{"id":3910,"date":"2023-01-15T09:48:55","date_gmt":"2023-01-15T09:48:55","guid":{"rendered":"https:\/\/davidpapkin.com\/?page_id=3910"},"modified":"2025-07-13T14:25:02","modified_gmt":"2025-07-13T14:25:02","slug":"networking-links","status":"publish","type":"page","link":"https:\/\/davidpapkin.com\/?page_id=3910","title":{"rendered":"Networking links"},"content":{"rendered":"\n<p><em>This page by David Mark Papkin shows useful network links<\/em><\/p>\n\n\n\n<p><a href=\"https:\/\/www.netacad.com\/\">Enroll in Cisco Networking Academy<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/training-events\/training-certifications\/exams\/current-list\/ccna-200-301.html\" target=\"_blank\" rel=\"noreferrer noopener\">CCNAX 200-301 exam<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/learningcontent.cisco.com\/documents\/marketing\/study-plans\/2022_CCNAExam_StudyTool.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">200-301 CCNA Exam Topics Study Tool<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/learningnetworkstore.cisco.com\/cisco-study-bundles\/ccna-exam-safeguard-offer\/EX-SG-CCNA-027329.html\" target=\"_blank\" rel=\"noreferrer noopener\">CCNA Exam Safeguard<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/training-events\/training-certifications\/certifications.html\" target=\"_blank\" rel=\"noreferrer noopener\">Cisco Certifications<\/a><\/p>\n\n\n\n<p><strong><a href=\"https:\/\/learningnetwork.cisco.com\/s\/packet-tracer-alternative-lab-solutions\" target=\"_blank\" rel=\"noreferrer noopener\">Cisco Labs options<\/a><\/strong><\/p>\n\n\n\n<p>Packet Tracer<\/p>\n\n\n\n<p><strong>Packet Tracer<\/strong>&nbsp;is a free network simulator tool for certification exam preparation, particularly for CCNA students. It\u2019s available directly through the Cisco Networking Academy. Download and install the Packet Tracer software by signing up for the Introduction to Packet Tracer course, which teaches you the basics of using the tool.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.netacad.com\/courses\/packet-tracer\">Download Packet Tracer here<\/a><\/p>\n\n\n\n<p><strong>Cisco Learning Labs<\/strong>&nbsp;offer you a chance to practice lab exercises on a virtual lab topology hosted by Cisco and grouped according to the certification exam for which you\u2019re studying. When you choose an exam, you can purchase the rights to practice lab exercises for topics on that exam. During a three-month access, you can use a virtual lab pod to run real IOS (routers and switches).<\/p>\n\n\n\n<p><a href=\"https:\/\/learningnetworkstore.cisco.com\/cisco-learning-labs\">Purchase Cisco Learning Labs here<\/a><\/p>\n\n\n\n<p><strong>Cisco Modeling Labs<\/strong>&nbsp;is an on-premise network simulation tool that runs on workstations and servers and lets you easily simulate Cisco and non-Cisco networks using real Cisco images. This gives you highly reliable models for designing, testing, and troubleshooting. Compared to building out real-world labs, Cisco Modeling Labs returns results faster, more easily, and for a fraction of the cost.<\/p>\n\n\n\n<p><a href=\"https:\/\/learningnetworkstore.cisco.com\/cisco-modeling-labs-personal\">Purchase Cisco Modeling Labs \u2013 Personal here<\/a><\/p>\n\n\n\n<p>Collaboration Certifications Roadmap Webinar<\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/training-events\/training-certifications\/certifications\/professional\/ccnp-collaboration-v2.html\">https:\/\/www.cisco.com\/c\/en\/us\/training-events\/training-certifications\/certifications\/professional\/ccnp-collaboration-v2.html<\/a><\/p>\n\n\n\n<h5 class=\"wp-block-heading\">Shows config and lists different syslog levels<\/h5>\n\n\n\n<p><a href=\"https:\/\/www.davidpapkin.net\/configuring-system-message-logging\/\" target=\"_blank\" rel=\"noreferrer noopener\">Configuring System Message Logging (Cisco)<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/routers\/access\/wireless\/software\/guide\/SysMsgLogging.html\" target=\"_blank\" rel=\"noreferrer noopener\">Configure System Logging (Cisco link)<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.davidpapkin.net\/configuring-cisco-ios-to-automatically-save-the-running-configuration-to-a-tftp-server-on-save\/\" target=\"_blank\" rel=\"noreferrer noopener\">Configuring Cisco IOS to automatically save the running configuration to a tftp server on save<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/supportforums.cisco.com\/blog\/150396\/booting-cisco-router-tftp-server\">Booting Cisco Router from a TFTP server<\/a><\/p>\n\n\n\n<p><a href=\"http:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/routers\/10000-series-routers\/50421-config-register-use.html\">Use of the Configuration Register on All Cisco Routers<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.davidpapkin.net\/understanding-cisco-auto-archive-feature-to-backup-configuration-file\/\" target=\"_blank\" rel=\"noreferrer noopener\">Understanding Cisco Auto Archive Feature to Backup Configuration File<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/davidpapkin.net\/adjust-administrative-distance-for-route-selection-in-cisco-ios-routers\/\">Adjust Administrative Distance for Route Selection in Cisco IOS Routers<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.davidpapkin.net\/interface-and-line-numbers-in-cisco-routers\/\">Interface and Line Numbers in Cisco Routers<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/lan-switching\/spanning-tree-protocol\/69980-errdisable-recovery.html\">Errdisable Port State Recovery on the Cisco IOS Platforms<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/ios-nx-os-software\/ios-software-releases-122-mainline\/15096-idb-limit.html\">Maximum Number of Interfaces and Subinterfaces for Cisco IOS Routers: IDB Limits<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/en\/US\/docs\/ios\/12_2\/dial\/configuration\/guide\/daficl_external_docbase_0900e4b18075407b_4container_external_docbase_0900e4b1807543f3.html\" target=\"_blank\" rel=\"noreferrer noopener\">Overview of Dial Interfaces, Controllers, and Lines<\/a><\/p>\n\n\n\n<p><strong>Access Lists<\/strong><\/p>\n\n\n\n<p>Standard Access Lists \u2013 Filters bases on Source Address and Wildcard mask<\/p>\n\n\n\n<p>Extended Access Lists \u2013 Filters based Source Address, Destination Address, Wildcard mask, Protocol and Port.<\/p>\n\n\n\n<p><strong>Ansible<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/developer.cisco.com\/learning\/labs\/ansible-03_ansible-hands-on\/ansible-hands-on\/\">https:\/\/developer.cisco.com\/learning\/labs\/ansible-03_ansible-hands-on\/ansible-hands-on\/<\/a><\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-4-3 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Deep Dive - Ansible Network Automation - Config Backup and Restore\" width=\"700\" height=\"525\" src=\"https:\/\/www.youtube.com\/embed\/dfRzfkbmx-A?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p><strong>APIPA&nbsp;<\/strong>&nbsp;<strong>\u2013&nbsp;<\/strong>Automatic Private IP Addressing (APIPA)&nbsp;was developed by Microsoft as a<br>means for clients that could not contact a DHCP server to communicate on the<br>local network anyway. If a Windows host does not receive a response from a DHCP<br>server within a given time frame, it selects an address at random from the range<br>169.254.1.1 to 169.254.254.254.<br>These addresses are from one of the address ranges reserved for private addressing<br>(169.254.0.0\/16). The first and last subnets are supposed to be unused.<br>This type of addressing is referred to as link local in standards documentation<br>(RFC 3927).<br>APIPA has no mechanism for assigning default gateway or DNS server addresses.<br>Hosts using APIPA are restricted to communicating on the local network&nbsp;<\/p>\n\n\n\n<p><strong>Cabling<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.universalnetworks.co.uk\/faq\/what-does-utp-s-utp-ftp-stp-and-sftp-mean\/\" target=\"_blank\" rel=\"noreferrer noopener\">WHAT DOES UTP, S\/UTP, FTP, STP AND SFTP MEAN?<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/blog.tripplite.com\/what-is-the-difference-between-shielded-and-unshielded-network-cables\" target=\"_blank\" rel=\"noreferrer noopener\">What is the difference between shielded and unshielded network cables<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/security\/asa\/hw\/maintenance\/5585guide\/5585Xhw\/pinouts.pdf\">Cisco Cable Pinouts ( rollover , aux , Ethernet )<\/a><\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><a href=\"https:\/\/en.wikipedia.org\/wiki\/ISO\/IEC_11801\" target=\"_blank\" rel=\"noreferrer noopener\">ISO\/IEC_11801 wiring standards<\/a><\/pre>\n\n\n\n<p><a href=\"https:\/\/tripplite.eaton.com\/products\/ethernet-cable-types\">https:\/\/tripplite.eaton.com\/products\/ethernet-cable-types<\/a><\/p>\n\n\n\n<figure id=\"table-category-cable-summary\" class=\"wp-block-table\"><table><thead><tr><th>Category<\/th><th>Max. Data Rate<\/th><th>Bandwidth<\/th><th>Max. Distance<\/th><th>Usage<\/th><\/tr><\/thead><tbody><tr><td>Category 1<\/td><td>1 Mbps<\/td><td>0.4 MHz<\/td><td>&nbsp;<\/td><td>Telephone and modem lines<\/td><\/tr><tr><td>Category 2<\/td><td>4 Mbps<\/td><td>4 MHz<\/td><td>&nbsp;<\/td><td>LocalTalk &amp; Telephone<\/td><\/tr><tr><td>Category 3<\/td><td>10 Mbps<\/td><td>16 MHz<\/td><td>100 m (328 ft.)