Why does OSPF require all traffic between non-backbone areas to pass through a backbone area (area 0)?
Because inter-area OSPF is distance vector, it is vulnerable to routing loops.
It avoids loops by mandating a loop-free inter-area topology,
in which traffic from one area can only reach another area through area 0.
Jeff's full explanation.
Here
Thursday, July 31, 2008
Study Notes; OSPF over NBMA
OSPF characterizes FR networks as non-broadcast multiple access (NBMA)
because they can support more than two attached routers, but do not have a broadcast capability.
In an NBMA network topology, which is inherently nonbroadcast, neighbors are not discovered automatically.
OSPF tries to elect a DR and a BDR due to the multi-access nature of the network, but the election fails since neighbors are not discovered.
Neighbors must be configured manually to overcome these problems.
OSPF can run into 2 modes.
NBMA and Point-to-multipoint
Configurations for NBMA (Using Network Type Broadcast)
Router1
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
!
interface Serial2
ip address 1.1.1.2 255.255.255.0
encapsulation frame-relay
ip ospf network broadcast
no keepalive
frame-relay map ip 1.1.1.1 16 broadcast
!
!
router ospf 1
network 1.1.1.0 0.0.0.255 area 0
Router2
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Serial1/0
ip address 1.1.1.1 255.255.255.0
encapsulation frame-relay
ip ospf network broadcast
no keepalive
clockrate 2000000
frame-relay map ip 1.1.1.2 16 broadcast
!
router ospf 1
network 1.1.1.0 0.0.0.255 area 0
Router1# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 1 FULL/BDR 00:00:37 1.1.1.1 Serial2
Router1# show ip ospf interface s2
Serial2 is up, line protocol is up
Internet Address 1.1.1.2/24, Area 0
Process ID 1, Router ID 3.3.3.3, Network Type BROADCAST, Cost: 64
Transmit Delay is 1 sec, State DR, Priority 1
Configurations for NBMA (Using Neighbor Statements)
Router1
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface Serial2
ip address 1.1.1.2 255.255.255.0
encapsulation frame-relay
ip ospf priority 2
no keepalive
frame-relay map ip 1.1.1.1 16
!
router ospf 1
network 1.1.1.0 0.0.0.255 area 0
neighbor 1.1.1.1
Router2
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Serial1/0
ip address 1.1.1.1 255.255.255.0
encapsulation frame-relay
no keepalive
clockrate 2000000
frame-relay map ip 1.1.1.2 16
!
router ospf 1
network 1.1.1.0 0.0.0.255 area 0
neighbor 1.1.1.2
!
frame-relay map commands do not need to have the broadcast parameter because the OSPF packets are unicasted with the neighbor statement.
Router2# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 1 FULL/DR 00:01:49 1.1.1.2 Serial1/0
Router2# show ip ospf interface s1/0
Serial1/0 is up, line protocol is up
Internet Address 1.1.1.1/24, Area 0
Process ID 1, Router ID 2.2.2.2, Network Type NON_BROADCAST, Cost: 64
Transmit Delay is 1 sec, State BDR, Priority 1
Configurations for Point-to-Multipoint
Router1
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface Serial2
ip address 1.1.1.2 255.255.255.0
encapsulation frame-relay
ip ospf network point-to-multipoint
no keepalive
frame-relay map ip 1.1.1.1 16 broadcast
!
router ospf 1
network 1.1.1.0 0.0.0.255 area 0
!
Router2
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Serial1/0
ip address 1.1.1.1 255.255.255.0
encapsulation frame-relay
ip ospf network point-to-multipoint
no keepalive
clockrate 2000000
frame-relay map ip 1.1.1.2 16 broadcast
!
router ospf 1
network 1.1.1.0 0.0.0.255 area 0
Router1# show ip ospf neighbors
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 1 FULL/ - 00:01:53 1.1.1.1 Serial2
Router1# show ip ospf interface s2
Serial2 is up, line protocol is up
Internet Address 1.1.1.2/24, Area 0
Process ID 1, Router ID 3.3.3.3, Network Type POINT_TO_MULTIPOINT, Cost: 64
Transmit Delay is 1 sec, State POINT_TO_MULTIPOINT,
There are no DR and BDR elected when the NBMA network is configured as Point-to-Multipoint, since it is treated as a collection of point-to-point links.
because they can support more than two attached routers, but do not have a broadcast capability.
