Nexthop

jitter

line aux 0
 modem InOut
 transport preferred telnet
 transport input all
 transport output telnet
 stopbits 1
interface loopback 0
 ip address 10.1.1.1 255.255.255.255
Router#show line
 Tty Line Typ     Tx/Rx    A Modem  Roty AccO AccI  Uses  Noise Overruns  Int
   0    0 CTY              -    -      -    -    -     0      0    0/0      -
   1    1 AUX   9600/9600  - inout     -    -    -     1      0    1/1      -
*194  194 VTY              -    -      -    -    -     3      0    0/0      -
 195  195 VTY              -    -      -    -    -     1      0    0/0      -
 196  196 VTY              -    -      -    -    -     0      0    0/0      -
 197  197 VTY              -    -      -    -    -     0      0    0/0      -
 198  198 VTY              -    -      -    -    -     0      0    0/0      -
Router#telnet 10.1.1.1 2001
Trying 1.0.0.1, 2001 ... Open

login:
ip sla monitor 1
 type echo protocol ipicmpecho 10.1.1.2
 frequency 5
ip sla monitor schedule 1 start-time now life forever

ip sla monitor 2
 type echo protocol ipicmpecho 10.1.2.2
 frequency 5
ip sla monitor schedule 2 start-time now life forever

track 123 rtr 1 reachability
track 124 rtr 2 reachability
Router#show track
Track 123
  Response Time Reporter 1 reachability
  Reachability is Up
    1 change, last change 00:00:05
  Latest operation return code: OK
  Latest RTT (millisecs) 168
Track 124
  Response Time Reporter 2 reachability
  Reachability is Up
    1 change, last change 00:00:04
  Latest operation return code: OK
  Latest RTT (millisecs) 124
access-list 11 permit host 172.16.0.1
access-list 12 permit host 192.168.0.1

route-map in-out-link-1 permit 10
 match ip address 11
 set ip next-hop verify-availability 10.1.1.2 10 track 123
 set ip next-hop verify-availability 10.1.2.2 20 track 124

route-map in-out-link-1 permit 20
 match ip address 12
 set ip next-hop verify-availability 10.1.2.2 10 track 124
 set ip next-hop verify-availability 10.1.1.2 20 track 123
Router#show route-map in-out-link-1
route-map in-out-link-1, permit, sequence 10
  Match clauses:
    ip address (access-lists): 11 
  Set clauses:
    ip next-hop verify-availability 10.1.1.2 10 track 123  [up]
    ip next-hop verify-availability 10.1.2.2 20 track 124  [up]
  Policy routing matches: 0 packets, 0 bytes
route-map in-out-link-1, permit, sequence 20
  Match clauses:
    ip address (access-lists): 12 
  Set clauses:
    ip next-hop verify-availability 10.1.2.2 10 track 124  [up]
    ip next-hop verify-availability 10.1.1.2 20 track 123  [up]
  Policy routing matches: 0 packets, 0 bytes
interface fa0/0
 ip nat inside
 ! devemos aplicar o route-map in-out-link-1 na interface conectada na rede
 ! interna para fazer com que o roteador não utilize a tabela de rotas padrão. 
 ip policy route-map in-out-link-1

int atm1/0.1
 ip nat outside

interface atm2/0.1
 ip nat outside

route-map nat-1 permit 10
 match interface ATM1/0.1
!
route-map nat-2 permit 10
 match interface ATM2/0.1
!
ip nat  inside source route-map nat-1 interface atm 1/0.1
ip nat  inside source route-map nat-2 interface atm 2/0.1
Host#ping 1.1.1.1 source lo0

