Packetfactory.

info
Networking moments, tips and ideas.

30 random networking and career tips for engineers.

By Oleg Tikhonov

Foreword
All my life I’ve been using other people’s products to gain my knowledge and skills, train myself and become a professional. I am not talking about my professors in the University or numerous books I bought and read. I am talking about community and its role: forum, IRC conversations, IM sessions, tutorials, self-study guides and so on. It was people who dedicated their spare time to create information which I used to get my answers. Years later I decided to give back. I have launched PacketFactory.info recently as a place where I could put my own findings about data networks, routing protocols, switching and so on for other people. Instead of losing this information in IM sessions with my colleagues and friends I made a rule to share this information with everyone else and make it publicly available.

This is a collection of 30 random articles bound together for easy reading or making a hard copy. They either help you to refresh some tricky aspects of routing and switching on Cisco devices or inspire you to think about your career and the future. Read it yourself and share it with your friends because this little book is free of charge.

I hope you will enjoy reading it!

Sincerely, Oleg Tikhonov oitikhonov@gmail.com

PacketFactory.info - 30 random networking and career tips. © 2011 by Oleg Tikhonov

Page 2

All brand names and products are Registered Trademarks of their respective Companies.

Table of Contents
My feedback on books ................................................................................................................................. 4 One more way to group routing protocols ................................................................................................... 5 There is only one best path in BGP ............................................................................................................... 6 Static routes and ARP ................................................................................................................................... 8 Two types of EIGRP ...................................................................................................................................... 9 BGP Next Hop 0.0.0.0 ................................................................................................................................. 11 Cisco BGP Weight ....................................................................................................................................... 13 BGP LOCAL_PREF by Cisco .......................................................................................................................... 14 Disable exec timeouts ................................................................................................................................ 15 How to get rid of typo pauses .................................................................................................................... 16 Annoying IOS terminal output.................................................................................................................... 17 No bit buckets for defaults ......................................................................................................................... 18 Mad ping tests............................................................................................................................................ 19 BGP RIB failure? ......................................................................................................................................... 20 BGP Multi-Exit Discriminator (MED) in Cisco .............................................................................................. 22 How to safely configure remote devices .................................................................................................... 23 Some tips on how to better start your career ............................................................................................ 24 Why Wireshark can be bad ........................................................................................................................ 26 Why Cisco emulation platform would be a good idea and why it is unlikely to happen............................. 27 Changing running configuration in Cisco .................................................................................................... 29 HSRP explained .......................................................................................................................................... 30 RIP Database .............................................................................................................................................. 32 EIGRP load balancing using “Variance” ...................................................................................................... 34 How Route Servers work at Internet Exchange Points ............................................................................... 36 OSPF and default routes............................................................................................................................. 37 OSPF Virtual Links ...................................................................................................................................... 39 Torrents and NAT ....................................................................................................................................... 40 Make your traceroute tool quick................................................................................................................ 41 How to upgrade IOS ................................................................................................................................... 42 PacketFactory.info - 30 random networking and career tips. © 2011 by Oleg Tikhonov Page 3

Engineering career and rapid change of technology................................................................................... 43

My feedback on books
It’s a well-known fact that our professional success almost directly depends on our knowledge and experience. Here I’m going to provide some feedback on books I’ve read recently. To put it simple – read the best. Even if you’re preparing for some exam on XYZ technology pick the one people label “Bible” rather than some special or “recommended” for this particular event. You will have to read them anyone – so why bother reading other books and waste your time? Let me through in few examples. I should also mention that I’m not going to tell anything about other topic aside routing this time mainly because routing is the core. Second of all, other technologies (e.g. VoIP, security) depend on marketing too much, technologies come and go. Routing stays.

Routing
Start with these to get some solid foundation: • • Routing TCP/IP, Volume 1 (2nd Edition) by Jeff Doyle, Jennifer Carroll Routing TCP/IP, Volume II (CCIE Professional Development) by Jeff Doyle, Jennifer DeHaven Carroll

Then deeply dig into each technology reading these: • • • • TCP/IP Illustrated, Vol. 1: The Protocols by W. Richard Stevens for TCP Internet Routing Architectures (2nd Edition) by Sam Halabi for BGP OSPF: Anatomy of an Internet Routing Protocol by John T. Moy for OSPF OSPF and IS-IS: Choosing an IGP for Large-Scale Networks by Jeff Doyle for OSPF and IS-IS

I can’t stress this enough – these books are superb. You will read them, read them again and you will keep coming back for years. Once you get through this list you will understand me. You don’t need any of useless money-greedy video lessons where some nervous guy screams and shouts stupid jokes for two hours just to tell you how ARP protocol works. You don’t need any of books by “experts” who managed to write 20 or more volumes crammed with conceptual mistakes and errors (the one who wrote 25 books is clearly a con, not an expert). I hope you got my point.