In an NBMA network topology, which is inherently nonbroadcast, neighbors are not discovered automatically.
OSPF tries to elect a DR and a BDR due to the multi-access nature of the network, but the election fails since neighbors are not discovered.
Neighbors must be configured manually to overcome these problems.
OSPF can run into 2 modes.
NBMA and Point-to-multipoint
Configurations for NBMA (Using Network Type Broadcast)
Router1
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
!
interface Serial2
ip address 1.1.1.2 255.255.255.0
encapsulation frame-relay
ip ospf network broadcast
no keepalive
frame-relay map ip 1.1.1.1 16 broadcast
!
!
router ospf 1
network 1.1.1.0 0.0.0.255 area 0
Router2
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Serial1/0
ip address 1.1.1.1 255.255.255.0
encapsulation frame-relay
ip ospf network broadcast
no keepalive
clockrate 2000000
frame-relay map ip 1.1.1.2 16 broadcast
!
router ospf 1
network 1.1.1.0 0.0.0.255 area 0
Router1# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 1 FULL/BDR 00:00:37 1.1.1.1 Serial2
Router1# show ip ospf interface s2
Serial2 is up, line protocol is up
Internet Address 1.1.1.2/24, Area 0
Process ID 1, Router ID 3.3.3.3, Network Type BROADCAST, Cost: 64
Transmit Delay is 1 sec, State DR, Priority 1
Configurations for NBMA (Using Neighbor Statements)
Router1
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface Serial2
ip address 1.1.1.2 255.255.255.0
encapsulation frame-relay
ip ospf priority 2
no keepalive
frame-relay map ip 1.1.1.1 16
!
router ospf 1
network 1.1.1.0 0.0.0.255 area 0
neighbor 1.1.1.1
Router2
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Serial1/0
ip address 1.1.1.1 255.255.255.0
encapsulation frame-relay
no keepalive
clockrate 2000000
frame-relay map ip 1.1.1.2 16
!
router ospf 1
network 1.1.1.0 0.0.0.255 area 0
neighbor 1.1.1.2
!
frame-relay map commands do not need to have the broadcast parameter because the OSPF packets are unicasted with the neighbor statement.
Router2# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 1 FULL/DR 00:01:49 1.1.1.2 Serial1/0
Router2# show ip ospf interface s1/0
Serial1/0 is up, line protocol is up
Internet Address 1.1.1.1/24, Area 0
Process ID 1, Router ID 2.2.2.2, Network Type NON_BROADCAST, Cost: 64
Transmit Delay is 1 sec, State BDR, Priority 1
Configurations for Point-to-Multipoint
Router1
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface Serial2
ip address 1.1.1.2 255.255.255.0
encapsulation frame-relay
ip ospf network point-to-multipoint
no keepalive
frame-relay map ip 1.1.1.1 16 broadcast
!
router ospf 1
network 1.1.1.0 0.0.0.255 area 0
!
Router2
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Serial1/0
ip address 1.1.1.1 255.255.255.0
encapsulation frame-relay
ip ospf network point-to-multipoint
no keepalive
clockrate 2000000
frame-relay map ip 1.1.1.2 16 broadcast
!
router ospf 1
network 1.1.1.0 0.0.0.255 area 0
Router1# show ip ospf neighbors
Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 1 FULL/ - 00:01:53 1.1.1.1 Serial2
Router1# show ip ospf interface s2
Serial2 is up, line protocol is up
Internet Address 1.1.1.2/24, Area 0
Process ID 1, Router ID 3.3.3.3, Network Type POINT_TO_MULTIPOINT, Cost: 64
Transmit Delay is 1 sec, State POINT_TO_MULTIPOINT,
There are no DR and BDR elected when the NBMA network is configured as Point-to-Multipoint, since it is treated as a collection of point-to-point links.
Finished Dramatic OSPF LABS.
This OSPF technology-lab topic is the interesting and lots of things to understand and remember for LAB exams.
Practical studies Vol I and TCP/IP vol I is very good reference for theory.
But Cisco, OSPF Command and Configuration Handbook By: William R. Parkhurst is the one need to reference for commands.
Even finished those practice Labs, I still don't know some topic and don't remember.
I will have to give some more time to do it again after other technology Labs.
Practical studies Vol I and TCP/IP vol I is very good reference for theory.
But Cisco, OSPF Command and Configuration Handbook By: William R. Parkhurst is the one need to reference for commands.
Even finished those practice Labs, I still don't know some topic and don't remember.
