwidth percent 10


Router(config-pmap-c)#random-detect


Router(config-pmap-c)#exit


This is particularly useful when your class definitions already take DSCP values into account, as this class map does. Since there is no variation of DSCP values among the class of packets that have a DSCP value of AF11, it isn't necessary for WRED to look at the DSCP value again.


Post in  CCIE SecurityNo Comments
Tags: ,,


related to CCIE Bootcamp.
February 7th, 2012by  William
It is really aimed to pick out the  professionals within the networking firm for your famend  agency  providing  alternatives on  the technical departments. Along with a purpose  to obtain CCIE certification the  applicants must move by two  critical  solution  exams. To start with, the  composed  exam may be to be  handed immediately after which the candidates  can sit for your Lab examination.  The brief-listed candidates can entirely have CCIE  certification. In an effort to prepare for your CCIE exams, CCIE Bootcamp is fashioned.


CCIE Bootcamps  produce in  essence essentially the most  convenient  procedure of  passing out the checks of CCIE. There is various firms  rather institutes which  offer CCIE Bootcamp  exercise  comparable to Cathay School. By using a see to  mature to become eligible for that  bootcamps the institutes  in many  instances present a prerequisite. It may help to boost the  prospect of this candidates to move the CCIE exams inside a more significant way  than others. This prerequisite is known as CCNP  status.


The involved  charge for taking the CCIE  Safety test is  large,  so most candidates go for a preparation study course to cross it in one sitting.  Some unbiased  firms and  establishments  supply courses and workshop to  those people  deciding on CCIE Safety  schooling.   Nonetheless, most  candidates prefer to use the instructor-led  and on-line workshops, which Cisco  supply, as a  aspect of  Approved Learning Companions  plan.  The  instruction   choices are  furnished as  well as the educators are accepted by  Cisco.


For the CCIE  Security certification, you must register for  that  prepared  examination in your own room  of specialization. All the exams are done in the Cisco  authorized facility, which also accepts  value for your test.  The price of taking a CCIE  authored  examination is from $80 to $325. The  composed  exam is supervised and carried  out on the computer system.  It is of 1 or two hours paper made up of a  considerable number of  alternatives, drag and drop  doubts  and fill while in the blanks. Apart from white boards  and markers for calculations, as a  candidate for CCIE Stability  coaching examination, you aren't  authorized to carry some other product  towards the  exam hall.


CCIE Bootcamp is accompanied by having a  variety of  techniques to  deliver the best  planning content  to the  students. They  principally  present some must-have  guides to prepare them for the  authored  CCIE consider a glance at  collectively with some  word wide web  access for that Lab  examination. Counting on these two  categories the CCIE Bootcamps is divided into two  sections. The divisions are course  building and then the Lab simulation. The category  construction  consists of two phases and they're fingers-on  coaching and lectured-based  generally courses. Within the category  construction the college  students are provided  while using the  knowledge of Bit splitting, VLSM  and many others. Nevertheless the lab simulation is  vital element of CCIE  Bootcamp. Right here the students are subjected  to deal with many different real-life  complications  and the troubleshooting  skills are checked  appropriately. Which is the  ultimate phase of CCIE Bootcamps  the location the students are nicely-prepared for that  Blueprintv4, MPLS etcetera.  These methodologies  improve  pupils to troubleshoot any real-life  challenges  and  advance the power to learn  the appropriate  remedies.


But you will find handful of dependable  institutes available  for sale around the advertise which offers  complete CCIE Bootcamps. Certainly one of lots of  properly-renowned institutes is Cathay Faculty which  renders  seriously  decent  corporations  just in case of bootcamps for CCIE. They  supply bootcamp amenities to  tremendously  vast  variety of  school students from many  corners around the world like Australia,  Norway, United kingdom, Sweden, USA and numerous even more. In  accordance while using the figures of this institute from  2005, they are sustaining document variety of proportion of passing  rate in CCIE test.  This file is itself a form of  assure for them. There are various  brings about to pick out Cathay School for CCIE Bootcamps. The  report amount of passing  pace of almost 90%  is among the most  eye-catching  operate of it. Other  than it, a particular other  exceptional  characteristic is considered the one-to-one lab coaching which  assistance  the college students to filter out each of the  doubts with regards to any downside from your instructors.


The  needed  knowledge associated with the bootcamp is  available on the trustworthy  enterprise web page  that's cathayschool.com. It is a  terribly  hassle-free  internet site which  delivers various putting facilities  like on-line Self-Study CCIE Lab Workbooks, one-on-one  on  line coaching, Teacher Led  coaching  etc. Every one of the amenities and  then the training course durations together  while using the  funds are effectively-described here these types of which the  customers will need to not really need to  encounter any sort  of headache  pertaining  to CCIE Bootcamps.


Post in  CCIE TRAININGNo Comments
Tags: ,,


Controlling Congestion with WRED
February 6th, 2012by  William
The syntax for configuring WRED changed with the introduction of class-based QoS. The old method defined WRED across an entire interface:


Router#configure terminal


Enter configuration commands, one per line.  End with CNTL/Z.