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/295/760 ms

Host#ping 1.1.1.1 source lo1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 96/187/304 ms
Router#show ip nat translations
Pro Inside global      Inside local       Outside local      Outside global
icmp 10.1.1.1:116      172.16.0.1:116     1.1.1.1:116        1.1.1.1:116
icmp 10.1.2.1:117      192.168.0.1:117    1.1.1.1:117        1.1.1.1:117
Router#show track
Track 123
  Response Time Reporter 1 reachability
  Reachability is Up
    1 change, last change 00:02:45
  Latest operation return code: OK
  Latest RTT (millisecs) 79
  Tracked by:
    ROUTE-MAP 0
Track 124
  Response Time Reporter 2 reachability
  Reachability is Down
    2 changes, last change 00:00:00
  Latest operation return code: Timeout
  Tracked by:
    ROUTE-MAP 0

Router#show route-map in-out-link-1
route-map in-out-link-1, permit, sequence 10
  Match clauses:
    ip address (access-lists): 11 
  Set clauses:
    ip next-hop verify-availability 10.1.1.2 10 track 123  [up]
    ip next-hop verify-availability 10.1.2.2 20 track 124  [down]
  Policy routing matches: 0 packets, 0 bytes
route-map in-out-link-1, permit, sequence 20
  Match clauses:
    ip address (access-lists): 12 
  Set clauses:
    ip next-hop verify-availability 10.1.2.2 10 track 124  [down]
    ip next-hop verify-availability 10.1.1.2 20 track 123  [up]
  Policy routing matches: 0 packets, 0 bytes

Router#show ip nat translations
Pro Inside global      Inside local       Outside local      Outside global
icmp 10.1.1.1:119      172.16.0.1:119     32.1.1.1:119       32.1.1.1:119
icmp 10.1.1.1:118      192.168.0.1:118    32.1.1.1:118       32.1.1.1:118
Switch# show hw-module all transceiver 001 status
The Transceiver in slot 0 subslot 0 port 1 is enabled.
Module temperature                        = +44.390 C
Transceiver Tx supply voltage             = 3300.4 uVolts
Transceiver Tx bias current               = 25344 uAmps
Transceiver Tx power                      = -1 dBm
Transceiver Rx optical power              = -7 dBm
! criamos a monitoração 100 para o endereço IP 10.10.10.1
!
ip sla 100
icmp-jitter 10.10.10.1 source-ip 192.168.1.1 num-packets 20
frequency 300
!
! então é necessário ativar a monitoração recém criada
!
ip sla schedule 100 start-time now life forever

Router#sh ip sla statistics 100

Round Trip Time (RTT) for       Index 100
Type of operation:              icmpJitter
      Latest RTT: 230 milliseconds
Latest operation start time: 13:04:36.499 BRST Wed Nov 26 2008
Latest operation return code: OK
RTT Values:
      Number Of RTT: 13               RTT Min/Avg/Max: 325/354/413
Latency one-way time:
      Number of Latency one-way Samples: 0
      Source to Destination Latency one way Min/Avg/Max: 0/0/0
      Destination to Source Latency one way Min/Avg/Max: 0/0/0
Jitter Time:
      Number of SD Jitter Samples: 9
      Number of DS Jitter Samples: 9
      Source to Destination Jitter Min/Avg/Max: 1/5/17
      Destination to Source Jitter Min/Avg/Max: 0/25/71
Packet Late Arrival: 0
Out Of Sequence: 0
      Source to Destination: 0        Destination to Source 0
      In both Directions: 0
Packet Skipped: 0       Packet Unprocessed: 7
Packet Loss: 0
      Loss Period Length Min/Max: 0/0
Number of successes: 1
Number of failures: 0
Operation time to live: Forever
# IP SLA 100
Target[rtt_mon_100]:1.3.6.1.4.1.9.9.42.1.5.4.1.4.100&1.3.6.1.4.1.9.9.42.1.5.4.1.5.100:community@192.168.1.1:
MaxBytes[rtt_mon_100]: 350
AbsMax[rtt_mon_100]: 2000
YLegend[rtt_mon_100]: Round Trip Time
ShortLegend[rtt_mon_100]: ms
LegendI[rtt_mon_100]:  min rtt (ms):
LegendO[rtt_mon_100]:  max rtt (ms):
Legend1[rtt_mon_100]: min rtt (ms)
Legend2[rtt_mon_100]: max rtt (ms)
Title[rtt_mon_100]:       Tempo de Resposta - IP SLA 100

options {
    version "Not disclosed";
 }

Router#show ip nat translations

Pro     Inside global      Inside local       Outside local      Outside global
---     200.200.200.1      192.168.0.1            ---                 ---
System image file is "flash:c3725-entbase-mz.124-6.T.bin"

