3DES

Triple Data Encryption Standard

Procedure to secure data by first separating it into 64-bit blocks. Each block i
s then processed three times, each time with an independent 56-bit key. 3DES use
s a total key of 168-bits to ensure strong encryption. 3DES is a variant of the
56-bit data encryption standard.
DES,block cipher
802.1Q
IEEE standard that is designed to enable traffic between virtual LANs. IEEE 802.
1Q uses an internal tagging mechanism which inserts a four-byte tag field in the
original Ethernet frame between the source address and type/length fields. Beca
use the frame is altered, the trunking device recomputes the frame check sequenc
e on the modified frame.
IEEE,VLAN
ABR
area border router
Routing device that connects one or more OSPF areas to a backbone network. An AB
R maintains routing tables for the backbone and the attached areas of an OSPF.
OSPF
access control list
See ACL.

Access Layer
Level of the hierarchical Cisco internetworking model that encompass the hosts t
hat are the point of entry into the network. Access Layer devices include switch
es, hubs, workstations, servers, IP phones, web cameras, and access points.
Core Layer,Distribution Layer
access link
Connection between a DTE, such as a router, to the nearest point-of-presence of
a service provider through a DCE, such as a modem in a Frame Relay network.
DTE,DCE,Frame Relay,service provider
access point
See AP.

access port
Pathway to a device that does not create loops in a switched network and always
transitions to forwarding if a host is attached.ACK
acknowledgment
Notification sent between network devices when an event has occurred. For exampl
e, a destination device sends an ACK to a source device when a message is receiv
ed.
acknowledgment
See ACK.

ACL
access control list
List kept by a network device, such as a router, to manage access to or from the
router for a number of services. For example, an ACL can be used to prevent pac
kets with a certain IP address or protocol from leaving a particular interface o
n the router.
IP address
active topology
RSTP network design that transition ports to the forwarding state if they are no
t discarding or are blocked.
RSTP
AD
1) advertised distance
Distance that is broadcast by an upstream neighbor.
2) administrative distance
Rating of trustworthiness of a routing information source. For a Cisco router, a
n administrative distance is expressed as a numerical value between 0 and 255. T
he higher the value, the lower the trustworthiness rating.

adaptive cut-through
Type of switching when the flow reverts back to fast-forward mode when the numbe
r of errors drops below the threshold value to an acceptable level.
fast-forward
address
Data structure used to identify a unique entity, such as a particular process or
network device. An IP address is a string of characters assigned by an administ
rator. A MAC address is burned into a device and cannot be changed.
MAC address,IP address
address mask
Bit combination used to identify the part of an address that refers to the netwo
rk or subnet, and the part that refers to the host.
subnetwork
adjacencies
See adjacency.

adjacency
Relationship between neighboring routers and end nodes for the purpose of exchan
ging routing information. Adjacency is based on the use of a common media segmen
t.

administrative distance
See AD.

Advanced Encryption Standard

See AES.
advanced replacement
Part of a SMARTnet agreement offered as part of a customer service enhancement.

advertised distance
See AD.

advertisement request
VLAN information that a VTP client requires if the switch has been reset or the
VTP domain name has been changed.

advertising
Router process in which routing or service updates containing lists of usable ro
utes are sent at specified intervals to routers on the network .

AES
Advanced Encryption Standard

Specifications for a symmetric 128-bit block cipher that is the current cryptogr
aphic standard for the United States adopted by the National Institute of Standa
rds and Techonology. The algorithm must be used with key sizes of 128 bits, 192
bits, or 256 bits, depending on the application security requirement.
block cipher
aging timer
Period of time in which an entry must be used before a switch deletes it from th
e MAC address table.
MAC address
AH
Authentication Header
Security protocol that provides data authentication and optional anti-replay ser
vices. AH is embedded in the data to be protected.
algorithm
Well-defined rule or mathematical process for solving a problem. In networking,
an algorithm is commonly used to determine the best route for traffic from a sou
rce to a destination.

anycast
Type of IPv6 network addressing and routing scheme where data is routed to a des
tination considered to be the best or closest by the routing topology. An anycas
t address is formatted the same as an IPv6 global unicast address.
global unicast address,IPv6
AP
access point
Access Layer device that connects to a wired network and relays data between wir
eless and wired devices. An AP connects wireless communication devices to form a
wireless network to allow roaming.
application characterization
Collecting information about network bandwidth usage and response times of an ap
plication. Some of the considerations for application characterization include h
ow the application works and interacts on a network, and the technical requireme
nts.

Application Layer
Layer 7 of the OSI Reference Model. The Application Layer provides services to a
pplication processes such as email, file transfer, and terminal emulation that a
re outside of the OSI Reference Model. It identifies and establishes the availab
ility of intended communication partners and the resources required to connect w
ith them, synchronizes cooperating applications, and establishes agreement on pr
ocedures for error recovery and control of data integrity.

application-specific integrated circuit (ASIC)

See ASIC.

area
Logical set of either CLNS-, DECnet-, or OSPF-based network segments, and all at
tached devices. Areas are usually connected through routers, creating a single a
utonomous system.
OSPF
Area 0
Area at the beginning of an OSPF network. An OSPF network must have at least one
area, which is area 0. As the network expands, other areas are created adjacent
to Area 0.
Area 0 is also known as the backbone area.
OSPF
area border router
See ABR.

area ID
Identification of the OSPF area to which the network belongs.

AS
autonomous system.
Collection of networks under a common administration sharing a common routing st
rategy. Autonomous systems are subdivided by areas. An autonomous system must be
assigned a unique 16-bit number by the IANA.

ASA
Cisco adaptive security appliance
Hardware device that integrates firewall, Unified Communications security, SSL a
nd IPsec VPN, IPS, and content security services. An example of an ASA is a Cisc
o ASA 5500 series.
ASBR
autonomous system boundary router
Area border router located between an OSPF autonomous system and a non-OSPF netw
ork. An ASBR runs the OSPF routing protocol and another routing protocol, such a
s RIP. An ASBR must reside in a nonstub OSPF area.
ABR,OSPF,RIP
as-built
Diagram that shows the original design and any changes that have been made to a
network topology.

ASIC
application-specific integrated circuit
Circuit that gives precise instructions for the functionality of a device during
Layer 3 switching.

asymmetric
When one function on a network takes a greater length of time than the reverse f
unction. An example of an asymmetric function is the compression and decompressi
on of data.

asynchronous transfer mode

See ATM.

ATM
asynchronous transfer mode
International standard for the cell relay of service types, such as voice, video
, or data. In ATM, the services are conveyed in fixed-length, 53-byte cells. Fix
ed-length cells reduce transit delays because cell processing occurs in the hard
ware. ATM is designed for high-speed transmission media such as E3, SONET, and T
3.
E3,T3,SONET
atomic transaction
Process that guarantees that either all or none of the tasks of a transaction ar
e performed in a database system. An atomic transaction is void if it is not ful
ly processed.

authentication
Security measure designed to control access to network resources by verifying th
e identity of a person or process.

Authentication Header
See AH.

authentication server
Server that controls the frequency and timing of challenges to prevent attacks o
n a network.

authority zone
Section of the domain-name tree for which one name server is the authority. Auth
ority zone is associated with DNS.
DNS
auto mode
Designation of a port on a device as a trunk port if the other end is set to eit
her trunk or desirable mode.

autonomous system
See AS.

autonomous system boundary router

See ASBR.

AutoQoS
Feature that automates consistent deployment of QoS features across Cisco router
s and switches to ensure high-quality application performance. AutoQoS configure
s the device with QoS features and variables that are based on Cisco best-practi
ce recommendations. A user is able to adjust parameters that are generated by Ci
sco AutoQoS.
QoS
availability
Condition of accessibility.

baby giant
Ethernet frame on a network that has been tagged as too large. A baby giant is d
ropped and logged as an error.

back end
Application that performs final or hidden functions in a process.

backbone cabling
Physical media that connects wiring closets to each other, wiring closets and th
e POP, and buildings that are part of the same LAN.
LAN,POP,wiring closet
BackboneFast
Feature on the switches of a bridge network that provides fast convergence after
a spanning tree topology change. BackboneFast is used at the Distribution and C
ore Layers to restore backbone connectivity. BackboneFast is Cisco proprietary.

backup designated router

See BDR.

backward explicit congestion notification

See BECN.

bandwidth
Rated throughput capacity of a given network medium or protocol. Bandwidth is th
e difference between the highest and lowest frequencies available for network si
gnals.
bandwidth reservation
Process of assigning bandwidth to users and applications served by a network. Ba
ndwidth reservation involves assigning priority to different flows of traffic ba
sed on critical and delay-sensitive characteristics. If the network becomes cong
ested, lower-priority traffic can be dropped.

Bandwidth reservation is also known as bandwidth allocation.

banner motd
banner motd
Command used to configure a message of the day, or motd. The message is displaye
d at login. A banner motd is useful for conveying messages, such as an impending
system shutdown, that affects all network users.

baseline
A quantitative expression of planned costs, schedules, and technical requirement
s for a defined project. A baseline is established to describe the 'normal' stat
us of network or computer system performance. The status can then be compared wi
th the baseline at any point to measure the variation from the 'normal' operatio
n condition.

basic configuration
Minimal configuration information entered when a router, switch, or other config
urable device is installed on a network. For example, the basic configuration fo
r a LightStream 2020 ATM switch includes the IP addresses, date, and parameters
for at least one trunk line. The basic configuration enables the switch to recei
ve a full configuration from the Network Management System.

baud
Unit of signaling speed equal to the number of discrete signal elements transmit
ted per second. Baud is synonymous with bits per second, if each signal element
represents exactly one bit.

Bc
committed burst
Maximum amount of data, in bits, that a Frame Relay internetwork is committed to
accept and transmit at the CIR. Bc is a negotiated tariff metric.
Be
BCP
business continuity plan
Steps to be taken to continue business operations when there is a natural or man
-made disaster.

BDR
backup designated router
Router that is identified to take over if the designated router fails.
router
Be
excess burst
Number of bits that a Frame Relay internetwork will attempt to transmit after Bc
is accommodated. Be data is, in general, delivered with a lower probability tha
n Bc data because Be data can be marked as DE by the network. Be is a negotiated
tariff metric.
Bc
BECN
backward explicit congestion notification
Signal in a frame travelling in the opposite direction of frames that have encou
ntered a congested path in a Frame Relay network. The DTE that receives the fram
e with the BECN signal can request that higher-level protocols take appropriate
flow-control action.
FECN,Frame Relay,DTE
BGP
Border Gateway Protocol
Routing standard used to connect a SP to and from the Internet.
BGP is also known as exterior gateway protocol.
SP
BID
bridge ID
Identification of the root bridge which is the focal point in an STP network.
STP
Bill Of Material
See BOM.

bit-oriented
In networking, data is transmitted using individual bits, instead of the entire
byte.

block cipher
Method of encrypting a group of bits together as a single unit.

blocked port
See blocking.

blocking
1) Condition in a switching system in which no paths are available to complete a
circuit. 2) Condition when one activity cannot begin until another has been com
pleted.

BOM
bill of material
Itemized list of hardware, software, and other items necessary to build a networ
k. The BOM is used to obtain price quotations and to order equipment.
Boolean ANDing
Clears a pattern of bits; if you AND a bit with zero, it will clear it to zero,
while ANDing with one will leave the bit unchanged, leaving it a "1".

bootup process
Activity of starting a computer-based device. The bootup process has three steps
. First, the internal components are tested. Then, the operating system is locat
ed and started. Finally, the initial configuration is loaded. After the bootup p
rocess is complete a device is in an operational state.

border gateway
Router that communicates with routers in other autonomous systems.
router
Border Gateway Protocol
See BGP.

bottom-up
Troubleshooting technique that begins by examining the lower levels of a hierarc
hical model first.

bounded update
Feature associated with a link-state routing protocols, such as EIGRP. A bounded
update contains specific parameters and is delivered only to routers that requi
re the information.
EIGRP
BPDU
bridge protocol data unit
Spanning Tree Protocol hello packet that is sent out at configurable intervals t
o exchange information among bridges in the network.
bridge
bridge
Device that connects and passes packets between two network segments that use th
e same communications protocol. A bridge operates at the Data Link Layer of the
OSI reference model. In general, it filters, forwards, or floods an incoming fra
me based on the MAC address of that frame.
MAC address
bridge ID
See BID.

bridge protocol data unit

See BPDU.

broadcast
Set of devices that receive broadcast frames originating from any of the devices
within the set. A broadcast domain is typically bounded by routers because rout
ers do not forward broadcast frames.
broadcast address
Address reserved for sending a message to all stations. Generally, a broadcast a
ddress is a MAC destination address consisting of all ones.
broadcast
broadcast domain
Set of devices that receive broadcast frames originating from any of the devices
within the set. A broadcast domain is typically bounded by routers because rout
ers do not forward broadcast frames.
broadcast
broadcast multi-access
Type of Ethernet link identified by OSPF, which is a standard for a multi-access
network that forwards broadcast traffic.
OSPF
broadcast storm
Undesirable network event in which many broadcasts are sent simultaneously acros
s all network segments. A broadcast storm uses substantial network bandwidth and
typically causes network time-outs.

BSP
business security plan
Physical, system, and organizational control measures to be taken to protect net
work and information assets.

buffer
Storage area used for handling data in transit. A buffer is used in internetwork
ing to compensate for differences in processing speed between network devices. B
ursts of data can be stored in a buffer until the data can be handled by slower
processing devices.

A buffer is also known as a packet buffer.

business case
Structured design document to justify the financial investment required to imple
ment a technology change.

business continuity
Ability to continue business operations if there is a natural or man-made disast
er.

business continuity plan

See BCP.

business enterprise
Large corporate environment with many users and locations, or with many systems.
business security plan
Physical, system, and organizational control measures to be taken to protect net
work and information assets.

cache
Act of storing data, or the location of stored data.

call agent
Control device that processes calls and administers gateways in IP telephony. A
call agent performs functions similar to a switchboard in a traditional telephon
e system. Examples of call agents include the Cisco Unified Communications Manag
er and the Cisco Unified Communications Manager Express.
IP telephony
CAM
content addressable memory
MAC address table maintained by a switch. A CAM is recreated every time a switch
is activated.
switch,MAC address
carrier
Electromagnetic wave or alternating current of a single frequency that is suitab
le for modulation by another data-bearing signal.
modulation
carrier wave
Signal on which data is modulated and then demodulated in an analog connection.

Catalyst Workgroup Switch

Series of Cisco workgroup switches that enhance the network performance of Ether
net client/server workgroups. The Catalyst Workgroup Switch integrates software
enhancements for network management and provides a 100 Mbps interface to servers
and dedicated Ethernet-to-desktop workstations.
Ethernet
CBWFQ
class-based weighted fair queueing

Network packet prioritizing technique based on the standard practice of weighted

fair queuing. CBWFQ has additional QoS functionality that assigns packets to us
er-defined traffic classes. Each class is given a level of priority based on mat
ching criteria including protocols, ACLs, and input interfaces.

QoS,ACL
CCITT
Consultative Committee for International Telegraph and Telephone
International organization responsible for the development of communications sta
ndards. The CCITT is now referred to as the ITU-T.
ITU-T
CDP
Cisco Discovery Protocol

Protocol on Cisco-manufactured equipment, including routers, access servers, bri

dges, and switches, that enables a device to communicate with other devices on t
he LAN or on the remote side of a WAN. CDP runs on LANs, Frame Relay, and ATM me
dia.
LAN,WAN,Frame Relay,ATM
Cell-switched networks
Data communication scheme based on fixed-length cell structure. In a cell-switch
ed network, the fixed-length cell achieves a faster speed of transmission than t
hose using variable-length packets. ATM is an example of a switched technology o
n a network that provides full bandwidth of the link when a station communicates
to the switch.
ATM
central office
See CO.

Challenge Handshake Authentication Protocol

See CHAP.

challenge message
Response sent by a router to establish the identity of the sender.

channel
Communication path that can be multiplexed over a single cable.
multiplexing
channel service unit
See CSU.

channel service unit/data service unit

See CSU/DSU.

CHAP
Challenge Handshake Authentication Protocol
Security feature supported on lines that use PPP encapsulation to prevent unauth
orized access by identifying the remote user. CHAP is a three-way handshake with
encryption and enables the router or access server to determine whether a user
is allowed access.
PPP,PAP
child route
Subnet route on an EIGRP network.
EIGRP
CIDR
classless inter-domain routing

Technique based on route aggregation and supported by Border Gateway Protocol v4

that allows routers to group routes to reduce the quantity of information carri
ed by the core routers. When using CIDR, multiple IP networks appear as a single
, larger entity to networks outside of the group.
cipher string
Encrypted form of plain text.

