Access List Monitoring and Accounting

It is useful to be able to examine an access list, or even all access lists, without having to display the entire router configuration file. The command show ip access-list displays an abbreviated syntax of all IP access lists on the router. If a specific access list is to be observed, the list may be specified by name or number (Figure B.15). If you leave off the ip keyword (show access-list), all access lists will be displayed. Figure B.15. The show ip access-list command displays an...

Access List Types

The actual configuration lines for the access list shown graphically on the right of ,Figure B.4 are access-list 9 deny 10.23.147.0 0.0.0.255 access-list 9 permit 10.0.0.0 0.255.255.255 Every filter layer of an access list is represented by one configuration line. The various components of an access list line are discussed shortly, but for now notice the number 9 in both lines. This number is the access list number, and it serves two purposes It links all the lines of this list together and...

Administrative Distances

The diversity of metrics presents another problem If a router is running more than one routing protocol and learns a route to the same destination from each of the protocols, which route should be selected Each protocol uses its own metric scheme to define the best route. Comparing routes with different metrics, such as cost and hop count, is like comparing apples and oranges. The answer to the problem is administrative distances. Just as metrics are assigned to routes so that the most...

Been translated into type 5 LSAs by Goya 192168503

Type 7 AS External Link Stales (Area 192.166.10,O) Type 7 AS External Link Stales (Area 192.166.10,O) Several configuration options are available for the ABR. First, the no-summary option can be used with the area nssa command to block the flooding of type 3 and type 4 LSAs into the NSSA. To turn area 192.168.10.0 into a somewhat schizophrenically named totally stubby not-so-stubby area, Goya's configuration would be router ospf 30 network 192.168.20.0 0.0.0.3 area 0 network 192.168.10.0...

Bicycles with Motors

One of the difficulties of decentralized computing is that it isolates users from one another and from the data and applications they may need to use in common. When a file is created, how is it shared with Tom, Dick, and Harriet down the hall The early solution to this was the storied SneakerNet Put the file on floppy disks and hand carry them to the necessary destinations. But what happens when Tom, Dick, and Harriet modify their copies of the file How does one ensure that all information in...

Case Study A Basic Eigrp Configuration

Like IGRP, EIGRP requires only two steps to begin the routing process 1. Enable EIGRP with the command router eigrp process-id. 2. Specify each major network on which to run EIGRP with the network command. The process ID may be any number between 1 and 65535 (0 is not allowed), and it may be arbitrarily chosen by the network administrator, as long as it is the same for all EIGRP processes in all routers that must share information. Alternatively, the number may be an InterNIC-assigned...

Case Study A Basic OSPF Configuration

The three steps necessary to begin a basic OSPF process are 1. Determine the area to which each router interface will be attached. 2. Enable OSPF with the command router ospfprocess-id. 3. Specify the interfaces on which to run OSPF, and their areas, with the network area command. Unlike the process ID associated with IGRP and EIGRP, the OSPF process ID is not an autonomous system number. The process ID can be any positive integer and has no significance outside the router on which it is...

Case Study A Basic RIPv2 Configuration

By default, a RIP process configured on a Cisco router sends only RIPvl messages but listens to both RIPvl and RIPv2. This default is changed with the version command, as in the following example network 172.25.0.0 network 192.168.50.0 In this mode, the router sends and receives only RIPv2 messages. Likewise, the router can be configured to send and receive only RIPvl messages network 172.25.0.0 network 192.168.50.0 The default behavior can be restored by entering the c ommand no version in...

Case Study A Protocol Migration

The distance command, when used without any optional parameters, specifies the administrative distance to be assigned to routes learned from a particular routing protocol. On first consideration, this action may not seem to be a route filtering function, but it is. When multiple routing protocols are running, routes are accepted or rejected based on their administrative distances. The internetwork in Figure 13.7 is running RIP, and there is a plan to convert to EIGRP. Several methods exist for...

Case Study Authentication

OSPF packets can be authenticated to prevent inadvertent or intentional introduction of bad routing information. Table 9.8 lists the types of authentication available. Null authentication (type 0), which means no authentication information is included in the packet header, is the default. Authentication using simple clear-text passwords (type 1) or MD5 cryptographic checksums (type 2) can be configured. When authentication is configured, it must be configured for an entire area. If increased...

Case Study Configuring Unicast Updates

Next, router Bea is added to the Ethernet link that Andy and Floyd share (Figure 5.11). The no-RIP policy between Andy and Floyd remains in place, but now Bea and Andy, as well as Bea and Floyd, must exchange RIP advertisements. Figure 5.11. No RIP updates should be exchanged between Andy and Floyd, but both should exchange Figure 5.11. No RIP updates should be exchanged between Andy and Floyd, but both should exchange The configuration of Bea is straightforward network 192.168.12.0 network...

Case Study Discontiguous Subnets

In Figure 5.13, another router has been added to the internetwork with a subnet 10.33.32.0 20 on its El interface. The problem is that the other subnet of network 10.0.0.0, 10.33.0.0 20, is connected to Barney, and the only route between the subnets is via 192.168.83.0 and 192.168.12.0 two entirely different networks. As a result, network 10.0.0.0 is discontiguous. Figure 5.13. Classful protocols such as RIP and IGRP cannot route a topology in which the subnets of network 10.0.0.0 are separated...

Case Study Manipulating RIP Metrics

A serial link, to be used as a backup, has been added between Ernest_T and Barney (Figure 5.16). This link should be used only if the route via Andy fails. The problem is that the path between Barney's 10.33.0.0 subnet and Ernest_T's 10.33.32.0 subnet is 1 hop via the serial link and 2 hops via the preferred Ethernet links. Under normal circumstances, RIP will choose the serial link. Figure 5.16. RIP metrics must be manipulated so that the 2-hop Ethernet route between Barney and Ernest_T will...

Case Study Misconfigured Summarization

Figure 9.102 shows a backbone area and three attached areas. To reduce the size of the link state database and to increase the stability of the internetwork, summarization will be used between areas. Figure 9.102. The summary addresses shown for each area will be advertised into area 0. Area 0 will also Figure 9.102. The summary addresses shown for each area will be advertised into area 0. Area 0 will also The individual subnets of the three nonbackbone areas are summarized with the addresses...

