494 Appendix A • Sample Configuration for an Application Service Provider Network ip tftp source-interface Loopback1 ip domain-name dft.exn.com ip name-server 192.168.1.11 ASP1-DFT-7200-D1(config)#ip tftp source-interface Loopback1 This allows you to select the interface address that will be used as the source address for TFTP connections. A loopback interface is a software-based connec- tion that can be configured for testing your router as well as an interface. ASP1-DFT-7200-D1(config)#ip domain name dft.exn.com You can specify the Domain Name System (DNS) to automatically deter- mine host-name-to-address mappings.The drawback to this command is that if you mistype a command, the router will perform a domain name lookup for the item that you typed. ASP1-DFT-7200-D1(config)#ip name-server 192.168.1.11 You can specify the name server to automatically determine host-name-to- address mappings. ip vrf ip-mpls1 rd 10.10.254.13:5 route-target export 10.10.254.13:5 route-target import 10.10.254.13:5 ASP1-DFT-7200-D1(config)#ip vrf ip-mpls1 Enters VPN forwarding routing (VRF) configuration mode, and defines the VPN routing instance by assigning a VRF name. ASP1-DFT-7200-D1(config-vrf)#rd 10.10.254.13:5 Creates routing and forwarding tables with the route distinguisher (RD). ASP1-DFT-7200-D1(config-vrf)#route-target export 10.10.254.13:5 www.syngress.com 130_ASP_AppA 6/19/01 2:53 PM Page 494 Sample Configuration for an Application Service Provider Network • Appendix A 495 Creates a list of export route target communities for the specified VRF. ASP1-DFT-7200-D1(config-vrf)#route-target import 10.10.254.13:5 Creates a list of import route target communities for the specified VRF. ip vrf lab1-access1 rd 65535:1 route-target export 65535:1 route-target export 70:1 route-target import 70:1 route-target import 65535:1 ip cef ip inspect name ASP1 realaudio timeout 30 ip inspect name ASP1 ftp timeout 3600 ip inspect name ASP1 smtp timeout 3600 ip inspect name ASP1 udp timeout 15 ip inspect name ASP1 tcp timeout 3600 ip inspect name ASP1 http ip audit notify log ip audit po max-events 100 mpls traffic-eng tunnels frame-relay switching mls rp ip ASP1-DFT-7200-D1(config)#ip cef This command enables Cisco express forwarding (CEF). CEF is designed to accommodate changing network dynamics and traffic that results from increased numbers over a short period of time.These patterns are usually associated with Web-based applications and interactive applications. ASP1-DFT-7200-D1(config)#ip inspect name ASP1 realaudio timeout 30 Use the ip inspect name in global configuration command to define a set of inspection rules to which packet traffic must adhere. ASP1-DFT-7200-D1(config)#ip audit notify log www.syngress.com 130_ASP_AppA 6/19/01 2:53 PM Page 495 496 Appendix A • Sample Configuration for an Application Service Provider Network Use the ip audit notify log command in global configuration mode to specify the method of event notification, so that you can view these notifications and tweak your network for better efficiency. ASP1-DFT-7200-D1(config)#ip audit po max-events 100 Use the ip audit po local command in global configuration mode to specify the local post office parameters that should be used when sending event notifications to your network administrator. ASP1-DFT-7200-D1(config)#mpls traffic-eng tunnels The mpls traffic-eng tunnels command enables multiprotocol label switching (MPLS) traffic engineering tunnel signaling on a device. ASP1-DFT-7200-D1(config)#frame-relay switching Enables Frame-Relay switching. ASP1-DFT-7200-D1(config)#mls rp ip Globally enables IP multilayer switching (MLS) on the router. cns event-service server Cisco Networking Services Management Server provides infrastructure ele- ments that can enable end-to-end management of your network. interface Loopback1 ip address 192.168.253.1 255.255.255.255 ip wccp web-cache redirect out ip router isis ASP1-DFT-7200-D1(config)#interface loopback 1 This command creates loopback interface 1. ASP1-DFT-7200-D1(config-if)#ip address 198.168.253.1 255.255.255.255 This command configures an IP address for the interface. ASP1-DFT-7200-D1(config-if)#ip wccp web-cache redirect out www.syngress.com 130_ASP_AppA 6/19/01 2:53 PM Page 496 Sample Configuration for an Application Service Provider Network • Appendix A 497 This command configures an interface