Access List Types

The actual configuration lines for the access list shown graphically on the right of ,Figure B.4 are access-list 9 deny 10.23.147.0 0.0.0.255 access-list 9 permit 10.0.0.0 0.255.255.255 Every filter layer of an access list is represented by one configuration line. The various components of an access list line are discussed shortly, but for now notice the number 9 in both lines. This number is the access list number, and it serves two purposes It links all the lines of this list together and...

Been translated into type 5 LSAs by Goya 192168503

Type 7 AS External Link Stales (Area 192.166.10,O) Type 7 AS External Link Stales (Area 192.166.10,O) Several configuration options are available for the ABR. First, the no-summary option can be used with the area nssa command to block the flooding of type 3 and type 4 LSAs into the NSSA. To turn area 192.168.10.0 into a somewhat schizophrenically named totally stubby not-so-stubby area, Goya's configuration would be router ospf 30 network 192.168.20.0 0.0.0.3 area 0 network 192.168.10.0...

Bicycles with Motors

One of the difficulties of decentralized computing is that it isolates users from one another and from the data and applications they may need to use in common. When a file is created, how is it shared with Tom, Dick, and Harriet down the hall The early solution to this was the storied SneakerNet Put the file on floppy disks and hand carry them to the necessary destinations. But what happens when Tom, Dick, and Harriet modify their copies of the file How does one ensure that all information in...

Case Study A Basic Eigrp Configuration

Like IGRP, EIGRP requires only two steps to begin the routing process 1. Enable EIGRP with the command router eigrp process-id. 2. Specify each major network on which to run EIGRP with the network command. The process ID may be any number between 1 and 65535 (0 is not allowed), and it may be arbitrarily chosen by the network administrator, as long as it is the same for all EIGRP processes in all routers that must share information. Alternatively, the number may be an InterNIC-assigned...

Case Study A Basic OSPF Configuration

The three steps necessary to begin a basic OSPF process are 1. Determine the area to which each router interface will be attached. 2. Enable OSPF with the command router ospfprocess-id. 3. Specify the interfaces on which to run OSPF, and their areas, with the network area command. Unlike the process ID associated with IGRP and EIGRP, the OSPF process ID is not an autonomous system number. The process ID can be any positive integer and has no significance outside the router on which it is...

Case Study A Protocol Migration

The distance command, when used without any optional parameters, specifies the administrative distance to be assigned to routes learned from a particular routing protocol. On first consideration, this action may not seem to be a route filtering function, but it is. When multiple routing protocols are running, routes are accepted or rejected based on their administrative distances. The internetwork in Figure 13.7 is running RIP, and there is a plan to convert to EIGRP. Several methods exist for...

Case Study Manipulating RIP Metrics

A serial link, to be used as a backup, has been added between Ernest_T and Barney (Figure 5.16). This link should be used only if the route via Andy fails. The problem is that the path between Barney's 10.33.0.0 subnet and Ernest_T's 10.33.32.0 subnet is 1 hop via the serial link and 2 hops via the preferred Ethernet links. Under normal circumstances, RIP will choose the serial link. Figure 5.16. RIP metrics must be manipulated so that the 2-hop Ethernet route between Barney and Ernest_T will...

Case Study Misconfigured Summarization

Figure 9.102 shows a backbone area and three attached areas. To reduce the size of the link state database and to increase the stability of the internetwork, summarization will be used between areas. Figure 9.102. The summary addresses shown for each area will be advertised into area 0. Area 0 will also Figure 9.102. The summary addresses shown for each area will be advertised into area 0. Area 0 will also The individual subnets of the three nonbackbone areas are summarized with the addresses...

Case Study Multiple IGRP Processes

Two new routers, Lovett and Harriman, have been added to the internetwork (Figure 6.18). A decision has been made to create two IGRP autonomous system domains in the internetwork with no communications between the two. Figure 6.19 shows the two autonomous systems and the related links for each. Figure 6.18. Separate routing domains are to be created in this internetwork. Figure 6.18. Separate routing domains are to be created in this internetwork. Figure 6.19. The routers Harriman and Acheson...

Case Study Setting Maximum Paths

The maximum number of routes over which IGRP can load balance is set with the maximum-paths paths command. Paths may be any number from one to six in IOS 11.0 and later and any number from one to four in earlier versions. The default for all versions is four. Figure 6.16 shows three parallel paths of varying costs from McCloy to network 172.18.0.0. The network administrator wants to load balance over a maximum of only two of these routes while ensuring that if either of these paths should fail,...

Case Study Setting Router IDs with Loopback Interfaces

Suppose router Matisse from Figure 9.61 has been configured in a staging center and then sent to the field to be installed. During the bootup, the router reports that it cannot allocate a Router ID, and it seems to report the network area commands as configuration errors (Figure 9.63). Worse, the OSPF commands are no longer in the running configuration. Figure 9.63. OSPF will not boot if it cannot find an active IP address for its Router ID. Cisco internetwork Operating 5iys or Software I OS it...

Case Study Virtual Links

Figure 9.89 shows an internetwork with a poorly designed backbone area. If the link between routers Hokusai and Hiroshige fails, the backbone will be partitioned. As a result, routers Sesshiu and Okyo will be unable to communicate with each other. If these two routers are ABRs to separate areas, inter-area traffic between those areas will also be blocked. Figure 9.89. A failure of the link between Hokusai and Hiroshige will partition the backbone area. Figure 9.89. A failure of the link between...

Route Redistribution

Principles of Redistribution Redistributing from Classless to Classful Protocols Case Study Redistributing IGRP and RIP Case Study Redistributing EIGRP and OSPF Case Study Redistribution and Route Summarization Case Study Redistributing IS-IS and RIP Case Study Redistributing Static Routes A router performs redistribution when it uses a routing protocol to advertise routes that were learned by some other means. Those other means may be another routing protocol, static routes, or a direct...

