as strong in many cases and in general the marginal costs of
increasing access link speed are lower than with dedicated lines.
Many of the issues covered here are included in the Internet Design
Guide manual that Cisco provides.
Update:
The limit of 256 PVCs goes away in IOS 11.1. I think the number is now
something like 1024 per router or some even more ludicrous number. There are
still lots of reasons you never want to do that. ;-)
The limit of 256 PVCs goes away in IOS 11.1. I think the number is now
something like 1024 per router or some even more ludicrous number. There are
still lots of reasons you never want to do that. ;-)
------------------------------
From: Question 31
Date: 18 April 1995
In order to login to a cisco router, it needs to have at least 64k
of contiguous free memory.
------------------------------
From: Question 32
Date: 18 April 1995
There are two varieties:
MEM-1X8F 8meg
MEM-2X8F 16meg
*******************************************************************************
******************************* 2500 ********************************
******************************* 8M Flash ********************************
*******************************************************************************
PRODUCT# QTY
-------- ---
MEM-1X8F 1
MEM-2X8F 2
Part Number: 16-0975-01
Description: IC,FEPROM, 2Mx32,100ns,SIM80 SC: P REV: A0 S/UM: EA P/UM: EA
-------------------------------------------------------------------------------
VENDOR
ITM MANUFACTURER'S PART CODE MANUFACTURER'S NAME
--- -------------------- ---------- ------------------------------
1- 1 SM732C2000B-10 KITTING01 SMART MODULE
Smart Modular is located in Freemont, California.
For small orders, Smart Modular recommends you contact:
PC Complete
800-849-4622.
They carry both Flash RAM and DRAM.
------------------------------
From: Question 32
Date: 19 May 1995
In the simple case, any static route *in the routing table* is
redistributed if the ``redistribute static'' command is used, and some
filter (set with either ``route-map'' or ``distribute-list out'')
doesn't filter it out.
Whether the static route gets into routing table depends on:
Whether the next hop address is reachable (if you use
static route pointing to a next hop)
OR
Whether the interface is up (if you use static route
pointing to an interface).
If one of these is true, an attempt is made to add the route to the
routing table; whether that succeeds depends on the administrative
distance of the route -- a lower administrative distance (the route
is "closer") than a preexisting route will cause the preexisting route
to be overwritten.
------------------------------
From: Question 33
Date: 19 May 1995
When a static route is added, or during an important event (eg:
interface up/down transition), the next hop for a route is looked up
from the routing table (i.e. recursive routing).
As a consequence, if a route which is depended upon for evaluation
of the next hop of a static route goes away, a mechanism is required
to remove that (now-invalid) static route.
Scanning all static routes each time the routing table changes is
too expensive, so instead, a period timer is used. One a minute, static
routes are added and removed from the routing table based on the routes
they depend upon.
It should be noted that a particular static route will be reevaluated
when its interface transitions up or down.
------------------------------
From: Question 35
Date: 22 April 1996
How do name and phone number of `dialer map' interfere?
We use the telephone number first actually. If the
caller id matches the telephone number to call, then you don't need the
'name' parameter with a phone number.
I realized that the above is ambiguous, so let's do this. You have:
dialer map ip x.x.x.x name
is used for incoming authentication. It can be either the hostname,
for PAP and CHAP, or it can be a number as returned by caller id. If this
is not there, and it is an imcoming call, and there is caller id, we will
compare against to see if that matches.
Not sure I've been clear here.
------------------------------
From: Question 36
Date: 22 April 1996
>* what is the real purpose of the network subcommand of
> router commands? When do I not want to include a network
> I know about?
The real purpose of the 'network' sub-command of the router commands is to
indicate what networks that this router is connected to are to be
advertised in the indicated routing protocol or protocol domain. For
example, if OSPF and EIGRP are configured, some subnets may be advertised
in one and some in the other. The network command enables one to do this.
