SAFE Blueprint An architecture and set of documents that defines Cisco’s best
recommendations for how to secure a network.
same-layer interaction The two computers use a protocol with which to communicate with
the same layer on another computer. The protocol defined by each layer uses a header that is
transmitted between the computers to communicate what each computer wants to do.
scheduler A queuing tool’s logic by which it selects the next packet to dequeue from its many
queues.
sequence number (OSPF) In OSPF, a number assigned to each LSA, ranging from
0x80000001 and wrapping back around to 0x7FFFFFFF, which is used to determine which LSA
is most recent.
sequence number A term used with WFQ for the number assigned to a packet as it is enqueued
into a WFQ. WFQ schedules the currently lowest SN packet next.
Service Interworking The process, defined by FRF.5 and FRF.8, for combining ATM and FR
technologies for an individual VC.
service policy A term referring to the MQC service-policy command, which is used to enable
a policy map on an interface.
service set identifier Defines a particular wireless LAN. The SSID configured in the radio card
must match the SSID in the access point before the station can connect with the access point.
Set In the context of SNMP, the Set command is sent by an SNMP manager, to an agent,
requesting that the agent set a single identified variable to the stated value. The main purpose is to
allow remote configuration and remote operation, such as shutting down an interface by using an
SNMP Set of an interface state MIB variable.
SF See Superframe.
shaped mode The operating mode of shaped round-robin that provides a low-latency queue
with policing.
shaped round-robin A packet-scheduling algorithm used in Cisco switches that provides
similar behavior to CBWFQ in shared mode and polices in shaped mode.
shaping rate The rate at which a shaper limits the bits exiting the shaper.
shared distribution tree In PIM-SM, the path of the group traffic that flows from the RP to the
routers that need the traffic. It is also called the root-path tree (RPT), because it is rooted at the RP.
shared mode The operating mode of shaped round-robin that provides behavior like CBWFQ
with bandwidth allocated between different traffic classes by a relative amount rather than
absolute percentage of the available bandwidth.
shortest-path tree switchover In the PIM-SM design, the process by which a PIM-SM router
can build the SPT between itself and the source of a multicast group and take advantage of the
most efficient path available from the source to the router as long as it has one directly connected
group member. Once it builds an SPT, it sends a PIM-SM (S, G) RP-bit Prune toward the upstream
router on the shared tree.
single-rate, three-color policer Policing in which a single rate is metered, and packets are
placed into one of three categories (conform, exceed, or violate).
single-rate, two-color policer Policing in which a single rate is metered, and packets are placed
into one of two categories (conform or exceed).
signal-to-noise ratio The difference between the measured signal power and the noise power
that a particular receiver sees at a given time. Higher SNRs generally indicate better performance.
Slow Start 895
Slow Start A method for how a TCP sender grows its calculated CWND variable, thereby
growing the allowed window for the connection. Slow Start grows CWND at an exponential rate.
Slow Start Threshold A calculated TCP variable, used along with the TCP CWND variable, to
dictate a TCP sender’s behavior when it recognizes packet loss. As CWND grows after packet loss,
the TCP sender increases CWND based on Slow Start rules, until CWND grows to be as high
as the SSThresh setting, at which point TCP Congestion Avoidance logic is used. Essentially,
SSThresh is the threshold at which Slow Start logic ends.
SLSM See static length subnet masking.
SMI See Structure of Management Information.
Smoothed Round-Trip Time With EIGRP, a purposefully slowly changing measurement of
round-trip time between neighbors, from which the EIGRP RTO is calculated.
smurf attack A style of attack in which an ICMP Echo is sent with a directed broadcast (subnet
broadcast) destination IP address, and a source address of the host that is being attacked. The
attack can result in the Echo reaching a large number of hosts, all of which reply by sending an
Echo Reply to the host being attacked.
SN See sequence number.
SNMP agent A process on a computing device that accepts SNMP requests, responds with
SNMP-structured MIB data, and initiates unsolicited Trap messages back to an SNMP
management station.
SNMP manager A process on a computing device that issues requests for SNMP MIB
variables from SNMP agents, receives and processes the MIB data, and accepts unsolicited Trap
messages from SNMP agents.
SNR See signal-to-noise ratio.
socket A 3-tuple consisting of an IP address, port number, and transport layer protocol. TCP
connections exist between a pair of sockets.
soft reconfiguration A BGP process by which a router reapplies routing policy configuration
(route maps, filters, and the like) based on stored copies of sent and received BGP Updates.
software queue A queue created by Cisco IOS as a result of the configuration of a queuing tool.
896 solicited node multicast
solicited node multicast In IPv6, an address used in the Neighbor Discovery (ND) process.
The format for these addresses is FF02::1:FF00:0000/104, and each IPv6 host must join the
corresponding group for each of its unicast and anycast addresses.
source DR A designated router that is directly connected with a source of the multicast group.
source registration In the PIM-SM design, the process by which a source DR, after it starts to
receive the group traffic, encapsulates the multicast packets in the unicast packets and sends them
to the RP.
source-based distribution tree Method by which a dense-mode routing protocol distributes
multicast traffic from a source to all the segments of a network. Also called shortest-path tree
(SPT), because it uses the shortest routing path from the source to the segments of the network.
source-specific addresses The range 232.0.0.0 through 232.255.255.255 that is allocated by
IANA for SSM destination addresses and is reserved for use by source-specific applications and
protocols.
source-specific multicast IGMPv3 is designed to support source filtering. IGMPv3 allows a
host to indicate interest in receiving multicast packets only from specific source addresses, or from
all but specific source addresses, sent to a particular multicast destination address.
sparse-mode protocol A multicast routing protocol that forwards the multicast traffic only
when requested by a downstream router.
