Access List Types

The actual configuration lines for the access list shown graphically on the right of ,Figure B.4 are access-list 9 deny 10.23.147.0 0.0.0.255 access-list 9 permit 10.0.0.0 0.255.255.255 Every filter layer of an access list is represented by one configuration line. The various components of an access list line are discussed shortly, but for now notice the number 9 in both lines. This number is the access list number, and it serves two purposes It links all the lines of this list together and...

Been translated into type 5 LSAs by Goya 192168503

Type 7 AS External Link Stales (Area 192.166.10,O) Type 7 AS External Link Stales (Area 192.166.10,O) Several configuration options are available for the ABR. First, the no-summary option can be used with the area nssa command to block the flooding of type 3 and type 4 LSAs into the NSSA. To turn area 192.168.10.0 into a somewhat schizophrenically named totally stubby not-so-stubby area, Goya's configuration would be router ospf 30 network 192.168.20.0 0.0.0.3 area 0 network 192.168.10.0...

Bicycles with Motors

One of the difficulties of decentralized computing is that it isolates users from one another and from the data and applications they may need to use in common. When a file is created, how is it shared with Tom, Dick, and Harriet down the hall The early solution to this was the storied SneakerNet Put the file on floppy disks and hand carry them to the necessary destinations. But what happens when Tom, Dick, and Harriet modify their copies of the file How does one ensure that all information in...

Case Study A Basic Eigrp Configuration

Like IGRP, EIGRP requires only two steps to begin the routing process 1. Enable EIGRP with the command router eigrp process-id. 2. Specify each major network on which to run EIGRP with the network command. The process ID may be any number between 1 and 65535 (0 is not allowed), and it may be arbitrarily chosen by the network administrator, as long as it is the same for all EIGRP processes in all routers that must share information. Alternatively, the number may be an InterNIC-assigned...

Case Study A Basic OSPF Configuration

The three steps necessary to begin a basic OSPF process are 1. Determine the area to which each router interface will be attached. 2. Enable OSPF with the command router ospfprocess-id. 3. Specify the interfaces on which to run OSPF, and their areas, with the network area command. Unlike the process ID associated with IGRP and EIGRP, the OSPF process ID is not an autonomous system number. The process ID can be any positive integer and has no significance outside the router on which it is...

Case Study A Basic RIPv2 Configuration

By default, a RIP process configured on a Cisco router sends only RIPvl messages but listens to both RIPvl and RIPv2. This default is changed with the version command, as in the following example network 172.25.0.0 network 192.168.50.0 In this mode, the router sends and receives only RIPv2 messages. Likewise, the router can be configured to send and receive only RIPvl messages network 172.25.0.0 network 192.168.50.0 The default behavior can be restored by entering the c ommand no version in...

Case Study A Protocol Migration

The distance command, when used without any optional parameters, specifies the administrative distance to be assigned to routes learned from a particular routing protocol. On first consideration, this action may not seem to be a route filtering function, but it is. When multiple routing protocols are running, routes are accepted or rejected based on their administrative distances. The internetwork in Figure 13.7 is running RIP, and there is a plan to convert to EIGRP. Several methods exist for...

Case Study Authentication

OSPF packets can be authenticated to prevent inadvertent or intentional introduction of bad routing information. Table 9.8 lists the types of authentication available. Null authentication (type 0), which means no authentication information is included in the packet header, is the default. Authentication using simple clear-text passwords (type 1) or MD5 cryptographic checksums (type 2) can be configured. When authentication is configured, it must be configured for an entire area. If increased...

Case Study Discontiguous Subnets

In Figure 5.13, another router has been added to the internetwork with a subnet 10.33.32.0 20 on its El interface. The problem is that the other subnet of network 10.0.0.0, 10.33.0.0 20, is connected to Barney, and the only route between the subnets is via 192.168.83.0 and 192.168.12.0 two entirely different networks. As a result, network 10.0.0.0 is discontiguous. Figure 5.13. Classful protocols such as RIP and IGRP cannot route a topology in which the subnets of network 10.0.0.0 are separated...

Case Study Manipulating RIP Metrics

A serial link, to be used as a backup, has been added between Ernest_T and Barney (Figure 5.16). This link should be used only if the route via Andy fails. The problem is that the path between Barney's 10.33.0.0 subnet and Ernest_T's 10.33.32.0 subnet is 1 hop via the serial link and 2 hops via the preferred Ethernet links. Under normal circumstances, RIP will choose the serial link. Figure 5.16. RIP metrics must be manipulated so that the 2-hop Ethernet route between Barney and Ernest_T will...

Case Study Misconfigured Summarization

Figure 9.102 shows a backbone area and three attached areas. To reduce the size of the link state database and to increase the stability of the internetwork, summarization will be used between areas. Figure 9.102. The summary addresses shown for each area will be advertised into area 0. Area 0 will also Figure 9.102. The summary addresses shown for each area will be advertised into area 0. Area 0 will also The individual subnets of the three nonbackbone areas are summarized with the addresses...

Case Study Multiple IGRP Processes

Two new routers, Lovett and Harriman, have been added to the internetwork (Figure 6.18). A decision has been made to create two IGRP autonomous system domains in the internetwork with no communications between the two. Figure 6.19 shows the two autonomous systems and the related links for each. Figure 6.18. Separate routing domains are to be created in this internetwork. Figure 6.18. Separate routing domains are to be created in this internetwork. Figure 6.19. The routers Harriman and Acheson...

Case Study Setting Maximum Paths

The maximum number of routes over which IGRP can load balance is set with the maximum-paths paths command. Paths may be any number from one to six in IOS 11.0 and later and any number from one to four in earlier versions. The default for all versions is four. Figure 6.16 shows three parallel paths of varying costs from McCloy to network 172.18.0.0. The network administrator wants to load balance over a maximum of only two of these routes while ensuring that if either of these paths should fail,...

Case Study Setting Router IDs with Loopback Interfaces

Suppose router Matisse from Figure 9.61 has been configured in a staging center and then sent to the field to be installed. During the bootup, the router reports that it cannot allocate a Router ID, and it seems to report the network area commands as configuration errors (Figure 9.63). Worse, the OSPF commands are no longer in the running configuration. Figure 9.63. OSPF will not boot if it cannot find an active IP address for its Router ID. Cisco internetwork Operating 5iys or Software I OS it...

