tag:blogger.com,1999:blog-38091135744067026602023-11-15T09:45:55.891-08:00Change is GoodmadunixMADUNIXhttp://www.blogger.com/profile/09324689643630694197noreply@blogger.comBlogger11125tag:blogger.com,1999:blog-3809113574406702660.post-58659289129446366082009-06-01T12:32:00.001-07:002011-02-18T05:47:58.894-08:00PaPeR.Li<script src="http://widgets.paper.li/javascripts/init.js" type="text/javascript"></script><br /><script><br /> Paperli.PaperWidget.Show({<br /> pid: 'madunix',<br /> width: 200,<br /> background: '#FB0000'<br /> })<br /></script> <br /><br /><a href="http://www.paper.li/madunix">Paper.Li</a>MADUNIXhttp://www.blogger.com/profile/09324689643630694197noreply@blogger.com0tag:blogger.com,1999:blog-3809113574406702660.post-90601194650814317692008-09-25T10:06:00.001-07:002010-10-05T10:04:56.697-07:00Resume/CVThe daily mix of tasks including <span style="font-weight:bold;">UNIX</span> system administration <span style="font-weight:bold;">CISCO</span> routers configuration (redundancy, routing protocols, ACL) WAN and LAN setup. Day-to-day administration of Storage infrastructure <span style="font-weight:bold;">(SAN - Brocade and FCIP Router, Data SAN Storage EMC CX, DS4800, DS8100, IBM Tape Libraries and IBM TSM servers)</span>, allow me to solve complex problems.<br /><br />I am very comfortable with <span style="font-weight:bold;">(AIX, SuSE LINUX, RHEL LINUX, Centos, FreeBSD)</span>.<br />I have been using <span style="font-weight:bold;">Linux</span> as my desktop operating system for the last 7years, during my work experiences I helped to design, implement install, (re)configure, secure, and manage most aspects of Network and Systems Information technology. At the moment working on Disaster Recovery solution (3 Sites Replication) based on <span style="font-weight:bold;">IBM TotalStorage DS8100 (Metro Mirror, Global Mirror)</span>.<br /><br /><br /><br /><span style="font-style:italic;">Projects:</span><br />1. Storage Area Network <span style="font-weight:bold;">EMC</span> (SAN) Implementation using Brocade <br />2. <span style="font-weight:bold;">Tivoli Storage Manager (TSM)</span> Implementation with IBM Tape Library <br />3. Implementing (in progress) BCP and DR 3xSites Replication using <span style="font-weight:bold;">IBM SAN DS8100</span><br />4. <span style="font-weight:bold;">IBM HACMP</span> Clustering<br />5. Administer and configure <span style="font-weight:bold;">IBM Totalstorage productivity center (TPC)</span><br />6. Implementation of Networking services <span style="font-weight:bold;">(DNS, Dynamips, SMS, IPFILTER, SQUID, LDAP, SAMBA, MRTG, CACTI, Nagios, Sendmail, Qmail, Postfix, Databases)</span><br />7. Design, implement of <span style="font-weight:bold;">CISCO</span> Networks(LAN&WAN)<br /><br />Education:<br />--------------<br />RHINE-WESTPHALIAN TECHNICAL UNIVERSITY OF AACHEN<br />B.S., Electrical and Telecommunication Engineering (Graduation date: Jan 1994)<br />• Place: Aachen, Germany<br />• Academic degree: Diplom-Ingenieur (equivalent to the American and British Master of Engineering degree)<br />• Advisor: Professor Lueke<br />• Area of Study: Telecommunication Engineering<br /><br /><br /><br /><br /><br />Certification:<br />----------------<br />• IBM Certified Specialist High-End Disk for Open Systems, 2008<br />• IBM certified Deployment Professional Tivoli Storage Manager, 2008<br />• IBM certified Advance Technical Expert System Storage, 2008<br />• CISCO Certified Network Associate. CCNA certified till 2013<br />• CISCO Certified Network Professional. CCNP certified till 2013<br />• CISCO Certified Internetwork Professional. CCIP certified till 2013<br />• CISCO Certified Security Professional. CCSP certified till 2013<br />• IBM Certified Spcialist Open Systems Storage Solutions, 2009<br />• IBM Certified Deployment Professional Total Storage Solutions, 2009<br />• IBM Certified Deployment Professional Total Storage Productivity Center, 2009<br />• IBM p5 Certified Specialist pSeries AIX system Admin, 2006<br />• Juniper Networks Certified Internet Associate, Sept 2007<br />• Juniper Networks Certified Internet Specialist, Oct. 2007<br />• IBM certified specialist AIX administrator<br />• Certified UNIX(AIX) system administration, July 2004<br />• Equator Technical Training, Nov. 2000<br />• Microsoft Certified Professional systems Engineer. MCSE, 2000<br /><br /><br /><br /><br /><br />Courses:<br />-----------<br />• Deploying & Managing MS Internet Security & Acceleration Server 2000<br />• Active Directory and Domain Name Server DNS<br />• IBM System Storage DS8000 for Open systems, December 2008<br />• Networking Security, Sept 2002<br />• Networking Defense, Sept 2002<br />• Cisco Training Course 2000<br />• Network Security, May 2005<br />• E-Commerce, June 2005<br />• ORACLE 10g DBA<br />• Payment and settlement systems<br />• Fuzzy logic, July 1998<br />• Market Regulation Program, Sept 2004<br />• Reforming Payments and Securities settelment systems, March 2005<br />• Siemens PLC control system<br />• Database10g RAC, Sept 2005<br />• Database10g Performance and Tunning, Sept 2005<br />• Database10g Security, Sept 2005<br />• Capital market conference, 2007<br />• Capital market conference, 2007<br />• Capital market conference, 2008<br />• Capital market conference, 2008<br />• Capital market conference, 2009<br />• Capital market conference, 2010<br />• Deploying and Managing Microsoft Internet SecurityMADUNIXhttp://www.blogger.com/profile/09324689643630694197noreply@blogger.com0tag:blogger.com,1999:blog-3809113574406702660.post-82682047462737898752007-06-26T07:35:00.000-07:002007-06-26T07:39:14.923-07:00Qmailmkdir /downloads<br /> wget http://www.qmailrocks.org/downloads/qmailrocks.tar.gz<br /> tar -zxvf qmailrocks.tar.gz<br /> cd /downloads/qmailrocks/scripts/install/<br /> ./qmr_install_linux-s1.script<br /> --> /var/qmail<br /> --> users and groups<br /> --> /usr/src/qmail<br /> --> untars qmail and ucspi-tcp in /usr/src/qmail<br /> --> untars daemontools in /package<br /> --> /var/log/qmail<br /> --> creates dir qmail-send qmail-smtpd qmail-pop3d under /var/log/qmail<br /> --> /var/qmail/supervise<br /> --> qmail-smtpd/log qmail-send/log qmail-pop3d/log<br /> <br /> cd /downloads/qmailrocks/scripts/util/<br /> ./qmail_big_patches.script <br /> --> jumbo patches for qmail<br /><br />=========================<br />BUILD QMAIL <br />=========================<br /> <br /> hostname --fqdn<br /> cd /usr/src/qmail/qmail-1.03<br /> make man && make setup check <br /> --> populates /var/qmail<br /> ./config-fast linux.box.com<br /> --> populates /var/qmail/control<br /> <br />========================= <br />build ucspi-tcp<br />=========================<br /><br /> cd /usr/src/qmail/ucspi-tcp-0.88/<br /> patch < /downloads/qmailrocks/patches/ucspi-tcp-0.88.errno.patch<br /> output: patching file error.h<br /> make && make setup check<br /><br />=========================<br />build daemontools.<br />=========================<br /> cd /package/admin/daemontools-0.76/src<br /> patch < /downloads/qmailrocks/patches/daemontools-0.76.errno.patch<br /> output: patching file error.h<br /> cd /package/admin/daemontools-0.76 <br /> package/install <br /><br /> /command/svscanboot<br /> svscan /service<br /><br />========================<br />Autoresponder<br />========================<br /> <br /> cd /downloads/qmailrocks<br /> tar zxvf autorespond-2.0.5.tar.gz<br /> cd autorespond-2.0.5<br /> make && make install<br /><br />========================<br />Vpopmail<br />========================<br /> <br /> cd /downloads/qmailrocks<br /> tar zxvf vpopmail-5.4.13.tar.gz<br /> cd vpopmail-5.4.13<br /> ./configure --enable-logging=p<br /> make && make install-strip<br /><br />========================<br />Vqadmin<br />========================<br /><br /> cd /downloads/qmailrocks<br /> tar zxvf vqadmin-2.3.6.tar.gz<br /> cd vqadmin-2.3.6<br /> ./configure --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/html <br /> make && make install-strip<br /><br /> mkdir /var/www/cgi-bin/vqadmin<br /><br /> httpd.conf<br /> ------------------------------------------------------- <br /> <Directory "/var/www/cgi-bin/vqadmin"><br /> deny from all<br /> Options ExecCGI<br /> AllowOverride AuthConfig<br /> Order deny,allow<br /> </Directory><br /><br /> vi /var/www/cgi-bin/vqadmin/.htaccess<br /> ------------------------------------------------------- <br /> AuthType Basic<br /> AuthUserFile /var/www/vqadmin.passwd<br /> AuthName vQadmin<br /> require valid-user<br /> satisfy any<br /><br /> htpasswd -c /var/www/vqadmin.passwd admin<br /> chmod 644 /var/www/vqadmin.passwd <br /> chown vpopmail:vchkpw /var/www/cgi-bin/vqadmin/vqadmin.cgi<br /><br /> http://10.5.1.100/cgi-bin/vqadmin/vqadmin.cgi<br /> <br /> /home/vpopmail/bin/vadddomain anecho.net<br /> <br />========================<br />Maildrop<br />======================== <br /> <br /> cd /downloads/qmailrocks<br /> tar zxvf maildrop-1.6.3.tar.gz <br /> cd maildrop-1.6.3<br /> <type on command line the whole sentence><br />./configure --prefix=/usr/local --exec-prefix=/usr/local --enable-maildrop-uid=root --enable-maildrop-gid=vchkpw --enable-maildirquota<br /><br /> make && make install-strip && make install-man<br /><br />======================== <br />Qmailadmin<br />======================== <br /><br /> cd /downloads/qmailrocks<br /> tar zxvf qmailadmin-1.2.9.tar.gz<br /> cd qmailadmin-1.2.9<br />./configure --enable-cgibindir=/var/www/cgi-bin --enable-htmldir=/var/www/html <br /> make && make install-strip<br /><br /> http://10.5.1.100/cgi-bin/qmailadmin <br />fpostmaster account and password for the domain that you created a while back using Vqadmin <br /> <br /><br />======================== <br />Finalizing Qmail<br />======================== <br /><br />/downloads/qmailrocks/scripts/finalize/linux/finalize_linux.script<br /><br />vi /var/qmail/supervise/qmail-pop3d/run<br />change "mail.example.com" to linux.box.com<br /><br />vi /var/qmail/supervise/qmail-smtpd/run<br />change "mail.example.com" to linux.box.com<br /><br />qmailctl stop<br /><br />echo '127.:allow,RELAYCLIENT=""' >> /etc/tcp.smtp<br />qmailctl cdb<br /><br /><br />-----------------------<br />system aliases<br />-----------------------<br />echo mailadm > /var/qmail/alias/.qmail-root<br />echo mailadm > /var/qmail/alias/.qmail-postmaster<br />echo mailadm > /var/qmail/alias/.qmail-mailer-daemon<br />ln -s /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-anonymous<br />chmod 644 /var/qmail/alias/.qmail*<br /><br />=========================<br />Disabling Sendmail<br />=========================<br />service sendmail stop<br />mv /usr/lib/sendmail /usr/lib/sendmail.old<br />mv /usr/sbin/sendmail /usr/sbin/sendmail.old<br />ln -s /var/qmail/bin/sendmail /usr/lib/sendmail<br />ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail<br /><br />=========================<br />Starting qmail<br />=========================<br />- checking the installation<br />/downloads/qmailrocks/scripts/util/qmr_inst_check<br /> you should get "congratulations" message<br /><br />qmailctl start<br /><br />=========================<br />Courier-imap/imaps <br />=========================<br /><br />Courier-imap along with Courierpassd, Courier-authlib<br /><br />Courier IMAP authentication with "vchkpw"<br />Courierpassd is a utility that allows users to change their mailbox passwords remotely.<br /><br />-----------------------<br />courier-authlib<br />----------------------- <br />cd /downloads/qmailrocks/<br />tar jxvf courier-authlib-0.55.tar.bz2<br />cd courier-authlib-0.55<br />./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap --without-authmysql --disable-root-check --with-ssl --with-authchangepwdir=/usr/local/libexec/authlib --with-redhat <br /><br />make && make check<br />make install-strip && make install-configure<br /><br />vi /etc/rc.local<br />Add the following line:<br />/usr/local/sbin/authdaemond start<br /><br />-----------------------<br />Courier IMAP<br />-----------------------<br />cd /downloads/qmailrocks/<br />tar jxvf courier-imap-4.0.2.tar.bz2<br />useradd lino<br />chown -R lino:root courier-imap-4.0.2<br />cd /downloads/qmailrocks/courier-imap-4.0.2<br />su lino <br />./configure --prefix=/usr/local --exec-prefix=/usr/local --with-authvchkpw --without-authldap --without-authmysql --disable-root-check --with-ssl --with-authchangepwdir=/usr/local/libexec/authlib --with-redhat <br />make && make check<br /><br /><br />Now we will exit out of our NON-ROOT USER and go back to being root...<br />exit<br />make install-strip && make install-configure<br /><br />==><br />-----------------------<br />SSL certificate for the IMAP-SSL server<br />-----------------------<br /><br />vi /usr/local/etc/imapd.cnf<br /> emailAddress=postmaser@linux.box.com<br /><br />/usr/local/sbin/mkimapdcert<br /> --> it creates /usr/local/share/imapd.pem<br /><br />vi /usr/local/etc/imapd<br /> IMAPDSTART=YES<br /><br />vi /usr/local/etc/imapd-ssl<br /> IMAPDSSLSTART=YES<br /> TLS_CERTFILE=/usr/local/share/imapd.pem<br /><br />vi /usr/local/etc/authlib/authdaemonrc<br /> # Comment out this line<br /> # authmodulelist="authuserdb authpam authcustom authvchkpw"<br /> # copy the below line<br /> authmodulelist="authvchkpw"<br /> <br />cp /usr/local/libexec/imapd.rc /etc/rc.d/init.d/imap<br />cp /usr/local/libexec/imapd-ssl.rc /etc/rc.d/init.d/imaps<br /><br />Now let's start up Authdaemond, IMAP and IMAPS.<br /><br />/usr/local/sbin/authdaemond stop<br />/usr/local/sbin/authdaemond start<br />/etc/rc.d/init.d/imap stop<br />/etc/rc.d/init.d/imaps stop<br />/etc/rc.d/init.d/imap start <br />/etc/rc.d/init.d/imaps start<br /><br /><br />If you run <br /># nmap localhost<br /> you should see both 143 and 993 now open and listening.<br />Now let's test it...<br /><br /># telnet localhost 143<br />a login madunix@box.com madunix<br /> a OK LOGIN Ok. (successful login!)<br />a logout <br /><br />you can configure a mail client such as Outlook to test both the IMAP and IMAP-SSL connetion to your server. <br /><br />------------------------------<br />Courierpassd <br />------------------------------<br /><br />Note: Courierpassd will require that port 106 be open to at least local traffic (traffic from 127.0.0.1)<br /><br /># cd /downloads/qmailrocks<br /># tar zxvf courierpassd-1.1.0-RC1.tar.gz<br /># cd courierpassd-1.1.0-RC1<br /># ./configure<br />==><br /># make && make install<br /><br />We are going to configure Xinetd to run courierpassd.<br /><br /># cd /etc/xinetd.d<br /># vi courierpassd<br /> service courierpassd<br /> {<br /> port = 106<br /> socket_type = stream<br /> protocol = tcp<br /> user = root<br /> server = /usr/local/sbin/courierpassd<br /> server_args = -s imap<br /> wait = no<br /> only_from = 127.0.0.1<br /> instances = 4<br /> disable = no<br /> }<br /><br /><br /># vi /etc/services<br /> courierpassd 106/tcp #for /etc/xinetd.d/courierpassd<br /><br /># /etc/rc.d/init.d/xinetd restart<br /><br /># telnet localhost 106<br /> Trying 127.0.0.1...<br /> Connected to localhost.<br /> Escape character is '^]'.<br /> 200 courierpassd v0.30 hello, who are you?<br /> user madunix@box.com<br /> 200 Your password please.<br /> pass madunix<br /> 200 Your new password please.<br /> newpass n0uresh<br /> 200 Password changed, thank-you.<br /> quit<br /> 200 Bye.<br /> Connection closed by foreign host.<br /><br />------------------------------<br />Squirrelmail<br />------------------------------<br /><br />--> check whether PHP is installed<br /><br /># cd /var/www/html<br /># vi test.php<br /> <?<br /> phpinfo();<br /> ?><br /><br />http://10.5.1.100/test.php<br /><br />search for these options:<br /> --enable-track-vars<br /> --enable-force-cgi-redirect <br /> --with-gettext<br /> --with-mysql<br /><br />vi /etc/php.ini<br /># search for this string<br /> file_uploads = On<br /><br /># rpm -evv squirrelmail<br /># cd /downloads/qmailrocks<br /># tar -jxvf squirrelmail-1.4.8.tar.bz2<br /># mv squirrelmail-1.4.8 webmail<br /># mkdir /var/sqattachements<br /># chown -R apache:apache /var/sqattachements <br /># cd webmail<br /># chown -R apache:apache data <br /># cd config<br /># ./conf.pl<br /><br />--> For 2. Server Settings<br />Command>> 2 <br /><br />1. Domain : 10.5.1.100<br />2. Invert Time : false<br />3. Sendmail or SMTP : SMTP<br /><br />--> For IMAP settings<br />Command>> A<br /><br /> 4. IMAP Server : localhost<br /> 5. IMAP Port : 143<br /> 6. Authentication type : login<br /> 7. Secure IMAP (TLS) : false<br /> 8. Server software : other<br /> 9. Delimiter : detect<br /><br />--> B. Update SMTP Settings <br />Command>> B<br /><br /> 4. SMTP Server : localhost<br /> 5. SMTP Port : 25<br /> 6. POP before SMTP : false<br /> 7. SMTP Authentication : login<br /> 8. Secure SMTP (TLS) : false<br /><br />--> Save data<br />Command >> S<br /><br /># mv webmail/ /var/www/html<br /><br /># http://10.5.1.100/webmail<br /><br />--> download change_password plugin from squirrelmail.org<br /><br /># tar -zxvf change_pass-2.7-1.4.x.tar.gz<br /># cd /var/www/html/webmail/plugins<br /># cp -r /downloads/qmailrocks/change_pass . <br /># cd /var/www/html/webmail/config<br /># ./conf.pl<br /><br />Choose the option for "plugins". <br />--> add plugin "change_pass"<br /><br />=======================<br />Checking/Installing Perl Modules<br />=======================<br /><br />You will need these Perl Modules to work for Spamassassin and Qmail-Scanner <br />Digest::SHA1<br />Digest::HMAC<br />Net::DNS<br />Time::HiRes<br />HTML::Tagset<br />HTML::Parser<br />Pod::Usage<br />Parse::Syslog<br />Statistics::Distributions<br /><br />You will also need these other packages:<br />perl-suidperl<br />unzip<br /><br />How do I know if my server has these perl modules?<br /> /downloads/qmailrocks/scripts/util/check_perlmods.script<br /><br /><br />==========================<br />Clam Anti Virus<br />==========================<br />cd /downloads/qmailrocks/<br />rpm -Uvh clamav-0.87-1.i386.rpm<br />rpm -Uvh clamav-devel-0.87-1.i386.rpm<br /><br /># vi /etc/clamd.conf<br /> LogFile /var/log/clamav/clamd.log<br /> "LogTime" - should be uncommmented. <br /> "LogSyslog" - should be uncommented. <br /> #User clamav --> Comment it out, add the below<br /> User qscand<br /> "ScanMail" - should be uncommented. <br /><br />Now we are going to create the qscand user that ClamAV<br /> <br /># useradd -c "Qmail-Scanner Account" -s /bin/false qscand <br /># chown -R qscand:qscand /var/log/clamav/<br /># /etc/init.d/clamd stop<br /># /etc/init.d/clamd start <br /><br />--> Update with the latest virus definiations <br /><br /># touch /var/log/clamav/clam-update.log<br /># chown -R qscand:qscand /var/log/clamav/<br /># /usr/bin/freshclam -l /var/log/clamav/clam-update.log <br /><br /> ClamAV update process started at Sun Oct 24 23:36:22 2004<br /> main.cvd is up to date (version: 27, sigs: 23982, f-level: 2, builder: tomek)<br /> daily.cvd is up to date (version: 549, sigs: 1583, f-level: 3, builder: ccordes)<br /><br /><br />--> run update of virus definitions at 1:25 am<br /># crontab -e <br /> 25 1 * * * /usr/bin/freshclam --quiet -l /var/log/clamav/freshclam.log<br /><br />--. Clam AV quarantines the e-mail in /var/spool/qmailscan/quarantine<br />--> Clamd runs on port 3310<br /><br />==================<br />Spamassassin<br />==================<br />--> Spamassassin utilizes port 783 <br /><br /># rpm -e spamassassin<br /><br /># cd /downloads/qmailrocks/perlmods/rpms/<br /># rpm -Uvh perl-Mail-SpamAssassin-3.0.2-1.i386.rpm<br /><br />--> Now let's install the Spamassassin RPMs<br /># cd /downloads/qmailrocks/<br /># rpm -Uvh spamassassin-3.0.2-1.i386.rpm <br /># rpm -Uvh --nodeps spamassassin-tools-3.0.2-1.i386.rpm<br /><br /># groupadd spamd<br /># useradd -g spamd -s /home/spamd spamd<br /><br /># vi /etc/sysconfig/spamassassin<br /> SPAMDOPTIONS="-x -u spamd -H /home/spamd -d"<br /><br /># vi /etc/mail/spamassassin/local.cf<br /> required_hits 5<br /> <br /># /etc/rc.d/init.d/spamassassin start<br /># ps aux | grep spamd <br /><br /># chkconfig --level 35 clamd on<br /># chkconfig --level 35 spamassassin on<br /><br />====================================<br />qmail-scanner w/qms-analog<br />====================================<br /><br />. Qms-analog incorporated the widely used qmail-scanner-st patch but it also adds some cool reporting functionality as well which we will utilize later in this installation guide<br /><br /># cd /downloads/qmailrocks<br /># tar zxvf qmail-scanner-1.25.tgz<br /># tar zxvf qms-analog-0.4.2.tar.gz<br /># cd qms-analog-0.4.2<br /># make all<br /><br /># cp qmail-scanner-1.25-st-qms-20050219.patch /downloads/qmailrocks/qmail-scanner-1.25/<br /># cd /downloads/qmailrocks/qmail-scanner-1.25<br /># patch -p1 qmail-scanner-1.25-st-qms-20050219.patchMADUNIXhttp://www.blogger.com/profile/09324689643630694197noreply@blogger.com0tag:blogger.com,1999:blog-3809113574406702660.post-23512387382692125292007-06-25T02:20:00.001-07:002009-02-18T04:06:42.593-08:00Adding common MS Windows Fonts to 10g Reports server on UNIX OSCross-Platform issues when you develop Reports on Windows AS , <br />and deploy it on Linux AS.<br /><br />Backup the files/direcories before your work with it<br /><br />$ORACLE_HOME/guicommon/tk/admin/AFM <br />$ORACLE_HOME/guicommon/tk/admin/TTF <br />-------------------------------------------------------------------<br />Modifies the following files:<br /><br />$ORACLE_HOME/guicommon/tk/admin/uiprint.txt<br />dummy:PostScript:2:dummy printer for PDF output:default.ppd:<br />----------------------------------------------------<br />$ORACLE_HOME/guicommon/tk/admin/uifont.ali<br />Comment out any font aliases found under the sections [ Global ] , [ Printer:PostScript1 ] and [PDF] e.g.<br />The order here is important, the plain font alias must be last in the PDF subset list)<br />[ PDF:Subset ]<br />Arial..Italic.Bold.. = "arialbi.ttf"<br />Arial...Bold.. = "arialbd.ttf"<br />Arial..Italic... = "ariali.ttf"<br />Arial..... = "arial.ttf"<br />-----------------------------------------<br /><br />$ORACLE_HOME/guicommon/tk/admin/PPD/datap462.ppd<br />*DefaultFont: Arial<br />*%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%<br />*%Font Arial: Standard "(001.004)" Standard ROM<br />*%Font Arial-Italic: Standard "(001.004)" Standard ROM<br />*%Font Arial-Bold: Standard "(001.004)" Standard ROM<br />*%Font Arial-BoldItalic: Standard "(001.004)" Standard ROM<br />*%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%<br />*Font Arial: Special "(001.001)" Special ROM<br />*Font Ariali: Special "(001.001)" Special ROM<br />*Font Arialbd: Special "(001.001)" Special ROM<br />*Font Arialbi: Special "(001.001)" Special ROM<br />----------------------------------------------------<br /><br />screenprinter.ppd<br />*DefaultFont: Arial<br />*Font Arial: Standard "(001.001)" Standard ROM<br />*Font Ariali: Standard "(001.001)" Standard ROM<br />*Font Arialbd: Standard "(001.001)" Standard ROM<br />*Font Arialbi: Standard "(001.001)" Standard ROM<br /><br />---------------------------------------------------<br />$ORACLE_HOME/bin/reports.sh<br />make sure you define REPORTS_PATH=$REPORTS_PATH:$ORACLE_HOME/guicommon/tk/admin/TTF; export REPORTS_PATH<br /><br />RW=$ORACLE_HOME/reports; export RW<br />#REPORTS_PATH=$REPORTS_PATH:$ORACLE_HOME/guicommon/tk/admin/TTF:$ORACLE_HOME/reports/templates:$ORACLE_HOME/reports/samples/demo:$ORACLE_HOME/reports/integ:$ORACLE_HOME/reports/printers:${REPORTS_PATH}; export REPORTS_PATH<br />#REPORTS_PATH=$REPORTS_PATH:$ORACLE_HOME/guicommon/tk/admin/TTF; export REPORTS_PATH<br />#REPORTS_PATH=$ORACLE_HOME/guicommon/tk/admin/TTF; export REPORTS_PATH<br />REPORTS_PATH=$ORACLE_HOME/reports/templates:$ORACLE_HOME/reports/samples/demo:/home/oracleas/OraHome_1/guicommon/tk/admin/PPD:/home/oracleas/OraHome_1/guicommon/tk/admin/AFM:$REPORTS_PATH:$ORACLE_HOME/guicommon/tk/admin/TTF:$ORACLE_HOME/reports/integ:$ORACLE_HOME/reports/printers:${REPORTS_PATH}; export REPORTS_PATH<br />REPORTS_TMP=/tmp; export REPORTS_TMP<br />REPORTS_NO_DUMMY_PRINTER=TRUE; export REPORTS_NO_DUMMY_PRINTER<br />REPORTS_TAGLIB_URI=/WEB-INF/lib/reports_tld.jar; export REPORTS_TAGLIB_URI<br />REPORTS_CLASSPATH=$ORACLE_HOME/reports/jlib/rwbuilder.jar:$ORACLE_HOME/reports/jlib/rwrun.jar:$ORACLE_HOME/jlib/zrclient.jar:$ORACLE_HOME/j2ee/home/oc4j.jar:$ORACLE_HOME/j2ee/home/lib/ojsp.jar; export REPORTS_CLASSPATH<br />#NLS_LANG=AMERICAN_AMERICA.WE8ISO8859P1; export NLS_LANG<br />#NLS_LANG=AMERICAN_AMERICA.AR8MSWIN1256; export NLS_LANG<br />NLS_LANG=ARABIC_*.AR8MSWIN1256; export NLS_LANG<br />## Icon variable for Solaris platform<br />TK_ICON=$ORACLE_HOME/reports/plugins/resource; export TK_ICON<br />#PRINTER=fontprinter;export PRINTER<br />#TK_PRINT_STATUS=echo;export TK_PRINT_STATUS<br />TK_PRINTER=dummy ; export TK_PRINTER<br />TK_PRINT_STATUS='echo %n is valid'; export TK_PRINT_STATUS<br />DEBUG_SLFIND=/tmp/reports.log export DEBUG_SLFIND<br />#PRINTER=fontprinter;export PRINTER<br />#TK_PRINT_STATUS=echo;export TK_PRINT_STATUS <br />REPORTS_PATH=$REPORTS_PATH:$ORACLE_HOME/guicommon/tk/admin/TTF:$ORACLE_HOME/guicommon/tk/admin/TTF;export REPORTS_PATH<br />#PRINTER=fontprinter;export PRINTER<br />#TK_PRINT_STATUS=echo;export TK_PRINT_STATUS<br /><br />--------------------------------------------------------------<br />In the file datap462.ppd Comment the Symbol font by changing <br /><br />*Font Symbol: Special "(001.001)" Special ROM <br />*%Font Symbol: Special "(001.001)" Special ROM<br /><br />in the $ORACLE_HOME/guicommon/tk/admin/AFM Rename file <br />rename Symbol to Symbol.afm<br />--------------------------------------------------------------------------<br />From the MS Windows machine, ftp (in binary mode) the ttf files for the font styles to the target Unix machine e.g. <br />Arial fonts<br />----------------------------------------------------------------------<br />download ttf2pt1 open source tools<br />http://sourceforge.net/project/showfiles.php?group_id=4594<br />----------------------------------------------------------------------------<br />use the ttf2pt1 open source tools to convert AFM<br />/downloads/ttf2pt1-3.4.4/ttf2pt1 -l plane+0x06 arial.ttf <br />repeat this for all arial types will be used in the form<br /><br />-----------------------------------------------------------------------------------------<br />place the generated AFM files through the ttf files to the AFM folders under Oracle AS /gui.../tk/admin/AFM<br />/AFM folder should show this<br />ls -al Ar*<br /> ArabicTransparent<br /> ArabicTransparent-Bold<br /> Arial<br /> Arialbd<br /> Arialbi<br /> Arial-BoldItalicMT<br /> Arial-BoldMT<br />Ariali<br /> Arial-ItalicMT<br /> ArialMT<br /> ArialNarrow<br /> ArialNarrow-Bold<br /> ArialNarrow-BoldItalic<br /> ArialNarrow-Italic<br />------------------------------<br />/TTF folder should show this <br />$ls -al ar*<br />arialbd.ttf<br />arialbi.ttf<br />ariali.ttf<br />arial.ttf<br />ariblk.ttf<br />artrbdo.ttf<br />artro.ttf<br />-------------------------------------------------------MADUNIXhttp://www.blogger.com/profile/09324689643630694197noreply@blogger.com0tag:blogger.com,1999:blog-3809113574406702660.post-66601868607891794532007-05-14T07:45:00.000-07:002007-05-14T07:58:38.005-07:00LAMP (php+mysql+apache)1.prepare to install<br /><br />main install file:<br /><br />httpd-2.2.0.tar.gz<br />mysql-max-5.0.21-linux-i686-glibc23.tar.gz<br />php-5.1.2.tar.gz<br /><br />php install file:<br /><br />libxml2-2.6.19.tar.gz <br />libxslt-1.1.15.tar.gz<br />ActivePerl-5.8.8.817-i686-linux-2.2.17-gcc-257965.rpm<br />curl-7.15.0.tar.gz<br /><br />we can download from this web:<br /><br />http://ftp.gnome.org/pub/GNOME/sour...2-2.6.19.tar.gz<br />http://ftp.gnome.org/pub/GNOME/sour...t-1.1.15.tar.gz<br />http://downloads.activestate.com/Ac...-i686-linux.rpm<br />http://curl.haxx.se/download/curl-7.15.0.tar.gz<br /><br />http://www.boutell.com/gd/http/gd-2.0.33.tar.gz<br />http://keihanna.dl.sourceforge.net/...e-2.1.10.tar.gz<br />http://www.ijg.org/files/jpegsrc.v6b.tar.gz<br />http://nchc.dl.sourceforge.net/sour...ng-1.2.8.tar.gz<br />http://www.zlib.net/zlib-1.2.3.tar.gz <br /><br />2.Install Apache2<br /><br /># cd /home/software/ <br /># tar -zvxf httpd-2.2.0.tar.gz<br /># cd httpd-2.2.0<br /># mkdir -p /usr/local/apache2<br /># ./configure --prefix=/usr/local/apache <br />or<br /># ./configure --prefix=/usr/local/apache --enable-modules=so --enable-rewrite<br /># make; make install<br />install apache<br /># vi /usr/local/apache/conf/httpd.conf<br />#ServerName www.example.com:80 <br /><br />save and exit<br /><br /># /usr/local/apache/bin/apachectl -k start <br />start up apahce<br /># /usr/local/apache/bin/apachectl -k stop<br />shut down apache?<br /><br />3.Install mySQL<br /><br /># cd /home/software/ <br /># tar -zvxf mysql-max-5.0.21-linux-i686-glibc23.tar.gz<br /># mkdir -p /usr/local/mysql <br /># cp -r mysql-max-5.0.21-linux-i686-glibc23.tar.gz /usr/local/mysql<br /># cp /usr/local/mysql/support-files/my-medium.cnf /etc/my.cnf<br /><br />add mysql user and group<br /># groupadd mysql<br /># useradd -g mysql mysql<br /># chown -R root /usr/local/mysql<br /># chgrp -R mysql /usr/local/mysql<br /># chown -R mysql /usr/local/mysql/data<br /># /usr/local/mysql/scripts/mysql_install_db --user=mysql&<br />start up mysql server<br /># /usr/local/mysql/bin/mysqld_safe --user=mysql&<br />If we can see" Starting mysqld daemon with databases from /usr/local/mysql/data"<br />It show that we have started mysql server, pressCtrl + C to out<br />change root password<br /># /usr/local/mysql/bin/mysqladmin -u root -p password "123456"<br /><br />4.Install GD<br /><br />a.install jpeg6<br />create menu:<br /># mkdir -p /usr/local/jpeg6 <br /># mkdir -p /usr/local/jpeg6/bin <br /># mkdir -p /usr/local/jpeg6/lib <br /># mkdir -p /usr/local/jpeg6/include <br /># mkdir -p /usr/local/jpeg6/man <br /># mkdir -p /usr/local/jpeg6/man1<br /># mkdir -p /usr/local/jpeg6/man/man1<br /><br /># cd /home/xiutuo/software/ <br /># tar -zvxf jpegsrc.v6b.tar.gz<br /># cd jpeg-6b<br /># ./configure --prefix=/usr/local/jpeg6/ --enable-shared --enable-static<br /># make; make install<br /><br />b.install libpng<br /># cd /home/software/ <br /># tar -zvxf libpng-1.2.8.tar.gz<br /># cd libpng-1.2.8<br /># cp scripts/makefile.std makefile <br /># make; make install <br /><br />c.install freetype<br /># cd /home/software/ <br /># tar -zvxf freetype-2.1.10.tar.gz <br /># cd freetype-2.1.10<br /># mkdir -p /usr/local/freetype<br /># ./configure --prefix=/usr/local/freetype <br /># make;make install<br /><br />d.:install zlib<br /># cd /home/xiutuo/software/ <br />#tar -zxvf zlib-1.2.3.tar.gz<br />#cd zlib.1.2.3<br /># ./configure<br /># make;make install<br /><br />e.install GD<br /># cd /home/software/ <br /># tar -zvxf gd-2.0.33.tar.gz <br /># mkdir -p /usr/local/gd2<br /># cd gd-2.0.33<br /># ./configure --prefix=/usr/local/gd2 --with-jpeg=/usr/local/jpeg6/ <br />--with-png=/usr/local/lib/<br />--with-zlib=/usr/local/lib/<br />--with-freetype=/usr/local/freetype/<br /># make; make install<br /><br />f.install Curl<br /># cd /home/xiutuo/software/ <br /># tar -zxf curl-7.15.0.tar.gz<br /># mkdir -p /usr/local/curl<br /># ./configure --prefix=/usr/local/curl<br /># make; make install<br /><br />5:install php5,php5 need libxml2 to support!<br /><br />a.install libxml2<br /># cd /home/xiutuo/software/<br /># tar -zxf libxml2-2.6.19.tar.gz<br /># cd libxml2-2.6.19<br /># mkdir -p /usr/local/libxml2<br /># ./configure --prefix=/usr/local/libxml2<br /># make; make install<br /><br />b.install libxslt<br /># cd /home/software/<br /># tar -zxf libxslt-1.1.15.tar.gz<br /># mkdir -p /usr/local/libxslt<br /># cd libxslt-1.1.15<br /># ./configure --prefix=/usr/local/libxslt --with-libxml-prefix=/usr/local/libxml2<br /># make; make install<br /><br />c.install php5<br /># cd /home/software/<br /># tar -zvxf php-5.1.2.tar.gz <br /># mkdir -p /usr/local/php<br /># cd php-5.05<br /># ./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache/bin/apxs<br />--with-mysql=/usr/local/mysql/ <br />--with-curl=/usr/local/curl --enable-ftp <br />--with-libxml-dir=/usr/local/libxml2 <br />--with-expat-dir=/usr/lib --enable-soap <br />--with-xsl=/usr/local/libxslt --enable-xslt <br />--with-gd=/usr/local/gd2/ <br />--with-jpeg-dir=/usr/local/jpeg6/ <br />--with-zlib-dir=/usr/local/lib/<br />--with-png=/usr/local/lib/<br />--with-freetype-dir=/usr/local/zlib/ <br /># make<br /># make install<br /># cp php.ini-dist /usr/local/php/lib/php.ini (never forget)<br /><br />after "./configure" <br />--prefix=/usr/local/php <br />--with-apxs2=/usr/local/apache/bin/apxs <br />--with-mysql=/usr/local/mysql/<br />--with-libxml-dir=/usr/local/libxml2<br />This is necessary<br /><br />--with-gd=/usr/local/gd2/ <br />--with-jpeg-dir=/usr/local/jpeg6/ <br />--with-png=/usr/local/lib <br />--with-zlib-dir=/usr/lib<br />--with-freetype-dir=/usr/local/freetype<br />make PHP to support GD<br /><br />--with-curl=/usr/local/curl support CURL<br />--enable-ftp <br /><br />--enable-soap --with-xsl=/usr/local/libxslt --enable-xslt<br />make PHP to support SOAP<br /><br />6.config Apache2 to make it support PHP<br /><br />config httpd.conf to support PHP<br /># vi /usr/local/apache/conf/httpd.conf<br />find AddType application/x-gzip .gz .tgz and add this:<br />AddType application/x-httpd-php .php<br />AddType application/x-httpd-php-source .phps<br /><br />restart apache<br /># /usr/local/apache/bin/apachectl restart<br /><br /><br /><br />mysql<br />./configure --prefix=/usr/local/mysql --localstatedir=/usr/local/mysql/data --disable-maintainer-mode --with-mysqld-user=mysql --with-unix-socket-path=/tmp/mysql.sock --without-comment --without-debug --without-bench <br />./bin/mysqld_safe &<br /><br /><br /><br /><?php<br />$mysqli = new mysqli("localhost", "my_user", "my_password", "world");<br /><br />/* check connection */<br />if (mysqli_connect_errno()) {<br /> printf("Connect failed: %s\n", mysqli_connect_error());<br /> exit();<br />}<br /><br />printf("Host information: %s\n", $mysqli->host_info);<br /><br />/* close connection */<br />$mysqli->close();<br />?>MADUNIXhttp://www.blogger.com/profile/09324689643630694197noreply@blogger.com0tag:blogger.com,1999:blog-3809113574406702660.post-47014731651738188202007-04-15T02:43:00.000-07:002007-04-15T02:44:22.052-07:00AIX 5.3 recommendationlately I found a very interesting artical from IBM System mag open systems version Aug/Sept 2006 which states IBM are now recommending the following for AIX5.3<br /><br />The new recommendations are to leave maxclient and maxperm at their default settings of 80, but to still set minperm to something like 5. We also don't change the strict settings. Instead, we alter other parameters as follows: <br /><br />vmo -p -o minperm%=5<br />vmo -p -o lru_file_repage=0<br />vmo -p -o lru_poll_interval=10MADUNIXhttp://www.blogger.com/profile/09324689643630694197noreply@blogger.com0tag:blogger.com,1999:blog-3809113574406702660.post-74014791923129068892007-04-15T02:38:00.001-07:002007-04-15T02:38:48.104-07:00Connecting Webserver to Oracle10gOracle client:<br />1. Download the Instant Client from Oracle<br />2. Be sure to get the basic and the sdk package for Linux (the basic in<br />RPM format to install the runtime environment and both the basic and sdk<br />in zip format to be used while compiling)<br />3. Install the RPM package (rpm -i)<br />4. Unzip both zips into the same directory<br />5. cd into the newly created directory (instantclient_10_x) and create a<br />softlink: libclntsh.so -> libclntsh.so.10.1<br /><br />Apache/PHP:<br /><br />1. Install apache2, do not install any PHP packages!<br />2. Install apache2-devel to get apxs2 (also required: libapr1-devel and<br />libapr-utils-devel)<br />3. Download the PHP source code and unzip it<br />4. Use configure as shown in FIG A<br />5. Enter make<br />6. Add the lib-directory generated by the RPM installed before (e.g<br />/usr/lib/oracle/10.2.0.3/client/lib) to the LD_LIBRARY_PATH<br />7. Enter make install<br />8. Copy the php.ini-recommended file to your apache config directory<br />(e.g. /etc/apache2)<br />9. Create the tnsnames.ora<br />10. cd into your apache config directory<br />11. (for apache 2) create a new file called php5.conf and copy the<br />content of FIG D into it<br />12. Be sure to include this conf in your vhost (e.g. Include<br />/etc/apache2/conf.d/php5.conf)<br />13. Edit the files containing module information (on SuSE 10.1:<br />/etc/sysconfig/apache2) and add the libphp5.so to the list of modules.<br />14. Start apache with the script from FIG C<br />15. Create a PHP page, only containing <?php phpinfo(); ?>, save it in<br />your DocumentRoot and call it via a web browser. It should now display<br />an OCI8 information section.<br />16. You can now use the code from FIG E to test your Oracle database<br />connection<br /><br /><br />FIG A:<br />./configure<br /> --with-oci8=instantclient,<LOCATION_OF_UNZIPPED_ORACLE_FILES><br /> --prefix=/usr/local<br /> --with-apxs2=/usr/sbin/apxs2<br /> --enable-sigchild<br /> --with-config-file-path=/etc/apache2<br /><br />FIG C:<br />LD_LIBRARY_PATH=<PATH_TO_LIB_DIR_FROM_RPM>:${LD_LIBRARY_PATH}<br />TNS_ADMIN=<PATH_TO_DIR_CONTAINING_TNSNAMES><br />export LD_LIBRARY_PATH TNS_ADMIN<br />echo Starting Apache apache2ctl start<br /><br />FIG D:<br />AddType application/x-httpd-php .php<br />AddType application/x-httpd-php .phtml<br />AddType application/x-httpd-php-source .phps<br /><br />FIG E:<br /><?php<br /> $c = OCILogon('<USER_NAME>', '<PASSWORD>',<br />'<ALIAS_FROM_TNS_NAMES>');<br /> if($c != null){<br /> echo "YAY!";<br /> } else{<br /> echo "DOH!";<br /> }<br /><br />$query = '<SOME_SQL_HERE>';<br /><br />$stid = OCIParse($c, $query); OCIExecute($stid, OCI_DEFAULT); while<br />($succ = OCIFetchInto($stid, $row)) { foreach ($row as $item) { echo<br />$item." "; } echo "<br>n"; }<br /><br />OCILogoff($c); ?>MADUNIXhttp://www.blogger.com/profile/09324689643630694197noreply@blogger.com0tag:blogger.com,1999:blog-3809113574406702660.post-85232904578919441772007-04-15T02:30:00.000-07:002007-04-15T02:33:58.246-07:00MPLS study notesMPLS: Multi Protocol Label Switching<br />Packet forwarding is done based on Labels.<br />Labels are assigned when the packet enters into the network.<br />Labels are on top of the packet.<br />MPLS is functioning in frame-mode or cell-mode. <br />LSPs are unidirectional<br />Label Header:= Header 4 bytes, Label 20 bits.<br />Label Header can be used over Ethernet, 802.3, or PPP links<br />A label switch router (LSR) is a device that forwards based on labels.<br />An edge LSR labels and removes labels from packets. <br />LSRs distribute labels to the upstream neighbors<br />Forwarding tables (FIB) are built based on IP routing tables with no labeling information<br />MPLS convergence occurs immediately after the routing protocol convergence, based on labels already stored in LIB <br />LDP and TDP use a similar process to establish a session:<br />Hello messages are periodically sent on all interfaces enabled for MPLS.<br />UDP is used for hello messages. It is targeted at "all routers on this subnet" multicast address ( 224.0.0.2).<br />TCP is used to establish the session.<br />Both TCP and UDP use well-known LDP port number 646 (711 for TDP).<br />Penultimate hop popping optimizes MPLS performace (one less LFIB lookup). <br />PHP optimizes MPLS performance by reducing the number of table lookups on the egress router.<br />PHP is not supported on ATM devices because a label is part of the ATM cell payload and cannot be removed by the ATM switching hardware <br />Pop or implicit null label uses value 3 when being advertised to a neighbor.<br />Provider Network (P-Network): The backbone under control of a Service Provider<br />Customer Network (C-Network):Network under customer control <br />CE router:Customer Edge router. Part of the C-network and interfaces to a PE router<br />Site is connected to the VPN backbone through one or more PE/CE links <br />PE router Provider Edge router. Part of the P-Network and interfaces to CE routers <br />P router Provider (core) router, without knowledge of VPN<br />Route-Target 64 bits identifying routers that should receive the route<br />Route Distinguisher Attributes of each route used to uniquely identify prefixes among VPNs (64 bits) VRF based (not VPN based) <br />VPN-IPv4 addresses Address including the 64 bits Route Distinguisher and the 32 bits IP address <br />VRF VPN Routing and Forwarding Instance Routing table and FIB table Populated by routing protocol contexts<br />VPN-Aware network, A provider backbone where MPLS-VPN is deployed <br />Intranet VPN: Intranet VPNs connect sites within an organization. Security mechanisms are usually not deployed in an intranet, because all sites belong to the same organization. <br />Extranet VPN: Extranet VPNs connect different organizations. Extranets usually rely on security mechanisms to ensure the protection of participating individual organizations. Security mechanisms are usually the responsibility of individual participating organizations. <br />Access VPN: Access VPNs are virtual private dial-up networks (VPDNs) that provide dialup access into a customer network. <br />PE routers are faced to CE routers and distribute VPN information through MP-BGP to other PE routers <br />P routers do not run BGP and do not have any VPN knowledge<br />PE and CE routers exchange routing information through: EBGP, OSPF , RIPv2, Static routing<br />Site of Origin (SOO): identifies the originating site <br />Route-target (RT): identifies the set of sites the route has to be advertised to <br />RTs are attributes that are attached to a VPNv4 BGP route to indicate its VPN membership. The extended BGP communities of a routing update is used to carry the RT of that update, thus identifying which VPN the update belongs to. <br />RD is configured in the PE for each VRF<br />The RD is used only to transform nonunique 32-bit customer IP version 4 (IPv4) addresses into unique 96-bit VPNv4 addresses (also called VPN IPv4 addresses).<br />RD may or may not be related to a site or a VPN <br /><16bits type>:<ASN>:<32 bit number>Registered AS number<br /><16bits type>:<IP address>:<16 bit number>Registered IP address<br />VRF: VPN Routing and Forwarding Instance( VRF Routing Protocol Context, VRF Routing Tables,VRF CEF Forwarding Tables) <br />One central site has full routing knowledge of all other sites (of same VPN) = Hub-Site<br />Other sites will send traffic to Hub-Site for any destination = Spoke-Sites<br /><br /><br />show commands <br />show ip route vrf <vrf-symbolic-name> ...<br />show ip protocol vrf <vrf-symbolic-name><br />show ip cef <vrf-symbolic-name> …<br />show tag-switching tdp parameters<br />show tag-switching interface <br />show mpls interface<br />show tag-switching tdp discovery <br />show tag-switching tdp neighbor<br />show tag-switching tdp neighbor detail<br />show tag-switching tdp bindings<br />show tag-switching forwarding-table<br />show mpls forwarding-table <br />show ip cef detail<br /><br /><br />Sample PE Router Configuration <br />en<br />conf t<br />ip cef<br />ip vrf Cust<br />rd 1:100<br />route-target both 1:100<br /><br />interface Serial0/0<br /> ip vrf forwarding Cust<br /> ip address 172.16.1.1 255.255.255.252<br /><br />router eigrp 1<br /> address-family ipv4 vrf Cust<br /> redistribute bgp 1 metric 1000 100 255 1 1500<br /> network 172.16.0.0<br /> network 172.15.0.0<br /> no auto-summary <br /> autonomous-system 101<br /><br /><br />router bgp 1<br /> no synchronization<br /> no auto-summary<br /> address-family vpnv4<br /> address-family ipv4 vrf Cust<br /> neighbor 10.10.10.102 remote-as 1<br /> neighbor 10.10.10.102 activate<br /> neighbor 10.10.10.102 update-source Loopback0<br /> redistribute eigrp 201<br /><br /><br />To verify configuration<br />show ip eigrp vrf Cust neighbors<br />show ip bgp vpnv4 vrf ...<br />show ip route eigrp<br />sh ip vrf routeMADUNIXhttp://www.blogger.com/profile/09324689643630694197noreply@blogger.com0tag:blogger.com,1999:blog-3809113574406702660.post-71746181155100022902006-11-26T23:04:00.000-08:002006-11-26T23:13:22.620-08:00BSCI study notes-LS:Link State<br />-ES:Non routing host or node (end system), End System (ES) - Host machines (PCs)<br />-IS:Router (Intermediate System).<br />-CLNS:ConnectionLess Network Service uses CLNP Connectionless Network Protocol.<br />-CMNS:Connection Mode Network Service uses CONP Connection Oriented Network Protocol.<br />-Area:Logical entity (Set of contiguous routers, hosts, and links)<br />-Domain: Collection of connected areas, equivalent to an autonomous system<br />-ES-IS routing protocols Handle level-0 routing<br />-OSPF:There are a couple of things to keep in mind about this. An individual interface can be in only a single OSPF process at a time. In OSPF the network statement includes a netmask so that you can identify specific unique interfaces and assign it in whichever OSPF process you want it to be. when you have multiple OSPF processes, the routes will all appear in the local routing table with no indication of which process they came from. But an OSPF process will not advertise to its neighbors information learned by another OSPF process unless you redistribute between the processes.<br />-LSA: Both LSA type 3 and 4 are generated by the ABR(s). It is not only sent to the other ABRs but to all the routers in the area it is flooded in. The type 3 is generated from both type 1 and 2 LSAs from one area to another. A type 4 is generated for the each ASBR into an area to another. <br />From RFC2328: The B bit has to be set when the router is an area border router (B is for border).<br />-IS-IS and OSPF both require hirachical topology<br /><br />-EIGRP<br />EIGRP is a Cisco proprietary routing protocol and will not run on another vendor's equipment. OSPF is vendor independent.<br /><br />-Auto Summarization<br />occurs for Ripv1, Ripv2, IGRP, EIGRP, BGP<br /><br />-Ripv1 does not support Authentication, Ripv2 support Authentication in clear and md5 to accept routhing update<br /><br />-EIGRP, is-is, Ripv2, OSPF : support VLSM<br /><br />-ClassLess:EIGRP, RIPV2, OPSF, is-is and BGP<br /><br />-IGRP and EIGRP: are cisco proprieory routing protocols <br /><br />-Class<br />leading bit 0 , class B leading bit 10 class c leading bit 110<br /><br />-class c<br /> 124 8 0 254<br /> 125 7 128 127<br /> 126 6 192 62<br /> 127 5 224 30<br /> 128 4 240 14<br /> 129 3 248 7<br /> 130 2 252 2<br /> 131 1 254 0<br /><br />-Ripv2, EIGRP are VLSM compatible<br /><br />-172.16.100.0/24 + 172.16.106.0/24 = 172.16.96.0/20<br /><br />-route summarization used with contiguos network<br /><br />-" no auto-summary " disables the automatic summarization of routes<br /><br />-you cannt ping an unnumbered interface<br /><br />-calculate network address 172.16.0.10/29<br /> 29=24+5<br /> 10=00001010<br /> network = 00001000<br /><br />-on a serial link we need only 2 ip addresses one for each side of the link, subnet mask of 255.255.255.252<br /><br />-broadcast addresss for the 172.16.1.10/25=172.16.1.27 set last 7 bits to 1<br /><br />-SNMP are not supported in NAT<br /><br />-the NAT router used about 160 bytes pretranslation, this means that about 1000 translation will use about 1.53 MB of RAM<br /><br />-the OSPF process ID is not contained in the OSPF Hello packet<br /><br />-An eBGP router will not set the NEXT_HOP attrib to itself when a route is orginated by an iBGF router in the same AS and on the same subnet as itself and the remote eBGP router<br /><br />-126.52.80.0/24, 99.255.0.0/24, 72.95.85.1/24 = 64.0.0.0/2<br /><br />-if the k-values and the as no. do not match, EIGRP devices will not form a neighbor relationship<br /><br />-the debug is-is adj-packets command will display information about the is-is Hello PDLL's a router is sending and recieving<br /><br />- a volume of 0 in the unfeasible routes length filed means that the with draw routes fild means that the with raw routes filed is not present in the UPDATE MESSAGE<br /><br />- Routing table exchange is not a category of the OSPF operation. the exchange of Routing table information occurs during the LSA flooding category of OSPF operation<br /><br />- the OSPF process ID is locally significant to the router it is configured on. you can have multiple istances of OSPF running on router and the process ID used to distinguish between them.<br /><br />- IP address,Interface, Metric all can be used with match statement for route map<br /><br />- the ge-value and le-value for prefix lists are used to specify the network range.<br /><br />- Route Reflectors and can confiderations can be used in conjunction or alone to overcome the scalability limitation of iBGP.<br /><br />- in the Broadcast network, the only device that will send a CSNP is the DIS.<br /><br />- during the init state of the OSPF, the router has recived a Hello packet from it's neighbor, but the router has not see it's own router ID in theHello packet. once the router sees its own router ID the Heelo packet from the naighbor, the OSPF state will transition to 2 way.<br /><br />- non broadcast OSPF network require you manually configure neibors.<br /><br />- broadcast, P2P,P2M, will automatically form neighbors.<br /><br />- route maps are used to manipulate routes being redistributed from one IGP to another IGP. Distribute lists are used to filter routes contained in an iGP filter lists and prefix lists are used to filter BGP routes, distributed lists don't exist.<br /><br />- a level 2 router will form adjacencies with all other level 2 routers and all level1/2 routers.<br /><br />- is-is the default is-is network of P2P interface is p2P. 2xrouters,one with physical interface, in the same is-is area,could form an is-is adjacency.<br /><br />- when configuring a device to participate in a memeber - as you must specify the memeber - as no., confederation ID and the confederation peers.<br /><br />- Ripv2, IGRP are both distance vector<br /><br />- when advertising routes to another memeber- as the eBGP router will check to see is the as-path has an As. CONFED-SEQUENCE included, if it does not, the router will add the As-CONFED-SEQUENCE with its memeber as included. if the As-path does have an as-CONFED-SEQUENCE the router will add its memberto the seguence.<br /><br />- confederations are made up of memeber-As<br /><br />- if the route reflector recieves an UPDATE message containing routes from a route reflector with the same cluster ID as itself the route reflector will discard the routes.<br /><br />- the command " a real stub " would be needed on all non-ABR routers for the area the command " area 1 stub no-summary " would be needed on a router tahtwas an ABR for the area.<br /><br />- virtual links are used to connect areas to area 0 that are not directly connected to area 0<br /><br />- EIGRP can configured to support up to six routes per destination.<br /><br />- a level1/2 router would have link-state database for the level 1 LSP's and would leave one link-state database for the level 2 LSP's for the total of the two link-state database.<br /><br />- ORIGIN and NEXT-HOP man datory attrib community is optional tranitive MED is optional , non transitive.<br /><br />- distance vector routing protocols are based on the Bellman-ford algorithm, send thier on entire routing table in updates and are less scalable thyan link-state routing protocol.<br /><br />- the OSPF network type broadcast prefers a full mesh, doesnt require neighbor statements, and elects a DR.<br /><br />- OSPF, LSA type 3 is generated by an ABR and is summary to the networks in an area.<br /><br />- non client BGP device types must be fully meshed with each other, clients dont need to be fully meshed because they are connected to a route reflector. a BGP speaker is not a BGP device typre.<br /><br />- the show IP policy command will list all interfaces that have route maps configuredon them and what routemap they are using.<br /><br />-TSA will not accept LSA type 3,4 or 5<br />-IPv4 = 32bits , IPv6 = 128 bits<br />-NAT works only with IP addresses<br />-neighbour in OSPF is another route with the same network address.<br />-DR resposible for making adjacencies with allroutes on a multiaccess link and maintaining thos adjacancies.<br />-OSPF router with priority set equal 0, cannt be DR or BDR<br />-inteface in init states, it means taht a router comming online is waiting for a Hello from neighbour.<br />-LSDB = topology map LSA=link state advertisement LSR =link state request LSU=link state update<br />-cost is the metric of OSPF<br />-priority,a cisco tool by which the DR can be manually elected or converted from taking part in DR,BDR election.<br />-cisco has defined a max of "6" paths taht can be used simultaneusly.