larger cover

Add To My Wish List

Register your product to gain access to bonus material or receive a coupon.

CCIE Routing and Switching Certification Guide, 4th Edition


  • Sorry, this book is no longer in print.
Not for Sale
  • Description
  • Downloads
  • Sample Content
  • Updates
  • Copyright 2010
  • Edition: 4th
  • Book
  • ISBN-10: 1-58705-980-0
  • ISBN-13: 978-1-58705-980-3

  • Master CCIE Routing and Switching 4.0 blueprint exam topics
  • Assess your knowledge with chapter-opening quizzes
  • Review key concepts with Exam Preparation Tasks
  • Practice with realistic exam questions on the CD-ROM

CCIE Routing and Switching Certification Guide, Fourth Edition, is a best-of-breed  Cisco® exam study guide that focuses specifically on the objectives for the CCIE® Routing and Switching written exam. Well-respected networking professionals Wendell Odom, Rus Healy, and Denise Donohue share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

CCIE Routing and Switching Certification Guide, Fourth Edition, presents you with an organized test preparation routine through the use of proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and allow you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks sections help drill you on key concepts you must know thoroughly.

The companion CD-ROM contains a powerful testing engine that allows you to focus on individual topic areas or take complete, timed exams. The assessment engine also tracks your performance and provides feedback on a module-by-module basis, presenting question-by-question remediation to the text and laying out a complete study plan for review.

Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.

CCIE Routing and Switching Certification Guide, Fourth Edition, is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit

The official study guide helps you master all the topics on the CCIE Routing and Switching written exam, including:

  • Bridging and LAN switching
  • IP addressing, IP services, TCP, UDP, and application protocol details
  • Layer 3 forwarding concepts
  • EIGRP, OSPF, and BGP routing protocols
  • Quality of service
  • Frame Relay
  • MPLS
  • IP multicast
  • IPv6
  • Router and switch security
  • Troubleshooting

Companion CD-ROM

The CD-ROM contains 200 practice questions for the exam.

This volume is part of the Certification Guide Series from Cisco Press®. Books in this series provide officially developed exam preparation materials that offer assessment, review, and practice to help Cisco Career Certification candidates identify weaknesses, concentrate

their study efforts, and enhance their confidence as exam day nears.

Category: Cisco Press–Cisco Certification

Covers: CCIE Routing and Switching written exam 350-001 v4.0


VTP Issues

Online Sample Chapter

Virtual LANs and VLAN Trunking

Sample Pages

Download the sample pages (includes Chapter 2 and Index)