1

A Subnet 192.168.1.64 27 will no longer be reachable from Piglet. Subnets 10.4.6.0 24 and 10.4.7.0 24 are also no longer reachable from Piglet. 2 The static route configurations for the routers in 3 shows another internetwork in which users are complaining of connectivity problems. A The mistakes are RTC The route to 10.5.8.0 24 points to the wrong next-hop address. RTC The route to 10.1.1.0 24 should be 10.5.1.0 24. RTC There is no route to 10.5.4.0 24. RTD The route to 10.4.5.0 24 should be...

Static Routing

An important observation from Chapter 2, TCP IP Review, is that the data link physical layers and the transport network layers, as defined by the OSI model, perform very similar duties They provide the means for conveying data from a source to a destination across some path. The difference is that the data link physical layers provide communications across a physical path, whereas the transport network layers provide communications across a logical or virtual path made up of a series of data...

Chapter

A From the perspective of an OSPF router, a neighbor is another OSPF router that is attached to one of the first router's directly connected links. A An OSPF adjacency is a conceptual link to a neighbor over which LSAs can be sent. 3 What are the five OSPF packet types What is the purpose of each type A The five OSPF packet types, and their purposes, are Hellos, which are used to discover neighbors, and to establish and maintain adjacencies Updates, which are used to send LSAs between neighbors...

CLV Fields

The variable-length fields following the PDU-specific fields are Code Length Value(CLV)m triplets, as shown in Figure 10.17. The Code is a number specifying the information content of the value field, the Length specifies the length of the Value field, and the Value field is the information itself. As the one-octet size of the Length field implies, the maximum size of the Value field is 255 octets. 17 The acronym CLV is not used in ISO 10589, but is used here for convenience. You are already...

Configuration Exercises

1 In the example of Figure 7.10, router Taos was configured to send both version 1 and version 2 updates so that the routed process in the Linux host Pojoaque would understand the updates from Taos. Is there another way to configure Taos besides using the ip rip send version command 2 An internetwork has been assigned the address 192.168.100.0. Subnet this address to meet the following requirements 3 Configure the four routers in Figure 7.29 to run RIP. RTC is running IOS 10.3 and for corporate...

Data Link Addresses

In a certain community in Colorado, two individuals are named Jeff Doyle. One Jeff Doyle frequently receives telephone calls for the person with whom he shares a name so much so that his clever wife has posted the correct number next to the phone to redirect errant callers to their desired destination. In other words, because two individuals cannot be uniquely identified, data is occasionally delivered incorrectly and a process must be implemented to correct the error. Among family, friends,...

Diffusing Computation Example

This example focuses only on Cayley and its route to subnet 10.1.7.0. In Figure 8.13, the link between Cayley and Wright (10.1.1.1) has failed. EIGRP interprets the failure as a link with an infinite distance.1101 Cayley checks its topology table for a feasible successor to 10.1.7.0 and finds none (refer to Figure 8.6). 101 An infinite distance is indicated by a delay of 0xFFFFFFFF, or 4294967295. Figure 8.13. The link between Wright and Cayley has failed, and Cayley does not have a feasible...

Extended IP Access Lists

Extended IP access lists provide far more flexibility in the specification of what is to be filtered. The basic format of the extended IP access list line is access-list access-list-number deny permit protocol source source-wildcard destination destinationwildcard precedence precedence tostos log Some of the features here are familiar, and some are new. access-list-number, for extended IP access lists, is between 100 and 199. protocol is a new variable that looks for a match in the protocol...

Figure 1047 The L1 LSPs of London and Rome have ATT 1 indicating a connection to another area

IS IS Level 1 Link State Database LSPlii HSB0.aCBA.2AAS) . BB OW30.0CGA2C51 .0 a0ti0.0D0A.2C51.01 HSB0.JB )K. i75f> .aB The problem is that the ATT bit is a CLNS function, and the IP process cannot directly interpret the bit. There are two solutions to the problem. The first solution is to enable IS-IS for CLNS on the interfaces in addition to IS-IS for IP. For example, the serial interface configurations for London and Paris are ip address 10.1.255.6 255.255.255.252 ip router isis clns...

Figure 1050 The support of multiple area addresses per router eases area changes

Suppose that the powers that be over the internetwork in Figure 10.41 decree that the area addressing scheme being used is inappropriate and should become GOSIP compliant. After registering with the U.S. GSA, the following components are to be used to construct the NETs The new NETs are shown in Table 10.5. Table 10.5. The new GOSIP-format NETs to be assigned to the routers in Figure 10.41. The first step in changing the area addresses is to add the new NETs to the routers without changing the...

Figure 1058 This SPF log reveals instability in area 1 of Figure 1054

To further investigate instabilities revealed by the SPF log, three useful debug commands are available. Figures 10.59, 10.60, and 10.61 show output from these three debug functions. In each case, the debug messages show the results of disconnecting and reconnecting the serial interface of Zurich in Figure 10.54 from the perspective of Geneva. The first, debug isis spf-triggers (Figure 10.59), displays messages pertaining to events that trigger an SPF calculation. The second command is debug...

Figure 142 Policy routing allows highpriority traffic from the Mongo System to be routed over the FDDI link while

Table 14.1 and table 14.2 show the match and set commands that can be used with redistribution, and table 14.3 and table 14.4 show the match and set commands that can be used with policy routing. Table 14.1. Match commands that can be used with redistribution. Table 14.1. Match commands that can be used with redistribution. match interface type number type number Matches routes that have their next hop out one of the interfaces specified. match ip address access-list-number name...

Figure 316 10151 matches the entry for 1010016 and will be forwarded to 10461

Codes c cMiiact& tfj a static, i i ip, Ft flip, t maulle, u l gp u - EiGhp, lx liuup external, y uspf , 1a OSPf inter area lt osPI external type t O-SHi eternal i2, L lap l It I . Ll IS IS level 1, L2 IS 13 level 2. - candidalc default I , , . lk variably subnetteO, 3 sublets, 2 *asKs C 10.4,6.0 255.255.255.0 LS dir& Ctly CCllrttCLCD. Si-TLail t is directly connected, Ethernet 193.138.1.0 255.255.255.22* is submitted, 1 subnets Figure 3.17 shows Tigger's route table. The destination...