I will have to give some more time to do it again after other technology Labs.
Friday, July 25, 2008
Cisco and Pearson VUE Launch Global Test Delivery Exam Security Enhancements
Cisco and its global testing provider, Pearson VUE, a business of Pearson Inc. are pleased to announce a series of security enhancements that will reinforce the integrity and value of its Career certification program.
The advanced security enhancements include the use of digital photographs for candidate-identity verification and forensic analysis of testing data. The new measures, to be implemented beginning on Aug. 1, will include:
Photo on Score Report and Web – On completion of a certification exam at the test center, candidates will receive preliminary score reports imprinted with their photos and unique authentication codes. The authentication code can be used to access a candidate’s official score online at Pearson VUE’s website usually within 72 hours of the examination. The online score report will also display the candidate’s photo. Candidates may share access to their online records with employers or other third parties.
Forensic Analysis – Exam results and other testing data will be continuously analyzed by forensic software to detect aberrant testing behavior and to flag suspect exams for further investigation.
Preliminary Score Report – All paper score reports will be preliminary, pending the results of forensic analysis, until official exam scores are posted to the Web usually within 72 hours of exam completion. Once the exam scores are official, candidates may use the authentication codes on their score reports to access the Pearson VUE website for score and photo verification.
These new exam security measures are part of Cisco’s overall strategy to protect the value and integrity of its certifications. Other measures include simulation-based testing, dynamically generated questions and emulations to help ensure that Cisco certified networking professionals continue to have the knowledge, skills, and credentials to perform well on the job.
To find out more about Cisco Career Certifications access the Cisco Learning Network at www.cisco.com/go/learnnetspace.
The advanced security enhancements include the use of digital photographs for candidate-identity verification and forensic analysis of testing data. The new measures, to be implemented beginning on Aug. 1, will include:
Photo on Score Report and Web – On completion of a certification exam at the test center, candidates will receive preliminary score reports imprinted with their photos and unique authentication codes. The authentication code can be used to access a candidate’s official score online at Pearson VUE’s website usually within 72 hours of the examination. The online score report will also display the candidate’s photo. Candidates may share access to their online records with employers or other third parties.
Forensic Analysis – Exam results and other testing data will be continuously analyzed by forensic software to detect aberrant testing behavior and to flag suspect exams for further investigation.
Preliminary Score Report – All paper score reports will be preliminary, pending the results of forensic analysis, until official exam scores are posted to the Web usually within 72 hours of exam completion. Once the exam scores are official, candidates may use the authentication codes on their score reports to access the Pearson VUE website for score and photo verification.
These new exam security measures are part of Cisco’s overall strategy to protect the value and integrity of its certifications. Other measures include simulation-based testing, dynamically generated questions and emulations to help ensure that Cisco certified networking professionals continue to have the knowledge, skills, and credentials to perform well on the job.
To find out more about Cisco Career Certifications access the Cisco Learning Network at www.cisco.com/go/learnnetspace.
Wednesday, July 23, 2008
Finished EIGRP Lab
EIGRP configurations notes
#router eigrp 10 (AS number)
#no autosummary
#network netID wildcast
Tune the update interval,hold time
Under interface config mode
#ip hello-interval eigrp 10 30
#ip hold-time eigrp 10 120
Tune timer
Under router eigrp mode
#timers avtive-time 60 or disabled
Change the AD for internal/external
Under router mode
#distance eigrp 90 110 (90-internal, 110-exterlnal, default 170)
summarization
Under interface config mode
#ip summary-address eigrp 10 192.168.0.0 255.255.252.0
Verify by #show ip route
EIGRP will inject a discard route to Null0
D 192.168.0.0/22 is a summary, ....., Null0
Advertise a summary route plus specific routes
use leak-map under interface config mode
#ip summary-address egirp 10 192.168.0.0 255.225.252.0 leak-map ROUTE-map
If the routemap doesnt exit, only summary routes will adv
If the routemap exist, but the route map refer to ACL that doents exist, the summary routes + all the specific routes will adv
If the routemap exist, but the route map refer to the ACL, the summary route + routs in the ACL will adv
Load balancing for unequal cost
Use variance under router mode
Authentication
use the same config as RIPv2 by using Key chain.
But only support MD5. dont support cleartext.