<br />-OSPF can be used on "6" different WAN technology ( BMA, P2P, P2M, NBMA, VirtLink)<br />-BMA network can be ethernet TR FDDI<br />-P2p network can be direct connet ( no DRI, BDR )<br />-P2M network can be FR ( no DR, BDR )<br />-NBMA network can be FR, ATM<br />-VirtLink virtual connectiong to remote area<br />-"show IP policy" displays the route maps used for policy-based routing on the routes interface<br />-"show route-map" used to show the configured route maps<br /><br />-route maps can be used for NAT, BGP, Redistrib<br />- method enable you to control routing info sent between routers during distribution ( pass inteface, static route, default route, null inteface, distribute list, route map )<br />-control routing is usefull for ( to hide certain network from the rest, to prevent routing loops, to control overload on the wire ,simple security reason )<br />-place subnet 172.16.20.128 in areal, and all other in area 0<br /> network 172.16.20.128 0.0.0.255 area1<br /> network 172.16.0.0 0.0.255.255 area2<br />-config OSPF # router OSPF procc-no<br />-a triggered update is when a routing update is sent a synchronously in response to change in the networktopology if there is a charge in the metric, the update is sent immediatly without waiing for the update timer to expire<br />-BGP sends incremental updates that can contain only the network change<br />-Dijkstra algorithm : this is a routing algorithm that iterates on the length of path to determine a shortest path first tree ( SPF tree ) it is commonly used in link-state routing protocols to determine which route to use. this is used in OSPF<br />-show IP OSPF neighbour will show the DR and BDR<br />-show IP OSPF, show IP OSPF database and show IP OSPF intefatce all show the OSPF process ID on the router<br />-an ABR must be resident in area 0, as well as in the area that is connecting to the nach bone area, it has two topological database, one for each area in which it is resident , so tha tit knows how to forward traffic.<br />-stub area, cannt accept ext. LSA and a virtual link cannt caontain a stub area.<br />-cisco suggests that a router should be a DR or a BDR for only one LAN<br />-Dis sends out " hello" every 3.3 sec.<br />-a L1/2 router has 2x link-state database, one for the L1 routers and other for the L2 router, a separate SPF algorithm is run for each database<br />-using the " set " command modifies matching routes<br />-RFC compliant NBMA, P2M<br />-cisco specific P2M non broadcat, broadcast, P2P<br />-full mesh:every router is conncted to every other router.<br />-partial meah:some router are directly connceted other are through another router.<br />-star(hub&spoke):one router acts as the connection to every other router.<br />-P2P non-broadcast hello = 30 sec dead 120<br />-P2P hello =10 sec dead in 40 <br />-broadcast hello = 10 sec dead 40<br />-NBMA hello = 30 sec dead = 120<br />-S packets on OSPF used to build routing table hello protocol, database descripter,linkstate request linkstate. linkstate ack.<br /><br />-if multiple routers have the same priority the router with routerwith the highest RID will be selected as the DR<br />-OSPF router ID ( RID ) is the highest IP address or the highest loop back address if one exist<br />-full mesh n(n-1)/2<br />- DR/BDR 2n-2<br />- if a router determines a CSNP mentioned an LSP it doesnthave , the router will multicast a P2NP reqesting the LSP <br /><br />- R ( config ) # router BGP 100<br /><br />- R ( config-router ) # no synch<br /><br />- R ( config-router ) # no auto-summary<br /><br />-since the remote as No. is different than the As No. specified when BGP was enabled,this will be an eBGP neighbour<br /><br />- the command neighbour 1.1.1.1 distrib-list 10 out would an outband distribute list tothe BGP session with the router tah thas address 1.1.1.1 <br /><br />- you can add toprefixd list without having to delete it and reenter it like an access list<br /><br />- Egress filtering is performed on a route when the route is moved from Loc-RiB to the Adj-RiB's out<br /><br />-During the exchange state of OSPF routes are exchanging DD and LSR packets<br />-During the 2way OSPF state, a router has seen its own router ID in the hello packet ofneighbor<br />-the IP unnumbered command will allow a serial interface to borrow an IP address from another interface<br />-trace route uses the time-to-live field of an IP pachet to determine the hop-by-hop path of a packet<br />-for cisco devices,a DIS will by defualt multicast CSNP every 10 sec on broadcast networks<br />-if the router detects it has an LSP that is missing from the CSNP it will multicast that LSP to all ofthe neighbours<br />-stub areas do not accept type 4 or type 5 LSA's.a stub area will instead accept a type 3 LSA with a default route <br />-EIGRP uses theprotocol No. 88<br />-in the open confirm state, the router is waiting to recieve a KEEPALIVE message from its peer. once it recieve theKEEPALIVE message, the state will transition to ectablished<br />-the COMMUNITY attribute is an optional transitive attribute<br />-NSSA will allow an ASBR in the area to generate 7 LSA's for external routes the type 7 LSA's will then propagate across the area. the ABR will translate the type 7 LSA to a type 5 LSA and advertise it out of the area<br />-Policy-Based routing can be used for QoS through the use of the precendence ToSbits ???? and it can be used tocreate asynchronous routing<br />-OSPF DR's use well known multicast address 224.0.0.6<br />-P2P and P2M OSPF network type will not elect a DR or BDR<br />-OSPF and IS-IS both require a hirarichal network design<br />-periodic SPF calculations occur every 15 min<br />-L1/2 routers are similar to OSPF ABR's <br />-the ! symbol represents a successfull ping<br />-NGP uses TCP port 179 to establish TCP connection<br />-OSPF, LSA type 4 will adertise infoabout an ASBR into an area<br />-Topology table: The topology table holds a map of every link in the area. Every topology table in the area is the same. This is sometimes referred to as the link-state database.<br />-The ip ospf priority number command is used to determine the DR manually. The higher the<br />priority, the greater the likelihood is of success.<br />-OSPF configuration over a point-to-point:It is necessary to have one subnet per connection. Thus, if there are four point-to-point links,four subnets are required.<br />-Five packets are used to build the routing table for the first time:<br />The hello packet —This is used to find neighbors and to determine the designated and BDR. The continued propagation of the hello packet maintains the transmitting router in the topology database of those that hear the message.<br />The database descriptor —This is used to send summary information to neighbors to synchronize topology databases.<br />- The LSR —This is a request for more detailed information, which is sent when the router receives a database descriptor that contains new information.<br />The LSU —This is the LSA packet issued in response to the request for database information in the LSR packet.<br />The link-state acknowledgement —This acknowledges the LSU.<br /> <br />-The exstart state is a stage in the forming of an adjacency between neighbors. This stage is the stage when the DR and the BDR have been elected. The master/slave relationship has been<br />established, as has the initial sequence number of the DDP packets.<br /> <br />-Referred to as DBDs or database descriptor packets (DDPs), these are packets exchanged between neighbors during the exchange state. The DDPs contain summary information taken from the LSAs, which describe the links of every router in the neighbor’s topology table.<br /> <br />-A link-state advertisement (LSA) is a packet describing a router’s links and the state of those<br />links. There are different types of LSAs to describe the different types of links. An LSR is a link-state request, which is used when the router receives a DDP complete with summary information taken from the LSA. It compares the LSA against the topological database. If either the LSA entry is not present or the entry is older than the DDP, it will request further information via an LSR.<br /> <br />-The hello packet is used to maintain the neighbor table. Whenever a hello is heard, the source<br />address in the hello packet is used to reset the hello interval timer. This shows that the neighbor<br />is still active.<br />-OSPF defines cost as the OSPF metric, but does not define what cost represents. Thus, any determinant could be used and defined manually as cost. Cisco has set a default metric to be the inverse of bandwidth, making the fastest link the most preferred link. This default can be overridden by manual configuration.<br />-BDR stands for backup designated router. This router acts as the backup to the DR in case the<br />DR fails. The BDR performs none of the DR functions while the DR is operating correctly.<br />-When election dynamically, the DR is elected arbitrarily. The election is made on the basis of the highest router ID or IP address present on the network segment. It is wise to be aware that the highest IP address is the numerically highest number, not the class ranking of the addresses.<br />Therefore, a remote, small router with a Class C address might end up as a DR.<br /> <br />-When a new router connects to a network, it will find a neighbor using the Hello protocol and<br />will exchange routing information.<br /> <br />-The receiving router will send a copy of the LSA it holds in its database to the source of the old LSA and then discard the old LSA it received.<br /> <br />-Remember that the DDPs are simply a summary of the routes about which the neighbor knows. If there is a discrepancy between the information in the received DDPs and the router’s topology database, then the router requests more detailed information from its neighbor on those routes of which it was unaware. The different stages or states that the router goes through gathering routing information to update the topology database from a neighbor are shown in the following list:<br />The loading state —If the receiving router, the 2500, requires more information, it<br />will request that particular link in more detail using the LSR packet.<br />The LSR will prompt the master router to send the LSU packet. This is the same as an LSA<br />used to flood the network with routing information. While the 2500 is awaiting the LSUs<br />from its neighbor, it is in the loading state.<br />The full state —When these LSRs are received and the databases are updated and<br />synchronized, the neighbors are fully adjacent.<br /> <br />-The RFC 2328 that defines OSPF does not state the number of equal-cost paths that can be<br />entered into the routing table. Cisco has defined this to be four paths by default, which can be configured to contain up to six equal-cost paths.<br /> <br />-The LSA is flooded out of all the interfaces, excepting the interface through which it was<br />received. The LSA is copied into the topology database, replacing the original LSA if it existed.<br />The received LSA is acknowledged. The SPF algorithm is run to update the routing table.<br /> <br />-The configuration options proprietary to Cisco for NBMA are:<br />Point-to-multipoint nonbroadcast/Broadcast/Point-to-point<br /> <br />-In a point-to-point network, the concept of broadcast is not relevant because the communication<br />is direct to another router. There is very little network overhead. An IP subnet is required for<br />each point-to point link. In point-to-multipoint connections, OSPF simulates a broadcast, the network traffic is replicated and sent down each physical link and uses multicast addressing.<br /> <br />-The default network type for serial interfaces with HDLC encapsulation is point-to-point and<br />the hello packet is sent out every 10 seconds.<br /> <br />-The BDR listens to all the OSPF network traffic, which is addressed to both the designated and BDRs. All the routers on the medium have an adjacency with both DRs. The difference is that the BDR listens but does not respond. If the DR fails, the BDR becomes the DR.<br /><br />-The priority command is used to determine manually the DR. The higher the priority, the<br />greater the likelihood is of success. Remember that the default=1 and p=0 means that the router<br />cannot win.<br /><br />-The bandwidth parameter configured on an interface of a route in OSPF on a Cisco router is used to determine the default cost or the value of the path with the lowest cost.<br /><br />-The router command creates the OSPF process with an ID number to identify it. To create another process on the same router, issue the same command again with a different ID number.It is possible to have more than one process, although it is rarely configured. The process ID in the command router ospf process-id not only starts the process, but also identifies the process; repeating the command with another ID number will create another process. One possible scenario for this configuration is a service provider that wants to separate its OSPF domain from its customer.<br /><br />-The “ip ospf network non-broadcast” command is the RFC-compliant mode for NBMA. It is the default mode for interfaces and point-to-multipoint subinterfaces. It is used in a full or partial meshed network, and OSPF operates as if on a nonbroadcast network. It is necessary to define manually the DR to be a hub router that is connected to all the other routers. Neighbors must be defined manually.<br /><br />-It is necessary to manually configure the neighbors in the industry-standard NBMA mode and<br />in the Cisco point-to-multipoint nonbroadcast mode.<br />You need to define the neighbors to the router because the router believes that it is a<br />nonbroadcast medium, so it cannot send out the multicast traffic to ascertain the neighbors.<br /> <br /><br />-The industry-standard NBMA configuration can be chosen in a fully meshed environment. It<br />requires an additional manual configuration of the neighbors, but the network will elect the DR<br />and the BDR. There might be some design concerns about running this mode in an unstable<br />network, which could burden the CPU and the WAN links.<br />It is possible to use point-to-point subinterfaces without worrying about the OSPF network type<br />because they will become neighbors.<br />The other alternative is the Cisco broadcast mode, which does not require the manual<br />configuration of neighbors.<br /> <br />-The Cisco solution point-to-point does not require the election of either a DR or a BDR because<br />there are only two nodes on the network. They form an adjacency immediately.<br /><br />-There are several ways to configure the process to include the interface. The command network<br />network-number wildcard-mask area area-number would be a subcommand to the global<br />command router ospf process-id . The network command is used in both possible solutions;<br />the difference is in the wildcard mask.<br />— network 192.100.56.10 0.0.0.0 area 2 —This will match every bit in the interface<br />address.<br />— network 192.100.56.10 0.0.7.255 area 2 —This will also match the interface because<br />it will resolve to the subnet assigned to the wire connected to the interface. This bit<br />allocation was chosen merely to demonstrate the technique. The allocation assumed is<br />the subnet mask of 255.255.248.0. Note that the wildcard mask is the inverse of the<br />subnet mask, ensuring that the individual subnet is selected for the interface.<br /> <br />-Underneath the appropriate interface, issue the command ip ospf cost . The value for cost is an unsigned integer value expressed as the link-state metric. It can be a value in the range 1 to 65,535.<br /><br />-If the command ip ospf network non-broadcast is used, the additional statement that is required is the neighbor statement. Because the network is a nonbroadcast network that cannot<br />see its neighbors, the neighbors are to be manually configured.<br /><br />-The show ip ospf neighbor command will show the DR and the backup router. Another command that will show the DRs is the show ip ospf interface command.<br /> <br />-The command show ip ospf database shows the contents of the topology database and gives a<br />status on the LSAs that have been sent and received, including how long it has been since the<br />last LSA was received.<br /><br />-The command “show ip ospf interface” shows the adjacencies that exist with neighbors.<br />-The command “debug ip packet” shows OSPF packets being sent and received in real time.<br /> <br />-The commands “show ip ospf” , “show ip ospf database” , and show ip ospf interface all show the OSPF process ID on the router.<br />-The debug command has the highest process priority and is therefore capable of consuming all the resources on the router, thus becoming the problem as opposed to helping to solve the problem.<br />-The sequence number is used to ensure the LSA that has been received contains the most recent<br />information about the network. This prevents any packets arriving out of sequence from resulting in a change in the network that is incorrect.<br />-The SPF schedule delay is the time between OSPF receiving a topology change and starting an<br />SPF calculation. The delay can be an integer from 0 to 65,535. The default time is 5 seconds.<br />If the value is set to 0, this means that the SPF calculation is started as soon as a valid LSA is received. There is a balance between responding to a topology change quickly and the use of CPU processing.<br />-The show ip ospf interface command shows how the interface has been configured for OSPF.<br />This allows for the immediate identification of typing errors that result in a mismatch between<br />neighbors.<br />-The command "debug ip rip" is used to provide real-time info about the Ripv1 and Ripv2<br />-is-is and OSPF both require hirachical topology.<br />-Automatic summarization occurs for Ripv1, Ripv2,IGRP,EIGRP,BGP<br />-load balance on unequal cost paths supported by IGRP, EIGRP<br />-Ripv1 does not support Authentication<br />-Ripv2 support Authentication in clear and md5 to accept routhing update<br />-classless : EIGRP, RIPV2, OPSF, is-is and BGP<br />-IGRP and EIGRP are cisco proprieory routing protocols <br />-class A leading bit 0 , class B leading bit 10, class c leading bit 110<br />- class c <br /> /24 8 0 254 <br /> /25 7 128 127<br /> /26 6 192 62<br /> /27 5 224 30<br /> /28 4 240 14<br /> /29 3 248 7<br /> /30 2 252 2<br /> /31 1 254 0<br />-Ripv2, EIGRP are VLSM compatible<br />-172.16.100.0/24 + 172.16.106.0/24 = 172.16.96.0/20<br />-Route summarization used with contiguos network<br />-"no auto-summary" disables the automatic summarization of routes<br />-you cannt ping an unnumbered interface<br />- calculate network address 172.16.0.10/29<br /> 29=24+5<br /> 10=00001010<br /> network = 00001000<br /><br />- on a serial link we need only 2 ip addresses one for each side of the link, subnet mask of 255.255.255.252<br />-Broadcast addresss for the 172.16.1.10/25=172.16.1.27 set last 7 bits to 1<br />-SNMP are not supported in NAT<br />-The NAT router used about 160 bytes pretranslation, this means that about 1000 translation will use about 1.53 MB of RAM<br />-The OSPF process ID is not contained in the OSPF Hello packet<br />-An eBGP router will not set the NEXT_HOP attrib to itself when a route is orginated by an iBGF router in the same AS and on the same subnet as itself and the remote eBGP router<br />-126.52.80.0/24 + 99.255.0.0/24+ 72.95.85.1/24=64.0.0.0/2<br />-if the k-values and the AS no. do not match, EIGRP devices will not form a neighbor relationship<br />-the debug is-is adj-packets command will display information about the is-is Hello PDLL's a router is sending and recieving<br />-PSNP can be used to request LSP info <br />-a volume of 0 in the unfeasible routes length filed means that the with draw routes fild means that the with raw routes filed is not present in the UPDATE MESSAGE<br />-Routing table exchange is not a category of the OSPF operation. the exchange of Routing table information occurs during the LSA flooding category of OSPF operation<br />-the OSPF process ID is locally significant to the router it is configured on. you can have multiple istances of OSPF running on router and the process ID used to distinguish between them.<br />-IP address,Interface, Metric all can be used with match statement for route map<br />-ge-value and le-value for prefix lists are used to specify the network range.<br />-Route Reflectors and confiderations can be used in conjunction or alone to overcome the scalability limitation of iBGP.<br />-Broadcast network, the only device that will send a CSNP is the DIS.<br />-During the init state of the OSPF, the router has recived a Hello packet from it's neighbor, but the router has not see it's own router ID in theHello packet. once the router sees its own router ID the Heelo packet from the naighbor, the OSPF state will transition to 2 way.<br />-Nonbroadcast OSPF network require you manually configure neighbors.<br />-Route maps are used to manipulate routes being redistributed from one IGP to another IGP. Distribute lists are used to filter routes contained in an iGP filter lists and prefix lists are used to filter BGP routes, distributed lists don't exist.<br />-L2 router will form adjacencies with all other level 2 routers and all level1/2 routers.<br />-Default is-is network of P2P interface is p2P. 2xrouters,one with physical interface, in the same is-is area,could form an is-is adjacency.<br />-when configuring a device to participate in a memeber - as you must specify the memeber - as no., confederation ID and the confederation peers.<br />-Ripv2,IGRP are both distance vector.<br />-when advertising routes to another memeber- as the eBGP router will check to see is the as-path has an As. CONFED-SEQUENCE included, if it does not, the router will add the As-CONFED-SEQUENCE with its memeber as included. if the As-path does have an as-CONFED-SEQUENCE the router will add its memberto the seguence.<br />-confederations are made up of memeber-As<br />-if the route reflector recieves an UPDATE message containing routes from a route reflector with the same cluster ID as itself the route reflector will discard the routes.<br />-command" a real stub " would be needed on all non-ABR routers for the area the command " area 1 stub no-summary " would be needed on a router tahtwas an ABR for the area.<br />-virtual links are used to connect areas to area 0 that are not directly connected to area 0<br />-EIGRP can configured to support up to six routes per destination.<br />-level1/2 router would have link-state database for the level 1 LSP's and would leave one link-state database for the level 2 LSP's for the total of the two link-state database.<br />-ORIGIN and NEXT-HOP mandatory attrib community is optional tranitive MED is optional , non transitive.<br />-Distance vector routing protocols are based on the Bellman-ford algorithm,send thier on trrie routing table in updates and are less<br />-IS-IS routing protocols - Handle level-1, level-2, and level-3 routing<br />-Ripv2, IS-IS and BGP are classless, IGRP is classfull.<br />-To summarize an area in ospf ,you must use the "area area# range addr mask" command on the ABR for an area.<br />-BGP uses port 179 to open as session with a remote BGP speaker.<br />-When dealing with routers that have low mem and cpu, it best to set the area up as totally stub area TSA.<br />-TSA will not allow lsa to be passed into it.<br />-Class D is IP multicast addr.<br />-Hold Timer expired errors do not have an error sub-code.<br />-The show ip policy will list all interfaces that have route maps configured on them and which route map they are using.<br />-IS-IS rides on CLNS.<br />-type lsa 3 and 4 consiered to be summary link advs. while totally stubby areas do not receive summary link advs, stub areas do<br />-In order for a route to be come a FS, the route adv distance must be less than the successor routes FD. <br /><br />-Negotion and disconnect are not valid BGP states. connect and active are valid BGP states.<br /><br />-"Summary-address address mask" can be used only when summarizing routes that are being redistributed into ospf.<br /><br />- By default, cisco devices are L1/2 IS-IS routers.<br /><br />- From the global configuration mode, "R1#route-map name {permit|deny} sequence" is used to configure route maps.<br /><br />-AD of Stat ic route pointing to next hop address is 1.<br /><br />-OSPF and IS-IS are bothlink state routing protocol and use the Dijkstra algorithm.<br /><br />-When redistributing into IS-IS, by default allroutes are marked as internal L2 routes.<br /><br />-if you have to elect between (EIGRP/OSPF/IS-IS/EX.BGP) then a AD of 20 for external BGP would be preferred route<br /><br />-OSPf will use the highst loopback address on a router as the Router ID, if loopback is not configured on the router, ospf will use the highst configured <br />IP addr on the router<br /><br />-A bgb UPDATE message can contain only one new route. it can, however contain multiple routes to withdraw.<br /><br />-An eBGP router will not sent the NEXT_HOP attrb to itself when a route is orginated by an iBGP router in the same AS and on the same subnet as itself and the remote eBGP router.<br /><br />-ORGIN, NEXT_HOP and AS_PATH are well known mandatory attrb<br /><br />-LOCAL_PREF is well-known discretionary attribute.<br /><br />-ARIN assign public AS numbers<br /><br />-Route reflectors and confederation can be used to overcome the scalability limitations of iBGP.<br /><br />-IS-IS will preempt for the designated router; ospf will not, <br /><br />-A multi-homed AS has more than one exit point.<br /><br />-ACK and HELLO packets do not require an acknowledgement to be sent.<br /><br />-a TSA will not allow any LSA to be propagated into it.<br /><br />-The COMMUNITY attrib is an optional transitive attribt.<br /><br />-if no topology changes occur, ospf will still send out an lsa evry 30min.<br /><br />-if a disconnect message is received from TCP, the BGP session will transition back to idle.<br /><br />-summarize 172.16.32.0/24 172.16.36.0/24 172.16.64.0/24 = 172.16.0.0/17<br /><br />-88 for EIGRP, 89 for OSPF, 6 for TCP and 17 for UDP.<br /><br />-P2P,P2M,Broadcast,Nonbroadcast all are valid OSPF network type.<br /><br />-AS_SEQ is not an AS_PATH type.<br /><br />-A default cost of 10 is a ssigned to all IS-IS interface.<br /><br />-The only time a CSNP is sent on P2P link is during the start up process.<br /><br />-The cod D represents routes learned by EIGRP in routing table.<br /><br />-EIGRP and IGRP are both cisco propriety routing protocols<br /><br />-Client, non-client, and route reflector are all valid BGP device types.<br /><br />-The D class 244.0.0.5 is used for OSPF on P2P connection.<br /><br />-Default route<br />0.0.0.0 0.0.0.0 is the combination required for defining a default route.<br /><br />-AS<br />The private AS number are 64512 through 65535, the public AS no. are 1 through 64511<br /><br />-Hello Timer<br />The default Dead timer is 3x the value of the Hello timer.<br /><br />-the NSAP selector bit represents the services available by a host, this value must be always be 00.<br /><br />-OSPF<br />By default, the OSPF Dead timer is 4x greater than the Hello timer.<br />OSPF will assign a metric of 20, if one has not been specified, to all routers redistributed into it. In order for ospf to accept classless routes. the subnets keyword needs to be a append to the redistribution time.<br /><br />-IS<br />is a device that is capable of routing.<br /><br /><br />-Ipv6<br />Uni/mlti/Any-cast are all IPv6 address.<br /><br /><br /><br />-NAT<br />NAT translates only IP address and can use the TCP and UDP ports to create unique IP address.<br />NAT can support approx 64000 hosts by one IP address.<br />NAT seperate between the inside and outside network whare NAT PAT should be configured.<br /><br /><br />-Layer<br />Local VLAN and High port density are used on Access layer.<br />In the core Layer is designed to be optimized transport and Packet switching.<br />The Distribution layer is the only layer where layer 3 should be terminated.<br /><br />-VLSM<br />supported by OSPF and when incorparated can make better use of the IP address space. <br /><br />-OSPF<br />During the Exstart state of ospf, the master/slave relation is formed in order to form an adjacency by exchanging DD packets<br /><br />-EIGRP<br />Eigrp uses the 224.0.0.10.<br />When configuring EIGRP summary address, you must configure the summary address on the interface where the summarization will occur.<br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br />-NSSA's support the transport of ospf lsa type7<br /><br />-Traceroute gives you a hop by hop account of the path packet uses.<br /><br />-An origin code of incomplete is represented in the BGP routing table with the "?" symbole<br /><br />-IS-IS summarization L1 routes can be summarized into L2 area.<br /><br />-The Loc-RIB is used to populate the BGP routing table.<br /><br />-if a router detect LSP missing from CSNP, it will multicast that LSP to all of its neighbors<br /><br />-if a router determines a CSNP mentions an LSP that it does not have, the router will multicast a PSNP requesting the LSP.<br /><br />-OSPF LSA type 2, also known as network link adv, is generated by DR and sent to only those routers that are on the network of the DR in the same Area.<br /><br />-Broadcast and point-to-point ospf network types have Hello intervall of 10 sec and Dead interval of 40 sec.<br /><br />-Non-Broadcast and P2M ospf network types have a hello interval of 30 sec and a Dead interval of 120 sec.<br /><br />-ip nat {inside | outside}<br /><br />-ip nat pool <name> <start-ip> <end-ip> {netmask <netmask> | prefix-length < prefix-length >} [type {rotary}]<br /><br />-ip nat inside source {list <acl> pool <name> [overload] | static <local-ip> <globle-ip>}<br /><br />-ip nat inside source list <acl> interface <interface> overload<br /><br />-ip nat outside source {list <acl> <name> | static <global-ip> <local-ip>}<br /><br />-show ip nat translations verbose<br /><br />-clear ip nat translation {* | <global-ip> | <global-ip> <local-ip> <prototol> <global-port> <local-port>}<br /><br />-The show ip route command will not display the BGP table. You must use the show ip bgp command to display the entries in the BGP routing table.<br /><br />-The highest ip address on an active interface is normally used as the OSPF router ID. This can be overridden by 224.0.0.6 is the address of all OSPF DRs and BDRs. configuring an IP address on a loopback address on a loopback interface.<br /><br />-Ipv6<br />IPv6 Address Type: Unicast - An IPv6 unicast address is an identifier for a single interface, on a single node. A packet that is sent to a unicast address is delivered to the interface identified by that address.<br />IPv6 Address Type: Anycast - An anycast address is an address that is assigned to a set of interfaces that typically belong to different nodes. A packet sent to an anycast address is delivered to the closest interface as defined by the routing protocols in use—identified by the anycast address.<br />IPv6 Address Type: Multicast - An IPv6 multicast address is an IPv6 address that has a prefix of FF00::/8<br />An IPv6 multicast address is an identifier for a set of interfaces that typically belong to different nodes.<br /><br />-OSPF<br />224.0.0.6 is the address of all OSPF DRs and BDRs.<br /><br />-Sending route summaries– routing information advertised out an interface is automatically summarized at major (classful) network address boundaries by RIP, IGRP, and EIGRP.<br /><br />-IS-IS::A two-level hierarchy is used to support large routing domains. A large domain may be administratively divided into areas. Each system resides in exactly one area.<br /><br />-L<br />L1: Routing within an area.<br />L2: Routing between areas is referred to as Level 2 routing. A Level 2 Intermediate System (IS) keeps track of the paths to destination areas. <br />L1: keeps track of the routing within its own area. For a packet destined for another area, a Level 1 IS sends the packet to the nearest Level 2 IS in its own area, regardless of what the destination area is. Then the packet travels via Level 2 routing to the destination area, where it may travel via Level 1 routing to the destination. It should be noted that selecting an exit <br />from an area based on Level 1 routing to the closest Level 2 IS might result in suboptimal routing<br /><br />-Class D<br />Class D addresses are not as widely used. <br />Class D addresses are multicast addresses; some Class D multicast addresses used by routing protocols are as follows:OSPF – 224.0.0.5 and 224.0.0.6/ RIPSv2 – 224.0.0.9/EIGRP – 224.0.0.10<br /><br /><br /><br />-Area<br />Stub Areas: These areas do not accept routes belonging to external autonomous systems (AS);<br />however, these areas have inter-area and intra-area routes. In order to reach the outside networks, the routers in the stub area use a default route which is injected into the area by the Area Border Router(ABR).<br />Normal Areas: These areas can either be standard areas or transit (backbone) areas. Standard areas are defined as areas that can accept intra-area, inter-area and external routes.<br />Backbone area is the central area to which all other areas in OSPF connect.<br />Totally Stub Areas: These areas do not allow routes other than intra-area and the default routes to be propagated within the area. The ABR injects a default route into the area and all the routers belonging to this area use the default route to send any traffic outside the area.<br />NSSA: This type of area allows the flexibility of importing a few external routes into the area while still trying to retain the stub characteristic. Assume that one of the routers in the stub area is connected to an external AS running a different routing protocol, it now becomes the ASBR, and hence the area can no more be called a stub area. However, if the area is configured as a NSSA, then the ASBR generates a NSSA external link-state advertisement (LSA) (Type-7) which can be flooded throughout the NSSA area. These Type-7 LSAs are converted into Type-5 LSAs at the NSSA ABR and flooded throughout the OSPF domain<br /><br />-EIRGP summary: ip summary-address eigrp 109 192.1.0.0 255.255.0.0<br /><br />-BGP summary: aggregate-address address mask [as-set] [summary-only]<br /><br />-OSPF ABR summary: area (area-id) range (address mask)<br /><br />-OSPF ASBR summary: summary-address ip-address mask<br /><br />-NSSA:area area-id nssa <br /><br />-Type-7 LSA: External routing information is imported into an NSSA in Type-7 LSAs.Type-7 LSAs are similar to Type-5 AS-external LSAs, except that they can only be flooded into the NSSA. In order to further propagate the NSSA external information, the Type-7 LSA must be translated to a Type-5 AS-external-LSA by the NSSA ABR<br /><br />-Define an NSSA Totally Stub Area: area <area-id> nssa (no-summary)<br /><br />-OSPF<br />The command that configures an OSPF area as stub is: area <area-id> stub<br /><br />-Totally stubby areas is: area <area-id> stub no-summary<br /><br />-Normal Area <-> None<br /><br />-Stub Area <-> No Type 5 AS-external LSA allowed<br /><br />-Totally Stub <-> No Type 3, 4 or 5 LSAs allowed except the default summary route<br /><br />-NSSA<->No Type5 AS-external LSAs allowed,but Type 7 LSAs that convert to Type 5 at the NSSA ABR<br /><br />-NSSA Totally Stub <-> No Type 3, 4 or 5 LSAs except the default summary route, but Type 7 LSAs that convert to Type 5 at the NSSA ABR are allowed<br /><br />-Configure OSPF on an on-demand circuit using the following interface command:<br />interface bri 0<br />ip ospf demand-circuit<br /><br /><br />-Two routers will not become neighbors unless they agree on the following--<br />Area-id<br />Authentication<br />Hello and Dead Intervals<br />Stub area flag<br /><br />-ASRB already has default route --- default-information originate <br /><br />-ASBR doesn't have a default route --- default-information originate always<br /><br />-Redistributing Routes into OSPF:<br />redistribute protocol [process-id] [metric value] [metric-type] 1/2 subnets<br />redistribute rip metric 10 subnets<br />type 2 - external cost<br />type 1 - external and internal cost. A type 1 route is always preferred over a type 2 route <br /><br />-External routes fall under two categories, external type 1 and external type 2. The difference between the two is in the way the cost (metric) of the route is being calculated. The cost of a type 2 routes always the external cost, irrespective of the interior cost to reach that route. A type 1 cost is the addition of the external cost and the internal cost used to reach that route. A type 1 route is always preferred over a type 2 route for the same destination<br /><br />-Injecting Defaults into OSPF:<br />router ospf 10<br />redistribute rip metric 10 subnets<br />network 203.250.15.0 0.0.0.255 area 0<br />default-information originate metric 10<br /><br />-OSPF Virtual links :area (area-id) virtual-link (router-id) <br />RTA#<br />router ospf 10<br />area 2 virtual-link 2.2.2.2<br />RTB#<br />router ospf 10<br />area 2 virtual-link 1.1.1.1<br /><br />-Selecting Interface Network Types, the command used to set the network type of an OSPF interface is:ip ospf network {broadcast | non-broadcast | point-to-multipoint} <br /><br />-Setting a broadcast interface : ip ospf network broadcast<br /><br />-If your autonomous system will be passing traffic through it from another autonomous system to a third autonomous system, it is very important that your autonomous system be consistent about these routes that it advertises. For example, if your BGP were to advertise a route before all routers in your network had learned about the route through your IGP, your autonomous system could receive traffic that some routers cannot yet route. To prevent this from happening, BGP must wait until the IGP has propagated routing information across your autonomous system. This causes BGP to be synchronized with the IGP. Synchronization is enabled by default. Only if all routers in the transit path in the AS are running BGP it is safe to turn synchronization off.<br /><br />-The private NSAP addresses have AFI beginning with 39, 45 and 47. AESA Network Service Access Point (NSAP) ATM Addresses<br /><br />-command sh ip ospf, view SPF recalculated times, out-of-data routes removed time<br /><br />-The ip default-network command is used as a method of distributing route information to other routers.<br /><br />-There are 5 methods to prevent loops, change metric/change AD/use default route(not static route)/passive-interface/distribute-list) <br /><br /><br />-EIGRP:<br />Neighbor table - lists adjacent routers<br />Topology Table - route entries for all destinations.<br />Routing table - best routes to a destination<br /><br />-Successor - primary route used to reach a destination<br /><br />-Feasible successor - backup route to the destination.<br /><br />-EIGRP by default assumes the bandwidth is a T1 (1.544 Mbps) if not specified (including subinterfaces). Because the question ask for "what is the bandwidth of each frame Relay connection..." the answer is 1.544 Mbps/24 = 64.3 kbps.<br /><br />-When configuring routers in a NBMA topology, subinterfaces are typically used. A physical interface can be split into multiple logical interfaces, called subinterfaces, with each subinterface being defined as point-tomultipoint interface. Subinterfaces originally were created to better handle issues caused by spilt horizon over NBMA and distance vector-based routing protocols.<br /><br />-The ip bandwidth-percent eigrp command is used to configure the percentage of bandwidth that may be used by Enhanced IGRP (EIGRP) on an interface. <br /><br />-There are four types of IS-IS packets: IS-IS Hello Packets, Link State Packets (LSPs), Complete Sequence Number Packets (CSNPs), and Partial Sequence Number Packets (PSNPs). PSNPs function as ACKs. Loss of a PSNP may result in an unnecessary retransmission of an LSP, but does not prevent correct operation of the routing protocol.<br /><br />-We examine the following command: distance 140 0.0.0.0 255.255.255.255 9<br />140 defines the administrative distance that specified routes will be assigned.<br />0.0.0.0 255.255.255.255 defines the source address of the router supplying the routing information, in this case any router.<br /><br />-defines the access-list to be used to filter incoming routing updates to determine which will have their administrative distance changed.<br /><br />-The default metric used on Cisco IOS for IS-IS is the default (cost) metric and not delay.<br /><br />-In EIGRP, the reliable packets are reply, query and update.<br /><br />-If no alternate path is specified and the next hop router fails, policy based routing will default to dynamic routing decisions.<br /><br />-A router running BGP have A BGP topology table and A BGP attribute table.<br /><br />-To configure an IS-IS routing process for IP on an interface, use the ip router isis interface configuration command. <br /><br />-Note: To enable IS-IS, perform the following tasks starting in global configuration mode:<br />Step 1: router isis - Enable IS-IS routing and specify an IS-IS process for IP, which places you in router configuration mode.<br />Step 2: net network-entity-title - Configure NETs for the routing process; you can specify a name for a NET as well as an address.<br />Step 3: interface type number-Enter interface configuration mode.<br />Step 4: ip router isis [tag]-Specify the interfaces that should be actively routing IS-IS.<br /><br />- Perform the following steps to configure EIGRP for IP:<br />Step 1 Enable EIGRP and define the autonomous system.<br />routerTK(config)#router eigrp autonomous-system-number<br />Step 2 Indicate which networks are part of the EIGRP autonomous system.<br />routerTK(config-router)#network network-number<br />Step 3 Define bandwidth of a link for the purposes of sending routing update traffic on the link.<br />routerTK(config-if)#bandwidth kilobits<br /><br />-(OSPF)The no-summary extension of the area stub command is used only for ABRs connected to totally stubby areas. It prevents an ABR from sending summary link advertisements into the stub area. This option is used for creating a totally stubby area.<br /><br />-By default, EIGRP will limit itself to using no more than 50% of the available bandwidth.<br /><br />-Using the show ip ospf neighbor command, you can observe the neighbor data structure. This command displays OSPF-related neighbor information. The Interface field shows the interface on which the OSPF neighbor has formed adjacency.Sample:<br />RouterTK2#show ip ospf neighbor<br />Neighbor ID Pri State Dead Time Address Interface<br />192.168.45.1 1 FULL/DR 00:00:36 10.0.0.1 Ethernet0<br /><br />-The show ip ospf interface command displays area ID and adjacency information<br /><br />-Redistribution of static routes configured to the null 0 interface into BGP is done to a<br />dvertise aggregate routes rather than specific routes from the IP table. However, Cisco recommends the use of the aggregate-address-command instead.<br /><br />-There are many similarities between the IS-IS and the OSPF routing protocols:<br />link-state database<br />Shortest Path First (SPF) algorithm<br />Update, Decision, and Flooding Process<br />Hello protocol to establish and maintain adjacencies<br /><br />-The BGP next-hop attribute is a well-known mandatory attribute that indicates the next hop IP address that is to be used to reach a destination. For EBGP, the next hop is the IP address of the neighbor specified who sent the update, Router TK2 in this scenario. However, since Router TK2 learned this route through IBGP with the next-hop of 40.1.1.2, this value will be used instead. This avoids an unnecessary hop.<br /><br />-The aggregate route, 200.52.1.0 255.255.255.0, and the more specific route, 200.52.1.192<br />255.255.255.224, will both be advertised. To only advertise the aggregate route the summaryonly<br />option of the aggregate-address command must be used.<br /><br />-The original IS-IS specification defines four different types of metrics: cost, delay, expense, and error. The Cisco implementation uses cost only. All links use the metric of 10 by default.<br /><br />-The Cisco IOS software can handle simultaneous operation of up to 30 dynamic IP routing<br />processes. The combination of routing processes on a router or access server consists of the following protocols (with the limits noted):<br />Up to 30 IGRP routing processes<br />Up to 30 OSPF routing processes<br />One RIP routing process<br />One IS-IS process<br />One BGP routing process<br />Up to 30 EGP routing processes<br /><br />-The default EIGRP link speed is 1.544 Mbps for serial media.<br /><br />-Note: The enhanced code uses the "bandwidth" subcommand on interfaces and subinterfaces in order to determine the rate at which to generate EIGRP packets. This parameter is automatically set on fixed-bandwidth interfaces (such as LANs), but defaults to T1 (1544 Kbps) for all serial media.<br /><br />-(OSPF)The area area-id range address mask command consolidates IA (intra-area) routes on an ABR. The command instruct the ABR to summarize routes for a specific area before injecting them into a different area.<br /><br />-The distribute-list 5 out static command filters routes learned from static entries by using access list 3, before those routes are passed to the ospf process.<br /><br />-One-way redistribution would help avoiding the routing loops problem.<br /><br />-The distance eigrp command is used to allow the use of two administrative distances---in<br />ternal and external that could be a better route to a node. <br />Syntax: distance eigrp internal-distance external-distance<br /><br />-Route maps are complex access lists: A collection of route-map statements that have the same route-map name are considered one route-map.<br />Step 1: RouterTestKing(config)# route-map map-tag [permit | deny] [ sequence-number]<br />First we define the conditions for policy routing.<br />Step2: RouterTestKing(config-route-map)#match { conditions}<br />Then we define the conditions to match<br />Step 3: RouterTestKing(config-route-map)# set { actions}<br />Finally we define the action to be taken on a match.<br /><br />-Using this command for OSPF causes an OSPF autonomous system boundary router (ASBR) to advertise one external route as an aggregate for all redistributed routes that are covered by the address. For OSPF, this command summarizes only routes from other routing protocols that are being redistributed into OSPF.<br /><br />-Multiple autonomous systems or routing domains can share route information through the redistribution process. Proper implementation of redistribution requires route filters to prevent feedback loops from forming. It is strongly recommended that redistribution between multiple ASs or multiple routing protocols be accompanied by route filters.<br /><br />-IGBP routes are propagated to all IBGP peers and only the IBGP peers.<br /><br />-The show ip ospf border-routers command displays the internal OSPF routing table entries to an area border router (ABR) and autonomous system boundary router (ASBR). The SPF No in the output is thei nternal number of SPF calculation that installs this route.<br /><br />-EIGRP sends hello packets every 5 seconds on high bandwidth links and every 60 seconds on low bandwidth multipoint links. The hold time is typically three times the hello interval. In this scenario, on slow NBMA media, hold time will be 180 seconds.<br /><br />-EIGRP by default assumes the bandwidth is a T1 (1.544 Mbps) if not specified (including subinterfaces)<br /><br />-The show ip bgp summary command displays the status of all BGP connections. Neighbors with corresponding AS value will be listed, both interior and external.<br /><br />-IGRP and EIGRP support unequal cost path load balancing, which is known as variance. OSPF,RIPv1 and RIPv2 do not support this.<br /><br />-If you want router to advertise a static-route in a routing protocol,you ll need to redistributeit.<br /><br />-If you define a static route to an interface that is not one of the networks defined in a network command, no dynamic routing protocols will advertise the route unless a redistribute static command is specified for these protocols.<br /><br />-The bandwidth can be configured separately on each subinterface. Since this is NBMA we can assume that Frame Relay is used. For Frame Relay on point-to-point the bandwidth should be set it to the CIR of the PVC.<br /><br />-Note: NBMA (Non-broadcast Multi-access) supports many (more than two) routers,but have no broadcast capability. Frame Relay and X.25 are example of NBMA.<br /><br />-Note: The CIR (Committed Information Rate) is the committed rate (in bits per second) at which the ingress access interface trunk interfaces, and egress access interface of a Frame Relay network transfer information to the destination Frame Relay end system under normal conditions.<br /><br />-OSPF, IS-IS and EIGRP support manual route summarization.<br /><br />-The show ip prefix-list command is used to display information about a prefix list or prefix list entries.<br /><br />-In OSPF, all areas must be connected to a backbone area, area 0.<br /><br />-The ip summary-address eigrp command is used to configure a summary aggregate address for a specified interface. Syntax: ip summary-address eigrp autonomous-system-number address mask<br />-All routers within an area will have the same view of the area – they will all have the same topology table. All of them will know when another router joins the area.<br /><br />-The ip helper-address command is used to have the Cisco IOS software forward User Datagram Protocol (UDP) broadcasts, including BOOTP, received on an interface. DHCP protocol information is carried<br />inside of BOOTP packets. To enable BOOTP broadcast forwarding for a set of clients, configure a helper address on the router interface closest to the client. The helper address should specify the address of the DHCP server.<br /><br />-Note: A DHCP server can be considered to be a BOOTP server, even though a DHCP server is more advanced.<br /><br />-When configuring multipoint interfaces, especially for Frame Relay, remember that all neighbors share the bandwidth equally.<br /><br />- This autonomous system designator is a 16-bit number, with a range of 1 to 65535. RFC 1930 provides guidelines for the use of AS numbers. A range of AS number, 64512 through 65535, is reserved for private use, much like the private Internet Protocol (IP) addresses.<br /><br />-The ip default-network command is used as a method of distributing default route informat<br />ion to other routers. When running RIP, you can create the default route by using the ip defaultnetwork command. If the router has a directly connected interface onto the network specified in the ip default-network command, RIP will generate (or source) a default route to its RIP neighbor routers.