Case Study Multiple Redistribution Points

Figure 13.12 shows an internetwork very similar to the one depicted in Figure 11.3. Recall from the associated discussion in Chapter 11 that the problem with multiple redistribution points is that administrative distances can cause routers to choose undesirable paths. In some cases, route loops and black holes can result. For example, Bumble's routing table (Figure 13.13) shows that it is routing to network 192.168.6.0 through Blathers, rather than using the preferable route through Monks....

Laying the Foundations

If you are a beginner, or your internetworking experience is limited, your first step is to get a solid grip on the basics of both internetworking and Cisco routers. This effort will involve both classroom training and self-study. Through its training partners, Cisco offers many hands-on training classes. You should attend as many of these classes as your time and resources allow, but of particular importance are Introduction to Cisco Router Configuration (ICRC) Advanced Cisco Router...

Case Study Passive Interfaces

The router Floyd has been added to the internetwork (Figure 5.10). It is desired that no RIP advertisements be exchanged between Floyd and Andy. This is easy enough at Floyd Figure 5.10. Network policy calls for no RIP exchanges between Andy and Floyd. Figure 5.10. Network policy calls for no RIP exchanges between Andy and Floyd. Floyd(config-router) network 192.168.100.0 By not including a network statement for 192.168.12.0, Floyd will not advertise on interface 192.168.12.66. Andy, however,...

Case Study Redistributing ISIS and RIP

In the internetwork of Figure 11.30, Aaron is running IS-IS, Williams is running RIPv1, and Mays is redistributing. Mays' IS-IS configuration is Figure 11.30. Router Mays is redistributing RIP into IS-IS and IS-IS into RIP. Figure 11.30. Router Mays is redistributing RIP into IS-IS and IS-IS into RIP. redistribute rip metric 0 metric-type internal level-2 net 01.0001.0000.0c76.5432.00 redistribute rip metric 0 metric-type internal level-2 net 01.0001.0000.0c76.5432.00 router rip redistribute...

Case Study Setting Maximum Paths

The maximum number of routes over which IGRP can load balance is set with the maximum-paths paths command. Paths may be any number from one to six in IOS 11.0 and later and any number from one to four in earlier versions. The default for all versions is four. Figure 6.16 shows three parallel paths of varying costs from McCloy to network 172.18.0.0. The network administrator wants to load balance over a maximum of only two of these routes while ensuring that if either of these paths should fail,...

Case Study Setting Router IDs with Loopback Interfaces

Suppose router Matisse from Figure 9.61 has been configured in a staging center and then sent to the field to be installed. During the bootup, the router reports that it cannot allocate a Router ID, and it seems to report the network area commands as configuration errors (Figure 9.63). Worse, the OSPF commands are no longer in the running configuration. Figure 9.63. OSPF will not boot if it cannot find an active IP address for its Router ID. Cisco internetwork Operating 5iys or Software I OS it...

Chapter

1 What are the five layers of the TCP IP protocol suite What is the purpose of each layer A The five layers of the TCP IP protocol suite are the following The physical layer contains the protocols of the physical medium. The data link layer contains the protocols that control the physical layer How the medium is accessed and shared, how devices on the medium are identified, and how data is framed before being transmitted on the medium. The internet layercontains the protocols that define the...

Static Routing

An important observation from Chapter 2, TCP IP Review, is that the data link physical layers and the transport network layers, as defined by the OSI model, perform very similar duties They provide the means for conveying data from a source to a destination across some path. The difference is that the data link physical layers provide communications across a physical path, whereas the transport network layers provide communications across a logical or virtual path made up of a series of data...

CLV Fields

The variable-length fields following the PDU-specific fields are Code Length Value(CLV)m triplets, as shown in Figure 10.17. The Code is a number specifying the information content of the value field, the Length specifies the length of the Value field, and the Value field is the information itself. As the one-octet size of the Length field implies, the maximum size of the Value field is 255 octets. 17 The acronym CLV is not used in ISO 10589, but is used here for convenience. You are already...

Configuration Exercises

1 In the example of Figure 7.10, router Taos was configured to send both version 1 and version 2 updates so that the routed process in the Linux host Pojoaque would understand the updates from Taos. Is there another way to configure Taos besides using the ip rip send version command 2 An internetwork has been assigned the address 192.168.100.0. Subnet this address to meet the following requirements 3 Configure the four routers in Figure 7.29 to run RIP. RTC is running IOS 10.3 and for corporate...

Data Link Addresses

In a certain community in Colorado, two individuals are named Jeff Doyle. One Jeff Doyle frequently receives telephone calls for the person with whom he shares a name so much so that his clever wife has posted the correct number next to the phone to redirect errant callers to their desired destination. In other words, because two individuals cannot be uniquely identified, data is occasionally delivered incorrectly and a process must be implemented to correct the error. Among family, friends,...

Diffusing Computation Example

This example focuses only on Cayley and its route to subnet 10.1.7.0. In Figure 8.13, the link between Cayley and Wright (10.1.1.1) has failed. EIGRP interprets the failure as a link with an infinite distance.1101 Cayley checks its topology table for a feasible successor to 10.1.7.0 and finds none (refer to Figure 8.6). 101 An infinite distance is indicated by a delay of 0xFFFFFFFF, or 4294967295. Figure 8.13. The link between Wright and Cayley has failed, and Cayley does not have a feasible...

Distance Vector Routing Protocols

Most routing protocols fall into one of two classes distance vector or link state. The basics of distance vector routing protocols are examined here the next section covers link state routing protocols. Distance vector algorithms are based on the work done of R. E. Bellman,111 L. R. Ford, and D. R. Fulkerson121 and for this reason occasionally are referred to as Bellman-Ford or Ford-Fulkerson algorithms. 111 R. E. Bellman. Dynamic Programming. Princeton, New Jersey Princeton University Press...

Extended IP Access Lists

Extended IP access lists provide far more flexibility in the specification of what is to be filtered. The basic format of the extended IP access list line is access-list access-list-number deny permit protocol source source-wildcard destination destinationwildcard precedence precedence tostos log Some of the features here are familiar, and some are new. access-list-number, for extended IP access lists, is between 100 and 199. protocol is a new variable that looks for a match in the protocol...

