The Computer is a very complicated device we use for our every day comfort and the importance of some of its numerical aspects is sometimes neglected. For example: a different number is given to each computer when its user goes online or when it is part of a network. This number is the IP address and knowing about it is like knowing where you live…
What’s my IP and what do its numbers stand for?
IP stands for Internet Protocol and the address is formed from 4 numbers separated by periods. The IP address format is a 32 bit numeric one and each number can be from 0 to 255. The IP address consists of two parts: first one represent the network number and it is similar for more than one user (like the number of a street) and second represents the host name which is different for each user (like the house number). To increase the number of available IP addresses within big networks with a lot of users or small networks with few hosts, the address is divided into 4 classes (A, B, C, and D)
Having an IP address it’s like having a last name in a network. To identify a computer in a network (LAN-local area network, WAN-wide area network or on the Internet) it has to have an IP address. This number is similar to a phone number or to a zip code. It is unique and without it the device or computer can not be used in a network area. Within an isolated network the computers can be assigned different random IP addresses, but if a private network needs to be connected to the Internet the IP has to be registered so that its uniqueness is verified.
Where do I find my IP address?
Connect to a site that recognizes your IP address and let you see it also. You can visit this site for example: iprelated.com. These IP Lookup sites are very easy to use and very useful for others. An IP address can offer a lot information about the person who logs in on the Internet and engages in a certain activity.
This is how illegal activity is sometimes detected and violations are reported. The IP address says less about the user if it is a dynamic one because it changes every time the user logs in.
Another interesting aspect is that some people who have the information from your IP address are interested in taking you computer over and using its resources. This is not impossible! They can use software that enables them to do this so it is better to hide your IP when you are online.
Who gives me my IP address?
The IP address can be static or dynamic, meaning it can be the same every time you are online or it can change. The IP address is provided by a server through a service called DHCP (Dynamic Host Configuration Protocol)
Although things can get pretty complicated when explaining numbers and their significance, this is just a small and easy to understand introduction about the IP address that does not involve technical terms. The importance of these details is very high because starting from these brief explanations one can truly comprehend the necessity and implications of the IP address and of virtual geo location.
Showing posts with label ip. Show all posts
Showing posts with label ip. Show all posts
Sunday, December 28, 2008
TCP/IP architecture model
1. Network interface(Data link) layer
2. Network layer
3. Transport layer
4. Application layer
Network interface layer
The lowest layer of the TCP/IP model. Its task is to provide access to the transmission physical medium and it differs according to the implementation of the medium.
Network layer
The network layer provides network addressing, routing and datagram transmission. Used protocols that will be of interest further regarding DHCP are IP and ARP.
IP protocol
It is the basic protocol of the network layer and in general the internet as a whole. It sends datagrams, which are independent units that contain information about the destination, source and the sequence number of the datagram. The sequence number is used for message reconstruction, since the delivery order of the datagrams might not be the same as their order in the message and delivery reliability isn't guaranteed at all.
IP protocol versions:
" IP v4 - 32 bit addresses. Provides approximately 4 billion unique addresses which aren't sufficient at present times.
" IP v6 - 128 bit addresses. The transition to v6 will bring (is bringing) higher security, QoS, packet segmentation and many more IP addresses. (the transition from IP v4 to IP v6 must be supported by the system provider)
ARP protocol
The ARP abbreviation stands for Address Resolution Protocol. This protocol is used to find the physical address (MAC) based on a known IP address. If required ARP sends information concerning the wanted address to all the stations in the network - Broadcast. The stations consequently answer with a message containing their MAC. If the wanted device/station is outside the node/segment, the appropriate router will answer instead of it.
Transport layer
The transport layer is implemented only in terminal devices and it adjusts the behavior of the network according to the requirements of the device/application.
Application layer
The application layer is composed of programs that use net services to fulfill the needs of users. Examples of specific protocols are for instance FTP, DNS and DHCP.
Application protocols use TCP, UDP or both services at the same time. So called ports are used to differentiate between application protocols, they represent a type of label of the application. It is possible to change the ports in the settings of the service, but each service has a default port that isn't changed for most services and is used as an unwritten standard.
" FTP = 21
" DNS = 53
" DHCP = 67 + 68
2. Network layer
3. Transport layer
4. Application layer
Network interface layer
The lowest layer of the TCP/IP model. Its task is to provide access to the transmission physical medium and it differs according to the implementation of the medium.
Network layer
The network layer provides network addressing, routing and datagram transmission. Used protocols that will be of interest further regarding DHCP are IP and ARP.
IP protocol
It is the basic protocol of the network layer and in general the internet as a whole. It sends datagrams, which are independent units that contain information about the destination, source and the sequence number of the datagram. The sequence number is used for message reconstruction, since the delivery order of the datagrams might not be the same as their order in the message and delivery reliability isn't guaranteed at all.
IP protocol versions:
" IP v4 - 32 bit addresses. Provides approximately 4 billion unique addresses which aren't sufficient at present times.
" IP v6 - 128 bit addresses. The transition to v6 will bring (is bringing) higher security, QoS, packet segmentation and many more IP addresses. (the transition from IP v4 to IP v6 must be supported by the system provider)
ARP protocol
The ARP abbreviation stands for Address Resolution Protocol. This protocol is used to find the physical address (MAC) based on a known IP address. If required ARP sends information concerning the wanted address to all the stations in the network - Broadcast. The stations consequently answer with a message containing their MAC. If the wanted device/station is outside the node/segment, the appropriate router will answer instead of it.
Transport layer
The transport layer is implemented only in terminal devices and it adjusts the behavior of the network according to the requirements of the device/application.
Application layer
The application layer is composed of programs that use net services to fulfill the needs of users. Examples of specific protocols are for instance FTP, DNS and DHCP.
Application protocols use TCP, UDP or both services at the same time. So called ports are used to differentiate between application protocols, they represent a type of label of the application. It is possible to change the ports in the settings of the service, but each service has a default port that isn't changed for most services and is used as an unwritten standard.
" FTP = 21
" DNS = 53
" DHCP = 67 + 68
Friday, December 26, 2008
Passing Cisco’s CCNA and CCNP Exams: Traceroute
In preparation for your CCNA and CCNP exam success, you've got to learn to troubleshoot Cisco routers. And while ping is a great basic IP connectivity tool, it doesn't give you all the information you need to diagnose network connectivity issues.
Let's say you have six routers between CityA and CityB. You send a ping from A to B, and get this return:
R1#ping 172.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.1.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
The five periods indicate that there is no IP connectivity to CityB. Problem is, that's about all ping tells you. You can have 5 or 50 routers between the two points, so how can you tell which downstream router has the problem?
That's where traceroute comes in. Traceroute sends three datagrams with a Time To Live (TTL) of 1. Those datagrams will timeout once they hit the first router in the path, and that router will respond with an ICMP Time Exceeded message.
In response, the sending router sends three more datagrams, but these have a TTL of 2. This means that the next router in line will send back ICMP Time Exceeded messages. This process continues until the final destination (CItyB) is reached the output of the command shows us the path the data took:
Router1#traceroute 271.1.1.1
Type escape sequence to abort.
Tracing the route to 271.1.1.1
1 20.1.1.1 4 msec 4 msec 4 msec
2 30.1.1.1 20 msec 16 msec 16 msec
3 271.1.1.1 16 msec * 16 msec
How does this help troubleshoot a problem? Let's say that the second router in this path, 30.1.1.1, doesn't know how to get to 271.1.1.1. The output would look like this:
Router1#traceroute 271.1.1.1
Type escape sequence to abort.
Tracing the route to 271.1.1.1
1 20.1.1.1 4 msec 4 msec 4 msec
2 30.1.1.1 20 msec 16 msec 16 msec
3 * * *
This indicates that the router at 30.1.1.1 doesn't know how to get to the final destination. Now you have a better idea of which router has an issue!
Now here's the bad part: you're going to get 30 lines of three asterisks, and until you abort this traceroute, you're going to just watch those asterisks go across the screen. There's an abort sequence that the router mentions in the first line of the console output, but the router doesn't tell you what it is! So I will - this top-secret sequence is TWICE, one right after the other.
That keystroke takes a little getting used to, but a CCNA or CCNP can do it! Add this command to your Cisco skill set, and it will serve you well both on the CCNA and CCNP exams and your real-world networks. And you'll impress your friends by knowing how to stop a traceroute!
Let's say you have six routers between CityA and CityB. You send a ping from A to B, and get this return:
R1#ping 172.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.1.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
The five periods indicate that there is no IP connectivity to CityB. Problem is, that's about all ping tells you. You can have 5 or 50 routers between the two points, so how can you tell which downstream router has the problem?
That's where traceroute comes in. Traceroute sends three datagrams with a Time To Live (TTL) of 1. Those datagrams will timeout once they hit the first router in the path, and that router will respond with an ICMP Time Exceeded message.
In response, the sending router sends three more datagrams, but these have a TTL of 2. This means that the next router in line will send back ICMP Time Exceeded messages. This process continues until the final destination (CItyB) is reached the output of the command shows us the path the data took:
Router1#traceroute 271.1.1.1
Type escape sequence to abort.
Tracing the route to 271.1.1.1
1 20.1.1.1 4 msec 4 msec 4 msec
2 30.1.1.1 20 msec 16 msec 16 msec
3 271.1.1.1 16 msec * 16 msec
How does this help troubleshoot a problem? Let's say that the second router in this path, 30.1.1.1, doesn't know how to get to 271.1.1.1. The output would look like this:
Router1#traceroute 271.1.1.1
Type escape sequence to abort.
Tracing the route to 271.1.1.1
1 20.1.1.1 4 msec 4 msec 4 msec
2 30.1.1.1 20 msec 16 msec 16 msec
3 * * *
This indicates that the router at 30.1.1.1 doesn't know how to get to the final destination. Now you have a better idea of which router has an issue!
Now here's the bad part: you're going to get 30 lines of three asterisks, and until you abort this traceroute, you're going to just watch those asterisks go across the screen. There's an abort sequence that the router mentions in the first line of the console output, but the router doesn't tell you what it is! So I will - this top-secret sequence is TWICE, one right after the other.
That keystroke takes a little getting used to, but a CCNA or CCNP can do it! Add this command to your Cisco skill set, and it will serve you well both on the CCNA and CCNP exams and your real-world networks. And you'll impress your friends by knowing how to stop a traceroute!
Thursday, December 25, 2008
Cisco CCNP Certification / BSCI Exam Tutorial: Floating Static Routes
Passing the BSCI exam and earning your CCNP certification demands that you add greatly to the networking skills foundation you created when you studied for your CCNA certification. You learned quite a bit about static routing and default static routing when you passed the CCNA test, and it does seem like that should be all you need to know about static routing, right?
One thing you'll learn as you continue to earn Cisco certifications is that there's always something else to learn! You may have heard the term "floating static route", which does suggest some interesting mental pictures. "Floating"? Floating on what?
In a way, a floating static route is "floating" in your routing table. A floating static route is a route that will be used only if routes for the same destination but with a lower administrative distance are removed from the table. For example, you could be using an OSPF-discovered route as your primary route to a given destination, and the floating static route would serve as a backup route that would be used only if the OSPF route leaves the routing table.
Now, how can that happen? After all, OSPF has an administrative distance of 110 and static routes have ADs of one or zero, depending on whether it's configured with a next-hop IP address or a local exit interface. One way or the other, 1 and 0 are still less than 110!