<\/td><td>10BaseT Ethernet<\/td><\/tr><tr><td>Category 4<\/td><td>16 Mbps<\/td><td>20 MHz<\/td><td>100 m (328 ft.)<\/td><td>Token Ring<\/td><\/tr><tr><td>Category 5<\/td><td>100 Mbps<\/td><td>100 MHz<\/td><td>100 m (328 ft.)<\/td><td>100BaseT Ethernet<\/td><\/tr><tr><td>Category 5e<\/td><td>1 Gbps<\/td><td>100 MHz<\/td><td>100 m (328 ft.)<\/td><td>100BaseT Ethernet, residential homes<\/td><\/tr><tr><td>Category 6<\/td><td>1 Gbps<\/td><td>250 MHz<\/td><td>100 m (328 ft.)<br>10Gb at 37 m (121 ft.)<\/td><td>Gigabit Ethernet, commercial buildings<\/td><\/tr><tr><td>Category 6a<\/td><td>10 Gbps<\/td><td>500 MHz<\/td><td>100 m (328 ft.)<\/td><td>Gigabit Ethernet in data centers and commercial buildings<\/td><\/tr><tr><td>Category 7<\/td><td>10 Gbps<\/td><td>600 MHz<\/td><td>100 m (328 ft.)<\/td><td>10 Gbps Core Infrastructure<\/td><\/tr><tr><td>Category 7a<\/td><td>10 Gbps<\/td><td>1000 MHz<\/td><td>100 m (328 ft.)<br>40Gb at 50 m (164 ft.)<\/td><td>10 Gbps Core Infrastructure<\/td><\/tr><tr><td>Category 8<\/td><td>25 Gbps (Cat8.1)<br>40 Gbps (Cat8.2)<\/td><td>2000 MHz<\/td><td>30 m (98 ft.)<\/td><td>25 Gbps\/40 Gbps Core Infrastructurezxccc&nbsp;<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p><a href=\"https:\/\/blogs.cisco.com\/sp\/fiberopticspt2singlemultifiber\">Fiber Optics Part 2: Single-Mode Fiber vs. Multi-Mode-Fiber<\/a><\/p>\n\n\n\n<p><a href=\"http:\/\/www.cableorganizer.com\/telecom-datacom\/connectors.htm\">Differences between T568A and T568B explained<\/a><\/p>\n\n\n\n<p><a href=\"http:\/\/pinoutguide.com\/Net\/poe_pinout.shtml\">Power over Ethernet (POE) pinout<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.ppc-online.com\/blog\/fiber-connectors-whats-the-difference\">https:\/\/www.ppc-online.com\/blog\/fiber-connectors-whats-the-difference<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cablematters.com\/Blog\/Networking\/fiber-optic-connector-types\">https:\/\/www.cablematters.com\/Blog\/Networking\/fiber-optic-connector-types<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/tmgmatrix.cisco.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Cisco Optics-to-Device Compatibility Matrix<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.youtube.com\/watch?v=SE54ILAoerQ\" target=\"_blank\" rel=\"noreferrer noopener\">How to use a punchdown tool video (very good!!!)<\/a><\/p>\n\n\n\n<p><strong>Configuration Monitoring<\/strong><\/p>\n\n\n\n<p>Configuration management tools can monitor device configurations to discover when the<br>device configuration differs from the intended ideal configuration, and then either reconfigure the device or notify the network engineering staff to make the change<\/p>\n\n\n\n<p><strong>CRUD and HTTP Verbs<\/strong><\/p>\n\n\n\n<p>The software industry uses a memorable acronym\u2014<strong><em>CRUD<\/em><\/strong>\u2014for the four primary actions performed by an application.<\/p>\n\n\n\n<p><strong>Create:&nbsp;<\/strong>Allows the client to create some new instances of variables and data structures at the server and initialize their values as kept at the server<br><strong>Read:&nbsp;<\/strong>Allows the client to retrieve (read) the current value of variables that exist at the server, storing a copy of the variables, structures, and values at the client<br><strong>Update:&nbsp;<\/strong>Allows the client to change (update) the value of variables that exist at the server<br><strong>Delete:&nbsp;<\/strong>Allows the client to delete from the server different instances of data variables<\/p>\n\n\n\n<p>For example, using the northbound REST API of a DNA controller (See Cisco Software-Defined Access (SDA),\u201d for info)&nbsp; you might want to create something, like a new security policy. From a programming perspective, the security policy exists as a related set of configuration settings on the DNA controller, internally represented by variables. To do that, a REST client application would use a&nbsp;<strong>C<\/strong><strong>reate<\/strong>&nbsp;action, using the DNA Center RESTful API, that created variables on the DNA Controller via the DNA Center REST API.<\/p>\n\n\n\n<p>HTTP uses verbs that mirror CRUD actions. HTTP defines the concept of an HTTP request and reply, with the client sending a request and with the server answering back with a reply.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignleft\"><a href=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2021\/04\/crudhttp.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"60\" src=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2021\/04\/crudhttp-300x60.jpg\" alt=\"\" class=\"wp-image-3600\" srcset=\"\/wp-content\/uploads\/2021\/04\/crudhttp-300x60.jpg 300w, \/wp-content\/uploads\/2021\/04\/crudhttp.jpg 633w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/figure><\/div>\n\n\n\n<p>Each request\/reply lists an action verb in the HTTP request header, which defines the HTTP action. The HTTP messages also include a URI, which identifies the resource being manipulated for this request. As always, the HTTP message is carried in IP and TCP, with headers and data, as seen below.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignleft\"><a href=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2021\/04\/Crudandhttpverbs-1.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"101\" src=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2021\/04\/Crudandhttpverbs-1-300x101.jpg\" alt=\"\" class=\"wp-image-3588\" srcset=\"\/wp-content\/uploads\/2021\/04\/Crudandhttpverbs-1-300x101.jpg 300w, \/wp-content\/uploads\/2021\/04\/Crudandhttpverbs-1.jpg 506w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/figure><\/div>\n\n\n\n<p><strong>DHCP<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/ios-xml\/ios\/ipaddr_dhcp\/configuration\/15-mt\/dhcp-15-mt-book\/config-dhcp-server.html\">Cisco IP Addressing: DHCP Configuration Guide<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/networklessons.com\/cisco\/ccie-routing-switching\/dhcp-static-binding-on-cisco-ios\/\">DHCP Static Binding on Cisco IOS<\/a><\/p>\n\n\n\n<p><strong>CSMA\/CD<\/strong>&nbsp;\u2013&nbsp;<strong>Carrier Sense Multiple Access with Collision Detection<\/strong>. It is a network protocol used primarily in&nbsp;<strong>early Ethernet networks<\/strong>&nbsp;(especially&nbsp;<strong>10Base-T<\/strong>&nbsp;and&nbsp;<strong>10Base2<\/strong>&nbsp;Ethernet) to control access to a shared transmission medium (e.g., a coaxial cable or hub-based Ethernet).<\/p>\n\n\n\n<p>Breakdown of CSMA\/CD:<br><br>1.&nbsp;<strong>CS \u2013 Carrier Sense<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>What it means:<\/strong>&nbsp;Before a device attempts to send data, it&nbsp;<strong>listens to (senses)<\/strong>&nbsp;the network to check if another device is already transmitting.<\/li><li><strong>Purpose:<\/strong>&nbsp;Avoids transmission when the line is already busy.<\/li><\/ul>\n\n\n\n<p>2.&nbsp;<strong>MA \u2013 Multiple Access<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>What it means:<\/strong>&nbsp;Multiple devices are connected to and&nbsp;<strong>share the same communication medium<\/strong>.<\/li><li><strong>Implication:<\/strong>&nbsp;Any of the devices can try to send data at any time.<\/li><\/ul>\n\n\n\n<p>3.&nbsp;<strong>CD \u2013 Collision Detection<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>What it means:<\/strong>&nbsp;While transmitting, a device&nbsp;<strong>monitors the medium<\/strong>&nbsp;to detect if another device started transmitting at the same time (collision).<\/li><li><strong>If a collision is detected:<\/strong><ul><li>The devices&nbsp;<strong>stop transmitting<\/strong>&nbsp;immediately.<\/li><li>They wait for a&nbsp;<strong>random backoff time<\/strong>&nbsp;before trying again (using exponential backoff).<\/li><\/ul><\/li><\/ul>\n\n\n\n<p>Where CSMA\/CD Is Used:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><thead><tr><th>Used In<\/th><th>Notes<\/th><\/tr><\/thead><tbody><tr><td><strong>Classic Ethernet (10Base5, 10Base2, 10Base-T with hubs)<\/strong><\/td><td>Shared medium networks \u2013 prone to collisions<\/td><\/tr><tr><td><strong>Half-Duplex Ethernet<\/strong><\/td><td>Only one direction of traffic at a time; collisions are possible<\/td><\/tr><tr><td><strong>Legacy environments<\/strong><\/td><td>Mostly obsolete in modern full-duplex switched Ethernet networks<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p>Where CSMA\/CD Is NOT Used:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Modern switched Ethernet (Full-Duplex):<\/strong>&nbsp;No collisions occur because each device has a dedicated path to the switch.<\/li><li><strong>Wi-Fi (uses CSMA\/CA instead):<\/strong>&nbsp;Collision&nbsp;<em>Avoidance<\/em>&nbsp;is used due to different characteristics of wireless communication.