IP Subnet Chart

Class C Address Space

Prefix Subnet Host Usable

/32 255.255.255.255 1 1

/31 255.255.255.254 2 0

/30 255.255.255.252 4 2

/29 255.255.255.248 8 6

/28 255.255.255.240 16 14

/27 255.255.255.224 32 30

/26 255.255.255.192 64 62

/25 255.255.255.128 128 126

/24 255.255.255.10 256 254

===============================

Class B Space is denoted in number of Class C's

Ripe Subnet # of Class C's

/23 255.255.254.0 2

/22 255.255.252.0 4

/21 255.255.248.0 8

/20 255.255.240.0 16

/19 255.255.224.0 32

/18 255.255.192.0 64

/17 255.255.128.0 128

/16 255.255.0.0 256

Cisco Router Debug Commands

Enable debug for RIP
debug ip rip

Enable summary IGRP debug information
debug ip igrp events

Enable detailed IGRP debug information
debug ip igrp transactions

Debug IPX RIP
debug ipx routing activity

Debug IPX SAP
debug IPX SAP

Enable debug for CHAP or PAP
debug ppp authentication

Switch all debugging off
no debug all
undebug all

Cisco Router Copy Commands

Save the current configuration from DRAM to NVRAM
copy running-config startup-config

Merge NVRAM configuration to DRAM
copy startup-config running-config

Copy DRAM configuration to a TFTP server
copy runing-config tftp

Merge TFTP configuration with current router configuration held in DRAM
copy tftp runing-config

Backup the IOS onto a TFTP server
copy flash tftp

Upgrade the router IOS from a TFTP server
copy tftp flash

Cisco Router Basic Operations

Enable
Enter privileged mode

Return to user mode from privileged
disable

Exit Router
Logout or exit or quit

Recall last command
up arrow or

Recall next command
down arrow or

Suspend or abort
and and 6 then x

Refresh screen output


Compleat Command
TAB

Cisco Router Show Commands

View version information
show version

View current configuration (DRAM)
show running-config

View startup configuration (NVRAM)
show startup-config

Show IOS file and flash space
show flash

Shows all logs that the router has in its memory
show log

View the interface status of interface e0
show interface e0

Overview all interfaces on the router
show ip interfaces brief

View type of serial cable on s0
show controllers 0 (note the space between the 's' and the '0')

Display a summary of connected cdp devices
show cdp neighbor

Display detailed information on all devices
show cdp entry *

Display current routing protocols
show ip protocols

Display IP routing table
show ip route

Display access lists, this includes the number of displayed matches
show access-lists

Check the router can see the ISDN switch
show isdn status

Check a Frame Relay PVC connections
show frame-relay pvc
show lmi traffic stats
show frame-relay lmi

Display the frame inverse ARP table
show frame-relay map

Cisco Router Configuration Commands

Set a console password to cisco
Router(config)#line con 0

Router(config-line)#login

Router(config-line)#password cisco

Set a telnet password
Router(config)#line vty 0 4

Router(config-line)#login

Router(config-line)#password cisco

Stop console timing out
Router(config)#line con 0

Router(config-line)#exec-timeout 0 0

Set the enable password to cisco
Router(config)#enable password cisco

Set the enable secret password to peter
This password overrides the enable password and is encypted within the config file
Router(config)#enable secret peter

Enable an interface
Router(config-if)#no shutdown

To disable an interface
Router(config-if)#shutdown

Set the clock rate for a router with a DCE cable to 64K
Router(config-if)clock rate 64000

Set a logical bandwidth assignment of 64K to the serial interface
Router(config-if)bandwidth 64Note that the zeroes are not missing

To add an IP address to a interface
Router(config-if)#ip addr 10.1.1.1 255.255.255.0

To enable RIP on all 172.16.x.y interfaces
Router(config)#router rip

Router(config-router)#network 172.16.0.0

Disable RIP
Router(config)#no router rip

To enable IRGP with a AS of 200, to all interfaces
Router(config)#router igrp 200

