Packetfactory.

info
Networking moments, tips and ideas.

30 random networking and career tips for engineers.

By Oleg Tikhonov

Foreword
All my life I’ve been using other people’s products to gain my knowledge and skills, train myself and become a professional. I am not talking about my professors in the University or numerous books I bought and read. I am talking about community and its role: forum, IRC conversations, IM sessions, tutorials, self-study guides and so on. It was people who dedicated their spare time to create information which I used to get my answers. Years later I decided to give back. I have launched PacketFactory.info recently as a place where I could put my own findings about data networks, routing protocols, switching and so on for other people. Instead of losing this information in IM sessions with my colleagues and friends I made a rule to share this information with everyone else and make it publicly available.

This is a collection of 30 random articles bound together for easy reading or making a hard copy. They either help you to refresh some tricky aspects of routing and switching on Cisco devices or inspire you to think about your career and the future. Read it yourself and share it with your friends because this little book is free of charge.

I hope you will enjoy reading it!

Sincerely, Oleg Tikhonov oitikhonov@gmail.com

PacketFactory.info - 30 random networking and career tips. © 2011 by Oleg Tikhonov

Page 2

All brand names and products are Registered Trademarks of their respective Companies.

Table of Contents
My feedback on books ................................................................................................................................. 4 One more way to group routing protocols ................................................................................................... 5 There is only one best path in BGP ............................................................................................................... 6 Static routes and ARP ................................................................................................................................... 8 Two types of EIGRP ...................................................................................................................................... 9 BGP Next Hop 0.0.0.0 ................................................................................................................................. 11 Cisco BGP Weight ....................................................................................................................................... 13 BGP LOCAL_PREF by Cisco .......................................................................................................................... 14 Disable exec timeouts ................................................................................................................................ 15 How to get rid of typo pauses .................................................................................................................... 16 Annoying IOS terminal output.................................................................................................................... 17 No bit buckets for defaults ......................................................................................................................... 18 Mad ping tests............................................................................................................................................ 19 BGP RIB failure? ......................................................................................................................................... 20 BGP Multi-Exit Discriminator (MED) in Cisco .............................................................................................. 22 How to safely configure remote devices .................................................................................................... 23 Some tips on how to better start your career ............................................................................................ 24 Why Wireshark can be bad ........................................................................................................................ 26 Why Cisco emulation platform would be a good idea and why it is unlikely to happen............................. 27 Changing running configuration in Cisco .................................................................................................... 29 HSRP explained .......................................................................................................................................... 30 RIP Database .............................................................................................................................................. 32 EIGRP load balancing using “Variance” ...................................................................................................... 34 How Route Servers work at Internet Exchange Points ............................................................................... 36 OSPF and default routes............................................................................................................................. 37 OSPF Virtual Links ...................................................................................................................................... 39 Torrents and NAT ....................................................................................................................................... 40 Make your traceroute tool quick................................................................................................................ 41 How to upgrade IOS ................................................................................................................................... 42 PacketFactory.info - 30 random networking and career tips. © 2011 by Oleg Tikhonov Page 3

Engineering career and rapid change of technology................................................................................... 43

My feedback on books
It’s a well-known fact that our professional success almost directly depends on our knowledge and experience. Here I’m going to provide some feedback on books I’ve read recently. To put it simple – read the best. Even if you’re preparing for some exam on XYZ technology pick the one people label “Bible” rather than some special or “recommended” for this particular event. You will have to read them anyone – so why bother reading other books and waste your time? Let me through in few examples. I should also mention that I’m not going to tell anything about other topic aside routing this time mainly because routing is the core. Second of all, other technologies (e.g. VoIP, security) depend on marketing too much, technologies come and go. Routing stays.

Routing
Start with these to get some solid foundation: • • Routing TCP/IP, Volume 1 (2nd Edition) by Jeff Doyle, Jennifer Carroll Routing TCP/IP, Volume II (CCIE Professional Development) by Jeff Doyle, Jennifer DeHaven Carroll

Then deeply dig into each technology reading these: • • • • TCP/IP Illustrated, Vol. 1: The Protocols by W. Richard Stevens for TCP Internet Routing Architectures (2nd Edition) by Sam Halabi for BGP OSPF: Anatomy of an Internet Routing Protocol by John T. Moy for OSPF OSPF and IS-IS: Choosing an IGP for Large-Scale Networks by Jeff Doyle for OSPF and IS-IS

I can’t stress this enough – these books are superb. You will read them, read them again and you will keep coming back for years. Once you get through this list you will understand me. You don’t need any of useless money-greedy video lessons where some nervous guy screams and shouts stupid jokes for two hours just to tell you how ARP protocol works. You don’t need any of books by “experts” who managed to write 20 or more volumes crammed with conceptual mistakes and errors (the one who wrote 25 books is clearly a con, not an expert). I hope you got my point.

PacketFactory.info - 30 random networking and career tips. © 2011 by Oleg Tikhonov

Page 4

info . path vector.One more way to group routing protocols We all know that routing protocols are either IGP or EGP. etc. In contrast. If you think about it. PacketFactory. link-state. these timers can only be useful if there is some way resets them – like periodic updates. BGP and EIGRP rely on opposite peers/neighbors to either die and take all their routes with them or send an update to announce death of certain routes. © 2011 by Oleg Tikhonov Page 5 . I am going to remind you about one more way to logically group them: • • with periodic updates without periodic updates This can help you to understand and memorize why OSPFv2 has MaxAge (up to 1 hour) timer or why RIP routes also can be timed out so that router will forget them. distance vector.30 random networking and career tips.