<\/li><\/ul>\n\n\n\n<p><strong>DHCP Snooping<\/strong><\/p>\n\n\n\n<p>DHCP snooping is a feature that determines which devices attached to switch ports can respond to DHCP requests. DHCP snooping can be used to prevent unauthorised DHCP messages that contain information such as IP address-related data being provided to legitimate network devices.<\/p>\n\n\n\n<p>Enable DHCP Snooping Globally<\/p>\n\n\n\n<p>Router(config)#<strong>ip&nbsp;<\/strong><strong>dhcp<\/strong><strong>&nbsp;snooping<\/strong><\/p>\n\n\n\n<p>Configure DHCP server facing switch port as&nbsp;<strong>trusted<\/strong><\/p>\n\n\n\n<p>Router(config-if)#<strong>ip&nbsp;<\/strong><strong>dhcp<\/strong><strong>&nbsp;snooping trust<\/strong><\/p>\n\n\n\n<p>Configure Snooping rate limit ex: 100 pps<\/p>\n\n\n\n<p>Router(config-if)#<strong>ip&nbsp;<\/strong><strong>dhcp<\/strong><strong>&nbsp;snooping rate limit 100<\/strong><\/p>\n\n\n\n<p>Configure Snooping Database agent<\/p>\n\n\n\n<p>Router(config)#&nbsp;<strong>ip<\/strong>&nbsp;<strong>dhcp<\/strong><strong>&nbsp;snooping database tftp:\/\/10.1.1.1\/dir\/file<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/en\/US\/docs\/general\/Test\/dwerblo\/broken_guide\/snoodhcp.html\">https:\/\/www.cisco.com\/en\/US\/docs\/general\/Test\/dwerblo\/broken_guide\/snoodhcp.html<\/a><\/p>\n\n\n\n<p><strong>Dynamic ARP Inspection (DAI)<\/strong><\/p>\n\n\n\n<p>To prevent unauthorized Address Resolution Protocol , use&nbsp;<strong>Dynamic ARP Inspection (DAI)<\/strong><\/p>\n\n\n\n<p>To configure DAI<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">Step 1. Use the ip arp inspection vlan vlan-list global command to enable Dynamic\nARP Inspection (DAI) on the switch for the specified VLANs.\n\nStep 2. Separate from the DAI configuration, also configure DHCP Snooping and\/or\nARP ACLs for use by DAI.\n\nStep 3. Configure the ip arp inspection trust interface subcommand to override the\ndefault setting of not trusted.<\/pre>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/switches\/lan\/catalyst4500\/12-2\/25ew\/configuration\/guide\/conf\/dynarp.html#54805\" target=\"_blank\" rel=\"noreferrer noopener\">Dynamic ARP Inspection<\/a><\/p>\n\n\n\n<p><strong>Etherchannel<\/strong><\/p>\n\n\n\n<p><a href=\"http:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/switches\/catalyst-4000-series-switches\/23408-140.html\">Configuring Link aggregation with Etherchannel<\/a><\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>Increases bandwidth without upgrading equipment<\/li><li>Adds High Availability<\/li><li>Acts as 1 link to STP, so that multiple links stay active<\/li><li>Active \/ Active Load Balancing<\/li><li>Scalable<\/li><li>Most configuration tasks can be done on the EtherChannel interface instead of on each individual port, ensuring configuration consistency throughout the links.<\/li><\/ol>\n\n\n\n<p><strong>Event Prioritization and Alerting<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><thead><tr><th><strong>Event Prioritization<\/strong><\/th><th><strong>Alerting<\/strong><\/th><th><strong>Why It Matters<\/strong><\/th><\/tr><\/thead><\/table><\/figure>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>Determine event importance from devices<\/td><td>Automated alerts based on event severity<\/td><td>Prevents performance issues<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>Categorize events, Emergency (0) to Debug (7)<\/td><td>Triggered by event types, thresholds, or anomalies<\/td><td>Filters out non-critical alerts<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>Identify immediate action vs. informational events<\/td><td>Alerts need attention; notifications inform<\/td><td>Prioritizes critical events for system integrity<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p><strong>GRE<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.ciscopress.com\/articles\/article.asp?p=2803868&amp;seqNum=3\" target=\"_blank\" rel=\"noreferrer noopener\">How to configure GRE over an IPSec tunnel on routers<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.ciscopress.com\/articles\/article.asp?p=2803868&amp;seqNum=3\" target=\"_blank\" rel=\"noreferrer noopener\">IPSEC VPN<\/a><\/p>\n\n\n\n<p><strong>HTTP Headers \u2013&nbsp;<\/strong>used to pass additional information between the clients and the server through the&nbsp;request&nbsp;and&nbsp;response&nbsp;header. All the headers are case-insensitive, headers fields are separated by colon, key-value pairs in clear-text string format<strong>.<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.geeksforgeeks.org\/http-headers\/\">https:\/\/www.geeksforgeeks.org\/http-headers\/<\/a><\/p>\n\n\n\n<figure class=\"wp-block-image\"><a href=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2023\/12\/1702652422142-1.gif\"><img decoding=\"async\" src=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2023\/12\/1702652422142-1-788x1024.gif\" alt=\"\" class=\"wp-image-4676\"\/><\/a><\/figure>\n\n\n\n<p><a href=\"https:\/\/www.linkedin.com\/posts\/letsdefend_what-happens-when-you-type-a-url-into-a-browser-activity-7141441954822750209-MGVG?utm_source=share&amp;utm_medium=member_desktop\" target=\"_blank\" rel=\"noreferrer noopener\">What happens when you type a URL into a browser?<\/a><\/p>\n\n\n\n<p><strong>HSRP<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/switches\/lan\/catalyst3560\/software\/release\/12-2_25_se\/configuration\/guide\/3560scg\/swhsrp.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">Configure HSRP<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/solutions\/Enterprise\/Campus\/HA_campus_DG\/hacampusdg.html#wp1108489\">Cisco Campus Network for High Availability Design Guide<\/a><\/p>\n\n\n\n<p><a href=\"http:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/ip\/border-gateway-protocol-bgp\/15986-admin-distance.html\">Cisco What Is Administrative Distance?<\/a><\/p>\n\n\n\n<p><strong>Hypervisor<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.howtogeek.com\/796988\/how-to-install-linux-in-virtualbox\/\" target=\"_blank\" rel=\"noreferrer noopener\">How to Install Linux in VirtualBox<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.virtualbox.org\/wiki\/Downloads\">Downloads \u2013 Oracle VM VirtualBox<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/linuxhint.com\/install_apache_server_setup_virtual_hosts_ubuntu\/\" target=\"_blank\" rel=\"noreferrer noopener\">How to Install Apache Server and Set Up Virtual Hosts on Ubuntu 22.04<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.wikihow.com\/Install-VirtualBox\">https:\/\/www.wikihow.com\/Install-VirtualBox<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.virtualbox.org\/wiki\/End-user_documentation\" target=\"_blank\" rel=\"noreferrer noopener\">Virtual Box Documentation<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/helpdeskgeek.com\/virtualization\/how-to-fix-vt-x-is-not-available-verr_vmx-no-vmx-error-in-virtualbox\/#:~:text=Error%20in%20Windows%3F-,Fix%201%3A%20Enable%20VT%2DX%20From%20BIOS,x%20and%20VT%2Dd%20options.\">How to Fix \u201cVT-X Is Not Available (verr_vmx-No-Vmx)\u201d Error in VirtualBox<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/learn.microsoft.com\/en-us\/windows\/wsl\/install\" target=\"_blank\" rel=\"noreferrer noopener\">Install Linux on Windows with WSL<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/computingforgeeks.com\/install-kvm-hypervisor-on-ubuntu-linux\/\" target=\"_blank\" rel=\"noreferrer noopener\">How To Install KVM Hypervisor on Ubuntu 22.04|20.04<\/a><\/p>\n\n\n\n<p>MAC Hypervisor<\/p>\n\n\n\n<p>UTM&nbsp;<a href=\"https:\/\/mac.getutm.app\/\">https:\/\/mac.getutm.app<\/a><\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Install x86 x64 Windows 10 on an M1 or M2 Mac\" width=\"700\" height=\"394\" src=\"https:\/\/www.youtube.com\/embed\/D00iaBXOeO0?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p><strong>Intent-based Networking<\/strong><\/p>\n\n\n\n<p>SDN is a foundational building block of intent-based networking.&nbsp;<a href=\"https:\/\/www.cisco.com\/site\/us\/en\/products\/networking\/dna-center-platform\/index.html\">Cisco Catalyst Center&nbsp;<\/a>&nbsp;provides a single dashboard for managing and controlling the enterprise network.<\/p>\n\n\n\n<p>Tools of Cisco Catalyst Center<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li><strong>Discovery<\/strong>&nbsp;\u2013 Scans the network for new devices.<\/li><li><strong>Inventory<\/strong>&nbsp;\u2013 Provides inventory for new devices.<\/li><li><strong>Topology<\/strong>&nbsp;\u2013 Discover and map new devices to a physical topology.