PacketFactory.info - 30 random networking and career tips. © 2011 by Oleg Tikhonov

Page 4

If you think about it. PacketFactory. BGP and EIGRP rely on opposite peers/neighbors to either die and take all their routes with them or send an update to announce death of certain routes. path vector. In contrast. distance vector. etc.info .One more way to group routing protocols We all know that routing protocols are either IGP or EGP.30 random networking and career tips. these timers can only be useful if there is some way resets them – like periodic updates. link-state. © 2011 by Oleg Tikhonov Page 5 . I am going to remind you about one more way to logically group them: • • with periodic updates without periodic updates This can help you to understand and memorize why OSPFv2 has MaxAge (up to 1 hour) timer or why RIP routes also can be timed out so that router will forget them.

all iBGP peers must be full meshed to avoid loops or suboptimal routing. BGP does not have equal paths. © 2011 by Oleg Tikhonov Page 6 . 2. It is possible to balance across more than one link in some implementations but only the best route will be announced to internal or external peers anyway.30 random networking and career tips. naturally. split horizon is a wrong term in BGP context but it is a good way to memorize 2 facts: 1.info . Most BGP implementations will not advertise a path for some prefix to a peer if the best path for this particular prefix was received from that peer. BGP Best Path Algorithm always has a way to break any tie. iBGP learnt routes are never sent to other iBGP peers. Example You have two border BGP routers connected via iBGP. Both routers peer with dedicated ISP eBGP peers and receive routing information from ISP: PacketFactory. Next time you play with LOCAL_PREF or prepend AS_PATH keep in mind that some peers will have several routes for a particular prefix while others will have only one.There is only one best path in BGP Single path During labs it’s good to remember the fact that. As NEXT_HOP and AS_PATH are always same inside one AS. “Split Horizon” Strictly speaking.

PacketFactory. however. R1 will not send external paths back to ISP1. Moreover. will have only one path (towards ISP1) as iBGP peer R2 will not send its variant of the path.You tweaked LOCAL_PREF so that only R1 will be used for all outbound traffic. R2 may send them back to ISP2.30 random networking and career tips. These routes will be discarded by ISP2 anyway because AS_PATH value will contain AS number of ISP which alarms a loop. R2 router will have 2 possible paths per external prefix: • • from its eBGP peer ISP2 from its iBGP peer R1 (the best route) R1.info . © 2011 by Oleg Tikhonov Page 7 . However. this fact can be useful if you analyze traffic dumps in Wireshark.

0 0. it behaves differently: every time an interface is provided instead of IP address. This will work if R2 has Proxy ARP enabled (which is default for Cisco). like this: ip route 0.0 FastEthernet0/0 Though it looks darn same. It means that each time someone at R1′s LAN initiates packet exchange with The Internet. PacketFactory.0.info . R2 will send ARP Replies in the name of hosts from networks it knows about.Static routes and ARP One common mistake people often make is related to Proxy ARP and the way Cisco IOS allows us to configure static routes. R1 tries to forward packet to R2 via its default route and uses ARP to get the MAC address of packet’s destination because this default route looks like some universal physically connected LAN which has everyone on board. If R2′s IP address was used.0. Meanwhile. R1 would have only one ARP entry related to R2′s FastEthernet1/1 (next hop for R1).0. © 2011 by Oleg Tikhonov Page 8 . Here R1 was configured with static default route and someone decided to provide an outgoing interface instead of next hop address.0. R1 will have a separate ARP Cache entry for each destination IP resolving to the very same MAC address of R2′s F1/1. added route is treated as locally connected.30 random networking and career tips.

• • Internal EIGRP has AD of 90 External EIGRP has AD of 170 Different AD values help to avoid routing loops when there are 2 routing domains and more than one redistributing router. Rx announces subnet “A” across EIGRP domain so that both R1 and R2 have it in their RIBs with Administrative Distance of internal EIGRP which is 90. Example There are to different IGPs running: OSPF and EIGRP. As almost every contraption in routing it helps to avoid routing loops. I’m going to cover one single fact only. R2 should try to redistribute “A” back to EIGRP because it is an average OSPF route.30 random networking and career tips. R1 gets “A” via EIGRP from Rx. However. Thankfully this won’t happen PacketFactory.info . R2 gets too. “A” gets redistributed into OSPF domain as Type5 external route (R1 and R2 act as ASBRs for this domain) so that Ry gets familiar with “A”. © 2011 by Oleg Tikhonov Page 9 . As both R1 and R2 redistribute not only from EIGRP to OSPF but also from OSPF to EIGRP. we can have a look from a different angle. Both R1 and R2 redistribute between these IGPs. Now. redistributes it to OSPF and sends out LSU with LSA Type5 for “A” across OSPF domain. However. This far everything looks fine.Two types of EIGRP Ever wondered why are there 2 types of EIGRP with different Administrative Distances? This question implies some serious answers.

