Products That Work . Com

HSRP stands for Hot Standby Router Protocol

HSRP creates a virtual IP address (which is used as gateway address).
This virtual address is free to move between configured routers as needed.

Some background for this config:

Local Subnet: 192.168.2.0/24
Desired gateway address: 192.168.2.1

Both routers and their hosts must be on the same layer 2 network.

On Router A:
ip address 192.168.2.2 255.255.255.0
standby 1 ip 192.168.2.1
standby 1 preempt
standby 1 priority 110
standby 1 authentication myrouter
standby 1 track serial 0/0

The priority number determines which router will normally have the virtual IP address, higher numbers win.

The track statement tells the router to give up the virtual address if the serial 0/0 interface goes down.

Router B:
ip address 192.168.2.3 255.255.255.0
standby 1 ip 192.168.2.1
standby 1 preempt
standby 1 priority 100
standby 1 authentication myrouter
standby 1 track serial 0/1

Router A has the virtual IP address, and if the router or it’s serial port goes down, Router B will assume control of the virtual address, and traffic will flow over it’s serial link.

The syntax for the MoTD banner command is:

banner motd {char} {banner text} {char}

where {char} is a special delimeter character that does not exist in the {banner text}. Everything contained between the first and second {char} characters, including carriage returns, is interpreted as the banner message. For example,

config t
banner motd #
******************************************
* Unauthorized access prohibited
* Hostname $(hostname)
* Domain $(domain)
* Line $(line)
******************************************
#

OSPF: Open Shortest Path First

OSPF is a dynamic routing solution. OSPF utilizes less bandwidth, once established it only sends routing table updates when there are changes.

router(config)#router ospf 1
router(config-router)#network 10.1.0.0 0.0.255.255 area 130

Command turns on OSPF routing protocol with process id of 1. The network line must be added to tell the router which networks will be participating in OSPF. This command can be expanded to include stub areas and not so stubby areas.

You can run multiple processes of OSPF using different process ids.

Related commands:
show ip ospf neighbor
show ip ospf interface

ACL’s are read from top to bottom.

Packets crossing a routers interface are matched against the first line in the ACL, if it doesn’t match criteria, it compares the next line and so on until it reaches a permit or deny that matches. The second to remember: THERE IS AN IMPLICIT DENY underneath the last (bottom) line!

Don’t apply an access-list to an interface without at least one permit statement.

Standard access lists can be numbered 1 – 99 or 1300 – 1999

One access list per interface, per direction, per protocol

The basic makeup of a line (statement) is:

permit / deny source_ip

access-list 1 permit 192.168.1.3 0.0.0.0

Depending on the interface and direction the list is applied will determine its relevance.

For example, if this access list is placed on the inside interface with an “ip access-group 1 in” then the only traffic permitted into that interface will come from 192.168.1.3.

Wildcard masks are an inverse of normal subnet masks, so 0.0.0.0 is equivalent to the 255.255.255.255 of route advertisement.

So if I want to deny the network 10.0.1.0 255.255.255.248 then I would type

access-list 1 deny 10.0.1.0 0.0.0.7.

if I want to permit a single host, I type

access-list 1 permit 192.168.1.1 0.0.0.0

Finally, when you apply the access-list to an interface, don’t call it a “list” call it a “group”.

i.e.
router(config)# interface fastethernet 0/0
router(config-int)# ip access-group 1 in