2.info . It is possible to balance across more than one link in some implementations but only the best route will be announced to internal or external peers anyway. BGP does not have equal paths. BGP Best Path Algorithm always has a way to break any tie. all iBGP peers must be full meshed to avoid loops or suboptimal routing. iBGP learnt routes are never sent to other iBGP peers. Next time you play with LOCAL_PREF or prepend AS_PATH keep in mind that some peers will have several routes for a particular prefix while others will have only one. split horizon is a wrong term in BGP context but it is a good way to memorize 2 facts: 1. As NEXT_HOP and AS_PATH are always same inside one AS. © 2011 by Oleg Tikhonov Page 6 . Example You have two border BGP routers connected via iBGP. Most BGP implementations will not advertise a path for some prefix to a peer if the best path for this particular prefix was received from that peer.30 random networking and career tips.There is only one best path in BGP Single path During labs it’s good to remember the fact that. naturally. Both routers peer with dedicated ISP eBGP peers and receive routing information from ISP: PacketFactory. “Split Horizon” Strictly speaking.

will have only one path (towards ISP1) as iBGP peer R2 will not send its variant of the path. However. These routes will be discarded by ISP2 anyway because AS_PATH value will contain AS number of ISP which alarms a loop. R2 may send them back to ISP2. R1 will not send external paths back to ISP1.info . Moreover.30 random networking and career tips. this fact can be useful if you analyze traffic dumps in Wireshark. PacketFactory. R2 router will have 2 possible paths per external prefix: • • from its eBGP peer ISP2 from its iBGP peer R1 (the best route) R1. however. © 2011 by Oleg Tikhonov Page 7 .You tweaked LOCAL_PREF so that only R1 will be used for all outbound traffic.

it behaves differently: every time an interface is provided instead of IP address.info . © 2011 by Oleg Tikhonov Page 8 .0 FastEthernet0/0 Though it looks darn same.30 random networking and career tips.0. It means that each time someone at R1′s LAN initiates packet exchange with The Internet. This will work if R2 has Proxy ARP enabled (which is default for Cisco).0.0 0. added route is treated as locally connected. like this: ip route 0. R2 will send ARP Replies in the name of hosts from networks it knows about. R1 will have a separate ARP Cache entry for each destination IP resolving to the very same MAC address of R2′s F1/1.Static routes and ARP One common mistake people often make is related to Proxy ARP and the way Cisco IOS allows us to configure static routes. R1 tries to forward packet to R2 via its default route and uses ARP to get the MAC address of packet’s destination because this default route looks like some universal physically connected LAN which has everyone on board. R1 would have only one ARP entry related to R2′s FastEthernet1/1 (next hop for R1). PacketFactory. If R2′s IP address was used.0.0. Here R1 was configured with static default route and someone decided to provide an outgoing interface instead of next hop address. Meanwhile.

However. • • Internal EIGRP has AD of 90 External EIGRP has AD of 170 Different AD values help to avoid routing loops when there are 2 routing domains and more than one redistributing router.30 random networking and career tips.info . redistributes it to OSPF and sends out LSU with LSA Type5 for “A” across OSPF domain.Two types of EIGRP Ever wondered why are there 2 types of EIGRP with different Administrative Distances? This question implies some serious answers. Rx announces subnet “A” across EIGRP domain so that both R1 and R2 have it in their RIBs with Administrative Distance of internal EIGRP which is 90. © 2011 by Oleg Tikhonov Page 9 . Both R1 and R2 redistribute between these IGPs. Thankfully this won’t happen PacketFactory. As almost every contraption in routing it helps to avoid routing loops. I’m going to cover one single fact only. This far everything looks fine. “A” gets redistributed into OSPF domain as Type5 external route (R1 and R2 act as ASBRs for this domain) so that Ry gets familiar with “A”. However. As both R1 and R2 redistribute not only from EIGRP to OSPF but also from OSPF to EIGRP. Example There are to different IGPs running: OSPF and EIGRP. R1 gets “A” via EIGRP from Rx. we can have a look from a different angle. Now. R2 gets too. R2 should try to redistribute “A” back to EIGRP because it is an average OSPF route.

PacketFactory.info .because EIGRP has AD of 90 which is less than OSPF’s 110. it won’t happen: AD of OSPF is 110 which is less than external EIGRP’s 170 – none of redistributed variants of “B” will be in RIBs of R1 or R2 and as we know. If any of the redistributing routers tries to push “B” back to OSPF. © 2011 by Oleg Tikhonov Page 10 . OSPF-learnt route for “A” won’t get into RIB thus it will not be redistributed.30 random networking and career tips. due to IGPs internal differences the only source redistribution system has is RIB. R1 and R2 redistribute it into EIGRP as an external EIGRP route with AD of 170. The second scenario is reversed: Ry announces “B” across OSPF domain.

BGP Next Hop 0.0. metric 0.0. the next hop is actually the one from IGP. metric 30720. localpref 100.13 2 32768 ? If we look further: R2#sh ip bgp 10.0 mean in the show ip bgp command output? A.13 from 0.0.1.4/30 172. I think this explanation is not very clear.1. version 5 Paths: (3 available.0.1. localpref 100. one route to which is redistributed from IGP: * i10. best As we can see. It is also present at Cisco.0. A network in the BGP table with a next hop address of 0.1.1) Origin incomplete.16.0 I once stumbled upon the following vogue explanation of show ip bgp output in a book.1.0 (172.0.16. sourced. external Local 172.0 means that the network is locally originated via redistribution of Interior Gateway Protocol (IGP) into BGP.com BGP FAQ: Q.0.0.0. best #3.16.13) Origin incomplete. weight 32768.0.0.16.1.16. table Default-IP-Routing-Table) Advertised to update-groups: 1 2 Local 172. What does a next hop of 0.13 (172.16. valid.13 from 172.0. PacketFactory.0.0. metric 2. localpref 100. here is a fragment of sh ip bgp output which displays a prefix.1. or via a network or aggregate command in the BGP configuration. valid.0.16.0.1 30720 0 500 ? *> 172.0. valid.0. Example First off.1 from 10.30 random networking and career tips.16. © 2011 by Oleg Tikhonov Page 11 .0.info .4 BGP routing table entry for 10. internal 500 10.13 0 100 0 ? * 10.4/30.1 (16.0.16.14) Origin incomplete.