Figure 1012 This route table shows both level 1 and level 2 ISIS routes

Codes C canr.i.cTad, 3 Tatio, IGF , R RJ P, 1 mobile, EJ LSG-p 0 LlOR . l < EIGftP external, 0 OS f , 3a oSh irttor area lt osr1 external i, L2 os i ext n i type a, l lgp 1 IS IS, Li IS IS ieveL 1, L2 IS IS level 2, * candidate default iG.U.fi.fi is variably susnellea, fi spoilers, 3 riaski iG.U.fi.fi is variably susnellea, fi spoilers, 3 riaski 2 > 5.255.2& .e LE dlr Ctlyl COflil tOil 255.25 -255-0 115 301 via lfl.1.3.2 255,25S. 55.0 115 20 vis n.n.fl.fj. J55 .255.255.5 LS dlrc tlv...

Figure 1047 The L1 LSPs of London and Rome have ATT 1 indicating a connection to another area

IS IS Level 1 Link State Database LSPlii HSB0.aCBA.2AAS) . BB OW30.0CGA2C51 .0 a0ti0.0D0A.2C51.01 HSB0.JB )K. i75f> .aB The problem is that the ATT bit is a CLNS function, and the IP process cannot directly interpret the bit. There are two solutions to the problem. The first solution is to enable IS-IS for CLNS on the interfaces in addition to IS-IS for IP. For example, the serial interface configurations for London and Paris are ip address 10.1.255.6 255.255.255.252 ip router isis clns...

Figure 1050 The support of multiple area addresses per router eases area changes

Suppose that the powers that be over the internetwork in Figure 10.41 decree that the area addressing scheme being used is inappropriate and should become GOSIP compliant. After registering with the U.S. GSA, the following components are to be used to construct the NETs The new NETs are shown in Table 10.5. Table 10.5. The new GOSIP-format NETs to be assigned to the routers in Figure 10.41. The first step in changing the area addresses is to add the new NETs to the routers without changing the...

Figure 1058 This SPF log reveals instability in area 1 of Figure 1054

To further investigate instabilities revealed by the SPF log, three useful debug commands are available. Figures 10.59, 10.60, and 10.61 show output from these three debug functions. In each case, the debug messages show the results of disconnecting and reconnecting the serial interface of Zurich in Figure 10.54 from the perspective of Geneva. The first, debug isis spf-triggers (Figure 10.59), displays messages pertaining to events that trigger an SPF calculation. The second command is debug...

Figure 134 The filter at Traddles allows only the default route to be advertised to Barkis

RIP received v2 update from 192.16& .75.19 on Seriall RIP Sending v2 utJi to 22*.0.0.9 via Ethernet 192.168.75.33) 192.l68.75.fi4 27 > & .0.0.0, natric 2. tag 2 192.160.75.196 3B -> 8.0.0,0, metric tag 3 l -h2. 169. i 30 0.0.0.0, metric 1, tag B RIP sending v2 update to 22 . 0.0.9 via Serial (192.163.75,202) 2.160. fh.32.-2f > a.0.0.0, natric 1, tag C 192. 160.75.196 30 -> 0.0.0,0, metric 1t tag 2 192.160.75.204 30 -> 0.0.0,0, metric 27 tag 3 RIP sending v2 u n-.a to 25 .0.0.3...

Figure 142 Policy routing allows highpriority traffic from the Mongo System to be routed over the FDDI link while

Table 14.1 and table 14.2 show the match and set commands that can be used with redistribution, and table 14.3 and table 14.4 show the match and set commands that can be used with policy routing. Table 14.1. Match commands that can be used with redistribution. Table 14.1. Match commands that can be used with redistribution. match interface type number type number Matches routes that have their next hop out one of the interfaces specified. match ip address access-list-number name...

Figure 316 10151 matches the entry for 1010016 and will be forwarded to 10461

Codes c cMiiact& tfj a static, i i ip, Ft flip, t maulle, u l gp u - EiGhp, lx liuup external, y uspf , 1a OSPf inter area lt osPI external type t O-SHi eternal i2, L lap l It I . Ll IS IS level 1, L2 IS 13 level 2. - candidalc default I , , . lk variably subnetteO, 3 sublets, 2 *asKs C 10.4,6.0 255.255.255.0 LS dir& Ctly CCllrttCLCD. Si-TLail t is directly connected, Ethernet 193.138.1.0 255.255.255.22* is submitted, 1 subnets Figure 3.17 shows Tigger's route table. The destination...

Figure 322 Kangas ARP cache has an entry for Milne but the associated data link identifier is wrong

Kangaifshew a a Protocol A Jd.i.,s Internet Internet internet Internet Kanga* 172. 16,21 ,1 172.16,28,2 172.16,21,2 172.16.2fl.75 Another look at Kanga's ARP table reveals that the MAC identifier associated with Milne is suspiciously similar to the MAC identifier of Kanga's own Cisco interfaces (the MAC addresses with no ages associated with them are for the router's interfaces). Because Milne is not a Cisco product, the first three octets of its MAC identifier should be different from the...

Figure 330 The route table of RTB figure 328

Codes connected, S static, 1 liKP, h (UP, U publia, it BGP J LI RP. LH LLGRP C xt h ri a 1. OSPF, A USPF ntar ar-ea lt external type i, l2 os pi external type ' , l liif L Ii ES, M js laveJ 1, L2 IS S LovfL , ' candidate default u per user staue rauTO- Figure 3.31. The route table of RTc, figure 3.28 C Li J c- ft C connected, S -il c. I 1GHP, H KIP, u nobile, Ei H P U ElGFtP, EX EIGRP external, 0 03PF, Ii GS l in tar area > 11 (JSPI NSSA exlt-r ai type 1, FI2 OSPf HiSA asternal type 2 L1 PI...

