Background BGP PAs and Features Used by Routing Policies

Before getting into each individual step of the decision process, it is important to have a handy reference for the features the process manipulates, and the command output on routers that will reflect the changes made by each step. First, Table 13-9 summarizes the BGP PAs and other features used in the BGP decision process. Table 13-9 Proprietary Features and BGP Path Attributes that Affect the BGP Decision Process Table 13-9 Proprietary Features and BGP Path Attributes that Affect the BGP...

Choosing Which Ports Forward Choosing Root Ports and Designated Ports

To determine which ports forward and block, STP follows a three-step process, as listed in Table 3-2. Following the table, each of the three steps is explained in more detail. Three Major 802.1D STP Process Steps Three Major 802.1D STP Process Steps The switch with the lowest bridge ID wins the standard bridge ID is 2-byte priority followed by a MAC address unique to that switch. The one port on each switch with the least cost path back to the root. Determine the Designated Port for each...

Network Time Protocol

NTP Version 3 (RFC 1305) allows IP hosts to synchronize their time-of-day clocks with a common source clock. For instance, routers and switches can synchronize their clocks to make event correlation from an SNMP management station more meaningful, by ensuring that any events and traps have accurate time stamps. By design, most routers and switches use NTP client mode, adjusting their clocks based on the time as known by an NTP server. NTP defines the messages that flow between client and...

Injecting Routes Prefixes into the BGP Table

Unsurprisingly, an individual BGP router adds entries to its local BGP table by using the same general methods used by IGPs by using the network command, by hearing the topology information via an Update message from a neighbor, or by redistributing from another routing protocol. The next few sections show examples of how a local BGP router adds routes to the BGP table by methods other than learning them from a BGP neighbor. This section, and the next section, assumes the BGP no auto-summary...

OSPF Configuration

This section covers the core OSPF configuration commands, along with the OSPF configuration topics not already covered previously in the chapter. (If you happened to skip the earlier parts of this chapter, planning to review OSPF configuration, make sure to go back and look at the earlier examples in the chapter. These examples cover OSPF stubby area configuration, OSPF network types, plus OSPF neighbor and priority commands.) Example 10-8 shows configuration for the routers in Figure 10-6,...

DSCP Settings and Terminology

Several DiffServ RFCs suggest a set of values to use in the DSCP field and an implied meaning for those settings. For instance, RFC 2598 defines a DSCP of decimal 46, with a name Expedited Forwarding (EF). According to that RFC, packets marked as EF should be given queuing preference so that they experience minimal latency, but the packets should be policed to prevent them from taking over a link and preventing any other types of traffic from exiting an interface during periods when this...

RIP Version 2 Basics

RIP is the only routing protocol covered on the CCIE Routing and Switching exam that is not also covered on the CCNP exams. Although covered on the CCNA exams, in years past, RIPv2 was not part of CCNA, either. So, while many CCIE candidates might already know many of the features and configuration options of RIP, many CCNPs have never really had to study or use RIPv2 to any great extent in order to pass any Cisco exams. This chapter summarizes the protocol features and gives specific examples...

Rarp Bootp and DHCP

The ARP and proxy ARP processes both occur after a host knows its IP address and subnet mask. RARP, BOOTP, and DHCP represent the evolution of protocols defined to help a host dynamically learn its IP address. All three protocols require the client host to send a broadcast to begin discovery, and all three rely on a server to hear the request and supply an IP address to the client. Figure 5-4 shows the basic processes with RARP and BOOTP. Figure 5-4 RARP and BOOTP Basic Processes Hey Everybody...

Internal BGP Neighbors

A BGP router considers each neighbor to be either an internal BGP (iBGP) peer or an external BGP (eBGP) peer. Each BGP router resides in a single AS, so neighbor relationships are either with other routers in the same AS (iBGP neighbors) or with routers in other autonomous systems (eBGP neighbors). The two types of neighbors differ only slightly in regard to forming neighbor relationships, with more significant differences in how the type of neighbor (iBGP or eBGP) impacts the BGP update...

VTP Configuration

VTP sends updates out all active trunk interfaces (ISL or 802.1Q). However, with all default settings from Cisco, switches are in server mode, with no VTP domain name configured, and they do not send any VTP updates. Before any switches can learn VLAN information from another switch, at least one switch must have a bare-minimum VTP server configuration specifically, a domain name. Example 2-4 shows Switch3 configuring a VTP domain name to become a VTP server and advertise the VLANs it has...

CCIE Routing and Switching Exam Updates Version

Over time, reader feedback allows Cisco Press to gauge which topics give our readers the most problems when taking the exams. Additionally, Cisco may make small changes to the CCIE Routing and Switching exam blueprint. To assist readers with those topics, the authors create new materials clarifying and expanding upon those troublesome exam topics. As mentioned in the introduction to the CCIE Routing and Switching Exam Certification Guide, Second Edition, the additional content about the exam is...

Step 1 Administrative Weight

The weight, more fully titled administrative weight, allows a single router to examine inbound BGP Updates and decide which routes to prefer. The weight is not a BGP PA, but simply a Cisco-proprietary setting on a local router. In fact, it cannot be included in a BGP Update sent to another router, because there is no place in the Update message to include the weight. Table 13-10 summarizes the key points regarding BGP weight. Table 13-10 Key Features of Administrative Weight Table 13-10 Key...