Otherwise.0. its next hop will be derived from IGP so that it can be routed. The key moment here is that redistributed route will have 0.info . It makes sense to have 0.0. PacketFactory.0.0 as its next hop if it is local from IGP perspective (thus.0 symbolizes the local device.0. It doesn’t however make any sense for routes redistributed from IGP if they were originated somewhere else in IGP domain.0 as the next hop for aggregates and routes injected via network command because these routes start their existence in this very device. it originated locally).0.The meaning of 0.0.0.0.30 random networking and career tips. © 2011 by Oleg Tikhonov Page 12 .0 0.

It is the first so-called attribute considered (if synchronization is ok and next hop is accessible). while usually local preference is considered first. are more preferable than iBGP/eBGP ones) to be considered at the very beginning. © 2011 by Oleg Tikhonov Page 13 .Cisco BGP Weight As we all know Cisco has a proprietary addition to BGP Best Path algorithm – Weight attribute (kind of).30 random networking and career tips. However. This way.info . it’s not just an extra step for the algorithm. Here is the part of the best path selection algorithm we’re interested in: • • • Prefer highest Weight (Cisco only) Prefer highest LOCAL_PREF Prefer locally injected path o tie break: added via network or redistribute added via aggregate-address • • Prefer shortest AS_PATH etc. you can still find it helpful and use Weight to quickly spot locally added routes in show ip bgp outpout. If this fact looks unimportant. at some point. it is also a shortcut for locally injected routes (which. Cisco device assigns a Weight of 32768 for all locally injected routes which is bigger (and better) than default 0 for all other sources. local routes are more important than routes with better LOCAL_PREF inside each device. PacketFactory.

13) Origin IGP. LOCAL_PREF will show up: R2#show ip bgp 0.0/0.0.0.BGP LOCAL_PREF by Cisco Here is a small note about one BGP glitch in Cisco products.1 from 10.5 Metric LocPrf Weight Path 0 0 500 i 0 100 0 500 i As you can see. internal The possible reason is that some IOS snippet reads LOCAL_PREF from some structure derived from received updates but routes learned via eBGP obviously don’t transport LOCAL_PREF in updates. there is emptiness for the first route. valid. best #1.16.0.16. version 28 Paths: (2 available.0.1 (16.0. localpref 100.0.13 (172.0 BGP routing table entry for 0.0.info .0. if we dig a bit deeper. PacketFactory.1) Origin IGP. For some weird reason cisco box won’t show you the default local preference while it’s still there. metric 0.1.5 (metric 2) from 172. However.1 10. valid.0.30 random networking and career tips. metric 0.16.16. localpref 100.0.0. best 500 10.0.1. table Default-IP-Routing-Table) Advertised to update-groups: 1 500 10.0.0.0 *i Next Hop 10. © 2011 by Oleg Tikhonov Page 14 . external.0.0. R2#sh ip bgp Network *> 0.

Disable exec timeouts There is one more convenient feature of IOS which allows for infinite configuration time on lines if configured with 0 minutes 0 seconds: Router1(config)# line con 0 [vty 0 4] Router1(config-line)# exec-timeout 0 0 Here is the result: Router1#sh line con 0 <skipped> Timeouts: Idle EXEC Idle Session Modem Answer Session Dispatch never never none not set Idle Session Disconnect Warning never Make sure to apply it to both console and vty lines. It may not be acceptable in live networks due to security or political issues but it is obviously useful for labs.30 random networking and career tips. PacketFactory. © 2011 by Oleg Tikhonov Page 15 .info .

30 random networking and career tips. or unable to find computer address R4# There is an obvious solution – use no ip domain-lookup command to disable DNS lookup: R4#rw Translating “rw” Translating “rw” % Unknown command or computer name.663: %SYS-5-CONFIG_I: Configured from console by console R4# Certainly.255.255) % Unknown command or computer name. © 2011 by Oleg Tikhonov Page 16 .255.255.info .255. PacketFactory.255) Translating “rw”…domain server (255.How to get rid of typo pauses Isn’t it annoying to mistype some command and become stuck. it’s not appropriate in many production situations but we almost never have excuses not to use this simple technique in Lab environments.255. or unable to find computer address R4# *Jan 18 14:05:05. trying to either cram in that tricky abort key sequence or wait till DNS resolver cools down (which takes a while)? For example.255.255) (255. I’ve tried to save config by using old-school wr command: R4#rw Translating “rw”…domain server (255.

© 2011 by Oleg Tikhonov Page 17 . etc. debugs. yet many engineers tend to forget about this useful command (including myself): logging synchronous Being applied to line config (line Console or VTYs) it allows you to keep typing without being disturbed by those annoying logs.30 random networking and career tips. Configuration: Router(config)# line vty 0 4 Router(config-line)# logging synchronous Every time some output pops up in the middle of the CLI line you’re currently editing. this one is quite popular.info . IOS will make a new line and paste all your work there so that you’ll be able to continue.Annoying IOS terminal output Alright. PacketFactory.