CIR
committed information rate
Speed, measured in bits per second and is averaged over a minimum increment of t
ime, that a Frame Relay network transfers information. CIR is a negotiated tarif
f metric.
Frame Relay
circuit
Communication path between two or more points.

circuit switching
System in which a dedicated physical circuit path exists between sender and rece
iver for the duration of the connection. Circuit switching is often used in a te
lephone company network.

Cisco adaptive security appliance

See ASA.

Cisco Discovery Protocol

See CDP.

Cisco Enterprise Architectures

Combination of core network infrastructure with productivity-enhancing advanced
technologies including IP communications, mobility, and advanced security. Cisco
Enterprise Network Architecture divides the three-layer hierarchical design int
o modular areas. The modules represent different physical or logical connectivit
y. They also designate where different functions occur in the network. The modul
arity of the Cisco Enterprise Network Architecture allows flexibility in network
design and facilitates implementation and troubleshooting.

Cisco Internetwork Operating System software

See Cisco IOS software.
Cisco IOS software
Cisco Internetwork Operating System software

Application that provides common functionality, scalability, and security for al

l Cisco products. Cisco IOS software allows centralized, integrated, and automat
ed installation and management of internetworks, while ensuring support for a wi
de variety of protocols, media, services, and platforms.
Cisco Security Agent
Consists of host-based agents, deployed on mission-critical desktops and servers
that report to the Cisco Management Center for Cisco Security Agents. The Manag
ement Center runs as a standalone application performing configuration of Cisco
Security Agent deployments. Cisco Security Agents provide threat protection for
servers, desktops, and laptops.

Cisco Security Device Management

See SDM.

Cisco switch clustering

Management of up to 16 switches simultaneously through a single IP address. To c
reate redundancy in Cisco switch clustering, a network administrator assigns an
IP address to a second switch. If the primary command switch fails, the backup o
r secondary command switch seamlessly takes over the management of the cluster.
A user can still access the cluster through the virtual IP address.
Cisco switch clustering technology is featured in Catalyst 3500 XL, 2900 XL, 295
5/2950, 2970, 3550, 3560, 3750, 4500, and Catalyst 1900/2820 Standard and Enterp
rise Edition switches.

Cisco Unified Communications Manager

IP-based PBX in an IP telephony solution. Cisco Unified Communications Manager a
cts as a call agent for IP phones and MGCP gateways. It can interact with H.323
or SIP devices using the protocols of the devices.
Cisco Unified Communications Manager is also known as Cisco Unified CallManager
or CallManager.
call agent
CiscoView
GUI-based management application that provides dynamic status, statistics, and c
omprehensive configuration information for Cisco internetworking devices. In add
ition to displaying a physical view of Cisco device chassis, CiscoView also prov
ides device monitoring functions and basic troubleshooting capabilities, and can
be integrated with several SNMP-based network management platforms.
SNMP
CiscoWorks
Series of SNMP-based internetwork management applications for monitoring router
and access server status, managing configuration files, and troubleshooting netw
ork problems. CiscoWorks applications are integrated on several platforms includ
ing SunNet Manager, HP OpenView, and IBM NetView.
SNMP
class-based weighted fair queueing
See CBWFQ.

classful
Type of subnetting that uses the extension of the subnet mask. An example of cla
ssful subnetting is IPv4.
IPv4
classful boundary
Designation of subnets as a single Class A, B, or C network by protocols such as
RIP and EIGRP.
EIGRP,RIP
classful routing
Selecting a path on a network without including subnet mask information. In clas
sful routing, variable-length subnet masks are not supported.

classless inter-domain routing

See CIDR.

classless routing
Feature of a protocol where the subnet mask is sent with all routing update pack
ets. Classless routing protocols include RIPv2, EIGRP, and OSPF.
EIGRP,OSPF,RIPv2
Classless Routing Protocol
Standard that instructs data to send a subnet mask with all routing update packe
ts. A classless routing protocol is necessary when the mask cannot be assumed or
determined by the value of the first octet. Classless routing protocols include
RIPv2, EIGRP, and OSPF.
RIPv2,OSPF,EIGRP
CLI
command line interface

Ability to interact with the operating system that requires the user to enter co
mmands and optional arguments on a command line.
client
Device requesting services or information.

client-to-client
From one end station to another end station on a network.

client-to-distributed server
From an end station to the server.

client-to-enterprise edge
From an end station to the perimeter of the enterprise before entering the Inter
net.

client-to-server farm
From an end user to a location with a number of servers.

clocking
Rate at which data moves onto the local loop.
local loop
clocking signal
Indicator of the rate at which data moves onto the local loop.
local loop
cluster
Network of servers used as a single unit. The redundancy of technology that occu
rs when clustering improves performance because of load balancing and failover a
mong devices.

clustered
See cluster.

CO
central office
Strategically located environment that accommodates vital devices on a network t
opology.

coding
Electrical technique used to convey binary signals.

collapsed backbone
Physical media system in which all network segments are interconnected by an int
ernetworking device. An example of a collapsed backbone is a virtual network seg
ment that exists in a device such as a hub, router, or switch.
backbone cabling
collision
Result when two or more devices transmit frames simultaneously which impact and
become damaged when they meet on the physical media.
collision domain
collision domain
Network area in Ethernet where frames that have collided are propagated. Repeate
rs and hubs have collision domains. LAN switches, bridges, and routers do not.
Ethernet,bridge,router,switch
co-located
To also be present at a site. A secondary server may be co-located at the same S
P for backup.
SP
command line interface
See CLI.

committed burst
See Bc.
excess burst
committed information rate
See CIR.

committed time
See Tc.

composite metric
Method used on an EIGRP network to calculate the best route for loop-free routin
g and rapid convergence.
EIGRP
Configuration Builder
Microsoft Windows application that enables the administrator to configure multip
le routers at once. Configuration Builder automatically detects the model, softw
are version, image type, and the number and type of installed interfaces on the
router being configured. It quickly imports predefined priority queuing lists, a
ccess lists, and filters into multiple configuration files.

configuration register
16-bit, user-configurable value in Cisco routers that determines how the router
functions during initialization. The configuration register can be stored in har
dware or software. In hardware, the value for each bit position is set using jum
pers. In software, the values for bit positions are set by specifying a hexadeci
mal value using configuration commands.

congestion
Traffic in excess of network capacity.

Consultative Committee for International Telegraph

See CCITT.

content addressable memory

See CAM.

content networking
Infrastructure that delivers static, streaming, and dynamic content to an end us
er in a reliable, scalable, and secure manner. Content networking offers efficie
nt bandwidth management and content distribution for complex, high-bandwidth con
tent, and the flexibility to accommodate new content and services.
Content networking is also known as content delivery networking or Internet cont
ent networking.

contiguous
Location of a neighboring device. Contiguous means adjacent or next.
neighbor
control plane
Collection of processes that run at the process level on the route processor. Co
ntrol plane processes collectively provide high-level control for most Cisco IOS
functions.

converged
Condition where the speed and ability of a group of internetworking devices runn
ing a specific routing protocol agree on the topology of the internetwork after
a change in the topology.

converged network
A network capable of carrying voice, video and digital data.

convergence
Condition where the speed and ability of a group of internetworking devices runn
ing a specific routing protocol moves towards agreement on the topology of the i
nternetwork after a change in the topology.

convergence time
Condition where the speed and ability of a group of internetworking devices runn
ing a specific routing protocol react after a change in the topology. The faster
the convergence time, the quicker a network can adapt to the new topology.

Core Layer
Layer in a three-layer hierarchical design with the Access Layer and Distrubutio
n Layer. The Core Layer is a high-speed backbone layer between geographically di
spersed end networks.
Access Layer,Distribution Layer
core router
Router in a packet-switched star topology that is part of the backbone. The core
router serves as the single pipe through which all traffic from peripheral netw
orks must pass on the way to other peripheral networks.
backbone
cost
Value, typically based on hop count, media bandwidth, or other measures, that is
assigned by a network administrator and used to compare various paths through a
n internetwork environment. Costs are used by routing protocols to determine the
most favorable path to a particular destination. The lower the cost, the better
the path.

Cost is also known as path cost.

routing metric
count to infinity
Situation in which routers continuously increment the hop count to particular ne
tworks when routing algorithms are slow to converge. Typically, an arbitrary hop
-count limit is imposed to prevent count to infinity.

CPE
customer premises equipment
Terminating equipment, such as terminals, telephones, and modems, supplied by th
e telephone company, installed at a customer site, and connected to the telephon
e company network.

CQ
custom queuing
Method that guarantees bandwidth for traffic by assigning space to each protocol
.

CRC
cyclic redundancy check
Store and Forward error checking technique that counts the number of packets the
checksum generates by far end device and compares it to the checksum calculated
from the data received. A CRC error may indicate noise, gain hits, or transmiss
ion problems on the data link or interface.

CRM
customer relationship management

Software used to help organizations attract and retain customers for their growt
h and expansion.
crossover cable
Style of connecting switches and hubs to be able to send and receive data.

cryptography
Process of transforming plain text into scrambled cipher text.
cipher string
CSU
channel service unit
Digital interface device that connects end-user equipment to the local digital t
elephone loop. Often referred to with DSU, as CSU/DSU.
DSU,CSU/DSU
CSU/DSU
channel service unit/data service unit
Network devices that connect an organization to a digital circuit.
CSU,DSU
custom queuing
See CQ.

customer premise equipment

See CPE.

customer relationship management

See CRM.

cut-through packet switching

Process where data is streamed through a switch so that the leading edge of a pa
cket exits the switch at the output port before the packet finishes entering the
input port. Cut-through packet switching enables a device to read, process, and
forward packets as soon as the destination address is looked up, and the outgoi
ng port determined.
Cut-through packet switching is also known as on-the-fly packet switching. Contr
ast with store and forward packet switching.
store and forward packet switching
cut-through switching
Process where data is streamed through a switch so that the leading edge of a pa
cket exits the switch at the output port before the packet finishes entering the
input port. Cut-through packet switching enables a device to read, process, and
forward packets as soon as the destination address is looked up, and the outgoi
ng port determined.
Cut-through packet switching is also known as on-the-fly packet switching. Contr
ast with store and forward packet switching.
store and forward packet switching
cycle
Process that is repeated.

cyclic redundancy check

See CRC.

data center
Central management location that monitors all network resources.
A data center is also known as a NOC.
NOC
data communications equipment
See DCE.

Data Encryption Standard

See DES.

data integrity
Process, strategy, and technology that ensures data is unchanged from creation t
o reception.
data service unit
See DSU.

data terminal equipment

See DTE.

datagram
Unit of information on a network that contains the source and destination addres
ses.
A datagram is also known as a message, packet, segment, or frame.

data-link connection identifier

See DLCI.

DCA
dynamic channel assignment
Open radio frequency that is selected when an access point identifies an unused
channel on a WLAN.

DCE
data communications equipment
Physcal connection to a communications network in an EIA expansion environment.
The DCE forwards traffic, and provides a clocking signal used to synchronize dat
a transmission between DCE and DTE devices. Examples of DCE devices include a mo
dem and an interface card.
DCE is also known as data circuit-terminating equipment when used in an ITU-T ex
pansion environment.
DTE,EIA,ITU-T
DE
discard eligible
Designation of a packet in Frame Relay networking. A packet with the DE bit set
will be dropped first when a router detects network congestion. The DE bit is se
t on oversubscribed traffic, which is traffic that was received after the CIR wa
s set.
Frame Relay
de facto standard
Format, language, or protocol that becomes a standard because it is widely used.
De jure standard, in contrast, is one that exists because of approval by an off
icial standards body.

dead interval
Period of time, in seconds, that a router will wait to hear a Hello from a neigh
bor before declaring the neighbor down.

dedicated LAN
dedicated local area network
Network segment allocated to a single device. Dedicated LAN technology is used i
n LAN-switched network topologies.
LAN
dedicated line
Bandwidth on a communications line that is indefinitely reserved for transmissio
ns rather than switched when transmission is required.
leased line
dedicated local area network
See dedicated LAN.

default gateway
Path of a packet on a network used by default, or as the gateway of last resort,
when the destination hosts are not listed in the routing table.

default route
Path of a packet on a network used by default, or as the gateway of last resort,
when the destination hosts are not listed in the routing table.

delay
1) Length of time between the initiation of a transaction by a sender and the fi
rst response received by the sender. 2) Length of time required to move a packet
from source to destination over a given path.

demarc
Indicated point between carrier equipment and CPE.
carrier,CPE
demilitarized zone
See DMZ.

demodulation
Process of returning a modulated signal to its original form. A modem performs d
emodulation by taking an analog signal and returning it to its digital form.
modulation,modem
demultiplexing
Act of separating a common physical signal into multiple output streams.
multiplexing
denial of service
See DoS.

denies
Rejection of data on a network.
dense wavelength division multiplexing
See DWDM.

DES
Data Encryption Standard

Symmetric key cryptosystem that uses a 56-bit key to ensure high-performance enc
ryption. DES is a cryptographic algorithm developed by the U.S. National Bureau
of Standards. Today, DES is no longer considered a strong encryption algorithm b
y the U.S. government.
designated port
Interface on a device that forwards traffic toward the root bridge but does not
connect to the least cost path.

designated router
See DR.
OSPF,LSA
desirable mode
Designation of a port on a device as trunk port if the other end is set to trunk
, desirable, or auto mode.

deterministic network
System that is designed for data transmission to follow a pre-defined path for a
n exact duration.

DH
Diffie-Hellman

Public key exchange method that provides a way for two peers to establish a shar
ed secret key over an insecure communications path.
DHCP
Dynamic Host Configuration Protocol

Standard used by a software utility that requests and assigns an IP address, def
ault gateway, and DNS server address to a network host. DHCP allocates an IP add
ress for a host dynamically so the address can be reused when hosts no longer ne
eds it.
IP address,default gateway,DNS
dial backup
Feature on a Cisco router that provides protection against WAN downtime by allow
ing the network administrator to configure a backup serial line through a circui
t-switched connection.
WAN
dial-up line
Communications circuit that is established by a switched-circuit connection usin
g a telephone company network.

Differentiated Services Code Point

See DSCP.

Diffie-Hellman
See DH.

diffusing update algorithm

See DUAL.

digital signal level 0

See DS0.

digital signal level 1

See DS1.

digital signal level 3

See DS3.

digital subscriber line

See DSL.

Dijkstra's Algorithm
Process used in a SPF to dentify all paths to each destination and the total cos
t of each path.

discard eligible
See DE.

discarding
State of a port in an RSTP network where the server does not send a reply. A sol
id amber LED signifies discarding is in process.
RSTP
discontiguous
Address on a network that is separated by a network or subnet from other subnets
.

discontiguous network
Networking system with non-adjacent subnets, or subnets that are separated from
other subnets by other networks.

discontiguous subnet
Address on a network that is separated by a network or subnet from other subnets
.

distance vector
Type of routing protocol that periodically informs directly-connected routers of
changes on the network.

Distance Vector Multicast Routing Protocol

See DVMRP.

distance vector protocol

Type of standards that uses distance to select the best path. Examples of a dist
ance vector protocol include RIP, IGRP, and EIGRP.
EIGRP,RIP
distance vector routing algorithm
Mathematical process that uses the number of hops in a route to find the shortes
t path to a destination. Distance vector routing algorithms call for each router
to send its entire routing table in each update, but only to its neighbors. Dis
tance vector routing algorithms can be prone to routing loops, but are computati
onally simpler than link-state routing algorithms.

distributed collaborative information system

Database and application programs that support online asynchronous collaborative
activities.

Distribution Layer
Layer in a hierarchical design between the Access layer and Core layer. The Dist
ribution layer interconnects access layer hosts and switches, and provides secur
ity and traffic management for the Core Layer.
Core Layer,Access Layer
divide-and-conquer
Troubleshooting technique to resolve a network issue by breaking down the proble
m into smaller parts that are more manageable.

DLCI
data-link connection identifier
Layer 2 address that is required for each virtual circuit to reach a destination
on an NBMA network. The DLCI is stored in the address field of every frame tran
smitted. The DLCI usually has only local significance and may be different at ea
ch end of a virtual circuit.
NBMA
DMZ
demilitarized zone
Area in a network design that is located between the internal network and extern
al network, usually the Internet. The DMZ is accessible to devices on the Intern
et, such as a web server, FTP server, SMTP server, and DNS.
DNS,FTP,SMTP
DNS
Domain Name System
System used in the Internet for translating names of network nodes into IP addre
sses
IP address
domain
Portion of the naming hierarchy tree that refers to general groupings of network
s based on the type of organization or geography.

