An A-Z Index of Oracle SQL Commands (version 9.

2)
ANALYZE
AUDIT

CALL
Cluster - CREATE CLUSTER
- ALTER CLUSTER
- DROP CLUSTER
COMMENT
COMMIT
CONNECT
CONSTRAINT - Add / Enable
Context - CREATE CONTEXT
- DROP CONTEXT
Controlfile - CREATE CONTROLFILE

Database - CREATE DATABASE

- ALTER DATABASE
DELETE
DESCRIBE
Dimension - CREATE DIMENSION
- ALTER DIMENSION
- DROP DIMENSION
Directory - CREATE DIRECTORY
- DROP DIRECTORY

EXEC
EXECUTE IMMEDIATE
EXPLAIN PLAN

Function - CREATE FUNCTION

- ALTER FUNCTION
- DROP FUNCTION

GRANT

Index - CREATE INDEX

- ALTER INDEX
- DROP INDEX
Indextype - CREATE INDEXTYPE
- DROP INDEXTYPE
INSERT
INTERSECT

Java - CREATE JAVA

- ALTER JAVA
 - DROP JAVA

Library - CREATE LIBRARY

- DROP LIBRARY
Link - CREATE DATABASE LINK
- DROP DATABASE LINK
LOCK TABLE

Mview - CREATE MATERIALIZED VIEW

- ALTER MATERIALIZED VIEW
- DROP MATERIALIZED VIEW
- CREATE MATERIALIZED VIEW LOG
- ALTER MATERIALIZED VIEW LOG
- DROP MATERIALIZED VIEW LOG
MINUS

NOAUDIT

Operator - CREATE OPERATOR

- DROP OPERATOR
Outline - CREATE OUTLINE
- ALTER OUTLINE
- DROP OUTLINE

Package - CREATE PACKAGE/BODY

- ALTER PACKAGE
- DROP PACKAGE
Pfile - CREATE PFILE
Procedure - CREATE PROCEDURE
- ALTER PROCEDURE
- DROP PROCEDURE
Profile - CREATE PROFILE
- ALTER PROFILE
- DROP PROFILE

RECOVER
RENAME
Resource - ALTER RESOURCE COST
REVOKE
RMAN - Recovery Manager
Role - CREATE ROLE
- SET ROLE
- ALTER ROLE
- DROP ROLE
ROLLBACK
Rollback - CREATE ROLLBACK SEGMENT
- ALTER ROLLBACK SEGMENT
 - DROP ROLLBACK SEGMENT

SAVEPOINT
Schema - CREATE SCHEMA
SELECT
Sequence - CREATE SEQUENCE
- ALTER SEQUENCE
- DROP SEQUENCE
Session - ALTER SESSION
SHUTDOWN
SNAPSHOT
SPfile - CREATE SPFILE
STARTUP
Statistics - ASSOCIATE STATISTICS
- DISASSOCIATE STATISTICS
Synonym - CREATE SYNONYM
- DROP SYNONYM
System - ALTER SYSTEM

Table - CREATE TABLE

- ALTER TABLE
- DROP TABLE
Tablespace - CREATE TABLESPACE
- ALTER TABLESPACE
- DROP TABLESPACE
- CREATE TEMPORARY TABLESPACE
Transaction - SET TRANSACTION
Trigger - CREATE TRIGGER
- ALTER TRIGGER
- DROP TRIGGER
TRUNCATE
Type - CREATE TYPE
- ALTER TYPE
- DROP TYPE
- CREATE TYPE BODY
- DROP TYPE BODY

UPDATE
UNION
User - CREATE USER
- ALTER USER
- DROP USER

View - CREATE VIEW

- ALTER VIEW
- DROP VIEW
CALL
Execute a procedure or function from within SQL (may be used for both stored
rocedures/packages and standalone routines).

Syntax:

CALL [schema.] item_to_call

CALL [schema.] [package.] item_to_call [INTO

:host_variable [[INDICATOR] :indicator_var] ]

CALL [schema.] [type.] item_to_call [INTO :host_variable

[[INDICATOR] :indicator_var] ]
Key

item_to_call: function [@dblink] (expr,...)

procedure [@dblink] (expr,...)
method [@dblink] (expr,...)

indicator_var: The value or condition of the host

variable

Example

CALL place_order(453);

"Ever notice that 'What the hell' is always the right decision?" - Marilyn Monroe

key:

select_list
A comma-separated list of table columns (or expressions) eg:

column1, column2, column3

table.column1, table.column2
table.column1 Col_1_Alias, table.column2 Col_2_Alias
schema.table.column1 Col_1_Alias, schema.table.column2
Col_2_Alias
schema.table.*
*
expr1, expr2
(subquery [WITH READ ONLY | WITH CHECK OPTION [CONSTRAINT
constraint]])
In the above, 'table' may be replaced with view or snapshot.
Using the * expression will return all columns.
If a Column_Alias is specified this will appear as the column heading in SQL*Plus
output.

DISTINCT
Supress duplicate rows - display only the unique values.
Duplicate rows have matching values across every column (or expression) in the
select_list.

FROM table_list
Contains a list of the tables from which the result set data is retrieved.

[schema.]{table | view | snapshot}[@dblink] [t_alias]

When selecting from a table you can also specify Partition and/or Sample
clauses e.g.

[schema.]table [PARTITION (partition)] [SAMPLE

(sample_percent)]

If the SELECT statement involves more than one table, the FROM clause can
also contain join specifications (SQL1992 standard). Read more about joins.

WHERE search_conditions
A filter that defines the conditions each row in the source table(s) must meet to
qualify for the SELECT. Only rows that meet the conditions will be included in the
result set. The WHERE clause can also contain inner and outer join
specifications (SQL1989 standard). e.g.

WHERE tableA.column = tableB.column

WHERE tableA.column = tableB.column(+)
WHERE tableA.column(+) = tableB.column

GROUP BY group_by_list
The GROUP BY clause partitions the result set into groups.
The group_by_list may be one or more columns or expressions and may
optionally include the CUBE / ROLLUP keywords for creating crosstab results.

Heirarchical Queries
Any query that does *not* include a GROUP BY clause may include a
CONNECT BY heirarchy clause:

[START WITH condition] CONNECT BY condition

HAVING search_conditions
An additional filter - the HAVING clause acts as an additional filter to the
grouped result rows - as opposed to the WHERE clause that applies to
individual rows. The HAVING clause is most commonly used in conjunction with
a GROUP BY clause.

ORDER BY order_list [ ASC | DESC ] [ NULLS { FIRST | LAST } ]

The ORDER BY clause defines the order in which the rows in the result set are
sorted. order_list specifies the result set columns that make up the sort list. The
ASC and DESC keywords are used to specify if the rows are sorted ascending
(1...9 a...z) or descending (9...1 z...a).

You can sort by any column even if that column is not actually in the main
SELECT clause. If you do not include an ORDER BY clause then the order of the
result set rows will be unpredictable (random or quasi random).

FOR UPDATE options

This is often used within SL/SQL routines to lock the selected rows.
Oracle will wait for any locks to be released unless you specify NOWAIT

FOR UPDATE [OF [ [schema.]{table|view}.] column] [NOWAIT]

Undocumented syntax:

SELECT... FOR UPDATE SKIP LOCKED

Skip Locked will return all the 'non-locked' rows and lock them. While this syntax
can be used effectively, it is generally not a good idea to use it within an
application as undocumented syntax may be removed or changed in future
releases.

Writing a SELECT statement

The clauses (SELECT ... FROM ... WHERE ... HAVING ... ORDER BY ... ) must
be in this order.

The position of commas and semicolons is not forgiving.

Each expression must be unambiguous. In other words if two columns have the
same name, then either prefix the columns with the tablename (or use an alias).

SELECT DISTINCT
customer_id,
oi_ship_date
FROM
customers,
 order_items
WHERE
customers.customer_id = order_items.customer_id
AND order_items.oi_ship_date > '01-may-2001';

Table names may also be qualified with the schema name (if you are working
with multiple schema's)
e.g. scott.t_customers.customer_id

SQL statements can be simplified, and made more readable by assigning a table
alias (also known as a range variable or correlation name).

With a table alias the fully qualified name has to be specified only in the FROM
clause. All other table/view references then use the alias name. e.g.

