QinQ Tunneling

Traditionally, VLANs have not extended beyond the WAN boundary. VLANs in one campus extend to a WAN edge router, but VLAN protocols are not used on the WAN. Today, several emerging alternatives exist for the passage of VLAN traffic across a WAN, including 802.1Q-in-Q, Ethernet over MPLS (EoMPLS), and VLAN MPLS (VMPLS). While these topics are more applicable to the CCIE Service Provider certification, you should at least know the concept of 802.1 Q-in-Q tunneling. Also known as Q-in-Q or Layer 2...

Web Cache Communication Protocol

To ease pressure on congested WAN links in networks with many hosts, Cisco developed WCCP to coordinate the work of edge routers and content engines (also known as cache engines). Content engines collect frequently accessed data, usually HTTP traffic, locally, so that when hosts access the same pages the content can be delivered from the cache engine rather than crossing the WAN. WCCP differs from web proxy operation in that the hosts accessing the content have no knowledge that the content...

Do I Know This Already Quiz

Table 11-1 outlines the major headings in this chapter and the corresponding Do I Know This Already quiz questions. Table 11-1 Do I Know This Already Foundation Topics Section-to-Question Mapping Table 11-1 Do I Know This Already Foundation Topics Section-to-Question Mapping In order to best use this pre-chapter assessment, remember to score yourself strictly. You can find the answers in Appendix A, Answers to the 'Do I Know This Already ' Quizzes. 1. Into which of the following neighbor states...

Advertising BGP Routes to Neighbors

The previous section focused on the tools that BGP can use to inject routes into a local router's BGP table. BGP routers take routes from the local BGP table and advertise a subset of those routes to their BGP neighbors. This section continues focusing on the BGP table because the BGP route advertisement process takes routes from the BGP table and sends them to neighboring routers, where the routes are added to the neighbors' BGP tables. Later, the final major section in the chapter, Building...

Designated Routers on LANs

OSPF optimizes the LSA flooding process on multiaccess data links by using the concept of a designated router (DR). Without the concept of a DR, each pair of routers that share a data link would become fully adjacent neighbors. Each pair of routers would directly exchange their LSDBs with each other as shown in Figure 9-1. On a LAN with only six routers, without a DR, 15 different pairs of routers would exist, and 15 different instances of full database flooding would occur. OSPF uses a DR (and...

Cisco 3560 Congestion Avoidance

The 3560 uses a different method for congestion avoidance, known as weighted tail drop, or WTD. WTD creates three thresholds per queue into which traffic can be divided, based on CoS value, for tail drop when the associated queue reaches a particular percentage. For example, you can configure a queue so that it drops traffic with CoS values of 0-3 when the queue reaches 40 percent full, then drops traffic with CoS 4 and 5 at 60 percent full, and finally drops CoS 6 and 7 traffic only when the...

ISL and 8021Q Configuration

Cisco switches use the Dynamic Trunk Protocol (DTP) to dynamically learn whether the device on the other end of the cable wants to perform trunking and, if so, which trunking protocol to use. DTP learns whether to trunk based on the DTP mode defined for an interface. Cisco switches default to use the DTP desirable mode, which means that the switch initiates sending DTP messages, hoping that the device on the other end of the segment replies with another DTP message. If a reply is received, DTP...

DSCP Settings and Terminology

Several DiffServ RFCs suggest a set of values to use in the DSCP field and an implied meaning for those settings. For instance, RFC 2598 defines a DSCP of decimal 46, with a name Expedited Forwarding (EF). According to that RFC, packets marked as EF should be given queuing preference so that they experience minimal latency, but the packets should be policed to prevent them from taking over a link and preventing any other types of traffic from exiting an interface during periods when this...

OSPF Path Choices That Do Not Use Cost

Under most circumstances, when an OSPF router runs the SPF algorithm and finds more than one possible route to reach a particular subnet, the router chooses the route with the least cost. However, OSPF does consider a few conditions other than cost when making this best-path decision. This short section explains the remaining factors that impact which route, or path, is considered best by the SPF algorithm. As mentioned earlier, some routes are considered to be intra-area routes, some are...

Going Active on a Route

The second branch in the local computation logic causes the EIGRP router to ask its neighbors about their current best route to a subnet, hoping to find an available, loop-free alternative route to that subnet. When no FS route is found, the EIGRP router goes active for the route. Going active is jargon for the process of changing a route's status to active. Once the router is active, EIGRP multicasts Query messages to its neighbors, asking the neighbors if they have a valid route to the...