Domain Name System

See DNS.

DoS
denial of service
Attack by a single system on a network that floods the bandwidth or resources of
a targeted system, such as a web server, with the purpose of shutting it down.

dot1q
See IEEE 802.1Q.

downtime
Percentage of time in which a network is unavailable because of administrative s
hutdown or equipment failure.

DR
Router that is designated by the OSPF Hello protocol on an OSPF network that has
at least two attached routers. A designated router generates LSAs. It enables a
reduction in the number of adjacencies required which reduces the amount of rou
ting protocol traffic and the size of the topological database.

DRAM
dynamic random access memory
This non-permanent working memory on a Cisco router includes primary DRAM used f
or holding routing tables and the running configuration, and shared DRAM used fo
r supporting packet buffering.

DROther
Any router on an OSPF network that is not the DR or BDR.
OSPF,BDR
DS0
digital signal level 0
Framing specification when transmitting digital signals over a single channel at
64-kbps on a T1 facility.
DS-1,DS-3,T1
DS1
digital signal level 1
Framing specification when transmitting digital signals at 1.544-Mbps on a T1 fa
cility in the United States, or at 2.108-Mbps on an E1 facility in Europe.
E1,T1
DS3
digital signal level 3
Framing specification when transmitting digital signals at 44.736-Mbps on a T3 f
acility.
T3,E3
DSCP
differentiated services code point
Field in an IP packet that enables different levels of service to be assigned to
network traffic. DSCP can be assigned by the router or switch.The first six bit
s in the ToS byte in the header is the DSCP.
ToS
DSL
Public network service that delivers high bandwidth at limited distances over th
e copper wiring of conventional telephone lines that run between the CPE and the
DSLAM of a SP. DSL incorporates technology that enables devices to immediately
connect to the Internet when they are powered on. DSL is a physical layer transm
ission technology similar to dial, cable, or wireless technologies.
SP,CPE
DSU
data service unit
Digital transmission device that adapts the physical interface on a DTE to a tra
nsmission facility such as T1 or E1. The DSU is also responsible for functions s
uch as signal timing. Often referred to with CSU, as CSU/DSU.
CSU,DTE,T1,E1
DTE
data terminal equipment
Physical connection to the user end in an EIA expansion environment. The DTE ser
ves as a data source, destination, or both. It connects to a data network throug
h a DCE device, such as a modem, and typically uses clocking signals generated b
y the DCE. Examples of DTE devices include computers, protocol translators, and
multiplexers.
DCE
DUAL
diffusing update algorithm

Mathematical process used in EIGRP that provides loop-free operation at every in

stant throughout a route computation. DUAL allows routers involved in a topology
change to synchronize at the same time, while not involving routers that are un
affected by the change.
EIGRP
dual stack
Two similar protocol systems operating concurrently on one device. For example,
a strategy for IPv4 transitioning to IPv6 is to run both protocol stacks on the
same device. This enables IPv4 and IPv6 to coexist.
IPv4,IPv6
DVMRP
Distance Vector Multicast Routing Protocol

Internetwork gateway protocol largely based on RIP that implements a typical den
se mode IP multicast scheme. DVMRP uses IGMP to exchange routing datagrams with
its neighbors.
IGMP,RIP,IP
DWDM
dense wavelength division multiplexing
Process that assigns incoming optical signals to specific frequencies or wavelen
gths of light. DWDM can amplify these wavelengths to boost the signal strength.
It can multiplex more than 80 different wavelengths or channels of data onto a s
ingle piece of fiber. Each channel is capable of carrying a multiplexed signal a
t 2.5 Gbps.

Dynamic ACL
An ACL that requires a user to use Telnet to connect to the router and authentic
ate. An extended ACL initially blocks traffic through the router. Users that wan
t to traverse the router are blocked by the extended ACL until they Telnet to th
e router and are authenticated. The Telnet connection then drops, and a single-e
ntry dynamic ACL entry is added to the existing extended ACL. This entry permits
traffic for a particular time period; idle and absolute timeouts are possible.
Dynamic ACLs are sometimes referred to as "lock and key" because the user is req
uired to login in order to obtain access.

dynamic channel assignment

dynamic channel assignment
Open radio frequency that is selected when an access point identifies an unused
channel on a WLAN.

Dynamic Host Configuration Protocol

See DHCP.

dynamic NAT
dynamic network address translation
Network Address Translation process that converts a local IP address to a global
IP address by assigning the first available IP address in a pool of public addr
esses to an inside host. The host uses the assigned global IP address for the le
ngth of a session. When the session ends, the global address returns to the pool
for use by another host.
NAT
dynamic network address translation
See dynamic NAT.
dynamic routing
Process of finding a path that adjusts automatically to network topology or traf
fic changes.

Dynamic routing is also known as adaptive routing.

E1
Wide-area digital transmission scheme used predominantly in Europe that carries
data at a rate of 2.048 Mbps. E1 lines can be leased for private use from common
carriers.
DS-1,T1
E2
Route outside of the OSPF routing domain, redistributed into OSPF.
OSPF
E3
Wide-area digital transmission scheme used predominantly in Europe that carries
data at a rate of 34.368 Mbps. E3 lines can be leased for private use from commo
n carriers.
DS-3,T3
ECNM
Enterprise Composite Network Model
Cisco network design that divides the network into functional components while s
till maintaining the concept of Core, Distribution, and Access layers. The funct
ional components are the Enterprise Campus, Enterprise Edge, and Service Provide
r Edge.

edge device
Filter on the perimeter of an enterprise network where incoming packets are pass
ed. Examples of edge devices include firewall and DMZ. Edge devices may be equip
ped with IDS and IPS to examine and block unwanted traffic.
DMZ,firewall,IDS,IPS
EGP
Exterior Gateway Protocol
Standards for exchanging routing information between autonomous systems. EGP is
an obsolete protocol that was replaced by Border Gateway Protocol.

EIGRP
Enhanced Interior Gateway Routing Protocol
Proprietary Cisco routing protocol that combines distance vector routing protoco
l standards and link-state routing protocol standards. EIGRP uses the DUAL algor
ithm to determine routing.
EIGRP is also known as Enhanced IGRP.
DUAL
EIR
excess information rate
Average rate above the CIR that a VC can support when no network congestion exis
ts.
CIR,VC
electromagnetic interference
See EMI.

electronic mail
See email.

email
electronic mail

1) Widely used network application in which mail messages are transmitted electr
onically between end users over a network using various network protocols. 2) Ex
change of computer-stored messages by network communication.

Email is also written e-mail.

EMI
electromagnetic interference
Disturbance in an electronic circuit from an external electrical source.

Encapsulating Security Payload

See ESP.

encapsulation
Transmission of one network protocol within another. Tunneling is the basis of s
everal IP security systems, including IPsec used in VPNs.
VPN,IP
encoder
Device that modifies information into a required transmission format.

encoding
Process used to represent bits as voltages in wires or pulses of light in fiber
optics.

encryption
Application of a specific algorithm that protects data by scrambling the informa
tion as it is sent and unscrambling the data when it is delivered.

end of transmission
See EOT.

Enhanced Interior Gateway Routing Protocol

See EIGRP.
Enhanced Rapid Spanning Tree Protocol
See RSTP+.

enterprise
Corporation, business, or other entity that uses computers in a networked enviro
nment. An enterprise usually refers to large companies or organizations with com
plex networks.

Enterprise Composite Network model

See ECNM.

enterprise network
Network that integrates all systems within a company or organization. An enterpr
ise network differs from a WAN because it is privately owned and maintained.
WAN
Enterprise Network Architectures
See enterprise network.

EOT
end of transmission

Character that signifies that the transfer of data has ended.

equal cost
See equal cost load balancing.
EIGRP
equal cost load balancing
Packet distribution technique supported by EIGRP to prevent overloading a networ
k route.
EIGRP
ESP
Encapsulating Security Payload

Security protocol that encapsulates data to be protected. ESP provides a framewo

rk for encrypting, authenticating, and securing data. ESP offers data privacy se
rvices, optional data authentication, and anti-replay services.
EtherChannel
EtherChannel allows multiple physical Ethernet links to combine into one logical
channel. This allows load balancing of traffic among the links in the channel a
s well as redundancy in the event that one or more links in the channel fail. Et
herChannel can support Layer 2 or Layer 3 LAN ports.
Ethernet
Baseband LAN specification invented by Xerox Corporation and developed jointly b
y Xerox, Intel, and Digital Equipment Corporation. An Ethernet network uses the
Carrier Sense Multiple Access/Collision Detection method and runs on cable types
of 10 Mbps or more. Ethernet is similar to the IEEE 802.3 series of standards.
IEEE
EUI-64
extended universal identifier-64 address
IPv6 address format created by taking an interface of the MAC address, which is
48 bits in length, and inserting another 16-bit hexadecimal string, FFFE, betwee
n the OUI, first 24 bits and the unique serial number, last 24 bits, of the MAC
address. To ensure that the chosen address is from a unique Ethernet MAC address
, the seventh bit in the high-order byte is set to 1 to indicate the uniqueness
of the 48-bit address.
MAC address
excess burst
See Be.
Bc
excess rate
Traffic on a network that is greater than the insured rate for a given connectio
n. Excess traffic is delivered only if network resources are available, and may
be discarded during periods of congestion. The excess rate equals the maximum ra
te minus the insured rate.

exit interface
Location on a router that the data passes through to move closer to the destinat
ion.

extended ACL
Type of access control list that filters source IP addresses, destination IP add
resses, MAC addresses, protocol, and port numbers. The identification number ass
igned to an extended ACL can be from 100 to 199 and from 2000 to 2699.
IP address,MAC address
extended star
Star topology that is expanded to include additional networking devices.

extended universal identifier-64 address

See EUI-64.

Exterior Gateway Protocol

See EGP.

external traffic
Data communication to and from a private network.

extranet
Network that provides access to information or operations of an organization to
suppliers, vendors, partners, customers, or other businesses. Extranet is a priv
ate network using Internet protocols and the public telecommunication system to
share internal resources. It may be considered an extension of an intranet.

faceplate
Protective component usually installed in the front of a device.

failover
Occurance of a redundant network device performing the load or function of anoth
er device automatically if the initial device fails. The failover scheme creates
a backup system for mission-critical hardware and software. The objective is to
reduce the impact of system failure to a minimum by actively monitoring and ide
ntifying system failure.
mission-critical
failure domain
Area of a network that is affected when a networking device malfunctions or fail
s. A properly designed network minimizes the size of failure domains.

Fast Ethernet
100BaseT-type Ethernet specification that offers speed 10 times greater than the
standard 10BASE-T Ethernet specification while preserving such qualities as fra
me format, MAC mechanisms, and MTU. Based on an extension to the IEEE 802.3 spec
ification.
IEEE,MTU
fast switching
Feature developed by Cisco that uses a high-speed switching cache to expedite pa
cket switching in IP routing. Destination IP addresses are stored in the cache t
o accelerate the packet forwarding process.

fast-forward
Cut-through switching method where the switch forwards the frame before all of f
rame is received. Using the fast-forward method, the switch forwards the frame o
ut of the destination port immediately when the destination MAC address is read.
The switch does not calculate or check the CRC value. The fast-forward method h
as lowest latency but may forward collision fragments and damaged frames. This m
ethod of switching works best in a stable network with few errors.
CRC,MAC address,,cut-through switching
FCS
frame check sequence
Characters added to a frame for error control purposes. FCS is used in HDLC, Fra
me Relay, and other Data Link Layer protocols.
Frame Relay,HDLC
FD
feasible distance
Most desireable EIGRP metric along the path to the destination from the router.
EIGRP
feasible distance
See FD.

feasible successor
Backup route identified in a topology table. A feasible successor becomes a succ
essor route if a primary route fails. The feasible successor must have a lower r
eported distance than the feasible distance of the current successor distance to
the destination.

Feature Navigator
Web-based tool on Cisco website that helps to determine which features are suppo
rted by a specific IOS software image. Feature Navigator can also be used to fin
d which IOS software images support a specific feature.

FECN
forward explicit congestion notification
Signal in a Frame Relay network to inform DTE that is receiving the frame that c
ongestion was experienced in the path from source to destination. The DTE that r
eceives the FECN signal can request that higher-level protocols take flow-contro
l action as appropriate.
BECN,DTE,Frame Relay
fiber-optic cable
Physical medium capable of conducting modulated light transmission. Compared wit
h other transmission media, fiber-optic cable is more expensive and is capable o
f higher data rates, but is not susceptible to electromagnetic interference.

Fiber-optic cable is also known as optical fiber.

file transfer
Network application used to move files from one network device to another.

File Transfer Protocol

See FTP.

filter
Process or device that screens network traffic for certain characteristics such
as source address, destination address, or protocol, and determines whether to f
orward or discard traffic based on the established criteria.

firewall
One or more router or access servers designated as a buffer between any connecte
d public networks and a private network. A firewall router uses access lists and
other methods to ensure the security of the private network.

firewall rule set

Set of configuration commands put into an access list on a Cisco security applia
nce or Cisco router that perform firewall functions. Source and destination IP a
ddresses, protocols, or functions of a protocol can be affected by firewall rule
s.

first mile
Section of physical medium leading from the location of the customer to the cent
ral office of a service provider.

fixed configuration
Rules that are set and cannot be altered. An example of fixed configuration is a
Layer 2 switch that has the number of ports and type of ports, such as FastEthe
rnet and gigabit Ethernet, that are preconfigured in the factory.

flapping
Problem in routing when an advertised route between two devices alternates betwe
en two paths due to intermittent failures on a network.

flash memory
memory used to store and run the Cisco IOS software. When a router is powered do
wn, the contents of flash memory are not lost. Depending on the router model, fl
ash memory can be implemented on erasable programmable read-only memory (EPROM)
chips, or in external compact flash memory cards. (It is called flash memory, si
nce the contents of the EPROMs can be upgraded by "flashing" the chip.)

flash update
Routing information sent asynchronously in response to a change in the network t
opology.
routing update
flat network
System where all stations can be reached without having to pass through a device
such as a router.

floating static route

Path that is manually configured and entered into the routing table that has an
administrative distance set greater than the administrative distance of a dynami
c route. This route is only used if the existing dynamic route becomes unavailab
le.

floods
Technique used by switches to pass traffic that is received on an interface to a
ll other interfaces of the device except the interface on which the information
was originally received.

flow control
Ability to maintain the rate of activity on a network.

form factor
Physical size and shape of computer components. Components that share the same f
orm factor are physically interchangeable.
forward explicit congestion notification
See FECN.

forwarding
Process of sending a frame out of a port toward the destination by way of an int
ernetworking device. Examples of devices that forward frames are hosts, repeater
s, bridges, and routers.
bridge,router
fractional E1
Portion of a high-bandwidth E1 connection offered to a customer by a service pro
vider.
E1
fractional T1
Portion of a high-bandwidth T1 connection offered to a customer by a service pro
vider.
T1
FRAD
Frame Relay access device

Network device that provides a connection between a LAN and a Frame Relay WAN. A
FRAD adds and removes headers and trailers for incoming packets.
Frame Relay,WAN,FRAS
fragment
Piece of a packet that has been broken down to smaller units.

fragmentation
Process of breaking a packet into smaller units when transmitting over a network
medium that cannot support the size of the packet.

fragment-free
A switching technique that forwards a frame after the first 64 bytes are receive
d. Fragment-free switching has a higher latency than fast-forward switching.

frame check sequence

See FCS.

Frame Relay
Industry-standard, switched, WAN standard that operates at the Physical Layer an
d Data Link Layer of the OSI Reference Model. Frame Relay handles multiple virtu
al circuits using HDLC encapsulation between connected devices. It is more effic
ient than the X.25 protocol that it replaced.
HDLC,frame
Frame Relay access device
See FRAD.

Frame Relay access support

See FRAS.

Frame Relay bridging

Technique described in RFC 1490 that uses the same spanning-tree algorithm as ot
her bridging functions, but allows packets to be encapsulated for transmission a
cross a Frame Relay network.
encapsulation,RFC spanning-tree,Frame Relay,frame
frame tagging
Method used by a Cisco Catalyst switch to identify the VLAN a frame belongs to.
When a frame enters a switch it is encapsulated with a header that tags it with
a VLAN identification.
VLAN,frame
FRAS
Frame Relay access support

Cisco IOS software feature that allows SDLC, Token Ring, Ethernet, and Frame Rel
ay IBM devices to connect to other IBM devices across a Frame Relay network.
FRAD,Token Ring,Ethernet,Frame Relay
FTP
File Transfer Protocol
Defined in RFC 959, set of standards for transferring files between network node
s. FTP is commonly used to transfer webpages and download programs and other fil
es to a computer.

full mesh
Network topolgy where each device connects to all others using either a physical
or virtual circuit. Full mesh provides redundancy in the functionality of the n
etwork. It is usually reserved for network backbones because of the high cost of
implementation.
mesh,partial mesh
gateway
Device that performs an application layer conversion of information from one pro
tocol stack to another. An example of a gateway is the device that connects a tr
aditional PSTN or analog phone to an IP network in VoIP.
PSTN,VoIP
Gateway Discovery Protocol
See GDP.