An example of such a case is a secure subnet. Imagine the case where a set
of subnets are permitted to communicate within a campus, but one of the
buildings is intended to be inaccessible from the outside. By placing the
secure subnet in its own network number and not advertising the number, the
subnet is enabled to communicate with other subnets on the same router, but
is unreachable from any other router, barring static routes. This can be
extended by using a different routing protocol or routing protocol domain
for the secure network; subnets on the various routers within the secure
domain are mutually reachable, and routes from the non-secure domain may be
leaked into the secure domain, but the secure domain is invisible to the
outside world.
------------------------------
From: Question 37
Date: 22 April 1996
A Variable Length Subnet Mask (VLSM) is a means of allocating IP addressing
resources to subnets according to their individual need rather than some
general network-wide rule. Of the IP routing protocols supported by Cisco,
OSPF, Dual IS-IS, BGP-4, and EIGRP support "classless" or VLSM routes.
Historically, EGP depended on the IP address class definitions, and
actually exchanged network numbers (8, 16, or 24 bit fields) rather than IP
addresses (32 bit numbers); RIP and IGRP exchanged network and subnet
numbers in 32 bit fields, the distinction between network number, subnet
number, and host number being a matter of convention and not exchanged in
the routing protocols. More recent protocols (see VLSM) carry either a
prefix length (number of contiguous bits in the address) or subnet mask
with each address, indicating what portion of the 32 bit field is the
address being routed on.
A simple example of a network using variable length subnet masks is found
in Cisco engineering. There are several switches in the engineering
buildings, configured with FDDI and Ethernet interfaces and numbered in
order to support 62 hosts on each switched subnet; in actuality, perhaps
15-30 hosts (printers, workstations, disk servers) are physically attached
to each. However, many engineers also have ISDN or Frame Relay links to
home, and a small subnet there. These home offices typically have a router
or two and an X terminal or workstation; they may have a PC or Macintosh as
well. As such, they are usually configured to support 6 hosts, and a few
are configured for 14. The point to point links are generally unnumbered.
Using "one size fits all" addressing schemes, such as are found in RIP or
IGRP, the home offices would have to be configured to support 62 hosts
each; using numbers on the point to point links would further compound the
address bloat.
One configures the router for Variable Length Subnet Masking by configuring
the router to use a protocol (such as OSPF or EIGRP) that supports this,
and configuring the subnet masks of the various interfaces in the 'ip
address' interface sub-command. To use supernets, one must further
configure the use of 'ip classless' routes.
------------------------------
From: Question 38
Date: 22 April 1996
VLSM and unnumbered point to point interfaces are the obvious ways.
The 'ip unnumbered' subcommand indicates another interface or sub-interface
whose address is used as the IP source address on messages that the router
originates on the unnumbered interface, such as telnet or routing messages.
By doing this, the router is reachable for management purposes (via the
address of the one numbered interface) but consumes no IP addresses at all
for its unnumbered links.
When a serial ip interface connects several sites, as an SMDS link might,
then the use of an appropriate subnet mask (and a routing protocol that can
make good use of the information) will minimize address consumption.
------------------------------
From: Question 39
Date: 23 April 1996
How come my cisco router doesn't accept an address like:
"ip address 192.111.107.1 255.255.255.240"
or "ip address 171.69.0.1 255.255.0.0"
When "subnetting" of IP networks was first sanctioned by the IETF, the first
and last subnets (the all zeros subnet and all ones subnet) were reserved for
rather obscure uses and because of the confusion that would be caused with
routing protocols that don't carry net mask information. It was technically
illegal to place hosts or routers on those two subnets.
Several hosts and most other vendor's router products have problems operating
with the reserved subnets, so their use is discouraged. However, in 1995,
the IETF removed the restrictions on the use of these reserved subnets as part
of the classless routing effort.
If you would like to use the reserved subnets, simply add the line
"ip subnet-zero" to your cisco configuration.
You might consider adding "ip subnet-zero" to all your configurations as a
metter of course, to avoid being bitten by this in the future.
