Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CISCO > CCIE > Flashcards

CCIE Flashcards

Memorize CCIE RS Commands (379 cards)

Start Studying
1
Q

conform-action [set-prec-transmit $int] [transmit]

exceed-action [set-dscp-transmit $int]

violate-action [drop]

A

Three actions can be done when configuring a QoS policer and also actions such as marking can be linked to eaech of these actions. Mention them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Configures the switch to automatically recover from a err-disable condition due to a specific reason in the specified time.

A

err-disable recovery cause $cause

err-disable recovery interval $int

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Sets logs or debugs timestamps with the desired specified time format.

A

service timestamps log/debug uptime/datetime [msec/year]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A route-map matches the originator of a received

prefix.

A

match ip route-source $ACL/%PrefList

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Permit an IGMP enabled interface to permit mcast hosts to join ONLY permitted mcast groups or specific S,G (extended ACLs)

A

ip igmp access-group $ACL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Selectively manipulate imported or exported NLRIs in order to get installed (or not) into a certain RIB.

A

export map $RMAP / import map $RMAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Configures OSPF security as SHA-256 (Highest security encryption)

A

area $int authentication key-chain $string

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A BGP prefix received will be installed from the specified neighbor even if its own AS number is included in the AS_PATH of that prefix.

A

neighbor x.x.x.x allowas-in

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Configures a RIP enabled interface to send or receive specific RIP version packets.

A

ip rip send/receive version 1/2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Defines AS numbers that are to be considered confederation peerings.

A

bgp confederation peers $AS1 $AS2 $ASn…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Configures a police rate percent based and burst value

A

police rate percent % burst $ms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Enables CDP globally or in the interface, and configured CDP timers.

A

cdp enable/run

cdp timer $int

cdp holdtime $int

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Sets the router as an Auto-RP RP candidate for specified groups.

A

ip pim send-rp announce $if scope $int group-list $ACL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Causes OSPF to form an adjacency with the specified peer but NOT advertise any prefix to it.

A

neighbor x.x.x.x database-filter all out

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Sets the file system that will be used by the router to get the files requested by its HTTP clients.

A

ip http path $fs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Configures NAT to be applied to traffic ingressing a specific VRF interface.

A

ip nat inside source list $ACL interface $if [vrf $IngressVRF] [overload]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

BGP TCP keepalive interval and timeout configuration.

A

bgp timers $Keepalives $Hold-time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Configures a vrf ospf instance to set a specific domain id when its prefixes are redistributed into MP-BGP.

A

domain-id x.x.x.x

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Sets the maximum number of active HTTP connections in this router.

A

ip http max-connections $int

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Sets the AD for inter, intra or external OSPF prefixes.

A

distance ospf inter/intra/external $int

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Prune the specified VLANs from the trunk port.

A

switchport trunk pruning vlan $int….

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

{BGP} Advertises a set of prefixes to a specific neighbor if a route or a set of routes exist or not exist.

A

neighbor x.x.x.x advertise-map $RMAP exist-map/non-exist-map $RMAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Configures a NAT rule to translate a whole network as another network space as in 1-1 translation

A

ip nat inside source static network $inLocal $inGlobal /xy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Configures the router to authenticate HTTP connections with the local user database.