When you want to configure a floating static route, you must assign the route an AD higher than that of the primary route. In this case, we've got to create a static route with an AD higher than 110. We do this by using the "distance" option at the end of the "ip route" command.
R1(config)#ip route 110.1.1.0 255.255.255.0 172.12.123.1 ?
<1-255> Distance metric for this route
name Specify name of the next hop
permanent permanent route
tag Set tag for this route
R1(config)#ip route 110.1.1.0 255.255.255.0 172.12.123.1 111
The number entered at the very end of the "ip route" command is the AD of that route. If there is an OSPF route for 110.1.1.0 /24, that will be the primary route, and the floating static route will not be used unless the OSPF route is taken out of the routing table.
Floating static routes aren't just a good thing to know for the BSCI exam and your CCNP certification pursuit - they're very practical in the real world as well.
One thing you'll learn as you continue to earn Cisco certifications is that there's always something else to learn! You may have heard the term "floating static route", which does suggest some interesting mental pictures. "Floating"? Floating on what?
In a way, a floating static route is "floating" in your routing table. A floating static route is a route that will be used only if routes for the same destination but with a lower administrative distance are removed from the table. For example, you could be using an OSPF-discovered route as your primary route to a given destination, and the floating static route would serve as a backup route that would be used only if the OSPF route leaves the routing table.
Now, how can that happen? After all, OSPF has an administrative distance of 110 and static routes have ADs of one or zero, depending on whether it's configured with a next-hop IP address or a local exit interface. One way or the other, 1 and 0 are still less than 110!
When you want to configure a floating static route, you must assign the route an AD higher than that of the primary route. In this case, we've got to create a static route with an AD higher than 110. We do this by using the "distance" option at the end of the "ip route" command.
R1(config)#ip route 110.1.1.0 255.255.255.0 172.12.123.1 ?
<1-255> Distance metric for this route
name Specify name of the next hop
permanent permanent route
tag Set tag for this route
R1(config)#ip route 110.1.1.0 255.255.255.0 172.12.123.1 111
The number entered at the very end of the "ip route" command is the AD of that route. If there is an OSPF route for 110.1.1.0 /24, that will be the primary route, and the floating static route will not be used unless the OSPF route is taken out of the routing table.
Floating static routes aren't just a good thing to know for the BSCI exam and your CCNP certification pursuit - they're very practical in the real world as well.
Cisco CCNP / BSCI Exam Tutorial: Ten IP Routing Details You Must Know!
To pass the BSCI exam and earn your CCNP, you've got to keep a lot of details in mind. It's easy to overlook the "simpler" protocols and services such as static routing and distance vector protocols. With this in mind, here's a quick review of some details you should know for success in the exam room and real-world networks!
When packets need to be routed, the routing table is parsed for the longest prefix match if multiple paths exist with the same prefix length, the route with the lowest AD is preferred. If there are still multiple valid paths, equal-cost load-sharing goes into effect.
The ip route command is used to create static routes the command ip route 0.0.0.0 0.0.0.0 < next-hop-IP or local exit interface> creates a default static route.
A static route with a next-hop IP address has an AD of one, while a static route with a local exit interface has an AD of zero.
A floating static route is a static route with an AD higher than that of the dynamic routing protocols running on the router, ensuring that the static route can only be used if the routing protocol goes down.
On-Demand Routing (ODR) is only appropriate in a hub-and-spoke network. The spokes effectively become stub routers. ODR uses Cisco Discovery Protocol (CDP) to send route information.
To propagate a default route with IP routing, use the ip default-network command. To do so with IP routing disabled, use ip default-gateway. You can also redistribute a static route into most protocols, but not IGRP. IGRP does not understand a static route to 0.0.0.0.
The ip helper-address command takes certain broadcasts and translates then into unicasts in order to allow the router to forward them. These default ports are:
TIME, port 37
TACACS, port 49
DNS, port 53
BOOTP/DHCP Server, port 67
BOOTP/DHCP Client, port 68
TFTP, port 69
NetBIOS name service, port 137
NetBIOS datagram services, port 138
To name other ports, use the ip forward-protocol command. To remove any of these ports from the default list, use the no ip forward-protocol command.
ICMP Router Discovery Protocol (IRDP) hosts hear multicast Hellos from routers, allowing host-router discovery. HSRP routers create a virtual router that hosts think is a real router. Both protocols help networks cut over to a functional router quickly when their primary router goes down.
When packets need to be routed, the routing table is parsed for the longest prefix match if multiple paths exist with the same prefix length, the route with the lowest AD is preferred. If there are still multiple valid paths, equal-cost load-sharing goes into effect.
The ip route command is used to create static routes the command ip route 0.0.0.0 0.0.0.0 < next-hop-IP or local exit interface> creates a default static route.
A static route with a next-hop IP address has an AD of one, while a static route with a local exit interface has an AD of zero.
A floating static route is a static route with an AD higher than that of the dynamic routing protocols running on the router, ensuring that the static route can only be used if the routing protocol goes down.
On-Demand Routing (ODR) is only appropriate in a hub-and-spoke network. The spokes effectively become stub routers. ODR uses Cisco Discovery Protocol (CDP) to send route information.
To propagate a default route with IP routing, use the ip default-network command. To do so with IP routing disabled, use ip default-gateway. You can also redistribute a static route into most protocols, but not IGRP. IGRP does not understand a static route to 0.0.0.0.
The ip helper-address command takes certain broadcasts and translates then into unicasts in order to allow the router to forward them. These default ports are:
TIME, port 37
TACACS, port 49
DNS, port 53
BOOTP/DHCP Server, port 67
BOOTP/DHCP Client, port 68
TFTP, port 69
NetBIOS name service, port 137
NetBIOS datagram services, port 138
To name other ports, use the ip forward-protocol command. To remove any of these ports from the default list, use the no ip forward-protocol command.
ICMP Router Discovery Protocol (IRDP) hosts hear multicast Hellos from routers, allowing host-router discovery. HSRP routers create a virtual router that hosts think is a real router. Both protocols help networks cut over to a functional router quickly when their primary router goes down.
Cisco CCNP / BSCI Exam Tutorial: Not All Static Routes Are Created Equal
As a CCNP candidate, as a CCNA, and in getting ready to pass the BSCI exam, you may be tempted to breeze through your static route studies, or even skip them! That's because static routes are easy enough to configure, and as long as you remember the syntax of the ip route command, you're in good shape.
But there's one vital detail regarding static routes that many exam candidates miss. That's because many CCNA and CCNP books say "the administrative distance of a static route is 1", but that is not quite accurate.
You know from your CCNA studies that the ip route command is used to create a static route, and that you have the option of configuring a local exit interface or a next-hop IP address at the end of the command. However, the administrative distances are not the same. The AD of a static route that uses a local exit interface is zero! (That's because the router considers a static route with a local exit interface to actually be a directly connected network.) The AD of a static route with a next-hop IP address is 1.
Therefore, if the router has the following two ip route statements to consider...
Router(config)#ip route 172.1.1.1 255.255.255.255 fast0
Router(config)#ip route 172.1.1.1 255.255.255.255 210.1.1.1
... the prefix lengths are the same, so the static route using the local exit interface fastethernet0 will be preferred due to its lower AD, and will be installed into the routing table.
Keep the details in mind on the job and in the exam room, and you’re on your way to CCNP exam success!
But there's one vital detail regarding static routes that many exam candidates miss. That's because many CCNA and CCNP books say "the administrative distance of a static route is 1", but that is not quite accurate.
You know from your CCNA studies that the ip route command is used to create a static route, and that you have the option of configuring a local exit interface or a next-hop IP address at the end of the command. However, the administrative distances are not the same. The AD of a static route that uses a local exit interface is zero! (That's because the router considers a static route with a local exit interface to actually be a directly connected network.) The AD of a static route with a next-hop IP address is 1.
Therefore, if the router has the following two ip route statements to consider...
Router(config)#ip route 172.1.1.1 255.255.255.255 fast0
Router(config)#ip route 172.1.1.1 255.255.255.255 210.1.1.1
... the prefix lengths are the same, so the static route using the local exit interface fastethernet0 will be preferred due to its lower AD, and will be installed into the routing table.
Keep the details in mind on the job and in the exam room, and you’re on your way to CCNP exam success!
Cisco CCNP / BSCI Exam Tutorial: Leading Zero Compression
The BSCI exam and CCNP certification requires that you be well versed in the basics of IP Version 6, or IPv6. If you're new to IPv6, you'll quickly learn that it's not exactly just two more octets slapped onto an IPv4 address! IPv6 addresses are quite long, but there are two ways to acceptably shorten IPv6 address expression. To pass the BSCI exam, become a CCNP, and get that all-important understanding of IPv6, you've got to understand these different methods of expressing an IPv6 address. My last IPv6 tutorial discussed zero compression; today we'll take a look at leading zero compression.
Leading zero compression allows us to drop the leading zeroes from every field in the address. Where we could only use zero compression once in an IPv6 address expression, leading zero compression can be used as often as is appropriate. The key with leading zero compression is that there must be at least one number left in each field, even if that remaining number is a zero.
You sometimes see books or websites refer to leading zero compression as "dropping zeroes and replacing them with a colon", but that explanation can be a little confusing, since the blocks are separated with a colon to begin with. You're not really replacing the leading zeroes, you're dropping them.
Let's look at an example of leading zero compression. Taking the address 1234:0000:1234:0000:1234:0000:1234:0123, we have four different fields that have leading zeroes. The address could be written out as it is, or drop the leading zeroes.
Original format: 1234:0000:1234:0000:1234:0000:0123:1234
With leading zero compression: 1234:0:1234:0:1234:0:123:1234
There's no problem with using zero compression and leading zero compression in the same address, as shown here:
Original format: 1111:0000:0000:1234:0011:0022:0033:0044
With zero and leading zero compression: 1111::1234:11:22:33:44
Zero compression uses the double-colon to replace the second and third block of numbers, which were all zeroes; leading zero compression replaced the "00" at the beginning of each of the last four blocks. Just be careful and take your time with both zero compression and leading zero compression and you'll do well on the exam and in the real world. The keys to success here are remembering that you can only use zero compression once in a single address, and that while leading zero compression can be used as often as needed, at least one number must remain in each field, even if that number is a zero.
Leading zero compression allows us to drop the leading zeroes from every field in the address. Where we could only use zero compression once in an IPv6 address expression, leading zero compression can be used as often as is appropriate. The key with leading zero compression is that there must be at least one number left in each field, even if that remaining number is a zero.
You sometimes see books or websites refer to leading zero compression as "dropping zeroes and replacing them with a colon", but that explanation can be a little confusing, since the blocks are separated with a colon to begin with. You're not really replacing the leading zeroes, you're dropping them.
Let's look at an example of leading zero compression. Taking the address 1234:0000:1234:0000:1234:0000:1234:0123, we have four different fields that have leading zeroes. The address could be written out as it is, or drop the leading zeroes.
Original format: 1234:0000:1234:0000:1234:0000:0123:1234
With leading zero compression: 1234:0:1234:0:1234:0:123:1234
There's no problem with using zero compression and leading zero compression in the same address, as shown here:
Original format: 1111:0000:0000:1234:0011:0022:0033:0044
With zero and leading zero compression: 1111::1234:11:22:33:44
Zero compression uses the double-colon to replace the second and third block of numbers, which were all zeroes; leading zero compression replaced the "00" at the beginning of each of the last four blocks. Just be careful and take your time with both zero compression and leading zero compression and you'll do well on the exam and in the real world. The keys to success here are remembering that you can only use zero compression once in a single address, and that while leading zero compression can be used as often as needed, at least one number must remain in each field, even if that number is a zero.