<br /><br />-The attributes defined by BGP include:<br />Well-known mandatory attributes: AS-path, Next-hop, Origin<br />Well-known discretionary attributes: Local preference, Atomic aggregate<br />Optional transitive attributes: Aggregator, Communities<br />Optional non-transitive attribute: Multi-Exit-Discriminator (MED)<br /><br />-Class A:10.1.1.1 to 10.254.254.254<br /><br />-Class B:172.16.1.1 to 172.31.254.254<br /><br />-Class C:192.168.1.1 to 192.168.254.254<br /><br />-There are 3 steps in routing packets: <br />Determine if the protocol is supported - IP, IPX, Appletalk, DECNET, etc; <br />Check for the destination address in the routing table; <br />Determine exit interface and then route packet. <br /><br />-Static route example - "conf t", "ip route 192.168.2.0 255.255.255.0 192.168.1.10". <br /><br />-Default route example - "conf t", "ip route 0.0.0.0 0.0.0.0 192.168.1.1". <br /><br />-Static routes are to be used in small networks (10 routers or less). <br /><br />-An Autonomous System (AS) is a collection of routing domains under the same administrative control. <br /><br />-IGP (Interior Gateway Protocols) - route within the same AS. <br /><br />-IGP can be broken down by: class- distance-vector and link-state, category- classful and classless. <br /><br />-EGP (Exterior Gateway Protocols) - route between different AS's. <br /><br />-Distance-vector routing protocols - they route "by rumor". Examples are RIP, IGRP, EIGRP. <br /><br />-EIGRP is a hybrid protocol, Cisco considers it a distance-vector protocol. <br /><br />-Distance-vector extended specifications: <br /><br />-Periodic updates - 30 seconds for RIP, 90 seconds for IGRP. <br /><br />-Neighbors - another router on the same logical (or data link) connection. <br /><br />-Broadcast updates - when a router becomes active, it will send out a broadcast. <br /><br />-Full routing table updates - the entire routing table is sent out with each update. <br /><br />-Routing by rumor - a router sends its routing table to all neighbors. <br /><br />-Invalid timer if a route is not updated for a while, it is marked invalid usually 3 to 6 times the update timer. <br /><br />-Count to infinity - a maximum hop count is enforced (16 for RIPv1/RIPv2,255 for IGRP).Not used by EIGRP. <br /><br />-Split Horizon - a route cannot be advertised through the interface it was learned on. <br /><br />-Hold-down timer - information about a route is put "on hold". Useful when a device flaps. Not used by EIGRP. <br /><br />-Triggered updates - an update will be sent out as soon as a significant event occurs. This will speed up convergence. <br /><br />-Load balancing with equal paths - supported by RIPv1/RIPv2, IGRP, EIGRP. <br /><br />-Load balancing with unequal paths - supported by IGRP and EIGRP. NOT supported by RIPv1 and RIPv2. <br /><br />-VLSM support (Variable-Length Subnet Mask) - supported by RIPv2 and EIGRP. NOT supported by RIPv1 and IGRP. <br /><br />-Metric - hops (RIPv1 and RIPv2), composite (IGRP and EIGRP). <br /><br />-RIP (Routing Information Protocol) - version 1 and version 2. <br /><br />-Common characteristics of RIPv1 and RIPv2: <br />Both are distance-vector routing protocols. <br />Both use the Bellman-Ford algorithm. <br />The metric is hop count - 1 to 15. 16 means unreachable. <br />Periodic updates are sent every 30 seconds. <br />Invalid timer is 90 seconds. <br />Route flush timer is 240 seconds (this timer starts after a route is marked invalid). <br /><br />-Differences between RIPv1 and RIPv2: <br />RIPv1 is classful, and RIPv2 is classless. <br />RIPv2 supports authentication of routing updates. <br />RIPv2 supports multicast route updates. <br />RIPv2 carries next hop addresses with each route entry. <br />RIPv2 has automatic route summarization. <br /><br />-Link-state routing - each router knows the exact topology of the network. <br /><br />-Link-state protocols: <br />OSPF (Open Shortest Path First); <br />IS-IS (Intermediate System to Intermediate System); <br />EIGRP (hybrid, as mentioned earlier). <br /><br />-Link-state advertisements = LSA <br /><br />-LSA are generated for each link. Only updates are sent, and NOT the entire routing table. <br /><br />-How Link-state routing protocols work: <br />A router forms adjacencies with directly connected neighbors. <br />The router then sends LSAs to each neighbor. <br />All routers store the LSAs in their own database. <br />Each router will use the Dijkstra algorithm to compute a best route to a destination.<br /><br />-EIGRP uses the DUAL algorithm instead. <br /><br />-Link-state extended specifications (OSPF ISIS EIGRP): <br />Hierarchical topology - needed by OSPF and IS-IS, NOT needed by EIGRP. <br />All three protocols retain knowledge of all possible routes. <br />All three protocols support manual route summarization. <br />Only EIGRP supports automatic route summarization. <br />All three protocols support event-triggered announcements. <br />All three protocols support load balancing with equal paths. <br />Only EIGRP supports load balancing with unequal paths. <br />All three protocols support VLSM. <br />OSPF and IS-IS use cost as a metric, EIGRP uses a composite metric. <br />Hop count limit is 200 for OSPF, 1024 for IS-IS, and a default 100 for EIGRP (max is 255). <br />IS-IS is suitable for the largest networks. <br />Classful routing - no netmask is sent with updates. Examples - RIPv1, IGRP. <br />Classless Interdomain Routing (CIDR) - A VLSM is sent with updates. Examples - RIPv2, EIGRP, OSPF, IS-IS. <br />Routes are chosen by administrative distance (lower is better), and by metric. <br /><br />-Default administrative distances: <br />0 - directly connected /1 - static route /5 - EIGRP summary /20 - External BGP /90 - EIGRP <br />100 - IGRP /110 - OSPF/115 - IS-IS/120 - RIP/140 - EGP /170 - External EIGRP /200 - Internal BGP <br />255 - Unknown <br /><br />-If there are two or more routes with the same AD, the one with the lowest metric (hop count, etc) is chosen. <br /><br />-Convergence - the time it takes for all routers to agree on the network topology after a change. <br /><br />-Two different reasons for a link to be considered down: <br />Physical - when an interface on a router does not receive three consecutive keepalives. <br />Logical - when a routing protocol fails to receive three consecutive Hello messages. <br /><br />-Link-state protocols do not use hold-down timers, and therefore speed up convergence. <br /><br />-Distance-vector convergence is generally slow (can be 240-490 seconds), with the exception of EIGRP (hybrid). <br /><br />- Show the routing table - "sh ip route". <br /><br />-Clear and recreate the routing table - "clear ip route *". <br /><br />-Important troubleshooting tools - "ping" and "traceroute". "ping <iP> "traceroute <ip>". <br /><br />-OSPF floods network with LSAs to prevent loops. IS-IS does NOT! <br /><br />-RIPv1/RIPv2 use hop count as a metric. <br /><br />-IS-IS and OSPF use bandwidth. <br /><br />-IGRP and EIGRP use a composite metric. <br /><br />-RIPv1, RIPv2, IGRP, and EIGRP support automatic route summarization.<br /><br />-IS-IS and OSPF only support manual route summarization. <br /><br />-Benefits of link-state over distance-vector protocols: <br />Link-state protocols use Hello messages to establish adjacencies; <br />When a network change occurs, link-state protocols send only the necessary info about the change, not the entire routing table. <br /><br />-With classful routing, all devices on the network must have the same mask. <br /><br />-The default metric for static routes can be: <br />0 - when the static route points to an interface; <br />1 - when the static route points to a next hop.<br /><br />-IP addressing in decimal, binary, and hex - 172.16.30.56 = 10101100.00010000.00011110.00111000 <br /><br />-"host address" = "node address" - the host part of an IP address. <br /><br />-Class A - leading bit "0", address range "1.0.0.0 - 126.255.255.255". Netmask 255.0.0.0 <br /><br />-Class B - leading bit "10", address range "128.0.0.0 - 191.255.255.255". Netmask 255.255.0.0 <br /><br />-Class C - leading bit "110", address range "192.0.0.0 - 223.255.255.255". Netmask 255.255.255.0 <br /><br />-Network address of all zeros (means "this network"). <br /><br />-Network address of all ones (means "all networks"). <br /><br />-Network 127 - loopback. <br /><br />-Node address of all zeros (means "this network"). <br /><br />-Node address of all ones (means "all nodes"). <br /><br />-Entire IP address of all zeros (used to designate the default route). <br /><br />-Entire IP address of all ones (broadcast). <br /><br />-Number of subnets = 2^n - 2, where n = number of subnet bits. <br /><br />-Number of hosts = 2^n - 2, where n = number of host bits. <br /><br />-You can use the all zeros and all ones subnets (but NOT on the exam). The command is: "conf t", "ip subnet-zero". <br /><br />-VLSM - for a network of only 2 hosts, the subnet mask is 255.255.255.252. Anything < 252 is a waste of IP space. <br /><br />-A mask of 255.255.255.0 (/24) gives us 254 hosts. 255.255.255.128 (/25) = 126 hosts. 255.255.254.0 (/23)= 510 hosts. <br /><br />- Old IOS - when you enter "8 bits for subnetting", the IOS shows mask /16 (for class A IP), as it adds the bits to the default mask. <br /><br />- New IOS - when you enter "255.255.0.0" = 16 bits, the IOS shows mask /16 (no longer class-dependent). <br /><br /><br />-Practical VLSM example - 4 subnets needed - 2, 4, 200, and 300 hosts respectively. Available network is 172.16.0.0/16. A good rule is to start from the smallest subnet and move up. <br />subnet1 (2 hosts) - network 172.16.0.4, mask 255.255.255.252 (/30), hosts 172.16.0.5-172.16.0.6, broadcast 172.16.0.7. <br />subnet2 (4 hosts) - network 172.16.0.8, mask 255.255.255.248 (/29), hosts 172.16.0.9-172.16.0.14, broadcast 172.16.0.15. <br />subnet3 (200 hosts) - network 172.16.1.0, mask 255.255.255.0 (/24), hosts 172.16.1.1-172.16.1.254, broadcast 172.16.1.255. <br />subnet4 (300 hosts) - network 172.16.2.0, mask 255.255.254.0 (/23), hosts 172.16.2.1-172.16.3.254, broadcast 172.16.3.255. <br />It is not a good idea to separate subnets with another network. Example: <br />172.16.1.0/24 <--> 10.1.1.1 <--> 10.1.1.2 <--> 172.16.2.0/24. This is a BAD idea, although route summarization can fix it. <br /><br />- CIDR notation - "/24" - network part has 24 bits. The first CIDR value is /8 (class A), and the last is /30 (2 hosts in a subnet). <br /><br />-Note: With the release of RFC 3021, vendors will start supporting a /31 mask for point-to-point connections. <br /><br />-Route summarization = route aggregation. Simple example - 172.16.1.0/24 + 172.16.2.0/24 + 172.16.3.0/24 = 172.16.0.0/16. <br /><br />-Route summarization steps: <br />Convert all network numbers to binary. <br />Count the common bits between all of them, starting from the beginning. This is your mask. <br />Example: <br />We will summarize 172.16.18.0/24 and 172.16.30.0/24. I will separate the common part, for tidiness. <br />172.16.18.0 = 10101100.0001000.0001 0010.00000000 <br />172.16.30.0 = 10101100.0001000.0001 1110.00000000 <br />The common part is 172.16.16.0 (the rest of the 3rd octet is disregarded). <br />The mask is 255.255.240.0 (/20). <br />Our summarized answer is 172.16.16.0/20 <br />Tip: When you have a list of networks, take the first and the last one, and then summarize. <br /><br />-Only classless routing protocols support route summarization. Therefore, RIPv1 and IGRP are not suitable in this case. <br /><br />-Route summarization is most effective with hierarchical addressing - the shortest subnet masks are on top of a tree (/16 for example), and below are longer subnet masks (/24), then down below even lower ones (/30). <br /><br />- Discontiguous networks are one that are not hierarchical. There is no fixed order of subnetting. <br /><br />-If you find yourself in a situation with a discontiguous network, you must disable automatic route summarization: <br /><br />-RIPv2 - "router rip", "version 2", "network 10.0.0.0", "network 172.16.0.0", "no auto-summary". <br /><br />-EIGRP - "router eigrp 100", "network 10.0.0.0", "network 172.16.0.0", "no auto-summary". <br /><br />-IP unnumbered - another way to allow discontiguous networks to interconnect over a serial link. <br /><br />-The serial interface "borrows" an IP from another interface – <br />"conf t", "int serial 0", "ip unnumbered ethernet 0". <br /><br />-IP unnumbered is not supported on X.25 or SMDS (Switched Multi-Megabit Data Service) networks. <br /><br />-Because an unnumbered serial interface does not have an IP, you will not be able to ping it (but you can poll it with SNMP). <br /><br />-IP security options are not supported on an IP unnumbered interface. <br />- IP helper address - needed when UDP broadcasts are needed - DHCP or DNS packets. <br /><br />-Example: "conf t", "int serial 0", "ip helper-address 172.16.1.10" - serial 0 will forward UDP packets to 172.16.1.10. <br /><br />-You can have multiple IP helper addresses on an interface. <br /><br />-The first two bits of a class B network are "10". <br /><br />-Route summarization is primarily used in contiguous networks. <br /><br />-IP unnumbered does not work over X.25. You cannot ping an unnumbered interface. <br /><br />-If a host is 172.16.0.10/29, then the network is 172.16.0.8/29. <br /><br />-In a discontiguous network: use IP unnumbered, disable route summarization. <br /><br />-An IP address is most commonly represented in dotter-decimal or binary form.<br /><br />-Although OSPF is not proprietary, Cisco has modified it by adding more features to it. <br /><br />-OSPF uses Dijkstra's Shortest Path First (SPF) algorithm. <br /><br />-MPLS (Multi-Protocol Label Switching) supports only OSPF and IS-IS, which makes OSPF even more popular. <br /><br />-OSPFv1 (RFC 1131) never made it. OSPFv2 (RFC 2328) is what's used today. <br /><br />-Within OSPF, links = interfaces. <br /><br />-Advantages of OSPF: <br />Support of hierarchical network design through the use of areas<br />The use of link-state databases reduces the chance of routing loops <br />Full support of VLSM <br /><br />-Route summarization<br />decreases routing table size; Routing updates are sent only when needed;Use of multicast instead of broadcast,reduces BW and CPU utilization for devices not running OSPF;Support for authentication. <br /><br />-OSPF neighbor-another router with an interface in the same OSPF area. Neighbors are discovered via Hello packets. <br /><br />-DR == Designated router<br /><br />-(DR),arouter sending LSA's to adjacent routers (in a broadcast, multi-access area). <br /><br />-Backup designated router (BDR) - a hot standby of the DR. The BDR does not flood with LSA's while being a backup. <br /><br />-Internal router - has all of its interfaces in a single OSPF area. <br /><br />-Area border router (ABR)<br /><br />-ABR has multiple area assignments. An interface may belong to only one area. <br /><br />-Autonomous system boundary router (ASBR)<br /><br />-ASBR has an interface in an EIGRP (or other) AS. An ASBR can inject routes into OSPF. <br /><br />-Non-broadcast multi-access (NBMA) networks - Frame Relay, X.25, ATM. <br /><br />-Broadcast (multi-access) networks - Ethernet. Each broadcast network needs a DR and a BDR. <br /><br />-Point-to-point networks - Frame Relay or ATM. No DR/BDR is needed. <br /><br />-Router ID - the highest loopback address. If no loopbacks are present, the highest IP address. <br /><br />-OSPF operation phases: <br />Neighbor and adjacency initialization; <br />LSA flooding; <br />SPF tree calculation. <br /><br />-Neighbor and adjacency initialization - done via Hello packets. Hello packets are sent every 10 seconds. <br /><br />-A Hello packet uses a common OSPF header and contains: Router ID, Area ID, Authentication information (and other parameters). <br /><br />-Neighbor states: <br />Down - no Hello packets have been received from the neighbor; <br />Attempt (configured manually) - no updates have been received (in an NBMA network); <br />Init - Hello packets are coming in, but the router has not seen itself in them - no bi-directional communication yet; <br />2Way - The router has seen itself in the Hello packets - bi-directional communication has been established; <br />ExStart - master/slave relationship via DD (database description) packets. The router with the highest ID is the master; <br />Exchange - Routing information is exchanged using DD and LSR (link-state request) packets; <br />Loading - LSR packets are sent to neighbors to request new LSA's; <br />Full - All LSA information has been synchronized. <br /><br />-Requirements for establishing an adjacency with a neighboring router: <br />Two-way communication, established via the Hello protocol; <br />Database synchronization - via DD, LSR, and LSU (Link-State Update) packets. <br /><br />-Each non-designated OSPF router on a multi-access network forms 2 adjacencies - one with the DR and one with the BDR. <br /><br />-DR/BDR election procedure - there is a Cisco priority ID (default 1). Set it to 0 and you will exclude that router from election. <br /><br />-The router with the highest priority is elected to be a DR or BDR (or with the highest Router ID, if priorities are equal). <br /><br />- OSPF will not preempt for the DR - if a router with a higher priority/ID joins the network at a later time, it will not become a DR. <br /><br />-LSA Flooding - OSPF sends LSA's to one of these multicasts: <br />224.0.0.5 (AllSPFRouters); <br />224.0.0.6 (AllDR). <br /><br />-What happens when a router on the network detects a change: <br />The router multicasts LSA's to AllDR (224.0.0.6); <br />The DR router receives the LSA's, and then floods them to AllSPFRouters (224.0.0.5) out all interfaces; <br /><br />-Each SPF router acknowledges that the LSA's have been received. <br /><br />-There are two types of acknowledgements: <br />Explicit (type 5 OSPF packet) - the recipient sends an LSA packet back to the DR; <br />Implicit - the recipient sends the original LSA back to the DR. 2 ways to create an implicit <br /><br /><br /><br />-Acknowledgement: <br />Direct method - immediate send (if a duplicate LSA has been received, or LSA = MaxAge = 1 hour); <br />Delayed method - the acknowledgement is sent later together with other LSA's. <br /><br />-SPF Tree Calculation - done by each router. Two destination types are recognized - network, router (ABR/ASBR). <br /><br />-OSPF Metrics - cost. Cisco calculates cost via 10^8/bandwidth (a number between 1 and 65,535). <br /><br />-Cost can be manipulated by the command "ip ospf cost". <br /><br />- Non-Broadcast Multi-Access (NBMA) Environments - It is difficult to run OSPF on NBMA environments because there is no broadcast. <br /><br />-In NBMA environments, with extended configuration, OSPF can be made to simulate one of the following: <br />Broadcast - Hello = 10 sec, Dead Interval = 40 sec, DR/BDR are elected; <br />Configure broadcast - "conf t", "int serial 0", "ip ospf network broadcast". <br />Non-broadcast (default) - Hello = 30 sec, Dead Interval = 120 sec, DR/BDR are elected; <br />Configure non-broadcast - "conf t", "int serial 0", "ip ospf network non-broadcast", "neighbor <IP> priority <value>". <br /><br />-Point-to-point (via subinterfaces) - Hello = 10 sec, Dead Interval = 40 sec, DR/BDR are NOT elected; <br />Configure point-to-point - "conf t", "int serial 0", "ip ospf network point-to-point". <br /><br />-Point-to-multipoint - Hello = 30 sec, Dead Interval = 120 sec, DR/BDR are NOT elected; <br />Configure point-to-multipoint - "conf t", "int serial 0", "ip ospf network point-to-multipoint". <br /><br />-Simple OSPF configuration: <br />"conf t"; <br />"router ospf 1"-"1" is a unique process ID. <br />It allows for more than 1 OSPF process to run on the same router. <br />"network 172.16.10.5 0.0.0.0 area 0" – <br />the interface (link) with an IP of 172.16.10.5 is assigned to area0. <br />"network 172.16.20.0 0.0.0.255 area 0" – <br />the network 172.16.20.0/24 is assigned to area 0. <br /><br />-In a single OSPF area, there are no ABR's or ASBR's. <br /><br />-If there is an interface in another OSPF area, there will be an ABR. <br /><br />-If routes are being injected from EIGRP (or other protocols), there will be an ASBR. <br /><br />-sh ip ospf -OSPF summary,including processes,router ID,area assignments, authentication, and SPF statistics. <br /><br />-sh ip ospf 1 - summary for process ID 1. <br /><br />-sh ip ospf border-routers - displays ABR and ASBR information. <br /><br />-sh ip ospf database- displays the link-state database (link count, router ID). <br /><br />-sh ip ospf interface- displays OSPF parameters at the interface level. <br /><br />-sh ip ospf neighbor- displays neighbor and adjacency status. <br /><br />-A router ID is chosen based on the highest IP address from any loopback interface (or regular interface, if there are no loopbacks). <br /><br />-ip ospf cost -sets the default cost on an OSPF interface. Cost varies between 1 and 65535. <br />-According to Cisco, cost = 10^8 / bandwidth. <br /><br />-Broadcast networks have a DR/BDR assigned. Point-to-point networks don't. <br /><br />-224.0.0.5 is AllSPFRouters, 224.0.0.6 is AllDR. <br /><br />-All OSPF networks with more than one area must contain area 0.<br /><br />-Please note that the examples are NOT related. That is why "router ospf 1" was used in each case. <br /><br />-Configuring OSPF for NBMA Environment: Broadcast (full mesh required): <br />"conf t" <br />"int serial 0" <br />"ip ospf network broadcast" <br />"encapsulation frame-relay" <br />"frame-relay map ip 172.16.11.2 102 broadcast" <br />"frame-relay map ip 172.16.11.3 103 broadcast" <br />"frame-relay map ip 172.16.11.4 104 broadcast" <br />"exit" <br />"router ospf 1" <br />"network 172.16.11.0 0.0.0.255 area 0" <br /><br />-Configuring OSPF for NBMA Environment: Non-broadcast (all neighbors must be statically configured): <br />"conf t" <br />"interface serial 1" <br />"ip ospf network non-broadcast" <br />"encapsulation frame-relay" <br />"ip frame-relay map 172.16.25.10 210 broadcast" <br />"ip frame-relay map 172.16.25.11 211 broadcast" <br />"ip frame-relay map 172.16.25.12 212 broadcast" <br />"exit" <br />"router ospf 1" <br />"neighbor 172.16.25.10 priority 1" <br />"neighbor 172.16.25.11 priority 1" <br />"neighbor 172.16.25.12 priority 1" <br />"network 172.16.25.0 0.0.0.255 area 0" <br /><br />-Configuring OSPF for NBMA Environment: Point-to-multipoint (a spin-off from point-to-point): <br />"conf t" <br />"interface serial 2" <br />"ip ospf network point-to-multipoint non-broadcast" <br />"encapsulation frame-relay ietf" <br />"frame-relay local dlci 300" <br />"frame-relay map ip 172.16.26.12 312 broadcast" <br />"frame-relay map ip 172.16.26.13 313 broadcast" <br />"exit" <br />"router ospf 1" <br />"neighbor 172.16.26.12 priority 1" <br />"neighbor 172.16.26.13 priority 1" <br />"network 172.16.25.0 0.0.0.255 area 0" <br /><br />-Although IGRP and EIGRP are proprietary, Cisco has licensed IGRP to be used on Compaq and Nokia equipment. <br /><br />-Distance-vector protocol scalability issues - convergence time, router overhead (CPU and memory), bandwidth utilization. <br /><br />-Link-state protocols - they scale better. They peer via Hello packets (every 10 seconds or so), and only use incremental updates. <br /><br />-If there are no network changes, link-state updates are sent every 30 minutes to 2 hours - "paranoid updates". <br /><br />-IGRP was created in the mid-80s to replace RIPv1. IGRP uses a composite metric - bandwidth, delay, reliability,load. <br /><br />-Default maximum hop count for IGRP is 100, but that can be incremented to 255. <br /><br />-Common IGRP problems - Cisco proprietary, classful (does not scale well). <br /><br />-IGRP recognizes three types of routes: <br />Interior - networks directly connected to a router interface <br />System - routes advertised by other IGRP neighbors within the same AS <br />Exterior - routes learned via IGRP from a different IGRP AS <br /><br />-Some IGRP features - configurable metrics, triggered updates, hold-down updates, unequal-cost load balancing. <br /><br />-IGRP timers: <br />update timer = 90 seconds. IGRP uses a random factor of 20%, so the actual update timer is between 72 and 90 seconds. <br />invalid timer = 3 x update timer = 270 seconds. <br />flush timer = 7 x update timer = 630 seconds. <br />hold-down timer = 3 x update timer + 10 = 280 seconds. Hold-down timers can be disabled in a loop-free environment. <br /><br />-Set various timers<br />conf t <br />router igrp 50 <br />timers basic <update> <invalid> <holddown> <flush> [sleeptime]. <br />Example: "conf t", "router igrp 50", "timers basic 50 150 160 350". <br /><br />-Disable hold-down timers in a loop-free environment:<br />conf t <br />router igrp 50 <br />no metric holddown. <br /><br />-IGRP uses the Hellman-Ford algorithm. With IGRP: metric = bandwidth + delay. <br /><br />-IGRP weight values and corresponding metrics- K1(bandwidth),K2(delay),K3(reliability),K4(load), K5(MTU). <br /><br />-Change default K values - "conf t", "router igrp 50", "metric weights 0 <K1> <K2> <K3> <K4> <K5>". <br /><br />-Change the default IGRP administrative distance (100) - "conf t", "router igrp 50", "distance <1-255>". <br /><br />-Setting a default metric - "conf t", "router igrp 50", "default-metric <bandwidth> <delay> <reliability> <load> <MTU>". <br /><br />-Set the number of maximum paths for IGRP load balancing - "conf t", "router igrp 50", "maximum-paths 5". Default is 4. Max is 6. <br /><br />-Set the variance - "conf t", "router igrp 50", "variance 2". Default is 1. <br /><br />-Feasible successor - a route with metric < lowest metric * variance. <br /><br />-Route redistribution - routes known to one protocol are shared with another protocol. Redistribution can be one-way or mutual. <br />Example: Router1 (IGRP 100) <--> Router2 (IGRP 100, EIGRP 150) <--> Router3 (EIGRP 150). Redistribution is done on Router2. <br />Redistribution will automatically occur between IGRP and EIGRP with the same AS number. <br /><br />-Configuring IGRP - "conf t", "router igrp 20", "network 192.168.1.0". <br /><br />-Send unicast updates to a particular neighbor - "neighbor 192.168.1.10". <br /><br />-Prevent an interface (usually WAN) from broadcasting IGRP - "passive-interface serial 0". <br /><br />-Tip: Do not adjust IGRP (or any other) timers, unless you have a good reason to do it. <br />-Verify IGRP route information - "sh ip route", "sh ip route 192.168.1.0". Learned IGRP routes show as "I". <br /><br />-A good way to display routing protocol information - "sh ip protocols" (execute from enable mode). <br /><br />- Show MTU, bandwidth, reliability, load, etc - "show interface serial 0". <br /><br />- Debug IGRP on two different levels - "debug ip igrp events" (brief), "debug ip igrp transactions" (detailed). <br /><br />- To see debug output, you need to have logging enabled - "conf t", "logging console" (or "logging on" for all destinations). <br /><br />-Disable debugging - "undebug all". <br /><br />-EIGRP has many improvements over IGRP. EIGRP uses a different algorithm - DUAL (Diffusing Update Algorithm). <br /><br />-EIGRP is a hybrid protocol.It converges rapidly, and only sends incremental updates. <br /><br />-IGRP AD = 90. <br /><br />-Main EIGRP components: <br />Support for IP, IPX, and Appletalk at the same time, via PDMs (protocol-dependent modules). <br />Reliable Transport Protocol (RTP). <br />Neighbor Discovery/Recovery. <br />Diffusing Update Algorithm (DUAL). <br /><br />-Route tagging - you can have multiple AS numbers on a single router. They function like separate routing domains. <br /><br />-Route redistribution -when routes are redistributed from AS to AS,they are tagged as ext. EIGRP <br /><br />-Ext. EIGRP routes (AD = 170). <br /><br />-EIGRP uses Hello packets to establish neighbor relationships with other routers (link-state quality). <br /><br />-The only time when EIGRP advertises its entire routing table is when two neighbors start to communicate. <br /><br />-EIGRP sends multicast Hello packets (instead of broadcast) every 5 seconds. The target is 224.0.0.10. <br /><br />-X.25, frame relay,and ATM (if equal or slower to a T1),a Hello packet will be unicast every 60sec. <br /><br />-IGRP uses 24-bit updates, and EIGRP uses 32-bit updates. <br /><br />-EIGRP supports up to 6 redundant paths. The path with the lowest metric is the successor and is added to the routing table. <br /><br />-Any route that has an AD lower than the successor's feasible distance,will become a feasible successor route. <br /><br />-EIGRP uses the same metrics as IGRP-bandwidth,delay,reliability,load.By default,only bandwidth and delay are used. <br /><br />-EIGRP has a protocol type of 88. <br /><br />-EIGRP implements "pacing" to prevent routing updates from consuming too much bandwidth.Default is 50% of the interface bandwidth. <br /><br />-Adjust pacing -"conf t", "interface serial 0", "ip bandwidth-percent eigrp 20" (decrease to 20%). <br /><br />-DUAL speeds up convergence by recalculating routes only when it needs to. <br /><br />-Three reasons for DUAL to start recalculating (if a feasible successor is not found after a change). <br />An alternate route is not found. <br />The new best route still goes through the original successor. <br />The new best route doesn't go through a feasible successor. <br /><br />-SIA (Stuck in Active)<br /><br />-If after a change no alternative route is found within 3 min,the current route ll be marked SIA<br /><br />-The following databases exist for each type of EIGRP (IP-EIGRP, IPX-EIGRP, AT-EIGRP): <br />route database; <br />topology database; <br />neighbor table. <br /><br />-EIGRP weight values and metrics (same as IGRP) <br />K1 (bandwidth), K2 (delay), K3 (reliability), K4 (load), K5 (MTU). <br /><br />-EIGRP tuning (same as IGRP) - "metric weights ...", "distance ...", "default-metric ..." <br /><br />-Set the Hello timer per interface for 20sec <br />"conf t", "int serial 0", "ip hello-interval eigrp 100 20" (for 20 seconds). <br /><br />-Set the hold-timer per interface for 50sec<br />"conf t", "int serial 0", "ip hold-time eigrp 100 50" (for 50 seconds). <br /><br />-Default EIGRP hold timer = 3 x Hello timer. So, it is 180 seconds for slow networks and 15 seconds for all others. <br /><br />-When you redistribute EIGRP (with VLSM) into IGRP, you need to summarize routes at the classful IP boundaries. <br /><br />-Configure EIGRP – "conf t", "router eigrp 100", "network 192.168.1.0". <br /><br />-Disable automatic route summarization at classful boundaries - "no auto-summary". <br /><br />-Define manually a summary address on an interface – <br />"conf t", "int serial 0", "ip summary-address eigrp 100 <address> <mask>". <br /><br />-Example: We have 172.20.128.0/24 and 172.20.192.0/24 – <br />"ip summary-address eigrp 100 172.20.128.0 255.255.128.0". <br /><br />-EIGRP supports authentication, while IGRP does not. <br /><br />-Verify EIGRP route information - "sh ip route", "sh ip route eigrp", "sh ip route 20.0.0.0". Learned EIGRP routes show as "D". <br /><br />-Routing protocol info:"sh ip eigrp topology","sh ip eigrp topology 192.168.1.0","sh ip protocols","sh ip eigrp interfaces". <br /><br />-Neighbor info-"sh ip eigrp neighbor","sh ip eigrp neighbor detail". <br /><br />-Log any changes that happen to a neighbor- <br />"conf t", "router eigrp 100", "eigrp log-neighbor-changes". <br /><br />-Debugging EIGRP – <br />"debug eigrp neighbors", "debug ip eigrp" (protocol info), "debug eigrp packets" (detailed). <br /><br />-Monitor EIGRP -sh ip eigrp traffic (summary), sh ip eigrp events (full log). <br />-The neighbor table uses the following timers:<br />SRTT (smooth round-trip timer), RTO (retransmission timer), and hold-down. <br /><br />-If there are no feasible successors and only one link to a destination, that link will always be in PASSIVE mode. <br /><br />-Link-state protocols do NOT use a composite metric (except EIGRP, which is a hybrid and considered distance-vector by Cisco). <br /><br />-"passive-interface" is used to stop an interface from sending or receiving routing updates. <br /><br />-Route redistribution may cause ALL of the following problems: <br />non-optimal route choices; <br />slow convergence; <br />routing loops. <br /><br />-Bydefault,IGRP can use up to 4 links to load-balance.This setting can be manually increased to6.<br /><br />-NAT Sim<br />Router#config t<br />Router(config)#access-list 5 permit 10.30.50.0 0.0.0.255<br />Router(config)# ip nat inside source list 5 interface s0 overload<br />Router(config)#ip nat inside source static 10.30.50.5192.168.212.5<br />Router(config)#int s0<br />Router(config-if)#ip nat outside<br />Router(config-if)#exit<br />Router(config)#int e0<br />Router(config-if)#ip nat inside<br />Router(config-if)#<Ctrl-Z><br />Router#copy running start<br /><br />Router#show ip nat statistics<br />Total active translations: 3 (2 static, 1 dynamic; 1 extended)<br />Outside interfaces:<br /> Ethernet0/0<br />Inside interfaces:<br /> FastEthernet0/0, FastEthernet0/1<br />Hits: 2628 Misses: 44<br />Expired translations: 37<br />Dynamic mappings:<br />-- Inside Source<br />access-list 15 pool NATPOOL refcount 1<br /> pool NATPOOL: netmask 255.255.255.0<br /> start 172.16.1.100 end 172.16.1.150<br /> type generic, total addresses 2, allocated 1 (50%), misses 9<br /><br />Router#show ip nat translation verbose<br />Pro Inside global Inside local Outside local Outside global<br />icmp 172.16.1.100:21776 192.168.1.10:21776 172.18.3.2:21776 172.18.3.2:21776<br />192.168.3.2:4235<br /> create 00:00:36, use 00:00:36, left 00:00:23, flags: extended<br />tcp 172.16.1.100:1029 192.168.1.10:1029 172.18.3.2:23 172.18.3.2:23<br /> create 00:00:15, use 00:00:13, left 00:00:46, flags: extended, timing-out<br />--- 172.16.1.10 192.168.1.15 --- ---<br /> create 1d00h, use 00:23:08, flags: static<br />--- 172.16.1.11 192.168.1.16 --- ---<br /> create 1d00h, use 00:15:28, flags: static<br />Router#<br /><br />-Cisco routers include a simple but useful debug facility for NAT. The basic form of the command is debug ip nat:<br />Router#debug ip nat<br /><br />-You can also add the detailed keyword to this command to get more information on each NAT event:<br />Router#debug ip nat detailed<br /><br /><br />-Subnetting<br />Got this off another site but it's useful here also: To remember the subnetting tables all you have to do is start with "4" and double it until you get to "16384" Write them downward on a sheet of paper and when you are done just subtract 2 from each number. <br />ie: 4 = 2 , 8 = 6 , 16 = 14 , 32 = 30 , 64 = 62 <br />once you have done that all you need to do is reverse the order of all the numbers going back up the sheet (subnets hosts) :(2 62) (6 30) (14 14) (30 6) (62 2) See how the numbers flip flop between each column? My example is for class C but it works for class B just the same. Once you have the subnet/host numbers written out, just remember the following numbers .192, .224, .240, .248, .252 <br />class C: <br />sub hosts <br />.192 /26 2 62 <br />.224 /27 6 30 <br />.240 /28 14 14 <br />.248 /29 30 6 <br />.252 /30 62 2 <br /><br />The numbers with a slash (ie /26) are just short hand ways of writing out subnets. They can be really confusing if you are trying to learn subnetting for the first time. Just rember that ip addresses are made up of 32 bit addresses, or /32. These 32 bit addresses are broken down into class A,B, and C. class B are from /18 to /30 and class C go from /26 to /30. The reason the numbers don't go up to /32 are because it goes against the rules of subnetting (according to Cisco), I don't have any other reason why. You need to memorize this stuff!!! When I went to work I jotted notes all over my desk and tool boxes just so I would see it all the time. <br /><br />Here is the class B example: <br />(1). start with 4 and double it till 16384: 4, 8, 16, 32, 64, 128, 256, 512, 1024, 2048, 4096, 8192, 16384. <br /><br />(2). subtract 2 from each number: 2, 6, 14, 30, 62, 126, 254, 510, 1022, 2046, 4094, 8190, 16382. <br />(3). write them downward on a sheet of paper and then write them back up in reverse order: <br />2 16384 <br />6 8190 <br />14 4094 <br />30 2046 <br />62 1022 <br />126 510 <br />254 254 <br />510 126 <br />1022 62 <br />2046 30 <br />4094 14 <br />8190 6 <br />16382 2 <br />(4) Finally you just have to add the net number to your list... Rember these numbers: .192.0 (/1) .224.0 (/19) .240.0 (/20) .248.0 (/21) .252.0 (/22) .254.0(/23) .255.0 (/24) .255.128 (/25) .255.192 (/26) .255.224 (/27) .255.240 (/28) .255.248 (/29) .255.252. (/30) <br /><br /><br />-ES-IS Discovery protocol == ip arp like.<br /><br />-Level0 routing between ES’s and Iss in the same subnet. <br /><br />-Level1 routing happens between Ises in same area.<br /><br />-Level2 routing happens between different areas within same domain.<br /><br />-ISH=Intermediate System Hello.<br /><br />-ISIS = Dynamic Link State Protocol for the OSI protocol stack, for routingCLNP data for the ISO CLNS environment.<br /><br />-Integrated ISIS == Implementation of the ISIS protocol for routing multiple N/W protocols.<br /><br />-Area Border OR Boundary between areas is in the Link instead of routers as in OSPF.<br /><br />-Lans have DIS: designated intermediate system.<br /><br />-OSI Addressing : OSI Addresses are called Network Service Access Points (NSAP).<br />LSP, Hello PDU’s and other routing PDU’s are in OSI format hence every ISIS router requires OSI addresses.<br /><br />-OSI-Adr:<br />AFI = Authority and Format Id = I Byte<br />IDI = Interdomain Id = Upto 10 bytes<br />IDP = Interdomain Part<br />When NSEL = 0 NSAP= NET (Network Entitiy Title).<br />DSP = Domain Specific Part.<br />Total Length of ISIS address = 8~20 Bytes.<br />AFI = 49 = Private Addresses.<br />AFI = 39 = ISO Data Country Code<br />AFI = 47 = ISO international Code designator.<br />Customary Length of Area Ids = 3 for Cisco.<br />OSI Address is assigned to a Device and not an interface.<br />Cisco IOS fixes system ID as 6 bytes preceding the 1 byte NSAP Selector.<br /><br />-SNPA = Subnetwork point of attachment = MAC for Lans, VC for X.25 and ATM, the DLCI for Frame and HDLC for HDLC.<br /><br />-Circuit ID = Interface are uniquely identified by Ckt Id, the Rtr assigns a one octet Ckt.Id to each I/F as follows:in the case lf a Lan I/F the ckt id is tagged to the end of the sys id.<br /><br />-There are 4 general types of ISIS packets for routing maintenance:<br />LSP – Used to distr. LS info, <br />Hello PDU (ESH, ISH, IIH) for maintaining adjacencies, <br />PSNP used to acknowledge and request LS info, <br />CSNP Complete sequence number PDU used to distribute complete LS Database. Every 10seconds, elected due to highest priority on interface and then highest Mac addr.<br /><br />-LSP lifetime counts down from 1200s to 0. LSP Refresh interval = 15 minutes.<br /><br />-LSP fields = LSPId, PDU Type, Neighbor, Auth, IP Subnets.<br /><br />-ISIS Metric = Cost = 1~63 Default = 10.<br />-Hello PDUs= Every 10s. Neighbor Down in 30s.<br /><br />-OSI Forwarding DB == CLNS routing table.<br /><br />-PRC= Partial Route Calculation.<br /><br />-DIS election : On Lan Level1 and Level2 PDUs are used to establish adjacencies.<br /><br />-On PointToPoint there is a common IIH format PDU and the same one is used for Level1 and Level2. The routers’ interface priority determines the DIS, and if all are equal highest Mac address-ed node is chosen as the DIS.<br /><br />-Admin Distance for ISIS IP = 115<br /><br /><br />-ISIS Troubleshooting Commands:<br />router(config)#clns host <name> <nsap> (creates clns host name table entries like ip host and this will turn the display of many troubleshooting commands more readable)<br /><br />-show isis topology [<nsap>] [level-1] [level-2] == <br />list of the least cost paths to all connected routers == system id, metric to destination, next-hop router, interface through which next hop is reached and the SNPA of the next hop.<br /><br />-show clns route [<nsap>] == displays ISIS level 2 routing table.<br /><br />-show isis route == shows level 1 route to isis neighbors == system id, next-hop, interface, snpa, metric state<br /><br />-show clns protocol == ISIS process tag, System ID, Level types, area id, Interfaces using ISIS for routing IP/CLNS, redistribution, CLNS Administrative Distance. <br /><br />-show clns interface == Routing protocol, circuit-type, Metric,…<br /><br />-show clns neighbors == system-id, Interface, SNPA, State, Holdtime, Level Type, protocol<br /><br />-show clns is-neighbors<br /><br />-show isis database<br /><br />-which-route <nsap><br /><br />-ISIS Config:<br />router(config)# router isis [tag]<br />router(config-router)# net <net> == <br />Give a network entity title to the router<br />router (config-interface)# ip router isis == <br />enables interface for level1 and level2 routing unless the global is-type command was used earlier.<br />router(config-router)# is-type {level-1 | level-1-2 | level-2-only} == <br />enables router for a certain level of routing.<br />router (config-interface)# isis circuit-type {level-1 | level-1-2 | level-2-only} == <br />on an interface force a certain level only behavior.<br />router (config-interface)# isis metric <default-metric> {level-1 | level-1-2} == <br />default value is 10 and can be 0~63 (defines cost of the link).<br />router(config-router)# summary-address <addr> <mask> {level-1|level-1-2 | level-2}<prefix> <mask><br />router (config-interface)# isis priority <value> {level-1 | level-2} == <br />default = 64, range 0~127 (for DIS election)<br /><br /><br />-BGP Uses TCP port 179<br /><br />-(BGP)Private AS range = 64512 --> 65535 (RFC 1930)(1024 AS-es)<br /><br />-BGP Attributes = <br />WO MD TN == to remember Wyoming, Maryland ,Tennessee (except Wyoming in WY(ignore that for now)) === WellKnown/Optional,Mandatory/Discretionary,Transitive/Non-Transitive<br />WM=WellKnown Mandatory Required and Recognized by all BGP implementations.<br />WD = WellKnown Discretionary == Not present in all BGP update messages, if present all routers will act on the information contained.<br />OT = Optional Transitive == A Rtr might not recognize this attr., so if it does not it marks it as partial and passes it on.<br />ON = Optional NonTransitive == These are NOT transmitted to BGP Peers. If a router does not recognize them it ignores them.<br />WM == As-Path, Next-Hop, Origin<br />WD ==LocalPref, AtomicAggregate<br />OT == Can be partial; Aggregator, Community<br />ON == MED, OriginatorID<br />Cisco Defined = Weight<br />As-path = a,b,c (a is first hop next as to go to, b is next and so on)<br />Origin = WM, Lower Preferred == IGP<EGP<Incomplete (gives weight of source of AS path)<br />MED = ON (Optional NonTransitive)=Lower Preferred, def = 0. To influence external AS-es on selecting appropriate entry ino the AS. MED is not passed beyond neighbor AS.<br />LocalPref = WD, Higher preferred, def = 100. Local to AS and not sent to EBGP peers.<br />Community = OT, ability to tag routes that have something in common.<br />Weight = Cisco Only = 32768 = def for locally originated, others=0, higher preferred. Used for local to this router routing policy only.<br />Route Selection preference ==> highest Weight, highest Local pref, shortest as-path, lowest origin code, lowest med.<br />Atomic Aggregate Attribute: WD, indicates to neighbor AS that originator has aggregated routes.<br />Aggregator = OT = BGP Router ID and AS # of router that performed the route aggregation.<br /><br /><br />-BGP Rules: <br />(Learn these 3 rules, the test has these mingled and to understand the fine differences will be great advantage)<br />Synchronization Rule: A BGP router should not use or advertise to an external (EBGP) neighbor a router learned by IBGP, unless that route is local or is learnt from IGP. Only if all routers in the transit path in the AS are running BGP is it safe to turn synchronization off. Use no synchronization (router config) command to turn synch off, this command will aloow a rtr to use and advert to ebgp neighbor routes learnt by ibgp before learning them from IGP.<br />Split Horizon Rule: Causes the need for RouteReflectors: Routes Learnt from ibgp WILL not be advertised to ibgp peers.<br />Next Hop Rule : For IBGP: next hop advertised by EBGP should be carried into IBGP. For EBGP, the next hop is the ip address of the neighbor that sent the update.<br /><br /><br />-BGP RouterID == same as OSPF RouterID, highest I/F address OR Loopback Address is used.<br /><br />-BGP Operation:<br />BGP Message Types == Open, Keepalive, Update, Notification (for errors/special conditions, closes connection immediately).<br />BGP Peers will exchange full BGP routing tables. Then incremental.<br />Open Message == Version, my AS, hold time, BGP Id, Optional Params (Authentication).<br />Update message has info on one path only == Withdrawn Routes, Path Attributes, NLRI (Network Layer Reachability Info) list of prefixes reachable via this path.<br />BGP Neighbor states == Idle, Connect, Active, OpenSent, OpenConfirm, Established.<br />In Established === update, keepalive, and notification messages are sent.<br />Keepalive == 19 bytes/60 seconds, Other messages == 19~4096 bytes. Def Hold time = 180 s.<br /><br /><br />-Route Selection :<br />Do not consider unsynched internal paths.<br />next hop not reachable – do not use.<br />highest weight<br />highest localpref<br />Orig by local router<br />shortest as-path<br />lowest origin code IGP < EGP < incomplete<br />Lowest MED<br />EBGP over IBGP.<br />if only internal paths remain, prefer lowest cost next hop.<br />Else Ebgp select oldest route <br />Lowest neighbor bgpid.<br />lowest neighbor ip address.<br />BGP only chooses a single path per destination.<br /><br /><br />-BGP Commands:<br />router(config)# router bgp <as-#><br />router(config-router)# neighbor {<ip-addr>|<peer-grp>} remote-as <as-#><br />router(config-router)# neighbor {<ip-addr>|<peer-grp>} shutdown<br />router(config-router)# no neighbor {<ip-addr>|<peer-grp>} shutdown<br />router (config-router)#neighbor <ip-addr> update-source loopback <interface-number><br />in the above we are indicating that update source on this router is the loopback <interface-number><br />router (config-router)#neighbor {<ip-addr>|<peer-grp>} ebgp-multihop [<ttl>]<br />(use the above command in case the ebgp peers are not directly connected) (ttl in above defaults to 255)<br />router (config-router)#network <network-number> [mask <nw-mask>]<br />the list of network commands must include all networks in your AS that you want to advertise. Note the above network/mask must match exactly an entry in the routing table.<br />router (config-router)#neighbor {<ip-addr>} next-hop-self<br />allows an ibgp peer to receive EBGP paths with next hop set to the IBGP peer.<br />router (config-router)#no synchronization<br />disables synchronization.<br /><br />-BGP route summarization:<br />router (config-router)#aggregate-address <ip-address> <mask> [summary-only] [as-set]<br />the networks being aggregated must be in the BGP table.<br /><br />-Resetting bgp:<br />Clear ip bgp {* | <addr>} [soft [in |out]<br /><br />-Route Reflectors: BGP split horizon: routes learnt via IBGP are never propagated to other IBGP peers.<br /><br />-RRs : modify BGP SH by allowing RRs to propagate to IBGP clients routes learned by IBGP, except those learned from the client itself.<br /><br />-RR Operation:<br />Update from Client Peer: send update to all non-client peers and to client peers (except originator).<br />Update from Non-Client IBGP Peer: send update to all client peers.<br />Update from EBGP peer: send update to all non-client peers and to client peers.<br />router (config-router)#neighbor <ip-addr> route-reflector-client<br /><br />-prefix lists:<br />better than ACLs as they allow incremental changes and deletion of individual lines.<br />Router(config)#ip prefix-list <list-name> [seq <seq-value>] {deny | permit} <network>/<Len> [ge <ge-value>] [le <le-value>]<br />router (config-router)#neighbor {<ip-addr> | <peer-grp-name>} prefix-list <pref-lname> {in | out}<br /><br />-To set weight attribute:<br />router (config-router)#neighbor {<ip-address> | <peer-grp>} weight <weight> <br />-To set default local preference value to something other than 100<br />router (config-router)#bgp default local-preference <value><br /><br />-BGP and route-maps:<br />Router bgp 65500<br /> Neighbor 1.1.1.1 route-map toright in<br />Ip prefix-list customer permit 172.16.0.0/16<br /><br />Route-map toright permit 10<br /> Match ip address prefix-list customer<br /> Set localpreference 800<br /><br />-Troubleshooting BGP:<br />Show ip bgp ===BGP Table Version,local router ID, Network, Next Hop, Metric, LocPrf, Weight, Path<br />Show ip bgp <nw-number> === Paths, number of paths, Advertised to peers, <br />Show ip bgp summary === BGP table version, main routing table version, # of network entries, # of paths, Neighbor, version, AS, messages received, messages sent, Table version, input Q, output Q, Up/Down for, State/Prefixes received.<br />Show ip bgp neighbors === neighbor ip, remote-as, type of link, bgp version, neighbor router id, BGP state, table version, up for, hold time, keepalive interval, received message count, number of notifications, number queued, sent messages, sent notification count, sent queue depth, # of prefixes advertised, last reset and reason for reset.<br />The above command is also used to show RR clients.<br />Show ip prefix-list [detail | summary]<br /><br />-Admin distance table:<br />Connected And Static to an interface = 0<br />Static Next hop = 1/Eigrp summary = 5/Ext bgp = 20/Int eigrp = 90/Igrp = 100/Ospf = 110/Is-Is =115/Rip = 120/Egp = 140/Ext eigrp =170/Int bgp = 200/Unknown = 255<br /><br />-To change the administrative distance of a routing protocol:<br />Router(config-router)#distance <weight> [<network> <wildcard>] <br />For a static route we can use:<br />Router(config)#ip route <network> [<mask>]{<address>|<interface>}[<distance>][tag<tag>] [permanent]<br /><br />-Remember core and edge protocols in reference to redistribution.<br />If 2 way distribution is unavoidable, use the following techniques to prevent loops and sub-optimal path selection:<br />Metric modification, admin dist modify, distribution lists.<br />Methods to control routing information:<br />Passive I/F, static routes, default routes, null interface, distribute lists, route maps.<br />Passive I/F: does not participate in routing: RIP & IGRP will listen but not send. OSPF and EIGRP does not listen or send.<br />Default Seed Metric: (2 ways: 1 default-metric command under routing process OR metric in redistribute command)<br />Rip,igrp,eigrp = infinity, isis=0, ospf=20(typeE2), but bgp routes are 1(typeE2).<br /><br />-Redistribution syntax:<br />router(config-router)#redistribute <protocol> [<process-id>] {level-1 | level-1-2 | level-2} [metric <metric-value>] [metric-type <type-value>] [match {internal | external 1 | external 2} [tag <tag-value] [route-map <map-tag>] [weight <weight>] [subnets]<br />level-1, level-1-2 and level-2 in above are for isis routes being redistributed.<br />Metric in above should be used OR default metric declared for redirtibution.<br />metric-type value = 1 or and is relevant only when distributing into ospf.<br />match when redistributing ospf into other routing protocols, enables internal, e1 or e2 routes only into the protocol redistributed into.<br />weight is only relevant when redistributing into bgp.<br />Subnets for redistr into ospf used to bring subnets of classful networks in.<br /><br /><br /><br />-Modifying Default Metric:<br />router(config-router)#default-metric <number> <br />use above command to redistribute into all except eigrp and igrp.<br />router(config-router)#default-metric <b> <d> <r> <l> <m><br /><b> bandwidth in kbps/ <d> delay in tens of microseconds/<r> reliability 0-255 (255 most reliable)<br /><l> loading 0-255 (255 = 100% loaded)/<m> mtu max packet size along the path/<br />use the above for igrp and eigrp to set the default metric for redistribution.<br /><br />-Modifying Administrative distance:<br />To change the administrative distance of a routing protocol:for eigrp:<br />router(config-router)#distance eigrp <internal-distance> <external-distance><br /><br />-Modifying Administrative distance:<br />To change the administrative distance of a routing protocol:for others except eigrp and bgp:<br />router(config-router)#distance <weight> [<addr> <mask>] [<acl-# | acl-name>] [ip]<br /><br />-Modifying Administrative distance:<br />To change the administrative distance of a routing protocolfor bgp<br />router(config-router)#distance bgp <ext-dist> <int-dist> <local-dist><br /><ext-dist> this distance parameter is for routers from other as-es.<br /><int-dist> this is for routes learnt from another bgp entity within the AS.<br /><local-dist> those for networks listed with a network command.<br /><br />-Passive interface config ===<br />Router(config-router)#passive interface <type> <number><br /><br />-Default Route<br />Router(config)#ip route 0.0.0.0 0.0.0.0 s1<br />RIP will advertise the above automatically as a default route.<br /><br />-Router(config)#ip default-network <network><br /><network> is the number of the destination network. This command has no functionality for the router it is configured in.<br /><br />-Filtering<br />router(config-router)#distribute-list {<acl-#> | <acl-name>} in [<I/F type> <I/F number>]<br />router(config-router)#distribute-list {<acl-#> | <acl-name>} out [<I/F type> <I/F number> | <routing-process> | <as#>]<br /><br /><br />-Route Maps:Used to control redistribution, implement policy based routing, control NAT and to implement BGP policy.Static routes forward packets based on destination n/w address. PBR routes based on source address or if using extended acls, both source and destination addr.<br /><br />-router(config)#route-map <map-tag> [{permit | deny} <seq-#>]<br /><br />-router(config-route-map)#match ip address [<acl-#> | <acl-name>] [...