Router(config)#interface HSSI0/0


Router(config-if)#random-detect


Router(config-if)#random-detect precedence 0 10 20 10


Router(config-if)#random-detect precedence 1 12 20 10


Router(config-if)#random-detect precedence 2 15 25 15


Router(config-if)#random-detect precedence 3 18 25 15


Router(config-if)#random-detect precedence 4 20 30 20


Router(config-if)#random-detect precedence 5 22 30 20


Router(config-if)#random-detect precedence 6 30 40 25


Router(config-if)#random-detect precedence 7 40 50 100


Router(config-if)#random-detect precedence RSVP 45 50 100


Router(config-if)#exit


Router(config)#end


Router#


The new configuration method uses the same syntax as CBWFQ:


Router#configure terminal


Enter configuration commands, one per line.  End with CNTL/Z.


Router(config)#class-map Prec5


Router(config-cmap)#description Critical


Router(config-cmap)#match ip precedence 5


Router(config-cmap)#exit


Router(config)#policy-map cb_wred


Router(config-pmap)#class Prec5


Router(config-pmap-c)#random-detect dscp-based


Router(config-pmap-c)#exit


Router(config-pmap)#class class-default


Router(config-pmap-c)#fair-queue 512


Router(config-pmap-c)#queue-limit 96


Router(config-pmap-c)#random-detect dscp-based


Router(config-pmap-c)#exit


Router(config-pmap)#exit


Router(config)#interface HSSI0/1


Router(config-if)#service-policy output cb_wred


Router(config-if)#exit


Router(config)#end


Router#


For the older method, you can set up the drop probabilities according to IP Precedence values by using the following command:


Router(config-if)#random-detect precedence 7 40 50 100


The first argument after the precedence keyword here is the IP Precedence value. The options are any integer between 0 and 7, or the keyword RSVP. After this are the minimum threshold, maximum threshold, and the so-called mark probability denominator.


The minimum threshold is the number of packets that must be in the queue before the router starts to discard. The probability at the minimum threshold is essentially zero, but it rises linearly as the number of packets in the queue rises. The maximum probability occurs at the maximum threshold. You specify the actual value of the probability at this maximum by using the mark probability denominator. In this case we have set the value to 100, which means that, at the maximum, we will discard one packet in 100. This means that halfway between the maximum and minimum thresholds, the router will drop one packet in 200.


Rather, it uses a moving average so that temporary bursts of data are not dropped. This configured minimum is the lower limit of this moving average, which is reached only when the congestion continues for a longer period of time.


If you do not change these values, the defaults take IP Precedence values into account. The default mark probability denominator is 10, so the router will discard one packet in 10. The default maximum threshold depends on the speed of the interface and the router's capacity for buffering packets, but it is the same for all Precedence values. So, by default, the only differences between WRED's treatment of different IP Precedence levels is in the minimum threshold. The default minimum threshold for packets with an IP Precedence of 0 is 50 percent of the maximum threshold. This value rises linearly with Precedence so that the minimum threshold for Precedence 7 and packets with RSVP reserved bandwidth allocations are almost the same as the maximum threshold.


In the new-style example, we have created only one class-based queue to show the principle. In practice, of course, you would probably want to create more than this. All of the traffic that doesn't have an IP Precedence value of 5 uses the default queue, where we have configured both WFQ and WRED.


This example uses DSCP-based random detection. WRED has a built-in ability to discriminate based on DSCP value, so that traffic streams with higher drop precedence values are more likely to drop packets. The default WRED settings when using DSCP-based random detection are shown in Table 11-1.








Table 11-1.    Default WRED settins








DSCP value




Minimum threshold queue depth




Maximum threshold queue depth




Drop probability at maximum








AFx1
32
40
1/10




AFx2
28
40
1/10




AFx3
24
40
1/10






As Table 11-1 shows, the default DSCP-based thresholds are the same for every class. So, for example, AF12, AF22, AF32, and AF42 all begin dropping packets in a sustained congestion situation when the queue depth reaches 28 packets. They reach their maximum drop probability when there are 40 packets in the queue. In all cases, the drop probability at the maximum threshold value is 1/10 (the mark probability), meaning that the router will randomly drop one packet in 10.


You can change these values in a policy map as follows:


Router(config-pmap)#class AF1x


Router(config-pmap-c)#bandwidth percent 20


Router(config-pmap-c)#random-detect dscp-based


Router(config-pmap-c)#random-detect dscp af13 10 20


Router(config-pmap-c)#random-detect dscp af12 20 50


Router(config-pmap-c)#random-detect dscp af11 50 100 50


Router(config-pmap-c)#exit


In each of the random-detect dscp commands, the first argument is the DSCP value, followed by the minimum threshold, the maximum threshold, and the denominator of the mark probability. In the case of the AF11 entry, the router will start dropping these packets when there are more than 50 packets in the queue, and increase the probability until the number reaches 100. At that point, the probability of dropping a packet of this type will be one in 50.


Note that these thresholds apply to all traffic in the queue, not just traffic with this particular DSCP value. So there may be 20 AF11 packets, 10 AF12, and 20 more marked with the AF13 DSCP value. Since this adds up to 50 packets, the router will start to drop the AF11 packets. However, because the maximum thresholds for AF12 and AF13 packets are 50 and 20, respectively, the router will already be dropping packets of these types at the full rate (1 packet in 10 by default) before it starts to drop any AF11 packets.


This example assumes that you want to use DSCP values to control the WRED thresholds. This is not necessary, however. You can also use an unweighted version of the command as follows:


Router(config)#class-map AF11


Router(config-cmap)#match ip dscp af11


Router(config-cmap)#exit


Router(config)#policy-map example


Router(config-pmap)#class AF11


Router(config-pmap-c)#bandwidth percent 10


Router(config-pmap-c)#random-detect


Router(config-pmap-c)#exit


This is particularly useful when your class definitions already take DSCP values into account, as this class map does. Since there is no variation of DSCP values among the class of packets that have a DSCP value of AF11, it isn't necessary for WRED to look at the DSCP value again.