Case Study Virtual Links

Figure 9.89 shows an internetwork with a poorly designed backbone area. If the link between routers Hokusai and Hiroshige fails, the backbone will be partitioned. As a result, routers Sesshiu and Okyo will be unable to communicate with each other. If these two routers are ABRs to separate areas, inter-area traffic between those areas will also be blocked. Figure 9.89. A failure of the link between Hokusai and Hiroshige will partition the backbone area. Figure 9.89. A failure of the link between...

Route Redistribution

Principles of Redistribution Redistributing from Classless to Classful Protocols Case Study Redistributing IGRP and RIP Case Study Redistributing EIGRP and OSPF Case Study Redistribution and Route Summarization Case Study Redistributing IS-IS and RIP Case Study Redistributing Static Routes A router performs redistribution when it uses a routing protocol to advertise routes that were learned by some other means. Those other means may be another routing protocol, static routes, or a direct...

Chapter

1 What are the five layers of the TCP IP protocol suite What is the purpose of each layer A The five layers of the TCP IP protocol suite are the following The physical layer contains the protocols of the physical medium. The data link layer contains the protocols that control the physical layer How the medium is accessed and shared, how devices on the medium are identified, and how data is framed before being transmitted on the medium. The internet layercontains the protocols that define the...

Static Routing

An important observation from Chapter 2, TCP IP Review, is that the data link physical layers and the transport network layers, as defined by the OSI model, perform very similar duties They provide the means for conveying data from a source to a destination across some path. The difference is that the data link physical layers provide communications across a physical path, whereas the transport network layers provide communications across a logical or virtual path made up of a series of data...

CLV Fields

The variable-length fields following the PDU-specific fields are Code Length Value(CLV)m triplets, as shown in Figure 10.17. The Code is a number specifying the information content of the value field, the Length specifies the length of the Value field, and the Value field is the information itself. As the one-octet size of the Length field implies, the maximum size of the Value field is 255 octets. 17 The acronym CLV is not used in ISO 10589, but is used here for convenience. You are already...

Configuration Exercises

1 In the example of Figure 7.10, router Taos was configured to send both version 1 and version 2 updates so that the routed process in the Linux host Pojoaque would understand the updates from Taos. Is there another way to configure Taos besides using the ip rip send version command 2 An internetwork has been assigned the address 192.168.100.0. Subnet this address to meet the following requirements 3 Configure the four routers in Figure 7.29 to run RIP. RTC is running IOS 10.3 and for corporate...

Data Link Addresses

In a certain community in Colorado, two individuals are named Jeff Doyle. One Jeff Doyle frequently receives telephone calls for the person with whom he shares a name so much so that his clever wife has posted the correct number next to the phone to redirect errant callers to their desired destination. In other words, because two individuals cannot be uniquely identified, data is occasionally delivered incorrectly and a process must be implemented to correct the error. Among family, friends,...

Diffusing Computation Example

This example focuses only on Cayley and its route to subnet 10.1.7.0. In Figure 8.13, the link between Cayley and Wright (10.1.1.1) has failed. EIGRP interprets the failure as a link with an infinite distance.1101 Cayley checks its topology table for a feasible successor to 10.1.7.0 and finds none (refer to Figure 8.6). 101 An infinite distance is indicated by a delay of 0xFFFFFFFF, or 4294967295. Figure 8.13. The link between Wright and Cayley has failed, and Cayley does not have a feasible...

Extended IP Access Lists

Extended IP access lists provide far more flexibility in the specification of what is to be filtered. The basic format of the extended IP access list line is access-list access-list-number deny permit protocol source source-wildcard destination destinationwildcard precedence precedence tostos log Some of the features here are familiar, and some are new. access-list-number, for extended IP access lists, is between 100 and 199. protocol is a new variable that looks for a match in the protocol...

Figure 1012 This route table shows both level 1 and level 2 ISIS routes

Codes C canr.i.cTad, 3 Tatio, IGF , R RJ P, 1 mobile, EJ LSG-p 0 LlOR . l < EIGftP external, 0 OS f , 3a oSh irttor area lt osr1 external i, L2 os i ext n i type a, l lgp 1 IS IS, Li IS IS ieveL 1, L2 IS IS level 2, * candidate default iG.U.fi.fi is variably susnellea, fi spoilers, 3 riaski iG.U.fi.fi is variably susnellea, fi spoilers, 3 riaski 2 > 5.255.2& .e LE dlr Ctlyl COflil tOil 255.25 -255-0 115 301 via lfl.1.3.2 255,25S. 55.0 115 20 vis n.n.fl.fj. J55 .255.255.5 LS dlrc tlv...

Figure 1047 The L1 LSPs of London and Rome have ATT 1 indicating a connection to another area

IS IS Level 1 Link State Database LSPlii HSB0.aCBA.2AAS) . BB OW30.0CGA2C51 .0 a0ti0.0D0A.2C51.01 HSB0.JB )K. i75f> .aB The problem is that the ATT bit is a CLNS function, and the IP process cannot directly interpret the bit. There are two solutions to the problem. The first solution is to enable IS-IS for CLNS on the interfaces in addition to IS-IS for IP. For example, the serial interface configurations for London and Paris are ip address 10.1.255.6 255.255.255.252 ip router isis clns...

Figure 1050 The support of multiple area addresses per router eases area changes

Suppose that the powers that be over the internetwork in Figure 10.41 decree that the area addressing scheme being used is inappropriate and should become GOSIP compliant. After registering with the U.S. GSA, the following components are to be used to construct the NETs The new NETs are shown in Table 10.5. Table 10.5. The new GOSIP-format NETs to be assigned to the routers in Figure 10.41. The first step in changing the area addresses is to add the new NETs to the routers without changing the...

Figure 1058 This SPF log reveals instability in area 1 of Figure 1054

To further investigate instabilities revealed by the SPF log, three useful debug commands are available. Figures 10.59, 10.60, and 10.61 show output from these three debug functions. In each case, the debug messages show the results of disconnecting and reconnecting the serial interface of Zurich in Figure 10.54 from the perspective of Geneva. The first, debug isis spf-triggers (Figure 10.59), displays messages pertaining to events that trigger an SPF calculation. The second command is debug...