to enable a router to verify that the appropriate packets are being redirected to the cache engine. ASP1-DFT-7200-D1(config-if)#ip router isis This enables the Intermediate System-to-Intermediate System (IS-IS) routing protocol on the interface.This command also identifies the area in which the router will work, while letting the router know that it will be routing dynami- cally rather than statically. interface FastEthernet0/0 no ip address no ip redirects ip nbar protocol-discovery full-duplex mls rp vtp-domain EXN_ASP_LAB mls rp ip mls rp ipx ASP1-DFT-7200-D1(config)#interface FastEthernet 0/0 This command enables interface configuration mode for FastEthernet slot/port. ASP1-DFT-7 200-D1(config-if)#no ip address This is the default setting for the interface. ASP1-DFT-7200-D1(config-if)#no ip redirects This is the default setting for the interface. ASP1-DFT-7200-D1(config-if)#full-duplex Enables full-duplex on the interface.This will allow the interface to send and receive data traffic at the same time. ASP1-DFT-7200-D1(config-if)#mls rp vtp-domain EXN_ASP_LAB Configures virtual local area network (VLAN) Trunking Protocol (VTP) domain.VTP allows you to make configuration changes centrally on a single www.syngress.com 130_ASP_AppA 6/19/01 2:53 PM Page 497 498 Appendix A • Sample Configuration for an Application Service Provider Network network device, and have those changes automatically communicated to all the other devices within the domain. ASP1-DFT-7200-D1(config-if)#mls rp ipx This command enables Internetwork Packet eXchange (IPX) multilayer switching on the router interface. interface FastEthernet0/0.1 no ip redirects ASP1-DFT-7200-D1(config)#interface FastEthernet 0/0.1 Creates, enables, and enters configuration mode for a subinterface on a FastEthernet slot/port. interface FastEthernet0/0.2 encapsulation isl 900 ip address 192.168.1.5 255.255.255.0 no ip redirects ip wccp web-cache redirect out ip nbar protocol-discovery ip router isis tag-switching ip mls rp management-interface mls rp ip mls rp ipx standby 2 priority 100 preempt delay 120 standby 2 ip 192.168.1.2 standby 2 track POS1/0 ASP1-DFT-7200-D1(config)#interface fastethernet 0/0.2 www.syngress.com 130_ASP_AppA 6/19/01 2:53 PM Page 498 Sample Configuration for an Application Service Provider Network • Appendix A 499 Creates, enables, and enters configuration mode for a subinterface on a FastEthernet slot/port. ASP1-DFT-7200-D1(config-if)#encapsulation isl 900 Creates inter-switch link (ISL) VLAN encapsulation on the interface. ISL is a Cisco-specific VLAN encapsulation method. ASP1-DFT-7200-D1(config-if)#ip nbar protocol-discovery Enables Network-Based Application Recognition Protocol-Discovery (NBAR). NBAR dynamically recognizes applications and employs network ser- vices to attain end-to-end availability, performance, and security. ASP1-DFT-7200-D1(config-if)#tag-switching ip Enables packet forwarding to go across cell-based devices that are connected to the interface.Tag switching was created to resolve the challenges that face an evolving Internet and high-speed data communications in general.Tag switching uses two main components: forwarding and control. Forwarding uses the tag information that is carried by packets, and tag-forwarding information, which is handled by a tag switch that executes packet forwarding. Control is in charge of retaining the correct tag-forwarding information for a group of connected tag switches. ASP1-DFT-7200-D1(config-if)#mls rp management-interface This command specifies an interface as the management interface for MLS. ASP1-DFT-7200-D1(config-if)#standby 2 priority 100 preempt delay 120 Configures HSRP priority and sets the preempt delay. ASP1-DFT-7200-D1(config-if)#standby 2 ip 192.168.1.2 Sets the IP address for the standby unit. ASP1-DFT-7200-D1(config-if)#standby 2 track POS1/0 Configures the interface so that the HSRP priority can change based on the availability of other interfaces. interface FastEthernet0/0.801 encapsulation isl 801 ip address 192.168.101.5 255.255.255.0 www.syngress.com 130_ASP_AppA 6/19/01 2:53 PM Page 499 500 Appendix A • Sample Configuration for an Application Service Provider Network no ip redirects ip wccp web-cache redirect out ip nbar protocol-discovery ip router isis tag-switching ip mls rp ip standby 101 priority 100 preempt delay 120 standby 101 