2811A#sh run Building configuration... Current configuration : 2914 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname 2811A ! boot-start-marker boot-end-marker ! logging message-counter syslog enable secret 5 $1$5tcg$iHLW3N0T6fVOv4Ikt4/ZB/ ! no aaa new-model ! dot11 syslog ip source-route ! ! ip cef ! ! ! multilink bundle-name authenticated ! ! ! key chain oer key 1 key-string oer ! ! oer master max-range-utilization percent 10 logging ! border 172.16.24.1 key-chain oer interface Serial0/1/0 external interface Serial0/0/0 external interface FastEthernet0/0 internal ! learn delay protocol tcp protocol udp periodic-interval 3 monitor-period 1 mode route control mode monitor passive ! ! oer border logging local Loopback0 master 172.16.24.1 key-chain oer ! ! username d privilege 15 secret 5 $1$4fyj$iB.8TuOgE0Ui8IYlSuw1g0 archive log config hidekeys ! ! ! ! ! ip ftp username dave ip ftp password dave ! track 1 interface Serial0/0/0 ip routing ! track 2 interface Serial0/0/0 ip routing ! ! ! interface Loopback0 ip address 172.16.24.1 255.255.255.224 ! interface FastEthernet0/0 ip address 10.55.1.2 255.255.255.0 ip flow ingress ip nat inside ip virtual-reassembly duplex auto speed auto ! interface FastEthernet0/1 no ip address shutdown duplex auto speed auto ! interface Serial0/0/0 ip address 10.56.0.1 255.255.255.0 ip nat outside ip virtual-reassembly ! interface Serial0/1/0 ip address 10.56.1.1 255.255.255.0 ip nat outside ip virtual-reassembly ! ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 10.56.0.2 track 1 ip route 0.0.0.0 0.0.0.0 10.56.1.2 track 2 ip route 10.55.0.0 255.255.0.0 10.55.1.1 ip route 172.16.24.32 255.255.255.224 10.55.1.3 ip http server no ip http secure-server ! ip flow-top-talkers top 30 sort-by bytes match source address 0.0.0.0 0.0.0.0 ! ip nat inside source route-map ISP1 interface Serial0/0/0 overload oer ip nat inside source route-map ISP2 interface Serial0/1/0 overload oer ! ip access-list extended natlist permit ip 10.55.40.0 0.0.0.255 any permit ip 10.55.41.0 0.0.0.255 any permit ip 10.55.42.0 0.0.0.255 any permit ip 10.55.43.0 0.0.0.255 any ! ip sla 1 icmp-echo 10.56.0.2 source-interface Serial0/0/0 threshold 40 ip sla schedule 1 life forever start-time now ip sla 2 icmp-echo 10.56.1.2 source-interface Serial0/1/0 ip sla schedule 2 life forever start-time now access-list 1 permit 10.55.40.0 0.0.0.255 access-list 1 permit 10.55.41.0 0.0.0.255 access-list 1 permit 10.55.42.0 0.0.0.255 access-list 1 permit 10.55.43.0 0.0.0.255 ! ! ! route-map ISP2 permit 10 match ip address 1 match interface Serial0/1/0 ! route-map ISP1 permit 10 match ip address 1 match interface Serial0/0/0 ! ! ! control-plane ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 exec-timeout 0 0 logging synchronous login local ! scheduler allocate 20000 1000 end 2811A# 2811A# 2811A# 2811A# 2811A# 2811A#sh ver Cisco IOS Software, 2800 Software (C2800NM-ADVSECURITYK9-M), Version 12.4(22)T, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2008 by Cisco Systems, Inc. Compiled Fri 10-Oct-08 00:05 by prod_rel_team ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1) 2811A uptime is 1 hour, 30 minutes System returned to ROM by reload at 00:28:27 UTC Fri Jan 9 2009 System image file is "flash:c2800nm-advsecurityk9-mz.124-22.T.bin" This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html If you require further assistance please contact us by sending email to export@cisco.com. Cisco 2811 (revision 53.50) with 249856K/12288K bytes of memory. Processor board ID FHK1249F4A3 2 FastEthernet interfaces 2 Serial(sync/async) interfaces 1 Virtual Private Network (VPN) Module DRAM configuration is 64 bits wide with parity enabled. 