SELECT DISTINCT
cst.customer_id,
ord.oi_ship_date
FROM
customers cst,
order_items ord
WHERE
cst.customer_id = ord.customer_id
AND ord.oi_ship_date > '01-may-2001';
OWNER
Owner of the view
VIEW_NAME
Name of the view
TEXT_LENGTH
Length of the view text
TEXT
View text
TYPE_TEXT_LENGTH
Length of the type clause of the object view
TYPE_TEXT
Type clause of the object view
OID_TEXT_LENGTH
Length of the WITH OBJECT OID clause of the object
view
OID_TEXT
WITH OBJECT OID clause of the object view
VIEW_TYPE_OWNER
Owner of the type of the view if the view is an
object view
VIEW_TYPE
Type of the view if the view is an object view
SUPERVIEW_NAME
 Name of the superif view is a subview
OWNER
Owner of the table
TABLE_NAME
Name of the table
TABLESPACE_NAME
Name of the tablespace containing the table
CLUSTER_NAME
Name of the cluster,if any,to which the table belongs
IOT_NAME
Name of the index-only table,if any,to which the
overflow or mapping table entry belongs
PCT_FREE
Minimum percentage of free space in a block
PCT_USED
Minimum percentage of used space in a block
INI_TRANS
Initial number of transactions
MAX_TRANS
Maximum number of transactions
INITIAL_EXTENT
Size of the initial extent in bytes
NEXT_EXTENT
Size of secondary extents in bytes
MIN_EXTENTS
Minimum number of extents allowed in the segment
MAX_EXTENTS
Maximum number of extents allowed in the segment
PCT_INCREASE
Percentage increase in extent size
FREELISTS
Number of process freelists allocated in this segment
FREELIST_GROUPS
Number of freelist groups allocated in this segment
LOGGING
Logging attribute
BACKED_UP
Has table been backed up since last modification?
NUM_ROWS
The number of rows in the table
BLOCKS
The number of used blocks in the table
EMPTY_BLOCKS
The number of empty (never used) blocks in the table
AVG_SPACE
The average available free space in the table
CHAIN_CNT
 The number of chained rows in the table
AVG_ROW_LEN
The average row length,including row overhead
AVG_SPACE_FREELIST_BLOCKS
The average freespace of all blocks on a freelist
NUM_FREELIST_BLOCKS
The number of blocks on the freelist
DEGREE
The number of threads per instance for scanning the
table
INSTANCES
The number of instances across which the table is to
be scanned
CACHE
Whether the table is to be cached in the buffer cache
TABLE_LOCK
Whether table locking is enabled or disabled
SAMPLE_SIZE
The sample size used in analyzing this table
LAST_ANALYZED
The date of the most recent time this table was
analyzed
PARTITIONED
Is this table partitioned? YES or NO
IOT_TYPE
If index-only table,then IOT_TYPE is IOT or
IOT_OVERFLOW or IOT_MAPPING else NULL
TEMPORARY
Can the current session only see data that it place
in this object itself?
SECONDARY
Is this table object created as part of icreate for
domain indexes?
NESTED
Is the table a nested table?
BUFFER_POOL
The default buffer pool to be used for table blocks
ROW_MOVEMENT
Whether partitioned row movement is enabled or
disabled
GLOBAL_STATS
Are the statistics calculated without merging
underlying partitions?
USER_STATS
Were the statistics entered directly by the user?
DURATION
 If temporary table,then duration is sys$session or
sys$transaction else NULL
SKIP_CORRUPT
Whether skip corrupt blocks is enabled or disabled
MONITORING
Should we keep track of the amount of modification?
CLUSTER_OWNER
Owner of the cluster,if any,to which the table
belongs
DEPENDENCIES
Should we keep track of row level dependencies?
__ __ ____ ___ _
| \/ |_ _/ ___| / _ \| |
| |\/| | | | \___ \| | | | |
| | | | |_| |___) | |_| | |___
|_| |_|\__, |____/ \__\_\_____|
|___/

Handy MySQL Commands

Description Command
To login (from
unix shell) use -h [mysql dir]/bin/mysql -h hostname -u root -p
only if needed.
Create a database
create database [databasename];
on the sql server.
List all databases
show databases;
on the sql server.
Switch to a
use [db name];
database.
To see all the
show tables;
tables in the db.
To see database's
describe [table name];
field formats.
To delete a db. drop database [database name];
To delete a table. drop table [table name];
Show all data in a
SELECT * FROM [table name];
table.
Returns the
columns and
column show columns from [table name];
information
pertaining to the
designated table.

Show certain
selected rows
SELECT * FROM [table name] WHERE [field name] = "whatever";
with the value
"whatever".

Show all records

containing the
SELECT * FROM [table name] WHERE name = "Bob" AND
name "Bob" AND
phone_number = '3444444';
the phone number
'3444444'.

Show all records

not containing the
name "Bob" AND
the phone number SELECT * FROM [table name] WHERE name != "Bob" AND
'3444444' order phone_number = '3444444' order by phone_number;
by the
phone_number
field.

Show all records

starting with the
SELECT * FROM [table name] WHERE name like "Bob%" AND
letters 'bob' AND
phone_number = '3444444';
the phone number
'3444444'.

Use a regular
expression to find
records. Use
"REGEXP
BINARY" to SELECT * FROM [table name] WHERE rec RLIKE "^a$";
force case-
sensitivity. This
finds any record
beginning with a.

Show unique
SELECT DISTINCT [column name] FROM [table name];
records.
Show selected SELECT [col1],[col2] FROM [table name] ORDER BY [col2]
records sorted in DESC;
an ascending
(asc) or
descending
(desc).
Count rows. SELECT COUNT(*) FROM [table name];

select lookup.illustrationid, lookup.personid,person.birthday from

Join tables on
lookup
common
left join person on lookup.personid=person.personid=statement to
columns.
join birthday in person table with primary illustration id;
Switch to the
INSERT INTO [table name] (Host,User,Password)
mysql db. Create
VALUES('%','user',PASSWORD('password'));
a new user.
Change a users
[mysql dir]/bin/mysqladmin -u root -h hostname.blah.org -p
password.(from
password 'new-password'
unix shell).
Change a users
SET PASSWORD FOR 'user'@'hostname' =
password.(from
PASSWORD('passwordhere');
MySQL prompt).
Switch to mysql
INSERT INTO [table name]
db.Give user
(Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Crea
privilages for a
te_priv,Drop_priv) VALUES ('%','db','user','Y','Y','Y','Y','Y','N');
db.
To update info UPDATE [table name] SET Select_priv = 'Y',Insert_priv =
already in a table. 'Y',Update_priv = 'Y' where [field name] = 'user';
Delete a row(s)
DELETE from [table name] where [field name] = 'whatever';
from a table.
Update database
permissions/privil FLUSH PRIVILEGES;
ages.
Delete a column. alter table [table name] drop column [column name];
Add a new alter table [table name] add column [new column name] varchar
column to db. (20);
Change column alter table [table name] change [old column name] [new column
name. name] varchar (50);
Make a unique
column so you alter table [table name] add unique ([column name]);
get no dupes.
Make a column
alter table [table name] modify [column name] VARCHAR(3);
bigger.
Delete unique alter table [table name] drop index [colmn name];
from table.
LOAD DATA INFILE '/tmp/filename.csv' replace INTO TABLE
Load a CSV file
[table name] FIELDS TERMINATED BY ',' LINES TERMINATED
into a table.
BY '\n' (field1,field2,field3);
Dump all
databases for
backup. Backup [mysql dir]/bin/mysqldump -u root -ppassword --opt
file is sql >/tmp/alldatabases.sql
commands to
recreate all db's.
Dump one
[mysql dir]/bin/mysqldump -u username -ppassword --databases
database for
databasename >/tmp/databasename.sql
backup.
Dump a table [mysql dir]/bin/mysqldump -c -u username -ppassword
from a database. databasename tablename > /tmp/databasename.tablename.sql
Restore database
(or database [mysql dir]/bin/mysql -u username -ppassword databasename <
table) from /tmp/databasename.sql
backup.
CREATE TABLE [table name] (firstname VARCHAR(20),
middleinitial VARCHAR(3), lastname VARCHAR(35),suffix
VARCHAR(3),
Create Table officeid VARCHAR(10),userid VARCHAR(15),username
Example 1. VARCHAR(8),email VARCHAR(35),phone VARCHAR(25),
groups
VARCHAR(15),datestamp DATE,timestamp time,pgpemail
VARCHAR(255));
create table [table name] (personid int(50) not null auto_increment
Create Table
primary key,firstname varchar(35),middlename varchar(50),lastname
Example 2.
varchar(50) default 'bato');

Network

IOS Commands

Privileged Mode
enable - get to privileged mode
disable - get to user mode
enable password <password_here> - sets privileged mode password
enable secret <password_here> - sets encrypted privileged mode password
 Setting Passwords
enable secret <password_here> - set encrypted password for privileged access
enable password <password_here> - set password for privileged access (used when there is
no enable secret and when using older software)
Set password for console access:
(config)#line console 0
(config-line)#login
(config-line)#password <password_here>
Set password for virtual terminal (telnet) access (password must be set to access router
through telnet):
(config)#line vty 0 4
(config-line)#login
(config-line)#password <password_here>
Set password for auxiliary (modem) access:
(config)#line aux 0
(config-line)#login
(config-line)#password <password_here>