A

ip http authentication local

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Causes the potential OSPF adjacencies to ignore the MTU value as compatibility check.
ip ospf mtu-ignore
26
Configures an EIGRP stub router to not send any route to its EIGRP peers and only receive EIGRP prefixes from them
eigrp stub receive-only
27
Enables HTTP or HTTPS service on the router
ip http server / ip http secure-server
28
Configures the router to display the AS:NN format for prefix communities.
ip bgp-community new-format
29
Sets a NAT IP Addresses pool
ip nat pool $string $FirstIP $LastIP prefix-length $int
30
Enables the router to send communities to the BGP neighbor.
neighbor x.x.x.x send-community both
31
A switchport will passively wait to negotiate the trunk encapsulation with its neighbor.
switchport trunk encapsulation negotiate
32
Configures dynamic BGP. It will listen for peers with parameters as defined by the specified peer group.
bgp listen range $PrefixRange peer-group $name
33
Sets a syslog server where traps are to be sent. Also, the protocol and destination port number can be defined for this communication.
logging host $IPadd [transport tcp/udp] [port $int]
34
Signals the NSSA ABR to always translate type7 prefixes to type5 to the backbone network.
area $int nssa translate type7 always
35
Causes BGP best path selection process to always compare MED even if AS Path attribute is different among the competing prefixes.
bgp always-compare-med
36
Sets the Unique Local Address (ULA) to an interface.
ipv6 address FC00:x.x.x.x::/64
37
{BGP} Causes BGP session with an external peer to NOT be resetted in case the direct link to this peer goes down.
no bgp fast-external-fallover
38
Sets EIGRP's weight values
metric weight $arb $BW 0 $Delay 0 0
39
Configures all DNS parameters to function as DNS server, function as DNS client or respond to DNS queries when DNS server is not reachable.
ip dns server ip domain-lookup ip name-server /$IPadd ip dns spoofing $IPadd
40
Configures the interface to be used as source for all NTP communication.
ntp source $if
41
Modifies an aggregate prefix attribute parameters.
aggregate-address x.x.x.x/y attribute-map $RMAP
42
NHRP CONFIGURATION
ip nhrp network-id $int ip nhrp authentication $string ip nhrp nhs $Priv ip nhrp map $Priv $NBMA ip nhrp map multicast $NBMA
43
Causes IPv6 redistribution to include connected prefixes.
redistribute $RoutingProtocol include-connected [$options]
44
BGP lowest RID is best.
In iBGP, which is better lower or higher RID for best path tiebreaker. What is used by eBGP instead of this condition?
45
Statically defines the RP address for all or a specific set of groups.
ip pim rp-address x.x.x.x [$ACL] [override]
46
{BGP} Originates a default route using the regular advertisement method.
network 0.0.0.0 mask 0.0.0.0
47
Configures the router as a ntp time source and its stratum number.
ntp master $stratum
48
Configures a route-map to match a prefix in the RIB or the originator of a prefix.
match ip address prefix $Prefix/$ACL match ip route-source prefix $Prefix/$ACL
49
Configures the best possible bridge prioirity for the switch.
spanning-tree vlan $vlan priority 0
50
Permits packets with destination address as the subnet network address to be processed.
ip directed-broadcast
51
Configures the time the router will delay the removal of a prefix from whch its next-hop got lost as reported by the underlying IGP.
bgp next-hop trigger delay $int
52
Causes EIGRP to authenticate using SHA-256 encryption over the interface.
authentication mode hmac-sha-256 $password
53
Both commands are needed to enable RIPng in an interface.
ipv6 router rip $name ipv6 rip $name enable
54
Disables split horizon in an EIGRPv3 enabled interface
no ipv6 split-horizon eigrp $AS
55
ipv6 mld join-group FF3x::/96 source-list $ACL
Causes an IPv6 enabled interface to join a specific S,G SSM group.
56
Configures the port to detect unidirectional links and send a warning message or shutdown the port.
udld port [aggresive]
57
{BGP} Suppresses only specific prefixes belonging to the aggregate route.
aggregate-address x.x.x.x/y supress-map $RMAP
58
Limits the logging of messages to the syslog servers to the specified level.
logging trap $level
59
Causes the destination SPAN port to accept ingress frames and forward them based on the specified VLAN.
monitor-session $int destination interface $if ingress encapsulation dot1q vlan $int
60
Sets the port which will be used by the router to listen for incoming HTTP connections.
ip http port $int
61
WRED will mark packets exceeding min threshold with ECN bit instead of dropping it.
random-detect ecn
62
Advertises a summary address in a RIPng enabled interface.
ipv6 rip $name summary-address x.x.x.x/y
63
Sets AD for prefixes received by RIP from the specified peers.
distance $int $GWAddress $ACL
64
Configures the fast convergence features for STP in the switch.
spanning-tree uplinkfast/backbonefast
65
Setsthe cost used for the default route sent by an OSPF ABR when running totally stub config
area $int default-cost $int
66
Causes a P2P link to avoid the generation of constant hello packets and paranoid flooding.
ip ospf demand-circuit
67
Configures an AS\_PATH access list.
ip as-path access-list $int permit/deny $regex
68
Statically configures the RP which will be used for Bidirectional PIM for specified groups.
ip pim rp-address x.x.x.x $ACL bidir
69
Sets a community to a BGP prefix used to avoid AS border routers to advertise this prefix out of the AS.
set community no-export
70
Sets SOO feature for EIGRP prefixes advertiesed and received by the MPLS network. Used as a loop prevention mechanism.
ip vrf sitemap $PMAP
71
Advertises (or not) a specific OSPF external aggregated prefix instead of the individual most specific prefixes.
summary-address x.x.x.x/y [tag/not-advertise]
72
ISATAP address formatting.
ipv6 address WWWW:XXXX:YYYY:ZZZZ:0:5EFE:32bits\_ipv4\_hex\_address/64
73
Configures the router as a TFTP server and which hosts are permitted to access it.
tftp-server $fs $ACL
74
Configures the maximum rate an access-list can log hits in pps or per number of hits
ip access-list log-update threshold $int/pkts
75
Configures the router to get prefixes from spoke routers known via CDP.
router odr
76
Instructs EIGRP to not accept EIGRP updates with a hop count higher than the one scpecified.
metric maximum-hops $int
77
78
Configures the software clock to synchronize a peer or to be synchronized by a peer.
ntp peer $IPadd