Designated Routers on LANs

OSPF optimizes the LSA flooding process on multiaccess data links by using the concept of a designated router (DR). Without the concept of a DR, each pair of routers that share a data link would become fully adjacent neighbors. Each pair of routers would directly exchange their LSDBs with each other as shown in Figure 10-1. On a LAN with only six routers, without a DR, 15 different pairs of routers would exist, and 15 different instances of full database flooding would occur. OSPF uses a DR...

EIGRP Load Balancing

EIGRP allows for up to six equal-metric routes to be installed into the IP routing table at the same time. However, because of the complex EIGRP metric calculation, metrics may often be close to each other, but not exactly equal. To allow for metrics that are somewhat close in value to be considered equal, and added to the IP routing table, you can use the variance multiplier command. The multiplier defines a value that is multiplied by the lowest metric (in other words, the FD, which is the...

Custom Queuing

CQ addresses the biggest drawback of PQ by providing a guaranteed minimum bandwidth to each queue, thereby avoiding queue starvation. CQ has 16 queues, implying 16 classification categories, which is plenty for most applications. (There is also one hidden system queue for important overhead traffic the system queue cannot be configured or disabled.) The negative part of CQ, as compared to PQ, is the lack of a high-priority queue that is always serviced first. That is, CQ has no way to provide...

Collision Domains and Switch Buffering

A collision domain is a set of devices that can send frames that collide with frames sent by another device in that same set of devices. Before the advent of LAN switches, Ethernets were either physically shared (10BASE2 and 10BASE5) or shared by virtue of shared hubs and their Layer 1 repeat out all other ports logic. Ethernet switches greatly reduce the number of possible collisions, both through frame buffering and through their more complete Layer 2 logic. By definition of the term,...

Frame Relay Fragmentation

Frame Relay Forum IA 12, or FRF. 12, defines a standard method of performing LFI over a Frame Relay PVC. Cisco IOS supports two methods for configuring FRF. 12. The legacy FRF.12 configuration requires FRTS to be configured, and requires a queuing tool to be applied to the shaped packets. (Example 16-7 in Chapter 16 shows an FRTS map-class shape-with-LLQ command that shapes and applies LLQ.) Figure 18-5 shows the overall logic of how FRF.12 interleaves packets using LFI, when configured using...

Wireless Domain Services

Wireless Domain Services (WDS) is a set of Cisco IOS Software features that enhances and simplifies wireless LAN client mobility, security, deployment, and management. WDS offers the following primary services for SWAN KEY Fast Secure Roaming (FSR) For time-sensitive applications, enables a wireless client to POINT securely roam between access points in the same subnet or between subnets, enhances channel scanning, and provides fast IEEE 802.1X rekeying. Access point handoff times are within 50...

Mutual Redistribution at Multiple Routers

When multiple routers redistribute between the same two routing protocol domains, several potential problems can occur. One type of problem occurs on the redistributing routers, because those routers will learn a route to most subnets via both routing protocols. That router uses the AD to determine the best route when comparing the best routes from each of the two routing protocols this typically results in some routes using suboptimal paths. For example, Figure 11-4 shows a sample network,...

TCP Dynamic Windowing

Like many other protocols that perform error recovery, TCP uses a sliding window mechanism to perform flow control. The mechanics are probably familiar to most readers the receiver states a window size, in bytes, using the Window field of its TCP segments sent over the TCP connection. This window is sometimes called the receiver's window, the receiver's advertised window, or the granted window. The sender can then send only one window's worth of data to the receiver without receiving an...

Do I Know This Already Quiz

Table 6-1 outlines the major headings in this chapter and the corresponding Do I Know This Already quiz questions. Table 6-1 Do I Know This Already Foundation Topics Section-to-Question Mapping Table 6-1 Do I Know This Already Foundation Topics Section-to-Question Mapping In order to best use this pre-chapter assessment, remember to score yourself strictly. You can find the answers in Appendix A, Answers to the 'Do I Know This Already ' Quizzes. 1. Which of the following items are features of...

Backdoor Routes

Having a low default AD (20) for eBGP routes can cause a problem in some topologies. Figure 12-6 shows a typical case, in which Enterprise 1 uses its eBGP route to reach network 99.0.0.0 in Enterprise 2. However, the two enterprises want to use the OSPF-learned route via the leased line between the two companies. Figure 12-6 The Need for BGP Backdoor Routes R1 uses its eBGP route to reach 99.0.0.0 because eBGP has a lower AD (20) than OSPF (110). One solution would be to configure the distance...

Comparisons Between Cisco 3550 and 2950 Switches

Cisco includes the 2950 series switches in most examples used for the CCIP QoS exam, but the CCIE Routing and Switching lab includes the 3550 switch. Cisco is not specific about any particular switch models to expect on the CCIE Routing and Switching written exam. As a result, it is useful to compare the QoS features of the two switches. Table 15-11 summarizes the key differences, with some additional explanations following the table. (The comparisons listed here assume the Enhanced software...

Cisco 3550 Switch Egress Queuing

Cisco 3550 switches perform both ingress and egress queuing. However, Cisco 3550 switches use a single FIFO ingress queue as a place to hold frames waiting to be forwarded to the egress interface, so the details are not terribly interesting. For egress, the Cisco 3550 supports four queues per interface, with classification into the queues based on CoS, and scheduling based on weighted round-robin (WRR) logic and an optional expedited (priority) queue. The Cisco 3550 uses a relatively simple...

Multicast Scoping

Multicast scoping confines the forwarding of multicast traffic to a group of routers, for administrative, security, or policy reasons. In other words, multicast scoping is the practice of defining boundaries that determine how far multicast traffic will travel in your network. The following sections discuss two methods of multicast scoping With TTL scoping, routers compare the TTL value on a multicast packet with a configured TTL value on each outgoing interface. A router forwards the multicast...

