Re: 2811 router config dissection

Whats the best way to get a better understadning of whats going on in

> this configuration of a 2811. I am trying to dissect this

There is no magic way... just use Cisco Command Lookup Tool and other cisco documentation.

formatting link

Reply to
Sławomir Kawa
Loading thread data ...

I agree with Slawomir. This is a breakdown of some of the lines from the configuration. Lines omitted are less relevant. I am phrasing some of this in a general context as not to get too detailed and lose the meaning of the result.

Put a timestamp in the output of the "show log" command and in debug messages on screen.

Do not encrypt the passwords when the "show running-config" command is executed.

This is the device name which will show in the command prompt.

This sets the size of the "show log" capacity to hold log messages and declares the highest level of logging, debugging.

The enable mode password in an encrypted format. Look for a 5 or 7 before encrypted passwords to help indicate that they are shown encrypted.

AAA is authentication, authorization, and accounting. This particular form of the command indicates that there is not any AAA in use and that logins will be processed against the passwords here in the configuration.

Time zone information, pretty self descriptive.

Subnet zero is a default setting that I will go ahead and describe. This concept is that if a range of IP addresses is subnetted, or broken down into smaller segments, that the lower range of addresses is usable. It is to correct an old concept of address range segmentation which was kind of wastefull.

CEF is Cisco Express Forwarding, a method of more rapidly passing traffic between interfaces. Without knowing these commands right off, you will very likely not need to consider this setting in what you are doing.

Self explanitory, sets the device domain name. This might come into play if you enable SSH logins to this device for management or are having the router lease an IP address using DHCP from a server that makes DNS updates of the DHCP clients.

A router can be a DHCP server. There are two IP address ranges set up on this router. If a DHCP request comes to the router on the router interface in the range, it provides an IP address from the VOIP address pool. If a DHCP request comes to the router on the router interface in the range, it provides an IP address from the DATA pool. IP address will not be issued to any DHCP client.

Now that I have written that, I see that as a problem. Perhaps "ip dhcp pool DATA" should have had the command "network" instead of "network". The excluded-address section also contains a repeat, possibly mis-entered into this e-mail.

Cisco routers and switches can perform DNS lookups. This is sometimes annoying when a mis-entered command is interpreted as a hostname and the router attempts to resolve the word to an IP address via DNS. If DNS servers are not specified, the Cisco device attempts a broadcast and waits for a timeout. What a pain to wait for that every time a command is mis-entered. Best to make sure this is in place to specify no DNS lookups will be done by the router itself.

Class maps and policy maps are part of the overall QoS contept, also known as quality of service. This is, in this case, all about traffic management when network links are congested with excessive data traffic. The general idea of QoS is to classify network traffic types, mark the data packets with a tag, and then queue traffic based on the tagging (or sometimes just the classification). This class map identifies a class called "VOIP" which is any data traffic tagged with a setting called "expitite forwarding". It is the highest markable class of traffic and is common for voice over IP and some video conference data. The policy map called "LLQ" goes further by re-marking the data packets with a setting called "default" which is general everyday network traffic and then making it the highest priority data to exit the router with a limitation of 90kb/s. In this case, it looks like the voice traffic was reset to look like normal data traffic and is limited in the amount of bandwidth it is using through the router.

Although there is one twisted-pair ethernet cable from this router's interface FastEthernet0/0 to an ethernet switch, this cable is carrying the equivilent of two cables of data traffic. This is ethernet trunking using the IEEE 802.1Q standard. Think of it as multiplexing two (or more) cables of ethernet traffic into one cable.

The switch connected to this router has its ethernet ports divided into Vlan1 and Vlan10. Hosts on Vlan1 have IP addresses and hosts on Vlan10 have IP addresses. Again, I believe that this was mis-entered into this e-mail because you cannot assign the same IP address to two active interfaces of a router. The second interface was probably Anyhow, continuing . .

This interface is unused and is administratively down.

This is a single ATM connection. Although there is a sub-interface, ATM and frame-relay have a sub-interface kind of like how ethernet trunking works (above on FastEthernet0/0) except that that it is used for single connections. This is a T-1 line which uses ATM signalling, not the common point-to-point protocol (PPP). Traffic is queued based on the policy map declared earlier although I think that it would be applied better to the sub-interface than ATM0/0/0 itself. Someone might correct me on that later.

Classfull and classless are IP addressing concepts. Classfull is a concept that all IP address will have certian subnet masks no matter what. Classless is a concept that any range of IP addresses can be broken down into smaller subnet ranges which result in different subnet masks than originally intended. It is the 21st century - always think classless.

Static routes are entries into a router that specify the path to a remote subnet of IP addresses. They are usually in place if a dynamic routing protocol (RIP, EIGRP, OSPF, BGP) is not used or to override a route to a specific network that would normally take another path from another protocol.

A Cisco device can be web browsed for management. With few exceptions, we do not recommend this at all and highly encourage removing this setting.

Simple network management protocol is used by nice expensive servers that can query a network device like this using SNMP protocol and report on interface utilization, device uptime, and other parameters. It is usually not very secure and we use an additional parameter in this command to specify an access-list of hosts that can perform SNMP against this device which will make this more secure. Do not share your SNMP community strings with others. In general, disable SNMP unless you know that you will be using it.

Login banners and message of the day banners are shown at login. This reminds me of some legal ramification of having the word "welcome" in a prohibiting login message.

I cannot describe the voice configuration section of the router that was in this section.

Login is permitted for using the serial line console port to manage the router. A password is specified. Login is permitted for using the auxilary port connected to an external modem to manage the router. A password is specified. Login is permitted for using telnet to remotely connect and manage the router. A password is specified. Up to five telnet sessions can be active to this device at one time. Other remote management protocols to this device such as ssh and rlogin are not being permitted.

Although people may follow up and correct me in several places, there is the bulk of it. You have a voice router with a WAN connection and a trunk into two ethernet LAN segments. In my opinion, additional configuration is recommended to tune this router up a bit more.

----- Scott Perry Indianapolis, IN


Reply to
Scott Perry Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.