79
Configures OSPF timers for values less than 1 for fast convergence time
ip ospf dead-interval minimal hello-multiplier $int
80
Avoids sending link state changes as a trap to snmp server(s).
no snmp trap link-states
81
Configures DSCP based WRED in a class based queue
random-detect dscp-based random-detect dscp $DSCP $minT $MaxT
82
Configures an NTP client to synchronize time with the specified server and using the specified key.
ntp server $IPadd key $int
83
Causes to stop the default delay used by BGP to import NLRIs to the proper VRFs.
import path selection all
84
Sets a snmp-server to connect via SNMP and specifies SNMP parameters.
snmp-server host $IPadd [vrf $name] [traps] $community [version $1/2c/3]
85
Causes the router to send RA messages in the specified time in seconds or msecs.
ipv6 nd ra interval $int
86
Matches specific packet flows in a class-map based on an ACL.
match access-group [name] $ACL
87
Adds a PBR policy for local originated traffic.
ip local policy route-map $RMAP
88
Sets a distribute list in the router based on a route-map match.
distribute-list route-map in/out interface $if
89
Sets a community list for community attribute manipulation.
ip community-list [standard/extended] $int [permit/deny] $regex
90
Will cause the mrouter to withdraw the IGMP group as soon as an IGMP leave is received from a member of the specified group(s).
ip igmp immediate-leave group-list $ACL (Global/Interface)
91
{BGP} Performs prefix filtering based on an AS\_PATH ACL match for ingress or egress direction.
neighbor x.x.x.x filter-list $AS\_PATH ACL in/out
92
Causes an IPv6 enabled interface to join a specific MLD group.
ipv6 mld join-group FF02::x
93
Will move the port to err-disable condition if the amount of specified type of traffic exceeds the specified threshold.
storm-control unicast/broadcast/multicast $val
94
Configures the route-map to set bgp dampening values.
set dampening $halflife $reuse $supressval $maxsupresstime
95
Sets the router as an Auto-RP multicast announcer.
ip pim send-rp-discovery $if scope $int
96
A router will unicast forward the IGMP reports/leaves received in the interface to the specified IP address.
ip igmp helper-address $IPadd
97
Sets the unique global address to an interface.
ipv6 address 2001::/3
98
Sets the maximum number limit of AS numbers in the AS\_PATH attribute that a prefix received must have in order to be processed.
bgp maxas-limit $int
99
Sets RIB scale value for EIGRP named mode
metric rib-scale $int
100
Configures a NAT rule, where packets hitting the specified interface are sent to the specified inside local address.
ip nat inside source static $insideLocal interface $if
101
Sets the cluster ID for Cluster Path when the router advertises a prefix to its RR client.
bg cluster-id x.x.x.x
102
Sets the port which will be used by the router to listen for incoming HTTPS connections.
ip http secure-port $int
103
Stops the automatic BGPv4 session to be automatically established if a peering through another AFI is desired.
np bgp default ipv4-unicast
104
Configures the router to CEF load balance BGP ECMPs based on interfaces bandwidth.
bgp dmzlink-bw neighbor x.x.x.x dmzlink-bw
105
Causes the switch to configure portfast in all the access-ports.
spanning-tree portfast default
106
\*\*\* VRRP Configuration \*\*\*
vrrp $int ip $IPadd vrrp $int priority $int vrrp $int timers advertise $int vrrp $int authentication text/md5 $string
107
108
Sets the maximum number of LSAs an OSPF process will accept.
max-lsa $int [threshold $int] [warning-only]
109
Configures an HSRP group to be able to use its own burned in address as group address
standby use-bia
110
Enables the router to use bidirectional PIM.
ip pim bidir-enable
111
Enables the generation of keepalive packets on idle outgoing network connections.
service tcp-keepalives in/out
112
An alternative to delete all matched prefixes communities, other than comm-list delete.
set community none
113
\*\*\* DHCP specific host address assignment \*\*\*
- Server - ip dhcp pool $string host $network $mask client-identifier %hexStr lease $days - Client - ip dhcp client client-id ascii $str ip address dhcp
114
Limit the amount of messages per second that can be logged for specified level.
logging rate-limit [console] [$levels/all] $int
115
Sets the tunnel encapsulation as a VTI (Mcast capable IPsec). Note: VTIs automatically adjust their MTUs, only TCP MSS should be adjusted.
tunnel mode ipsec ipv4
116
Configures an ISAKMP pre-shared key authentication peering to a peer known over a VRF.
crypto keyring $name vrf $VRF pre-shared address $peer key $string
117
Configures an offset-list for prefixes received via RIP.
offset-list $ACL in/out $offset $if
118
Configures rotary TCP flows NAT load balancing. Why is IP aliasing important here?
ip nat pool $string prefix-length $int type rotary address $FirstIPadd LastIPadd ip nat inside destination $ACL pool $string ip alias x.x.x.x
119
Causes a router interface to join a specified MLD group.
ipv6 mld join-group FF08::/16
120
Disable paranoid flooding to occur in the interface.
ip ospf flood-reduction
121
Permits an EIGRP stub router to advertise specified non-stub prefixes to its peers.
eigrp stub $options leak-map $RMAP
122
\*\*\* PE \*\*\* ipv6 dhcp pool $name1 \> prefix-delegation pool $name2 ipv6 local pool $name2 $PrefixLength $Lifetime interface $ifToCE ipv6 dhcp server $name1 \*\*\* CE \*\*\* interface $ifToPE ipv6 client pd $anyName3 interface $ifToClient ipv6 address $Name3 ::$host/xy
Configures IPv6 prefix delegation feature in CE and PE routers
123
ABR filters OSPF received or sent prefixes from area to area.
area $int filter-list prefix $PrefixList in/out
124
crypto keyring $name vrf $VRF pre-shared address $peer key $string
Configures an ISAKMP pre-shared key authentication peering to a peer known over a VRF.
125
Configures the 3 must have MST parameters in order for the switches to have the same BPDU hashing.
instance $int vlan $vlan-range name $name revision $revision
126
Sets OSPF MD5 authentication for peers discovered over this interface.
ip ospf authentication message-digest ip ospf authentication message-digest-key $int md5 $string
127
Configures the tunnel to classify and apply QoS actions to traffic before being GRE encapsulated.
qos pre-classify
128
Replaces AS ID in OpenSent messages. With option to also replace AS\_PATH attribute in the update messages or use both AS\_PATHs, the original and the new one.