© 2011 by Oleg Tikhonov Page 10 . PacketFactory. it won’t happen: AD of OSPF is 110 which is less than external EIGRP’s 170 – none of redistributed variants of “B” will be in RIBs of R1 or R2 and as we know. If any of the redistributing routers tries to push “B” back to OSPF. The second scenario is reversed: Ry announces “B” across OSPF domain.30 random networking and career tips.because EIGRP has AD of 90 which is less than OSPF’s 110.info . due to IGPs internal differences the only source redistribution system has is RIB. R1 and R2 redistribute it into EIGRP as an external EIGRP route with AD of 170. OSPF-learnt route for “A” won’t get into RIB thus it will not be redistributed.

one route to which is redistributed from IGP: * i10.0 mean in the show ip bgp command output? A.BGP Next Hop 0.16. or via a network or aggregate command in the BGP configuration.0. best As we can see.1.16. I think this explanation is not very clear. sourced.0. valid.16.16.30 random networking and career tips.0 (172.1.13 from 172.0.1. localpref 100. A network in the BGP table with a next hop address of 0.0. valid.16.16.1.1 from 10.0.0 means that the network is locally originated via redistribution of Interior Gateway Protocol (IGP) into BGP. table Default-IP-Routing-Table) Advertised to update-groups: 1 2 Local 172.0.13) Origin incomplete. weight 32768.13 (172.0 I once stumbled upon the following vogue explanation of show ip bgp output in a book.0. localpref 100.0.1.1) Origin incomplete.13 0 100 0 ? * 10. © 2011 by Oleg Tikhonov Page 11 . here is a fragment of sh ip bgp output which displays a prefix. external Local 172.13 from 0.1 (16.0. best #3. metric 0.13 2 32768 ? If we look further: R2#sh ip bgp 10.0.1.0.0.0.4 BGP routing table entry for 10.4/30.16. PacketFactory. valid. version 5 Paths: (3 available. It is also present at Cisco.1 30720 0 500 ? *> 172.com BGP FAQ: Q.14) Origin incomplete. localpref 100. internal 500 10.0.4/30 172. What does a next hop of 0.1.0. the next hop is actually the one from IGP. metric 2.0. metric 30720.16.0.0. Example First off.info .0.0.16.

The meaning of 0.info .30 random networking and career tips.0 0.0 as the next hop for aggregates and routes injected via network command because these routes start their existence in this very device.0 symbolizes the local device.0.0. © 2011 by Oleg Tikhonov Page 12 . It doesn’t however make any sense for routes redistributed from IGP if they were originated somewhere else in IGP domain. it originated locally).0.0.0. its next hop will be derived from IGP so that it can be routed.0.0. Otherwise.0. It makes sense to have 0. The key moment here is that redistributed route will have 0. PacketFactory.0 as its next hop if it is local from IGP perspective (thus.

30 random networking and career tips. Here is the part of the best path selection algorithm we’re interested in: • • • Prefer highest Weight (Cisco only) Prefer highest LOCAL_PREF Prefer locally injected path o tie break: added via network or redistribute added via aggregate-address • • Prefer shortest AS_PATH etc. PacketFactory. local routes are more important than routes with better LOCAL_PREF inside each device. Cisco device assigns a Weight of 32768 for all locally injected routes which is bigger (and better) than default 0 for all other sources. © 2011 by Oleg Tikhonov Page 13 . However. If this fact looks unimportant. it is also a shortcut for locally injected routes (which.info . while usually local preference is considered first. at some point. It is the first so-called attribute considered (if synchronization is ok and next hop is accessible). This way.Cisco BGP Weight As we all know Cisco has a proprietary addition to BGP Best Path algorithm – Weight attribute (kind of). you can still find it helpful and use Weight to quickly spot locally added routes in show ip bgp outpout. it’s not just an extra step for the algorithm. are more preferable than iBGP/eBGP ones) to be considered at the very beginning.

metric 0.info . external.0/0. However.0.16.5 Metric LocPrf Weight Path 0 0 500 i 0 100 0 500 i As you can see.0. localpref 100.1 from 10. R2#sh ip bgp Network *> 0.13 (172.0 BGP routing table entry for 0. metric 0.0.0.13) Origin IGP.0.0. © 2011 by Oleg Tikhonov Page 14 .0. table Default-IP-Routing-Table) Advertised to update-groups: 1 500 10.0. version 28 Paths: (2 available. For some weird reason cisco box won’t show you the default local preference while it’s still there.16.0.1.0. valid.0. localpref 100. LOCAL_PREF will show up: R2#show ip bgp 0.1 (16. there is emptiness for the first route.0.0.0.16.0.1 10. if we dig a bit deeper. internal The possible reason is that some IOS snippet reads LOCAL_PREF from some structure derived from received updates but routes learned via eBGP obviously don’t transport LOCAL_PREF in updates.BGP LOCAL_PREF by Cisco Here is a small note about one BGP glitch in Cisco products.5 (metric 2) from 172.0.16. valid. PacketFactory. best 500 10.0 *i Next Hop 10.30 random networking and career tips.1.1) Origin IGP. best #1.

info . PacketFactory. © 2011 by Oleg Tikhonov Page 15 . It may not be acceptable in live networks due to security or political issues but it is obviously useful for labs.30 random networking and career tips.Disable exec timeouts There is one more convenient feature of IOS which allows for infinite configuration time on lines if configured with 0 minutes 0 seconds: Router1(config)# line con 0 [vty 0 4] Router1(config-line)# exec-timeout 0 0 Here is the result: Router1#sh line con 0 <skipped> Timeouts: Idle EXEC Idle Session Modem Answer Session Dispatch never never none not set Idle Session Disconnect Warning never Make sure to apply it to both console and vty lines.

