成衣打版

基本縫 車練習

1.布書

2.圍裙

3.浴衣

裙子

1.基本裙

2.A字裙

3.波浪裙

褲子

1.長褲

2.打摺短褲

上衣

以基本型變化上衣

原型新文化式

老師：李陳玉英 0903-385988 7月11日
1.現把基礎線畫完，在加上輪廓線
2.剪下輪廓線，在描圖，畫袖子

以此基本型去延伸變化各上衣造型設計。

重點：領子
            袖襱，下擺，扣洞

與老師合照

linux

#pa aux|grep yum
#kill -9 3829
#yum 

Enable userdir, users can create websites with this setting. [1] Configure httpd. [root@www ~]#  vi /etc/httpd/conf.d/userdir.conf # line 17: comment out # UserDir disabled # line 24: uncomment UserDir public_html # line 31 - 35 <Directory "/home/*/public_html">     AllowOverride  All # change     Options  None # change     Require method GET POST OPTIONS </Directory> [root@www ~]#  systemctl restart httpd  [cent@www ~]$  mkdir public_html  [cent@www ~]$  chmod 711 /home/cent  [cent@www ~]$  chmod 755 /home/cent/public_html  [cent@www ~]$ vi ./public_html/index.html <html> <body> <div style="width: 100%; font-size: 40px; font-weight: bold; text-align: center;"> UserDir Test Page </div> </body> </html> 要關selinux   0727   1.nano /etc/httpd/conf/httpd.conf   Find the section that begins with <Directory "/var/www/html">. Change the line from AllowOverride none to AllowOverride AuthConfig AllowOverride AuthConfig Save and close the file.  2. Create a password file with htpasswd   htpasswd -c /var/www/html/.htpasswd user1 htpasswd /var/www/html/.htpasswd user2// next user don't -c [root@localhost ~]# htpasswd -c /var/www/html/.htpasswd hope New password: Re-type new password: Adding password for user hope   3. nano /var/www/html/.htaccess AuthType Basic AuthName "Restricted Content" AuthUserFile /var/www/html/.htpasswd Require valid-user 4.chown apache:apache /var/www/html/.htaccess chown apache:apache /var/www/html/.htpasswd chmod 0660 /var/www/html/.htpasswd 5.systemctl restart httpd 6.test ==================== 8/9 DNS 1.yum install bind bind-chroot bind-utils 2.nano /etc/named.rfc1912.zones add zone  zone "ccna16.edu" IN { type master; file "named.ccna16"; allow-update { none; }; }; zone "40.168.192.in-addr.arpa" IN { type master; file "named.reverse"; allow-update { none; }; }; 3. nano /var/named/named.reverse $TTL 1D @ IN SOA @ ccna16.edu. (100 1H 2D 3W 1H) @ IN NS ccna16.edu. 253 IN PTR ccna16.edu. 253 IN PTR www.ccna16.edu. nano /var/named/named.ccna16 $TTL 1D @ IN SOA @ rname.invalid. ( 0 1D 1H 1W 3H ) NS @ A 192.168.40.253 www A 192.168.40.253  4.systemctl restart named 5.[root@localhost ~]# dig -x 192.168.40.253 @localhost ; <<>> DiG 9.9.4-RedHat-9.9.4-50.el7_3.1 <<>> -x 192.168.40.253 @localhost ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26026 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;253.40.168.192.in-addr.arpa. IN PTR ;; ANSWER SECTION: 253.40.168.192.in-addr.arpa. 86400 IN PTR ccna16.edu. 253.40.168.192.in-addr.arpa. 86400 IN PTR www.ccna16.edu. ;; AUTHORITY SECTION: 40.168.192.in-addr.arpa. 86400 IN NS ccna16.edu. ;; ADDITIONAL SECTION: ccna16.edu. 86400 IN A 192.168.40.253 ;; Query time: 1 msec ;; SERVER: ::1#53(::1) ;; WHEN: 三 8月 09 15:34:44 CST 2017 ;; MSG SIZE rcvd: 128 ================= 8/10 postfix 1.預備動作 nano /var/named/named.ccna16 加入 mail A 192.168.40.253 ccna16.edu MX 10 mail.ccna16.edu. 重啟 named systemctl restart named 測試 Microsoft Windows [版本 6.1.7601] Copyright (c) 2009 Microsoft Corporation. All rights reserved. C:\Users\Administrator>nslookup 預設伺服器: dns.hinet.net Address: 168.95.1.1 > server 192.168.40.253 預設伺服器: [192.168.40.253] Address: 192.168.40.253 > set type=mx > ccna16.edu 伺服器: [192.168.40.253] Address: 192.168.40.253 ccna16.edu MX preference = 10, mail exchanger = mail.ccna16.edu ccna16.edu nameserver = ccna16.edu mail.ccna16.edu internet address = 192.168.40.253 ccna16.edu internet address = 192.168.40.253 2.firewall-cmd --permanent --add-service=smtp firewall-cmd --permanent --add-port=110/tcp firewall-cmd --permanent --add-port=143/tcp firewall-cmd --reload systemctl start postfix systemctl enable postfix 3.#vim /etc/postfix/main.cf myhostname = mail.ccna16.edu mydomain = ccna16.edu myorigin = $mydomain mynetworks_style = class mynetworks = 127.0.0.0/8, 192.168.40.0/24 inet_interfaces = all mydestination = $mydomain, $myhostname, localhost.$mydomain, localhost mail_spool_directory = /var/mail home_mailbox = Maildir/ mailbox_size_limit = 0 #原設定參數沒有 message_size_limit = 0 #請自己加上即可 4.編修設定檔 /etc/dovecot/dovecot.conf protocols = imap pop 5.編修設定檔 /etc/dovecot/conf.d/10-mail.conf： 打開mail_location = mbox:~/mail:INBOX=/var/mail/%u 6. [hope@localhost ~]$ nano ~/.muttrc #su - student $vim ~/.muttrc set mbox_type=Maildir set folder="~/Maildir" set mask="!^\\.[^.]" set mbox="~/Maildir" set record="+.Sent" set postponed="+.Drafts" set spoolfile="~/Maildir"   8/30 practice network command and manage 1.ip address show ip -s link show enp0s3 ip address add 10.0.0.2/24 brd + dev enp0s3  ip address del 10.0.0.2/24 dev enp0s3 2.systemctl start NetworkManager stop stop restart enable disable  cancle MN instead network chkconfig network on cat /etc/sysconfig/network-scripts/ifcfg-enp0s3 //the configuration place ifdown enp0s3 ifconfig ifup enp0s3 3.test tool netstat -ntulp n with port t tcp u udp l listen p pid