neighbor x.x.x.x local-as $newAS [no-prepend] [replace-as] [dual-as]
129
Causes the router to install a default route with next hop to the router used for autoconfig in the interface.
ipv6 address autoconfig default
130
Causes the NSSA ABR to supress the forwarding address from Type7 to Type5 translated prefixes.
area $int nssa translate type7 supress-fa
131
Configures NBAR to match specific string in an web based traffic flow.
match protocol http url $regex
132
Causes the interface prefix to not be advertised as RA to hosts.
ipv6 nd prefix $Prefix no-advertise
133
A route map matches the next hop address of prefixes to be redistributed
match ip next-hop prefix $Pref
134
Sets statically the RPF interface for a given source address.
ip mroute $srcAddress $mask $NH/$if [AD]
135
Causes the NSSA ABR to redistribute the prefixes to the backbone area ONLY, these prefixes will not be injected over the NSSA interfaces.
area $int nssa no-redistribution
136
Will forward broadcast traffic (from permitted forward protocols configured) as mcast traffic using the specified mcast group address.
ip multicast-helper-map broadcast $McastGroup $ACL
137
138
{BGP} Selects which specific prefixes should be affected by the dampening parameters.
bgp dampening route-map $RMAP
139
140
Causes BGP to advertise summarized prefixes in regular advertisements (locally originated) and when redistributing.
{BGP} auto-summary
141
Causes the switch to configure BPDU guard or BPDU filter in all interfaces that have portfast configured.
spanning-tree portfast bpduguard/bpdufilter default
142
Causes the router to accept only Join messages for the specified RP and only for the specified mcast groups.
ip pim accept-rp $RP $ACL
143
\*\*\* CHAP Configuration \*\*\*
username $PEER\_HOSTNAME password $ARB1 interface serial x/x ppp authentication chap \*\*\* Password MUST match in both peer's login DB \*\*\*
144
Sets a router as an MSDP peer.
ip msdp peer x.x.x.x [remote-as $AS] [connection-source $if] [originator-id x.x.x.x]
145
Configures Dynamic NAT based on an IP Address pool.
ip nat inside source list $ACL pool $string
146
The interface will directly filter all auto-rp packets being received or to be forwarded.
ip multicast boundary filter-autorp
147
{BGP} Performs prefix filtering based on a Route-Map match for ingress or egress direction.
neighbor x.x.x.x route-map $RMAP in/out
148
Causes the switchport to negotiate the voice VLAN marking with the phone based on the COS value.
switchport voice vlan dot1p
149
Causes a GRE tunnel to use IPv6 signaling to set the tunneling encapsulation. IPv6 address encapsulation.
tunnel mode ipv6/ipv6ip
150
{Set in a route-map} Adds specified communities to a prefix.
set community $AS:NN additive
151
Sets the source interface for telnet communication.
ip telnet source-interface $if
152
Next Hop trigger events as notified by the IGP are delayed by the specified time before withdrawing a BGP prefix from RIB.
bgp nexthop trigger delay $int
153
Configures a static PAT rule in the router. An option will cause the router to not install an alias for non directly assigned IP addres.
ip nat inside source static tcp/udp $InsideLocal $port $InsideGlobal $port [no-alias]
154
Determines a switchport willingness to become a trunk or not become a trunk.
switchport mode dynamic auto/desirable
155
Filters hosts that are permitted to access this router as a HTTP server.
ip http access-class $ACL
156
Enables an interface to register all packets/bytes received in the interface classified by protocol
ip nbar protocol-discovery
157
{BGP} Advertises a default route to a specific peer.
neighbor x.x.x.x default-information-originate [route-map $RMAP]
158
159
Enables the switch to send SNMP traps when there is a MAC address removed or added in the CAM.
snmp trap mac-notification change added/removed
160
Originates a Type7 default route for the NSSA area.
area $int nssa default-information-originate [metric $int]
161
Creates a reversible NAT rule where reversed entries are programmed so outside flows can reach inside hosts.
ip nat inside source route-map $RMAP pool $string reversible
162
Sets the global AS for a router inside a BGP confederation. This is the AS that the eBGP peers will use as remote-AS configuration.
bgp confederation identifier $GlobalAS
163
Disables split horizon in a RIPng enabled interface.
no split-horizon
164
Sets BGP peer SOO value.
neighbor x.x.x.x soo $value
165
Will forward a mcast packet as a broadcast directed packet or a subnet network address.
ip multicast helper-map $mcastGroup $DirectedBroadcastIP $ACL
166
\*\*\* CONFIGURES IGMP PROFILES. THIS IS THE SAME AS IGMP ACCESS-GROUP BUT FOR SWITCHES \*\*\*
ip igmp profile $int permit range $RangeMin $RangeMax
167
Configures a non CAR policer and all its parameters
police cir $int bc $int be $int
168
Configures an IPv6 sumamry address in an EIGRPv3 enabled interface.
ipv6 summary-address eigrp $AS
169
Sets the next-hop address and reliably verifies if it is reachable based on an IP SLA status or if the neighbor exists via CDP.
set ip next-hop verify-availability [x.x.x.x $int track $int]
170
Establishes a peer's maximum prefixes limit to be received and the actions to take if a threshold under this limit is reached.
neighbor x.x.x.x maximum-prefix $int $threshold [warning/restart $rate]
171
Sets the maximum time an IGMP hosts should respond to a general query.
ip igmp query-max-response-time $int
172
Counts every syslog message and time-stamps, the occurrence of each message.
logging count
173
Sets a password for the VTP domain. This password cannot be seen in vlan.dat or in the running configuration.
vtp password $string hidden
174
Configures an interface to run microsoft chap authentication and encrypt packets based in this protocol too
ppp authentication ms-chapp[-v2] ppp encrypt mppe $int [required]
175
PIM BSR messages are NOT processed or advertised by the interface.
pi pim bsr-border
176
Applies specified peer-group configuration to a BGP neighbor.
neighbor x.x.x.x peer-group $name
177
Permits an inside local address to be represented by multiple inside global addresses.
ip nat inside source static $InsideLocal $InsideGlobal extendable
178
Initializes a BGP peer group.
neighbor $name peer-group
179
Causes the router to advertise the BGP aggregate prefix as soon as it is generated, without delay.
bgp aggregate timer 0
180
181
private-vlan primary private-vlan association [add/remove] $vlan
Configures the primary vlan.
182