Ethernet Layer 2 Framing and Addressing

In this book, as in many Cisco courses and documents, the word frame refers to the bits and bytes that include the Layer 2 header and trailer, along with the data encapsulated by that header and trailer. The term packet is most often used to describe the Layer 3 header and data, without a Layer 2 header or trailer. Ethernet's Layer 2 specifications relate to the creation, forwarding, reception, and interpretation of Ethernet frames. The original Ethernet specifications were owned by the...

Mpls Ip Forwarding Data Plane

MPLS defines a completely different packet-forwarding paradigm. However, hosts do not and should not send and receive labeled packets, so at some point, some router will need to add a label to the packet and, later, another router will remove the label. The MPLS routers the routers that inject (push), remove (pop), or forward packets based on their labels use MPLS forwarding logic. MPLS relies on the underlying structure and logic of Cisco Express Forwarding (CEF) while expanding the logic and...

About the Technical Reviewers

Maurilio Gorito, CCIE No. 3807 (Routing and Switching, WAN Switching, and Security), has more than 20 years of experience in networking, including Cisco networks and IBM SNA environments, which includes the planning, designing, implementation, and troubleshooting of large IP networks running RIP, IGRP, EIGRP, BGP, OSPF, QoS, and SNA worldwide, including in Brazil and the United States. Maurilio has worked for Cisco since 2000 with the CCIE Team. As program manager he is responsible for managing...

Choosing Which Ports Forward Choosing Root Ports and Designated Ports

To determine which ports forward and block, STP follows a three-step process, as listed in Table 3-2. Following the table, each of the three steps is explained in more detail. Table 3-2 Three Major 802.1d STP Process Steps Table 3-2 Three Major 802.1d STP Process Steps The switch with the lowest bridge ID wins the standard bridge ID is 2-byte priority followed by a MAC address unique to that switch. The one port on each switch with the least cost path back to the root. Determine the Designated...

Operation of Protocol Independent Multicast Sparse Mode

PIM-SM works with a completely opposite strategy from that of PIM-DM, although the mechanics of the protocol are not exactly opposite. PIM-SM assumes that no hosts want to receive multicast packets until they specifically ask to receive them. As a result, until a host in a subnet asks to receive multicasts for a particular group, multicasts are never delivered to that subnet. With PIM-SM, downstream routers must request to receive multicasts using PIM Join messages. Also, once they are...

CCIE Routing and Switching Exam Updates Version

Over time, reader feedback allows Cisco Press to gauge which topics give our readers the most problems when taking the exams. Additionally, Cisco might make changes to the CCIE Routing and Switching exam blueprint. To assist readers with those topics, the authors created new materials clarifying and expanding upon those troublesome exam topics. As mentioned in the introduction, the additional content about the exam is contained in a PDF document on this book's companion website, at This...

Configuring OSPF Authentication

One of the keys to keeping OSPF authentication configuration straight is to remember that it differs significantly with RIPv2 and EIGRP, although some of the concepts are very similar. The basic rules for configuring OSPF authentication are as follows Three types are available type 0 (none), type 1 (clear text), and type 2 (MD5). Authentication is enabled per interface using the ip ospf authentication interface subcommand. The default authentication is type 0 (no authentication). The default...

Defining and Limiting Cbwfq Bandwidth

Cisco IOS checks a CBWFQ policy map to ensure that it does not allocate too much bandwidth IOS performs the check when the service-policy output command is added if the policy map defines too much bandwidth for that interface, the service-policy command is rejected. IOS defines the allowed bandwidth based on two interface subcommands the bandwidth command and the reserved bandwidth implied by the max-reserved-bandwidth command (abbreviated hereafter as int-bw and max-res, respectively). The...

Building BGP Neighbor Relationships

BGP neighbors form a TCP connection with each neighbor, sending BGP messages over the connections culminating in BGP Update messages that contain the routing information. Each router explicitly configures its neighbors' IP addresses, using these definitions to tell a router with which IP addresses to attempt a TCP connection. Also, if a router receives a TCP connection request (to BGP port 179) from a source IP address that is not configured as a BGP neighbor, the router rejects the request....

Mutual Redistribution at Multiple Routers

When multiple routers redistribute between the same two routing protocol domains, several potential problems can occur. One type of problem occurs on the redistributing routers, because those routers will learn a route to most subnets via both routing protocols. That router uses the AD to determine the best route when comparing the best routes from each of the two routing protocols this typically results in some routes using suboptimal paths. For example, Figure 10-4 shows a sample network,...