Figure 322 Kangas ARP cache has an entry for Milne but the associated data link identifier is wrong

Kangaifshew a a Protocol A Jd.i.,s Internet Internet internet Internet Kanga* 172. 16,21 ,1 172.16,28,2 172.16,21,2 172.16.2fl.75 Another look at Kanga's ARP table reveals that the MAC identifier associated with Milne is suspiciously similar to the MAC identifier of Kanga's own Cisco interfaces (the MAC addresses with no ages associated with them are for the router's interfaces). Because Milne is not a Cisco product, the first three octets of its MAC identifier should be different from the...

Figure 330 The route table of RTB figure 328

Codes connected, S static, 1 liKP, h (UP, U publia, it BGP J LI RP. LH LLGRP C xt h ri a 1. OSPF, A USPF ntar ar-ea lt external type i, l2 os pi external type ' , l liif L Ii ES, M js laveJ 1, L2 IS S LovfL , ' candidate default u per user staue rauTO- Figure 3.31. The route table of RTc, figure 3.28 C Li J c- ft C connected, S -il c. I 1GHP, H KIP, u nobile, Ei H P U ElGFtP, EX EIGRP external, 0 03PF, Ii GS l in tar area > 11 (JSPI NSSA exlt-r ai type 1, FI2 OSPf HiSA asternal type 2 L1 PI...

Figure 36 Debugging verifies that the new route entries at Pooh are working correctly

IP s 192.16B.1.15 (Ethernets), J 1B.4.7.25 (Seriate , g l92,163.1.6B, forward I 10.4.7.25 (Sitr i.ilftj , C 1 Li2 . 1 ( . 1 .1 Lj (Ethernet ), (J 192.1GS.115, forward IP 192-iga. 1.1 s (Ethernet), J ti).4.7.ifM) (seriaii), y 192.163.1.34, forward IP 10.4.7.100 (Sarialo), d l92.160.1.15 (Ethernet ), g l9 .lG& .l.15, forward Next a packet is sent from host 192.168.1.15 to host 10.4.7.100. Packets destined for any host on 10.0.0.0 subnets, other than host 10.4.7.25, should be routed across the...

Figure 62 LeHand advertises subnet 192168219226 to Tully as an internal route Network 19216830 is advertised to Tully

However, the local network for LeHand and Thompson is 192.168.3.0. LeHand is the boundary router between major networks 192.168.2.0 and 192.168.3.0, so 192.168.2.0 will be advertised to Thompson as a system route. Likewise, 192.168.3.0 is advertised to Tully as a system route. 192.168.1.0 is a network in another autonomous system, and LeHand has been configured to advertise that network address as a default route. 192.168.1.0 will therefore be advertised to both Thompson and Tully as an...

Figure 718 Although the RIPv2 update from Taos includes all subnets in the internetwork the RIPvl update includes only

Hif sending vl update in 255,255.255,255 via Ethernets (172,25,150,133) RIP sanding v2 update to 224.9.0.9 via LlhenielC (172.25.150.193) 1 72 .25. 1 50 . 4K2 ii > 3. H . 0 . 0 , r.C'.i - 1C 3, I ag B 172.25.153.123 20 > 8.0,0.0, netric 3, tag e 172.25.150.192 20 > B.0.0.0, *9tric 1. tag 0 172.25.150.224 20 > B.0,0.0, 9trie 1. tag 0 172.25.150.240 30 > B.0.0.0, 9trie 2. tag 0 172.25.150.244 30 > B.0.0.0, Metric 2, tag HI 172.25.150.248 30 > B.0.0.0, BStrlC 2, tag HI 172.25.150.252...

Figure 722 Host Cs ARP cache shows the correct MAC address associated with all addresses

1T2 . 1ft. 35 -112 172 .1C-. 35.1 172.10,35.33 172.19.35.2 172.1ft.35 .3 172 .1 . 35 .il 172.IE,35,21 Zufll - Figure 7.23. Host B's ARP cache shows that C's IP address is mapped to the MAC address of San_Felipe's Figure 7.23. Host B's ARP cache shows that C's IP address is mapped to the MAC address of San_Felipe's CKopyrioht Microsoft ' rji 1981-1995. CKopyrioht Microsoft ' rji 1981-1995. Inter fact 172,19,35.33 1 r . L fit TL v. 1 -.12 , -1 IT .15.35.1 112,19.35.3 171.ig.3S.73 . . 19.35.91 171...

Figure 77 The RIPv2 authentication information when configured is carried in the first route entry space

Multiple fields, up to a maximum of 24 Multiple fields, up to a maximum of 24 Simple password authentication for RIPv2 is in plain text. Figure 7.8 shows an analyzer capture of a RIPv2 message with authentication. The figure also shows a difficulty with the default RIP authentication The password is transmitted in plain text. Anyone who can capture a packet containing a RIPv2 update message can read the authentication password. Figure 7.8. When simple password authentication is used, the...

Figure 830 The IP Internal Routes TLV

If it is loss than or more than three octets, the TLV will be padded with zeros to the next four-octet boundary. For example, if the deslination address is 10.1.1 he Destination field will be two octels and will be loll owed with a pad of 0x00. If the address is 192.168.16.04. Ihe Destinalion lield will be four octets and will be followed with a pad of 0x000000. Next Hop is the next-hop IP address. This address may or may not be the address of the originating router....

Figure 831 The IP External Routes TLV

Originaiing Autonomous System Number 'This field is variable. If it is less than or more than three octets, the TLV will be padded with zeros to the next four-octet boundary. For example, if the deslination address is 10,1, ihe Destination field win be two octeis and will be loiiowed with a pad ol 0x00. il the address is 192.iea.1S.64, Ihe Destinalion lield will be four octets and will be followed with a pad of OxOOOOOO. An external route is a path that leads to a destination outside of the...