Figure 36 Debugging verifies that the new route entries at Pooh are working correctly

IP s 192.16B.1.15 (Ethernets), J 1B.4.7.25 (Seriate , g l92,163.1.6B, forward I 10.4.7.25 (Sitr i.ilftj , C 1 Li2 . 1 ( . 1 .1 Lj (Ethernet ), (J 192.1GS.115, forward IP 192-iga. 1.1 s (Ethernet), J ti).4.7.ifM) (seriaii), y 192.163.1.34, forward IP 10.4.7.100 (Sarialo), d l92.160.1.15 (Ethernet ), g l9 .lG& .l.15, forward Next a packet is sent from host 192.168.1.15 to host 10.4.7.100. Packets destined for any host on 10.0.0.0 subnets, other than host 10.4.7.25, should be routed across the...

Figure 62 LeHand advertises subnet 192168219226 to Tully as an internal route Network 19216830 is advertised to Tully

However, the local network for LeHand and Thompson is 192.168.3.0. LeHand is the boundary router between major networks 192.168.2.0 and 192.168.3.0, so 192.168.2.0 will be advertised to Thompson as a system route. Likewise, 192.168.3.0 is advertised to Tully as a system route. 192.168.1.0 is a network in another autonomous system, and LeHand has been configured to advertise that network address as a default route. 192.168.1.0 will therefore be advertised to both Thompson and Tully as an...

Figure 722 Host Cs ARP cache shows the correct MAC address associated with all addresses

1T2 . 1ft. 35 -112 172 .1C-. 35.1 172.10,35.33 172.19.35.2 172.1ft.35 .3 172 .1 . 35 .il 172.IE,35,21 Zufll - Figure 7.23. Host B's ARP cache shows that C's IP address is mapped to the MAC address of San_Felipe's Figure 7.23. Host B's ARP cache shows that C's IP address is mapped to the MAC address of San_Felipe's CKopyrioht Microsoft ' rji 1981-1995. CKopyrioht Microsoft ' rji 1981-1995. Inter fact 172,19,35.33 1 r . L fit TL v. 1 -.12 , -1 IT .15.35.1 112,19.35.3 171.ig.3S.73 . . 19.35.91 171...

Figure 77 The RIPv2 authentication information when configured is carried in the first route entry space

Multiple fields, up to a maximum of 24 Multiple fields, up to a maximum of 24 Simple password authentication for RIPv2 is in plain text. Figure 7.8 shows an analyzer capture of a RIPv2 message with authentication. The figure also shows a difficulty with the default RIP authentication The password is transmitted in plain text. Anyone who can capture a packet containing a RIPv2 update message can read the authentication password. Figure 7.8. When simple password authentication is used, the...

Figure 831 The IP External Routes TLV

Originaiing Autonomous System Number 'This field is variable. If it is less than or more than three octets, the TLV will be padded with zeros to the next four-octet boundary. For example, if the deslination address is 10,1, ihe Destination field win be two octeis and will be loiiowed with a pad ol 0x00. il the address is 192.iea.1S.64, Ihe Destinalion lield will be four octets and will be followed with a pad of OxOOOOOO. An external route is a path that leads to a destination outside of the...

Figure 84 The topology table of router Langley

Langley 5*10w ip eiyrp topology IP-EIGRP Topology Table for process 1 Codes P - Passive, A - Active, U - Update, Q - Ouery, R - Reply r - Reply status P 10.1.3,0 24, 1 successors, FD is 512 via Connected, Serial P 10.1.2.0 24, 1 successors, FD is 76fl via 10.1.3,1 (763 25S), Serial via 10.1 .5,2 12B0 256), Seriall P 10.1.1,0 24, 1 successor FD is 7fifl via 10.1.3,1 (763 25S), Senalfl via 10.1.5.2 1536 512 , Seriall P 10.1.7.0 24, 1 successors, FD is 256 via Connected, Ethernet P 10.1.6.0 24, 1...

Figure 88 Several of the subnets reachable from Chanute have only one feasible successor

IP -EIGRP Topology Table for process 1 Codes P - Passive, A Active, U - Update, Q - Query, A Reply r - Reply status P 10,1.3.0 24, 1 successors, FD is 766 via 10,1.2.1 (768 512), Ethernet via 10.1.5,1 (1536 512), Serial P 10,1.2.0 24, 1 successors, FD is 256 via Connected, Ethernet P 10.1,1.0 24, 1 successors, FD is 512 via 10.1.2.1 (512 256), Ethernet*) P 10.1.7.0 24, 1 successors, FD is 1024 via 10.1.2.1 (1024 768), Ethernet via 10-1-5-1 (1280 256), Serial P 10,1.6.0 24, 1 successors, FD is...

Figure 929 The Router LSA describes all of a routers interfaces

Rouler ID 192.ieg.3Q.10 Number of Links - 3 Link r Description Link 2 Description Link 3 Description Link 1 Description Link 2 Description Rouler 10 192.168.30.10 Number of Links - 3 Link T Description Link 2 Description Link 3 Description Figure 9.30. The command show ip ospf database router displays Router LSAs from the link state Honerftshaw ip aspl (JaiaGasir router 192.160.30.10 OSpf Router with id (192.168.30,5 ) eProcess id ij Link cuiinoct cl To another HeuLe - (point-to-point) jLmii...

Figure 954 The Ospf Lsa header

Age is the time, in seconds, since the LSA was originated. As the LSA is flooded, the age is incremented by InfTransDelay seconds at each router interface it exits. The age is also incremented in seconds as it resides in a link state database. Options is described in The Options Field. In the LSA header, the Options field specifies the optional capabilities supported by the portion of the OSPF domain described by the LSA. Type is the LSA type. The type codes are shown in Table 9.4. Link State...

Figure 967 The MAC identifier of the DNS server is recorded in Matisses ARP cache indicating that the server can be

Because the DNS server must send replies to network addresses different than its own, it will send the replies to Dali for routing. Dali is not exchanging routing information with Matisse, so it does not know how to reach the networks within the OSPF autonomous system. So the one step needed to close the circuit is to tell Dali how to reach the OSPF networks. This is easily done with a static route Dali(config) ip route 192.168.0.0 255.255.0.0 172.19.35.15 Note that static routes are classless,...