<\/li><li><strong>Image Repository<\/strong><\/li><li><strong>Command Runner<\/strong><\/li><li><strong>License Manager<\/strong><\/li><li><strong>Template Editor<\/strong><\/li><li><strong>Network Plug and Play<\/strong><\/li><li><strong>Telemetry<\/strong><\/li><li><strong>Data and Reports<\/strong><\/li><\/ol>\n\n\n\n<p><strong>IPv4<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/routers\/access\/800M\/software\/800MSCG\/routconf.html\">Configure IP address on Cisco router<\/a><\/p>\n\n\n\n<p><a href=\"http:\/\/www.ciscopress.com\/articles\/article.asp?p=2181836&amp;seqNum=4\">Configure Cisco switch settings<\/a><\/p>\n\n\n\n<p><strong>IPv6<\/strong><\/p>\n\n\n\n<p>IPv6 scope<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2022\/12\/ipv6scope.jpg\" alt=\"This image has an empty alt attribute; its file name is ipv6scope.jpg\"\/><\/figure>\n\n\n\n<p><a href=\"https:\/\/msdn.microsoft.com\/en-us\/library\/aa921042.aspx\">Microsoft IPv6 Addresses<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/ios\/ipv6\/configuration\/guide\/ipv6-xe-16-book-cat8000\/m_ip6-addrg-bsc-con.html\">Configuring IPv6<\/a><\/p>\n\n\n\n<p><strong>IP Phones<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/smb\/collaboration-endpoints\/cisco-ip-phone-6800-series\/access-the-web-page-of-a-6800-series-ip-phone.html\" target=\"_blank\" rel=\"noreferrer noopener\">How to Access the Web Configuration Page of a Cisco IP Phone 6800 Series<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/dam\/global\/fr_ca\/training-events\/pdfs\/Designing_An_Enterprise_IPT_Network.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">Designing an Enterprise IP Telephony Network<\/a><\/p>\n\n\n\n<p><strong>ISE<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-wp-embed is-provider-zindagi-technologies wp-block-embed-zindagi-technologies\"><div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"wp-embedded-content\" data-secret=\"VZuzzYzD6M\"><a href=\"https:\/\/zindagitech.com\/what-is-cisco-ise-and-its-personas\/\">What is CISCO ISE and its PERSONAS?<\/a><\/blockquote><iframe loading=\"lazy\" class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; clip: rect(1px, 1px, 1px, 1px);\" title=\"&#8220;What is CISCO ISE and its PERSONAS?&#8221; &#8212; Zindagi technologies\" src=\"https:\/\/zindagitech.com\/what-is-cisco-ise-and-its-personas\/embed\/#?secret=t5tmilkI7n#?secret=VZuzzYzD6M\" data-secret=\"VZuzzYzD6M\" width=\"600\" height=\"338\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe>\n<\/div><\/figure>\n\n\n\n<p><a href=\"https:\/\/www.routexp.com\/2019\/05\/introduction-to-secure-group-tagging-sgt.html\">https:\/\/www.routexp.com\/2019\/05\/introduction-to-secure-group-tagging-sgt.html<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.securew2.com\/blog\/eap-tls-vs-eap-ttls-pap\">https:\/\/www.securew2.com\/blog\/eap-tls-vs-eap-ttls-pap<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/switches\/lan\/catalyst9300\/software\/release\/16-6\/configuration_guide\/sec\/b_166_sec_9300_cg\/configuring_ieee_802_1x_port_based_authentication.html\" target=\"_blank\" rel=\"noreferrer noopener\">Configuring IEEE 802.1x Port-Based Authentication<\/a><\/p>\n\n\n\n<p><strong>Logging<\/strong><\/p>\n\n\n\n<p>Logging commands:<\/p>\n\n\n\n<p>Configure syslog<\/p>\n\n\n\n<p>logging&nbsp;host w.x.y.z \u2013 Log messages to a syslog server with IP address w.x.y.z<\/p>\n\n\n\n<p>logging trap informational<\/p>\n\n\n\n<p>Log terminal sessions<\/p>\n\n\n\n<p>terminal monitor \u2013 Log messages to a non console terminal session during the current session.<\/p>\n\n\n\n<p>show logging \u2013 Verify the \u201cterminal monitor\u201d command.<\/p>\n\n\n\n<p><strong>Loopback<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/routers\/access\/800M\/software\/800MSCG\/routconf.html#48525\">https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/routers\/access\/800M\/software\/800MSCG\/routconf.html#48525<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/study-ccna.com\/loopback-interface-loopback-address\/\">Understanding the Loopback Interface &amp; Loopback Address \u2013 Study CCNA (study-ccna.com)<\/a><\/p>\n\n\n\n<p><strong>Network Address Translation (NAT)<\/strong><\/p>\n\n\n\n<p>3 kinds ( Static, Dynamic and Overload )<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Static \u2013 1 to 1 mapping, requires a Public IP for EACH Private IP you want to translate.<\/li><li>Dynamic \u2013 Many to Many mapping, can use a pool of Public IP addresses to translate ANY Private IP mentioned in the access list.<\/li><li>Overload ( Pat ) \u2013 &nbsp;&nbsp; It translates many Private (local)l addresses into a single global address.<\/li><\/ul>\n\n\n\n<p>Advantages \u2013<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Reuse of private IP addresses<\/li><li>Enhancing security for private networks by keeping internal addressing private from the external network<\/li><li>Connecting a large number of hosts to the global Internet using a smaller number of public (external) IP address, thereby conserving IP address space.<\/li><\/ul>\n\n\n\n<p>Disadvantages \u2013<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>No end to end security<\/li><li>Performance<\/li><li>Application usage. Since hosts inside the network is unreachable at times, some applications tends to have compatibility issues with NAT. These applications depend on end to end functionality which the network fails to supply.&nbsp;<\/li><li>Protocol Usage.&nbsp;Since the value inside the headers are changed in NAT, tunneling protocols such as IPSec can be complicated to be used. Whenever the values inside the headers are modified, the integrity checks are interfered causing them to fail.<\/li><\/ul>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/ip\/network-address-translation-nat\/4606-8.html\" target=\"_blank\" rel=\"noreferrer noopener\">NAT: Local and Global Definitions<\/a><\/p>\n\n\n\n<p><strong>Network Architecture<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttps:\/\/www.ciscopress.com\/articles\/article.asp?p=2202410&#038;seqNum=4\n<\/div><\/figure>\n\n\n\n<p><strong>Three-tier Architecture<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Access layer<\/strong>: Provides workgroup\/user access to the network<\/li><li><strong>Distribution layer<\/strong>: Provides policy-based connectivity and controls the boundary between the access and core layers<\/li><li><strong>Core layer<\/strong>: Provides fast transport between distribution switches within the enterprise campus<\/li><\/ul>\n\n\n\n<p><strong>Spine&nbsp;and Leaf Architecture<\/strong>&nbsp;(two-tier)<\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/products\/collateral\/switches\/nexus-7000-series-switches\/white-paper-c11-737022.html\" target=\"_blank\" rel=\"noreferrer noopener\">Spine-and-Leaf Architecture: Design Overview White Paper<\/a><\/p>\n\n\n\n<p><strong>Network Diagram tools<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/online.visual-paradigm.com\/diagrams\/solutions\/free-network-diagram-software\/\">Visual Paradigm Online (VP Online) Free Edition<\/a><\/p>\n\n\n\n<p><a href=\"http:\/\/logicnet.dk\/DiagramDesigner\/\">Diagram Designer 1.29.5 FreeWare<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.techrepublic.com\/blog\/five-apps\/five-free-apps-for-diagramming-your-network\/\">Five free apps for diagramming your network<\/a><\/p>\n\n\n\n<p><strong>Network Management tools\/ NMS<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.solarwinds.com\/network-performance-monitor\">Network Performance Monitor (NPM)<\/a>&nbsp;Multi-vendor network monitoring that scales and expands with the needs of your network<br><a href=\"https:\/\/www.paessler.com\/prtg\">Paessler Router Traffic Grapher (PRTG)<\/a>&nbsp;Monitor all the systems, devices, traffic, and applications in your IT infrastructure.<br><a href=\"https:\/\/www.manageengine.com\/network-monitoring\/\">ManageEngine OpManager&nbsp;&nbsp;<\/a>Monitor routers, switches, firewalls, servers, and VMs for fault and performance<br><a href=\"https:\/\/www.whatsupgold.com\/\">WhatsUp Gold<\/a>&nbsp;provides complete visibility into the status and performance of applications, network devices and servers in the cloud or on-premises.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/site\/us\/en\/products\/networking\/dna-center-platform\/index.html#tabs-ca9b217826-item-1b113ceb83-tab\" target=\"_blank\" rel=\"noreferrer noopener\">Cisco DNA&nbsp;<\/a>a powerful network controller that resides on a physical appliance, with virtual appliance support to come in the future.<\/p>\n\n\n\n<p><a href=\"https:\/\/developer.cisco.com\/learning\/labs\/ansible-02_ansible-intro\/introduction-to-ansible\/\" target=\"_blank\" rel=\"noreferrer noopener\">Introduction to Ansible lab<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/puppet.com\">https:\/\/puppet.com<\/a><\/p>\n\n\n\n<p><strong>OSPF<\/strong><\/p>\n\n\n\n<p><strong>Q&nbsp;<\/strong>What two parameters must be configured for basic OSPF to work properly?<\/p>\n\n\n\n<p><strong>A&nbsp;<\/strong>Process ID and Area.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/ip\/open-shortest-path-first-ospf\/9237-9.html\">OSPF: Frequently Asked Questions<\/a><\/p>\n\n\n\n<p>Modifying OSPF cost.