LANSpecific Issues with PIMDM and PIMSM

This section covers three small topics related to operations that only matter when PIM is used on LANs Both PIM-DM and PIM-SM use these features in the same way. Prune Override In both PIM-DM and PIM-SM, the Prune process on multiaccess networks operates differently from how it operates on point-to-point links. The reason for this difference is that when one router sends a Prune message on a multiaccess network, other routers might not want the link pruned by the upstream router. Figure 20-11...

RIP Convergence When Routing Updates Cease

When a router ceases to receive routing updates, RIP must wait for some timers to expire before it decides that routes previously learned from the now-silent router can be considered to be failed routes. To deal with such cases, RIP uses its Invalid, Flush, and Holddown timers to prevent loops. Coincidentally, RIP's convergence time increases to several minutes as a result. Example 8-3 details just such a case, where R1 simply ceases to hear RIP updates from R3. (To create the failure, R3's s0...

IGMP Version

One of the primary reasons for developing IGMPv2 was to provide a better Leave mechanism to shorten the leave latency. IGMPv2 has the following new features KEY Leave Group messages Provide hosts with a method for notifying routers that they wish to POINT leave the group. Group-Specific Query messages Permit the router to send a query for a specific group instead of all groups. Maximum Response Time field A new field in Query messages that permits the router to specify the MRT. This field...

Advertising BGP Routes to Neighbors

The previous section focused on the tools that BGP can use to inject routes into a local router's BGP table. BGP routers take routes from the local BGP table and advertise a subset of those routes to their BGP neighbors. This section continues focusing on the BGP table because the BGP route advertisement process takes routes from the BGP table and sends them to neighboring routers, where the routes are added to the neighbors' BGP tables. Later, the final major section in the chapter, Building...

Fundamental BGP Operations

Chapters 12 and 13 of this book cover what might be the single most important topic on both the CCIE Routing and Switching written and lab exams Border Gateway Protocol (BGP) Version 4. This chapter focuses on how BGP accomplishes its fundamental tasks 1. Forming neighbor relationships 2. Injecting routes into BGP from some other source 3. Exchanging those routes with other routers 4. Placing routes into IP routing tables All of these BGP topics have close analogies with those of BGP's IGP...

ARP and Proxy ARP

You would imagine that anyone getting this far in their CCIE study would already have a solid understanding of the Address Resolution Protocol (ARP, RFC 826). However, proxy ARP (RFC 1027) is often ignored, in part because of its lack of use today. To see how they both work, Figure 5-3 shows an example of each, with Fred and Barney both trying to reach the web server at IP address 10.1.2.200. Figure 5-3 Comparing ARP and Proxy ARP Fred 10.1.1.101 Mask 24 GW 10.1.1.1 Barney 10.1.1.102 Mask 8 GW...

Case Study Virtual Private Networks in Super Com Service Provider Network

As with all complex topics, the MPLS VPN concepts are best explained through use of a case study. Imagine a service provider (let's call it SuperCom) that is offering VPN services based on MPLS VPN technologies. The service provider has two points of presence (POP), a U.S. POP in the San Jose area and a French POP in the Paris area. The POPs are linked through a core router located in Washington, D.C. The service provider has two customers FastFood, with headquarters in San Jose and branch...

The maximumpaths Command and BGP Decision Process Tiebreakers

The goal of the BGP decision tree is to find the one best BGP route to each NLRI, from that router's perspective. That router then considers only its best routes for advertising to other routers, restricting those routes based on AS_PATH loop prevention and routing policy configuration. That router also attempts to add that best route, and that best route only, to its IP routing table. In fact, as long as another routing source has not found a route to the same prefix, with a better...

MPLS Architecture The Building Blocks

As with any new technology, several new terms are introduced to describe the devices that make up the architecture. These new terms describe the functionality of each device and their roles within the MPLS domain structure. The first device to be introduced is the Label Switch Router (LSR). Any router or switch that implements label distribution procedures and can forward packets based on labels falls under this category. The basic function of label distribution procedures is to allow an LSR to...

Router Port Group Management Protocol

RGMP is a Layer 2 protocol that enables a router to communicate to a switch which multicast group traffic the router does and does not want to receive from the switch. By being able to restrict the multicast destinations that a switch forwards to a router, a router can reduce its overhead. In fact, RGMP was designed to help routers reduce overhead when they are attached to high-speed LAN backbones. Although RGMP is Cisco proprietary, oddly enough it cannot work concurrently with...

RIP Offset Lists

RIP offset lists allow RIP to add to a route's metric, either before sending an update, or for routes received in an update. The offset list refers to an ACL (standard, extended, or named) to match the routes any matched routes have the specified offset, or extra metric, added to their metrics. Any routes not matched by the offset list are unchanged. The offset list also specifies which routing updates to examine by referring to a direction (in or out) and, optionally, an interface. If the...

IP Prefix Lists

IP prefix lists provide mechanisms to match two components of an IP route The route prefix (the subnet number) The prefix length (the subnet mask) The redistribute command cannot directly reference a prefix list, but a route map can refer to a prefix list by using the match command. A prefix list itself has similar characteristics to a route map. The list consists of one or more statements with the same text name. Each statement has a sequence number to allow deletion of individual commands,...

Switching and Bridging Logic

In this chapter so far, you have been reminded about the cabling details for Ethernet along with the formats and meanings of the fields inside Ethernet frames. A switch's ultimate goal is to deliver those frames to the appropriate destination(s) based on the destination MAC address in the frame header. Table 1-7 summarizes the logic used by switches when forwarding frames, which differs based on the type of destination Ethernet address and on whether the destination address has been added to...