Sets a protocol to be forwarded by interface helper-address parameters.
ip forward-protocol $protocol/$protocoNumber
183
BGP advertises an aggregate prefix without advertising the individual more specific prefixes.
aggregate-address x.x.x.x/y summary-only
184
Sets the source interface address used in packets sent to a syslog server.
logging source-interface $if
185
Reference BW / Interface BW
INTERFACE OSPF COST
186
Configures the router to accept time sync from sources sending a trsuted specified key.
ntp authenticate ntp authentication-key $Key# md5 $string ntp trusted-key $Key#
187
Sets the HSRP mode to be able to use a group value higher than 255
standby version 2
188
Sets the router as an IPv6 BSR candidate.
ipv6 pim bsr candidate bsr $IPadd [scope $int] [$int] [priority $int]
189
{BGP} Enables BGP event based events to withdraw BGP prefixes as soon as the next hop for these gets unreachable as informed by the IGP.
bgp nexthop trigger enable
190
Configures a static mac address entry in the CAM.
mac address-trable static $mac drop/$if
191
Prevents unauthorized sources from registering with the RP. An RP will ONLY accept register messages from the specified sources.
ip pim accept-register list $ExtACL
192
Configures a tracking object based on an existent IPSLA.
track $int ip sla $int reachability/state
193
Sets router's SNMP community and specifies access privileges. You can also spcifies which snmp servers are allowed to connect with this router.
snmp-server community $string ro/rw $ACL
194
Causes LDP to stop advertising labels for known prefixes.
no mpls ldp advertise-labels
195
Defines a static cost to a specific OSPF neighbor.
neighbor x.x.x.x cost y
196
\> ISAKMP policy \> ISAKMP pre-shared key \> IPSEC transform set crypto-map $name [local-address $if] crypto-map $name ipsec-isakmp set transform-set $SET set peer $peer match address $ACL
IPSEC CRYPTO MAP CONFIGURATION
197
Sets MLD general query interval time.
ipv6 mld query-interval $int
198
Causes all prefixes received from a RIPng enabled interface to be added a metric value.
ipv6 rip $name metric-offset $int
199
Configures an ACL to provide detailed information of an entry being hit
access-list $int ............. log-input
200
Bypass OSPF default behavior when a virtual link is a non best path to a prefix and thus non bakcbone path is used to reach it.
no capability transit
201
Causes the OSPF router to NOT install a discard route when an aggregate prefix is advertised.
no discard-route [internal/external] [AD]
202
203
Sets an active CPU process monitoring at specified interval and for the specified threshold.
process cpu threshold type process/interrupt/total rising $int interval $int
204
Configures an interface to verify that unicast traffic is received by the expected interface
ip verify unicast source reachable-via rx/any [$ACL] [allow-default]
205
Both commands are used to set MD5 authentication in an EIGRPv3 enabled interface.
ipv6 authentication mode eigrp $AS md5 ipv6 authentication key-chain eigrp $AS $Key-Chain
206
{BGP} Monitors the IGP route to the peer, if this dissapears the session with this peer goes down. The specific route to monitor can also be selected to avoid issues when there is a default route.
neighbor x.x.x.x fall-over [route-map $RMAP] [bfd single/multi]
207
Sets the router as a BSR. The hash signals the BSR how to load balance the mcast groups among the available RP candidates.
ip pim bsr-candidate $if [$hash] [priority $int]
208
Sets the maximum number of prefixes that can be redistributed into OSPF.
redistribute maximum-prefix $int [threshold %int] [warning-only]
209
Specifies the mcast group range to use for PIM SSM traffic.
ip pim ssm [default/range $ACL]
210
211
\*\*\*\* HSRP Configurations \*\*\*\*
standby $int ip $IPadd standby $int timers $hello $hold standby $int preempt standby $ mac-address $MACadd standby $int priority $int standby $int authentication text/md5 key-chain/key-string $string standby $int track $int shutdown/decrement $int
212
Avoid L3 link to use ICMP messages to report better next hop or destination not reachable.
no ip redirects no ip unreachables
213
Causes redistributed BGP prefixes into RIP to get advertised with original metric (as received by the ingress PE).
redistribute bgp $AS metric transparent
214
Configures the size and level of logs saved in buffer.
logging buffered [$size] [$level]
215
Might be used by RIP to advertise a default-route only through a specific interface.
set interface $if
216
Sets a community to prefixes, these will not be advertised out of its confederation AS.
set community local-as
217
Configures the mcast router to treat auto RP related signal groups with dense mode.
ip pim autorp listener
218
Causes OSPF to form adjacencies through the interface but NOT advertise any prefix over it.
ip ospf database-filter all out
219
Sets the link-local address of an interface.
ipv6 address FE80::/10 link-local
220
Configures the port to be a NTP multicast source or to listen to NTP multicast messages.
ntp multicast $Group [client $Group]
221
Configures private vlan port as a promiscuous port and maps primary to secondary VLANs.
switchport mode private-vlan promiscuous private-vlan mapping $secondaryVLAN
222
Enbles the switch to display a log in case there is a change of a MAC address in the CAM and defines an interval limit for these messages to be logged.
mac address-table notification change [interval $int]
223
Sets metric and AD parameters to an EIGRP advertised summary-address.
summary-metric x.x.x.x/y $int distance $AD
224
Causes OSPF to advertise LSA type 1 with the maximum metric until certain specific conditions are met, this in order to avoid blackholing scenarios or help in migration scenarios.
max-metric router-lsa [on-startup] [summary-lsa] [external-lsa] $int [wait-for-bgp]
225
Causes AS\_PATH attribute to be ignored in BGP's best path selection process.
bgp bestpath as-path ignore
226
Removes private AS number from the AS\_PATH before advertising the prefix to the CE router.
neighbor x.x.x.x remove-private-as
227
Sets the queue depth for CBWFQ queues.
queue-limit $int
228
Sets the timeout time to wait for the active querier response before taking querier role.
ip igmp querier-timeout $int
229
Causes the switch to detect unidirectional condition in all the fiber ports and send a warning message or shutdown the unidirectional link.
udld enable [aggressive]
230
Configures a track which will aggregate some other tracks and will condition based on a boolean operation og these more specific track objects.