cisco security

0721
AAA
Authentication
   Prove :they are who they say they are.
Authorization
   Resources can access and whice operation is allowed to perform
Accounting
    Audting Billing

Example: Configure Local Authentication

Router> enable
Router# configure terminal
Router(config)# aaa new-model
Router(config-if)# aaa authentication login default local
Router(config)# line vty 0 4
Router(config-line)# login authentication default
Router(config-line)# end

Item

TACACS+

RADIUS

Comparison



Connection

TCP

UDP

UDP has less overhead; however, with TCP, TACACS+ more quickly can detect a failed server and switch over to a backup. TCP can do this by having the router look for an RST (closed connection) message or by using TCP keepalives.


Encryption

Payload

Passwords

TACACS+ is more secure because it encrypts the entire payload, which includes all user and AAA message information; RADIUS encrypts only passwords, so everything else, including usernames and other account information, is sent in clear text.


Authentication and authorization

Separate

Combined

RADIUS combines authentication and authorization functions, which means that you must use the same server or group for these functions. TACACS+ separates them, giving you more control over the server that handles these functions.


WAN protocols

PPP, ARAP, NetBIOS, NASI, and X.25 PAD

PPP and SLIP

TACACS+ is better suited for remote-access situations that involve multiple dialup protocols, whereas RADIUS supports only PPP and SLIP.


Router command authorization

Yes

No

TACACS+ enables you to control what commands an authenticated user can execute on a router; RADIUS does not.


Accounting

Basic

Advanced

The one big advantage that RADIUS has over TACACS+ is its robust accounting, which is why many ISPs use it to monitor PPP connections.