0.0. Let’s suppose that BDR is the only router which runs BGP. As the bottom cloud suggests. This is why BDR has to has 10.0. it didn’t happen and here is why: Here we can see border router (BDR) which runs BGP with ISP router to receive default route from it and announce its own 10.No bit buckets for defaults A mate of mine once stumbled upon one trivial network behavior which has some philosophical idea behind its simplicity. only some part of 10.0. He knew about that and got used to it. We all know that RIB entries which point to Null interface are necessary for each summary or aggregate route created.0. BDR announces default route to the rest of the network.0.0/0 is ultimately an outstanding form of aggregation which spans across all address space.0. all traffic must be either routed deeper in the network or dropped (as we know.0/0 prefix which is used throughout the network.0/0 route pointing to Null interface because it needs to forward all outgoing traffic to ISP via another default route: 0.0.0/0 pointed to NEXT_HOP of ISP. In order to receive all Internet-bound traffic.0.info . Obviously. © 2011 by Oleg Tikhonov Page 18 . Once he created a default route in OSPF and expected it to create the route to Null because 0.0/8 pointing to Null0 interface in its RIB – BDR is the only entering point into 10 network.0. it must not have 0.0.0/8 is dedicated to the whole network.0. PacketFactory.0. In this case. all packets routed to Null interfaces simply get dropped).0/8 is currently used but in this scenario 10.0.30 random networking and career tips.

etc. You did apply some sensible load on the network but in many cases this doesn’t give you much information. MTU size is pretty consistent nowadays (again. If you do – you still can’t measure it accurately since ICMP packets are often treated with less priority. In most cases DF bit is not set for ICMP and UDP by default. Third: Payload for ICMP Reply packet should be exactly the same as in received Request.30 random networking and career tips. large pings may be blocked or filtered by security mechanisms. I suppose it is something we sometimes do unconsciously.info . And finally: IP packet. it also can’t address an infinite OFFSET. You don’t know where on the network the bottleneck occurred.Mad ping tests I bet we all saw some guy desperate to troubleshoot a network with echo requests of increasing sizes without any idea why. we should know if our host machine which we use to initiate ping (echo request) sets Don’t Fragment bit for IP packets which encapsulate our echo requests. PacketFactory. due to its header has limits on maximum packet size. Besides. was request or reply dropped. Second of all. The bottom line Using large ICMP Request payloads can be meaningful but there should be a clear reason and understanding of what’s going to happen. So. Let’s recall the following things: • • • • MTU DF bit of IP ICMP payload Maximum IP packet size First of all. in most situations you either get a direct error from your host (if you disabled fragmentation) or simply send some big request and receive some big reply (both get fragmented and reassembled by IP layer). © 2011 by Oleg Tikhonov Page 19 . in general networks).

30 random networking and career tips.0/8 Known via “static”. Here is some output: R7#sh ip bgp BGP table version is 31. r RIB-failure.15. e – EGP.0.15. i – internal. h history.BGP RIB failure? If you haven’t worked with Cisco implementation of BGP enough you may stumble upon BGP RIB failure in sh ip bgp output and wonder what it means.0. local router ID is 18. traffic share count is 1 As you can see here.1 Status codes: s suppressed.0.0.15.0 15.0.15.0 15. it can be your eBGP peer which was configured with network command which hooked up your PacketFactory.1 0 100 0 i *> 0.15.18. d damped.0. For example. Now. if we check RIB we’ll get the source of this anomaly: R7#sh ip route 88.0.0.0 Routing entry for 88. © 2011 by Oleg Tikhonov Page 20 .0.0 0 32768 i r> i88. 20).0.0. the route received from BGP cannot be inserted into RIB because there is a static route with lower Administrative Distance (1 vs.1 RIB-failure RIB-NH Matches Higher admin distance n/a This gives us a hint.0. > best. Conclusion In many cases RIB failures don’t indicate any dramatic problems on the network. * valid.0.9 Route metric is 0. S Stale Origin codes: i – IGP. distance 1.info .0.0 15.15. ? – incomplete Network Next Hop Metric LocPrf Weight Path * i0. metric 0 Routing Descriptor Blocks: * 10.18.1 0 100 0 666 i Now we can try to investigate the matter: R7#sh ip bgp rib-failure Network Next Hop 88.

However.transport /30 subnet between BGP peers. it might be a good idea to keep an eye on them using show ip bgp rib-failure command.info .30 random networking and career tips. PacketFactory. © 2011 by Oleg Tikhonov Page 21 .

BGP Multi-Exit Discriminator (MED) in Cisco Multi-Exit Discriminator is a BGP attribute generally used to advise single external AS you peer with about the best entrance to your own AS.30 random networking and career tips.2 3 32768 ? 0? As you can see.168.16.16. the best border router (the one peering with other AS via eBGP) in terms of MED is the one which has the shortest IGP path to final prefix.1. Cisco will put IGP metric in MED automatically.1. if you have 2 border routers which peer with 2 other routers of AS “X” you can tweak MED to advice “X” to use the 1st router of yours for all traffic towards your Autonomous System.1/32 172. “2″ and “3″ actually came from OSPF costs. For example. As we stated. PacketFactory. The best entering point is the best path across AS cloud between some border router and some final subnet in terms of IGP (because IGP is used for routing inside AS in most cases).10 2 100 *> 172. So. In order to use MED. Here is a snippet from my lab network which OSPF redistribution into BGP: * i192. you must configure route-map and advise the router to put IGP metric of some prefix into MED field of BGP update for this prefix: route-map set_MED permit 10 set metric-type internal One tricky moment here is that the word internal means 2 different things in IOS: R2(config-route-map)#set metric-type ? external IS-IS external metric internal IS-IS internal metric or Use IGP metric as the MED for BGP type-1 OSPF external type 1 metric type-2 OSPF external type 2 metric Cisco devices have one more interesting addition to this behavior: Every time you redistribute IGP routes in BGP. MED is the best entering point for some particular prefix in AS.222. © 2011 by Oleg Tikhonov Page 22 .info .

