Networking links

This page by David Papkin shows useful network links

Enroll in Cisco Networking Academy

CCNAX 200-125 exam

online subnet calculator

Shows config and lists different syslog levels

Configuring System Message Logging (Cisco)

Configure System Logging (Cisco link)

Configuring Cisco IOS to automatically save the running configuration to a tftp server on save

Booting Cisco Router from a TFTP server

Use of the Configuration Register on All Cisco Routers

Understanding Cisco Auto Archive Feature to Backup Configuration File

Adjust Administrative Distance for Route Selection in Cisco IOS Routers

Interface and Line Numbers in Cisco Routers

Configuring Link aggregation with Etherchannel

Errdisable Port State Recovery on the Cisco IOS Platforms

Maximum Number of Interfaces and Subinterfaces for Cisco IOS Routers: IDB Limits

Overview of Dial Interfaces, Controllers, and Lines


Cisco Cable Pinouts ( rollover , aux , Ethernet )

Current Standards for CAT Patch Cords
Bulk Patch Cord
  • Cat 1: Wiring used in POTS telephone communications, ISDN and wiring for doorbells. Not recognized by TIA/EIA
  • Cat2: Was used on a 4 Mbit/s token ring networks. Not recognized by TIA/EIA
  • Cat3: Typically used on 10 Mbit/s Ethernet networks and can be used up to 16 MHz. Currently recognized by TIA/EIA
  • Cat4: Typically used on 16 Mbit/s token ring networks and can be used up to 20 MHz. Not recognized by TIA/EIA
  • Cat5: Typically used on 100 Mbit/s Ethernet networks and can be used up to 100 MHz; however, Cat5 is not suitable for 1000BASE-T gigabit Ethernet. Not recognized by TIA/EIA
  • Cat5e: Typically used on 100 Mbit/s Ethernet networks and gigabit Ethernet networks; can be used up to 100 MHz. Currently recognized by TIA/EIA
  • Cat6: Performs at more than double the MHz of Cat5 and Cat5e, going up to 250 MHz. Currently recognized by TIA/EIA
  • Cat6a: Standard for future 10 Gbit/s applications.
  • Cat7: Standard used to describe ISO/IEC 11801 Class F cabling. Cat7 is a protective shield covering 4 individually shielded pairs (STP) for transmission of frequencies of up to 600 MHz

Fiber Optics Part 2: Single-Mode Fiber vs. Multi-Mode-Fiber

Differences between T568A and T568B explained

Power over Ethernet (POE) pinout

Configuration Monitoring

Configuration management tools can monitor device configurations to discover when the
device configuration differs from the intended ideal configuration, and then either reconfigure the device or notify the network engineering staff to make the change

CRUD and HTTP Verbs

The software industry uses a memorable acronym—CRUD—for the four primary actions performed by an application.

Create: Allows the client to create some new instances of variables and data structures at the server and initialize their values as kept at the server
Read: Allows the client to retrieve (read) the current value of variables that exist at the server, storing a copy of the variables, structures, and values at the client
Update: Allows the client to change (update) the value of variables that exist at the server
Delete: Allows the client to delete from the server different instances of data variables

For example, using the northbound REST API of a DNA controller (See Cisco Software-Defined Access (SDA),” for info)  you might want to create something, like a new security policy. From a programming perspective, the security policy exists as a related set of configuration settings on the DNA controller, internally represented by variables. To do that, a REST client application would use a Create action, using the DNA Center RESTful API, that created variables on the DNA Controller via the DNA Center REST API.

HTTP uses verbs that mirror CRUD actions. HTTP defines the concept of an HTTP request and reply, with the client sending a request and with the server answering back with a reply.

Each request/reply lists an action verb in the HTTP request header, which defines the HTTP action. The HTTP messages also include a URI, which identifies the resource being manipulated for this request. As always, the HTTP message is carried in IP and TCP, with headers and data, as seen below.


Cisco IP Addressing: DHCP Configuration Guide

DHCP Static Binding on Cisco IOS

Dynamic ARP Inspection (DAI)

To prevent unauthorized Address Resolution Protocol , use Dynamic ARP Inspection (DAI)

To configure DAI

Step 1. Use the ip arp inspection vlan vlan-list global command to enable Dynamic
ARP Inspection (DAI) on the switch for the specified VLANs.

Step 2. Separate from the DAI configuration, also configure DHCP Snooping and/or
ARP ACLs for use by DAI.

Step 3. Configure the ip arp inspection trust interface subcommand to override the
default setting of not trusted.