<repeat acl if needed>]<br />In the above if multiple acl’s are present then any one of them matching will result in a match.<br /><br />-router(config-route-map)#match length <min> <max><br />above matches length of ip packet<br /><br />-router(config-route-map)#set default-interface <type> <number> [… repeat I/F type and number]<br />The above default interface is used only if there is no explicit route in the rting table.<br /><br />-router(config-route-map)#set interface <type> <number> [… repeat I/F type and number]<br />The above forces the packet to take the first up interface in the list.<br /><br />-router(config-route-map)#set ip default next-hop <ip-addr> [… repeat ip-addr]<br />The above default next-hop is used only if there is no explicit route in the rting table.<br /><br />-router(config-route-map)#set ip next-hop <ip-addr> [… repeat ip-addr]<br />use the first available next hop in above command<br /><br />-router(config-route-map)#set ip precedence <precedence><br />Set precedence bits in TOS field by above command<br /><br />-router(config-route-map)#set ip tos <type of service><br />Set TOS value in TOS field by above command to use the route map<br /><br />-router(config-if)#ip policy route-map <map-tag><br />router(config-if)#ip local policy route-map<br />To use route-maps on packets generated locally<br /><br /><br />-Fast switching of PBR:<br />router(config-if)#ip route-cache policy<br /><br />Using route-maps in redistribution commands:<br />router(config-route-map)#match interface (IP)::: distribute any routes that have their next hop out one of the I/F’s specified.<br />router(config-route-map)#match ip address [<acl-#> | <acl-name>] [...<repeat acl if needed>]<br />router(config-route-map)#match ip next-hop<br />router(config-route-map)#match ip route-source<br />router(config-route-map)#match metric<br />router(config-route-map)#match route-type (IP)<br />router(config-route-map)#match tag<br />router(config-route-map)#set level {level-1 | level-2 |level-1-2 | stub-area | backbone}<br />router(config-route-map)#set metric<br />router(config-route-map)#set metric-type {internal | external | type-1 | type-2}<br />router(config-route-map)#set tag <tag-value><br />router(config-router)#redistribute <protocol> [<proc-id>] [route-map <map-tag>]<br /><br />-NAT<br />Interface determine which will be inside and outside, selection is similar to Firewalls.<br />router(config-interface)#ip nat {<inside>|<outside>}<br /><br />-3types will be asked in exam: <br />Pool to Pool of addresses. <br />Static Nat. <br />All inside addresses converted to address of external interface of nat router.<br /><br />-To nat inside addresses to a pool of addresses on the outside:<br />router(config)#ip nat pool <name> <range1> <range2> netmask <mask><br />router(config)#ip nat inside source list <acl#> pool <pool name><br />router(config)#access-list <standard-acl#> permit <ip addr> <inverse-mask><br />example:<br />router(config)#ip nat pool test 172.16.131.2 172.16.131.10 netmask 255.255.255.0<br />router(config)#ip nat inside source list 7 pool test<br />router(config)#access-list 7 permit 10.10.10.0 0.0.0.31<br /><br />-To static nat:<br />router(config)#ip nat inside source static <inside address> <outside address><br />router(config)#ip nat inside source static 172.16.131.2 192.168.3.1<br /><br />-To overload:<br />router(config)#ip nat inside source list <acl-#> interface <type> <no> overload<br />router(config)#ip nat inside source list 7 interface serial 0 overload<br /><br />-Nat Terms:<br />Inside Local Ip Address: Valid ip address on inside.<br />Inside Global Ip Address: Inside ip address as it is known outside.<br />Outside Local Ip Address: Valid outside ip address as it is known inside.<br />Outside Global Ip Address: Valid outside ip address as it is known outside.<br /><br />-Troubleshoot Nat commands:<br />Show ip nat translations<br />Show ip nat statistics<br /><br />-Using route-maps in NAT:<br />Ip nat inside source route-map <map-name> pool <pool-name><br /><br />-EIGRP Terminology:<br />Neighbor Table === List of adjacent routers is same as neighborship/adjacency database in ospf.<br />Topology table = all learned routes.<br />Routing table = best entries from topology table.<br />Successor = primary route to destination is put in the routing table, multiple equals are allowed or if allowed by the variance command (more on this later).<br />Feasible successor = backup route to destination, multiples are allowed. S FD > FS’sFD<br /><br />-Topology table: Has all destinations advertised by neighboring routers. If a neighbor advertises a destination, it must be using that route, topology table also has a metric. The metric used locally is = sum of best metric from neighbor + metric to that neighbor.<br /><br />-Route selection: eigrp selects primary and backup route and injects them into the topology table(upto 6 per dest), the primary routes are then moved into the routing table.<br /><br />-Eigrp metric = igrp metric * 256 = 32 bits. Uses protocol number 88.<br /><br />-Eigrp metrics: <br />B=Bandwidth,D=Delay,R=Reliability,L=Loading,M=MTU<br />bldrm == k1,k2,k3,k4,k5; usually k2=k4=k5=0; Then Eigrp metric = (bandwidth + delay)*256.<br />BW in above is smallest displayed bandwidth divided into 10**7 ( that is kbps value divided into 10 ** 7)Delay in above is 10’s of microseconds = displayed microseconds divided by 10.<br /><br />-Use the metric weights command to change the k values, not recommended.<br /><br />-If the tests asks for the actual calculation using k1->k5 walk out of the test.<br /><br /><br /><br /><br /><br /><br />-Eigrp equation is complex but remember it for the sake of BSCI as follows:<br />B=Bandwidth,D=Delay,R=Reliability,L=Loading,M=MTU<br />BLDRM (use this acronym to remember :Build Room), associate constants K1 through K5 to each alphabet sequentially. And usually only K1=K3=1 and all others are zero. So Only Bandwidth and Delay are considered and Metric = Bandwidth + Delay.<br />The actual equation is:<br />Metric = K1*B + [(K2*B)/(256-L)] + K3 * D <br />Use the above if K5=0<br />If K5 Not=0 Metric = Metric from above *[K5/(R+K4)]<br /><br />-Eigrp packets:<br />Hello: used for neighbor discovery, multicasts, ack# in them is 0 means no need to acknowledge.<br />Update: update is sent to communicate routes that a router has used to converge. Sent as multicast and unicast, sent reliably.<br />Queries: if no feasible successor on a route that is under computation(active) queries are sent to neighbors as multicast reliably.<br />Replies: Response to a query, unicast, reliably sent.<br />ACK: for ack-ing queries, replies, updates. <br /><br />-If a hello packet from a neighbor is not received, then a topology change is effected, neighbor adjacency is deleted, all topology table entries learnt from that neighbor are removed.<br />Route being PASSIVE is good, ACTIVE means recomputing route.<br /><br />-Multicast address used is 224.0.0.10 for Update<br /><br />-RTP= reliable transport protocol. Supports multicast and unicast.<br /><br />-Hello interval = 5secs/60secs for multipoint serial and isdn bri.<br /><br />-Holdtime=time in secs(3*hello) a router will wait to hear from a neighbor before declaring it down.neighborship ok with different values of hello and hold, but k values must be the same.<br /><br />-Eigrp Routing:<br />AD = Advertised distance by neighbor.<br />FD = Feasible Distance = AD + Cost to neighbor.(Successor Route).<br />Next Hop Backup Path = Feasible Successor. To be a FS AD <= FD of Successor Route.<br /><br />-Configuring Eigrp:<br />router(config)#router eigrp <as-number><as-number> must match on all routers in the AS.<br />router(config-router)# network <nw-number> <wild card mask><br />router(config-interface)#bandwidth <bandwidth in kbps><br />the above value is used in metric computation<br />router(config-interface)#ip eigrp hello-interval <seconds><br />router(config-interface)#ip eigrp hold-time <seconds><br /><br />For summarization use:<br />router(config-router)#no auto-summary<br />router(config-interface)#ip summary-address eigrp <as-number> <address> <mask><br /><br />-EIGRP summary routes have an admin distance of 5.<br /><br />-EIGRP and WAN: eigrp will use upto 50% of defined bandwidth on an I/F or a sub-I/F. This number can be adjusted as follows:<br />router(config-interface)#ip bandwidth-percent eigrp as-number percent on multipoint interfaces eigrp uses the bandwidth statement of the physical interface divided by the number of neighbors to get the bandwidth for each neighbor<br /><br />-SIA ::: stuck in active is an eigrp phenomena when all outstanding queries are not replied for a route that went active.<br />router(config-router)#timers active-time [<time-limit>|disabled] (changes the time to receive replies to all outstanding queries from 3 minutes default)<br />router(config-router)#eigrp log-neighbor-changes<br />-router(config-router)#maximum-paths <number>router(config-router)#variance <number><br />if variance = x, then if x * current FD >= FD2 then FD2 is also used in load balancing, provided FD2 meets the AD < FD (through current FD)<br />router(config-rouer)#traffic-share {balanced | min}<br /><br />-Troubleshooting eigrp:<br />Show ip eigrp neighbors : shows the ip neighbor table ::: H=handle,I/F=interface through which neighbor can be reached, hold uptime=max time to wait, uptime, SRTT (smooth round trip time=ms for return of ACK), RTO ms to wait before retransmitting,Queue out=packets waiting to be sent, seq num = seq# of last update.<br /><br />-Show ip eigrp topology shows only successors and feasible successors=active/passive state of routes, # of successors, FD to dest.<br /><br />-Show ip eigrp topology all-links =shows all routes in topology table.<br /><br />-Show ip route eigrp = current eigrp entries in routing table.<br /><br />-Show ip protocols = parameters and current state of routing protocols: eigrp as#, filtering and redistribution information, neighbor and distance information.<br /><br />-Show ip eigrp traffic = eigrp packets sent and received, statistics of hello, update, queries, replies and ack.<br /><br />-RIPV2 uses: 224.0.0.9) <br /><br />-OSPF uses: 224.0.0.5 and 224.0.0.6.<br /><br />-EIGRP = 224.0.0.10<br /><br />-Fast Switching Vs Process switching.<br /><br />-OSPF:Uses protocol number 89.<br />All ospf routers=224.0.0.5<br />All DR=224.0.0.6<br /><br />-Time: Hello Dead<br /> ==== ====<br />Lan 10s 40s (4 times hello interval)<br />PTP 10s 40s<br />NBMA 30s 120s<br /><br /><br />-Hello Packet === RouterID, Hello Interval, Dead Interval, neighbors, AreaID, Router Priority, DR, BDR, Authentication Password, Stub Area Flag.<br /><br />-Neighborship database===All neighbors with whom bi-directional communication has been established<br /><br />-Links State DB === Topology DB = All routers in an area: a list of link-state entries of all routers in the area.<br /><br />-OSPF Header:<br />Type = Hello, DBD, LS Req, LS Update, LS Ack.<br />Auth Type = 0 for No Authentication, 1 = Clear Text, 2 = MD5<br /><br />-Adjacency = relationship between a router and DR, and a router and BDR, means the routers have synchronized Link State databases, meaningful only for routers sharing a common media segment.<br /><br />-DBD= Describes content of the topological DB.<br /><br />-Default OSPF priority = 1, 0 not eligible for DR/BDR, higher:more eligible for DR/BDR.<br /><br />-Highest active IP Address OR Loopback Address = Router ID.<br /><br />OSPF Startup:<br />Hello interval = 10s<br />Init === Router adds neighbor to neighbor list <br />2 Way === Router receives hello reply with its router id in neighbor’s reply.<br />EXSTART === DR BDR Election done. Exchange protocol begins.<br />Exchange state===DR/BDR communicate DBDs with each and every router in the segment.<br />Loading state===the process of the DR/BDR and router requesting LSA details and noting them in LS database.<br />FULL STATE=== DR/BDR have synchronized LS Database.<br />DBD === list of LSA Headers.<br />LSA header === LS Type, Address of advertising router, LSA Seq #.<br />LSA aging timer = 30 minutes.<br />Router reaction on receiving a LSU : if not present OR newer, store and ACK else if older send LSU to sender.<br /><br />-Link State AdvertisementTypes:<br />LSA 1: Router Link Entry== Generated by each router for each area it belongs Entry to.<br />Describes the states of the router’s link into the (O = OSPF)area.(Router Link States)<br />LSA 2: N/W Link Entry=== Generated by DRs in MA networks. Describes the(O = OSPF)set of routers attached to a particular network(Net Link States)<br />LSA3 or 4: Summary Link Entry==Type3 LSAs describeroutes to networks (IA-OSPF InterArea)in local area sent to backbone area(Summary Net Link States Type4 LSAs describe reachability and Summary ASB Link to ASBR States)Not Flooded into TS areas.Originated by ABRs flooded into backbone<br />LSA 5:AS External Link Entry Orig by ASBR, describes routes to (E1=OSPF Ext Type1)destination external to the AS.(E2=OSPF Ext Type2) Not Flooded into Stubby, TS and NSSA (AS External Link State)<br />LSA 7: NSSA AS External Link Orig by ASBR in NSSA, similar to type 5.Except they are Flooded only within the(N1-OSPF NSSA Ext Type1)NSSA. At ABR’s selected type 7(N2-OSPF NSSA Ext Type2)LSAs are translated into Type5 and flooded into the backbone<br /><br />-Cost of External routes: Type E1 = external cost + internal cost.<br />Type E2 = external cost only, is the default<br />Preference of OSPF routes: O, OIA, OE1, OE2.<br /><br /><br />-Configuring OSPF:<br />General OSPF commands:<br />router(config)#router ospf <process-id><br />router(config-router)#network <address> <wild-card-mask> area <area-id><br />show ip ospf interface gives router-id.<br />router(config-interface)#ip ospf priority <number> (number is 0-255, default=1,0 can’t be a DR/BDR) <br />router(config-interface)#ip ospf cost <cost> (cost = 1 to 65535)<br />(default cost of an interface is 10**8/BW in bits per second)<br />router(config-router)#auto-cost reference-bandwidth <reference-bandwidth> (this command allows the cost numerator for default cost from 10**8 to any other value)<br />router(config-router)#maximum-paths (changes from 4 to 6 maximum equal cost paths to balance load)<br />router(config-router)#timers spf <spf-delay> <spf-holdtime> (allows change of time that router waits before acting on an LSU(default 5), and time between 2 spf computations (default = 10s)) <br /><br />-OSPF in NBMA commands:<br />router(config-interface)#ip ospf network non-broadcast (default for Point To Multi Point subinterfaces)<br />router(config-interface)#ip ospf network point-to-multipoint<br />router(config-interface)#ip ospf network point-to-multipoint nonbroadcast<br />router(config-interface)#ip ospf network broadcast<br />router(config-interface)#ip ospf network point-to-point<br />router(config-router)#neighbor <ip-addr> [priority <pr-#>] [poll-interval <sec>] [cost <number>]<br /><br /><br /><br />-OSPF multi-area commands:<br />Virtual link command:<br />router(config-router)#area <area-id> virtual-link <router-id><br />router(config-router)#network <ip-addr> <wild-card-mask> area <area-id><br />router(config-router)#area <area-id> stub [no-summary]<br />COST of generated default route is 1 unless following is coded:<br />router(config-router)#area <area-id> default-cost <cost><br />router(config-router)#default-information originate [always] [metric <metric-value>] [metric-type <metric-type>] [route-map <map-name>] <br />above generates type E2 (default) 0.0.0.0 route.<br /><br />-Summarization in OSPF:<br />In the ABR: router(config-router)#area <area-id> range <addr> <mask><br />in the ASBR:router(config-router)#summary-address <addr> <mask> [<prefix> <mask>] [not-advertise] [tag <tag>] the not-advertise keyword prevents advertising the default routes that match the prefix and summary (this is a vague explanation from books, and I have taken them at their face value)<br /><br />-summary route cost = cost of summary route + cost to abr advertising the route.<br /><br />-External route cost = E1 = Cost of E1 route + cost to ASBR<br /><br />-E2 = Cost of E2 route only.<br /><br />-Troubleshooting OSPF:<br />Show ip ospf database === Router Link States: Link Id, Advertising Router, Age, Seq #, Checksum, Link Count, Network Link States, Summary Network Link States.<br />Show ip protocols === timers, filters, metrics, networks<br />Show ip route ospf === show only ospf routes<br />Show ip ospf interface === router id, timer-intervals, adjacencies, DR, BDR<br />Show ip ospf neighbor === neighbors, state(2/Way, drother, Full/DR, Full/BDR), DR<br />Show ip ospf === number of times spf algorithm has been executed<br />Show ip ospf border-routers = displays internal ospf routing table entries to ABR and ASBRs.<br />Show ip ospf virtual-links<br />Show ip ospf <process-id> = info. About each area to which the router is connected and indicates whether it is ABR or ASBR or both.<br /><br /><br />-show ip ospf database ===Displays the OSPF topological database maintained by the router. This command also shows the router ID and OSPF process ID. Use additional keywords to view detailed information in each part of the database.<br /><br />-show ip ospf interface === Displays details of the OSPF protocol on the interfaces, including the area, state, timers, neighbors, router ID, and network type.<br /><br />-show ip protocols=== displays parameters about timers, filters, metrics, network, and other information for the entire router.<br /><br />-show ip ospf neighbor=== is used to display OSPF-neighbor information on a per-interface basis. <br /><br />-The area stub command is used to define an area as a stub area.Syntax: area area-id stub [no-summary]<br />The no-summary optional parameter prevents an ABR from sending summary link advertisements into the stub area.<br /><br />-The summary-address router configuration command is used to create aggregate addresses for OSPF.<br />Simplified syntax: summary-address address mask<br /><br /><br />-show ip ospf border-routers=== displays the internal OSPF routing table entries to an area border router (ABR) and the autonomous system boundary router (ASBR). The SPF No in the output is the internal number of the SPF calculation that installs this route.<br />RouterTestKing# show ip ospf border-routers<br />OSPF Process 109 internal Routing Table<br />Destination Next Hop Cost Type Rte Type Area SPF No<br />160.89.97.53 144.144.1.53 10 ABR INTRA 0.0.0.3 3<br />160.89.103.51 160.89.96.51 10 ABR INTRA 0.0.0.3 3<br />160.89.103.52 160.89.96.51 20 ASBR INTER 0.0.0.3 3<br />160.89.103.52 144.144.1.53 22 ASBR INTER 0.0.0.3 3<br /><br />-NBMA<br />There are three different scenarios for NBMA interfaces.<br />Pure Multipoint Configuration (No Subinterfaces)<br />Pure Point-to-Point Configuration (each VC on a separate subinterface)<br />Hybrid Configuration (point-to-point and multipoint subinterfaces)<br /><br />-Mode:Adjency<br />NBMA:Manual Configuration DR/BDR elected<br />Broadcast:Automatic DR/BDR elected<br /><br />-LSA types<br />Type 2 LSAs are generated by Designated Routers (DRs) in multiaccess networks. They describe the set of routers attached to a particular network and are flooded within the area that contains the network only.<br /><br />Type-3 LSAs describe routes to networks within the local area and are sent to the backbone area.<br /><br />-OSPF Areas<br />Normal Areas: These areas can either be standard areas or transit (backbone) areas. Standard areas are defined as areas that can accept intra-area, inter-area and external routes.<br />backbone area is the central area to which all other areas in OSPF connect.<br />Stub Areas: These areas do not accept routes belonging to external autonomous systems (AS); however, these areas have inter-area and intra-area routes. In order to reach the outside networks, the routers in the stub area use a default route which is injected into the area by the Area Border Router (ABR).<br />Totally Stub Areas: These areas do not allow routes other than intra-area and the default routes to be propagated within the area. The ABR injects a default route into the area and all the routers belonging to this area use the default route to send any traffic outside the area.<br />NSSA: This type of area allows the flexibility of importing a few external routes into the area while still trying to retain the stub characteristic. Assume that one of the routers in the stub area is connected to an external AS running a different routing protocol, it now becomes the ASBR, and hence the area can no more be called a stub area. However, if the area is configured as a NSSA, then the ASBR generates a NSSA external link-state advertisement (LSA) (Type-7) which can be flooded throughout the NSSA area. These Type-7 LSA’s are converted into Type-5 LSA’s at the NSSA ABR and flooded throughout the OSPF domain<br /><br /><br />-IS-IS:Partial sequence number PDUs (PSNPs) are used to request an LSP (or LSPs) and acknowledge receipt of an LSP (or LSPs).<br /><br />-ConfigureIS-IS<br />To configure an IS-IS routing process for IP on an interface, use the ip router isis interface configuration command.<br />Note: To enable IS-IS, perform the following tasks starting in global configuration mode:<br />Step 1: router isis<br />Enable IS-IS routing and specify an IS-IS process for IP, which places you in router configuration mode.<br />Step 2: net network-entity-title<br />Configure NETs for the routing process; you can specify a name for a NET as well as an address.<br />Step 3: interface type number<br />Enter interface configuration mode.<br />Step 4: ip router isis [tag]<br />Specify the interfaces that should be actively routing IS-IS.<br />Reference: Cisco, Configuring Integrated IS-IS<br />show isis database (detail) command displays the contents of the IS-IS database.<br /><br />-show isis routes Display the IS-IS Level 1 forwarding table for IS-IS learned routes.<br /><br />-show clns route Display all of the destinations to which this router knows how to route packets.<br /><br />-show isis database Display the IS-IS link state database.<br /><br />-show clns neighbors command displays ES and IS neighbors. The output includes adjacency information.<br /><br />NSAP: AESA Network Service Access Point (NSAP) ATM Addresses<br /><br />-There are 3 types of private ATM addresses:<br />NSAP encoding format for E.164 addresses - The authority and format identifier (AFI) is 45. These addresses are used in establishing ISDN calls by public networks, and they are normally used in public telephony.<br />Data Country Code (DCC) AESA - The AFI is 39. These addresses are to be used in public networks. For example, the initial domain identifier (IDI) value 0x84.0f identifies the United States.<br />International Code Designator (ICD) AESA - The AFI is 47. These addresses are used in private organizations, and the ICD field indicates the code set or organization. Cisco uses by default ICD addresses.<br /><br />-EIGRP: Peer relationships, adjacency, between routers will not be formed if the neighbor resides in a different autonomous system or if the metric-calculation mechanism (K values) is mis-aligned for that link.<br /><br />-EIGRP: Uses composite metric base on Bandwidth, delay, reliability, load, and MTU.<br /><br />-Each EIGRP router maintains a neighbor table that lists adjacent routers.<br /><br />-Neighbor table – Each EIGRP router maintains a neighbor table that lists adjacent routers. This table is comparable to the neighborship (adjacency) database used by OSPF.<br /><br />-Topology Table – An EIGRP router maintains a topology table for each network protocol configured: IP, IPX, and AppleTalk. All learned routes to a destination are maintained in the topology table.<br /><br />-Routing table – EIGRP choose the best routes to a destination from the topology table and places these routes in the routing table. The router maintains one routing table for each network protocol.<br /><br />-Successor – This is the primary route used to reach a destination. Successors are kept in the routing table.<br /><br />-Feasible successor – This is a neighbor that is downstream with respect to the destination, but it is not the least-cost path and thus is not used for forwarding data. In other words, this is a backup route to the destination. These routes are selected at the same time as successors, but are kept in the topology table.<br /><br />- Bandwidth Control<br />The enhanced implementation uses the configured interface bandwidth in order to determine how much EIGRP data to transmit in a given amount of time. By default, EIGRP will limit itself to using no more than 50% of the available bandwidth. The primary benefit of controlling EIGRP's bandwidth usage is to avoid losing EIGRP packets, which could occur when EIGRP generates data faster than the line can absorb it. This is of particular benefit on Frame Relay networks, where the access line bandwidth and the PVC capacity may be very different. A secondary benefit is to allow the network administrator to ensure that some bandwidth remains for passing user data, even when EIGRP is very busy.<br /><br />- The ip summary-address eigrp command is used to configure a summary aggregate address for a specified interface. Syntax: ip summary-address eigrp autonomous-system-number address mask<br /><br />- The show ip eigrp traffic command displays the number of Enhanced IGRP (EIGRP) packets sent and received. Also shows hello, updates, queries, replies, and acknowledgments.<br /><br />-(BGP) The configuration of the multiple connections to the ISPs can be classified depending on the routes that are provided to the AS from the ISPs. Three common ways of the configuring the connections are:<br />All ISPs pass only default routes to the AS.<br />All ISPs pass default routes, and selected specific routes (for example, from customers with who the AS exchanges a lot of traffic) to the AS.<br />All ISPs pass all routes to the AS (A).<br /><br />-show ip bgp displays the entries in the BGP routing table.<br /><br />-BGP attributes:<br />Well-known mandatory attributes:AS-path/Next-hop/Origin<br />Well-known discretionary attributes:Local preference/Atomic aggregate/<br />Optional transitive attributes:Aggregator/Communities<br />Optional non-transitive attribute:Multi-Exit-Discriminator (MED)<br /><br />-RIP, IGRP, and EIGRP automatically perform summarization at classful boundaries.<br /><br />-IPv6 Address Type: Unicast - An IPv6 unicast address is an identifier for a single interface, on a single node. A packet that is sent to a unicast address is delivered to the interface identified by that address.<br /><br />-IPv6 Address Type: Anycast - An anycast address is an address that is assigned to a set of interfaces that typically belong to different nodes. A packet sent to an anycast address is delivered to the closest interface—as defined by the routing protocols in use—identified by the anycast address.<br /><br />-IPv6 Address Type: Multicast - An IPv6 multicast address is an IPv6 address that has a prefix of FF00::/8 (1111 1111). An IP<br /><br />- The ip default-network command is used as a method of distributing default route information to other routers. When running RIP, you can create the default route by using the ip default-network command. If the router has a directly connected interface onto the network specified in the ip default-network command, RIP will generate (or source) a default route to its RIP neighbor routers.<br /><br />-The combination of routing processes on a router or access server consists of the following protocols (with the limits noted):<br />Up to 30 IGRP routing processes<br />Up to 30 OSPF routing processes<br />One RIP routing process<br />One IS-IS process<br />One BGP routing process<br />Up to 30 EGP routing processes<br /><br />-AS Numbers:<br />This autonomous system number is a 16-bit number, with a range of 1 to 65535, 64512 - 65535 are reserved for private use.<br /><br />-Common (Port #) By default, the IP helper-address will forward the following UDP broadcasts:<br />DNS (port 53), time service (port 37)<br />Trivial File Transfer Protocol (TFTP) (port 69)<br />Terminal Access Control Access Control System (TACACS) service (port 49)<br />NetBIOS name server (port 137)<br />NetBIOS datagram server (port 138)<br />Boot Protocol (DHCP/BootP) client and server datagrams (ports 67 and 68)<br />IEN-116 name service (port 42)<br /><br /><br />-Administrative Distances:<br />Connect interface 0/Static Route out an interface 0/Static Route to a next hop 1/EIGRP summary route 5/External BGP 20/Internal EIGRP 90 /IGRP 100/OSPF 110/IS-IS 115/RIP(V1V2)120/ EGP140/External EIGRP 170/Internal BGP 200/Unknown 255<br /><br />-Multicast Addresses:<br />224.0.0.5 OSPF hello packet<br />224.0.0.6 All OSPF DR’s and BDR’s<br />224.0.0.9 RIP version2 <br />224.0.0.10 EIGRP<br /><br />-Scalable networks: The key 5 characteristics of Scalable Internetworks are: <br />Reliable and available,Efficient,Responsive,Adaptable,Accessible and Secure<br /><br />-The typical three-layer hierarchical:Core,Distribution,Access. <br /><br />-Core layer: Core layer is responsible to provide an optimal and reliable transport structure. The core layer is the backbone network of the entire internetwork and may include LAN and WAN backbones. Core layer usually consists of fully redundant paths with technologies such as FDDI, Fast Ethernet, and/ or ATM. <br /><br />-Distribution layer: Distribution layer is responsible to provide access to the internetwork as well as to the servers. Distribution layer sits between the Core layer and the Access layer. The policies such as ACLs are implemented at the distribution layer. Distribution layer is also known as workgroup layer. <br /><br />-Access layer, provides the users, access to the resources on internetwork. <br />In real world, a single device may be functioning at both Access layer as well as distribution layer. This is true for even Core layer.<br /><br />-Network segmentation: The primary purpose of segmentation is to reduce congestion in the network. <br /><br />-Bridges and switches forwards all broadcasts, which puts extra load on the network. In other words, though bridges divide the network into different collision domains, the broadcast domain remain only one. This increases the overhead on the network. <br /><br />-Access Control Lists: ACLs are used to permit or deny protocol update traffic, data traffic, and broadcast traffic. Cisco access lists are available for IP, IPX, and AppleTalk protocols. <br /><br />-Snapshot routing: Snapshot routing can reduce WAN costs, by exchanging the routing table at predefined intervals. The routing tables for the distance vector protocols are kept frozen until the next update occurs. Snapshot routing is used only on distance vector protocols such as IP RIP. Snapshot routing is widely used on ISDN lines. <br /><br />-Compression over WANs: Cisco IOS supports TCP/IP packet header, as well as data compression. Link compression is also supported, that compresses both header and data information in packets across point to point connections. <br /><br />-DDR (Dial on Demand Routing): DDR are useful when the traffic flow is not continuous in nature. In DDR, channel is created only after intended traffic is detected by the router, by dialing the destination. <br />-Switched network access: Switched networks, such as Frame Relay, X.25 can share the bandwidth by establishing virtual circuits. <br /><br />-Optimization of routing table size: Routing table entries consume bandwidth and processing power. These entries can be reduced by techniques such as route summarization, and incremental updates. <br /><br />-Snapshot routing builds routing table based on a snapshot of a dynamic routing table available when the network is active. The snapshot routing table is used until another activity occurs on the network, at which time the routing table is rebuilt. No routing information is exchanged when the network is quiet. Snapshot routing can be applied to distance vector protocols such as IP RIP, IGRP, IPX RIP, and RTMP. <br /><br />-Cisco IOS supports the following queuing methods: <br />Weighted fair-queuing: This is an automatic queuing method that provides fair bandwidth to all network traffic. <br />Priority queuing: Here, one particular type of traffic is given priority over all other types of traffic. Thus this particular traffic, for which priority is given, is assured of bandwidth. All other types of traffic do not have assured bandwidth. <br />Custom queuing: Here, each traffic type gets a pre-allocated bandwidth. Certain types of traffic can be allocated higher bandwidth depending on the requirement. <br /><br />-RIP (and IGRP) always summarizes routing information by major network numbers. This is called classful routing. <br /><br />-IP RIP based networks send the complete routing table during update. The default update interval is 30 seconds. <br /><br />-RIP version 2 is a classless routing protocol, where as RIP version 1 (RIP 1) is a classful routing protocol. The disadvantage of classfull routing is that some address space may be wasted. In classless routing, routing protocols exchange the subnet mask information during periodic routing updates. This allows variable subnet masks to be used in the network, allowing better use of address space. For example, a WAN link may need only two IP addresses. If you use classless routing protocol with, say 6 bits for subnetting (62-2 subnets), only 2 subnet addresses are utilized and the remaining become wasted. On the other hand, if you use classless routing protocol, Variable Length Subnet Mask (VLSM) can be used within the network, giving only 2 valid addresses for the WAN link, thus saving valuable address space. (If you are using IP addresses, address space involves IP addresses). <br /><br />-Metric limit for link-state protocols is 65,533. <br /><br />-Convergence is the term used to describe the state at which all the internetworking devices, running specific routing protocol, are having the same information about the internetwork in their routing tables. The time it takes to arrive at common view of the internetwork is called Convergence Time. <br /><br />-Distance vector protocol depends only on Hop count to determine the nearest next hop for forwarding a packet. One major disadvantage is that this may not always represent the best route. For example, if you have a destination connected through two hops via T1 lines, and if the same destination is also connected through a single hop through a 64KBPS line, RIP assumes that the link through 64KBPS is the best path! <br /><br />-Distance Vector (Number of hops) - Distance vector routing determines the direction (vector) and distance to any link in the internetwork. Typically, the smaller the metric, the better the path. EX: Examples of distance vector protocols are RIP and IGRP. Distance vector routing is useful for smaller networks. The limitation is that any route which is greater than 15 hops is considered unreachable. One important thing that differentiates distance vector with Link state is that distance vector listens to second hand information to learn routing tables whereas, Link state builds its routing tables from first hand information. Distance vector algorithms call for each router to send its entire routing table to each of its adjacent neighbors. <br /><br /><br /><br /><br />-Link State Routing: Link State algorithms are also known as Shortest Path First (SPF) algorithms. SPF recreates the exact topology of the entire network for route computation by listening at the first hand information. Link State takes bandwidth into account using a cost metric. Link State protocols only send updates when a change occurs, which makes them more attractive for larger networks. Bandwidth and delay are the most heavily weighed parts of the metric when using Link-State protocols. EX: OSPF and NLSP. <br /><br />-Benefits of Link State protocols: <![endif]> <br />Allows for a larger scalable network <br />Reduces convergence time <br />Allows “super netting” <br /><br />-Balanced Hybrid - Balanced Hybrid combines some aspects of Link State and Distance Vector routing protocols. Balanced Hybrid uses distance vectors with more accurate metrics to determine the best paths to destination networks. EX: EIGRP.<br /><br />-13. The default administrative distances are as below:<br />Directly connected 0/Static route 1/EIGRP Summary 5/External BGP 20/EIGRP 90/IGRP 100/OSPF 110/ISIS 115/RIP 120/Unreachable 255<br /><br />-IGRP, EIGRP: IGRP and EIGRP are proprietary of Cisco. These two protocols use composite metric to determine the best path to a remote network.<br /><br />-IGRP (as well as EIGRP) use the following components as metrics:<br />Delay: Calculated by adding up the delay along the path to the next router.<br />Reliability: This is representative of how many errors are occurring on the interface. The best reliability value is 255. A value of 128 represents only 50% reliability.<br />Load: Load metric also has a range from 1 to 255. If a serial link is being operated at 50% capacity, the load value is 255X0.5 or 12.5. Lower load value is better.<br />MTU: Stands for Maximum Transmit Unit size, in bytes. Ethernet and serial interface has a default MTU of 1500. Larger MTU size means that the link is more efficient.<br />Bandwidth: The bandwidth is specified in Kbps. Larger the bandwidth, better the link.<br />EIGRP (as well as IGRP) uses Bandwidth and Delay as default criteria to determine the best path.<br />“show ip route eigrp”: Displays the current EIGRP entries in the routing table.<br />“Show ip eigrp traffic”: This command can be used to learn the number of EIGRP packets sent and received.<br /><br />-The neighbor table in EIGRP include the following fields:<br />Neighbor address: This is the network layer address of the neighbor router.<br />Queue: This represents the number of packets waiting in queue to be sent.<br />Smooth Round Trip Time (SRTT): This represents the average time it takes to send and receive packets from a neighbor. This timer is used to determine the retransmit interval (RTO).<br /><br />-Hold Time: This is the period of time that a router will wait for a response from a neighbor. If there is no response at the end of this time period, the link is considered unavailable.<br /><br />-Hello packets:<br />The types of router protocols that use "Hello" packets are EIGRP, IS-IS, and OSPF.<br /><br />-Cisco IOS commands:<br />Show IP protocol: This command will show information on RIP timers including routing update timer (30sec default), hold-down timer (default 180sec). It also displays the number of seconds due for next update (this is fraction of update timer). This command also gives the network number for which IP RIP is enabled, Gateway, and the default metric.<br />Show IP route: This command will display the IP routing table entries. In addition, it displays the Gateway of last resort (if one is assigned). It also displays the codes used for various types of routes. Some of the important codes are:<br />C: directly connected/S: Statically connected/I : IGRP/R : RIP<br /><br /><br />-show IP interface: This command shows you interface-wise information such as IP address assigned to each interface, whether the interface is up, MTU etc.<br /><br />-Debug IP RIP: Debug IP RIP will turn the RIP debugging ON. This will display a continuous list of routing updates as they are sent and received. This leads to lot of overhead, which is the reason that you use "undebug ip rip" to turn-off debugging as soon as you finish with debugging.<br /><br />-The command "no router rip" is used for removing all rip entries from the router.<br /><br />-The command “clear ip bgp *”:clears all the entries from the BGP routing table and reset BGP sessions. This command is used after every configuration change to ensure that the change is activated and that peer routers are informed.<br /><br />-The command “clear ip bgp <address>” ex: clear ip bgp 172.31.0.0 removes the specified network from the BGP table.<br /><br />-For IGRP routing, you need to provide the AS (Autonomous System) number in the command. Routers need AS number to exchange routing information. Routers belonging to same AS exchange routing information.<br /><br />-IGRP:<br />IGRP update packet is sent every 90 seconds by default. This is 30 Sec for RIP.<br />By giving the command "show ip route igrp", we can see the routes found by IGRP. A route discovered by IGRP is denoted by letter "I" before start of the entry.<br /><br />-The following three types of routes are recognized by IGRP:<br />Interior: Interior routes are those that are directly connected to a router interface.<br />System: Routes advertised by other IGRP neighbors within the same autonomous system (AS).<br />Exterior: These are the routes learned from a different Autonomous System number (ASN).<br /><br />-Private Internet addresses:<br />The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space your use for private networks:<br />10.0.0.0 - 10.255.255.255<br />172.16.0.0 - 172.31.255.255<br />192.168.0.0 - 192.168.255.255<br /><br />-There are three ways a router learns how to forward a packet:<br />Static Routes - Configured by the administrator manually. The administrator must also update the table manually every time a change to the network takes place. Static routes are commonly used when routing from a network to a stub (a network with a single route) network.<br />The command is<br />ip route network mask address/interface [distance]<br />ex: ip route 165.44.34.0 255.255.255.0 165.44.56.5<br />Here, 165.44.34.0 is the destination network or subnet<br />255.255.255.0 is the subnet mask<br />165.44.56.5 is the default gateway.<br />Default Routes - The default route (gateway of last resort) is used when a route is not known or is infeasible. The command is<br />ip route 0.0.0.0 0.0.0.0 165.44.56.5<br />The default gateway is set to 165.44.56.5<br />Dynamic Routes - As soon as dynamic routing is enabled, the routing tables are automatically updated. Dynamic routing uses broadcasts and multicasts to communicate with other routers. Each route entry includes a subnet number, the interface out to that subnet, and the IP address of the next router that should receive the packet. The commands to enable rip are:<br />router rip network <major network number>.<br /><br />-OSPF:<br />An OSPF area is a collection of networks and routers that has the same area identification.<br /><br /><br /><br />-The following are the types of OSPF routers:<br />Internal router: An internal router has all the interfaces in the same area. All internal routers maintain same link state databases.<br />Backbone router: Backbone routers reside on the perimeter of Area 0, with at least one interface connected to backbone (Area 0).<br />Area Border Router (ABR): ABRs are routers that have interfaces attached to multiple areas. It may be noted that these routers maintain separate link-state databases for each area that they are connected. They are capable of routing traffic destined for or arriving from other areas.<br />Autonomous System Boundary Router (ASBR): This router has at least one interface to the external network (another autonomous system). This autonomous network can be non-OSPF. ASBRs are capable of route redistribution. Redistribution is the ability of a router to import routing information from non-OSPF networks, and distribute the same in OSPF network for which it is responsible and visa versa.<br /><br />-LSA Types:<br />LSA Type 1: Router link entry, generated by all routers for each area to which it belongs. These are flooded within a particular area.<br />LSA Type 2: Network link entry, generated by designated router (DRs). Type 2 LSAs are advertised only to routers that are in the area containing the specific network.<br />LSA Type 3 and Type 4: Summary link entry, these LSAs are generated by area border routers (ABRs). These are sent to all routers within an area. These entries describe the links between the ABR and the internal routers of an area. These entries are flooded throughout the backbone area and to the other ABRs.<br />LSA Type 5: Autonomous System External Link Entry, these are originated by ASBR. These entries describe routes to destinations external to the autonomous system. These LSAs are flooded throughout the OSPF autonomous system except for stubby and totally stubby areas.<br /><br />-The sequence of steps followed in OSPF operation are as below:<br />Establish router adjacencies<br />Elect DR and BDR<br />Discover Routes<br />Choose appropriate routes for use<br />Maintain routing information.<br /><br />-The command "show ip ospf database" displays the contents of the topological database maintained by the router. This command also displays router id and the ospf process id.<br /><br />-“show ip ospf interface” can be used to check whether the interfaces have been configured properly. The command also gives the timer intervals, including hello intervals, and neighbor adjacencies.<br /><br />-OSPF keeps up to six equal-cost route entries in the routing table for load balancing.<br /><br />-OSPF uses Dijkstra algorithm to calculate lowest cost route. The algorithm adds up the total costs between the local router and the each destination network. The lowest cost route is the preferred route when there are multiple paths to a given destination.<br /><br />-OSPF has the following advantages over Distance Vector protocols such as RIP:<br />Faster convergence: OSPF network converges faster because routing changes are flooded immediately and computed in parallel.<br />Support for VLSM: OSPF supports VLSM. However, please note that RIP version2 also supports VLSM.<br />Network Reachability: RIP networks are limited to 15 hops. On the other hand, OSPF has practically no reachability limitation.<br />Metric: RIP uses only hop count for making routing decisions. This may lead to poor efficiency in some cases. For example, that a route is nearer but is very slow compared to another route with plenty of bandwidth available but few more hops away. OSPF uses "cost" metric to choose best path. Cisco uses "bandwidth" as metric to choose best route.<br />Efficiency: RIP uses routing updates every 30 seconds. OSPF multicasts link-state updates and sends the updates only when there is a change in the network status<br /><br /><br />-The path cost in OSPF network is calculated using bandwidth. The formula used is [10 <8> divided by Bandwidth]. For example, the cost of a 56kbps serial link is 1785. The default cost of a 10mbps Ethernet is 10.<br /><br />-When a serial line is configured on a Cisco router, the default bandwidth is 1.544Mbps. If the line is slower speed, "bandwidth" command can be used to specify the real link speed. The cost of the link will then automatically correspond to the changed value.<br /><br />-You must manually configure a static route to configure DDR (Dial on Demand Routing). DDR is widely used as a backup route, in case of failure of primary link.<br /><br />-Route Summarization:<br />Route summarization is calculated as below:<br />Step 1:<br />Take the first IP: 172.24.54.0/24: 172.24. 0 0 1 1 0 1 1 0.0<br />Take the second IP: 172.24.53.0/24: 172.24. 0 0 1 1 0 1 0 1.0<br />Note that we are not really concerned about the octets that have equal decimal values. This is because they don’t come into play while calculating summarization route, in this case.<br />Step 2:<br />Count the number of bits in the third octet that are aligned (or lined up) with same values. In this case 6 bits are lined up in the third octet. The summarization route is calculated by adding this number (6) to the octets preceding the third (first and second octets).<br />Therefore, the number of bits in the summarized route is 8+8+6 = 22<br />Step 3:<br />Calculate the decimal equivalent for third octet with 6 bits as given in the matching binary. That is 0 0 1 1 0 1 x x. Note x is because it corresponds to non matching binary number. It is equal to 128*0 + 64*0 + 32*1 + 16*1 + 8*0 + 4*1 or 32+16+4 or 52.<br />Therefore, the summarized route is:172.24.52.0/22<br /><br />-While evolving a network addressing scheme for an organization, you need to assign a different network number for each subnet. Also, you need to set aside one network number for each WAN connection.<br /><br />-Representing a subnet mask with / notation:<br />Consider an IP subnet mask of 255.255.255.128. The same be represented as /25. This is arrived at, by taking the binary equivalent of 255.255.255.128 (= 11111111.11111111.11111111.10000000). Count the number of ones’, there are 25 of them. Therefore, the same can be written as /25.<br /><br />-The following are link state routing protocols:IPX NLSP/IS-IS/IP-OSPF<br /><br />-OSPF LSA, LSR, and LSUs:<br />LSA (Link State Advertisement): LSAs are included in the database description packets (DDPs or DBDs). LSA entries include link-state type, the address of the advertising router, the cost of the link, and the sequence number.<br />LSR ( Link State Request): When a slave router receives a DDP (Database Description Packet), it sends an LSAck packet. Then it compares the received information with its own information. If the DDP has more recent information, the slave router sends a link-state request (LSR) to the master router.<br />LSU ( Link State Update): LSU packet is sent in response to LSR (Link-State Request) packet that is sent from a slave router to a master router. LSU contains complete information about the requested entry.<br /><br />-In an OSPF environment,<br />A DDP (Data Description Packet) is used during the exchange protocol and includes summary information about link-state entries.<br />A hello packet is used during the hello process and includes information that enables routers to establish neighbor relationship.<br /><br />-An internal router is a router that resides within an area.<br /><br />-Important features of stub area are:<br />A stub area reduces the size of the link-state database to be maintained in an area, which in turn result in less overhead in terms of memory capacity, computational power, and convergence time.<br />The routing in Stub and totally Stubby areas is based on default gateway. A default route (0.0.0.0) need to be configured to route traffic outside the area.<br />The stub areas suited for Hub-Spoke topology.<br />Area 0 is not configured as Stubby or totally Stubby. This is because stub areas are configured mainly to avoid carrying external routes, whereas Area 0 carries external routes.<br /><br />-EIGRP:<br />Some of the important terms used in Enhanced IGRP are:<br />Successor: A route (or routes) selected as the primary route(s) used to transport packets to reach destination. Note that successor entries are kept in the routing table of the router.<br />Feasible successor: A route (or routes) selected as backup route(s) used to transport packets to reach destination. Note that feasible successor entries are kept in the topology table of a router. There can be up to 6 (six) feasible successors for IOS version 11.0 or later. The default is 4 feasible successors.<br />DUAL (Diffusing Update Algorithm): Enhanced IGRP uses DUAL algorithm to calculate the best route to a destination.<br /><br />-Internet Assigned Numbers Authority (IANA) is responsible for assigning BGP autonomous system numbers.<br /><br />-The assignable BGP autonomous system numbers are from 1 to 65,535 (I.e. 65,535 in total). Autonomous system numbers are of 16 bit length. There are 2 ^ 16 = 65536 -1 possible ASNs. ASN of all 0s is not assigned. Out of this, the Internet Assigned Numbers Authority (IANA) has reserved the following block of AS numbers for private use: 64512 through 65535.<br /><br />-External BGP (eBGP) is used to establish session and exchange route information between two or more autonomous systems. Internal BGP (iBGP) is used by routers that belong to the same Autonomous System (AS).<br /><br />-Routers running BGP in an AS use network Policy to choose the best path. Metrics are not used in BGP. Remember that Internet is made of autonomous systems (AS) that are connected together based on Policies specific to each AS. Also, AS numbers (ASN) are assigned by AINA and are unique over the Internet. In an internet (not big I) the ASNs can be assigned by the corporation itself that is implementing internet.<br /><br />-The following are the four possible message types in a BGP header:<br />Type 1: OPEN message - This is the first message sent after TCP session is established.