PacketFactory. Unfortunately.info . You don’t want to know the stories people got into after changing ACLs or shutting down ports thus cutting themselves out of the box. You should know about these 3 arguments: reload in minutes reload at time cancel reload Before making any changes to running config you must issue any of the first 2 commands to tell the router to reload in some minutes or reload at precise time without saving the config. It has however one crucial feature which must be used by every engineer – reload command. your device will reload as scheduled and you’ll get your console back. After you alter configuration and check that your box is still accessible. If you mess up and loose management connection.How to safely configure remote devices Sometimes we face with the most annoying task – configuration of some router which is infinite miles away. Cisco IOS is pretty ancient in terms of flexibility of operations with config files.30 random networking and career tips. This very simple command will save you heaps of your nerves. you should cancel reload task you’ve scheduled by providing cancel reload. © 2011 by Oleg Tikhonov Page 23 .

© 2011 by Oleg Tikhonov Page 24 . Personal example: I once went for some money which looked good back then for me and wasted almost a year working with Videoconferencing and similar trivial crap until I realized that such a specialization is poor in terms of growth.info . Believe me. 90% of the time you’ll be doing same old boring crap and won’t learn anything new. You may see lots of experienced people in forums. Don’t blame your boring entry-level position for all your misfortunes and luck of progress. In fact. their colleagues. The very first thing is this: train yourself to study hard.30 random networking and career tips. They never loiter and learn nothing in wait for some mythical good big projects to come. Most of the good engineers I know never rely on their company. etc. not by socializing only. I’m not sharing with you. etc. IRC channels and other communities and feel yourself involved wasting all your time on those resources. They study constantly. friends. Don’t rush after money and don’t work with silly technologies – you’ll regret it. however. Plan your technical career 2-3 years ahead and stick to it (unless you discover that your plan is silly). I’m sharing with myself but young and novice. I learned this from my modest experience. learn how to build your professional network. read several books to prepare for your exam. I would like to share some of my thoughts on the matter with you. They spend their own time cut from their families. The more skilled you become the less responses you get. PacketFactory. remember that those people earned their expertise by studying hard. It is ok to sort of polish some questions and technical oddities but please – invest your time wisely. This is the curse of this industry – you will never succeed if you work 9 till 5. So. don’t be fooled that you’ll be able to find a job in a week once you become skilled and expensive. even if you work for a top Cisco Gold Partner System Integrator most of your self-development will concentrate in few time clusters when you faced a big chunk of some new technology. And the last one for now – yet the most important – don’t be too geeky. You should. If you’re young – don’t run after quick money.Some tips on how to better start your career Many of you plan or just started their careers in the industry. There isn’t anything dirty in this – people simply try to work with someone they know and trust. The better some position is (in terms of money or interest) the more chances that someone will try to hire from his/her social network. I still regret that I was blind and haven’t stayed in a less-paid but more perspective position in ISP. Some people realize it pretty late too. If you’re 1st line support engineer – you may get lots of responses to your CV. The bitter fact of this life is that you’ll almost never see the best positions in public access.

They split and unite again many times.info . © 2011 by Oleg Tikhonov Page 25 .Lots of engineers actually migrate from one company into another in flocks – someone becomes chief engineer and brings his mates from the previous company. This industry is very small as you’ll see.30 random networking and career tips. PacketFactory.

you won’t be able to identify many problems from the dump only. Besides. tcpdump or IOS-embedded packet sniffer are great learning and troubleshooting instruments. It is good to know stuff deeply but sniffing is not the best option for every problem. The very first thing which comes into my mind is a habit of bottom-up troubleshooting and debugging approach packet analyzing tools develop in you. However. some negative impacts on your skills and work. They didn’t feel comfortable. all traffic sniffing tools have. in my opinion. you may tend to sniff traffic as the first step of nailing problems. like smokers without tobacco. not by habit. This may sound preachy but I’ve seen people whose problem solving efficiency decreased once they stumbled upon some remote issue in a situation when it was simply impossible to collect traffic. to be able to predict problems and act by mind. Once you become familiar with under the hood logic of some technology or protocol. I personally try to keep this in mind to gradually become a better engineer. You don’t want to collect traffic dumps too often – it is almost always faster to type in some commands and nail the bug than to sniff everything and then compute stuff in your head. To utilize the best approach in some particular situation you really have to be familiar with debugging commands of your vendor. PacketFactory. Cisco TAC engineers ask you to provide traffic dump either when other techniques failed or when they don’t have time to work on your case right away.info . © 2011 by Oleg Tikhonov Page 26 .30 random networking and career tips. There are several troubleshooting methodologies which are appropriate for problems of different features. Learning and lab experience reinforce this behavior even more.Why Wireshark can be bad Wireshark.