Becoming Neighbors Exchanging Databases and Becoming Adjacent

OSPF directly encapsulates the five different types of OSPF messages inside IP packets, using IP protocol 89, as listed in Table 9-2. Used to discover neighbors, bring a neighbor relationship to a 2-way state, and monitor a neighbor's responsiveness in case it fails Used to exchange brief versions of each LSA, typically on initial topology exchange, so that a router knows a list of that neighbor's LSAs A packet that identifies one or more LSAs about which the sending router would like the...

LSA Types and Network Types

Table 9-4 lists the LSA types and their descriptions for reference following the table, each type is explained in more detail, in the context of a working network. One per router, listing RID and all interface IP addresses. Represents stub networks as well. One per transit network. Created by the DR on the subnet, and represents the subnet and the router interfaces connected to the subnet. Created by ABRs to represent one area's type 1 and 2 LSAs when being advertised into another area. Defines...

Cisco 3560 Switch Egress Queuing

Cisco 3560 egress queuing improves on the core concepts of 3550 egress queuing by adding a couple of key features. First, 3560 egress queuing creates a mechanism to prevent queue starvation of the non-PQ queues a potential issue with the 3550 egress scheduling logic. Second, 3560 queuing adds a shaping feature that slows down egress traffic, which helps prevent some types of DoS attacks and provides the means to implement subrate speed for Metro Ethernet implementations. First, it helps to know...

Contents at a Glance

Chapter 2 Virtual LANs and VLAN Trunking 27 Chapter 6 IP Forwarding (Routing) 155 Chapter 10 IGP Route Redistribution, Route Summarization, and Default Routing 297 Chapter 11 BGP 339 Part IV QoS 401 Chapter 12 Classification and Marking 403 Chapter 13 Congestion Management and Avoidance 435 Chapter 16 Introduction to IP Multicasting 531 Chapter 17 IP Multicast Routing 581 Part VII Security 641 Chapter 18 Security 643 Chapter 19 Multiprotocol Label Switching 693 Part IX IP Version 6 739 Chapter...

Network Address Translation

NAT, defined in RFC 1631, allows a host that does not have a valid registered IP address to communicate with other hosts on the Internet. NAT has gained such wide-spread acceptance that the majority of enterprise IP networks today use private IP addresses for most hosts on the network and use a small block of public IP addresses, with NAT translating between the two. NAT translates, or changes, one or both IP addresses inside a packet as it passes through a router. (Many firewalls also perform...

Switch Security Best Practices for Unused and User Ports

Ethernet 802 Frame Types

The first three items in the list of best practices for unused and user ports are mostly covered in earlier chapters. For a brief review, Example 18-7 shows an example configuration on a Cisco 3550 switch, with each of these items configured and noted. In this example, fa0 1 is a currently unused port. CDP has been disabled on the interface, but it remains enabled globally, on the presumption that some ports still need CDP enabled. DTP has been disabled as well, and STP Root Guard and BPDU...

RIP Version 2 Basics

CCIE candidates may already know many of the features and configuration options of RIP. Although RIPv2 is no longer on the CCIE Routing and Switching qualification exam blueprint, it is clearly helpful to understand its operations to strengthen your grasp on IGPs in general and the differences between distance vector and link-state protocols. This chapter summarizes RIPv2's protocol features and concepts. Table 7-2 provides a high-level overview of RIPv2's operation. Hop count, with 15 as the...

Pv6 Unicast Routing Protocols

The next two major sections of this chapter explore the details of the two IPv6 unicast routing protocols covered in the CCIE Routing and Switching qualification exam blueprint OSPFv3 and EIGRP for IPv6. These routing protocols have a lot in common in terms of their Cisco IOS configuration. It is worth mention here that RIPng, which was removed from the CCIE Routing and Switching qualification exam blueprint at version 3, also shares many of these common configuration concepts. Although OSPFv3...

Pv6 Static Routes

Now that we have laid the foundation for IPv6 addressing and basic services, the next section of this chapter focuses on routing. This section begins with static routes and then covers the two IPv6 routing protocols on the CCIE Routing and Switching qualifying exam blueprint, OSPFv3 and IPv6 EIGRP. Static routing in IPv6 works almost exactly as it does in IPv4, but with several twists An IPv6 static route to an interface has a metric of 1, not 0 as in IPv4. An IPv6 static route to a next-hop IP...