Post in  CCIE R&SNo Comments
Tags: ,,


CCIESecurityTrainingexercise
February 4th, 2012by  William
There just isn't a  will need to have an  alternative  skilled  teaching  or study course certificates to  qualify.


The CCIESecurityTrainingteaching  consists of a  created  examination to qualify and after that the  lab exam. You could be  suggested to obtain in the  least 3-5 years of  profession  know-how  previously than striving this certification.


The  examination for the CCIE  Stability is of two-hour  size with many  selections. This  is made up of hundred  thoughts,  which is able to cover subjects equal to program protocols,  functioning  methods,  safety technologies,  protection protocols, and Cisco  protection  programs. The exam  provides are  supplied in the spot and you also  aren't permitted to usher in  outdoors reference  products.


Network  engineers having a CCIE certificates are  regarded as as the  pro within the group  engineering discipline in  addition to the masters of CISCO  solutions. The CCIE has brought  revolution inside the  group  industry in terms of technically  difficult  assignments and  methods along with the obligatory  instruments and methodologies. There is  certainly a  application which updates and  reorganizes the instruments to provide  quality  services. There can be  different modes of CCIE  Coaching  like  published  examination planning and  efficiency primarily  based lab. This  may help to  reinforce the  effectiveness and  ordinary with the  business. CISCO has launched this certification policy in 1993  using a view to differentiate the highest authorities in the rest.


So  as to be certified,  initial  composed  examination need to be passed  after which needs  to cross the lab test. CISCO in  the slightest degree  situations tries to use totally  varied CCIE  Education  procedures for  increased overall  performance. There are a selection of  ways for your CCIE  certification. The initial step for certification is to pass a two hrs lasting  computer primarily  based  principally MCQ oriented  created  test. For this test  crucial  payments must be  finished by the use  of online. This examination is  associated with  test vouchers and promotional codes. The authenticity  in the voucher  giving  firm should be  perfectly  identified  towards the  candidates. The promotional code must  be  accessed effectively and just in case of  fraudulent vouchers in addition to promotional codes should  not appropriate  and CISCO is not going to repay the cost. The candidates have to  wait five days for your  authored  examination after  payment plus they can  not sit for your identical  test for the  subsequent 100 eighty days just in  case of recertification.


Having a look at to obtain certified and qualified for the CCIE  Schooling  some features are  for being remembered  the right  way. After passing the  prepared  examination the candidates possess a nearly all of 18 months time for  seeking  the lab test. When the period of time exceeds then  the authenticity belonging to the  created  examination will  undoubtedly be invalid. For that first  timer used to get CCIE certification the  written  examination is obtainable inside the form of Beta examination with  special discounts  obtainable. Around the Beta interval the  candidates can sit only the minute  for that test. The  results will arrive inside  six to 8 weeks just after the examination is more than.


The following stage for  that CCIE certification often is the Lab test. The  shortlisted candidates of this  penned  exam can solely  use for the fingers-on lab  test. Even  though there are  many  authored  examination centers of CISCO nevertheless Lab examination amenities  are constrained. It  really is an  eight hour fingers-on practical  based  generally examination whereby the ability of  troubleshooting and configuring neighborhood  generally  primarily based  situations  and software program are checked. For the scheduling  of Lab examination the shortlisted candidates from the  before  written  examination need to  existing the identification quantity together with passing ranking and also date of passing.


The associated fee for Lab examination needs to  be cleared previously than 90 days  on the scheduled exam. With  out the price the reservation will probably be  cancelled. Soon after passing  the Lab test combined when  using the  published  check the candidates can  use for that CCIE  certification. By contemplating


Post in  CCIE R&SNo Comments
Tags: ,,


Environment the DSCP or TOS Discipline
February 3rd, 2012by  William
The answer to this situation relies on the sort of potential customers distinctions you choose for making, also the version of IOS that you're running inside of your routers.


There must be some thing that defines the different varieties of traffic that you just desire to prioritize. On the whole, the less difficult the distinctions are to create, the higher. It's because all the exams get router assets and introduce processing delays. The most typical rules for distinguishing amongst site traffic forms make use of the packet's input interface and very simple IP header info like as TCP port quantities. The subsequent examples show find out how to set an IP Precedence value of speedy (2) for all FTP manage potential customers that arrives by means of the serial0/0 interface, and an IP Precedence of concern (1) for all FTP data page views. This distinction is feasible due to the fact FTP regulate traffic usages TCP port 21, and FTP info utilizes port 20.


The newest method for configuring this utilizes class maps. Cisco foremost launched this characteristic in IOS Edition twelve.0(5)T. This method 1st defines a class-map that specifies how the router will detect this type of site visitors. It then defines a policy-map that really makes the modifications for the packet's TOS industry:


Router#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#access-list 101 permit any eq ftp any