Table of Contents

Foreword xxxi

Introduction xxxii

Part I LAN Switching

Chapter 1 Ethernet Basics 3

“Do I Know This Already?” Quiz 3

Foundation Topics

Ethernet Layer 1: Wiring, Speed, and Duplex 7

RJ-45 Pinouts and Category 5 Wiring 7

Auto-negotiation, Speed, and Duplex 8


Collision Domains and Switch Buffering 9

Basic Switch Port Configuration 11

Ethernet Layer 2: Framing and Addressing 13

Types of Ethernet Addresses 15

Ethernet Address Formats 16

Protocol Types and the 802.3 Length Field 17

Switching and Bridging Logic 18


Core Concepts of SPAN and RSPAN 22

Restrictions and Conditions 22

Basic SPAN Configuration 24

Complex SPAN Configuration 24

RSPAN Configuration 25

Foundation Summary

Memory Builders 29

Fill In Key Tables from Memory 29

Definitions 29

Further Reading 29

Chapter 2 Virtual LANs and VLAN Trunking 31

“Do I Know This Already?” Quiz 31

Foundation Topics

Virtual LANs 35

VLAN Configuration 35

Using VLAN Database Mode to Create VLANs 36

Using Configuration Mode to Put Interfaces into VLANs 38

Using Configuration Mode to Create VLANs 39

Private VLANs 40

VLAN Trunking Protocol 42

VTP Process and Revision Numbers 43

VTP Configuration 44

Normal-Range and Extended-Range VLANs 46

Storing VLAN Configuration 47

VLAN Trunking: ISL and 802.1Q 48

ISL and 802.1Q Concepts 48

ISL and 802.1Q Configuration 49

Allowed, Active, and Pruned VLANs 52

Trunk Configuration Compatibility 52

Configuring Trunking on Routers 53

802.1Q-in-Q Tunneling 55

Configuring PPPoE 56

Foundation Summary

Memory Builders 60

Fill In Key Tables from Memory 61

Definitions 61

Further Reading 61

Chapter 3 Spanning Tree Protocol 63

“Do I Know This Already?” Quiz 63

Foundation Topics

802.1d Spanning Tree Protocol 67

Choosing Which Ports Forward: Choosing Root

Ports and Designated Ports 67

Electing a Root Switch 67

Determining the Root Port 69

Determining the Designated Port 70

Converging to a New STP Topology 71

Topology Change Notification and Updating the CAM 72

Transitioning from Blocking to Forwarding 73

Per-VLAN Spanning Tree and STP over Trunks 74

STP Configuration and Analysis 76

Optimizing Spanning Tree 79

PortFast, UplinkFast, and BackboneFast 79

PortFast 80

UplinkFast 80

BackboneFast 81

PortFast, UplinkFast, and BackboneFast Configuration 81

PortChannels 82

Load Balancing Across PortChannels 82

PortChannel Discovery and Configuration 83

Rapid Spanning Tree Protocol 84

Rapid Per-VLAN Spanning Tree Plus (RPVST+) 86

Multiple Spanning Trees: IEEE 802.1s 87

Protecting STP 88

Root Guard and BPDU Guard: Protecting Access Ports 89

UDLD and Loop Guard: Protecting Trunks 89

Troubleshooting Complex Layer 2 Issues 91

Layer 2 Troubleshooting Process 91

Layer 2 Protocol Troubleshooting and Commands 92

Troubleshooting Using Basic Interface Statistics 92

Troubleshooting Spanning Tree Protocol 95

Troubleshooting Trunking 95

Troubleshooting VTP 96

Troubleshooting EtherChannels 98

Approaches to Resolving Layer 2 Issues 100

Foundation Summary

Memory Builders 103

Fill in Key Tables from Memory 103

Definitions 103

Further Reading 103

Part II IP

Chapter 4 P Addressing 105

“Do I Know This Already?” Quiz 105

Foundation Topics

IP Addressing and Subnetting 108

IP Addressing and Subnetting Review 108

Subnetting a Classful Network Number 109

Comments on Classless Addressing 111

Subnetting Math 111

Dissecting the Component Parts of an IP Address 111

Finding Subnet Numbers and Valid Range of IP Addresses–Binary 112

Decimal Shortcuts to Find the Subnet Number and Valid Range of IP

Addresses 113

Determining All Subnets of a Network–Binary 116

Determining All Subnets of a Network–Decimal 118

VLSM Subnet Allocation 119

Route Summarization Concepts 121

Finding Inclusive Summary Routes–Binary 122

Finding Inclusive Summary Routes–Decimal 123

Finding Exclusive Summary Routes–Binary 124

