To pass the BSCI exam and earn your CCNP, you've got to keep a lot of details in mind. It's easy to overlook the "simpler" protocols and services such as static routing and distance vector protocols. With this in mind, here's a quick review of some details you should know for success in the exam room and real-world networks!
When packets need to be routed, the routing table is parsed for the longest prefix match if multiple paths exist with the same prefix length, the route with the lowest AD is preferred. If there are still multiple valid paths, equal-cost load-sharing goes into effect.
The ip route command is used to create static routes the command ip route 0.0.0.0 0.0.0.0 < next-hop-IP or local exit interface> creates a default static route.
A static route with a next-hop IP address has an AD of one, while a static route with a local exit interface has an AD of zero.
A floating static route is a static route with an AD higher than that of the dynamic routing protocols running on the router, ensuring that the static route can only be used if the routing protocol goes down.
On-Demand Routing (ODR) is only appropriate in a hub-and-spoke network. The spokes effectively become stub routers. ODR uses Cisco Discovery Protocol (CDP) to send route information.
To propagate a default route with IP routing, use the ip default-network command. To do so with IP routing disabled, use ip default-gateway. You can also redistribute a static route into most protocols, but not IGRP. IGRP does not understand a static route to 0.0.0.0.
The ip helper-address command takes certain broadcasts and translates then into unicasts in order to allow the router to forward them. These default ports are:
TIME, port 37
TACACS, port 49
DNS, port 53
BOOTP/DHCP Server, port 67
BOOTP/DHCP Client, port 68
TFTP, port 69
NetBIOS name service, port 137
NetBIOS datagram services, port 138
To name other ports, use the ip forward-protocol command. To remove any of these ports from the default list, use the no ip forward-protocol command.
ICMP Router Discovery Protocol (IRDP) hosts hear multicast Hellos from routers, allowing host-router discovery. HSRP routers create a virtual router that hosts think is a real router. Both protocols help networks cut over to a functional router quickly when their primary router goes down.
Showing posts with label prefix. Show all posts
Showing posts with label prefix. Show all posts
Thursday, December 25, 2008
Cisco CCNP / BSCI Exam Tutorial: Not All Static Routes Are Created Equal
As a CCNP candidate, as a CCNA, and in getting ready to pass the BSCI exam, you may be tempted to breeze through your static route studies, or even skip them! That's because static routes are easy enough to configure, and as long as you remember the syntax of the ip route command, you're in good shape.
But there's one vital detail regarding static routes that many exam candidates miss. That's because many CCNA and CCNP books say "the administrative distance of a static route is 1", but that is not quite accurate.
You know from your CCNA studies that the ip route command is used to create a static route, and that you have the option of configuring a local exit interface or a next-hop IP address at the end of the command. However, the administrative distances are not the same. The AD of a static route that uses a local exit interface is zero! (That's because the router considers a static route with a local exit interface to actually be a directly connected network.) The AD of a static route with a next-hop IP address is 1.
Therefore, if the router has the following two ip route statements to consider...
Router(config)#ip route 172.1.1.1 255.255.255.255 fast0
Router(config)#ip route 172.1.1.1 255.255.255.255 210.1.1.1
... the prefix lengths are the same, so the static route using the local exit interface fastethernet0 will be preferred due to its lower AD, and will be installed into the routing table.
Keep the details in mind on the job and in the exam room, and you’re on your way to CCNP exam success!
But there's one vital detail regarding static routes that many exam candidates miss. That's because many CCNA and CCNP books say "the administrative distance of a static route is 1", but that is not quite accurate.
You know from your CCNA studies that the ip route command is used to create a static route, and that you have the option of configuring a local exit interface or a next-hop IP address at the end of the command. However, the administrative distances are not the same. The AD of a static route that uses a local exit interface is zero! (That's because the router considers a static route with a local exit interface to actually be a directly connected network.) The AD of a static route with a next-hop IP address is 1.
Therefore, if the router has the following two ip route statements to consider...
Router(config)#ip route 172.1.1.1 255.255.255.255 fast0
Router(config)#ip route 172.1.1.1 255.255.255.255 210.1.1.1
... the prefix lengths are the same, so the static route using the local exit interface fastethernet0 will be preferred due to its lower AD, and will be installed into the routing table.
Keep the details in mind on the job and in the exam room, and you’re on your way to CCNP exam success!
Cisco CCNP / BSCI Exam Tutorial: Filtering BGP Updates With Prefix
A major part of your BSCI and CCNP exam success is mastering BGP, and that includes filtering BGP routing updates. In this tutorial, we'll take a look at how to filter BGP updates with prefix lists.