Router(config-router)#network 172.16.0.0

Disable IGRP
Router(config)#no router igrp 200

Static route the remote network is 172.16.1.0, with a mask of 255.255.255.0, the next hop is 172.16.2.1, at a cost of 5 hops
Router(config)#ip route 172.16.1.0 255.255.255.0 172.16.2.1 5

Disable CDP for the whole router
Router(config)#no cdp run

Enable CDP for the whole router
Router(config)#cdp run

Disable CDP on an interface
Router(config-if)#no cdp enable

Configure Frame Relay

Configuring Frame Relay is a little more complicated than configuring point to point networks and therefore involves a few more steps. First is to configure the interface as a frame relay link. At the same time, you need to specify the type of frame relay packets carried by this network. Currently, cisco only supports IETF and Cisco's own frame relay packet types. Since not very many vendors use the cisco format, we always specify IETF. The format of this command as as follows.

interface Serial0/0
ip address X.X.X.X(ip) Y.Y.Y.Y(subnet)
encapsulation frame-relay IETF

Having the wrong LMI type specified can interfere with the operation of the frame relay circuit. Cisco supports LMI types ANSI (annex D), cisco (default), and q933a (annex A). Most vendors' switches are capable of auto detecting which LMI type you are using but not all. Generally, its safe to leave the default LMI type set. Should you need to change it, the command is

frame-relay lmi-type ANSI

to specify the ANSI packet format.

Using LMI, the router can obtain information from the switch and other routers with PVCs to this circuit to build its own DLCI list or map as its sometimes called. However, it should be noted that cisco has problems talking to some vendors' equipment (most notably Livingston Enterprises.) This can result in the router sensing an active PVC (based on what its getting from the switch) but not being able to tell what the address of the router on the other end is. For the sake of robustness, it is generally better to manually configure the DLCI list. This can make it more difficult to configure the router or make changes in the frame relay network but can save considerable headaches when initially configuring a circuit or coping with service disruptions within the frame relay network.

The DLCI number assigned to each PVC is provided by the telco and is entered into the router along with the networking protocol operating over this PVC as well as additional optional information about this PVC. For example, a router transmitting IP into with an address of X.X.X.X(ip) and connected to DLCI 19 would be entered into the "map" as shown below

frame-relay map ip X.X.X.X(ip) broadcast IETF

Again, the packet type needs to be specified for this particular PVC and again, we have selected IETF. The "broadcast" keyword instructs the router to forward broadcast packets over this PVC. This can assist with broadcast routing protocols, for example. One line is needed for each DLCI configured. You can check to see the status of the PVC you just setup by entering the command "show frame-relay map" from the EXEC prompt.

Cisco configuration

Cisco router is really a computer dedicated to routing packets. It has an operating system called IOS, which can be configured to support a variety of protocols and interfaces. There are many versions of IOS in use today. There are different types of routers, varying in size (number of interfaces), types of interfaces, etc. but the configuration procedure is the same, and the commands are the same.
The IOS is stored (usually) in flash memory -- this can actually be upgraded by downloading new versions from ftp.cisco.com.
Apart from the IOS, the cisco needs a "configuration" which describes your network (interfaces, addresses etc.). This config file is what we will create shortly -- this is stored in NVRAM, and can be modified using commands. Instead of NVRAM, you can also store the config file on a "server" somewhere on the network, and the router can download its configuration at boot-time (or when you manually tell it to "reload" configuration) using tftp to the server. The server can be another cisco router, or a regular computer, which holds configurations for many routers.

What is a cisco router? Why do we use it?

Routers are boxes dedicated to routing packets. For high speed connections, or multiple connections, they are useful. For small networks, the cost might not be worth it. They can also often handle many different routing protocols, rather than loading your PC. Routers also support a variety of network interfaces (ethernet, token ring, etc.) -- you can get what you need.
PCs are also used as routers, especially for small networks, and we will be working with PC routers more. However, due to popular demand we now have this session on configuring Cisco routers.