From Pooh fail

Pinning 10,1,5,1 j.'itii L ytes j data Rorily fi*oitt 10.1.5.1 bytes 32 time 22 til 253 Fieply rrom 10.1 ,5.1 bytes 32 t l ac 12* TiL 253 Kcply froiH 10.1 .5.1 by les 32 Urne 22ns SL-25 i Reply I'-CJr 10.1.5.1 bytflS 32 time 22BS TTL 253 tending 5, bytfl 1CMP ECH06Cl10ft3 to 10.1.5,1, tifflftOut IS 2 S COnflS Success rate is S pci'Mrit (e 5) Pooh* Addressing this problem requires tracing the route of the ping. First, Pooh's route table is examined (Figure 3.15). The destination address of...

Hexadecimal

Although the address mask must be specified to Cisco routers in dotted decimal, using the command shown previously, the mask may be displayed by various show commands in any of the three formats by using the command ip netmask-format dec hex bit in line configuration mode. For example, to configure a router to display its masks in bitcount format, use Gladys(config) line vty 0 4 Gladys(config-line) ip netmask-format bit As established in the previous section, subnet bits cannot be all zeros or...

Info

00 o 01010 000 00a a 10 0C0 we 00 000 anse 00 o 01 o 10 oae oatmw new BGS oa ana awwe 00 0 e 101 o 0 oo o ott 11 ) ) ne 0 DC > < > DE ) 00 e o 101Q O00 o o 1 eon en neons ons OBBB 00 0 01010000 0 01010 00 eons ORG S fl00 00001010000001 10M0& 000000000000 An ABR can be configured to advertise a summary address either into the backbone area or into a non-backbone area. Best practice dictates that a non-backbone area's addresses should be summarized into the backbone by its own ABR, as...

Inter Domain Routing Protocol Information CLV

The Inter-Domain Routing Protocol Information CLV (Figure 10.35) allows L2 LSPs to transparently carry information from external routing protocols through the IS-IS domain. The CLV serves the same purpose as the Route Tag fields of RIPv2, EIGRP, and OSPF packets. Route tagging is covered in Chapter 14, Route Maps. Figure 10.35. The Inter-Domain Routing Protocol Information CLV. Figure 10.35. The Inter-Domain Routing Protocol Information CLV. Inter-Domain Information Type specifies the type of...

IP Internal Reachability Information CLV

The IP Internal Reachability Information CLV (Figure 10.33) lists IP addresses and associated masks within the routing domain that are directly connected to the advertising router. The CLV is used by both L1 and L2 LSPs, but never appears in an LSP describing a pseudonode. The metric fields are identical to the IS Neighbors CLV, except that no I E bit is associated with the optional metrics. Instead, the bit is reserved and is always zero. Like the IS Neighbors CLV, the I E bit in this CLV is...

IPSpecific TLV Fields

Each Internal and External Routes TLV contains one route entry. Every Update, Query, and Reply packet contains at least one Routes TLV. The Internal and External Routes TLVs include metric information for the route. As noted earlier, the metrics used by EIGRP are the same metrics used by IGRP, although scaled by 256, and are discussed in more detail along with the calculation of the composite metric in Chapter 6. An internal route is a path to a destination within the EIGRP autonomous system....

ISIS network types Neighbors and Adjacencies

IS-IS routers discover neighbors and form adjacencies by exchanging IS-IS Hello PDUs. Hellos are transmitted every 10 seconds, and on Cisco routers this interval can be changed on a per interface basis with the command isis hello-interval. Although IS-IS Hellos are slightly different for broadcast and point-to-point subnetworks, the Hellos include the same essential information, described in the section IS-IS PDU Formats. An IS-IS router uses its Hello PDUs to identify itself and its...

Knowledge of all subnets

Codesi C - connected, S - static, I - IGKfj K - RIP, H - mobilej E - BGP t - ET P.P, EK - EIGP.P external, 0 - QSf , Tft - QStE inter Hi - (JSPf H5& A sterna typo 1, B.2 - OSff JJ5SA xternal typo Z El - GSfF external type- El - QSPF internal type i, E - EGt i - IS-IS, II - IS -IS level-1, L2 - IS-IS l vel-Sr ' - (TimdJjdKte default U - pei-uiei aCatlc route, o - ODE C IBS. 163.1.0 2i 13 dlrcctly connictod, Ethernet o E 192.153.3.0 24 iiivsaj vi* is .iis.3.33, GQtlTjj , sthemfto 192,168.3,0...

Link 10 Link Dala

Link State ID for router LSAs is the originating router's Router ID. V, or Virtual Link Endpoint bit, is set to one when the originating router is an endpoint of one or more fully adjacent virtual links having the described area as the transit area. E, or External bit, is set to one when the originating router is an ASBR. B, or Border bit, is set to one when the originating router is an ABR. Number of Links specifies the number of router links the LSA describes. The router LSA must describe all...

Link state database by area and by LSA type

Homor sh.ow iu cs f tlut-iftasc database stmmary DSr1 - Router uitn ID U92.1G0-30.5QJ (Process IG ' > Area U Kiijutof Nstwork Sum Het Sun ASUH Subtotal Delete r,'a> itfc AS- External 56 P it As mentioned earlier in Reliable Flooding Sequencing, Checksums, and Aging, the LSAs are aged as they reside in the link state database. If they reach MaxAge (1 hour), they are flushed from the OSPF domain. The implication here is that there must be a mechanism for preventing legitimate LSAs from...

Link State Flooding

After the adjacencies are established, the routers may begin sending out LSAs. As the term flooding implies, the advertisements are sent to every neighbor. In turn, each received LSA is copied and forwarded to every neighbor except the one that sent the LSA. This process is the source of one of link state's advantages over distance vector. LSAs are forwarded almost immediately, whereas distance vector must run its algorithm and update its route table before routing updates, even the triggered...

Link State It 172161210 summary Network Numtaer Advertising Houter 1921B830G LS SiiiJ Numncr CheckSUA 0xE864 Length 28

When an ABR originates a Network Summary LSA, it includes the cost from itself to the destination the LSA is advertising. The ABR will originate only a single Network Summary LSA for each destination even if it knows of multiple routes to the destination. Therefore, if an ABR knows of multiple routes to a destination within its own attached area, it originates a single Network Summary LSA into the backbone with the lowest cost of the multiple routes. Likewise, if an ABR receives multiple...