R4 is advertising three networks via BGP. The downstream router R3 sees these routes and places them into its BGP table as shown below. R3 has two downstream BGP peers, R1 and R2, and is advertising itself as the next-hop IP address for all BGP routes sent to those two routers.
R4(config)#router bgp 4
R4(config-router)#network 21.0.0.0 mask 255.0.0.0
R4(config-router)#network 22.0.0.0 mask 255.0.0.0
R4(config-router)#network 23.0.0.0 mask 255.0.0.0
R3#show ip bgp
BGP table version is 4, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i –
Internal
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*> 21.0.0.0 10.2.2.4 0 0 4 I
*> 22.0.0.0 10.2.2.4 0 0 4 I
*> 23.0.0.0 10.2.2.4 0 0 4 I
R3(config)#router bgp 123
R3(config-router)#neighbor 172.12.123.1 next-hop-self
R3(config-router)#neighbor 172.12.123.2 next-hop-self
In turn, both R1 and R2 have these three routes in their respective BGP tables.
R2#show ip bgp
BGP table version is 4, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i –
Internal
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*>i21.0.0.0 172.12.123.3 0 100 0 4 I
*>i22.0.0.0 172.12.123.3 0 100 0 4 I
*>i23.0.0.0 172.12.123.3 0 100 0 4 I
R1#show ip bgp
BGP table version is 4, local router ID is 19.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i –
Internal
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*>i21.0.0.0 172.12.123.3 0 100 0 4 I
*>i22.0.0.0 172.12.123.3 0 100 0 4 I
*>i23.0.0.0 172.12.123.3 0 100 0 4 I
If we wanted R3 to receive all three of these routes from R4 but not advertise all of them to R2 and R1, we've got a couple of options on how to block these routes. Cisco's recommendation is the use of prefix-lists, and once you get used to the syntax (which you should do before taking and passing the BSCI), you'll see they are actually easier to use than access-lists.
In this case, we're going to configure R3 to send only the route to 21.0.0.0 to R1 and 23.0.0.0 to R2. However, we do want these two routers to get any future routes that R4 advertises into BGP.
Since R1 and R2 will learn about these routes from an iBGP neighbor, they will not advertise the routes to each other.
On R3, we'll write a prefix-list that denies 22.0.0.0/8 and 23.0.0.0/8, but permits all other routes. After applying the prefix list as shown, R1 sees only the 21.0.0.0 /8 route.
R3(config)#ip prefix-list FILTER_R1 deny 22.0.0.0/8
R3(config)#ip prefix-list FILTER_R1 deny 23.0.0.0/8
R3(config)#ip prefix-list FILTER_R1 permit 0.0.0.0/0 le 32
R3(config)#router bgp 123
R3(config-router)#neighbor 172.12.123.1 prefix-list FILTER_R1 out
R3#clear ip bgp * soft
R1#show ip bgp
BGP table version is 6, local router ID is 19.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i –
Internal
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*>i21.0.0.0 172.12.123.3 0 100 0 4 I
The paths to 22.0.0.0/8 and 23.0.0.0/8 have been successfully filtered.
We'll do the same for R2, except the route not being expressly blocked is 23.0.0.0/8. The line "ip prefix-list permit 0.0.0.0/0 le 32" is the prefix list equivalent of a "permit any" statement in an ACL.
R3(config)#ip prefix-list FILTER_R2 deny 21.0.0.0/8
R3(config)#ip prefix-list FILTER_R2 deny 22.0.0.0/8
R3(config)#ip prefix-list FILTER_R2 permit 0.0.0.0/0 le 32
R3(config)#router bgp 123
R3(config-router)#neighbor 172.12.123.2 prefix-list FILTER_R2 out
R3#clear ip bgp * soft
R2#show ip bgp
BGP table version is 6, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i –
Internal
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*>i23.0.0.0 172.12.123.3 0 100 0 4 I
The paths to 21.0.0.0/8 and 22.0.0.0/8 have been successfully filtered.
To see the prefix lists configured on a route as well as the order of the statements in each list, run show ip prefix-list.
R3#show ip prefix-list
ip prefix-list FILTER_R1: 3 entries
seq 5 deny 22.0.0.0/8
seq 10 deny 23.0.0.0/8
seq 15 permit 0.0.0.0/0 le 32
ip prefix-list FILTER_R2: 3 entries
seq 5 deny 21.0.0.0/8
seq 10 deny 22.0.0.0/8
seq 15 permit 0.0.0.0/0 le 32
Get some hands-on practice with prefix lists and you'll quickly master them. Prefix lists are an important part of working with BGP in the exam room and production networks, so it's vital that you are comfortable working with them.