Authentication Troubleshooting：
Router# debug aaa authentication

R1(config)#username Admin1 secret admin1pa55
R1(config)#aaa new-model
R1(config)#aaa authentication login default local
R1(config)#line console 0
R1(config-line)#login authentication default
R1(config)#aaa authentication login TELNET-LOGIN local
R1(config)#line vty 0 4
R1(config-line)#login authentication TELNET-LOGIN


R2
R2(config)#username Admin2 secret admin2pa55
R2(config)#tacacs-server host 192.168.2.2
R2(config)#tacacs-server key tacacspa55
R2(config)#aaa new-model
R2(config)#aaa authentication login default group tacacs+ local
R2(config)#line con 0
R2(config-line)#login authentication default



R3
R3(config)#username Admin3 secret admin3pa55
R3(config)#radius-server host 192.168.3.2
R3(config)#radius-server key radiuspa55
R3(config)#aaa new-model
R3(config)#aaa authentication login default group radius local
R3(config)#line con 0
R3(config-line)#login authentication default

07/24



4.4.1.3 Packet Tracer - Configuring a Zone-Based Policy Firewall (ZPF)

Create the Firewall Zones 

R3(config)#zone security IN-ZONE

R3(config-sec-zone)#zone security OUT-ZONE

R3(config-sec-zone)#exit

Define a Traffic Class and Access List

R3(config)#access-list 101 permit ip 192.168.3.0 0.0.0.255 any



R3(config)#class-map type inspect match-all IN-NET-CLASS-MAP

R3(config-cmap)#match access-group 101

R3(config-cmap)#

R3(config-cmap)#exit

R3(config)#policy-map type inspect IN-2-OUT-PMAP

R3(config-pmap)#class type inspect IN-NET-CLASS-MAP

R3(config-pmap-c)#inspect

%No specific protocol configured in class IN-NET-CLASS-MAP for inspection. All protocols will be inspected

R3(config-pmap-c)#exit

R3(config-pmap)#exit

R3(config)# zone-pair security IN-2-OUT-ZPAIR source IN-ZONE destination OUT-ZONE

R3(config-sec-zone-pair)#service-policy type inspect IN-2-OUT-PMAP

R3(config-sec-zone-pair)#exit

R3(config)#interface fa0/1

R3(config-if)#zone-member security IN-ZONE

R3(config-if)#exit

R3(config)#interface s0/0/1

R3(config-if)#zone-member security OUT-ZONE



R3(config-if)#exit



IDS IPS

IPS

線上作業(In-Line)即時阻斷高精確的偵測能力高效能與低延遲可靠性與可用性自我學習與調整能力

階段一 偵測/不防禦

IPS以被動式IDS模式運作，連線到路由器的SPAN埠或分接裝置，以偵測與分析網路封包，無阻檔功能。此一階段，管理者可依據偵測的結果作適當的調整，以減少誤報（False positive）的情形發生

階段二 線上偵測/不防禦

經過IPS，並做即時且深層的檢測

In-line Mode

須對IPS 的攻擊特徵偵測與異常協定偵測進行更細微的調整

階段三 全面偵測/部分防禦

階段四 線上偵測/全面防禦

結論

IPS進行全面阻檔前，如何準確分析出各類異常偵測的臨界值，去除誤報的攻擊特徵，增加漏報的過濾特徵，必須由網路管理者投入長時間的檢測與調整。



09/05 許老師

SIEM  Security Information and Event Management

F/M     UTM (Unified Threat Management，UTM)f/w&idp 安(IDS, Intrusion Detection
System)

coreswitch

log   有正規化分析 FortiGate虛擬設備允許您通過虛擬基礎架構中實現關鍵的安全控制




R語言

網卡RDMA

羅老課程

 

python 下一回目標

msserver2012

ad設定
member設定
DNS 設定
   A主機設定 別名及www.domains,com tw
502
DDOS
udp 53
DNS security
DMZ
set DNS authority
安裝IIS
新增網站，並把default 站台加繫結，而可在80port加站台

0725
1.create dataCenter
2.create cluster
3.add Host(esxi Server

                                      manager
esxi6-1                                                    esxi6-2                                       vCenter-win 2012R
231.100                                                     231.101                                       231.150
                iscsi Adapter
                                 ipSAN
                                      |
                                 DATACENTER

Hyper-converged infrastructure，HCI
超融合基礎架構則是將伺服器與儲存整合在一個單元機箱爲來提供服務。

網頁與資料庫

0424  重設appserve及dreamweaver\  新設網站mypage
test echo  sprintf
http://php.net/sprintf

<?php
$name="張三";
$price=400;
$goods="衣服";
echo $name."花了".$price."元，買了一件".$goods;
echo "<br>";
$format = '%s花了%d元，買了一件%s';
echo sprintf($format, $name, $price,$goods);