#router eigrp 10 (AS number)
#no autosummary
#network netID wildcast
Tune the update interval,hold time
Under interface config mode
#ip hello-interval eigrp 10 30
#ip hold-time eigrp 10 120
Tune timer
Under router eigrp mode
#timers avtive-time 60 or disabled
Change the AD for internal/external
Under router mode
#distance eigrp 90 110 (90-internal, 110-exterlnal, default 170)
summarization
Under interface config mode
#ip summary-address eigrp 10 192.168.0.0 255.255.252.0
Verify by #show ip route
EIGRP will inject a discard route to Null0
D 192.168.0.0/22 is a summary, ....., Null0
Advertise a summary route plus specific routes
use leak-map under interface config mode
#ip summary-address egirp 10 192.168.0.0 255.225.252.0 leak-map ROUTE-map
If the routemap doesnt exit, only summary routes will adv
If the routemap exist, but the route map refer to ACL that doents exist, the summary routes + all the specific routes will adv
If the routemap exist, but the route map refer to the ACL, the summary route + routs in the ACL will adv
Load balancing for unequal cost
Use variance under router mode
Authentication
use the same config as RIPv2 by using Key chain.
But only support MD5. dont support cleartext.
Tuesday, July 22, 2008
LAB Exam Locations.
Where to go out of nearest 5????
Bangalore, India Routing and Switching, Security
Beijing, PRC Routing and Switching, Security, Service Provider
Dubai, UAE Routing and Switching, Security
Hong, Kong, PRC Routing and Switching
Sydney, Australia Routing and Switching, Security, Service Provider, Voice
Others Far away
RTP, USA Routing and Switching, Security, Service Provider, Storage Networking, Voice
San Jose, USA Routing and Switching, Security, Voice
Sao Paulo, Brazil Routing and Switching, Service Provider
Tokyo, Japan Routing and Switching, Security
Brussels, Belgium Routing and Switching, Security, Service Provider, Storage Networking, Voice
Bangalore, India Routing and Switching, Security
Beijing, PRC Routing and Switching, Security, Service Provider
Dubai, UAE Routing and Switching, Security
Hong, Kong, PRC Routing and Switching
Sydney, Australia Routing and Switching, Security, Service Provider, Voice
Others Far away
RTP, USA Routing and Switching, Security, Service Provider, Storage Networking, Voice
San Jose, USA Routing and Switching, Security, Voice
Sao Paulo, Brazil Routing and Switching, Service Provider
Tokyo, Japan Routing and Switching, Security
Brussels, Belgium Routing and Switching, Security, Service Provider, Storage Networking, Voice
Finished RIPv2 LAB! Narbik's workbook
RIPv2 Lab summary configurations
#router rip
version 2
no auto summary (turn off auto summary)
Default parameters
Update interval - 30s
Invalid - 180s
Holddown - 180s
Flush - 240s
Can tune under router rip
timers basic (Update int) (Invalid) (Holddown) (Flush)
Authentication
- Define the Key
- Apply on the interface
Under config mode
#key chain Keyname
key 1
key-string password
under interface-config mode
#ip rip authentication key-chain Keyname (this is clear text)
Use MD5
#ip rip authentication mode md5
RIPv2 Updates
- By default, Multicast 224.0.0.9
Change type by these under router rip mode //use unicast
#passive-interface Fa1/0
#neighbor neighbor-IP-address
Change type under interface mode //use broadcast
#ip rip v2-broadcast
Validate update source
by default, RIP/IGRP valid the source IP as the same IP address as the connected link.
If not same, it will not update. To turn off this, under router rip mode
#no validate-update-source
Offset-list
To add an offset to incoming and outgoing metrics to routes learned via RIP,
use the offset-list router configuration command
#offset-list {access-list-number | name} {in | out} offset [type number]
define ACL
access-list 1 permit 10.0.0.0 0.255.255.255
Apply under router rip
offset-list 1 out 14 fa1/0
Routes summary under interface config mode
#ip summary-address rip 192.168.0.0 255.255.252.0
RIP commands
http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/cs/csprtn1/csrip.htm#xtocid2534115
#router rip
version 2
no auto summary (turn off auto summary)
Default parameters
Update interval - 30s
Invalid - 180s
Holddown - 180s
Flush - 240s
Can tune under router rip
timers basic (Update int) (Invalid) (Holddown) (Flush)
Authentication
- Define the Key
- Apply on the interface
Under config mode
#key chain Keyname
key 1
key-string password
under interface-config mode
#ip rip authentication key-chain Keyname (this is clear text)
Use MD5
#ip rip authentication mode md5
RIPv2 Updates
- By default, Multicast 224.0.0.9
Change type by these under router rip mode //use unicast
#passive-interface Fa1/0
#neighbor neighbor-IP-address
Change type under interface mode //use broadcast
#ip rip v2-broadcast
Validate update source
by default, RIP/IGRP valid the source IP as the same IP address as the connected link.