track $int list boolean and/or
231
Specifies the vrf over which the tunnel destination endpoints are reachable. Tunnel control-traffic is carried over this VRF.
tunnel vrf $vrf
232
Sets a vrf static route which will lookup the Next Hop over the global/default RIB.
ip route vrf $VRF x.x.x.x/y $NH global
233
{BGP} Performs prefix filtering based on ACL match for ingress or egress direction.
neighbor x.x.x.x distribute-list $ACL in/out
234
Defines the interface used as source for tftp communication.
ip tftp source-interface $int
235
Will cause the OSPF router to ignore LSA type 6 advertisements.
ignore lsa mospf
236
Set matched prefixes route-target community value.
set extcommunity rt $AS:NN [additive]
237
{BGP} Originates a more specific prefix derived from an existent aggregate address.
bgp inject-map $RMAP exist-map $RMAP
238
HSRP MAC ADDRESS
0000.0c07.acxx
239
Sets OSPF text authentication to be used for peers discovered over this interface.
ip ospf authentication ip ospf authentication-key $string
240
Specifies the MIBs that are allowed to be accessed and applies it to a specific SNMP community.
snmp-server view $string $MIB included snmp-server community $string view $string ro/rw
241
Supresses sending RA messages in the interface.
ipv6 nd supress-ra
242
Configures router RIP convergence timers.
timers basic $interval $timeout $holddown $flush
243
Enables the interface to accept and process mcast packets but no PIM adjacency will occur over this interface.
ip pim passive
244
Limits the number of mroute states globally or per interface (Maximum number of groups).
ip igmp limit $int (global/interface)
245
In iBGP, which is better lower or higher RID for best path tiebreaker. What is used by eBGP instead of this condition?
BGP lowest RID is best.
246
Causes the interface to stop forwarding or processing BSR packets.
ip pim bsr-border
247
Configures rip to run over a specified VRF instance.
router rip address-family ipv4 unicast vrf $name
248
Configures a static ARP entry.
arp x.x.x.x $mac arpa $if
249
Sets the tunnel to use 6to4 dynamic tunneling.
tunnel mode ipv6ip 6to4
250
Sets the time EIGRP will wait for a prefix Reply before declaring it SIA.
timers active-time $time
251
252
Sets all the BPDU related timers for the switch.
spanning-tree vlan $vlan hello-time/forward-time/max-age $int
253
{Set in route-map} Deletes matching communities of a prefix.
set comm-list $int delete
254
Causes the swichport to move to err-disable state in case BPDU stop being received in the blocked port for the max-age time.
spanning-tree guard loop
255
Limits the TFTP servers used via Simple Network Management Protocol (SNMP) controlled TFTP operations.
snmp-server tftp-server-list $ACL
256
Configures a static NAT rule
ip nat inside source static $InsideLocal $InsideGlobal
257
Configures MST port cost and priority in the interface.
spanning-tree mst $int cost $int spanning-tree $int port-priority $int
258
Configures a specific NTP peer or server to be reachable through a specified interface
ntp peer/server $IPadd source $if
259
Configures an accessport as host port and maps it to a primary and secondayy vlan.
switchport mode private-vlan host switchport private-vlan host-association $primary $secondary
260
Enables the router to send syslog messages as SNMP traps.
snmp-server enable traps syslog
261
Sets the router as a BSR candidate RP for the specified groups.
ip pim rp-candidate $if [group-list $ACL] [priority $int]
262
Configured a QoS policer and defines all possible attributes
police rate $int bps [burst $bytes] [peak-rate $bps] [peak-burst $bytes]
263
Enables mst and enters mst configuration mode.
spanning-tree mode mst spanning-tree mst configuration
264
Mroute states are created only for the permitted groups when an MLD report is received in the interface.
ipv6 mld access-group $ACL
265
266
Causes RIPv2 to bypass the peer in the same subnet check to accept routing updates.
no validate-update-source
267
\*\*\* IRB configuration \*\*\*
bridge irb ! interface $if bridge-group $int ! interface bvi $int ! bridge $int protocol ieee bridge $int route ip
268
\*\*\* SNMPv3 configuration \*\*\*
snmp-server user $username $groupName v3 auth md5/sha $string priv 3des/aes $string snmp-server group $groupName v3 auth read/write $view access $ACL snmp-server host $IPadd traps version 3 priv $user
269
Forces the LDP session to identify via password otherwise these do not get formed bidirectionally.
mpls ldp password required
270
Booth commands are used to enable EIGRPv3 in an interface.
ipv6 router eigrp $AS ipv6 eigrp $AS
271
Inspects AutoRP packet and modifies reported mcast groups by mcast announcer
ip multicast boundary $ACL filter-autorp
272
Three actions can be done when configuring a QoS policer and also actions such as marking can be linked to eaech of these actions. Mention them.
conform-action [set-prec-transmit $int] [transmit] exceed-action [set-dscp-transmit $int] violate-action [drop]
273
Enables ECN capability in TCP local sessions.
ip tcp ecn
274
Configures BGP to be able to use a Next hop IPv6 address even if BGP peers are defined as IPv4
bgp default ipv6-nexthop
275
Configures the mapping agent to accept Auto RP messages only from the specified candidates and only for the specified groups.
ip pim rp-announce-filter rp $ACL group $ACL
276
Causes the router's RA messages to be considered valid for the specified amount of time.
ipv6 nd ra lifetime $Time
277
BSR RP Candidate will advertise itself for bidirectional PIM for specified groups.
ip pim rp-candidate $if [group-list $ACL] bidir
278
Enables IPv6 processing in the interface.
ipv6 enable
279
Attributes for a BGP aggregate address are taken from the route-map matched prefixes.
aggregate-address x.x.x.x y.y.y.y as-set advertise-map $RMAP
280
Permits loopback to loopback BGP adjacency between directly connected peers.
neighbor x.x.x.x disable-connected-check
281
Creates a queue for class specified traffic and defines reserved bandwidth for it.
bandwidth $kbps [remaining/percent %]
282
Sets the TOS field value for locally originated telnet traffic.
ip telnet tos $hex
283
Configures a conditional static NATing rule
ip nat inside source static $insideLocal $InsideGlobal route-map $RMAP
284
{BGP} Causes a flapping prefix to stop being advertised. Name the values name and its usage.
bgp dampening $Half-life $ReUseVal $SupressVal $MaxSuppressTime
285
Advertises an aggregate prefix including the AS\_SET attribute.