<br />Type 2: UPDATE message - An UPDATE message contains a new route or a route to be withdrawn or both. Note that only one new route can be advertised with one UPDATE message.<br />Type 3: NOTIFICATION message - this message is sent if an error occurs during a BGP session. This message can be used to troubleshoot the problem.<br />Type 4: KEEPALIVE message - KEEPALIVE message is used to confirm that the connection between the neighboring routers is still active.<br /><br />-Command to set the router RouterA to autonomous system number 1340:<br />The correct syntax for the command is:<br />RouterA(config)#router bgp 1340<br />where 1340 is the AS number which can have a value between 1 and 65535 in an internetwork.<br /><br />-Port number 179 is used to establish a session between two routers running BGP.<br /><br />-Well-Known mandatory attributes must appear in all BGP update messages. The well-known mandatory messages are:<br />AS_PATH: BGP messages carry the sequence of AS numbers indicating the complete path a message has traversed.<br />NEXT_HOP: This attribute indicates the IP address of the next-hop destination router.<br />ORIGIN: This attribute tells the receiving BGP router, the BGP type of the original source of the NLRI information.<br /><br />-Any two routers that have formed a TCP connection in order to exchange BGP routing information are called peers, or neighbors. BGP peers initially exchange their full BGP routing tables. After this exchange, routing table changes are sent as incremental updates. BGP keeps a version number of the BGP table, which should be the same for all of its BGP peers. The version number changes whenever BGP updates the table, likely due to routing information changes. Keep alive packets are sent to ensure that the connection is alive between the BGP peers.<br /><br />-show ip bgp neighbors<br />This is a very useful command in troubleshooting BGP connections. When the connection is established, the peer/ neighbor router exchanges BGP information. If a TCP connection (BGP session) is not established, a BGP router can not exchange any BGP routing information with the adjacent router.<br /><br />-Few recommended scenarios, where you use BGP are:<br />Connect two or more ISPs<br />The traffic flow out of your network need to be managed to suit the requirements of your organization.<br />The traffic need to be sent through one AS to get to another AS.<br /><br />-The weight attribute in BGP has a range from 0 to 65535. This attribute can be set using "neighbor" command. The default value is 32,768.<br /><br />-Various debug commands useful in troubleshooting bgp are:<br />Debug ip bgp events: Displays all bgp events as they occur.<br />Debug ip bgp dampening: Displays bgp dampening events as they occur.<br />Debug ip bgp keepalives: Displays all events related to bgp keepalive packets.<br />Debug ip bgp updates: Displays information on all bgp update packets.<br /><br />-Prefix lists (filtering) are available only in Cisco IOS versions 12.0 and later.<br /> <br />-Characteristics of Prefix lists:<br />These are used for filtering BGP routing updates, so that certain path policy is applied.<br />Prefix lists put less load on the processor compared to Access lists.<br />Prefix lists are easier to configure and implement.<br />Prefix lists are read one line at a time.<br />There is an implicit deny all at the bottom of the Prefix list. However, if the prefix list is empty, there will be an implicit permit any.<br />The statement with the smallest sequence numbers is read first.<br />Sequence values are generated in increments of 5. The first sequence value generated in a prefix list would be 5, then 10, then 15, and so on.<br /><br />-The following are a few examples of how a prefix list can be used (while configuring BGP policies to filter route updates):<br />To deny the default route 0.0.0.0/0:<br />ip prefix-list mylist1 deny 0.0.0.0/0<br />or <br />To permit the prefix 20.0.0.0/8:<br />ip prefix-list mylist1 permit 20.0.0.0/8<br /> <br />-A stub AS is a single-homed network with only one entry and exit point. This type of AS can be connected to the external world through the use of a statically configured route.<br />-Transit AS: Data from one AS need to reach a remote AS, then it has to travel through intermediate AS. The AS or Autonomous Systems which carry the data from one AS to another AS is (are) called Transit AS (es).<br /><br />-eBGP: External BGP is used between two or more Autonomous Systems.<br />iBGP: Internal BGP is used within an AS.<br /> <br />-In BGP, to disable automatic summarization of subnet routes into network level routes use the command:”no auto-summary”<br />To enable automatic summarization of subnet routes into network level routes use the command:<br />“auto-summary”<br />Note that by default, auto-summary is enabled.<br /><br />-BGP is an exterior routing protocol, whereas RIP, IGRP, and OSPF are all Interior routing protocols (IRP). Interior routing protocols run inside a company's network and can't run on the Internet. The Internet consists of numerous autonomous systems (AS) which are connected by Exterior Routing protocols like BGP.<br /><br />-BGP commands:Suppose, RouterA and RouterB are running iBGP. The correct syntax for establishing neighbor relationship is:<br />router bgp 100 <br />neighbor 175.23.1.2 remote-as 100 <br />iBGP routers don't have to be directly connected, as long as there is some IGP running, that allows the two neighbors to reach one another. If two routers belong to the same AS, then they run iBGP, whereas, if they belong to different ASs, they need to run eBGP.<br /><br />-The output is that of "show ip bgp summary". It contains the following among other details:<br />BGP router identifier: Router identifier specified by the bgp router-id command, loop back address, or lowest IP address.<br />BGP table version: Internal version number of BGP database.<br />Main routing table version: Last version of BGP database that was injected into main routing table.<br />Neighbor: IP address of a neighbor.<br />V: BGP version number spoken to that neighbor.<br />AS: Autonomous system.<br /><br />-To specify the networks to be advertised by the Border Gateway Protocol (BGP) use the network command. <br />To remove an entry, use the no network form of this command.<br />“network network-number [mask network-mask]”<br />To remove,<br />“no network network-number [mask network-mask]”<br /><br />-To distribute Border Gateway Protocol (BGP) neighbor information as specified in a prefix list, use the neighbor prefix-list command in address family or router configuration mode.<br />The following router configuration mode example applies the prefix list named mylist1 to outgoing advertisements from the neighbor 192.10.0.0:<br />! <br />router bgp 100 <br />network 120.101.0.0 <br />neighbor 192.10.0.0 prefix-list mylist1 out <br /><br />-To distribute Border Gateway Protocol (BGP) neighbor information as specified in an access list, use the neighbor distribute-list command in address family or router configuration mode. <br /><br />-Route maps are used with BGP to control and modify routing information and to define the conditions by which routes are redistributed between Autonomous Systems. The format of a route map is as follows:<br />“route-map map-name [[permit | deny] | [sequence-number]]”<br />The map-name is a name that identifies the route map, and the sequence number indicates the position that an instance of the route map is to have in relation to other instances of the same route map.<br /><br />-Some of the terms used commonly with route reflectors in BGP are:<br />Route reflector: It is a router that is configured to advertise the routes that are learned from iBGP neighbors.<br />Client: A router that shares information with the router configured as route reflector.<br />Cluster: The set of all routers configured as route reflectors and clients.<br />Cluster ID: If there are one route reflector in a cluster, then, cluster ID is used to identify the route reflectors uniquely in the specified cluster.<br />-Do not apply both a neighbor distribute-list and a neighbor prefix-list command to a neighbor in any given direction (inbound or outbound) on a BGP router. These two commands are mutually exclusive, and only one command (neighbor prefix-list or neighbor distribute-list) can be applied to each inbound or outbound direction.<br /><br />-BGP peer groups:<br />A BGP peer group significantly reduces the overhead of configuring policies on every individual BGP neighbor in an AS. When a peer group is created, policies are assigned to the name of the peer group itself and not to the individual neighbors.<br />Route maps, distribution lists, and filter lists usually set update policies.<br />Members of the peer group can be configured to override the configuration options for incoming updates, but not to the outgoing updates.<br /><br />-The command (BGP)<br />neighbor <ip-address> peer-group <peer group name><br />is used to add a neighbor to a peer-group.<br />The complete commands to add a neighbor are:<br />!<br />RouterA(config)#router bgp 100<br />RouterA(config-router)#neighbor mygroup peer-group<br />RouterA(config-router)#neighbor 1.1.1.1 peer-group mygroup<br />!<br /> <br />-When a route reflector in a BGP AS receives an update, it takes the following actions, depending on the type of peer that sent the update:<br />If the update is from a non-client peer : It sends the update to all clients in the cluster.<br />If the update is from a client peer: It sends the update to all nonclient peers and to all client peers.<br />If the update is from eBGP peer: It sends the update to all nonclient peers and to all client peers.<br /><br />-The following are well known communities in BGP:<br />Internet: All routers belong to this community by default. Advertises the route to internet community.<br />No-export: This indicates not to advertise a route to eBGP<br />No-advertise: This indicates not to advertise a router to peers.<br />The community attribute in BGP can contain a value in the range 0 to 4294967200.<br /><br />-The correct syntax to configure a router as a BGP route reflector is:<br />RouterA(config-router)#neighbor <ip-address> route-reflector-client <br />Here, it is:<br />RouterA(config-router)#neighbor route-reflector-client 144.44.44.1<br />The above command will configure RouterA as a route reflector with the specified neighbor 144.44.44.1 as the route reflector's client.<br /><br />-Methods available for filtering BGP updates:<br />Distribute lists: To restrict the routing information can be filtered based on routing updates to/from a particular neighbor. An access list that is applied to updates to/from a neighbor serves as a filter.<br />AS_Path filtering: Here, you specify an access list on both incoming and outgoing updates based on the value of the AS_path attribute.<br />Route Map Filtering: Here, the "neighbor route-map" command is used to apply a route map to incoming and outgoing routes.<br />Community Filtering: You can filter by setting the community attribute on router updates.<br /><br />-External and summary routes are not injected into a totally stubby area in an OSPF network. The advantages of totally stubby areas are reduced routing tables, faster convergence, and stability.<br /><br />-To enable the synchronization between Border Gateway Protocol (BGP) and Interior Gateway Protocol (IGP) system, synchronization command is used. To advertise a network route without waiting for the IGP, use the no synchronization command. By default, synchronization is enabled.<br /><br />-The following router configuration mode is an example that enables a router to advertise a network route without waiting for the IGP:<br />!<br />router bgp 160<br />no synchronization<br /><br />-Show ip bgp neighbors is a command most often used to see neighbor details, which include the following:<br />AS number,Uptime,BGP messages received / sent,Hold time, Keepalive intervals,Remote router ID .<br /><br />-BGP AS-PATH length:<br />You can increase the AS-PATH length by adding dummy AS numbers.<br />The route map configuration command:<br />set as-path prepend 100 <br />causes a router to prepend 100 once to the value of the AS_path attribute before it sends updates to the specified neighbor.<br />If you want to prepend 100 twice, use the command<br />set as-path prepend 100 100<br />This will increase the AS-PATH length in the updates being sent to the neighbor and hence the path selection.<br /><br />-BGP Distribute lists are created using IP standard access lists and IP extended access lists. The range of numbers for standard access list is 1 to 99 and extended access list is 100 to 199. Therefore, the allowed range of numbers is 1 to 199.<br /><br />-EIGRP uses multicasts to send queries to neighbor routers.<br /><br />-The three multi-homing classifications are:<br />Basic: Here the ISP will offer only the default route to the AS. This kind of connection is least processor intensive and recommended for simple networks with only one ISP connection.<br />Medium: This uses default routes and BGP. Internal AS can select the best ISP to use depending on the preferences.<br />Full: Full multi-homing uses only BGP. Here the routes are learned using the AS_PATH attribute information to make routing decisions.<br /><br />-BGP can load balance up to six links. You can have up to six links to ISPs and use those links for Internet traffic. This arrangement provides redundancy as well as load balancing.<br /><br />-BGP version 4 supports CIDR (Classless InterDomain Routing).<br /><br />-In BGP, the term Multihoming is used when one AS is connected to two or more ASP. The purpose of multihoming is:<br />To improve the reliability of connectivity to the Internet, that even if one connection fails, the other connection will be available.<br />To share the traffic load, resulting in the performance improvement.<br /><br />-While selecting best route in BGP, the order of preferences are as below:<br />Weight - If multiple routes exist, the route with the highest weight is preferred.<br />Local preference - If multiple routes have the same weight, the route with the highest local preference is preferred.<br />Local router - If multiple routes have same local preference, prefer the route originated by the local router.<br />AS path - If multiple routes have the same local preference, prefer the route with shortest AS path.<br /><br />-On an OSPF network, when a packet need to traverse from one area to another area to reach its destination, it is routed as below:<br />Source Area -> Source ABR -> Backbone Area -> Destination ABR -> Destination Area Routers<br /><br /><br />-IS-IS: <br />Some of the OSI terms that are used in OSI routing environment are given below:<br />ES: End System, refers to any node that does not take part in the routing process, such as a work station.<br />IS: Intermediate System, refers to any network node that takes part in the routing process.<br />IS-IS: Intermediate System-to-Intermediate System, a routing protocol defined for OSI environment.<br />CSNP: ConnectionLess Network Protocol, protocol used by IS-IS for routing in OSI environment. <br /><br />-The following are the notable features of IS-IS ( Intermediate System to Intermediate System) routing protocol:<br />(IS-IS)routing protocol is a link state protocol. <br />(IS-IS)uses different types of Hello packets to form adjacencies.<br />(IS-IS) protocol can be used in dual (IP and OSI) environment. The term given for IS-IS implementation for mixed environment is Integrated IS-IS or Dual IS-IS. <br /><br />-IS-IS has the following metrics:<br />Cost metric - This is the only required metric.<br />The optional metrics are Delay, Expense, and Error. <br />IS-IS uses a single default metric with a maximum path value of 1024. The metric is typically assigned by a network administrator. Any single link value can be up to a maximum of 64. <br />Cisco IOS running IS-IS supports load balancing up to six equal-cost paths. <br /><br />-IS-IS LSPs:<br />Most routers participating in IS-IS flood LSPs (Link State Packets) to adjacent neighbors, except for the interface on which the LSP was received.Note that in a shared media like LAN, a DIS (Designated Intermediate System) is elected, and DIS floods the media with LSPs. <br /><br />-The LSPs are used for constructing link state database. The LSPs have a life time of 20 minutes. <br /><br />-The LSPs are refreshed by the originator periodically. LSPs maintain a checksum and a sequence number. <br /><br />-The following are the features common to both OSPF and IS-IS:<br />SPF (Shortest Path First) algorithm is used by both OSPF and IS-IS for computing shortest route to the destination.<br />They both elect designated router in multi access environment. The term used for designated router in IS-IS environment is Designated Intermediate System (DIS). However, the DIS election in IS-IS is pre-emptive. If a new router boots on the LAN with a higher priority, it becomes the DIS replacing the old DIS. <br />Both OSPF and IS-IS have authentication capability.<br />Both use Hello packets to establish adjacencies. <br />Both use SPF (Shortest Path First) algorithm to compute the shortest path to the destination.<br />Both use Areas, however there is no ABR (Area Border Router) in IS-IS. The L2 router is analogous to ABR.<br /><br />-Some differences between OSPF and IS-IS are:<br />OSPF uses IP whereas IS-IS uses CLNS in pure OSI environment.<br />IS-IS uses hierarchical architecture with two level (L1,L2) hierarchy, where as OSPF uses Area0 with ABRs. Contiguous L2 or L1/L2 routers (ISes) form the backbone in IS-IS environment. <br /><br />-[ip eigrp hello-interval](df:5s) and [ip eigrp hold-time](15s) commands are used to enable the exchange of hello packets<br /><br />-OSPF:The Hello protocol packet contains many things such as Router ID((router)#router-id [ip]), intervals, neighbors, Area ID, router priority and DR and BDR IP addresses<br />with the neighbor [ip-address] command, and neighbors must belong to the same subnet<br /><br />-A routing domain is a collection of areas under an administration that implements routing policies.A two-level hierarchy is used to support large IS-IS routing domains.<br /><br />-Routing within an area is referred to as Level 1 routing. Routing between areas is referred to as Level 2 routing.<br /><br />-Routers running IS-IS will send hello packets out all IS-IS-enabled interfaces to discover neighbors and establish adjacencies if their hello packets contain information that meet the criteria of matching authentication, IS-type(is-type level-1-2, can in (config)# mode or (if)# )mode and MTU size<br /><br />-All routers will construct their link-state database from these LSPs -> topobase. Then a shortest-path tree (SPT) is calculated by each IS, and from this SPT the routing table is built.<br /><br />-AD:Internal BGPv4 is 200,n it's a classless routing proto<br /><br />-BGP: AS ranged from 1-65536,n the range between 64512 and 65535 are reserved for private use<br /><br />-EIGRP:88 / OSPF:89 / IGRP:9<br /><br />-TCP: BGP(179) / iBGP:200 / eBGP:20 / EIGRP Summary:5<br /><br />-service password-encryption:Password encryption is applied to ALL passwords<br />You cannot recover a lost encrypted password with no service password-encry command. You must clear NVRAM and set a new password.<br /><br />-By Cisco:<br />Core layer: great bandwidth,redundant circuits(equipment) -> e.g full meshing<br />Distribution layer(workgroup layer): Consolidation,ACL<br />Access layer(desktop layer): Vlans,firwalls,DHCP<br /><br /><br />-IPv4 header: 12 portion while IPv6 only has 5<br /><br />-IPv4 header: 20 bytes while IPv6 40 bytes<br /><br />-use SCTP which likes TCP: reliable<br /><br />-you can configure both IPv4 n IPv6 addr on an int,which is called *dual*-stacked<br />tunneling: encap IPv6 packet in IPv4 packet(+ IPv4 header), then unencap on the other side<br />or manually configure IPv4 n IPv6 at each end.<br /><br />-Good design nets benefits: scalability, predictability, flexibility<br /><br />-hierachical - summary IP add / prefix length - update with SM<br /><br />-1900:enable password level 15 [password] <- only supports ISL enable secret [password]<br />can set the same password,but not for 2950 <- onlyn supports 802.1Q<br /><br />-classful:EGP/BGPv3<br /><br />-classless:IS-IS/BGPv4<br /><br />-route map: you can insert n delete statements , edit match conditions , which can not be done in ACL<br />(config)#route-map [name] permit [sequence-number]<br />(config-route-map)#match [conditions] -> defines the conditions to match<br />(config-route-map)#set [actions] -> defines the action to be taken on a match<br /><br />-ip nat inside source route-map [name] pool [name]<br />route-map [name] permit 10<br />match ip addr 2 <- use ACL 2<br /><br />-router ospf 1<br />area 1 range 192.168.64.48 255.255.255.240<br />network 192.168.1.0 0.0.0.255 area 0<br />network 192.168.64.0 0.0.0.3 area 1<br />default-information originate always<br />exit<br />ip route 0.0.0.0 0.0.0.0 172.16.0.5<br /><br />-By df: EIGRP n RIPv2 are auto-summarized,but can use (route)#no auto-summary command to turn off it<br /><br />-(if)#ip rip send/recv version 1/2 or 1 2 : specifies which version of RIP will be sent n recvd on an individual int ip rip send version ….<br />e.g version 2 / int s3 / ip rip send version 1 / ip rip recv version 1 -> all the ints use version2 except for s3<br /><br />-IS-IS(allows preempt):like OSPF ,doesnot support auto-summary at all, triggered,plus LS database syn on LAN every 10s n at startup on PTP, send hello/10s , hold-30s<br />BGP: DV(path-vector), support auto-summary n manualy summarization,set metric as path attribute ,converge slow, triggered, send hello/60s ,hold-180s<br /><br />-EIGRP does form nei even if hello time n hold time donot match,as long as they have the same AS n K-value.<br /><br />-Q-Cnt:should be 0 ( packets in buffer ),if high, that means much delay<br /><br />-reliable packets that need an explicit ack: update,query,reply<br />unreliable packets: hello,ack<br /><br />- EIGRP:nei is reset if update is not acked after 16 retransmissions,update retransmitted each time RTO is reached.<br /><br />-AD<FD -> feasible successor: loop-free<br /><br />-(config)# ip local policy route-map<br /><br />-EIGRP: when summarization is configured on an int,the router immediately creates a route pointing to null0 to prevent loops when the last specific route of the summary goes away,the summary is deleted.<br /><br />-EIGRP uses 50% of bandwidth by df<br /><br />-OSPF uses more router memory than RIP.<br /><br />-su = is-is summary route<br />i = is-is<br /><br />-When the route reflector receives an advertised route, depending on the neighbor, it does the following:<br />A route from an external BGP speaker is advertised to all clients and nonclient peers.<br />A route from a nonclient peer is advertised to all clients.<br />A route from a client is advertised to all clients and nonclient peers.<br /><br />-route map will go through ONLY if there is a match, if no match statement,that is to say "match all"<br /><br />-Eigrp:when route fails n there is no feasible seccessor, it sends out a query to all his nei n waited all the reply, mass of traffic,so we should limit the query range. -> use summary addr(only know the netw if EXACTLY matched) or [eigrp stub] command ( commonly in a hub-n-spoke topo, nei wont query it coz it's a stub )<br /><br />-router(config-router)# eigrp stub [receive-only | connected | static | summary]<br /><br />-Eigrp is not plug n play for large network,eigrp query can kill the network.<br /><br />-Three major problems or disadvantages might be encountered when redistributing routes between routing domains: 1- Route loops 2- Incompatible routing information such as metric 3-Inconsistent convergence time.<br /><br />-OSPF: Down State -> Init State -> Two-Way State -> Exstart State ( who starts the xchange depends on the higher RID ) -> Xchange State ( send DBD : database discribtion, a summary of the entire link-state database ) -> Loading State ( send PSU/PSQ ack: thanks for the info ) -> Full State<br /><br />-Each LSA record in the LSDB maintains a sequence number with a head of 0x80000001 n ends of 0x7fffffff( 4-byte ) ,the sequence number +1 each time the LSA is flooded ( 30m ) , n ultimately to the maxage 0x800000001 age ( 1 hour ) n flushed. Use the more recent requence number ( higher ) if encounters two instances. The sequence number has to be the same in ALL router in the same area ( syn ) netw 10.2.1.2 0.0.0.0 area 0 -> assign the int to area 0<br />sh ip ospf int -> view hello/dead time,so you can set to match your nei<br />typically if you donot see a DR in 'sh ip ospf nei' , then it's pretty much the you that are the DR =)the state should be Two-Way or Full, other states are bad!<br />you must clear the OSPF process( reload or [clear ip ospf process] )b4 the new [(rotuer)#route-id] command will take effect.<br /><br />-(if)#ip ospf priority [number] 1 via 255 -> so router ints can have diff values<br /><br />-NBMA int doesnot auto detect nei,so must staticlly configured(nei [ip][priority][pool-interval]),the df methord for OSPF ((if)#ip ospf netw [type]), RFC 2328-compliant<br /><br />-Type4:ABR -> ASBR, also area range command,LSA 5:use summ<br /><br />-Type5:AS External link adver / type6:Multicast OSPF LSA / type7: NSSA / type8:External Attributes LSA for BGP<br /><br />-Type4 LSA contains the RID of the ASBR only (O IA: inter-area / O i: intra-area(su addr) -> sh ip ospf border-router / ia: IS-IS inter-area / O E1: type1 external routes / O N1: NSSA,type7 LSA)<br /><br />-BACKBONE 0: type 7 cant pass it, must convert to type 5 1st.<br />use NSSA: connect with ISP, redistribution<br /><br />-Cisco recommanded:routers in an area: 50 / nei for each router: 60 / areas for every router:3 / one router, only represent one DR/BDR<br />area 1 default-cost 10<br /><br />-point-to-multipoint in NBMA Wan: use a 30s hello packet, every subint requires a subnet(int s0.1 multipoint/point-to-point)<br /><br />-(if)#ip ospf cost [value-1 to 65535] / (router)#auto-cost reference-bandwidth -> can up to 4294967<br /><br />-stub area : cant have an ASBR(allowed in NSSA -> can use area 1 nssa no-summary to block type 3/4 LSA), must have an ABR,virtual links dont work,all the routers in the same area should be set as stubby,n even the ABR, or nei wont be formed.<br />as for TSA ( Cisco-specific ) only the ABR ( a Cisco-router ) must be configured as totally stubby -> area [id] stub no-summary,all others in the area can be set as stubby.<br /><br />-Virtual links are recommended for backup or temp connections. -> can merge the netw ( sh ip ospf virtual-links )<br /><br />-debug ip ospf packet -> the version of OSPF,RID<br /><br />-is-is is even more complex than OSPF<br /><br />-backbone = transit area<br /><br />-Its better to place the ACL at distrubution layer. All Filtering/Queing/Access Control/Aggregation shut be done at distrubution layer. But Vlans n authentication are at access layer.<br /><br />-IS-IS:simple implementation than OSPF,well-positioned for IPv6(easily extending), stable, faster time than OSPF, more effient use of CPU than OSPF, but less vendor support than OSPF<br /><br />-narrow metric: 6-bit int n 10-int path metric -> 24-bit int n 32-bit path for IOS>12.0(default,delay,expense,error) ,but only df is accepted in Cisco IOS, df metric = 10<br /><br />-Routing<br />Level0 Routing: betw ES n IS on same subnet<br />Level1 Routing: betw IS within same area<br />Level2 Routing: betw diff areas within same domain<br />Level3 Routing: betw seperate domains<br /><br />-Integrated IS-IS : RFC 1195<br />can extend the backbone: 49.0000 -> 49.0002<br /><br />-NSAP-netw layer addr, various NSAP formats are used in various systems, total length: 8 - 20 octets, system ID:6 bytes(can be the MAC addr or the Netw layer addr(only for Integrated ISIS as long as it's unique), NSAP:private addr begins with 49-AFI, can idf by DLCI or encap type<br /><br />-Area info is used to route betw area while system ID is used to route within an area.<br />routing process: look at the area id,if the same,look at the system ID, or -> nesrest L1/L2(contain an L1 n L2 topo)<br /><br />-IS-IS PDUs are encaped into a data-link frame,no CLNP or IP header in a PDU.<br />Hello ( ESH,ISH,IIH ) / ES connects to a L1 IS router<br /><br />-LSP header: PDU type, length, LSP ID, sequence number(starts at 1,increse to newer), remaining lifttime (TLV)<br /><br />-IS-IS only uses broadcast: LAN,full mesh,hello timer-3.3s for DIS else 10s,adja->n(n-1)/2,use DIS,IIH type-> Level1,Level2<br />or<br />P-2-P:all other topo,ppp,HDLC partial-meshWAN, 10s, n-1, Not select DIS, P2P IIH<br />Large PDUs are divided into fragments n flood inpendently,assign with an LSP number from 0<br /><br />-CSNP: periodically sent by DIS on LAN , p2p link when comes up,or use PSNP for ack on p2p links, request missing pieces of LSDB<br /><br />-sh clns nei -> both ES n IS nei<br />NET prefix: assign to support two-level hierarchy<br /><br />-(if)#isis circuit-type [level-1 | level-1-2 | level-2-only]:use level1 hello packets only to form adja<br /><br />-(if)#isis metric [metric] [level-1 | level-2] :range:1-63 with df of 10<br />summary addr:summary-addr [prefix][mask][type] df: level-2<br /><br />-is-is:use df metric only: 10 ,so when in choosing route,probably depends on the ints/hops number,coz the less hops,the less metric.<br /><br />-The command (if)#ip route-cache policy .<br />This command is set on an incoming interface and enables the fast switching of policy-based routing. Before version 11.2 of the Cisco IOS software, policy-based routing was process switched.Fast switching of policy-based routing is disabled by default. Therefore, it is necessary to manually configure it.<br /><br /><br />-When NAT uses an access list to decide to create a translation entry, it will create a "simple" translation entry. This "simple" entry will only contain local and global IP address entries for just the inside or outside depending on whether the ip nat inside or ip nat outside command is configured. Also, it will not include any TCP or UDP port information.<br /><br />-When NAT uses an access list, and overload has also been specified, NAT will create a "fully extended" translation entry. The operation is similar to the route-map case except that route-map has some additional features.<br /><br />-OSPF df metric:20 for all except BGP,which is 1<br /><br />-bad df-metric command! ( set redistri on the border routers-ASBR )<br /><br />- “ ”>12.0 (router)#passive-interface default -> passive all interfaces / no passive-int s1 -> passive all interfaces except s1<br /><br />-router ospf 1<br />netw 10.0.0.8 0.0.0.3 area 0<br />redistri rip subnets<br />distribute-list 2 out rip -> only netw matches the ACL2 of RIP will be redistri into ospf 1<br /><br />-redistri rip route-map Madunix<br />match ip addr 23 29 -> logical OR<br /><br />-Snapshot routing:<br />Snapshot routing enables a single router interface to call other routers during periods when the line protocol for the interface is up (these are called "active periods"). The router dials in to all configured locations during such active periods to get routes from all the remote locations.<br />Snapshot routing is useful in two command situations:<br />Configuring static routes for dial-on-demand routing (DDR) interfaces<br />Reducing the overhead of periodic updates sent by routing protocols to remote branch offices over a dedicated serial line<br /><br />-change redistri AD: (router)#distance [weight][[addr][mask][acl][name]] -> used for all except eigrp n bgp<br />for eigrp:(router)#distance eigrp [internal-distance->90][external-distance->170]<br />PBR(policy-based routing) allows for source-based routing rather than normal dest-based one.<br /><br />-Each of the routes has a different prefix length (subnet mask), they're considered different destinations, and they will ALL be installed in the routing table.<br />O 10.1.2.0/26<br />R 10.1.2.0/24<br /><br />-BGP:peers(nei) not only a phy link,but TCP connection established.<br />only one instance of BGP can be configured on the router at a single time,A BGP router with synchronization enabled will not advertise iBGP-learned routes to other eBGP peers if it is not able to validate those routes in its IGP.<br />if you have all your routers in the AS running BGP and you are not running any IGP, the router has no way of knowing that, and your router will be waiting forever for an IGP update about a certain route before sending it to external peers.<br /><br />-BGP is an AS-by-AS routing proto,not a router-by-router routing proto,in BGP,next hop doesnt mean the next router,it means the IP addr to reach the next AS,so iBGP wont change the NEXT-HOP addr,unless [same subnet]<br /><br />-peer-group: useful when many nei have the same outbound policies, members can have a diff inbound policy<br /><br /><br />-debug ip bgp events<br />Idle:router is searching routing table to see if a route exists to reach the nei -> check for an IGP prob, is the nei announcing the route?<br />Connect:Router found the route n has completed three-way TCP handshake<br />Active:the router has sent out an open packet n is waiting for a response<br />Established:[sh ip bgp summary] -> the state is blank or has a number ( number: how many routes have been learnt)<br /><br />-sh ip bgp:sh all bgp routes: origin code: i (IGP), status code: i (internal)<br /><br />-The use of secondary addresses can contribute to congestion on the network. <br /><br />-optional transitive:if not recognized,are marked as partial n propagated to others<br /><br />-MED is sent to eBGP nei only, choose the lowest one,DF:0, is considered the metric of BGP (router)#default-metric [number]<br />Weight not sent to any BGP nei, Local-pref sent only within AS thru iBGP<br /><br />-BGP is not designed to perform load balancing, paths are chosen bcoz of policy,not chosen based upon BW, BGP is designed for manipulating routing paths.<br /><br />-use rtm to set local-pref: set local-pref 200<br /><br />-bgp bestpath as-path/metric ,bgp always-compare-med<br /><br />-multihoming is for redundancy n increased routing efficiency/BW, not load balancing,one of the link will always be better than the other one. 50/50 is impossible!<br />.static route ( default route ) can specific a route<br />.common IGP: send all/any routes along with the df route, may still not select the best<br />.BGP: use policy-based to filter, send partial routing table<br /><br />-core layer: usually use OSPF, (3-com router)<br /><br />-Traditional Unix system only supports RIP<br /><br />-Mainipulation update: passive-int / distri-list / admin-distance -> (router)#distance 95 (source ip-add mask acl-number),then use clear ip route * ,then the routes will be updated.<br /><br />-SIA: if not recv a reply in 3m,queries can be propagated into diff AS -> su addr,so the remote routers only reply when queried,dont forward queries.(ip su addr eigrp AS)<br /><br />-OSPF:sh ip ospf border-routers:show BOTH ABR n ASBR<br /><br />-Intergrated IS-IS:RFC1195<br />An ES may be adja to a level-1 router only if both share a common area addr<br />Backbone area(level 2) is a set of L1/L2 n L2 routers n has to be contiguous<br />routing betw areas is based on the area addr, n considers only the area cost<br /><br />-which route in L1: #which-route 49.0001.0000.0000.0002.00 -> ( R2 NSAP )<br />supports tag: router isis [tag] / clns(ip) router isis [tag]<br /><br />-if match criterial met n route map spcified deny,normal(dest-based) routing.<br />if all sequences in the list checked n no matches,normal(dest-based) routing.<br /><br />-BGP has its own table,in addition to the IP routing table, info can be xchanged betw them.<br /><br />-ip helper-addr [ip] / no ip forward-proto udp [port]<br /><br />-#ipv6 unicast-routing / ipv6 addr 3ffe:b00:c18:1::3/127<br /><br />-When the NSEL field of the NSAP is set to 00, this NSAP identifies the device<br />itself,its network level address. This NSAP is then known as a NET<br /><br /><br /><br />-#ip nat translation timeout [value]<br />(config)#ip nat inside source list [acl-number] int e0 overload<br /><br />-router isis<br />redistribute ospf 1 metric 25 route-map Toad metric-type internal level-2<br />net 49.0001.1234.5678.9056.00<br /><br />-redistribute igrp 1 metric 10 subnets tag 1<br /><br />-Because the network is non-broadcast, neighbors are not discovered automatically and must be manually configured.<br /><br />-since an NBMA network is non-broadcast, there is no guarantee that all attached routers will receive the Hellos of all other routers. Therefore, all routers may not automatically learn about all its neighbors, and DR election would not function correctly.<br />by manually form nei,then now had been connected to a broadcast multi-access network. OSPF packets will now be unicast to the configured neighbor addresses.<br />OR use ip ospf netw broadcast at every interface.<br /><br />-In multivendor environments, point-to-multipoint may be the only alternative to broadcast networks.<br /><br />-Point-to-point sub-interfaces allow each PVC to be configured as an individual subnet and<br />eliminate the problem of DR/BDR election on NBMA networks.<br /><br />-full mesh ( or RR or Conred ), no need of syn<br /><br />-null0 summary -> no auto-su, so that netw can be exactly advertised.<br /> <br />-ODR(star topo,stub router):Cisco-proprietary,use CDP, use Hop-count as metric -> o.AD:160<br /><br />-RIP: by df,recv v1/v2 update packets,but only send v1 packets<br /><br />-RIPv2 supports authentication<br /><br />-single-homed multi-ISP -> enable syn<br /><br />-multi-homed multi-ISP -> disable syn for using IGP<br /><br />-checksum used in TCP and UDP segments is 16 bits<br /><br />-LSDB:lifetime:60m<br /> <br />-Router(config-router)#summary-address {prefix} {mask} [level-1 | level-2 | level-1-2]<br /><br />-BGP metric is set to IGP metric value<br />to OSPF: red eigrp 100 subnets metri-type 1 / to ISIS: external level 2(df:internal level 2)<br />redi isis level-1-2 metric [value]<br /><br />-anycast cant source IPv6,only for dest. -> 2000::/3 -> global unicast 1/8 -> not use TTL<br />v4 mapped v6: 80(0)+16(1)+32 / v4 compatible v6: 96(0)+32<br /><br />-sh ip nat translations verbose -> time related<br />1st packet slow,others normal<br /><br />-NSAP -> netw addr / CLNS -> netw routed proto<br /><br />-OSPF df int metric:10(0-63),up to 1023 / redis seed metric:20<br /><br />-TSA:wont allow any LSAs to be propagated into it.<br /><br />-IS-IS metric: BW<br /><br />-NAT:1631 & 3022 / 3021 -> /31<br /><br />-NAT doesnt support: Routing proto, DNS zone, BootP/DHCP, SNMP, talk, Ntalk, netshow<br /><br />-BGP: Since periodic updates are not required, triggered updates are used.<br /><br />-stub area, su , netw will still be advertised,but the su not<br /><br />-multi-access netw: source wont change / star: next-hop-self<br /><br />-permit: 1-65535<br /><br />-LocPre: 0-429XXXXXXX -> bgp default local-pref [value]<br /><br />-prefix-list 1-429XXXXXXXXXX<br /><br />-(if)#int s0/0.1 -> .1 can be set betw 1 via 4294967293<br /><br />-IS-IS priority: 0-127 (df :64) -> sh clns int to view priority n metric<br /><br />-OSPF: adja control the distri of routing proto updates<br /><br />-OSPF: df route/redis: always para -> not send update,router bcom ASBR at once<br />can set a metric value/type rather than IS-IS<br /><br />-IS-IS: SPF/15m<br />sh clns nei:display IS-IS nei<br />debug isis adja-packets:hard to figure out not the adja reason of subint on phy int<br />debug isis spf-event:routes<br />debug isis spf-state:the amount of time<br /><br />-IS-IS: su-addr [ip][mask] level-2 -> su level-1 to level 2 area & being redi routes into IS<br /><br />-BGP header: if open,then all 1s<br />distribute-list relys on acl -> acl 1 permit xxxxxx / nei [ip] distribute-list 1 out<br />in IGP: (router)#distribute-list 1 out e0(rip)<br /><br />-BGPv4:RFC 1771<br />Weight -> LocPre -> originated -> AS_Path -> lowest origin type( IGP<EGP<Incomplete ) -> MED -> external>internal -> lowest metric IGP nei -> lowest IP addr<br /><br />-The route betw 2 BGP can be leant with IGP ,but no df route allowed<br />debug ip bgp dampaning: locate loops<br /><br />-iBGP:<br />router bgp [mini-as]<br />bgp confed id [large-as]<br />bgp confed peers [nei-mini-as]<br />nei [ip] remote-as [mini-as]<br />eBGP:<br />router bgp [as]<br />nei [ip] remote-as [mini-as]<br />nei [ip] ebgp-multihop<br /><br />ip commu-list 1 permit 200 300<br />..........<br />match commu-list 1<br /><br />-DV:routing by rumor (Bellman-ford) / LS: calculate in the routing domain<br />Advertised Distance is the cost between the next-hop router and the destination.<br />FD (Feasible Distance) is the cost to reach the destination from the local router,not source<br /><br />-In a broadcast multi-access topology such as Ethernet, Hello packets are sent periodically out each OSPF enabled interface using IP multicast address 224.0.0.5<br /><br /><br />-IPv6 header: version, priority, flow label, payload length, next header, hop limit, source addr, dest addr<br /><br />-You cannot redistribute IP RIP into IPX RIP, as IP and IPX are two different protocol stacks<br /><br />-When configuring route filtering, remember OSPF outgoing updates cannot be filtered out of an interface. The reason being that OSPF uses LSAs and all routers in an area must have the exact same topology table.<br /><br />-ip prefix-list Madunix seq 1 permit 0.0.0.0/0 le 32<br /><br />-Remember that policy-based routing is specified on the interface that receives the packets, not on the interface from which the packets are sent.<br /><br />-redistribute BGP with IGPs:<br />Using the network command<br />Redistributing static routes using the null 0<br />Redistributing dynamic IGP routes - Cisco recommends not redistributing from the IGP, as it may cause instability<br /><br />-LSA1: sent by a router to all other routers / LSA2: sent by DR<br /><br />-one int,means one area,one DR/BDR, but for ABR,can display multiple DR/BDR by sh ip ospf nei<br />ExStart: establish Master/slaver relationship n send DBD which also in Exchange state<br />Loading: use LSR/LSU slaver sends LSR while master sends LSU<br /><br />-explicit ack: LSack / implicit ack: duplicate LSA<br /><br />-sh ip eigrp topo : only FS / use sh ip eigrp topo all-links to view FS n successors<br /><br />-SRRT: betw nei<br /><br />-Debug ip eigrp packets X ,only debug eigrp packets<br /><br />-O IA -> stub / O*IA -> TSA / O E2 -> ABR<br /><br />-OSPF convergence time: the time of detection,plus the LSA forwarding time,plus 5s => 6s<br />if consider timed out : => 36s<br />for RIP: 240s<br />for IGRP: 490s<br />for EIGRP: 2s<br /><br />-EIGRP/OSPF sends hello packets to establish peering relationships with Directly connected routers.<br />as for BGP,as long as establishing TCP session, the router will bcom nei/peer<br /><br />-link state database = topo table -> to build a routing table by determining a SPF tree<br /><br />-Telnet will actively test the entire IP stack<br /><br />-ICMP(ping) need an addr,which coz it to be a net layer proto<br /><br />-EIGRP is a quiet routing proto, for it doesnot send periodic message,invalid time:0s,while IGRP: 270s<br /><br />-a value of 6 in the protocol identification field is a TCP<br />the size of the checksum used in TCP and UDP segments is 16 bits<br /><br />-view routed protocols: sh protocol<br /><br />-A router is commonly used to allow connectivity between multiple subnets<br /><br />-DOD model:Application/Process, Host to Host, Internet and Network Access layers.<br />window 1000 -> 2000, then send 2000 BEFORE recv an ACK<br /><br />-sh ip ospf int: Process ID, RID, netw type, cost, nei/adja number, adja<br />-Broadcast: ospf nei statements are obsolete<br /><br />-BGP Route reflectors will NOT propagate a route learned from an iBGP peer to eBGP peers<br /><br />-BGP send periodic keepalives to verity connectivity ( hello intervel:60s )<br /><br />-EIGRP only trigged update, not periodic send info<br /><br />-^200_[0-9]*$:Matches AS path that is originated in AS 200 and AS¡¯s that are directly connected to AS 200 can pass the filter<br /><br />-EIGRP: sending a multicast hello instead of a broadcast allows any device not running EIGRP to filter the packet on the NIC<br /><br />-ip prefix-list: seq :start at 10,increase by 5 bf<br /><br />-Full mesh 10<br /><br />-“Show route map” : view route map , while no such command: show ip route map<br /><br />-prevent loops: change metric, AD, passive-int, default route ( not static ), distribute-list<br /><br />-Multipathes<br />.One way route redistribution when there are multi-paths<br />.static routes (not static redistribute) when there are multi-paths<br />To answer this type problem ,never reply 2-way distribute under any circuments.<br /><br />-AS A learn all routes in AS B, but AS B should not learn any routes in AS A. -> Configure a default route (not static route) points to the networks behind AS A<br /><br />-filters, default metric, maximum paths, and number of areas It also shows when the next update (not adjacency) will use: Show ip protocol.<br /><br />-Show ip ospf : Displays the link state update Interval and the Link State Age Interval and when an update is due . So it could be used to verify when out-of-date routes will be removed from the topological database.<br /><br />-To distribute routing information throughout a network, EIGRP uses non.periodic incremental routing updates. That is, EIGRP only sends routing updates about paths that have changed when those paths change.<br /><br />-(router)#default-info originate<br />The peer group name is only local to the router on which it is configured.<br /><br />-A Feasible Distance (FD) is the best metric along a path to a destination network, including the metric to the neighbor advertising that path. Reported distance is the total metric along a path to a destination network as advertised by an upstream neighbor. <br /><br />-A Feasible Successor (FS)is a path whose reported distance is less than the feasible distance<br /><br />-Route summarization, or route aggregation, is a method of representing a series of network numbers. <br /><br />-Discontiguous subnets are major network addresses separated by another major network address. <br /><br />-CIDR is a mechanism developed to alleviate exhaustion of addresses and reduce routing table sizes. With CIDR, blocks of Class C addresses are assigned to ISPs, which in turn assign subsets of address space to organizations. These blocks are then summarized in routing tables. <br /><br />-Fixed Length Subnet Masking, or FLSM, uses a constant mask everywhere in the network.<br /><br />-Variable Length Subnet Masking, or VLSM, uses an inconsistent mask tailoring to different sizes of networks.<br /><br />-IPv6 addresses consist of 128 bits, allowing for a much greater address space. IPv6 addresses can be shortened in two manners. <br />Leading 0s can be dropped in 64 bit block (4 hexadecimal digits) A “::” can be used to represent consecutive 0s spanning multiple fields, but can only be used once! This can be used in the beginning, end or middle of the address. An example of IPv6 shortening is the following <br />0001:0002:0000:0000:0000:0000:000A:2310 can be abbreviated as follows1:2::A:2310<br /> <br />-RIPng, OSPF, BGP4+, and Integrated IS-IS are capable of serving as IPv6 routing protocols. <br /><br />-When connecting IPv6 and IPv4 networks, there are a few things to consider. Dual stack hosts allow for connectivity to both types of networks. If traffic of one version is needed to cross another version, say IPv4 information over IPv6, information can either be tunneled across the foreign network, or a translation can be done. <br /><br /><br />-Network Address Translation allows a router to translate source and destination IP addresses. Another function of NAT is to observe the port numbers used in communication in a production network. In the event port numbers need to be monitored, a route-map can be used to identify the source addresses. When a route-map is used in this manner, the router performing NAT will store complete information for translation, including port numbers.<br />Example NAT configuration (with Overloading and Static translation)<br />1. Define an Access-list that encompasses the IP address of internal hosts<br />- Router(config)# access-list 1 permit 192.168.1.0 0.0.0.255<br />2. Create a pool of outside addresses<br />- Syntax: ip nat pool <name> <start_ip> <end_ip> netmask <mask><br />- Example: ip nat pool DSL_line 130.13.150.45 130.13.150.45 netmask 255.255.255.0<br />3. Configuring the router for NAT<br />- ip nat inside source list 1 pool DSL_LINE overload<br />4. Configure your inside and outside interface<br />- Router(config-if)# ip nat inside / Router (config-if)# ip nat outside<br />5. Configure any static tranlastions<br />- Router(config)# ip nat inside source static tcp 192.168.1.100 80 130.13.150.45 80<br /><br />-Routing protocols fall into four different categories. Classful vs. Classless and Distance Vector vs. Link State. The main difference between Classful and Classless routing protocols are their support of VLSM. Classful routing protocols do not support VLSM. This is due to the fact they do not include the subnet mask with route updates. On the other hand, Classless routing protocols do support VLSM, because they contain subnet mask information within the route updates. <br /><br />-(Classful)RIP (Routing Information Protocol).Uses hop count as its metric. HOP stands for Hand-off protocol. IP load balancing is enabled by default. Sends its entire routing table every 30 seconds by default out all RIP enabled interfaces. It is a Distance Vector routing protocol. <br />It is a classful routing protocol (route masks are not carried within the updates, consistency of masks is assumed). RIP uses UDP port number 520, which makes it an Application layer protocol. <br />Hop count limit of 15, and 16 is infinity. <br /><br />-IGRP (Interior Gateway Routing Protocol).<br />Uses a composite metric made up of bandwidth, delay, reliability, load, and MTU (with Bandwidth and delay used as default). Uses the “fastest” path to the destination. IP load balancing is enabled by default. It is a classful routing protocol. Route masks are not carried within the updates, and consistency of masks is assumed. IGRP uses protocol number 9 at the Transport layer. <br />Default hop count limit of 100, but configurable to 255. <br /><br />-We explained how "less is more" in the classful/classless routing distinction. With classful routing protocols, summary routes are automatically created at Class A, B, and C network boundaries. So, all router interfaces in the network must have the same subnet mask. If they do not, routing failures may occur. As a result, classful routing protocols may not fully utilize available allocation of host addresses. <br /><br />-Since no subnet mask is sent in routing updates with classful routing protocols, the router does one of the following to determine the network portion of the destination address: <br />If the routing update information regards the same network number as configured on the receiving interface, the router applies the subnet mask that is configured on the receiving interface.<br />If the routing update information pertains to a network address that is not the same as the one configured on the receiving interface, the router will apply the default (by class) subnet mask.<br />Unlike classful routing protocols, classless routing protocols include the routing mask with the route advertisement. With classless routing protocols, summary routes can be manually controlled within the network. <br /><br />-Classless routing protocols include OSPF, EIGRP, RIP v2, IS-IS, and BGP.<br /><br />-In a classless routing environment, router interfaces within the same network can have different subnet masks (VLSM can be used). This approach maximizes allocation of available host addresses. <br />Distance vector routing protocols are referred to as "routing by rumor". They simply relay learned routes out interfaces on a periodic basis to directly connected neighbors. There are two distance vector routing algorithms which distance vector protocols use. The more common of the two is the Bellman-Ford, or B-F, algorithm. <br />-EIGRP uses DUAL -- the Diffusing Update Algorithm. <br /><br />Link state routing is the alternative to distance vector. In a link-state environment, link-state announcements are propagated to all devices in the routing domain. Also, hierarchical design can limit the requirement to notify all devices. You will learn more about link-state routing in the OSPF and IS-IS chapters.