Preface
Cisco routers are nearly ubiquitous in IP networks. They are extremely flexible and reliable devices, and the number and variety of features grows with each new release of the Internetwork Operating System (IOS). While Cisco Press and several other publishers supply excellent documentation of router features both online and in a variety of books, knowing when, why, and how to use these features is sometimes difficult. There are often many different ways to solve any given networking problem using Cisco devices, and some solutions are clearly more effective than others.
The two immediate questions facing any network engineer are: Which of the many potential solutions is the most appropriate for a particular situation? and, Once you have decided to use a particular feature, how should you implement it? Unfortunately, the feature documentation describing a particular command or feature frequently does very little to answer either of these questions.
Everybody who has worked with Cisco routers for any length of time has had to ask their friends and co-workers for example router configuration files that show how to solve a common problem. A good working configuration example can often save huge amounts of time and minimize the frustration that sometimes comes with implementing a feature that you’ve never used before.
Cisco Cookbook is not intended to replace the detailed feature documentation included in books such as Cisco IOS in a Nutshell (O’Reilly) or information available on Cisco’s web site (http://www.cisco.com). While we don’t have the space to provide details about how particular protocols actually work, you can find this information in the Internet Engineering Task Force (IETF) Request for Comment (RFC) documents and a wide variety of books.
Instead, this book is a complement to those sources of information. They will tell you what a routing protocol is, how it works, and which command turns it on. Cisco Cookbook will help you select the right routing protocol and configure it in the most efficient way for your network.
This book includes a collection of sample router configurations and scripts that we have found useful in real-world networks. It also includes, wherever possible, our advice on what features to use in which situations, and how to use them most effectively. There are many common mistakes that we have seen before, and we want to help you to avoid making them.
All of the recipes in this book should work with IOS levels 11.3, 12.0, 12.1, 12.2, and 12.3. And, except where noted, they should run on any Cisco router platform. We have indicated when we use features that are only available with certain release levels or code sets, and in some cases offered workarounds for older versions. It is also important to remember that most of the recipes will work not only with Cisco routers, but also with any Catalyst switches that run IOS (but unfortunately not CatOS switches). In particular, all of the recipes that pertain to AAA, security, syslog, and SNMP should work well on these devices.
We welcome feedback from our readers. If you have comments, suggestions or ideas for other recipes, please let us know. If there are future editions of the Cisco Cookbook, we will include any suggestions that we think are especially useful. You can reach us at: [email protected] or [email protected].
Organization
As the name suggests, Cisco Cookbook is organized as a series of recipes. Each recipe begins with a problem statement that describes a common situation that you might face. After each problem statement is a brief solution that shows a sample router configuration or script that you can use to resolve that particular problem. A discussion section then describes the solution, how it works, and when you should or should not use it.
We have tried to construct the recipes so that you should be able to turn directly to the one that addresses your specific problem and find a useful solution without needing to read the entire book. If the solution includes terms or concepts that you are not familiar with, the chapter introductions should help bridge the gap. Many recipes refer to other recipes or chapters that discuss related topics. We have also included a variety of references to other sources in case you need more background information on a particular subject.
The chapters are organized by the feature or protocol discussed. If you are looking for information on a particular feature such as NAT, NTP, or SNMP, you can turn to that chapter and find a variety of related recipes. Most chapters list basic problems first, and any unusual or complicated situations last. But there are some exceptions to this, where we have opted instead to group related recipes together.
What’s in This Book
The first four chapters cover what would be considered essential system administration functions if a router were a server. Chapter 1 covers router configuration and file management issues. In Chapter 2, we turn to useful router management tricks such as command aliases, using CDP and DNS, tuning buffers, and creating exception dumps. This chapter ends with a set of four scripts that generate various useful reports to help you manage your routers. Chapter 3 discusses user access and privileges on the router. Chapter 4 extends this discussion to using TACACS+ to provide centralized management of user access to your routers.
The next five chapters cover various aspects of IP routing. Chapter 5 looks at IP routing in general, including static routes and administrative distances. In Chapter 6, we focus on RIP, including both Versions 1 and 2. Chapter 7 looks at EIGRP, and Chapter 8 at OSPF. In Chapter 9, we discuss the BGP protocol, which controls all IP routing through the backbone of the Internet.
The remaining chapters all cover separate topics. We look at the popular Frame Relay WAN protocol in Chapter 10.
Chapter 11 discusses queuing and congestion. This chapter also examines various IP Quality of Service issues.
In Chapter 12, we look at IP tunnels and VPNs. This chapter includes a discussion of Cisco’s IPSec implementation.
We turn to issues related to dial backup in Chapter 13.