CIDR, Private Addresses, and NAT 125

Classless Interdomain Routing 125

Private Addressing 127

Network Address Translation 127

Static NAT 128

Dynamic NAT Without PAT 130

Overloading NAT with Port Address Translation 131

Dynamic NAT and PAT Configuration 132

Foundation Summary

Memory Builders 138

Fill in Key Tables from Memory 138

Definitions 139

Further Reading 139

Chapter 5 IP Services 141

“Do I Know This Already?” Quiz 141

Foundation Topics

ARP, Proxy ARP, Reverse ARP, BOOTP, and DHCP 146

ARP and Proxy ARP 146


DHCP 148

HSRP, VRRP, and GLBP 150

Network Time Protocol 154

SNMP 155

SNMP Protocol Messages 157


SNMP Security 159

Syslog 159

Web Cache Communication Protocol 160

Implementing the Cisco IOS IP Service Level Agreement (IP SLA) Feature 163

Implementing NetFlow 165

Implementing Router IP Traffic Export 166

Implementing Cisco IOS Embedded Event Manager 167

Implementing Remote Monitoring 169

Implementing and Using FTP on a Router 170

Implementing a TFTP Server on a Router 171

Implementing Secure Copy Protocol 171

Implementing HTTP and HTTPS Access 172

Implementing Telnet Access 172

Implementing SSH Access 173

Foundation Summary

Memory Builders 179

Fill In Key Tables from Memory 179

Definitions 179

Further Reading 179

Part III IP Routing

Chapter 6 Forwarding (Routing) 181

“Do I Know This Already?” Quiz 181

Foundation Topics

IP Forwarding 186

Process Switching, Fast Switching, and Cisco Express Forwarding 187

Building Adjacency Information: ARP and Inverse ARP 188

Frame Relay Inverse ARP 189

Static Configuration of Frame Relay Mapping Information 192

Disabling InARP 193

Classless and Classful Routing 194

Multilayer Switching 195

MLS Logic 195

Using Routed Ports and PortChannels with MLS 196

MLS Configuration 197

Policy Routing 201

Optimized Edge Routing and Performance Routing 206

Device Roles in PfR 208

MC High Availability and Failure Considerations 209

PfR Configuration 209

GRE Tunnels 211

Foundation Summary

Memory Builders 215

Fill In Key Tables from Memory 215

Definitions 215

Further Reading 215

Chapter 7 EIGRP 217

“Do I Know This Already?” Quiz 217

Foundation Topics

EIGRP Basics and Steady-State Operation 221

Hellos, Neighbors, and Adjacencies 221

EIGRP Updates 224

The EIGRP Topology Table 226

EIGRP Convergence 228

Input Events and Local Computation 229

Going Active on a Route 231

Stuck-in-Active 233

Limiting Query Scope 234

EIGRP Configuration 234

EIGRP Configuration Example 234

EIGRP Load Balancing 237

EIGRP Authentication 238

EIGRP Automatic Summarization 239

EIGRP Split Horizon 240

EIGRP Route Filtering 240

EIGRP Offset Lists 242

Clearing the IP Routing Table 243

Foundation Summary

Memory Builders 246

Fill In Key Tables from Memory 246

Definitions 246

Further Reading 247

Chapter 8 OSPF 249

“Do I Know This Already?” Quiz 249

Foundation Topics

OSPF Database Exchange 254

OSPF Router IDs 254

Becoming Neighbors, Exchanging Databases, and Becoming Adjacent 255

Becoming Neighbors: The Hello Process 257

Flooding LSA Headers to Neighbors 258

Database Descriptor Exchange: Master/Slave Relationship 259

Requesting, Getting, and Acknowledging LSAs 259

Designated Routers on LANs 260

Designated Router Optimization on LANs 260

DR Election on LANs 262

Designated Routers on WANs and OSPF Network Types 263

Caveats Regarding OSPF Network Types over NBMA Networks 264

Example of OSPF Network Types and NBMA 265

SPF Calculation 268

Steady-State Operation 269

OSPF Design and LSAs 269

OSPF Design Terms 270

OSPF Path Selection Process 271

LSA Types and Network Types 271

LSA Types 1 and 2 272

LSA Type 3 and Inter-Area Costs 275

Removing Routes Advertised by Type 3 LSAs 278

LSA Types 4 and 5, and External Route Types 1 and 2 278

OSPF Design in Light of LSA Types 280

Stubby Areas 281

Graceful Restart 284