30 random networking and career tips.How to get rid of typo pauses Isn’t it annoying to mistype some command and become stuck.255.255) Translating “rw”…domain server (255. PacketFactory. it’s not appropriate in many production situations but we almost never have excuses not to use this simple technique in Lab environments. © 2011 by Oleg Tikhonov Page 16 .info . I’ve tried to save config by using old-school wr command: R4#rw Translating “rw”…domain server (255. or unable to find computer address R4# *Jan 18 14:05:05.255) (255.255.663: %SYS-5-CONFIG_I: Configured from console by console R4# Certainly.255.255) % Unknown command or computer name.255.255.255. trying to either cram in that tricky abort key sequence or wait till DNS resolver cools down (which takes a while)? For example. or unable to find computer address R4# There is an obvious solution – use no ip domain-lookup command to disable DNS lookup: R4#rw Translating “rw” Translating “rw” % Unknown command or computer name.

etc.Annoying IOS terminal output Alright. debugs. IOS will make a new line and paste all your work there so that you’ll be able to continue. PacketFactory. yet many engineers tend to forget about this useful command (including myself): logging synchronous Being applied to line config (line Console or VTYs) it allows you to keep typing without being disturbed by those annoying logs. © 2011 by Oleg Tikhonov Page 17 .info . Configuration: Router(config)# line vty 0 4 Router(config-line)# logging synchronous Every time some output pops up in the middle of the CLI line you’re currently editing. this one is quite popular.30 random networking and career tips.

0. all traffic must be either routed deeper in the network or dropped (as we know.0. In this case.0/8 is currently used but in this scenario 10.info . PacketFactory. Obviously.0/8 is dedicated to the whole network.0. In order to receive all Internet-bound traffic. © 2011 by Oleg Tikhonov Page 18 . He knew about that and got used to it.No bit buckets for defaults A mate of mine once stumbled upon one trivial network behavior which has some philosophical idea behind its simplicity.0.0/0 is ultimately an outstanding form of aggregation which spans across all address space.0. As the bottom cloud suggests. all packets routed to Null interfaces simply get dropped). it didn’t happen and here is why: Here we can see border router (BDR) which runs BGP with ISP router to receive default route from it and announce its own 10. We all know that RIB entries which point to Null interface are necessary for each summary or aggregate route created. only some part of 10.0.0.0.0.0/8 pointing to Null0 interface in its RIB – BDR is the only entering point into 10 network. Let’s suppose that BDR is the only router which runs BGP. Once he created a default route in OSPF and expected it to create the route to Null because 0.0.0/0 prefix which is used throughout the network. it must not have 0. BDR announces default route to the rest of the network. This is why BDR has to has 10.0.0.0/0 pointed to NEXT_HOP of ISP.0.0/0 route pointing to Null interface because it needs to forward all outgoing traffic to ISP via another default route: 0.30 random networking and career tips.0.

The bottom line Using large ICMP Request payloads can be meaningful but there should be a clear reason and understanding of what’s going to happen. MTU size is pretty consistent nowadays (again. large pings may be blocked or filtered by security mechanisms. PacketFactory. etc.Mad ping tests I bet we all saw some guy desperate to troubleshoot a network with echo requests of increasing sizes without any idea why. we should know if our host machine which we use to initiate ping (echo request) sets Don’t Fragment bit for IP packets which encapsulate our echo requests.info . You don’t know where on the network the bottleneck occurred. it also can’t address an infinite OFFSET. So. And finally: IP packet. due to its header has limits on maximum packet size. I suppose it is something we sometimes do unconsciously. In most cases DF bit is not set for ICMP and UDP by default. Besides. was request or reply dropped. Third: Payload for ICMP Reply packet should be exactly the same as in received Request. © 2011 by Oleg Tikhonov Page 19 . You did apply some sensible load on the network but in many cases this doesn’t give you much information. Let’s recall the following things: • • • • MTU DF bit of IP ICMP payload Maximum IP packet size First of all. in most situations you either get a direct error from your host (if you disabled fragmentation) or simply send some big request and receive some big reply (both get fragmented and reassembled by IP layer).30 random networking and career tips. in general networks). Second of all. If you do – you still can’t measure it accurately since ICMP packets are often treated with less priority.

S Stale Origin codes: i – IGP.BGP RIB failure? If you haven’t worked with Cisco implementation of BGP enough you may stumble upon BGP RIB failure in sh ip bgp output and wonder what it means.1 RIB-failure RIB-NH Matches Higher admin distance n/a This gives us a hint.0 15.0.1 0 100 0 666 i Now we can try to investigate the matter: R7#sh ip bgp rib-failure Network Next Hop 88. the route received from BGP cannot be inserted into RIB because there is a static route with lower Administrative Distance (1 vs. d damped.0. if we check RIB we’ll get the source of this anomaly: R7#sh ip route 88. ? – incomplete Network Next Hop Metric LocPrf Weight Path * i0. distance 1.0.15. 20). Conclusion In many cases RIB failures don’t indicate any dramatic problems on the network.18.18. © 2011 by Oleg Tikhonov Page 20 .9 Route metric is 0.15.0.0. > best. Now.0 0 32768 i r> i88. h history. it can be your eBGP peer which was configured with network command which hooked up your PacketFactory. * valid. For example. e – EGP.15. local router ID is 18. i – internal.info .15.0.0.0 15.15.0. traffic share count is 1 As you can see here.1 Status codes: s suppressed.0.0/8 Known via “static”.0.0. r RIB-failure.0 Routing entry for 88.0.30 random networking and career tips.15.1 0 100 0 i *> 0.0. metric 0 Routing Descriptor Blocks: * 10.0 15. Here is some output: R7#sh ip bgp BGP table version is 31.0.