<\/p>\n\n\n\n<p>The default reference bandwidth used for calculating cost on CIsco routers is 100Mbps<\/p>\n\n\n\n<p>OSPF uses a simple formula to calculate the OSPF cost for an interface with this formula:<\/p>\n\n\n\n<p>cost = reference bandwidth \/ interface bandwidth<\/p>\n\n\n\n<p>However, if you have faster links in your network, such as gigabit Ethernet or OC-3 connections, OSPF can\u2019t give these links a better cost than 1. So you should set the reference bandwidth to at least as high as the fastest link in your network. In fact, you may want to set this value higher than the bandwidth of your fastest link to ensure that you don\u2019t have to reconfigure your whole network when you eventually upgrade<\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/m\/en_us\/techdoc\/dc\/reference\/cli\/nxos\/commands\/ospf\/auto-cost-ospf.html\">https:\/\/www.cisco.com\/c\/m\/en_us\/techdoc\/dc\/reference\/cli\/nxos\/commands\/ospf\/auto-cost-ospf.html<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.omnisecu.com\/cisco-certified-network-associate-ccna\/what-is-ospf-metric-value-cost-and-ospf-default-cost-reference-bandwidth.php#:~:text=The%20default%20Reference%20Bandwidth%20of,Gbps%20links%20are%20also%20common.\">What is OSPF Metric value Cost and OSPF default Cost Reference Bandwidth<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.oreilly.com\/library\/view\/cisco-ios-cookbook\/0596527225\/ch08s04.html\">Cisco IOS Cookbook, 2nd Edition by Kevin Dooley, Ian Brown<\/a><\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignleft\"><a href=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2021\/04\/modifyOSPFcost.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1232\" height=\"531\" src=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2021\/04\/modifyOSPFcost.png\" alt=\"\" class=\"wp-image-3609\" srcset=\"\/wp-content\/uploads\/2021\/04\/modifyOSPFcost.png 1232w, \/wp-content\/uploads\/2021\/04\/modifyOSPFcost-300x129.png 300w, \/wp-content\/uploads\/2021\/04\/modifyOSPFcost-1024x441.png 1024w, \/wp-content\/uploads\/2021\/04\/modifyOSPFcost-768x331.png 768w\" sizes=\"auto, (max-width: 1232px) 100vw, 1232px\" \/><\/a><\/figure><\/div>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignleft\"><a href=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2021\/04\/ospfcosttable.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"329\" src=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2021\/04\/ospfcosttable-1024x329.jpg\" alt=\"\" class=\"wp-image-3612\" srcset=\"\/wp-content\/uploads\/2021\/04\/ospfcosttable-1024x329.jpg 1024w, \/wp-content\/uploads\/2021\/04\/ospfcosttable-300x96.jpg 300w, \/wp-content\/uploads\/2021\/04\/ospfcosttable-768x247.jpg 768w, \/wp-content\/uploads\/2021\/04\/ospfcosttable.jpg 1316w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure><\/div>\n\n\n\n<p>DR\/BDR Election<\/p>\n\n\n\n<p><a href=\"https:\/\/study-ccna.com\/designated-backup-designated-router\/#:~:text=Two%20rules%20are%20used%20to,priority%20will%20become%20a%20DR.&amp;text=if%20there%20is%20a%20tie,ID%20will%20become%20a%20BDR.\">Designated &amp; Backup Designated Router<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.packetflow.co.uk\/ospf-the-dr-and-bdr-roles\/#:~:text=Within%20OSPF%2C%20the%20role%20of,same%2C%20multiaccess%20broadcast%20network%20segment.\">DR\/BDR Roles<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.freeccnaworkbook.com\/workbooks\/ccna\/configuring-per-interface-ospf\">Configuring Per Interface OSPF<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/ios-xml\/ios\/iproute_ospf\/configuration\/xe-3e\/iro-xe-3e-book\/iro-mode-ospfv2.pdf\">Enabling OSPFv2 on an Interface Basis<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/learningnetwork.cisco.com\/s\/question\/0D53i00000Kt0wr\/ospf-area-and-asn\" target=\"_blank\" rel=\"noreferrer noopener\">OSPF Area and ASN<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.ibm.com\/docs\/en\/i\/7.3?topic=concepts-ospf-routing-domain-areas\" target=\"_blank\" rel=\"noreferrer noopener\">Routing domains and Areas<\/a><\/p>\n\n\n\n<p><strong>Packet Tracer<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2021\/09\/packetracerlabs.zip\">packetracerlabs<\/a><\/p>\n\n\n\n<p><strong>Password Encryption<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/ios-xml\/ios\/security\/d1\/sec-d1-xe-3se-3850-cr-book\/sec-d1-xe-3se-3850-cr-book_chapter_010.html\">Enable secret password config<\/a><\/p>\n\n\n\n<p><strong>QOS<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/switches\/lan\/catalyst9400\/software\/release\/16-6\/configuration_guide\/qos\/b_166_qos_9400_cg\/b_166_qos_9400_cg_chapter_01.html\" target=\"_blank\" rel=\"noreferrer noopener\">Quality of Service (QoS) Configuration Guide<\/a><\/p>\n\n\n\n<p><strong><a href=\"https:\/\/help.sonicwall.com\/help\/sw\/eng\/7110\/26\/2\/4\/content\/Firewall_Managing_QoS.088.3.html\" target=\"_blank\" rel=\"noreferrer noopener\">802.1p and DSCP QoS<\/a><\/strong><\/p>\n\n\n\n<p><strong>RADIUS vs TACACS+<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><a href=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2022\/12\/8021x.jpg\"><img decoding=\"async\" src=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2022\/12\/8021x-1024x462.jpg\" alt=\"\" class=\"wp-image-4250\"\/><\/a><\/figure>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>&nbsp;<\/td><td>&nbsp;RADIUS<\/td><td>&nbsp;TACACS+<\/td><\/tr><tr><td>Protocol and Port(s) Used<\/td><td>UDP: 1812 &amp; 1813<br>-or- UDP: 1645 &amp; 1646<\/td><td>TCP: 49<\/td><\/tr><tr><td>Encryption<\/td><td>Encrypts only the Password Field<\/td><td>Encrypts the entire payload<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/security-vpn\/remote-authentication-dial-user-service-radius\/13838-10.html\">TACACS+ and RADIUS Comparison (Cisco)<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.networkworld.com\/article\/2838882\/radius-versus-tacacs.html\">RADIUS versus TACACS+<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/ios-xml\/ios\/sec_usr_tacacs\/configuration\/xe-16\/sec-usr-tacacs-xe-16-book\/sec-cfg-tacacs.html\">TACACS+ Configuration Guide<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2022\/03\/Configuring-Network-Device-Managementswitch1and2.zip\" target=\"_blank\" rel=\"noreferrer noopener\">Configuring Network Device Management lab solution<\/a><\/p>\n\n\n\n<p><strong>REST-Based APIs<\/strong><\/p>\n\n\n\n<p>REST is acronym for&nbsp;<strong>RE<\/strong>presentational&nbsp;<strong>S<\/strong>tate&nbsp;<strong>T<\/strong>ransfer<\/p>\n\n\n\n<p>Applications use application programming interfaces (APIs) to communicate.<\/p>\n\n\n\n<p>API is an&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/Interface_(computing)\">interface<\/a>&nbsp;that defines interactions between multiple&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/Software_application\">software applications<\/a>&nbsp;or mixed&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/Computer_hardware\">hardware<\/a>-software intermediaries. A set of functions that allows applications to access data and interact with external software<\/p>\n\n\n\n<p><a href=\"https:\/\/en.wikipedia.org\/wiki\/API\">https:\/\/en.wikipedia.org\/wiki\/API<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/developer.cisco.com\/learning\/modules\/rest-api-fundamentals\/dne-hands-on-rest-apis\/hands-on-exercises-with-rest-apis\/\">https:\/\/developer.cisco.com\/learning\/modules\/rest-api-fundamentals\/dne-hands-on-rest-apis\/hands-on-exercises-with-rest-apis\/<\/a><\/p>\n\n\n\n<p>REST APIs follow a set of foundational rules about what makes a REST API and what does not.&nbsp; REST APIs include the six attributes defined a few decades Roy Fielding. See&nbsp;<a href=\"https:\/\/restfulapi.net\/\">https:\/\/restfulapi.ne<\/a>t.<\/p>\n\n\n\n<p>Those six attributes are<\/p>\n\n\n\n<p>\u25a0 Client\/server architecture<\/p>\n\n\n\n<p>\u25a0 Stateless operation<\/p>\n\n\n\n<p>\u25a0 Clear statement of cacheable\/uncacheable<\/p>\n\n\n\n<p>\u25a0 Uniform interface<\/p>\n\n\n\n<p>\u25a0 Layered<\/p>\n\n\n\n<p>\u25a0 Code-on-demand<\/p>\n\n\n\n<p><strong>REST APIs and HTTP<\/strong><\/p>\n\n\n\n<p>The creators of REST-based APIs often choose HTTP because HTTP\u2019s logic matches some of the concepts defined more generally for REST APIs. HTTP uses the same principles as REST: it operates with a client\/server model; it uses a stateless operational model; and it includes headers that clearly mark objects as cacheable or not cacheable. It also includes<\/p>\n\n\n\n<p>verbs\u2014words that dictate the desired action for a pair HTTP Request and Reply\u2014which matches how applications like to work.<\/p>\n\n\n\n<p><strong>Routing<\/strong><\/p>\n\n\n\n<p><a href=\"http:\/\/ipcisco.com\/bgp-part-1\/\">Understanding BGP<\/a><\/p>\n\n\n\n<p><a href=\"http:\/\/www.omnisecu.com\/cisco-certified-network-associate-ccna\/what-is-ospf-metric-value-cost-and-ospf-default-cost-reference-bandwidth.php\">What is OSPF cost<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/ip\/ip-routed-protocols\/113153-adjust-ad-00.html\">Adjust Administrative Distance for Route Selection in Cisco IOS Routers<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.inetdaemon.com\/tutorials\/internet\/ip\/routing\/bgp\/autonomous_system_number.shtml\">eBGP ASN numbers<\/a><\/p>\n\n\n\n<p><strong>SDN&nbsp;<\/strong><\/p>\n\n\n\n<p>A controller, or SDN controller, centralizes the control of the networking devices. The<br>degree of control, and the type of control, varies widely.