Router(config)#access-list 101 permit any any eq ftp

Router(config)#access-list 102 permit any eq ftp-data any

Router(config)#access-list 102 permit any any eq ftp-data

Router(config)#class-map match-all ser00-ftpcontrol

Router(config-cmap)#description branch ftp control traffic

Router(config-cmap)#match input-interface serial0/0

Router(config-cmap)#match access-group 101

Router(config-cmap)#exit

Router(config)#class-map match-all ser00-ftpdata

Router(config-cmap)#description branch ftp data traffic

Router(config-cmap)#match input-interface serial0/0

Router(config-cmap)#match access-group 102

Router(config-cmap)#exit

Router(config)#policy-map serialftppolicy

Router(config-pmap)#description branch ftp traffic policy

Router(config-pmap)#class ser00-ftpcontrol

Router(config-pmap-c)#set ip precedence immediate

Router(config-pmap-c)#exit

Router(config-pmap)#class ser00-ftpdata

Router(config-pmap-c)#set ip precedence priority

Router(config-pmap-c)#exit

Router(config-pmap)#exit

Router(config)#interface serial0/0

Router(config-if)#ip route-cache policy

Router(config-if)#service-policy input serialftppolicy

Router(config-if)#exit

Router(config)#end

Router#


For earlier IOS versions, where by class-maps had been not obtainable, you might have to make use of policy-based routing to alter the TOS subject in a very packet. Applying this policy to your interface tells the router to make use of this coverage to test all incoming packets on this interface and rewrite the ones that match the route map:Router#configure terminal


Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#access-list 101 permit any eq ftp any

Router(config)#access-list 101 permit any any eq ftp

Router(config)#access-list 102 permit any eq ftp-data any

Router(config)#access-list 102 permit any any eq ftp-data

Router(config)#route-map serialftp-rtmap permit 10

Router(config-route-map)#match ip address 101

Router(config-route-map)#set ip precedence immediate

Router(config-route-map)#exit

Router(config)#route-map serialftp-rtmap permit 20

Router(config-route-map)#match ip address 102

Router(config-route-map)#set ip precedence priority

Router(config-route-map)#exit

Router(config)#interface serial0/0

Router(config-if)#ip policy route-map serialftp-rtmap

Router(config-if)#ip route-cache policy

Router(config-if)#exit

Router(config)#end

Router#


Just before you can tag a packet for special therapy, you've gotten to acquire a particularly crystal clear idea of what different types of targeted traffic need to have exclusive treatment method, coupled with exactly what sort of distinctive treatment they will desire. During the instance, we've chose to give a specific concern to FTP site traffic obtained on the distinct serial interface. We exhibit how to do this by using each the previous and new configuration methods.

This might look to become a considerably artificial case in point. Immediately after all, why would you care about tagging inbound traffic that you just have presently obtained from a low-speed interface? Really, one of the most critical ideas for employing QoS in a network is the fact that make sure you generally tag the packet as early as you can, preferably for the edges of the network. Then, since it passes from the network, every single router only needs to consider the tag, and isn't going to ought to do any even more classification. In this case, we might be sure which the FTP potential customers returning in the other bureaucratie is tagged from the initially router that receives it. And so the outbound site traffic has previously been tagged, and it's a waste of router assets to reclassify the outbound packets.


A number of organizations realistically get this concept of marking at the edges a particular phase further, and remark every single obtained packet. This aids to ensure that people aren't requesting amazing QoS privileges which they are not authorized to acquire. Still, you need to be careful of this given that it may well usually disrupt reputable markings. As an example, a real-time application can use RSVP to order bandwidth in the network. It's always key that the packets for this application have the proper Expedited Forwarding (EF) DSCP marking or perhaps the network may not deal with them thoroughly. Nevertheless, you also will not aspire to allow other non-real-time programs from this same source hold the exact EF priority degree. So, when you're going to configure your routers to remark all incoming packets on the edges, make certain you understand what incoming markings are legitimate.


In that circumstance, the routers are running DLSw to bridge SNA targeted visitors by means of an IP network. And so the routers on their own in fact formulate the IP packets. This makes an extra problem considering that there is certainly no incoming interface. In order that recipe utilizes hometown policy-based routing. The very fact the router makes the packets also offers it a vital benefit considering that it doesn't have to take into account any DLSw packets that might just occur to go through.


The benefits of your more recent class-map process aren't clear in this case in point, but on the list of very first major benefits appears if you'd like to utilize the more contemporary DSCP tagging scheme. Because the mature policy-based routing system will not immediately support DSCP, you could have to fake it by setting equally the IP Precedence and also TOS separately as follows.


Router(config)#route-map serialftp-rtmap permit 10

Router(config-route-map)#match ip address 115

Router(config-route-map)#set ip precedence immediate

Router(config-route-map)#set ip tos max-throughput


In this case, the packet will wind up with an IP Precedence value of immediate, or 2 (010 in binary), and TOS of max-throughput, or 4 (0100 in binary).


Doing the same thing with the class-map method is much more direct:


Router(config)#policy-map serialftppolicy

Router(config-pmap)#class serialftpclass

Router(config-pmap-c)#set ip dscp af21


Class-maps will even be practical later on in such a chapter once we speak about class-based weighted truthful queuing and class-based visitors shaping.

It will be important to note that during this whole case in point, now we have only put a particular worth into your packet's TOS or DSCP field. This, by alone, doesn't have an effect on how the packet is forwarded by way of the network. To undertake that, you will need to be certain that as each router in the network forwards these marked packets, the interface queues will react appropriately to this data.


Lastly, we must always observe that despite the fact that this recipe demonstrates two helpful approaches of marking packets, utilising Dedicated Access Rate (Motor vehicle) elements. Car or truck tends to become a great deal more effective on greater speed interfaces.


Post in  CCIE R&SNo Comments
Tags: ,,


Using Custom Queuing
February 2nd, 2012by  William
Implementing Custom Queuing on a router is a two-step procedure. First, you must define the traffic types that will populate your queues. And then you apply the queuing method to an interface:


Router#configure terminal


Enter configuration commands, one per line.  End with CNTL/Z.