etc. this is how modern Telco and IT operate. Some people have started to promote an idea of asking Cisco to provide us with the official emulation platform for learning and testing purposes.30 random networking and career tips. no system approach. We don’t have instruments to prepare good solutions. No responsibility. they sell hope that everything will be fine. Why getting needed instruments it is unlikely to become reality PacketFactory. Why emulation is good Imagine a group of architects building a bridge after reading some books and scratching in PowerPoint. Recent changes in IOS 15.Why Cisco emulation platform would be a good idea and why it is unlikely to happen We all like dynamips/dynagen/gns. The current response by vendors is simple – buy twice as much and build an equivalent lab. Integrators do not offer any solid and tested solutions from their portfolio. planning. However. Here is my 2 cents. We can only go there and test it during the project. Vendors consider that provision of emulation platforms is not an option. © 2011 by Oleg Tikhonov Page 27 . nothing. engineers lose nerves because they’re obliged to be responsible for solutions they know nothing about. This is why people laugh at you when you reveal your profession and then call yourself an engineer. Customers lose money. It’s still a geek playground.info . time and patience. Such a situation doesn’t look plausible – it’s not how big and serious things are done in tough segments of our economy. migration of ISP track to XR and restricting software access via CCO inflate those talks even more. This industry doesn’t look mature and professional enough. Software licenses state that they are ready to get your money but won’t guarantee anything in return. We don’t use CAD systems to thoroughly test proposed solutions before selling or deploying them. service providers lose manhours. Imagine several iterations of producing parts of some aircraft by heart just to test if they will assemble together. Imagine a factory without standards.

for example.First of all. you can justify building a lab. Second of all. Cisco. If some vendor ships a product similar to dynamips today. It’s dirt cheap for Cisco. Modeling and testing systems for such extraordinary things cost more than your networking projects. people will complain tomorrow that they’re unable to test this and that. If you are an immense government organization. we should just embrace the fact that in this field everything is messed up and make sure the client believes in that. © 2011 by Oleg Tikhonov Page 28 .30 random networking and career tips. Nobody will invest resources just to make it easier for you to pass CCNA. Probably. I don’t think they care. simply has labs for its engineers. PacketFactory. or even two if you need. They can’t ship their developing stuff either – I presume it is buggy semi-hardware kit collection difficult to manage or operate because it’s was not developed with end users in mind. If your project is that expensive.info . you will buy yourself a lab. Third: technological foundation of building a bridge changes slower than things in IT. Playing with dynamips is a very good thing but it is not a product you purchased. it is a technological problem. You can’t build a much cheaper equivalent of something with same functions. If they build The Product it will cost heaps but will be emulation anyway. Space crafts are more expensive than migration of an office to VoIP. Problems generate support market. If you’re a small enterprise – it’s your problem if something won’t go as planned.

Changing running configuration in Cisco Many people mess up stuff when they try to copy some config file into running configuration. © 2011 by Oleg Tikhonov Page 29 . If you’re after complete replacement of running configuration. PacketFactory. It will wipe the running config and put the one from its argument. There are two commands which have major difference in their operation: • • copy file running-config config replace file The first command does merge operation. It adds command from file if they are missing in current running configuration or alter those commands overwriting the ones in current running config with the ones from provided file. The most common mistake is that this command will not delete any commands from running config if they’re not present in provided file. use the second command instead.30 random networking and career tips.info . There is one important thing about it in Cisco IOS.

elect the Active and Standby roles.HSRP explained I’ve noticed that HSRP protocol is usually described from operational point of view only. HSRP Basics Hot Standby Router Protocol is a next hop or default gateway redundancy instrument. Standby (the router with next-highest priority) will start answering ARP requests for virtual IP.30 random networking and career tips. Participating networking devices communicate with each other and provide a virtual IP and MAC addresses for servers or workstations. Here I am going to give a basic example of HSRP from design angle. © 2011 by Oleg Tikhonov Page 30 . Even though it is described in RFC it’s still a Cisco proprietary thing because RFC 2281 is informational. If Active one dies. You may google more details.info . HSRP Design Here is an example of how it may be implemented on the network: PacketFactory.

168.3 Sample config for CS1: interface Vlan23 ip address 192. L3 Core switches (CS1. © 2011 by Oleg Tikhonov Page 31 .168.1q trunks for redundancy.0/24 for VLAN 23).1 255.23. PacketFactory.0/24 subnet plus HSRP group will be configured on those SVI interfaces with its own IP address from the subnet. CS2) terminate VLANs on SVI ports.info .30 random networking and career tips.168. for example a switch per floor) which connect to both core devices via 802.255. Both core switches will have SVI interfaces for VLAN 23 configured with their own IP addresses in 192.168.168.1 SVI 23 on CS1 – 192.0 standby 10 ip 192.168.23.168.23.23.255. One subnet per VLAN is assigned (192.3 standby 10 priority 200 standby 10 preempt standby 10 track 1 decrement 100 I hope this may help to grasp HSRP implementations for those who struggle.23. • • • SVI 23 on CS1 – 192.23.2 HSRP group on both SVIs – 192.We have a L2 access layer switches (SW1…SWn.23.

© 2011 by Oleg Tikhonov Page 32 .0.0. An inbound update will be dropped and won’t get into RIP table if: • • • It was filtered by some inbound filtering There is a better RIP route for this prefix (less hops) There is a route in RIB with better Administrative Distance As was stated above.0. RIP uses this database to generate outbound updates. It implicates that if some route hasn’t reached the database it will not be sent out. RIP processes inbound updates to decide if they should go into route database. 120): PacketFactory. R3 has 15.30 random networking and career tips.0.0. R2 does not put this route into its RIP Database because it also receives an EIGRP update for the same prefix and EIGRP has better AD than RIP (90 vs.0.0. This is all simple and logical but let’s have a closer look on the third drop reason: Both RIP and EIGRP protocols are configured on some routers (nobody knows why. However.RIP Database IP has a special route database to keep all received updates and uses this database to send outbound updates as well. Loopback1 R3 shares it with R2: R2#debug ip rip *Jan 28 22:16:37.0 in 1 hops However. maybe there is some IGP migration in process).0 255.0 15.info .0/8 prefix in its RIP table: R3#sh ip rip database 15. RIP differs from other IGP protocols in a way that it doesn’t keep all topology information.0.827: 15.0.0/8 directly connected.827: RIP: received v1 update from R3 on FastEthernet1/0 *Jan 28 22:16:37.0.

