Networking Acronyms – A–Z Reference
Every acronym you will encounter in CCNA study and real-world networking, listed alphabetically with a one-line definition and a direct link to the full explanation page. Use the jump-bar below to skip to any letter instantly.
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| AAA | Authentication, Authorisation, Accounting | Security framework that verifies identity, controls access rights, and logs activity | AAA Overview |
| ACL | Access Control List | Ordered list of permit/deny rules applied to router or switch interfaces to filter traffic | ACL Overview |
| AD | Administrative Distance | Trustworthiness rating (0–255) used by a router to choose between routes from different sources | Administrative Distance |
| AES | Advanced Encryption Standard | Symmetric block cipher used in WPA2/WPA3 and IPsec ESP; 128, 192, or 256-bit key lengths; the current gold-standard for wireless and VPN encryption | Wi-Fi Security |
| AP | Access Point | Wireless device that connects Wi-Fi clients to a wired LAN | Access Points & WLC |
| ARP | Address Resolution Protocol | Layer 2 protocol that maps a known IPv4 address to an unknown MAC address on the local segment | ARP Cache (arp -a) |
| AS | Autonomous System | Collection of IP prefixes under a single administrative domain that presents a unified routing policy to the Internet; identified by an ASN | BGP Overview |
| ASN | Autonomous System Number | Unique number identifying an autonomous system for BGP routing | BGP Overview |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| BDR | Backup Designated Router | OSPF backup router that takes over if the DR fails on a multi-access segment | OSPF DR/BDR |
| BGP | Border Gateway Protocol | Exterior path-vector routing protocol used to exchange routes between autonomous systems on the Internet | BGP Overview |
| BPDU | Bridge Protocol Data Unit | STP control frame exchanged between switches to elect the root bridge and determine port roles | PortFast & BPDU Guard |
| BUM | Broadcast, Unknown-unicast, Multicast | Three traffic types that must be flooded in overlay networks such as VXLAN | VLANs |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| CAM | Content Addressable Memory | Hardware table in a switch that stores MAC-address-to-port mappings for fast frame forwarding | CAM Table |
| CDP | Cisco Discovery Protocol | Cisco-proprietary Layer 2 protocol that advertises device identity, platform, and capability to directly connected neighbours | show cdp neighbors |
| CIDR | Classless Inter-Domain Routing | IP addressing scheme that replaces class-based addressing with variable-length prefix notation (e.g. /22) | Subnetting |
| CLI | Command Line Interface | Text-based interface used to configure and manage Cisco IOS devices | Cisco IOS Modes |
| CoS | Class of Service | 3-bit field in the 802.1Q VLAN tag (also called PCP) used to mark frames for QoS prioritisation at Layer 2; values 0–7 | QoS Marking |
| CRC | Cyclic Redundancy Check | Error-detection algorithm used in the Ethernet FCS field to detect frame corruption | show interfaces |
| CSMA/CD | Carrier Sense Multiple Access / Collision Detection | Legacy Ethernet access method where devices detect and recover from collisions on shared media | Ethernet Standards |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| DAI | Dynamic ARP Inspection | Switch security feature that validates ARP packets against the DHCP snooping binding table to prevent ARP spoofing | Dynamic ARP Inspection |
| DHCP | Dynamic Host Configuration Protocol | Application-layer protocol that automatically assigns IP addresses, subnet masks, gateways, and DNS servers to hosts | DHCP |
| DMZ | Demilitarised Zone | Network segment between the internet and the internal LAN that hosts publicly accessible servers | Firewall |
| DMVPN | Dynamic Multipoint VPN | Cisco WAN architecture that builds dynamic spoke-to-spoke tunnels on demand over a hub-and-spoke GRE/IPsec overlay | DMVPN |
| DNS | Domain Name System | Hierarchical distributed database that resolves human-readable hostnames (e.g. netstuts.com) to IP addresses | DNS How It Works |
| DR | Designated Router | OSPF router elected on a multi-access segment to reduce the number of adjacencies by acting as a hub for LSA flooding | OSPF DR/BDR |