Router(config)#access-list 103 permit ip any any precedence 5


Router(config)#access-list 104 permit ip any any precedence 4


Router(config)#access-list 105 permit ip any any precedence 3


Router(config)#access-list 106 permit ip any any precedence 2


Router(config)#access-list 107 permit ip any any precedence 1


Router(config)#queue-list 1 protocol ip 3 list 103


Router(config)#queue-list 1 protocol ip 4 list 104


Router(config)#queue-list 1 protocol ip 5 list 105


Router(config)#queue-list 1 queue 5 byte-count 3000 limit 55


Router(config)#queue-list 1 protocol ip 6 list 106


Router(config)#queue-list 1 protocol ip 7 list 107


Router(config)#queue-list 1 default 8


Router(config)#interface HSSI0/0


Router(config-if)#custom-queue-list 1


Router(config-if)#exit


Router(config)#end


Router#


When you enable Custom Queuing, the router automatically creates 16 queues for application traffic plus one more for system requirements. You can look at the queues with a normal show interface command:


Router#show interface Ethernet0


Ethernet0 is up, line protocol is up


  Hardware is Lance, address is 0000.0cf0.8460 (bia 0000.0cf0.8460)


  Internet address is 192.168.1.201/24


  MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,


     reliability 255/255, txload 2/255, rxload 1/255


  Encapsulation ARPA, loopback not set, keepalive set (10 sec)


  ARP type: ARPA, ARP Timeout 04:00:00


  Last input 00:00:00, output 00:00:00, output hang never


  Last clearing of "show interface" counters never


  Input queue: 2/75/0 (size/max/drops); Total output drops: 0


  Queuing strategy: custom-list 1


  Output queues: (queue #: size/max/drops)


     0: 0/20/0 1: 0/20/0 2: 0/20/0 3: 0/20/0 4: 0/20/0


     5: 0/55/3 6: 5/20/0 7: 0/20/0 8: 0/20/0 9: 0/20/0


     10: 0/20/0 11: 0/20/0 12: 0/20/0 13: 0/20/0 14: 0/20/0


     15: 0/20/0 16: 0/20/0


  5 minute input rate 5000 bits/sec, 12 packets/sec


  5 minute output rate 106000 bits/sec, 24 packets/sec


     132910 packets input, 14513345 bytes, 0 no buffer


     Received 109570 broadcasts, 0 runts, 0 giants, 0 throttles


     9 input errors, 0 CRC, 0 frame, 0 overrun, 9 ignored, 0 abort


     0 input packets with dribble condition detected


     1028116 packets output, 85603681 bytes, 0 underruns


     1 output errors, 42 collisions, 8 interface resets


     0 babbles, 0 late collision, 4 deferred


     1 lost carrier, 0 no carrier


     0 output buffer failures, 0 output buffers swapped out


Router#


In this output, you can see that queue number 6 currently has 5 packets queued and waiting for delivery (6: 5/20/0), while queue number 5 has had to drop 3 packets due to congestion (5: 0/55/3).


The example assigns queue number 3 for all packets with the highest application IP Precedence value of 5. Similarly, packets with Precedence 4 use queue number 4, Precedence 3 use queue 5, Precedence 2 use queue 6, Precedence 1 use queue 7, and everything else uses queue number 8.


Custom Queuing does not assign a default queue for unclassified traffic, so you must remember to do this. The command in the example defines the default as queue number 8:


Router(config)#queue-list 1 default 8


Note that if there is another nonIP protocol such as IPX configured on this interface, it will also use the default queue. If you prefer to give this other protocol its own set of queues, you can use define them using access lists for that protocol. The configuration is nearly identical to the IP example we have shown, except for the exact access list syntax, which naturally depends on the protocol.


By default, the Custom Queuing scheduler visits all queues in order and takes an average of 1,500 bytes from each, and each queue can hold up to 20 packets. In the example, we changed these default values for queue number 5:


Router(config)#queue-list 1 queue 5 byte-count 3000 limit 55


This tells the scheduler to take an average of 3000 bytes from this queue on each pass, and to store up to 55 packets in the queue. Increasing the number of bytes will effectively increase the share of the bandwidth that this queue receives. Increasing the queue depth decreases the probability of tail drops. But it also increases the amount of time that a packet could theoretically spend in the queue, which may increase latency and jitter.


In this example, all of the traffic types are selected by the IP Precedence value. It is also possible to select based on specific applications. You can do this either with an access-list or, in some cases, using keywords in the queue-list command. For example, if you wanted to select all DLSw traffic and send it to queue number 9, you could create an access-list:


Router(config)#access-list 117 permit ip any eq 2065 any


Router(config)#access-list 117 permit ip any any eq 2065


Router(config)#access-list 117 permit ip any eq 2067 any


Router(config)#access-list 117 permit ip any any eq 2067


Router(config)#queue-list 1 protocol ip 9 list 117


Or you could do it like this:


Router(config)#queue-list 1 protocol dlsw 9


This second method is clearly easier, but the number of protocol types that can be defined this way is unfortunately rather limited.