0.168.100. FastEthernet1/0 This also means that R1 which runs RIP only will never know about 15.0/8 [90/156160] via 10.16.0.30 random networking and career tips.0.0/8 directly connected. FastEthernet2/0 <skipped> R2#sh ip route | i 15.0.0/30 directly connected.0.168.0/16 auto-summary 172. FastEthernet1/0 172.0.0.0/8 auto-summary 10.0.0/30 directly connected. © 2011 by Oleg Tikhonov Page 33 . PacketFactory. 00:15:22.2.0.0 D 15.16.0.10.100.0.0/8 network.R2#sh ip rip database 10. FastEthernet1/1 192.0/24 auto-summary 192.0.info .0.

0/8.0. R1 receives the route from R2.EIGRP load balancing using “Variance” EIGRP is probably the only widespread IGP capable of unequal cost path load balancing.info .0. © 2011 by Oleg Tikhonov Page 34 . FD is 15 R4: AD(RD) is 20. Load sharing Even though the path via R3 is worse in terms of metric than the one via R2 it is still possible to put this route into RIB table by providing variance command: router eigrp 10 variance 2 PacketFactory. EIGRP process on R1 needs to find its way to 10. It is quite easy to configure this feature though there is one important thing to remember about it – such load balancing has nothing to do with Feasible Successor (FS) elections. Feasible Distance (FD) via R2 is 10 R3: AD (RD) is 5. FD is 25 R2 will become Successor because of the lowest FD (10). R3 and R4. R3 will become FS because 5 < 10. R4 will become nobody because 20 > 10. Let’s calculate EIGRP in our head: • • • R2: Advertised Distance (or Reported Distance) is 5.30 random networking and career tips. Feasible Successors As we can see in this example network.

30 random networking and career tips. Once again. R4 will still be an outsider because 25 is still > 20 and because R4 is not even a FS. We can set variance to 5 but R4 still won’t be considered. EIGRP checks feasibility condition and picks successor and feasible successors first.info . otherwise it could create routing loops. Variance multiplier is used only to allow FS into RIB. For our network this means that R1 will put the route from R3 into its RIB because 15 (the FD of R3) is less than the new reference metric of 20 (10*2=20). PacketFactory.This command increases the reference metric – it multiplies FD of the successor by provided argument (in this example 2). © 2011 by Oleg Tikhonov Page 35 .

As we know.30 random networking and career tips. Each time someone new pops up – everybody has to configure another neighbor. All participants exchange actual traffic across some sort of a switch farm. Route Server acts like Route Reflector in iBGP – it receives some routing information. Now imagine a facility where tens of Autonomous Systems peer.How Route Servers work at Internet Exchange Points Route Servers are used at points of traffic exchange where big enterprises and ISPs interconnect with each other to actually create The Internet. some networking policies must be implemented in different varieties among independent routing domains. Moreover. PacketFactory. All prefixes have NEXT_HOP attribute of original router which shared this information with Route Server. Route Servers help to simplify BGP peering: As you can see. processes it and sends out to other peers. The most crucial thing here is that Route Server does not forward real traffic. each participant peers with Route Server only thus full BGP peering mesh is avoided.info . in order to exchange routing information between Autonomous Systems BGP peering must be established between each pair of peers because BGP works on top of TCP and does not create neighborships automatically via some multicast magic like IGPs do in most of the cases. © 2011 by Oleg Tikhonov Page 36 .

0. router ospf 1 log-adjacency-changes network 0.0.info .255.0.0/0 is already present in RIB table (for example.255 area 0 default-information originate … PacketFactory. we create a static default route and redistribute it into IGP. Another command must be used instead.OSPF and default routes This post is about some common mistake again.255.168.0/0? Usually.0 172.0. it was received from eBGP peer).0.0 255.0.0 255.10.0.0 0. this won’t work.0. How to tell OSPF router to announce 0. The always argument tells the router to originate default even if it has no default in its RIB.0.0.30 random networking and career tips. In the case of OSPF. I use static route redistribution in this example.2) (Process ID 1) As you can see.255.1 OSPF does not redistribute default routes when redistribute command is utilized. but EIGRP will behave in the same manner: R2#sh ip ospf database external OSPF Router with ID (192. You may think of it as of some special form of redistribution command: • • default-information originate default-information originate always Issued without any arguments it will make the router ASBR and inject an E2 Type 5 default route into OSPF only if 0.100.0. © 2011 by Oleg Tikhonov Page 37 .0. router ospf 1 log-adjacency-changes redistribute static subnets network 0.16.255. redistribute command skipped the static default – R2 does not have this external route in its database.255 area 0 ! ip forward-protocol nd ip route 0.