| DSCP | Differentiated Services Code Point | 6-bit field in the IP header used to mark packets for QoS treatment (e.g. EF for voice, AF41 for video) | QoS Marking |
| DTP | Dynamic Trunking Protocol | Cisco-proprietary protocol that automatically negotiates trunk links between switches | Access & Trunk Ports |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| EAP | Extensible Authentication Protocol | Authentication framework used in 802.1X that supports multiple credential methods (certificates, tokens, passwords) | 802.1X |
| EIGRP | Enhanced Interior Gateway Routing Protocol | Cisco advanced distance-vector routing protocol using DUAL algorithm; supports unequal-cost load balancing | EIGRP Overview |
| ESP | Encapsulating Security Payload | IPsec protocol that provides confidentiality, integrity, and optional authentication by encrypting the IP packet payload; protocol number 50 | IPsec Basics |
| EtherChannel | EtherChannel (branded term) | Logical bundling of multiple physical links into one high-bandwidth, redundant logical interface | EtherChannel Config |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| FCS | Frame Check Sequence | 4-byte CRC trailer appended to every Ethernet frame for error detection; discarded and recalculated at each router hop | Frame Forwarding |
| FHRP | First Hop Redundancy Protocol | Family of protocols (HSRP, VRRP, GLBP) that provide a virtual default gateway IP shared between multiple routers | HSRP |
| FLSM | Fixed-Length Subnet Masking | Subnetting method where all subnets use the same prefix length, wasting addresses on small segments | Subnetting |
| FTP | File Transfer Protocol | Application-layer protocol for transferring files between hosts; uses TCP ports 20 (data) and 21 (control); sends credentials in plaintext | FTP |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| GLBP | Gateway Load Balancing Protocol | Cisco FHRP that provides both gateway redundancy and load balancing across multiple active routers | VRRP & GLBP |
| GRE | Generic Routing Encapsulation | Tunnelling protocol that encapsulates any Layer 3 protocol inside IP packets, commonly used with IPsec or DMVPN | GRE Tunnels |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| HSRP | Hot Standby Router Protocol | Cisco FHRP where one active router forwards traffic and a standby router takes over if the active router fails | HSRP |
| HTTP | HyperText Transfer Protocol | Application-layer protocol for web communication; operates over TCP port 80; transfers data in plaintext | HTTP & HTTPS |
| HTTPS | HyperText Transfer Protocol Secure | HTTP encrypted with TLS; operates over TCP port 443; standard for secure web browsing and REST APIs | HTTP & HTTPS |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| ICMP | Internet Control Message Protocol | Layer 3 protocol used for error reporting and diagnostics; underpins ping and traceroute | Ping |
| IDS | Intrusion Detection System | Passive security system that monitors traffic and alerts on suspicious activity without blocking it | Firewall |
| IETF | Internet Engineering Task Force | Standards organisation that publishes RFCs defining Internet protocols (IP, TCP, BGP, YANG models, etc.) | JSON, XML & YANG |
| IGP | Interior Gateway Protocol | Routing protocol that exchanges routes within a single autonomous system; examples include OSPF, EIGRP, and RIP | Administrative Distance |
| IGRP | Interior Gateway Routing Protocol | Obsolete Cisco distance-vector IGP superseded by EIGRP | EIGRP Overview |
| IKE | Internet Key Exchange | Protocol used in IPsec VPNs to authenticate peers and negotiate encryption keys; IKEv2 is the modern standard | IPsec Basics |
| IOS | Internetwork Operating System | Cisco's proprietary network operating system that runs on routers and switches | Cisco IOS Modes |
| IP | Internet Protocol | Layer 3 connectionless protocol responsible for logical addressing and packet routing between networks | IP Addresses |
| IPAM | IP Address Management | Tools and practices for planning, tracking, and managing IP address space across a network | Network Baseline |
| IPsec | Internet Protocol Security | Suite of protocols (AH, ESP, IKE) that provides authentication and encryption for IP packets; used in VPNs | IPsec Basics |
| IPFIX | IP Flow Information Export | IETF-standard flow export protocol (RFC 7011) based on NetFlow v9; vendor-neutral traffic analysis | NetFlow |