Gateway of Last Resort

Final stop on a route within an enterprise for packets that cannot be matched. I
nformation about the packets appears in the routing tables of all routers.
GDP
Gateway Discovery Protocol
Cisco standard that allows a host to dynamically detect the arrival of a new rou
ter as well as determine when a router disconnects. GDP is based on UDP.
UDP
Generic Routing Encapsulation
See GRE.

Gigabit Ethernet
Data transmission bandwidth of 1000Mbps on a LAN. Gigabit Ethernet is the standa
rd for high-speed Ethernet, approved by the IEEE 802.3z standards committee in 1
996.

global unicast address

Unique IPv6 unicast address that can be routed worldwide with no modification. A
global unicast address shares the same address format as an IPv6 anycast addres
s. A global unicast address is assigned by IANA.
anycast,IANA
GMT
Greenwich Mean Time
Time zone located at 0 degrees longitude that sets the standard for all time zon
es.

GRE
Generic Routing Encapsulation

Cisco tunneling protocol used to encapsulate different protocols into a standard

Internet protocol for transmission.
tunneling
Greenwich Mean Time
See GMT.

hash
One-way encryption algorithm that takes an input message of arbitrary length and
produces unique, fixed-length output text.

hash-based message authentication code

See HMAC.

Hashed Message Authentication Code-Message Digest

See HMAC-MD5.

Hashed Message Authentication Code-Secure Hash Alg

See HMAC-SHA-1.

HCC
horizontal cross-connect

Wiring closet where the horizontal cabling connects to a patch panel which is co
nnected by backbone cabling to the main distribution facility.
wiring closet
HDLC
High-Level Data Link Control
Bit-oriented synchronous Data Link Layer protocol developed by ISO. HDLC specifi
es a data encapsulation method on synchronous serial links using frame character
s and checksums.

header
Control information placed before data when the data is encapsulated for network
transmission. Examples of a header information are the IP addresses of the send
er and recipient.
trailer
hello interval
Period of time, in seconds, that a router keeps a Hello packet from a neighbor.

hello packet
Packet that is multicast to detect devices on a network and to test the connecti
ons. A hello packet is used by a router to determine the best connection availab
le.
packet,multicast
Hello Protocol
Standard used by OSPF systems for establishing and maintaining neighbor relation
ships. The Hello Protocol is an interior protocol that uses a routing metric bas
ed on the length of time it takes a packet to make the trip between the source a
nd the destination.
OSPF
helper address
Router configuration used to forward broadcast network traffic from a client com
puter on one subnet to a server in another subnet. A helper address is configure
d on an interface.
interface
heterogeneous network
System of dissimilar devices that run dissimilar protocols and may support vario
us functions or applications that are able to work together.

hexadecimal
Base 16 numbering system. Hexadecimal is a number representation using the digit
s 0 through 9, with their common meaning, plus the letters A through F to repres
ent hexadecimal digits with values of 10 to 15. In a hexadecimal system, the rig
ht-most digit counts ones, the next counts multiples of 16, such as 16^2=256.

hierarchical design model

Representation of a network featuring an access layer, a distribution layer, and
a core layer.

hierarchical network
Design technique that divides the network into layers to prevent congestion and
reduce the size of failure domains. The Cisco hierarchal design model uses core,
distribution, and access layers.

hierarchical network design

See hierarchical network.

hierarchical routing
Transfer of data on a system that assigns network addresses based on the role or
position of the network device or host.

hierarchical star topology

System on a network where a central switch or router is connected to other switc
hes or routers. The layout of a hierarchical star topology is similar to the hub
and spoke of a wheel.

High-Level Data Link Control

See HDLC.

High-Speed Serial Interface

See HSSI.

high-speed WAN interface card

See HWIC.

hijacking
When a hacker illegally gains access to a system through an authenticated connec
tion.

HMAC
Algorithm using cryptographic hash functions to encrypt code. HMAC can be used w
ith any iterative cryptographic hash function, such as MD5 or SHA-1, in combinat
ion with a secret shared key.

HMAC-MD5
hashed message authentication code-message digest 5

Algorithm that uses a specific cryptographic hash function called MD5, with a se
cret key. The output is a 128-bit hash string that can be used to verify the dat
a integrity and the authenticity of a message simultaneously.
HMAC
HMAC-SHA-1
hashed message authentication code-secure hash algorithm 1
HMAC-SHA-1 computes a Hash-based Message Authentication Code (HMAC) using the SH
A1 hash function. The output is a 160-bit hash string that can be used to verify
the data integrity and the authenticity of a message simultaneously.
HMAC
hold time
Length of time that a router treats a neighbor as reachable.

holddown
Placing a router in a state that will neither advertise nor accept routes for a
specific length of time, called the holddown period. Holddown is used to remove
bad information about a route from all routers in the network. A route is typica
lly placed in holddown when a link in that route fails.
Holddown is also known as a holddown period.

holddown period
See holddown timer.

Holddown timer
Timers that a route is placed in so that routers neither advertise the route nor
accept advertisements about the route for a specific length of time (the holddo
wn period). Holddown is used to flush bad information about a route from all rou
ters in the network. A route typically is placed in holddown when a link in that
route fails.

hop
Transfer of a data packet between two network devices, such as routers.
hop count
hop count
Routing metric that tracks the number of legs that a data packets traverses betw
een a source and a destination. RIP uses hop count as its sole metric.
hop,RIP
horizontal cross-connect
See HCC.

host number
Section of an IP address that designates the node on the subnetwork is being add
ressed.

A host number is also known as a host address.

IP
Hot Standby Router Protocol
See HSRP.

hot-swappable
Ability for a component to be installed or removed without having to turn off th
e power first. Installing or removing a hot-swappable component will not disturb
the operation of other components in a device.

HSRP
Hot Standby Router Protocol
Standard that provides the ability to communicate on an internetwork if a defaul
t router becomes unavailable. HSRP provides high network availability and transp
arent network topology changes.

HSSI
High-Speed Serial Interface
Protocol that establishes the codes and electrical parameters that the router an
d the CSU/DSU use to communicate with each other.

HTTP
Hypertext Transfer Protocol
Standard used to transfer or convey information on the World Wide Web. HTTP is a
communication protocol that establishes a request/response connection on the In
ternet.

HWIC
high-speed WAN interface card
Optional module for a series of Cisco routers that provides high-speed WAN conne
ctivity.

hybrid network
Internetwork made up of more than one type of network technology, such as a LAN
and WAN.
LAN,WAN
Hypertext Transfer Protocol
See HTTP.

IANA
Internet Assigned Numbers Authority
Entity that keeps records of the autonomous system numbers and is a registry for
IP addresses and protocol numbers.

ICMP
Internet Control Message Protocol

Standard for network layer testing and troubleshooting. ICMP provides the abilit
y to report diagnostic and error messages. The ping command is part of the ICMP
utility.
IDF
intermediate distribution facility

Secondary communications room for a building that uses a star networking topolog
y. An IDF has a frame that cross-connects the user cable media to individual use
r line circuits and may serve as a distribution point for multipair cables from
the main distribution frame. The IDF is dependent on the MDF.
MDF
IDS
intrusion detection system
Combination of a sensor, console, and central engine in a single device installe
d on a network to protect against attacks missed by a conventional firewall. IDS
inspects all inbound and outbound network activity and identifies suspicious pa
tterns that may indicate a network or system attack. It is configured to send an
alarm to network administrators when such attack is encountered.

IEEE
Professional organization whose activities include the development of communicat
ions and network standards. IEEE LAN standards are the predominant LAN standards
today.
LAN
IEEE 802.1Q
IEEE standard that is designed to enable traffic between virtual LANs. IEEE 802.
1Q uses an internal tagging mechanism which inserts a four-byte tag field in the
original Ethernet frame between the source address and type/length fields. Beca
use the frame is altered, the trunking device recomputes the frame check sequenc
e on the modified frame.
IEEE
IETF
Internet Engineering Task Force
Task force consisting of over 80 working groups responsible for developing Inter
net standards. The IETF is part of the Internet Society, or ISOC, organization.

IETF format
Task force consisting of over 80 working groups responsible for developing Inter
net standards. The IETF is part of the Internet Society, or ISOC, organization.

IGMP
Internet Group Management Protocol

Standard used by IP hosts to report a multicast group membership to an adjacent

multicast router. IGMP can be used to access online video and gaming more effici
ently.
IP
IGP
Interior Gateway Protocol
Standard used to exchange routing information within an autonomous system. Examp
les of an Internet IGP includes EIGRP, OSPF, and RIP.
EIGRP,OSPF,RIP
IKE
Internet Key Exchange

Hybrid protocol obtained from ISAKMP and Oakley standards that provides utility
services for IPSec which include authentication of the IPSec peers, negotiation
of IKE and IPSec security associations, and establishment of keys for encryption
algorithms used by IPSec.
IPSec
implicit deny
Last statement of an ACL inserted to block the accidental entry of unwanted traf
fic.
ACL
in-band
Management technique for connecting a computer to a network device. In-band mana
gement is used to monitor and make configuration changes to a network device ove
r a network connection.

inbound
One of two directions a packet will travel on a network through an interface. An
inbound packet is enteiring a device.

inside global address

Public-routable IP address of an inside host as it appears to the outside networ
k. An inside global address is an IP address translated by NAT.
NAT
inside local address
Private IP address configured on a host on an inside network. An inside local ad
dress must be translated before it can travel outside the local addressing struc
ture to the Internet.

inside local network

Privately addressed network space connected to a router interface. Inside local
network is used to overcome shortages of public IP addressing.

Institute of Electrical and Electronics Engineers

See IEEE.

insured burst
Largest transfer of data above the insured rate that will be temporarily allowed
on a permanent virtual circuit. An insured burst is not tagged to be dropped in
the case of network congestion. An insured burst is specified in bytes or cells
.

insured traffic
Data transfer at the rate specified for the PVC. Insured traffic should not be d
ropped by the network under normal network conditions.

interactive voice response

See IVR.

inter-area routing
Transfer of data between two or more logical areas.

interface
1) Connection between two systems or devices. 2) In routing terminology, a netwo
rk connection. 3) In telephony, a shared boundary defined by common physical int
erconnection characteristics, signal characteristics, and meanings of interchang
ed signals. 4) The boundary between adjacent layers of the OSI model.

Interior Gateway Protocol

See IGP.

intermediate distribution facility

See IDF.

Intermediate System-to-Intermediate System

See IS-IS.

internal traffic
Data transmitted within a private, trusted network.

International Telecommunication Union

See ITU-T.

Internet Assigned Numbers Authority

See IANA.

Internet Control Message Protocol

See ICMP.

Internet Engineering Task Force

See IETF.

Internet Group Management Protocol

See IGMP.
Internet Key Exchange
See IKE.

Internet operating system file naming system

See IOS file naming convention.

Internet Protocol address

See IP address.

Internet Protocol address pool

See IP address pool.

Internet Protocol Control Protocol

See IPCP.

Internet Protocol multicast

See IP multicast.

Internet Protocol phone

See IP phone.

Internet Protocol security

See IPSec.

Internet Protocol telephony

See IP telephony.

Internet Protocol version 4

See IPv4.

Internet Protocol version 6

See IPv6.

internetwork
Collection of networks interconnected by routers and other devices that function
s as a single network.
Internet
Internetwork Packet Exchange Control Protocol
See IPXCP.

Inter-Switch Link
See ISL.
inter-VLAN
Routing within a virtual LAN. Specific configuration to switches and routers is
necessary.

intra-area routing
Transfer of data within a logical area when the source and destination are in th
e same area.

intranet
Networks accessible internal users of an organization. An intranet is used to sh
are internal information and computing resources.

intrusion detection system

See IDS.

intrusion prevention system

See IPS.

inverse
Having the reverse effect.

Inverse Address Resolution Protocol

See Inverse ARP.

inverse ARP
Inverse Address Resolution Protocol
Method of building dynamic routes in a network. Inverse ARP allows an access ser
ver to discover the network address of a device associated with a virtual circui
t.
Inverse ARP is also known as Reverse ARP or RARP.

IOS file naming convention

Internet operating system file naming system
Cisco IOS software image name that represents the hardware, feature set, format,
maintenance release, individual release, and T release, in that order.

IP address
Internet Protocol address

32-bit address in IPv4 that is assigned to hosts that use TCP/IP. An IP address
belongs to one of five classes: A, B, C, D, or E.

It is written with four octets in the dot address format <a.b.c.d>. Each address
consists of a network number, an optional subnetwork number, and a host number.
The network and subnetwork numbers together are used for routing. The host numb
er is used to address an individual host within the network or subnetwork. A sub
net mask is used to extract network and subnetwork information from the IP addre
ss.
IP address pool
Internet Protocol address pool

Range of registered IP addresses to be used with NAT.

NAT
IP multicast
Internet Protocol multicast

Routing technique where one packet is sent to a multicast group identified by a

single IP destination group address. IP multicast saves network bandwidth becaus
e packets are transmitted as one stream over the backbone and only split apart t
o the target stations by the router at the end of the path.
IP network
A network that uses the IP protocol, which is part of TCP/IP.

IP phone
Telephone that supports voice calls over an IP network.

IP Security
see IPSec.

IP telephony
Telephone that supports voice calls over an IP network.

IPCP
IP Control Protocol
Standard for establishing and configuring IP over PPP. IPCP is responsible for c
onfiguring, enabling, and disabling IP protocol modules on both ends of the poin
t-to-point link.
point-to-point
IPS
intrusion prevention system

Active device in the traffic path that monitors network traffic and permits or d
enies flows and packets into the network. All traffic passes through an IPS for
inspection. When the IPS detects malicious traffic, it sends an alert to the man
agement station and blocks the malicious traffic immediately. IPS proactively pr
events attacks by blocking the original and subsequent malicious traffic.
IPSec
IP Security
Framework of open standards that provides data confidentiality, data integrity,
and data authentication between participating peers. IPSec provides security ser
vices at the IP layer. IPSec uses IKE to handle the negotiation of protocols and
algorithms based on local policy and to generate the encryption and authenticat
ion keys to be used by IPSec. IPSec can protect one or more data flows between a
pair of hosts, between a pair of security gateways, or between a security gatew
ay and a host.
IKE
IPv4
Internet Protocol version 4

Current network layer standard for packet-switched internetworks. The IP address

of IPv4 is 32 bits.
IPv6
Internet Protocol version 6
Network layer standard for packet-switched internetworks. IPv6 is the successor
of IPv4 for general use on the Internet.

IPXCP
Internetwork Packet Exchange Control Protocol
Standard that establishes and configures IPX over PPP.
ppp
IS-IS
Intermediate System-to-Intermediate System
Standard for OSI link-state hierarchical routing based on DECnet Phase V routing
. Routers exchange information based on a single metric to determine network top
ology.

ISL
Inter-Switch Link
Cisco protocol for tagging frames on an IEEE 802.1q network.
802.1q
ITU-T
International Telecommunication Union Telecommunication Standardization Sector

International organization that develops communication standards.

ITU-T was formerly known as the Committee for International Telegraph and Teleph
one.
IVR
interactive voice response
A system that provides information in the form of recorded messages over telepho
ne lines in response to user input in the form of spoken words or dual-tone mult
ifrequencysignaling. An examples of IVR includes the ability to check a bank acc
ount balance from a telephone.
jabber
1) Error condition in which a network device continually transmits random and me
aningless data onto the network. 2) Data packet that exceeds the length prescrib
ed in the IEEE 802.3 standard.

jitter
Analog communication line distortion. Jitter can be caused by the variation of a
signal from the reference timing positions, network congestion, or route change
s. It can cause data loss, particularly at high speeds.