Configuring the Router

sh running-config - details the running configuration file (RAM)
sh startup-config - displays the configuration stored in NVRAM
setup - Will start the the automatic setup; the same as when you first boot the
router
config t - use to execute configuration commands from the terminal
config mem - executes configuration commands stored in NVRAM; copies
startup-config to running-config
config net - used to retrieve configuration info from a TFTP server
copy running-config startup-config - copies saved config in running config (RAM) to
NVRAM or "write memory" for IOS under ver.11
copy startup-config running-config - copies from non-volatile (NVRAM) to
current running config (RAM)
boot system flash <filename_here> - tells router which IOS file in flash to boot
from
boot system tftp - tells router which IOS file on the tftp server to boot from
boot system rom - tell router to boot from ROM at next boot
copy flash tftp - Copies flash to tftp server
copy tftp flash - Restores flash from tftp server
copy run tftp - Copies the current running-config to tftp server
copy tftp run - Restores the running-config from tftp server

General Commands
no shutdown - (enables the interface)
reload - restarts the router
sh ver - Cisco IOS version, uptime of router, how the router started, where
system was loaded from, the interfaces the POST found, and the configuration
register
sh clock - shows date and time on router
sh history - shows the history of your commands
sh debug - shows all debugging that is currently enabled
 no debug all - turns off all debugging
sh users - shows users connected to router
sh protocols - shows which protocols are configured
banner motd # Your_message # - Set/change banner
hostname <router_name_here> - use to configure the hostname of the router
clear counters - clear interface counters

Processes & Statistics

sh processes - shows active processes running on router
sh process cpu - shows cpu statistics
sh mem - shows memory statistics
sh flash - describes the flash memory and displays the size of files and the
amount of free flash memory
sh buffers - displays statistics for router buffer pools; shows the size of the
Small, Middle, Big, Very Big, Large and Huge Buffers
sh stacks - shows reason for last reboot, monitors the stack use of processes
and interrupts routines

CDP Commands (Cisco Discovery Protocol uses layer 2 multicast over a SNAP-
capable link to send data):
sh cdp neighbor - shows directly connected neighbors
sh cdp int - shows which interfaces are running CDP
sh cdp int eth 0/0 - show CDP info for specific interface
sh cdp entry <cdp_neighbor_here> - shows CDP neighbor detail
cdp timer 120 - change how often CDP info is sent (default cdp timer is 60)
cp holdtime 240 - how long to wait before removing a CDP neighbor (default
CDP holdtime is 180)
sh cdp run - shows if CDP turned on
no cdp run - turns off CDP for entire router (global config)
no cdp enable - turns off CDP on specific interface

Miscellaneous Commands
sh controller t1 - shows status of T1 lines
sh controller serial 1 - use to determine if DCE or DTE device
(config-if)#clock rate 6400 - set clock on DCE (bits per second)
(config-if)#bandwidth 64 - set bandwidth (kilobits)

IP Commands
Configure IP on an interface:
int serial 0
ip address 157.89.1.3 255.255.0.0
int eth 0
ip address 2008.1.1.4 255.255.255.0
Other IP Commands:
sh ip route - view ip routing table
ip route <remote_network> <mask> <default_gateway>
 [administrative_distance] - configure a static IP route
ip route 0.0.0.0 0.0.0.0 <gateway_of_last_resort> - sets default gateway
ip classless - use with static routing to allow packets destined for
unrecognized subnets to use the best possible route
sh arp - view arp cache; shows MAC address of connected routers
ip address 2.2.2.2 255.255.255.0 secondary - configure a 2nd ip address on
an interface
sh ip protocol

IPX Commands
Enable IPX on router:
ipx routing
Configure IPX + IPX-RIP on an int:
int ser 0
ipx network 4A
Other Commands:
sh ipx route - shows IPX routing table
sh ipx int e0 - shows ipx address on int
sh ipx servers - shows SAP table
sh ipx traffic - view traffic statistics
debug ipx routing activity - debugs IPS RIP packets
debug ipx sap - debugs SAP packets

Routing Protocols
Configure RIP:
router rip
network 157.89.0.0
network 208.1.1.0
Other RIP Commands:
debug ip rip - view RIP debugging info
Configure IGRP:
router IGRP 200
network 157.89.0.0
network 208.1.1.0
Other IGRP Commands:
debug ip igrp events - view IGRP debugging info
debug ip igrp transactions - view IGRP debugging info

Access Lists (see notes below for details)

sh ip int ser 0 - use to view which IP access lists are applies to which int
sh ipx int ser 0 - use to view which IPX access lists are applies to which int
sh appletalk int ser 0 - use to view which AppleTalk access lists are applies to
which int
View access lists:
sh access-lists
sh ip access-lists
 sh ipx access-lists
sh appletalk access-lists
Apply standard IP access list to int eth 0:
access-list 1 deny 200.1.1.0 0.0.0.255
access-list 1 permit any
int eth 0
ip access-group 1 in
Apply Extended IP access list to int eth 0:
access-list 100 deny tcp host 1.1.1.1 host 2.2.2.2 eq 23
access-list 100 deny tcp 3.3.3.0 0.0.0.255 any eq 80
int eth 0
ip access-group 100 out
Apply Standard IPX access list to int eth 0:
access-list 800 deny 7a 8000
access-list 800 permit -1
int eth 0
ipx access-group 800 out
Apply Standard IPX access list to int eth 0:
access-list 900 deny sap any 3378 -1
access-list 900 permit sap any all -1
int eth 0
ipx access-group 900 out

Wan Configurations (see notes below for more details)

PPP Configuration
encapsulation ppp
ppp authentication <chap_or_pap_here>
ppp chap hostname <routername_here>
ppp pap sent-username <username_here>
sh int ser 0 - use to view encapsulation on the interface

Frame-Relay Configuration
encapsulation frame-relay ietf - use IETF when setting up a frame-relay
network between a Cisco router and a non-Cisco router
frame-relay lmi-type ansi - LMI types are Cisco, ANSI, Q933A; Cisco is the
default; LMI type is auto-sensed in IOS v11.2 and up
frame-relay map ip 3.3.3.3 100 broadcast - if inverse ARP won't work, map
Other IP to Your DLCI # (local)
keepalive 10 - use to set keepalive
sh int ser 0 - use to show DLCI, LMI, and encapsulation info
sh frame-relay pvc - shows the configured DLCI's; shows PVC traffic stats
sh frame-relay map - shows route maps
sh frame-relay lmi - shows LMI info
 Keyboard Shortcuts
CTRL-P - show previous command
CTRL-N - show next command
SHIFT-CTRL-6 - Break

Notes

Static and Dynamic Routing

Static Routing - manually assigned by the Admin user entering the routes
(Routed Protocols - IP, IPX and AppleTalk)
Dynamic Routing - generated/determined by a Routing Protocol (Routing
Protocols - RIP I, RIP II, IGRP, EIGRP, OSPF, NLSP, RTMP)

Dynamic
1) With Dynamic Routing, routers pass information between each other so that
routing tables are regularly maintained.
2) The routers then determine the correct paths packets should take to reach
their destinations.
3) Information is passed only between routers.
4) A routing domain is called an Autonomous System, as it is a portion of the
Internetwork under common admin authority.
5) Consists of routers that share information over the same protocol. Can be split
into routing areas.