Time Exceeded ICMP Message

The ICMP Time Exceeded message notifies a host when a packet it sent has been discarded because it was out of time. Packets are not actually timed, but to prevent packets from being forwarded forever when there is a routing loop, each IP packet header includes a Time to Live (TTL) field. Routers decrement TTL by 1 every time they forward a packet if a router happens to decrement TTL of a packet to 0, the router discards the packet and sends an ICMP Time Exceeded message to the sender of the...

IP Access Control List Review

A relatively deep knowledge of IP ACL configuration and use is assumed to be pre-requisite knowledge for readers of this book. In fact, many of the examples in the earlier sections of the book did not take the space required to explain the detailed logic of ACLs used in the examples. However, some reference information, as well as statements regarding some of the rules and practices regarding IP ACLs, is useful for general CCIE Routing and Switching exam study. Those details are presented in...

Foundation Summary

This section lists additional details and facts to round out the coverage of the topics in this chapter. Unlike most of the Cisco Press Exam Certification Guides, this book does not repeat information presented in the Foundation Topics section of the chapter. Please take the time to read and study the details in the Foundation Topics section of the chapter, as well as review the items in the Foundation Topics section noted with a Key Point icon. Table 1-8 lists the different types of Ethernet...

Port Channels

When a network design includes multiple parallel segments between the same pair of switches, one switch ends up in a forwarding state on all the links, but the other switch blocks all but one of the ports of those parallel segments. As a result, only one of the links can be used at any point in time. Using Fast EtherChannel (FEC) (using FastE segments) and Gigabit EtherChannel (GEC) (using GigE segments) allows the combined links to be treated as one link from an STP perspective, so that all...

Ethernet Layer 2 Framing and Addressing

In this book, as in many Cisco courses and documents, the word frame refers to the bits and bytes that include the Layer 2 header and trailer, along with the data encapsulated by that header and trailer. The term packet is most often used to describe the Layer 3 header and data, without a Layer 2 header or trailer. Ethernet's Layer 2 specifications relate to the creation, forwarding, reception, and interpretation of Ethernet frames. The original Ethernet specifications were owned by the...

Class Based Policing Configuration

CB Policing uses the familiar MQC commands for configuration. As a result, a policy map can police all packets using the convenient class-default class, or it can separate traffic into classes, apply different policing parameters to different classes of traffic, or even simply not police some classes. The police command configures CB Policing inside a policy map. On the police command, you define the policing rate in bps, the Bc in bytes, and the Be in bytes, along with the actions for each...

Frame Relay Congestion De Becn and FECN

FR networks, like any other multiaccess network, create the possibility for congestion caused by speed mismatches. For instance, imagine an FR network with 20 remote sites with 256-kbps links, and one main site with a T1 link. If all 20 remote sites were to send continuous frames to the main site at the same time, about 5 Mbps of data would need to exit the FR switch over the 1.5-Mbps T1 connected to the main router, causing the output queue on the FR switch to grow. Similarly, when the main...

VLSM Subnet Allocation

So far in this chapter, most of the discussion has been about examining existing addresses and subnets. Before deploying new networks, or new parts of a network, you must give some thought to the ranges of IP addresses to be allocated. Also, when assigning subnets for different locations, you should assign the subnets with thought for how routes could then be summarized. This section covers some of the key concepts related to subnet allocation and summarization. (This section focuses on the...

Adding iBGP Routes to the IP Routing Table

Routing Loops

Cisco IOS has the same two requirements for adding iBGP routes to the IP routing table as it does for eBGP routes The route must be the best BGP route. The route must be the best route (according to the AD) in comparison with other routing Additionally, for iBGP-learned routes, IOS considers the concept of BGP synchronization. With BGP synchronization (often called sync) disabled using the no synchronization command, BGP uses the same logic for iBGP routes as it does for eBGP routes regarding...

Basic Switch Port Configuration

The three key configuration elements on a Cisco switch port are auto-negotiation, speed, and duplex. Cisco switches use auto-negotiation by default it is then disabled if both the speed and duplex are manually configured. You can set the speed using the speed auto 10 100 1000 interface subcommand, assuming the interface supports multiple speeds. You configure the duplex setting using the duplex auto half full interface subcommand. Example 1-1 shows the manual configuration of the speed and...

STP Configuration and Analysis

Example 3-1, based on Figure 3-6, shows some of the basic STP configuration and show commands. Take care to note that many of the upcoming commands allow the parameters to be set for all VLANs by omitting the VLAN parameter, or set per VLAN by including a VLAN parameter. Example 3-1 begins with SW1 coincidentally becoming the Root switch. After that, SW2 is configured to become root, and SW3 changes its Root Port as a result of a configured port cost in VLAN 1. Figure 3-6 Network Used with...

Default Routes

Routers forward packets using a default route when there are no specific routes that match a packet's destination IP address in the IP routing table. Routing protocols can advertise default routes, with each router choosing the best default route to list as that router's gateway of last resort. This section covers how a router can create a default route and then cause an IGP to advertise the default route. In addition to the advertisement of default routes, each router may use one of two...

QinQ Tunneling

Traditionally, VLANs have not extended beyond the WAN boundary. VLANs in one campus extend to a WAN edge router, but VLAN protocols are not used on the WAN. Today, several emerging alternatives exist for the passage of VLAN traffic across a WAN, including 802.1Q-in-Q, Ethernet over MPLS (EoMPLS), and VLAN MPLS (VMPLS). While these topics are more applicable to the CCIE Service Provider certification, you should at least know the concept of 802.1 Q-in-Q tunneling. Also known as Q-in-Q or Layer 2...