Classification Using Class Maps

MQC-based tools classify packets using the match subcommand inside an MQC class map. The following list details the rules surrounding how class maps work for matching and classifying packets The match command has many options for matching packets, including QoS fields, ACLs, and MAC addresses. (See Table 12-10 in the Foundation Summary section for a reference.) Class-map names are case sensitive. The match protocol command means that IOS uses Network Based Application Recognition (NBAR) to...

IP Addressing and Subnetting Review

First, here's a quick review of some of the core facts about IPv4 addresses that should be fairly familiar to you Written in dotted decimal notation (for example, 1.2.3.4), with each decimal octet representing 8 bits. Addresses are assigned to network interfaces, so computers or routers with multiple interfaces have multiple IP addresses. A computer with an IP address assigned to an interface is an IP host. A group of IP hosts that are not separated from each other by an IP router are in the...

Subnetting Math

Knowing how to interpret the meaning of addresses and masks, routes and masks in the routing table, addresses and masks in ACLs, and configure route-filtering are all very important topics for the CCIE Routing and Switching written and lab exams. This section covers the binary math briefly, with coverage of some tricks to do the math quickly without binary math. Several subsequent chapters cover the configuration details of features that require this math. Dissecting the Component Parts of an...

Pv6 Address Types

Like IPv4 addresses, several types of IPv6 addresses are required for the various applications of IPv6 as a Layer 3 protocol. In IPv4, the address types are unicast, multicast, and broadcast. IPv6 differs slightly in that broadcast addressing is not used special multicast addresses take the place of IPv4 broadcast addresses. However, three address types remain in IPv6 unicast, multicast, and anycast. This section of the chapter discusses each one. Table 20-2 summarizes the IPv6 address types....

Why Should I Take the CCIE Routing and Switching Written Exam

The first and most obvious reason to take the CCIE Routing and Switching written exam is that it is the first step toward obtaining the CCIE Routing and Switching certification. Also, you cannot schedule a CCIE lab exam until you pass the corresponding written exam. In short, if you want all the professional benefits of a CCIE Routing and Switching certification, you start by passing the written exam. The benefits of getting a CCIE certification are varied, among which are the following Career...

Neighbor Discovery

A major difference between IPv4 and IPv6 involves how IPv6 hosts learn their own addresses and learn about their neighbors, including other hosts and routers. Neighbor Discovery Protocol, also known as ND or NDP, facilitates this and other key functions. ND is defined in RFC 2461. The remainder of this section introduces ND functionality, lists its main features, and then lists the related ICMPv6 messages, which are beyond the scope of the exam but are useful for study and reference. In IPv6...

Adding iBGP Routes to the IP Routing Table

Cisco IOS has the same two requirements for adding iBGP routes to the IP routing table as it does for eBGP routes The route must be the best BGP route. The route must be the best route (according to the AD) in comparison with other routing Additionally, for iBGP-learned routes, IOS considers the concept of BGP synchronization. With BGP synchronization (often called sync) disabled using the no synchronization command, BGP uses the same logic for iBGP routes as it does for eBGP routes regarding...

Dynamic Multipoint VPN

IPsec is a commonly implemented method of forming secure tunnels from site to site or from remote users to a central site. However, it has limitations. In a site-to-site, hub-and-spoke environment, for example, all VPN traffic from spoke to spoke must traverse the hub site, where it must be unencrypted, routed, and then encrypted again. This is a lot of work for a VPN Concentrator, especially in a large environment with many spoke sites where a lot of traffic must flow between spokes. One...

Low Latency Queuing

Low-latency queuing sounds like the best queuing tool possible, just based on the name. What packet wouldn't want to experience low latency As it turns out, for delay (latency) sensitive traffic, LLQ is indeed the queuing tool of choice. LLQ looks and acts just like CBWFQ in most regards, except it adds the capability for some queues to be configured as low-latency queues. LLQ schedules these specific queues as strict-priority queues. In other words, LLQ always services packets in these...

Class Based Marking CB Marking Configuration

As with the other QoS tools whose names begin with the phrase Class-Based, you will use MQC commands to configure CB Marking. The following list highlights the key points regarding CB ._________ CB Marking requires CEF (enabled using the ip cef global command). Topic Packets are classified based on the logic in MQC class maps. An MQC policy map refers to one or more class maps using the class class-map-name command packets classified into that class are then marked. CB Marking is enabled for...