Distance Vector and Link-State Routing

Routing Protocols
I) Interior (within an autonomous system - AS - group of routers under the same
administrative authority)
a) Distance Vector - understands the direction and distance to any network
connection on the internetwork. Knows how
many hops (the metric) to get there. All routers w/in the internetwork listen for
messages from other routers, which are sent
every 30 to 90 seconds. They pass their entire routing tables. Uses hop count
for measurement. 1) Used in smaller networks
that are have fewer than 100 routers. 2) Easy to configure and use. 3) As
routers increase in number, you need to consider
 CPU utilization, convergence time, and bandwidth utilization. 4) Convergence
is due to routing updates at set intervals. 5) When
a router recognizes a change it updates the routing table and sends the whole
table to all of its neighbors.
1) RIP - 15 hop count max
2) IGRP - 255 hop count max, uses reliability factor (255 optimal), and
bandwidth
3) RTMP
b) Link State - understands the entire network, and does not use secondhand
information. Routers exchange LSP?s (hello
packets). Each router builds a topographical view of the network, then uses
SPF (shortest path first) algorithm to determine the
best route. Changes in topology can be sent out immediately, so convergence
can be quicker. Uses Bandwidth, congestion for measurement; Dijkstra's
algorithm;
1) Maintains Topology Database. 2) Routers have formal neighbor
relationship. 3) Exchanges LSA (Link State Advertisement) or
hello packets with directly connected interfaces. 4) These are exchanged at
short intervals (typically 10 sec). 5) Only new info is
exchanged. 6) Scales well, however link?state protocols are more complex. 7)
Requires more processing power, memory, and bandwidth.
1) OSPF - decisions based on cost of route (metric limit of 65,535)
2) EIGRP - hybrid protocol (both Distance-Vector and Link State), Cisco
proprietary
3) NLSP
4) IS-IS
II) Exterior
1) EGP (Exterior Gateway Protocol)
2) BGP (Border Gateway Protocol)

Routing Protocols used for each Routed Protocol

IP - RIP, IGRP, OSPF, IS-IS, EIGRP
IPX - IPX RIP, NLSP, EIGRP
AppleTalk - RTMP, AURP, EIGRP

Problems with Routing Protocols

1) Routing Loops - occur when routing tables are not updated fast enough when
one of the networks becomes unreachable. Due to the slow convergence
(updates of routing table between all routers), some routers will end up with
incorrect routing table and will broadcast that routing table to other routers. This
incorrect routing tables will cause packets to travel repeatedly in circles.
2) Counting to infinity - occurs when packets end up in a routing loop; hop
count increases with every pass through a router on the network

Solutions to Problems with Routing Protocols

 1) Define the maximum number of hops - When the number of hops reaches
this predefined value, the distance is considered infinite, thus the network is
considered unreachable. This does stop routing loops, but only limit the time that
packet can travel inside the loop.
2) Split horizon - The packets can not be sent back to the same interface that
they originally came from. During the updates, one router does not send updates
to the router that it received the information from.
3) Route poisoning - The router sets the cost/distance of routes that are
unreachable to infinity. Used with hold-down timers
4) Triggered updates - The router sends updates of the routing table as soon as
it detects changes in the network. Does not wait for the prescribed time to
expire.
5) Hold-Downs - After the router detects unreachable network, the routers waits
for a specified time before announcing that a network is unreachable. The router
will also wait for a period of time before it updates its routing table after it detects
that another router came online (Router keeps an entry for the network possibly
down state, allowing time for other routers to re-compute for this topology
change). Hold-downs can only partially prevent counting to infinity problem.
Prevents routes from changing too rapidly in order to determine if a link has really
failed, or is back up

Encapsulation Types

Encapsulation
802.2 sap
802.3 novell-ether
Ethernet arpa (Internet
II Standard)
Snap snap

Wan Service Providers

1) Customer premises equipment (CPE) - Devices physically located at
subscriber?s location; examples: CSU/DSU, modem, wiring on the customer's
location
2) Demarcation (or demarc) - The place where the CPE ends and the local loop
portion of the service begins. (Usually in the "phone closet").
3) Local loop - Cabling from the demarc into the WAN service provider?s central
office; wiring from customer's location to the nearest CO
4) Central Office switch (CO) - Switching facility that provides the nearest point
of presence for the provider?s WAN service; location of telephone company's
equipment where the phone line connects to the high speed line (trunk); Regional
Telco Office where the local loop terminates (the Telco location nearest you)
5) Toll network - The switches and facilities, (trunks), inside the WAN provider?s
 "cloud."

DTE - the router side and receive clocking

DCE - the CSU/DSU side and provide clocking

WAN Devices
Routers - Offer both internetwork and WAN interface controls
ATM Switches - High-speed cell switching between both LANs and WANs
X.25 and Frame-Relay Switches - Connect private data over public circuits
using digital signals
Modems - Connect private data over public telephone circuits using analog
signals
CSU/DSU (Channel Service Units/Data Service Units) - Customer Premises
Equipment (CPE) which is used to terminate a digital circuit at the customer site
Communication Servers - Dial in/out servers that allow dialing in from remote
locations and attach to the LAN
Multiplexors - Device that allows more than one signal to be sent out
simultaneously over one physical circuit

ISDN
ISDN BRI (Basic Rate Interface) - 2 64K B channels, plus 1 16K D channel
ISDN PRI (Primary Rate Interface) - 23 64K B channels, plus 1 64K D channel
(North America & Japan), 30 64K B channels, plus 1 64K D channel (Europe &
Australia)

Classful and Classless Protocols

Classful - summarizes routing info by major network numbers; ex. RIP, IGRP
Classless - BGP, OSPF

Administrative Distances for IP Routes

Administrative Distances are configured using ip route command:
Example:
ip route 154.4.55.0 255.255.255.0 195.23.55.1 85 (where 85 is the
administrative distance)
Administrative
IP Route
Distance
Directly
connected 0
interface
Static
route
using 0
connected
interface
Static
route
1
using IP
address
EIGRP
summary 5
route
External
BGP 20
route
Internal
EIGRP 90
route
IGRP
100
route
OSPF
110
route
IS-IS
115
route
RIP route 120
EGP
140
route
External
EIGRP 170
route
Internal
BGP 200
route
Route of
unknown 255
origin

Switching Terminology
Store-and-Forward ? copies entire frame into buffer, checks for CRC errors
before forwarding. Higher latency.
Cut-Through ? reads only the destination address into buffer, and forwards
immediately; Low latency; "wire-speed"
 Fragment free ? modified form of cut-through; switch will read into the first 64
bytes before forwarding the frame. Collisions will usually occur within the first 64
bytes. (default for 1900 series).

Access Lists

1-99 IP Standard Access List

100-199 IP Extended Access List
200-299 Protocol Type-code Access List
300-399 DECnet Access List
600-699 Appletalk Access List
700-799 48-bit MAC Address Access List
800-899 IPX Standard Access List
900-999 IPX Extended Access List
1000-1099 IPX SAP Access List
1100-1199 Extended 48-bit MAC Address Access List
1200-1299 IPX Summary Address Access List

Access Wildcard
Filters Additional Notes
List Masks

To put
Wildcard mask
simply,
examples:
when the IP
0.0.0.0=entire address
Source IP is broken
must match.
address down to
Standard 0.255.255.255=only
field in the binary, the
IP the first octet must
packet's IP 1's allow
match, the rest will
header everything
allow everything.
and the 0's
255.255.255.255=allow
must match
everything
exactly.

Source IP
or The key word ANY
Destination implies any IP value is
Extended Same as
IP, or TCP allowed, the keyword
IP standard
or UDP HOST implies the IP
Source or exactly has to match
Destination
 Ports, or
Protocol

Packets
sent by
clients and Configured
servers, as a
-1 means any and all
Standard and SAP hexadecimal
network numbers (
IPX updates number
works like ANY)
sent by instead of
servers binary
and
routers

Source
Network or
Node, or Match
Destination multiple
Network or networks The most practical use
Extended
Node, or with one of the protocol type is
IPX
IPX statement, for NetBIOS
Protocol, again in
or IPX hexadecimal
Socket, or
SAP

Sent and Updates its own SAP

SAP received N/A tables. Again uses -1
SAP traffic to mean "ANY"

Troubleshooting Tools:

Ping Results

! success
, timeout
destination
U
unreachable
unknown
?
packet type
& TTL
 exceeded

Traceroute Results

router rec'd,
but didn't
!H forward
because of
access-list
protocol
P
unreachable
network
N
unreachable
port
U
unreachable
, timeout

Accessing Router with Terminal Emulation

Using HyperTerminal on a Windows machine adjust the following settings:
VT100 Emulation
Connection Speed: 9600 Baud
Data Bits: 8
Parity: None
Stop Bits: 1
Flow Control: None
On a Linux machine you may use Seyon or Minicom (at least one should come
with your distribution).

Router Startup Sequence

POST
Bootstrap program loaded from ROM
IOS is loaded from either flash (default), TFTP, or ROM
IOS image loaded into low-addressed memory; hardware and software is
determined
Config file is load from NVRAM; if no configuration exists in NVRAM, the initial
configuration dialog will begin
 Miscellaneous Notes
Multiple Loop Problems ? complex topology can cause multiple loops to occur.
Layer 2 has no mechanism to stop the loop. This is the main reason for Spanning
? Tree Protocol.

Spanning-Tree Protocol (STP) IEEE 802.1d. ? developed to prevent routing

loops; uses STA (Spanning-Tree Algorithm) to calculate a loop-free network
topology; allows redundant paths without suffering the effects of loops in the
network

Virtual LAN?s (VLAN's) ? sets different ports on a switch to be part of different

sub-networks. Some benefits: simplify moves, adds, changes; reduce
administrative costs; have better control of broadcasts; tighten security; and
distribute load. Relocate the server into a secured location.