------------------------------
From: Question 40
Date: 27 April 1996
show version serial # Label
-------------------------------------------------------
4000 Rev A0 440xxxxx C4000
4000M Rev B0 445xxxxx C4000
4500 450xxxxx C4500
4500M 455xxxxx C4500
4700 470xxxxx C4700
------------------------------
From: Question 41
Date: 28 April 1996
In addition to sundry cisco documentation and ftp-able
info, there exists a TACACS+ mailing list.
For more information, see http://www.disaster.com/tacplus/.
------------------------------
From: Question 99
Date: 19 May 1995
The following people contributed to this FAQ, and their contributions
are greatly appreciated, both questions and answers (in alpha order):
Arpakorn Boonkongchuen
Robert Kiessling
"Ronnie B. Kon"
Alain Martineau
Barton.Bruce@camb.com (Barton F. Bruce / CCA)
Bill Miskovetz
Charley Kline
Dave Katz
Eriks Rugelis
Howard C. Berkowitz, PSC International,
Jim Forster
John Wright
Pete Siemsen
Phillip Remaker
Ran Atkinson
Robert Kiessling
Sanjay Rungta~
Sean McGrath
Srinivas Vegesna
Steve Cunningham
Warren Lavallee
William "Chops" Westfield
atkinson@sundance.itd.nrl.navy.mil (Ran Atkinson)
bpinsky@cisco.com (Bruce Pinsky)
buk@taz.de ($ Burkhard Kohl)
fred@cisco.com (Fred Baker)
jerry@ksu.ksu.edu (Jerry Anderson)
jhawk@panix.com (John Hawkinson)
john@cisco.com (John Wright)
john@gulfa.ods.gulfnet.kw (John Temples)
paul@hawksbill.sprintmrn.com (Paul Ferguson)
peter@ulisse.rhein-main.de (Peter Radig)
tli@cisco.com (Tony Li)
tom@park.uvsc.edu (Thomas R. Kimpton)
vikas@Tudor.Com (Vikas Aggarwal)
warner@cats.ucsc.edu (Jim Warner)
increasing access link speed are lower than with dedicated lines.
Many of the issues covered here are included in the Internet Design
Guide manual that Cisco provides.
Update:
The limit of 256 PVCs goes away in IOS 11.1. I think the number is now
something like 1024 per router or some even more ludicrous number. There are
still lots of reasons you never want to do that. ;-)
The limit of 256 PVCs goes away in IOS 11.1. I think the number is now
something like 1024 per router or some even more ludicrous number. There are
still lots of reasons you never want to do that. ;-)
------------------------------
From: Question 31
Date: 18 April 1995
In order to login to a cisco router, it needs to have at least 64k
of contiguous free memory.
------------------------------
From: Question 32
Date: 18 April 1995
There are two varieties:
MEM-1X8F 8meg
MEM-2X8F 16meg
*******************************************************************************
******************************* 2500 ********************************
******************************* 8M Flash ********************************
*******************************************************************************
PRODUCT# QTY
-------- ---
MEM-1X8F 1
MEM-2X8F 2
Part Number: 16-0975-01
Description: IC,FEPROM, 2Mx32,100ns,SIM80 SC: P REV: A0 S/UM: EA P/UM: EA
-------------------------------------------------------------------------------
VENDOR
ITM MANUFACTURER'S PART CODE MANUFACTURER'S NAME
--- -------------------- ---------- ------------------------------
1- 1 SM732C2000B-10 KITTING01 SMART MODULE
Smart Modular is located in Freemont, California.
For small orders, Smart Modular recommends you contact:
PC Complete
800-849-4622.
They carry both Flash RAM and DRAM.
------------------------------
From: Question 32
Date: 19 May 1995
In the simple case, any static route *in the routing table* is
redistributed if the ``redistribute static'' command is used, and some
filter (set with either ``route-map'' or ``distribute-list out'')
doesn't filter it out.