CBWFQ Basic Features and Configuration

The CBWFQ scheduler guarantees a minimum percentage of a link's bandwidth to each class queue. If all queues have a large number of packets, each queue gets the percentage bandwidth implied by the configuration. However, if some queues are empty and do not need their bandwidth for a short period, the bandwidth is proportionally allocated across the other classes. (Cisco does not publish the details of how CBWFQ achieves these functions.) Table 13-3 summarizes some of the key features of CBWFQ....

Building Adjacency Information ARP and Inverse ARP

The CEF adjacency table entries list an outgoing interface and a Layer 2 and Layer 3 address reachable via that interface. The table also includes the entire data link header that should be used to reach that next-hop (adjacent) device. The CEF adjacency table must be built based on the IP routing table, plus other sources. The IP routing table entries include the outgoing interfaces to use and the next-hop device's IP address. To complete the adjacency table entry for that next hop, the router...

FRTS Configuration Using LLQ

FRTS supports a variety of queuing tools for managing packets it queues. The queuing tool is enabled via a command in the map class. Example 14-7 shows just such an example, with a new map class. The requirements implemented in this example are as follows Shape traffic on the two VCs (101 and 102) on s0 0 with the same settings for shaping. Use LLQ only on the VC with DLCI 101. Set Be to 0, and tune Tc to 10 ms. Note that the example does not show the configuration for policy map queue-voip....

Redistributing a Subset of Routes Using a Route

Route maps can be referenced by any redistribute command. The route map may actually let all the routes through, setting different route attributes (for example, metrics) for different routes. Or it may match some routes with a deny clause, which prevents the route from being redistributed. (Refer to Figure 10-1 for a review of route map logic.) Figure 10-3 and Example 10-2 show an example of mutual redistribution between EIGRP and OSPF, with some routes being either filtered or changed using...

Ethernet Layer 1 Wiring Speed and Duplex

Before making an Ethernet LAN functional, end-user devices, routers, and switches must be cabled correctly. To run with fewer transmission errors at higher speeds, and to support longer cable distances, variations of copper and optical cabling can be used. The different Ethernet specifications, cable types, and cable lengths per the various specifications are important for the exam, and are listed in the Foundation Summary section. You should know the details of cross-over and straight-through...

Cisco Press

800 East 96th Street Indianapolis, Indiana 46240 USA CCIE Routing and Switching Exam Certification Guide, Third Edition Contributing author Naren Mehta, CCIE No. 9797 Copyright 2008 Cisco Systems, Inc. Published by Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without...

Committed Access Rate

CAR implements single-rate, two-color policing. As compared with that same option in CB Policing, CAR and CB Policing have many similarities. They both can police traffic either entering or exiting an interface or subinterface they can both police subsets of that traffic based on classification logic and they both set the rate in bps, with Bc and Be configured as a number of bytes. CAR differs from CB Policing regarding four main features, as follows CAR uses the rate-limit command, which is...

EIGRP Basics and Steady State Operation

Many CCIE candidates have learned many of the details of EIGRP operation and configuration. EIGRP is widely deployed and is thoroughly covered on the CCNP BSCI exam. With that in mind, this chapter strives to review the key terms and concepts briefly, and get right to specific examples that detail EIGRP operation on a Cisco router. To that end, the chapter begins with Table 8-2, which lists some of the key features related to EIGRP. IP, protocol type 88 (does not use UDP or TCP). Based on...

IGMP Snooping

What happens if your network has non-Cisco switches You cannot use CGMP because it is Cisco proprietary. IGMP snooping can be used for a multivendor switched network to control distribution of multicast traffic at Layer 2. IGMP snooping requires the switch software to eavesdrop on the IGMP conversation between multicast hosts and the router. The switch examines IGMP messages and learns the location of multicast routers and group members. NOTE Many Cisco switches support IGMP snooping, including...

How Multicasting Provides a Scalable and Manageable Solution

The six basic requirements for supporting multicast across a routed network are as follows A designated range of Layer 3 addresses that can only be used by multicast applications must exist. A network administrator needs to install a multicast application on a multicast server using a Layer 3 multicast address from the designated range. A multicast address must be used only as a destination IP address and specifically not as a source IP address. Unlike a unicast IP packet, a destination IP...

Simple Password Protection for the CLI

Figure 18-1 provides a visual reminder of some hopefully familiar details about how users can reach a router's CLI user mode, and move into enable (privileged) mode using the enable command. Figure 18-1 Router User and Enable Modes Figure 18-1 shows three methods to reach user mode on a router. The figure also applies to Cisco IOS-based switches, except that Cisco switches do not have auxiliary ports. Cisco IOS can be configured to require simple password protection for each of the three...