If not same, it will not update. To turn off this, under router rip mode
#no validate-update-source
Offset-list
To add an offset to incoming and outgoing metrics to routes learned via RIP,
use the offset-list router configuration command
#offset-list {access-list-number | name} {in | out} offset [type number]
define ACL
access-list 1 permit 10.0.0.0 0.255.255.255
Apply under router rip
offset-list 1 out 14 fa1/0
Routes summary under interface config mode
#ip summary-address rip 192.168.0.0 255.255.252.0
RIP commands
http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/cs/csprtn1/csrip.htm#xtocid2534115
Sunday, July 13, 2008
Frame relay Authenticaton by using Virtual template with PPP CHAP
Frame relay don't support Authentication by itslef and use PPP authentication with Virtual template.
Configuration
username ROUTER password 0 cisco
interface Virtual-Template1
ip address 100.100.100.1 255.255.255.0
ppp authentication chap
(virtual template is encapsulated with PPP, no need to add encapsualtion frame-relay)
interface Serial1/0.1 point-to-point
frame-relay interface-dlci 101 ppp Virtual-Template1
once configured the virtual-template interface, Virtual-access interface will come up
Router#show ip int brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES manual administratively down down
FastEthernet0/1 unassigned YES manual administratively down down
Serial1/0 unassigned YES manual up up
Serial1/0.1 unassigned YES unset up up
Serial1/1 unassigned YES manual administratively down down
Serial1/2 unassigned YES manual administratively down down
Serial1/3 unassigned YES manual administratively down down
Virtual-Access1 100.100.100.1 YES TFTP up up
Virtual-Template1 100.100.100.1 YES manual down down
Virtual-Access2 unassigned YES unset down down
Take note that Access interface is up and Virtual template is in down state.
Router#show frame-relay pvc interface serial 1/0.1
PVC Statistics for interface Serial1/0.1 (Frame Relay DTE)
Active Inactive Deleted Static
Local 3 0 0 0
Switched 0 0 0 0
Unused 0 0 0 0
DLCI = 104, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial1/0.1
input pkts 55 output pkts 87 in bytes 3112
out bytes 3784 dropped pkts 0 in pkts dropped 0 out pkts dropped 0 out bytes dropped 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 7 out bcast bytes 2316
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec pvc create time 00:07:18, last time
pvc status changed 00:04:02
Bound to Virtual-Access1 (up, cloned from Virtual-Template1)
Router#show interfaces virtual-access 1
Virtual-Access1 is up, line protocol is up
Hardware is Virtual Access interface
Internet address is 100.100.100.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Open: IPCP
PPPoFR vaccess, cloned from Virtual-Template1
Router#show interfaces virtual-access 1 configuration
Virtual-Access1 is a PPP over FR PVC (sub)interface
Derived configuration : 95 bytes
!
interface Virtual-Access1
ip address 100.100.100.1 255.255.255.0
ppp authentication chap
end
Configuration
username ROUTER password 0 cisco
interface Virtual-Template1
ip address 100.100.100.1 255.255.255.0
ppp authentication chap
(virtual template is encapsulated with PPP, no need to add encapsualtion frame-relay)
interface Serial1/0.1 point-to-point
frame-relay interface-dlci 101 ppp Virtual-Template1
once configured the virtual-template interface, Virtual-access interface will come up
Router#show ip int brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES manual administratively down down
FastEthernet0/1 unassigned YES manual administratively down down
Serial1/0 unassigned YES manual up up
Serial1/0.1 unassigned YES unset up up
Serial1/1 unassigned YES manual administratively down down
Serial1/2 unassigned YES manual administratively down down
Serial1/3 unassigned YES manual administratively down down
Virtual-Access1 100.100.100.1 YES TFTP up up
Virtual-Template1 100.100.100.1 YES manual down down
Virtual-Access2 unassigned YES unset down down
Take note that Access interface is up and Virtual template is in down state.