HDLC (High-Level Data Link Control) - Link layer protocol for Serial links.
Cisco Default. Supports the following modes: Normal Response Mode ? as per
Secondary under SDLC; Asynchronous Response Mode allows secondary to
communicate without permission; Asynchronous Balanced mode combines the
two stations. Has lower overhead than LAPB but less error checking.

Modular Switch/VIP Syntax

type slot/port (example: e 2/1)
type slot/port-adapter/port (example: e 2/0/1)

_____ ____ ____ _____ ____

|_ _/ ___| _ \ / /_ _| _ \
| || | | |_) / / | || |_) |
| || |___| __/ / | || __/
|_| \____|_| /_/ |___|_|

Common Ports

This file was taken from the IANA website. It is a list of the well known port numbers.

# /etc/services:
# $Id: services,v 1.4 1997/05/20 19:41:21 tobias Exp $
#
# Network services, Internet style
#
# Note that it is presently the policy of IANA to assign a single well-
known
# port number for both TCP and UDP; hence, most entries here have two
entries
# even if the protocol doesn't support UDP operations.
# Updated from RFC 1700, ``Assigned Numbers'' (October 1994). Not all
ports
# are included, only the more common ones.

tcpmux 1/tcp # TCP port service

multiplexer
echo 7/tcp
echo 7/udp
discard 9/tcp sink null
discard 9/udp sink null
systat 11/tcp users
daytime 13/tcp
daytime 13/udp
netstat 15/tcp
qotd 17/tcp quote
msp 18/tcp # message send protocol
msp 18/udp # message send protocol
chargen 19/tcp ttytst source
chargen 19/udp ttytst source
ftp-data 20/tcp
ftp 21/tcp
fsp 21/udp fspd
ssh 22/tcp # SSH Remote Login
Protocol
ssh 22/udp # SSH Remote Login
Protocol
telnet 23/tcp
# 24 - private
smtp 25/tcp mail
# 26 - unassigned
time 37/tcp timserver
time 37/udp timserver
rlp 39/udp resource # resource location
nameserver 42/tcp name # IEN 116
whois 43/tcp nicname
re-mail-ck 50/tcp # Remote Mail Checking
Protocol
re-mail-ck 50/udp # Remote Mail Checking
Protocol
domain 53/tcp nameserver # name-domain server
domain 53/udp nameserver
mtp 57/tcp # deprecated
bootps 67/tcp # BOOTP server
bootps 67/udp
bootpc 68/tcp # BOOTP client
bootpc 68/udp
tftp 69/udp
gopher 70/tcp # Internet Gopher
gopher 70/udp
rje 77/tcp netrjs
finger 79/tcp
www 80/tcp http # WorldWideWeb HTTP
www 80/udp # HyperText Transfer
Protocol
link 87/tcp ttylink
kerberos 88/tcp kerberos5 krb5 kerberos-sec # Kerberos
v5
kerberos 88/udp kerberos5 krb5 kerberos-sec # Kerberos
v5
supdup 95/tcp
# 100 - reserved
hostnames 101/tcp hostname # usually from sri-nic
iso-tsap 102/tcp tsap # part of ISODE.
csnet-ns 105/tcp cso-ns # also used by CSO name
server
csnet-ns 105/udp cso-ns
# unfortunately the poppassd (Eudora) uses a port which has already
# been assigned to a different service. We list the poppassd as an
# alias here. This should work for programs asking for this service.
# (due to a bug in inetd the 3com-tsmux line is disabled)
#3com-tsmux 106/tcp poppassd
#3com-tsmux 106/udp poppassd
rtelnet 107/tcp # Remote Telnet
rtelnet 107/udp
pop2 109/tcp postoffice pop-2 # POP version 2
pop2 109/udp pop-2
pop3 110/tcp pop-3 # POP version 3
pop3 110/udp pop-3
sunrpc 111/tcp portmapper # RPC 4.0 portmapper TCP
sunrpc 111/udp portmapper # RPC 4.0 portmapper UDP
auth 113/tcp authentication tap ident
sftp 115/tcp
uucp-path 117/tcp
nntp 119/tcp readnews untp # USENET News Transfer
Protocol
ntp 123/tcp
ntp 123/udp # Network Time Protocol
pwdgen 129/tcp # PWDGEN service
pwdgen 129/udp # PWDGEN service
netbios-ns 137/tcp # NETBIOS Name Service
netbios-ns 137/udp
netbios-dgm 138/tcp # NETBIOS Datagram Service
netbios-dgm 138/udp
netbios-ssn 139/tcp # NETBIOS session service
netbios-ssn 139/udp
imap2 143/tcp imap # Interim Mail Access
Proto v2
imap2 143/udp imap
snmp 161/udp # Simple Net Mgmt Proto
snmp-trap 162/udp snmptrap # Traps for SNMP
cmip-man 163/tcp # ISO mgmt over IP (CMOT)
cmip-man 163/udp
cmip-agent 164/tcp
cmip-agent 164/udp
mailq 174/tcp # Mailer transport queue
for Zmailer
mailq 174/udp # Mailer transport queue
for Zmailer
xdmcp 177/tcp # X Display Mgr. Control
Proto
xdmcp 177/udp
nextstep 178/tcp NeXTStep NextStep # NeXTStep window
nextstep 178/udp NeXTStep NextStep # server
bgp 179/tcp # Border Gateway Proto.
bgp 179/udp
prospero 191/tcp # Cliff Neuman's Prospero
prospero 191/udp
irc 194/tcp # Internet Relay Chat
irc 194/udp
smux 199/tcp # SNMP Unix Multiplexer
smux 199/udp
at-rtmp 201/tcp # AppleTalk routing
at-rtmp 201/udp
at-nbp 202/tcp # AppleTalk name binding
at-nbp 202/udp
at-echo 204/tcp # AppleTalk echo
at-echo 204/udp
at-zis 206/tcp # AppleTalk zone
information
at-zis 206/udp
qmtp 209/tcp # The Quick Mail Transfer
Protocol
qmtp 209/udp # The Quick Mail Transfer
Protocol
z3950 210/tcp wais # NISO Z39.50 database
z3950 210/udp wais
ipx 213/tcp # IPX
ipx 213/udp
imap3 220/tcp # Interactive Mail Access
imap3 220/udp # Protocol v3
rpc2portmap 369/tcp
rpc2portmap 369/udp # Coda portmapper
codaauth2 370/tcp
codaauth2 370/udp # Coda authentication
server
ulistserv 372/tcp # UNIX Listserv
ulistserv 372/udp
ldap 389/tcp # Lightweight Directory
Access Protocol
ldap 389/udp # Lightweight Directory
Access Protocol
https 443/tcp # MCom
https 443/udp # MCom
snpp 444/tcp # Simple Network Paging
Protocol
snpp 444/udp # Simple Network Paging
Protocol
saft 487/tcp # Simple Asynchronous File
Transfer
saft 487/udp # Simple Asynchronous File
Transfer
npmp-local 610/tcp dqs313_qmaster # npmp-local / DQS
npmp-local 610/udp dqs313_qmaster # npmp-local / DQS
npmp-gui 611/tcp dqs313_execd # npmp-gui / DQS
npmp-gui 611/udp dqs313_execd # npmp-gui / DQS
hmmp-ind 612/tcp dqs313_intercell# HMMP Indication / DQS
hmmp-ind 612/udp dqs313_intercell# HMMP Indication / DQS
ipp 631/tcp # Internet Printing
Protocol
ipp 631/udp # Internet Printing
Protocol
#
# UNIX specific services
#
exec 512/tcp
biff 512/udp comsat
login 513/tcp
who 513/udp whod
shell 514/tcp cmd # no passwords used
syslog 514/udp
printer 515/tcp spooler # line printer spooler
talk 517/udp
ntalk 518/udp
route 520/udp router routed # RIP
timed 525/udp timeserver
tempo 526/tcp newdate
courier 530/tcp rpc
conference 531/tcp chat
netnews 532/tcp readnews
netwall 533/udp # -for emergency
broadcasts
gdomap 538/tcp # GNUstep distributed
objects
gdomap 538/udp # GNUstep distributed
objects
uucp 540/tcp uucpd # uucp daemon
afpovertcp 548/tcp # AFP over TCP
afpovertcp 548/udp # AFP over TCP
remotefs 556/tcp rfs_server rfs # Brunhoff remote
filesystem
klogin 543/tcp # Kerberized `rlogin' (v5)
kshell 544/tcp krcmd # Kerberized `rsh' (v5)
nntps 563/tcp snntp # NNTP over SSL
nntps 563/udp snntp # NNTP over SSL
ldaps 636/tcp # LDAP over SSL
ldaps 636/udp # LDAP over SSL
tinc 655/tcp # tinc control port
tinc 655/udp # tinc packet port
kerberos-adm 749/tcp # Kerberos `kadmin' (v5)
#
webster 765/tcp # Network dictionary
webster 765/udp
rsync 873/tcp # rsync
rsync 873/udp # rsync
ftps-data 989/tcp # FTP over SSL (data)
ftps 990/tcp # FTP over SSL
telnets 992/tcp # Telnet over SSL
telnets 992/udp # Telnet over SSL
imaps 993/tcp # IMAP over SSL
imaps 993/udp # IMAP over SSL
ircs 994/tcp # IRC over SSL
ircs 994/udp # IRC over SSL
pop3s 995/tcp # POP-3 over SSL
pop3s 995/udp # POP-3 over SSL
#
# From ``Assigned Numbers'':
#
#> The Registered Ports are not controlled by the IANA and on most
systems
#> can be used by ordinary user processes or programs executed by
ordinary
#> users.
#
#> Ports are used in the TCP [45,106] to name the ends of logical
#> connections which carry long term conversations. For the purpose of
#> providing services to unknown callers, a service contact port is
#> defined. This list specifies the port used by the server process as
its
#> contact port. While the IANA can not control uses of these ports it
#> does register or list uses of these ports as a convienence to the
#> community.
#
socks 1080/tcp # socks proxy server
socks 1080/udp # socks proxy server
lotusnote 1352/tcp lotusnotes # Lotus Note
lotusnote 1352/udp lotusnotes # Lotus Note
ingreslock 1524/tcp
ingreslock 1524/udp
prospero-np 1525/tcp # Prospero non-privileged
prospero-np 1525/udp
datametrics 1645/tcp old-radius # datametrics / old radius
entry
datametrics 1645/udp old-radius # datametrics / old radius
entry
sa-msg-port 1646/tcp old-radacct # sa-msg-port / old
radacct entry
sa-msg-port 1646/udp old-radacct # sa-msg-port / old
radacct entry
radius 1812/tcp # Radius
radius 1812/udp # Radius
radius-acct 1813/tcp radacct # Radius Accounting
radius-acct 1813/udp radacct # Radius Accounting
rtcm-sc104 2101/tcp # RTCM SC-104 IANA 1/29/99
rtcm-sc104 2101/udp # RTCM SC-104 IANA 1/29/99
cvspserver 2401/tcp # CVS client/server
operations
cvspserver 2401/udp # CVS client/server
operations
venus 2430/tcp # codacon port
venus 2430/udp # Venus callback/wbc
interface
venus-se 2431/tcp # tcp side effects
venus-se 2431/udp # udp sftp side effect
codasrv 2432/tcp # not used
codasrv 2432/udp # server port
codasrv-se 2433/tcp # tcp side effects
codasrv-se 2433/udp # udp sftp side effect
mon 2583/tcp # MON
mon 2583/udp # MON
dict 2628/tcp # Dictionary server
dict 2628/udp # Dictionary server
gds_db 3050/tcp # InterBase server
gds_db 3050/udp # InterBase server
icpv2 3130/tcp icp # Internet Cache Protocol
(Squid)
icpv2 3130/udp icp # Internet Cache Protocol
(Squid)
mysql 3306/tcp # MySQL
mysql 3306/udp # MySQL
rfe 5002/tcp # Radio Free Ethernet
rfe 5002/udp # Actually uses UDP only
cfengine 5308/tcp # CFengine
cfengine 5308/udp # CFengine
x11 6000/tcp x11-0 # X windows system
x11 6000/udp x11-0 # X windows system
x11-1 6001/tcp # X windows system
x11-1 6001/udp # X windows system
x11-2 6002/tcp # X windows system
x11-2 6002/udp # X windows system
x11-3 6003/tcp # X windows system
x11-3 6003/udp # X windows system
x11-4 6004/tcp # X windows system
x11-4 6004/udp # X windows system
x11-5 6005/tcp # X windows system
x11-5 6005/udp # X windows system
x11-6 6006/tcp # X windows system
x11-6 6006/udp # X windows system
x11-7 6007/tcp # X windows system
x11-7 6007/udp # X windows system
afs3-fileserver 7000/tcp bbs # file server itself
afs3-fileserver 7000/udp bbs # file server itself
afs3-callback 7001/tcp # callbacks to cache
managers
afs3-callback 7001/udp # callbacks to cache
managers
afs3-prserver 7002/tcp # users & groups database
afs3-prserver 7002/udp # users & groups database
afs3-vlserver 7003/tcp # volume location database
afs3-vlserver 7003/udp # volume location database
afs3-kaserver 7004/tcp # AFS/Kerberos
authentication
afs3-kaserver 7004/udp # AFS/Kerberos
authentication
afs3-volser 7005/tcp # volume managment server
afs3-volser 7005/udp # volume managment server
afs3-errors 7006/tcp # error interpretation
service
afs3-errors 7006/udp # error interpretation
service
afs3-bos 7007/tcp # basic overseer process
afs3-bos 7007/udp # basic overseer process
afs3-update 7008/tcp # server-to-server updater
afs3-update 7008/udp # server-to-server updater
afs3-rmtsys 7009/tcp # remote cache manager
service
afs3-rmtsys 7009/udp # remote cache manager
service
font-service 7100/tcp xfs # X Font Service
font-service 7100/udp xfs # X Font Service
wnn6 22273/tcp # wnn6
wnn6 22273/udp # wnn6