K value
Numeric value for a composite metric formula in EIGRP to determine the best path
to a destination. K1 and K3 are set to 1. K2, K4, and K5 are set to 0. The valu
e of 1 designates that bandwidth and delay have equal weight.

keepalive
Broadcast sent by one network device to inform another network device that the v
irtual circuit between the two is still active.

keepalive interval
Period of time that the client waits before sending a keepalive message on a TCP
connection.
TCP,keepalive message
keepalive message
Broadcast sent by one network device to inform another network device that the v
irtual circuit between the two is still active.

key
Authentication code that passes between routers in plain text form.

key exchange
Method for two peers to establish a shared secret key, which only they recognize
, while communicating over an unsecured channel.

key ID
Identification of code used between devices.

L2F Protocol
Layer 2 Forwarding Protocol
Layer 2 Forwarding (L2F) is a protocol developed by Cisco that supports the crea
tion of secure virtual private dialup networks over the Internet by tunneling La
yer 2 frames.

L2TP
Standard for tunneling PPP through a public network. L2TP provides a method to i
mplement Virtual Private Dialup Network based on L2F and Point-to-point Tunnelin
g protocols. L2TP is an Internet Engineering Task Force standard track protocol
defined in RFC 2661.
IETF
LAN
local area network

High-speed, low-error data transfer system that encompasses a small geographic a

rea. A LAN connects workstations, peripherals, terminals, and other devices in a
single building or other geographically limited area. LAN standards specify cab
ling and signaling at the Physical Layer and the Data Link Layer of the OSI Refe
rence Model. Examples of LAN technologies are Ethernet, FDDI, and Token Ring.
Ethernet
LAN switch
local area network switch

Device that forwards packets between data-link segments at a high speed. A LAN s
witch usually uses the MAC address to determine where to forward traffic. Some L
AN switches operate at the network core, others operate at a workgroup level.
LAP
Lightweight access points
The access points used in the Cisco Unified Wireless Network architecture. LAPs
are dependent on a Cisco wireless LAN controller for configuration and security
information.
WLAN
latency
1) Delay between the time when a device receives a frame and the time that frame
is forwarded out the destination port. 2) Data latency is the time between a qu
ery and the results displaying on the screen.

Layer 2 Forwarding Protocol

See L2F Protocol.

Layer 2 Tunneling Protocol

See L2TP.

Layer 3 switching
Process on a router that uses cut-through techniques to increase the speed of pa
cket inspection and forwarding.

LCP
Link Control Protocol
Standard that establishes, configures, and tests data-link connections for use b
y PPP. LCP checks the identity of the linked device, determines the acceptable p
acket size, searches for errors and can terminate the link if it exceeds the req
uirements.
PPP
learning
One of four states that a port cycles through when a switch powers on an STP net
work. The switch uses information learned to forward a packet.

leased line
Bandwidth on a communications line reserved by a communications carrier for the
private use of a customer. A leased line is a type of dedicated line.

least cost path

Calculation of a switch to find a path that uses the least amount of bandwidth f
or each link required to reach the root bridge.

legacy
Older styles of hardware or software that are still being used.

Light Weight Access Point Protocol

See LWAPP.

lightweight access point

See LWAP.

link
Network communications channel that includes a circuit or transmission path and
all related equipment between a sender and a receiver.
A link is also known as a line or a transmission link.

Link Control Protocol

See LCP.

link-state advertisement
See LSA.

link-state protocol
Type of standards, such as OSPF and IS-IS, used in a hierarchical network design
. Link-state protocols help manage the packet-switching processes in large netwo
rks.

link-state routing algorithm

Mathematical process in which each router broadcasts or multicasts information r
egarding the cost of reaching each of its neighbors. A link-state routing algori
thm creates a consistent view of the network and is not prone to routing loops.
Examples of link-state algorithms are OSPF and IS-IS.
OSPF, IS-IS
listening
One of four states that a port cycles through when a switch powers on an STP net
work. The switch listens for BPDUs from neighboring switches.
LLQ
low latency queueing

Strict-priority ordered list that allows delay-sensitive data such as voice to b

e taken out of sequence and sent first. A voice packet is sent to the priority q
ueue part where it has a fixed bandwidth allocation and is served first. A data
packet enters the CBWFQ system directly and is assigned priority to determine ho
w the data is treated. LLQ provides strict priority queuing to CBWFQ.
CBWFQ
LMI
Local Management Interface
Standard that enhances the basic Frame Relay specification. LMI includes support
for a global addressing, and support for keepalive, multicast, and status mecha
nisms.

load
Amount of traffic on a network.

load balances
See load balancing.

load balancing
Ability of a router to distribute traffic over all network interfaces that are t
he same distance from the destination address. Load balancing increases the use
of network segments which improves bandwidth. A load-balancing algorithm may use
both line speed and reliability information.

local access rate

Clock speed, or port speed, of the local loop connection to the Frame Relay clou
d.
Frame Relay
local area network
See LAN.

local area network switch

See LAN switch.

local loop
Physical line from the premises or demarcation point of a telephone subscriber t
o the edge of the carrier or telephone company central office.
A local loop is also known as a subscriber line.

Local Management Interface

See LMI.
logging
Process to recording and accessing details about packets on a network that have
been permitted or denied.

logical topology
Map of the flow of data on a network that shows how devices communicate with eac
h other.

loop
Route on a network where a packet never reaches its destination. A loop carries
data repeatedly through a constant series of network nodes.

loopback interface
Connection between devices that share the same type of routing.

Low Latency Queuing

See LLQ.

LSA
link-state advertisement
Broadcast packet used by a link-state protocol. An LSA contains information abou
t neighbors and path costs. It is used by the receiving routers to maintain rout
ing tables.
A LSA is also known as link-state packet.

LWAP
lightweight access point
Access point used in the Cisco Unified Wireless Network architecture. LWAPs depe
nd on a Cisco WLAN controller for configuration and security information.

LWAPP
Light Weight Access Point Protocol
LWAPP is a draft protocol standard that defines how lightweight access points co
mmunicate with a centralized WLAN intelligence. LWAPP is used to manage security
, mobility, QoS, and other functions essential to WLAN operations over an entire
wireless enterprise.
WLAN
MAC address
Media Access Control Address
Standardized data link layer address that is required for every port or device t
hat connects to a LAN. Other devices in the network use these addresses to locat
e specific ports in the network and to create and update routing tables and data
structures. MAC addresses are 6 bytes long and are controlled by the IEEE.
MAC address is also known as a hardware address, a MAC-layer address, or a physi
cal address.

main cross-connect
See MCC.
main distribution facility
See MDF.

manageability
Ability of a system to be administered.

management domain
Information included on a message that each switch advertises on its trunk ports
.

management information base

See MIB.

management virtual local area network

See management VLAN.

management VLAN
management virtual local area network
VLAN1 on a switch. The IP address of VLAN1 is used to access and configure the s
witch remotely and to exchange information with other network devices.

manual summarization
Feature on an EIGRP route where the administrator determines which subnets on wh
ich interfaces are advertised as summary routes. Manual summarization is done on
a per-interface basis and gives the network administrator complete control. A m
anually summarized route appears in the routing table as an EIGRP route sourced
from a logical interface.

maximum transmission unit

See MTU.

MCC
main cross-connect

Wiring closet that serves as the most central point in a star topology. An MCC i
s where LAN backbone cabling connects to the Internet.
MCU
multipoint control unit
Device used to support multiple-party conference calls. Members of the conferenc
e call can send media to the MCU which mixes the media and then sends it to all
participants.

MD5
Message Digest 5
Method of authentication that requires that each router has a unique key and key
ID. The router uses an algorithm that processes the key, the OSPF packet, and t
he key ID to generate an encrypted number. Each OSPF packet includes that encryp
ted number. The key is never transmitted.
OSPF
MDF
main distribution facility
Primary communications room for a building. An MDF is the central point of a sta
r networking topology where patch panels, hubs, and routers are located. It is u
sed to connect public or private lines coming into the building to internal netw
orks.
IDF
Media Access Control Address
See MAC Address.

media converter
Data Link Layer process on a router that changes a frame to Ethernet if it is on
a LAN and to a WAN interface if it exits the LAN and enters the Internet.

mesh
Network topology where devices are organized in a segmented manner with intercon
nections strategically placed between network nodes.
full mesh,partial mesh
metric
Information a routing algorithm uses to determine the best route on a network. M
etrics are stored in a routing table. Metrics include bandwidth, communication c
ost, delay, hop count, load, MTU, path cost, and reliability.
hop count,bandwidth,MTU,delay,routing table
Metro Ethernet
Network system based on Ethernet technology that covers a metropolitan area.

MIB
management information base
Database of network management information that is used and maintained by a netw
ork management protocol such as SNMP or Common Management Information Protocol,
also known as CMIP. The value of a MIB object can be changed or retrieved using
SNMP or CMIP commands. MIB objects are organized in a tree structure that includ
es public, or standard, and private, or proprietary, branches.
SNMP
microprocessor
Chip that contains the central processing unit for the device.

microsegment
See microsegmentation.

microsegmentation
Division of a network into smaller segments, usually with the intention of incre
asing aggregate bandwidth to network devices.
Microsoft Visio
Diagramming application software published by Microsoft.

mission-critical
Type of network or computing process that is vital to an organization. Mission-c
ritical applications that are halted often or for too long may have negative con
sequences.

Mobile Internet Protocol

See mobile IP.

Mobile IP
Mobile Internet Protocol

IETF standard for IPv4 and IPv6 which enables a mobile device to move without br
eaking the connection. Mobility is a feature of IPv6.
modem
Device that converts digital computer signals into a format that is sent and rec
eived over an analog telephone line. Modem is the common term for modulator-demo
dulator.
demodulation,modulation
modular block diagram
Illustration of the major functions of a network in modular form. A modular bloc
k diagram helps a designer determine the underlying architecture on which the ne
twork is built.

modulated
See modulation.

modulates
See modulation.

modulation
Process where the characteristics of an electrical signal is transformed to repr
esent information. Types of modulation include amplitude modulation, frequency m
odulation, and pulse amplitude modulation.
carrier
MOSPF
Multicast Open Shortest Path First

Intradomain multicast routing protocol used in Open Shortest Path First networks
. An extension is applied to the base OSPF unicast protocol to support IP multic
ast routing. Multicast information is included in OSPF link-state advertisements
. MOSPF builds a distribution tree for each group and computes a tree for active
sources sent to the group. The tree state is cached and must be recomputed when
a link-state change occurs or when the cache times out.

MOSPF is also known as multicast OSPF.

MPLS
Multiprotocol Label Switching

Standard used to increase the speed of traffic flow on a network. The MPLS proce
ss marks each packet with the path sequence to the destination instead of using
a routing table. Packet switching is done at Layer 2 of the OSI Reference Model.
MPLS supports protocols such as IP, ATM, and Frame Relay.
Frame Relay,ATM,IP
MS Visio
Diagramming application software published by Microsoft.

MTU
maximum transmission unit
Maximum packet size, in bytes, that a particular interface can handle.

multi-access
Type of network that allows multiple devices to connect and communicate simultan
eously.

multicast
Single packets copied by the network and sent to a specific subset of network ad
dresses. Multicast addresses are specified in the destination address field.
broadcast,unicast
Multicast Open Shortest Path First
See MOSPF.

multilayer switch
Device that filters and forwards packets based on MAC addresses and network addr
esses. A layer 2/layer 3 switch is a multilayer switch.

multilayer switching
Device that filters and forwards packets based on MAC addresses and network addr
esses. A layer 2/layer 3 switch is a multilayer switch.
MAC address
multiplexing
Scheme that allows multiple logical signals to be transmitted simultaneously acr
oss a single physical channel. The signals are then seperated at the receiving e
nd.
demultiplexing
multipoint control unit
See MCU.

Multiprotocol Label Switching

See MPLS.

NAC
network admission control

Method of preventing a virus from infecting a computer by controlling access to

a network. NAC uses protocols and software products to assess a host that tries
to log onto a network. NAC determines the condition, called the posture, of the
host,. An infected host may be placed in quarantine. A host with outdated virus
protection will be directed to obtain an update. An uninfected host with virus p
rotection will be allowed on the network.

Network admission control is also known as network access control.

NACL
named access control list
Standard or extended format that are referenced by a descriptive name rather tha
n a number. When configuring a NACL, the router IOS uses a NACL subcommand mode.
NACL is also known as named ACL.
ACL
named access control list
See NACL.

NAS
network attached storage
High-speed, high-capacity data storage that groups large numbers of disk drives
that are directly attached to the network and can be used by any server. A NAS d
evice is typically attached to an Ethernet network and is assigned its own IP ad
dress.

NAT
Network Address Translation

Standard used to reduce the number of IP addresses necessary for all nodes withi
n the organization to connect to the Internet. NAT allows a large group of priva
te users to access the Internet by converting packet headers for only a small po
ol of public IP addresses and keeping track of them in a table.
NAT overload
Dynamically translates multiple inside local addresses to a single public addres
s so more than one client can access the connection to the Internet.

native VLAN
Special VLAN that accomodates untagged traffic. Trunk links carry untagged traff
ic over the native VLAN. On Cisco Catalyst switches, VLAN1 is the native VLAN.
VLAN
NAT-PT
Network Address Translation-Protocol Translation
Mechanism located between an IPv6 network and an IPv4 network to translate IPv6
packets into IPv4 packets and vice versa.

NBAR
Network Based Application Recognition
Cisco utility that conducts audits and traffic analysis. NBAR is a classificatio
n and protocol discovery tool that identifies traffic up to the application laye
r. It provides interface, protocol, and bi-directional statistics for each traff
ic flow that traverses an interface. NBAR does sub-port classification, which in
clude looking and identifying beyond application ports. NBAR recognizes web-base
d and other protocols that use dynamic TCP and UDP port assignments.

NBMA
non-broadcast multi-access
Network that does not support broadcasting, such as X.25, or broadcasting is not
possible, such as a SMDS.
SMDS
NCP
Network Control Protocol
Standard that routes and controls the flow of data between a communications cont
roller, in which it resides, and other network resources.

negotiate parameter
Parameter on a switch that automatically detects the encapsulation type of the n
eighbor switch.

neighbor
Routers that have interfaces to a common network in OSPF. On a multi-access netw
ork, neighbors are dynamically discovered by the OSPF Hello protocol.

neighbor table
One of three interconnected EIGRP router tables. The neighbor table collects and
lists information about directly connected neighbor routers. A sequence number
records the number of the last received hello from each neighbor and time-stamps
the time that the packet arrived. If a hello packet is not received within the
hold time, the timer expires and DUAL recalculates the topology. Other router ta
bles include topology and routing tables.

neighboring routers
Routers that have interfaces to a common network in OSPF. On a multi-access netw
ork, neighbors are dynamically discovered by the OSPF Hello protocol.
Hello Protocol,OSPF
NetFlow
Accounting tool used to analyze and provide details about traffic patterns in a
network. NetFlow can be used to capture the traffic classification or precedence
associated with each flow.

network access control

Limit access to the physical components of a network.

Network Address Translation

See NAT.

Network Address Translation-Protocol Translation

See NAT-PT.

network admission control

See NAC.

network analyzer
Monitoring device or software application that maintains statistical information
about the status of the network and each device attached to it. Some network an
alyzers are able to detect, define, and fix problems on the network.

network attached storage

See NAS.

network backbone
Core network architecture for an enterprise. Network backbone connects all LAN s
egments of a system and provides fast switching between subnets.
LAN
Network Based Application Recognition
See NBAR.

network baseline
Process that involves monitoring network performance and behavior over a certain
period of time to create a point of reference for future network evaluations. N
etwork baseline is used by network administrators to monitor the network and tro
ubleshoot if there is a problem.

network boundary
Location where route summarization occurs on a boundary router.

Network Control Protocol

See NCP.

network diameter
Maximum number of hops between any two end stations in the network. Network diam
eter is the maximum number of links that must be traversed to send a message to
any host along a shortest path.
network discovery
Result of dynamic routing protocols enabling a router to share information about
reachability and status, and also to add remote networks to the routing table.

network infrastructure diagram

Illustration of the topology of a network that shows the location, function, and
status of devices. A network infrastructure diagram may represent either a phys
ical or logical network.
A network infrastructure diagram is also known as a topology diagrams.
topology
network maintenance plan
See NMP.

network management system

See NMS.

network modularity
Network modularity refers to organizing a network from smaller subsystems or mod
ules that can be designed and implemented independently. The modules can represe
nt areas that have different physical or logical connectivity. They also designa
te where different functions occur in the network. Modularity allows flexibility
in network design, and facilitates implementation and troubleshooting. As netwo
rk complexity grows, designers can add new functional modules.

network monitoring plan

Information used by a network administrator to evaluate the condition of a netwo
rk.

network operations center

See NOC.

next hop
Interface on a connected router that moves the data closer to the final destinat
ion.