239K bytes of non-volatile configuration memory. 62720K bytes of ATA CompactFlash (Read/Write) Configuration register is 0x2102 2811A# 2811A# 2811A# 2811A# 2811A# 2811A# 2811A#sh oer mast OER state: ENABLED and ACTIVE Conn Status: SUCCESS, PORT: 3949 Version: 2.2 Number of Border routers: 1 Number of Exits: 2 Number of monitored prefixes: 1 (max 5000) Max prefixes: total 5000 learn 2500 Prefix count: total 1, learn 1, cfg 0 PBR Requirements not met Nbar Status: Inactive Border Status UP/DOWN AuthFail Version 172.16.24.1 ACTIVE UP 00:47:43 0 2.2 Global Settings: max-range-utilization percent 10 recv 0 mode route metric bgp local-pref 5000 mode route metric static tag 5000 trace probe delay 1000 logging exit holddown time 60 secs, time remaining 0 Default Policy Settings: backoff 300 3000 300 delay relative 50 holddown 300 periodic 0 probe frequency 56 mode route control mode monitor passive mode select-exit good loss relative 10 jitter threshold 20 mos threshold 3.60 percent 30 unreachable relative 50 resolve delay priority 11 variance 20 resolve utilization priority 12 variance 20 Learn Settings: current state : STARTED time remaining in current state : 80 seconds no throughput delay no inside bgp protocol tcp protocol udp monitor-period 1 periodic-interval 3 aggregation-type prefix-length 24 prefixes 100 expire after time 720 2811A# 2811A# 2811A# 2811A# 2811A#sh oer mast bord Border Status UP/DOWN AuthFail Version 172.16.24.1 ACTIVE UP 00:47:51 0 2.2 2811A# 2811A# 2811A# 2811A# 2811A#sh oer master traffic-class OER Prefix Statistics: Pas - Passive, Act - Active, S - Short term, L - Long term, Dly - Delay (ms), P - Percentage below threshold, Jit - Jitter (ms), MOS - Mean Opinion Score Los - Packet Loss (packets-per-million), Un - Unreachable (flows-per-million), E - Egress, I - Ingress, Bw - Bandwidth (kbps), N - Not applicable U - unknown, * - uncontrolled, + - control more specific, @ - active probe all # - Prefix monitor mode is Special, & - Blackholed Prefix % - Force Next-Hop, ^ - Prefix is denied DstPrefix Appl_ID Dscp Prot SrcPort DstPort SrcPrefix Flags State Time CurrBR CurrI/F Protocol PasSDly PasLDly PasSUn PasLUn PasSLos PasLLos EBw IBw ActSDly ActLDly ActSUn ActLUn ActSJit ActPMOS ActSLos ActLLos -------------------------------------------------------------------------------- 10.57.0.0/24 N defa N N N N DEFAULT* 66 172.16.24.1 Se0/1/0 U U U 0 0 0 0 1 1 N N N N N N 2811A# 2811A# 2811A# 2811A#sh ip route Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is 10.56.1.2 to network 0.0.0.0 172.16.0.0/27 is subnetted, 2 subnets S 172.16.24.32 [1/0] via 10.55.1.3 C 172.16.24.0 is directly connected, Loopback0 10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks C 10.56.0.0/24 is directly connected, Serial0/0/0 C 10.56.1.0/24 is directly connected, Serial0/1/0 C 10.55.1.0/24 is directly connected, FastEthernet0/0 S 10.55.0.0/16 [1/0] via 10.55.1.1 S* 0.0.0.0/0 [1/0] via 10.56.1.2 [1/0] via 10.56.0.2 2811A# 2811A#