Cisco CCNP / BSCI Exam Tutorial: IP Version 6 Zero Compression
BSCI exam success is all part of becoming a CCNP, and part of that success is now learning the basics of IP Version 6, or IPv6. One of the most difficult parts of learning IPv6 concepts is the radically different addressing scheme that IPv6 uses as compared to IPv4. Just look at these sample addresses:
Typical IPv4 address: 129.14.12.200
Typical IPv6 address: 1029:9183:81AE:0000:0000:0AC1:2143:019B
As you can see, IPv6 isn't exactly just tacking two more octets onto an IPv4 address!
I haven't met too many networkers who really like typing, particularly numbers. You'll be happy to know there are some rules that will shorten those addresses a bit, and it's a very good idea to be fluent with these rules for your exam.
You remember from your CCNA studies that there's no difference between an upper-case letter and lower-case letter in hexadecimal. That's one of three basic rules you need to know when working with IPv6 addressing. The other factors deal with all the zeroes you'll run into in IPv6 addresses! One of these rules is the rule of zero compression.
The rule of zero compression states that if an address contains consecutive fields of zeroes, they can be expressed with two colons. It doesn't matter if you have two fields or eight, you can simply type two colons and that will represent all of them. The key here is that you can only do this once in an IPv6 address. This is referred to as zero compression. Here's an example:
Original format: 1234:1234:0000:0000:0000:0000:3456:3434
Using zero compression: 1234:1234::3456:3434
Again, you must remember that you can only do this once in an IPv6 address expression.
What if there are zeroes in the address that don't quite fit this rule? The next part of our IPv6 tutorial will deal with leading zero compression, another tool you can use to shorten these long, long addresses!
Typical IPv4 address: 129.14.12.200
Typical IPv6 address: 1029:9183:81AE:0000:0000:0AC1:2143:019B
As you can see, IPv6 isn't exactly just tacking two more octets onto an IPv4 address!
I haven't met too many networkers who really like typing, particularly numbers. You'll be happy to know there are some rules that will shorten those addresses a bit, and it's a very good idea to be fluent with these rules for your exam.
You remember from your CCNA studies that there's no difference between an upper-case letter and lower-case letter in hexadecimal. That's one of three basic rules you need to know when working with IPv6 addressing. The other factors deal with all the zeroes you'll run into in IPv6 addresses! One of these rules is the rule of zero compression.
The rule of zero compression states that if an address contains consecutive fields of zeroes, they can be expressed with two colons. It doesn't matter if you have two fields or eight, you can simply type two colons and that will represent all of them. The key here is that you can only do this once in an IPv6 address. This is referred to as zero compression. Here's an example:
Original format: 1234:1234:0000:0000:0000:0000:3456:3434
Using zero compression: 1234:1234::3456:3434
Again, you must remember that you can only do this once in an IPv6 address expression.
What if there are zeroes in the address that don't quite fit this rule? The next part of our IPv6 tutorial will deal with leading zero compression, another tool you can use to shorten these long, long addresses!
Cisco CCNP / BSCI Exam Tutorial: Introduction To Policy Routing
Policy routing is a major topic on your BSCI exam, and you'll find quite a bit of policy routing going on in today's production networks. But what exactly is policy routing?
Policy-based routing, generally referred to as "policy routing", is the use of route maps to determine the path a packet will take to get to its final destination. As you progress through your CCNP studies and go on to the CCIE (or to a Cisco Quality Of Service certification), you'll find that traffic can be "marked" by policy routing in order to give different levels of service to various classes of traffic. (This is done by marking the traffic and placing the different classes of traffic in different queues in the router, allowing the administrator to give some traffic higher priority for transmission.)
There are some basic policy routing rules you should know:
Policy routing doesn't affect the destination of the packet, but does affect the path that is taken to get there.
Policy routing can forward traffic based on the source IP address or the destination IP address (with the use of an extended ACL).
Policy routing can be configured at the interface level, or globally.
Applying policy routing on an interface affects only packets arriving on that interface:
R2(config)#int s0
R2(config-if)#ip policy route-map CHANGE_NEXT_HOP
Applying the policy globally applies the route map to packets generated on the router, not on all packets received on all interfaces.
Whether you're running policy routing at the interface level, on packets created locally, or both, always run the command show ip policy to make sure you've got the right route maps on the proper interfaces.
R2#show ip policy
Interface Route map
local CHANGE_NEXT_HOP
Serial0 CHANGE_NEXT_HOP
And here's the big rule to remember....
If a packet doesn't match any of the specific criteria in a route map, or does match a line that has an explicit deny statement, the data is sent to the routing process and will be processed normally. If you don't want to route packets that do not meet any route map criteria, the set command must be used to send those packets to the null0 interface. This set command should be the final set command in the route map.
There are four possibilities for an incoming packet when route maps are in use. The following example illustrates all of them.
R2(config)#access-list 29 permit host 20.1.1.1
R2(config)#access-list 30 permit host 20.2.2.2
R2(config)#access-list 31 permit host 20.3.3.3
R2(config)#access-list 32 permit host 20.4.4.4
R2(config)#route-map EXAMPLE permit 10
R2(config-route-map)#match ip address 29
R2(config-route-map)#set ip next-hop 40.1.1.1
R2(config-route-map)#route-map EXAMPLE permit 20
R2(config-route-map)#match ip address 30
Assuming the route map has been applied to the router's ethernet0 interface, a packet sourced from 20.1.1.1 would meet the first line of the route map and have its next-hop IP address set to 40.1.1.1.
A packet sourced from 20.2.2.2 would match the next permit statement (sequence number 20). Since there is no action listed, this packet would return to the routing engine to undergo the normal routing procedure. All traffic that did not match these two addresses would also be routed normally - there would be no action taken by the route map.
Perhaps we want to specifically block traffic sourced from 20.3.3.3 or 20.4.4.4. We can use multiple match statements in one single route map, and have packets matching those two addresses sent to the bit bucket - the interface null0.
R2(config)#route-map EXAMPLE permit 30
R2(config-route-map)#match ip address 31
R2(config-route-map)#match ip address 32
R2(config-route-map)#set ?
as-path Prepend string for a BGP AS-path attribute
automatic-tag Automatically compute TAG value
comm-list set BGP community list (for deletion)
community BGP community attribute
dampening Set BGP route flap dampening parameters
default Set default information
extcommunity BGP extended community attribute
interface Output interface
ip IP specific information
level Where to import route
local-preference BGP local preference path attribute
metric Metric value for destination routing protocol
metric-type Type of metric for destination routing protocol
origin BGP origin code
tag Tag value for destination routing protocol
weight BGP weight for routing table
R2(config-route-map)#set interface null0
Any traffic matching ACLs 31 or 32 will be sent to null0, resulting in its being discarded by the router. Any traffic that didn't match any of the route map statements will be returned to the routing engine for normal processing.
Knowing policy routing and how to apply it are essential skills for passing the BSCI exam, earning your CCNP, and becoming more valuable in today's job market. Get some hands-on practice in a CCNA / CCNP home lab or rack rental to go along with learning the theory, and you'll be writing and applying policy routing in no time at all.
Policy-based routing, generally referred to as "policy routing", is the use of route maps to determine the path a packet will take to get to its final destination. As you progress through your CCNP studies and go on to the CCIE (or to a Cisco Quality Of Service certification), you'll find that traffic can be "marked" by policy routing in order to give different levels of service to various classes of traffic. (This is done by marking the traffic and placing the different classes of traffic in different queues in the router, allowing the administrator to give some traffic higher priority for transmission.)
There are some basic policy routing rules you should know:
Policy routing doesn't affect the destination of the packet, but does affect the path that is taken to get there.
Policy routing can forward traffic based on the source IP address or the destination IP address (with the use of an extended ACL).
Policy routing can be configured at the interface level, or globally.
Applying policy routing on an interface affects only packets arriving on that interface:
R2(config)#int s0
R2(config-if)#ip policy route-map CHANGE_NEXT_HOP
Applying the policy globally applies the route map to packets generated on the router, not on all packets received on all interfaces.
Whether you're running policy routing at the interface level, on packets created locally, or both, always run the command show ip policy to make sure you've got the right route maps on the proper interfaces.
R2#show ip policy
Interface Route map
local CHANGE_NEXT_HOP
Serial0 CHANGE_NEXT_HOP
And here's the big rule to remember....
If a packet doesn't match any of the specific criteria in a route map, or does match a line that has an explicit deny statement, the data is sent to the routing process and will be processed normally. If you don't want to route packets that do not meet any route map criteria, the set command must be used to send those packets to the null0 interface. This set command should be the final set command in the route map.
There are four possibilities for an incoming packet when route maps are in use. The following example illustrates all of them.
R2(config)#access-list 29 permit host 20.1.1.1
R2(config)#access-list 30 permit host 20.2.2.2
R2(config)#access-list 31 permit host 20.3.3.3
R2(config)#access-list 32 permit host 20.4.4.4
R2(config)#route-map EXAMPLE permit 10
R2(config-route-map)#match ip address 29
R2(config-route-map)#set ip next-hop 40.1.1.1
R2(config-route-map)#route-map EXAMPLE permit 20
R2(config-route-map)#match ip address 30
Assuming the route map has been applied to the router's ethernet0 interface, a packet sourced from 20.1.1.1 would meet the first line of the route map and have its next-hop IP address set to 40.1.1.1.
A packet sourced from 20.2.2.2 would match the next permit statement (sequence number 20). Since there is no action listed, this packet would return to the routing engine to undergo the normal routing procedure. All traffic that did not match these two addresses would also be routed normally - there would be no action taken by the route map.
Perhaps we want to specifically block traffic sourced from 20.3.3.3 or 20.4.4.4. We can use multiple match statements in one single route map, and have packets matching those two addresses sent to the bit bucket - the interface null0.
R2(config)#route-map EXAMPLE permit 30
R2(config-route-map)#match ip address 31
R2(config-route-map)#match ip address 32
R2(config-route-map)#set ?
as-path Prepend string for a BGP AS-path attribute
automatic-tag Automatically compute TAG value
comm-list set BGP community list (for deletion)
community BGP community attribute
dampening Set BGP route flap dampening parameters
default Set default information
extcommunity BGP extended community attribute
interface Output interface
ip IP specific information
level Where to import route
local-preference BGP local preference path attribute
metric Metric value for destination routing protocol
metric-type Type of metric for destination routing protocol
origin BGP origin code
tag Tag value for destination routing protocol
weight BGP weight for routing table
R2(config-route-map)#set interface null0
Any traffic matching ACLs 31 or 32 will be sent to null0, resulting in its being discarded by the router. Any traffic that didn't match any of the route map statements will be returned to the routing engine for normal processing.
Knowing policy routing and how to apply it are essential skills for passing the BSCI exam, earning your CCNP, and becoming more valuable in today's job market. Get some hands-on practice in a CCNA / CCNP home lab or rack rental to go along with learning the theory, and you'll be writing and applying policy routing in no time at all.
Cisco CCNP / BSCI Exam Tutorial: A Guide To Ipv6 Addressing
Learning IPv6 is paramount in your efforts to pass the BSCI exam and go on to earn your CCNP, and it's going to help in your real-world networking career as well. IPv6 can be confusing at first, but it's like anything else in Cisco or networking as a whole - learn one part at a time, master the fundamentals, and you're on your way to success. In today's article we're going to take a look at IPv6 address types.