Weighted Fair Queuing

Scheduler Logic Cbwfq

Weighted fair queuing differs from PQ and CQ in several significant ways. The most outwardly obvious difference is that WFQ does not allow classification options to be configured. WFQ automatically classifies packets based on flows, with each flow being placed into a separate queue. For WFQ purposes, a flow is defined as all packets with the same values for the following Transport layer protocol (TCP or UDP) TCP or UDP destination port Because WFQ puts packets of different flows in different...

ISL and 8021Q Configuration

Cisco switches use the Dynamic Trunk Protocol (DTP) to dynamically learn whether the device on the other end of the cable wants to perform trunking and, if so, which trunking protocol to use. DTP learns whether to trunk based on the DTP mode defined for an interface. Cisco switches default to use the DTP desirable mode, which means that the switch initiates sending DTP messages, hoping that the device on the other end of the segment replies with another DTP message. If a reply is received, DTP...

Designated Routers on WANs and OSPF Network Types

Using a DR makes good sense on a LAN because it improves LSA flooding efficiency. Likewise, not using a DR on a point-to-point WAN link also makes sense, because with only two routers on the subnet, there is no inefficiency upon which to improve. However, on nonbroadcast multiaccess (NBMA) networks, arguments can be made regarding whether a DR is helpful. So, OSPF includes several options that include a choice of whether to use a DR on WAN interfaces. Cisco router interfaces can be configured...

Class Based Marking CB Marking Configuration

As with the other QoS tools whose names begin with the phrase Class-Based, you will use MQC commands to configure CB Marking. The following list highlights the key points regarding CB Marking configuration and logic CB Marking requires CEF (enabled using the ip cef global command). Packets are classified based on the logic in MQC class maps. An MQC policy map refers to one or more class maps using the class class-map-name command packets classified into that class are then marked. CB Marking is...

Configuring Route Maps with the routemap Command

Route maps provide programming logic similar to the If Then Else logic seen in other programming languages. A single route map has one or more route-map commands in it, and routers process route-map commands in sequential order based on sequence numbers. Each route-map command has underlying matching parameters, configured with the aptly named match command. (To match all packets, the route-map clause simply omits the match command.) Each route-map command also has one or more optional set...

Route Summarization Concepts

The ability to recognize and define how to most efficiently summarize existing address ranges is an important skill on both the written and lab exams. For the written exam, the question may not be as straightforward as, What is the most efficient summarization of the following subnets Rather, the math required for such a question might simply be part of a larger question. Certainly, such math is required for the lab exam. This section looks at the math behind finding the best summarization...

MLS Configuration

The upcoming MLS configuration example is designed to show all of the configuration options. The network design is shown in Figures 7-4 and 7-5. In Figure 7-4, the physical topology is shown, with routed ports, VLAN trunks, a routed PortChannel, and access links. Figure 7-5 shows the same network, with a Layer 3 view of the subnets used in the network. Figure 7-4 Physical Topology Example Using MLS (T Trunk (also a switchport) (R Routed Port (T Trunk (also a switchport) (R Routed Port Figure...

Timers Used in IGMPvl and IGMPv2

Table 19-4 summarizes important timers used in IGMPvl and IGMPv2, their usage, and default values. Table 19-4 Important Timers Used in IGMPv1 andIGMPv2 Table 19-4 Important Timers Used in IGMPv1 andIGMPv2 A time period between General Queries sent by a router. The maximum response time for hosts to respond to the periodic general Queries. 10 seconds , can be between .1 and 25.5 seconds A time period during which if a router doesn't receive an IGMP Report, the router concludes that there are no...

IGMP Snooping

What happens if your network has non-Cisco switches You cannot use CGMP because it is Cisco proprietary. IGMP snooping can be used for a multivendor switched network to control distribution of multicast traffic at Layer 2. IGMP snooping requires the switch software to eavesdrop on the IGMP conversation between multicast hosts and the router. The switch examines IGMP messages and learns the location of multicast routers and group members. NOTE Many Cisco switches support IGMP snooping, including...

Private VLANs

Engineers may design VLANs with many goals in mind. In many cases today, devices end up in the same VLAN just based on the physical locations of the wiring drops. Security is another motivating factor in VLAN design devices in different VLANs do not overhear each other's broadcasts. Additionally, the separation of hosts into different VLANs and subnets requires an intervening router or multilayer switch between the subnets, and these types of devices typically provide more robust security...

Comparing Queuing Tools

Cisco IOS provides a wide variety of queuing tools. The upcoming sections of this chapter describe several different IOS queuing tools, with a brief summary ending the section on queuing. Table 15-2 summarizes the main characteristics of different queuing tools that you will want to keep in mind while comparing each successive queuing tool. Table 15-2 Key Comparison Points for Queuing Tools Table 15-2 Key Comparison Points for Queuing Tools The ability to look at packet headers to choose the...

Carrier Detect and Interface Resets

A router has visibility into T1 framing, along with the alarm conditions, but only if the serial card has a built-in CSU DSU. However, with an external CSU DSU, the router has no insight into the framing or encoding on the circuit. Instead, the router can sense the voltages on the various pins on the serial cable. Table 17-4 lists and describes the purpose of the five most important signaling pins in serial cables. (Note that in this model, the term data communications equipment DCE refers to...