30 random networking and career tips. © 2011 by Oleg Tikhonov Page 21 .transport /30 subnet between BGP peers. PacketFactory. However.info . it might be a good idea to keep an eye on them using show ip bgp rib-failure command.

In order to use MED.BGP Multi-Exit Discriminator (MED) in Cisco Multi-Exit Discriminator is a BGP attribute generally used to advise single external AS you peer with about the best entrance to your own AS. For example. The best entering point is the best path across AS cloud between some border router and some final subnet in terms of IGP (because IGP is used for routing inside AS in most cases). © 2011 by Oleg Tikhonov Page 22 . “2″ and “3″ actually came from OSPF costs.30 random networking and career tips. you must configure route-map and advise the router to put IGP metric of some prefix into MED field of BGP update for this prefix: route-map set_MED permit 10 set metric-type internal One tricky moment here is that the word internal means 2 different things in IOS: R2(config-route-map)#set metric-type ? external IS-IS external metric internal IS-IS internal metric or Use IGP metric as the MED for BGP type-1 OSPF external type 1 metric type-2 OSPF external type 2 metric Cisco devices have one more interesting addition to this behavior: Every time you redistribute IGP routes in BGP.1. Here is a snippet from my lab network which OSPF redistribution into BGP: * i192. Cisco will put IGP metric in MED automatically. PacketFactory.1/32 172. MED is the best entering point for some particular prefix in AS.168.10 2 100 *> 172.info .16. the best border router (the one peering with other AS via eBGP) in terms of MED is the one which has the shortest IGP path to final prefix. if you have 2 border routers which peer with 2 other routers of AS “X” you can tweak MED to advice “X” to use the 1st router of yours for all traffic towards your Autonomous System.16.222. So.2 3 32768 ? 0? As you can see. As we stated.1.

You should know about these 3 arguments: reload in minutes reload at time cancel reload Before making any changes to running config you must issue any of the first 2 commands to tell the router to reload in some minutes or reload at precise time without saving the config. Cisco IOS is pretty ancient in terms of flexibility of operations with config files. You don’t want to know the stories people got into after changing ACLs or shutting down ports thus cutting themselves out of the box. This very simple command will save you heaps of your nerves. you should cancel reload task you’ve scheduled by providing cancel reload.How to safely configure remote devices Sometimes we face with the most annoying task – configuration of some router which is infinite miles away. It has however one crucial feature which must be used by every engineer – reload command.30 random networking and career tips. Unfortunately.info . your device will reload as scheduled and you’ll get your console back. If you mess up and loose management connection. PacketFactory. © 2011 by Oleg Tikhonov Page 23 . After you alter configuration and check that your box is still accessible.

their colleagues. The more skilled you become the less responses you get. Personal example: I once went for some money which looked good back then for me and wasted almost a year working with Videoconferencing and similar trivial crap until I realized that such a specialization is poor in terms of growth. remember that those people earned their expertise by studying hard. Don’t rush after money and don’t work with silly technologies – you’ll regret it. If you’re young – don’t run after quick money. read several books to prepare for your exam. Don’t blame your boring entry-level position for all your misfortunes and luck of progress.Some tips on how to better start your career Many of you plan or just started their careers in the industry. IRC channels and other communities and feel yourself involved wasting all your time on those resources. There isn’t anything dirty in this – people simply try to work with someone they know and trust. And the last one for now – yet the most important – don’t be too geeky. The very first thing is this: train yourself to study hard.30 random networking and career tips. The bitter fact of this life is that you’ll almost never see the best positions in public access. You should. It is ok to sort of polish some questions and technical oddities but please – invest your time wisely. The better some position is (in terms of money or interest) the more chances that someone will try to hire from his/her social network. You may see lots of experienced people in forums. This is the curse of this industry – you will never succeed if you work 9 till 5. So. Plan your technical career 2-3 years ahead and stick to it (unless you discover that your plan is silly). I still regret that I was blind and haven’t stayed in a less-paid but more perspective position in ISP. etc. I learned this from my modest experience. I’m not sharing with you. I would like to share some of my thoughts on the matter with you. I’m sharing with myself but young and novice. 90% of the time you’ll be doing same old boring crap and won’t learn anything new. Most of the good engineers I know never rely on their company. friends. PacketFactory. not by socializing only. If you’re 1st line support engineer – you may get lots of responses to your CV. Believe me. © 2011 by Oleg Tikhonov Page 24 . however. etc. In fact. They study constantly. They never loiter and learn nothing in wait for some mythical good big projects to come. Some people realize it pretty late too. learn how to build your professional network. don’t be fooled that you’ll be able to find a job in a week once you become skilled and expensive. They spend their own time cut from their families. even if you work for a top Cisco Gold Partner System Integrator most of your self-development will concentrate in few time clusters when you faced a big chunk of some new technology.info .