In IPv4, a unicast address is simply an address used to represent a single host, where multicast addresses represent a group of hosts and broadcasts represent all hosts.
In IPv6, it's not quite that simple. There are actually different types of unicast addresses, each with its own separate function. This allows IPv6 to get data where it's supposed to go quicker than IPv4 while conserving router resources.
IPv6 offers two kinds of local addresses, link-local and site-local. Site-local addresses allow devices in the same organization, or site, to exchange data. Site-local addresses are IPv6's equivalent to IPv4's private address classes, since hosts using them are able to communicate with each other throughout the organization, but these addresses cannot be used to reach Internet hosts.
Site-local and link-local addresses are actually derived from a host's MAC address. Therefore, if HostA has HostB's IPv6 address, HostA can determine HostB's MAC address from that, making ARP unnecessary.
Link-local addresses have a smaller scope than site-local. Link-local addresses are just that, local to a physical link. These particular addresses are not used at all in forwarding data. One use for these addresses is Neighbor Discovery, which is IPv6's answer to ARP.
You can identify these and other IPv6 addresses by their initial bits:
001 - Global address
(first 96 bits set to zero) - IPv4-compatible address
1111 1111 – Multicast
1111 1110 11 - Site local
1111 1110 10 - Link Local
As a future CCNP, you're more than familiar with the reserved IPv4 address classes. You also know that they're not exactly contiguous. The developers of IPv6 took a structured approach to IPv6 reserved addresses - any address that begins with "0000 0000" is an IPv6 reserved address. One of these is the IPv6 loopback address, and this will give you some practice with your zero compression!
IP v6 Loopback: 0000:0000:0000:0000:0000:0000:0000:0001
Using Leading Zero Compression Only: 0:0:0:0:0:0:0:1
Combining Leading Zero and Zero Compression: ::1
Zero compression looks pretty good now, doesn't it? You just have to get used to it and keep the rules in mind. You can use all the leading zero compression you want, but zero compression ("double-colon") can only be used once in a single address.
IPv6 is here to stay, not only on your BSCI and CCNP exams, but in the real world as well. Learning it now will not only aid you in passing your Cisco exams, but in supporting IPv6 in the future.
In IPv4, a unicast address is simply an address used to represent a single host, where multicast addresses represent a group of hosts and broadcasts represent all hosts.
In IPv6, it's not quite that simple. There are actually different types of unicast addresses, each with its own separate function. This allows IPv6 to get data where it's supposed to go quicker than IPv4 while conserving router resources.
IPv6 offers two kinds of local addresses, link-local and site-local. Site-local addresses allow devices in the same organization, or site, to exchange data. Site-local addresses are IPv6's equivalent to IPv4's private address classes, since hosts using them are able to communicate with each other throughout the organization, but these addresses cannot be used to reach Internet hosts.
Site-local and link-local addresses are actually derived from a host's MAC address. Therefore, if HostA has HostB's IPv6 address, HostA can determine HostB's MAC address from that, making ARP unnecessary.
Link-local addresses have a smaller scope than site-local. Link-local addresses are just that, local to a physical link. These particular addresses are not used at all in forwarding data. One use for these addresses is Neighbor Discovery, which is IPv6's answer to ARP.
You can identify these and other IPv6 addresses by their initial bits:
001 - Global address
(first 96 bits set to zero) - IPv4-compatible address
1111 1111 – Multicast
1111 1110 11 - Site local
1111 1110 10 - Link Local
As a future CCNP, you're more than familiar with the reserved IPv4 address classes. You also know that they're not exactly contiguous. The developers of IPv6 took a structured approach to IPv6 reserved addresses - any address that begins with "0000 0000" is an IPv6 reserved address. One of these is the IPv6 loopback address, and this will give you some practice with your zero compression!
IP v6 Loopback: 0000:0000:0000:0000:0000:0000:0000:0001
Using Leading Zero Compression Only: 0:0:0:0:0:0:0:1
Combining Leading Zero and Zero Compression: ::1
Zero compression looks pretty good now, doesn't it? You just have to get used to it and keep the rules in mind. You can use all the leading zero compression you want, but zero compression ("double-colon") can only be used once in a single address.
IPv6 is here to stay, not only on your BSCI and CCNP exams, but in the real world as well. Learning it now will not only aid you in passing your Cisco exams, but in supporting IPv6 in the future.
Cisco CCNP / BSCI Certification: Troubleshooting Route Redistribution, Part I
If there's one CCNP / BSCI topic that looks so easy but can lead to a real headache, it's route redistribution. I'm not even talking about the routing loops and suboptimal routing that can result when route redistribution is done without proper planning - I'm talking about the basic commands themselves. Leaving out one single command option, or forgetting what else needs to be redistributed when redistributing dynamically discovered routes, can leave you with a routing table that looks complete but does not result in full IP connectivity.
In this free CCNP / BSCI tutorial series, we'll take a look at three common errors in route redistribution configurations, and how to fix them. We'll use three routers, R1, R3, and R5. R1 and R5 are in a RIPv2 domain and R1 and R3 are in an OSPF domain. R1 will be performing two-way route redistribution.
R5 is advertising its loopback, 5.5.5.5/24, into the RIPv2 domain. R1 sees this route in its RIP routing table:
R1#show ip route rip
5.0.0.0/24 is subnetted, 1 subnets
R 5.5.5.0 [120/1] via 100.1.1.5, 00:00:01, Ethernet0
For R3 to see this route, route redistribution must be configured on R1. We'll use the redistribute rip command to do so.
R1(config)#router ospf 1
R1(config-router)#redistribute rip
% Only classful networks will be redistributed
The router immediately gives us a message that "only classful networks will be redistributed". What does this mean? Let's go to R3 and see if that router is receiving this route.
R3#show ip route ospf
< no output >
When we get no result from a show command, that means there's nothing to show. The only routes that will be successfully redistributed with the current configuration on R1 are classful networks, and 5.5.5.0/24 is a subnet.
To further illustrate the point, a classful network has been added to R5. This network is 16.0.0.0 /8, and is now being advertised by RIP. R1 sees this network as classful...
R1#show ip route rip
R 16.0.0.0/8 [120/1] via 100.1.1.5, 00:00:00, Ethernet0
5.0.0.0/24 is subnetted, 1 subnets
R 5.5.5.0 [120/1] via 100.1.1.5, 00:00:00, Ethernet0
... and R3 is receiving the route through redistribution.
R3#show ip route ospf
O E2 16.0.0.0/8 [110/20] via 172.12.123.1, 00:00:08, Serial0.31
To redistribute both classful and classless networks, the option "subnets" must be added to the redistribute command on R1.
R1(config)#router ospf 1
R1(config-router)#no redistribute rip
R1(config-router)#redistribute rip subnets
R3 will now see both the classful and classless networks being redistributed into OSPF. (100.1.1.0 is the network connecting R1 and R5.)
R3#show ip route ospf
O E2 16.0.0.0/8 [110/20] via 172.12.123.1, 00:00:20, Serial0.31
100.0.0.0/24 is subnetted, 1 subnets
O E2 100.1.1.0 [110/20] via 172.12.123.1, 00:00:20, Serial0.31
5.0.0.0/24 is subnetted, 1 subnets
O E2 5.5.5.0 [110/20] via 172.12.123.1, 00:00:20, Serial0.31
This is one of the most common errors made during route redistribution, but now you know what to look out for! In the next part of this free CCNP / BSCI tutorial, we'll take a look at another such error.
In this free CCNP / BSCI tutorial series, we'll take a look at three common errors in route redistribution configurations, and how to fix them. We'll use three routers, R1, R3, and R5. R1 and R5 are in a RIPv2 domain and R1 and R3 are in an OSPF domain. R1 will be performing two-way route redistribution.
R5 is advertising its loopback, 5.5.5.5/24, into the RIPv2 domain. R1 sees this route in its RIP routing table:
R1#show ip route rip
5.0.0.0/24 is subnetted, 1 subnets
R 5.5.5.0 [120/1] via 100.1.1.5, 00:00:01, Ethernet0
For R3 to see this route, route redistribution must be configured on R1. We'll use the redistribute rip command to do so.
R1(config)#router ospf 1
R1(config-router)#redistribute rip
% Only classful networks will be redistributed
The router immediately gives us a message that "only classful networks will be redistributed". What does this mean? Let's go to R3 and see if that router is receiving this route.
R3#show ip route ospf
< no output >
When we get no result from a show command, that means there's nothing to show. The only routes that will be successfully redistributed with the current configuration on R1 are classful networks, and 5.5.5.0/24 is a subnet.
To further illustrate the point, a classful network has been added to R5. This network is 16.0.0.0 /8, and is now being advertised by RIP. R1 sees this network as classful...
R1#show ip route rip
R 16.0.0.0/8 [120/1] via 100.1.1.5, 00:00:00, Ethernet0
5.0.0.0/24 is subnetted, 1 subnets
R 5.5.5.0 [120/1] via 100.1.1.5, 00:00:00, Ethernet0
... and R3 is receiving the route through redistribution.
R3#show ip route ospf
O E2 16.0.0.0/8 [110/20] via 172.12.123.1, 00:00:08, Serial0.31
To redistribute both classful and classless networks, the option "subnets" must be added to the redistribute command on R1.
R1(config)#router ospf 1
R1(config-router)#no redistribute rip
R1(config-router)#redistribute rip subnets
R3 will now see both the classful and classless networks being redistributed into OSPF. (100.1.1.0 is the network connecting R1 and R5.)
R3#show ip route ospf
O E2 16.0.0.0/8 [110/20] via 172.12.123.1, 00:00:20, Serial0.31
100.0.0.0/24 is subnetted, 1 subnets
O E2 100.1.1.0 [110/20] via 172.12.123.1, 00:00:20, Serial0.31
5.0.0.0/24 is subnetted, 1 subnets
O E2 5.5.5.0 [110/20] via 172.12.123.1, 00:00:20, Serial0.31
This is one of the most common errors made during route redistribution, but now you know what to look out for! In the next part of this free CCNP / BSCI tutorial, we'll take a look at another such error.
Cisco CCNP / BCSI Exam Tutorial: Broadcasts And The IP Helper-Address Command
While routers accept and generate broadcasts, they do not forward them. This can be quite a problem when a broadcast needs to get to a device such as a DHCP or TFTP server that's on one side of a router with other subnets on the other side.
If a PC attempts to locate a DNS server with a broadcast, the broadcast will be stopped by the router and will never get to the DNS server. By configuring the ip helper-address command on the router, UDP broadcasts such as this will be translated into a unicast by the router, making the communication possible. The command should be configured on the interface that will be receiving the broadcasts.
R1(config)#int e0
R1(config-if)#ip helper-address ?
A.B.C.D IP destination address
R1(config-if)#ip helper-address 100.1.1.2
Now, you may be wondering if this command covers all UDP services. Sorry, you're not getting off that easy! The command does forward eight common UDP service broadcasts, though.
TIME, port 37
TACACS, port 49
DNS, port 53
BOOTP/DHCP Server, port 67
BOOTP/DHCP Client, port 68
TFTP, port 69
NetBIOS name service, port 137
NetBIOS datagram service, port 138
That's going to cover most scenarios where the ip helper-address command will be useful, but what about those situations where the broadcast you need forwarded is not on this list? You can use the ip forward-protocol command to add any UDP port number to the list.