Link State Routing Protocols

The information available to a distance vector router has been compared to the information available from a road sign. Link state routing protocols are like a road map. A link state router cannot be fooled as easily into making bad routing decisions, because it has a complete picture of the network. The reason is that unlike the routing-by-rumor approach of distance vector, link state routers have firsthand information from all their peer 7 routers. Each router originates information about...

Lollipop Shaped Sequence Number Spaces

This whimsically-named construct was proposed by Dr. Radia Perlman 9 . Lollipop-shaped sequence number spaces are a hybrid of linear and circular sequence number spaces if you think about it, a lollipop has a linear component and a circular component. The problem with circular spaces is that there is no number less than all other numbers. The problem with linear spaces is that they are well not circular. That is, their set of sequence numbers is finite. 9 R. Perlman.Fault-Tolerant Broadcasting...

LSA Types

Because of the multiple router types defined by OSPF, multiple types of LSA are also necessary. For example, a DR must advertise the multi-access link and all the routers attached to the link. Other router types would not advertise this type of information. Both Figure 9.27 and Figure 9.28 show that there are multiple types of LSA. Each type describes a different aspect of an OSPF internetwork. Table 9.4 lists the LSA types and the type codes that identify them. Router LSAs are produced by...

Match

0 ' lieilflfdebug p igrp t r mis act io na I RP protocol debuygj-iiy ira on GAP sending update to 255,255,2 55.255 via thernetO ( 192 .16B 97) subnet 192 .1-bC , 100.129, mett110 IGRF Binding update to 255. 55,255.255 via Ethernet L (192.IfiS.100,129) subnet ISZ . Ih , J. . 9 , me Ce JLd J. 100 IGRE- sending update to 255.355, 5 55.255 via SerialO (1S2 . 1 S .100.Sf subnet 152 , Lc6 . 100.4, rnetrIc S IGRP S41kU> hj up.dnte Co 355,355.2 55-255 via gtsiaJLJL (192,166.100,51 subnet 152 . i 8 ,...

Multiple entries up to a maximum of 104

Opcode will be one for an IGRP Request packet and two for an IGRP Update packet. A Request packet consists of a header with no entries. Edition is incremented by the sender of an update whenever there is a change of routing information. The edition number helps the router avoid accepting an old update that arrives after the newer update. Autonomous System Number is, more accurately, the ID number of the IGRP process. This tag allows multiple IGRP processes to exchange information over a common...

Named Access Lists

The limit of 99 standard access lists or 100 extended IP access lists per router would seem to be more than enough. However, there are cases, such as with dynamic access lists 1 , in which these maximums may not be sufficient. Named access lists, available beginning with IOS 11.2, extend these limits. The other advantage is that descriptive names can make large numbers of lists more manageable. 1 Dynamic access lists are not covered in this tutorial. Refer to Cisco's documentation for more...

Neighbor Discovery Recovery

Because EIGRP updates are nonperiodic, it is especially important to have a process whereby neighbors EIGRP-speaking routers on directly connected networks are discovered and tracked. On most networks, Hellos are multicast every 5 seconds, minus a small random time to prevent synchronization. On multipoint X.25, Frame Relay, and ATM interfaces, with access link speeds of T1 or slower, Hellos are unicast every 60 seconds.121 This longer Hello interval is also the default for ATM SVCs and for...

Network Addresses

Each member network in a routed internetwork requires a unique identifier. For devices to correctly communicate on a LAN, they must be uniquely identified by means of a data link identifier. If a routed internetwork a network of networks is to be created, then each member network must likewise be uniquely identifiable. The most fundamental criterion for a routed internetwork is that for a router to correctly deliver packets to their proper destination, each and every network, or data link, must...

Nomerfrsfiow ip ospt database asbr umnary

(jkpj Router with in (192 168.38.50) (Process id i) Lfi Tyf> 4> Summary Links (AS Boundary Flculonj link state id 192.168.30.12 (as boundary routtr address) Autonomous System External LSAs, or External LSAs, are originated by ASBRs and advertise either a destination external to the OSPF autonomous system, or a default route 14 external to the OSPF autonomous system (Figure 9.37). Referring back to Figure 9.27, you can see that the AS External LSAs are the only LSA types in the database that...

Note

OSPF uses areas to reduce these adverse effects. In the context of OSPF, an area is a logical grouping of OSPF routers and links that effectively divide an OSPF domain into sub-domains (Figure 9.20). Routers within an area will have no detailed knowledge of the topology outside of their area. Because of this condition Figure 9.20. An OSPF area is a logical grouping of OSPF routers. Each area is described by its own link state database, and each router must maintain a database only for the area...

Operation of IGRP

From a high-altitude view, IGRP shares many operational characteristics with RIP. It is a classful distance vector protocol that periodically broadcasts its entire routing table with the exception of routes suppressed by split horizon to all its neighbors. Like RIP, IGRP broadcasts a request packet out all IGRP-enabled interfaces upon startup and performs a sanity check on received updates to verify that the source address of the packet belongs to the same subnet on which the update was...

Operation of Integrated ISIS

The ISO often uses different terms than the IETF to describe the same entities, a fact that can sometimes cause confusion. ISO terms are introduced and defined in this section, but in most cases the more familiar IETF terminology used throughout the rest of this book is used in this chapter. 7 Some ISO terms are so fundamental that they should be discussed before getting into any specifics of the IS-IS protocol. 7 The temptation to use the ISO European spelling of certain common terms such as...

Operation of RIPv2

All of the operational procedures, timers, and stability functions of RIPv1 remain the same in version 2, with the exception of the broadcast updates. RIPv2 multicasts updates to other RIPv2-speaking routers, using the reserved class D address 224.0.0.9. The advantage of multicasting is that devices on the local network that are not concerned with RIP routing do not have to spend time unwrapping broadcast packets from the router. The multicast updates are examined further in the section,...