ip 192.168.101.1 standby 101 track POS1/0 ! interface FastEthernet0/0.802 encapsulation isl 802 ip address 192.168.102.5 255.255.255.0 no ip redirects ip wccp web-cache redirect out ip nbar protocol-discovery ip router isis tag-switching ip mls rp ip standby 102 priority 50 standby 102 ip 192.168.102.1 standby 102 track POS1/0 ! interface FastEthernet0/0.803 encapsulation isl 803 ip address 192.168.103.5 255.255.255.0 ip helper-address 192.168.1.11 no ip redirects ip wccp web-cache redirect out ip router isis tag-switching ip mls rp ip standby 103 priority 100 standby 103 ip 192.168.103.1 www.syngress.com 130_ASP_AppA 6/19/01 2:53 PM Page 500 Sample Configuration for an Application Service Provider Network • Appendix A 501 ! interface POS1/0 ip address 192.168.254.1 255.255.255.0 ip wccp web-cache redirect out no keepalive tag-switching mtu 1500 tag-switching ip clock source internal ASP1-DFT-7200-D1(config-if)#no keepalive The keepalive command specifies how many seconds of inactivity will elapse before it sends a transmission to another router. ASP1-DFT-7200-D1(config-if)#tag-switching mtu 1500 This command sets the maximum transmission unit (MTU) for tag-switching packets to 1500 on this interface. ASP1-DFT-7200-D1(config-if)#clock source internal This command specifies that the interface will clock its data from its internal clock. interface FastEthernet2/0 ip vrf forwarding lab1-access1 ip address 10.10.1.10 255.255.255.0 no ip redirects ip wccp web-cache redirect out ip nbar protocol-discovery no ip route-cache cef shutdown full-duplex tag-switching ip standby 11 preempt ! interface Serial3/0 www.syngress.com 130_ASP_AppA 6/19/01 2:53 PM Page 501 502 Appendix A • Sample Configuration for an Application Service Provider Network no ip address shutdown framing c-bit cablelength 10 dsu bandwidth 44210 ASP1-DFT-7200-D1(config-if)#framing c-bit This specifies that the C-bit framing will be used as the framing type for this interface.This command frees up the C bits so that other traffic types can use them. ASP1-DFT-7200-D1(config-if)#cablelength 10 This command specifies the distance of the cable from the interface processor to the network equipment. ASP1-DFT-7200-D1(config-if)#dsu bandwidth 44210 This command specifies the maximum allowable bandwidth used by the port adapter. Maximum bandwidth is 22 kbps to 44736 kbps.The default varies for different port adapters. interface FastEthernet4/0 description CacheEngine Network ip address 192.168.3.1 255.255.255.0 ip wccp web-cache redirect out full-duplex tag-switching ip ! router isis redistribute connected net 49.0001.0000.0000.00d1.00 ASP1-DFT-7200-D1(config-router)#redistribute connected www.syngress.com 130_ASP_AppA 6/19/01 2:53 PM Page 502 Sample Configuration for an Application Service Provider Network • Appendix A 503 This command redistributes routes from one routing domain into another routing domain.The connected switch is the source protocol from which routes are being redistributed. ASP1-DFT-7200-D1(config-if)#net 49.0001.0000.00d1.00 This command is used to configure an IS-IS network entity title (NET) for the routing process. router rip version 2 ASP1-DFT-7200-D1(config)#router rip This enables RIP (Routing Information Protocol) for routing between net- work devices. RIP uses hop count as a routing metric. ASP1-DFT-7200-D1(config-router)#version 2 This command enables RIP version 2. RIP v2 allows the router to pass subnet information. address-family ipv4 vrf lab1-access1 version 2 network 10.0.0.0 no auto-summary exit-address-family ASP1-DFT-7200-D1(config-router)#address-family ipv4 vrf lab1-access1 To enter the address family submode for configuring routing protocols such as BGP, RIP, and static routing. ASP1-DFT-7200-D1(config-router-af)#version 2 Listen for and use RIP v2 on this address family. ASP1-DFT-7200-D1(config-router-af)#network 10.0.0.0 www.syngress.com 130_ASP_AppA 6/19/01 2:53 PM Page 503 [...]