Additionally, to remove protocols from the default list, use the no ip forward-protocol command. In the following example, we'll add the Network Time Protocol port to the forwarding list while removing the NetBIOS ports. Remember, you can use IOS Help to get a list of commonly filtered ports!
R1(config)#ip forward-protocol udp ?
<0-65535> Port number
biff Biff (mail notification, comsat, 512)
bootpc Bootstrap Protocol (BOOTP) client (68)
bootps Bootstrap Protocol (BOOTP) server (67)
discard Discard (9)
dnsix DNSIX security protocol auditing (195)
domain Domain Name Service (DNS, 53)
echo Echo (7)
isakmp Internet Security Association and Key Management Protocol (500)
mobile-ip Mobile IP registration (434)
nameserver IEN116 name service (obsolete, 42)
netbios-dgm NetBios datagram service (138)
netbios-ns NetBios name service (137)
netbios-ss NetBios session service (139)
ntp Network Time Protocol (123)
pim-auto-rp PIM Auto-RP (496)
rip Routing Information Protocol (router, in.routed, 520)
snmp Simple Network Management Protocol (161)
snmptrap SNMP Traps (162)
sunrpc Sun Remote Procedure Call (111)
syslog System Logger (514)
tacacs TAC Access Control System (49)
talk Talk (517)
tftp Trivial File Transfer Protocol (69)
time Time (37)
who Who service (rwho, 513)
xdmcp X Display Manager Control Protocol (177)
R1(config)#ip forward-protocol udp 123
R1(config)#no ip forward-protocol udp 137
R1(config)#no ip forward-protocol udp 138
As you can see, the ip helper-address command helps work around the fact that broadcasts aren't forwarded by routers by default, and if you just need to send one or two broadcast types, the other types can be turned off easily.
If a PC attempts to locate a DNS server with a broadcast, the broadcast will be stopped by the router and will never get to the DNS server. By configuring the ip helper-address command on the router, UDP broadcasts such as this will be translated into a unicast by the router, making the communication possible. The command should be configured on the interface that will be receiving the broadcasts.
R1(config)#int e0
R1(config-if)#ip helper-address ?
A.B.C.D IP destination address
R1(config-if)#ip helper-address 100.1.1.2
Now, you may be wondering if this command covers all UDP services. Sorry, you're not getting off that easy! The command does forward eight common UDP service broadcasts, though.
TIME, port 37
TACACS, port 49
DNS, port 53
BOOTP/DHCP Server, port 67
BOOTP/DHCP Client, port 68
TFTP, port 69
NetBIOS name service, port 137
NetBIOS datagram service, port 138
That's going to cover most scenarios where the ip helper-address command will be useful, but what about those situations where the broadcast you need forwarded is not on this list? You can use the ip forward-protocol command to add any UDP port number to the list.
Additionally, to remove protocols from the default list, use the no ip forward-protocol command. In the following example, we'll add the Network Time Protocol port to the forwarding list while removing the NetBIOS ports. Remember, you can use IOS Help to get a list of commonly filtered ports!
R1(config)#ip forward-protocol udp ?
<0-65535> Port number
biff Biff (mail notification, comsat, 512)
bootpc Bootstrap Protocol (BOOTP) client (68)
bootps Bootstrap Protocol (BOOTP) server (67)
discard Discard (9)
dnsix DNSIX security protocol auditing (195)
domain Domain Name Service (DNS, 53)
echo Echo (7)
isakmp Internet Security Association and Key Management Protocol (500)
mobile-ip Mobile IP registration (434)
nameserver IEN116 name service (obsolete, 42)
netbios-dgm NetBios datagram service (138)
netbios-ns NetBios name service (137)
netbios-ss NetBios session service (139)
ntp Network Time Protocol (123)
pim-auto-rp PIM Auto-RP (496)
rip Routing Information Protocol (router, in.routed, 520)
snmp Simple Network Management Protocol (161)
snmptrap SNMP Traps (162)
sunrpc Sun Remote Procedure Call (111)
syslog System Logger (514)
tacacs TAC Access Control System (49)
talk Talk (517)
tftp Trivial File Transfer Protocol (69)
time Time (37)
who Who service (rwho, 513)
xdmcp X Display Manager Control Protocol (177)
R1(config)#ip forward-protocol udp 123
R1(config)#no ip forward-protocol udp 137
R1(config)#no ip forward-protocol udp 138
As you can see, the ip helper-address command helps work around the fact that broadcasts aren't forwarded by routers by default, and if you just need to send one or two broadcast types, the other types can be turned off easily.
Cisco CCNA Exam Tutorial: Split Horizon And Hub-And-Spoke Networks
For CCNA exam success, you had better know what split horizon is, how to turn it off, and when to turn it off. Knowing when to turn split horizon off is also important in production networks, because it can cause a hub-and-spoke network to have incomplete routing tables on the spokes.
Split horizon exists for a very good reason - routing loop prevention. The rule of split horizon states that a router cannot send an advertisement for a route out the same interface that it came in on. Split horizon is on by default on all interfaces running RIP, IGRP, and EIGRP.
In this CCNA tutorial, R1 will serve, as the hub and R2 and R3 will be the spokes. We'll first configure EIGRP over the 172.16.123.0 /24 network, the network connecting the three routers.
R1#conf t
R1(config)#router eigrp 100
R1(config-router)#no auto-summary
R1(config-router)#network 172.12.123.0 0.0.0.255
R2#conf t
R2(config)#router eigrp 100
R2(config-router)#no auto-summary
R2(config-router)#network 172.12.123.0 0.0.0.255
R3#conf t
R3(config)#router eigrp 100
R3(config-router)#no auto-summary
R3(config-router)#network 172.12.123.0 0.0.0.255
Running show ip eigrp neighbor on R1 shows that adjacencies to R2 and R3 are up.
R1#show ip eigrp neighbor
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq Type
(sec) (ms) Cnt Num
1 172.12.123.3 Se0/0 11 00:02:45 1 5000 0 1
0 172.12.123.2 Se0/0 161 00:03:01 1 5000 0 1
Each router will now advertise its loopback address via EIGRP.
R1#conf t
R1(config)#router eigrp 100
R1(config-router)#network 1.1.1.0 0.0.0.255
R2#conf t
R2(config)#router eigrp 100
R2(config-router)#network 2.2.2.0 0.0.0.255
R3#conf t
R3(config)#router eigrp 100
R3(config-router)#network 3.3.3.0 0.0.0.255
Running show ip eigrp route on each router shows that R1 has a route for both R2’s and R3’s loopback. R2 and R3 will only see R1’s loopback address, and not each other’s. Why?
R1#show ip route eigrp
2.0.0.0/24 is subnetted, 1 subnets
D 2.2.2.0 [90/2297856] via 172.12.123.2, 00:03:19, Serial0/0
3.0.0.0/24 is subnetted, 1 subnets
D 3.3.3.0 [90/2297856] via 172.12.123.3, 00:03:04, Serial0/0
R2#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:03:40, Serial0/0.123
R3#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:05:17, Serial0/0.31
EIGRP uses Split Horizon by default to prevent routing loops. In this lab, though, it prevents full network reachability. R2 and R3 both form neighbor relationships with R1’s Serial physical interface. R2 advertises its loopback address to R1’s Serial interface, as does R3. Split Horizon does not allow a route to be advertised back out the same interface it was received on. This prevents R1 from advertising R2’s loopback to R3, or R3’s loopback to R2.
Split Horizon must be disabled to allow full network reachability in this lab. To do so, run no ip split-horizon eigrp 100 on R1’s Serial interface. When Split Horizon is disabled, that will cause the neighbor
relationships to fail, and then reestablish. Run show ip route eigrp 100 on both R2 and R3. The appropriate route to the remote loopback address will now appear.
R1#conf t
R1(config)#int serial0
R1(config-if)#no ip split-horizon eigrp 100
10:02:23: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.2 (Serial0/0) down: split horizon changed
10:02:23: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.3 (Serial0/0) down: split horizon changed
10:02:27: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.3 (Serial0/0) ip: new adjacency
10:02:54: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.2 (Serial0/0) ip: new adjacency
R2#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:00:06, Serial0/0.123
3.0.0.0/24 is subnetted, 1 subnets
D 3.3.3.0 [90/2809856] via 172.12.123.1, 00:00:06, Serial0/0.123
R3#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:00:12, Serial0/0.31
2.0.0.0/24 is subnetted, 1 subnets
D 2.2.2.0 [90/2809856] via 172.12.123.1, 00:00:12, Serial0/0.31
Disabling split horizon should be done with care, but knowing when and where to do so shows that you truly understand how this technology works - and that's a big step on the way to earning your CCNA!
Split horizon exists for a very good reason - routing loop prevention. The rule of split horizon states that a router cannot send an advertisement for a route out the same interface that it came in on. Split horizon is on by default on all interfaces running RIP, IGRP, and EIGRP.
In this CCNA tutorial, R1 will serve, as the hub and R2 and R3 will be the spokes. We'll first configure EIGRP over the 172.16.123.0 /24 network, the network connecting the three routers.
R1#conf t
R1(config)#router eigrp 100
R1(config-router)#no auto-summary
R1(config-router)#network 172.12.123.0 0.0.0.255
R2#conf t
R2(config)#router eigrp 100
R2(config-router)#no auto-summary
R2(config-router)#network 172.12.123.0 0.0.0.255
R3#conf t
R3(config)#router eigrp 100
R3(config-router)#no auto-summary
R3(config-router)#network 172.12.123.0 0.0.0.255
Running show ip eigrp neighbor on R1 shows that adjacencies to R2 and R3 are up.
R1#show ip eigrp neighbor
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq Type
(sec) (ms) Cnt Num
1 172.12.123.3 Se0/0 11 00:02:45 1 5000 0 1
0 172.12.123.2 Se0/0 161 00:03:01 1 5000 0 1
Each router will now advertise its loopback address via EIGRP.
R1#conf t
R1(config)#router eigrp 100
R1(config-router)#network 1.1.1.0 0.0.0.255
R2#conf t
R2(config)#router eigrp 100
R2(config-router)#network 2.2.2.0 0.0.0.255
R3#conf t
R3(config)#router eigrp 100
R3(config-router)#network 3.3.3.0 0.0.0.255
Running show ip eigrp route on each router shows that R1 has a route for both R2’s and R3’s loopback. R2 and R3 will only see R1’s loopback address, and not each other’s. Why?
R1#show ip route eigrp
2.0.0.0/24 is subnetted, 1 subnets
D 2.2.2.0 [90/2297856] via 172.12.123.2, 00:03:19, Serial0/0
3.0.0.0/24 is subnetted, 1 subnets
D 3.3.3.0 [90/2297856] via 172.12.123.3, 00:03:04, Serial0/0
R2#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:03:40, Serial0/0.123
R3#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:05:17, Serial0/0.31
EIGRP uses Split Horizon by default to prevent routing loops. In this lab, though, it prevents full network reachability. R2 and R3 both form neighbor relationships with R1’s Serial physical interface. R2 advertises its loopback address to R1’s Serial interface, as does R3. Split Horizon does not allow a route to be advertised back out the same interface it was received on. This prevents R1 from advertising R2’s loopback to R3, or R3’s loopback to R2.
