OSPF - Open Shortest Path First

Sends a HELLO packet every 10 seconds by default. Deadline 40 seconds. Administrative distance 110 Configure OSPF: 1. Turn on OSPF Router(config)# router ospf 1 PID 2. Tell it what interfaces to use Network Identifies what interfaces to send HELLO packets on Identifies what networks to advertise Router (config-router)#Passive-interface default turns off all hello packets on all interfaces Router (config-router)# No passive-interface fastEthernet ?/? Router(config-router)#Network ip address of interface wildcard area Router(config-router)#Network 192.168.2.0 0.0.0.0 area 0 =

Enable advertising on all interfaces: network 0.0.0.0 255.255.255.255 area 0 NOT RECOMMENDED Recommend target the specific interface: Network 192.168.2.1 0.0.0.0 area 0

Show ip ospf neighbours

Routing data between Vlans

1. Individual Interfaces 2. Sub-Interfaces (Trunk/Tagged) 3. Layer 3 switching

Trunk between switch and router Vlan 10 Vlan 20 trunk tagged Router Fa0/0

Switch configuration Interface FastEthernet 0/0 Switchport trunk encapsulation dot1q Switchport mode trunk - this is the trunk port

Router configuration Interface fastEthernet 0/0.10 Encapsulation dot1q 10 All packets tagged with 10 will go to 0/0.10 Ip address 192.168.1.1 255.255.255.0

Configurig vlans, single switch: Interface fastEthernet ?/? Create vlans Vlan 10 Description Name vlans Assign ports to vlans Name red Switchport access vlan 10

Configuring vlans, multiple switch: Show vtp status Switchport mode access to all ports (no trunks) Set vtp name and mode Vtp mode. Vtp domain Configure trun ports Interface fastEthernet ?/? switchport mode trunkps vlans

Vlan Prunning Stops vlans from crossing links where they dont belong. Keeps unnecessary broadcasts traffic from crossing trunk links. Only works with vtp servers Trunk/Tagged = carries vlans Native Vlan - untagged VTP = vlan trunking protocol (is not a trunking protocol) VLAN REPLICATION PROTOCOL VTP modes: Server Power to change vlan information Sends and receives vtp information Saves vlan configuration Client Cannot change vlan information Sends and receives vlan information Does not save vlan information Transparent Power to change vlan information

Forwards vtp updates Does not listen to vtp advertisement Saves vlan configuration

Port Security Interface fastEthernet ?/? Switchport mode access Switchport access vlan ? Switchport port-security maximum nr of mac addresses on port Switchport port-security violation shutdown Protect Restrict Switchport port-security mac-mac address show mac address table switchport port security mac-address sticky first mac address connected sticks

Hostname Negating commands Service password-encryption Enable password / secret Banner motd Copy running-config startup-config Line console 0 / line vty 0 4 password Login Logging synchronous No exec-timeout / exec timeout 0 0

Setup SSH:
Configure hostname Configure domain name Ip domain-name .. Generate encryption keys Crypto key generate rsa Enable ssh v2 Ip ssh version 2 Create local user line vty Username password / secret Login local Allow ssh (Config-line)# Transport input ssh use local database to login