Figure 84 The topology table of router Langley

Langley 5*10w ip eiyrp topology IP-EIGRP Topology Table for process 1 Codes P - Passive, A - Active, U - Update, Q - Ouery, R - Reply r - Reply status P 10.1.3,0 24, 1 successors, FD is 512 via Connected, Serial P 10.1.2.0 24, 1 successors, FD is 76fl via 10.1.3,1 (763 25S), Serial via 10.1 .5,2 12B0 256), Seriall P 10.1.1,0 24, 1 successor FD is 7fifl via 10.1.3,1 (763 25S), Senalfl via 10.1.5.2 1536 512 , Seriall P 10.1.7.0 24, 1 successors, FD is 256 via Connected, Ethernet P 10.1.6.0 24, 1...

Figure 929 The Router LSA describes all of a routers interfaces

Rouler ID 192.ieg.3Q.10 Number of Links - 3 Link r Description Link 2 Description Link 3 Description Link 1 Description Link 2 Description Rouler 10 192.168.30.10 Number of Links - 3 Link T Description Link 2 Description Link 3 Description Figure 9.30. The command show ip ospf database router displays Router LSAs from the link state Honerftshaw ip aspl (JaiaGasir router 192.160.30.10 OSpf Router with id (192.168.30,5 ) eProcess id ij Link cuiinoct cl To another HeuLe - (point-to-point) jLmii...

Figure 954 The Ospf Lsa header

Age is the time, in seconds, since the LSA was originated. As the LSA is flooded, the age is incremented by InfTransDelay seconds at each router interface it exits. The age is also incremented in seconds as it resides in a link state database. Options is described in The Options Field. In the LSA header, the Options field specifies the optional capabilities supported by the portion of the OSPF domain described by the LSA. Type is the LSA type. The type codes are shown in Table 9.4. Link State...

Figure 967 The MAC identifier of the DNS server is recorded in Matisses ARP cache indicating that the server can be

Because the DNS server must send replies to network addresses different than its own, it will send the replies to Dali for routing. Dali is not exchanging routing information with Matisse, so it does not know how to reach the networks within the OSPF autonomous system. So the one step needed to close the circuit is to tell Dali how to reach the OSPF networks. This is easily done with a static route Dali(config) ip route 192.168.0.0 255.255.0.0 172.19.35.15 Note that static routes are classless,...

Hexadecimal

Although the address mask must be specified to Cisco routers in dotted decimal, using the command shown previously, the mask may be displayed by various show commands in any of the three formats by using the command ip netmask-format dec hex bit in line configuration mode. For example, to configure a router to display its masks in bitcount format, use Gladys(config) line vty 0 4 Gladys(config-line) ip netmask-format bit As established in the previous section, subnet bits cannot be all zeros or...

Implicit Deny

What happens if a packet drops through all the filters and a match never occurs The router has to know what to do with a packet in this situation that is, there must be a default action. The default action could be either to permit all packets that don't match or to deny them. Cisco chose to deny them Any packet that is referred to an access list and does not find a match is automatically dropped. This approach is the correct engineering choice, particularly if the access list is being used for...

Info

An important distinction to remember when working with IP addresses is that dotted decimal is just an easy way for humans to read and write IP addresses. Always remember that the router is not reading an address in terms of four octets rather, the router sees a 32-bit binary string. Many pitfalls can be avoided by keeping this fact firmly in mind. Probably the most distinctive characteristic of IP addresses is that unlike other network-level addresses, the network and host portions can vary in...

Inter Domain Routing Protocol Information CLV

The Inter-Domain Routing Protocol Information CLV (Figure 10.35) allows L2 LSPs to transparently carry information from external routing protocols through the IS-IS domain. The CLV serves the same purpose as the Route Tag fields of RIPv2, EIGRP, and OSPF packets. Route tagging is covered in Chapter 14, Route Maps. Figure 10.35. The Inter-Domain Routing Protocol Information CLV. Figure 10.35. The Inter-Domain Routing Protocol Information CLV. Inter-Domain Information Type specifies the type of...

IPSpecific TLV Fields

Each Internal and External Routes TLV contains one route entry. Every Update, Query, and Reply packet contains at least one Routes TLV. The Internal and External Routes TLVs include metric information for the route. As noted earlier, the metrics used by EIGRP are the same metrics used by IGRP, although scaled by 256, and are discussed in more detail along with the calculation of the composite metric in Chapter 6. An internal route is a path to a destination within the EIGRP autonomous system....

Knowledge of all subnets

Codesi C - connected, S - static, I - IGKfj K - RIP, H - mobilej E - BGP t - ET P.P, EK - EIGP.P external, 0 - QSf , Tft - QStE inter Hi - (JSPf H5& A sterna typo 1, B.2 - OSff JJ5SA xternal typo Z El - GSfF external type- El - QSPF internal type i, E - EGt i - IS-IS, II - IS -IS level-1, L2 - IS-IS l vel-Sr ' - (TimdJjdKte default U - pei-uiei aCatlc route, o - ODE C IBS. 163.1.0 2i 13 dlrcctly connictod, Ethernet o E 192.153.3.0 24 iiivsaj vi* is .iis.3.33, GQtlTjj , sthemfto 192,168.3,0...

Link 10 Link Dala

Link State ID for router LSAs is the originating router's Router ID. V, or Virtual Link Endpoint bit, is set to one when the originating router is an endpoint of one or more fully adjacent virtual links having the described area as the transit area. E, or External bit, is set to one when the originating router is an ASBR. B, or Border bit, is set to one when the originating router is an ABR. Number of Links specifies the number of router links the LSA describes. The router LSA must describe all...

Lollipop Shaped Sequence Number Spaces

This whimsically-named construct was proposed by Dr. Radia Perlman 9 . Lollipop-shaped sequence number spaces are a hybrid of linear and circular sequence number spaces if you think about it, a lollipop has a linear component and a circular component. The problem with circular spaces is that there is no number less than all other numbers. The problem with linear spaces is that they are well not circular. That is, their set of sequence numbers is finite. 9 R. Perlman.Fault-Tolerant Broadcasting...

LSA Types

Because of the multiple router types defined by OSPF, multiple types of LSA are also necessary. For example, a DR must advertise the multi-access link and all the routers attached to the link. Other router types would not advertise this type of information. Both Figure 9.27 and Figure 9.28 show that there are multiple types of LSA. Each type describes a different aspect of an OSPF internetwork. Table 9.4 lists the LSA types and the type codes that identify them. Router LSAs are produced by...