... network 192 .168.1.0 network 192 .168.101.0 network 192 .168.102.0 network 192 .168.253.1 network 192 .168.254.0 neighbor 192 .168.253.5 remote-as 70 neighbor 192 .168.253.5 ebgp-multihop 255 neighbor 192 .168.253.5 update-source Loopback1 neighbor 192 .168.253.5 activate neighbor 192 .168.253.5 send-community both neighbor 192 .168.253.6 remote-as 60 neighbor 192 .168.253.6 ebgp-multihop 255 neighbor 192 .168.253.6... network 192 .168.2.0 network 192 .168.50.0 network 192 .168.60.0 network 192 .168.70.0 redistribute connected redistribute static neighbor 192 .168.253.3 remote-as 70 neighbor 192 .168.253.3 ebgp-multihop 5 neighbor 192 .168.253.3 update-source Loopback1 neighbor 192 .168.253.6 remote-as 60 neighbor 192 .168.253.6 ebgp-multihop 255 neighbor 192 .168.253.6 update-source Loopback1 neighbor 192 .168.253 .9 remote-as... 130 _ASP_ AppA 6/ 19/ 01 2:53 PM Page 5 29 Sample Configuration for an Application Service Provider Network • Appendix A ! router ospf 99 redistribute isis level-1-2 subnets network 192 .168.215.0 0.0.0.255 area 0.0.0.0 ! router isis redistribute ospf 99 metric 1 metric-type internal level-1-2 net 49. 0001.0000.0000.00c2.00 metric-style transition mpls traffic-eng router-id Loopback1 ASP1 -DFT-GSR-C2(config-router)#mpls... level-2 into BGP ASP1 -DFT-GSR-B1(config-router)#redistribute ospf 99 metric 1 This command redistributes OSPF 99 into BGP with a metric of 1 -ip classless ip route 0.0.0.0 0.0.0.0 POS0/0 ip route 192 .168.250.0 255.255.255.0 POS0/0 ip route 192 .168.253.6 255.255.255.255 GigabitEthernet1/0 ! ! map-list MGX-B1 www.syngress.com 130 _ASP_ AppA 6/ 19/ 01 2:53 PM Page 521 Sample Configuration for... directed-broadcast www.syngress.com 130 _ASP_ AppA 6/ 19/ 01 2:53 PM Page 5 19 Sample Configuration for an Application Service Provider Network • Appendix A no ip route-cache cef no ip mroute-cache shutdown no cdp enable ! router ospf 99 redistribute isis level-1-2 subnets network 192 .168.215.0 0.0.0.255 area 0 ASP1 -DFT-GSR-B1(config)#router ospf 99 This command enables Open Shortest Path... 130 _ASP_ AppA 520 6/ 19/ 01 2:53 PM Page 520 Appendix A • Sample Configuration for an Application Service Provider Network no synchronization network 192 .168.60.0 network 192 .168.70.0 network 192 .168.80.0 redistribute connected redistribute static redistribute isis level-2 redistribute ospf 99 metric 1 neighbor 192 .168.253.2 remote-as 70 neighbor 192 .168.253.2 update-source Loopback1 neighbor 192 .168.253.6 remote-as... neighbor 192 .168.253.6 remote-as 60 neighbor 192 .168.253.6 ebgp-multihop 255 neighbor 192 .168.253.6 update-source Loopback1 neighbor 192 .168.253 .9 remote-as 70 neighbor 192 .168.253 .9 update-source Loopback1 neighbor 192 .168.253.13 remote-as 70 neighbor 192 .168.253.13 update-source Loopback1 default-information originate no auto-summary ASP1 -DFT-GSR-B1(config-router)#redistribute isis... vpnv4 neighbor 192 .168.253.5 activate neighbor 192 .168.253.5 send-community both neighbor 192 .168.253.6 activate neighbor 192 .168.253.6 send-community both default-information originate network 10.10.1.0 exit-address-family ! ip nat pool ASP- 1 192 .168.2.5 192 .168.2.10 netmask 255.255.255.0 ip nat inside source route-map internet_out pool ASP- 1 overload ip classless ip route 0.0.0.0 0.0.0.0 192 .168.254.2... and creates a process ID (99 ) ASP1 -DFT-GSR-B1(config-router)#redistribute isis level-1-2 subnets This command redistributes IS-IS level-1 and level-2 traffic into OSPF ASP1 -DFT-GSR-B1(config-router)#network 192 .168.215.0 0.0.0.255 area 0 This command assigns that network to area 0 -router isis redistribute ospf 99 metric 1 metric-type internal level-1-2 net 49. 0001.0000.0000.00b2.00 metric-style... transport input none line aux 0 line vty 0 4 exec-timeout 39 0 password 7 08004257061700573305150B242E login ! ntp update-calendar ntp server 192 .168.78.1 ntp server 192 .168.216.2 ntp server 192 .168.67.1 end ASP1 -DFT-GSR-B1(config)#ntp update-calendar www.syngress.com 521 130 _ASP_ AppA 522 6/ 19/ 01 2:53 PM Page 522 Appendix A • Sample Configuration for an Application Service Provider Network . ipv4-unicast network 192 .168.1.0 network 192 .168.101.0 network 192 .168.102.0 network 192 .168.253.1 network 192 .168.254.0 neighbor 192 .168.253.5 remote-as 70 neighbor 192 .168.253.5 ebgp-multihop 255 neighbor 192 .168.253.5. layer. www.syngress.com 130 _ASP_ AppA 6/ 19/ 01 2:53 PM Page 5 09 510 Appendix A • Sample Configuration for an Application Service Provider Network ASP1 -DFT-GSR-B1#show running -configuration Using 7 792 out of 520184. FastEthernet0/0.801 encapsulation isl 801 ip address 192 .168.101.5 255.255.255.0 www.syngress.com 130 _ASP_ AppA 6/ 19/ 01 2:53 PM Page 499 500 Appendix A • Sample Configuration for an Application Service Provider