| IPS | Intrusion Prevention System | Inline security system that monitors traffic and actively blocks suspicious or malicious flows | Firewall |
| IS-IS | Intermediate System to Intermediate System | Link-state IGP used primarily in service provider networks; similar to OSPF but runs directly over Layer 2 | Administrative Distance |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| JSON | JavaScript Object Notation | Lightweight key-value data format used in REST APIs and RESTCONF for encoding network configuration data | JSON, XML & YANG |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| LACP | Link Aggregation Control Protocol | IEEE 802.3ad open-standard protocol that negotiates EtherChannel formation between switches | EtherChannel PAgP & LACP |
| LAN | Local Area Network | Network confined to a single building or campus, typically using Ethernet and Wi-Fi | LAN |
| LLDP | Link Layer Discovery Protocol | IEEE 802.1AB vendor-neutral neighbour discovery protocol equivalent to CDP | show lldp neighbors |
| LSA | Link State Advertisement | OSPF control packet that describes a router's links and their costs; flooded to all routers to build the topology database | OSPF Areas & LSAs |
| LSDB | Link State Database | OSPF table containing all received LSAs; each router in an area has an identical LSDB | OSPF Areas & LSAs |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| MAC | Media Access Control | 48-bit hardware address burned into a NIC that identifies a device at Layer 2; local-link scope only | MAC Address |
| MAN | Metropolitan Area Network | Network spanning a city or large campus, larger than a LAN but smaller than a WAN | MAN |
| MIB | Management Information Base | Hierarchical database of OIDs defining the variables an SNMP-managed device exposes for monitoring | SNMP |
| MPLS | Multiprotocol Label Switching | WAN forwarding technology that uses short fixed-length labels instead of IP lookups for high-speed packet switching | MPLS |
| MTU | Maximum Transmission Unit | Largest packet size (in bytes) that can be transmitted on a link without fragmentation; 1500 bytes for standard Ethernet | Packet Flow |
| MQC | Modular QoS CLI | Cisco three-step QoS framework: class-map (classify) → policy-map (act) → service-policy (apply) | QoS Overview |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| NAT | Network Address Translation | Router function that translates private IP addresses to a public IP (or vice versa) at the network boundary | NAT Overview |
| NDP | Neighbor Discovery Protocol | IPv6 protocol (RFC 4861) that replaces ARP; uses ICMPv6 messages for address resolution, router discovery, and duplicate address detection | IPv6 Neighbor Discovery |
| NETCONF | Network Configuration Protocol | IETF management protocol (RFC 6241) that transports XML-encoded YANG data over SSH port 830 | NETCONF & RESTCONF |
| NIC | Network Interface Card | Hardware component that connects a device to a network; contains a burned-in MAC address | MAC Address |
| NMS | Network Management System | Software platform (e.g. PRTG, LibreNMS) that polls devices via SNMP and graphs performance metrics over time | SNMP |
| NTP | Network Time Protocol | Protocol that synchronises clocks across network devices; accurate time is essential for log correlation and certificates | NTP |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| OID | Object Identifier | Hierarchical numeric address in the MIB that uniquely identifies a specific SNMP-manageable variable | SNMP |
| OSI | Open Systems Interconnection | ISO 7-layer reference model (Physical through Application) used to describe network protocol functions | OSI Model |
| OSPF | Open Shortest Path First | Open-standard link-state IGP that uses Dijkstra's SPF algorithm and cost as its metric; organised into areas | OSPF Config |
| OUI | Organisationally Unique Identifier | First 24 bits of a MAC address assigned by IEEE to a vendor to identify the NIC manufacturer | MAC Address |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| PAgP | Port Aggregation Protocol | Cisco-proprietary protocol that automatically negotiates EtherChannel formation between Cisco switches | EtherChannel PAgP & LACP |
| PAN | Personal Area Network | Very short-range network (Bluetooth, USB) connecting personal devices around an individual | PAN |