PacketFactory. while static defaults are obviously not.2) (Process ID 1) Type-5 AS External Link States LS age: 2 Options: (No TOS-capability. © 2011 by Oleg Tikhonov Page 38 .0 (External Network Number ) Advertising Router: 192. It may also be proposed that having the special command for default routes is safer in terms of configuration errors – you’re less likely to redistribute default routes accidentally.100.168.16.30 random networking and career tips.100. DC) LS Type: AS External Link Link State ID: 0.2 LS Seq Number: 80000001 Checksum: 0x21F9 Length: 36 Network Mask: /0 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 1 Forward Address: 172.168.info .R2#sh ip ospf database external OSPF Router with ID (192.0.0. you don’t want to attract traffic with a static default towards a router with failed BGP session. If you have 2 BGP border routers and receive 0/0 routes from ISPs.1 External Route Tag: 1 It is a better idea because it is conditional.10.

this topic is not about the reasons behind virtual links – I’m going to tell you about some ubiquitous mistakes people make when they try to create an OSPF virtual link. not an IP address of the other router’s interface in transit area.g. © 2011 by Oleg Tikhonov Page 39 .2 R1: router ospf 1 area 2 virtual-link 1. though I doubt.1.1. An example of connecting isolated Area 3 to backbone to fulfill OSPF design rule – all areas must connect to backbone area: Virtual links can be created when: • • • • Both routers are ABRs Both routers share common Area – transit area One router is connected to Area 0 Transit area has full routing information e. Anyway.30 random networking and career tips.info . You may also have some disaster on your backbone which caused Area 0 to split and create 2 separate OSPF domains.2.OSPF Virtual Links OSPF virtual link might not be the best thing which may happen to your network because it either indicates problems in design or backbone connectivity issues. PacketFactory.2. You may stumble upon some problem when it’s physically impossible to connect some distant OSPF Area into Area 0 (the backbone). it’s not a stub Configuration snippet for R1: router ospf 1 area 2 virtual-link 2.1 The final warning – virtual-link command takes RID or Router ID.

Middle size enterprises usually have only a couple of public IP addresses for NAT service. ideally you have 65k *2 of streams. Another problem is when employees use p2p networks at work.info .30 random networking and career tips. In such situations engineers get orders from above to unleash the witch-hunt. the whole network can degrade. Most of us have cheap consumer-grade devices which connect us to The Internet (for example. It happens all the time. So. IM or email – you router is loaded and can’t accommodate NAT translations for other traffic. You may dig into your torrent client options and see the defaults. We also still live in the age of IPv4 and NAT.Torrents and NAT It’s not a secret that peer-to-peer traffic is tremendously widespread nowadays. It may take up to 90% of all traffic in some parts of the Internet. Many of those devices are not capable of keeping NAT translation tables that big. Many people own dedicated set-top boxes or simple home PCs which run for months and keep seeding files. There is a problem – p2p file sharing clients tend to open and keep huge amounts of TCP sockets. DSL modems operating in router mode instead of bridge mode). PacketFactory. If some crooks use their office computers to download and seed lots of stuff and keep it running 24×7 because power and Internet access are free. What you can experience is your file sharing client is ok but none of other network services seem to work – no HTTP. Yet may engineers never think about the behavior of p2p file sharing and ubiquitous NAT combined. © 2011 by Oleg Tikhonov Page 40 .

2. There is one simple trick – disable domain name resolution for all intermediate hops. Each time traceroute gets a reply – it tries to make reverse DNS lookup. PacketFactory.3.Make your traceroute tool quick Traceroute is the second most popular network diagnostic tool after ping.2.4 numeric MS Windows: tracert -d 1. Here is how to do this in Cisco IOS CLI: traceroute 1.3.30 random networking and career tips.4 UNIX: traceroute -n 1.2. In most cases you don’t really care because you deal with IP addresses. © 2011 by Oleg Tikhonov Page 41 . Yet most of the people do not know how to use it properly.4 This tool is used too often to waste seconds every time you need to make a trace.3.info .

I once automatically typed boot config flash ios_image instead of system and the stupid box treated an image file as its startup config – I typed sh start but got a huge binary mess as an output :) The first thing you should check after your router boots up and loads the new image is to check logs to see if the new IOS version parsed and understood each command of your startup config file. PacketFactory. you can specify the image that should be booted after next reset: Router(config)#boot system flash imagename You can also have several startup config files and pick one of them: Router(config)#boot config flash filename If you use both commands make sure you haven’t mutually mistaken them. power might be interrupted during upgrade. I always tend to free up enough flash: space to accommodate another IOS image. Once you have two IOS images stored. © 2011 by Oleg Tikhonov Page 42 .30 random networking and career tips.info . etc. I personally feel uneasy to remove the current IOS file from flash: and then upload a new one – the new image can have problems.How to upgrade IOS Sometimes it is necessary to upgrade the currently running IOS in your Cisco to get rid of some bugs or enable some features.

My instant reaction was – should we really care? It was my understanding that everything in this world tries to evolve.info . People who once spent some effort to learn some stuff and then stopped will eventually have problems. Some particular technology doesn’t mean much once you become experienced. I’m sarcastic but you should get my point. The point was that cloud computing would kill many jobs and make lots of engineers and other IT folk redundant. It won’t matter for them anymore. Only poor and weak people worry about changes. Someone shared his concerns about the rapid growth of cloud computing. © 2011 by Oleg Tikhonov Page 43 . By the time clouds kick in. You should practice Systems Approach and teach yourself to see the bigger picture.Engineering career and rapid change of technology I’ve stumbled upon one online conversation recently.30 random networking and career tips. You will be able to manipulate whatever building blocks you have. PacketFactory. Surely you should try to get the best route and deal with the best technologies to boost your career but you will face changes anyway. most of current engineers will make their careers and become lazy managers or vogue architects.

Sign up to vote on this title
UsefulNot useful