what is the use of this command?

Answered Question
Feb 20th, 2008
User Badges:

what is the use of this command?


no service pad

service tcp-keepalives-in

service tcp-keepalives-out

logging buffered 51200 warnings

logging console critical



Correct Answer by Danilo Dy about 9 years 4 months ago

Hi,


SERVICE PAD

The packet assembler/disassembler (PAD) service supports X.25 links. This service is on by default, but it is not needed unless your router is using X.25. Disable it from global configuration mode as shown below.


TCP-KEEPALIVES-IN and TCP-KEEPALIVES-OUT

if you are going to permit remote administration via Telnet, enable TCP keepalive services. These services will cause the router to generate periodic TCP keepalive messages, thus allowing it to detect and drop orphaned (broken) TCP connections to/from remote systems. Using this service does not remove the need for setting an exec-timeout time as recommended above.


LOGGING BUFFERED 51200 WARNINGS

To turn ON buffered logging for warning messages. Rule of thumb, you should set it to 16K if your router has 16MB RAM. If you set it higher (i.e. 50K), make sure your router has more than 16MB RAM or at least 64MB RAM


LOGGING CONSOLE CRITICAL

To turn ON console logging for critical messages.


for more on securing cisco IOS/Router, check this link http://www.nsa.gov/snac/


Regards,

Dandy

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.7 (8 ratings)
Loading.
Correct Answer
Danilo Dy Wed, 02/20/2008 - 22:56
User Badges:
  • Blue, 1500 points or more

Hi,


SERVICE PAD

The packet assembler/disassembler (PAD) service supports X.25 links. This service is on by default, but it is not needed unless your router is using X.25. Disable it from global configuration mode as shown below.


TCP-KEEPALIVES-IN and TCP-KEEPALIVES-OUT

if you are going to permit remote administration via Telnet, enable TCP keepalive services. These services will cause the router to generate periodic TCP keepalive messages, thus allowing it to detect and drop orphaned (broken) TCP connections to/from remote systems. Using this service does not remove the need for setting an exec-timeout time as recommended above.


LOGGING BUFFERED 51200 WARNINGS

To turn ON buffered logging for warning messages. Rule of thumb, you should set it to 16K if your router has 16MB RAM. If you set it higher (i.e. 50K), make sure your router has more than 16MB RAM or at least 64MB RAM


LOGGING CONSOLE CRITICAL

To turn ON console logging for critical messages.


for more on securing cisco IOS/Router, check this link http://www.nsa.gov/snac/


Regards,

Dandy

smothuku Wed, 02/20/2008 - 22:57
User Badges:
  • Silver, 250 points or more

Hi Patel ,


service pad

To enable all packet assembler/disassembler (PAD) commands and connections between PAD devices and access servers, use the service pad command in global configuration mode. To disable this service, use the no form of this command.


service pad [cmns] [from-xot] [to-xot]


no service pad [cmns] [from-xot] [to-xot]


service tcp-keepalives-in

To generate keepalive packets on idle incoming network connections (initiated by the remote host), use the service tcp-keepalives-in command in global configuration mode. To disable the keepalives, use the no form of this command.


service tcp-keepalives-in


no service tcp-keepalives-in


service tcp-keepalives-out

To generate keepalive packets on idle outgoing network connections (initiated by a user), use the service tcp-keepalives-out command in global configuration mode. To disable the keepalives, use the no form of this command.


service tcp-keepalives-out


no service tcp-keepalives-out


logging buffered

To enable system message logging to a local buffer, use the logging buffered command in global configuration mode. To cancel the use of the buffer, use the no form of this command. To return the buffer size to its default value, use the default form of this command.


logging buffered [buffer-size | severity-level | discriminator discr-name [severity-level]]


no logging buffered


default logging buffered



logging console

To send system logging (syslog) messages to all available TTY lines and limit messages based on severity, use the logging console command in global configuration mode. To disable logging to the console terminal, use the no form of this command.


logging console [severity-level | discriminator discr-name [severity-level]]


no logging console


Syntax Description

severity-level

(Optional) The number or name of the desired severity level at which messages should be logged. Messages at or numerically lower than the specified level are logged. Severity levels are as follows (enter the number or the keyword):


[0 | emergencies]-System is unusable


[1 | alerts]-Immediate action needed


[2 | critical]-Critical conditions


[3 | errors]-Error conditions


[4 | warnings]-Warning conditions


[5 | notifications]-Normal but significant conditions


[6 | informational]-Informational messages


[7 | debugging]-Debugging messages


Level 7 is the default.

discriminator

(Optional) Specifies a user-defined filter, via the logging discriminator, for syslog messages.

discr-name

(Optional) String of a maximum of 8 alphanumeric, case-sensitive characters. Blank spaces between characters are not allowed.


Hope it helps you.


Cheers :)MSK








Joseph W. Doherty Thu, 02/21/2008 - 04:58
User Badges:
  • Super Bronze, 10000 points or more

The other posters have explained the meanings, but I recall reading logging to the console can impact performance. If true, I would think only logging critical messages would reduce the impact.

c82_patel Thu, 02/21/2008 - 23:40
User Badges:

If I disable the service tcp-keepalives-in/Out then.




Danilo Dy Thu, 02/21/2008 - 23:43
User Badges:
  • Blue, 1500 points or more

Yes, you should disable serice pad. Unless you are using X25.

Actions

This Discussion