#======================================================================
===
# The remaining port numbers are not as allocated by IANA.
#
# Kerberos (Project Athena/MIT) services
# Note that these are for Kerberos v4, and are unofficial. Sites
running
# v4 should uncomment these and comment out the v5 entries above.
#
kerberos4 750/udp kerberos-iv kdc # Kerberos (server) udp
kerberos4 750/tcp kerberos-iv kdc # Kerberos (server) tcp
kerberos_master 751/udp # Kerberos authentication
kerberos_master 751/tcp # Kerberos authentication
passwd_server 752/udp # Kerberos passwd server
krb_prop 754/tcp # Kerberos slave
propagation
krbupdate 760/tcp kreg # Kerberos registration
kpasswd 761/tcp kpwd # Kerberos "passwd"
swat 901/tcp # swat
kpop 1109/tcp # Pop with Kerberos
knetd 2053/tcp # Kerberos de-multiplexor
zephyr-srv 2102/udp # Zephyr server
zephyr-clt 2103/udp # Zephyr serv-hm
connection
zephyr-hm 2104/udp # Zephyr hostmanager
eklogin 2105/tcp # Kerberos encrypted
rlogin
# Hmmm. Are we using Kv4 or Kv5 now? Worrying.
# The following is probably Kerberos v5 --- ajt@debian.org
(11/02/2000)
kx 2111/tcp # X over Kerberos
#
# Unofficial but necessary (for NetBSD) services
#
supfilesrv 871/tcp # SUP server
supfiledbg 1127/tcp # SUP debugging
#
# Datagram Delivery Protocol services
#
rtmp 1/ddp # Routing Table
Maintenance Protocol
nbp 2/ddp # Name Binding Protocol
echo 4/ddp # AppleTalk Echo Protocol
zip 6/ddp # Zone Information
Protocol
#
# Services added for the Debian GNU/Linux distribution
#
linuxconf 98/tcp # LinuxConf
poppassd 106/tcp # Eudora
poppassd 106/udp # Eudora
imsp 406/tcp # Interactive Mail Support
Protocol
imsp 406/udp # Interactive Mail Support
Protocol
ssmtp 465/tcp smtps # SMTP over SSL
nqs 607/tcp # Network Queuing system
moira_db 775/tcp # Moira database
moira_update 777/tcp # Moira update protocol.
moira_ureg 779/udp # Moira user registration.
omirr 808/tcp omirrd # online mirror
omirr 808/udp omirrd # online mirror
customs 1001/tcp # pmake customs server
customs 1001/udp # pmake customs server
rmiregistry 1099/tcp # Java RMI Registry
skkserv 1178/tcp # skk jisho server port
predict 1210/udp # predict -- satellite
tracking
rmtcfg 1236/tcp # Gracilis Packeten remote
config server
xtel 1313/tcp # french minitel
xtelw 1314/tcp # french minitel
support 1529/tcp # GNATS
sieve 2000/tcp # Sieve mail filter daemon
cfinger 2003/tcp lmtp # GNU Finger / Local Mail
Transfer Protocol
ndtp 2010/tcp # Network dictionary
transfer protocol
ninstall 2150/tcp # ninstall service
ninstall 2150/udp # ninstall service
zebrasrv 2600/tcp # zebra service
zebra 2601/tcp # zebra vty
ripd 2602/tcp # RIPd vty
ripngd 2603/tcp # RIPngd vty
ospfd 2604/tcp # OSPFd vty
bgpd 2605/tcp # BGPd vty
ospf6d 2606/tcp # OSPF6d vty
afbackup 2988/tcp # Afbackup system
afbackup 2988/udp # Afbackup system
afmbackup 2989/tcp # Afmbackup system
afmbackup 2989/udp # Afmbackup system
xtell 4224/tcp # xtell server
fax 4557/tcp # FAX transmission service
(old)
hylafax 4559/tcp # HylaFAX client-server
protocol (new)
pcrd 5151/tcp # PCR-1000 Daemon
noclog 5354/tcp # noclogd with TCP (nocol)
noclog 5354/udp # noclogd with UDP (nocol)
hostmon 5355/tcp # hostmon uses TCP (nocol)
hostmon 5355/udp # hostmon uses UDP (nocol)
postgres 5432/tcp # POSTGRES
postgres 5432/udp # POSTGRES
mrtd 5674/tcp # MRT Routing Daemon
bgpsim 5675/tcp # MRT Routing Simulator
canna 5680/tcp # cannaserver
sane 6566/tcp saned # SANE network scanner
daemon
ircd 6667/tcp # Internet Relay Chat
ircd 6667/udp # Internet Relay Chat
ircd-dalnet 7000/tcp # IRC - Dalnet
ircd-dalnet 7000/udp # IRC - Dalnet
webcache 8080/tcp # WWW caching service
webcache 8080/udp # WWW caching service
tproxy 8081/tcp # Transparent Proxy
tproxy 8081/udp # Transparent Proxy
omniorb 8088/tcp # OmniORB
omniorb 8088/udp # OmniORB
mandelspawn 9359/udp mandelbrot # network mandelbrot
amanda 10080/udp # amanda backup services
kamanda 10081/tcp # amanda backup services
(Kerberos)
kamanda 10081/udp # amanda backup services
(Kerberos)
amandaidx 10082/tcp # amanda backup services
amidxtape 10083/tcp # amanda backup services
smsqp 11201/tcp # Alamin SMS gateway
smsqp 11201/udp # Alamin SMS gateway
xpilot 15345/tcp # XPilot Contact Port
xpilot 15345/udp # XPilot Contact Port
isdnlog 20011/tcp # isdn logging system
isdnlog 20011/udp # isdn logging system
vboxd 20012/tcp # voice box system
vboxd 20012/udp # voice box system
binkp 24554/tcp # Binkley
binkp 24554/udp # Binkley
asp 27374/tcp # Address Search Protocol
asp 27374/udp # Address Search Protocol
dircproxy 57000/tcp # Detachable IRC Proxy
tfido 60177/tcp # Ifmail
tfido 60177/udp # Ifmail
fido 60179/tcp # Ifmail
fido 60179/udp # Ifmail