<\/p>\n\n\n\n<p>In a controller-based network architecture, the controller needs to communicate to the networking devices. The 2 APIs interfaces needed are:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>The&nbsp; interface between the controller and those devices, &nbsp;is the&nbsp;<strong>southbound interface (SBI).<\/strong><\/li><li>A controller\u2019s&nbsp;<strong>northbound interface (NBI)<\/strong>&nbsp;opens the controller so its data and functions can<br>be used by other programs, enabling network programmability, with much quicker development<\/li><\/ul>\n\n\n\n<p><a href=\"https:\/\/www.baeldung.com\/cs\/network-traffic-north-south-east-west\">https:\/\/www.baeldung.com\/cs\/network-traffic-north-south-east-west<\/a><\/p>\n\n\n\n<p><strong>SDWAN<\/strong><\/p>\n\n\n\n<p>The primary components for the Cisco SD-WAN solution consist of the&nbsp;<strong>vManage network management system (management plane)<\/strong>, the vSmart controller (control plane), the vBond orchestrator (orchestration plane), and the vEdge router (data plane).<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>vManage<\/strong>&nbsp;\u2013 This centralized network management system provides a GUI interface to easily monitor, configure, and maintain all Cisco SD-WAN devices and links in the underlay and overlay network.<\/li><li><strong>vSmart<\/strong>&nbsp;controller \u2013 This software-based component is responsible for the centralized control plane of the SD-WAN network. It establishes a secure connection to each vEdge router and distributes routes and policy information via the Overlay Management Protocol (OMP), acting as a route reflector. It also orchestrates the secure data plane connectivity between the vEdge routers by distributing crypto key information, allowing for a very scalable, IKE-less architecture.<\/li><li><strong>vBond<\/strong>&nbsp;orchestrator \u2013 This software-based component performs the initial authentication of vEdge devices and orchestrates vSmart and vEdge connectivity. It also has an important role in enabling the communication of devices that sit behind Network Address Translation (NAT).<\/li><li><strong>vEdge<\/strong>&nbsp;router \u2013 This device, available as either a hardware appliance or software-based router, sits at a physical site or in the cloud and provides secure data plane connectivity among the sites over one or more WAN transports. It is responsible for traffic forwarding, security, encryption, Quality of Service (QoS), routing protocols such as Border Gateway Protocol (BGP) and Open Shortest Path First (OSPF), and more.<\/li><\/ul>\n\n\n\n<p>Reference:&nbsp;<a href=\"https:\/\/www.cisco.com\/c\/dam\/en\/us\/td\/docs\/solutions\/CVD\/SDWAN\/CVD-SD-WAN-Design-2018OCT.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.cisco.com\/c\/dam\/en\/us\/td\/docs\/solutions\/CVD\/SDWAN\/CVD-SD-WAN-Design-2018OCT.pdf<\/a><\/p>\n\n\n\n<p><strong>SNMP<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/ios-xml\/ios\/snmp\/configuration\/xe-3se\/3850\/snmp-xe-3se-3850-book\/nm-snmp-snmpv3.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">Cisco SNMP v3<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/switches\/lan\/catalyst2960\/software\/release\/12-2_55_se\/configuration\/guide\/scg_2960\/swsnmp.html?dtid=osscdc000283\">How to Configure SNMP<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/ip\/simple-network-management-protocol-snmp\/7282-12.html\">How to Configure SNMP Community Strings<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/kb.paessler.com\/en\/topic\/653-how-do-snmp-mibs-and-oids-work\">https:\/\/kb.paessler.com\/en\/topic\/653-how-do-snmp-mibs-and-oids-work<\/a><\/p>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p><strong>6 SNMP Messages<\/strong><\/p>\n\n\n\n<p>1.&nbsp;<strong>GetRequest<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Function:<\/strong>&nbsp;Retrieves the value of a specific variable (OID) from an SNMP agent.<\/li><li><strong>Used by:<\/strong>&nbsp;SNMP Manager<\/li><li><strong>Purpose:<\/strong>&nbsp;To query the status or value of a device attribute, like CPU usage or interface status.<\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p>2.&nbsp;<strong>GetNextRequest<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Function:<\/strong>&nbsp;Retrieves the value of the next variable in the Management Information Base (MIB) tree.<\/li><li><strong>Used by:<\/strong>&nbsp;SNMP Manager<\/li><li><strong>Purpose:<\/strong>&nbsp;Used for iterating through MIB objects, often to walk through a list (e.g., interfaces, routes).<\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p>3.&nbsp;<strong>GetBulkRequest<\/strong>&nbsp;(SNMPv2 and above)<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Function:<\/strong>&nbsp;Retrieves large blocks of data, such as tables, more efficiently than repeated GetNext requests.<\/li><li><strong>Used by:<\/strong>&nbsp;SNMP Manager<\/li><li><strong>Purpose:<\/strong>&nbsp;Reduces overhead by fetching multiple rows of data in one request.<\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p>4.&nbsp;<strong>SetRequest<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Function:<\/strong>&nbsp;Sets or changes the value of a variable on an SNMP agent.<\/li><li><strong>Used by:<\/strong>&nbsp;SNMP Manager<\/li><li><strong>Purpose:<\/strong>&nbsp;To configure device settings, such as enabling\/disabling an interface.<\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p>5.&nbsp;<strong>Response<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Function:<\/strong>&nbsp;Carries the data or acknowledgment from the agent to the manager in reply to Get, Set, or other requests.<\/li><li><strong>Used by:<\/strong>&nbsp;SNMP Agent<\/li><li><strong>Purpose:<\/strong>&nbsp;Confirms or denies the success of the manager\u2019s request and returns the requested data.<\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p>6.&nbsp;<strong>Trap<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Function:<\/strong>&nbsp;An unsolicited message from the agent to the manager indicating a significant event.<\/li><li><strong>Used by:<\/strong>&nbsp;SNMP Agent<\/li><li><strong>Purpose:<\/strong>&nbsp;To alert the manager of events like link failures, high CPU usage, or unauthorized access.<\/li><\/ul>\n\n\n\n<p>The&nbsp;<strong>6 SNMP (Simple Network Management Protocol) messages<\/strong>\u2014also known as&nbsp;<strong>Protocol Data Units (PDUs)<\/strong>\u2014are used for network monitoring and management. Here\u2019s a breakdown of each and what they do:<\/p>\n\n\n\n<p><strong>SQL<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.w3schools.com\/MySQL\/default.asp\" target=\"_blank\" rel=\"noreferrer noopener\">Learn SQL<\/a><\/p>\n\n\n\n<p><strong>SSO<\/strong><\/p>\n\n\n\n<p>A single sign-on (SSO) system allows the user to authenticate once to a local device<br>and be authorized to access compatible application servers without having to enter<br>credentials again. For example, a user could log in to a Windows computer using a<br>Microsoft account and be able to access OneDrive, Teams, Office 365 in Outlook,<br>and other linked Microsoft and non-Microsoft web services, without having to sign<br>in again.<br>One means of implementing SSO is the Kerberos framework. Kerberos provides<br>SSO authentication to Active Directory, as well as compatibility with other, non-<br>Windows operating systems. Kerberos was named after the three-headed guard<br>dog of Hades (Cerberus) because it consists of three parts: Client (which requests<br>services), Server (from which the service is requested) and a Key Distribution Center<br>(KDC)\u2014to vouch for their identity.<br>There are two services that make up a KDC: the Authentication Service and the<br>Ticket Granting Service.<br>The Authentication Service is responsible for authenticating user logon requests.<br>More generally, users and services can be authenticated; these are collectively<br>referred to as principals. For example, when you sit at a Windows domain<br>workstation and log on to the domain (Kerberos documentation refers to realms<br>rather than domains, which is Microsoft\u2019s terminology), the first step of logon is to<br>authenticate with a KDC server (implemented as a domain controller).