Split Horizon must be disabled to allow full network reachability in this lab. To do so, run no ip split-horizon eigrp 100 on R1’s Serial interface. When Split Horizon is disabled, that will cause the neighbor
relationships to fail, and then reestablish. Run show ip route eigrp 100 on both R2 and R3. The appropriate route to the remote loopback address will now appear.
R1#conf t
R1(config)#int serial0
R1(config-if)#no ip split-horizon eigrp 100
10:02:23: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.2 (Serial0/0) down: split horizon changed
10:02:23: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.3 (Serial0/0) down: split horizon changed
10:02:27: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.3 (Serial0/0) ip: new adjacency
10:02:54: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.2 (Serial0/0) ip: new adjacency
R2#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:00:06, Serial0/0.123
3.0.0.0/24 is subnetted, 1 subnets
D 3.3.3.0 [90/2809856] via 172.12.123.1, 00:00:06, Serial0/0.123
R3#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:00:12, Serial0/0.31
2.0.0.0/24 is subnetted, 1 subnets
D 2.2.2.0 [90/2809856] via 172.12.123.1, 00:00:12, Serial0/0.31
Disabling split horizon should be done with care, but knowing when and where to do so shows that you truly understand how this technology works - and that's a big step on the way to earning your CCNA!
Cisco CCNA Exam Tutorial: Mapping The OSI Model To The TCPIP Model
The OSI model is the model that most networking personnel are familiar with, but to earn your CCNA, you need to know the OSI model, the TCP/IP model, and how the two map to each other.
The four layers of the TCP/IP architecture can be compared to certain levels of the OSI model. It’s important to know what each level of the TCP/IP protocol architecture does, and how these layers map to the OSI model.
The Application Layer of the TCP/IP model performs much the same tasks as the Application, Presentation, and Session layers of the OSI model.
The Transport layer in the TCP/IP architecture is similar to the Transport layer in the OSI model. This layer can use TCP or UDP as well.
The Internetwork layer in the TCP/IP architecture uses IP addresses to determine how packets should be routed. Remember that the OSI model uses IP addresses, or “Layer 3 Addresses”, at the Network layer. The two layers do much the same thing. This layer is also referred to in the TCP/IP model as the Internet layer.
The Network Interface layer in the TCP/IP architecture serves to define the protocols and the hardware needed to actually deliver the data across the network. The Network Interface model does the work of both the Data Link and Physical Layers in the OSI model.
Keeping all this straight can be very confusing when you first start your CCNA studies. Concentrate on the OSI model in your studies, but make sure you know how the TCP/IP model maps to that model and you'll be ready for CCNA exam success!
The four layers of the TCP/IP architecture can be compared to certain levels of the OSI model. It’s important to know what each level of the TCP/IP protocol architecture does, and how these layers map to the OSI model.
The Application Layer of the TCP/IP model performs much the same tasks as the Application, Presentation, and Session layers of the OSI model.
The Transport layer in the TCP/IP architecture is similar to the Transport layer in the OSI model. This layer can use TCP or UDP as well.
The Internetwork layer in the TCP/IP architecture uses IP addresses to determine how packets should be routed. Remember that the OSI model uses IP addresses, or “Layer 3 Addresses”, at the Network layer. The two layers do much the same thing. This layer is also referred to in the TCP/IP model as the Internet layer.
The Network Interface layer in the TCP/IP architecture serves to define the protocols and the hardware needed to actually deliver the data across the network. The Network Interface model does the work of both the Data Link and Physical Layers in the OSI model.
Keeping all this straight can be very confusing when you first start your CCNA studies. Concentrate on the OSI model in your studies, but make sure you know how the TCP/IP model maps to that model and you'll be ready for CCNA exam success!
Wednesday, December 24, 2008
Cisco CCNA Certification Exam Tutorial: The OSPF RID
OSPF is a major topic on your CCNA exam, as well it should be. OSPF is a widely-used WAN protocol, and you need to learn the fundamentals before moving on to more complicated configurations. One such detail is the OSPF Router ID, or RID.
The RID is the dotted decimal value by which other OSPF routers will identify a given OSPF router. There are some interesting defaults for this value, and a command you should know to hardcode the RID. You had also better know what has to happen for this command to take effect, so let's take a more detailed look at the OSPF RID.
In this example, R1 has an adjacency with R2 and R3 over the 172.12.123.0/24 frame network. R1 is the hub, with R2 and R3 as the spokes. No other interfaces are OSPF-enabled on any of the routers. Running show ip ospf neighbor on R1, we see some unusual values under "Neighbor ID", which is another name for the OSPF RID.
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 0 FULL/DROTHER 00:01:57 172.12.123.3 Serial0
2.2.2.2 0 FULL/DROTHER 00:01:57 172.12.123.2 Serial0
Notice the Neighbor ID of each remote address is the loopback address. How can that be if they’re not OSPF-enabled?
When determining the Router ID (RID) of an OSPF-enabled router, OSPF will always use the numerically highest IP address on the router’s loopback interfaces, regardless of whether that loopback is OSPF-enabled.
What if there is no loopback? OSPF will then use the numerically highest IP address of the physical interfaces, regardless of whether that interface is OSPF-enabled.
BOTTOM LINE: An interface does not have to be running OSPF to have its IP address used as the OSPF RID.
The OSPF RID can be changed, but it requires a restart or to reinitialize the OSPF routing process. Use the router-id command to change the default RID of each router as shown, and clear the OSPF process to do so.
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router ospf 1
R1(config-router)#router-id 11.11.11.11
Reload or use "clear ip ospf process" command, for this to take effect
R1#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
1d05h: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Serial0 from 2WAY to
DOWN, Neighbor Down: Interface down or detached
1d05h: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial0 from 2WAY to
DOWN, Neighbor Down: Interface down or detached
After entering the router-id command, the router console informed you that you have to reload the router or reset the OSPF processes for this to take effect. You enter the clear ip ospf process command to do this. Notice that when you’re asked if you really want to do this, the prompt is “no”? That’s because all the OSPF adjacencies on this router will be lost and will have to begin the process again. That’s OK on a practice rack, not good in a production network. Don’t use that one at work.
The OSPF RID is not a complicated concept, but the fact that an interface doesn't have to be OSPF-enabled in order to have its IP address act as the RID takes some getting used to. And remember - when the router or switch asks you a question and the prompted answer is "no", take one step back and make sure you really want to do what you're about to do!
The RID is the dotted decimal value by which other OSPF routers will identify a given OSPF router. There are some interesting defaults for this value, and a command you should know to hardcode the RID. You had also better know what has to happen for this command to take effect, so let's take a more detailed look at the OSPF RID.
In this example, R1 has an adjacency with R2 and R3 over the 172.12.123.0/24 frame network. R1 is the hub, with R2 and R3 as the spokes. No other interfaces are OSPF-enabled on any of the routers. Running show ip ospf neighbor on R1, we see some unusual values under "Neighbor ID", which is another name for the OSPF RID.
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 0 FULL/DROTHER 00:01:57 172.12.123.3 Serial0
2.2.2.2 0 FULL/DROTHER 00:01:57 172.12.123.2 Serial0
Notice the Neighbor ID of each remote address is the loopback address. How can that be if they’re not OSPF-enabled?
When determining the Router ID (RID) of an OSPF-enabled router, OSPF will always use the numerically highest IP address on the router’s loopback interfaces, regardless of whether that loopback is OSPF-enabled.
What if there is no loopback? OSPF will then use the numerically highest IP address of the physical interfaces, regardless of whether that interface is OSPF-enabled.
BOTTOM LINE: An interface does not have to be running OSPF to have its IP address used as the OSPF RID.
The OSPF RID can be changed, but it requires a restart or to reinitialize the OSPF routing process. Use the router-id command to change the default RID of each router as shown, and clear the OSPF process to do so.
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router ospf 1
R1(config-router)#router-id 11.11.11.11
Reload or use "clear ip ospf process" command, for this to take effect
R1#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
1d05h: %OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Serial0 from 2WAY to
DOWN, Neighbor Down: Interface down or detached
1d05h: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial0 from 2WAY to
DOWN, Neighbor Down: Interface down or detached
After entering the router-id command, the router console informed you that you have to reload the router or reset the OSPF processes for this to take effect. You enter the clear ip ospf process command to do this. Notice that when you’re asked if you really want to do this, the prompt is “no”? That’s because all the OSPF adjacencies on this router will be lost and will have to begin the process again. That’s OK on a practice rack, not good in a production network. Don’t use that one at work.
The OSPF RID is not a complicated concept, but the fact that an interface doesn't have to be OSPF-enabled in order to have its IP address act as the RID takes some getting used to. And remember - when the router or switch asks you a question and the prompted answer is "no", take one step back and make sure you really want to do what you're about to do!
Cisco CCNA Certification Exam Tutorial: Variance And Unequal Cost Load Balancing
To pass the CCNA exam, you've got to know how to work with IGRP and EIGRP unequal-cost load balancing. You may not see much IGRP in production networks anymore, but you'll see a lot of EIGRP, and part of fine-tuning your EIGRP network is making sure that all paths are in use while allowing for varying bandwidth rates.
Using the variance command is the easy part - it's getting the metric that's the hard part with IGRP. With EIGRP, you just look in the topology table and that's it. With IGRP, you've got to run a debug to get the right metric.
The variance command is a multiplier when the value supplied with the variance command is multiplied by the lowest-cost metric, it must exceed the higher-cost metric in order for the higher-cost route to be added.
If that sounds complicated, it's not. It's one of those things that sounds difficult, but isn't. Trust me!
In this example, R1 has two paths to 172.23.0.0, but is currently using only one. By looking in the IP routing table, we've seen that the lowest-cost metric for network 172.23.0.0 on R1 is 8576. This path goes through the 172.12.123.0 network. There is another valid path that uses the 172.12.13.0 network, but is not currently in use.
I 172.23.0.0/16 [100/8576] via 172.12.123.2, 00:00:53, Serial0
IGRP does not have a “show" command that displays all valid routes to a destination, as does EIGRP. The command debug ip igrp transactions will show the current metric of the routes using the 512 KBPS route.
R1#debug ip igrp transactions
IGRP protocol debugging is on
19:17:51: IGRP: broadcasting request on Loopback0
19:17:51: IGRP: broadcasting request on Serial0
19:17:51: IGRP: broadcasting request on Serial1
19:17:51: IGRP: received update from 172.12.13.3 on Serial1
19:17:51: subnet 172.12.13.0, metric 23531 (neighbor 21531)
19:17:51: subnet 172.12.123.0, metric 23531 (neighbor 8476)
19:17:51: network 1.0.0.0, metric 24031 (neighbor 8976)
19:17:51: network 2.0.0.0, metric 22131 (neighbor 1600)
19:17:51: network 3.0.0.0, metric 22031 (neighbor 501)
19:17:51: network 172.23.0.0, metric 21631 (neighbor 1100)
R1(config)#router igrp 1
R1(config-router)#variance 3
R1#show ip route 172.23.0.0
Routing entry for 172.23.0.0/16
Known via "igrp 1", distance 100, metric 8576
Redistributing via igrp 1
Advertised by igrp 1 (self originated)
Last update from 172.12.123.2 on Serial0, 00:00:01 ago
Routing Descriptor Blocks:
* 172.12.13.3, from 172.12.13.3, 00:00:20 ago, via Serial1
Route metric is 21631, traffic share count is 1
Total delay is 21000 microseconds, minimum bandwidth is 512 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 0
172.12.123.3, from 172.12.123.3, 00:00:20 ago, via Serial0
Route metric is 8576, traffic share count is 3
Total delay is 21000 microseconds, minimum bandwidth is 1544 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 0
172.12.123.2, from 172.12.123.2, 00:00:01 ago, via Serial0
Route metric is 8576, traffic share count is 3
Total delay is 21000 microseconds, minimum bandwidth is 1544 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 0
The metric for 172.23.0.0 through the direct connection is 21631. A variance of 3 means that any route with a metric less than the best metric multiplied by the variance (in this case, 8576 x 3 = 25728) will be entered into the routing table. R1 now has three unequal-cost paths to 172.23.0.0 in its routing table, and load balancing will take place.
