>#sho ip cef
>#sho cef non-

Router#sh ip cef
Prefix               Next Hop             Interface
0.0.0.0/0            86.86.86.86        FastEthernet0/1
0.0.0.0/8            drop
0.0.0.0/32           receive
82.28.57.0/24        attached             FastEthernet0/0
82.28.57.0/32        receive              FastEthernet0/0
82.28.57.1/32        attached             FastEthernet0/0
82.28.57.3/32        attached             FastEthernet0/0
82.28.57.5/32        attached             FastEthernet0/0
82.28.57.26/32       attached             FastEthernet0/0
82.28.57.34/32       attached             FastEthernet0/0
82.28.57.50/32       attached             FastEthernet0/0
82.28.57.59/32       receive              FastEthernet0/0
82.28.57.80/32       attached             FastEthernet0/0
82.28.57.81/32       attached             FastEthernet0/0
82.28.57.82/32       attached             FastEthernet0/0
82.28.57.255/32      receive              FastEthernet0/0
82.28.52.160/27      attached             Vlan33
82.28.52.160/32      receive              Vlan33
82.28.52.161/32      receive              Vlan33
82.28.52.162/32      attached             Vlan33
82.28.52.163/32      attached             Vlan33
82.28.52.190/32      attached             Vlan33
Prefix               Next Hop             Interface
82.28.52.191/32      receive              Vlan33
127.0.0.0/8          drop
192.168.0.0/16       192.168.17.1        Vlan22
192.168.12.0/24     attached             Vlan22
192.168.12.0/32     receive              Vlan22
192.168.12.1/32     attached             Vlan22
192.168.12.4/32     receive              Vlan22
192.168.12.8/32     attached             Vlan22
192.168.12.9/32     attached             Vlan22
192.168.12.10/32    attached             Vlan22
192.168.12.11/32    attached             Vlan22
192.168.12.15/32    attached             Vlan22
192.168.12.17/32    attached             Vlan22
192.168.12.19/32    attached             Vlan22
192.168.12.21/32    attached             Vlan22
192.168.12.22/32    attached             Vlan22
192.168.12.24/32    attached             Vlan22
192.168.12.37/32    attached             Vlan22
192.168.12.38/32    attached             Vlan22
192.168.12.41/32    attached             Vlan22
192.168.12.43/32    attached             Vlan22
192.168.12.46/32    attached             Vlan22
192.168.12.57/32    attached             Vlan22
192.168.12.60/32    attached             Vlan22
192.168.12.61/32    attached             Vlan22
192.168.12.63/32    attached             Vlan22
192.168.12.64/32    attached             Vlan22
192.168.12.65/32    attached             Vlan22
192.168.12.69/32    attached             Vlan22
192.168.12.74/32    attached             Vlan22
192.168.12.132/32   attached             Vlan22
192.168.12.145/32   attached             Vlan22
192.168.12.146/32   attached             Vlan22
192.168.12.255/32   receive              Vlan22
195.22.224.1/32      86.86.86.86        FastEthernet0/1
218.50.192.1/32      86.86.86.86        FastEthernet0/1
218.50.20.16/28     attached             Vlan44
218.50.20.16/32     receive              Vlan44
218.50.20.17/32     receive              Vlan44
218.50.20.18/32     receive              Vlan44
218.50.20.19/32     attached             Vlan44
218.50.20.20/32     receive              Vlan44
218.50.20.26/32     attached             Vlan44
218.50.20.27/32     attached             Vlan44
218.50.20.31/32     receive              Vlan44
218.50.20.32/30     attached             FastEthernet0/1
218.50.20.32/32     receive              FastEthernet0/1
218.50.20.33/32     attached             FastEthernet0/1
218.50.20.34/32     receive              FastEthernet0/1
218.50.20.35/32     receive              FastEthernet0/1
224.0.0.0/4          multicast
224.0.0.0/24         receive
240.0.0.0/4          drop
255.255.255.255/32   receive

sh run

ip cef
ip inspect log drop-pkt
ip inspect tcp reassembly queue length 32
ip inspect name firewall tcp alert on audit-trail off
ip inspect name firewall smtp alert on audit-trail off
ip inspect name firewall http alert on audit-trail off
ip inspect name firewall https alert on audit-trail off
ip inspect name firewall dns alert on audit-trail off
ip inspect name firewall udp alert on audit-trail off
ip multicast-routing
ip ips config location flash:ips5/ retries 1
ip ips notify SDEE
ip ips name myips
!
ip ips signature-category
  category all
   retired true
  category ios_ips advanced
   retired true
   enabled false
  category ios_ips basic
   retired false
   enabled true