Cisco(config)# int fa0/0
Cisco(config-if)# ip load-sharing per-packet
Cisco(config-if)# int ser0/0
Cisco(config-if)# ip load-sharing per-packet
Cisco#show ip cef 10.10.10.1 detail
10.10.10.0/24 version 7920, per-packet sharing
0 packets, 0 bytes
via 10.2.2.2, FastEthernet0/0, 0 dependencies
traffic share 1, current path
next hop 10.2.2.2, FastEthernet0/0
valid adjacency
via 10.1.1.1, Serial0/0, 0 dependencies
traffic share 1
next hop 10.1.1.1, Serial0/0
valid adjacency
0 packets, 0 bytes switched through the prefix
tmstats: external 0 packets, 0 bytes
  internal 0 packets, 0 bytes
Cisco(config)# ip cef load-sharing algorithm include-ports source destination
Cisco# show ip cef exact-route 10.0.0.10 src-port 35 192.168.0.2 dest-port 80
! configuração do vpdn
vpdn enable

! configuração da interface conectada ao modem ADSL
interface Ethernet0
no ip address
no ip proxy-arp
ip virtual-reassembly
pppoe enable
pppoe-client dial-pool-number 1
no cdp enable

interface Dialer1
ip address negotiated
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
! para autenticação via PPP chap
ppp chap hostname user@provedor
ppp chap password 7 
! ou para autenticação PPP pap
ppp pap sent-username user@provedor password 7 

! rota default
ip route 0.0.0.0 0.0.0.0 Dialer1

dialer-list 1 protocol ip permit
cisco#sh pppoe session all
Total PPPoE sessions 1

session id: 45316
local MAC address: 0016.c7ee.f8cc, remote MAC address: 0004.3daa.aafb
virtual access interface: Vi1, outgoing interface: Et0
   286832 packets sent, 365434 received
   17806173 bytes sent, 357739263 received
cisco# configure terminal
cisco(config)#interface loopback 0
cisco(config-if)#ip address 10.10.10.10 255.255.255.255
cisco#configure replace nvram:startup-config list
This will apply all necessary additions and deletions
to replace the current running configuration with the
contents of the specified configuration file, which is
assumed to be a complete configuration, not a partial
configuration. Enter Y if you are sure you want to proceed. ? [no]: yes
!Pass 1

!List of Commands:
no interface Loopback0
end

Total number of passes: 1
Rollback Done
cisco#
cisco(config)#archive
cisco(config-archive)#maximum 5
cisco(config-archive)#path flash:myconfig
cisco#archive config

cisco#sh archive
There are currently 2 archive configurations saved.
The next archive file will be named flash:myconfig-2
Archive #  Name
  0
  1       flash:myconfig-1 <- Most Recent        
  2        
  3        
  4        
  5  
(...)
cisco#configure replace flash:myconfig-1 list time 120
This will apply all necessary additions and deletions
to replace the current running configuration with the
contents of the specified configuration file, which is
assumed to be a complete configuration, not a partial
configuration. Enter Y if you are sure you want to proceed. ? [no]: yes
!Pass 1

