SRT Lab Tips (Stupid Router Tricks)

  • If asked to prevent resolving a name to an IP, you can use no ip domain-lookup or transport preferred none under a con, aux or VTY line. This will stop the router in attempting to telnet to, say, a mistyped word. Could potential put both commands in, if asked.
    • ‘transport preferred none’ – ‘ghghg’ or ‘x.x.x.x’ will not spawn any session; ‘ping ine.com’ (for example) will not work
    • ‘no ip domain-lookup’ – just turn off DNS, ‘ping ine.com’ will not work
    • In general you have to use ‘transport preferred none’ to prevent resolving mistyped name.
    • ‘no ip domain-lookup’ will work, but it’s not intended for this task. It’s not a good idea to disable DNS on a production router.
  • ip tcp synwait-time can be used to speed up non-connecting telnet sessions. e.g. you telnet to a device that is not allowing telnet, typically you will need to wait around 30 seconds. This command shortens that wait time.
  • store password in MD5 Hash: you would think to use service password encryption command but that is wrong. to store password as MD5 hash you must use secret instead of password.
Advertisements