!
track 123 ip sla 1 reachability
!
track 124 ip sla 2 reachability
!
!
!
interface FastEthernet0/0
description ISP1
ip address 82.28.57.1 255.255.255.0
no ip proxy-arp
ip flow ingress
ip flow egress
ip nat outside
ip ips myips in
ip virtual-reassembly max-reassemblies 32
duplex auto
speed auto
!
interface FastEthernet0/1
description ISP2
ip address 86.86.86.85 255.255.255.252
ip flow ingress
ip flow egress
ip nat outside
ip ips myips in
ip virtual-reassembly max-reassemblies 32
duplex auto
speed auto
!
interface FastEthernet0/0/0
switchport access vlan 22
!
interface FastEthernet0/0/1
  switchport access vlan 33
!
interface FastEthernet0/0/2
switchport access vlan 22
!
interface FastEthernet0/0/3
  switchport access vlan 44

interface Vlan1
no ip address
!
interface Vlan22
description LAN
ip address 192.168.12.2 255.255.255.0
ip access-group out-acl in
ip flow ingress
ip flow egress
ip pim dense-mode
ip nat inside
ip virtual-reassembly
ip policy route-map MAP
!
interface Vlan33
ip address 82.28.52.161 255.255.255.224
ip policy route-map dmz-ISP1
!
interface Vlan44
ip address 218.50.20.n 255.255.255.240 secondary
ip address 218.50.20.n 255.255.255.240 secondary
ip address 218.50.20.n 255.255.255.240
ip flow ingress
ip flow egress
ip pim dense-mode
ip policy route-map dmz-ISP2
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 86.86.86.86 track 124
ip route 0.0.0.0 0.0.0.0 82.28.57.2 254
ip route 192.168.0.0 255.255.0.0 192.168.12.1
ip route 195.22.224.1 255.255.255.255 86.86.86.86
ip route 212.56.192.1 255.255.255.255 86.86.86.86
no ip http server
ip http access-class 25
no ip http secure-server
!
ip flow-export source Vlan22
ip flow-export version 5
ip flow-export destination 192.168.12.6 9996
!
ip nat inside source route-map ISP1 interface FastEthernet0/0 overload
ip nat inside source route-map ISP2 interface FastEthernet0/1 overload
ip nat inside source static tcp x.x.x.x   x.x.x.x  extendable
ip nat inside source static udp x.x.x.x  x.x.x.x   extendable
ip nat inside source static tcp x.x.x.x  x.x.x.x  extendable
ip nat inside source static tcp x.x.x.x  x.x.x.x  extendable
ip nat inside source static tcp x.x.x.x  x.x.x.x  extendable
ip nat inside source static udp x.x.x.x  x.x.x.x  extendable
ip nat inside source static tcp x.x.x.x  x.x.x.x  extendable
ip nat inside source static tcp x.x.x.x  x.x.x.x  extendable
ip nat inside source static tcp x.x.x.x  x.x.x.x  extendable
ip nat inside source static tcp x.x.x.x  x.x.x.x  extendable
ip nat inside source static tcp x.x.x.x  x.x.x.x   extendable
ip nat inside source static tcp x.x.x.x  x.x.x.x  extendable
ip nat inside source static tcp x.x.x.x  x.x.x.x  extendable
ip nat inside source static tcp x.x.x.x  x.x.x.x  extendable
ip nat inside source static tcp x.x.x.x  x.x.x.x  extendable
ip nat inside source static udp x.x.x.x  x.x.x.x  extendable
!
ip access-list extended PBR-acl
deny   ip host 192.168.12.11 any
deny   ip host 192.168.12.12 any
deny   ip host 192.168.12.13 any
deny   ip host 192.168.12.14 any
deny   ip host 192.168.12.15 any
deny   ip host 192.168.12.16 any
deny   ip 218.50.20.16 0.0.0.15 192.168.0.0 0.0.255.255
deny   ip 192.168.0.0 0.0.255.255 218.50.20.16 0.0.0.15
deny   ip 218.50.20.16 0.0.0.15 82.28.52.160 0.0.0.31
deny   ip 82.28.52.160 0.0.0.31 218.50.20.16 0.0.0.15
deny   ip 82.28.52.160 0.0.0.31 192.168.0.0 0.0.255.255
deny   ip 192.168.0.0 0.0.255.255 82.28.52.160 0.0.0.31
deny   ip 192.168.0.0 0.0.255.255 192.168.0.0 0.0.255.255
permit ip any any
ip access-list extended out-acl
permit ip host n.n.n.n any
permit ip host n.n.n.n any
permit ip host n.n.n.n any
permit ip host n.n.n.n any