Figure 134 The filter at Traddles allows only the default route to be advertised to Barkis

RIP received v2 update from 192.16& .75.19 on Seriall RIP Sending v2 utJi to 22*.0.0.9 via Ethernet 192.168.75.33) 192.l68.75.fi4 27 > & .0.0.0, natric 2. tag 2 192.160.75.196 3B -> 8.0.0,0, metric tag 3 l -h2. 169. i 30 0.0.0.0, metric 1, tag B RIP sending v2 update to 22 . 0.0.9 via Serial (192.163.75,202) 2.160. fh.32.-2f > a.0.0.0, natric 1, tag C 192. 160.75.196 30 -> 0.0.0,0, metric 1t tag 2 192.160.75.204 30 -> 0.0.0,0, metric 27 tag 3 RIP sending v2 u n-.a to 25 .0.0.3...

Figure 142 Policy routing allows highpriority traffic from the Mongo System to be routed over the FDDI link while

Table 14.1 and table 14.2 show the match and set commands that can be used with redistribution, and table 14.3 and table 14.4 show the match and set commands that can be used with policy routing. Table 14.1. Match commands that can be used with redistribution. Table 14.1. Match commands that can be used with redistribution. match interface type number type number Matches routes that have their next hop out one of the interfaces specified. match ip address access-list-number name...

Figure 316 10151 matches the entry for 1010016 and will be forwarded to 10461

Codes c cMiiact& tfj a static, i i ip, Ft flip, t maulle, u l gp u - EiGhp, lx liuup external, y uspf , 1a OSPf inter area lt osPI external type t O-SHi eternal i2, L lap l It I . Ll IS IS level 1, L2 IS 13 level 2. - candidalc default I , , . lk variably subnetteO, 3 sublets, 2 *asKs C 10.4,6.0 255.255.255.0 LS dir& Ctly CCllrttCLCD. Si-TLail t is directly connected, Ethernet 193.138.1.0 255.255.255.22* is submitted, 1 subnets Figure 3.17 shows Tigger's route table. The destination...

Figure 322 Kangas ARP cache has an entry for Milne but the associated data link identifier is wrong

Kangaifshew a a Protocol A Jd.i.,s Internet Internet internet Internet Kanga* 172. 16,21 ,1 172.16,28,2 172.16,21,2 172.16.2fl.75 Another look at Kanga's ARP table reveals that the MAC identifier associated with Milne is suspiciously similar to the MAC identifier of Kanga's own Cisco interfaces (the MAC addresses with no ages associated with them are for the router's interfaces). Because Milne is not a Cisco product, the first three octets of its MAC identifier should be different from the...

Figure 36 Debugging verifies that the new route entries at Pooh are working correctly

IP s 192.16B.1.15 (Ethernets), J 1B.4.7.25 (Seriate , g l92,163.1.6B, forward I 10.4.7.25 (Sitr i.ilftj , C 1 Li2 . 1 ( . 1 .1 Lj (Ethernet ), (J 192.1GS.115, forward IP 192-iga. 1.1 s (Ethernet), J ti).4.7.ifM) (seriaii), y 192.163.1.34, forward IP 10.4.7.100 (Sarialo), d l92.160.1.15 (Ethernet ), g l9 .lG& .l.15, forward Next a packet is sent from host 192.168.1.15 to host 10.4.7.100. Packets destined for any host on 10.0.0.0 subnets, other than host 10.4.7.25, should be routed across the...

Figure 62 LeHand advertises subnet 192168219226 to Tully as an internal route Network 19216830 is advertised to Tully

However, the local network for LeHand and Thompson is 192.168.3.0. LeHand is the boundary router between major networks 192.168.2.0 and 192.168.3.0, so 192.168.2.0 will be advertised to Thompson as a system route. Likewise, 192.168.3.0 is advertised to Tully as a system route. 192.168.1.0 is a network in another autonomous system, and LeHand has been configured to advertise that network address as a default route. 192.168.1.0 will therefore be advertised to both Thompson and Tully as an...

Figure 718 Although the RIPv2 update from Taos includes all subnets in the internetwork the RIPvl update includes only

Hif sending vl update in 255,255.255,255 via Ethernets (172,25,150,133) RIP sanding v2 update to 224.9.0.9 via LlhenielC (172.25.150.193) 1 72 .25. 1 50 . 4K2 ii > 3. H . 0 . 0 , r.C'.i - 1C 3, I ag B 172.25.153.123 20 > 8.0,0.0, netric 3, tag e 172.25.150.192 20 > B.0.0.0, *9tric 1. tag 0 172.25.150.224 20 > B.0,0.0, 9trie 1. tag 0 172.25.150.240 30 > B.0.0.0, 9trie 2. tag 0 172.25.150.244 30 > B.0.0.0, Metric 2, tag HI 172.25.150.248 30 > B.0.0.0, BStrlC 2, tag HI 172.25.150.252...

Figure 722 Host Cs ARP cache shows the correct MAC address associated with all addresses

1T2 . 1ft. 35 -112 172 .1C-. 35.1 172.10,35.33 172.19.35.2 172.1ft.35 .3 172 .1 . 35 .il 172.IE,35,21 Zufll - Figure 7.23. Host B's ARP cache shows that C's IP address is mapped to the MAC address of San_Felipe's Figure 7.23. Host B's ARP cache shows that C's IP address is mapped to the MAC address of San_Felipe's CKopyrioht Microsoft ' rji 1981-1995. CKopyrioht Microsoft ' rji 1981-1995. Inter fact 172,19,35.33 1 r . L fit TL v. 1 -.12 , -1 IT .15.35.1 112,19.35.3 171.ig.3S.73 . . 19.35.91 171...

Figure 77 The RIPv2 authentication information when configured is carried in the first route entry space

Multiple fields, up to a maximum of 24 Multiple fields, up to a maximum of 24 Simple password authentication for RIPv2 is in plain text. Figure 7.8 shows an analyzer capture of a RIPv2 message with authentication. The figure also shows a difficulty with the default RIP authentication The password is transmitted in plain text. Anyone who can capture a packet containing a RIPv2 update message can read the authentication password. Figure 7.8. When simple password authentication is used, the...