NMP
network maintenance plan
Ensures business continuity by keeping the network running efficiently. Network
maintenance must be scheduled during specific time periods, usually nights and w
eekends, to minimize the impact on business operations.

NMS
network management system
System or application that is used to monitor and control managed network device
s, such as CiscoWorks.

NOC
network operations center
Organization responsible for maintaining a network.

non-broadcast multi-access
See NBMA.

non-stub area
OSPF area that carries default, static, intra-area, interarea, and external rout
es. An non-stub area can have virtual links configured across it and can contain
an ASBR.
ASBR,OSPF
Null0 interface
EIGRP installs a Null0 summary route in the routing table for each parent route.
The Null0 interface indicates that this is not an actual path, but a summary fo
r advertising purposes.
EIGRP
NVRAM
non-volatile random access memory. NVRAM is used as the storage location for the
startup configuration file for a Cisco router. After the router loads its IOS i
mage, the settings found in the startup configuration are applied.

OC
optical carrier

Series of physical protocols, such as OC-1, OC-2, OC-3, defined for synchronous
optical network optical signal transmissions.

OC signal levels put synchronous transport signal frames onto fiber-optic line a
t different speeds. The base rate of an OC signal level is 51.84 Mbps for OC-1.
Each signal level thereafter operates at a speed multiplied by that number. For
example, OC-3 runs at 155.52 Mbps (51.84 x 3 = 155.52).
STS-1,STS-3c
Open Shortest Path First
See OSPF.

open standard
Protocol or rule available to the public to be applied to a network. An open sta
ndard is not proprietary.

optical carrier
See OC.

organizational unique identifier

See OUI.
OSPF
Open Shortest Path First
Routing algorithm for a link-state, hierarchical Interior Gateway Protocol that
replaces Routing Information Protocol. OSPF features include least-cost routing,
multipath routing, and load balancing.
RIP,IGP
OUI
Three octets assigned to the hardware manager by the IEEE in a block of 48-bit L
AN addresses.
EUI-64, IEEE
outbound
One of two directions a packet will travel on a network through an interface. An
outbound packet is exiting a device.

out-of-band
Transmission using frequencies or channels outside the frequencies or channels n
ormally used for information transfer. Out-of-band signaling is often used for e
rror reporting in situations in which in-band signaling can be affected by whate
ver problems the network might be experiencing.

outside global address

Public IP address of an external host, as it is referred to on the Internet.

outside global network

Network attached to a router that is external to the LAN and that does not recog
nize the private addresses assigned to hosts on the internal LAN.

outside local address

IP address of an outside host as it appears to the inside network.

Packet over SONET/SDH

See POS.

packet sniffer
Tool that analyzes traffic flows based on the source and destination of the traf
fic as well as the type of traffic being sent. Packet sniffer analysis can be us
ed to make decisions on how to manage the traffic more efficiently.

packet switch
WAN device that routes packets along the most efficient path and allows a commun
ications channel to be shared by multiple connections.
Packet switch is also known as a packet switch node.
WAN
packet switching
Networking method where nodes share bandwidth by sending packets to each other.
Packet switching is a way to direct encoded information in a network from a sour
ce to a destination.
circuit switching
packet-switched network
See PSN.

PAP
Password Authentication Protocol
Standard used by PPP peers to authenticate each other on a network. A remote rou
ter sends an authentication request when attempting to connect to a local router
. PAP passes the password and host name or username.PAP does not prevent unautho
rized access, but identifies the remote user. The router or access server then d
etermines if the user is allowed access.
PPP
parent route
When default summarization is disabled, updates include subnet information. The
routing table installs entries for each of the subnets and also an entry for the
summary route. A parent route is announced by the summarizing router as long as
at least one specific route in its routing table matches the parent route.
The parent route is called the summary route and the child route is called the s
ubnet route.

partial mesh
Network where devices are organized in a mesh topology with network nodes that a
re organized in a full mesh, and network nodes that connected to one or two othe
r nodes in the network. A partial mesh does not provide the level of redundancy
of a full mesh topology and is less expensive to implement. They are generally u
sed in the peripheral networks that connect to a fully meshed backbone.
full mesh,mesh
Password Authentication Protocol
See PAP.

PAT
Port Address Translation

Standard used to reduce the number of internal private IP addresses to only one
or a few external public IP addresses. PAT enables an organization to conserve a
ddresses in the global address pool by allowing source ports in TCP connections
or UDP conversations to be translated. Different local addresses then map to the
same global address, with PAT providing the unique information. PAT is a subset
of NAT functionality.
TCP,UDP,NAT
patch panel
Assembly of pin locations and ports which can be mounted on a rack or wall brack
et in the wiring closet. A patch panel acts like a switchboard that connects wor
kstation cables to each other and externally.
PBX
private branch exchange
Digital or analog telephone switchboard located on the subscriber premises and u
sed to connect private and public telephone networks.

PDM
protocol dependent module
Used by EIGRP making decisions about specific routing tasks. Each PDM maintains
three tables.

per VLAN Rapid Spanning Tree Plus

See PVRST+.

permanent virtual circuit

See PVC.

permanent virtual path

See PVP.

permits
Allows a process to occur.

physical addressing
See MAC address.

physical topology
Layout of devices on a network. The physical topology shows the way that the dev
ices are connected through the cabling and how cables are arranged.

pilot installation
Small implementation of a new network technology used to test how well the techn
ology meets the design goals.

PIM
Protocol Independent Multicast

Standard for a routing architecture that enables the addition of IP multicast ro

uting on an existing IP network. PIM is unicast routing protocol independent. It
can be operated in the dense mode and sparse mode.
PIM dense mode,PIM sparse mode
PIM dense mode
Protocol Independent Multicast dense mode

When a receiver affected by PIM standards processes large amounts of traffic. Pa

ckets are forwarded on all outgoing interfaces until pruning and truncation occu
rs. It is assumed that the downstream networks will receive and use the datagram
s that are forwarded to them. PIM dense mode is driven by data and resembles typ
ical multicast routing protocols.
PIM
PIM sparse mode
Protocol Independent Multicast sparse mode

When receivers affected by PIM standards are widely distributed, PIM sparse mode
tries to constrain data distribution so that a minimal number of routers in the
network receive it. Packets are sent only if they are explicitly requested at t
he rendezvous point. It is assumed that downstream networks will not necessarily
use the datagrams that are sent to them.
PIM
plain old telephone service
See POTS.

PoE
Power over Ethernet
Powering standard of network devices over Ethernet cable. IEEE 802.3af and Cisco
specify two different PoE methods. Cisco power sourcing equipment and powered d
evices support both PoE methods.

Point-of-Presence
See POP.

Point-to-Point Protocol
See PPP.

Point-to-Point T1
WAN connectivity that offers control over the quality of service available.

Point-to-Point Tunneling Protocol

See PPTP.

poisoned reverse
Routing update that indicates that a network or subnet is unreachable, rather th
an implying that a network is unreachable by not including it in updates. Poison
reverse updates are sent to defeat large routing loops. The Cisco IGRP implemen
tation uses poison reverse updates.

policy routing
Scheme that forwards packets on a network to specific interfaces based on user-c
onfigured policies. An example of policy routing is that it may specify that tra
ffic sent from a particular network should be forwarded from one interface, whil
e all other traffic should be forwarded from another interface.
POP
Point of Presence
Physical connection between a communication facility provided by an ISP or local
telephone company, and an organization's main distribution facility.

port
1) Interface on a networking device, such as a router or a switch. 2) Upper-laye
r process that receives information from lower layers. 3) Female plug on a patch
panel.

Port Address Translation

See PAT.

port density
Amount of ports per RU on a switch.
RU
PortFast
Enhancement to STP that causes an access port to enter the forwarding state imme
diately, bypassing the listening and learning states. Using PortFast on access p
orts that are connected to a single workstation or server allows those devices t
o connect to the network immediately,
listening,learning,STP,fast-forward
POS
Packet over SONET/SDH
Type of networking supported by SONET and SDH that moves large amounts of voice
and data over great distances through fiber-optic cable.
SONET,SDH,fiber-optic
POST
power-on self test
A process used to test the device hardware after the power is turned on.

POTS
Plain old telephone service. See PSTN.

Power over Ethernet

See PoE.
power-on self test
See POST.

PPDIOO
prepare, plan, design, implement, operate, and opt
Six-phase Cisco Lifecycle Services approach to support evolving networks. Each p
hase defines the activities required to successfully deploy and operate Cisco te
chnologies. PPDIOO details how to optimize performance throughout the lifecycle
of a network.
PPP
Point-to-point Protocol
Standard that provides router-to-router and host-to-network connections over syn
chronous and asynchronous circuits.

PPTP
Point-to-Point Tunneling Protocol
Point-to-Point Tunneling Protocol (PPTP) was developed by Microsoft. It is descr
ibed in RFC2637. PPTP is widely deployed in Windows client software to create VP
Ns across TCP/IP networks.
VPN

PQ
priority queing
Feature in routing in which the characteristics of a frame, such as packet size
and interface type, are used to determine the order the frame is sent.

prefix address
Pattern that matches the bits of an IP address. For example, 130.120.0.0/16 matc
hes the first 16 bits of the IP address 130.120.0.0, which is 130.120. In anothe
r example, 12.0.0.0/12 matches 12.0.2.3, 12.2.255.240, and 12.15.255.255, but do
es not match 12.16.0.1.

prefix length
Identifies the number of bits used in the network.
A prefix length is also known as a network prefix.

prepare, plan, design, implement, operate, and opt

See PPDIOO.

priority queuing
See PQ.

Private addresses
Type of IP address that is reserved for internal use. A private network address
is not routed across the public Internet. In IPv4, the range of private network
addresses are 10.0.0.0 to 10.255.255.255, 172.16.0.0 to172.31.255.255, and 192.1
68.0.0 to 192.168.255.255.

Private Branch Exchange

See PBX.

private network address

Portion of an IP address that is reserved for internal use. A private network ad
dress is not routed across the public Internet. In IPv4, the range of private ne
twork addresses are 10.0.0.0 to 10.255.255.255, 172.16.0.0 to172.31.255.255, and
192.168.0.0 to 192.168.255.255.
IPv4

proactive maintenance
Method for a network administrator to ensure uptime by monitoring network functi
onality and taking corrective action immediately. Proactive maintenance is perfo
rmed on a regular basis to detect weaknesses prior to a critical error that coul
d bring down the network.

process switching
Operation that occurs when a router evaluates the route and per packet load bala
ncing across parallel links before sending a packet. In process switching, a rou
ter performs a table lookup for each packet, selects an interface, and looks up
the data-link information. Because each routing decision is independent for each
packet, all packets going to the same destination are not forced to use the sam
e interface.

proof-of-concept
Proving that a design functions as expected.

propagation delay
Amount of time required for data to travel over a network, from the source to th
e destination.

proprietary
Device or software that cannot be used with devices or software from other vendo
rs.

Protocol Dependent Module

See PDM.

Protocol Independent Multicast

See PIM.

Protocol Independent Multicast dense mode

See PIM dense mode.

Protocol Independent Multicast sparse mode

See PIM sparse mode.

PSN

packet-switched network

Network that uses packet-switching technology for data transfer.

PSTN
Public Switched Telephone Network
General term referring to the variety of telephone networks and services in plac
e worldwide.
PSTN is also known as plain old telephone service, or POTS.

public network address

IP address that is unique and routable across the public Internet.

Public Switched Telephone Network

See PSTN.

punchdown
Spring-loaded tool used to cut and connect wires in a jack or on a patch panel.

punchdown block
A device that connects telephone or data lines to each other. The solid copper w
ires are punched down into short open-ended slots to establish connectivity.

PVC
permanent virtual circuit
Connection that saves bandwidth because the circuit is established ahead of time
.
SVC,PVP

PVP

permanent virtual path

Passage that consists of permanent virtual circuits.
PVC

PVRST+
Per VLAN Rapid Spanning Tree +
Cisco implementation of one instance of RSTP per VLAN.
RSTP+

Q.922A
ITU-T specification for Frame Relay encapsulation.
ITU-T

QoS
quality of service
Standard for monitoring and maintaining a level of transmission performance and
service, such as available data transmission bandwidth and error rate.

QoS policies
Procedures defined and used in the QoS process.

quad zero route

Route where the network address and subnet mask are both specified as 0.0.0.0. T
he command uses either the next-hop address or the exit interface parameters.

quality of service
See QoS.

query packet
Message used to inquire about the value of some variable or set of variables.

rack unit
See RU.

radio frequency
See RF.

radio frequency interference

See RFI.

RAM
random-access memory
Type of memory that allows any byte of memory to be accessed without affecting p
receding bytes. RAM is used for temporary storage by programs. When the computer
is shut down, all data stored in RAM is lost.

random-access memory
See RAM.

Rapid Spanning Tree Protocol

See RSTP.

Rapid Transport Protocol

See RTP.

RD
reported distance
Distance to a destination as reported by a neighbor.

read-only memory
See ROM.

Real-Time Transport Control Protocol

See RTCP.

Real-Time Transport Protocol

See RTP.

receiver signal strength indicator

See RSSI.

recursive lookup
Two steps necessary to determine the exit interface. First a router matches the
destination IP address of a packet to the static route. Then the router matches
the next hop IP address of the static route to entries in its routing table to d
etermine which interface to use.
redirector
Software that intercepts requests for resources on a remote computer and then se
nds the requests to the appropriate host to process the transaction more efficie
ntly. The redirector creates a remote-procedure call that is sent to lower-layer
protocol software that can satisfy the request.
RPC

redistribution
Process of including routing information discovered through one routing protocol
in the update messages of another routing protocol.

redlined
Marks on blueprints showing changes in the design.

redundancy
1) Duplication of components on a network, such as devices, services, or connect
ions, for the purpose of maintaining operability if any tool fails. 2) Portion o
f the total information contained in a message that can be eliminated without lo
sing the context.

redundant link
Secondary connection between network devices to ensure network availability if t
he primary link fails.

reference bandwidth
Parameter related to the OSPF cost metric which is used to calculate interface c
ost. The bandwidth value calculation of each interface uses the equation 100,000
,000/bandwidth, or 10^8/bandwidth.

Reflexive ACL
An ACL that allows IP packets to be filtered based on upper-layer session inform
ation. They are generally used to allow inbound traffic into the network in resp
onse to sessions that originate on an inside interface of the router. This mecha
nism can help reduce exposure to spoofing and denial-of-service attacks. Reflexi
ve ACLs function similarly to the "established" keyword used in extended ACL sta
tements, except that reflexive ACLs can also inspect UDP and ICMP traffic in add
ition to TCP.

release notes
Documentation that accompanies software when it is distributed. Release notes in
clude the most recent information, such as a user guide.

reliability
Ratio of expected-to-received keepalives from a link. If the ratio of keepalives
is high, the line is reliable. Relibility is used as a routing metric.

Reliable Transport Protocol

See RTP.

remote login
See rlogin.

remote monitoring
See RMON.

remote shell protocol

See rsh.

remote-access virtual private network

See remote-access VPN.

remote-access VPN

Connectivity option used to augment or replace a traditional remote access strat

egy, such as the use of a dial-up link.

remote-access VPN is also known as remote-user VPN.

VPN

remote-procedure call
See RPC.

replay attack
Malicious process that allows a hacker to gain access to a router using informat
ion that is saved and replayed by the hacker as proof of identity.

reply packet
Information sent when a query packet is received. A reply packet helps DUAL to l
ocate a successor route to the destination network. Queries can be multicast or
unicast. Replies are always unicast.
unicast,multicast,DUAL
reported distance
See RD.

Request for Proposal

See RFP.

Request for Quotation

See RFQ.

request message
When a router is started, message sent out by each RIP-configured interface requ
esting that all RIP neighbors send their routing tables.
RIP

response message
Reply to a message sent out by each RIP-configured interface requesting that all
RIP neighbors send their routing tables.
RIP

RF
radio frequency
Electromagnetic waves generated by AC and transmitted to an antenna within the e
lectromagnetic spectrum. Radio, cable TV, and broadband networks use RF technolo
gy. WLAN uses RF to transmit data.
WLAN

RFI
radio frequency interference
Noise that interferes with information being transmitted across unshielded coppe
r cabling.

RFP
request for proposal
Formal documentation presented to potential vendors by an organization asking fo
r information on the type of services or products to be provided.

RFQ
request for quotation
Formal documentation presented to vendors by an organization asking for a bid or
quotation of the cost of providing services or products. An RFQ is issued when
the specifications have been determined.