They split and unite again many times.Lots of engineers actually migrate from one company into another in flocks – someone becomes chief engineer and brings his mates from the previous company. © 2011 by Oleg Tikhonov Page 25 .info . PacketFactory.30 random networking and career tips. This industry is very small as you’ll see.

you won’t be able to identify many problems from the dump only. in my opinion. You don’t want to collect traffic dumps too often – it is almost always faster to type in some commands and nail the bug than to sniff everything and then compute stuff in your head. you may tend to sniff traffic as the first step of nailing problems. some negative impacts on your skills and work. like smokers without tobacco. Besides.30 random networking and career tips.Why Wireshark can be bad Wireshark.info . However. The very first thing which comes into my mind is a habit of bottom-up troubleshooting and debugging approach packet analyzing tools develop in you. not by habit. There are several troubleshooting methodologies which are appropriate for problems of different features. They didn’t feel comfortable. all traffic sniffing tools have. to be able to predict problems and act by mind. This may sound preachy but I’ve seen people whose problem solving efficiency decreased once they stumbled upon some remote issue in a situation when it was simply impossible to collect traffic. tcpdump or IOS-embedded packet sniffer are great learning and troubleshooting instruments. I personally try to keep this in mind to gradually become a better engineer. © 2011 by Oleg Tikhonov Page 26 . It is good to know stuff deeply but sniffing is not the best option for every problem. Once you become familiar with under the hood logic of some technology or protocol. To utilize the best approach in some particular situation you really have to be familiar with debugging commands of your vendor. PacketFactory. Learning and lab experience reinforce this behavior even more. Cisco TAC engineers ask you to provide traffic dump either when other techniques failed or when they don’t have time to work on your case right away.

30 random networking and career tips. no system approach. planning. However.info . This is why people laugh at you when you reveal your profession and then call yourself an engineer.Why Cisco emulation platform would be a good idea and why it is unlikely to happen We all like dynamips/dynagen/gns. We can only go there and test it during the project. engineers lose nerves because they’re obliged to be responsible for solutions they know nothing about. We don’t use CAD systems to thoroughly test proposed solutions before selling or deploying them. Why getting needed instruments it is unlikely to become reality PacketFactory. No responsibility. migration of ISP track to XR and restricting software access via CCO inflate those talks even more. service providers lose manhours. Why emulation is good Imagine a group of architects building a bridge after reading some books and scratching in PowerPoint. Customers lose money. Imagine several iterations of producing parts of some aircraft by heart just to test if they will assemble together. © 2011 by Oleg Tikhonov Page 27 . nothing. Here is my 2 cents. The current response by vendors is simple – buy twice as much and build an equivalent lab. this is how modern Telco and IT operate. time and patience. We don’t have instruments to prepare good solutions. This industry doesn’t look mature and professional enough. Recent changes in IOS 15. Imagine a factory without standards. It’s still a geek playground. Some people have started to promote an idea of asking Cisco to provide us with the official emulation platform for learning and testing purposes. Such a situation doesn’t look plausible – it’s not how big and serious things are done in tough segments of our economy. etc. Integrators do not offer any solid and tested solutions from their portfolio. Vendors consider that provision of emulation platforms is not an option. Software licenses state that they are ready to get your money but won’t guarantee anything in return. they sell hope that everything will be fine.

If they build The Product it will cost heaps but will be emulation anyway.30 random networking and career tips. Second of all. If you are an immense government organization.info . it is a technological problem. Cisco. Probably. Modeling and testing systems for such extraordinary things cost more than your networking projects.First of all. PacketFactory. you will buy yourself a lab. Nobody will invest resources just to make it easier for you to pass CCNA. You can’t build a much cheaper equivalent of something with same functions. © 2011 by Oleg Tikhonov Page 28 . simply has labs for its engineers. Space crafts are more expensive than migration of an office to VoIP. or even two if you need. I don’t think they care. If you’re a small enterprise – it’s your problem if something won’t go as planned. If your project is that expensive. you can justify building a lab. They can’t ship their developing stuff either – I presume it is buggy semi-hardware kit collection difficult to manage or operate because it’s was not developed with end users in mind. It’s dirt cheap for Cisco. we should just embrace the fact that in this field everything is messed up and make sure the client believes in that. Third: technological foundation of building a bridge changes slower than things in IT. Problems generate support market. Playing with dynamips is a very good thing but it is not a product you purchased. for example. If some vendor ships a product similar to dynamips today. people will complain tomorrow that they’re unable to test this and that.

info . use the second command instead.Changing running configuration in Cisco Many people mess up stuff when they try to copy some config file into running configuration. There is one important thing about it in Cisco IOS. © 2011 by Oleg Tikhonov Page 29 . If you’re after complete replacement of running configuration. The most common mistake is that this command will not delete any commands from running config if they’re not present in provided file. It will wipe the running config and put the one from its argument.30 random networking and career tips. It adds command from file if they are missing in current running configuration or alter those commands overwriting the ones in current running config with the ones from provided file. There are two commands which have major difference in their operation: • • copy file running-config config replace file The first command does merge operation. PacketFactory.

elect the Active and Standby roles. © 2011 by Oleg Tikhonov Page 30 . Standby (the router with next-highest priority) will start answering ARP requests for virtual IP. If Active one dies. Here I am going to give a basic example of HSRP from design angle. Even though it is described in RFC it’s still a Cisco proprietary thing because RFC 2281 is informational. HSRP Basics Hot Standby Router Protocol is a next hop or default gateway redundancy instrument.30 random networking and career tips.HSRP explained I’ve noticed that HSRP protocol is usually described from operational point of view only.info . You may google more details. Participating networking devices communicate with each other and provide a virtual IP and MAC addresses for servers or workstations. HSRP Design Here is an example of how it may be implemented on the network: PacketFactory.