IGRP unequal-cost load balancing takes some practice, but as you can see, once you get the metric it's easy to work with. Just make sure you know how to get that metric!
Using the variance command is the easy part - it's getting the metric that's the hard part with IGRP. With EIGRP, you just look in the topology table and that's it. With IGRP, you've got to run a debug to get the right metric.
The variance command is a multiplier when the value supplied with the variance command is multiplied by the lowest-cost metric, it must exceed the higher-cost metric in order for the higher-cost route to be added.
If that sounds complicated, it's not. It's one of those things that sounds difficult, but isn't. Trust me!
In this example, R1 has two paths to 172.23.0.0, but is currently using only one. By looking in the IP routing table, we've seen that the lowest-cost metric for network 172.23.0.0 on R1 is 8576. This path goes through the 172.12.123.0 network. There is another valid path that uses the 172.12.13.0 network, but is not currently in use.
I 172.23.0.0/16 [100/8576] via 172.12.123.2, 00:00:53, Serial0
IGRP does not have a “show" command that displays all valid routes to a destination, as does EIGRP. The command debug ip igrp transactions will show the current metric of the routes using the 512 KBPS route.
R1#debug ip igrp transactions
IGRP protocol debugging is on
19:17:51: IGRP: broadcasting request on Loopback0
19:17:51: IGRP: broadcasting request on Serial0
19:17:51: IGRP: broadcasting request on Serial1
19:17:51: IGRP: received update from 172.12.13.3 on Serial1
19:17:51: subnet 172.12.13.0, metric 23531 (neighbor 21531)
19:17:51: subnet 172.12.123.0, metric 23531 (neighbor 8476)
19:17:51: network 1.0.0.0, metric 24031 (neighbor 8976)
19:17:51: network 2.0.0.0, metric 22131 (neighbor 1600)
19:17:51: network 3.0.0.0, metric 22031 (neighbor 501)
19:17:51: network 172.23.0.0, metric 21631 (neighbor 1100)
R1(config)#router igrp 1
R1(config-router)#variance 3
R1#show ip route 172.23.0.0
Routing entry for 172.23.0.0/16
Known via "igrp 1", distance 100, metric 8576
Redistributing via igrp 1
Advertised by igrp 1 (self originated)
Last update from 172.12.123.2 on Serial0, 00:00:01 ago
Routing Descriptor Blocks:
* 172.12.13.3, from 172.12.13.3, 00:00:20 ago, via Serial1
Route metric is 21631, traffic share count is 1
Total delay is 21000 microseconds, minimum bandwidth is 512 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 0
172.12.123.3, from 172.12.123.3, 00:00:20 ago, via Serial0
Route metric is 8576, traffic share count is 3
Total delay is 21000 microseconds, minimum bandwidth is 1544 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 0
172.12.123.2, from 172.12.123.2, 00:00:01 ago, via Serial0
Route metric is 8576, traffic share count is 3
Total delay is 21000 microseconds, minimum bandwidth is 1544 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 0
The metric for 172.23.0.0 through the direct connection is 21631. A variance of 3 means that any route with a metric less than the best metric multiplied by the variance (in this case, 8576 x 3 = 25728) will be entered into the routing table. R1 now has three unequal-cost paths to 172.23.0.0 in its routing table, and load balancing will take place.
IGRP unequal-cost load balancing takes some practice, but as you can see, once you get the metric it's easy to work with. Just make sure you know how to get that metric!
Cisco CCNA Certification Exam Tutorial: DNS And The IP Name-Server Command
DNS behaviors of a Cisco router are important topics for both the CCNA exam and real-world production networks, and you probably didn't know there were so many DNS details before you began studying for the exam! In this tutorial, we'll look at the ip name-server command and its proper usage.
When a command is mistyped on a Cisco router, the default behavior of the router is to attempt to resolve it via DNS. First, the router looks for an IP Host table on the local router to perform this resolution – that’s what the “translating” word in the output is referring to. If there’s no IP Host table or the IP Host table doesn’t contain an entry for what you typed, the router will send a broadcast in an attempt to resolve this name through a remote DNS server. To prevent this broadcast, enter the global command no ip domain-lookup. Of course, to use DNS to resolve hostnames, ip domain-lookup would have to be reenabled if it’s been turned off.
R2#contin
Translating "contin"...domain server (255.255.255.255)
% Unknown command or computer name, or unable to find computer address
A command is mistyped as “contin”. The Cisco router’s default behavior is to resolve this entry locally via an IP Host table, which isn't present on the router. A broadcast is then sent out to find a DNS server to perform the name resolution. The DNS lookup attempt must time out before the configuration can continue.
R2#conf t
R2(config)#no ip domain-lookup
R2#contin
Translating "contin"
% Unknown command or computer name, or unable to find computer address
With “no ip domain-lookup” configured, the router doesn’t attempt to find a remote DNS server. It sees there is no local resolution configured and almost immediately sends a message to the console that the name can’t be resolved.
R2#conf t
R2(config)#ip domain-lookup
R2(config)#ip name-server 10.1.1.1
R2#contin
Translating "contin"...domain server (10.1.1.1)
A DNS server is installed on the network with the IP address 10.1.1.1. DNS lookup is reenabled with the command ip domain-lookup, and the IP address of the DNS server is specified with the ip name-server command.
It's just that easy to tell a Cisco router exactly where the DNS server is!
When a command is mistyped on a Cisco router, the default behavior of the router is to attempt to resolve it via DNS. First, the router looks for an IP Host table on the local router to perform this resolution – that’s what the “translating” word in the output is referring to. If there’s no IP Host table or the IP Host table doesn’t contain an entry for what you typed, the router will send a broadcast in an attempt to resolve this name through a remote DNS server. To prevent this broadcast, enter the global command no ip domain-lookup. Of course, to use DNS to resolve hostnames, ip domain-lookup would have to be reenabled if it’s been turned off.
R2#contin
Translating "contin"...domain server (255.255.255.255)
% Unknown command or computer name, or unable to find computer address
A command is mistyped as “contin”. The Cisco router’s default behavior is to resolve this entry locally via an IP Host table, which isn't present on the router. A broadcast is then sent out to find a DNS server to perform the name resolution. The DNS lookup attempt must time out before the configuration can continue.
R2#conf t
R2(config)#no ip domain-lookup
R2#contin
Translating "contin"
% Unknown command or computer name, or unable to find computer address
With “no ip domain-lookup” configured, the router doesn’t attempt to find a remote DNS server. It sees there is no local resolution configured and almost immediately sends a message to the console that the name can’t be resolved.
R2#conf t
R2(config)#ip domain-lookup
R2(config)#ip name-server 10.1.1.1
R2#contin
Translating "contin"...domain server (10.1.1.1)
A DNS server is installed on the network with the IP address 10.1.1.1. DNS lookup is reenabled with the command ip domain-lookup, and the IP address of the DNS server is specified with the ip name-server command.
It's just that easy to tell a Cisco router exactly where the DNS server is!
Cisco CCNA Certification Exam Tutorial: Distance Vector Command Review
Part of studying for CCNA exam success is keeping all these new commands straight in your head! And let's face it, there are a lot of commands you need to know in order to pass the CCNA exam and earn that certification. Here's a review of some very important distance vector and static routing commands you need to know, along with their proper usage and console output.
Bandwidth
IGRP makes a default assumption that any Serial interface running IGRP is connected to a T1 line, which runs at 1544 KBPS. With equal-cost load-balancing enabled by default, this may be an undesirable assumption.
To alter IGRP’s assumption, use the bandwidth command on the serial interface in question. Note that this command does NOT actually affect the bandwidth available to the interface; it merely changes IGRP’s assumption of the bandwidth.
R2#conf t
R2(config)#int s0
R2(config-if)#bandwidth 512
Clear ip route *
This command clears your routing table of all non-static and non-connected routes. In a lab environment, it’s very handy because it forces your routers running routing protocols to send and request updates, rather than waiting for the regularly scheduled updates.
R2#clear ip route *
Debug ip igrp events
Debug ip igrp events allows you to see IGRP updates being sent and requested. Here, the debug is run and then the routing table is cleared. The router immediately broadcasts update requests via the IGRP-enabled interfaces.
R2#debug ip igrp event
IGRP event debugging is on
R2#clear ip route *
06:02:51: IGRP: broadcasting request on BRI0
06:02:51: IGRP: broadcasting request on Serial0.123
Debug ip igrp transactions
To configure IGRP unequal-cost load-sharing with the variance command, you’ve got to know the metric of the less-desirable routes. EIGRP keeps these in its topology table; IGRP has no such table.
To get the metrics of routes not in the routing table, run debug ip igrp transactions. To force IGRP updates, the routing table below was cleared with clear ip route *.
R2#debug ip igrp transactions
IGRP protocol debugging is on
R2#clear ip route *
06:05:33: IGRP: received update from 172.12.123.1 on Serial0.123
06:05:33: subnet 172.12.123.0, metric 10476 (neighbor 8476)
06:05:33: network 1.0.0.0, metric 8976 (neighbor 501)
06:05:33: IGRP: edition is now 3
06:05:33: IGRP: sending update to 255.255.255.255 via BRI0 (172.12.12.2)
06:05:33: network 1.0.0.0, metric=8976
06:05:33: IGRP: sending update to 255.255.255.255 via Serial0.123 (172.12.123.2) - suppressing null update
06:05:34: IGRP: received update from 172.12.12.1 on BRI0
06:05:34: subnet 172.12.13.0, metric 160250 (neighbor 8476)
06:05:34: network 1.0.0.0, metric 158750 (neighbor 501)
Debug ip rip
R2#debug ip rip
IP protocol debugging is on
R2#clear ip route *
6:14:53: RIP: received v2 update from 172.23.23.3 on Ethernet0
6:14:53: 1.0.0.0/8 via 0.0.0.0 in 16 hops (inaccessible)
6:14:53: 1.1.1.1/32 via 0.0.0.0 in 2 hops
6:14:53: 172.12.0.0/16 via 0.0.0.0 in 16 hops (inaccessible)
6:14:53: 172.12.12.2/32 via 0.0.0.0 in 2 hops
6:14:53: 172.12.13.0/30 via 0.0.0.0 in 1 hops
6:14:53: 172.12.123.0/24 via 0.0.0.0 in 1 hops
6:14:53: 172.23.0.0/16 via 0.0.0.0 in 16 hops (inaccessible)
Run debug ip rip to troubleshoot routing update problems, RIP authentication problems, and to view the routing update contents. Clear ip route * was run to clear the routing table and to force a RIP update.
Ip route
R2#conf t
R2(config)#ip route 1.1.1.1 255.255.255.255 172.12.123.1
OR
R2(config)#ip route 1.1.1.1 255.255.255.255 serial0
To configure a static route to a given destination IP address, use the ip route command. The destination is followed by a subnet mask, and that can be followed by either the next-hop IP address or the exit interface on the local router.