Router#show frame-relay pvc interface serial 1/0.1
PVC Statistics for interface Serial1/0.1 (Frame Relay DTE)
Active Inactive Deleted Static
Local 3 0 0 0
Switched 0 0 0 0
Unused 0 0 0 0
DLCI = 104, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial1/0.1
input pkts 55 output pkts 87 in bytes 3112
out bytes 3784 dropped pkts 0 in pkts dropped 0 out pkts dropped 0 out bytes dropped 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 7 out bcast bytes 2316
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec pvc create time 00:07:18, last time
pvc status changed 00:04:02
Bound to Virtual-Access1 (up, cloned from Virtual-Template1)
Router#show interfaces virtual-access 1
Virtual-Access1 is up, line protocol is up
Hardware is Virtual Access interface
Internet address is 100.100.100.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Open: IPCP
PPPoFR vaccess, cloned from Virtual-Template1
Router#show interfaces virtual-access 1 configuration
Virtual-Access1 is a PPP over FR PVC (sub)interface
Derived configuration : 95 bytes
!
interface Virtual-Access1
ip address 100.100.100.1 255.255.255.0
ppp authentication chap
end
Thursday, July 10, 2008
Terminal Length
When need to copy the whole config to the notepad,
change the terminal length to 0 (no pausing)
#show run
no pasuing on the console and can copy the whole running config and can easily paste back on the router.
Without this, if your open terminal window size is small, cannot see all the config at 1 time.
R4#terminal length ?
<0-512> Number of lines on screen (0 for no pausing)
change the terminal length to 0 (no pausing)
#show run
no pasuing on the console and can copy the whole running config and can easily paste back on the router.
Without this, if your open terminal window size is small, cannot see all the config at 1 time.
R4#terminal length ?
<0-512> Number of lines on screen (0 for no pausing)
Loading balancing
Equal cost load balancing, default 4 entries on IOS
Uneuqal cost load balancing support on IGRP and EIGRP with the command variance.
LB on process switching is on a per-packet basis (CPU intensive but guarantess equal load across all links)
LB on fast switching is on a per-destination basis
To set per-packet load-balancing, enable process switching (disable fast switching),
Router# config t
Router(config)# interface Ethernet 0
Router(config-if)# no ip route-cache
Uneuqal cost load balancing support on IGRP and EIGRP with the command variance.
LB on process switching is on a per-packet basis (CPU intensive but guarantess equal load across all links)
LB on fast switching is on a per-destination basis
To set per-packet load-balancing, enable process switching (disable fast switching),
Router# config t
Router(config)# interface Ethernet 0
Router(config-if)# no ip route-cache
Finished 1st step.
I passed my CCIE R&S written yesterday.
remember the first time I sit for the CCNA exam.
Its like CCNA (broad range of topics) only the diff is the no.of questions and topic.
Its not like CCNP exams which are specific topic for each subjects.
Anyway, got my candidate ID and it will boost my speed to work on LAB exam.
SR
remember the first time I sit for the CCNA exam.
Its like CCNA (broad range of topics) only the diff is the no.of questions and topic.
Its not like CCNP exams which are specific topic for each subjects.
Anyway, got my candidate ID and it will boost my speed to work on LAB exam.
SR
Monday, July 7, 2008
EIGRP Timer/metric
EIGRP hello and hold time can be change under interface configuration mode.
#interface fa0/0
( )#ip hello-interval eigrp 100 30
( )#ip hold-time eigrp 100 120
100 - AS number
30 - seconds
120 - seconds
EIGRP Metric default
K1= 1, K2=0, K3=1, K4=0, K5=0
metric = [K1*bandwidth + (K2*bandwidth)/(256 - load) + K3*delay] * [K5/(reliability + K4)]
This K value can be changed under router eigrp 100
metric weights (tos)0 1 0 0 0 0 (change the K3 value to 0 )
If K value mismatched, neighbor will not form.
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 10.1.1.1 (Ethernet0/0) is down: K-value mismatch
#interface fa0/0
( )#ip hello-interval eigrp 100 30
( )#ip hold-time eigrp 100 120
100 - AS number
30 - seconds
120 - seconds
EIGRP Metric default
K1= 1, K2=0, K3=1, K4=0, K5=0
metric = [K1*bandwidth + (K2*bandwidth)/(256 - load) + K3*delay] * [K5/(reliability + K4)]
This K value can be changed under router eigrp 100
metric weights (tos)0 1 0 0 0 0 (change the K3 value to 0 )
If K value mismatched, neighbor will not form.