CISCO 7000/7500 VIP4 MODEL 50 SPARE

The Versatile Interface Processor 4 (VIP4) for the high-end Cisco 7500 router series enables high-performance switching, and scalable LAN and WAN intelligent network services to meet the needs of high-performance applications. It provides over twice the distributed switching performance and twice the aggregate bandwidth of previous model VIPs, employs higher-capacity memory modules for rich IP services, and utilizes Error Correction Code (ECC) for increased system availability. The VIP4 serves as an ideal platform for enterprise and service-provider networks that require high performance and processing power to support service-enabled edge and core applications. The VIP4 is a highly configurable, RISC-based, intelligent interface processor. Port Adapters (PAs) provide the media-specific interfaces for the VIP4, enabling the VIP4 configuration to be optimized in terms of price, performance, and density; up to two PAs can be configured on each VIP4. More than 50 media-specific LAN and WAN PAs are supported, including Fast Ethernet, T1/E1, High-Speed Serial Interface (HSSI), T3/E3, T3/E3 ATM, multichannel T1/E1, multichannel T3/E3, OC-3 ATM, packet over SONET (POS), and OC-12 ATM. The VIP4 greatly increases the switching performance of the Cisco 7500 series and serves as an ideal platform for new, higher-speed, higher-density LAN and WAN interfaces. On the Cisco 7500 series, VIP4 distributed switching scales system performance to over two million packets per second (pps). In addition, the VIP4 features Single-Error-Correction, Double-Error-Detection Code (SECDED) logic, detecting and correcting single event upsets within a data word. This enables greater system resiliency and continued system availability in the presence of a single-event parity upset. A key VIP4 feature is its ability to receive and execute on route information provided by the master Route Switch Processor (RSP). Based on this route data, a VIP4 can make its own Layer 3 switching decisions, providing a scalable, distributed switching architecture, called distributed switching (DSW). Further, DSW scales packet-processing throughput of a VIP4-equipped router, and resources for route policy and administration are increased by off-loading the central processor of packet-handling tasks

Cisco VIP4 Versatile Interface Processor

The Versatile Interface Processor 4 (VIP4) for the high-end Cisco 7500 router series enables high-performance switching, and scalable LAN and WAN intelligent network services to meet the needs of high-performance applications. It provides over twice the distributed switching performance and twice the aggregate bandwidth of previous model VIPs, employs higher-capacity memory modules for rich IP services, and utilizes Error Correction Code (ECC) for increased system availability. The VIP4 serves as an ideal platform for enterprise and service-provider networks that require high performance and processing power to support service-enabled edge and core applications.

PIX 525-FO BUNDLE - CHASS SW FAILOVER 2PORT FE VAC

The Cisco PIX 525 Security Appliance delivers enterprise-class security for medium-to-large enterprise networks in a reliable, purpose-built appliance. Its modular two-rack unit design supports up to eight 10/100 Fast Ethernet interfaces or three Gigabit Ethernet interfaces, making it an ideal choice for businesses requiring a resilient, high performance, Gigabit Ethernet-ready solution that provides solid investment protection. Part of the world-leading Cisco PIX Security Appliance Series, the Cisco PIX 525 Security Appliance provides a wide range of rich integrated security services, hardware VPN acceleration capabilities, and powerful remote management capabilities in a cost-effective, highly-resilient solution.

RV016 10/100 16-Port VPN Router

The Linksys® RV016 10/100 16-Port VPN Router lets multiple computers in your office share an Internet connection. It features two dedicated Internet ports that let you connect a second Internet line as a backup to ensure that you're never disconnected. Up to five of the thirteen full-duplex switched 10/100 Ethernet ports can be reconfigured as Internet ports, for up to seven-port failover or load balance redundancy. A dedicated DMZ port gives you a publicly accessible channel so you can set up a Web or FTP server. The Virtual Private Network (VPN) capability creates encrypted tunnels through the Internet, allowing up to 50 remote offices or traveling users to securely connect into your office network from off-site. The RV016 can also serve as a DHCP Server, and has a powerful SPI firewall to protect your PCs against intruders and Internet attacks.