We have three important final notes on Custom Queuing that you should bear in mind. The first point is that if traffic from all of these streams is present, the router will share traffic between them. In this example, we have used six different queues: one for each of the five application precedence levels, plus a default. By default, each will receive a roughly equal share of the total bandwidth. So you may be surprised to find that despite imposing different queues for the different traffic types, the important traffic still doesn't get a large enough share of the bandwidth. You can affect this with the byte-count keyword, as we discussed earlier. Note that the queues are serviced by byte count rather than packet count. So suppose you have two queues, one of which supports an interactive session with many short packets, and another that contains a bulk transfer with a few large packets. If you configure the router to service these queues with the same byte-count, it will tend to forward a lot more of the small packets. But the net share of the bandwidth will be roughly equal on average.


Second, in Custom Queuing, the traffic within each queue competes directly with all other traffic in the same queue. So, for example, if one user sends a burst of application traffic that fills one of the queues, this will cause tail drops for other users whose traffic uses the same queue.


And the third point is that the more queues you define, the smaller the share of the total bandwidth each queue receives. Further, having more queues increases the amount of processing the router has to do to segregate the traffic.


The second and third points compete with one another. The second one tends to point toward increasing the number of queues to limit the competition within each queue. But the third point should convince you that there is a point of diminishing returns where more queues will not help the situation. In practice, the third rule tends to win out. It rarely turns out to be beneficial to have more than five or six Custom Queues, unless some of those queues are only used very lightly.


Custom Queuing is an older QoS mechanism on Cisco routers. In most cases, you will likely find that a newer algorithm such as CBWFQ will be more flexible and give better results.


Post in  CCIE labNo Comments
Tags: ,,


CCIE Bootcamps, CCIE Lab Exam
January 30th, 2012by  William
The answer to this  situation relies on the sort of potential customers distinctions you choose for making, also the version of IOS that  you're  running inside of  your routers. CCIE Bootcamps


There must be some thing that defines the different varieties of traffic that you just desire to  prioritize. On the  whole, the  less difficult the  distinctions are to create, the higher. It's because all the exams  get router assets and  introduce processing delays. The most typical rules for  distinguishing amongst  site  traffic forms make use of the packet's input interface and  very  simple IP header  info like as TCP  port quantities. The subsequent examples  show find out how  to  set an IP Precedence value of  speedy (2) for  all FTP manage  potential customers that arrives by means of the serial0/0 interface, and an IP  Precedence of concern (1) for all FTP  data page views. This distinction is feasible due to the  fact FTP  regulate  traffic usages TCP port 21, and FTP  info utilizes port 20.


The newest  method  for configuring this utilizes class maps. Cisco  foremost  launched this  characteristic in IOS  Edition twelve.0(5)T. This method 1st defines a  class-map that specifies how the router will  detect this type  of site visitors. It then defines a policy-map that really makes the  modifications  for the packet's  TOS industry:


Router#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#access-list 101 permit any eq ftp any

Router(config)#access-list 101 permit any any eq ftp

Router(config)#access-list 102 permit any eq ftp-data any

Router(config)#access-list 102 permit any any eq ftp-data

Router(config)#class-map match-all ser00-ftpcontrol

Router(config-cmap)#description branch ftp control traffic

Router(config-cmap)#match input-interface serial0/0

Router(config-cmap)#match access-group 101

Router(config-cmap)#exit

Router(config)#class-map match-all ser00-ftpdata

Router(config-cmap)#description branch ftp data traffic

Router(config-cmap)#match input-interface serial0/0

Router(config-cmap)#match access-group 102

Router(config-cmap)#exit

Router(config)#policy-map serialftppolicy

Router(config-pmap)#description branch ftp traffic policy

Router(config-pmap)#class ser00-ftpcontrol

Router(config-pmap-c)#set ip precedence immediate

Router(config-pmap-c)#exit

Router(config-pmap)#class ser00-ftpdata

Router(config-pmap-c)#set ip precedence priority

Router(config-pmap-c)#exit

Router(config-pmap)#exit

Router(config)#interface serial0/0

Router(config-if)#ip route-cache policy

Router(config-if)#service-policy input serialftppolicy

Router(config-if)#exit

Router(config)#end

Router#


For earlier IOS versions,  where by class-maps had been not obtainable, you might have to make use of policy-based routing to alter the TOS  subject in a  very packet. Applying this  policy to your interface tells the router to make use of this  coverage to test all incoming packets on this  interface and rewrite the ones that match the route  map:Router#configure terminal


Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#access-list 101 permit any eq ftp any

Router(config)#access-list 101 permit any any eq ftp

Router(config)#access-list 102 permit any eq ftp-data any

Router(config)#access-list 102 permit any any eq ftp-data

Router(config)#route-map serialftp-rtmap permit 10

Router(config-route-map)#match ip address 101

Router(config-route-map)#set ip precedence immediate

Router(config-route-map)#exit

Router(config)#route-map serialftp-rtmap permit 20

Router(config-route-map)#match ip address 102

Router(config-route-map)#set ip precedence priority

Router(config-route-map)#exit

Router(config)#interface serial0/0

Router(config-if)#ip policy route-map serialftp-rtmap

Router(config-if)#ip route-cache policy

Router(config-if)#exit

Router(config)#end

Router#


Just before you  can tag a packet for  special  therapy, you've gotten to acquire a particularly crystal clear  idea of what different types of targeted traffic need to have  exclusive  treatment method, coupled with  exactly what sort of  distinctive  treatment they  will  desire. During the instance, we've chose to give a  specific  concern to FTP site traffic obtained on the   distinct  serial interface. We  exhibit how  to  do this by using  each the  previous and new configuration  methods.