aggregate-address x.x.x.x/y as-set
286
MD5 password added in OpenSent, a match with the peer data sent will permit the adjacency formation.
neighbor x.x.x.x password $PASSWORD
287
Advertises a summary address in a RIP enabled interface.
ip summary-address rip x.x.x.x/y
288
Sets the router as an IPv6 BSR RP candidate.
ipv6 pim bsr candidate rp $IPadd [group-list $ACL] [priority $int]
289
\*\*\* Configures GLBP parameters \*\*\*
glbp $int ip $IPadd glbp $int preempt glbp $int priority $int glbp $int authentication md5 key-string/key-chain $string
290
Forces RIPv2 to send routing updates via broadcast through the interface.
ip rip v2-broadcast
291
Sets BGP SOO extended community value for matched prefixes.
set extcommunity soo $AS:NN
292
Specifies the limit for the number of log messages that may be queued for a remote system logging (syslog).
logging queue-limit trap $int
293
Specifies the interface from which a SNMP trap should originate.
snmp-server source-interface traps $if
294
Controls which hosts are permitted to synchronize the time with the router as a NTP server or permitted to peer with it.
ntp access-group peer/serve-only $ACL
295
Will query for OSPF neighbor host names to display on OSPF show commands.
ip ospf name-lookup
296
This type of port will cause frames received to NOT be forwarded through ports of this same type.
switchport protected
297
Causes the switch to remove mgroup entry as soon as a leave is received in an interface.
ip igmp snooping vlan $int [immediate-leave]
298
Enables OSPF authentication for the specified area.
area $int authentication [message-digest]
299
Sets Router Advertisements interval
ipv6 nd ra-interval $int
300
Sets the IGMP general query interval in seconds.
ip igmp query-interval $int
301
Causes the VTPv3 server to become the primary server for STP or MST domains.
vtp primary vlan/mst
302
Configures a private vlan as either community or isolated.
private-vlan [community/isolated]
303
To hide IP address or host name information when a Telnet session is established.
ip telnet hidden addresses/hostnames
304
Configures a static NAT rule to add a static route for the return packets
ip nat inside source static .... add-route
305
Sets a PBR policy in the interface.
ip policy route-map $RMAP
306
Causes the router to permanently assign a OID to the local interfaces.
snmp-server ifindex persist
307
Sets the gre tunnel encapsulation as ISATAP.
tunnel mode ipv6ip isatap
308
Supresses the display of sensitive information of Telnet connection messages.
ip telnet quiet
309
Configures BFD parameters to be used over an specific interface.
bfd interval $hello-interval min $int multiplier $int
310
\> Sham link loopbacks MUST be known by iBGP \*ONLY\* (Filtered from OSPF) \> Sham links must be configured to point to peer sham link loopback, even if these learned via iBGP according to RIB \> The area defined in the sham link configuration is the area which will have its prefixes changed to intra area type.
SHAM LINKS FORMATION RULES
311
Advertises a default route over a RIPng enabled interface. If a keyword is used, only a default route is originated and all other prefixes suppressed.
ipv6 rip $name default-information originate [only] [metric $int]
312
Allow redistribution of iBGP into IGPs (dangerous). By default this is not possible, only eBGP prefixes get redistributed.
bgp redistribute-internal
313
Causes the interface prefix to not be advertised through RA to hosts for use as autoconfig parameter.
ipv6 nd prefix $Prefix $ValidLifeTime $PreferredLifeTime [no-autoconfig]
314
Establishes a password for LDP sessions with the specified neighbor.
mpls ldp neighbor x.x.x.x password $int $password
315
Causes a directed broadcast to be forwarded using the specified address instead of normal broadcast destination address
ip broadcast-address x.x.x.x
316
Configures a GRE tunnel with a backup interface. Reliably configures the tunnel to go down if rechability to the tunnel endpoint is lost.
backup interface $if backup delay $KickInTime $KickOutTime keepalives $Interval $RetriesBeforeTunnelDown
317
Configured WFQ queueing method for default-queue
fair-queue
318
Configures a precedence based WRED and also Max probability Discriminator 1/x
random-detect random-detect precedence $int $min $max $MPD
319
Forces the redistribution of OSPF Type-5 prefixes into BGP/IGP.
redistribute ospf $PID match external internal
320
Disables any authentication over this OSPF interface.
ip ospf authentication null
321
Makes unsolicited logging messages to appear after (not interrupt) solicited outputs.
logging synchronous
322
Enables the router to send a trap to snmp server if a link goes down or up
snmp-server enable traps snmp linkdown/linkup snmp trap link-status
323
Applies an Ipv6 ACL in an interface.
ipv6 traffic-filter $name in/out
324
\*\*\* PPPoE server configuration \*\*\*
bba-group pppoe global virtual-template $intx interface virtual-template $intx mtus 1492 ip address x.x.x.x/y peer default ip address dhcp-pool $string ppp authentication chap/pap interface ethernet x/x pppoe enable group global
325
Allows the software clock to be synchronized by a time server.
ntp server $IPadd
326
Enables/disables RR client reflection of prefixes based on their cluster ID or affect all clients.
[no] bgp client-to-client reflection [all/cluster-id]
327
Enable the router to send traps based in syslog messages
snmp-server enable traps syslog
328
Configures the router BGP scanner interval.
bgp scan-time $int
329
{BGP} Performs prefix filtering based on a Prefix List match for ingress or egress direction.
neighbor x.x.x.x prefix-list $PrefL in/out
330
The OSPF router redistributes a default route for the OSPF entire domain.
default-information originate [metric $int] [metric-type $int] [route-map $RMAP] [always]
331
Stores all prefixes before Loc-Adj-RIB in order to manipulate them without forcing the peer to send all BGP prefixes again by tearing down the BGP session.
neighbor x.x.x.x soft-reconfiguration inbound
332
Causes an IPv6 enabled interface to join a specific S,G SSM group.
ipv6 mld join-group FF3x::/96 source-list $ACL
333
Advertises a summary-address over an EIGRPv3 enabled interface.
ipv6 summary-address eigrp $AS x.x.x.x/y
334
Causes the switchport to move to err-disable state in case a superior BPDU is received.
spanning-tree guard root
335
Sets a shaping action for a class based queue in specific rate or percent rate
shape average $bps [percent %]