| PAT | Port Address Translation | NAT variant that maps many private IP:port combinations to a single public IP with different port numbers; also called NAT overload | PAT |
| PDU | Protocol Data Unit | Generic term for data at each OSI layer: segment (L4), packet (L3), frame (L2), bits (L1) | OSI Model |
| PoE | Power over Ethernet | IEEE 802.3af/at/bt standard that delivers DC power to devices (APs, IP phones, cameras) over the same UTP cable used for data | Cable Types |
| PPPoE | Point-to-Point Protocol over Ethernet | Encapsulation method used by many ISPs to deliver broadband over Ethernet with authentication | WAN Technologies |
| PVST | Per-VLAN Spanning Tree | Cisco STP variant that runs a separate STP instance for each VLAN, enabling per-VLAN load balancing | PVST |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| QoS | Quality of Service | Set of techniques (classification, marking, queuing, policing, shaping) that prioritise latency-sensitive traffic such as voice and video | QoS Overview |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| RADIUS | Remote Authentication Dial-In User Service | Client/server AAA protocol (UDP 1812/1813) that combines authentication and authorisation; used with 802.1X and VPNs | AAA Local & RADIUS |
| REST | Representational State Transfer | Architectural style for APIs using HTTP methods (GET, POST, PUT, DELETE) to manage resources identified by URIs | REST API Overview |
| RESTCONF | REST Configuration Protocol | IETF protocol (RFC 8040) that exposes YANG-modelled device data over HTTPS using REST semantics; supports JSON and XML | NETCONF & RESTCONF |
| RFC | Request for Comments | Numbered IETF document that defines Internet standards, best practices, and informational specifications | Protocols |
| RIP | Routing Information Protocol | Simple distance-vector IGP using hop count as its metric; maximum 15 hops; largely replaced by OSPF and EIGRP | RIP Concepts |
| RPC | Remote Procedure Call | NETCONF operation envelope; wraps commands such as <get-config> and <edit-config> in XML | JSON, XML & YANG |
| RSTP | Rapid Spanning Tree Protocol | IEEE 802.1w enhancement to STP that converges in seconds rather than ~50 seconds by using proposal/agreement handshakes | RSTP |
| RTT | Round-Trip Time | Time for a packet to travel from source to destination and back; measured by ping and used in network baselining | Ping |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| SD-WAN | Software-Defined Wide Area Network | WAN architecture that uses a centralised controller to manage and optimise traffic across multiple transport links | SD-WAN Overview |
| SDN | Software-Defined Networking | Architecture that separates the control plane from the data plane, centralising network intelligence in a controller | Controller-Based Networking |
| SLA | Service Level Agreement | Contractual or operational commitment defining acceptable thresholds for availability, latency, and loss | Network Baseline |
| SLAAC | Stateless Address Autoconfiguration | IPv6 mechanism allowing hosts to generate their own global unicast address using the router's advertised prefix and their EUI-64 | SLAAC |
| SMTP | Simple Mail Transfer Protocol | Application-layer protocol for sending email between mail servers; uses TCP port 25 | SMTP |
| SNMP | Simple Network Management Protocol | Application-layer protocol that polls MIB variables on managed devices for monitoring; SNMPv3 adds authentication and encryption | SNMP |
| SPAN | Switched Port Analyser | Cisco feature that mirrors traffic from one or more source ports or VLANs to a destination port connected to a packet analyser such as Wireshark | Wireshark |
| SPF | Shortest Path First | Dijkstra's algorithm used by OSPF and IS-IS to calculate the loop-free shortest path tree from the LSDB | OSPF Config |
| SSH | Secure Shell | Encrypted remote management protocol (TCP port 22) that replaces insecure Telnet for device access | SSH |
| SSID | Service Set Identifier | The broadcast name of a wireless network (Wi-Fi network name) that clients use to identify and associate with an AP | Wi-Fi Overview |
| STP | Spanning Tree Protocol | IEEE 802.1D protocol that prevents Layer 2 switching loops by placing redundant ports in blocking state | STP Overview |
| SVI | Switched Virtual Interface | Layer 3 logical interface on a multilayer switch representing a VLAN, used for inter-VLAN routing and management | Inter-VLAN Routing |