168.168. One subnet per VLAN is assigned (192. CS2) terminate VLANs on SVI ports.0/24 for VLAN 23). for example a switch per floor) which connect to both core devices via 802.168.23.255.23.3 standby 10 priority 200 standby 10 preempt standby 10 track 1 decrement 100 I hope this may help to grasp HSRP implementations for those who struggle.3 Sample config for CS1: interface Vlan23 ip address 192.1 SVI 23 on CS1 – 192.23.168.23.255. • • • SVI 23 on CS1 – 192. Both core switches will have SVI interfaces for VLAN 23 configured with their own IP addresses in 192.2 HSRP group on both SVIs – 192.30 random networking and career tips.1 255.info .168.168.1q trunks for redundancy. L3 Core switches (CS1.23. © 2011 by Oleg Tikhonov Page 31 .168.0 standby 10 ip 192. PacketFactory.We have a L2 access layer switches (SW1…SWn.23.0/24 subnet plus HSRP group will be configured on those SVI interfaces with its own IP address from the subnet.23.

Loopback1 R3 shares it with R2: R2#debug ip rip *Jan 28 22:16:37. 120): PacketFactory. RIP processes inbound updates to decide if they should go into route database.RIP Database IP has a special route database to keep all received updates and uses this database to send outbound updates as well. It implicates that if some route hasn’t reached the database it will not be sent out.0.0/8 prefix in its RIP table: R3#sh ip rip database 15. R3 has 15.0 255.30 random networking and career tips. This is all simple and logical but let’s have a closer look on the third drop reason: Both RIP and EIGRP protocols are configured on some routers (nobody knows why.0.0. However. RIP differs from other IGP protocols in a way that it doesn’t keep all topology information. An inbound update will be dropped and won’t get into RIP table if: • • • It was filtered by some inbound filtering There is a better RIP route for this prefix (less hops) There is a route in RIB with better Administrative Distance As was stated above. RIP uses this database to generate outbound updates.827: RIP: received v1 update from R3 on FastEthernet1/0 *Jan 28 22:16:37. © 2011 by Oleg Tikhonov Page 32 . maybe there is some IGP migration in process).0.827: 15.0.0.0 in 1 hops However.0.0/8 directly connected.0.0 15. R2 does not put this route into its RIP Database because it also receives an EIGRP update for the same prefix and EIGRP has better AD than RIP (90 vs.info .0.0.

FastEthernet1/0 This also means that R1 which runs RIP only will never know about 15.0.168.0 D 15. FastEthernet1/0 172.0.0.0.0.100.0.100.0. PacketFactory. FastEthernet2/0 <skipped> R2#sh ip route | i 15. © 2011 by Oleg Tikhonov Page 33 .10.0.30 random networking and career tips.0. FastEthernet1/1 192.0/8 [90/156160] via 10.16.0/30 directly connected.R2#sh ip rip database 10.0/24 auto-summary 192.0/8 auto-summary 10.0.0/8 directly connected. 00:15:22.0/30 directly connected.0/8 network.16.0.2.info .0.0/16 auto-summary 172.0.168.

Let’s calculate EIGRP in our head: • • • R2: Advertised Distance (or Reported Distance) is 5. Feasible Successors As we can see in this example network. Load sharing Even though the path via R3 is worse in terms of metric than the one via R2 it is still possible to put this route into RIB table by providing variance command: router eigrp 10 variance 2 PacketFactory. It is quite easy to configure this feature though there is one important thing to remember about it – such load balancing has nothing to do with Feasible Successor (FS) elections.0. © 2011 by Oleg Tikhonov Page 34 .info . R3 and R4. Feasible Distance (FD) via R2 is 10 R3: AD (RD) is 5. R3 will become FS because 5 < 10.EIGRP load balancing using “Variance” EIGRP is probably the only widespread IGP capable of unequal cost path load balancing.0. EIGRP process on R1 needs to find its way to 10. FD is 15 R4: AD(RD) is 20. FD is 25 R2 will become Successor because of the lowest FD (10).0/8.30 random networking and career tips. R1 receives the route from R2. R4 will become nobody because 20 > 10.