RIP

Routing Information Protocol

Distance vector routing standard that uses hop count as a routing matrix.
RIPng
Routing Information Protocol next generation
Distance vector routing standard with a limit of 15 hops that uses split-horizon
and poison reverse to prevent routing loops. It is based on IPv4 RIPv2 and simi
lar to RIPv2, but uses IPv6 for transport. The multicast group address FF02::9 i
dentifies all RIPng enabled routers.
RIPv2,IPv6

RIPv2

Routing Information Protocol version 2

Distance vector routing standard based on RIPv1 with additional extensions to co

nform to modern routing environments. RIPv2 supports VLSM, authentication, and m
ulticast updates. RIPv2 is defined in RFC 1723 and supported in IOS versions 11.
1 and later.
RIP,VLSM

Rivest, Shamir, and Adleman

See RSA.

rlogin

remote login

Terminal emulation program that is offered in most UNIX implementations to acces

s a device remotely, such as Telnet.
Telnet

RMON

remote monitoring
Management information base agent specification described in RFC 1271 that defin
es functions to remotely monitor networked devices. RMON provides monitoring, pr
oblem detection, and reporting capabilities.
rogue switch
Unidentified switch on a network.

ROM
read-only memory
ROM is typically used as the memory area from which a Cisco router begins the bo
ot process, supports the Power-On-Self-Test, and supports the ROM Monitor diagno
stic environment.

root bridge
Designated packet forwarding device in a spanning-tree implementation that recei
ve topology information and notifies all other bridges in the network when topol
ogy changes are required. A root bridge prevents loops and provides a measure of
defense against link failure.
Root bridge is also known as root switch.
switch

root port
STP designated port that provides the least cost path back to the root bridge.
STP

root switch
See root bridge.

route
Path between the source and destination devices.

route aggregation
See route summarization.

route map
Method to control and modify routing information on a network. A route map is a
complex access list that allows some conditions to be tested against the route i
n question. If the conditions match, some actions can be taken to modify the rou
te.

route poisoning
Setting the metric for a route to 16 to stop traffic on the route. RIP sends a t
riggered update immediately, poisoning the route.
RIP

route redistribution
Default route is propagated from the edge router to other internal routers.

route summarization
Consolidation of advertised addresses in a routing table. Route summarization re
duces the number of routes in the routing table, the routing update traffic, and
overall router overhead.
Route summarization is also known as route aggregation.

router
Network layer device that uses one or more metrics to determine the optimal path
along which network traffic should be forwarded. Routers forward packets from o
ne network to another based on network layer information.

router ID

IP address determined by a value configured with the

router-id
command, a value of the highest configured IP address on a loopback interface, o
r a value of the highest IP address on any active physical interface.
router-on-a-stick
Configuration on the router that determines that if the destination VLAN is on t
he same switch as the source VLAN, the router forwards the traffic back down to
the source switch using the subinterface parameters of the destination VLAN ID.
VLAN ID

routing
Process to find a path to a destination host. Routing is complex in large networ
ks because of intermediate destinations a packet might traverse before reaching
the final destination host.

routing algorithm
Mathematical formula for procedures used to determine the best route to forward
traffic from source to destination.

routing domain
Group of end systems and intermediate systems that operate under the same set of
 administrative rules. Within each routing domain there are one or more areas, e
ach uniquely identified by an area address.

Routing Information Protocol

See RIP.

Routing Information Protocol next Generation

See RIPng.

Routing Information Protocol version 2

See RIPv2.

routing metric
Standard of measurement that is used by a routing algorithm that determines that
one route is better than another. Routing metrics are stored in routing tables
and may include bandwidth, communication cost, delays, hop count, load, maximum
transmission unit, path cost, and reliability.

routing prefix
Pattern to match some routes in a routing table.

routing protocol
Standard that makes use of the routing algorithm. Examples of routing protocols
include EIGRP, OSPF, and RIP.
EIGRP,OSPF,RIP

routing table
Table stored on a router or other internetworking device that keeps track of rou
tes to network destinations and metrics associated with those routes.

Routing Table Protocol

See RTP.

routing update
Message sent from a router to check network access and associated cost informati
on. A routing update is sent at regular intervals and after a change in network
topology.

RPC
remote-procedure call

Communication from a local program to a remote program to request temporary use

of services available on the remote program.
RSA
Rivest, Shamir, & Adleman
Algorithm for public key asymmetric encryption. RSA was the first algorithm suit
able for signing as well as encryption. It was one of the first great advances i
n public key cryptography.

rsh
remote shell protocol
Standard that allows a user to execute commands on a remote system without havin
g to log in to the system. For example, rsh can be used to remotely examine the
status of access servers on a network without having to connect to each communic
ation server to execute the command.

RSSI
receiver signal strength indicator
Measurement of received RF signal strength in WLAN application.
RF,WLAN

RSTP
Rapid Spanning Tree Protocol
Update to Spanning Tree Protocol standards that reduces the time for connections
to be established to switch ports.
STP

RSTP+
Enhanced Rapid Spanning Tree Protocol
Type of spanning tree protocol with increase convergence speed.

RTCP
Real-Time Transport Control Protocol
Control standard for RTP that monitors and provides feedback on the QoS of a tra
nsmission link.
RTP,QoS

RTP
Routing Table Protocol
VINES routing standard based on RIP that is used to distribute network topology
information and assist VINES servers to find neighboring clients, servers, and r
outers. RTP uses delay as a routing metric.
Rapid Transport Protocol
Standard that provides pacing and error recovery for data as it crosses the APPN
network. With RTP, error recovery and flow control are conducted end-to-end rat
her than at every node. RTP prevents congestion.
Real-Time Transport Protocol
Standard commonly used with IP networks that provides end-to-end network transpo
rt functions for applications transmitting real-time data, such as audio, video,
or simulation data, over multicast or unicast network services. RTP provides su
ch services as payload type identification, sequence numbering, timestamping, an
d delivery monitoring to real-time applications.

RU
rack unit
Standard form factor measurement for the vertical space that equipment occupies.
A rack unit is equal to the height of 1.75 inches (4.4cm). A device is measured
in RUs. If a device is 1.75 inches tall, it is 1RU. If it is 3.5 inches tall, i
t is 2RU.
form factor

runt
Frame that is less than 64 bytes, usually the result of a collision. In fragment
-free switching, the switch reads the first 64 bytes of the frame before it begi
ns to forward it out the destination port. Checking the first 64 bytes ensures t
hat the switch does not forward collision fragments.

SAN
storage area network
Data communication platform that interconnects servers and storage at Gigabaud s
peeds. By combining LAN networking models with server performance and mass stora
ge capacity, SAN eliminates bandwidth issues and scalability limitations created
by previous SCSI bus-based architectures.

scalability
Ability of a network design to develop to include new user groups and remote sit
es. A scalable network design should support new applications without impacting
the level of service delivered to existing users.

SDH
Synchronous Digital Hierarchy
European standard that defines a set of rate and format standards that are trans
mitted using optical signals over fiber. SDH is similar to SONET, with a basic S
DH rate of 155.52 Mbps, designated at STM-1.
SONET

SDM
Cisco Security Device Management
Web-based device-management tool for a Cisco IOS software-based router. Simplifi
es router and security configuration through smart wizards used to deploy, confi
gure, and monitor a Cisco router without requiring knowledge of the CLI.
CLI

SDRAM
synchronous dynamic random access memory. A form of DRAM.

Secure Shell
See SSH.

security
Protection of data and hardware against unwanted access or damage.

security appliance
Device that protects data and hardware against unwanted access or damage.

security policy
Description of the system, physical, and behavioral protection measures implemen
ted in an organization.

segment

1) Section of network that is bounded by bridges, routers, or switches. 2) Conti

nuous electrical circuit in a LAN using a bus topology, that is often connected
to other segments with repeaters. 3) Single, logical transport layer unit of inf
ormation.

A segment that is a logical unit of information may also be known as a datagram,

frame, message, or packet.
segmented data
Small, uniform parts of data that switch quickly and efficiently between nodes.

Serial Line Address Resolution Protocol

See SLARP.

serial transmission
Method of data transmission in which the bits of a data character are transmitte
d sequentially over a single channel.

serial tunnel
See STUN.

server
Software program or node that provides data or services at the request of client
s.
See also back end, client, and front end.

server farm
Collection of servers located in a central facility and maintained by the centra
l group to provide server needs for organizations. A server farm usually has pri
mary and backup server hardware for load balancing, redundancy, and fault tolera
nce purposes. Server farm architecture provides the operation and maintenance of
servers.

service level agreement

See SLA.

service provider
See SP.

Service Set Identifier

See SSID.

setup mode
Interactive menu to create an initial configuration file for a new networking de
vice, or a device that has had the startup-config file from NVRAM erased. Setup
mode can also be used to modify an existing configuration.

shared secret
Password known between devices.

Shortest path first algorithm

See SPF algorithm.

Shortest Path Routing

See SPR.
silicon switching
High-speed, dedicated packet switching based on the silicon switching engine, no
t the silicon switch processor.

Simple Mail Transfer Protocol

See SMTP.

Simple Network Management Protocol

See SNMP.

simple password authentication

Method that offers basic securtiy to a router using a key to gain access.
key

site-to-site VPN
Connection between sites of an organization or between an organization and a par
tner site. Site-to-site VPN does not require IPSec client configuration on compu
ter hosts because data is encrypted at the entry point of a site and decrypted a
t the exit point of the tunnel at the other site.

SLA
service level agreement
Binding contract between a network service provider and the end user who require
s a certain level of service.

SLARP
Serial Line Address Resolution Protocol
Standard that assigns an address to the end point of a serial link if the other
end is already configured. SLARP assumes that each serial line is a separate IP
subnet, and that one end of the line is host number 1 and the other end is host
number 2. As long as one end of the serial link is configured, SLARP automatical
ly configures an IP address for the other end.

SMDS

switched multimegabit data service

High-speed, packet-switched, WAN technology offered by a telephone company.

WAN
SMTP

Simple Mail Transfer Protocol

Internet standards that provide electronic mail services.

email

SNMP
Simple Network Management Protocol
Standard that allows monitoring of individual devices on the network. SNMP-compl
iant devices use agents to monitor a number of predefined parameters for specifi
c conditions. These agents collect information and store it in a MIB.
MIB

softphone
Application installed on a computer to support voice calls. An example of softph
one is Cisco IP Communicator.

software phone
See softphone.

SONET
Synchronous Optical Network
Up to 2.5 Gbps, high-speed synchronous network specification developed by Bellco
re and designed to run on optical fiber. STS-1 is the basic building block of SO
NET. Approved as an international standard in 1988.
SDH,STS-1,STS-3c

SP
service provider
Organization, such as the local phone or cable company, that provides Internet s
ervice.

SPAN

switched port analyzer

Tool used with a Catalyst switch that enables the capture of traffic by mirrorin
g the traffic at one switched segment onto a predefined SPAN port. A network ana
lyzer attached to the SPAN port can monitor traffic from any of the other Cataly
st switched ports.
spanning tree
Loop-free subset of a network topology.

Spanning Tree Protocol

See STP.
BPDU

spanning-tree algorithm
Mathematical process that creates a hierarchical tree to bridge a network.

SPF algorithm
shortest path first algorithm
Mathematical process that uses the length of a path to determine a shortest-path
spanning tree. An SPF algorithm is a link-state routing algorithm.

SPF tree
All paths from a source to each destination and the total cost of each path.

SPI
stateful packet inspection
Inspect and permit an incoming response to established communication on an inter
nal network.

split horizon
Routing technique that controls the formation of loops by preventing information
from exiting the router interface through the same interface it was received.

split tunneling
Configuration to give a VPN client access to the Internet while tunneled into a
Cisco IOS Router. Split tunneling is required to give a VPN client secure access
to corporate resources via IPsec as well as allow unsecured access to the Inter
net.

split-horizon updates
Routing technique in which information about a route is prevented from exiting t
he router interface through which that information was received. A split-horizon
update is used to prevent routing loops.

spoof
1) Method used by a Cisco router to cause a host to handle an interface as if it
were running and supporting a session. The router creates false replies to keep
alive messages from the host to convince the host that the session still exists.
Spoofing is used in a routing environment such as DDR. In DDR, a circuit-switch
ed link is taken down when there is no traffic to save toll charges. 2) When a p
acket claims to be from an address from which it was not sent. Spoofing is desig
ned to bypass network security mechanisms such as filters and access lists.
DDR

SPR

Shortest Path Routing

Algorithm that uses the length of a path to determine a shortest-path spanning t

ree. Shortest-path routing is commonly used in link-state routing algorithms.
SSH
Secure Shell
In-band protocol used to encrypt username and password information when it is se
nt.

SSID
Service Set Identifier
32-character code that normally appears in every packet of a Wi-Fi transmission.
The SSID contains the network name for the WLAN. All devices on a WLAN use the
same SSID. The SSID code can be set by the network administrator, or it can be a
utomatically assigned.
WLAN

SSL
Secure Sockets Layer is a protocol used for protecting confidential information
and private documents across the Internet. SSL uses a cryptographic system that
uses two keys to encrypt data: a public key or digital certificate, and a privat
e or secret key known only to the recipient of the message.

stakeholder
Person or organization that has an interest in the success of a process.

standard ACL
Access control list that accepts or denies packets based on the source IP addres
s. Standard ACLs are identified by the number assigned to them. The numbers rang
e from 1 to 99 and from 1300 to 1999.

star
Structure in which devices on a network are connected to a common central switch
by point-to-point links. The star topology is the most commonly used physical t
opology for Ethernet LANs.

stateful packet inspection

See SPI.

Static NAT
static network address translation
Method in which an internal host with a fixed private IP address is mapped with
a fixed public IP address all of the time.

static network address translation

See static NAT.

static route
Path that is manually configured and entered into the routing table. A static ro
ute take precedence over routes chosen by dynamic routing protocols.

statistical time-division multiplexing

See STDM.

STDM
statistical time-division multiplexing
Technique where information from multiple logical channels is transmitted across
a single physical channel. STDM dynamically allocates bandwidth only to active
input channels, making better use of available bandwidth and allowing many devic
es to be connected.
Statistical time-division multiplexing is also known as statistical multiplexing
or stat mux.
TDM

storage area network

See SAN.

storage networking
Infrastructure that uses SAN and security measures to support the network-based
storage needs.
SAN

store and forward

See store and forward packet switching.

store and forward packet switching

Technique in which frames are completely processed before being forwarded out of
the appropriate port. Store and forward packet switching is a process that incl
udes the calculation of the cyclic redundancy check and the verification of the
destination address.

STP
Spanning Tree Protocol
Bridge standards that use the spanning-tree algorithm and enable a bridge to dyn
amically work around loops in a network topology by creating a spanning tree. A
bridge exchanges BPDU messages with other bridges to detect loops, and then remo
ves the loops by shutting down selected bridge interfaces.
BPDU

streaming video
Multimedia that is continually downloaded to the receiving host as an end-user i
s viewing the material. The end-user does not fully download the multimedia file
to the computer.
Streaming media is also known as live video.

structured cabling
Using an internationally recognized standard to implement a physical network cab
ling design.

STS-1

Synchronous Transport Signal level 1

SONET format adopted by common carriers for high-speed digital circuits that ope
rate at 51.84 Mbps.
SONET

STS-3c

Synchronous Transport Signal level 3, concatenated

SONET format that specifies the frame structure for the 155.52-Mbps lines used t
o carry Asynchronous Transfer Mode cells.
ATM,SONET
stub area
OSPF area that carries a default route, intra-area routes, and interarea routes,
but does not carry external routes. Virtual links cannot be configured across a
stub area, and they cannot contain an autonomous system border router.
OSPF,ASBR

stub network
Network that has only a single connection to a router.