<br /><br />-Convergence time is the time it takes for all routers to agree on the network topology after a change such as:New routes being added /Existing routes changing state <br /><br />-EIGRP is an advanced distance vector protocol (Cisco also calls EIGRP a balanced hybrid protocol). EIGRP is guaranteed to be 100% loop free while maintaining a very rapid convergence time. EIGRP offers superior performance over IGRP because of the rapid convergence and the guarantee of a loop-free topology at all times. These improvements are the key to the name “Enhanced” IGRP. <br /><br />-Features and advantages of EIGRP include the following: <br />Incremental updates /Supports VLSM and discontiguous networks /Classless routing /Compatible with existing IGRP networks/Protocol independent (supports IP, IPX, and AppleTalk) /Uses multicast instead of broadcast/Utilizes link bandwidth and delay /Unequal cost path load balancing /More flexible than OSPF. <br /><br />-EIGRP is not an application such as RIP, but is instead a protocol running at the transport layer as protocol number 88 in the IP header. EIGRP uses the services of IP to deliver routing information.<br /><br />-EIGRP supports many different topologies such as Multi-access (Ethernet), Point-to-point (HDLC), and NBMA (Frame relay and ATM) We also learned that EIGRP automatically summarizes at the classful boundary, and this can be turned off with the command no auto-summary.<br /><br />-The EIGRP terminology is as follows: <br />Neighbor table: The is the table of adjacent routers <br />Topology table: This is where all learned routes are maintained <br />Routing table: This is where the best (successor) routes are stored <br />Successor: The primary route to a network <br />Feasible Successor: The backup route to a network <br />Here are the five generic packet types used in EIGRP: <br />Hello: Multicasts used for neighbor discovery <br />Update: Multicasts used for updating neighbors of new routes <br />Queries: A router sends queries when it does not have a Feasible Successor <br />Replies: A packet sent in reply to a query <br />ACK: The ACK is used to acknowledge the above packets <br /><br />-We learned that hellos are sent every 5 seconds on broadcast media, point-to-point links, and multi-point circuits with bandwidth greater than T1. They are sent every 60 seconds on multi-point circuits with bandwidth less than T1<br /><br />-The hold time is, by default, three times the hello interval.<br /><br />-EIGRP uses the same composite metric as IGRP does to pick the best path, except that it is scaled by 256. The default criteria used are: <br />Bandwidth: The smallest bandwidth between the source and destination <br />Delay: Cumulative interface delay along the path <br />Additional criteria that can be used is as follows: <br />Reliability: Worst reliability between source and destination based on keepalives <br />Load: Worst load on a link between source and destination based on bps <br />MTU (Maximum Transfer Unit): Smallest MTU in path <br /><br />-EIGRP uses the following formula to calculate the composite metric: <br />CM = 256 x ([k1 x BWmim+ (k2 x Bwmim)/(256 – LOAD) + k3 x DELAYsum] x X) <br />BWmim = 107/bandwidth_of_slowest_link ;DELAYsum = SUM(delays_along_the_path) <br />X = k5/(reliability + k4) if and only if k1<>1, if k1 = 1 then X = 1 <br />–With the k values set at the default values – you have: CM = 256 x (BWmim + DELAYsum) <br />-AD (Advertised Distance) is the cost between the next-hop router and the destination. <br /><br />-FD (Feasible Distance) is the cost to reach the destination from the local router. <br /><br />-The successor (lowest cost route) is the best route to a destination.<br /><br />-The FS (Feasible Successor) is a valid backup route in the event the successor route to the destination fails.<br /><br />-EIGRP utilizes the split horizon feature and that you can use EIGRP to turn off split horizon for IPX on NMBA. IPX by itself does not allow you to disable split horizon.<br /><br />-EIGRP Configuration :<br />The commands to configure EIGRP are similar to those used for IGRP. We showed you the commands needed to configure a router for EIGRP: <br />Router(config)# router eigrp <as_number> <br />Router(config-router)# network <network-number> (the interfaces that will participate in EIGRP) <br />If you are using serial links, remember they default to a bandwidth of 1.544Mbps (T1 speed). You should manually change the bandwidth value of lower value links (56K, 128K, 384K, etc) to properly reflect the clock rate of the interface to the EIGRP routing process:<br />Router(config-if)# bandwidth <kilobits per second><br />EIGRP will automatically summarize at the classful network boundary. To turn this feature off, issue the following command: <br />Router(config-router)# no auto-summary <br />-To manually create a summary on an interface issue the following:<br />Router(config-if)# ip summary-address eigrp <as-number> <ip-address> <mask> <br />Remember EIGRP will perform equal-cost load balancing on 4 equal-cost links by default, but you can configure it to perform load balancing on a maximum of 6. <br />To perform unequal-cost load balancing, you must use the variance command: <br />Router(config-router)# variance <multiplier><br /><br />-Verifying EIGRP<br />Here's a review of EIGRP and the commands used to verify and test your EIGRP configuration. Those commands are listed below. <br />Show commands: <br />show ip eigrp neighbors: Displays EIGRP neighbor table <br />show ip eigrp topology: Displays the topology table <br />show ip route eigrp: Displays the EIGRP routes in the routing table <br />show ip protocols: Displays current routing protocols running <br />show ip eigrp traffic: Displays information about EIGRP packets <br />show ip eigrp events: Displays information about EIGRP events <br />Debug commands: <br />debug eigrp packet: Shows EIGRP packets as they are sent and received <br />debug eigrp neighbor: Shows the EIGRP neighbor process <br />debug eigrp route: Shows EIGRP changes made to the routing table <br />debug eigrp summary: Shows a summary of EIGRP activity <br />debug eigrp events: Shows EIGRP events as they happen <br /><br />-Configuring OSPF in a Single Area:We learned that OSPF was written to address the needs of large, scalable internetworks that RIP could not. The issues it addresses are: <br />Speed of convergence: In large networks, RIP convergence can take several minutes. With OSPF, convergence is much faster as routing changes are flooded immediately and computed in parallel. <br />Support for VLSM: RIP v1 does not support VLSM. OSPF does support VLSM. <br />Network reachability: RIP networks cannot span more than 15 routers, while OSPF has virtually no reachability limitations. <br />Use of bandwidth: RIP broadcasts its routing table out each interface every 30 seconds. OSPF multicasts link-state updates and only sends the updates when there is a change in the network. OSPF does perform a full update every 30 minutes to ensure that all routers are synchronized. <br />Method for path selection: RIP has no concept of network delays or link costs. It routes packets purely on hop count. OSPF uses a cost value (speed of connection) for its path selection. <br />OSPF relies on IP packets for delivery of routing information, and uses protocol 89 in the transport layer. <br /><br />-Broadcast Multi-access: Networks supporting multiple attached routers, together with the capability of addressing a single physical message to all of the attached routers (broadcast). Ethernet would be an example.<br /><br />-Point-to-point: A network that joins a single pair of routers. A T1 dedicated serial line would be an example. <br /><br />-NBMA (Non-broadcast Multi-access): Networks supporting multiple routers, but having no broadcast capability. Frame-relay and X.25 are examples of NBMA networks. <br />In a broadcast multi-access topology such as Ethernet, Hello packets are sent periodically out each OSPF enabled interface using IP multicast address 224.0.0.5. The information contained in the hello packet is: <br />Router ID: A 32-bit number (usually an IP address) that uniquely identifies a router in an AS (autonomous system). <br />Hello and Dead intervals: The default Hello interval is 10 seconds. The Dead interval is 4 times the hello interval or 40 seconds by default. <br />Neighbors: The neighbors with which bi-directional communication has been established. <br />Area-ID: To communicate, two routers must share a common segment and have their interfaces belong to the same area on that segment. <br />Router priority: An 8-bit number that indicates the priority of this router when selecting a Designated Router (DR) and Backup Designated Router (BDR). <br />DR and BDR IP addresses: The IP address of the current DR and BDR are listed. <br />Authentication password: If authentication is enabled, the password is listed here. <br />Stub area flag: A stub area is a special area that has only one exit to the backbone. <br /><br />-DR/BDR Election<br />To elect a DR and BDR on a broadcast multi-access network, the routers view each other’s priority value during the hello packet exchange process, and then use the following conditions to determine which is elected: <br />The router with the highest priority value is the DR. <br />The router with the second highest priority value is the BDR. <br /><br />-The default priority is 1 on an OSPF interface, in case of a tie, the router ID is used. The router with the highest router ID then becomes the DR, and the router with the second highest router ID becomes the BDR. The router ID is the highest IP address on the router, unless a loopback is configured, in which case the highest loopback IP address will be the router ID. <br />-Loopback interfaces are logical interfaces that never go down. In other words they will always be in an UP, UP state. Because they can never go down, they are excellent references to use for router processes. Cisco is well aware of this and uses them in many ways. For instance, remember how OSPF chooses its Router ID. The highest active IP address is used, unless a Loopback interfaces is configured. If so, the highest Loopback IP address is chosen as the Router ID. BGP uses Loopbacks in the very same way. Also, Loopbacks are great for simulating networks connected to a router. <br />New to IOS 12.0, you can now issue the router-id command from OSPF router configuration mode to set the router-id instead of using a loopback interface or the router's highest IP address.<br />A router with the priority set to 0 is ineligible to become DR or BDR. If a router with a higher priority value gets added to the network, the DR and BDR do NOT change. The only time a DR or BDR change is if one goes down. If the DR goes down, the BDR takes its place. If the BDR goes down, a new BDR is elected. Basically the first two routers powered up on a segment will become the DR and BDR. <br /><br />-An adjacency is the relationship that exists between a router and its DR and BDR. Adjacent routers will have synchronized link-state databases. Once a DR and BDR are elected, any router added to the network will establish adjacencies only with the DR and BDR. <br />OSPF is a link-state technology, as opposed to a distance vector technology such as RIP and IGRP. The most recent version of OSPF is version 2 described in RFC 2328. <br /><br />-OSPF neighbor process: When a router is first powered on, it goes through several states, each with its own function. The router (let's call it RouterA) begins in the DOWN state- It begins to send hello packets out its OSPF enabled interfaces. When routers receive this hello packet, they add it to their list of neighbors. This is the INIT state.The neighbors that received the hello packet will reply with their own hello packet. The neighbor field will include RouterA as a neighbor. When RouterA receives these packets, it adds all the routers that had its router ID in their hello packet to its own neighbor database. This is referred as the TWO-WAY state. The routers determine who the DR and BDR will be. After the DR and BDR election, the routers are considered to be in the EXSTART state (ready to start exchanging link-state information). In the EXSTART state, the DR and BDR establish adjacencies with each router in the network. When the routers have exchanged one or more DBD (Database Description) packets, they are in the EXCHANGE state.The routers exchange link-state information using LSR (Link State Requests) and LSU (Link State Update) packets. A router will issue a LSAck in response when a LSU is received. The process of sending LSRs is referred to as the LOADING state. All routers add the new link-state entries into their link-state databases.Once all LSRs have been satisfied for a given router, the adjacent routers are considered synchronized and in a FULL state. The routers must be in a full state before they can route traffic. At this point, the routers should all have identical link-state databases. <br />Routers in a point-to-point topology dynamically detect their neighbors by using the hello protocol. There is no election: adjacency is automatic as soon as the two routers can communicate. All OSPF packets are sent to multicast address 224.0.0.5. The default OSPF hello and dead intervals on non-NBMA topologies are 10 seconds and 40 seconds, respectively. <br />We learned that the OSPF operation is in an NBMA topology. With NBMA networks, a single interface interconnects multiple sites. NBMA topologies support multiple routers but without broadcast capabilities. Frame relay, ATM, and X.25 are examples of NBMA networks. The default OSPF hello and dead intervals on NBMA topologies are 30 seconds and 120 seconds, respectively. <br /><br />-Multiple OSPF Areas: OSPF’s ability to separate a large internetwork into multiple areas is referred to as hierarchical routing. Hierarchical routing enables you to separate a large internetwork (AS) into smaller internetworks that are called areas. Having multiple OSPF areas provides several advantages: Reduced frequency of SPF calculations /Smaller routing tables /Reduced link-state update (LSU) overhead.<br /> <br />-OSPF multiarea components are: Routers;LSA;Areas;Virt-Link <br /><br />-Types of routers (Internal, Backbone, ABR, ASBR) <br /><br />-Types of LSAs: Type 1: Router links /Type 2: Network links /Type 3 and 4: Summary links <br />Type 5: AS external links <br /><br />-Types of areas (Standard, Backbone, Stub, Totally stubby) <br /><br /><br />-Virtual links: We explained that all areas must connect directly to the backbone area. If a router fails, and an area becomes separated from the backbone, you can create a virtual link that creates a logical (virtual) link through another area to the backbone. Virtual links should only be used in repair situations; a design that incorporates virtual links as a design solution is a very poor design indeed. Virtual links must be established between two routers that share a common area, and one of these routers must be connected to the backbone. <br />The following command can be used to configure a virtual link. <br />area [area-id] virtual-link [router-id] <br /><br /><br />-Stub and totally stubby areas: Stub areas allow you to effectively shrink the router's databases within a stubby area by not allowing type 5 LSAs into their area. To reach unknown networks, stub areas use a default route (0.0.0.0). <br /><br />-Totally stubby areas shrink their databases further by not allowing type 3, 4, or 5 LSAs into their area. As with stub areas, when a router in a totally stubby area wants to reach an unknown network, it will also use the default route (0.0.0.0). <br /><br />-The restrictions for using a stub or totally stubby area are: <br />Typically a single exit point into the backbone <br />An ASBR cannot be internal to stub <br />Area is not the backbone Area 0 <br />Virtual links are not allowed <br /><br />-To configure a router to be part of a stubby area, use the area command with the stub keyword. If you wish to configure an area to be totally stubby, you can configure the ABR to the totally stubby area with the no-summary keyword. Examples of these commands are listed below. <br />area [area-id] stub <br />area [area-id] stub no-summary <br /><br />-OSPF route summarization: <br />OSPF is capable of summarizing at non-classful boundaries. Doing so allows you to minimize the number of entries in your routing tables. <br /><br /><br />-In OSPF, route summarization is off by default. When configuring route summarization for routes within OSPF on an ABR, use the following command. <br />area [area-id] range [address] [mask] <br /><br /><br />-Use the following command on an ASBR to summary routes redistributed into OSPF from another routing protocol. <br />summary-address [ip address] [mask] <br /><br /><br />-Verifying OSPF operation <br />There are two forms of the Intermediate System to Intermediate System (IS-IS) routing protocol: Pure IS-IS and Integrated IS-IS. Pure IS-IS is a dynamic link-state routing protocol used in the ISO CLNS environment for routing CLNP. Integrated IS-IS is an implementation of the IS-IS protocol for routing multiple network protocols. Integrated IS-IS provides an alternative to OSPF in the IP world.<br /><br />-The International Organization for Standardization (ISO) created the Open Systems Interconnection (OSI) model. The OSI model is what allows protocols such as TCP/IP to operate on and interconnect devices from different vendors. Most people know the OSI model as exactly that, the standards model that TCP/IP is based on. However, few people know that the OSI model itself includes protocols. These protocols are referred to as the OSI protocol suite. <br /><br />-The OSI protocol suite specifies two routing protocols at the network layer: End System-to-Intermediate System (ES-IS) and Intermediate System-to-Intermediate System (IS-IS). In addition, the OSI suite implements two types of network services: connectionless service (CLNP) and connection-oriented service (CONP). CLNP is the OSI equivalent of IP. CONP carries upper-level data and error indications over connection-oriented links, much like TCP. This module focuses on IS-IS and CLNP. <br /><br /><br /><br />-NSAP Addressing:OSI network-layer addressing is implemented with Network Service Access Point (NSAP) addresses. These are the same type of addresses that are used in ATM. The NSAP address can be thought of as an equivalent to the combination of an IP address and a upper-layer protocol in an IP header. IS-IS distinguishes the following three fields in the NSAP address:<br /><br />-Area Address - Variable-length field (first 1 to 13 octets)<br /><br />-System ID - ES or IS ID in an area. Cisco uses fixed length (6 octets).<br /><br />-NSEL - N-selector, 1 octet service identifier, 00 on Cisco routers<br /><br />-The area address uniquely identifies the routing area and the System ID identifies each node. All routers within an area must use the same area address. An ES may be connected to a Level-1 router only if they both share a common area address.<br /><br />-System ID can be the MAC address of the interface (CLNS) or the IP address of the interface (Integrated IS-IS). Each System ID should be unique throughout the domain.<br /><br />-NSAP addresses starting with 49 are considered private. This is basically the same concept as using RFC 1918 addresses for IP.<br /><br />-IS-IS Configuration: The key to working with any routing protocol is getting a handle on the configuration tasks and steps to enable successful communication of routes between routers. The configuration of IS-IS is no more complicated than OSPF or EIGRP. Consider the following configuration. <br />!<br />interface Ethernet0<br />ip address 172.16.1.1 255.255.255.0<br />ip router isis <br />!<br />!<br />router isis<br />net 16.0040.1720.1600.1000.00<br />!<br />The configurations made for Ethernet 0 assigns an IP address on the interface and enables IS-IS. To enable IS-IS on any interface use the “ip router isis” command. The next portion of the configuration builds the IS-IS specific configuration. The “router isis” command turns on the IS-IS process on the router. The next line, “net 16.0040.1720.1600.1000.00” needs a bit of explaining. This is the NSAP for the router and has three separate components. These are the Area, System ID and N-Selector. It helps to read this number from right to left (in terms of sections, not digit by digit). The first number on the right “00” is the N-Selector. A NET definition must be set to 00. The next 48 bits is the System ID and is often a MAC address. This portion, like the N-Selector is fixed in length. The remaining value of 16.0040 is the area-ID and is variable in length up to a maximum of 13 bytes<br /><br />-IS-IS Hierarchy:<br />A major difference in the paradigm of routing with IS-IS is the particular levels of routing. These levels, known as level-1, level-2, and level-3, have differing functions. We’ll break each of these routing functions down to see how they differ.<br /><br />-Level-0 routing occurs between a client to and from its default gateway. On a multi-access network, this is more likely to be considered a switching function. This is for ES-IS communication.<br /><br />-Level-1 routing functions within an area, specifically to other routers within the area.<br /><br />-Level-2 routing occurs between different areas. <br /><br />-Level-3 routing is interdomain routing, or routing between autonomous systems.<br /><br />-Levels 1 and 2 routing functions are those primarily dealt with in IS-IS. Routers which attach one area to another have at least level-2 functions. They might also be used for intra-area routing. If there are other routers within the area, the router will need to be configured for both level-1 and level-2 routing.<br /><br />-Both level 1 and 2 routing is enabled by default on IS-IS routers. If this needs to be changed, there are several commands used to control this behavior. <br />In global configuration mode to affect all interfaces.<br />is-type {level-1|level-1-2|level-2-only}<br />In interface configuration mode this can also be controlled for a single interface.<br />isis circuit-type {level-1|level-1-2|level-2-only}<br /><br />-An understanding of level-1 and level-2 routing can make the difference between a successful implementation of IS-IS and one which does not successfully route traffic within and between areas. <br /><br /><br />-Route Redistribution: In order for two different routing protocols or autonomous systems to share routing information, you must configure route redistribution. Most protocols have metrics that are not compatible with other routing protocols. For instance, RIP uses hop-count and OSPF uses cost (usually bandwidth) as its metric. These metrics do not directly correlate to one another, so we need a selection process:Which protocol do you believe the most? This is where the AD (administrative distance) comes into play. Decide which metric is the best. Redistribution supports all protocols, but you must remember the following: You can only redistribute protocols that support the same protocol stack. You cannot redistribute IP RIP into IPX RIP, as IP and IPX are two different protocol stacks. Redistribute occurs automatically between certain protocols, such as IGRP and EIGRP when they have the same AS number. The passive-interface command prevents all routing updates for a given routing protocol from being sent into a network, but does not prevent the specified interface from receiving updates. Remember, when using the passive-interface command in a network using a link-state routing protocol, the command prevents the router from establishing a neighbor adjacency with other routers connected to the same link as the one specified in the command. <br /><br />-Static routes pointing to an interface should only be used on point-to-point interfaces since, on other interfaces, the router will not know the specific address to which the information should be sent. <br /><br />-The ip default-network command is used as a method of distributing default route information to other routers. This command provides no functionality for the router on which it is configured. <br /><br />-It was also pointed out other protocols behave differently than RIP with the ip route 0.0.0.0 0.0.0.0 and ip default-network commands. For example, EIGRP will not redistribute default routes by default. However, if the network 0.0.0.0 command is added to the EIGRP configuration, it will redistribute a default route as the result of the ip route 0.0.0.0 0.0.0.0 command, but not as the result of the ip default-network command. <br /><br />-Another important note concerns the ip classless command. The ip classless command is required on all RIP/IGRP routers that must use a default route to get to other subnets. This command allows the software to forward packets that are destined for unrecognized subnets of directly connected networks to the best supernet route, which may be the default route. When this feature is disabled, the software discards the packets when the router receives packets for a subnet that numerically falls within its subnetwork addressing scheme, if there is no such subnet number in the routing table. The ip classless command is on by default in Cisco IOS Release 12.0. It was off by default in earlier releases. <br /><br />-When configuring route filtering, remember OSPF outgoing updates cannot be filtered out of an interface. The reason being that OSPF uses LSAs and all routers in an area must have the exact same topology table. <br /><br />-The Cisco IOS software can filter incoming and outgoing routing updates by using access lists. <br /><br />-The router follows the following guidelines: <br />The router is receiving or sending an update about one or more networks.The router looks at the interface involved with the action. The router determines if a filter is associated with the interface. If a filter is associated with the interface, check the access-list for a match for the update.If there is a match, the route entry is processed as configured. <br />If there is not a match, the implicit deny will cause the update to be dropped. <br />Policy-Based Routing <br /><br />-Route maps are complex access-lists. Some features of route maps include: <br />Lines in access lists are statements in route maps. <br />An access-list number is equivalent to a route-map name. <br />You use addresses and masks in access-lists. You use match statements in route maps. <br />Statements in route maps are numbered. <br />You can insert and delete statements in route maps. With access-lists, you had to remove the entire list and then re-enter the entire list. <br />You can edit match conditions is a statement. <br />With a route map statement, you can modify the matched route with set commands. <br />A route map may be made up of multiple route-map statements and, like an access-list, are processed top-down. A route-map statement may contain multiple match statements. All match statements in the route-map statement must be considered true in order for the route-map statement to be considered matched. Like an access-list, there is an “implicit deny any” at the end of a route map. <br /><br />-Policy-based routing is applied to incoming packets by using route maps. You use permit or deny statements in your route maps. If the statement is marked as deny, a packet meeting the match criteria is sent back through the normal forwarding channels (in other words, destination-based routing is performed). If it is desired not to revert to normal forwarding and to drop a packet that does not match the specified criteria, then a set statement to route the packets to interface null 0 should be specified as the last entry in the route map. <br /><br />-Remember that policy-based routing is specified on the interface that receives the packets, not on the interface from which the packets are sent. <br /><br />-Since Cisco IOS Release 11.2F, IP policy routing can now be fast switched, which is much faster than process switching which was used prior to 11.2F. To enable fast-switched policy routing use the following command: ip route-cache policy <br /><br />-Policy routing must be configured before you configure fast-switched policy routing. Fast switching of policy routing is disabled by default. <br /> <br />-Route Redistribution:In order for two different routing protocols or autonomous systems to share routing information, you must configure route redistribution. Most protocols have metrics that are not compatible with other routing protocols. For instance, RIP uses hop-count and OSPF uses cost (usually bandwidth) as its metric. These metrics do not directly correlate to one another, so we need a selection process:<br /><br />-You can only redistribute protocols that support the same protocol stack. You cannot redistribute IP RIP into IPX RIP, as IP and IPX are two different protocol stacks. Redistribute occurs automatically between certain protocols, such as IGRP and EIGRP when they have the same AS number. <br />The passive-interface command prevents all routing updates for a given routing protocol from being sent into a network, but does not prevent the specified interface from receiving updates.<br />-Remember, when using the passive-interface command in a network using a link-state routing protocol, the command prevents the router from establishing a neighbor adjacency with other routers connected to the same link as the one specified in the command. <br /><br />-Static routes pointing to an interface should only be used on point-to-point interfaces since, on other interfaces, the router will not know the specific address to which the information should be sent. <br /><br />-The ip default-network command is used as a method of distributing default route information to other routers. This command provides no functionality for the router on which it is configured. <br /><br />-It was also pointed out other protocols behave differently than RIP with the ip route 0.0.0.0 0.0.0.0 and ip default-network commands. For example, EIGRP will not redistribute default routes by default. However, if the network 0.0.0.0 command is added to the EIGRP configuration, it will redistribute a default route as the result of the ip route 0.0.0.0 0.0.0.0 command, but not as the result of the ip default-network command. <br /><br />-Another important note concerns the ip classless command. The ip classless command is required on all RIP/IGRP routers that must use a default route to get to other subnets. This command allows the software to forward packets that are destined for unrecognized subnets of directly connected networks to the best supernet route, which may be the default route. When this feature is disabled, the software discards the packets when the router receives packets for a subnet that numerically falls within its subnetwork addressing scheme, if there is no such subnet number in the routing table. The ip classless command is on by default in Cisco IOS Release 12.0. It was off by default in earlier releases. <br /><br />-When configuring route filtering, remember OSPF outgoing updates cannot be filtered out of an interface. The reason being that OSPF uses LSAs and all routers in an area must have the exact same topology table. <br /><br />-The Cisco IOS software can filter incoming and outgoing routing updates by using access lists. The router follows the following guidelines: <br />The router is receiving or sending an update about one or more networks.<br />The router looks at the interface involved with the action. <br />The router determines if a filter is associated with the interface. <br />If a filter is associated with the interface, check the access-list for a match for the update. <br />If there is a match, the route entry is processed as configured. <br />If there is not a match, the implicit deny will cause the update to be dropped. <br /><br />-Route maps are complex access-lists. Some features of route maps include: <br />Lines in access lists are statements in route maps. <br />An access-list number is equivalent to a route-map name. <br />You use addresses and masks in access-lists. You use match statements in route maps. <br />Statements in route maps are numbered. <br />You can insert and delete statements in route maps. With access-lists, you had to remove the entire list and then re-enter the entire list. You can edit match conditions is a statement. With a route map statement, you can modify the matched route with set commands.A route map may be made up of multiple route-map statements and, like an access-list, are processed top-down. A route-map statement may contain multiple match statements. All match statements in the route-map statement must be considered true in order for the route-map statement to be considered matched. Like an access-list, there is an “implicit deny any” at the end of a route map. <br /><br />-Policy-based routing is applied to incoming packets by using route maps. You use permit or deny statements in your route maps. If the statement is marked as deny, a packet meeting the match criteria is sent back through the normal forwarding channels (in other words, destination-based routing is performed). If it is desired not to revert to normal forwarding and to drop a packet that does not match the specified criteria, then a set statement to route the packets to interface null 0 should be specified as the last entry in the route map. <br /><br /><br /><br /><br />-Remember that policy-based routing is specified on the interface that receives the packets, not on the interface from which the packets are sent. Since Cisco IOS Release 11.2F, IP policy routing can now be fast switched, which is much faster than process switching which was used prior to 11.2F. To enable fast-switched policy routing use the following command: ip route-cache policy <br /><br />-Policy routing must be configured before you configure fast-switched policy routing. Fast switching of policy routing is disabled by default. <br /><br />-We began coverage of BGP, which is the EGP used on the Internet. An EGP, as you recall, ties separate autonomous systems together, while IGPs (Interior Gateway Protocol) run inside an AS. BGPv4 is used extensively in the Internet today to connect ISPs, and to connect enterprises to ISPs. <br /><br />-The instructors told us the current version of BGP is version 4. RFC 1771 defines this version of BGP. There is a link to this RFC in the links section.<br /><br />-Like EIGRP and OSPF, AS numbers are used to associate BGP with a particular AS. When configuring EIGRP and OSPF, you assign AS numbers. In BGP, ARIN is responsible for allocating autonomous system numbers in BGP. This AS designator is a 16-bit number, with a range of 1 to 65535. The range of AS numbers 64512 through 65530 are reserved for private use, much like the private IP addresses. <br /><br />-BGP is an Advanced Distance Vector protocol. Routers running BGP exchange network reachability information, called path vectors or attributes that include a list of the full path (of BGP AS numbers) that a route should take in order to reach a destination network. <br /><br />-You should use BGP when at least one of the following conditions exist: <br />An AS allows packets to transit through it to reach other AS’s (for example, a service provider) <br />An AS has multiple connections to other AS’s <br />The flow of traffic entering and leaving your AS must be manipulated <br /><br />-You should not use BGP when the following conditions exist: <br />A single connection to the Internet <br />Routing policy and route selection are not a concern for your AS <br />Lack of memory or processor power on BGP routers to handle constant updates <br />Limited understanding of route filtering and BGP path selection process <br />Low bandwidth between AS’s <br /><br />-You should use static routes if any of the preceding conditions are true. Remember that BGP, if not properly controlled and filtered, has the potential to allow an outside AS to affect your routing decisions.<br /><br />-BGP routing tables are normally in the range of huge. A typical BGP router in the Internet has over 90,000 advertised networks, over 7500 AS numbers, and has a routing table that uses more than 50MB. <br /><br />-We now know that BGP uses TCP as its transport protocol. Using TCP allows BGP to assume that the communication is reliable and removes any retransmission and recovery techniques from BGP itself. BGP uses TCP port 179. <br /><br />-Two routers speaking BGP form a TCP connection with one another and exchange messages to open and confirm the connection parameters. Once a connection is made between these neighbors (or peers routers), full routing tables are exchanged. From then on, BGP routers need only send changes (incremental updates). Since periodic updates are not required, triggered updates are used.<br /> <br />-BGP neighbors send keepalive messages, similar to the hello messages of EIGRP and OSPF. <br /><br />-BGP provides a loop free path, because a router running BGP will not accept a routing update that already includes its AS number in the path list, since this would mean that the update has already passed through its AS. <br /><br />-BGP comes in two flavors, Internal BGP (iBGP) and External BGP (eBGP). iBGP is when BGP is running between routers within the same AS, while eBGP runs between routers in different autonomous systems. -Routers running eBGP are usually directly connected. Routers running iBGP do not have to be directly connected. <br /><br />-An important distinction between iBGP and eBGP is that an iBGP AS would be considered a transit AS, meaning packets not originated in the AS are moving through it. <br /><br />-BGP allows administrators to define policies, or rules, for how data will flow through the AS. <br /><br />-BGP metrics are called path attributes. An attribute can fall into four separate categories: <br />Well-known mandatory: Must be present in all update messages <br />Well-known discretionary: Could be present in update messages <br />Well-known attributes must be recognized by all compliant BGP implementations and are propagated to peers <br />Optional transitive: If not recognized, are marked as partial, and propagated to other neighbors <br />Optional nontransitive: Discarded if not recognized <br />Optional attributes: Recognized by some implementations, expected not to be recognized by everyone, and recognized optional attributes are propagated to other neighbors based on their meaning <br /><br />-BGP attributes include: <br />AS-path (Well-known mandatory): The AS-path attribute is actually the list of AS numbers that a route has traversed in order to reach a destination. <br />Next-hop (Well-known mandatory): Indicates the next-hop IP address that is to be used to reach a destination. <br />Local preference (Well-known discretionary): Provides an indication to routers in the AS about which path is preferred to exit the AS. <br />Multi-exit-discriminator (MED): Optional nontransitive attribute- An indication about the preferred path into an AS. <br />Origin- Well-known mandatory- Defines the origin of the path information. <br />Community (Optional transitive attributes): Allow routers to tag routes with an indicator (the community) and allow other routers to make decisions based upon that tag. <br />Atomic aggregate (Well-known discretionary): Informs the neighbor AS that the originating router has aggregated the routers. <br />Aggregator: Optional transitive attributes <br />Weight (Cisco defined): Configured locally to a router and not propagated- Values from 0 to 65535. Default of 32768 for paths the router originates and 0 for other paths. Routes with a higher weight are preferred when multiple routes exist to the same destination. <br />The BGP synchronization rule states that a BGP router should not use, or advertise to an external neighbor, a route learned by iBGP, unless that route is local or is learned from an IGP. BGP synchronization is on by default. Basically, disabling BGP synchronization allows a router to advertise routes in BGP before learning them in IGP.<br /><br />-Route Selection BGP route selection is based on metrics in the following order: <br />Highest weight /Highest local preference /Originated by the local router / Shortest AS-path <br />Lowest origin code /Lowest MED <br /><br />-Use eBGP over iBGP <br /><br />-Use the path through the closest IGP neighbor <br /><br />-Configuring BGP:BGP configuration is similar to other routing protocols. Here is an example configuration connecting two neighbors in a different autonomous system. <br />RouterA(config)#router bgp 64500 <br />RouterA(config-router)#neighbor 10.1.1.1 remote-as 65000 <br />RouterA(config-router)#network 172.16.0.0 mask 255.255.0.0 <br />RouterB(config)#router bgp 65000 <br />RouterB(config-router)#neighbor 10.1.1.2 remote-as 64500 <br />RouterB(config-router)#network 172.17.0.0 mask 255.255.0.0 <br /><br /><br />-Multihoming :Multihoming describes an AS that is connected to more than one ISP. The three common ways to configure connections are: Default routes from all providers - Low memory and CPU usage. Provider sends BGP default route. AS sends all of its routes to the provider. <br />Customer routes and default routes from all providers - Medium memory and CPU usage. Best path is usually shortest AS-path. Can override path choice. IGP metric to default route used for all other destinations. Full routes from all providers - Higher memory and CPU usage. Reach all destinations by best path. Can still manually tune path choice. <br />Advertising Routes with BGP<br /><br />-When we redistribute BGP with IGPs, BGP has its own table in addition to the IGP routing tables. Redistribution is the process of exchanging the routing information between the two dissimilar routing tables. You can advertise networks into BGP via: <br /><br />-Using the network command Redistributing static routes using the null 0 <br />Redistributing dynamic IGP routes - Cisco recommends not redistributing from the IGP, as it may cause instability.<br /><br /><br />--ISIS Packets--<br /><br />CONP connection-oriented protocol (CONP like TCP)<br />CMNS connection-oriented service <br />CLNP the connectionless protocol (CLNP is the OSI equivalent of IP)<br />CLNS the connectionless service <br /><br />4 types of ISIS packets (PDU's)<br /><br />Hello (ESH, ISH, IIH) <br />LSP (nonpseudonode and pseudonode)<br />PSNP (partial sequence number PDU)<br />CSNP (complete sequence number PDU)<br /><br />Area - Logical entity (Set of contiguous routers, hosts, and links)<br /><br />Domain - Collection of connected areas, equivalent to an autonomous system<br /><br />ES-IS routing protocols - Handle level-0 routing<br /><br />IS-IS routing protocols - Handle level-1, level-2, and level-3 routing<br /><br />--NSAP Addressing--<br /><br />STANDARD 8 OCTET FORMAT<br />AREA SYSTEM ID SEL<br />01. 0000.0cff.ef48 .00 <br /><br /><br />OSI NSAP FORMAT<br />Domain AREA SYSTEM ID SEL<br />35.0006.0000. 01 .0000.0cff.ef48. 00 <br /><br /><br />Addresses starting with 49 are private<br /><br />Area Address - Variable-length field (first 1 to 13 octets)<br /><br />System ID - ES or IS ID in an area. Cisco uses fixed length (6 octets).<br /><br />NSEL - N-selector, 1 octet service identifier, 00 on Cisco routers<br /><br />The area address uniquely identifies the routing area and the System ID identifies each node. All routers within an area must use the same area address. An ES may be connected to a Level-1 router only if they both share a common area address.<br /><br />System ID can be the MAC address of the interface (CLNS) or the IP address of the interface (Integrated IS-IS). Each System ID should be unique throughout the domain.<br /><br />--ISIS configuration--<br /><br />interface Ethernet0<br />ip address 172.16.1.1 255.255.255.0<br />ip router isis <br />!<br />!<br />router isis<br />net 16.0040.1720.1600.1000.00<br /><br /><br />--ISIS Hierarchy--<br /><br />Level-0 routing occurs between a client to and from its default gateway. On a multi-access network, this is more likely to be considered a switching function. This is for ES-IS communication.<br /><br />Level-1 routing functions within an area, specifically to other routers within the area.<br /><br />Level-2 routing occurs between different areas. <br /><br />Level-3 routing is interdomain routing, or routing between autonomous systems<br /><br /><br />--ISIS Media--<br />Broadcast for LANs and multipoint WAN links<br />Point-to-point for all other media<br /><br />When implementing IS-IS in NBMA <br />Broadcast mode assumes fully meshed connectivity<br />In broadcast mode, you must map CLNS and include broadcast keyword<br />--frame-relay map clns <dlci-number> broadcast.<br />(BROADCAST USES DIS)<br />(HELLO TIMER 3.3)<br /><br />Point-to-point mode highly recommended (subinterfaces)<br />(POINT-to-POINT NO DIS)<br />(HELLO TIMER 10)<br /><br />--ISIS Priority--<br />Cisco router interfaces have a default Level 1 and Level 2 priority of 64. You can configure thepriority from 0 to 127 using the isis priority command (Higher Pri wins)<br /><br />Show commands<br />show clns: This command displays general information about the CLNS network.<br />show clns protocol: This command displays information for the specific IS-IS processes inthe router.<br />show clns interface: This command displays information about the interfaces that currently run IS-IS.<br />show clns neighbors: This command displays IS and ES neighbors, <br />show isis route: This command displays the IS-IS Level 1 routing table, which includes all<br />other system IDs in the area. This command is available only if CLNS routing is enabled<br />both globally and at the interface level.<br />show clns route: This command displays the IS-IS Level 2 routing table.<br />show isis database: This command displays the contents of the IS-IS LSDB. To force<br />IS-IS to refresh its LSDB and recalculate all routes, issue the clear isis command,<br />specifying the IS-IS process tag or using an asterisk (*) to clear all IS-IS processes.<br /><br />show isis topology: This command displays the Level 1 and Level 2 topology tables,<br />which show the least-cost IS-IS paths to the ISs.<br />----OSPF STATES----<br />Down,Init,Two-Way,Exstart,Exchange,Loading,Full <br /><br />An OSPF router goes through the following states:<br />1 down state: sends out his own hello packet<br />2 init state: waits 4 times the hello interval to hear a reply<br />3 two-way state: the router sees it own ID in the list of neighbors, adjancency is formed<br />4 exstart state: neighbors determine the master/slave relationship<br />5 exchange state: both neighbors send out database description packets<br />6 loading state: the router wants more details using an LSR packet<br />7 full state: LSRs are received and databases are updated and synchronized, the neighbors are fully adjacent <br /><br />----------------------------------------------------------------------------------<br /><br /><br />Router2#debug eigrp ?<br />fsm EIGRP Dual Finite State Machine events/actions<br />neighbors EIGRP neighbors<br />packets EIGRP packets<br />transmit EIGRP transmission events<br /><br />Router2#debug ip eigrp ?<br /><1-65535> AS number<br />neighbor IP-EIGRP neighbor debugging<br />notifications IP-EIGRP event notifications<br />summary IP-EIGRP summary route processing<br /><cr><br /><br />----------------------------------------------------------------------------------<br /><br />EIGRP neighbor table<br />In the neighbor table we find:<br />- address of the neighbor<br />- interface where the Hello's was received<br />- holdtime<br />- uptime<br />- sequence number<br />- SRTT (smooth round-trip time)<br />- RTO (retransmission timeout)<br /><br />----------------------------------------------------------------------------------<br /><br />The EIGRP Metrics are as follows:<br />Symbol Value <br />K1 Bandwidth 1<br />K2 Loading 0<br />K3 Delay 1 <br />K4 Reliability 0<br />K5 MTU 0<br /><br />----------------------------------------------------------------------------------<br />How do we achieve load balancing across unequal paths in EIGRP?<br />The "variance" command can be used to load balance across unequal cost paths.<br />----------------------------------------------------------------------------------<br /><br />The tree fields used in an LSP to determine if the LSP is newer then the one in the database are:<br />- Remaining lifetime<br />- Sequence number<br />- Checksum <br /><br />----------------------------------------------------------------------------------<br /><br />Distance vectors use the following techniques to avoid routing loops:<br />- Split horizon<br />- Poison reverse<br />- Holddown<br />- Triggered updates<br />- Aging of routes from the routing table<br />Counting to infinity is a condition that occurs when a route disappears from the network and is found in distance vector protocols but strictly speaking this is not a technique. <br /><br />----------------------------------------------------------------------------------<br />BGP SYNC<br />The synchronization rule states that a router cannot forward a route to an eBGP peer unless the route is in its local IP routing table. This requires the IGP and BGP to be synchronized and prevents BGP from advertising routes that the AS cannot direct to the destination.<br /><br />----------------------------------------------------------------------------------<br />EIGRP uses 224.0.0.10 for sending out routing updates<br />----------------------------------------------------------------------------------<br /><br />IOS 12.0 IP PBR can be fast-switched<br /><br />Fast switching of PBR is disabled by default. To configure fast-switched PBR<br /><br />router(config-if#)ip route-cache policy<br />Enables fast-switched policy routing<br /><br />Fast-switched PBR supports all of the match commands and most of the set commands, except for the following restrictions:The set ip default next-hop command is not supported.<br /><br />----------------------------------------------------------------------------------<br /><br />What is the range of multicast addresses in IPv6? <br />FF00::/8 to FFFF::/8<br /><br />----------------------------------------------------------------------------------<br /><br />When can a neighbor become a feasible successor? <br />If the advertised distance is lower then the feasible distance.<br />----------------------------------------------------------------------------------<br /><br />eigrp stub [receive only|connected|static|summary]<br /><br />----------------------------------------------------------------------------------<br /><br />The private BGP AS pool ranges from 64512 - 65535. <br />----------------------------------------------------------------------------------<br /><br />In a NSSA (not-so-stubby area) there are no LSA type 4 and 5 propagated into or out of the area. <br />----------------------------------------------------------------------------------<br />ISIS ---EIGRP Level-1 Redidtribution<br /><br />router eigrp 137<br />redistribute connected<br />redistribute isis level-1 metric 100 100 200 1 1500<br />network 10.1.1.0 0.0.0.255<br />no auto-summary<br />no eigrp log-neighbor-changes<br />!<br />router isis<br />redistribute eigrp 137 metric 0 metric-type external level-1<br />net 49.0000.0001.0001.00<br />is-type level-1<br /><br />----------------------------------------------------------------------------------<br /><br />MISC BGP Config<br /><br />router bgp 65002<br />no synchronization<br />bgp log-neighbor-changes<br />network 172.16.0.0 mask 255.255.255.0<br />network 172.16.1.0 mask 255.255.255.0<br />network 172.16.2.0 mask 255.255.255.0<br />network 172.16.3.0 mask 255.255.255.0<br />network 172.16.4.0 mask 255.255.255.0<br />aggregate-address 172.16.0.0 255.255.248.0 summary-only<br />neighbor 1.1.1.1 remote-as 65001<br />neighbor 1.1.1.1 update-source Loopback1<br />neighbor 1.1.1.1 ebgp-multihop 2<br />neighbor 3.3.3.3 remote-as 65002<br />neighbor 3.3.3.3 next-hop-self<br /><br /><br />thank u for sharing!