Root Guard and BPDU Guard: Protecting Access Ports
Network designers probably do not intend for end users to connect a switch to an access port that is intended for attaching end-user devices. However, it happens—for instance, someone just may need a few more ports in the meeting room down the hall, so they figure they could just plug a small, cheap switch into the wall socket. The STP topology can be changed based on one of these unexpected and undesired switches being added to the network. For instance, this newly added a..
So far, this section on PIM-SM has explained the beginnings of the registration process, by which a router near the source of multicast packets registers with the RP. Before completing that discussion, however, the concept of the shared tree for a multicast group, also called the root-path tree (RPT), must be explained. As mentioned earlier, PIM-SM initially causes multicasts to be delivered in a two-step process: first, packets are sent from the source to the RP, and then th..
SSL is an encryption technology for web host devices used to process secure transactions. For example, a secure transaction is required when a client enters their credit card number for e-commerce via their browser. When the end user enters a web address via an Internet browser, such as Internet Explorer, instead of entering HTTP://web address in the address window, the end user enters HTTPs://web address. Note Secure Hypertext Transfer Protocol (S-HTTP) transports HTTP-bas..
Removing Passwords from a Router Configuration File
The following Perl script removes sensitive information like passwords and SNMP community strings from configuration files. The script takes the name of the file containing the router's configuration as its only command-line argument. Here's some sample output: Freebsd% strip.pl Router1-confg version 12.2service password-encryption!hostname Router1!aaa new-modelaaa authentication login default localenable secret <removed>enable password <removed>!username ij..
Increasing the RIP Input Queue
To increase the size of the shared RIP queue, use the input-queue configuration command: Router2#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router2(config)#router rip Router2(config-router)#input-queue 200 Router2(config-router)#end Router2# This command allows you to control how much incoming RIP update information the router can hold before it has can process the information and integrate it into its routing table. Sometimes a ro..