1. High-reliability Internet connection-sharing router and 16-port switch for small business


2. Features dual Internet ports for load balancing and connection redundancy


3. Securely connects up to 50 remote office or traveling users to your office network via VPN


4. IP filtering allows for restricted access to the Internet and other network resources


5. Full IPSec Virtual Private Network (VPN) Capability uses DES and 3DES Encryption Algorithms


6. Advanced SPI firewall protects your PCs from Internet attacks

WRT54G3G-ST Wireless-G Router

The WRT54G3G-ST Wireless-G Router for Mobile Broadband from Linksys® features Wireless Access Point, which lets you connect both screaming fast Wireless-G (802.11g at 54Mbps) and Wireless-B (802.11b at 11Mbps) devices to the network. The built-in 4-port full-duplex 10/100 switch connects your wired-Ethernet devices together. You can connect four PCs directly or attach more hubs and switches to create as big a network as you need. The Router function lets your whole network share a high-speed cable or DSL Internet connection. To protect your data and privacy, the Wireless-G Broadband Router can encode all wireless transmissions with up to 128-bit encryption, and supports both Wired Equivalent Privacy (WEP) and the industrial strength wireless security of Wi-Fi Protected Access™ (WPA). The Router can serve as a DHCP Server, has a powerful SPI firewall to protect your PCs against intruders and most known Internet attacks, supports VPN pass-through, and can be configured to filter internal users' access to the Internet.
Use your broadband connection to make phone calls over the Internet with Linksys' WRTP54G-ER Wireless-G router bundled with EarthLink's TrueVoice VoIP service! TrueVoice features included in a flat monthly rate are Unlimited Calling, Local and Domestic Long-Distance to anywhere in the U.S., Canada and Puerto Rico. The service also features Enhanced Voicemail, Call Forwarding, Call Waiting, Call Blocking, Caller ID, and myVoice portal of online account management.

1. 
   
   All-in-one Internetsharing Router, 4-port Switch, and 54Mbps Wireless-G (802.11g) Access Point


2. 
   
   Shares a single Internet connection and other resources with Ethernet wired and Wireless-G and B devices


3. 
   
   Two standard phone jacks enable featurerich telephone service over your cable or DSL Internet connection


4. 
   
   High security with Wi-Fi Protected Access™ (WPA), wireless MAC address filtering, powerful SPI firewall

WRT54GS 54Mbps Firewall Ruter wiht SpeedBooster

The Linksys Wireless-G Broadband Router with SpeedBooster combines the functionalities of three devices into a single device — a wireless access point, a four-port full-duplex 10/100 Mbps switch and a router. The wireless access point lets you connect Wireless-G, Wireless-B and other performance-enhanced SpeedBooster devices to the network, while the switch connects your wired-Ethernet devices together. Finally, the router function ties it all together by letting your whole network share a high-speed cable or DSL Internet connection. The router serves as a DHCP server, features a powerful SPI firewall to protect your PCs against intruders and most known Internet attacks, and also supports VPN pass-through. It even protects your data and privacy with 128-bit encryption. With the Wireless-G Broadband Router at the center of your home or office network, you can share a DSL Internet connection, files, printers and multi-player games with the flexibility, speed and security you need.

Cisco 2811 Voice Security Bundle - Router - voice / fax module - EN, Fast EN - Cisco IOS - 1U

The Cisco 2800 Series provides significant additional value compared to prior generations of Cisco routers at similar price points by offering up to a fivefold performance improvement, up to a tenfold increase in security and voice performance, embedded service options, and dramatically increased slot performance and density while maintaining support for most of the more than 90 existing modules that are available today for the Cisco 1700, Cisco 2600, and Cisco 3700 Series.The Cisco 2800 Series features the ability to deliver multiple high-quality simultaneous services at wire speed up to multiple T1/E1/xDSL connections. The routers offer embedded encryption acceleration and on the motherboard voice digital-signal-processor (DSP) slots; intrusion prevention system (IPS) and firewall functions; optional integrated call processing and voice mail support; high-density interfaces for a wide range of wired and wireless connectivity requirements; and sufficient performance and slot density for future network expansion requirements and advanced applications.