General Layer 3 Security Considerations

This section explains a few of the more common ways to avoid Layer 3 attacks. Smurf Attacks, Directed Broadcasts, and RPF Checks A smurf attack occurs when a host sends a large number of ICMP Echo Requests with some atypical IP addresses in the packet. The destination address is a subnet broadcast address, also known as a directed broadcast address. Routers forward these packets based on normal matching of the IP routing table, until the packet reaches a router connected to the destination...

Class Based Policing Configuration

CB Policing uses the familiar MQC commands for configuration. As a result, a policy map can police all packets using the convenient class-default class, or it can separate traffic into classes, apply different policing parameters to different classes of traffic, or even simply not police some classes. The police command configures CB Policing inside a policy map. On the police command, you define the policing rate in bps, the Bc in bytes, and the Be in bytes, along with the actions for each...

Configuring EIGRP for IPv6

The basic steps required to configure IPv6 EIGRP are quite similar to those for IPv4 EIGRP, with several additions Enable IPv6 unicast routing. Configure EIGRP on at least one router interface. In the EIGRP routing process, assign a router ID. Issue the no shutdown command in the EIGRP routing process to activate the protocol. Use the relevant show commands to check your configuration. Next, let's look at a configuration example that includes IPv6 EIGRP routing between two routers connected...

Pv6 Address Autoconfiguration

One of the goals of IPv6 is to make life easier for network administrators, especially in dealing with the almost unimaginably vast address space that IPv6 provides compared to IPv4. Automatic address configuration, or simply autoconfiguration, was created to meet that need. An IPv6 host can automatically configure its complete address, or just the interface ID portion of its address, depending on which of the several methods for autoconfiguration it uses. Those methods include Stateless...

Class Based Shaping Configuration

Class-Based Shaping (CB Shaping) implements all the core concepts described so far in this chapter, plus several other important features. First, it allows for several Cisco IOS queuing tools to be applied to the packets delayed by the shaping process. At the same time, it allows for fancy queuing tools to be used on the interface software queues. It also allows for classification of packets, so that some types of packets can be shaped at one rate, a second type of packet can be shaped at...

CCIE Routing and Switching Written Exam 350001

The CCIE Routing and Switching written exam, as of the time of publication, consists of a two-hour exam administered at a proctored exam facility affiliated with Pearson VUE (http www.vue.com cisco). The exam typically includes approximately 100 multiple-choice questions. No simulation questions are currently part of the written exam. As with most exams, everyone wants to know what is on the exam. Cisco provides general guidance as to topics on the exam in the CCIE Routing and Switching written...

About the CCIE Routing and Switching Official Exam Certification Guide Third Edition

This section provides a brief insight into the contents of the book, the major goals, and some of the book features that you will encounter when using this book. This book contains nine major parts, which correspond to, and are in the same order as, the last nine major headings in the 10-heading CCIE Routing and Switching written blueprint. The topics under the first heading of the blueprint, General Networking Theory, are covered in this book, but they are spread throughout the various parts...

IP Access Control List Review

A relatively deep knowledge of IP ACL configuration and use is assumed to be pre-requisite knowledge for readers of this book. In fact, many of the examples in the earlier sections of the book did not take the space required to explain the detailed logic of ACLs used in the examples. However, some reference information, as well as statements regarding some of the rules and practices regarding IP ACLs, is useful for general CCIE Routing and Switching exam study. Those details are presented in...

Modified Deficit Round Robin

MDRR is a queuing feature implemented only in the Cisco 12000 series router family. Because the 12000 series does not support CBWFQ and LLQ, MDRR serves in place of these features. Its main claims to fame are better fairness than legacy queuing methods such as priority queuing and custom queuing, and that it supports a priority queue (like LLQ). For the CCIE Routing and Switching qualifying exam, you need to understand how MDRR works at the conceptual level, but you don't need to know how to...

VLSM Subnet Allocation

So far in this chapter, most of the discussion has been about examining existing addresses and subnets. Before deploying new networks, or new parts of a network, you must give some thought to the ranges of IP addresses to be allocated. Also, when assigning subnets for different locations, you should assign the subnets with thought for how routes could then be summarized. This section covers some of the key concepts related to subnet allocation and summarization. (This section focuses on the...