Multiple entries up to a maximum of 104

Opcode will be one for an IGRP Request packet and two for an IGRP Update packet. A Request packet consists of a header with no entries. Edition is incremented by the sender of an update whenever there is a change of routing information. The edition number helps the router avoid accepting an old update that arrives after the newer update. Autonomous System Number is, more accurately, the ID number of the IGRP process. This tag allows multiple IGRP processes to exchange information over a common...

Neighbor Discovery Recovery

Because EIGRP updates are nonperiodic, it is especially important to have a process whereby neighbors EIGRP-speaking routers on directly connected networks are discovered and tracked. On most networks, Hellos are multicast every 5 seconds, minus a small random time to prevent synchronization. On multipoint X.25, Frame Relay, and ATM interfaces, with access link speeds of T1 or slower, Hellos are unicast every 60 seconds.121 This longer Hello interval is also the default for ATM SVCs and for...

Note

Addressing capabilities of EIGRP compared to IGRP The aggregate addresses of the engines, electrical, and hydraulics departments are themselves aggregated into a single address, 192.168.16.0 21. That address and the aggregate address of the airframe department are aggregated into the single address 192.168.16.0 20, which represents the entire engineering division. Other divisions may be similarly represented. For example, if Treetop Aviation has a total of eight divisions and if those divisions...

Nwtrlc [K1eWl3RPmfcl K2 BWlGftPW26W0A0H K30LYlQfl Pwm REUAffl LnrYM

Where BWIGRP(min) is the minimum BWIGRP of all the outgoing interfaces along the route to the destination and DLYiGRP(sum) is the total DLYigrp of the route. The values k1 through k5 are configurable weights their default values are k1 k3 1 and k2 k4 k5 0. These defaults can be changed with the command metric weights tos k1 k2 k3 k4 k5 3 If k5 is set to zero, the k5 (RELIABILITY+k4) term is not used. Given the default values for k1 through k5, the composite metric calculation used by IGRP...

Operation of IGRP

From a high-altitude view, IGRP shares many operational characteristics with RIP. It is a classful distance vector protocol that periodically broadcasts its entire routing table with the exception of routes suppressed by split horizon to all its neighbors. Like RIP, IGRP broadcasts a request packet out all IGRP-enabled interfaces upon startup and performs a sanity check on received updates to verify that the source address of the packet belongs to the same subnet on which the update was...

Operation of Integrated ISIS

The ISO often uses different terms than the IETF to describe the same entities, a fact that can sometimes cause confusion. ISO terms are introduced and defined in this section, but in most cases the more familiar IETF terminology used throughout the rest of this book is used in this chapter. 7 Some ISO terms are so fundamental that they should be discussed before getting into any specifics of the IS-IS protocol. 7 The temptation to use the ISO European spelling of certain common terms such as...

OSPF A outer with 10 19Z1633050 Process tt i

Lmk State ID 1B.S3.10.0 (External Network Nuntifir ) uetric Type 1 Cofepardble directly to link state metric) Group Membership LSAs are used in an enhancement of OSPF known as Multicast OSPF (MOSPF). 15 MOSPF routes packets from a single source to multiple destinations, or group members, which share a class D multicast address. Although Cisco supports other multicast routing protocols, MOSPF is not supported as of this writing. For this reason, neither MOSPF nor the Group Membership LSA is...

OSPF Packet Formats

The OSPF packet consists of multiple encapsulations, and deconstructing one is like peeling an onion. As shown in Figure 9.46, the outside of the onion is the IP header. Cisco's maximum OSPF packet size is 1500 octets. Encapsulated within the IP header is one of five OSPF packet types. Each packet type begins with an OSPF packet header, whose format is the same for all packet types. The OSPF packet data following the header varies according to the packet type. Each packet type will have a...

Rcrf

Table 4.2 shows a generic link state database for the internetwork of Figure 4.11, a copy of which is stored in every router. As you read through this database, you will see that it completely describes the internetwork. Now it is possible to compute a tree that describes the shortest path to each router by running the SPF algorithm. Table 4.2. The topological database for the internetwork in Figure 4.11. Table 4.2. The topological database for the internetwork in Figure 4.11.

Review Questions

1 What are the five layers of the TCP IP protocol suite What is the purpose of each layer 2 What is the most common IP version presently in use 3 What is fragmentation What fields of the IP header are used for fragmentation 4 What is the purpose of the TTL field in the IP header How does the TTL process work 5 What is the first octet rule 6 How are class A, B, and C IP addresses recognized in dotted decimal How are they recognized in binary 7 What is an address mask, and how does it work 8 What...

RIP Message Format

The RIP message format is shown in Figure 5.3. Each message contains a command and a version number and can contain entries for up to 25 routes. Each route entry includes an address family identifier, the IP address reachable by the route, and the hop count for the route. If a router must send an update with more than 25 entries, multiple RIP messages must be produced. Note that the initial portion of the message is four octets, and each route entry is 20 octets. Therefore the maximum message...

RIP Timers and Stability Features

After startup, the router gratuitously sends a Response message out every RIP-enabled interface every 30 seconds, on average. The Response message, or update, contains the router's full routing table with the exception of entries suppressed by the split horizon rule. The update timer initiating this periodic update includes a random variable to prevent table synchronization.161 As a result, the time between individual updates from a typical RIP process may be from 25 to 35 seconds. The specific...

RIPv2 Message Format

The RIPv2 message format is shown in Figure 7.1 the basic structure is the same as for RIPv1. All the extensions to the original protocol are carried within what were unused fields. Like version 1, RIPv2 updates can contain entries for up to 25 routes. Also like version 1, RIPv2 operates from UDP port 520 and has a maximum datagram size (with an eight-byte UDP header) of 512 octets. Figure 7.1. RIPv2 takes advantage of the unused fields of the version 1 message so that the extensions do Figure...