OSPF Path Choices That Do Not Use Cost 285

Choosing the Best Type of Path 285

Best-Path Side Effects of ABR Loop Prevention 286

OSPF Configuration 288

OSPF Costs and Clearing the OSPF Process 290

Alternatives to the OSPF Network Command 292

OSPF Filtering 293

Filtering Routes Using the distribute-list Command 293

OSPF ABR LSA Type 3 Filtering 295

Filtering Type 3 LSAs with the area range Command 296

Virtual Link Configuration 296

Configuring OSPF Authentication 298

OSPF Stub Router Configuration 301

Foundation Summary

Memory Builders 306

Fill In Key Tables from Memory 307

Definitions 307

Further Reading 307

Chapter 9 IGP Route Redistribution, Route Summarization, Default Routing, and

Troubleshooting 309

“Do I Know This Already?” Quiz 309

Foundation Topics

Route Maps, Prefix Lists, and Administrative Distance 314

Configuring Route Maps with the route-map Command 314

Route Map match Commands for Route Redistribution 316

Route Map set Commands for Route Redistribution 317

IP Prefix Lists 318

Administrative Distance 320

Route Redistribution 321

Mechanics of the redistribute Command 321

Redistribution Using Default Settings 322

Setting Metrics, Metric Types, and Tags 325

Redistributing a Subset of Routes Using a Route Map 326

Mutual Redistribution at Multiple Routers 330

Preventing Suboptimal Routes by Setting the Administrative Distance 332

Preventing Suboptimal Routes by Using Route Tags 335

Using Metrics and Metric Types to Influence Redistributed Routes 337

Route Summarization 339

EIGRP Route Summarization 341

OSPF Route Summarization 341

Default Routes 342

Using Static Routes to, with redistribute static 344

Using the default-information originate Command 345

Using the ip default-network Command 346

Using Route Summarization to Create Default Routes 347

Troubleshooting Complex Layer 3 Issues 349

Layer 3 Troubleshooting Process 349

Layer 3 Protocol Troubleshooting and Commands 351

IP Routing Processes 352

Approaches to Resolving Layer 3 Issues 359

Foundation Summary

Memory Builders 363

Fill In Key Tables from Memory 363

Definitions 363

Further Reading 363

Chapter 10 Fundamentals of BGP Operations 365

“Do I Know This Already?” Quiz 365

Foundation Topics

Building BGP Neighbor Relationships 371

Internal BGP Neighbors 372

External BGP Neighbors 375

Checks Before Becoming BGP Neighbors 376

BGP Messages and Neighbor States 378

BGP Message Types 378

Purposefully Resetting BGP Peer Connections 379

Building the BGP Table 380

Injecting Routes/Prefixes into the BGP Table 380

BGP network Command 380

Redistributing from an IGP, Static, or Connected Route 383

Impact of Auto-Summary on Redistributed Routes and the network

Command 385

Manual Summaries and the AS_PATH Path Attribute 388

Adding Default Routes to BGP 391

ORIGIN Path Attribute 392

Advertising BGP Routes to Neighbors 393

BGP Update Message 393

Determining the Contents of Updates 394

Example: Impact of the Decision Process and NEXT_HOP on BGP Updates 396

Summary of Rules for Routes Advertised in BGP Updates 402

Building the IP Routing Table 402

Adding eBGP Routes to the IP Routing Table 402

Backdoor Routes 403

Adding iBGP Routes to the IP Routing Table 404

Using Sync and Redistributing Routes 406

Disabling Sync and Using BGP on All Routers in an AS 408

Confederations 409

Configuring Confederations 411

Route Reflectors 414

Foundation Summary

Memory Builders 424

Fill In Key Tables from Memory 424

Definitions 424

Further Reading 425

Chapter 11 BGP Routing Policies 427

“Do I Know This Already?” Quiz 427

Foundation Topics

Route Filtering and Route Summarization 433

Filtering BGP Updates Based on NLRI 434

Route Map Rules for NLRI Filtering 437

Soft Reconfiguration 438

Comparing BGP Prefix Lists, Distribute Lists, and Route Maps 438

Filtering Subnets of a Summary Using the aggregate-address Command 439