?>
0427
陣列
 $student[0]=90;
連續記憶體空間存放，存取效果比較好
reset($House);把指標放到陣列開始位址
while (list($key,$val)=each($array){}
------------
$color=array("red","blue","orange","green","pink");
$bgc=$color[rand(0,4)];
//echo $bgc;
echo "<body bgcolor='".$bgc."'>";
-----------------
0504php
<form id="f1" name="f1" method="post" action="php0427-2.php">
<table width="400" id="tb1" border="1" >
<tr>
<td>姓名：</td>
<td><input type="text" id="t1" name="t1" size="20" /></td>

</tr>
<td>性別：</td>
<td><input name="sex" type="radio" value="male" />男
    <input name="sex" type="radio" value="female" />女</td>
<tr>
<td>出生日；</td>
<td><select name="sel1">
<?php
for ($i=1930;$i<=2017;$i++)
{

echo "<option value=\"$i\">$i</option>";
}
?>
</select> 年
<select name="sel2">
<?php
for ($i=1;$i<=12;$i++)
{

echo "<option value=\"$i\">$i</option>";
}
?>
</select> 月
 <select name="sel3">
<?php
for ($i=1;$i<=31;$i++)
{

echo "<option value=\"$i\">$i</option>";
}
?>
</select> 日
</td>
</tr>
<tr>
<td>興趣；</td>
<td><input type="checkbox" name="hobby[]" value="打球" />打球
<input type="checkbox" name="hobby[]" value="聽音樂" />聽音樂
<input type="checkbox" name="hobby[]" value="郊遊" />郊遊
<input type="checkbox" name="hobby[]" value="" />游泳
</td>
</tr>
<tr>

<tr>
<td  colspan="2" align="center" ><input type="submit" name="submit" value="送出" /></td>

</tr>

</table>
</form>
-------------
<table border="1">
<tr>
<td><img  src="img/<?php
if ($_POST['sex']=='male')
echo 'male'.'.jpg';
else
echo 'female'.'.jpg';
?>" /></td>
<td>姓名：<?php echo $_POST['t1'] ?></td>
</tr>
<tr>
<td>生日：<?php echo $yy = $_POST['sel1'].'年'.$mm=$_POST['sel2'].'月'.$dd=$_POST['sel3'].'日'?><br></td>
<td> 興趣：<?php
foreach($_POST['hobby'] as $val)
{
echo $val.'<br>';
}
?> </td>
</tr>
</table>
===========
session
=========
0518
解決中文亂碼
1.確認頁面籍資料欄位是否為utf8編碼
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>無標題文件</title>
</head>
2.資料庫中資料表欄位，校對 utf8_unicode_ci
3.在sqlConn.php裡加入下列語法
mysql-query("SET NAMES UTF8");
讓瀏覽器正確已UTF8開啟網頁，在phpfile加
header("Content-Type:text/html;charset=utf-8");

"SELECT profiles.ID,profiles.Name,class.Hour FROM profiles INNER JOIN class ON profiles.ID=class.Name_ID where class.Hour >=3 AND class.Hour <=6
"
531
實戰動態資料庫建立
一、建立mysql資料庫
         db1 =>建立
         db1=>table 4 field  =>執行

   儲存
二、db8設定
       1.在WWW新增資料夾db1
            新增網站

2.應用程式=>資料庫

===============
<?php
header('Content-type:text/html;charset=utf-8');

echo "檔案名稱：".$_FILES['myfile']['name']."<br>";
echo "檔案大小：".$_FILES['myfile']['size']."<br>";
echo "檔案格式：".$_FILES['myfile']['type']."<br>";
echo "暫存名稱：".$_FILES['myfile']['tmp_name']."<br>";
echo "錯誤代碼：".$_FILES['myfile']['error'];
if($_FILES['myfile']['error'] > 0)
{
   switch($_FILES['myfile']['error'])
  {
     case 1 : die("檔案大小超出 php.ini:upload_max_filesize 限制");
     case 2 : die("檔案大小超出 MAX_FILE_SIZE 限制");
     case 3 : die("檔案僅被部分上傳");
     case 4 : die("檔案未被上傳");
  }
}

?>

ccna 名詞解釋及指令練習

完整主機名稱： Fully Qualified Domain Name (FQDN)---主機名稱與領域名稱 (hostname and domain name)

