Cisco CEF packet forwarding

Routers support three packet-forwarding mechanisms:

  • Process switching – Legacy method, each packet that arrives on an interface, is forwarded to the control plane where the CPU matches the destination address with an entry in its routing table, then determines the exit interface and forwards the packet via out interface. This is done for each packet even if the destination in the stream is the same Continue reading

Upgrade IOS on up to 9 Cisco switches fast


Directory of flash:/

 509  -rwx        2301   Mar 1 1993 00:24:41 +00:00  config.text
 510  -rwx          24   Mar 1 1993 00:24:41 +00:00  private-config.text
 511  -rwx        2072   Mar 1 1993 00:24:41 +00:00  multiple-fs
 512  -rwx        3584   Mar 1 1993 00:38:49 +00:00  tftp
   2  drwx         512   Mar 1 1993 00:15:19 +00:00  c3750-ipbasek9-mz.122-55.SE7

The command below creates new archive saved.tar including all files and directories in c3750-ipbasek9-mz.122-55.SE7 directory and saves the TAR archive on tftp server.

Switch#archive tar /create tftp:// c3750-ipbasek9-mz.122-55.SE7

Continue reading

IPv4 special addresses of Internet Protocol version 4

IP is the most commonly used communication protocol suite in Internet. Most of us know that this 32bit IP address range has been divided on public and private addresses – what we have at home (private) and what is reachable on Internet (public). But underneath there are more IP pools and not everyone knows that in the IP world there are special address ranges used to cover extra tasks and services provided for us like stream video, routing updates and time updates.

During the exhaustion 32bit ver4 IP pool have changed and the modern division approved by Cisco and Internet Organisations (IEEE and IANA) is the current standard shown below. Continue reading

Cisco enable http server

Follow these steps to enable https secure web configuration on your router or switch:

#conf t
 username tech privilege 15 secret 0 userpassword '<-- create user tech with the highest privileges'
 ip http server '<-- enable http access'
 ip http access-class 23
 ip http authentication local '<-- enable local authentication'
 ip http secure-server
 ip http timeout-policy idle 60 life 86400 requests 10000

VLANs on Cisco switch or EtherSwitch card


VLANs concept is very well known to separate network traffic on single switch to increase security. This allows more clearer network design minimizing needs for an additional hardware to deployed. The below example has been tested on Cisco 1900 series router eqquipped with EHWIC-4ESG-P EtherSwitch card. This configuration supports up to 16 VLANs but higher end devices can support up to 4096 VLANs. Please refer to your device documentation for more details. Continue reading

Cisco weird interfaces, nvi, svi, bvi

NVI – NAT Virtual Interface

Not everyone knows that from IOS version 12.3(14)T, Cisco has introduced a new feature called NAT Virtual Interface; NVI removes the requirements to configure an interface as either NAT inside or NAT outside. An interface can be configured to use NAT or not use NAT.

How to use NVI? It’s easy! You must use the command ‘ip nat source …’ without specifying the inside/outside tag and enable the nat to the interfaces using the command ‘ip nat enable’. Continue reading