Filtering BGP Updates by Matching the AS_PATH PA 440

The BGP AS_PATH and AS_PATH Segment Types 441

Using Regular Expressions to Match AS_PATH 443

Example: Matching AS_PATHs Using AS_PATH Filters 446

Matching AS_SET and AS_CONFED_SEQ 449

BGP Path Attributes and the BGP Decision Process 452

Generic Terms and Characteristics of BGP PAs 452

The BGP Decision Process 454

Clarifications of the BGP Decision Process 455

Three Final Tiebreaker Steps in the BGP Decision Process 455

Adding Multiple BGP Routes to the IP Routing Table 456

Mnemonics for Memorizing the Decision Process 456

Configuring BGP Policies 458

Background: BGP PAs and Features Used by Routing Policies 458

Step 0: NEXT_HOP Reachable 460

Step 1: Administrative Weight 460

Step 2: Highest Local Preference (LOCAL_PREF) 463

Step 3: Choose Between Locally Injected Routes Based on ORIGIN PA 466

Step 4: Shortest AS_PATH 467

Removing Private ASNs 467

AS_PATH Prepending and Route Aggregation 468

Step 5: Best ORIGIN PA 471

Step 6: Smallest Multi-Exit Discriminator 471

Configuring MED: Single Adjacent AS 473

Configuring MED: Multiple Adjacent Autonomous Systems 474

The Scope of MED 474

Step 7: Prefer Neighbor Type eBGP over iBGP 475

Step 8: Smallest IGP Metric to the NEXT_HOP 475

The maximum-paths Command and BGP Decision Process Tiebreakers 475

Step 9: Lowest BGP Router ID of Advertising Router (with One Exception) 476

Step 10: Lowest Neighbor ID 476

The BGP maximum-paths Command 476

BGP Communities 478

Matching COMMUNITY with Community Lists 482

Removing COMMUNITY Values 483

Filtering NLRI Using Special COMMUNITY Values 484

Foundation Summary 486

Memory Builders 490

Fill In Key Tables from Memory 490

Definitions 490

Further Reading 490

Part IV QoS

Chapter 12 Classification and Marking 493

“Do I Know This Already?” Quiz 493

Foundation Topics

Fields That Can Be Marked for QoS Purposes 497

IP Precedence and DSCP Compared 497

DSCP Settings and Terminology 498

Class Selector PHB and DSCP Values 499

Assured Forwarding PHB and DSCP Values 499

Expedited Forwarding PHB and DSCP Values 500

Non-IP Header Marking Fields 501

Ethernet LAN Class of Service 501

WAN Marking Fields 501

Locations for Marking and Matching 502

Cisco Modular QoS CLI 503

Mechanics of MQC 504

Classification Using Class Maps 505

Using Multiple match Commands 506

Classification Using NBAR 507

Classification and Marking Tools 508

Class-Based Marking (CB Marking) Configuration 508

CB Marking Example 509

CB Marking of CoS and DSCP 513

Network-Based Application Recognition 515

CB Marking Design Choices 516

Marking Using Policers 517

QoS Pre-Classification 518

Policy Routing for Marking 519

AutoQoS 519

AutoQoS for VoIP 520

AutoQos VoIP on Switches 520

AutoQoS VoIP on Routers 521

Verifying AutoQoS VoIP 522

AutoQoS for the Enterprise 522

Discovering Traffic for AutoQoS Enterprise 522

Generating the AutoQoS Configuration 523

Verifying AutoQos for the Enterprise 523

Foundation Summary 524

Memory Builders 526

Fill In Key Tables from Memory 526

Definitions 526

Further Reading 527

Chapter 13 Congestion Management and Avoidance 529

“Do I Know This Already?” Quiz 529

Cisco Router Queuing Concepts 533

Software Queues and Hardware Queues 533

Queuing on Interfaces Versus Subinterfaces and Virtual Circuits 534

Comparing Queuing Tools 534

Queuing Tools: CBWFQ and LLQ 535

CBWFQ Basic Features and Configuration 536

Defining and Limiting CBWFQ Bandwidth 538

Low-Latency Queuing 541

Defining and Limiting LLQ Bandwidth 543

LLQ with More Than One Priority Queue 545

Miscellaneous CBWFQ/LLQ Topics 545

Queuing Summary 546

Weighted Random Early Detection 546

How WRED Weights Packets 548

WRED Configuration 549

Modified Deficit Round-Robin 550

LAN Switch Congestion Management and Avoidance 552

Cisco Switch Ingress Queueing 553

Creating a Priority Queue 553