<br />here is mine:<br /><br />_______________________________________________________________<br />IPV6 header:<br />Version Traffic_Class Flow_lable<br />Payload_length Next_header Hop_limit<br />source_address<br />destin_address<br /><br /><br />2000::/3--Global unicast address=IPV4(ABC)<br />FEC0::/10--site-local unicast address(like IPV4 reserved)<br />FE80::/10--link-local unicast address<br />::FFFF:A,B,C,D--IPV4-mapped IPV6 address<br />::A,B,C,D--IPV4-compatible IPV6 address<br />::1--unspecified address<br /><br />FF00::/8=IPV6 mutip address<br /><br />IPv6 offers the following benefits and features:<br />■ Larger address space<br />■ Unicast and multicast addressing<br />■ Address aggregation<br />■ Autoconfiguration<br />■ Renumbering<br />■ A simple and efficient header<br />■ Security<br />■ Mobility<br />■ Options for transitioning from IPv4 to IPv6<br />■ Routing protocols<br /><br /><br />Well-known mandatory attributes:<br />AS-path<br />Next-hop<br />Origin<br /><br />Well-known discretionary attributes:<br />Local preference<br />Atomic aggregate<br /><br />Optional transitive attributes:<br />Aggregator<br />Communities<br /><br />Optional non-transitive attribute:<br />Multi-Exit-Discriminator (MED)<br /><br /><br /><br />Redistribute_sim<br /><br />router isis<br />redistribute eigrp 100 metric 0 metric-type external level-1<br /><br />router eigrp 100<br />redistribute isis leve-1 metric 0 0 0 0<br />redistribute connected metric 0 0 0 0<br /><br />NAT_sim<br /><br />int s0<br />ip nat outside<br />int e0<br />ip nat inside<br /><br />(1)<br />ip nat inside source static 192.168.0.1 interface s0 oveload <br /><br />ps: if the question told u to do an static NAT ,and he said there is an “application server”(not an e-mail server),you need to use the “overload” option, just like the configuration listed above. <br /><br />(2)<br />access-list 5 permit 192.168.0.0 0.0.0.255<br />ip nat pool lan 172.168.0.10 172.168.0.20 netmask 255.255.255.0<br />ip nat inside source list 5 pool lan overload<br /><br />OSPF_sim<br />single area:<br />router ospf 2<br />network x.x.x.x 0.0.0.255 area 0 //Note: Lan <br />network x.x.x.4 0.0.0.3 area 0 //Note: P-to-P Wan Serial <br />network x.x.x.x 0.0.0.0 area 0 //Note: Lo0 <br /><br /><br />Redistribute_sim<br />router eigrp 137<br />redistribute isis level-1 metric 100 100 200 1 1500<br />redistribute connected metric 100 100 200 1 1500<br />network 10.1.1.0 0.0.0.255<br />no auto-summary<br />no eigrp log-neighbor-changes<br />!<br />router isis<br />redistribute eigrp 137 metric 0 metric-type external level-1<br />net 49.0000.0001.0001.00<br />is-type level-1<br /> <br /><br /><br />netmask aggregate addresses wild bits<br />=====================================================================<br />255.0.0.0 /8 16777216 0.255.255.255<br />255.128.0.0 /9 8388608 0.128.255.255<br />255.192.0.0 /10 4194304 0.63.255.255<br />255.224.0.0 /11 2097152 0.31.255.255<br />255.240.0.0 /12 1048576 0.15.255.255<br />255.248.0.0 /13 524288 0.7.255.255<br />255.252.0.0 /14 262144 0.3.255.255<br />255.254.0.0 /15 131072 0.1.255.255<br />255.255.0.0 /16 65636 0.0.255.255<br />255.255.128.0 /17 32768 0.0.127.255<br />255.255.192.0 /18 16384 0.0.63.255<br />255.255.224.0 /19 8192 0.0.31.255<br />255.255.240.0 /20 4096 0.0.15.255<br />255.255.248.0 /21 2048 0.0.7.255<br />255.255.252.0 /22 1024 0.0.3.255<br />255.255.254.0 /23 512 0.0.1.255<br />255.255.255.0 /24 256 0.0.0.255<br />255.255.255.128 /25 128 0.0.0.127<br />255.255.255.192 /26 64 0.0.0.63<br />255.255.255.224 /27 32 0.0.0.31<br />255.255.255.240 /28 16 0.0.0.15<br />255.255.255.248 /29 8 0.0.0.7<br />255.255.255.252 /30 4 0.0.0.3<br />255.255.255.254 /31 2 0.0.0.1<br />255.255.255.255 /32 1 0.0.0.0<br /><br />In IOS releases 12.1 and later, RIP does not propagate a static default route automatically. When using RIP and IOS 12.1, the RIP process must be manually configured to advertise the static default route by issuing the network 0.0.0.0 command.<br /><br />Alternately, the default-information originate or the redistribute static command may be used to configure static default route propagation. Regardless of the IOS version, the OSPF requires the default-information originate command to propagate the static default routes. The following example illustrates this configuration for RIP. Figure .<br /><br />RTY(config)#ip route 0.0.0.0 0.0.0.0 172.16.1.2<br />RTY(config)#router rip<br />RTY(config-router)#default-information originate<br /><br />Using the default-information originate command, an administrator can statically configure a single RIP router with a 0.0.0.0/0 route, and that default route will be propagated to other routers. The default-information originate command can also be used with OSPF to achieve the same effect.MADUNIXhttp://www.blogger.com/profile/09324689643630694197noreply@blogger.com0tag:blogger.com,1999:blog-3809113574406702660.post-77895010354889074682006-11-26T23:02:00.000-08:002006-11-26T23:16:25.284-08:00QoS study notes*Qos: Best Effort, Integrated Serv, DiffServ, MPLS/VPN, AutoQos, Qos for Security.<br /><br />*Traffic can be: Data (citrix,..), Voice (smooth, drop, delay) Video (burst)<br /><br />*Problem: Lack of bandwidth, Packet Loss, delay, Jitter<br /><br />*Classification: involves identifying and grouping different trafic types.<br /><br />*Marking: tags or colors the packet so it can be quickly recognized elsewhere in the network.<br /><br />*classification and marking should be applied in netwk as close to the source as possible<br /><br />*Methods deploying QoS: CLI, Modular QoS, Auto QoS, QoS Policy Manager<br /><br />*Policing: Drop or Marks packets when limit is reached<br /><br />*Shaping: Queues packet when limit is reached.<br /><br />*Congestion avoidance: FIFO, Tail Drop, Random Early Detection, WRED weighted random early detection<br /><br />*Congestion management: queuing<br /><br />*Link Efficency: Compression , Link Fragmentation + Interleaving<br /><br />*FIFO queuing produce exessive jitter.<br /><br />*Configure: 1 configure Class-map, 2 configure policy-map, 3 apply service-policy<br /><br />*MQC: {class-map1} {class-map2} {class-map3} / { policy-map1} {policy-map2} it creates: class-map1 + policy-map1 / class-map1 + policy-map2 / class-map3 + policy-map2<br /><br />*match-any != match-all <br /><br />*Classification: inspecting one or more aspects of a packet to see what that packet is carrying<br /><br />*Marking: writing information to a packet to identify the classification decision<br /><br />*Types of marking : layer 2 (Cos) and layer3 (IP precd , Dscp)<br /><br />*CIR: When calculating cir and mincir for FRTS, use 95 % of the CIR value. If CIR = 256k, it should be used as 256000. Do not multiply 256 with 1024. <br /><br />*TOS bit setting (SCCP)<br />0110 1000 1011 1000 (ignoring leading 0's)<br />0-7 digits represents RTP payload. Maps to DSCP 46 or TOS 5 (leading 3 digits 011)<br />8-15 digits represents Voice signalling. Maps to DSCP 26 or TOS 3 (leading 3 digits are 101), To change the voice signalling to DSCP 24 (according to CM 4.1 specs) the new value of TOS is 0×000060b8(Change bit 11) <br /><br />*Qos commands for WAN<br />fair-queue <congestive discard threshold><br />fair-queue 128 <dynamic queues> <reservable queues><br />class-map <name><br />match access-group <number><br />match ip dscp or match dscp<br />match ip precedence or match precedence<br />match input-interface<br />match protocol <protocol><br />policy-map <name><br />class <class1><br />bandwidth <kbps> or<br />bandwidth percent <percent><br />class <class2><br />bandwidth <kbps><br />queue-limit <number of packets><br /><br /><br />*LLQ - Calculating Total bandwidth:<br />The bandwidth percent allocates bandwidth as a percentage of total bandwidth on link.<br />For a frame-relay PVC ,if minCIR is configured, total bandwidth = mincir<br />For a frame-relay PVC , if minCIR is not configured, total bandwidth = cir/2<br />Default CIR of 56000 bps is applied if no map-class is configured or a map-class with no cir/mincir settings r configured.<br /><br />*CIR = Bc/Tc (set it to 95% of the actual link speed)<br />If the link speed is a full T1 (1,544,000), then set the CIR to 1466800<br /><br />*FRF12 fragments all packets above the specified size. Specify a size greater than voice packet). Voice packets wont be fragmented. Long data packets get fragmented. Voice packets will be interleaved between fragmented data packets…<br /><br /><br />*RTP header compression for frame interfaces:<br />int s0/0.1<br />frame-relay ip rtp header-compression <br />frame-relay ip rtp header-compression passive <br />frame-relay ip rtp header-compression iphc-format <br />ip rtp header-compression ietf-format<br /><br /><br />*QoS Port configuration<br />interface fa0/1<br />mls qos trust cos //trusts packet cos<br />mls qos trust device cisco-phone // trusts cos only if a phone is attached<br />switchport priority extend cos 0 // zeros out PC cos values.<br /><br /><br />*WRED uses random dropping of packets. When threshold 1 is reached (say 25% of queue) packets with Cos 0 and 1 are randomly dropped. When threshold 2 is reached (say 50% of queue), packets with CoS 0,1,2,3 are randomly dropped. At this point packets with Cos 0,1 are more aggresively dropped than packets with Cos 2,3.<br /> <br /><br />*FIFO: 1 queue, no delay gurantee, no BW guarantee, no voice <br />Priority Queuing: 4 queues, strict priority, delay gurantee, no bw gurantee, no voice <br />Custum Queuing: 16 queues, Round Robin, no delay gurantee, no voice<br /><br />*Its generally not recommended to use PQ or CQ . In case you need priority treatment to real time traffic ,then resort to CBWFQ . This has LLQ option( "priority <KBPS>" command under policy-map) and internally uses fair queue.<br /><br />*Shaping: When a packet arrives , it will check the token bucket if credit available it will be sent to Software queue ( or directly to H/W queue if it is not full ) . If credits are not available then this will be placed in the shapping queue <br /><br />*LLQ belong to different category . LLQ = Strict Priority Queue + Policing . An Standalone LLQ can not be used for shapping (A PQ can be used<br />instead of this ).<br /><br /><br />*wrr-queue bandwidth 1 2 3 4<br />"The ratio of the bandwidth allocated for each queue is 1/(1+2+3+4),<br />2/(1+2+3+4), 3/(1+2+3+4), and 4/(1+2+3+4), which is 1/10, 1/5, 3/10, and<br />2/5 for queues 1, 2, 3, and 4. "<br /><br /><br /><br />*When doing MQC-based shaping remember that the "shape<br />average" command automatically sets Be equal to Bc, so set Be explictly to 0<br />if the task does not require an excess burst. Also remember that if you<br />want to shape at the DLCI level, using a map-class frame-relay, then you<br />must shape class class-default.<br /><br /><br />*This policer has two token buckets, one is defined by Bc and the other by Be, therefore the figures for Bc and Be do not have to be accumulative.<br /><br /><br />*RED can be applied to an interface or a class. <br /><br />*RED is in fact a dropping mechanism, and it needs a queue to operate on. As classes are virtual within the router (as opposed to a physical interface) some queueing strategy needs to be defined for the class to define how to build these queues, and for the class-default you are given the additional option of defining fair-queueing.<br /><br />*There are two other RED options to be familiar with. Flow based (for interfaces only) and the ECN option. Flow based was created for non-TCP flows that do not back off in the presence of dropped packets. The ECN option is where you can set ECN in the packet instead of dropping it, so that you do not have to rely upon the dropping of a packet to signal congestion (and by implication hosts will know to back off without experiencing packet loss).<br /><br />*The possible values for IP Precedence are(0-7):<br />000 = 0<br />001 = 1<br />010 = 2<br />...<br />111 = 7<br /><br />*The possible values for DSCP are much wider(0-63):<br />000000 = 0<br />000001 = 1<br />.....<br />111111 = 63<br /><br />Notice that the first three bits overlap between the two values, DSCP values are fully backward compatible with IP Precedence. For example - you should give voice an IP Precedence of 5 (101). You should give it a DSCP of 46 (101110). Notice that the first<br />three bits are the same in each case!!! This is what is meant by backwards<br />compatible.<br /><br />*When you are operating within a class (for example - the assured forwarding classes (AF)) - you need to be careful about bigger numbers are better. This is not true as you found out. Bigger numbers within the class indicate a higher drop priority. This is a bit counter intuitive, but it is how it works. Notice this is only WITHIN a class, however.<br /><br /><br />*The Class-Based policer calculates burst as RATE/32. Which represents 1/4 seconds worth of traffic, converted to bytes. Odom discusses this in his book, but I do not know of any good Cisco docs on it. This is VERY different from CAR, which has a rule of thumb which suggests that Bc should be 1.5 seconds worth and Be should be twice that.<br /><br />*The theory behind police burst values suggests that the bursts should allow a full TCP window at the configured rate. The window is calculated as RATE<br />times Round Trip Time / 8 to convert to bytes. This would suggest that by<br />default Cisco assumes a 250 ms RTT.<br /><br /><br /><br />*If you want to use CBWFQ with the Class-Based Traffic Shaping mechanism, the following conditions must be met:<br />A secondary-level (child) policy map must be created. This secondary-level (child) policy map is then used to configure CBWFQ by enabling the bandwidth command.<br />Traffic shaping must be configured in the primary-level (parent) policy map.<br /> <br /><br />*If random detect dscp is configued as the drop policy with no further customization the previous link describes the default behavior. But in summary, each marking has the same probaility of being dropped, but some become eligible for being dropped at different queue depths. As an example if the average queue depth in a class for af31 traffic reaches 32 packets, all further af31 packets are eligible to be randomly dropped. Whereas for af3, packets are eligible to be dropped when the average queue depth is 24 packets.<br /><br /><br />*A large gap between the maximum threshold for exceeding packets compared to<br />the minimum threshold for conforming packets is there to ensure that the<br />instantaneous queue depth will never reach the minimum threshold of the<br />conforming traffic and hence exceeding packets will be dropped ahead of<br />conforming packest at all times.MADUNIXhttp://www.blogger.com/profile/09324689643630694197noreply@blogger.com0tag:blogger.com,1999:blog-3809113574406702660.post-49273868696576165462006-11-26T22:52:00.000-08:002006-11-26T22:56:05.889-08:00BGP study notesnon client BGP device types must be fully meshed with each other, clients dont need to be fully meshed because they are connected to a route reflector. a BGP speaker is not a BGP device type.<br /><br />BGP sends incremental updates that can contain only the network change<br /><br />since the remote as No. is different than the As No. specified when BGP was enabled,this will be an eBGP neighbour<br /><br />full mesh n(n-1)/2<br /><br />since the remote as No. is different than the As No. specified when BGP was enabled,this will be an eBGP neighbour<br /><br />An eBGP router will not set the NEXT_HOP attrib to itself when a route is orginated by an iBGF router in the same AS and on the same subnet as itself and the remote eBGP router<br /><br />Negotion and disconnect are not valid BGP states. connect and active are valid BGP states<br /><br />An eBGP router will not sent the NEXT_HOP attrb to itself when a route is orginated by an iBGP router in the same AS and on the same subnet as itself and the remote eBGP router.<br /><br />Client, non-client, and route reflector are all valid BGP device types<br /><br />AS: The private AS number are 64512 through 65535, the public AS no. are 1 through 64511<br /><br />An origin code of incomplete is represented in the BGP routing table with the "?" symbole<br /><br />If your autonomous system will be passing traffic through it from another autonomous system to a third autonomous system, it is very important that your autonomous system be consistent about these routes that it advertises. For example, if your BGP were to advertise a route before all routers in your network had learned about the route through your IGP, your autonomous system could receive traffic that some routers cannot yet route. To prevent this from happening, BGP must wait until the IGP has propagated routing information across your autonomous system. This causes BGP to be synchronized with the IGP. Synchronization is enabled by default. Only if all routers in the transit path in the AS are running BGP it is safe to turn synchronization off<br /><br />IGBP routes are propagated to all IBGP peers and only the IBGP peers<br /><br />The show ip bgp summary command displays the status of all BGP connections. Neighbors with corresponding AS value will be listed, both interior and external.<br /><br />BGP)Private AS range = 64512 --> 65535 (RFC 1930)(1024 AS-es)<br /><br />BGP Attributes =<br />WO MD TN == WellKnown/Optional,Mandatory/Discretionary,Transitive/Non-Transitive<br />WM=WellKnown Mandatory Required and Recognized by all BGP implementations.<br />WD = WellKnown Discretionary == Not present in all BGP update messages, if present all routers will act on the information contained.<br />OT = Optional Transitive == A Rtr might not recognize this attr., so if it does not it marks it as partial and passes it on.<br />ON = Optional NonTransitive == These are NOT transmitted to BGP Peers. If a router does not recognize them it ignores them.<br />WM == As-Path, Next-Hop, Origin<br />WD ==LocalPref, AtomicAggregate<br />OT == Can be partial; Aggregator, Community<br />ON == MED, OriginatorID<br />Cisco Defined = Weight<br />As-path = a,b,c (a is first hop next as to go to, b is next and so on)<br />Origin = WM, Lower Preferred == IGP<EGP<Incomplete (gives weight of source of AS path)<br />MED = ON (Optional NonTransitive)=Lower Preferred, def = 0. To influence external AS-es on selecting appropriate entry ino the AS. MED is not passed beyond neighbor AS.<br />LocalPref = WD, Higher preferred, def = 100. Local to AS and not sent to EBGP peers.<br />Community = OT, ability to tag routes that have something in common.<br />Weight = Cisco Only = 32768 = def for locally originated, others=0, higher preferred. Used for local to this router routing policy only.<br />Route Selection preference ==> highest Weight, highest Local pref, shortest as-path, lowest origin code, lowest med.<br />Atomic Aggregate Attribute: WD, indicates to neighbor AS that originator has aggregated routes.<br />Aggregator = OT = BGP Router ID and AS # of router that performed the route aggregation.<br /><br /><br />BGP Rules:<br />(Learn these 3 rules, the test has these mingled and to understand the fine differences will be great advantage)<br />Synchronization Rule: A BGP router should not use or advertise to an external (EBGP) neighbor a router learned by IBGP, unless that route is local or is learnt from IGP. Only if all routers in the transit path in the AS are running BGP is it safe to turn synchronization off. Use no synchronization (router config) command to turn synch off, this command will aloow a rtr to use and advert to ebgp neighbor routes learnt by ibgp before learning them from IGP.<br />Split Horizon Rule: Causes the need for RouteReflectors: Routes Learnt from ibgp WILL not be advertised to ibgp peers.<br />Next Hop Rule : For IBGP: next hop advertised by EBGP should be carried into IBGP. For EBGP, the next hop is the ip address of the neighbor that sent the update.<br /><br /><br />-BGP RouterID == same as OSPF RouterID, highest I/F address OR Loopback Address is used.<br /><br />-BGP Operation:<br />BGP Message Types == Open, Keepalive, Update, Notification (for errors/special conditions, closes connection immediately).<br />BGP Peers will exchange full BGP routing tables. Then incremental.<br />Open Message == Version, my AS, hold time, BGP Id, Optional Params (Authentication).<br />Update message has info on one path only == Withdrawn Routes, Path Attributes, NLRI (Network Layer Reachability Info) list of prefixes reachable via this path.<br />BGP Neighbor states == Idle, Connect, Active, OpenSent, OpenConfirm, Established.<br />In Established === update, keepalive, and notification messages are sent.<br />Keepalive == 19 bytes/60 seconds, Other messages == 19~4096 bytes. Def Hold time = 180 s.<br /><br /><br />-Route Selection :<br />Do not consider unsynched internal paths.<br />next hop not reachable – do not use.<br />highest weight<br />highest localpref<br />Orig by local router<br />shortest as-path<br />lowest origin code IGP < EGP < incomplete<br />Lowest MED<br />EBGP over IBGP.<br />if only internal paths remain, prefer lowest cost next hop.<br />Else Ebgp select oldest route<br />Lowest neighbor bgpid.<br />lowest neighbor ip address.<br />BGP only chooses a single path per destination.<br /><br />BGP Commands:<br />router(config)# router bgp <as-#><br />router(config-router)# neighbor {<ip-addr><peer-grp>} remote-as <as-#><br />router(config-router)# neighbor {<ip-addr><peer-grp>} shutdown<br />router(config-router)# no neighbor {<ip-addr><peer-grp>} shutdown<br />router (config-router)#neighbor <ip-addr> update-source loopback <interface-number><br />in the above we are indicating that update source on this router is the loopback <interface-number><br />router (config-router)#neighbor {<ip-addr><peer-grp>} ebgp-multihop [<ttl>]<br />(use the above command in case the ebgp peers are not directly connected) (ttl in above defaults to 255)<br />router (config-router)#network <network-number> [mask <nw-mask>]<br />the list of network commands must include all networks in your AS that you want to advertise. Note the above network/mask must match exactly an entry in the routing table.<br />router (config-router)#neighbor {<ip-addr>} next-hop-self<br />allows an ibgp peer to receive EBGP paths with next hop set to the IBGP peer.<br />router (config-router)#no synchronization<br />disables synchronization.<br /><br />-BGP route summarization:<br />router (config-router)#aggregate-address <ip-address> <mask> [summary-only] [as-set]<br />the networks being aggregated must be in the BGP table.<br /><br />-Resetting bgp:<br />Clear ip bgp {* <addr>} [soft [in out]<br /><br />-Route Reflectors: BGP split horizon: routes learnt via IBGP are never propagated to other IBGP peers.<br /><br />-RRs : modify BGP SH by allowing RRs to propagate to IBGP clients routes learned by IBGP, except those learned from the client itself.<br /><br />-RR Operation:<br />Update from Client Peer: send update to all non-client peers and to client peers (except originator).<br />Update from Non-Client IBGP Peer: send update to all client peers.<br />Update from EBGP peer: send update to all non-client peers and to client peers.<br />router (config-router)#neighbor <ip-addr> route-reflector-client<br /><br />-prefix lists:<br />better than ACLs as they allow incremental changes and deletion of individual lines.<br />Router(config)#ip prefix-list <list-name> [seq <seq-value>] {deny permit} <network>/<len> [ge <ge-value>] [le <le-value>]<br />router (config-router)#neighbor {<ip-addr> <peer-grp-name>} prefix-list <pref-lname> {in out}<br /><br />To set weight attribute:<br />router (config-router)#neighbor {<ip-address> <peer-grp>} weight <weight><br />-To set default local preference value to something other than 100<br />router (config-router)#bgp default local-preference <value><br /><br />Troubleshooting BGP:<br />Show ip bgp ===BGP Table Version,local router ID, Network, Next Hop, Metric, LocPrf, Weight, Path<br />Show ip bgp <nw-number> === Paths, number of paths, Advertised to peers,<br />Show ip bgp summary === BGP table version, main routing table version, # of network entries, # of paths, Neighbor, version, AS, messages received, messages sent, Table version, input Q, output Q, Up/Down for, State/Prefixes received.<br />Show ip bgp neighbors === neighbor ip, remote-as, type of link, bgp version, neighbor router id, BGP state, table version, up for, hold time, keepalive interval, received message count, number of notifications, number queued, sent messages, sent notification count, sent queue depth, # of prefixes advertised, last reset and reason for reset.<br />The above command is also used to show RR clients.<br />Show ip prefix-list [detail summary]<br /><br /><br />-(BGP) The configuration of the multiple connections to the ISPs can be classified depending on the routes that are provided to the AS from the ISPs. Three common ways of the configuring the connections are:<br />All ISPs pass only default routes to the AS.<br />All ISPs pass default routes, and selected specific routes (for example, from customers with who the AS exchanges a lot of traffic) to the AS.<br />All ISPs pass all routes to the AS (A).<br /><br />BGP attributes:<br />Well-known mandatory attributes:AS-path/Next-hop/Origin<br />Well-known discretionary attributes:Local preference/Atomic aggregate/<br />Optional transitive attributes:Aggregator/Communities<br />Optional non-transitive attribute:Multi-Exit-Discriminator (MED)<br /><br />AS Numbers:<br />This autonomous system number is a 16-bit number, with a range of 1 to 65535, 64512 - 65535 are reserved for private use.<br /><br />The command “clear ip bgp *”:clears all the entries from the BGP routing table and reset BGP sessions. This command is used after every configuration change to ensure that the change is activated and that peer routers are informed.<br /><br />The command “clear ip bgp <address>” ex: clear ip bgp 172.31.0.0 removes the specified network from the BGP table.<br /><br />The assignable BGP autonomous system numbers are from 1 to 65,535 (I.e. 65,535 in total). Autonomous system numbers are of 16 bit length. There are 2 ^ 16 = 65536 -1 possible ASNs. ASN of all 0s is not assigned. Out of this, the Internet Assigned Numbers Authority (IANA) has reserved the following block of AS numbers for private use: 64512 through 65535.<br /><br />-External BGP (eBGP) is used to establish session and exchange route information between two or more autonomous systems. Internal BGP (iBGP) is used by routers that belong to the same Autonomous System (AS).<br /><br />-Routers running BGP in an AS use network Policy to choose the best path. Metrics are not used in BGP. Remember that Internet is made of autonomous systems (AS) that are connected together based on Policies specific to each AS. Also, AS numbers (ASN) are assigned by AINA and are unique over the Internet. In an internet (not big I) the ASNs can be assigned by the corporation itself that is implementing internet.<br /><br />-The following are the four possible message types in a BGP header:<br />Type 1: OPEN message - This is the first message sent after TCP session is established.<br />Type 2: UPDATE message - An UPDATE message contains a new route or a route to be withdrawn or both. Note that only one new route can be advertised with one UPDATE message.<br />Type 3: NOTIFICATION message - this message is sent if an error occurs during a BGP session. This message can be used to troubleshoot the problem.<br />Type 4: KEEPALIVE message - KEEPALIVE message is used to confirm that the connection between the neighboring routers is still active.<br /><br />-Command to set the router RouterA to autonomous system number 1340:<br />The correct syntax for the command is:<br />RouterA(config)#router bgp 1340<br />where 1340 is the AS number which can have a value between 1 and 65535 in an internetwork.<br /><br />-Port number 179 is used to establish a session between two routers running BGP.<br /><br />-Well-Known mandatory attributes must appear in all BGP update messages. The well-known mandatory messages are:<br />AS_PATH: BGP messages carry the sequence of AS numbers indicating the complete path a message has traversed.<br />NEXT_HOP: This attribute indicates the IP address of the next-hop destination router.<br />ORIGIN: This attribute tells the receiving BGP router, the BGP type of the original source of the NLRI information.<br /><br />-Any two routers that have formed a TCP connection in order to exchange BGP routing information are called peers, or neighbors. BGP peers initially exchange their full BGP routing tables. After this exchange, routing table changes are sent as incremental updates. BGP keeps a version number of the BGP table, which should be the same for all of its BGP peers. The version number changes whenever BGP updates the table, likely due to routing information changes. Keep alive packets are sent to ensure that the connection is alive between the BGP peers.<br /><br />-show ip bgp neighbors<br />This is a very useful command in troubleshooting BGP connections. When the connection is established, the peer/ neighbor router exchanges BGP information. If a TCP connection (BGP session) is not established, a BGP router can not exchange any BGP routing information with the adjacent router.<br /><br />-Few recommended scenarios, where you use BGP are:<br />Connect two or more ISPs<br />The traffic flow out of your network need to be managed to suit the requirements of your organization.The traffic need to be sent through one AS to get to another AS.<br /><br />-The weight attribute in BGP has a range from 0 to 65535. This attribute can be set using "neighbor" command. The default value is 32,768.<br /><br />-Various debug commands useful in troubleshooting bgp are:<br />Debug ip bgp events: Displays all bgp events as they occur.<br />Debug ip bgp dampening: Displays bgp dampening events as they occur.<br />Debug ip bgp keepalives: Displays all events related to bgp keepalive packets.<br />Debug ip bgp updates: Displays information on all bgp update packets.<br /><br />-Prefix lists (filtering) are available only in Cisco IOS versions 12.0 and later.<br /> <br />-Characteristics of Prefix lists:<br />These are used for filtering BGP routing updates, so that certain path policy is applied.<br />Prefix lists put less load on the processor compared to Access lists.<br />Prefix lists are easier to configure and implement.<br />Prefix lists are read one line at a time.<br />There is an implicit deny all at the bottom of the Prefix list. However, if the prefix list is empty, there will be an implicit permit any.<br />The statement with the smallest sequence numbers is read first.<br />Sequence values are generated in increments of 5. The first sequence value generated in a prefix list would be 5, then 10, then 15, and so on.<br /><br />-The following are a few examples of how a prefix list can be used (while configuring BGP policies to filter route updates):<br />To deny the default route 0.0.0.0/0:<br />ip prefix-list mylist1 deny 0.0.0.0/0<br />or <br />To permit the prefix 20.0.0.0/8:<br />ip prefix-list mylist1 permit 20.0.0.0/8<br /><br />-A stub AS is a single-homed network with only one entry and exit point. This type of AS can be connected to the external world through the use of a statically configured route.<br />-Transit AS: Data from one AS need to reach a remote AS, then it has to travel through intermediate AS. The AS or Autonomous Systems which carry the data from one AS to another AS is (are) called Transit AS (es).<br /><br />-eBGP: External BGP is used between two or more Autonomous Systems.<br />iBGP: Internal BGP is used within an AS.<br /> <br />-In BGP, to disable automatic summarization of subnet routes into network level routes use the command:”no auto-summary”<br />To enable automatic summarization of subnet routes into network level routes use the command:<br />“auto-summary”<br />Note that by default, auto-summary is enabled.<br /><br />-BGP is an exterior routing protocol, whereas RIP, IGRP, and OSPF are all Interior routing protocols (IRP). Interior routing protocols run inside a company's network and can't run on the Internet. The Internet consists of numerous autonomous systems (AS) which are connected by Exterior Routing protocols like BGP.<br /><br />-BGP commands:Suppose, RouterA and RouterB are running iBGP. The correct syntax for establishing neighbor relationship is:<br />router bgp 100<br />neighbor 175.23.1.2 remote-as 100<br />iBGP routers don't have to be directly connected, as long as there is some IGP running, that allows the two neighbors to reach one another. If two routers belong to the same AS, then they run iBGP, whereas, if they belong to different ASs, they need to run eBGP.<br /><br />-The output is that of "show ip bgp summary". It contains the following among other details:<br />BGP router identifier: Router identifier specified by the bgp router-id command, loop back address, or lowest IP address.<br />BGP table version: Internal version number of BGP database.<br />Main routing table version: Last version of BGP database that was injected into main routing table.<br />Neighbor: IP address of a neighbor.<br />V: BGP version number spoken to that neighbor.<br />AS: Autonomous system.<br /><br />-To specify the networks to be advertised by the Border Gateway Protocol (BGP) use the network command.<br />To remove an entry, use the no network form of this command.<br />“network network-number [mask network-mask]”<br />To remove,<br />“no network network-number [mask network-mask]”<br /><br />-To distribute Border Gateway Protocol (BGP) neighbor information as specified in a prefix list, use the neighbor prefix-list command in address family or router configuration mode.<br />The following router configuration mode example applies the prefix list named mylist1 to outgoing advertisements from the neighbor 192.10.0.0:<br />!<br />router bgp 100<br />network 120.101.0.0<br />neighbor 192.10.0.0 prefix-list mylist1 out<br /><br />-To distribute Border Gateway Protocol (BGP) neighbor information as specified in an access list, use the neighbor distribute-list command in address family or router configuration mode. <br /><br />-Route maps are used with BGP to control and modify routing information and to define the conditions by which routes are redistributed between Autonomous Systems. The format of a route map is as follows:<br />“route-map map-name [[permit deny] [sequence-number]]”<br />The map-name is a name that identifies the route map, and the sequence number indicates the position that an instance of the route map is to have in relation to other instances of the same route map.<br /><br />-Some of the terms used commonly with route reflectors in BGP are:<br />Route reflector: It is a router that is configured to advertise the routes that are learned from iBGP neighbors.<br />Client: A router that shares information with the router configured as route reflector.<br />Cluster: The set of all routers configured as route reflectors and clients.<br />Cluster ID: If there are one route reflector in a cluster, then, cluster ID is used to identify the route reflectors uniquely in the specified cluster.<br />-Do not apply both a neighbor distribute-list and a neighbor prefix-list command to a neighbor in any given direction (inbound or outbound) on a BGP router. These two commands are mutually exclusive, and only one command (neighbor prefix-list or neighbor distribute-list) can be applied to each inbound or outbound direction.<br /><br />-BGP peer groups:<br />A BGP peer group significantly reduces the overhead of configuring policies on every individual BGP neighbor in an AS. When a peer group is created, policies are assigned to the name of the peer group itself and not to the individual neighbors.<br />Route maps, distribution lists, and filter lists usually set update policies.<br />Members of the peer group can be configured to override the configuration options for incoming updates, but not to the outgoing updates.<br /><br />-The command (BGP)<br />neighbor <ip-address> peer-group <peer><br />is used to add a neighbor to a peer-group.<br />The complete commands to add a neighbor are:<br />!<br />RouterA(config)#router bgp 100<br />RouterA(config-router)#neighbor mygroup peer-group<br />RouterA(config-router)#neighbor 1.1.1.1 peer-group mygroup<br /> <br />-When a route reflector in a BGP AS receives an update, it takes the following actions, depending on the type of peer that sent the update:<br />If the update is from a non-client peer : It sends the update to all clients in the cluster.<br />If the update is from a client peer: It sends the update to all nonclient peers and to all client peers.<br />If the update is from eBGP peer: It sends the update to all nonclient peers and to all client peers.<br /><br />-The following are well known communities in BGP:<br />Internet: All routers belong to this community by default. Advertises the route to internet community.<br />No-export: This indicates not to advertise a route to eBGP<br />No-advertise: This indicates not to advertise a router to peers.<br />The community attribute in BGP can contain a value in the range 0 to 4294967200.<br /><br />-The correct syntax to configure a router as a BGP route reflector is:<br />RouterA(config-router)#neighbor <ip-address> route-reflector-client<br />Here, it is:<br />RouterA(config-router)#neighbor route-reflector-client 144.44.44.1<br />The above command will configure RouterA as a route reflector with the specified neighbor 144.44.44.1 as the route reflector's client.<br /><br />-Methods available for filtering BGP updates:<br />Distribute lists: To restrict the routing information can be filtered based on routing updates to/from a particular neighbor. An access list that is applied to updates to/from a neighbor serves as a filter.<br />AS_Path filtering: Here, you specify an access list on both incoming and outgoing updates based on the value of the AS_path attribute.<br />Route Map Filtering: Here, the "neighbor route-map" command is used to apply a route map to incoming and outgoing routes.<br />Community Filtering: You can filter by setting the community attribute on router updates.<br /><br />-External and summary routes are not injected into a totally stubby area in an OSPF network. The advantages of totally stubby areas are reduced routing tables, faster convergence, and stability.<br /><br />-To enable the synchronization between Border Gateway Protocol (BGP) and Interior Gateway Protocol (IGP) system, synchronization command is used. To advertise a network route without waiting for the IGP, use the no synchronization command. By default, synchronization is enabled.<br /><br />-The following router configuration mode is an example that enables a router to advertise a network route without waiting for the IGP:<br />!<br />router bgp 160<br />no synchronization<br /><br />-Show ip bgp neighbors is a command most often used to see neighbor details, which include the following:<br />AS number,Uptime,BGP messages received / sent,Hold time, Keepalive intervals,Remote router ID .<br /><br />-BGP AS-PATH length:<br />You can increase the AS-PATH length by adding dummy AS numbers.<br />The route map configuration command:<br />set as-path prepend 100<br />causes a router to prepend 100 once to the value of the AS_path attribute before it sends updates to the specified neighbor.<br />If you want to prepend 100 twice, use the command<br />set as-path prepend 100 100<br />This will increase the AS-PATH length in the updates being sent to the neighbor and hence the path selection.<br /><br />-BGP Distribute lists are created using IP standard access lists and IP extended access lists. The range of numbers for standard access list is 1 to 99 and extended access list is 100 to 199. Therefore, the allowed range of numbers is 1 to 199.<br /><br />-The three multi-homing classifications are:<br />Basic: Here the ISP will offer only the default route to the AS. This kind of connection is least processor intensive and recommended for simple networks with only one ISP connection.<br />Medium: This uses default routes and BGP. Internal AS can select the best ISP to use depending on the preferences.<br />Full: Full multi-homing uses only BGP. Here the routes are learned using the AS_PATH attribute information to make routing decisions.<br /><br />-BGP can load balance up to six links. You can have up to six links to ISPs and use those links for Internet traffic. This arrangement provides redundancy as well as load balancing.<br /><br />In BGP, the term Multihoming is used when one AS is connected to two or more ASP. The purpose of multihoming is:<br />To improve the reliability of connectivity to the Internet, that even if one connection fails, the other connection will be available.<br />To share the traffic load, resulting in the performance improvement.<br /><br />-While selecting best route in BGP, the order of preferences are as below:<br />Weight - If multiple routes exist, the route with the highest weight is preferred.<br />Local preference - If multiple routes have the same weight, the route with the highest local preference is preferred.<br />Local router - If multiple routes have same local preference, prefer the route originated by the local router.<br />AS path - If multiple routes have the same local preference, prefer the route with shortest AS path.<br /><br />-BGP:peers(nei) not only a phy link,but TCP connection established.<br />only one instance of BGP can be configured on the router at a single time,A BGP router with synchronization enabled will not advertise iBGP-learned routes to other eBGP peers if it is not able to validate those routes in its IGP.<br />if you have all your routers in the AS running BGP and you are not running any IGP, the router has no way of knowing that, and your router will be waiting forever for an IGP update about a certain route before sending it to external peers.<br /><br />-BGP is an AS-by-AS routing proto,not a router-by-router routing proto,in BGP,next hop doesnt mean the next router,it means the IP addr to reach the next AS,so iBGP wont change the NEXT-HOP addr,unless [same subnet]<br /><br />-peer-group: useful when many nei have the same outbound policies, members can have a diff inbound policy<br /><br />-debug ip bgp events<br />Idle:router is searching routing table to see if a route exists to reach the nei -> check for an IGP prob, is the nei announcing the route?<br />Connect:Router found the route n has completed three-way TCP handshake<br />Active:the router has sent out an open packet n is waiting for a response<br />Established:[sh ip bgp summary] -> the state is blank or has a number ( number: how many routes have been learnt)<br /><br />-sh ip bgp:sh all bgp routes: origin code: i (IGP), status code: i (internal)<br /><br />-The use of secondary addresses can contribute to congestion on the network.<br /><br />-optional transitive:if not recognized,are marked as partial n propagated to others<br /><br />-MED is sent to eBGP nei only, choose the lowest one,DF:0, is considered the metric of BGP (router)#default-metric [number]<br />Weight not sent to any BGP nei, Local-pref sent only within AS thru iBGP<br /><br />-BGP is not designed to perform load balancing, paths are chosen bcoz of policy,not chosen based upon BW, BGP is designed for manipulating routing paths.<br /><br />bgp bestpath as-path/metric ,bgp always-compare-med<br /><br />multihoming is for redundancy n increased routing efficiency/BW, not load balancing,one of the link will always be better than the other one. 50/50 is impossible!<br />static route ( default route ) can specific a route<br />common IGP: send all/any routes along with the df route, may still not select the best<br />BGP: use policy-based to filter, send partial routing table<br /><br /><br />-BGP has its own table,in addition to the IP routing table, info can be xchanged betw them.<br /><br />-single-homed multi-ISP -> enable syn<br /><br />-multi-homed multi-ISP -> disable syn for using IGP<br /><br />BGP header: if open,then all 1s<br />distribute-list relys on acl -> acl 1 permit xxxxxx / nei [ip] distribute-list 1 out<br />in IGP: (router)#distribute-list 1 out e0(rip)<br /><br />BGPv4:RFC 1771<br />Weight -> LocPre -> originated -> AS_Path -> lowest origin type( IGP<egp<incomplete> MED -> external>internal -> lowest metric IGP nei -> lowest IP addr<br /><br />The route betw 2 BGP can be leant with IGP ,but no df route allowed<br />debug ip bgp dampaning: locate loops<br /><br />BGP is an Advanced Distance Vector protocol. Routers running BGP exchange network reachability information, called path vectors or attributes that include a list of the full path (of BGP AS numbers) that a route should take in order to reach a destination network.<br /><br />-You should use BGP when at least one of the following conditions exist:<br />An AS allows packets to transit through it to reach other AS’s (for example, a service provider) An AS has multiple connections to other AS’s<br />The flow of traffic entering and leaving your AS must be manipulated<br /><br />-You should not use BGP when the following conditions exist:<br />A single connection to the Internet<br />Routing policy and route selection are not a concern for your AS<br />Lack of memory or processor power on BGP routers to handle constant updates<br />Limited understanding of route filtering and BGP path selection process<br />Low bandwidth between AS’s<br /><br />-You should use static routes if any of the preceding conditions are true. Remember that BGP, if not properly controlled and filtered, has the potential to allow an outside AS to affect your routing decisions.<br /><br />Two routers speaking BGP form a TCP connection with one another and exchange messages to open and confirm the connection parameters. Once a connection is made between these neighbors (or peers routers), full routing tables are exchanged. From then on, BGP routers need only send changes (incremental updates). Since periodic updates are not required, triggered updates are used.<br /><br />-BGP neighbors send keepalive messages, similar to the hello messages of EIGRP and OSPF.<br /><br />-BGP provides a loop free path, because a router running BGP will not accept a routing update that already includes its AS number in the path list, since this would mean that the update has already passed through its AS.<br /><br />-BGP comes in two flavors, Internal BGP (iBGP) and External BGP (eBGP). iBGP is when BGP is running between routers within the same AS, while eBGP runs between routers in different autonomous systems. -Routers running eBGP are usually directly connected. Routers running iBGP do not have to be directly connected.<br /><br />-An important distinction between iBGP and eBGP is that an iBGP AS would be considered a transit AS, meaning packets not originated in the AS are moving through it.<br /><br />-BGP allows administrators to define policies, or rules, for how data will flow through the AS.<br /><br />-BGP metrics are called path attributes. An attribute can fall into four separate categories:<br />Well-known mandatory: Must be present in all update messages<br />Well-known discretionary: Could be present in update messages<br />Well-known attributes must be recognized by all compliant BGP implementations and are propagated to peers<br />Optional transitive: If not recognized, are marked as partial, and propagated to other neighbors<br />Optional nontransitive: Discarded if not recognized<br />Optional attributes: Recognized by some implementations, expected not to be recognized by everyone, and recognized optional attributes are propagated to other neighbors based on their meaning<br /><br />-BGP attributes include:<br />AS-path (Well-known mandatory): The AS-path attribute is actually the list of AS numbers that a route has traversed in order to reach a destination.<br />Next-hop (Well-known mandatory): Indicates the next-hop IP address that is to be used to reach a destination.<br />Local preference (Well-known discretionary): Provides an indication to routers in the AS about which path is preferred to exit the AS.<br />Multi-exit-discriminator (MED): Optional nontransitive attribute- An indication about the preferred path into an AS.<br />Origin- Well-known mandatory- Defines the origin of the path information.<br />Community (Optional transitive attributes): Allow routers to tag routes with an indicator (the community) and allow other routers to make decisions based upon that tag.<br />Atomic aggregate (Well-known discretionary): Informs the neighbor AS that the originating router has aggregated the routers.<br />Aggregator: Optional transitive attributes<br />Weight (Cisco defined): Configured locally to a router and not propagated- Values from 0 to 65535. Default of 32768 for paths the router originates and 0 for other paths. Routes with a higher weight are preferred when multiple routes exist to the same destination.<br />The BGP synchronization rule states that a BGP router should not use, or advertise to an external neighbor, a route learned by iBGP, unless that route is local or is learned from an IGP. BGP synchronization is on by default. Basically, disabling BGP synchronization allows a router to advertise routes in BGP before learning them in IGP.<br /><br />-Route Selection BGP route selection is based on metrics in the following order:<br />Highest weight /Highest local preference /Originated by the local router / Shortest AS-path Lowest origin code /Lowest MED<br /><br />Configuring BGP:BGP configuration is similar to other routing protocols. Here is an example configuration connecting two neighbors in a different autonomous system.<br />RouterA(config)#router bgp 64500<br />RouterA(config-router)#neighbor 10.1.1.1 remote-as 65000<br />RouterA(config-router)#network 172.16.0.0 mask 255.255.0.0<br />RouterB(config)#router bgp 65000<br />RouterB(config-router)#neighbor 10.1.1.2 remote-as 64500<br />RouterB(config-router)#network 172.17.0.0 mask 255.255.0.0<br /><br />-Multihoming :Multihoming describes an AS that is connected to more than one ISP. The three common ways to configure connections are: Default routes from all providers - Low memory and CPU usage. Provider sends BGP default route. AS sends all of its routes to the provider.Customer routes and default routes from all providers - Medium memory and CPU usage. Best path is usually shortest AS-path. Can override path choice. IGP metric to default route used for all other destinations. Full routes from all providers - Higher memory and CPU usage. Reach all destinations by best path. Can still manually tune path choice. Advertising Routes with BGP<br /><br />-When we redistribute BGP with IGPs, BGP has its own table in addition to the IGP routing tables. Redistribution is the process of exchanging the routing information between the two dissimilar routing tables. You can advertise networks into BGP via:Using the network command Redistributing static routes using the null 0 Redistributing dynamic IGP routes - Cisco recommends not redistributing from the IGP, as it may cause instability.<br /><br /><br />Always use: update-source loopback0 for iBGP.<br /><br />When a prefix is received from an eBGP neighbor, it must be advertised to both eBGP & iBGP neighbors.<br /><br />When a prefix is received from an iBGP neighbor, it is advertised ONLY to eBGP neighbors and NOT to any iBGP neighbors. This requires that all iBGP routers must be fully meshed or the use of route-reflectors or confederations.<br /><br />The synchronization rule only applies to iBGP learned prefixes. It states that an iBGP learned prefix cannot be considered best unless you have a matching IGP route for that BGP prefix.<br /><br />There are only 3 ways to originate prefixes in BGP:<br />Network statement<br />Aggregate statement<br />Redistribute an IGP into BGP<br /><br />When iBGP speakers are NOT fully meshed and there is no route-reflector or confederation, any prefix learned from an iBGP neighbor will only be advertised to eBGP neighbors and not to any iBGP neighbors.<br /><br />BGP only advertises what it considers the best path. If the iBGP path is not synchronized, it's not included in the best path calculation.<br /><br />Implications:<br />NO SYNC or Synchronize by redistributing BGP into the IGP at the router that introduced the BGP route. <br /><br />Redistribute eBGP into IGP at the border router.<br /><br />The BGP Router-id is used with the synchronization and in iBGP the BGP Router-id is used as tie breaker for the BGP path selection<br /><br />Just because the next hop is pingable, it does not mean it's a valid next hop.<br />Next hop addresses that are reachable only via a default route aren't valid.<br />Next hop addresses that are reachable only via another BGP route are also not valid.<br />By default, BGP does not accept subnets redistributed from Interior Gateway Protocol (IGP).