Router is an L1L2 router

Ai'itterrianpshtMi ltis dii iiliase is is Lnv l-1 Link State Database LiPf LSP Sep Num LSP Checksum LSP Holdtlne ATT P OL fleow.acB . KX0.& 0 oeott.0c i .5 i7c.0G at) QOO0.QC76.5B7C.03 B The three LSPs indicate that Amsterdam's only L1 adjacency is with Brussels. This single adjacency is expected because Brussels is the only other router in area 2. Comparing Amsterdam's L2 database with the System IDs in Table 10.4 reveals that Amsterdam has an L2 adjacency with every router in the IS-IS...

Router Types

Routers, like traffic, can be categorized in relation to areas. All OSPF routers will be one of four router types, as shown in Figure 9.21. Figure 9.21. All OSPF routers can be classified as an Internal Router, a Backbone Router, an Area Border Router (ABR), or an Autonomous System Boundary Router (ASBR). Note that any of the first three router Figure 9.21. All OSPF routers can be classified as an Internal Router, a Backbone Router, an Area Border Router (ABR), or an Autonomous System Boundary...

Routers all of area 2 is ineligible to be a stub area

The RIP speaker does not need to learn routes from OSPF a default route pointing to the area 2 router is all it needs. But all OSPF routers must know about the networks attached to the RIP router to route packets to them. Not-so-stubby areas(NSSAs) 17 allow external routes to be advertised into the OSPF autonomous system while retaining the characteristics of a stub area to the rest of the autonomous system. To do this, the ASBR in an NSSA will originate type 7 LSAs to advertise the external...

Routing Protocol Basics

All dynamic routing protocols are built around an algorithm. Generally, an algorithm is a step-by-step procedure for solving a problem. A routing algorithm must, at a minimum, specify the following A procedure for passing reachability information about networks to other routers. A procedure for receiving reachability information from other routers A procedure for determining optimal routes based on the reachability information it has and for recording this information in a route table A...

Routing TCPIP

CCIE Professional Development Routing TCP IP, Volume I Copyright 1998 by Macmillan Technical Publishing Cisco Press logo is a trademark of Cisco Systems, Inc. All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the publisher, except for the inclusion of brief quotations in a review. Printed in the...

Ruth is now routing to 19216810 through Combs

Cod* 3 C - connected, - stiiticr I - IGf P, R. - RIP, M - mobile, E - BGP D - EIGEP, EX - EIiSP external, G - OSPF, Ii - CSPF inLes area El - KPr intima typt- Jlr - CSPI1 **tc-rn(iJL Cypf Z, E - EGP i- IS-IS, Li - IE-IS leve 1-1, Li - IS-IS leve 1-2, 4 - candidate default (J - psr-UTcr ntiitic Ccu.tc ft 192.163.1.d S 12D 1 YX4 l92.1fiS.6.2, Od DD 23, StzlolO I 1DUA S161 vi* & I. 56.5.ir COiO(J 22r Seriall r 152.i 8.3.0 24 1dd 12 t6j v a j.52. i .5 .1, coio , Serlaii r i& .i s.4.0 24 i ld...

Summary Table Chapter 10 Command Review

Configures IS-IS area (level 1) authentication. Displays details of events triggering an IS-IS SPF calculation. Displays information about SNPs sent and received by the router. Displays statistical information about IS-IS SPF calculations. Displays events that trigger IS-IS SPF calculations. Displays information about LSPs, CSNPs, and PSNPs sent and received by the router. default-information originate routemap map-name Generates a default IP route into an IS-IS domain. Configures IS-IS domain...

Summary Table Chapter 11 Command Review

Default-metric bandwidth delay reliability load mtu Specifies a default metric to be associated with routes redistributed into IGRP and EIGRP. Specifies a default metric to be associated with routes redistributed into RIP and OSPF. ip summary-address eigrpautonomous-system-number address mask Configures an EIGRP summary route on an interface. Redistributes all directly connected networks. redistributeprotocol process-id level-1 level-1-2 level-2 metric metric-value metric-type type-value match...

Summary Table Chapter 12 Command Review

Default-information originate always metric metric-value metric-type type-value level-1 level-1-2 level-2 route-map map-name Generates a default route into OSPF and IS-IS routing domains. Enables classless route lookups so that the router can forward packets to unknown subnets of directly Specifies a network as a candidate route when determining the gateway of last resort. ip route prefix mask address interface distance tag teg permanent

Summary Table Chapter 13 Command Review

Access-list access-list-number deny permit source source-wildcard Defines a line of a standard IP access list. distance weight address mask access-list-numberjname Defines an administrative distance other than the default. distance eigrp internal-distance external-distance Defines the administrative distances other than the default of internal and external EIGRP routes. distribute-list access-list-numbei name in interface-name Filters the routes in incoming updates. distribute-list...

Summary Table Chapter 14 Command Review

Access-list access-list-number denyjpermit source source-wildcard Defines a line of a standard IP access list. access-list access-list-number denyjpermit protocol source source-wildcard destination destination-wildcard precedence precedence tos tos log Defines a line of an extended IP access list. Defines a policy route for packets originated by the router itself. Defines a policy route for packets transiting the router. match interface type number type number Matches routes that have their...

Summary Table Chapter 2 Command Review

Statically maps an IP address type alias to a hardware address Sets the amount of time a Cisco router holds ARP entries Forces the deletion of all dynamic entries from the ARP table Displays ICMP events as they occur on the router. Assigns an IP address and secondary mask to an interface Configures a router to display IP (address, mask) pairs in bitcount, dotted-decimal, or hexadecimal format

Summary Table Chapter 5 Command Review

Summarizes RIP traffic to and from the router ip address ip-address mask secondary Configures an interface with the indicated ip address as a secondary address Establishes the link indicated by the ip address as a neighbor of the interface Specifies the indicated network as one that will run RIP offset-list access-list-number name in out offset type number Stipulates that a route entry belonging to the indicated access list will have the indicated offset number added to its metric Sets an...

Summary Table Chapter 9 Command Review

Area area-id authentication message-digest Enables type 1 or type 2 authentication for an area. Specifies a cost for the default route sent into a stub area by an ABR. area area-id nssa Configures an area as not-so-stubby (NSSA). Summarizes addresses into or out of an area. Configures an area as a stub or totally stubby area. Defines a virtual link between ABRs. Shows the events involved in the building or breaking of an OSPF adjacency. Assigns a password to an OSPF interface for use with type...