Cisco 3560 Congestion Avoidance 555

Cisco 3560 Switch Egress Queuing 556

Resource Reservation Protocol (RSVP) 559

RSVP Process Overview 560

Configuring RSVP 562

Using RSVP for Voice Calls 563

Foundation Summary 565

Memory Builders 565

Fill In Key Tables from Memory 565

Definitions 565

Further Reading 565

Chapter 14 Shaping, Policing, and Link Fragmentation 567

“Do I Know This Already?” Quiz 567

Foundation Topics 572

Traffic-Shaping Concepts 572

Shaping Terminology 572

Shaping with an Excess Burst 574

Underlying Mechanics of Shaping 574

Traffic-Shaping Adaptation on Frame Relay Networks 576

Generic Traffic Shaping 576

Class-Based Shaping 578

Tuning Shaping for Voice Using LLQ and a Small Tc 580

Configuring Shaping by Bandwidth Percent 583

CB Shaping to a Peak Rate 584

Adaptive Shaping 584

Frame Relay Traffic Shaping 584

FRTS Configuration Using the traffic-rate Command 586

Setting FRTS Parameters Explicitly 587

FRTS Configuration Using LLQ 588

FRTS Adaptive Shaping 590

FRTS with MQC 590

Policing Concepts and Configuration 590

CB Policing Concepts 591

Single-Rate, Two-Color Policing (One Bucket) 591

Single-Rate, Three-Color Policer (Two Buckets) 592

Two-Rate, Three-Color Policer (Two Buckets) 593

Class-Based Policing Configuration 595

Single-Rate, Three-Color Policing of All Traffic 595

Policing a Subset of the Traffic 596

CB Policing Defaults for Bc and Be 597

Configuring Dual-Rate Policing 597

Multi-Action Policing 597

Policing by Percentage 598

Committed Access Rate 599

QoS Troubleshooting and Commands 601

Troubleshooting Slow Application Response 602

Troubleshooting Voice and Video Problems 603

Other QoS Troubleshooting Tips 604

Approaches to Resolving QoS Issues 605

Foundation Summary 606

Memory Builders 608

Fill In Key Tables from Memory 608

Definitions 608

Further Reading 609

Part V Wide-Area Networks

Chapter 15 Wide-Area Networks 611

“Do I Know This Already?” Quiz 611

Foundation Topics 614

Point-to-Point Protocol 614

PPP Link Control Protocol 615

Basic LCP/PPP Configuration 615

Multilink PPP 617

MLP Link Fragmentation and Interleaving 619

PPP Compression 620

PPP Layer 2 Payload Compression 621

Header Compression 621

Frame Relay Concepts 622

Frame Relay Data Link Connection Identifiers 623

Local Management Interface 624

Frame Relay Headers and Encapsulation 625

Frame Relay Congestion: DE, BECN, and FECN 626

Adaptive Shaping, FECN, and BECN 627

Discard Eligibility Bit 628

Frame Relay Configuration 628

Frame Relay Configuration Basics 629

Frame Relay Payload Compression 632

Frame Relay Fragmentation 634

Frame Relay LFI Using Multilink PPP (MLP) 636

Foundation Summary 638

Memory Builders 641

Fill In Key Tables from Memory 641

Definitions 641

Part VI IP Multicast

Chapter 16 Introduction to IP Multicasting 643

“Do I Know This Already?” Quiz 643

Foundation Topics 646

Why Do You Need Multicasting? 646

Problems with Unicast and Broadcast Methods 647

How Multicasting Provides a Scalable and Manageable Solution 649

Multicast IP Addresses 652

Multicast Address Range and Structure 652

Well-Known Multicast Addresses 652

Multicast Addresses for Permanent Groups 653

Multicast Addresses for Source-Specific Multicast Applications and Protocols 654

Multicast Addresses for GLOP Addressing 654

Multicast Addresses for Private Multicast Domains 655

Multicast Addresses for Transient Groups 655

Summary of Multicast Address Ranges 655

Mapping IP Multicast Addresses to MAC Addresses 656

Managing Distribution of Multicast Traffic with IGMP 657

Joining a Group 658

Internet Group Management Protocol 659

IGMP Version 2 660

IGMPv2 Host Membership Query Functions 662

IGMPv2 Host Membership Report Functions 663

IGMPv2 Leave Group and Group-Specific Query Messages 666

IGMPv2 Querier 669

IGMPv2 Timers 669

IGMP Version 3 670

LAN Multicast Optimizations 672