In Chapter 14, we look at time. We include a relatively detailed discussion of the NTP protocol, which you can use to synchronize the clocks of all of your routers. You can then use them as time sources for other equipment, including application servers on your network.
Chapter 15 is primarily concerned with configuring the DLSw protocol. It also looks at SNA and SDLC protocols, which are often carried over IP networks using DLSw.
In Chapter 16, we show how to configure several of the most popular interface types on a Cisco router.
Chapters Chapter 17 and Chapter 18 look at the closely related issues of network management and logging. In Chapter 17, we discuss SNMP in particular. This chapter includes several router configuration examples to use with SNMP, as well as a number of scripts that you can use to help manage your Cisco equipment. Chapter 18 looks at issues related to managing the router’s event logs, as well how to use the syslog protocol to send these log messages to a central server.
It’s impossible to do much on a Cisco router without having a good understanding of access lists. There are several different kinds of access lists, and Chapter 19 shows several useful and interesting applications of the various IP-specific access lists.
In Chapter 20, we look at DHCP. Routers usually just act as DHCP proxy devices, but we also show how to use the router as a DHCP server, or even as a client.
Chapter 21 talks about NAT, which allows you to use private IP addresses and resolve conflicting address ranges between networks.
One of the best ways to build a fault tolerant LAN is to configure two or more routers to share a single IP address using HSRP. We show several different HSRP configurations in Chapter 22.
In Chapter 23, we look at how to implement multicast routing functionality on a Cisco router.
We also include two appendixes. Appendix A discusses the various external software tools that we use throughout the book, and shows how to obtain your own copies of these packages. Appendix B gives some helpful background on IP Quality of Service and the various queueing algorithms that you can use on Cisco routers.
Conventions
The following formatting conventions are used throughout this book:
Italic is used for commands, file names, directories, script variables, keywords, emphasis, technical terms, and Internet domain names.
Constant widthis used for code sections, interface names, and IP addresses.Constant width italicis used for replaceable text.Constant width boldis used for user input and emphasis within code.Constant width bold italic
Comments and Questions
Please address comments and questions about this book to the publisher:
O’Reilly & Associates, Inc.
1005 Gravenstein Highway North
Sebastopol, CA 95472
(800) 998-9938 (in the United States or Canada)
(707) 829-0515 (international/local)
(707) 829-0104 (fax)
There is a web page for this book, which lists errata, examples, or any additional information. You can access this page at:
http://www.oreilly.com/catalog/ciscockbk/
To comment or ask technical questions about this book, send email to:
For more information about books, conferences, Resource Centers, and the O’Reilly Network, see the O’Reilly web site at:
Acknowledgments
Writing this book was a huge project, and we are grateful that so many people helped us in different ways. We want to extend particularly large thanks to John Karek for helping to set up the lab environment that we used to testing recipes; Jackman Chan, who ran some of the more obscure and difficult debugging traces for us; and to David Close of Cisco Canada, who very generously loaned us equipment at a critical phase.
Everybody at O’Reilly was great to work with. We particularly appreciate the hard work of our editors, Jim Sumser, Mike Loukides, and Phil Dangler. They encouraged us as we wrote. And, when we were done writing, they wrestled the results into something we all could be proud of. Jessamyn Read did a great job with the figures, and we were completely thrilled with Ellie Volckhausen’s cover art.
We had three technical reviewers for this book, and they each made a huge contribution by both pointing out our errors and making useful suggestions on how to present the material. Peter Rybaczyk and Ravi Malhotra both showed incredible breadth and depth of knowledge of Cisco routers and networking in general, as well as offering help with the overall structure and flow of the book. And we leaned very heavily on Iljitsch van Beijnum for help with the BGP chapter.
Kevin Dooley
There is a lot more to writing a book than just the writing. I would like to thank Sherry Biscope, who has now survived my writing two books. And, midway through this one, she almost crazily agreed to marry me. But she did far more than merely survive. She encouraged and prodded, she made time and space for this book, and she barely complained at all when piles of books, papers, routers, and cables took over the living room. And thanks also to Ginger the beagle who slept in the big comfy chair throughout the writing of this book, always within petting distance, usually very forgiving of the delays in walks and dinner time.
Ian J. Brown
I would like to thank my beautiful wife, Lisa, who supported me unconditionally throughout this project, and in doing so, became the sole caregiver to our young children. Without your assistance and encouragement, this book would never have happened. Special thanks also to my son, Ethan, and daughter, Darby, who endured many evenings without a father. You mean the world to me and I will love you always and forever. I would also like to thank Alan Morewood, who inspired more than one section of this book.