<\/p>\n\n\n\n<p><strong>STP<\/strong>&nbsp;( Spanning Tree Protocol )<\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/lan-switching\/spanning-tree-protocol\/5234-5.html\" target=\"_blank\" rel=\"noreferrer noopener\">Understand and Configure STP on Catalyst Switches<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/lan-switching\/spanning-tree-protocol\/19120-122.html\" target=\"_blank\" rel=\"noreferrer noopener\">Understanding and Tuning Spanning Tree Protocol Timers<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/lan-switching\/spanning-tree-protocol\/24062-146.html\" target=\"_blank\" rel=\"noreferrer noopener\">Understanding Rapid Spanning Tree Protocol (802.1w)<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.ciscopress.com\/articles\/article.asp?p=2832407&amp;seqNum=5\">https:\/\/www.ciscopress.com\/articles\/article.asp?p=2832407&amp;seqNum=5<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"toc-hId--67946617\">Rapid Spanning Tree Port States<\/h3>\n\n\n\n<p>There are only three port states left in RSTP that correspond to the three possible operational states. The 802.1D disabled, blocking, and listening states are merged into a unique 802.1w discarding state.<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><th>STP (802.1D) Port State<\/th><th>RSTP (802.1w) Port State<\/th><th>Is Port Included in Active Topology?<\/th><th>Is Port Learning MAC Addresses?<\/th><\/tr><tr><td>Disabled<\/td><td>Discarding<\/td><td>No<\/td><td>No<\/td><\/tr><tr><td>Blocking<\/td><td>Discarding<\/td><td>No<\/td><td>No<\/td><\/tr><tr><td>Listening<\/td><td>Discarding<\/td><td>Yes<\/td><td>No<\/td><\/tr><tr><td>Learning<\/td><td>Learning<\/td><td>Yes<\/td><td>Yes<\/td><\/tr><tr><td>Forwarding<\/td><td>Forwarding<\/td><td>Yes<\/td><td>Yes<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"toc-hId--1875401080\">&nbsp;<\/h3>\n\n\n\n<p><a href=\"https:\/\/mrncciew.com\/2013\/07\/07\/stp-root-port-selection\/\">STP Root Port Selection<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/en.wikipedia.org\/wiki\/Spanning_Tree_Protocol#Per-VLAN_Spanning_Tree_and_Per-VLAN_Spanning_Tree_Plus\">Spanning Tree Protocol WIKI<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/ciscoiseasy.blogspot.sg\/2010\/10\/lesson-20-spanning-tree-protocol.html\">Spanning Tree Protocol Operation<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.ciscopress.com\/articles\/article.asp?p=2832407&amp;seqNum=5\">https:\/\/www.ciscopress.com\/articles\/article.asp?p=2832407&amp;seqNum=5<\/a><\/p>\n\n\n\n<p>S<strong>ubnetting<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/ip\/routing-information-protocol-rip\/13788-3.html\">IP Addressing and Subnetting(info on \/31 also)<\/a><\/p>\n\n\n\n<p>Play the Cisco Binary Game!!!!<\/p>\n\n\n\n<p><a href=\"https:\/\/learningcontent.cisco.com\/games\/binary\/index.html\">https:\/\/learningcontent.cisco.com\/games\/binary\/index.html<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.calculator.net\/ip-subnet-calculator.html\" target=\"_blank\" rel=\"noreferrer noopener\">online subnet calculator<\/a><\/p>\n\n\n\n<p><strong>Switch Virtualization<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/switches\/lan\/catalyst3750\/software\/troubleshooting\/switch_stacks.html\">Troubleshooting Switch Stacks<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/products\/collateral\/switches\/catalyst-3750-series-switches\/prod_white_paper09186a00801b096a.html\">Cisco StackWise and StackWise Plus Technology<\/a><\/p>\n\n\n\n<p><strong>Switch Commands<\/strong><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1.&nbsp;<strong><code>show running-config<\/code><\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Function:<\/strong>&nbsp;Displays the current active configuration running in the switch\u2019s RAM.<\/li><li><strong>Use Case:<\/strong>&nbsp;To check the live configuration including interfaces, VLANs, routing, and security settings.<\/li><li><strong>Example Output:<\/strong>&nbsp;Shows interface settings, passwords (obscured), hostname, and more.<\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">2.&nbsp;<strong><code>show startup-config<\/code><\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Function:<\/strong>&nbsp;Displays the saved configuration stored in NVRAM (Non-Volatile RAM).<\/li><li><strong>Use Case:<\/strong>&nbsp;To see what configuration will load after the switch is rebooted.<\/li><li><strong>Tip:<\/strong>&nbsp;Compare this with&nbsp;<code>show running-config<\/code>&nbsp;to ensure changes are saved using&nbsp;<code>copy running-config startup-config<\/code>.<\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">3.&nbsp;<strong><code>show interfaces<\/code><\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Function:<\/strong>&nbsp;Provides detailed statistics about all switch interfaces.<\/li><li><strong>Use Case:<\/strong>&nbsp;To troubleshoot and monitor interface health, speed, duplex settings, and errors.<\/li><li><strong>Example Output:<\/strong>&nbsp;Status (up\/down), speed, input\/output errors, bandwidth usage, etc.<\/li><\/ul>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">4.&nbsp;<strong><code>show ip interface brief<\/code><\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Function:<\/strong>&nbsp;Displays a quick summary of all interfaces and their IP addresses and status.<\/li><li><strong>Use Case:<\/strong>&nbsp;For a fast overview to check if interfaces are up and have IP addresses.<\/li><li><strong>Example Output:<\/strong>&nbsp;Interface names, IP addresses, status (up\/down), and protocol state.<\/li><\/ul>\n\n\n\n<p><strong>Switch Security<\/strong>&nbsp;( port security )<\/p>\n\n\n\n<p>Port Security Learning modes<\/p>\n\n\n\n<p>\u2022<strong>Static<\/strong>&nbsp;secure MAC addresses: MAC addresses that are manually configured on a port by using the&nbsp;<strong>switchport port-security mac-address&nbsp;<\/strong><strong><em>mac-address<\/em><\/strong>&nbsp;interface configuration mode command. MAC addresses configured in this way are stored in the address table and are added to the running configuration on the switch. Use&nbsp;<strong>no switchport port-security mac-address&nbsp;<\/strong><strong><em>mac-address<\/em><\/strong>&nbsp;<em>&nbsp;to remove the MAC address if that device is no longer connected to the switch.<\/em><\/p>\n\n\n\n<p>\u2022<strong>Dynamic<\/strong>&nbsp;secure MAC addresses: MAC addresses that are dynamically learned and stored only in the address table. MAC addresses configured in this way are removed when the switch restarts or when the timer has expired, the&nbsp; optional commands&nbsp;&nbsp;<strong>mac address-table aging-time&nbsp;<\/strong><strong><em>300&nbsp;<\/em><\/strong><em>&nbsp;<\/em><strong><em>&amp;&nbsp;<\/em><\/strong><strong>switchport port-security aging type inactivity<\/strong><strong><em>&nbsp;&nbsp;<\/em><\/strong><em>will remove the dynamic MAC address after 5 minutes of inactivity.<\/em><\/p>\n\n\n\n<p>\u2022<strong>Sticky<\/strong>&nbsp;secure MAC addresses: MAC addresses that can be dynamically learned or manually configured are stored in the address table, and added to the running configuration. . Use&nbsp;<strong>no switchport port-security mac-address&nbsp;<em>mac-address&nbsp;<\/em><\/strong><em>&nbsp;to remove the MAC address if that device is no longer connected.<\/em><\/p>\n\n\n\n<p>Switchport Aging&nbsp;<a href=\"https:\/\/www.ciscopress.com\/articles\/article.asp?p=1722561\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.ciscopress.com\/articles\/article.asp?p=1722561<\/a><\/p>\n\n\n\n<p>Switch Security Violation modes:<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li><strong>protect<\/strong>\u2014Drops frames with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value.<\/li><li><strong>restrict<\/strong>\u2014Drops frames with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the SecurityViolation counter to increment and sends SNMP trap notification.<\/li><li><strong>shutdown<\/strong>\u2014Puts the interface into the error-disabled state immediately and causes the SecurityViolation counter to increment and sends an SNMP trap notification.<\/li><\/ol>\n\n\n\n<p><strong>Syslog<\/strong>https:\/\/stackify.com\/syslog-101\/<\/p>\n\n\n\n<p><a href=\"https:\/\/docs.redhat.com\/en\/documentation\/red_hat_enterprise_linux\/6\/html\/deployment_guide\/ch-viewing_and_managing_log_files#ch-Viewing_and_Managing_Log_Files\" target=\"_blank\" rel=\"noreferrer noopener\">Viewing and Managing Log Files (Redhat)<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/docs.redhat.com\/en\/documentation\/red_hat_enterprise_linux\/6\/html\/deployment_guide\/s1-configuring_rsyslog_on_a_logging_server#s1-configuring_rsyslog_on_a_logging_server\" target=\"_blank\" rel=\"noreferrer noopener\">Configuring rsyslog on a Logging Server (Redhat)<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.howtoforge.com\/how-to-setup-rsyslog-server-on-ubuntu-1804\/\">https:\/\/www.howtoforge.com\/how-to-setup-rsyslog-server-on-ubuntu-1804\/<\/a><\/p>\n\n\n\n<p><strong>TCP<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/en.wikipedia.org\/wiki\/Transmission_Control_Protocol\">Transmission Control Protocol<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/E-Learning\/bulk\/public\/tac\/cim\/cib\/using_cisco_ios_software\/linked\/tcpip.htm#xtocid291425\">Understanding TCP\/IP<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.omnisecu.com\/tcpip\/tcp-three-way-handshake.php\" target=\"_blank\" rel=\"noreferrer noopener\">How TCP Three-way handshake works (SYN, SYN-ACK, ACK)<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/pcarleton.com\/2018\/06\/06\/why-does-tcp-need-a-3-way-handshake-anyway\/\" target=\"_blank\" rel=\"noreferrer noopener\">Why does TCP even need a 3-way handshake?