This might look to become a  considerably artificial  case in point. Immediately after all, why would you care about tagging  inbound traffic that you just have  presently  obtained from a low-speed interface?  Really, one of the most  critical ideas for  employing QoS in a network is the fact that make sure you  generally tag the packet as  early as you can, preferably for the  edges of the network. Then, since it  passes from the network,  every single router only  needs to consider the  tag, and isn't going to  ought to do any  even more  classification. In this case, we might be sure which the FTP potential  customers returning in the other  bureaucratie is tagged from the initially router that receives it. And so the outbound site traffic has  previously been tagged,  and it's a waste of router  assets to reclassify the outbound packets.


A  number of organizations  realistically get this concept of marking at the  edges a  particular phase  further, and remark every single obtained  packet. This aids to ensure that people  aren't requesting  amazing  QoS privileges which they are not  authorized to acquire. Still, you need to be careful of this given that it may well  usually disrupt  reputable  markings. As an example, a real-time  application can use RSVP to  order bandwidth in the  network. It's always  key that the  packets for this application have the  proper Expedited Forwarding (EF) DSCP marking or  perhaps the network may not deal  with them  thoroughly.  Nevertheless, you  also will not aspire to allow other  non-real-time programs from this  same  source hold the exact EF priority  degree. So, when  you're going to  configure your routers to remark all incoming packets on the edges, make certain you  understand what incoming markings are  legitimate.


In that circumstance, the routers are  running DLSw to bridge SNA  targeted visitors by means of an IP network. And so the  routers on their own  in fact  formulate the IP packets. This makes an extra problem  considering that there is certainly no incoming interface. In order that  recipe utilizes  hometown  policy-based routing. The very fact the router makes  the packets also offers it a vital  benefit considering that it  doesn't have to take into account  any DLSw packets that might just occur to go through.


The benefits of your more  recent class-map  process  aren't clear in  this  case in point, but on the list of very  first  major  benefits appears if you'd like to utilize the more contemporary DSCP tagging scheme. Because  the mature policy-based routing  system  will not  immediately  support DSCP, you could have to fake it by setting  equally the IP Precedence and also TOS separately as  follows.


Router(config)#route-map serialftp-rtmap permit 10

Router(config-route-map)#match ip address 115

Router(config-route-map)#set ip precedence immediate

Router(config-route-map)#set ip tos max-throughput


In this case, the packet will wind up with an IP Precedence value of  immediate, or 2 (010 in binary), and TOS of max-throughput, or 4 (0100  in binary).


Doing the same thing with the class-map method is much more direct:


Router(config)#policy-map serialftppolicy

Router(config-pmap)#class serialftpclass

Router(config-pmap-c)#set ip dscp af21


Class-maps will even be  practical  later on in such a chapter once we speak about class-based weighted  truthful queuing and class-based  visitors shaping.

It will be important to  note that during this whole case in point, now we have only  put a  particular  worth into your packet's TOS  or DSCP field. This, by alone, doesn't have an effect on how the packet is forwarded by way of the network.  To undertake that, you  will need to  be certain that  as each router in  the network forwards these marked packets, the interface  queues will react appropriately to this  data.


Lastly, we must always  observe that despite the fact that this recipe  demonstrates two  helpful   approaches  of marking packets, utilising Dedicated  Access Rate  (Motor  vehicle)  elements.  Car or truck tends to become  a great deal more  effective on  greater speed  interfaces.


Post in  CCIE labNo Comments
Tags: ,


CCIE Voice Training, Environment the DSCP or TOS Discipline
January 13th, 2012by  William
The answer to this  situation relies on the sort of potential customers distinctions you choose for making, also the version of IOS that  you're  running inside of  your routers. CCIE Voice Training


There must be some thing that defines the different varieties of traffic that you just desire to  prioritize. On the  whole, the  less difficult the  distinctions are to create, the higher. It's because all the exams  get router assets and  introduce processing delays. The most typical rules for  distinguishing amongst  site  traffic forms make use of the packet's input interface and  very  simple IP header  info like as TCP  port quantities. The subsequent examples  show find out how  to  set an IP Precedence value of  speedy (2) for  all FTP manage  potential customers that arrives by means of the serial0/0 interface, and an IP  Precedence of concern (1) for all FTP  data page views. This distinction is feasible due to the  fact FTP  regulate  traffic usages TCP port 21, and FTP  info utilizes port 20.


The newest  method  for configuring this utilizes class maps. Cisco  foremost  launched this  characteristic in IOS  Edition twelve.0(5)T. This method 1st defines a  class-map that specifies how the router will  detect this type  of site visitors. It then defines a policy-map that really makes the  modifications  for the packet's  TOS industry:


Router#configure terminal

Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#access-list 101 permit any eq ftp any

Router(config)#access-list 101 permit any any eq ftp

Router(config)#access-list 102 permit any eq ftp-data any

Router(config)#access-list 102 permit any any eq ftp-data

Router(config)#class-map match-all ser00-ftpcontrol

Router(config-cmap)#description branch ftp control traffic

Router(config-cmap)#match input-interface serial0/0

Router(config-cmap)#match access-group 101

Router(config-cmap)#exit

Router(config)#class-map match-all ser00-ftpdata

Router(config-cmap)#description branch ftp data traffic

Router(config-cmap)#match input-interface serial0/0

Router(config-cmap)#match access-group 102

Router(config-cmap)#exit

Router(config)#policy-map serialftppolicy

Router(config-pmap)#description branch ftp traffic policy

Router(config-pmap)#class ser00-ftpcontrol

Router(config-pmap-c)#set ip precedence immediate

Router(config-pmap-c)#exit

Router(config-pmap)#class ser00-ftpdata

Router(config-pmap-c)#set ip precedence priority

Router(config-pmap-c)#exit

Router(config-pmap)#exit

Router(config)#interface serial0/0

Router(config-if)#ip route-cache policy

Router(config-if)#service-policy input serialftppolicy

Router(config-if)#exit

Router(config)#end

Router#


For earlier IOS versions,  where by class-maps had been not obtainable, you might have to make use of policy-based routing to alter the TOS  subject in a  very packet. Applying this  policy to your interface tells the router to make use of this  coverage to test all incoming packets on this  interface and rewrite the ones that match the route  map:Router#configure terminal


Enter configuration commands, one per line.  End with CNTL/Z.