OSPF A outer with 10 19Z1633050 Process tt i

Lmk State ID 1B.S3.10.0 (External Network Nuntifir ) uetric Type 1 Cofepardble directly to link state metric) Group Membership LSAs are used in an enhancement of OSPF known as Multicast OSPF (MOSPF). 15 MOSPF routes packets from a single source to multiple destinations, or group members, which share a class D multicast address. Although Cisco supports other multicast routing protocols, MOSPF is not supported as of this writing. For this reason, neither MOSPF nor the Group Membership LSA is...

OSPF Packet Formats

The OSPF packet consists of multiple encapsulations, and deconstructing one is like peeling an onion. As shown in Figure 9.46, the outside of the onion is the IP header. Cisco's maximum OSPF packet size is 1500 octets. Encapsulated within the IP header is one of five OSPF packet types. Each packet type begins with an OSPF packet header, whose format is the same for all packet types. The OSPF packet data following the header varies according to the packet type. Each packet type will have a...

Review Questions

3 What are the five OSPF packet types What is the purpose of each type 4 What is an LSA How does an LSA differ from an OSPF Update packet 5 What are LSA types 1 to 5 and LSA type 7 What is the purpose of each type 6 What is a link state database What is link state database synchronization 7 What is the default Hellolnterval 8 What is the default RouterDeadInterval 9 What is a Router ID How is a Router ID determined 11 What is the significance of area 0 13 What are the four OSPF router types 14...

RIP Message Format

The RIP message format is shown in Figure 5.3. Each message contains a command and a version number and can contain entries for up to 25 routes. Each route entry includes an address family identifier, the IP address reachable by the route, and the hop count for the route. If a router must send an update with more than 25 entries, multiple RIP messages must be produced. Note that the initial portion of the message is four octets, and each route entry is 20 octets. Therefore the maximum message...

RIP Timers and Stability Features

After startup, the router gratuitously sends a Response message out every RIP-enabled interface every 30 seconds, on average. The Response message, or update, contains the router's full routing table with the exception of entries suppressed by the split horizon rule. The update timer initiating this periodic update includes a random variable to prevent table synchronization.161 As a result, the time between individual updates from a typical RIP process may be from 25 to 35 seconds. The specific...

RIPv2 Message Format

The RIPv2 message format is shown in Figure 7.1 the basic structure is the same as for RIPv1. All the extensions to the original protocol are carried within what were unused fields. Like version 1, RIPv2 updates can contain entries for up to 25 routes. Also like version 1, RIPv2 operates from UDP port 520 and has a maximum datagram size (with an eight-byte UDP header) of 512 octets. Figure 7.1. RIPv2 takes advantage of the unused fields of the version 1 message so that the extensions do Figure...

Router ID

The router chooses the numerically highest IP address on any of its loopback interfaces. 2. If no loopback interfaces are configured with IP addresses, the router chooses the numerically highest IP address on any of its physical interfaces. The interface from which the Router ID is taken does not have to be running OSPF. Using addresses associated with loopback interfaces has two advantages The loopback interface is more stable than any physical interface. It is active when the router boots up,...

Router is an L1L2 router

Ai'itterrianpshtMi ltis dii iiliase is is Lnv l-1 Link State Database LiPf LSP Sep Num LSP Checksum LSP Holdtlne ATT P OL fleow.acB . KX0.& 0 oeott.0c i .5 i7c.0G at) QOO0.QC76.5B7C.03 B The three LSPs indicate that Amsterdam's only L1 adjacency is with Brussels. This single adjacency is expected because Brussels is the only other router in area 2. Comparing Amsterdam's L2 database with the System IDs in Table 10.4 reveals that Amsterdam has an L2 adjacency with every router in the IS-IS...

Router Types

Routers, like traffic, can be categorized in relation to areas. All OSPF routers will be one of four router types, as shown in Figure 9.21. Figure 9.21. All OSPF routers can be classified as an Internal Router, a Backbone Router, an Area Border Router (ABR), or an Autonomous System Boundary Router (ASBR). Note that any of the first three router Figure 9.21. All OSPF routers can be classified as an Internal Router, a Backbone Router, an Area Border Router (ABR), or an Autonomous System Boundary...

Routers all of area 2 is ineligible to be a stub area

The RIP speaker does not need to learn routes from OSPF a default route pointing to the area 2 router is all it needs. But all OSPF routers must know about the networks attached to the RIP router to route packets to them. Not-so-stubby areas(NSSAs) 17 allow external routes to be advertised into the OSPF autonomous system while retaining the characteristics of a stub area to the rest of the autonomous system. To do this, the ASBR in an NSSA will originate type 7 LSAs to advertise the external...

Routing Protocol Basics

All dynamic routing protocols are built around an algorithm. Generally, an algorithm is a step-by-step procedure for solving a problem. A routing algorithm must, at a minimum, specify the following A procedure for passing reachability information about networks to other routers. A procedure for receiving reachability information from other routers A procedure for determining optimal routes based on the reachability information it has and for recording this information in a route table A...

Routing TCPIP

CCIE Professional Development Routing TCP IP, Volume I Copyright 1998 by Macmillan Technical Publishing Cisco Press logo is a trademark of Cisco Systems, Inc. All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the publisher, except for the inclusion of brief quotations in a review. Printed in the...

Rtd

Router rip network 192.168.3.0 neighbor 192.168.3.1 3 The bandwidth of the serial link between RTC and RTD in A The update time applies to the entire RIP process. If the update time is changed for the serial link, it will also be changed for the router's other links. That, in turn, means that the timers must be changed on the neighboring routers, which means those neighbors' neighbors must be changed, and so on. The cascade effect of changing the update timer on a single router means that the...

Ruth is now routing to 19216810 through Combs

Cod* 3 C - connected, - stiiticr I - IGf P, R. - RIP, M - mobile, E - BGP D - EIGEP, EX - EIiSP external, G - OSPF, Ii - CSPF inLes area El - KPr intima typt- Jlr - CSPI1 **tc-rn(iJL Cypf Z, E - EGP i- IS-IS, Li - IE-IS leve 1-1, Li - IS-IS leve 1-2, 4 - candidate default (J - psr-UTcr ntiitic Ccu.tc ft 192.163.1.d S 12D 1 YX4 l92.1fiS.6.2, Od DD 23, StzlolO I 1DUA S161 vi* & I. 56.5.ir COiO(J 22r Seriall r 152.i 8.3.0 24 1dd 12 t6j v a j.52. i .5 .1, coio , Serlaii r i& .i s.4.0 24 i ld...