Ip route 0.0.0.0 0.0.0.0
R2#conf t
R2(config)#ip route 0.0.0.0 0.0.0.0 172.12.123.1
OR
R2(config)#ip route 0.0.0.0 0.0.0.0 ethernet0
To configure a default static route, use either of these two commands.
You could have any number for the first “0.0.0.0", since the second set of zeroes is the subnet mask. This means that any destination will match this route statement.
That's a good review to get started with! I'll be back tomorrow with Part II of this CCNA exam command review!
Bandwidth
IGRP makes a default assumption that any Serial interface running IGRP is connected to a T1 line, which runs at 1544 KBPS. With equal-cost load-balancing enabled by default, this may be an undesirable assumption.
To alter IGRP’s assumption, use the bandwidth command on the serial interface in question. Note that this command does NOT actually affect the bandwidth available to the interface; it merely changes IGRP’s assumption of the bandwidth.
R2#conf t
R2(config)#int s0
R2(config-if)#bandwidth 512
Clear ip route *
This command clears your routing table of all non-static and non-connected routes. In a lab environment, it’s very handy because it forces your routers running routing protocols to send and request updates, rather than waiting for the regularly scheduled updates.
R2#clear ip route *
Debug ip igrp events
Debug ip igrp events allows you to see IGRP updates being sent and requested. Here, the debug is run and then the routing table is cleared. The router immediately broadcasts update requests via the IGRP-enabled interfaces.
R2#debug ip igrp event
IGRP event debugging is on
R2#clear ip route *
06:02:51: IGRP: broadcasting request on BRI0
06:02:51: IGRP: broadcasting request on Serial0.123
Debug ip igrp transactions
To configure IGRP unequal-cost load-sharing with the variance command, you’ve got to know the metric of the less-desirable routes. EIGRP keeps these in its topology table; IGRP has no such table.
To get the metrics of routes not in the routing table, run debug ip igrp transactions. To force IGRP updates, the routing table below was cleared with clear ip route *.
R2#debug ip igrp transactions
IGRP protocol debugging is on
R2#clear ip route *
06:05:33: IGRP: received update from 172.12.123.1 on Serial0.123
06:05:33: subnet 172.12.123.0, metric 10476 (neighbor 8476)
06:05:33: network 1.0.0.0, metric 8976 (neighbor 501)
06:05:33: IGRP: edition is now 3
06:05:33: IGRP: sending update to 255.255.255.255 via BRI0 (172.12.12.2)
06:05:33: network 1.0.0.0, metric=8976
06:05:33: IGRP: sending update to 255.255.255.255 via Serial0.123 (172.12.123.2) - suppressing null update
06:05:34: IGRP: received update from 172.12.12.1 on BRI0
06:05:34: subnet 172.12.13.0, metric 160250 (neighbor 8476)
06:05:34: network 1.0.0.0, metric 158750 (neighbor 501)
Debug ip rip
R2#debug ip rip
IP protocol debugging is on
R2#clear ip route *
6:14:53: RIP: received v2 update from 172.23.23.3 on Ethernet0
6:14:53: 1.0.0.0/8 via 0.0.0.0 in 16 hops (inaccessible)
6:14:53: 1.1.1.1/32 via 0.0.0.0 in 2 hops
6:14:53: 172.12.0.0/16 via 0.0.0.0 in 16 hops (inaccessible)
6:14:53: 172.12.12.2/32 via 0.0.0.0 in 2 hops
6:14:53: 172.12.13.0/30 via 0.0.0.0 in 1 hops
6:14:53: 172.12.123.0/24 via 0.0.0.0 in 1 hops
6:14:53: 172.23.0.0/16 via 0.0.0.0 in 16 hops (inaccessible)
Run debug ip rip to troubleshoot routing update problems, RIP authentication problems, and to view the routing update contents. Clear ip route * was run to clear the routing table and to force a RIP update.
Ip route
R2#conf t
R2(config)#ip route 1.1.1.1 255.255.255.255 172.12.123.1
OR
R2(config)#ip route 1.1.1.1 255.255.255.255 serial0
To configure a static route to a given destination IP address, use the ip route command. The destination is followed by a subnet mask, and that can be followed by either the next-hop IP address or the exit interface on the local router.
Ip route 0.0.0.0 0.0.0.0
R2#conf t
R2(config)#ip route 0.0.0.0 0.0.0.0 172.12.123.1
OR
R2(config)#ip route 0.0.0.0 0.0.0.0 ethernet0
To configure a default static route, use either of these two commands.
You could have any number for the first “0.0.0.0", since the second set of zeroes is the subnet mask. This means that any destination will match this route statement.
That's a good review to get started with! I'll be back tomorrow with Part II of this CCNA exam command review!
Cisco CCNA Certification: Static Routing Tutorial
In studying for your CCNA exam and preparing to earn this valuable certification, you may be tempted to spend little time studying static routing and head right for the more exciting dynamic routing protocols like RIP, EIGRP, and OSPF. This is an understandable mistake, but still a mistake. Static routing is not complicated, but it's an important topic on the CCNA exam and a valuable skill for real-world networking.
To create static routes on a Cisco router, you use the ip route command followed by the destination network, network mask, and either the next-hop IP address or the local exit interface. It's vital to keep that last part in mind - you're either configuring the IP address of the downstream router, or the interface on the local router that will serve as the exit interface.
Let's say your local router has a serial0 interface with an IP address of 200.1.1.1/30, and the downstream router that will be the next hop will receive packets on its serial1 interface with an IP address of 200.1.1.2/30. The static route will be for packets destined for the 172.10.1.0 network. Either of the following ip route statements would be correct.
R1(config)#ip route 172.10.1.0 255.255.255.0 200.1.1.2 (next-hop IP address)
OR
R1(config)#ip route 172.10.1.0 255.255.255.0 serial0 ( local exit interface)
You can also write a static route that matches only one destination. This is a host route, and has 255.255.255.255 for a mask. If the above static routes should only be used to send packets to 172.10.1.1., the following commands would do the job.
R1(config)#ip route 172.10.1.1 255.255.255.255 200.1.1.2 (next-hop IP address)
OR
R1(config)#ip route 172.10.1.1 255.255.255.255 serial0 ( local exit interface)
Finally, a default static route serves as a gateway of last resort. If there are no matches for a destination in the routing table, the default route will be used. Default routes use all zeroes for both the destination and mask, and again a next-hop IP address or local exit interface can be used.
R1(config)#ip route 0.0.0.0 0.0.0.0 200.1.1.2 (next-hop IP address)
OR
R1(config)#ip route 0.0.0.0 0.0.0.0 serial0 ( local exit interface)
IP route statements seem simple enough, but the details regarding the next-hop IP address, the local exit interface, default static routes, and the syntax of the command are vital for success on CCNA exam day and in the real world.
To create static routes on a Cisco router, you use the ip route command followed by the destination network, network mask, and either the next-hop IP address or the local exit interface. It's vital to keep that last part in mind - you're either configuring the IP address of the downstream router, or the interface on the local router that will serve as the exit interface.
Let's say your local router has a serial0 interface with an IP address of 200.1.1.1/30, and the downstream router that will be the next hop will receive packets on its serial1 interface with an IP address of 200.1.1.2/30. The static route will be for packets destined for the 172.10.1.0 network. Either of the following ip route statements would be correct.
R1(config)#ip route 172.10.1.0 255.255.255.0 200.1.1.2 (next-hop IP address)
OR
R1(config)#ip route 172.10.1.0 255.255.255.0 serial0 ( local exit interface)
You can also write a static route that matches only one destination. This is a host route, and has 255.255.255.255 for a mask. If the above static routes should only be used to send packets to 172.10.1.1., the following commands would do the job.
R1(config)#ip route 172.10.1.1 255.255.255.255 200.1.1.2 (next-hop IP address)
OR
R1(config)#ip route 172.10.1.1 255.255.255.255 serial0 ( local exit interface)
Finally, a default static route serves as a gateway of last resort. If there are no matches for a destination in the routing table, the default route will be used. Default routes use all zeroes for both the destination and mask, and again a next-hop IP address or local exit interface can be used.
R1(config)#ip route 0.0.0.0 0.0.0.0 200.1.1.2 (next-hop IP address)
OR
R1(config)#ip route 0.0.0.0 0.0.0.0 serial0 ( local exit interface)
IP route statements seem simple enough, but the details regarding the next-hop IP address, the local exit interface, default static routes, and the syntax of the command are vital for success on CCNA exam day and in the real world.
Tuesday, December 23, 2008
Cisco CCNA / CCNP Exam Tutorial: Five Debugs You Must Know
To pass the BSCI exam and move one step closer to CCNP certification success, you've got to know how and when to use debug commands to troubleshoot and verify network operations. While you should never practice debug commands on a production network, it's important to get some hands-on experience with them and not rely on "router simulators" and books to learn about them.
When it comes to RIP, "debug ip rip" is the primary debug to use. This debug will show you the contents of the routing update packets, and is vital in diagnosing RIP version mismatches and routing update authentication issues.
You know how to use the variance command to configure unequal-cost load-sharing with IGRP, but IGRP has no topology table that will give you the feasible successor metrics you need. With IGRP, you need to use the "debug ip igrp transactions" command to get these vital metrics.
Several factors are considered by OSPF-enabled routers when it comes to forming adjacencies, including hello and dead timer settings. If an adjacency doesn't form when you think it should, run "debug ip ospf adj". The reason the adjacency isn't forming is usually seen quickly with this command's output.
Let's not ignore Layer Two! If frame relay mappings are not forming according to your configuration, run "debug frame lmi". This debug will allow you to quickly diagnose and correct any LMI mismatches.
When it comes to PPP, it can be very frustrating to try to spot a problem with a password or username. Instead of staring at the configuration for 10 minutes, run "debug ppp negotiation" and send a ping over the link. This command will help you spot the router with the misconfigured username or password, not to mention saving you a lot of time!
Effectively using debugs during your CCNA and CCNP exam study will help you truly understand what's going on "behind the command" - and it will really come in handy on that day when your production network just isn't doing what you (think) you told it to do!
When it comes to RIP, "debug ip rip" is the primary debug to use. This debug will show you the contents of the routing update packets, and is vital in diagnosing RIP version mismatches and routing update authentication issues.
You know how to use the variance command to configure unequal-cost load-sharing with IGRP, but IGRP has no topology table that will give you the feasible successor metrics you need. With IGRP, you need to use the "debug ip igrp transactions" command to get these vital metrics.
Several factors are considered by OSPF-enabled routers when it comes to forming adjacencies, including hello and dead timer settings. If an adjacency doesn't form when you think it should, run "debug ip ospf adj". The reason the adjacency isn't forming is usually seen quickly with this command's output.
Let's not ignore Layer Two! If frame relay mappings are not forming according to your configuration, run "debug frame lmi". This debug will allow you to quickly diagnose and correct any LMI mismatches.
When it comes to PPP, it can be very frustrating to try to spot a problem with a password or username. Instead of staring at the configuration for 10 minutes, run "debug ppp negotiation" and send a ping over the link. This command will help you spot the router with the misconfigured username or password, not to mention saving you a lot of time!
Effectively using debugs during your CCNA and CCNP exam study will help you truly understand what's going on "behind the command" - and it will really come in handy on that day when your production network just isn't doing what you (think) you told it to do!
Subscribe to:
Posts (Atom)