<br /><br />To advertise and carry subnet routes in BGP, use an explicit network command or the no auto-summary command.<br /><br />The no auto-summary command is NOT needed if there is no redistribution from IGP into BGP.<br /><br /><br />BGP communities<br />Helps with scalability in large networks<br />Group of destinations that share some common property<br />no-export Do not advertise to EBGP peers<br />will go to sub-confed peers<br />no-advertise Do not advertise to any peer will go to next-hop only<br />internet Advertise to any peer<br />none Removes the community with: set community none<br /><br />BGP Debug Info<br />show ip bgp neighbor: Detailed information on TCP and BGP neighbor connections<br />show ip bgp summary: Summary of BGP neighbor status<br />show ip bgp path: Path information<br />show ip bgp: shows the BGP routing table<br />show ip bgp x.x.x.x: Shows all the attributes for the route<br />sho ip bgp neighbor x.x.x.x advertised-routes: Shows the advertised routes by neighbor x.x.x.x<br />sho ip bgp nei x.x.x.x routes: Shows the routes from neighbor x.x.x.x<br />show ip bgp neighbor x.x.x.x received-route: to view the routes received from neighbor<br />debug ip bgp: display all BGP activity [not very resource intensive]<br />debug ip bgp update [access-list]<br />access-list 1 permit host 10.108.10.0 [prefix 10.108.10.0]<br />access-list 101 permit host 10.108.10.0 host 255.255.255.0<br />network 10.108.10.0/24<br />show ip bgp route-map xxx: Will show the routes to which the route-map was applied to<br /><br /><br />BGP regular expressions<br />sh ip bgp regexp {pattern}: Will displays the result of the RegEx<br />[0-9]*: All routes from this AS<br />^[0-9]*$: This AS only<br />_.*: Matches everything [permit any/all] [a space and anything]<br />_100_: Match any route going through AS100<br />_100 200_: Match any route passed through 100 and 200<br />_100$: Match any route originated in AS100<br />^100$: Match only routes originated in AS100 that did not pass through any other AS<br />^100_: Match only routes transiting directly connected AS100, anything else behind<br />^100 .*: Match only routes received from AS100 or 1000..., anything else behind<br />^$ Match only routes originated from this AS<br />.*: Match anything [usually at end as: permit .*]<br />( .*): matches a space plus a AS<br />( .*)*: matches a space plus a AS or a null string<br />?: To type ?: either Ctrl-V or Esc-Q<br />.: Matches any single character, including white space.<br />*: Matches 0 or more sequences of the pattern.<br />+: Matches 1 or more sequences of the pattern.<br />?: Matches 0 or 1 occurrences of the pattern.<br />^: Matches the beginning of the input string.<br />$: Matches the end of the input string.<br />_: Matches a comma (,), left brace ({), right brace (}), left parenthesis, right parenthesis, the beginning of the input string, the end of the input string, or a space.<br />[]: Designates a range of single-character patterns.<br />-: Separates the end points of a range.<br />(): (Border Gateway Protocol (BGP) specific) Designates a group of characters as the name of a confederation.<br /><br />BGP selection process: Before anything -- if a route is not synchronized, it is thrown out!!<br />The address/network given for the next hop is available in the IP routing table<br />The route with the highest Weight attribute (the Weight attribute is Cisco proprietary)<br />The route with the highest Local_Preference attribute<br />Any routes that were learned Locally (next-hop = 0.0.0.0)<br />The route with the shortest AS_Path attribute (confed learned paths are not included.)<br />The route with the lowest Origin [internal (0), external (1), incomplete (2)]<br />The route with the lowest Multi-Exit Discriminator (MED)<br />The route learned via EBGP (iBGP routes are discarded at this point)<br />The route with the nearest IGP neighbor<br />The oldest learned route<br />The route with the lowest BGP router-id<br /><br />BGP synchronization rules<br />The BGP synchronization rules only apply to iBGP, If your autonomous system is passing traffic from another AS to a third AS, BGP should not advertise a route before all routers in your AS have learned about the route via IGP. BGP will wait until the IGP has propagated the route within the AS and then it will advertise that route to external peers. If you will not be passing traffic from a different autonomous system through your AS, or if all routers in your AS will be running BGP, you can disable synchronization. Disabling this feature can allow you to carry fewer routes in your IGP and allow BGP to converge more quickly.<br /><br />How BGP advertises<br />Split horizon is always enabled, NO MATTER WHAT. A prefix learned from a neighbor will never be advertised back to that neighbor if that was the best route.<br />eBGP ==> eBGP: Next-hop for the destination will be set to: The interface doing the advertisement unless use: update-source<br />eBGP ==> iBGP: Next-hop for the destination will be set to: The interface of the eBGP doing the advertisement unless use: update-source, the iBGP peer must have a route [via IGP] to next-hop subnet, or won't go into BGP routing table Have the iBGP router do the next-hop-self If next-one does not have ebgp interface in routing table ==> next-hop-self<br />iBGP ==> eBGP: Next-hop for the destination will be set to: The interface doing the advertisement unless you use: update-source<br />iBGP ==> iBGP: Next-hop for the destination will be set to: iBGP peers do not advertise routes to other iBGP peers<br /><br />How BGP attributes are applied<br />Weight: It is applied to neighbor/route-map IN with an eBGP neighbor to influence which interface to use to go out. Affects this router only<br />Local preference: It is applied with a route-map IN to influence outbound traffic, affects the whole AS eBGP<br />As-path prepend: It is applied with a route-map OUT with an eBGP neighbor to influence inbound traffic<br />MED: It is applied with:<br />route-map OUT with an eBGP neighbor to influence which router to use to come in<br />route-map IN with an eBGP neighbor to influence which router to use to come in<br />Distribute-list/route-filters: They are applied with a route-map IN/OUT to control which routes come in or go out<br />Communities: They are applied with a:<br />route-map OUT to propagate the community route-map IN to take action based on the community must do a: neighbor x.x.x.x send-community or the community will not be sent must do a: cle ip bgp * or the community will not be sent<br />Soft-reconfiguration: neighbor x.x.x.x soft-reconfiguration with an INBOUND eBGP neighbor<br />IP access-lists & IP distribute-lists: ONLY use route-map OUT<br />IP AS-PATH: It is applied with a route-map IN<br />TRY USING IP AS-PATH AS MUCH AS POSSIBLE INSTEAD OF IP ACCESS-LIST<br /><br />Distances and routes<br />Modify the distance when you try to manipulate the choice of one protocol over another.<br />If there are multiple routes within a protocol, use the metric to modify the path.<br />SETTING THE DISTANCE IS ONLY LOCALLY SIGNIFICANT AND DOES NOT AFFECT OTHER ROUTERS.<br /><br />Remember that a Route Reflector actually only reflects the best route and NOT all routes.<br /><br />When you want to announce network you can either choose to use the “network” commands, the “aggregate-address” command or the “redistribution” commands. You do NOT need to have “network” commands if you use redistribution. Aggregate address will ONLY look in the BGP table. So you will need to get networks into BGP before using aggregate address to summarize them (you get them in there using either “network” or redistribute).<br /><br />BGP, a distance vector routing protocol , uses TCP as its layer four transport (TCP port 179), does not use triggered updates , uses periodic keepalives to verify TCP connectivity , is extremely scalable, but is slow to converge<br /><br />BGP, It is most useful when you have multiple or redundant Internet connections since it can then find the service provider with the fastest path to your destination.<br /><br />BGP does not dynamically discover other neighboring BGP routers. They must be statically configured. This is beneficial since the service provider keeps its BGP connections under tight security. Use the following syntax to configure a BGP neighbor relationship:<br />Router(config)# router bgp <autonomous_system_number><br />Router(config-router)# neighbor <ip_address> remote-as <remote_as_number><br /><br />You can only configure a Cisco router for a single BGP autonomous system (AS) (you cannot enter multiple router bgp <as> numbers). However, you can connect to a practically limitless number of neighboring autonomous systems. <br /><br />Once you have formed your neighbor relationships (neighbors no longer show the idle or active states from the show ip bgp summary output), you are now able to specify which internal networks you would like to advertise into the BGP routing process. Remember, service provider will propagate the networks you advertise to the entire Internet.<br /><br />The BGP network command operates differently than any other routing protocol. Typically, the network statement tells a routing process the networks on which it should operate. For example, if you typed network 10.0.0.0 when using the RIP routing protocol, RIP would send advertisements out any interface that was using an address from the 10.0.0.0/8 network. In BGP, the statement network 10.0.0.0 causes BGP to advertise the 10.0.0.0/8 network to all neighbor relationships it has formed (provided a 10.0.0.0/8 network is installed on the interior routing table).<br /><br />Because BGP is responsible for transmitting the entire Internet routing table, the amount of routes received by your router could be enormous. If your network requires redundant service providers, you would receive multiple copies of this routing table! In order to manage such a large amount of incoming routes, you must implement policy-based filtering techniques.<br /><br />AS-Path filters will allow or deny BGP routes based on the autonomous system (AS) string attached to the route advertisement. For example, you could choose to block all incoming routes that originated, passed through, or most recently came from AS 50. You could choose to apply a filter that only permitted routes that have an empty AS-path string. This would effectively block all routes except those which originate from your autonomous system (these routes have an empty AS-path string).<br /><br />Because AS-Path filters can match any criteria in the AS-path string, it is critical for you to understand regular expressions. Regular expressions allow you to use wildcard characters to provide flexible methods for matching exact AS numbers from the AS-path string.<br /><br />Prefix-list filters allow you to filter specific networks from incoming or outgoing BGP advertisements. A prefix-list performs the same role as an access-list, however, Cisco has added many improved features. Individual entries in prefix-lists can be inserted or deleted. Prefix-lists also consume less CPU cycles than an access-list due to tree-structure rather than sequential processing. To create a prefix list, use the following syntax:<br />Router(config)# ip prefix-list list_name [seq sequence_number] [permit deny] address/prefix [ge value] [le value]<br /><br />The ge and le values give you greater flexibility when using prefix lists. They allow you to match ranges of subnets rather than a specific subnet.<br />For example, if you wanted to permit a specific subnet (192.168.1.0/24), your prefix-list would look like the following:<br />Router(config)# ip prefix-list Example seq 10 permit 192.168.1.0/24<br />If you wanted to match any non-classful subnets of 192.168.1.0/24, you would use the following prefix-list:<br />Router(config)# ip prefix-list Example seq 10 permit 192.168.1.0/24 ge 25<br />The above statement is like saying, “match any address that starts with 192.168.1.0, but has a subnet mask of 25 bits or greater.” This would effectively match any subnet of the classful address 192.168.1.0/24.<br />If you wanted to match a range of subnets, for example, any 172.16.0.0/16 subnet between 16-bits and 24-bits in length, you would use the following prefix-list:<br />Router(config)# ip prefix-list Example seq 10 permit 172.16.0.0/16 le 24<br />The above statement is like saying, “match any address that starts with 172.16.0.0, but has a subnet mask between 16-bits and 24-bits in length.”<br /><br />Route-maps give you the most administrative flexibility for filtering BGP routes. The route-map you create is comprised of match and set statements. These are analogous to the if and then statements in many programming languages. The route-map will match one or more routes on defined criteria and then set some parameter for those routes. Most administrators prefer to use route-map filtering because they are able to identify (match) routes based on any number of criteria (such as the network number, subnet mask, route origination, AS-path, etc…). Once the route-map matches a route, it can then modify (set) nearly any attribute of that route (such as origin, the next hop address, weight, local preference, etc…). In addition, route-maps can also be combined with prefix-lists to permit or deny routes from entering the local BGP table.<br /><br />route-map:<br />Router(config)# route-map name [permit deny] sequence_number<br />Router(config-route-map)# match condition<br />Router(config-route-map)# set parameter<br /><br />Well-known means that all implementations must support the attribute.<br />Optional attributes do not need to be recognized by the BGP implementation.<br /><br />There are two categories of well-known attributes. They are mandatory and discretionary.<br />Mandatory attributes must be included in all messages.<br />Discretionary attributes do not need to be included in a message.<br />Mandatory Well-Known attributes are as follows:<br />Origin AS-Path Next-hop IP Discretionary Well-Known attributes are those below:<br />Local Preference Atomic Aggregate<br /><br />Optional attributes can be either transitive or nontransitive. <br />Nontransitive means the metric is not carried far.<br /><br />Transitive means that they are kept and carried beyond the local neighbors.<br />The MED is an optional nontransitive attribute.<br />The aggregator and community are optional transitive attributes.<br />The AS-path stores the list of AS numbers traversed for a network advertisement.<br /><br />Weight is the first attribute considered in route selection. A higher weight is preferred. Weight is not advertised. It is only used to influence the path selection to an outbound network from a single router.<br /><br />Local Preference works like the weight attribute for path selection. However, it affects the entire AS.<br /><br />AS-Path Prepending influences how other autonomous systems reach your network. Remember to prepend your own AS number, otherwise the advertisement will be dropped. Prepend additional AS numbers onto the path that you are attempting to devalue.<br /><br />The Multi-Exit Discriminator, AKA “metric”, is used to influence how a neighboring AS reaches your network. Higher metric values are perceived as worse. <br />Communities allow route tagging. Once routes have been tagged, they may be filtered. Communities are 32 bit values represented in decimal values separated by a colon. 2000:100 is an example of a community value. The first 16 bits represent the AS number. The last 16 bits represent the tag value.<br /><br />There are four special community values.<br />No-export: will not be advertised beyond the confederation<br />Internet: equivalent to any<br />No-advertise: never advertise this route<br />Local-AS: will not be advertised outside of the AS (even with regards to confederations)<br /><br />The private AS range is from 64512 through 65535. These are often provided by service providers to customer networks, or can be used in confederations. An easy way to remember the range is to subtract 1024 from 65536. This will provide the starting private AS. If a customer is using a private autonomous system the service provider must use the following command when peering with eBGP neighbors.<br /><br />neighbor ip-address remote-private-as<br /><br />If a customer is multihomed, a public AS should be used. <br /><br />A common method of attaching to a service provider is to advertise a default route via an IGP, pointing to the router connecting to the service provider.<br /><br />Load balancing can be achieved with parallel links between two BGP peers. To configure load balancing between the neighbors, configure static routes to the loopback IPs. Use the loopback IPs as the update-source. EBGP multihop is necessary if the peers are external. Then peer to these loopback IPs. When this is done, a recursion process will take place and static routing will accomplish load balancing between the two routers.<br /><br />Example configuration.<br />router bgp 65000<br /> neighbor 1.1.1.1 remote-as 65001<br /> neighbor 1.1.1.1 ebgp-multihop<br /> neighbor 1.1.1.1 update-source lo 0<br />ip route 1.1.1.1 255.255.255.255 10.1.1.2<br />ip route 1.1.1.1 255.255.255.255 10.1.2.2<br /><br />If two ISPs provide different AS numbers, AS number translation may be used to communicate with the service providers without problem.<br /><br />When an AS functions as a transit system for other autonomous systems, the following considerations must be made:<br />Do not redistribute BGP into your IGP<br />Do not use default routing<br /><br />IGPs are responsible for advertising next-hop-ips for iBGP peers<br /><br />Include the links to eBGP neighbors in the IGP process to allow reachability to the next hop IP. Next-hop-self can also be used to prevent reachability issues.<br /><br />Avoid conflicts with IGP and BGP routes. If both protocols learn of the same network by different protocols, administrative distance will be used to choose the route to use. This can cause disastrous results if uncontrolled. Below you will find the administrative distance of common routing protocols.<br /><br />neighbor ip-address update-source interface – Peer to stable interfaces for iBGP peers<br />no synchronization – Use if an IGP is not enabled.<br />distance bgp external internal local – Use to modify the AD of a route<br /><br />BGP carries customer and provider routes<br />IGPs carry only internal routes used to supply routers with an understanding of the next-hop-IP. This may include loopback IPs for IBGP neighborships.<br />Do not redistribute BGP into your IGP<br />IBGP does not scale well as a full mesh, and create too much update traffic<br />Use route-summarization whenever possible<br />Route Reflectors overcome the full mesh requirement of IBGP neighborship.<br /><br />When a router receives an update from an external peer, it will propagate that advertisement to all peers (eBGP and iBGP).<br />When a router receives an update from a non-client internal peer, if it is a router reflector, it will propagate that advertisement to all clients and eBGP peers.<br />When a route reflector receives an update from a client, it will be reflected to all iBGP peers. Route-reflectors may be single points of failure unless clusters are used. Clusters allow for redundancy without problems such as routing loops.<br />A hierarchy of route-reflectors may be used to overcome scaling very large autonomous systems.<br /><br />Confederations allow a large autonomous system to be carved up into smaller AS numbers. To the outside world, the autonomous systems participating in the BGP confederation are seen as a single AS. This can help overcome scalability by reducing peering. <br /><br />An iBGP full mesh is needed for member-autonomous systems. eBGP neighborships can be used in any manner to provide connectivity between all participating member-ASs.<br /><br />BGP Commands:<br />bgp cluser-id cluster-id – Configured the route reflector cluster<br />neighbor ip-address route-reflector-client – Informs a route reflector of its clients<br />router bgp member-as-number – Configures the member-AS of a router within a confederation<br />bgp confederation identifier external-as-number – Configures the external AS<br />bgp confederation peers list-of-intra-confederation-as – Informs an intermember EBGP speaker in a confederation of the other member-autonomous systems participating in the confederation<br /><br />The creators of the BGP routing protocol designed it for slow convergence. Although this seems illogical, it becomes clear when you realize the sheer size of a BGP network. If BGP propagated routes quickly, a single, flapping network could cause an instant worldwide routing table recalculation. Considering the number of flapping routes that exist on a daily basis, this would be disastrous.<br /><br />Using a variety of BGP configuration commands, you are able to lower the convergence time of BGP. If you are dealing with Internet-sized routing tables, Cisco recommends that you do NOT adjust the following timers. However, if you are using BGP to manage an enterprise-sized routing table, modifying the following timers can increase network performance and convergence time.<br /><br />There are two timers you can adjust to lower the convergence time of BGP: the scanner interval and the hello interval.<br /><br />The scanner interval is how often the BGP routing process “walks through” the BGP routing table and ensures all routes are still reachable. By default, this occurs once every 60 seconds. By lowering this interval you allow BGP to modify the table more quickly in the event that a next-hop address becomes unreachable. Keep in mind that decreasing this interval does adversely affect your router CPU load. Use the following syntax to modify the scanner interval<br />Router(config-router)# bgp scan-time seconds<br /><br />The hello interval is how often BGP sends a hello message to a neighboring router. By default, BGP sends hello messages every 30 seconds for EBGP neighbors and every 5 seconds for IBGP neighbors. By decreasing this interval, the BGP routing process can detect a disconnected neighbor sooner resulting in faster convergence. Use the following syntax to modify the hello interval:<br />Router(config-router)# neighbor ip_address advertisement-interval seconds<br /><br />Limiting the number of BGP prefixes from a neighbor: This feature allows you to limit the number of route advertisements you receive from a particular neighbor. This is necessary to protect yourself from a misconfigured neighbor who could send multiple copies of the Internet routing table to your router. This would quickly result in a memory overflow and potentially cause the router to crash. Use the following syntax to limit the number of prefixes you can receive from a neighbor:<br />Router(config-router)# neighbor ip_address maximum-prefix number_of_prefixes [threshold] [warning-only] [restart minutes]<br />threshold – This is a number from 0-100 representing a percentage. When a router reaches this percentage of prefixes (in relation to the maximum number of prefixes), it will begin generating warning messages.<br />warning-only – This causes the BGP router process to ONLY send warning messages when the neighbor exceeds the maximum number of prefixes. The default behavior is to drop the neighbor connection.<br />restart minutes – This instructs the router to try to re-establish the session after the specified interval in minutes<br /><br />BGP peer groups are primarily designed to ease BGP neighbor configuration. However, peer groups also provide a slight performance boost. Peer groups allow you to group common neighbor parameters under a peer group name. This is useful if you have many BGP neighbors with similar parameters. You can then assign all the neighbors to a common peer group rather than assigning all the neighbor parameters individually. The syntax to create a peer group is as follows:<br />Router(config-router)# neighbor peer_group_name peer-group<br />Router(config-router)# neighbor peer_group_name (assign parameters to the peer group such as remote-as, route-map, filter-list, etc…)<br /><br />Assigning peer groups<br />Router(config-router)# neighbor ip_address peer_group_name<br />Because the Internet is such a large entity, the probability for routing table changes is extremely high. At any given time of day or night, there are routes being added and removed from the BGP routing table. When a router connected to the Internet is failing, a common symptom is the connection going up and dropping continuously. Administrators commonly refer to this as route flapping. Uninhibited route flapping can cause constant, worldwide BGP routing table changes, thus decreasing Internet performance.<br /><br />Route dampening is a method that allows a service provider to detect flapping routes and suppress them. This keeps a route that could potentially flap for hours or even days from propagating across the Internet. The architecture of route dampening is fairly easy to understand. When a route flaps (goes down and back up), the service provider assigns that route a penalty. After a route has been assigned too many penalties, the service provider suppresses the route and no longer advertises it for a certain amount of time.<br /><br />Suppress Limit – The penalty limit at which a route is suppressed. Once a route reaches this limit, it is no longer advertised.<br />Reuse Limit – The point at which the route is re-advertised to the Internet. Once the penalty assigned to a route reaches this amount, the service provider will re-advertise the route. (in addition, service provider erases all penalties assigned to a route once the penalty drops below half of the reuse limit)<br />Maximum Suppress Limit – The maximum amount of time the service provider will suppress a route. Router(config-router)# bgp dampening [half-life reuse suppress max-suppress-time]<br /><br />Most service providers use the default route dampening parameters:<br />half-life – How long before the service provider reduces the penalty of a route by half (Half-life/15 minutes)<br />reuse – The penalty value at which a route is reused (Reuse/750)<br />suppress – The penalty value at which a route is suppressed (Suppress/2000)<br />max-suppress-time – The maximum amount of time a route can be suppressed(Max-suppress-time/60min)<br />Per-flap penalty/1000 (nonconfigurable)<br /><br />The ebg-multihop tells bgp to expect to have to traverse more hops<br />in that direction to reach the neighbor. Normally (for Ebgp), the<br />expectation is that the peer is directly connected to the network, and<br />will fail to establish the TCP connection when the specified neighbor<br />address is not found.<br /><br /><br />The bgp dampening command sets the half-life, un-suppress limit,<br />suppress-limit, and the max-time to suppress a route.<br />Is there a way to change the default cost per flap (1000) in bgp dampening<br /><br />You can set the bgp dampening parameters using either the bgp dampening<br />statement or using the set dampening statement in a route map.<br />In the documentation Cisco states that the default value for the<br />max-suppress-time is 4 times the half-life.<br /><br />You can enter however other values, lower so 3 times or so, but you can<br />enter also higher ratios. So half-time of 15 minutes and max-suppress-time<br />of 120 minutes. When doing a debug ip bgp dampening I see the dampening<br />being disabled however when I use a value greater than 4 times the<br />half-life.<br />Multihomed clients must create BGP sessions with both ISPs and have a public AS number<br /><br />Using BGP, you have the ability to influence the direction traffic leaves your autonomous system. However, once the traffic has left your immediate AS, it is no longer under your control. As stated in RFC 1771, "BGP does not enable one AS to send traffic to neighbor AS intending that the traffic take a different route from that taken by traffic originating in the neighbor AS."<br /><br />The update-source command is used to specify a link behind the neighboring router to allow for load sharing. For example, many administrators will create a loopback interface on the router and advertise the loopback interface to the neighboring router. Then, you can use the command neighbor <ip> update-source loopback 0 to use the ip address assigned to your loopback interface whenever you are communicating with the neighbor. This way, you do not need to create a neighbor relationship over only one of the two (or more) redundant links.<br /><br />Based on the BGP route selection criteria, a route with a higher weight is considered before a route with a higher local preference.<br /><br />You can filter routes based on AS number information only with an AS-path filter. While route-maps can use AS-path filters to accomplish this task, they cannot perform this feature without the use of an AS-path filter. Prefix-lists and Distribute-lists both filter on network prefix information.<br /><br />The no-export BGP community string keeps a route from leaving the autonomous system.<br /><br />You can use the default information-originate command from router configuration mode to inject a default route into the OSPF area. This is useful for clients with a single Internet connection out of the network.<br /><br />Outbound Route Filters (ORFs) are a relatively new feature allowing an inbound BGP prefix-list to replicate to a service provider router who, in turn, will apply the prefix-list in the outbound direction. This can potentially save a significant amount of needless route replication.<br /><br />The community attribute simply tags routes. You could use this attribute to perform any one the first three answers if used in conjunction with BGP filters<br /><br />Idle, Active, and Open states all indicate that the router is attempting to form a relationship with its neighbor router(s). The only indication of success is if there is no state information displayed in the output. Rather, you should see a number in the State/PrxRcvd column indicating the routers have synchronized tables.<br /><br />The ^ symbol matches any AS number at the beginning of a string.<br /><br />The > symbol in the show ip bgp output denotes the best path to a destination. When there are two or more routes to the same destination, only the route tagged with the > symbol will be placed in the routing table<br /><br />The MED does not leave a neighboring AS, making it a non-transitive attribute.<br /><br />The _ delimiting character matches the beginning of a string, the end of a string, or white space. In this case, we are using it to match the white space on either side of 512. This would indicate that it is located in the middle of the AS-path string.<br /><br />The BGP topology table will contain all routes from all neighbors with which the router has established a BGP session. The BGP routing process then chooses the best routes from the list and places them in the routing table.<br /><br />The next-hop, as-path, and origin are the three well-known, mandatory attributes in every BGP advertisement.<br /><br />The no-advertise BGP community string keeps a route from leaving the neighboring router.<br /><br />BGP route refresh allows the neighbor to resend their entire BGP topology table when you request it without tearing down the TCP neighbor session (which occurs when you clear the BGP session). This does not store the neighbor's topology table in memory as soft-reconfiguration does.<br /><br />Prefix-lists will only match the specific subnet in this case. It does not match any derivatives of this network.<br /><br />If the BGP neighbor IP address is unreachable or the partnering neighbor is misconfigured, the status will remain active. This means the router is actively attempting to find and create a TCP session with this neighbor. You can verify the connectivity failure through the use of the ping command.<br /><br />One of the most common problems administrators encounter when configuring BGP is attempting to create an EBGP neighbor relationship with a router that is not directly on the connected network. You can remedy this problem through the use of the neighbor ip_address ebgp-multihop number where number is the number of hops you must go to reach the neighbor.<br /><br />Customers this size have no need for BGP. A default static route should suffice.<br /><br />The weight attribute affects only the local router. It is never included in a BGP route advertisement.<br /><br />Without any additional configuration, the routes originating from the ISPs will have no local preference or weight settings. In this case, the router will prefer routes that have the shortest AS-path.<br /><br />The syntax to apply a prefix-list to an interface is neighbor ip_address prefix-list list_name [in/out] from router configuration mode.<br /><br />If you allow routes to pass through your AS, both the backup and primary ISP may recognize you as a transit network. This means that they will begin forwarding traffic through your AS that does not belong to you.<br /><br />BGP is an application-layer protocol that uses the TCP and IP protocols for reliable connections. It uses TCP port 179.<br /><br />The show ip bgp summary command displays a listing of all statically configured BGP neighbors along with the current status of the neighbor connection. The show ip bgp neighbor command will give you extended information about each BGP neighbor. The other two commands result in syntax errors.<br /><br />The default BGP timers include a keepalive interval of 60 seconds and a holdtime value of 180 seconds. This can be adjusted, however, this can considerably affect the CPU cycles your router must spend on the BGP routing process.<br /><br />Routes with an origin of "?" (Unknown) have most likely originated from the redistribution of IGP routes into the BGP routing table. This symptom occurs anytime routes are redistributed from an IGP.<br /><br />The "e" origin code is rarely seen in modern times. This is because it represents routes that are learned from the Exterior Gateway Protocol (EGP). EGP was the predecessor to modern day BGP.<br /><br />BGP supports only MD5 authentication. This assists in avoiding common Denial of Service (DoS) attacks.<br />BGP is a distance vector protocol. This means that it will announce to its neighbors those networks that it can reach itself. The receivers of that information will say "if that AS can reach those networks, then I can reach them via the AS."<br /><br />The AS-Path attribute (which lists all autonomous systems the route has passed through) is used to detect looping routes. If a BGP router receives a route and finds its own AS number located in the AS-Path, the router will recognize that the route has looped.<br /><br />The syntax to configure BGP weight is neighborip_address weight <weight><br /><br />The correct syntax to establish a neighbor relationship is neighbor <ip_address> remote-as <as_number><br /><br />When you set up inbound soft-reconfiguration for a BGP neighbor, your router will store the entire, original BGP routing table from the neighbor before any filters are applied in memory. This keeps the neighbor router from having to send the entire BGP topology table when you apply a new policy, but it does consume an excessive amount of memory.<br /><br />If all other criteria is equal, BGP will break the tie by choosing the route originating from the BGP router with the lowest router-id.<br /><br />The local preference attribute allows you to set the preference of routes. The higher the local preference, the more preferred the route becomes. This attribute remains with the route advertisement up to the edge of the local autonomous system.<br /><br />Since the router has a base BGP configuration, the metric (MED) is not factored into the best route decision calculations. Instead, the router will use the shortest AS-path to choose the best route. By using AS-path prepending, you can add additional AS numbers to the AS-path string of the non-preferred link and make it less desirable.<br /><br />Once traffic leaves your AS, you do not have the ability to influence the path it takes. You can only influence how the traffic leaves your AS.<br /><br />Based on the BGP decision criteria, routes with higher weights are preferred over routes with a higher local preference. In this case, the first ISP has a higher weight and is preferred over the second.<br /><br />The Metric (also called MED) allows you to "recommend" the path a neighboring AS should use to reach your system. The neighboring AS can choose to ignore this recommendation, however.<br /><br />The show ip bgp command will give you a summary output of the BGP topology table. Routes that have been entered in the routing table are marked with the ">" symbol. If you would like to see extended output regarding a specific route, you can use the show ip bgp route/prefix command.<br /><br />Unlike an access-list, an empty route-map statement permits all routes to pass through. In this case, there will be no local preference changes to the routes; the routes are simply permitted to pass through the filter<br /><br />Soft outbound reconfiguration allows you to resend the BGP topology table without tearing down the neighbor session.<br /><br />Private AS numbers work similarly to private IP addresses. For autonomous systems not advertised to the Internet, an address from the range 64512-65535 can be used.<br /><br />The command bgp default local-preference <pref> changes the local preference of all routes received by the router to the preference you designate. Answer C will only set the local preference on routes received by a specific neighbor, and Answers A and B will produce syntax errors.<br /><br />Multihomed clients must create BGP sessions with both ISPs and have a public AS number<br /><br />You must use the bgp confederation peers <as_numbers> to define all other confederation autonomous systems. BGP route dampening allows you to assign penalties to routes when they flap. Once a route hits a specific penalty limit (definable by you), the route is suppressed.By default, BGP will choose a single path to a destination and install it in the routing table. It will not load balance, even if multiple paths have exactly identical attributes The no-advertise BGP community string keeps a route from leaving the neighboring router. The default administrative distance of EBGP routes is 20.<br /><br />Unlike an access-list, an empty route-map statement permits all routes to pass through. In this case, there will be no local preference changes to the routes; the routes are simply permitted to pass through the filter.<br /><br />BGP peer-groups allow for easier configuration of BGP by applying a single configuration to multiple neighbors.Floating static routes do not work correctly with BGP. Once the floating static route makes it into the routing table, it will not be removed, even if the primary link comes back online. Floating static routes also rely on an increased administrative distance (AD), which cannot be matched with a route-map. This makes it more difficult to integrate these routes into the BGP process.<br /><br />The half-life of a route is the length of time in which a penalty is cut in half. This directly effects how long a route is suppressed by the router.<br /><br />Using a loopback interface as your update-source ensures that the BGP neighbor session is not tied to a physical interface. This allows for the most redundancy in your IBGP connections since there may be multiple paths to a loopback interface.<br /><br />If a route reflector receives an update from a non-client, it will send the update only to configured EBGP and client IBGP peers. External BGP (EBGP) is always used for the exchange of routes between autonomous systems.<br /><br />The BGP Scanner and Router processes consume the most router resources. These processes are responsible for scanning the routing table to ensure route reach ability and creating the BGP routing table, respectively.<br /><br />The correct syntax to configure a route-reflector cluster is to join all route reflectors into a common cluster by issuing bgp cluster-id cluster_number on each route reflector.<br /><br />Both Route Reflectors and BGP confederations are alternatives to creating a full IBGP neighbor mesh. These allow specific routers to be designated as "reflector" or "edge" routers. These routers disable the BGP split-horizon rule, eliminating the full mesh requirement.<br /><br />Redundant route reflectors are configured into a cluster. This unique cluster ID is added to each outgoing route update. If a route reflector cluster ever receives a route with its cluster ID, the route is identified as "looping" and dropped<br /><br />Because IGPs are not as scalable as BGP, they should never be used to handle the BGP routing table. In a transit system, they should only be used to propagate BGP next hop IP addresses. Confederation AS numbers are encased by parentheses in the AS-Path. These numbers are typically stripped and replaced with the real AS number before advertising a route to an external system.<br /><br />Because each service provider is typically assigned a unique range of addresses, these addresses can be easily aggregated by the service providers. Thus, if you change service providers, you must return the old range and accept a new range from your new ISP. Otherwise, address aggregation would be extremely difficult, if not impossible.<br /><br />Since transit systems typically run BGP on all routers (internal and external), it is safe to disable synchronization once all BGP peers have been meshed. This ensures there are no "black holes" in the AS.<br /><br />By default, a route is suppressed when it reaches a penalty limit of 2000.<br /><br />BGP Split Horizon states that your router should never send a route to an IBGP neighbor that was received via IBGP. This will require you to use either a full mesh IBGP environment or route reflectors.<br /><br />Since the router has a base BGP configuration, the metric (MED) is not factored into the best route decision calculations. Instead, the router will use the shortest AS-path to choose the best route. By using AS-path prepending, you can add additional AS numbers to the AS-path string of the non-preferred link and make it less desirable.<br /><br />When a route reaches half of the reuse limit (which is assigned a value of 750, by default), the penalty assigned to a route is completely erased and the route begins with a "clean slate."<br /><br />By default, EBGP neighbors will form only if they are directly connected. You can change this behavior by using the syntax neighbor <ip> ebgp-multihop hops, where hops is the number of hops the router must travel through to reach the neighbor.<br /><br />The BGP split horizon rule says, "never send a route learned by IBGP to another IBGP peer." The route-reflector effectively disables this rule. Improper placement of a route reflector can result in routing loops.<br /><br />Routers belonging to an internal BGP confederation should have their routing process started with the confederation AS number. The real AS number is defined using the bgp confederation identifier <as_number> command under router configuration mode.<br /><br />Any of the above parameters can be applied to a BGP peer group except outbound prefix-lists. The two restrictions for a peer group are per-neighbor BGP parameters that affect outbound updates, and IBGP and EBGP neighbors cannot be mixed in a peer group.<br /><br />BGP confederations allow you to split a single AS into multiple sub-autonomous systems. The AS is still represented by a single AS number, however EBGP sessions are used between internal sub-autonomous systems. This is one way to alleviate the full-mesh IBGP requirement. The other is route-reflectors.<br /><br />AS-Path length is one of the common factors used when deciding on the best path to reach a given destination. AS-Path prepending allows you to add AS numbers to the beginning of the AS string, thus making a path less desirable.<br /><br />You can use the maximum-paths command from router configuration mode to configure BGP to load balance between a maximum of six paths.<br /><br />Increasing the BGP hello interval allows you to detect neighbor failure more quickly. This allows for faster convergence on the BGP network. However, the smaller the hello interval becomes, the more resources the BGP process will consume.<br /><br />If a route reflector receives an update from an internal client, it will act no differently than any other BGP router and will send the update to all configured neighbors. By default, all routes sent through an IBGP neighbor relationship will have the next-hop address of the originator of the route. This behavior can be changed with the next-hop-self argument attached to the neighbor statement.<br /><br />By default, all routes sent through an EBGP neighbor relationship will have the next-hop address of the router sending the routes.<br /><br />If you are connected to multiple ISPs, you will most likely use provider-independent addressing. This keeps your organization from being tied to the specific range of a certain ISP (which is provider-assigned addressing).<br />The default packet size between BGP peers is 536 bytes. This can be inefficient in many circumstances. This can be increased using theip tcp path-mtu-discovery command.<br />The no-export BGP community string keeps a route from leaving the autonomous system.<br />Cisco recommends that you should always use private AS numbers (AS numbers above 64512) when configuring internal confederations.<br />By default, BGP will only install a single path to a destination network in the routing table. You can increase this up to a maximum of six paths using the maximum-paths command from router configuration mode<br /><br />The use of a loopback interface ensures that the neighbor stays up and is not affected by<br />malfunctioning hardware.<br />BGP uses the IP address configured on the physical interface directly connected to the BGP peer as the source address when it establishes the BGP peering session, by default. Issue the neighbor <ip> update−source <interface> command in order to change this<br /><br />behavior and configure the BGP that speaks to the router to establish peering with the use of a loopback address as the source address.<br /><br />Internal BGP (iBGP) sessions preserve the next hop attribute learned from eBGP peers.<br />This is why it is important to have an internal route to the next hop. The BGP route is<br />otherwise unreachable. In order to make sure you can reach the eBGP next hop, include the<br />network that the next hop belongs to in the IGP or use the next−hop−self neighbor command<br />to force the router to advertise itself, rather than the external peer, as the next hop. Refer to the BGP Nexthop Attribute section of BGP Case Studies for a more detailed explanation.<br /><br />There are three most important keywords which we should have in mind while setting up BGP neighbor relationship. Even sometimes when we have successful BGP relationship, we are not able to see routes in the routing table. Following are the three important keywords.<br /><br />1)ebgp-multihop :- In EBGP, neighbor relationships are only formed if we have directly connected networks. We would require to use ebgp-multihop keyword with neighbor statement so that neighbors which are not directly connected can form relationship with each other. We need to specify a number with ebgp-multihop keyword, number can be between 1-255. This number represents how many hop counts is the router away.<br /><br />2)update-source. We need to specify the interface which will be used to update neighbor table incase routers are not directly connected. Without update-source we will not be able to form BGP neighbor relationships. update-source keyword will update the interface which will be used to form neighbor relationship. see configuration example below for better understanding.<br /><br />3) next-hop-self:- When ebgp relation replicates , next hop always changes.IBGP routers only connected with other ibgp routers in same AS will not be able to talk with routers outside the AS, if they are not directly connected with each other. We would require a next-hop-self keyword in the ibgp router which is directly connected with ebgp neighbor so that other router in same AS (IBGP) can talk with ebgp routers. Refer to configuration<br />router BGP 34 –> As soon as we type 34 BGP process will start in the background<br />neighbor 192.168.1.2 remote-as 34 –> Bgp will know that this is IBGP looking at AS<br />neighbor 172.16.1.2 remote-as 400 –> neighbor relationship with ebgp peer.<br />neighbor 3.3.3.3 ebgp-multihop 255 –> 255 is number of hops that neighbor is away. we can use any number from 1-255, it can be more specific by using 1 or 2 but my personal fav is 255 as it avoids confusion.<br />neighbor 3.3.3.3 update-source loopback 0 –> Here is the idea, when its sourcing the packets its sourcing it from serial interface, we need to inform the otherside that source interface is not serial interface, it is looback interface so that it cann match ip ip’s with the right interface and form neighbor relationship.<br /><br /><br />Use network commands to add neighbors in routing table. Network command in BGP is bit different then Network command in other routing protocols. we ‘ll need to define mask keywork with network command in order to advertise clasless network where as if it is using a default mask we can ignore the same.<br /><br />There are times when route propagated in BGP doesn't exist. As we know that even in link down situation, BGP takes its own sweet time to converge. In this kind of scenario we need to clear advertised routes and in some cases we use the following command<br />clear ip bgp *<br /><br />You can also verify the advertised routes with following command<br />sh ip bgp neighbors A.B.C.D advertised-routes<br />Even in cases when you change the inbound/outbound policy , you need to reset your BGP session.But using clear ip bgp * can impact all other links as BGP will create routing table from scratch. This is as good as rebooting the router. To minimise impact we can use following command.<br /><br />clear ip bgp A.B.C.D soft out –> When you make changes in outbound policy<br />and use clear ip bgp A.B.C.D soft in –> When you make changes in inbound policy .<br /><br />There is a way to tag a route advertisements with additional information. you can tag route using bgp communities. A community defines a property of a prefix, in such a way that a router can be configured to treat all prefixes with a certain community in a certain way, for example, to give those a higher preference. This way, one does not have to build an access list to match all the prefixes explicitly. A prefix can be tagged with multiple communities, and a community can be attached to multiple prefixes.RFC1997 gives you more details on BGP communities.<br /><br />Most important communities are NO_ADVERTISE and NO_EXPORT, indicating that a prefix should not be re-advertised beyond the router or the autonomous system receiving the prefix respectively. The latter is useful if you want to announce a more-specific prefix to one of your upstreams without polluting the global routing table.<br /><br /><br />WARNING: Setting the<br />no-export, no-advertise, or no-export-subconfed<br />communities can have the (possibly unwanted) side effect that no routes are announced, even if there are other routes that would otherwise be eligible for announcement.<br /><br />For instance, if we have 2 ISP's ISP A and ISP B,if you set the<br />no-advertise community on routes announced to ISP B, other customers of ISP Bwon't see these routes because they aren't advertised. This is as intended. But routes with the same NLRI that ISP B has learned from ISP A will not be advertised either, because ISP B considers the directly received routes with the no-advertise community best, and only the best route is eligible for further announcement over BGP.<br /><br /><br /><br />Router# clear ip bgp {* address peer-group-name} soft in <br />this performs a dynamic soft reset on the connection specified in the command<br /><br />The following examples shows the clear ip bgp 131.108.1.1 soft in command used to initiate a dynamic soft reconfiguration in the BGP peer 131.108.1.1. This command requires that the peer supports the route refresh capability.<br />Router# clear ip bgp 131.108.1.1 soft inMADUNIXhttp://www.blogger.com/profile/09324689643630694197noreply@blogger.com0