Figure 831 The IP External Routes TLV

Originaiing Autonomous System Number 'This field is variable. If it is less than or more than three octets, the TLV will be padded with zeros to the next four-octet boundary. For example, if the deslination address is 10,1, ihe Destination field win be two octeis and will be loiiowed with a pad ol 0x00. il the address is 192.iea.1S.64, Ihe Destinalion lield will be four octets and will be followed with a pad of OxOOOOOO. An external route is a path that leads to a destination outside of the...

Figure 84 The topology table of router Langley

Langley 5*10w ip eiyrp topology IP-EIGRP Topology Table for process 1 Codes P - Passive, A - Active, U - Update, Q - Ouery, R - Reply r - Reply status P 10.1.3,0 24, 1 successors, FD is 512 via Connected, Serial P 10.1.2.0 24, 1 successors, FD is 76fl via 10.1.3,1 (763 25S), Serial via 10.1 .5,2 12B0 256), Seriall P 10.1.1,0 24, 1 successor FD is 7fifl via 10.1.3,1 (763 25S), Senalfl via 10.1.5.2 1536 512 , Seriall P 10.1.7.0 24, 1 successors, FD is 256 via Connected, Ethernet P 10.1.6.0 24, 1...

Figure 88 Several of the subnets reachable from Chanute have only one feasible successor

IP -EIGRP Topology Table for process 1 Codes P - Passive, A Active, U - Update, Q - Query, A Reply r - Reply status P 10,1.3.0 24, 1 successors, FD is 766 via 10,1.2.1 (768 512), Ethernet via 10.1.5,1 (1536 512), Serial P 10,1.2.0 24, 1 successors, FD is 256 via Connected, Ethernet P 10.1,1.0 24, 1 successors, FD is 512 via 10.1.2.1 (512 256), Ethernet*) P 10.1.7.0 24, 1 successors, FD is 1024 via 10.1.2.1 (1024 768), Ethernet via 10-1-5-1 (1280 256), Serial P 10,1.6.0 24, 1 successors, FD is...

Figure 929 The Router LSA describes all of a routers interfaces

Rouler ID 192.ieg.3Q.10 Number of Links - 3 Link r Description Link 2 Description Link 3 Description Link 1 Description Link 2 Description Rouler 10 192.168.30.10 Number of Links - 3 Link T Description Link 2 Description Link 3 Description Figure 9.30. The command show ip ospf database router displays Router LSAs from the link state Honerftshaw ip aspl (JaiaGasir router 192.160.30.10 OSpf Router with id (192.168.30,5 ) eProcess id ij Link cuiinoct cl To another HeuLe - (point-to-point) jLmii...

Figure 954 The Ospf Lsa header

Age is the time, in seconds, since the LSA was originated. As the LSA is flooded, the age is incremented by InfTransDelay seconds at each router interface it exits. The age is also incremented in seconds as it resides in a link state database. Options is described in The Options Field. In the LSA header, the Options field specifies the optional capabilities supported by the portion of the OSPF domain described by the LSA. Type is the LSA type. The type codes are shown in Table 9.4. Link State...

Figure 967 The MAC identifier of the DNS server is recorded in Matisses ARP cache indicating that the server can be

Because the DNS server must send replies to network addresses different than its own, it will send the replies to Dali for routing. Dali is not exchanging routing information with Matisse, so it does not know how to reach the networks within the OSPF autonomous system. So the one step needed to close the circuit is to tell Dali how to reach the OSPF networks. This is easily done with a static route Dali(config) ip route 192.168.0.0 255.255.0.0 172.19.35.15 Note that static routes are classless,...

From Pooh fail

Pinning 10,1,5,1 j.'itii L ytes j data Rorily fi*oitt 10.1.5.1 bytes 32 time 22 til 253 Fieply rrom 10.1 ,5.1 bytes 32 t l ac 12* TiL 253 Kcply froiH 10.1 .5.1 by les 32 Urne 22ns SL-25 i Reply I'-CJr 10.1.5.1 bytflS 32 time 22BS TTL 253 tending 5, bytfl 1CMP ECH06Cl10ft3 to 10.1.5,1, tifflftOut IS 2 S COnflS Success rate is S pci'Mrit (e 5) Pooh* Addressing this problem requires tracing the route of the ping. First, Pooh's route table is examined (Figure 3.15). The destination address of...

Hexadecimal

Although the address mask must be specified to Cisco routers in dotted decimal, using the command shown previously, the mask may be displayed by various show commands in any of the three formats by using the command ip netmask-format dec hex bit in line configuration mode. For example, to configure a router to display its masks in bitcount format, use Gladys(config) line vty 0 4 Gladys(config-line) ip netmask-format bit As established in the previous section, subnet bits cannot be all zeros or...

Implicit Deny

What happens if a packet drops through all the filters and a match never occurs The router has to know what to do with a packet in this situation that is, there must be a default action. The default action could be either to permit all packets that don't match or to deny them. Cisco chose to deny them Any packet that is referred to an access list and does not find a match is automatically dropped. This approach is the correct engineering choice, particularly if the access list is being used for...

Info

An important distinction to remember when working with IP addresses is that dotted decimal is just an easy way for humans to read and write IP addresses. Always remember that the router is not reading an address in terms of four octets rather, the router sees a 32-bit binary string. Many pitfalls can be avoided by keeping this fact firmly in mind. Probably the most distinctive characteristic of IP addresses is that unlike other network-level addresses, the network and host portions can vary in...

Inter Domain Routing Protocol Information CLV

The Inter-Domain Routing Protocol Information CLV (Figure 10.35) allows L2 LSPs to transparently carry information from external routing protocols through the IS-IS domain. The CLV serves the same purpose as the Route Tag fields of RIPv2, EIGRP, and OSPF packets. Route tagging is covered in Chapter 14, Route Maps. Figure 10.35. The Inter-Domain Routing Protocol Information CLV. Figure 10.35. The Inter-Domain Routing Protocol Information CLV. Inter-Domain Information Type specifies the type of...