Cisco Group Management Protocol

IGMP helps routers to determine how to distribute multicast traffic. However, IGMP works at Layer 3, and switches do not understand IGMP messages. Switches, by default, flood multicast traffic to all the hosts in a broadcast domain, which wastes bandwidth. Figure 19-16 illustrates the problem. Figure 19-16 Switches Flood Multicast Traffic Figure 19-16 Switches Flood Multicast Traffic -> - IGMP Join 226.6.6.6 -> - Multicast to 226.6.6.6 -> - IGMP Join 226.6.6.6 -> - Multicast to...

Building Adjacency Information ARP and Inverse ARP

The CEF adjacency table entries list an outgoing interface and a Layer 2 and Layer 3 address reachable via that interface. The table also includes the entire data link header that should be used to reach that next-hop (adjacent) device. The CEF adjacency table must be built based on the IP routing table, plus other sources. The IP routing table entries include the outgoing interfaces to use and the next-hop device's IP address. To complete the adjacency table entry for that next hop, the router...

Label Binding and Distribution

As soon as the Label Information Base (LIB) is created in a router, a label is assigned to every Forward Equivalence Class known to the router. For unicast destination-based routing, the FEC is equivalent to an IGP prefix in the IP routing table. Thus, a label is assigned to every prefix in the IP routing table and the mapping between the two is stored in the LIB. NOTE Labels are not assigned to BGP routes in the IP routing table. The BGP routes use the same label as the interior route toward...

The Mechanics of the redistribute Command

The redistribute router subcommand tells one routing protocol to take routes from another routing protocol. This command can simply redistribute all routes or, by using matching logic, redistribute only a subset of the routes. The redistribute command also supports actions for setting some parameters about the redistributed routes for example, the metric. The full syntax of the redistribute command is as follows redistribute protocol process-id level-1 level-1-2 level-2 as-number metric...

Class Based WFQ and Low Latency Queuing

Cisco created CBWFQ and LLQ using some of the best concepts from PQ, CQ, and WFQ, while adding several additional features. CBWFQ reserves bandwidth for each queue, and provides the ability to use WFQ concepts for packets in the default (class-default) queue. LLQ adds to CBWFQ the concept of a priority queue, but unlike PQ, LLQ prevents the high-priority queue from starving other queues. Additionally, both CBWFQ and LLQ use MQC for configuration, which means that they have robust classification...

Committed Access Rate

CAR implements single-rate, two-color policing. As compared with that same option in CB Policing, CAR and CB Policing have many similarities. They both can police traffic either entering or exiting an interface or subinterface they can both police subsets of that traffic based on classification logic and they both set the rate in bps, with Bc and Be configured as a number of bytes. CAR differs from CB Policing regarding four main features, as follows KEY CAR uses the rate-limit command, which...

BGP Communities

The BGP COMMUNITY PA provides a mechanism by which to group routes so that routing policies can be applied to all the routes with the same community. By marking a set of routes with the same COMMUNITY string, routers can look for the COMMUNITY string and then make policy decisions like setting some PA that impacts the BGP decision process, or simply filtering the routes. BGP communities are powerful in that they allow routers in one AS to communicate policy information to routers that are one...

Ldptdp Session Establishment

When you start MPLS on the first interface in a router, the TDP LDP process is started and the Label Information Base (LIB) structure is created. The router also tries to discover other LSRs on the interfaces running MPLS through TDP hello packets. The TDP hello packets are sent as broadcast or multicast UDP packets, making LSR neighbor discovery automatic. The debug tag tdp transport command can monitor the TDP hellos. Example C-4 shows the TDP process startup and Example C-5 illustrates the...

Building BGP Neighbor Relationships

BGP neighbors form a TCP connection with each neighbor, sending BGP messages over the connections culminating in BGP Update messages that contain the routing information. Each router explicitly configures its neighbors' IP addresses, using these definitions to tell a router with which IP addresses to attempt a TCP connection. Also, if a router receives a TCP connection request (to BGP port 179) from a source IP address that is not configured as a BGP neighbor, the router rejects the request....

The BGP Decision Process

The BGP decision process uses some of the PAs listed in Table 13-7, as well as several others. This section focuses on the decision process as an end to itself, with only brief explanations of new features or PAs. Following that, the text explains the details of some of the PAs that have not yet been covered in the book, as well as some other details that affect the BGP decision process. When a BGP router learns multiple routes to the same NLRI, it must choose a single best route to reach that...

Ethernet Address Formats

The IEEE intends for unicast addresses to be unique in the universe by administering the assignment of MAC addresses. The IEEE assigns each vendor a code to use as the first 3 bytes of its MAC addresses that first half of the addresses is called the Organizationally Unique Identifier (OUI). The IEEE expects each manufacturer to use its OUI for the first 3 bytes of the MAC assigned to any Ethernet product created by that vendor. The vendor then assigns a unique value in the low-order 3 bytes for...

Well Known Multicast Addresses

IANA controls the assignment of IP multicast addresses. To preserve multicast addresses, IANA is reluctant to assign individual IP multicast addresses to new applications without a good technical justification. However, IANA has assigned individual IP multicast addresses to popular network protocols. IANA has assigned several ranges of multicast IP addresses for specific types of reasons. Those types are as follows KEY Permanent multicast groups, in the range 224.0.0.0-224.0.1.255 POINT...

Switch Security Best Practices for Unused and User Ports

The first three items in the list of best practices for unused and user ports are mostly covered in earlier chapters. For a brief review, Example 21-7 shows an example configuration on a Cisco 3550 switch, with each of these items configured and noted. In this example, fa0 1 is a currently unused port. CDP has been disabled on the interface, but it remains enabled globally, on the presumption that some ports still need CDP enabled. DTP has been disabled as well, and STP Root Guard and BPDU...