Cisco Group Management Protocol 672

IGMP Snooping 678

Router-Port Group Management Protocol 683

Foundation Summary 686

Memory Builders 686

Fill In Key Tables from Memory 687

Definitions 687

Further Reading 687

References in This Chapter 687

Chapter 17 IP Multicast Routing 689

“Do I Know This Already?” Quiz 689

Foundation Topics 693

Multicast Routing Basics 693

Overview of Multicast Routing Protocols 694

Multicast Forwarding Using Dense Mode 694

Reverse Path Forwarding Check 695

Multicast Forwarding Using Sparse Mode 697

Multicast Scoping 699

TTL Scoping 699

Administrative Scoping 700

Dense-Mode Routing Protocols 700

Operation of Protocol Independent Multicast Dense Mode 701

Forming PIM Adjacencies Using PIM Hello Messages 701

Source-Based Distribution Trees 702

Prune Message 703

PIM-DM: Reacting to a Failed Link 705

Rules for Pruning 707

Steady-State Operation and the State Refresh Message 709

Graft Message 711

LAN-Specific Issues with PIM-DM and PIM-SM 712

Prune Override 712

Assert Message 713

Designated Router 715

Summary of PIM-DM Messages 715

Distance Vector Multicast Routing Protocol 716

Multicast Open Shortest Path First 716

Sparse-Mode Routing Protocols 717

Operation of Protocol Independent Multicast Sparse Mode 717

Similarities Between PIM-DM and PIM-SM 717

Sources Sending Packets to the Rendezvous Point 718

Joining the Shared Tree 720

Completion of the Source Registration Process 722

Shared Distribution Tree 724

Steady-State Operation by Continuing to Send Joins 725

Examining the RP’s Multicast Routing Table 726

Shortest-Path Tree Switchover 727

Pruning from the Shared Tree 729

Dynamically Finding RPs and Using Redundant RPs 730

Dynamically Finding the RP Using Auto-RP 731

Dynamically Finding the RP Using BSR 735

Anycast RP with MSDP 737

Interdomain Multicast Routing with MSDP 739

Summary: Finding the RP 741

Bidirectional PIM 742

Comparison of PIM-DM and PIM-SM 743

Source-Specific Multicast 744

Foundation Summary 746

Memory Builders 750

Fill In Key Tables from Memory 750

Definitions 751

Further Reading 751

Part VII Security

Chapter 18 Security 753

“Do I Know This Already?” Quiz 753

Foundation Topics 757

Router and Switch Device Security 757

Simple Password Protection for the CLI 757

Better Protection of Enable and Username Passwords 758

Using Secure Shell Protocol 759

User Mode and Privileged Mode AAA Authentication 760

Using a Default Set of Authentication Methods 761

Using Multiple Authentication Methods 763

Groups of AAA Servers 764

Overriding the Defaults for Login Security 764

PPP Security 765

Layer 2 Security 766

Switch Security Best Practices for Unused and User Ports 767

Port Security 767

Dynamic ARP Inspection 771

DHCP Snooping 774

IP Source Guard 777

802.1X Authentication Using EAP 777

Storm Control 780

General Layer 2 Security Recommendations 782

Layer 3 Security 783

IP Access Control List Review 784

ACL Rule Summary 785

Wildcard Masks 787

General Layer 3 Security Considerations 788

Smurf Attacks, Directed Broadcasts, and RPF Checks 788

Inappropriate IP Addresses 790

TCP SYN Flood, the Established Bit, and TCP Intercept 790

Classic Cisco IOS Firewall 793

TCP Versus UDP with CBAC 793

Cisco IOS Firewall Protocol Support 794

Cisco IOS Firewall Caveats 794

Cisco IOS Firewall Configuration Steps 795

Cisco IOS Zone-Based Firewall 796

Cisco IOS Intrusion Prevention System 801

Control-Plane Policing 804

Preparing for CoPP Implementation 805

Implementing CoPP 806

Dynamic Multipoint VPN 809

Foundation Summary 811

Memory Builders 814

Fill In Key Tables from Memory 815

Definitions 815

Further Reading 815


Chapter 19 Multiprotocol Label Switching 817

“Do I Know This Already?” Quiz 817

Foundation Topics 821

MPLS Unicast IP Forwarding 821

MPLS IP Forwarding: Data Plane 822

CEF Review 822

Overview of MPLS Unicast IP Forwarding 823