IPSpecific TLV Fields

Each Internal and External Routes TLV contains one route entry. Every Update, Query, and Reply packet contains at least one Routes TLV. The Internal and External Routes TLVs include metric information for the route. As noted earlier, the metrics used by EIGRP are the same metrics used by IGRP, although scaled by 256, and are discussed in more detail along with the calculation of the composite metric in Chapter 6. An internal route is a path to a destination within the EIGRP autonomous system....

ISIS network types Neighbors and Adjacencies

IS-IS routers discover neighbors and form adjacencies by exchanging IS-IS Hello PDUs. Hellos are transmitted every 10 seconds, and on Cisco routers this interval can be changed on a per interface basis with the command isis hello-interval. Although IS-IS Hellos are slightly different for broadcast and point-to-point subnetworks, the Hellos include the same essential information, described in the section IS-IS PDU Formats. An IS-IS router uses its Hello PDUs to identify itself and its...

Knowledge of all subnets

Codesi C - connected, S - static, I - IGKfj K - RIP, H - mobilej E - BGP t - ET P.P, EK - EIGP.P external, 0 - QSf , Tft - QStE inter Hi - (JSPf H5& A sterna typo 1, B.2 - OSff JJ5SA xternal typo Z El - GSfF external type- El - QSPF internal type i, E - EGt i - IS-IS, II - IS -IS level-1, L2 - IS-IS l vel-Sr ' - (TimdJjdKte default U - pei-uiei aCatlc route, o - ODE C IBS. 163.1.0 2i 13 dlrcctly connictod, Ethernet o E 192.153.3.0 24 iiivsaj vi* is .iis.3.33, GQtlTjj , sthemfto 192,168.3,0...

Link 10 Link Dala

Link State ID for router LSAs is the originating router's Router ID. V, or Virtual Link Endpoint bit, is set to one when the originating router is an endpoint of one or more fully adjacent virtual links having the described area as the transit area. E, or External bit, is set to one when the originating router is an ASBR. B, or Border bit, is set to one when the originating router is an ABR. Number of Links specifies the number of router links the LSA describes. The router LSA must describe all...

Link state database by area and by LSA type

Homor sh.ow iu cs f tlut-iftasc database stmmary DSr1 - Router uitn ID U92.1G0-30.5QJ (Process IG ' > Area U Kiijutof Nstwork Sum Het Sun ASUH Subtotal Delete r,'a> itfc AS- External 56 P it As mentioned earlier in Reliable Flooding Sequencing, Checksums, and Aging, the LSAs are aged as they reside in the link state database. If they reach MaxAge (1 hour), they are flushed from the OSPF domain. The implication here is that there must be a mechanism for preventing legitimate LSAs from...

Link State Flooding

After the adjacencies are established, the routers may begin sending out LSAs. As the term flooding implies, the advertisements are sent to every neighbor. In turn, each received LSA is copied and forwarded to every neighbor except the one that sent the LSA. This process is the source of one of link state's advantages over distance vector. LSAs are forwarded almost immediately, whereas distance vector must run its algorithm and update its route table before routing updates, even the triggered...

Link State It 172161210 summary Network Numtaer Advertising Houter 1921B830G LS SiiiJ Numncr CheckSUA 0xE864 Length 28

When an ABR originates a Network Summary LSA, it includes the cost from itself to the destination the LSA is advertising. The ABR will originate only a single Network Summary LSA for each destination even if it knows of multiple routes to the destination. Therefore, if an ABR knows of multiple routes to a destination within its own attached area, it originates a single Network Summary LSA into the backbone with the lowest cost of the multiple routes. Likewise, if an ABR receives multiple...

Lollipop Shaped Sequence Number Spaces

This whimsically-named construct was proposed by Dr. Radia Perlman 9 . Lollipop-shaped sequence number spaces are a hybrid of linear and circular sequence number spaces if you think about it, a lollipop has a linear component and a circular component. The problem with circular spaces is that there is no number less than all other numbers. The problem with linear spaces is that they are well not circular. That is, their set of sequence numbers is finite. 9 R. Perlman.Fault-Tolerant Broadcasting...

LSA Types

Because of the multiple router types defined by OSPF, multiple types of LSA are also necessary. For example, a DR must advertise the multi-access link and all the routers attached to the link. Other router types would not advertise this type of information. Both Figure 9.27 and Figure 9.28 show that there are multiple types of LSA. Each type describes a different aspect of an OSPF internetwork. Table 9.4 lists the LSA types and the type codes that identify them. Router LSAs are produced by...

Multiple entries up to a maximum of 104

Opcode will be one for an IGRP Request packet and two for an IGRP Update packet. A Request packet consists of a header with no entries. Edition is incremented by the sender of an update whenever there is a change of routing information. The edition number helps the router avoid accepting an old update that arrives after the newer update. Autonomous System Number is, more accurately, the ID number of the IGRP process. This tag allows multiple IGRP processes to exchange information over a common...

Neighbor Discovery Recovery

Because EIGRP updates are nonperiodic, it is especially important to have a process whereby neighbors EIGRP-speaking routers on directly connected networks are discovered and tracked. On most networks, Hellos are multicast every 5 seconds, minus a small random time to prevent synchronization. On multipoint X.25, Frame Relay, and ATM interfaces, with access link speeds of T1 or slower, Hellos are unicast every 60 seconds.121 This longer Hello interval is also the default for ATM SVCs and for...

Note

Addressing capabilities of EIGRP compared to IGRP The aggregate addresses of the engines, electrical, and hydraulics departments are themselves aggregated into a single address, 192.168.16.0 21. That address and the aggregate address of the airframe department are aggregated into the single address 192.168.16.0 20, which represents the entire engineering division. Other divisions may be similarly represented. For example, if Treetop Aviation has a total of eight divisions and if those divisions...