!List of Commands:
no interface Loopback0
end

Total number of passes: 1
Rollback Done

cisco# configure confirm
pix1# write net 10.10.10.10:arquivo.cfg
pix2# configure terminal
pix2(config)# configure net 10.10.10.10:arquivo.cfg
root@server# tcpdump -i eth0 -n -s 1500 -c 1000 -w file.cap
root@server# tcpdump [ opções ] [ expressão ]
root@server# tcpdump -ni eth0 'src net 10.10.10.0/24 and dst host 192.168.0.1 and dst port 80'
root@server# tcpdump -ni eth0 'tcp[13] == 2'
root@server# tcpdump -ni en1 'icmp[icmptype]==8'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on en1, link-type EN10MB (Ethernet), capture size 96 bytes
23:55:33.232659 IP 192.168.0.x > 200.192.y.x: ICMP echo request, id 52993, seq 0, length 64
Router(config)# interface fast 0
Router(config-if)# ip address 192.168.0.1 255.255.255.0
Router(config-if)# ip tcp adjust-mss 1452
conf t
int fas 0/0
ip unreachables
int fas 0/1
ip unreachables

Nexthop

Ajude a Medir a Qualidade da Internet no Brasil

Vídeos sobre IPv6 do RIPE/NCC

Eventos: GTER/GTS e ysts

Cisco Reverse Telnet

Guideline de segurança - Cisco

Dica: Internetworkpro Wiki

Every move you make...

Você está preparado?

Cancelando com CTRL+C no Cisco

Um roteador, dois provedores e alguma redundância

Atualizar Horário de Verão - Juniper M7i 9.1 ou maior

Perigo! Certificados SSL que utilizam o MD5 podem ser forjados

Verificar Interface Ótica

Cisco IP SLA

Monitoração de prefixos BGP na Internet

Adicionando as buscas da Cisco no seu Browser

O que mudou ?

Aumentando a velocidade do show running-config

Usando o Ping (Cisco)

Dica: tcpdump

Inscrições abertas para o GTER/GTS

YSTS 2.0

Dica: Material sobre PCI DSS

NANOG 44 Webcast

Dica: CCIE SP Dynamips Mini Cenários

Cisco Flexible Netflow

Cisco Policy-Based Routing

BGP AS com 4 Bytes

Configuração de portas Gigabit Ethernet

Teste o seu DNS recursivo!

Cisco BGP default-information originate

Você está vulnerável a DNS cache-poisoning?

Qual é a versão do seu BIND?

Vulnerabilidades no DNS

Cisco IOS 12.4(20)T e 12.4(15)T

"Troca de placa remota" no Cisco IOS

Rcat Tool

NANOG 43 - Brooklyn, NY

Shmoocon 2008: Vídeos Disponíveis

Perícia Forense em Web Browsers no GTER/GTS

iBGPlay "all'italiana"

Diminuindo o tempo de reboot do IOS

BGP, route servers e afins

Reunião do GTER/GTS, Salvador/Bahia

Como fazer o backup das configurações do PuTTY

Link: Undocumented Cisco Commands

Entendendo NAT em Roteadores Cisco

Um Pouco de História

NANOG 42 - Vídeos

Cisco IOS - Nomenclatura e Versões (Parte 2)

Cisco IOS - Nomenclatura e Versões (Parte 1)

Atualizações de Segurança da Cisco

AS17557 e o Youtube

Problema de filtragem por usuários no Checkpoint

Ferramentas GNU para Windows

Quebrando a Criptografia do HD

Path MTU Discovery (PMTUD)

NANOG 42

Explore outras máquinas da rede mais rapidamente

"Secure the Blessings of Liberty"

Elimine os arquivos thumbs.db do HD

Verificar Imagem do IOS com MD5

Otimizando switches multilayer

Agenda de Conferências de Segurança

Vulnerabilidade no Checkpoint SecureClient

BGP Multipath

Fazendo backup do WPA, para evitar a reativação do Windows

Um pouco de história - Cisco CLI

Comando Reload no Cisco IOS

GNS3

Welcome Back!

ICMP Type and Codes

ARP e ARP Flux

Check Point SPLAT Quick Tips

The day... the routers died

VPN Site-to-Site entre CheckPoint e Outros Fabricantes

CheckPoint: Limpando a tabela de NATs

Rancid e Fortinet

"Cisco comes back!"