R4 is advertising three networks via BGP. The downstream router R3 sees these routes and places them into its BGP table as shown below. R3 has two downstream BGP peers, R1 and R2, and is advertising itself as the next-hop IP address for all BGP routes sent to those two routers.
R4(config)#router bgp 4
R4(config-router)#network 21.0.0.0 mask 255.0.0.0
R4(config-router)#network 22.0.0.0 mask 255.0.0.0
R4(config-router)#network 23.0.0.0 mask 255.0.0.0
R3#show ip bgp
BGP table version is 4, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i –
Internal
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*> 21.0.0.0 10.2.2.4 0 0 4 I
*> 22.0.0.0 10.2.2.4 0 0 4 I
*> 23.0.0.0 10.2.2.4 0 0 4 I
R3(config)#router bgp 123
R3(config-router)#neighbor 172.12.123.1 next-hop-self
R3(config-router)#neighbor 172.12.123.2 next-hop-self
In turn, both R1 and R2 have these three routes in their respective BGP tables.
R2#show ip bgp
BGP table version is 4, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i –
Internal
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*>i21.0.0.0 172.12.123.3 0 100 0 4 I
*>i22.0.0.0 172.12.123.3 0 100 0 4 I
*>i23.0.0.0 172.12.123.3 0 100 0 4 I
R1#show ip bgp
BGP table version is 4, local router ID is 19.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i –
Internal
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*>i21.0.0.0 172.12.123.3 0 100 0 4 I
*>i22.0.0.0 172.12.123.3 0 100 0 4 I
*>i23.0.0.0 172.12.123.3 0 100 0 4 I
If we wanted R3 to receive all three of these routes from R4 but not advertise all of them to R2 and R1, we've got a couple of options on how to block these routes. Cisco's recommendation is the use of prefix-lists, and once you get used to the syntax (which you should do before taking and passing the BSCI), you'll see they are actually easier to use than access-lists.
In this case, we're going to configure R3 to send only the route to 21.0.0.0 to R1 and 23.0.0.0 to R2. However, we do want these two routers to get any future routes that R4 advertises into BGP.
Since R1 and R2 will learn about these routes from an iBGP neighbor, they will not advertise the routes to each other.
On R3, we'll write a prefix-list that denies 22.0.0.0/8 and 23.0.0.0/8, but permits all other routes. After applying the prefix list as shown, R1 sees only the 21.0.0.0 /8 route.
R3(config)#ip prefix-list FILTER_R1 deny 22.0.0.0/8
R3(config)#ip prefix-list FILTER_R1 deny 23.0.0.0/8
R3(config)#ip prefix-list FILTER_R1 permit 0.0.0.0/0 le 32
R3(config)#router bgp 123
R3(config-router)#neighbor 172.12.123.1 prefix-list FILTER_R1 out
R3#clear ip bgp * soft
R1#show ip bgp
BGP table version is 6, local router ID is 19.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i –
Internal
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*>i21.0.0.0 172.12.123.3 0 100 0 4 I
The paths to 22.0.0.0/8 and 23.0.0.0/8 have been successfully filtered.
We'll do the same for R2, except the route not being expressly blocked is 23.0.0.0/8. The line "ip prefix-list permit 0.0.0.0/0 le 32" is the prefix list equivalent of a "permit any" statement in an ACL.
R3(config)#ip prefix-list FILTER_R2 deny 21.0.0.0/8
R3(config)#ip prefix-list FILTER_R2 deny 22.0.0.0/8
R3(config)#ip prefix-list FILTER_R2 permit 0.0.0.0/0 le 32
R3(config)#router bgp 123
R3(config-router)#neighbor 172.12.123.2 prefix-list FILTER_R2 out
R3#clear ip bgp * soft
R2#show ip bgp
BGP table version is 6, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i –
Internal
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*>i23.0.0.0 172.12.123.3 0 100 0 4 I
The paths to 21.0.0.0/8 and 22.0.0.0/8 have been successfully filtered.
To see the prefix lists configured on a route as well as the order of the statements in each list, run show ip prefix-list.
R3#show ip prefix-list
ip prefix-list FILTER_R1: 3 entries
seq 5 deny 22.0.0.0/8
seq 10 deny 23.0.0.0/8
seq 15 permit 0.0.0.0/0 le 32
ip prefix-list FILTER_R2: 3 entries
seq 5 deny 21.0.0.0/8
seq 10 deny 22.0.0.0/8
seq 15 permit 0.0.0.0/0 le 32
Get some hands-on practice with prefix lists and you'll quickly master them. Prefix lists are an important part of working with BGP in the exam room and production networks, so it's vital that you are comfortable working with them.
Wednesday, December 24, 2008
Cisco CCNA Certification Exam Tutorial: Prefix Notation
When you're preparing to pass the CCNA exam and earn this coveted Cisco certification, you've got to be totally prepared for the many kinds of binary and subnetting questions Cisco may throw at you. You also have to be familiar with the different manners in which a subnet mask can be expressed, as in the following:
255.255.255.0
/24
Believe it or not, those two values are exactly the same. The first mask is written out in the more familiar dotted decimal format, and you know by looking at those first three octets that every bit is set to "1", since the maximum value of such an octet is 255.
The second value represents the exact same mask, only this value is expressed in prefix notation. This particular value would be pronounced "slash twenty-four", and the 24 represents the number of consecutive ones that are set in the subnet mask.
Those of us who hate to type numbers are particularly appreciative of this, since it means you'll have to type a lot less numbers to represent a subnet mask. In addition, it's a lot easier to discuss masks in prefix notation than dotted decimal. ("I thought about using a two-fifty-five two-fifty-five two-fifty-five zero mask ,but then decided to use a two-fifty-five two-fifty-five two-fifty-five one-twenty-eight mask...")
Be sure you're comfortable with prefix notation before taking your CCNA exam. As with Cisco documentation, you'll most likely see masks expressed in both dotted decimal and prefix notation, and you've got to be ready to use the both as well!
255.255.255.0
/24
Believe it or not, those two values are exactly the same. The first mask is written out in the more familiar dotted decimal format, and you know by looking at those first three octets that every bit is set to "1", since the maximum value of such an octet is 255.
The second value represents the exact same mask, only this value is expressed in prefix notation. This particular value would be pronounced "slash twenty-four", and the 24 represents the number of consecutive ones that are set in the subnet mask.
Those of us who hate to type numbers are particularly appreciative of this, since it means you'll have to type a lot less numbers to represent a subnet mask. In addition, it's a lot easier to discuss masks in prefix notation than dotted decimal. ("I thought about using a two-fifty-five two-fifty-five two-fifty-five zero mask ,but then decided to use a two-fifty-five two-fifty-five two-fifty-five one-twenty-eight mask...")
Be sure you're comfortable with prefix notation before taking your CCNA exam. As with Cisco documentation, you'll most likely see masks expressed in both dotted decimal and prefix notation, and you've got to be ready to use the both as well!
Monday, December 22, 2008
Cisco CCNP / BSCI Exam Tutorial: Not All Static Routes Are Created Equal
As a CCNP candidate, as a CCNA, and in getting ready to pass the BSCI exam, you may be tempted to breeze through your static route studies, or even skip them! That's because static routes are easy enough to configure, and as long as you remember the syntax of the ip route command, you're in good shape.
But there's one vital detail regarding static routes that many exam candidates miss. That's because many CCNA and CCNP books say "the administrative distance of a static route is 1", but that is not quite accurate.
You know from your CCNA studies that the ip route command is used to create a static route, and that you have the option of configuring a local exit interface or a next-hop IP address at the end of the command. However, the administrative distances are not the same. The AD of a static route that uses a local exit interface is zero! (That's because the router considers a static route with a local exit interface to actually be a directly connected network.) The AD of a static route with a next-hop IP address is 1.
Therefore, if the router has the following two ip route statements to consider...
Router(config)#ip route 172.1.1.1 255.255.255.255 fast0
Router(config)#ip route 172.1.1.1 255.255.255.255 210.1.1.1
... the prefix lengths are the same, so the static route using the local exit interface fastethernet0 will be preferred due to its lower AD, and will be installed into the routing table.
Keep the details in mind on the job and in the exam room, and you’re on your way to CCNP exam success!
But there's one vital detail regarding static routes that many exam candidates miss. That's because many CCNA and CCNP books say "the administrative distance of a static route is 1", but that is not quite accurate.
You know from your CCNA studies that the ip route command is used to create a static route, and that you have the option of configuring a local exit interface or a next-hop IP address at the end of the command. However, the administrative distances are not the same. The AD of a static route that uses a local exit interface is zero! (That's because the router considers a static route with a local exit interface to actually be a directly connected network.) The AD of a static route with a next-hop IP address is 1.
Therefore, if the router has the following two ip route statements to consider...
Router(config)#ip route 172.1.1.1 255.255.255.255 fast0
Router(config)#ip route 172.1.1.1 255.255.255.255 210.1.1.1
... the prefix lengths are the same, so the static route using the local exit interface fastethernet0 will be preferred due to its lower AD, and will be installed into the routing table.
Keep the details in mind on the job and in the exam room, and you’re on your way to CCNP exam success!
Subscribe to:
Posts (Atom)