Nwtrlc [K1eWl3RPmfcl K2 BWlGftPW26W0A0H K30LYlQfl Pwm REUAffl LnrYM

Where BWIGRP(min) is the minimum BWIGRP of all the outgoing interfaces along the route to the destination and DLYiGRP(sum) is the total DLYigrp of the route. The values k1 through k5 are configurable weights their default values are k1 k3 1 and k2 k4 k5 0. These defaults can be changed with the command metric weights tos k1 k2 k3 k4 k5 3 If k5 is set to zero, the k5 (RELIABILITY+k4) term is not used. Given the default values for k1 through k5, the composite metric calculation used by IGRP...

Operation of IGRP

From a high-altitude view, IGRP shares many operational characteristics with RIP. It is a classful distance vector protocol that periodically broadcasts its entire routing table with the exception of routes suppressed by split horizon to all its neighbors. Like RIP, IGRP broadcasts a request packet out all IGRP-enabled interfaces upon startup and performs a sanity check on received updates to verify that the source address of the packet belongs to the same subnet on which the update was...

Operation of Integrated ISIS

The ISO often uses different terms than the IETF to describe the same entities, a fact that can sometimes cause confusion. ISO terms are introduced and defined in this section, but in most cases the more familiar IETF terminology used throughout the rest of this book is used in this chapter. 7 Some ISO terms are so fundamental that they should be discussed before getting into any specifics of the IS-IS protocol. 7 The temptation to use the ISO European spelling of certain common terms such as...

OSPF A outer with 10 19Z1633050 Process tt i

Lmk State ID 1B.S3.10.0 (External Network Nuntifir ) uetric Type 1 Cofepardble directly to link state metric) Group Membership LSAs are used in an enhancement of OSPF known as Multicast OSPF (MOSPF). 15 MOSPF routes packets from a single source to multiple destinations, or group members, which share a class D multicast address. Although Cisco supports other multicast routing protocols, MOSPF is not supported as of this writing. For this reason, neither MOSPF nor the Group Membership LSA is...

OSPF Packet Formats

The OSPF packet consists of multiple encapsulations, and deconstructing one is like peeling an onion. As shown in Figure 9.46, the outside of the onion is the IP header. Cisco's maximum OSPF packet size is 1500 octets. Encapsulated within the IP header is one of five OSPF packet types. Each packet type begins with an OSPF packet header, whose format is the same for all packet types. The OSPF packet data following the header varies according to the packet type. Each packet type will have a...

Rcrf

Table 4.2 shows a generic link state database for the internetwork of Figure 4.11, a copy of which is stored in every router. As you read through this database, you will see that it completely describes the internetwork. Now it is possible to compute a tree that describes the shortest path to each router by running the SPF algorithm. Table 4.2. The topological database for the internetwork in Figure 4.11. Table 4.2. The topological database for the internetwork in Figure 4.11.

Review Questions

3 What are the five OSPF packet types What is the purpose of each type 4 What is an LSA How does an LSA differ from an OSPF Update packet 5 What are LSA types 1 to 5 and LSA type 7 What is the purpose of each type 6 What is a link state database What is link state database synchronization 7 What is the default Hellolnterval 8 What is the default RouterDeadInterval 9 What is a Router ID How is a Router ID determined 11 What is the significance of area 0 13 What are the four OSPF router types 14...

RIP Message Format

The RIP message format is shown in Figure 5.3. Each message contains a command and a version number and can contain entries for up to 25 routes. Each route entry includes an address family identifier, the IP address reachable by the route, and the hop count for the route. If a router must send an update with more than 25 entries, multiple RIP messages must be produced. Note that the initial portion of the message is four octets, and each route entry is 20 octets. Therefore the maximum message...

RIP Timers and Stability Features

After startup, the router gratuitously sends a Response message out every RIP-enabled interface every 30 seconds, on average. The Response message, or update, contains the router's full routing table with the exception of entries suppressed by the split horizon rule. The update timer initiating this periodic update includes a random variable to prevent table synchronization.161 As a result, the time between individual updates from a typical RIP process may be from 25 to 35 seconds. The specific...

RIPv2 Message Format

The RIPv2 message format is shown in Figure 7.1 the basic structure is the same as for RIPv1. All the extensions to the original protocol are carried within what were unused fields. Like version 1, RIPv2 updates can contain entries for up to 25 routes. Also like version 1, RIPv2 operates from UDP port 520 and has a maximum datagram size (with an eight-byte UDP header) of 512 octets. Figure 7.1. RIPv2 takes advantage of the unused fields of the version 1 message so that the extensions do Figure...

Router is an L1L2 router

Ai'itterrianpshtMi ltis dii iiliase is is Lnv l-1 Link State Database LiPf LSP Sep Num LSP Checksum LSP Holdtlne ATT P OL fleow.acB . KX0.& 0 oeott.0c i .5 i7c.0G at) QOO0.QC76.5B7C.03 B The three LSPs indicate that Amsterdam's only L1 adjacency is with Brussels. This single adjacency is expected because Brussels is the only other router in area 2. Comparing Amsterdam's L2 database with the System IDs in Table 10.4 reveals that Amsterdam has an L2 adjacency with every router in the IS-IS...

Router Types

Routers, like traffic, can be categorized in relation to areas. All OSPF routers will be one of four router types, as shown in Figure 9.21. Figure 9.21. All OSPF routers can be classified as an Internal Router, a Backbone Router, an Area Border Router (ABR), or an Autonomous System Boundary Router (ASBR). Note that any of the first three router Figure 9.21. All OSPF routers can be classified as an Internal Router, a Backbone Router, an Area Border Router (ABR), or an Autonomous System Boundary...

Routers all of area 2 is ineligible to be a stub area

The RIP speaker does not need to learn routes from OSPF a default route pointing to the area 2 router is all it needs. But all OSPF routers must know about the networks attached to the RIP router to route packets to them. Not-so-stubby areas(NSSAs) 17 allow external routes to be advertised into the OSPF autonomous system while retaining the characteristics of a stub area to the rest of the autonomous system. To do this, the ASBR in an NSSA will originate type 7 LSAs to advertise the external...

Routing Protocol Basics

All dynamic routing protocols are built around an algorithm. Generally, an algorithm is a step-by-step procedure for solving a problem. A routing algorithm must, at a minimum, specify the following A procedure for passing reachability information about networks to other routers. A procedure for receiving reachability information from other routers A procedure for determining optimal routes based on the reachability information it has and for recording this information in a route table A...