|_ _/ ___| _ \ / /_ _| _ \
| || | | |_) / / | || |_) |
| || |___| __/ / | || __/
|_| \____|_| /_/ |___|_|

Internet Protocol (IPv4) Subnet Chart

For more information on subnetting, see RFC 1817 and RFC 1812.

Class address ranges:

 • Class A = 1.0.0.0 to 126.0.0.0
• Class B = 128.0.0.0 to 191.255.0.0
• Class C = 192.0.1.0 to 223.255.255.0

Reserved address ranges for private (non-routed) use (see RFC 1918):

• 10.0.0.0 -> 10.255.255.255

• 172.16.0.0 -> 172.31.255.255
• 192.168.0.0 -> 192.168.255.255

Other reserved addresses:

• 127.0.0.0 is reserved for loopback and IPC on the local host

• 224.0.0.0 -> 239.255.255.255 is reserved for multicast addresses

Chart notes:

• Number of Subnets - "( )" Refers to the number of effective subnets, since the use
of subnet numbers of all 0s or all 1s is highly frowned upon and RFC non-
compliant.
• Number of Hosts - Refers to the number of effective hosts, excluding the network
and broadcast address.

Class A

Network Bits Subnet Mask Number of Subnets Number of Hosts

/8 255.0.0.0 0 16777214

/9 255.128.0.0 2 (0) 8388606

/10 255.192.0.0 4 (2) 4194302

/11 255.224.0.0 8 (6) 2097150

/12 255.240.0.0 16 (14) 1048574

/13 255.248.0.0 32 (30) 524286

/14 255.252.0.0 64 (62) 262142

/15 255.254.0.0 128 (126) 131070

/16 255.255.0.0 256 (254) 65534

/17 255.255.128.0 512 (510) 32766

/18 255.255.192.0 1024 (1022) 16382

/19 255.255.224.0 2048 (2046) 8190

/20 255.255.240.0 4096 (4094) 4094

/21 255.255.248.0 8192 (8190) 2046

/22 255.255.252.0 16384 (16382) 1022

/23 255.255.254.0 32768 (32766) 510

/24 255.255.255.0 65536 (65534) 254

/25 255.255.255.128 131072 (131070) 126

/26 255.255.255.192 262144 (262142) 62

/27 255.255.255.224 524288 (524286) 30

/28 255.255.255.240 1048576 (1048574) 14

/29 255.255.255.248 2097152 (2097150) 6

/30 255.255.255.252 4194304 (4194302) 2

Class B

Network Bits Subnet Mask Number of Subnets Number of Hosts

/16 255.255.0.0 0 65534

/17 255.255.128.0 2 (0) 32766

/18 255.255.192.0 4 (2) 16382

/19 255.255.224.0 8 (6) 8190

/20 255.255.240.0 16 (14) 4094

/21 255.255.248.0 32 (30) 2046

/22 255.255.252.0 64 (62) 1022

/23 255.255.254.0 128 (126) 510

/24 255.255.255.0 256 (254) 254

/25 255.255.255.128 512 (510) 126

/26 255.255.255.192 1024 (1022) 62

 /27 255.255.255.224 2048 (2046) 30

/28 255.255.255.240 4096 (4094) 14

/29 255.255.255.248 8192 (8190) 6

/30 255.255.255.252 16384 (16382) 2

Class C

Network Bits Subnet Mask Number of Subnets Number of Hosts

/24 255.255.255.0 0 254

/25 255.255.255.128 2 (0) 126

/26 255.255.255.192 4 (2) 62

/27 255.255.255.224 8 (6) 30

/28 255.255.255.240 16 (14) 14

/29 255.255.255.248 32 (30) 6

/30 255.255.255.252 64 (62) 2

Supernetting (CIDR) Chart

• CIDR - Classless Inter-Domain Routing.

• Note: The Number of Class C networks must be contiguous.
For example, 192.169.1.0/22 represents the following block of addresses:
192.169.1.0, 192.169.2.0, 192.169.3.0 and 192.169.4.0.

Class C

CIDR Block Supernet Mask Number of Class C Addresses Number of Hosts

/14 255.252.0.0 1024 262144

/15 255.254.0.0 512 131072

/16 255.255.0.0 256 65536

/17 255.255.128.0 128 32768

/18 255.255.192.0 64 16384

/19 255.255.224.0 32 8192

/20 255.255.240.0 16 4096

/21 255.255.248.0 8 2048

/22 255.255.252.0 4 1024

/23 255.255.254.0 2 512

Quick Subnetting How-To (Thanks to Jason@

GeekVenue.)

[Understanding decimal - Base 10]

The first thing you must know is that the common number system
used world wide is the decimal system (otherwise known as base
10). What makes the decimal system a base 10 system is that it is
based on grouping numbers by 10's. It is believed that the system
evolved because we have ten fingers and ten toes which over the
years we have used for counting. I use mine all the time (grin). We
name the ten digits: zero, one, two, three, four, five, six, seven,
eight and nine.

The decimal system has a 1's place, a 10's place, a 100's place, a
1000's place and so on. We say the number places are grouped by
10's because multiplying each number place by 10 gives you the
next number place. So: 1x10=10 (the 10's place), 10x10=100 (the
100's place), 100x10=1000 (the 1000's place) etc.

Let's look at the decimal number 103 by place.

103 <- read from right to left

We have a 3 in the 1's place

We have a 0in the 10's place
We have a 1 in the 100's place

Thus: 100+0+3=103
By now you probably feel like you have attended Kindergarten for
the second time in your life? Sorry about that but it is very
important that you understand the concept of what a number
system is, and what it is based on before we look at binary.