Summary Table Chapter 10 Command Review

Configures IS-IS area (level 1) authentication. Displays details of events triggering an IS-IS SPF calculation. Displays information about SNPs sent and received by the router. Displays statistical information about IS-IS SPF calculations. Displays events that trigger IS-IS SPF calculations. Displays information about LSPs, CSNPs, and PSNPs sent and received by the router. default-information originate routemap map-name Generates a default IP route into an IS-IS domain. Configures IS-IS domain...

Summary Table Chapter 12 Command Review

Default-information originate always metric metric-value metric-type type-value level-1 level-1-2 level-2 route-map map-name Generates a default route into OSPF and IS-IS routing domains. Enables classless route lookups so that the router can forward packets to unknown subnets of directly Specifies a network as a candidate route when determining the gateway of last resort. ip route prefix mask address interface distance tag teg permanent

Summary Table Chapter 13 Command Review

Access-list access-list-number deny permit source source-wildcard Defines a line of a standard IP access list. distance weight address mask access-list-numberjname Defines an administrative distance other than the default. distance eigrp internal-distance external-distance Defines the administrative distances other than the default of internal and external EIGRP routes. distribute-list access-list-numbei name in interface-name Filters the routes in incoming updates. distribute-list...

Summary Table Chapter 14 Command Review

Access-list access-list-number denyjpermit source source-wildcard Defines a line of a standard IP access list. access-list access-list-number denyjpermit protocol source source-wildcard destination destination-wildcard precedence precedence tos tos log Defines a line of an extended IP access list. Defines a policy route for packets originated by the router itself. Defines a policy route for packets transiting the router. match interface type number type number Matches routes that have their...

Summary Table Chapter 2 Command Review

Statically maps an IP address type alias to a hardware address Sets the amount of time a Cisco router holds ARP entries Forces the deletion of all dynamic entries from the ARP table Displays ICMP events as they occur on the router. Assigns an IP address and secondary mask to an interface Configures a router to display IP (address, mask) pairs in bitcount, dotted-decimal, or hexadecimal format

Summary Table Chapter 5 Command Review

Summarizes RIP traffic to and from the router ip address ip-address mask secondary Configures an interface with the indicated ip address as a secondary address Establishes the link indicated by the ip address as a neighbor of the interface Specifies the indicated network as one that will run RIP offset-list access-list-number name in out offset type number Stipulates that a route entry belonging to the indicated access list will have the indicated offset number added to its metric Sets an...

Summary Table Chapter 9 Command Review

Area area-id authentication message-digest Enables type 1 or type 2 authentication for an area. Specifies a cost for the default route sent into a stub area by an ABR. area area-id nssa Configures an area as not-so-stubby (NSSA). Summarizes addresses into or out of an area. Configures an area as a stub or totally stubby area. Defines a virtual link between ABRs. Shows the events involved in the building or breaking of an OSPF adjacency. Assigns a password to an OSPF interface for use with type...

Summary Table Chapter 3 Command Review

Statically maps an IP type alias address to a hardware address. Displays information on IP packets received, generated, and forwarded. Information on fast-switched packets will not be displayed. ip route prefix mask address interface distance permanent Statically adds a route entry to the route table. Configures the type of switching cache an interface will use.

Summary Table Chapter 8 Command Review

Accept-lifetime start-time infimte end-time duration seconds Specifies the time period during which the authentication key on a key chain is received as valid. Enables automatic summarization at network boundaries. This command is enabled by default. Specifies the bandwidth parameter, in kilobits per second, on an interface. debug ip eigrp neighbor process-id address Adds a filter to the debug eigrp packets command, telling it to display only IP packets for the indicated process and neighbor....

SystemID Network Entity Titles

Even when IS-IS is used to route only TCP IP, IS-IS is still an ISO CLNP protocol. Consequently, the packets by which IS-IS communicates with its peers are CLNS PDUs, which in turn means that even in an IP-only environment, an IS-IS router must have an ISO address. The ISO address is a network address, known as Network Entity Title (NET), described in ISO 8348. 10 The length of a NET can range from 8 to 20 octets the NET describes both the Area ID and the System ID of a device, as shown in...

The Autonomous System External LSA

Autonomous System External LSAs (Figure 9.58) are originated by ASBRs. These LSAs are used to advertise destinations external to the OSPF autonomous system, including default routes to external destinations, and are flooded into all nonstub areas of the OSPF domain. The command show ip ospf database external is used to display AS External LSAs (Figure 9.38). Figure 9.58. The OSPF Autonomous System External LSA. Figure 9.58. The OSPF Autonomous System External LSA. Link State ID for AS External...

The Database Description Packet

The Database Description packet (Figure 9.50) is used when an adjacency is being established (see Building an Adjacency, earlier in this chapter). The primary purpose of the DD packet is to describe some or all of the LSAs in the originator's database so that the receiver can determine whether it has a matching LSA in its own database. This is done by listing only the headers of the LSAs. Because multiple DD packets may be exchanged during this process, flags are included for managing the...

The ISIS Sequence Numbers PDU Format

SNPs are used to maintain the IS-IS link state database by describing some or all of the LSPs in the database. A DR periodically multicasts a CSNP (Figure 10.36) to describe all the LSPs in the pseudonode's database. Because there is an L1 database and an L2 database, CSNPs are also either L1 or L2. Some link state databases can be so large that the LSPs cannot all be described in a single CSNP. For this reason, the last two fields of the CSNP header are the Start LSP ID field and the End LSP...

The Link State Acknowledgment Packet

Link State Acknowledgment packets are used to make the flooding of LSAs reliable. Each LSA received by a router from a neighbor must be explicitly acknowledged in a Link State Acknowledgment packet. The LSA being acknowledged is identified by including its header in the LS ACK packet, and multiple LSAs may be acknowledged in a single packet. As Figure 9.53 shows, the LS ACK packet consists of nothing more than an OSPF packet header and a list of LSA headers. Figure 9.53. The OSPF Link State...