Router(config)#access-list 101 permit any eq ftp any

Router(config)#access-list 101 permit any any eq ftp

Router(config)#access-list 102 permit any eq ftp-data any

Router(config)#access-list 102 permit any any eq ftp-data

Router(config)#route-map serialftp-rtmap permit 10

Router(config-route-map)#match ip address 101

Router(config-route-map)#set ip precedence immediate

Router(config-route-map)#exit

Router(config)#route-map serialftp-rtmap permit 20

Router(config-route-map)#match ip address 102

Router(config-route-map)#set ip precedence priority

Router(config-route-map)#exit

Router(config)#interface serial0/0

Router(config-if)#ip policy route-map serialftp-rtmap

Router(config-if)#ip route-cache policy

Router(config-if)#exit

Router(config)#end

Router#


Just before you  can tag a packet for  special  therapy, you've gotten to acquire a particularly crystal clear  idea of what different types of targeted traffic need to have  exclusive  treatment method, coupled with  exactly what sort of  distinctive  treatment they  will  desire. During the instance, we've chose to give a  specific  concern to FTP site traffic obtained on the   distinct  serial interface. We  exhibit how  to  do this by using  each the  previous and new configuration  methods.

This might look to become a  considerably artificial  case in point. Immediately after all, why would you care about tagging  inbound traffic that you just have  presently  obtained from a low-speed interface?  Really, one of the most  critical ideas for  employing QoS in a network is the fact that make sure you  generally tag the packet as  early as you can, preferably for the  edges of the network. Then, since it  passes from the network,  every single router only  needs to consider the  tag, and isn't going to  ought to do any  even more  classification. In this case, we might be sure which the FTP potential  customers returning in the other  bureaucratie is tagged from the initially router that receives it. And so the outbound site traffic has  previously been tagged,  and it's a waste of router  assets to reclassify the outbound packets.


A  number of organizations  realistically get this concept of marking at the  edges a  particular phase  further, and remark every single obtained  packet. This aids to ensure that people  aren't requesting  amazing  QoS privileges which they are not  authorized to acquire. Still, you need to be careful of this given that it may well  usually disrupt  reputable  markings. As an example, a real-time  application can use RSVP to  order bandwidth in the  network. It's always  key that the  packets for this application have the  proper Expedited Forwarding (EF) DSCP marking or  perhaps the network may not deal  with them  thoroughly.  Nevertheless, you  also will not aspire to allow other  non-real-time programs from this  same  source hold the exact EF priority  degree. So, when  you're going to  configure your routers to remark all incoming packets on the edges, make certain you  understand what incoming markings are  legitimate.


In that circumstance, the routers are  running DLSw to bridge SNA  targeted visitors by means of an IP network. And so the  routers on their own  in fact  formulate the IP packets. This makes an extra problem  considering that there is certainly no incoming interface. In order that  recipe utilizes  hometown  policy-based routing. The very fact the router makes  the packets also offers it a vital  benefit considering that it  doesn't have to take into account  any DLSw packets that might just occur to go through.


The benefits of your more  recent class-map  process  aren't clear in  this  case in point, but on the list of very  first  major  benefits appears if you'd like to utilize the more contemporary DSCP tagging scheme. Because  the mature policy-based routing  system  will not  immediately  support DSCP, you could have to fake it by setting  equally the IP Precedence and also TOS separately as  follows.


Router(config)#route-map serialftp-rtmap permit 10

Router(config-route-map)#match ip address 115

Router(config-route-map)#set ip precedence immediate

Router(config-route-map)#set ip tos max-throughput


In this case, the packet will wind up with an IP Precedence value of  immediate, or 2 (010 in binary), and TOS of max-throughput, or 4 (0100  in binary).


Doing the same thing with the class-map method is much more direct:


Router(config)#policy-map serialftppolicy

Router(config-pmap)#class serialftpclass

Router(config-pmap-c)#set ip dscp af21


Class-maps will even be  practical  later on in such a chapter once we speak about class-based weighted  truthful queuing and class-based  visitors shaping.

It will be important to  note that during this whole case in point, now we have only  put a  particular  worth into your packet's TOS  or DSCP field. This, by alone, doesn't have an effect on how the packet is forwarded by way of the network.  To undertake that, you  will need to  be certain that  as each router in  the network forwards these marked packets, the interface  queues will react appropriately to this  data.


Lastly, we must always  observe that despite the fact that this recipe  demonstrates two  helpful   approaches  of marking packets, utilising Dedicated  Access Rate  (Motor  vehicle)  elements.  Car or truck tends to become  a great deal more  effective on  greater speed  interfaces.


Post in  CCIE VoiceComments Off
Tags: ,,