Summary Table Chapter 3 Command Review

Statically maps an IP type alias address to a hardware address. Displays information on IP packets received, generated, and forwarded. Information on fast-switched packets will not be displayed. ip route prefix mask address interface distance permanent Statically adds a route entry to the route table. Configures the type of switching cache an interface will use.

TCP Access Lists

The format for an extended access list line that examines a TCP segment is access-list access-list-number deny permit tcp source source-wildcard operatorport port destination destination-wildcard operatorport port established precedence precedence tostos log Notice that the protocol variable is tcp. Probably the most significant feature here is that the access list can examine the source and destination port numbers in the TCP segment header. As a result, you have the option of filtering...

The Autonomous System External LSA

Autonomous System External LSAs (Figure 9.58) are originated by ASBRs. These LSAs are used to advertise destinations external to the OSPF autonomous system, including default routes to external destinations, and are flooded into all nonstub areas of the OSPF domain. The command show ip ospf database external is used to display AS External LSAs (Figure 9.38). Figure 9.58. The OSPF Autonomous System External LSA. Figure 9.58. The OSPF Autonomous System External LSA. Link State ID for AS External...

The Database Description Packet

The Database Description packet (Figure 9.50) is used when an adjacency is being established (see Building an Adjacency, earlier in this chapter). The primary purpose of the DD packet is to describe some or all of the LSAs in the originator's database so that the receiver can determine whether it has a matching LSA in its own database. This is done by listing only the headers of the LSAs. Because multiple DD packets may be exchanged during this process, flags are included for managing the...

The ISIS Sequence Numbers PDU Format

SNPs are used to maintain the IS-IS link state database by describing some or all of the LSPs in the database. A DR periodically multicasts a CSNP (Figure 10.36) to describe all the LSPs in the pseudonode's database. Because there is an L1 database and an L2 database, CSNPs are also either L1 or L2. Some link state databases can be so large that the LSPs cannot all be described in a single CSNP. For this reason, the last two fields of the CSNP header are the Start LSP ID field and the End LSP...

The Link State Acknowledgment Packet

Link State Acknowledgment packets are used to make the flooding of LSAs reliable. Each LSA received by a router from a neighbor must be explicitly acknowledged in a Link State Acknowledgment packet. The LSA being acknowledged is identified by including its header in the LS ACK packet, and multiple LSAs may be acknowledged in a single packet. As Figure 9.53 shows, the LS ACK packet consists of nothing more than an OSPF packet header and a list of LSA headers. Figure 9.53. The OSPF Link State...

The Link State Database

In addition to flooding LSAs and discovering neighbors, a third major task of the link state routing protocol is establishing the link state database. The link state or topological database stores the LSAs as a series of records. Although a sequence number and age and possibly other information are included in the LSA, these variables exist mainly to manage the flooding process. The important information for the shortest path determination process is the advertising router's ID, its attached...

The Neighbor State Machine

An OSPF router will transition a neighbor (as described in the neighbor data structure) through several states before the neighbor is considered fully adjacent. The initial state of a neighbor conversation indicates that no Hellos have been heard from the neighbor in the last RouterDeadInterval. Hellos are not sent to down neighbors unless those neighbors are on NBMA networks in this case, Hellos are sent every PollInterval. If a neighbor transitions to the Down state from some higher state,...

The Network and ASBR Summary LSAs

The Network Summary LSA (type 3) and the ASBR Summary LSA (type 4) have an identical format, shown in Figure 9.57. The only difference in field contents is the Type and the Link State ID. ABRs produce both types of Summary LSA Network Summary LSAs advertise networks external to an area (including default routes), whereas ASBR Summary LSAs advertise ASBRs external to an area. Both types are flooded only into a single area. The Network Summary LSAs in a router's database can be observed with the...

The NSSA External LSA

NSSA External LSAs are originated by ASBRs within an NSSA (not-so-stubby area). All fields of the NSSA External LSA (Figure 9.59) are identical to an AS External LSA's fields, with the exception of the Forwarding Address field. Unlike AS External LSAs, which are flooded throughout an OSPF autonomous system, NSSA external LSAs are flooded only within the not-so-stubby area in which it was originated. The command show ip ospf database nssa-external is used to display NSSA External LSAs (Figure...

The Options Field

The Options field (Figure 9.60) is present in every Hello and Database Description packet and in every LSA. The Options field allows routers to communicate their optional capabilities to other routers. Figure 9.60. The OSPF Options field. Figure 9.60. The OSPF Options field. The asterisk, *, indicates an unused bit, normally set to zero. DC is set when the originating router is capable of supporting OSPF over demand circuits. EA is set when the originating router is capable of receiving and...

The Packet Header

All OSPF packets begin with a 24-octet header, as shown in Figure 9.48. Figure 9.48. The OSPF packet header. Figure 9.48. The OSPF packet header. Version is the OSPF version number. As of this writing, the most recent OSPF version number is 2. Type specifies the packet type following the header. Table 9.7 lists the five packet types by the number appearing in the Type field. Packet length is the length of the OSPF packet, in octets, including the header. Router ID is the ID of the originating...

The route

Codes C - connected, 5 - 3tatic, 1 - I& RP, R - SIP, N - nobile, E - 66P L - EIiSP.P, EK - EIGPP Eitcinflir D - OSPF, JA - OSPF inte area, El - CS ET external type 1, k - GS it external type E - E< 5P 1 - IS-IS, ll - IS-IS level-1, 12 - IS-IS level-i, v - candidate default U - per-user static route Gateway oi esnrb i j n< t iet I 19 . . ltS.l.D JiJI lfln I2inn via 193.168. J 1, Li 0 fl 21, SezrialO 1 192,163.2.0 24 I0G 357 via 192,163.3,1, OOiOO J3, SerialO 192.1 8. 3.0 2fl is directly...