Checks Before Becoming BGP Neighbors

Similar to IGPs, BGP checks certain requirements before another router may become a neighbor, reaching the BGP established state. Most of the settings are straightforward the only tricky part relates to the use of IP addresses. The following list describes the checks that BGP performs when forming neighbor relationships KEY 1. The router must receive a TCP connection request with a source address that the router finds pOINT in a BGP neighbor command. 2. A router's ASN (on the router bgp asn...

Label Imposition at the Network Edge

Label imposition has been described already as the act of prepending a label to a packet as it enters the MPLS domain. This is an edge function, which means that packets are labeled before they are forwarded to the MPLS domain. To perform this function, an Edge-LSR needs to understand where the packet is headed and which label, or stack of labels, it should assign to the packet. In conventional Layer 3 IP forwarding, each hop in the network performs a lookup in the IP forwarding table for the...

NonIP Header Marking Fields

As IP packets pass through an internetwork, the packet is encapsulated in a variety of other headers. In several cases, these other headers have QoS fields that can be used for classification and marking. Ethernet supports a 3-bit QoS marking field, but the field only exists when the Ethernet header includes either an 802.1Q or ISL trunking header. IEEE 802.1Q defines its QoS field as the 3 most-significant bits of the 2-byte Tag Control field, calling the field the user-priority bits. ISL...

T1 Framing and Encoding

The CSU DSUs on each end of a T1 link apply framing logic to the serial data stream in each direction on the link. The framing process allows a device to identify the individual DS0 channels, as well as overhead bits. The overhead bits are used for synchronization and framing, management, and a CRC error check. T1s use either the older Superframe (SF, also known as D4) framing standard or the Extended Superframe (ESF) frame format. E1 lines use either the ITU G.704 or G.706 standard. Using a T1...

Filtering BGP Updates Based on NLRI

Most of the logic behind BGP distribution lists, prefix lists, and route maps has already been covered in previous chapters. For example, Chapter 11 explains the logic behind the ip prefix-list command, and Chapters 8 through 10 cover filtering in IGP routing protocols using the distribute-list command. This section shows some brief examples to cover the syntax when these methods are used with BGP, plus a few quirks unique to BGP. One difference between BGP distribute lists and IGP distribute...

BGP Messages and Neighbor States

The desired state for BGP neighbors is the established state. In that state, the routers have formed a TCP connection, and they have exchanged Open messages, with the parameter checks having passed. At this point, topology information can be exchanged using Update messages. Table 12-3 lists the BGP neighbor states, along with some of their characteristics. Note that if the IP addresses mismatch, the neighbors settle into an active state. BGP uses four basic messages. Table 12-4 lists the...

Becoming Neighbors Exchanging Databases and Becoming Adjacent

OSPF directly encapsulates the five different types of OSPF messages inside IP packets, using IP protocol 89, as listed in Table 10-2. Used to discover neighbors, bring a neighbor relationship to a 2-way state, and monitor a neighbor's responsiveness in case it fails Used to exchange brief versions of each LSA, typically on initial topology exchange, so that a router knows a list of that neighbor's LSAs A packet that identifies one or more LSAs about which the sending router would like the...

Redistributing a Subset of Routes Using a Route

Route maps can be referenced by any redistribute command. The route map may actually let all the routes through, setting different route attributes (for example, metrics) for different routes. Or, it may match some routes with a deny clause, which prevents the route from being redistributed. (Refer to Figure 11-1 for a review of route map logic.) Figure 11-3 and Example 11-2 show an example of mutual redistribution between EIGRP and OSPF, with some routes being either filtered or changed using...

User Mode and Privileged Mode AAA Authentication

The term authentication, authorization, and accounting (AAA) refers to a variety of common security features. This section focuses on the first A in AAA authentication and how it is used to manage access to a router or IOS switch's user mode and privileged mode. The strongest authentication method to protect the CLI is to use a TACACS+ or RADIUS server. The Cisco Secure Access Control Server (ACS) is a Cisco Systems software product that can be installed on Unix, Linux, and several Windows...

Comparison of IGMPvl IGMPv2 and IGMPv3

Table 19-5 compares the important features of IGMPvl, IGMPv2, and IGMPv3. Table 19-5 Comparison of IGMPvl, IGMPv2, andIGMPv3 Table 19-5 Comparison of IGMPvl, IGMPv2, andIGMPv3 First Octet Value for the Query Message Destination Address for the General Query Joining multicast group address and source address Is Report Suppression Mechanism Available Can Maximum Response Time Be Configured Can a Host Send a Leave Group Message Destination Address for the Leave Group Message Table 19-5 Comparison...

Frame Relay Traffic Shaping Configuration

Frame Relay Traffic Shaping (FRTS) differs from CB Shaping in several significant ways, although the underlying token-bucket mechanics are identical. The following list highlights some of the key similarities and differences KEY FRTS can be used only on Frame Relay interfaces, whereas CB Shaping can be used with any po NT underlying data link protocol. Like CB Shaping, FRTS allows a large number of IOS queuing tools to be used instead of a single FIFO shaping queue. Unlike CB Shaping, FRTS does...

Network Address Translation

NAT, defined in RFC 1631, allows a host that does not have a valid registered IP address to communicate with other hosts on the Internet. NAT has gained such wide-spread acceptance that the majority of enterprise IP networks today use private IP addresses for most hosts on the network and use a small block of public IP addresses, with NAT translating between the two. NAT translates, or changes, one or both IP addresses inside a packet as it passes through a router. (Many firewalls also perform...