Routing TCPIP

CCIE Professional Development Routing TCP IP, Volume I Copyright 1998 by Macmillan Technical Publishing Cisco Press logo is a trademark of Cisco Systems, Inc. All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the publisher, except for the inclusion of brief quotations in a review. Printed in the...

Rtd

Router rip network 192.168.3.0 neighbor 192.168.3.1 3 The bandwidth of the serial link between RTC and RTD in A The update time applies to the entire RIP process. If the update time is changed for the serial link, it will also be changed for the router's other links. That, in turn, means that the timers must be changed on the neighboring routers, which means those neighbors' neighbors must be changed, and so on. The cascade effect of changing the update timer on a single router means that the...

Ruth is now routing to 19216810 through Combs

Cod* 3 C - connected, - stiiticr I - IGf P, R. - RIP, M - mobile, E - BGP D - EIGEP, EX - EIiSP external, G - OSPF, Ii - CSPF inLes area El - KPr intima typt- Jlr - CSPI1 **tc-rn(iJL Cypf Z, E - EGP i- IS-IS, Li - IE-IS leve 1-1, Li - IS-IS leve 1-2, 4 - candidate default (J - psr-UTcr ntiitic Ccu.tc ft 192.163.1.d S 12D 1 YX4 l92.1fiS.6.2, Od DD 23, StzlolO I 1DUA S161 vi* & I. 56.5.ir COiO(J 22r Seriall r 152.i 8.3.0 24 1dd 12 t6j v a j.52. i .5 .1, coio , Serlaii r i& .i s.4.0 24 i ld...

Summary Table Chapter 10 Command Review

Configures IS-IS area (level 1) authentication. Displays details of events triggering an IS-IS SPF calculation. Displays information about SNPs sent and received by the router. Displays statistical information about IS-IS SPF calculations. Displays events that trigger IS-IS SPF calculations. Displays information about LSPs, CSNPs, and PSNPs sent and received by the router. default-information originate routemap map-name Generates a default IP route into an IS-IS domain. Configures IS-IS domain...

Summary Table Chapter 11 Command Review

Default-metric bandwidth delay reliability load mtu Specifies a default metric to be associated with routes redistributed into IGRP and EIGRP. Specifies a default metric to be associated with routes redistributed into RIP and OSPF. ip summary-address eigrpautonomous-system-number address mask Configures an EIGRP summary route on an interface. Redistributes all directly connected networks. redistributeprotocol process-id level-1 level-1-2 level-2 metric metric-value metric-type type-value match...

Summary Table Chapter 12 Command Review

Default-information originate always metric metric-value metric-type type-value level-1 level-1-2 level-2 route-map map-name Generates a default route into OSPF and IS-IS routing domains. Enables classless route lookups so that the router can forward packets to unknown subnets of directly Specifies a network as a candidate route when determining the gateway of last resort. ip route prefix mask address interface distance tag teg permanent

Summary Table Chapter 13 Command Review

Access-list access-list-number deny permit source source-wildcard Defines a line of a standard IP access list. distance weight address mask access-list-numberjname Defines an administrative distance other than the default. distance eigrp internal-distance external-distance Defines the administrative distances other than the default of internal and external EIGRP routes. distribute-list access-list-numbei name in interface-name Filters the routes in incoming updates. distribute-list...

Summary Table Chapter 14 Command Review

Access-list access-list-number denyjpermit source source-wildcard Defines a line of a standard IP access list. access-list access-list-number denyjpermit protocol source source-wildcard destination destination-wildcard precedence precedence tos tos log Defines a line of an extended IP access list. Defines a policy route for packets originated by the router itself. Defines a policy route for packets transiting the router. match interface type number type number Matches routes that have their...

Summary Table Chapter 2 Command Review

Statically maps an IP address type alias to a hardware address Sets the amount of time a Cisco router holds ARP entries Forces the deletion of all dynamic entries from the ARP table Displays ICMP events as they occur on the router. Assigns an IP address and secondary mask to an interface Configures a router to display IP (address, mask) pairs in bitcount, dotted-decimal, or hexadecimal format

Summary Table Chapter 5 Command Review

Summarizes RIP traffic to and from the router ip address ip-address mask secondary Configures an interface with the indicated ip address as a secondary address Establishes the link indicated by the ip address as a neighbor of the interface Specifies the indicated network as one that will run RIP offset-list access-list-number name in out offset type number Stipulates that a route entry belonging to the indicated access list will have the indicated offset number added to its metric Sets an...

Summary Table Chapter 9 Command Review

Area area-id authentication message-digest Enables type 1 or type 2 authentication for an area. Specifies a cost for the default route sent into a stub area by an ABR. area area-id nssa Configures an area as not-so-stubby (NSSA). Summarizes addresses into or out of an area. Configures an area as a stub or totally stubby area. Defines a virtual link between ABRs. Shows the events involved in the building or breaking of an OSPF adjacency. Assigns a password to an OSPF interface for use with type...

Summary Table Chapter 3 Command Review

Statically maps an IP type alias address to a hardware address. Displays information on IP packets received, generated, and forwarded. Information on fast-switched packets will not be displayed. ip route prefix mask address interface distance permanent Statically adds a route entry to the route table. Configures the type of switching cache an interface will use.

Summary Table Chapter 8 Command Review

Accept-lifetime start-time infimte end-time duration seconds Specifies the time period during which the authentication key on a key chain is received as valid. Enables automatic summarization at network boundaries. This command is enabled by default. Specifies the bandwidth parameter, in kilobits per second, on an interface. debug ip eigrp neighbor process-id address Adds a filter to the debug eigrp packets command, telling it to display only IP packets for the indicated process and neighbor....

SystemID Network Entity Titles

Even when IS-IS is used to route only TCP IP, IS-IS is still an ISO CLNP protocol. Consequently, the packets by which IS-IS communicates with its peers are CLNS PDUs, which in turn means that even in an IP-only environment, an IS-IS router must have an ISO address. The ISO address is a network address, known as Network Entity Title (NET), described in ISO 8348. 10 The length of a NET can range from 8 to 20 octets the NET describes both the Area ID and the System ID of a device, as shown in...