Spanning Tree Protocol Defined in IEEE 802.1d, a protocol used on LAN bridges and switches
to dynamically define a logical network topology that allows all devices to be reached, but
prevents the formation of loops.
SPF algorithm The algorithm used by OSPF and IS-IS to compute routes based on the LSDB.
SPF calculation The process of running the SPF algorithm against the LSDB, with the result
being the determination of the current best route(s) to each subnet.
split horizon Instead of advertising all routes out a particular interface, the routing protocol
omits the routes whose outgoing interface field matches the interface out which the update would
be sent.
spread spectrum A technology that enables frequency reuse. Two variants exist: frequency
hopping (FHSS) and direct sequence (DSSS). Both techniques spread the signal power over a
relatively wide portion of the frequency spectrum over time, to reduce interference between
systems.
SRR 897
SRR See shaped round-robin.
SRTT See Smoothed Round-Trip Time.
SSID See service set identifier.
SSM See source-specific multicast.
SSThresh See Slow Start Threshold.
stateful autoconfiguration A method of obtaining an IPv6 address that uses DHCPv6. See also
stateless autoconfiguration.
stateless autoconfiguration A method used by an IPv6 host to determine its own IP address,
without DHCPv6, by using NDP and the modified EUI-64 address format. See also stateful
autoconfiguration.
static length subnet masking A strategy for subnetting a classful network for which all masks/
prefixes are the same value for all subnets of that one classful network.
sticky learning In switch port security, the process whereby the switch dynamically learns the
MAC address(es) of the device(s) connected to a switch port, and then adds those addresses to the
running configuration as allowed MAC addresses for port security.
storm control A Cisco switch feature that permits limiting traffic arriving at switch ports by
percentage or absolute bandwidth. Separate thresholds are available per port for unicast, multicast,
and broadcast traffic.
STP See Spanning Tree Protocol.
straight-through cable Copper cable with RJ-45 connectors in which the wire at pin 1 on one
end is connected to pin 1 on the other end; the wire at pin 2 is connected to pin 2 on the other end;
and so on.
strict priority A queuing scheduler’s logic by which, if a particular queue has packets in it,
those packets always get serviced next.
Structure of Management Information The SNMP specifications, standardized in RFCs,
defining the rules by which SNMP MIB variables should be defined.
stub area An OSPF area into which external (type 5) LSAs are not introduced by its ABRs;
instead, the ABRs originate and inject default routes into the area.
898 stub network (OSPF)
stub network (OSPF) A network/subnet to which only one OSPF router is connected.
stub router (EIGRP) A router that should not be used to forward packets between other
routers. Other routers will not send Query messages to a stub router.
stub router (OSPF) A router that should either permanently or temporarily not be used as a
transit router. Can wait a certain time after OSPF process start, or after BGP notifies OSPF that
BGP has converged, before ceasing to be a stub router.
stuck-in-active The condition in which a route has been in an EIGRP active state for longer than
the router’s Active timer.
sub-AS The term referring to a group of iBGP routers in a confederation, with the group
members being assigned a hidden ASN for the purposes of loop avoidance.
subnet A subset of a classful IP network, as defined by a subnet mask, which used to address IP
hosts on the same Layer 2 network in much the same way as a classful network is used.
subnet broadcast address A single address in each subnet for which packets sent to this
address will be broadcast to all hosts in the subnet. It is the highest numeric value in the range of
IP addresses implied by a subnet number and prefix/mask.
subnet ID 16 bits between the interface ID and global routing prefix in an IPv6 global address,
used for subnet assignment inside an enterprise.
subnet mask A dotted-decimal number used to help define the structure of an IP address. The
binary 0s in the mask identify the host portion of an address, and the binary 1s identify either the
combined network and subnet part (when thinking classfully) or the network prefix (when
thinking classlessly).
subnet number A dotted-decimal number that represents a subnet. It is the lowest numeric
value in the range of IP addresses implied by a subnet number and prefix/mask.
subnet zero When subnetting a class A, B, or C address, the subnet for which all subnet bits are
binary 0.
successor route With EIGRP, the route to each destination for which the metric is the lowest of
all known routes to that network.
summary route A route that is created to represent one or more smaller component routes,
typically in an effort to reduce the size of routing and topology tables.
Superframe An early T1 framing standard.
superior BPDU Jargon used by STP mostly when discussing the root election process; refers to
a Hello with a lower bridge ID. Sometimes refers to a Hello with the same bridge ID as another,
but with better values for the tiebreakers in the election process.
supplicant The 802.1X driver that supplies a username/password prompt to the user and
sends/receives the EAPoL messages.
SVC See switched virtual circuit.
switched interface An interface on a Cisco IOS–based switch that is treated as if it were an
interface on a switch.
switched virtual circuit A VC that is set up dynamically when needed. An SVC can be equated
to a dial-on-demand connection in concept.
synchronization In BGP, a feature in which BGP routes cannot be considered to be a best
route to reach an NLRI unless that same prefix exists in the router’s IP routing table as learned
via some IGP.