IP Addressing and Subnetting Review

First, here's a quick review of some of the core facts about IPv4 addresses that should be fairly familiar to you Written in dotted decimal notation (for example, 1.2.3.4), with each decimal octet representing 8 bits. Addresses are assigned to network interfaces, so computers or routers with multiple interfaces have multiple IP addresses. A computer with an IP address assigned to an interface is an IP host. A group of IP hosts that are not separated from each other by an IP router are in the...

Hsrp Vrrp and GLBP

IP hosts can use several methods of deciding which default router or default gateway to use DHCP, BOOTP, ICMP Router Discovery Protocol (IRDP), manual configuration, or even by running a routing protocol (although having hosts run a routing protocol is not common today). The most typical methods using DHCP or manual configuration result in the host knowing a single IP address of its default gateway. Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), and Gateway Load...

MPLS Label Stack Header

For various reasons, switching performance being one, the MPLS label must be inserted in front of the labeled data in a frame-mode implementation of the MPLS architecture. The MPLS label thus is inserted between the Layer 2 header and the Layer 3 contents of the Layer 2 frame, as displayed in Figure C-11. Figure C-11 Position of the MPLS Label in a Layer 2 Frame Unlabeled IP packet in Layer 2 frame Unlabeled IP packet in Layer 2 frame Due to the way an MPLS label is inserted between the Layer 3...

The CCIE Routing and Switching Written Exam 350001

The CCIE Routing and Switching written exam, at least as of the time of publication, consists of a 2-hour exam administered at a proctored exam facility affiliated either with Pearson VUE (http www.VUE.com cisco) or Thomson Prometric (http www.2test.com). The exam typically includes approximately 100 multiple-choice questions, with no simulation questions currently on the written exam. Because the written exam is typically followed at some point by an attempt at passing the lab exam, Cisco has...

Filtering Subnets of a Summary Using the aggregateaddress Command

Manual BGP route summarization, using the aggregate-address BGP router subcommand, provides the flexibility to allow none, all, or a subset of the summary's component subnets to be advertised out of the BGP table. By allowing some and not others, the aggregate-address command can in effect filter some routes. The filtering options on the aggregate-address command are as follows KEY Filtering all component subnets of the summary from being advertised, by using the POINT summary-only keyword...

Dynamically Finding RPs and Using Redundant RPs

In a PIM-SM network, every router must somehow learn the IP address of an RP. A PIM-SM router can use one of the following three methods to learn the IP address of an RP KEY The RP address can be statically configured on all the PIM-SM routers with the Cisco IOS POINT global command ip pim rp-address address. This is the method used for the five-router topology shown in Figure 20-19. The Cisco-proprietary Auto-RP protocol can be used to designate the RP and advertise its IP address so that all...

VTP Process and Revision Numbers

The VTP update process begins when a switch administrator, from a VTP server switch, adds, deletes, or updates the configuration for a VLAN. When the new configuration occurs, the VTP server increments the old VTP revision number by 1, and advertises the entire VLAN configuration database along with the new revision number. The VTP revision number concept allows switches to know when VLAN database changes have occurred. Upon receiving a VTP update, if the revision number in a received VTP...

Step 4 Shortest ASPATH

Routers can easily determine the shortest AS_PATH length by using a few rules that define how to account for all four parts of the AS_PATH the AS_SEQ, AS_SET, AS_CONFED_SEQ, and AS_CONFED_SET. Additionally, routing policies can change the number of ASNs in the AS_PATH. Table 13-12 summarizes the key points regarding AS_PATH length. Table 13-12 Features that Impact the Total Number of ASs in the AS PATH Length Calculation Table 13-12 Features that Impact the Total Number of ASs in the AS PATH...

Why Should I Take the CCIE Routing and Switching Written Exam

The first and most obvious reason to take the CCIE Routing and Switching written exam is that it is the first step toward obtaining the CCIE Routing and Switching certification. Also, you cannot schedule a CCIE lab exam until you pass the appropriate written exam. In short, if you want all the professional benefits of a CCIE Routing and Switching certification, you start by passing the written exam. The benefits of getting a CCIE certification are varied, but here are just a few of the reasons...

PPP Compression

PPP can negotiate to use Layer 2 payload compression, TCP header compression, and or RTP header compression. Each type of compression has pros and cons, with the most obvious relating to what is compressed, as shown in Figure 17-4. Figure 17-4 Fields Compressed with Compression Features TCP Header Compression RTP Header Compression TCP Header Compression RTP Header Compression Comparing payload compression and header compression, payload compression works best with longer packet lengths, and...

RIP Next Hop Feature and Split Horizon

This section covers the split horizon and next-hop features of RIPv2. These two features do not typically need to be considered at the same time, but in some cases they do. The example used in this section shows how the two features may be needed in the same design. First, Cisco IOS controls the split horizon setting per interface, using the no ip split-horizon interface subcommand. Split horizon is on by default, except for cases in which Frame Relay is configured with the IP address on the...

CB Policing Concepts

CB Policing is enabled for packets either entering or exiting an interface, or those entering or exiting a subinterface. It monitors, or meters, the bit rate of the combined packets when a packet pushes the metered rate past the configured policing rate, the policer takes action against that packet. The most aggressive action is to discard the packet. Alternately, the policer can simply re-mark a field in the packet. This second option allows the packets through, but if congestion occurs at...