AI, ML, Development + Cisco Learning Blog

Here’s the order of operations for the inside-to-outside list:

• If IPSec, then check input access list
• Decryption—for Cisco Encryption Technology (CET) or IPSec
• Check input access list
• Check input rate limits
• Input accounting
• Policy routing
• Routing
• Redirect to Web cache
• NAT inside to outside (local to global translation)
• Crypto (check map and mark for encryption)
• Check output access list
• Inspect context-based access control (CBAC)
• TCP intercept
• Encryption

Here’s the order of operations for the outside-to-inside list:

• If IPSec, then check input access list
• Decryption—for CET or IPSec
• Check input access list
• Check input rate limits
• Input accounting
• NAT outside to inside (global to local translation)
• Policy routing
• Routing
• Redirect to Web cache
• Crypto (check map and mark for encryption)
• Check output access list
• Inspect CBAC
• TCP intercept
• Encryption

Source:

http://articles.techrepublic.com.com/5102-1035-6055946.html

you can change a syncronous port to async with

conf t

int so

pyhsical-layer async

watch with a:

sh line

logical interfaces are for example the loopback interface and the null interface.
The null interface is always there. if you want to drop a route you can send all packets the delta quadrant with.
ip route 192.168.1.0 255.255.255.0 null0

if you want to have an interface that is always up, maybe for your ospf routing process to stay alive you can use something like:
int loopback 0
ip add 192.168.1.1 255.255.255.0

You don’t have to use the „no shutdown“ command.

This interface will always stay tuned. 🙂

I you don’t want your neighbor to recive your routing updates from your ABR (Area Border Router) you can issue a passive mode on your router.

I will look like this for example RIP:

router rip
network 192.168.1.0
passive-interface e0

if Ethernet0 is the interface to your neighbor.