MPLS Forwarding Using the FIB and LFIB 825

The MPLS Header and Label 826

The MPLS TTL Field and MPLS TTL Propagation 827

MPLS IP Forwarding: Control Plane 829

MPLS LDP Basics 829

The MPLS Label Information Base Feeding the FIB and LFIB 832

Examples of FIB and LFIB Entries 836

Label Distribution Protocol Reference 838


The Problem: Duplicate Customer Address Ranges 840

The Solution: MPLS VPNs 841

MPLS VPN Control Plane 844

Virtual Routing and Forwarding Tables 844

MP-BGP and Route Distinguishers 846

Route Targets 848

Overlapping VPNs 850

MPLS VPN Configuration 851

Configuring the VRF and Associated Interfaces 853

Configuring the IGP Between PE and CE 855

Configuring Redistribution Between PE-CE IGP and MP-BGP 858

Configuring MP-BGP Between PEs 861

MPLS VPN Data Plane 863

Building the (Inner) VPN Label 865

Creating LFIB Entries to Forward Packets to the Egress PE 866

Creating VRF FIB Entries for the Ingress PE 868

Penultimate Hop Popping 869

Other MPLS Applications 870

VRF Lite 872

VRF Lite, Without MPLS 872

VRF Lite with MPLS 875

Foundation Summary 877

Memory Builders 877

Fill In Key Tables from Memory 877

Definitions 877

Further Reading 877

Part IX IP Version 6

Chapter 20 IP Version 6 879

“Do I Know This Already?” Quiz 879

Foundation Topics 883

IPv6 Addressing and Address Types 884

IPv6 Address Notation 884

Address Abbreviation Rules 885

IPv6 Address Types 885

Unicast 886

Multicast 889

Anycast 891

The Unspecified Address 892

IPv6 Address Autoconfiguration 892

EUI-64 Address Format 892

Basic IPv6 Functionality Protocols 894

Neighbor Discovery 894

Neighbor Advertisements 896

Neighbor Solicitation 896

Router Advertisement and Router Solicitation 897

Duplicate Address Detection 898

Neighbor Unreachability Detection 899

ICMPv6 899

Unicast Reverse Path Forwarding 900

DNS 901

CDP 901

DHCP 902

Access Lists 903

Traffic Filtering with Access Lists 904

IPv6 Static Routes 904

IPv6 Unicast Routing Protocols 906

OSPFv3 907

Differences Between OSPFv2 and OSPFv3 907

Virtual Links, Address Summarization, and Other OSPFv3 Features 908

OSPFv3 LSA Types 908

OSPFv3 in NBMA Networks 909

Configuring OSPFv3 over Frame Relay 910

Enabling and Configuring OSPFv3 910

Authentication and Encryption 918

EIGRP for IPv6 918

Differences Between EIGRP for IPv4 and for IPv6 918

Unchanged Features 919

Route Filtering 920

Configuring EIGRP for IPv6 920

Route Redistribution and Filtering 927

IPv6 Route Redistribution 927

Redistribution Example 928

Quality of Service 931

QoS Implementation Strategy 932

Classification, Marking, and Queuing 932

Congestion Avoidance 933

Traffic Shaping and Policing 933

Tunneling Techniques 933

Tunneling Overview 933

Manually Configured Tunnels 935

Automatic IPv4-Compatible Tunnels 936

IPv6 over IPv4 GRE Tunnels 936

Automatic 6to4 Tunnels 937

ISATAP Tunnels 939

NAT-PT 939

IPv6 Multicast 940

Multicast Listener Discovery 940

Explicit Tracking 941

PIM 941

PIM DR Election 941

Source-Specific Multicast 941


Additional PIM Concepts and Options 942

IPv6 Multicast Static Routes 942

Configuring Multicast Routing for IPv6 943

Foundation Summary 944

Memory Builders 946

Fill In Key Tables from Memory 946

Definitions 946

Further Reading 947

Part X Appendixes

Appendix A Answers to the “Do I Know This Already?” Quizzes 949

Appendix B Decimal to Binary Conversion Table 979

Appendix C CCIE Exam Updates 983

Index 986


Appendix D IP Addressing Practice

Appendix E RIP Version 2

Appendix F IGMP

Appendix G Key Tables for CCIE Study

Appendix H Solutions for Key Tables for CCIE Study


Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Cisco Press products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by Cisco Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive:

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020