TCP Access Lists

The format for an extended access list line that examines a TCP segment is access-list access-list-number deny permit tcp source source-wildcard operatorport port destination destination-wildcard operatorport port established precedence precedence tostos log Notice that the protocol variable is tcp. Probably the most significant feature here is that the access list can examine the source and destination port numbers in the TCP segment header. As a result, you have the option of filtering...

The Autonomous System External LSA

Autonomous System External LSAs (Figure 9.58) are originated by ASBRs. These LSAs are used to advertise destinations external to the OSPF autonomous system, including default routes to external destinations, and are flooded into all nonstub areas of the OSPF domain. The command show ip ospf database external is used to display AS External LSAs (Figure 9.38). Figure 9.58. The OSPF Autonomous System External LSA. Figure 9.58. The OSPF Autonomous System External LSA. Link State ID for AS External...

The Database Description Packet

The Database Description packet (Figure 9.50) is used when an adjacency is being established (see Building an Adjacency, earlier in this chapter). The primary purpose of the DD packet is to describe some or all of the LSAs in the originator's database so that the receiver can determine whether it has a matching LSA in its own database. This is done by listing only the headers of the LSAs. Because multiple DD packets may be exchanged during this process, flags are included for managing the...

The ISIS Sequence Numbers PDU Format

SNPs are used to maintain the IS-IS link state database by describing some or all of the LSPs in the database. A DR periodically multicasts a CSNP (Figure 10.36) to describe all the LSPs in the pseudonode's database. Because there is an L1 database and an L2 database, CSNPs are also either L1 or L2. Some link state databases can be so large that the LSPs cannot all be described in a single CSNP. For this reason, the last two fields of the CSNP header are the Start LSP ID field and the End LSP...

The Link State Acknowledgment Packet

Link State Acknowledgment packets are used to make the flooding of LSAs reliable. Each LSA received by a router from a neighbor must be explicitly acknowledged in a Link State Acknowledgment packet. The LSA being acknowledged is identified by including its header in the LS ACK packet, and multiple LSAs may be acknowledged in a single packet. As Figure 9.53 shows, the LS ACK packet consists of nothing more than an OSPF packet header and a list of LSA headers. Figure 9.53. The OSPF Link State...

The Link State Database

In addition to flooding LSAs and discovering neighbors, a third major task of the link state routing protocol is establishing the link state database. The link state or topological database stores the LSAs as a series of records. Although a sequence number and age and possibly other information are included in the LSA, these variables exist mainly to manage the flooding process. The important information for the shortest path determination process is the advertising router's ID, its attached...

The Link State Request Packet

As Database Description packets are received during the database synchronization process, a router will take note of any listed LSAs that are not in its database or are more recent than its own LSA. These LSAs are recorded in the Link State Request list. The router will then send one or more Link State Request packets (Figure 9.51) asking the neighbor for its copy of the LSA. Note that the packet uniquely identifies the LSA by Type, ID, and advertising router fields of its header, but it does...

The Neighbor State Machine

An OSPF router will transition a neighbor (as described in the neighbor data structure) through several states before the neighbor is considered fully adjacent. The initial state of a neighbor conversation indicates that no Hellos have been heard from the neighbor in the last RouterDeadInterval. Hellos are not sent to down neighbors unless those neighbors are on NBMA networks in this case, Hellos are sent every PollInterval. If a neighbor transitions to the Down state from some higher state,...

The NSSA External LSA

NSSA External LSAs are originated by ASBRs within an NSSA (not-so-stubby area). All fields of the NSSA External LSA (Figure 9.59) are identical to an AS External LSA's fields, with the exception of the Forwarding Address field. Unlike AS External LSAs, which are flooded throughout an OSPF autonomous system, NSSA external LSAs are flooded only within the not-so-stubby area in which it was originated. The command show ip ospf database nssa-external is used to display NSSA External LSAs (Figure...

The Options Field

The Options field (Figure 9.60) is present in every Hello and Database Description packet and in every LSA. The Options field allows routers to communicate their optional capabilities to other routers. Figure 9.60. The OSPF Options field. Figure 9.60. The OSPF Options field. The asterisk, *, indicates an unused bit, normally set to zero. DC is set when the originating router is capable of supporting OSPF over demand circuits. EA is set when the originating router is capable of receiving and...

The Packet Header

All OSPF packets begin with a 24-octet header, as shown in Figure 9.48. Figure 9.48. The OSPF packet header. Figure 9.48. The OSPF packet header. Version is the OSPF version number. As of this writing, the most recent OSPF version number is 2. Type specifies the packet type following the header. Table 9.7 lists the five packet types by the number appearing in the Type field. Packet length is the length of the OSPF packet, in octets, including the header. Router ID is the ID of the originating...

Then reconnecting a neighbors ethernet interface

L'i-J arijAccncy it'M debusing is or OSPF Kir* htllc tin 172.20.1.2 area 2a fro StrialO 1 2.20.1 2 h -.I -.1 I -T 1 .- JI L'H'1 hellu tr ii 1iV Li 0.1 artJi is fi'M Ethcmrtt 10.8,1.2 L' -t Cannot frurielf ir Mi H j fro* 10.3.0. 1 Oi Ethernet , itltc IH WSPF -, ADJCIIG Process U Mtw 10.3 0. I m Ethernet 0 hr-.- u, . to IN1T, l Hay Neighbor change Ev-ent interface EllnrnetO OSPF SM election , ( ftheriwtO OSW Elect 80 LVi. .k) OSPF l lest DR 1 2.2 .I.b Dfl 1 t .20.1 .S (Id) BUR i I > L' 'l t nd...

Troubleshooting Exercises

1 A router is configured to redistribute between EIGRP and IGRP, as follows router eigrp 15 network 192.168.5.0 no auto-summary metric weights 0 1 1 0 1 1 router igrp 5 network 172.16.0.0 metric weights 0 0 0 1 1 1 The routers in the EIGRP domain are not learning routes into the IGRP domain, and routers in the IGRP domain are not learning routes into the EIGRP domain. What is wrong 2 Table 8.6 shows the values displayed in the show interface command for every interface in Figure 8.58. Which...