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 1: Neighbor 10.1.1.1 (Ethernet0/0) is down: K-value mismatch
Thursday, July 3, 2008
SPECIALIZED CCNA !!!
CCNA Security
Prerequisites - Valid CCNA
Exam - 640-553 IINS Implementing Cisco IOS Network Security (IINS)
CCNA Voice
Prerequisites - Valid CCNA
Exam - 640-460 IIUC Implementing Cisco IOS Unified Communications (IIUC)
CCNA Wireless
Prerequisites - Valid CCNA
Exam - 640-721 IUWNE Implementing Cisco Unified Wireless Networking Essentials (IUWNE)
Prerequisites - Valid CCNA
Exam - 640-553 IINS Implementing Cisco IOS Network Security (IINS)
CCNA Voice
Prerequisites - Valid CCNA
Exam - 640-460 IIUC Implementing Cisco IOS Unified Communications (IIUC)
CCNA Wireless
Prerequisites - Valid CCNA
Exam - 640-721 IUWNE Implementing Cisco Unified Wireless Networking Essentials (IUWNE)
Wednesday, July 2, 2008
ShortNotes for CCIE written exam - Frame Relay
Packet switch technology, work at the physical and data link layers of OSI model.
Devices attached to Frame Relay WAN - DTE, DCE
DTE - teminating equipment - routers/bridges/PC
DCE - Carrier-owned devices - provide clocking and switching - Frame Relay switch
Virtual circuit - PVC, SVC
SVC - temporary connections - Call setup, data transfer, Idle, Call termination
PCV - permantely established connections - data transfer, Idle
Data link conneciton identifier (DLCI)
Circuit identified by DLCI (assigned by service provider)
locally significance (unique in LAN but not necessarily in FrameRelay WAN)
Congestion Control mechanisms
BECN - Backward-explict congestion notification
FECN - Forward-explict congestion notification
DE - Discard Eligibility (Indicate that a frame has lower importance than other)
CRC - Frame relay error checking
Local Management Interface (LMI)
Global addressing
virtual status messages (syn between DTE & DCE, report status of PVC)
multicasting
LMI type - Cisco, ANSI , Q.933A
Configuration
Under main interface (by default, it's multipoint)
int S1/0
encapsulation frame-relay (Dynamically learn by Inv-arp)
frame-relay map ip 192.168.1.1 102 broadcast (static mapping)
Under subinterface
intS1/0.1 multi-point (use either dynamic or static)
frame-relay interface-dlci 102 (specifically assign DLCI)
Verificarion
#show frame-relay map
Serial1/0 (up): ip 192.168.1.1 dlci 102(0x191,0x6410), dynamic,broadcast,, status defined, active
#show frame-relay pvc
PVC Statistics for interface Serial (Frame Relay DCE)DLCI = 102, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial1/0
Devices attached to Frame Relay WAN - DTE, DCE
DTE - teminating equipment - routers/bridges/PC
DCE - Carrier-owned devices - provide clocking and switching - Frame Relay switch
Virtual circuit - PVC, SVC
SVC - temporary connections - Call setup, data transfer, Idle, Call termination
PCV - permantely established connections - data transfer, Idle
Data link conneciton identifier (DLCI)
Circuit identified by DLCI (assigned by service provider)
locally significance (unique in LAN but not necessarily in FrameRelay WAN)
Congestion Control mechanisms
BECN - Backward-explict congestion notification
FECN - Forward-explict congestion notification
DE - Discard Eligibility (Indicate that a frame has lower importance than other)
CRC - Frame relay error checking
Local Management Interface (LMI)
Global addressing
virtual status messages (syn between DTE & DCE, report status of PVC)
multicasting
LMI type - Cisco, ANSI , Q.933A
Configuration
Under main interface (by default, it's multipoint)
int S1/0
encapsulation frame-relay (Dynamically learn by Inv-arp)
frame-relay map ip 192.168.1.1 102 broadcast (static mapping)
Under subinterface
intS1/0.1 multi-point (use either dynamic or static)
frame-relay interface-dlci 102 (specifically assign DLCI)
Verificarion
#show frame-relay map
Serial1/0 (up): ip 192.168.1.1 dlci 102(0x191,0x6410), dynamic,broadcast,, status defined, active
#show frame-relay pvc
PVC Statistics for interface Serial (Frame Relay DCE)DLCI = 102, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial1/0
Subscribe to:
Posts (Atom)