| SysLog | System Logging Protocol | Standard protocol for forwarding event messages from network devices to a centralised logging server; eight severity levels 0–7 | Syslog |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| TACACS+ | Terminal Access Controller Access-Control System Plus | Cisco AAA protocol (TCP 49) that separates authentication, authorisation, and accounting into independent transactions; encrypts the full payload | AAA Overview |
| TCP | Transmission Control Protocol | Connection-oriented Layer 4 protocol providing reliable, ordered, error-checked delivery via 3-way handshake and acknowledgements | Protocols |
| TDR | Time Domain Reflectometer | Cable testing tool that sends a signal and measures reflections to locate opens, shorts, and impedance mismatches | Cable Testing Tools |
| TLS | Transport Layer Security | Cryptographic protocol that provides authentication and encryption over TCP; used by HTTPS, SSH negotiation, and RESTCONF | HTTP & HTTPS |
| TTL | Time to Live | IP header field decremented by 1 at each router; when it reaches 0 the packet is dropped to prevent infinite routing loops | Packet Flow |
| TFTP | Trivial File Transfer Protocol | Simplified file transfer protocol using UDP port 69; used to back up and restore Cisco IOS images and configurations | FTP |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| UDP | User Datagram Protocol | Connectionless Layer 4 protocol offering low-overhead, best-effort delivery; used by DNS, DHCP, SNMP, and VoIP | Protocols |
| URI | Uniform Resource Identifier | String that uniquely identifies a resource; RESTCONF uses URIs to address specific YANG data nodes on a device | REST API Overview |
| URL | Uniform Resource Locator | Subset of URI that specifies both the resource identity and the means to access it (e.g. https://netstuts.com/ospf); every URL is a URI but not every URI is a URL | HTTP & HTTPS |
| UTP | Unshielded Twisted Pair | Most common copper LAN cabling; twisted wire pairs reduce crosstalk without metallic shielding; categories range from Cat 5e (1 Gbps) to Cat 8 (40 Gbps) | Cable Types |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| VLAN | Virtual Local Area Network | Logical segmentation of a switch into separate broadcast domains, identified by a VLAN ID (1–4094) | VLANs |
| VLSM | Variable-Length Subnet Masking | Subnetting method that allows different prefix lengths within the same major network to minimise address waste | Subnetting |
| VPN | Virtual Private Network | Encrypted tunnel that extends a private network securely over a public network such as the Internet | IPsec VPN |
| VRF | Virtual Routing and Forwarding | Technology that creates multiple independent routing table instances on a single router, enabling network segmentation | VRF-Lite Lab |
| VRRP | Virtual Router Redundancy Protocol | IEEE open-standard FHRP (RFC 5798) similar to HSRP that provides a virtual IP gateway shared between routers | VRRP & GLBP |
| VTP | VLAN Trunking Protocol | Cisco proprietary protocol that propagates VLAN database changes from a VTP server to all switches in the same VTP domain | VLANs |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| WAN | Wide Area Network | Network spanning large geographic areas — cities, countries, or the globe — typically using service-provider circuits | WAN |
| WLC | Wireless LAN Controller | Centralised device that manages multiple lightweight APs, handling roaming, RF management, and security policies | WLC |
| WPA2 | Wi-Fi Protected Access 2 | Wireless security standard using AES-CCMP encryption; supports Personal (PSK) and Enterprise (802.1X) modes | Wi-Fi Security |
| WPA3 | Wi-Fi Protected Access 3 | Latest wireless security standard adding SAE handshake, forward secrecy, and 192-bit encryption for Enterprise mode | Wi-Fi Security |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| XML | Extensible Markup Language | Tag-based structured data format; native encoding format for NETCONF and an alternative for RESTCONF | JSON, XML & YANG |
| Acronym | Stands For | One-Line Definition | Full Page |
|---|---|---|---|
| YANG | Yet Another Next Generation | Data modelling language (RFC 6020 / RFC 7950) that defines the structure, types, and constraints for network device configuration schemas used with NETCONF and RESTCONF | JSON, XML & YANG |