[Understanding binary - base 2]

Binary is a base 2 system, and thus groups numbers by 2's and not
by 10's like the decimal system. We name the two digits: zero and
one. The binary system has a 1's place, a 2's place, a 4's place, an
8's place, a 16's place and so on. We say the number places are
grouped by 2's because multiplying each number place by 2 gives
you the next number place. So: 1x2=2 (the 2's place), 2x2=4 (the
4's place), 4x2=8 (the 8's place), 8x2=16 (the 16's place) etc.

Let's look at the decimal number Let's look at the decimal number
103 in binary format:

01100111 <- read from right to left

We have a 1 in the 1's place

We have a 1 in the 2's place
We have a 1 in the 4's place
We have a 0 in the 8's place
We have a 0 in the 16's place
We have a 1 in the 32's place
We have a 1 in the 64's place
We have a 0 in the 128's place

Thus: 0+64+32+0+0+4+2+1=103

Okay, Let's test your skills. Here is a list of binary numbers, try
converting them to decimal and check your answers at the end of
this post.

10000000
11000000
11100000
01000000
10000011
10010001
11111111

If you were able to convert these numbers to decimal then

congratulations! You're ready to move on to the next section.
[Understanding a subnet mask]

Now that you understand what binary is, let's have a look at our
two subnet masks from the beginning of my post:

192.168.1.0 / 255.255.255.0
192.168.1.0/24

The concept of a subnet mask is simple. You have a network and

you have hosts on the network (anything with an IP address is a
host). The subnet mask determines what portion of the TCP/IP
address represents your network and what portion can be used
for your hosts. Because I am a simple person, I think of it like
this; The network number represents the street I live on, and the
host portion is used for the numbers on all the houses on my street.

A subnet mask of 255.255.255.0 means that the first three octets

of the address will be used for the network, and thus our network
number is 192.168.1. This means we can have 254 computers on
this network, because the fourth octet is not being used by the
network portion of the address. We know this because of the 0 in
the subnet mask (255.255.255.0).

We call each of the number sections an octet because we think of

them in binary, and there are eight possible bits in each section.
Eight bits is an octet. 11111111 in binary is 255 in decimal (did
you do the conversions?). So our decimal subnet mask
255.255.255.0 displayed in binary is going to be:

11111111.11111111.11111111.00000000

If you count all the ones, you will find that there are 24 of them.
Now look at the subnet mask examples again.

192.168.1.0/255.255.255.0
192.168.1.0/24

Do you see why both subnet masks are the same? The number 24
is the number of bits used in the network portion of the address,
and is short-hand for writing the address/subnet mask
combination. It becomes important to understand this when you
start dividing your network into multiple sub networks.
[Understanding Subnetting]

Before reading this section, you should have a good understanding

of what a subnet mask is and how binary bits represent the subnet
mask.

Simply put, subnetting is dividing your network into multiple sub

networks. To go back to my silly example about houses and
streets, subnetting gives you multiple streets in your
neighborhood.

There are two methods for dividing your network into multiple sub
networks; One is to simply change your network numbers keeping
the same subnet mask. The other is to subnet your network into
smaller sub networks.

Keeping the same mask:

Your network could be divided into two or more networks by
changing the network portion of the address such as 192.168.1 and
192.168.2 and keeping the same subnet mask.

Example:
192.168.1.0/255.255.255.0
192.168.2.0/255.255.255.0

Doing this would give you two separate networks with 254 hosts
per network. This is a very common method of dealing with
multiple networks. However, back in the good old days you had to
pay for every IP address you used, and if you had 25 computers on
your network you probably would not want to pay for 254
addresses! The answer to the problem is...subnetting.

Subnetting a network:
Subnetting is when you use bits from the host portion of your
address as part of your network number. This let's you subdivide
your network at the cost of host addresses, which is great if you're
paying for every host IP address. It will save you money because
you pay for fewer TCP/IP addresses. Confused? Here is where
understanding binary is important.

Lets look at a new subnet mask:

255.255.255.224

As you can see in the fourth octet, some of the host portion of this
subnet mask is now being used for part of the network address.
Which means we are now using some of the binary bits in the
fourth octet for our network numbers, and that gives us fewer
hosts than our old mask (which gave us 254), but gives us more
networks (which is why we call it subnetting).

How can we tell how many networks and hosts per network this
new subnet mask will give us? Well... we shall have to use some
of our newly acquired binary skills.

The first task is to find out how many bits in the fourth octet are
being used? The decimal number is 224, what is the decimal
number 224 as represented in binary?

The decimal number 224 in binary is:

11100000

We have a 0 in the 1's place

We have a 0 in the 2's place
We have a 0 in the 4's place
We have a 0 in the 8's place
We have a 0 in the 16's place
We have a 1 in the 32's place
We have a 1 in the 64's place
We have a 1 in the 128's place

Thus: 128+64+32+0+0+0+0+0=224

So our complete subnet mask in binary is:

1111111.11111111.11111111.11100000

We now know that three bits from the fourth octet are used. How
can we tell how many sub networks we're going to have? This
requires some math- sorry. The formula is: 2n-2, where n is the
number of bits being used from the host portion of our subnet
mask.

Note: We subtract 2 from the total because you do not count all
0's or all 1's.

The formula for three bits is:

23-2=6

In simpler terms:
(2x2x2)-2=6

So our network is sub divided into 6 networks. Next, we want to

know what the network numbers are, and how many hosts we can
have on each of the 6 networks?

What is the first subnet? Let's have a look at the bits in our fourth
octet again. The bit that gives us the answer is the (1) closest to
the first zero, and in this case it is the 3rd bit from the left.

11100000

The 3rd bit will start our first network, and the 3rd bit is in the
32's place (remember binary). Start adding the value 32 to itself
six times to get the six network numbers.

Note: A quicker way to find our starting network number is to

subtract our mask from 256.
256-224=32

Here are our network numbers:

32
64
96
128
160
192

A better way to display this is:

192.168.1.32
192.168.1.64
192.168.1.96
192.168.1.128
192.168.1.160
192.168.1.192

The host addresses will fall between the network numbers, so we

will have 30 hosts per network. You're probably wondering why
it's not 31? The answer is that the last address of each subnet is
used as the broadcast address for that subnet.

Example:
Subnet:192.168.1.32 / 255.255.255.224
Address Range: 192.168.1.33 through 192.168.1.62 (30 hosts)
Subnet Broadcast Address:192.168.1.63

Quiz:
Let's test your skills- write the address range and broadcast
address for the following subnet. You will find the answer at the
end of this post.

Subnet: 192.168.1.128 / 255.255.255.224

Address Range?
Subnet Broadcast Address?

If we we're paying for our TCP/IP addresses, we would only pay

for one network and host combination, thus paying for 30 hosts
and not 254. It could mean some real savings, it also frees up the
remaining addresses for other organizations to use.

Let's look at another subnet mask:

255.255.255.240

How many bits are used from the host portion? To find this out,
we need to know how the decimal number 240 is represented in
binary.

The answer is:

11110000

So four bits are taken from the host portion of our mask. We do
the same math as before:

24-2=14

In simpler terms:
(2x2x2x2)-2=14

We will have 14 sub networks, and what will the network

numbers be? Look at the fourth bit, it's in the 16's place:
11110000

Note: A quicker way to find our starting network number is to

subtract the value of our mask from 256. So: 256-240=16

Start adding 16 to itself- fourteen times to get all 14 network

numbers:

16
32
48
64
80
96
112
128
144
160
176
192
208
224

A better way to display our subnets is:

192.168.1.16
192.168.1.32
192.168.1.48
192.168.1.64
192.168.1.80
192.168.1.96
192.168.1.112
192.168.1.128
192.168.1.144
192.168.1.160
192.168.1.176
192.168.1.192
192.168.1.208
192.168.1.224

The host addresses fall between the network numbers. So we will

have 14 host addresses on each of our 14 sub networks
(remember: the last or 15th address is the broadcast address for
that subnet).

If you had a small company with 10 hosts and needed to have a

static IP address for all of your hosts, you would be assigned a
network/subnet mask and a valid IP address range.

Here is an example of what that might look like:

Network: 205.112.10.16/.255.255.255.240
Address Range: 205.112.10.17 through 205.112.10.30
Subnet Broadcast Address: 205.112.10.31

[Answers to Binary Conversions]

10000000 = 128
11000000 = 192
11100000 = 224
01000000 = 64
10000011 = 131
10010001 = 145
11111111 = 255

[Answer to Subnet Question]

Subnet:192.168.1.128 / 255.255.255.224
Address Range: 192.168.1.129 through 192.168.1.158
Subnet Broadcast Address: 192.168.1.159