領域名稱系統 (Domain Name System, DNS) 

整個 DNS 系統的最上方一定是 . (小數點) 這個 DNS 伺服器 (稱為 root)，最早以前它底下管理的就只有 (1)com, edu, gov, mil, org, .net 這種特殊領域以及 (2)以國家為分類的第二層的主機名稱了！這兩者稱為 Top Level Domains (TLDs) 
啟動 DNS 的 daemon (就是 named 啦) 時，會同時啟動 tcp 及 udp 的 port 53 喔！所以，記得防火牆也要同時放行 tcp, udp port 53 呢！

• SOA：就是開始驗證 (Start of Authority) 的縮寫，相關資料本章後續小節說明；
• NS：就是名稱伺服器 (NameServer) 的縮寫，後面記錄的資料是 DNS 伺服器的意思；
• A：就是位址 (Address) 的縮寫，後面記錄的是 IP 的對應 (最重要)；

PTR：就是指向 (PoinTeR) 的縮寫，後面記錄的資料就是反解到主機名稱囉！




用 ipconfig /all 檢視配置<br />
使用 ipconfig /renew 重新整理配置<br />
使用 ipconfig 管理 DNS 和 DHCP 類別 ID<br />
使用 Ping 測試連接<br />
使用 Arp 解決硬體位址問題<br />
使用 nbtstat 解決 NetBIOS 名稱問題<br />
使用 netstat 顯示連接統計<br />
使用 tracert 跟蹤網路連接<br />
使用 pathping 測試路由器<br />
使用 ipconfig /all 檢視配置<br />

各指令都可以鍵入/?來查詢詳細的附屬參數</div>
https://ccnav6.com/ccna-1-final-exam-answers-2017-v5-1v6-0-introduction-to-networks.html

ipv4 rip 53xu/4

R1>en
R1#config t
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)# no auto-summary 
R1(config-router)#network 192.168.1.0
R1(config-router)#network 192.168.2.0
R1(config-router)#do show ip route
C       192.168.1.0/24 is directly connected, GigabitEthernet0/0
R1(config-router)#passive-interface g0/0
R1(config-router)#default-information originate 
R1(config-router)#end
R1#copy run startup-config

R2>
R2>en
R2#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#router rip
R2(config-router)#version 2
R2(config-router)#no auto-summary 
R2(config-router)#network 192.168.3.0
R2(config-router)#network 192.168.2.0
R2(config-router)#network 192.168.4.0
R2(config-router)#do show ip route
C       192.168.3.0/24 is directly connected, GigabitEthernet0/0
R2(config-router)#passive-interface g0/0
R2(config-router)#end
R2#copy run startup-config

ipv6 rip

r1(config)#ipv6 unicast-routing
r1(config)#ipv6 router rip cisco
r1(config-rtr)#exit
r1(config)#int fa g0/0
r1(config-if)#ipv6 rip cisco enable
r1(config-if)#int s0/0/0
r1(config-if)#ipv6 rip cisco enable


ospf

eigrp

DUAL
Diffusing Update Algorithem
RTP
Reliable Transport Protocol
SRTT
Smooth Rount=trip time 平順來回時間
RTO
Re-tranmission time out

ipv6 config
ipv6 unicast-routing
ipv6 router eigrp 1
eigrp router-id 1.1.1.1
no shut
==========
int g0/0
ipv6 eigrp 1
int s0/0/0
ipv6 eigrp 1
=====
sh ipv6 protocols
sh ipv6 route
=================
ipv4 config
router eigrp 1
network 192.168.10.8 0.0.0.3
network 192.168.12.0 0.0.0.255＿
router eigrp 1
passive-interface g0/0
=
sh ip protocols
sh ip eigrp neighbor
sh ip route eigrp
CISCO 開機順序 參考
http://a46087.pixnet.net/blog/post/31079802-%E3%80%90ccna%E3%80%91cisco-router-%E9%96%8B%E6%A9%9F%E9%A0%86%E5%BA%8F

switch part 2 chapter 1.2.3
about ipv6
     

• 主機使用ND(network discovery)來進行探索相鄰路由器，探索位址、首碼及參數
• 路由器使用ND來通告主機設定參數及首碼，通告主機下一跳的位址(Next-hop)