Whether the static route gets into routing table depends on:
Whether the next hop address is reachable (if you use
static route pointing to a next hop)
OR
Whether the interface is up (if you use static route
pointing to an interface).
If one of these is true, an attempt is made to add the route to the
routing table; whether that succeeds depends on the administrative
distance of the route -- a lower administrative distance (the route
is "closer") than a preexisting route will cause the preexisting route
to be overwritten.
------------------------------
From: Question 33
Date: 19 May 1995
When a static route is added, or during an important event (eg:
interface up/down transition), the next hop for a route is looked up
from the routing table (i.e. recursive routing).
As a consequence, if a route which is depended upon for evaluation
of the next hop of a static route goes away, a mechanism is required
to remove that (now-invalid) static route.
Scanning all static routes each time the routing table changes is
too expensive, so instead, a period timer is used. One a minute, static
routes are added and removed from the routing table based on the routes
they depend upon.
It should be noted that a particular static route will be reevaluated
when its interface transitions up or down.
------------------------------
From: Question 35
Date: 22 April 1996
How do name and phone number of `dialer map' interfere?
We use the telephone number first actually. If the
caller id matches the telephone number to call, then you don't need the
'name' parameter with a phone number.
I realized that the above is ambiguous, so let's do this. You have:
dialer map ip x.x.x.x name
for PAP and CHAP, or it can be a number as returned by caller id. If this
is not there, and it is an imcoming call, and there is caller id, we will
compare against
Not sure I've been clear here.
------------------------------
From: Question 36
Date: 22 April 1996
>* what is the real purpose of the network subcommand of
> router commands? When do I not want to include a network
> I know about?
The real purpose of the 'network' sub-command of the router commands is to
indicate what networks that this router is connected to are to be
advertised in the indicated routing protocol or protocol domain. For
example, if OSPF and EIGRP are configured, some subnets may be advertised
in one and some in the other. The network command enables one to do this.
An example of such a case is a secure subnet. Imagine the case where a set
of subnets are permitted to communicate within a campus, but one of the
buildings is intended to be inaccessible from the outside. By placing the
secure subnet in its own network number and not advertising the number, the
subnet is enabled to communicate with other subnets on the same router, but
is unreachable from any other router, barring static routes. This can be
extended by using a different routing protocol or routing protocol domain
for the secure network; subnets on the various routers within the secure
domain are mutually reachable, and routes from the non-secure domain may be
leaked into the secure domain, but the secure domain is invisible to the
outside world.
------------------------------
From: Question 37
Date: 22 April 1996
A Variable Length Subnet Mask (VLSM) is a means of allocating IP addressing
resources to subnets according to their individual need rather than some
general network-wide rule. Of the IP routing protocols supported by Cisco,
OSPF, Dual IS-IS, BGP-4, and EIGRP support "classless" or VLSM routes.
Historically, EGP depended on the IP address class definitions, and
actually exchanged network numbers (8, 16, or 24 bit fields) rather than IP
addresses (32 bit numbers); RIP and IGRP exchanged network and subnet
numbers in 32 bit fields, the distinction between network number, subnet
number, and host number being a matter of convention and not exchanged in
the routing protocols. More recent protocols (see VLSM) carry either a
prefix length (number of contiguous bits in the address) or subnet mask
with each address, indicating what portion of the 32 bit field is the
address being routed on.
A simple example of a network using variable length subnet masks is found
in Cisco engineering. There are several switches in the engineering
buildings, configured with FDDI and Ethernet interfaces and numbered in
order to support 62 hosts on each switched subnet; in actuality, perhaps
15-30 hosts (printers, workstations, disk servers) are physically attached
to each. However, many engineers also have ISDN or Frame Relay links to
home, and a small subnet there. These home offices typically have a router
or two and an X terminal or workstation; they may have a PC or Macintosh as
well. As such, they are usually configured to support 6 hosts, and a few
are configured for 14. The point to point links are generally unnumbered.
Using "one size fits all" addressing schemes, such as are found in RIP or
IGRP, the home offices would have to be configured to support 62 hosts
each; using numbers on the point to point links would further compound the
address bloat.