permit ip host n.n.n.n any
permit ip host n.n.n.n any
permit tcp host n.n.n.n host n.n.n.n eq 1005
permit ip host n.n.n.n any
permit ip host n.n.n.n any
permit ip host n.n.n.n any
permit ip host n.n.n.n any
permit ip host n.n.n.n host n.n.n.n
permit ip host n.n.n.n any
permit ip host n.n.n.n any
permit ip host n.n.n.n any
permit ip host n.n.n.n any
permit ip host n.n.n.n any
permit ip host n.n.n.n host n.n.n.n
permit tcp host n.n.n.n any established
permit tcp host n.n.n.n any established
permit tcp host n.n.n.n any established
permit tcp host n.n.n.n any established
permit tcp host n.n.n.n any established
permit ip host n.n.n.n any
permit ip host n.n.n.n any
permit ip host n.n.n.n any
permit ip host n.n.n.n any
permit udp any host n.n.n.n eq ntp
permit udp host n.n.n.n host n.n.n.n eq ntp
permit udp host n.n.n.n host n.n.n.n eq ntp
permit udp host n.n.n.n host n.n.n.n eq ntp
permit ip host n.n.n.n host n.n.n.n
permit tcp host n.n.n.n host n.n.n.n eq 9959
permit tcp host n.n.n.n host n.n.n.n eq 9959
permit tcp host n.n.n.n host n.n.n.n eq 2218
permit icmp host n.n.n.n host n.n.n.n
permit tcp host n.n.n.n host n.n.n.n eq 2218
permit icmp host n.n.n.n host n.n.n.n
permit tcp host n.n.n.n host n.n.n.n eq 2218
permit icmp host n.n.n.n  host n.n.n.n
permit icmp host n.n.n.n  host n.n.n.n
permit tcp host n.n.n.n  host n.n.n.n  eq 2218
permit tcp host n.n.n.n  host n.n.n.n  eq 2218
permit tcp host n.n.n.n  host n.n.n.n  eq 2578
permit tcp host n.n.n.n  host n.n.n.n  eq 2218
permit icmp host n.n.n.n  host n.n.n.n
permit icmp host n.n.n.n host n.n.n.n
permit tcp host n.n.n.n  host n.n.n.n  eq 2578
permit icmp host n.n.n.n  host n.n.n.n
permit tcp n.n.n.n  0.0.0.255 host n.n.n.n  eq 2578
permit tcp n.n.n.n  0.0.0.255 any eq nntp
permit ip host n.n.n.n  any
permit ip host n.n.n.n  any
permit ip host n.n.n.n  any
permit ip any 10.10.12.0 0.0.0.255
permit ip any n.n.n.n  0.0.0.15
permit ip any n.n.n.n  0.0.0.31
permit tcp 192.168.0.0 0.0.255.255 host n.n.n.n  eq 1111
permit tcp 192.168.0.0 0.0.255.255 host n.n.n.n  eq 1111
permit tcp 192.168.0.0 0.0.255.255 host n.n.n.n  eq 1112
permit tcp 192.168.0.0 0.0.255.255 host n.n.n.n  eq 1112
permit tcp 192.168.0.0 0.0.255.255 host n.n.n.n
permit tcp 192.168.0.0 0.0.255.255 host n.n.n.n  eq 1113
permit tcp 192.168.0.0 0.0.255.255 host n.n.n.n  eq 1113
permit tcp host n.n.n.n any
deny   tcp any any eq 1234 log
deny   udp any any eq 1234 log
deny   udp any any eq 1235 log
deny   tcp any any eq 1236 log
deny   tcp any any eq 1237 log
deny   udp any any eq 1238 log
deny   tcp any any eq 1239 log
deny   udp any any eq 1235 log
permit icmp host n.n.n.n any
permit icmp host n.n.n.n any
permit icmp host n.n.n.n any
permit icmp host n.n.n.n any
permit ip host n.n.n.n any
deny   ip any any

!
ip sla 1
icmp-echo 82.28.57.1 source-interface FastEthernet0/0
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 86.86.86.86 source-interface FastEthernet0/1
ip sla schedule 2 life forever start-time now
logging n.n.n.n
access-list 10 permit 192.168.0.0 0.0.255.255
access-list 25 permit 192.168.12.0 0.0.0.255
snmp-server community public RO
snmp-server priority high
no cdp run

!
!
!
route-map MAP permit 10
match ip address PBR-acl
set ip next-hop verify-availability 82.28.57.1 5 track 123
set ip next-hop verify-availability 86.86.86.86 10 track 124
!
route-map dmz-ISP1 permit 10
match ip address PBR-acl
set ip next-hop 82.28.57.1
!
route-map ISP1 permit 10
match ip address 10
match interface FastEthernet0/0
!
route-map ISP2 permit 10
match ip address 10
match interface FastEthernet0/1
!
route-map dmz-ISP2 permit 10
match ip address PBR-acl
set ip next-hop 86.86.86.86
!