From: Richard Dumoulin (richard.dumoulin@vanco.es)
Date: Mon Jul 05 2004 - 04:46:43 GMT-3
Maybe there were times when old ios code would trigger isdn calls with CDP
but not anymore if only ip traffic is defined as interesting.
Also for your rule of thumb, why not applying these commands only when
needed ? My approach would be to know what they do and configure them only
when necessary,
--Richard
-----Original Message-----
From: akbar khan [mailto:ciscokhan@hotmail.com]
Sent: lunes, 05 de julio de 2004 4:57
To: ccielab@groupstudy.com; security@groupstudy.com
Cc: ciscokhan@hotmail.com
Subject: "Rule of Thumb Commands " in LAB Prep...
Hello Folks,
I shall be grateful to my fellow group members if you could suggest on my
below rule of thumb commands (risk free exercises) which I want to apply
during my all lab practices.
1. no peer neighbor-route (Under BRI Interface)
2. no cdp enable (Under BRI Interface)
3. no auto-sum (RIP,EIGRP & BGP unless required)
4. no sync (BGP unless required)
5. ip ospf network point-to-point (for Loopback interface if advertised in
ospf)
6. no ip split horizon (on the Hub router in Hub & spoke for EIGRP & RIP)
7. no discard-route internal or external for summarization in OSPF ABR &
ASBR to eliminate NULL 0)
8. passive-interface default (RIP & EIGRP)
9. always hardcode the router-id for OSPF,EIGRP & BGP
10. ip ospf mtu-ignore for ospf adjacency on the peer router interface of
CAT3550 (to avoid MTU Mismatch detection in DBD Packets)