quick note: standby use-bia

Q. What is the standby use-bia command and how does it work?

A. By default, HSRP uses the preassigned HSRP virtual MAC address <...> In order to configure HSRP to use the burnt-in address of the interface as its virtual MAC address, instead of the default, use the standby use-bia command.

Note: Using the standby use-bia command has these disadvantages:

• When a router becomes active the virtual IP address is moved to a different MAC address. The newly active router sends a gratuitous ARP response, but not all host implementations handle the gratuitous ARP correctly.
• Proxy ARP breaks when use-bia is configured. A standby router cannot cover for the lost proxy ARP database of the failed router.

quick note: mpls ldp router-id

Don't forget yo use "force" to quicker change router-id (don't wait for event that lead to router-id change).

How to test your url filtering via telnet during the lab

Use simple method, don't forget to place two new lines after "Host":

telnet 10.1.1.1 8080
Trying 10.1.1.1....
Connected to 10.1.1.1.
Escape character is '^]'.
GET /testurl.html HTTP/1.0
Host: R1.lab

Most awesome show running-config parsing shortcuts for CCIE R&S Lab I'm using

Find passwords with space sign at the end:
sh run | i _$

Show "router bgp/eigrp/ospf/rip" section of the configuration:
sh run | s r b
sh run | s r e
sh run | s r o
sh run | s r r

Show interface config only:
sh run | s int
Note: you can't use sh ru | s i because "i" in this case means "section include", also as "e" means "exclude"

Use short and informative route-map names, for example:
route-m c2e
to describe route-map for redistribution from connected to EIGRP.

Searching route in all VRFs:
sh ip ro vrf * | i ...

Show "crypto" part of the configuration (everything about IPSec):
sh run | s ^cr
or
sh run | s cry

Show routing part of the configuration with route-maps and without route-maps(longer and less used):
sh run | s ^r
sh run | s router

Less used, but valuable.
Show all ip prefix lists:
sh run | s ip p

Show all ip access-lists:
sh run | s ip ac

Note: I'm using sh run instead of sh ru because there is show rudpv1 command also exists.

Useful command to debug ip tos precedence packets

Yet another note for myself:

R1#sh run int s1/0
Building configuration...

Current configuration : 244 bytes
!
interface Serial1/0
 ip address 172.16.13.1 255.255.255.0
 ip accounting precedence input

...

R1#sh interfaces s1/0 precedence
Serial1/0
  Input
    Precedence 0:  408 packets, 42172 bytes
    Precedence 3:  2812 packets, 180528 bytes
    Precedence 4:  2819 packets, 180976 bytes
    Precedence 6:  613 packets, 41872 bytes

Please don't forget to enable PIM!

When you joining to multicast group with "ip igmp join-group" 

How to get list of processes from Cisco IOS router/switch and CPU usage per process via SNMP

With help of snmpwalk utility you can list processes and their CPU usage per-process even if router is at 100% CPU load. Use the following OIDs to list processes: 1.3.6.1.4.1.9.9.109.1.2.1.1.2.1 and this OID to list corresponding CPU usage per-process: 1.3.6.1.4.1.9.9.109.1.2.2.1.7.1

For example here is output from snmpwalk from 2811 router with 99% cpu and no SSH/telnet access because of high CPU load with appropriate retry/timeout parameters:

snmpwalk -r 9 -t 5 -v 2c -c public 10.81.1.1 1.3.6.1.4.1.9.9.109.1.2.1.1.2.1

...

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.188 = STRING: "CCVPM_HDSPRM"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.189 = STRING: "FLEX DSPRM MAIN"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.190 = STRING: "FLEX DSP KEEPALIVE MAIN"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.191 = STRING: "HDA DSPRM MAIN"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.192 = STRING: "cpf_process_msg_holdq"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.193 = STRING: "AAA Cached Server Group"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.194 = STRING: "ENABLE AAA"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.195 = STRING: "EM Background Process"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.196 = STRING: "Key chain livekeys"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.197 = STRING: "LINE AAA"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.198 = STRING: "LOCAL AAA"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.199 = STRING: "TPLUS"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.200 = STRING: "VSP_MGR"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.201 = STRING: "Crypto WUI"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.202 = STRING: "Crypto Support"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.203 = STRING: "IPSECv6 PS Proc"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.204 = STRING: "EPM MAIN PROCESS"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.205 = STRING: "CCVPM_HTSP"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.206 = STRING: "VPM_MWI_BACKGROUND"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.207 = STRING: "CCVPM_R2"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.208 = STRING: "EPHONE MWI Refresh"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.209 = STRING: "FB/KS Log HouseKeeping"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.210 = STRING: "EPHONE MWI BG Process"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.211 = STRING: "Skinny HW conference digit event"

iso.3.6.1.4.1.9.9.109.1.2.1.1.2.1.212 = STRING: "VOICE REG BG Process"

...

snmpwalk -r 9 -t 5 -v 2c -c public 10.81.1.1 1.3.6.1.4.1.9.9.109.1.2.2.1.7.1

...

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.189 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.190 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.191 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.192 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.193 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.194 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.195 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.196 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.197 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.198 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.199 = Gauge32: 87

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.200 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.201 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.202 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.203 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.204 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.205 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.206 = Gauge32: 0

iso.3.6.1.4.1.9.9.109.1.2.2.1.7.1.207 = Gauge32: 0

...

As you can see, TPLUS process is using 87% CPU. Seems it is a software defect and my IOS will be upgraded.