STUN

serial tunnel

Router feature that allows two SDLC- or HDLC-compliant devices to connect to eac
h other through an arbitrary multiprotocol topology, with the use of Cisco route
rs, rather than through a direct serial link.
SDLC,HDLC

subinterface
One of a number of virtual interfaces on a single physical interface.

subnet address
Portion of an IP address that is specified as the subnetwork by the subnet mask.
IP address

subnet mask
In IPv4, a 32-bit number associated with an IP address to determine where the ne
twork portion of an IP address ends and the host portion in an IP address begins
.
IPv4

subnetwork
System in an IP network that shares a particular subnet address. A subnetwork is
arbitrarily segmented by a network administrator to provide a multilevel, hiera
rchical routing structure while shielding the subnetwork from the addressing com
plexity of attached networks.

subset advertisement
VTP message that contains new VLAN information based on the summary advertisemen
t.

substitution
Troubleshooting technique using functioning parts to test equipment.

sub-subnet
Further division of a subnetted network address.

successor route
Equal cost, primary loop-free path with the lowest metric to the destination det
ermined by the topology and recorded in in the routing table.

summary advertisement
Current VTP domain name and configuration revision number issued periodically by
a Catalyst switch.
VTP

supernet
See supernetting.

supernetting
Process of summarizing of contiguous class addresses given out by the Internet c
ommunity. An example of supernetting is when a group of class C addresses 200.10
0.16.0 through 200.100.31.0 is summarized into the address 200.100.16.0 with a m
ask of 255.255.224.0.
Also known as classless inter-domain routing.
CIDR

SVC
switched virtual circuit
Route that is dynamically established on demand and is destroyed when transmissi
on is complete. An SVC is used in situations where data transmission is sporadic
.
PVC

switch
Network device that filters, forwards, and floods frames based on the destinatio
n address of each frame. A switch operates at the data-link layer of the OSI Ref
erence Model.
switch block
Configuration where a router, or multilayer switch, is deployed in pairs, with A
ccess Layer switches evenly divided between them. Each switch block acts indepen
dently which prevents the network from going down if a device fails.
A switch block is also known as a building or departmental switch block.

switched multimegabit data service

See SMDS.

switched port analyzer

See SPAN.

switched virtual circuit

See SVC.

switching loop
Causes duplicate frames to be sent throughout a network. A switching loop occurs
when there is more than one path between two switches.

symmetric cryptography
Type of of data coding that involves algorithms that use the same key for two se
parate steps of the process. Examples of symmetric cryptography include encrypti
on and decryption, and signature creation and verification.

symmetric key
Cryptographic key that is used in a symmetric cryptographic algorithm.
symmetric cryptography

Synchronous Digital Hierarchy

See SDH.

Synchronous Optical Network

See SONET.

synchronous transmission

Digital signals that are sent with precise clocking. Synchronous transmission si
gnals have the same frequency, with individual characters encapsulated in start
and stop bits, that designate the beginning and end of each character.
Synchronous Transport Signal level 1
See STS-1.

Synchronous Transport Signal level 3, concatenated

See STS-3c.

syslog
Type of message logged and sent to an external server to inform users of various
reports in real time.

system-level acceptance testing

Practice of verifying if a network meets the business goals and design requireme
nts. The results of system-level acceptance testing are recorded and are part of
the documentation provided to the customer.

T1
Digital WAN carrier facility that transmits DS-1-formatted data at 1.544 Mbps th
rough the telephone-switching network, with the use of AMI or binary 8-zero subs
titution coding.
AMI,DS1

T3
Digital WAN carrier facility that transmits DS-3-formatted data at 44.736 Mbps t
hrough the telephone switching network.
DS3

Tc
committed time
Calculated time interval that data takes to travel a specific distance.
Bc,Be

T-carrier
Any of several digitally multiplexed telecommunications carrier systems.

TDM
time division multiplexing
Division of bandwidth to allow multiple logical signals to be transmitted simult
aneously across a single physical channel. The signals are then seperated at the
receiving end.
telecommunications room
Facility that contains network and telecommunications equipment, vertical and ho
rizontal cable terminations, and cross-connect cables.
Also known as a riser, a distibution facility, or a wiring closet.

telecommunications service provider

See TSP.

telecommuting
Working from a location other than the centralized office.

teleconferencing
Method for a group of people to communicate in real time online.

telephony
Technology designed to convert audio to digital signals, and to transmit the sig
nals over a network, especially packet-switched networks.

teleworker
Employee that works at a location other than the centralized office.

Teleworking
Employee that works at a location other than the centralized office location.

Telnet
TCP/IP protocol that allows a remote user to log on to a host on the network and
issue commands remotely.

TFTP
Trivial File Transfer Protocol
Standards that allows files to be transferred from one computer to another over
a network. TFTP is a simplified version of FTP .
FTP

three-way handshake
Series of synchronization and acknowledgments used by TCP to open a connection.
threshold
Acceptable level of errors on an interface.

threshold value
Maximum number of errors that a switch allows before it will go into store and f
orwarding switching to slow traffic and correct the problem.
adaptive cut-through

time division multiplexing

See TDM.

time slice
Period of time during which a conversation has complete use of the physical medi
a. Bandwidth is allocated to each channel or time slot. In standard TDM, if a se
nder has nothing to say, the time slice goes unused, wasting valuable bandwidth.
In STDM, it keeps track of conversations that require extra bandwidth. It then
dynamically reassigns unused time slices on an as-needed basis to minimize the u
se of bandwidth.
TDM,STDM

Time-based ACL
An ACL that permits and denies specified traffic based on the time of day or day
of the week. Time-based ACLs are similar to extended ACLs in function, but they
support access control based on a time range. A time range is created to define
specific times of the day and week for controlling access. The time range relie
s on the router system clock, and the feature works best with Network Time Proto
col (NTP) synchronization.

Top-down
See top-down approach.

top-down approach
Method for testing a network designed to support specific network applications a
nd service requirements. When a design is complete, a prototype or proof-of-conc
ept test is performed using the top-down approach approach to ensure that the ne
w design functions as expected before it is implemented.

topology
Map of the arrangement of network nodes and media within an enterprise networkin
g infrastructure. Topology can be physical or logical.

topology database
Location on a topology that stores SPF tree information.
SPF

topology table
One of three tables on an EIGRP router. The topology table lists all routes lear
ned from each EIGRP neighbor. DUAL takes the information from the neighbor and t
opology tables and calculates the lowest cost routes to each network. The topolo
gy table identifies up to four primary loop-free routes for any one destination.
EIGRP,DUAL

ToS
type of service
8-bit field used for frame classification located in the IP packet and used by a
device to indicate the precedence or priority of a given frame. ToS is not used
when a frame is received that contains an 802.1q frame tag.
DSCP,802.1q

traffic filtering
Control traffic in various segments of the network. Traffic filtering is the pro
cess of analyzing the contents of a packet to determine if the packet should be
allowed or blocked.

traffic shaping
Using queues to limit surges that can congest a network. In traffic shaping, dat
a is buffered and then sent into the network in regulated amounts to ensure that
the traffic will fit within the promised traffic envelope for the particular co
nnection. Traffic shaping is used in networks such as ATM and Frame Relay.
ATM,Frame Relay

transceiver
Device that receives and forwards analog and digital signals.

transmit power control

Modify the RF transmission in a wireless LAN by increasing or decreasing the rat
e of power on a device to improve the link quality and signals received.
RF,WLAN

transmit queue
See TxQ.
transparent
Not visible or apparent. In networking, a lower layer protocol may make a decisi
on that does not affect or include the upper layers, so the action is invisible,
or transparent to the upper layers.

trial-and-error
Troubleshooting technique that relies on experience and testing to solve a probl
em.

triggered update
Message containing the routing table of a router that is sent to neighboring rou
ters on a network when the router starts up.

triple data encryption standard

See 3DES.

Trivial File Transfer Protocol

See TFTP.

trunk
Point-to-point link that connects a switch to another switch, a router, or a ser
ver. A trunk carries traffic for multiple VLANs over the same link. The VLANs ar
e multiplexed over the link with a trunking protocol.
VLAN,trunk port

trunk port
A port on a switch or router that connects a switch to another switch, a router,
or a server through a trunk. A trunk carries traffic for multiple VLANs over th
e same link. The VLANs are multiplexed over the link with a trunking protocol.
VLAN,trunk

TSP
telecommunication service provider
Vendor that is authorized by regulatory agencies to operate a telecommunications
system and provide telecommunications service.
A telecommunication service provider is also known as a local exchange carrier,
telecom carrier, or carrier.
carrier

tunnel
Secure communication path between two peers, such as two routers.

tunneling
Method of data transmission over networks with differing protocols. With tunneli
ng, a data packet is encapsulated to form a new packet that conforms to the prot
ocols used over intermediary networks.

two-way handshake
Authentication process used on a PAP. During the two-way handshake, a device loo
ks up the username and password of the calling device to confirm the information
matches what is stored in the database.

TxQ
transmit queue
Process of storing traffic on hardware and then sending the packets out in the o
rder they were received.

type field
Extra field in a Cisco HDLC frame which allows multiple protocols to share the s
ame link by identifying the type of protocol carried by the frame.
HDLC

type of service
See ToS.

UDP
User Datagram Protocol
Standard for connectionless transmission of voice and video traffic. Transmissio
ns using UDP are not affected by the delays caused from acknowledgements and ret
ransmitting lost packets.

unequal cost
Additional bandwidth is needed to forward a packet on certain routes on a networ
k. Some routes may have higher metric values than others.

unequal cost load balancing

Distribution of packets on more than one path using a specified variance in the
metric. Distributing the traffic helps prevent a single path from being overload
ed.

unicast
Type of message sent to a single network destination.
broadcast,multicast

Unicast frames
Data packet that is addressed to a single destination.

uninterruptible power supply

See UPS.

untagged
Traffic with no VLAN ID that needs to cross the 802.1q configured link. Examples
of untagged traffic include Cisco Discovery Protocol, VTP, and some types of vo
ice traffic. Untagged traffic minimizes the delays associated with inspection of
the VLAN ID tag.
VLAN ID,VTP

update packet
Message about the network topology sent to a neighbor. The update packet is adde
d to the topology table. Several updates are often required to send all of the t
opology information to a new neighbor.

uplink port
High-speed port that connects to areas that have a higher demand for bandwidth,
such as another switch, a server farm, or other networks.

UplinkFast
STP enhancement to minimize downtime during recalculation. STP UplinkFast accele
rates choosing a new root port when a link or switch fails, or when an STP is re
configured. The transition of the root port to the forwarding state occurs immed
iately, without going through the normal STP procedures of listening and learnin
g.
STP

UPS
uninterruptable power supply
Continuous and reliable power source made available in the event of power failur
e. UPS is often provided to mission critical servers and network devices.

uptime
Period of time in which a network or a device is fully functional.
User Datagram Protocol
See UDP.

V.35
ITU-T standard describing a synchronous, physical layer protocol used for commun
ications between a network access device and a packet network. V.35 is most comm
only used in the United States and in Europe, and is recommended for speeds up t
o 48 Kbps.

variable-length subnet mask

See VLSM.

variance
Amount multiplied to a route to determine if it is within range of the maximum a
cceptable metric for use as a path. For example, If the variance value is 2, the
router balances the traffic load using any path for which the metric is less th
an two times the best metric.

VC
virtual circuit
Logical relationship created to ensure reliable communication between two networ
k devices. A virtual circuit is defined by a virtual path identifier/virtual cha
nnel identifier pair, and can be either a permanent virtual circuit or switched
virtual circuit. Virtual circuits are used in Frame Relay and X.25. In ATM, a vi
rtual circuit is called a virtual channel.
PVC,SVC,ATM,Frame Relay

vector
Data segment of an SNA message. A vector consists of a length field, a key that
describes the vector type, and vector-specific data.
key

VID
VLAN ID
Identity of the VLAN inserted into an Ethernet frame as it enters a port on a sw
itch.

video on demand
See VoD.
virtual circuit
See VC.
ATM,Frame Relay

virtual local area network

See VLAN.

virtual path
Logical group of virtual circuits that connect two sites.

virtual path connection

See VPC.

virtual path link

See VPL.

virtual private network

See VPN.

Virtual Trunking Protocol

See VTP.

VLAN
virtual local area network
Group of devices on a network, typically end-user stations, that communicate as
if attached to the same network segment even though they may be on different seg
ments. VLANs are configured on workgroup switches. Switches with VLANs may inter
connect using VLAN trunking protocols.
VLAN is also known as virtual LAN.
LAN

VLAN ID
See VID.

VLAN management policy server (VMPS)

See VMPS.

VLAN number
Number assigned to a VLAN when it is created. The VLAN number is any number from
the range available on the switch, except for VLAN1. Naming a VLAN is considere
d a network management best practice.
VLAN

VLSM

variable-length subnet mask

Technique used to specify a different subnet mask for the same major network num
ber to identify different subnets. VLSM can help optimize available IP address s
pace.
VMPS
VLAN management policy server
Server with a database that maps MAC addresses to VLAN assignments. When a devic
e plugs into a switch port, the VMPS searches the database for a match of the MA
C address and temporarily assigns that port to the appropriate VLAN.
VLAN,MAC address

VoD
video on demand
Type of system that allow a user to select and watch video content over a networ
k as part of an interactive television system. A VoD system either streams conte
nt, allowing viewing while the video is being downloaded, or downloads the conte
nt entirely to a set-top box before viewing starts.

Voice over IP
See VoIP.

Voice/WAN interface card

See VWIC.

voice-enabled router
Device that converts analog voice from telephone signals to IP packets. The voic
e-enabled router forwards IP packets between locations.

VoIP
Voice Over Internet Protocol
Standard for transmitting voice data encapsulated in an IP packet on an already
implemented IP network without needing its own network infrastructure. In VoIP,
the digital signal processor divides the voice signal into frames which are pair
ed in groups of two and stored in voice packets. The voice packets are transport
ed using IP in compliance with ITU-T specification H.323.
VoIP is also known as Voice Over IP.

VPC

virtual path connection

Group of virtual channel connections that share one or more contiguous VPLs.
VPL

VPL

virtual path link

Group of unidirectional virtual channel links within a virtual path with the sam
e end points. Grouping into a VPL reduces the number of connections to be manage
d, and as a result, decreases network control overhead and cost.
VPC

VPN
virtual private network
Network through which data is sent through a public telecommunication infrastruc
ture while maintaining the privacy of the data by creating a tunnel through the
public telecommunication infrastructure.

VPN concentrator
virtual private network concentrator
Gateway on a network that filters all VPN traffic.
VPN

VTP

Virtual Trunking Protocol

Cisco proprietary standard that maintains a consistent VLAN configuration across

a common administrative domain.
VTP configuration revision number
VLAN Trunking Protocol configuration revision number
Numerical order of multicast messages on a network. The VTP configuration revisi
on number begins at zero. As changes on the network occur , the configuration re
vision number increases by one. It continues to increment until it reaches 2,147
,483,648. If a message has a higher VTP configuration revision number than the o
ne stored in the database, the switch updates its VLAN database with this new in
formation.

VWIC
voice/WAN interface card
Adapter that provides support for voice, data and integrated voice, and data app
lications. A VWIC facilitates the migration from data only, as well as channeliz
ed voice and data, to packet voice solutions which simplifies deployment and man
agement.
WAN

WAN
wide area network
Data communication network that serves users across a broad geographic area and
often uses transmission devices provided by common carriers. Examples of WAN tec
hnologies include Frame Relay, SMDS, and X.25.
SMDS,Frame Relay

WAN interface card

See WIC.

warranty
Guarantee that a product or service is free of defects and performs as advertise
d. A warranty is limited in duration and in the services provided.

WEP
Wired Equivalent Privacy
Optional security mechanism standard defined within the 802.11 standard designed
to make the link integrity of wireless devices equal to that of a cable.

WIC
wide area network interface card
Adapter that connects a system to a WAN link service provider.
WAN

wide area network

See WAN.

wide area network interface card

See WIC.
Wi-Fi Protected Access
See WPA.

wildcard mask
32-bit quantity used in conjunction with an IP address to determine which bits i
n an IP address should be ignored when that address is compared with another IP
address. A wildcard mask is specified when access lists are set up. A wildcard m
ask is used in in IPv4.
IP address,IPv4

wire speed
Rate that packets are forwarded on a network.

Wired Equivalent Privacy

See WEP.

wireless access point

Physical sites connected on a network that transmit signals for wireless devices
.

wireless LAN
See WLAN.

wireless LAN controller

Type of module that provides a secure enterprise-class wireless system. A wirele
ss LAN controller enables a smaller organization to cost-effectively and easily
deploy and manage a secure WLAN.
WLAN

wiring closet
Specially designed room used to wire a data or voice network. Wiring closets ser
ve as a central junction point for the wires and wiring equipment that is used t
o interconnect devices.

WLAN
wireless local area network
Connection between two or more computers without using physical media. WLAN uses
radio communication to accomplish the same functionality as a LAN.
WLAN is also known as wireless LAN.
WPA
Wi-Fi Protected Access
Standard based on IEEE 802.11i that was developed to address security issues. WP
A provides high levels of security in a wireless network. WPA uses the Temporal
Key Integrity Protocol for data protection and 802.1X for authenticated key mana
gement.

zero CIR
Excess bandwidth that is discounted when it is available from a Frame Relay serv
ice provider. In Zero CIR, a user pays a small fee for the capability to transmi
t data across a PVC at speeds up to that of the access link. If there is congest
ion, all DE lableled frames are dropped. There is no guarantee of service with a
CIR set to zero.