Dynamic ARP Inspection


How to configure GRE over an IPSec tunnel on routers



Cisco Campus Network for High Availability Design Guide

Cisco What Is Administrative Distance?

Intent-based Networking

SDN is a foundational building block of intent-based networking. Cisco DNA Center provides a single dashboard for managing and controlling the enterprise network.

Tools of Cisco DNA Center

Discovery – Scans the network for new devices.

Inventory – Provides inventory for new devices.

Topology – Discover and map new devices to a physical topology.

Image Repository

Command Runner

License Manager

Template Editor

Network Plug and Play


Data and Reports


Configure IP address on Cisco router

Configure Cisco switch settings


Microsoft IPv6 Addresses

Configuring IPv6


Logging commands:

terminal monitor – Log messages to a non console terminal session during the current session.

show logging – Verify the “terminal monitor” command.

Network Address Translation (NAT)

Advantages –

  • Reuse of private IP addresses
  • Enhancing security for private networks by keeping internal addressing private from the external network
  • Connecting a large number of hosts to the global Internet using a smaller number of public (external) IP address, thereby conserving IP address space.

Disadvantages –

  • No end to end security
  • Performance
  • Application usage. Since hosts inside the network is unreachable at times, some applications tends to have compatibility issues with NAT. These applications depend on end to end functionality which the network fails to supply.
  • Protocol Usage. Since the value inside the headers are changed in NAT, tunneling protocols such as IPSec can be complicated to be used. Whenever the values inside the headers are modified, the integrity checks are interfered causing them to fail.

NAT: Local and Global Definitions

Network Management tools

Network Performance Monitor (NPM) Multi-vendor network monitoring that scales and expands with the needs of your network
Paessler Router Traffic Grapher (PRTG) Monitor all the systems, devices, traffic, and applications in your IT infrastructure.
ManageEngine OpManager  Monitor routers, switches, firewalls, servers, and VMs for fault and performance
WhatsUp Gold provides complete visibility into the status and performance of applications, network devices and servers in the cloud or on-premises.
Cisco Network Assistant  simplifies wired and wireless network management for networks up to 80 devices with its intuitive GUI and a task-based menu


OSPF: Frequently Asked Questions

Modifying OSPF cost.

The default reference bandwidth used for calculating cost on CIsco routers is 100Mbps

OSPF uses a simple formula to calculate the OSPF cost for an interface with this formula:

cost = reference bandwidth / interface bandwidth

However, if you have faster links in your network, such as gigabit Ethernet or OC-3 connections, OSPF can’t give these links a better cost than 1. So you should set the reference bandwidth to at least as high as the fastest link in your network. In fact, you may want to set this value higher than the bandwidth of your fastest link to ensure that you don’t have to reconfigure your whole network when you eventually upgrade

What is OSPF Metric value Cost and OSPF default Cost Reference Bandwidth

Cisco IOS Cookbook, 2nd Edition by Kevin Dooley, Ian Brown

DR/BDR Election

Designated & Backup Designated Router

DR/BDR Roles

Configuring Per Interface OSPF

OSPF Area and ASN

Routing domains and Areas

Packet Tracer


Password Encryption

Enable secret password config


Quality of Service (QoS) Configuration Guide

802.1p and DSCP QoSRADIUS vs TACACS+

Enabling OSPFv2 on an Interface Basis

Protocol and Port(s) Used UDP: 1812 & 1813
-or- UDP: 1645 & 1646
TCP: 49
Encryption Encrypts only the Password Field Encrypts the entire payload

TACACS+ and RADIUS Comparison (Cisco)


TACACS+ Configuration Guide

Configuring Network Device Management lab solution


REST is acronym for REpresentational State Transfer

Applications use application programming interfaces (APIs) to communicate.

API is an interface that defines interactions between multiple software applications or mixed hardware-software intermediaries. A set of functions that allows applications to access data and interact with external software

REST APIs follow a set of foundational rules about what makes a REST API and what does not.  REST APIs include the six attributes defined a few decades Roy Fielding. See

Those six attributes are

■ Client/server architecture

■ Stateless operation

■ Clear statement of cacheable/uncacheable

■ Uniform interface

■ Layered

■ Code-on-demand


The creators of REST-based APIs often choose HTTP because HTTP’s logic matches some of the concepts defined more generally for REST APIs. HTTP uses the same principles as REST: it operates with a client/server model; it uses a stateless operational model; and it includes headers that clearly mark objects as cacheable or not cacheable. It also includes

verbs—words that dictate the desired action for a pair HTTP Request and Reply—which matches how applications like to work.