Then reconnecting a neighbors ethernet interface

L'i-J arijAccncy it'M debusing is or OSPF Kir* htllc tin 172.20.1.2 area 2a fro StrialO 1 2.20.1 2 h -.I -.1 I -T 1 .- JI L'H'1 hellu tr ii 1iV Li 0.1 artJi is fi'M Ethcmrtt 10.8,1.2 L' -t Cannot frurielf ir Mi H j fro* 10.3.0. 1 Oi Ethernet , itltc IH WSPF -, ADJCIIG Process U Mtw 10.3 0. I m Ethernet 0 hr-.- u, . to IN1T, l Hay Neighbor change Ev-ent interface EllnrnetO OSPF SM election , ( ftheriwtO OSW Elect 80 LVi. .k) OSPF l lest DR 1 2.2 .I.b Dfl 1 t .20.1 .S (Id) BUR i I > L' 'l t nd...

Troubleshooting Integrated ISIS

Troubleshooting the IS-IS Link State Database Case Study Integrated IS-IS on NBMA Networks When the terms link state protocol and IP are mentioned together, almost everyone thinks of OSPF. Some may say, Oh, yeah, there's also IS-IS, but Idunnomuchaboutit. Only a few will think of Integrated IS-IS as a serious alternative to OSPF. However, those few do exist, and there are internetworks including a few ISPs that route IP with IS-IS. IS-IS, which stands for Intermediate System to Intermediate...

Working with Binary Numbers

Computers are, at the most fundamental level, just a collection of electrical switches. Numbers and characters are represented by the positions of these switches. Because a switch has only two positions, on or off, it uses a binary, or base 2, numbering system (the root bi means two). A base 2 system has just two digits 0 and 1. Computers usually group these digits into eight place values, known as a byte or an octet. The eight place values are So the place values of a binary octet are 128 64...

Fundamentals of Default Routes

When a router is connected to the Internet, a default route is immensely useful. Without a default, the router will have to have a route entry for every destination address reachable over the Internet. As of this writing, such a routing table consists of more than 55,000 entries. With a default route, the router need only know about the destinations internal to its own administrative system. The default route will forward packets destined for any other address to the Internet service provider....

Figure 631 The routing table of RTA in Figure 632

C L tunii trad, Li staticj t k I H. , t mobile, u sc f' EIGBPj L> E1GRP external, > 0SP1 , ia OSP Inter area iti osfi ffhsa external type i, 1 oy-pi nsha external tysie 2 E1 OSPI t-xt -rnaL yfni 1, 12 SPl' xT Ci'riil 1 tyf C 2, L t(iP 1 is L1 es iflvoJ 1, L2 es IS lwol 2. * candidate df-fault U - per user ststic rgute, O& H ia. .a,fl 24 is subnettetf, subnets C l .1.1.0 Is directly connected, Sanan i 102.160.1.9 2-1 1(wy8676 via 172.17.16.56 , 00 68 36, Ethernet I 192,16ft.2.0 24 I1W...

Figure 523 The routing table of RTC in Figure 520

uju h C connected, S static, I IGRP, H. K1H, U mobile, U Sti Li EIGBP, EX EIGRP external, 0 OSPF, A l*, .f> f inter ares Hf LJSt F NSSA external type 1, n uspf rtsSA nkternni type L1 QSPI external type 1 , E2 (JSP exit rial tysc 2, L LiiP 1 IS IS, Li IS IS level-1J L2 IS IS level 2, - - candidate default 172.16.0,8 23 is Subrtettefl, -1 autinuts c 172. IN.a--,.u is directly corrected, Serial R 17 .16.26.0 120 1 I Via * 7 . . 16. 24. 2. 04 00 03, 3cr nlH n 172.1 a.20.0 1120 lj via 72.16.10.5....

Linear Sequence Number Spaces

One approach is to use a linear sequence number space so large that it is unlikely the upper limit will ever be reached. If, for instance, a 32-bit field is used, there are 2 4,294,967,296 available sequence numbers starting with zero. Even if a router was creating a new link state packet every 10 seconds, it would take some 1361 years to exhaust the sequence number supply few routers are expected to last so long. In this imperfect world, unfortunately, malfunctions occur. If a link state...

Case Study Authentication

IS-IS authentication is limited to cleartext passwords only. This mode of authentication provides weak security against a determined attack on the internetwork but is effective for preventing service disruptions from misconfigured or unauthorized routers. Cisco IOS supports IS-IS authentication on three levels between neighbors, area wide, and domain wide. The three authentication levels can be used by themselves or together. The rules for IS-IS authentication are When authenticating between...

Routing by Rumor

Figure 4.3 shows a distance vector algorithm in action. In this example, the metric is hop count. At time t0, routers A through D have just become active. Looking at the route tables across the top row, at t0 the only information any of the four routers has is its own directly connected networks. The tables identify these networks and indicate that they are directly connected by having no next-hop router and by having a hop count of 0. Each of the four routers will broadcast this information on...

Case Study Route Filtering and Redistribution

Any time a router performs mutual redistribution, the potential for route feedback exists. For example, a route from the RIP side in Figure 13.6 can be redistributed into OSPF and, from there, be redistributed back into RIP. Therefore, using route filters to control the direction of route advertisements is a wise approach. Figure 13.6. Cruncher is redistributing RIP routes into OSPF, and OSPF routes into RIP. Route filters should be used to prevent route feedback. Figure 13.6. Cruncher is...

HandsOn Experience

Almost all CCIEs will tell you that hands-on experience is an invaluable part of preparing for the lab exam. Never pass up an opportunity to configure or troubleshoot a router. If you do not work with routers and switches on your present job, get friendly with the network engineers and technicians in your organization. Explain your goals to them and offer to assist them whenever possible. If you have access to lab facilities, take full advantage of them. There is no replacement for the...

Calling the Access List

An access list does nothing unless packets are sent to it by a calling command, which defines how the access list is to be used. One such command is ip access-group access-list-number in out This command is configured on an interface to create security or traffic filters and may be applied to incoming or outgoing traffic. If neither the in nor the out keyword is specified, the filter defaults to outgoing. The access list number, of course, is the access list to which this command will send...