<\/a><\/p>\n\n\n\n<p><strong>TCPDUMP<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/opensource.com\/article\/18\/10\/introduction-tcpdump\">https:\/\/opensource.com\/article\/18\/10\/introduction-tcpdump<\/a><\/p>\n\n\n\n<p><strong>USERNAMES<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/switches\/lan\/catalyst3850\/software\/release\/3-2_0_se\/system_management\/configuration_guide\/b_sm_32se_3850_cg_chapter_01001.html#concept_A1CBAEB98DF6467AA0C3EE048E8143A9\" target=\"_blank\" rel=\"noreferrer noopener\">Configuring Administrator Usernames and Passwords<\/a><\/p>\n\n\n\n<p><strong>VLAN<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/www.ciscopress.com\/articles\/article.asp?p=3089357&amp;seqNum=6\">Creating Ethernet VLANs on Catalyst Switches<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.ciscopress.com\/articles\/article.asp?p=3089357&amp;seqNum=6\">Configure InterVLAN Routing on Layer 3 Switches<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.cisco.com\/c\/en\/us\/td\/docs\/routers\/ncs6000\/software\/interfaces\/command\/reference\/b-interfaces-cr-ncs6k\/b_interfaces_cr50ncs_chapter_01001.pdf\">VLAN Subinterface Commands<\/a><\/p>\n\n\n\n<p><strong>switchport nonegotiate:<\/strong>&nbsp;Prevents the interface from generating DTP frames. You can use this command only when the interface switchport mode is&nbsp;<strong>access<\/strong>&nbsp;or&nbsp;<strong>trunk<\/strong>. You must manually configure the neighboring interface as a trunk interface to establish a trunk link. Please see the link below&nbsp;<a href=\"https:\/\/www.ciscopress.com\/articles\/article.asp?p=2181837&amp;seqNum=8\" target=\"_blank\" rel=\"noreferrer noopener\">Configure DTP<\/a>&nbsp;for more details.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><a href=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2022\/12\/NODTP.jpg\"><img decoding=\"async\" src=\"https:\/\/davidpapkin.net\/wp-content\/uploads\/2022\/12\/NODTP.jpg\" alt=\"\" class=\"wp-image-4283\"\/><\/a><figcaption><a href=\"https:\/\/www.connecteddots.online\/resources\/cisco-reference\/disabling-dtp-negotiation-switchport-nonegotiate\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.connecteddots.online\/resources\/cisco-reference\/disabling-dtp-negotiation-switchport-nonegotiate<\/a><\/figcaption><\/figure>\n\n\n\n<p><a href=\"https:\/\/www.ciscopress.com\/articles\/article.asp?p=2181837&amp;seqNum=8\" target=\"_blank\" rel=\"noreferrer noopener\">Configure DTP<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/content.cisco.com\/chapter.sjs?uri=\/searchable\/chapter\/www.cisco.com\/content\/en\/us\/td\/docs\/switches\/connectedgrid\/cg-switch-sw-master\/software\/configuration\/guide\/layer2\/CGS_1000_L2\/l2_vlantrunks.html.xml\" target=\"_blank\" rel=\"noreferrer noopener\">Configure VLAN Trunks<\/a><\/p>\n\n\n\n<p><strong>VXLAN<\/strong><\/p>\n\n\n\n<p><strong>Virtual Extensible LAN<\/strong>&nbsp;(<strong>VXLAN<\/strong>) is a&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/Network_virtualization\">network virtualization<\/a>&nbsp;technology that attempts to address the&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/Scalability\">scalability<\/a>&nbsp;problems associated with large&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/Cloud_computing\">cloud computing<\/a>&nbsp;deployments. It uses a&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/VLAN\">VLAN<\/a>-like encapsulation technique to encapsulate&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/OSI_model\">OSI<\/a>&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/Layer_2\">layer 2<\/a>&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/Ethernet_frame\">Ethernet frames<\/a>&nbsp;within&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/Layer_4\">layer 4<\/a>&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/User_Datagram_Protocol\">UDP<\/a>&nbsp;datagrams, using 4789 as the default&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/Internet_Assigned_Numbers_Authority\">IANA<\/a>-assigned destination UDP port number.<sup><a href=\"https:\/\/en.wikipedia.org\/wiki\/Virtual_Extensible_LAN#cite_note-1\">[1]<\/a><\/sup>&nbsp;VXLAN endpoints, which terminate VXLAN tunnels and may be either virtual or physical&nbsp;<a href=\"https:\/\/en.wikipedia.org\/wiki\/Switch_port\">switch ports<\/a>, are known as&nbsp;<strong>VXLAN tunnel endpoints<\/strong>&nbsp;(<strong>VTEPs<\/strong>).<\/p>\n\n\n\n<p><a href=\"https:\/\/en.wikipedia.org\/wiki\/Virtual_Extensible_LAN\">https:\/\/en.wikipedia.org\/wiki\/Virtual_Extensible_LAN<\/a><\/p>\n\n\n\n<p>When an SDA endpoint (for example, an end-user computer) sends a data link frame into an SDA edge node, the ingress edge node encapsulates the frame and sends it across a VXLAN tunnel to the egress edge node<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Fabric edge nodes\u2014SDA nodes that connect to the edge of the SDA fabric\u2014learn the<br>location of possible endpoints using traditional means, based on their MAC address,<br>individual IP address, and by subnet, identifying each endpoint with an endpoint identifier (EID).<\/li><li>The fabric edge nodes register the fact that the node can reach a given endpoint (EID)<br>into a database called the LISP map server.<\/li><li>The LISP map server keeps the list of endpoint identifiers (EIDs) and matching routing<br>locators (RLOCs) (which identify the fabric edge node that can reach the EID).<\/li><li>In the future, when the fabric data plane needs to forward a message, it will look for and<br>find the destination in the LISP map server\u2019s database.<\/li><\/ul>\n\n\n\n<p><strong>Wireshark<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/en.wikiversity.org\/wiki\/Wireshark\/HTTPS\">Wireshark HTTPS (Has 9 learning Activities.Very good!))<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/wiki.wireshark.org\/SSL\">Wireshark SSL<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/wiki.wireshark.org\/DisplayFilters\">https:\/\/wiki.wireshark.org\/DisplayFilters<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/www.wireshark.org\/docs\/wsug_html_chunked\/ChWorkBuildDisplayFilterSection.html\">How to build Display Filters<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/wiki.wireshark.org\/CaptureSetup\/Ethernet\">Ethernet Capture<\/a><\/p>\n\n\n\n<p><strong>Student Labs<\/strong><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Instructor Token<\/h2>\n\n\n\n<p>beevi<\/p>\n\n\n\n<p>Access to Cisco Learning Labs is via the Cisco Learning Labs Portal at the following URL:<br><a href=\"https:\/\/cll-ng.cisco.com\/users\/pblogin\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/cll-ng.cisco.com\/users\/pblogin<\/a><br><\/p>\n\n\n\n<p><strong>Students Credentials<\/strong><\/p>\n\n\n\n<p><strong>Feedback<\/strong><\/p>\n\n\n\n<p>Download<\/p>\n\n\n\n<p>Upload<\/p>\n\n\n\n<p>End of David Mark Papkin page on Networking links.<\/p>\n\n\n\n<p><a href=\"http:\/\/davidpapkin.org\/\">http:\/\/davidpapkin.org\/<\/a><\/p>\n\n\n\n<p><strong>David Papkin favorite movies<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/en.wikipedia.org\/wiki\/GoodFellas\">Robert Deniro in GoodFellas<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/en.wikipedia.org\/wiki\/Singapore_(1947_film)\">Ava Gardner in Singapore (Flim Noir)<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/en.wikipedia.org\/wiki\/China_Seas_(film)\" target=\"_blank\" rel=\"noreferrer noopener\">Clarke Gable in China Seas<\/a><\/p>\n\n\n\n<p>Username:&nbsp;<br>Password:<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This page by David Mark Papkin shows useful network links Enroll in Cisco Networking Academy CCNAX 200-301 exam 200-301 CCNA Exam Topics Study Tool CCNA Exam Safeguard Cisco Certifications Cisco Labs options Packet Tracer Packet Tracer&nbsp;is a free network simulator&hellip; <\/p>\n","protected":false},"author":1,"featured_media":0,"parent":77,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-3910","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/davidpapkin.com\/index.php?rest_route=\/wp\/v2\/pages\/3910","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/davidpapkin.com\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/davidpapkin.com\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/davidpapkin.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/davidpapkin.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3910"}],"version-history":[{"count":9,"href":"https:\/\/davidpapkin.com\/index.php?rest_route=\/wp\/v2\/pages\/3910\/revisions"}],"predecessor-version":[{"id":3935,"href":"https:\/\/davidpapkin.com\/index.php?rest_route=\/wp\/v2\/pages\/3910\/revisions\/3935"}],"up":[{"embeddable":true,"href":"https:\/\/davidpapkin.com\/index.php?rest_route=\/wp\/v2\/pages\/77"}],"wp:attachment":[{"href":"https:\/\/davidpapkin.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3910"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}