Understanding BGP

What is OSPF cost

Adjust Administrative Distance for Route Selection in Cisco IOS Routers

eBGP ASN numbers


A controller, or SDN controller, centralizes the control of the networking devices. The
degree of control, and the type of control, varies widely.

In a controller-based network architecture, the controller needs to communicate to the networking devices. The 2 APIs interfaces needed are:

  • The  interface between the controller and those devices,  is the southbound interface (SBI).
  • A controller’s northbound interface (NBI) opens the controller so its data and functions can
    be used by other programs, enabling network programmability, with much quicker development


The primary components for the Cisco SD-WAN solution consist of the vManage network management system (management plane), the vSmart controller (control plane), the vBond orchestrator (orchestration plane), and the vEdge router (data plane).

  • vManage – This centralized network management system provides a GUI interface to easily monitor, configure, and maintain all Cisco SD-WAN devices and links in the underlay and overlay network.
  • vSmart controller – This software-based component is responsible for the centralized control plane of the SD-WAN network. It establishes a secure connection to each vEdge router and distributes routes and policy information via the Overlay Management Protocol (OMP), acting as a route reflector. It also orchestrates the secure data plane connectivity between the vEdge routers by distributing crypto key information, allowing for a very scalable, IKE-less architecture.
  • vBond orchestrator – This software-based component performs the initial authentication of vEdge devices and orchestrates vSmart and vEdge connectivity. It also has an important role in enabling the communication of devices that sit behind Network Address Translation (NAT).
  • vEdge router – This device, available as either a hardware appliance or software-based router, sits at a physical site or in the cloud and provides secure data plane connectivity among the sites over one or more WAN transports. It is responsible for traffic forwarding, security, encryption, Quality of Service (QoS), routing protocols such as Border Gateway Protocol (BGP) and Open Shortest Path First (OSPF), and more.



Cisco SNMP v3

How to Configure SNMP

How to Configure SNMP Community Strings

Spine and Leaf Architecture

Spine-and-Leaf Architecture: Design Overview White Paper


Understand and Configure STP on Catalyst Switches

Understanding and Tuning Spanning Tree Protocol Timers

Understanding Rapid Spanning Tree Protocol (802.1w)

STP Root Port Selection

Spanning Tree Protocol WIKI

Spanning Tree Protocol Operation


How do SNMP, MIBs and OIDs work?


IP Addressing and Subnetting(info on /31 also)

Switch Virtualization

Troubleshooting Switch Stacks

Cisco StackWise and StackWise Plus Technology

Switch Security

Switch Security Violation modes:

  1. protect—Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value.
  2. restrict—Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the SecurityViolation counter to increment.
  3. shutdown—Puts the interface into the error-disabled state immediately and sends an SNMP trap notification.


Transmission Control Protocol

Understanding TCP/IP

How TCP Three-way handshake works (SYN, SYN-ACK, ACK)

Why does TCP even need a 3-way handshake?

Configuring Administrator Usernames and Passwords

Configuring Administrator Usernames and Passwords


Creating Ethernet VLANs on Catalyst Switches

Configure InterVLAN Routing on Layer 3 Switches

VLAN Subinterface Commands


Virtual Extensible LAN (VXLAN) is a network virtualization technology that attempts to address the scalability problems associated with large cloud computing deployments. It uses a VLAN-like encapsulation technique to encapsulate OSI layer 2 Ethernet frames within layer 4 UDP datagrams, using 4789 as the default IANA-assigned destination UDP port number.[1] VXLAN endpoints, which terminate VXLAN tunnels and may be either virtual or physical switch ports, are known as VXLAN tunnel endpoints (VTEPs).

When an SDA endpoint (for example, an end-user computer) sends a data link frame into an SDA edge node, the ingress edge node encapsulates the frame and sends it across a VXLAN tunnel to the egress edge node

  • Fabric edge nodes—SDA nodes that connect to the edge of the SDA fabric—learn the
    location of possible endpoints using traditional means, based on their MAC address,
    individual IP address, and by subnet, identifying each endpoint with an endpoint identifier (EID).
  • The fabric edge nodes register the fact that the node can reach a given endpoint (EID)
    into a database called the LISP map server.
  • The LISP map server keeps the list of endpoint identifiers (EIDs) and matching routing
    locators (RLOCs) (which identify the fabric edge node that can reach the EID).
  • In the future, when the fabric data plane needs to forward a message, it will look for and
    find the destination in the LISP map server’s database.

Additional files

End of David Papkin page on Networking links.

David Papkin favorite movies

Robert Deniro in GoodFellas

Ava Gardner in Singapore (Flim Noir)

Clarke Gable in China Seas