One configures the router for Variable Length Subnet Masking by configuring
the router to use a protocol (such as OSPF or EIGRP) that supports this,
and configuring the subnet masks of the various interfaces in the 'ip
address' interface sub-command. To use supernets, one must further
configure the use of 'ip classless' routes.
------------------------------
From: Question 38
Date: 22 April 1996
VLSM and unnumbered point to point interfaces are the obvious ways.
The 'ip unnumbered' subcommand indicates another interface or sub-interface
whose address is used as the IP source address on messages that the router
originates on the unnumbered interface, such as telnet or routing messages.
By doing this, the router is reachable for management purposes (via the
address of the one numbered interface) but consumes no IP addresses at all
for its unnumbered links.
When a serial ip interface connects several sites, as an SMDS link might,
then the use of an appropriate subnet mask (and a routing protocol that can
make good use of the information) will minimize address consumption.
------------------------------
From: Question 39
Date: 23 April 1996
How come my cisco router doesn't accept an address like:
"ip address 192.111.107.1 255.255.255.240"
or "ip address 171.69.0.1 255.255.0.0"
When "subnetting" of IP networks was first sanctioned by the IETF, the first
and last subnets (the all zeros subnet and all ones subnet) were reserved for
rather obscure uses and because of the confusion that would be caused with
routing protocols that don't carry net mask information. It was technically
illegal to place hosts or routers on those two subnets.
Several hosts and most other vendor's router products have problems operating
with the reserved subnets, so their use is discouraged. However, in 1995,
the IETF removed the restrictions on the use of these reserved subnets as part
of the classless routing effort.
If you would like to use the reserved subnets, simply add the line
"ip subnet-zero" to your cisco configuration.
You might consider adding "ip subnet-zero" to all your configurations as a
metter of course, to avoid being bitten by this in the future.
------------------------------
From: Question 40
Date: 27 April 1996
show version serial # Label
-------------------------------------------------------
4000 Rev A0 440xxxxx C4000
4000M Rev B0 445xxxxx C4000
4500 450xxxxx C4500
4500M 455xxxxx C4500
4700 470xxxxx C4700
------------------------------
From: Question 41
Date: 28 April 1996
In addition to sundry cisco documentation and ftp-able
info, there exists a TACACS+ mailing list.
For more information, see http://www.disaster.com/tacplus/.
------------------------------
From: Question 99
Date: 19 May 1995
The following people contributed to this FAQ, and their contributions
are greatly appreciated, both questions and answers (in alpha order):
Arpakorn Boonkongchuen
Robert Kiessling
"Ronnie B. Kon"
Alain Martineau
Barton.Bruce@camb.com (Barton F. Bruce / CCA)
Bill Miskovetz
Charley Kline
Dave Katz
Eriks Rugelis
Howard C. Berkowitz, PSC International,
Jim Forster
John Wright
Pete Siemsen
Phillip Remaker
Ran Atkinson
Robert Kiessling
Sanjay Rungta~
Sean McGrath
Srinivas Vegesna
Steve Cunningham
Warren Lavallee
William "Chops" Westfield
atkinson@sundance.itd.nrl.navy.mil (Ran Atkinson)
bpinsky@cisco.com (Bruce Pinsky)
buk@taz.de ($ Burkhard Kohl)
fred@cisco.com (Fred Baker)
jerry@ksu.ksu.edu (Jerry Anderson)
jhawk@panix.com (John Hawkinson)
john@cisco.com (John Wright)
john@gulfa.ods.gulfnet.kw (John Temples)
paul@hawksbill.sprintmrn.com (Paul Ferguson)
peter@ulisse.rhein-main.de (Peter Radig)
tli@cisco.com (Tony Li)
tom@park.uvsc.edu (Thomas R. Kimpton)
vikas@Tudor.Com (Vikas Aggarwal)
warner@cats.ucsc.edu (Jim Warner)