而ND則包含了以下六種訊息進行鏈結(link)間的溝通。

1. Router solicitation (ICMPv6 type 133)
2. Router advertisement (ICMPv6 type 134)
3. Neighbor solicitation (ICMPv6 type 135)
4. Neighbor advertisement (ICMPv6 type 136)
5. Redirect (ICMPv6 type 137)
6. Router Renumbering. (ICMPv6 Type 138)

違反安全MAC處理方法
1.Protect(保護):將接收到的封包直接丟棄
2.Restrict(限制):將封包直接丟棄並將違反的相關資訊記錄起來。
3.Shutdown(關閉):會將此port介面設定為error-disabled，並且發送通知和記錄，要再次啟動此介面時須先shutdown在使用no shutdown。

設定指令
========================================================================
S1(config)#interface fastEthernet 0/1(進入介面0/1設定模式)
S1(config-if)#switchport mode access(設定為存取模式)
S1(config-if)#switchport port-security(啟動port-security)
S1(config-if)#switchport port-security maximun 5(設定安全MAC數量為5)
S1(config-if)#switchport port-security mac-address xxxx.xxxx.xxxx(設定靜態安全MAC為xxxx.xxxx.xxxx)
S1(config-if)#switchport port-security mac-address sticky(設定黏滯安全MAC)
S1(config-if)#switchport port-security violation restrict(當違反安全原則時restrict)
S1(config-if)#switchport port-security violation protect(當違反安全原則時protect)
S1(config-if)#switchport port-security violation shutdown(當違反安全原則時shutdown)
S1#show port-security interface fastEthernet 0/1(顯示fa0/1的port-security)
S1#show mac-address-table(顯示交換器上的MAC table)
S1#show port-securty address(顯示Secure MAC Table)
S1#clear mac-address-table(清除交換器上的MAC table)
S1#clear port-securty all(清除Secure MAC Table)

0516
ACL(access control list,存取控制清單)

R1>en
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)# access-list 100 permit tcp 172.22.34.64 0.0.0.31 host 172.22.34.62 eq ftp
R1(config)#access-list 100 permit icmp 172.22.34.64 0.0.0.31 host 172.22.34.62
R1(config)#interface gigabitEthernet 0/0
R1(config-if)#ip access-group 100 in
R1(config-if)#exit
R1(config)#ac
R1(config)#access-list 100
% Incomplete command.
R1(config)#ip access-list extended HTTP_ONLY
R1(config-ext-nacl)# permit tcp 172.22.34.96 0.0.0.15 host 172.22.34.62 eq www
R1(config-ext-nacl)#permit icmp 172.22.34.96 0.0.0.15 host 172.22.34.62
R1(config-ext-nacl)#interface gigabitEthernet 0/1
R1(config-if)#ip access-group HTTP_ONLY in
R1(config-if)#

9.3.2.11 Configuring Extended ACLs Scenario 2
RTA(config)#access-list 199 permit tcp 10.101.117.32 0.0.0.15 10.101.117.0 0.0.0.31 eq telnet
RTA(config)#access-list 199 permit icmp any any
RTA(config)#int g0/2
RTA(config-if)#ip ac
RTA(config-if)#ip access-group 199 out
 RTA#sh access-lists
Extended IP access list 199
10 permit tcp 10.101.117.32 0.0.0.15 10.101.117.0 0.0.0.31 eq telnet
20 permit icmp any any

5/19
練習vlan subinterface  port security

HRSP配置
routerA#conf t
routerA(config)#int e0
routerA(config)#standby ip 172.16.1.254
routerA(config)#standby preempt
routerA(config)#standby track serial 0
routerA(config)#exit
routerA#

http://www.networkers-online.com/blog/2008/09/frame-relay-discard-eligibility-bit-de/
frame relay DE set

Protocol-Independent Multicast (PIM) is a family of multicast routing protocols for Internet Protocol (IP) networks that provide one-to-many and many-to-many distribution of data over a LAN, WAN or the Internet. It is termed protocol-independent because PIM does not include its own topology discovery mechanism, but instead uses routing information supplied by other routing protocols. PIM is not dependent on a specific unicast routing protocol; it can make use of any unicast routing protocol in use on the network. PIM does not build its own routing tables. PIM uses the unicast routing table for reverse path forwarding
FF02:D

https://www.youtube.com/watch?v=4glbHViFjVc (acl-3 ccna)
https://www.youtube.com/watch?v=VIQbrX4SoaE(ospf neighbor)