336
Configures the router to use the maximum specified number of ECMPs for the specified BGP entries.
maximum-paths [ibgp/eibgp] $int
337
Uses NBAR to match specific packet length
match packet length min x max y
338
SHAM LINKS FORMATION RULES
\> Sham link loopbacks MUST be known by BGP \*ONLY\* \> Sham links must be configured to point to peer sham link loopback area 0 sham-link $SourceLoopback $DestinationLoopback
339
Permits OSPF to override the D bit loop prevention behavior when receiving a prefix advertised by the MPLS network.
capability vrf-lite
340
Configures a filter for prefixes received via RIP based on a list of prefixes and/or neighbors.
distribute-list prefix $PrefixList [gateway $ACL] in/out interface
341
Causes prefixes without explicit MED attribute set to be set with the maximum possible metric instead of zero.
bgp bestpath med missing-as-worst
342
Configures MD5 or plain text authentication for RIP enabled interface.
ip rip authentication mode md5/text ip rip authentication key-chain $name
343
Specifies the transport address for TCP sessions formed due to LDP peerings.
mpls ldp discovery transport-address {interface/$IPaddress}
344
Configures the primary vlan.
private-vlan primary private-vlan association [add/remove] $vlan
345
Enables LDP in all OSPF enabled interfaces.
mpls ldp autoconfig
346
Configures ORF to signal the peer to avoid the advertisement of specific prefixes.
neighbor x.x.x.x capability orf prefix -list send/receive/both
347
Configures the router to be a multicast or broadcast NTP source and use the specified key in the NTP messages.
ntp broadcast/multicast key $int
348
A BGP prefix received will not be installed in the RIB if it has traversed more hops than the specified in the configuration.
bgp neighbor x.x.x.x ttl-security hops $int
349
match protocol icmp
350
Causes a BGP router to advertise the specified eBGP prefix AD as 200. This also affectes own router's AD for this prefix.
network x.x.x.x mask y.y.y.y backdoor
351
Causes the eBGP prefix to be advertised with a metric of 200 to the IGP domain in order for the IGP routers to prefer the IGP metric for the same prefix.
network x.x.x.x backdoor
352
Controls which prefixes are labeled and advertised to specified LDP peers.
mpls ldp advertise-labels for $ACL to $ACL
353
\*\*\* PAP Authentication configuration \*\*\*
username $ARB1 password $ARB2 interface serial x/x ppp authentication pap ppp pap sent-username $ARB1 password $ARB2 \*\*\* Sent credentials MUST match with the a peer's login DB entry \*\*\*
354
Sets a class based queue as a LLQ in specific rate or percent rate
priority $kbps [percent $int]
355
Causes the switch to immediately remove the interface from the forwarding interfaces from a group as soon as an IGMP leave message is received in the interface.
ip igmp snooping immediate-leave
356
Enables visible sequence numbering of system logging messages.
service sequence-numbers
357
Avoid PIM adjacencies with specified neighbors.
ip pim neighbor-filter $ACL
358
Configures an interface as a NTP broadcast source or to listen to NTP broadcast messages.
ntp broadcast [client]
359
Causes mcast groups without a valid RP to NOT fall back to dense mode and thus, be flooded.
no ip pim dm-fallback
360
Configures EIGRP to log any neighbor status changes and also, rate limit the time the neighbor change status are reported.
eigrp log-neighbor-changes eigrp log-neighbor-warnings $TimeInterval
361
362
Sets maximum hops value for accepted EIGRP prefixes in named mode
topology base\> metric maximum-hops $int
363
364
365
Configures EIGRP to install a static default route based on an EIGRP's candidate prefix
ip default-network x.x.x.x
366
Configures the router to drop all packets with IP Options set
ip options drop
367
Sets router timezone
config t clock timezone EST $offset
368
Sets subinterface encapsulation for native VLAN
encap dot1q $int native
369
Configures a NAT rule to statically translate addresses based on their egress interface
ip nat inside source static route-map $RMAP interface/$InsideGlobal
370
ip nat inside source static $InLocal $InGlobal route-map $RMAP
Configures a NAT rule to statically translate based on specific flows destination
371
372
Counts traffic that has traversed an interface in ingress or egress direction and its precedence marking.
ip accounting precedence input ip accounting precendence ouptut
373
Causes NAT configured between two HSRP peers to auntomatically create a redundant entry for TCP flows from NATd sources
ip nat inside source static $inLocal $inGlobal redundancy group $int/$name
374
In root bridge, you can set the diameter number, this will auto generate appropriate STP values. However, there is an option to modify this values.
spanning-tree vlan $int root primary diameter $int [hello-timer $int]
375
376
Configures an EPC in the router
monitor capture buffer $name1 circular monitor capture point ip cef $name2 $if in/out/both monitor capture point associate $name2 $name1 monitor capture point start $name2 monitor capture point start $name1 clear monitor session buffer $name1
377
ipv6 ospf authentication ipsec spi $int sha1/MD5 $HexShaCode/string
378
Configures a Spoke's SVTI
crypto isakmp po 10 auth pre encr 3des hash md5 ! crypto keyring ISAKMP\_PROF pre-share address 172.16.214.2 key CIERS2 ! crypto isakmp profile CIERS2\_vti\_isakmp\_profile keyring ISAKMP\_PROF match identity address 172.16.214.2 local-address tunnel 214 ! crypto ipsec transform CIERS2\_vti\_transform esp-3des esp-md5-hmac ! crypto ipsec profile CIERS2\_vti\_profile set transform CIERS2\_vti\_transform set isakmp-pro CIERS2\_vti\_isakmp\_profile ! int tun214 tunnel mode ipsec ipv4 tunnel source lo214 ip unnumber lo214 tunnel destination 172.16.214.2 tunnel protection ipsec prof CIERS2\_vti\_profile !
379
Configures Hub's DVTI
crypto isakmp po 10 auth pre encr 3des hash md5 ! crypto keyring ISAKMP\_PROF pre-share address 0.0.0.0 0.0.0.0 key CIERS2 ! crypto isakmp profile CIERS2\_vti\_isakmp\_profile keyring ISAKMP\_PROF match identity address 0.0.0.0 0.0.0.0 virtual-template 124 ! crypto ipsec transform CIERS2\_vti\_transform esp-3des esp-md5-hmac ! crypto ipsec profile CIERS2\_vti\_profile set transform CIERS2\_vti\_transform set isakmp-pro CIERS2\_vti\_isakmp\_profile ! int virtual-template 124 type tunnel tunnel mode ipsec ipv4 tunnel source lo214 ip unnumber lo214 tunnel protection ipsec prof CIERS2\_vti\_profile !

CISCO (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions