The textbook definition of "administrative distance" is simple enough: "the measurement of a protocol's believability". It's not enough to know the definition, however you've got to know when AD comes into the picture and when it does not.
When a packet needs to be routed, the router looks in its routing table for the next-hop IP address the packet should take to get to the destination. There may be more than one matching path, in which case the router will look for the "longest match". The route that has the longest match - the route with the most bits in the mask set to "1" - will be the route that is used.
Consider the following three routes from a fictional Cisco router:
I 172.17.0.0 /24 via 172.1.1.1
O 172.17.0.0 /25 via 173.1.1.1
R 172.17.0.0 /26 via 174.1.1.1
This router has three possible next-hop IP addresses that it can send packets destined for the network 172.17.0.0. The masks are of different lengths, meaning that the route with the longest match (again, the route with the most bits set to "1") will be used. In this example, the RIP route will be used, since it has the longest match with a mask of /26. The administrative distances do not matter.
AD does matter when the masks are the same length, as shown here:
I 172.17.0.0 /24 via 172.1.1.1
O 172.17.0.0 /24 via 173.1.1.1
R 172.17.0.0 /24 via 174.1.1.1
The longest match rule always precedes the use of AD, but here there is a three-way tie regarding the masks. They're all /24 (or 255.255.255.0 in dotted decimal). AD will be used to break this tie.
As mentioned, AD is a measurement of a protocol's believability. It is important to keep in mind that the lowest AD will be preferred. And while the routing table will show you the ADs of the respective protocols, it's a very good idea to know these ADs before taking the CCNA or CCNP:
Connected route: 0
Static Route: 1
EIGRP Summary: 5
External BGP: 20
EIGRP (Internal): 90
IGRP: 100
OSPF: 110
ISIS : 115
RIP: 120
EIGRP (External) : 170
Unknown: 255 (A router will not believe a source with an AD of 255, and such routes will not be placed into the routing table.)
The three protocols we looked at in the comparison were RIP, IGRP, and OSPF. While your first instinct may be that the OSPF route would be the most believable, IGRP actually has a lower AD than the other two and would be the route installed in the routing table.
Since IGRP does not support variable-length subnet masking and OSPF does, you may never see this scenario outside of an exam question. But if you do see it in the exam room or in a production network, you'll understand how an IGRP route could be preferred over an OSPF route.
Showing posts with label rip. Show all posts
Showing posts with label rip. Show all posts
Friday, December 26, 2008
Cisco Certification: The "Secret" Key To Getting Your CCNA And CCNP
Whether you're working on your CCNA or CCNP, Cisco certification exams are the most demanding computer certification exams in the IT field. Cisco exams are not a test of memorization, they're a test of your analytical skills. You'll need to look at configurations and console output and analyze them to identify problems and answer detailed questions. To pass these demanding exams, you've got to truly understand how Cisco routers and switches operate - and the key to doing so is right in front of you.
The debug command.
Of course, there is no single "debug" command. Using IOS Help, you can quickly see that there are hundreds of these debugs, and I want to mention immediately that you should never practice these commands on a production router. This is one major reason you need to get some hands-on experience with Cisco products in a home lab or rack rental. No software program or "simulator" is going to give you the debug practice you need.
Now, why am I so insistent that you use debugs? Because that's how you actually see what's going on. It's not enough to type a frame relay LMI command, you have to be able to see the LMIs being exchanged with "debug frame lmi". You don't want to just type a few network numbers in after enabling RIP, you want to see the routes being advertised along with their metrics with "debug ip rip". The list goes on and on.
By using debugs as part of your CCNA and CCNP studies, you're going beyond just memorizing commands and thinking you understand everything that's happening when you enter a command or two. You move to a higher level of understanding how routers, switches, and protocols work -- and that is the true goal of earning your CCNA and CCNP.
The debug command.
Of course, there is no single "debug" command. Using IOS Help, you can quickly see that there are hundreds of these debugs, and I want to mention immediately that you should never practice these commands on a production router. This is one major reason you need to get some hands-on experience with Cisco products in a home lab or rack rental. No software program or "simulator" is going to give you the debug practice you need.
Now, why am I so insistent that you use debugs? Because that's how you actually see what's going on. It's not enough to type a frame relay LMI command, you have to be able to see the LMIs being exchanged with "debug frame lmi". You don't want to just type a few network numbers in after enabling RIP, you want to see the routes being advertised along with their metrics with "debug ip rip". The list goes on and on.
By using debugs as part of your CCNA and CCNP studies, you're going beyond just memorizing commands and thinking you understand everything that's happening when you enter a command or two. You move to a higher level of understanding how routers, switches, and protocols work -- and that is the true goal of earning your CCNA and CCNP.
Thursday, December 25, 2008
Cisco CCNP Certification / BSCI Exam Tutorial: Route Summarization Basics
As you earn your CCNA and CCNP certification, you're going to have to get comfortable with manually summarizing routes. This isn't just another reason to learn binary math (although it's a good one!), but summarizing routes is a true real-world skill that can help your network operate more efficiently. So the question isn't just how to summarize routes, it's why.
When you summarize routes in RIP, IGRP, EIGRP, or OSPF, you're replacing a series of routes with a summary route and mask. With RIP, IGRP, and EIGRP, this actually lessens the size of the routing update packet itself - multiple routes are replaced with the summary route. For instance, the routes 8.0.0.0/8, 9.0.0.0/8, 10.0.0.0/8, and 11.0.0.0/8 can be summarized as 8.0.0.0 252.0.0.0. Only the summary address will be found in the update packet, making it concise yet complete.
Summarizing routes can also make the routing table smaller, yet still allow for complete IP connectivity when done correctly. Using the above example, the four more-specific routes will be replaced by a single summary route. Since the entire routing table is parsed before the routing process is complete, keeping the routing table as small as possible does help speed the routing process as a whole.
To prepare for success on your CCNA and CCNP exam, you've got to know how to summarize routes as well as the specific commands for doing so with OSPF, EIGRP, RIP, and IGRP - but knowing why to summarize routes is just as important as knowing how! Here are some additional tips on route summarization.
With RIP version 2 and EIGRP, manual route summarization is configured on the interface that will be advertising the summary. This is done with the route summarization command "ip summary-address."
RIP version 2 and EIGRP also both perform autosummarization on routes that are advertised across classful network boundaries. This is disabled with the protocol-level command "no auto-summary".
OSPF offers two different route summarization commands. To summarize routes from one OSPF area to another, use the "area range" command; to summarize routes learned via redistribution, use the "summary-address" command on the ASBR.
With proper planning and an understanding of binary math, you'll master route summarization quickly with some practice - and you'll be ready for success on real-world networks as well as the CCNA and CCNP exams!
When you summarize routes in RIP, IGRP, EIGRP, or OSPF, you're replacing a series of routes with a summary route and mask. With RIP, IGRP, and EIGRP, this actually lessens the size of the routing update packet itself - multiple routes are replaced with the summary route. For instance, the routes 8.0.0.0/8, 9.0.0.0/8, 10.0.0.0/8, and 11.0.0.0/8 can be summarized as 8.0.0.0 252.0.0.0. Only the summary address will be found in the update packet, making it concise yet complete.
Summarizing routes can also make the routing table smaller, yet still allow for complete IP connectivity when done correctly. Using the above example, the four more-specific routes will be replaced by a single summary route. Since the entire routing table is parsed before the routing process is complete, keeping the routing table as small as possible does help speed the routing process as a whole.
To prepare for success on your CCNA and CCNP exam, you've got to know how to summarize routes as well as the specific commands for doing so with OSPF, EIGRP, RIP, and IGRP - but knowing why to summarize routes is just as important as knowing how! Here are some additional tips on route summarization.
With RIP version 2 and EIGRP, manual route summarization is configured on the interface that will be advertising the summary. This is done with the route summarization command "ip summary-address."
RIP version 2 and EIGRP also both perform autosummarization on routes that are advertised across classful network boundaries. This is disabled with the protocol-level command "no auto-summary".
OSPF offers two different route summarization commands. To summarize routes from one OSPF area to another, use the "area range" command; to summarize routes learned via redistribution, use the "summary-address" command on the ASBR.
With proper planning and an understanding of binary math, you'll master route summarization quickly with some practice - and you'll be ready for success on real-world networks as well as the CCNA and CCNP exams!
Cisco CCNP / BSCI Tutorial: Route Summarization With RIP And EIGRP
To pass your BSCI exam and earn your CCNP certification, you've got to master route summarization. When you get to the BSCI level, actually breaking the routes down into binary strings and performing summarization is second nature to you. (If it isn't, get some more practice!) What makes CCNP / BSCI route summarization more difficult is just keeping the different protocol summarization commands straight!
RIP and EIGRP both perform route summarization at the interface level with the ip summary-address command. In the following example, R2 is running RIP and was sending four routes to R3, R3's table looked like this before summarization:
R3#show ip route rip
172.16.0.0/24 is subnetted, 4 subnets
R 172.16.8.0 [120/1] via 172.23.23.2, 00:00:02, Ethernet0
R 172.16.9.0 [120/1] via 172.23.23.2, 00:00:02, Ethernet0
R 172.16.10.0 [120/1] via 172.23.23.2, 00:00:02, Ethernet0
R 172.16.11.0 [120/1] via 172.23.23.2, 00:00:02, Ethernet0
By summarizing the routes and using the ip summary-address command, RIP advertises only the summary route to the downstream neighbor.
R2(config)#int ethernet0
R2(config-if)#ip summary-address rip 172.16.8.0 255.255.252.0
R3#clear ip route *
R3#show ip route rip
172.16.0.0/22 is subnetted, 1 subnets
R 172.16.8.0 [120/1] via 172.23.23.2, 00:01:24, Ethernet0
EIGRP works much the same way, except that the EIGRP AS number must be named in the ip summary-address command.
In the following example, R2 was advertising four separate routes to R3 via EIGRP 100: 100.0.0.0, 101.0.0.0, 102.0.0.0, and 103.0.0.0, all with an eight-bit mask. What summary route can be used here?
The summary is 100.0.0.0 252.0.0.0. To send that route to downstream routers, configure the following on R2:
R2(config)#interface ethernet0
R2(config-if)#ip summary-address eigrp 100 100.0.0.0 252.0.0.0
R3 will then have only one route in its EIGRP table - the summary route.
R3#show ip route eigrp
D 100.0.0.0/6 [90/2297856] via 172.23.23.2, 00:02:33, Ethernet0
By mastering basic binary skills and keeping in mind that RIP and EIGRP perform route summarization at the interface level, you're one step closer to passing your BSCI exam and earning your CCNP certification!
In the next part of this tutorial, we'll take a detailed look at the different methods OSPF uses for route summarization.
RIP and EIGRP both perform route summarization at the interface level with the ip summary-address command. In the following example, R2 is running RIP and was sending four routes to R3, R3's table looked like this before summarization:
R3#show ip route rip
172.16.0.0/24 is subnetted, 4 subnets
R 172.16.8.0 [120/1] via 172.23.23.2, 00:00:02, Ethernet0
R 172.16.9.0 [120/1] via 172.23.23.2, 00:00:02, Ethernet0
R 172.16.10.0 [120/1] via 172.23.23.2, 00:00:02, Ethernet0
R 172.16.11.0 [120/1] via 172.23.23.2, 00:00:02, Ethernet0
By summarizing the routes and using the ip summary-address command, RIP advertises only the summary route to the downstream neighbor.
R2(config)#int ethernet0
R2(config-if)#ip summary-address rip 172.16.8.0 255.255.252.0
R3#clear ip route *
R3#show ip route rip
172.16.0.0/22 is subnetted, 1 subnets
R 172.16.8.0 [120/1] via 172.23.23.2, 00:01:24, Ethernet0
EIGRP works much the same way, except that the EIGRP AS number must be named in the ip summary-address command.
In the following example, R2 was advertising four separate routes to R3 via EIGRP 100: 100.0.0.0, 101.0.0.0, 102.0.0.0, and 103.0.0.0, all with an eight-bit mask. What summary route can be used here?
The summary is 100.0.0.0 252.0.0.0. To send that route to downstream routers, configure the following on R2:
R2(config)#interface ethernet0
R2(config-if)#ip summary-address eigrp 100 100.0.0.0 252.0.0.0
R3 will then have only one route in its EIGRP table - the summary route.
R3#show ip route eigrp
D 100.0.0.0/6 [90/2297856] via 172.23.23.2, 00:02:33, Ethernet0
By mastering basic binary skills and keeping in mind that RIP and EIGRP perform route summarization at the interface level, you're one step closer to passing your BSCI exam and earning your CCNP certification!
In the next part of this tutorial, we'll take a detailed look at the different methods OSPF uses for route summarization.
Cisco CCNP / BSCI Exam Tutorial: Route Summarization
Preparing to pass the BSCI exam and earn your Cisco CCNP? Route summarization is just one of the many skills you'll have to master in order to earn your CCNP. Whether it's RIP version 2, OSPF, or EIGRP, the BSCI exam will demand that you can flawlessly configure route summarization.
Route summarization isn't just important for the BSCI exam. It's a valuable skill to have in the real world as well. Correctly summarizing routes can lead to smaller routing tables that are still able to route packets accurately - what I like to call "concise and complete" routing tables.
The first skill you've got to have in order to work with route summarization is binary math more specifically, you must be able to take multiple routes and come up with both a summary route and mask to advertise to downstream routers. Given the networks 100.16.0.0 /16, 100.17.0.0 /16, 100.18.0.0 /16, and 100.19.0.0 /16, could you quickly come up with both the summary address and mask? All you need to do is break the four network numbers down into binary strings. We know the last two octets will all convert to the binary string 00000000, so in this article we'll only illustrate how to convert the first and second octet from decimal to binary.
100 16 = 01100100 00010000
100 17 = 01100100 00010001
100 18 = 01100100 00010010
100 19 = 01100100 00010011
To come up with the summary route, just work from left to right and draw a line where the four networks no longer have a bit in common. For these four networks, that point comes between the 14th and 15th bits. This leaves us with this string: 01100100 000100xx. All you need to do is convert that string back to decimal, which gives us 100 for the first octet and 16 for the second. (The two x values are bits on the right side of the line, which aren't used in calculating the summary route.) Since we know that zero is the value for the last two octets, the resulting summary network number is 100.16.0.0.
But we're not done! We now have to come up with the summary mask to advertise along with the summary route. To arrive at the summary route, write out a mask in binary with a "1" for every bit to the left of the line we drew previously, and a "0" for every bit to the right. That gives us the following string:
11111111 11111100 00000000 00000000
Converting that to dotted decimal, we arrive at the summary mask 255.252.0.0. The correct summary network and mask to advertise are 100.16.0.0 252.0.0.0.
For the BSCI exam, emphasis is put on knowing how to advertise these summary routes in RIPv2, EIGRP, and OSPF. For RIP v2 and EIGRP, route summarization happens at the interface level - it's not configured under the protocol. On the interface that should advertise the summary route, use the command "ip summary-address". Here are examples of how the above summary route would be configured on ethernet0 in both RIPv2 and EIGRP.
R1(config-if)#ip summary-address rip 100.16.0.0 255.252.0.0
R1(config-if)#ip summary-address eigrp 100 100.16.0.0 255.252.0.0
The main difference between the two is that the EIGRP command must specify the AS number - that's what the "100" is in the middle of the EIGRP command. Since RIPv2 does not use AS numbers, there's no additional value needed in the configuration.
For OSPF, the commands differ. If you're configuring inter-area route summarization, use the "area range" command. The number following "area" is the area containing the routes being summarized, not the area receiving the summary.
R1(config)#router ospf 1
R1(config-router)#area 1 range 100.16.0.0 255.252.0.0
If you are summarizing routes that are being redistributed into OSPF, use the summary-address command under the OSPF routing process on the ASBR.
R1(config)#router ospf 1
R1(config-router)#summary-address 100.16.0.0 255.252.0.0
I speak from experience when I tell you that practice makes perfect on the BSCI exam, especially with binary and summarization questions. The great thing about these questions is that there are no grey areas with these questions - you either know how to do it or you don't. And with practice and an eye for detail, you can master these skills, pass the exam, and become a CCNP. Here's to your success on these tough Cisco certification exams!
Route summarization isn't just important for the BSCI exam. It's a valuable skill to have in the real world as well. Correctly summarizing routes can lead to smaller routing tables that are still able to route packets accurately - what I like to call "concise and complete" routing tables.
The first skill you've got to have in order to work with route summarization is binary math more specifically, you must be able to take multiple routes and come up with both a summary route and mask to advertise to downstream routers. Given the networks 100.16.0.0 /16, 100.17.0.0 /16, 100.18.0.0 /16, and 100.19.0.0 /16, could you quickly come up with both the summary address and mask? All you need to do is break the four network numbers down into binary strings. We know the last two octets will all convert to the binary string 00000000, so in this article we'll only illustrate how to convert the first and second octet from decimal to binary.
100 16 = 01100100 00010000
100 17 = 01100100 00010001
100 18 = 01100100 00010010
100 19 = 01100100 00010011
To come up with the summary route, just work from left to right and draw a line where the four networks no longer have a bit in common. For these four networks, that point comes between the 14th and 15th bits. This leaves us with this string: 01100100 000100xx. All you need to do is convert that string back to decimal, which gives us 100 for the first octet and 16 for the second. (The two x values are bits on the right side of the line, which aren't used in calculating the summary route.) Since we know that zero is the value for the last two octets, the resulting summary network number is 100.16.0.0.
But we're not done! We now have to come up with the summary mask to advertise along with the summary route. To arrive at the summary route, write out a mask in binary with a "1" for every bit to the left of the line we drew previously, and a "0" for every bit to the right. That gives us the following string:
11111111 11111100 00000000 00000000
Converting that to dotted decimal, we arrive at the summary mask 255.252.0.0. The correct summary network and mask to advertise are 100.16.0.0 252.0.0.0.
For the BSCI exam, emphasis is put on knowing how to advertise these summary routes in RIPv2, EIGRP, and OSPF. For RIP v2 and EIGRP, route summarization happens at the interface level - it's not configured under the protocol. On the interface that should advertise the summary route, use the command "ip summary-address". Here are examples of how the above summary route would be configured on ethernet0 in both RIPv2 and EIGRP.
R1(config-if)#ip summary-address rip 100.16.0.0 255.252.0.0
R1(config-if)#ip summary-address eigrp 100 100.16.0.0 255.252.0.0
The main difference between the two is that the EIGRP command must specify the AS number - that's what the "100" is in the middle of the EIGRP command. Since RIPv2 does not use AS numbers, there's no additional value needed in the configuration.
For OSPF, the commands differ. If you're configuring inter-area route summarization, use the "area range" command. The number following "area" is the area containing the routes being summarized, not the area receiving the summary.
R1(config)#router ospf 1
R1(config-router)#area 1 range 100.16.0.0 255.252.0.0
If you are summarizing routes that are being redistributed into OSPF, use the summary-address command under the OSPF routing process on the ASBR.
R1(config)#router ospf 1
R1(config-router)#summary-address 100.16.0.0 255.252.0.0
I speak from experience when I tell you that practice makes perfect on the BSCI exam, especially with binary and summarization questions. The great thing about these questions is that there are no grey areas with these questions - you either know how to do it or you don't. And with practice and an eye for detail, you can master these skills, pass the exam, and become a CCNP. Here's to your success on these tough Cisco certification exams!
Cisco CCNP / BSCI Exam Tutorial: The Passive Interface Command And OSPF
To pass the BSCI exam and become a CCNP, you have to be aware of the proper use of passive interfaces. You learned about passive interfaces in your CCNA studies, but here we’ll review the basic concept and clear up one misconception regarding passive interfaces and OSPF.
Configuring an interface as passive will still allow the interface to receive routing updates, but the interface will no longer transmit them. While the command itself would make you think this command will be applied at the interface level, that is not the case. Below, we’ll configure ethernet0 as a RIP passive interface.
R1(config)#router rip
R1(config-router)#passive-interface ethernet0
Ethernet0 will no longer send RIP routing updates, but will accept them.
The passive interface concept is clear enough with RIP, IGRP, and EIGRP – all protocols that send routing update packets. But OSPF doesn’t send routing update packets – OSPF sends link state advertisements. It’s the inability of the passive interface command to stop LSAs that lead many to think that passive interfaces cannot be used with OSPF.
Even though OSPF does not sent "routing updates" in the form that RIP, IGRP, and EIGRP do, you can still configure an OSPF-enabled interface as passive in order to prevent OSPF traffic from exiting or entering that interface. No OSPF adjacency can be formed if one of the interfaces involved is a passive interface, and if you configure an OSPF-enabled interface as passive where an adjacency already exists, the adjacency will drop almost immediately.
Let's see that in action. R1 and R2 have an existing OSPF adjacency over their Ethernet interfaces. In an effort to reduce routing traffic, R1's e0 interface is configured as passive. The adjacency drops right away.
R1(config)#router ospf 1
R1(config-router)#passive-interface ethernet0
18:31:11: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0 from FULL to DOWN, Neighbor Down: Interface down or detached
Knowing how to use the passive interface command is a vital part of being a CCNP, and of being a master networker. Good luck to you in both of these pursuits!
Configuring an interface as passive will still allow the interface to receive routing updates, but the interface will no longer transmit them. While the command itself would make you think this command will be applied at the interface level, that is not the case. Below, we’ll configure ethernet0 as a RIP passive interface.
R1(config)#router rip
R1(config-router)#passive-interface ethernet0
Ethernet0 will no longer send RIP routing updates, but will accept them.
The passive interface concept is clear enough with RIP, IGRP, and EIGRP – all protocols that send routing update packets. But OSPF doesn’t send routing update packets – OSPF sends link state advertisements. It’s the inability of the passive interface command to stop LSAs that lead many to think that passive interfaces cannot be used with OSPF.
Even though OSPF does not sent "routing updates" in the form that RIP, IGRP, and EIGRP do, you can still configure an OSPF-enabled interface as passive in order to prevent OSPF traffic from exiting or entering that interface. No OSPF adjacency can be formed if one of the interfaces involved is a passive interface, and if you configure an OSPF-enabled interface as passive where an adjacency already exists, the adjacency will drop almost immediately.
Let's see that in action. R1 and R2 have an existing OSPF adjacency over their Ethernet interfaces. In an effort to reduce routing traffic, R1's e0 interface is configured as passive. The adjacency drops right away.
R1(config)#router ospf 1
R1(config-router)#passive-interface ethernet0
18:31:11: %OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Ethernet0 from FULL to DOWN, Neighbor Down: Interface down or detached
Knowing how to use the passive interface command is a vital part of being a CCNP, and of being a master networker. Good luck to you in both of these pursuits!
Cisco CCNP / BSCI Exam Tutorial: RIP Update Packet Authentication
When you earned your CCNA, you thought you learned everything there is to know about RIP. Close, but not quite! There are some additional details you need to know to pass the BSCI exam and get one step closer to the CCNP exam, and one of those involves RIP update packet authentication.
You're familiar with some advantages of using RIPv2 over RIPv1, support for VLSM chief among them. But one advantage that you're not introduced to in your CCNA studies is the ability to configure routing update packet authentication.
You have two options, clear text and MD5. Clear text is just that - a clear text password that is visible by anyone who can pick a packet off the wire. If you're going to go to the trouble of configuring update authentication, you should use MD5. The MD stands for "Message Digest", and this is the algorithm that produces the hash value for the password that will be contained in the update packets.
Not only must the routers agree on the password, they must agree on the authentication method. If one router sends an MD5-hashed password to another router that is configured for clear-text authentication, the update will not be accepted. debug ip rip is a great command for troubleshooting authenticated updates.
R1, R2, and R3 are running RIP over a frame relay cloud. Here is how RIP authentication would be configured on these three routers.
R1#conf t
R1(config)#key chain RIP
< The key chain can have any name. >
R1(config-keychain)#key 1
< Key chains can have multiple keys. Number them carefully when using multiples. >
R1(config-keychain-key)#key-string CISCO
< This is the text string the key will use for authentication. >
R1(config)#int s0
R1(config-if)#ip rip authentication mode text
< The interface will use clear-text mode. >
R1(config-if)#ip rip authentication key-chain RIP
< The interface is using key chain RIP, configured earlier. >
R2#conf t
R2(config)#key chain RIP
R2(config-keychain)#key 1
R2(config-keychain-key)#key-string CISCO
R2(config)#int s0.123
R2(config-subif)#ip rip authentication mode text
R2(config-subif)#ip rip authentication key-chain RIP
R3#conf t
R3(config)#key chain RIP
R3(config-keychain)#key 1
R3(config-keychain-key)#key-string CISCO
R3(config)#int s0.31
R3(config-subif)#ip rip authentication mode text
R3(config-subif)#ip rip authentication key-chain RIP
To use MD5 authentication rather than clear-text, simply replace the word "text" in the ip rip authentication mode command with md5.
Here's what a successfully authentication RIPv2 packet looks like, courtesy of debug ip rip. Clear-text authentication is in effect and the password is "cisco".
3d04h: RIP: received packet with text authentication cisco
3d04h: RIP: received v2 update from 150.1.1.3 on Ethernet0
3d04h: 100.0.0.0/8 via 0.0.0.0 in 1 hops
3d04h: 150.1.2.0/24 via 0.0.0.0 in 1 hops
Here's what it looks like when the remote device is set for MD5 authentication and the local router is set for clear-text. You'll also see this message if the password itself is incorrect.
3d04h: RIP: ignored v2 packet from 150.1.1.3 (invalid authentication)
"Debug ip rip" may be a simple command as compared to the debugs for other protocols. but it's also a very powerful debug. Start using debugs as early as possible in your Cisco studies to learn how router commands really work!
You're familiar with some advantages of using RIPv2 over RIPv1, support for VLSM chief among them. But one advantage that you're not introduced to in your CCNA studies is the ability to configure routing update packet authentication.
You have two options, clear text and MD5. Clear text is just that - a clear text password that is visible by anyone who can pick a packet off the wire. If you're going to go to the trouble of configuring update authentication, you should use MD5. The MD stands for "Message Digest", and this is the algorithm that produces the hash value for the password that will be contained in the update packets.
Not only must the routers agree on the password, they must agree on the authentication method. If one router sends an MD5-hashed password to another router that is configured for clear-text authentication, the update will not be accepted. debug ip rip is a great command for troubleshooting authenticated updates.
R1, R2, and R3 are running RIP over a frame relay cloud. Here is how RIP authentication would be configured on these three routers.
R1#conf t
R1(config)#key chain RIP
< The key chain can have any name. >
R1(config-keychain)#key 1
< Key chains can have multiple keys. Number them carefully when using multiples. >
R1(config-keychain-key)#key-string CISCO
< This is the text string the key will use for authentication. >
R1(config)#int s0
R1(config-if)#ip rip authentication mode text
< The interface will use clear-text mode. >
R1(config-if)#ip rip authentication key-chain RIP
< The interface is using key chain RIP, configured earlier. >
R2#conf t
R2(config)#key chain RIP
R2(config-keychain)#key 1
R2(config-keychain-key)#key-string CISCO
R2(config)#int s0.123
R2(config-subif)#ip rip authentication mode text
R2(config-subif)#ip rip authentication key-chain RIP
R3#conf t
R3(config)#key chain RIP
R3(config-keychain)#key 1
R3(config-keychain-key)#key-string CISCO
R3(config)#int s0.31
R3(config-subif)#ip rip authentication mode text
R3(config-subif)#ip rip authentication key-chain RIP
To use MD5 authentication rather than clear-text, simply replace the word "text" in the ip rip authentication mode command with md5.
Here's what a successfully authentication RIPv2 packet looks like, courtesy of debug ip rip. Clear-text authentication is in effect and the password is "cisco".
3d04h: RIP: received packet with text authentication cisco
3d04h: RIP: received v2 update from 150.1.1.3 on Ethernet0
3d04h: 100.0.0.0/8 via 0.0.0.0 in 1 hops
3d04h: 150.1.2.0/24 via 0.0.0.0 in 1 hops
Here's what it looks like when the remote device is set for MD5 authentication and the local router is set for clear-text. You'll also see this message if the password itself is incorrect.
3d04h: RIP: ignored v2 packet from 150.1.1.3 (invalid authentication)
"Debug ip rip" may be a simple command as compared to the debugs for other protocols. but it's also a very powerful debug. Start using debugs as early as possible in your Cisco studies to learn how router commands really work!
Cisco CCNP / BSCI Certification: Route Redistribution And The Seed Metric
In the first part of this free CCNP / BSCI tutorial, we looked at how leaving one simple word out of our route redistribution configuration - "subnets" - resulted in an incomplete routing table when redistributing routes from RIP to OSPF. (If you missed that part of the tutorial, visit my website's "Free Tutorials" section.) Today, we'll look at redistributing OSPF routes into RIP and identify another common redistribution error.
We are using a three-router network. R5 is running RIP, R1 is serving as a hub between R5 and R3 and is running RIP and OSPF, and R3 is running OSPF.
To begin this lab, we'll add three loopbacks to R3 and advertise them to R1 via OSPF.
R3(config)#int loopback33
R3(config-if)#ip address 33.3.3.3 255.255.255.255
R3(config-if)#int loopback34
R3(config-if)#ip address 34.3.3.3 255.255.255.255
R3(config-if)#int loopback35
R3(config-if)#ip address 35.3.3.3 255.255.255.255
R3(config-if)#router ospf 1
R3(config-router)#network 33.3.3.3 0.0.0.0 area 1
R3(config-router)#network 34.3.3.3 0.0.0.0 area 1
R3(config-router)#network 35.3.3.3 0.0.0.0 area 1
R1 sees all three of these routes in its routing table.
R1#show ip route ospf
34.0.0.0/32 is subnetted, 1 subnets
O IA 34.3.3.3 [110/65] via 172.12.123.3, 00:00:55, Serial0
35.0.0.0/32 is subnetted, 1 subnets
O IA 35.3.3.3 [110/65] via 172.12.123.3, 00:00:45, Serial0
33.0.0.0/32 is subnetted, 1 subnets
O IA 33.3.3.3 [110/65] via 172.12.123.3, 00:00:55, Serial0
We'll now redistribute these routes into RIP on R1. Remember the "subnets" option we talked about in the first part of this tutorial? There is no such option when redistributing OSPF routes into RIP, as IOS Help shows us.
R1(config)#router rip
R1(config-router)#redistribute ospf 1 ?
match Redistribution of OSPF routes
metric Metric for redistributed routes
route-map Route map reference
vrf VPN Routing/Forwarding Instance
R1(config-router)#redistribute ospf 1
The routes have been redistributed into RIP with the redistribute ospf 1 command. (The "1" is the OSPF process number.) Let's look at R5 and see the results.
R5#show ip route rip
R5#
The routes aren't there, but we didn't get a warning from the router that we needed to do anything else. What is the problem?
The problem is that RIP requires a seed metric to be specified when redistributing routes into that protocol. A seed metric is a "starter metric" that gives the RIP process a metric it can work with. The OSPF metric of cost is incomprehensible to RIP, since RIP's sole metric is hop count. We've got to give RIP a metric it understands when redistributing routes into that protocol, so let's go back to R1 and do so.
R1(config)#router rip
R1(config-router)#no redistribute ospf 1
R1(config-router)#redistribute ospf 1 metric 2
R5 now sees the routes. Note that the metric contained in the brackets is the seed metric.
R5#show ip route rip
34.0.0.0/32 is subnetted, 1 subnets
R 34.3.3.3 [120/2] via 100.1.1.1, 00:00:24, Ethernet0
35.0.0.0/32 is subnetted, 1 subnets
R 35.3.3.3 [120/2] via 100.1.1.1, 00:00:24, Ethernet0
33.0.0.0/32 is subnetted, 1 subnets
R 33.3.3.3 [120/2] via 100.1.1.1, 00:00:24, Ethernet0
If you read the previous tutorial, you may have noticed that we did not specify a seed metric for OSPF. OSPF does not require a seed metric to be set during redistribution. You also noticed that the router did tell us that there might be a problem when we left the "subnets" option out of RIP>OSPF redistribution, but the router didn't tell us anything about a seed metric when we performed OSPF>RIP redistribution. This is a detail you must know by heart in order to make your route redistribution successful!
We are using a three-router network. R5 is running RIP, R1 is serving as a hub between R5 and R3 and is running RIP and OSPF, and R3 is running OSPF.
To begin this lab, we'll add three loopbacks to R3 and advertise them to R1 via OSPF.
R3(config)#int loopback33
R3(config-if)#ip address 33.3.3.3 255.255.255.255
R3(config-if)#int loopback34
R3(config-if)#ip address 34.3.3.3 255.255.255.255
R3(config-if)#int loopback35
R3(config-if)#ip address 35.3.3.3 255.255.255.255
R3(config-if)#router ospf 1
R3(config-router)#network 33.3.3.3 0.0.0.0 area 1
R3(config-router)#network 34.3.3.3 0.0.0.0 area 1
R3(config-router)#network 35.3.3.3 0.0.0.0 area 1
R1 sees all three of these routes in its routing table.
R1#show ip route ospf
34.0.0.0/32 is subnetted, 1 subnets
O IA 34.3.3.3 [110/65] via 172.12.123.3, 00:00:55, Serial0
35.0.0.0/32 is subnetted, 1 subnets
O IA 35.3.3.3 [110/65] via 172.12.123.3, 00:00:45, Serial0
33.0.0.0/32 is subnetted, 1 subnets
O IA 33.3.3.3 [110/65] via 172.12.123.3, 00:00:55, Serial0
We'll now redistribute these routes into RIP on R1. Remember the "subnets" option we talked about in the first part of this tutorial? There is no such option when redistributing OSPF routes into RIP, as IOS Help shows us.
R1(config)#router rip
R1(config-router)#redistribute ospf 1 ?
match Redistribution of OSPF routes
metric Metric for redistributed routes
route-map Route map reference
vrf VPN Routing/Forwarding Instance
R1(config-router)#redistribute ospf 1
The routes have been redistributed into RIP with the redistribute ospf 1 command. (The "1" is the OSPF process number.) Let's look at R5 and see the results.
R5#show ip route rip
R5#
The routes aren't there, but we didn't get a warning from the router that we needed to do anything else. What is the problem?
The problem is that RIP requires a seed metric to be specified when redistributing routes into that protocol. A seed metric is a "starter metric" that gives the RIP process a metric it can work with. The OSPF metric of cost is incomprehensible to RIP, since RIP's sole metric is hop count. We've got to give RIP a metric it understands when redistributing routes into that protocol, so let's go back to R1 and do so.
R1(config)#router rip
R1(config-router)#no redistribute ospf 1
R1(config-router)#redistribute ospf 1 metric 2
R5 now sees the routes. Note that the metric contained in the brackets is the seed metric.
R5#show ip route rip
34.0.0.0/32 is subnetted, 1 subnets
R 34.3.3.3 [120/2] via 100.1.1.1, 00:00:24, Ethernet0
35.0.0.0/32 is subnetted, 1 subnets
R 35.3.3.3 [120/2] via 100.1.1.1, 00:00:24, Ethernet0
33.0.0.0/32 is subnetted, 1 subnets
R 33.3.3.3 [120/2] via 100.1.1.1, 00:00:24, Ethernet0
If you read the previous tutorial, you may have noticed that we did not specify a seed metric for OSPF. OSPF does not require a seed metric to be set during redistribution. You also noticed that the router did tell us that there might be a problem when we left the "subnets" option out of RIP>OSPF redistribution, but the router didn't tell us anything about a seed metric when we performed OSPF>RIP redistribution. This is a detail you must know by heart in order to make your route redistribution successful!
Cisco CCNP / BSCI Certification: Troubleshooting Route Redistribution, Part I
If there's one CCNP / BSCI topic that looks so easy but can lead to a real headache, it's route redistribution. I'm not even talking about the routing loops and suboptimal routing that can result when route redistribution is done without proper planning - I'm talking about the basic commands themselves. Leaving out one single command option, or forgetting what else needs to be redistributed when redistributing dynamically discovered routes, can leave you with a routing table that looks complete but does not result in full IP connectivity.
In this free CCNP / BSCI tutorial series, we'll take a look at three common errors in route redistribution configurations, and how to fix them. We'll use three routers, R1, R3, and R5. R1 and R5 are in a RIPv2 domain and R1 and R3 are in an OSPF domain. R1 will be performing two-way route redistribution.
R5 is advertising its loopback, 5.5.5.5/24, into the RIPv2 domain. R1 sees this route in its RIP routing table:
R1#show ip route rip
5.0.0.0/24 is subnetted, 1 subnets
R 5.5.5.0 [120/1] via 100.1.1.5, 00:00:01, Ethernet0
For R3 to see this route, route redistribution must be configured on R1. We'll use the redistribute rip command to do so.
R1(config)#router ospf 1
R1(config-router)#redistribute rip
% Only classful networks will be redistributed
The router immediately gives us a message that "only classful networks will be redistributed". What does this mean? Let's go to R3 and see if that router is receiving this route.
R3#show ip route ospf
< no output >
When we get no result from a show command, that means there's nothing to show. The only routes that will be successfully redistributed with the current configuration on R1 are classful networks, and 5.5.5.0/24 is a subnet.
To further illustrate the point, a classful network has been added to R5. This network is 16.0.0.0 /8, and is now being advertised by RIP. R1 sees this network as classful...
R1#show ip route rip
R 16.0.0.0/8 [120/1] via 100.1.1.5, 00:00:00, Ethernet0
5.0.0.0/24 is subnetted, 1 subnets
R 5.5.5.0 [120/1] via 100.1.1.5, 00:00:00, Ethernet0
... and R3 is receiving the route through redistribution.
R3#show ip route ospf
O E2 16.0.0.0/8 [110/20] via 172.12.123.1, 00:00:08, Serial0.31
To redistribute both classful and classless networks, the option "subnets" must be added to the redistribute command on R1.
R1(config)#router ospf 1
R1(config-router)#no redistribute rip
R1(config-router)#redistribute rip subnets
R3 will now see both the classful and classless networks being redistributed into OSPF. (100.1.1.0 is the network connecting R1 and R5.)
R3#show ip route ospf
O E2 16.0.0.0/8 [110/20] via 172.12.123.1, 00:00:20, Serial0.31
100.0.0.0/24 is subnetted, 1 subnets
O E2 100.1.1.0 [110/20] via 172.12.123.1, 00:00:20, Serial0.31
5.0.0.0/24 is subnetted, 1 subnets
O E2 5.5.5.0 [110/20] via 172.12.123.1, 00:00:20, Serial0.31
This is one of the most common errors made during route redistribution, but now you know what to look out for! In the next part of this free CCNP / BSCI tutorial, we'll take a look at another such error.
In this free CCNP / BSCI tutorial series, we'll take a look at three common errors in route redistribution configurations, and how to fix them. We'll use three routers, R1, R3, and R5. R1 and R5 are in a RIPv2 domain and R1 and R3 are in an OSPF domain. R1 will be performing two-way route redistribution.
R5 is advertising its loopback, 5.5.5.5/24, into the RIPv2 domain. R1 sees this route in its RIP routing table:
R1#show ip route rip
5.0.0.0/24 is subnetted, 1 subnets
R 5.5.5.0 [120/1] via 100.1.1.5, 00:00:01, Ethernet0
For R3 to see this route, route redistribution must be configured on R1. We'll use the redistribute rip command to do so.
R1(config)#router ospf 1
R1(config-router)#redistribute rip
% Only classful networks will be redistributed
The router immediately gives us a message that "only classful networks will be redistributed". What does this mean? Let's go to R3 and see if that router is receiving this route.
R3#show ip route ospf
< no output >
When we get no result from a show command, that means there's nothing to show. The only routes that will be successfully redistributed with the current configuration on R1 are classful networks, and 5.5.5.0/24 is a subnet.
To further illustrate the point, a classful network has been added to R5. This network is 16.0.0.0 /8, and is now being advertised by RIP. R1 sees this network as classful...
R1#show ip route rip
R 16.0.0.0/8 [120/1] via 100.1.1.5, 00:00:00, Ethernet0
5.0.0.0/24 is subnetted, 1 subnets
R 5.5.5.0 [120/1] via 100.1.1.5, 00:00:00, Ethernet0
... and R3 is receiving the route through redistribution.
R3#show ip route ospf
O E2 16.0.0.0/8 [110/20] via 172.12.123.1, 00:00:08, Serial0.31
To redistribute both classful and classless networks, the option "subnets" must be added to the redistribute command on R1.
R1(config)#router ospf 1
R1(config-router)#no redistribute rip
R1(config-router)#redistribute rip subnets
R3 will now see both the classful and classless networks being redistributed into OSPF. (100.1.1.0 is the network connecting R1 and R5.)
R3#show ip route ospf
O E2 16.0.0.0/8 [110/20] via 172.12.123.1, 00:00:20, Serial0.31
100.0.0.0/24 is subnetted, 1 subnets
O E2 100.1.1.0 [110/20] via 172.12.123.1, 00:00:20, Serial0.31
5.0.0.0/24 is subnetted, 1 subnets
O E2 5.5.5.0 [110/20] via 172.12.123.1, 00:00:20, Serial0.31
This is one of the most common errors made during route redistribution, but now you know what to look out for! In the next part of this free CCNP / BSCI tutorial, we'll take a look at another such error.
Cisco CCNA Exam Tutorial: Split Horizon And Hub-And-Spoke Networks
For CCNA exam success, you had better know what split horizon is, how to turn it off, and when to turn it off. Knowing when to turn split horizon off is also important in production networks, because it can cause a hub-and-spoke network to have incomplete routing tables on the spokes.
Split horizon exists for a very good reason - routing loop prevention. The rule of split horizon states that a router cannot send an advertisement for a route out the same interface that it came in on. Split horizon is on by default on all interfaces running RIP, IGRP, and EIGRP.
In this CCNA tutorial, R1 will serve, as the hub and R2 and R3 will be the spokes. We'll first configure EIGRP over the 172.16.123.0 /24 network, the network connecting the three routers.
R1#conf t
R1(config)#router eigrp 100
R1(config-router)#no auto-summary
R1(config-router)#network 172.12.123.0 0.0.0.255
R2#conf t
R2(config)#router eigrp 100
R2(config-router)#no auto-summary
R2(config-router)#network 172.12.123.0 0.0.0.255
R3#conf t
R3(config)#router eigrp 100
R3(config-router)#no auto-summary
R3(config-router)#network 172.12.123.0 0.0.0.255
Running show ip eigrp neighbor on R1 shows that adjacencies to R2 and R3 are up.
R1#show ip eigrp neighbor
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq Type
(sec) (ms) Cnt Num
1 172.12.123.3 Se0/0 11 00:02:45 1 5000 0 1
0 172.12.123.2 Se0/0 161 00:03:01 1 5000 0 1
Each router will now advertise its loopback address via EIGRP.
R1#conf t
R1(config)#router eigrp 100
R1(config-router)#network 1.1.1.0 0.0.0.255
R2#conf t
R2(config)#router eigrp 100
R2(config-router)#network 2.2.2.0 0.0.0.255
R3#conf t
R3(config)#router eigrp 100
R3(config-router)#network 3.3.3.0 0.0.0.255
Running show ip eigrp route on each router shows that R1 has a route for both R2’s and R3’s loopback. R2 and R3 will only see R1’s loopback address, and not each other’s. Why?
R1#show ip route eigrp
2.0.0.0/24 is subnetted, 1 subnets
D 2.2.2.0 [90/2297856] via 172.12.123.2, 00:03:19, Serial0/0
3.0.0.0/24 is subnetted, 1 subnets
D 3.3.3.0 [90/2297856] via 172.12.123.3, 00:03:04, Serial0/0
R2#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:03:40, Serial0/0.123
R3#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:05:17, Serial0/0.31
EIGRP uses Split Horizon by default to prevent routing loops. In this lab, though, it prevents full network reachability. R2 and R3 both form neighbor relationships with R1’s Serial physical interface. R2 advertises its loopback address to R1’s Serial interface, as does R3. Split Horizon does not allow a route to be advertised back out the same interface it was received on. This prevents R1 from advertising R2’s loopback to R3, or R3’s loopback to R2.
Split Horizon must be disabled to allow full network reachability in this lab. To do so, run no ip split-horizon eigrp 100 on R1’s Serial interface. When Split Horizon is disabled, that will cause the neighbor
relationships to fail, and then reestablish. Run show ip route eigrp 100 on both R2 and R3. The appropriate route to the remote loopback address will now appear.
R1#conf t
R1(config)#int serial0
R1(config-if)#no ip split-horizon eigrp 100
10:02:23: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.2 (Serial0/0) down: split horizon changed
10:02:23: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.3 (Serial0/0) down: split horizon changed
10:02:27: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.3 (Serial0/0) ip: new adjacency
10:02:54: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.2 (Serial0/0) ip: new adjacency
R2#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:00:06, Serial0/0.123
3.0.0.0/24 is subnetted, 1 subnets
D 3.3.3.0 [90/2809856] via 172.12.123.1, 00:00:06, Serial0/0.123
R3#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:00:12, Serial0/0.31
2.0.0.0/24 is subnetted, 1 subnets
D 2.2.2.0 [90/2809856] via 172.12.123.1, 00:00:12, Serial0/0.31
Disabling split horizon should be done with care, but knowing when and where to do so shows that you truly understand how this technology works - and that's a big step on the way to earning your CCNA!
Split horizon exists for a very good reason - routing loop prevention. The rule of split horizon states that a router cannot send an advertisement for a route out the same interface that it came in on. Split horizon is on by default on all interfaces running RIP, IGRP, and EIGRP.
In this CCNA tutorial, R1 will serve, as the hub and R2 and R3 will be the spokes. We'll first configure EIGRP over the 172.16.123.0 /24 network, the network connecting the three routers.
R1#conf t
R1(config)#router eigrp 100
R1(config-router)#no auto-summary
R1(config-router)#network 172.12.123.0 0.0.0.255
R2#conf t
R2(config)#router eigrp 100
R2(config-router)#no auto-summary
R2(config-router)#network 172.12.123.0 0.0.0.255
R3#conf t
R3(config)#router eigrp 100
R3(config-router)#no auto-summary
R3(config-router)#network 172.12.123.0 0.0.0.255
Running show ip eigrp neighbor on R1 shows that adjacencies to R2 and R3 are up.
R1#show ip eigrp neighbor
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq Type
(sec) (ms) Cnt Num
1 172.12.123.3 Se0/0 11 00:02:45 1 5000 0 1
0 172.12.123.2 Se0/0 161 00:03:01 1 5000 0 1
Each router will now advertise its loopback address via EIGRP.
R1#conf t
R1(config)#router eigrp 100
R1(config-router)#network 1.1.1.0 0.0.0.255
R2#conf t
R2(config)#router eigrp 100
R2(config-router)#network 2.2.2.0 0.0.0.255
R3#conf t
R3(config)#router eigrp 100
R3(config-router)#network 3.3.3.0 0.0.0.255
Running show ip eigrp route on each router shows that R1 has a route for both R2’s and R3’s loopback. R2 and R3 will only see R1’s loopback address, and not each other’s. Why?
R1#show ip route eigrp
2.0.0.0/24 is subnetted, 1 subnets
D 2.2.2.0 [90/2297856] via 172.12.123.2, 00:03:19, Serial0/0
3.0.0.0/24 is subnetted, 1 subnets
D 3.3.3.0 [90/2297856] via 172.12.123.3, 00:03:04, Serial0/0
R2#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:03:40, Serial0/0.123
R3#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:05:17, Serial0/0.31
EIGRP uses Split Horizon by default to prevent routing loops. In this lab, though, it prevents full network reachability. R2 and R3 both form neighbor relationships with R1’s Serial physical interface. R2 advertises its loopback address to R1’s Serial interface, as does R3. Split Horizon does not allow a route to be advertised back out the same interface it was received on. This prevents R1 from advertising R2’s loopback to R3, or R3’s loopback to R2.
Split Horizon must be disabled to allow full network reachability in this lab. To do so, run no ip split-horizon eigrp 100 on R1’s Serial interface. When Split Horizon is disabled, that will cause the neighbor
relationships to fail, and then reestablish. Run show ip route eigrp 100 on both R2 and R3. The appropriate route to the remote loopback address will now appear.
R1#conf t
R1(config)#int serial0
R1(config-if)#no ip split-horizon eigrp 100
10:02:23: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.2 (Serial0/0) down: split horizon changed
10:02:23: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.3 (Serial0/0) down: split horizon changed
10:02:27: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.3 (Serial0/0) ip: new adjacency
10:02:54: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.123.2 (Serial0/0) ip: new adjacency
R2#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:00:06, Serial0/0.123
3.0.0.0/24 is subnetted, 1 subnets
D 3.3.3.0 [90/2809856] via 172.12.123.1, 00:00:06, Serial0/0.123
R3#show ip route eigrp
1.0.0.0/24 is subnetted, 1 subnets
D 1.1.1.0 [90/2297856] via 172.12.123.1, 00:00:12, Serial0/0.31
2.0.0.0/24 is subnetted, 1 subnets
D 2.2.2.0 [90/2809856] via 172.12.123.1, 00:00:12, Serial0/0.31
Disabling split horizon should be done with care, but knowing when and where to do so shows that you truly understand how this technology works - and that's a big step on the way to earning your CCNA!
Cisco CCNA Exam Tutorial: Route Summarization
Preparing to pass the CCNA exam and earn this important Cisco certification? Route summarization is just one of the many skills you'll have to master in order to earn your CCNA. Whether it's RIP version 2, OSPF, or EIGRP, the CCNA exam will demand that you can flawlessly configure route summarization.
Route summarization isn't just important for the CCNA exam. It's a valuable skill to have in the real world as well. Correctly summarizing routes can lead to smaller routing tables that are still able to route packets accurately - what I like to call "concise and complete" routing tables.
The first skill you've got to have in order to work with route summarization is binary math; more specifically, you must be able to take multiple routes and come up with both a summary route and mask to advertise to downstream routers. Given the networks 100.16.0.0 /16, 100.17.0.0 /16, 100.18.0.0 /16, and 100.19.0.0 /16, could you quickly come up with both the summary address and mask? All you need to do is break the four network numbers down into binary strings. We know the last two octets will all convert to the binary string 00000000, so in this article we'll only illustrate how to convert the first and second octet from decimal to binary.
100 16 = 01100100 00010000
100 17 = 01100100 00010001
100 18 = 01100100 00010010
100 19 = 01100100 00010011
To come up with the summary route, just work from left to right and draw a line where the four networks no longer have a bit in common. For these four networks, that point comes between the 14th and 15th bits. This leaves us with this string: 01100100 000100xx. All you need to do is convert that string back to decimal, which gives us 100 for the first octet and 16 for the second. (The two x values are bits on the right side of the line, which aren't used in calculating the summary route.) Since we know that zero is the value for the last two octets, the resulting summary network number is 100.16.0.0.
But we're not done! We now have to come up with the summary mask to advertise along with the summary route. To arrive at the summary route, write out a mask in binary with a "1" for every bit to the left of the line we drew previously, and a "0" for every bit to the right. That gives us the following string:
11111111 11111100 00000000 00000000
Converting that to dotted decimal, we arrive at the summary mask 255.252.0.0. The correct summary network and mask to advertise are 100.16.0.0 252.0.0.0.
For the CCNA exam, emphasis is put on knowing how to advertise these summary routes in RIPv2 and EIGRP. For both of these protocols, route summarization happens at the interface level - it's not configured under the protocol. On the interface that should advertise the summary route, use the command "ip summary-address". Here are examples of how the above summary route would be configured on ethernet0 in both RIPv2 and EIGRP.
R1(config-if)#ip summary-address rip 100.16.0.0 255.252.0.0
R1(config-if)#ip summary-address eigrp 100 100.16.0.0 255.252.0.0
The main difference between the two is that the EIGRP command must specify the AS number - that's what the "100" is in the middle of the EIGRP command. Since RIPv2 does not use AS numbers, there's no additional value needed in the configuration.
For OSPF, the commands differ. If you're configuring inter-area route summarization, use the "area range" command; if you are summarizing routes that are being redistributed into OSPF, use the summary-address command under the OSPF routing process on the ASBR. Neither of these are interface-level commands.
I speak from experience when I tell you that practice makes perfect on the CCNA exam, especially with binary and summarization questions. The great thing about these questions is that there are no grey areas with these questions - you either know how to do it or you don't. And with practice and an eye for detail, you can master these skills, pass the exam, and become a CCNA. Here's to your success!
Route summarization isn't just important for the CCNA exam. It's a valuable skill to have in the real world as well. Correctly summarizing routes can lead to smaller routing tables that are still able to route packets accurately - what I like to call "concise and complete" routing tables.
The first skill you've got to have in order to work with route summarization is binary math; more specifically, you must be able to take multiple routes and come up with both a summary route and mask to advertise to downstream routers. Given the networks 100.16.0.0 /16, 100.17.0.0 /16, 100.18.0.0 /16, and 100.19.0.0 /16, could you quickly come up with both the summary address and mask? All you need to do is break the four network numbers down into binary strings. We know the last two octets will all convert to the binary string 00000000, so in this article we'll only illustrate how to convert the first and second octet from decimal to binary.
100 16 = 01100100 00010000
100 17 = 01100100 00010001
100 18 = 01100100 00010010
100 19 = 01100100 00010011
To come up with the summary route, just work from left to right and draw a line where the four networks no longer have a bit in common. For these four networks, that point comes between the 14th and 15th bits. This leaves us with this string: 01100100 000100xx. All you need to do is convert that string back to decimal, which gives us 100 for the first octet and 16 for the second. (The two x values are bits on the right side of the line, which aren't used in calculating the summary route.) Since we know that zero is the value for the last two octets, the resulting summary network number is 100.16.0.0.
But we're not done! We now have to come up with the summary mask to advertise along with the summary route. To arrive at the summary route, write out a mask in binary with a "1" for every bit to the left of the line we drew previously, and a "0" for every bit to the right. That gives us the following string:
11111111 11111100 00000000 00000000
Converting that to dotted decimal, we arrive at the summary mask 255.252.0.0. The correct summary network and mask to advertise are 100.16.0.0 252.0.0.0.
For the CCNA exam, emphasis is put on knowing how to advertise these summary routes in RIPv2 and EIGRP. For both of these protocols, route summarization happens at the interface level - it's not configured under the protocol. On the interface that should advertise the summary route, use the command "ip summary-address". Here are examples of how the above summary route would be configured on ethernet0 in both RIPv2 and EIGRP.
R1(config-if)#ip summary-address rip 100.16.0.0 255.252.0.0
R1(config-if)#ip summary-address eigrp 100 100.16.0.0 255.252.0.0
The main difference between the two is that the EIGRP command must specify the AS number - that's what the "100" is in the middle of the EIGRP command. Since RIPv2 does not use AS numbers, there's no additional value needed in the configuration.
For OSPF, the commands differ. If you're configuring inter-area route summarization, use the "area range" command; if you are summarizing routes that are being redistributed into OSPF, use the summary-address command under the OSPF routing process on the ASBR. Neither of these are interface-level commands.
I speak from experience when I tell you that practice makes perfect on the CCNA exam, especially with binary and summarization questions. The great thing about these questions is that there are no grey areas with these questions - you either know how to do it or you don't. And with practice and an eye for detail, you can master these skills, pass the exam, and become a CCNA. Here's to your success!
Wednesday, December 24, 2008
Cisco CCNA Certification Exam Tutorial: RIP Details You Must Know
RIP isn't exactly the most complex routing protocol on the CCNA exam, but that makes it easy to overlook some of the important details you must keep in mind in order to pass the exam! To help you review for the exam, here are just a few of those details!
RIP’s default behavior is to send version 1 updates, but to accept both version 1 and 2 routing updates.
R2(config)#router rip
R2(config-router)#net 172.16.0.0
R2(config-router)#^Z
R2#show ip protocols
Routing Protocol is "rip"
Sending updates every 30 seconds, next due in 6 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Outgoing update filter list for all interfaces is
Incoming update filter list for all interfaces is
Redistributing: rip
Default version control: send version 1, receive any version
Interface Send Recv Key-chain
Serial0 1 1 2
By default, RIP v2 autosummarizes routing updates sent across classful network boundaries. To disable this behavior, run no auto-summary under the RIP process.
R1#conf t
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#no auto-summary
You do not specify a subnet mask or wildcard mask when configuring RIP – just the classful network, even if you’re running RIP v2.
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#no auto-summary
R1(config-router)#network 172.10.0.0 ?
Debug ip rip displays the routing updates and metrics as the advertisements are sent and requested. To see this in action without waiting for the next regularly scheduled update, run clear ip route *.
R1#debug ip rip
RIP protocol debugging is on
R1#clear ip route *
01:16:54: RIP: sending v1 update to 255.255.255.255 via Loopback1 (1.1.1.1)
01:16:54: network 2.0.0.0, metric 2
01:16:54: network 3.0.0.0, metric 2
01:16:54: network 172.16.0.0, metric 1
01:16:54: network 10.0.0.0, metric 2
01:16:54: RIP: sending v1 update to 255.255.255.255 via Serial0 (172.16.123.1)
01:16:54: subnet 172.16.123.0, metric 1
01:16:54: network 1.0.0.0, metric 1
01:16:54: network 2.0.0.0, metric 2
01:16:54: network 3.0.0.0, metric 2
01:16:54: network 10.0.0.0, metric 2
To see only the routes discovered by a routing protocol, run show ip route followed by the name of the protocol:
R1#show ip route rip
R 2.0.0.0/8 [120/1] via 172.16.123.2, 00:00:26, Serial0
R 3.0.0.0/8 [120/1] via 172.16.13.2, 00:00:09, Serial1
[120/1] via 172.16.123.3, 00:00:09, Serial0
R 10.0.0.0/8 [120/1] via 172.16.13.2, 00:00:09, Serial1
[120/1] via 172.16.123.3, 00:00:09, Serial0
[120/1] via 172.16.123.2, 00:00:26, Serial0
And don't forget - to turn off all currently running debugs, run undebug all.
R1#undebug all
All possible debugging has been turned off
Don't overlook RIP and IGRP when it comes to the CCNA exam. OSPF and EIGRP are more complex to configure, but you need to understand how distance vector protocols work in order to pass the CCNA!
RIP’s default behavior is to send version 1 updates, but to accept both version 1 and 2 routing updates.
R2(config)#router rip
R2(config-router)#net 172.16.0.0
R2(config-router)#^Z
R2#show ip protocols
Routing Protocol is "rip"
Sending updates every 30 seconds, next due in 6 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Outgoing update filter list for all interfaces is
Incoming update filter list for all interfaces is
Redistributing: rip
Default version control: send version 1, receive any version
Interface Send Recv Key-chain
Serial0 1 1 2
By default, RIP v2 autosummarizes routing updates sent across classful network boundaries. To disable this behavior, run no auto-summary under the RIP process.
R1#conf t
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#no auto-summary
You do not specify a subnet mask or wildcard mask when configuring RIP – just the classful network, even if you’re running RIP v2.
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#no auto-summary
R1(config-router)#network 172.10.0.0 ?
Debug ip rip displays the routing updates and metrics as the advertisements are sent and requested. To see this in action without waiting for the next regularly scheduled update, run clear ip route *.
R1#debug ip rip
RIP protocol debugging is on
R1#clear ip route *
01:16:54: RIP: sending v1 update to 255.255.255.255 via Loopback1 (1.1.1.1)
01:16:54: network 2.0.0.0, metric 2
01:16:54: network 3.0.0.0, metric 2
01:16:54: network 172.16.0.0, metric 1
01:16:54: network 10.0.0.0, metric 2
01:16:54: RIP: sending v1 update to 255.255.255.255 via Serial0 (172.16.123.1)
01:16:54: subnet 172.16.123.0, metric 1
01:16:54: network 1.0.0.0, metric 1
01:16:54: network 2.0.0.0, metric 2
01:16:54: network 3.0.0.0, metric 2
01:16:54: network 10.0.0.0, metric 2
To see only the routes discovered by a routing protocol, run show ip route followed by the name of the protocol:
R1#show ip route rip
R 2.0.0.0/8 [120/1] via 172.16.123.2, 00:00:26, Serial0
R 3.0.0.0/8 [120/1] via 172.16.13.2, 00:00:09, Serial1
[120/1] via 172.16.123.3, 00:00:09, Serial0
R 10.0.0.0/8 [120/1] via 172.16.13.2, 00:00:09, Serial1
[120/1] via 172.16.123.3, 00:00:09, Serial0
[120/1] via 172.16.123.2, 00:00:26, Serial0
And don't forget - to turn off all currently running debugs, run undebug all.
R1#undebug all
All possible debugging has been turned off
Don't overlook RIP and IGRP when it comes to the CCNA exam. OSPF and EIGRP are more complex to configure, but you need to understand how distance vector protocols work in order to pass the CCNA!
Cisco CCNA Certification: Broadcasts, Unicasts, And Multicasts
When you begin your CCNA studies, you get hit with a lot of different networking terms right away that you might not be familiar with. What makes it a little more confusing is that a lot of these terms sound a lot alike. Here, we're going to discuss the differences between broadcasts, multicasts, and unicasts at both the Data Link (Layer 2) and Network (Layer 3) layers of the OSI model.
A broadcast is simply a unit of information that every other device on the segment will receive. A broadcast is indicated by having every bit of the address set to its highest possible value. Since a hexadecimal bit's highest value is "f", a hexadecimal broadcast is ff-ff-ff-ff-ff-ff (or FF-FF-FF-FF-FF-FF, as the upper case does not affect hex value). The CCNA exam will demand you be very familiar with hex conversions, so if you're not comfortable with these conversions, get comfortable with them before taking the exam!
At layer 3, a broadcast is indicated by setting every bit in the 32-bit binary string to "1", making the dotted decimal value 255.255.255.255. Every host on a segment will receive such a broadcast. (Keep in mind that switches will forward a broadcast, but routers do not.) In contrast to a broadcast, a unicast is a packet or frame with only one destination.
There is a middle ground between broadcasts and unicasts, and that is a multicast. Where a broadcast will be received by all, and a unicast is received by only one host, a multicast will be received by multiple hosts, all belonging to a "multicast group". As you climb the Cisco certification pyramid, you'll be introduced to creating multicast groups and controlling multicast traffic, but for your CCNA studies you need only keep certain multicast groups in mind.
Class D addresses are reserved for multicasting this range is 224.0.0.0 - 239.255.255.255. The addresses 224.0.0.0 - 224.255.255.255 are reserved for use by network protocols on a local network segment, and like broadcasts, routers will not forward these multicast packets. (Packets with these addresses are sent with a Time To Live of 1.)
As a CCNA candidate, you should know that OSPF routers use the address 224.0.0.5 to send hellos, EIGRP routers use 224.0.0.10 to send updates, and RIP version 2 uses 224.0.0.9 to send routing updates. RIP version 1 and IGRP both broadcast their updates.
Multicasting gets a bit more complicated as you go from your CCNA to the CCNP and CCIE, but by simply understanding what multicasting is, you go a long way toward securing the CCNA.
A broadcast is simply a unit of information that every other device on the segment will receive. A broadcast is indicated by having every bit of the address set to its highest possible value. Since a hexadecimal bit's highest value is "f", a hexadecimal broadcast is ff-ff-ff-ff-ff-ff (or FF-FF-FF-FF-FF-FF, as the upper case does not affect hex value). The CCNA exam will demand you be very familiar with hex conversions, so if you're not comfortable with these conversions, get comfortable with them before taking the exam!
At layer 3, a broadcast is indicated by setting every bit in the 32-bit binary string to "1", making the dotted decimal value 255.255.255.255. Every host on a segment will receive such a broadcast. (Keep in mind that switches will forward a broadcast, but routers do not.) In contrast to a broadcast, a unicast is a packet or frame with only one destination.
There is a middle ground between broadcasts and unicasts, and that is a multicast. Where a broadcast will be received by all, and a unicast is received by only one host, a multicast will be received by multiple hosts, all belonging to a "multicast group". As you climb the Cisco certification pyramid, you'll be introduced to creating multicast groups and controlling multicast traffic, but for your CCNA studies you need only keep certain multicast groups in mind.
Class D addresses are reserved for multicasting this range is 224.0.0.0 - 239.255.255.255. The addresses 224.0.0.0 - 224.255.255.255 are reserved for use by network protocols on a local network segment, and like broadcasts, routers will not forward these multicast packets. (Packets with these addresses are sent with a Time To Live of 1.)
As a CCNA candidate, you should know that OSPF routers use the address 224.0.0.5 to send hellos, EIGRP routers use 224.0.0.10 to send updates, and RIP version 2 uses 224.0.0.9 to send routing updates. RIP version 1 and IGRP both broadcast their updates.
Multicasting gets a bit more complicated as you go from your CCNA to the CCNP and CCIE, but by simply understanding what multicasting is, you go a long way toward securing the CCNA.
Tuesday, December 23, 2008
Cisco CCNA / CCNP Exam Tutorial: Five Debugs You Must Know
To pass the BSCI exam and move one step closer to CCNP certification success, you've got to know how and when to use debug commands to troubleshoot and verify network operations. While you should never practice debug commands on a production network, it's important to get some hands-on experience with them and not rely on "router simulators" and books to learn about them.
When it comes to RIP, "debug ip rip" is the primary debug to use. This debug will show you the contents of the routing update packets, and is vital in diagnosing RIP version mismatches and routing update authentication issues.
You know how to use the variance command to configure unequal-cost load-sharing with IGRP, but IGRP has no topology table that will give you the feasible successor metrics you need. With IGRP, you need to use the "debug ip igrp transactions" command to get these vital metrics.
Several factors are considered by OSPF-enabled routers when it comes to forming adjacencies, including hello and dead timer settings. If an adjacency doesn't form when you think it should, run "debug ip ospf adj". The reason the adjacency isn't forming is usually seen quickly with this command's output.
Let's not ignore Layer Two! If frame relay mappings are not forming according to your configuration, run "debug frame lmi". This debug will allow you to quickly diagnose and correct any LMI mismatches.
When it comes to PPP, it can be very frustrating to try to spot a problem with a password or username. Instead of staring at the configuration for 10 minutes, run "debug ppp negotiation" and send a ping over the link. This command will help you spot the router with the misconfigured username or password, not to mention saving you a lot of time!
Effectively using debugs during your CCNA and CCNP exam study will help you truly understand what's going on "behind the command" - and it will really come in handy on that day when your production network just isn't doing what you (think) you told it to do!
When it comes to RIP, "debug ip rip" is the primary debug to use. This debug will show you the contents of the routing update packets, and is vital in diagnosing RIP version mismatches and routing update authentication issues.
You know how to use the variance command to configure unequal-cost load-sharing with IGRP, but IGRP has no topology table that will give you the feasible successor metrics you need. With IGRP, you need to use the "debug ip igrp transactions" command to get these vital metrics.
Several factors are considered by OSPF-enabled routers when it comes to forming adjacencies, including hello and dead timer settings. If an adjacency doesn't form when you think it should, run "debug ip ospf adj". The reason the adjacency isn't forming is usually seen quickly with this command's output.
Let's not ignore Layer Two! If frame relay mappings are not forming according to your configuration, run "debug frame lmi". This debug will allow you to quickly diagnose and correct any LMI mismatches.
When it comes to PPP, it can be very frustrating to try to spot a problem with a password or username. Instead of staring at the configuration for 10 minutes, run "debug ppp negotiation" and send a ping over the link. This command will help you spot the router with the misconfigured username or password, not to mention saving you a lot of time!
Effectively using debugs during your CCNA and CCNP exam study will help you truly understand what's going on "behind the command" - and it will really come in handy on that day when your production network just isn't doing what you (think) you told it to do!
Cisco CCNA / CCNP Certification Exam Review: Protocol Basics
To earn your Cisco CCNA certification and pass the BSCI CCNP exam, you have to know your protocol basics like the back of your hand! To help you review these important concepts, here's a quick look at the basics of RIPv1, RIPv2, IGRP, and EIGRP.
RIPv1: Broadcasts updates every 30 seconds to the address 255.255.255.255. RIPv1 is a classful protocol, and it does not recognize VLSM, nor does it carry subnet masking information in its routing updates. Update contains entire RIP routing table. Uses Bellman-Ford algorithm. Allows equal-cost load-balancing by default. Max hop count is 15. Does not support clear-text or MD5 authentication of routing updates. Updates carry 25 routes maximum.
RIPv2: Multicasts updates every 30 seconds to the address 224.0.0.9. RIPv2 is a classless protocol, allowing the use of subnet masks. Update contains entire RIP routing table. Uses Bellman-Ford algorithm. Allows equal-cost load-balancing by default. Max hop count is 15. Supports clear-text and MD5 authentication of routing updates. Updates carry 25 routes maximum.
IGRP: Broadcasts updates every 90 seconds to the address 255.255.255.255. IGRP is a Cisco-proprietary protocol, and is also a classful protocol and does not recognize subnet masking. Update contains entire routing table. Uses Bellman-Ford algorithm. Equal-cost load-balancing on by default; unequal-cost load-sharing can be used with the variance command. Max hop count is 100.
EIGRP: Multicasts full routing table only when an adjacency is first formed. Multicasts updates only when there is a change in the network topology, and then only advertises the change. Multicasts to 224.0.0.10 and allows the use of subnet masks. Uses DUAL routing algorithm. Unequal-cost load-sharing available with the variance command.
By mastering the basics of these protocols, you're laying the foundation for success in the exam room and when working on production networks. Pay attention to the details and the payoff is "CCNA" and "CCNP" behind your name!
RIPv1: Broadcasts updates every 30 seconds to the address 255.255.255.255. RIPv1 is a classful protocol, and it does not recognize VLSM, nor does it carry subnet masking information in its routing updates. Update contains entire RIP routing table. Uses Bellman-Ford algorithm. Allows equal-cost load-balancing by default. Max hop count is 15. Does not support clear-text or MD5 authentication of routing updates. Updates carry 25 routes maximum.
RIPv2: Multicasts updates every 30 seconds to the address 224.0.0.9. RIPv2 is a classless protocol, allowing the use of subnet masks. Update contains entire RIP routing table. Uses Bellman-Ford algorithm. Allows equal-cost load-balancing by default. Max hop count is 15. Supports clear-text and MD5 authentication of routing updates. Updates carry 25 routes maximum.
IGRP: Broadcasts updates every 90 seconds to the address 255.255.255.255. IGRP is a Cisco-proprietary protocol, and is also a classful protocol and does not recognize subnet masking. Update contains entire routing table. Uses Bellman-Ford algorithm. Equal-cost load-balancing on by default; unequal-cost load-sharing can be used with the variance command. Max hop count is 100.
EIGRP: Multicasts full routing table only when an adjacency is first formed. Multicasts updates only when there is a change in the network topology, and then only advertises the change. Multicasts to 224.0.0.10 and allows the use of subnet masks. Uses DUAL routing algorithm. Unequal-cost load-sharing available with the variance command.
By mastering the basics of these protocols, you're laying the foundation for success in the exam room and when working on production networks. Pay attention to the details and the payoff is "CCNA" and "CCNP" behind your name!
Cisco CCNA / CCNP Certification Exam Lab: Frame Relay Subinterfaces And Split Horizon
Earning your Cisco CCNA and CCNP is a tough proposition, and part of that is the fact that you quickly learn that there’s usually more than one way to do things with Cisco routers – and while that’s generally a good thing, you better know the ins and outs of all options when it comes to test day and working on production networks. Working with Frame Relay subinterfaces and split horizon is just one such situation.
One reason for the use of subinterfaces is to circumvent the rule of split horizon. You recall from your CCNA studies that split horizon dictates that a route cannot be advertised out the same interface upon which it was learned in the first place. In the following example, R1 is the hub and R2 and R3 are the spokes. All three routers are using their physical interfaces for frame relay connectivity, and they are also running RIPv2 172.12.123.0 /24. Each router is also advertising a loopback interface, using the router number for each octet.
R1(config)#int s0
R1(config-if)#ip address 172.12.123.1 255.255.255.0
R1(config-if)#no frame inverse
R1(config-if)#frame map ip 172.12.123.2 122 broadcast
R1(config-if)#frame map ip 172.12.123.3 123 broadcast
R1(config-if)#no shut
R2(config)#int s0
R2(config-if)#encap frame
R2(config-if)#no frame inver
R2(config-if)#frame map ip 172.12.123.1 221 broadcast
R2(config-if)#frame map ip 172.12.123.3 221 broadcast
R2(config-if)#ip address 172.12.123.2 255.255.255.0
R3(config)#int s0
R3(config-if)#encap frame
R3(config-if)#no frame inver
R3(config-if)#frame map ip 172.12.123.1 321 broadcast
R3(config-if)#frame map ip 172.12.123.2 321 broadcast
R3(config-if)#ip address 172.12.123.3 255.255.255.0
R1#show ip route rip
2.0.0.0/32 is subnetted, 1 subnets
R 2.2.2.2 [120/1] via 172.12.123.2, 00:00:20, Serial0
3.0.0.0/32 is subnetted, 1 subnets
R 3.3.3.3 [120/1] via 172.12.123.3, 00:00:22, Serial0
R2#show ip route rip
1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/1] via 172.12.123.1, 00:00:06, Serial0
R3#show ip route rip
1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/1] via 172.12.123.1, 00:00:04, Serial0
The hub router R1 has a route to both loopbacks, but neither spoke has a route to the other spoke's loopback. That's because split horizon prevents R1 from advertising a network via Serial0 if the route was learned on Serial0 to begin with.
We've got two options here, one of which is to disable spilt horizon on the interface. While doing so will have the desired effect in our little network, disabling split horizon is not a good idea and should be avoided whenever possible. We’re not going to do it in this lab, but here is the syntax to do so:
R1(config)#interface serial0
R1(config-if)#no ip split-horizon
A better solution is to configure subinterfaces on R1. The IP addressing will have to be revisited, but that's no problem here. R1 and R2 will use 172.12.123.0 /24 to communicate, while R1 and R3 will use 172.12.13.0 /24. R3's serial0 interface will need to be renumbered, so let's look at all three router configurations:
R1(config)#interface serial0
R1(config-if)#encap frame
R1(config-if)#no frame inverse-arp
R1(config-if)#no ip address
R1(config-if)#interface serial0.12 multipoint
R1(config-subif)#ip address 172.12.123.1 255.255.255.0
R1(config-subif)#frame map ip 172.12.123.2 122 broadcast
R1(config-subif)#interface serial0.31 point-to-point
R1(config-subif)#ip address 172.12.13.1 255.255.255.0
R1(config-subif)#frame interface-dlci 123
R2(config)#int s0
R2(config-if)#ip address 172.12.123.2 255.255.255.0
R2(config-if)#encap frame
R2(config-if)#frame map ip 172.12.13.3 221 broadcast
R2(config-if)#frame map ip 172.12.123.1 221 broadcast
R3(config)#int s0
R3(config-if)#ip address 172.12.13.3 255.255.255.0
R3(config-if)#encap frame
R3(config-if)#frame map ip 172.12.13.1 321 broadcast
R3(config-if)#frame map ip 172.12.123.2 321 broadcast
A frame map statement always names the REMOTE IP address and the LOCAL DLCI. Don't forget the broadcast option!
Show frame map shows us that all the static mappings on R1 are up and running. Note the "static" output, which indicates these mappings are a result of using the frame map command. Pings are not shown, but all three routers can ping each other at this point.
R1#show frame map
Serial0 (up): ip 172.12.123.2 dlci 122(0x7A,0x1CA0), static,
broadcast, CISCO, status defined, active
Serial0 (up): ip 172.12.13.3 dlci 123(0x7B,0x1CB0), static,
broadcast, CISCO, status defined, active
After the 172.12.13.0 /24 network is added to R1 and R3’s RIP configuration, R2 and R3 now have each other's loopback network in their RIP routing tables.
R2#show ip route rip
1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/1] via 172.12.123.1, 00:00:20, Serial0
3.0.0.0/32 is subnetted, 1 subnets
R 3.3.3.3 [120/1] via 172.12.123.1, 00:00:22, Serial0
R3#show ip route rip
1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/1] via 172.12.13.1, 00:00:20, Serial0
2.0.0.0/32 is subnetted, 1 subnets
R 2.2.2.2 [120/1] via 172.12.13.1, 00:00:22, Serial0
While turning split horizon off is one way to achieve total IP connectivity, doing so can have other unintended results. The use of subinterfaces is a more effective way of allowing the spokes to see the hub's loopback network.
One reason for the use of subinterfaces is to circumvent the rule of split horizon. You recall from your CCNA studies that split horizon dictates that a route cannot be advertised out the same interface upon which it was learned in the first place. In the following example, R1 is the hub and R2 and R3 are the spokes. All three routers are using their physical interfaces for frame relay connectivity, and they are also running RIPv2 172.12.123.0 /24. Each router is also advertising a loopback interface, using the router number for each octet.
R1(config)#int s0
R1(config-if)#ip address 172.12.123.1 255.255.255.0
R1(config-if)#no frame inverse
R1(config-if)#frame map ip 172.12.123.2 122 broadcast
R1(config-if)#frame map ip 172.12.123.3 123 broadcast
R1(config-if)#no shut
R2(config)#int s0
R2(config-if)#encap frame
R2(config-if)#no frame inver
R2(config-if)#frame map ip 172.12.123.1 221 broadcast
R2(config-if)#frame map ip 172.12.123.3 221 broadcast
R2(config-if)#ip address 172.12.123.2 255.255.255.0
R3(config)#int s0
R3(config-if)#encap frame
R3(config-if)#no frame inver
R3(config-if)#frame map ip 172.12.123.1 321 broadcast
R3(config-if)#frame map ip 172.12.123.2 321 broadcast
R3(config-if)#ip address 172.12.123.3 255.255.255.0
R1#show ip route rip
2.0.0.0/32 is subnetted, 1 subnets
R 2.2.2.2 [120/1] via 172.12.123.2, 00:00:20, Serial0
3.0.0.0/32 is subnetted, 1 subnets
R 3.3.3.3 [120/1] via 172.12.123.3, 00:00:22, Serial0
R2#show ip route rip
1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/1] via 172.12.123.1, 00:00:06, Serial0
R3#show ip route rip
1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/1] via 172.12.123.1, 00:00:04, Serial0
The hub router R1 has a route to both loopbacks, but neither spoke has a route to the other spoke's loopback. That's because split horizon prevents R1 from advertising a network via Serial0 if the route was learned on Serial0 to begin with.
We've got two options here, one of which is to disable spilt horizon on the interface. While doing so will have the desired effect in our little network, disabling split horizon is not a good idea and should be avoided whenever possible. We’re not going to do it in this lab, but here is the syntax to do so:
R1(config)#interface serial0
R1(config-if)#no ip split-horizon
A better solution is to configure subinterfaces on R1. The IP addressing will have to be revisited, but that's no problem here. R1 and R2 will use 172.12.123.0 /24 to communicate, while R1 and R3 will use 172.12.13.0 /24. R3's serial0 interface will need to be renumbered, so let's look at all three router configurations:
R1(config)#interface serial0
R1(config-if)#encap frame
R1(config-if)#no frame inverse-arp
R1(config-if)#no ip address
R1(config-if)#interface serial0.12 multipoint
R1(config-subif)#ip address 172.12.123.1 255.255.255.0
R1(config-subif)#frame map ip 172.12.123.2 122 broadcast
R1(config-subif)#interface serial0.31 point-to-point
R1(config-subif)#ip address 172.12.13.1 255.255.255.0
R1(config-subif)#frame interface-dlci 123
R2(config)#int s0
R2(config-if)#ip address 172.12.123.2 255.255.255.0
R2(config-if)#encap frame
R2(config-if)#frame map ip 172.12.13.3 221 broadcast
R2(config-if)#frame map ip 172.12.123.1 221 broadcast
R3(config)#int s0
R3(config-if)#ip address 172.12.13.3 255.255.255.0
R3(config-if)#encap frame
R3(config-if)#frame map ip 172.12.13.1 321 broadcast
R3(config-if)#frame map ip 172.12.123.2 321 broadcast
A frame map statement always names the REMOTE IP address and the LOCAL DLCI. Don't forget the broadcast option!
Show frame map shows us that all the static mappings on R1 are up and running. Note the "static" output, which indicates these mappings are a result of using the frame map command. Pings are not shown, but all three routers can ping each other at this point.
R1#show frame map
Serial0 (up): ip 172.12.123.2 dlci 122(0x7A,0x1CA0), static,
broadcast, CISCO, status defined, active
Serial0 (up): ip 172.12.13.3 dlci 123(0x7B,0x1CB0), static,
broadcast, CISCO, status defined, active
After the 172.12.13.0 /24 network is added to R1 and R3’s RIP configuration, R2 and R3 now have each other's loopback network in their RIP routing tables.
R2#show ip route rip
1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/1] via 172.12.123.1, 00:00:20, Serial0
3.0.0.0/32 is subnetted, 1 subnets
R 3.3.3.3 [120/1] via 172.12.123.1, 00:00:22, Serial0
R3#show ip route rip
1.0.0.0/32 is subnetted, 1 subnets
R 1.1.1.1 [120/1] via 172.12.13.1, 00:00:20, Serial0
2.0.0.0/32 is subnetted, 1 subnets
R 2.2.2.2 [120/1] via 172.12.13.1, 00:00:22, Serial0
While turning split horizon off is one way to achieve total IP connectivity, doing so can have other unintended results. The use of subinterfaces is a more effective way of allowing the spokes to see the hub's loopback network.
Subscribe to:
Posts (Atom)