PacketFactory. otherwise it could create routing loops. EIGRP checks feasibility condition and picks successor and feasible successors first. Once again.This command increases the reference metric – it multiplies FD of the successor by provided argument (in this example 2).30 random networking and career tips.info . © 2011 by Oleg Tikhonov Page 35 . R4 will still be an outsider because 25 is still > 20 and because R4 is not even a FS. For our network this means that R1 will put the route from R3 into its RIB because 15 (the FD of R3) is less than the new reference metric of 20 (10*2=20). Variance multiplier is used only to allow FS into RIB. We can set variance to 5 but R4 still won’t be considered.

processes it and sends out to other peers. All prefixes have NEXT_HOP attribute of original router which shared this information with Route Server.30 random networking and career tips. Route Servers help to simplify BGP peering: As you can see.How Route Servers work at Internet Exchange Points Route Servers are used at points of traffic exchange where big enterprises and ISPs interconnect with each other to actually create The Internet. in order to exchange routing information between Autonomous Systems BGP peering must be established between each pair of peers because BGP works on top of TCP and does not create neighborships automatically via some multicast magic like IGPs do in most of the cases. Each time someone new pops up – everybody has to configure another neighbor. The most crucial thing here is that Route Server does not forward real traffic. All participants exchange actual traffic across some sort of a switch farm. each participant peers with Route Server only thus full BGP peering mesh is avoided.info . Route Server acts like Route Reflector in iBGP – it receives some routing information. some networking policies must be implemented in different varieties among independent routing domains. Now imagine a facility where tens of Autonomous Systems peer. PacketFactory. Moreover. © 2011 by Oleg Tikhonov Page 36 . As we know.

1 OSPF does not redistribute default routes when redistribute command is utilized.255 area 0 ! ip forward-protocol nd ip route 0. redistribute command skipped the static default – R2 does not have this external route in its database.0. but EIGRP will behave in the same manner: R2#sh ip ospf database external OSPF Router with ID (192.16.255.0.2) (Process ID 1) As you can see.0. we create a static default route and redistribute it into IGP. router ospf 1 log-adjacency-changes redistribute static subnets network 0.info .0/0 is already present in RIB table (for example.OSPF and default routes This post is about some common mistake again.255 area 0 default-information originate … PacketFactory. The always argument tells the router to originate default even if it has no default in its RIB. © 2011 by Oleg Tikhonov Page 37 .0.10. Another command must be used instead. You may think of it as of some special form of redistribution command: • • default-information originate default-information originate always Issued without any arguments it will make the router ASBR and inject an E2 Type 5 default route into OSPF only if 0.0/0? Usually.0.0.255.0.255.168.0. this won’t work.0.0 255. I use static route redistribution in this example.100.255.0. How to tell OSPF router to announce 0.0.0 255.0. In the case of OSPF.0 172. router ospf 1 log-adjacency-changes network 0. it was received from eBGP peer).30 random networking and career tips.0 0.

PacketFactory. © 2011 by Oleg Tikhonov Page 38 .0.2) (Process ID 1) Type-5 AS External Link States LS age: 2 Options: (No TOS-capability.info . If you have 2 BGP border routers and receive 0/0 routes from ISPs.168.30 random networking and career tips.168.R2#sh ip ospf database external OSPF Router with ID (192.100.0 (External Network Number ) Advertising Router: 192.100.1 External Route Tag: 1 It is a better idea because it is conditional. while static defaults are obviously not.10.2 LS Seq Number: 80000001 Checksum: 0x21F9 Length: 36 Network Mask: /0 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 1 Forward Address: 172. you don’t want to attract traffic with a static default towards a router with failed BGP session.16. It may also be proposed that having the special command for default routes is safer in terms of configuration errors – you’re less likely to redistribute default routes accidentally. DC) LS Type: AS External Link Link State ID: 0.0.

this topic is not about the reasons behind virtual links – I’m going to tell you about some ubiquitous mistakes people make when they try to create an OSPF virtual link. You may also have some disaster on your backbone which caused Area 0 to split and create 2 separate OSPF domains.OSPF Virtual Links OSPF virtual link might not be the best thing which may happen to your network because it either indicates problems in design or backbone connectivity issues. © 2011 by Oleg Tikhonov Page 39 .2. You may stumble upon some problem when it’s physically impossible to connect some distant OSPF Area into Area 0 (the backbone).2 R1: router ospf 1 area 2 virtual-link 1.1. Anyway. not an IP address of the other router’s interface in transit area.30 random networking and career tips. PacketFactory. though I doubt. it’s not a stub Configuration snippet for R1: router ospf 1 area 2 virtual-link 2. An example of connecting isolated Area 3 to backbone to fulfill OSPF design rule – all areas must connect to backbone area: Virtual links can be created when: • • • • Both routers are ABRs Both routers share common Area – transit area One router is connected to Area 0 Transit area has full routing information e.1.2.1 The final warning – virtual-link command takes RID or Router ID.g.info .

info . IM or email – you router is loaded and can’t accommodate NAT translations for other traffic. Middle size enterprises usually have only a couple of public IP addresses for NAT service. There is a problem – p2p file sharing clients tend to open and keep huge amounts of TCP sockets. Yet may engineers never think about the behavior of p2p file sharing and ubiquitous NAT combined. Most of us have cheap consumer-grade devices which connect us to The Internet (for example. © 2011 by Oleg Tikhonov Page 40 . In such situations engineers get orders from above to unleash the witch-hunt. Many people own dedicated set-top boxes or simple home PCs which run for months and keep seeding files. ideally you have 65k *2 of streams. the whole network can degrade. It happens all the time. We also still live in the age of IPv4 and NAT. Another problem is when employees use p2p networks at work. If some crooks use their office computers to download and seed lots of stuff and keep it running 24×7 because power and Internet access are free. So.Torrents and NAT It’s not a secret that peer-to-peer traffic is tremendously widespread nowadays. You may dig into your torrent client options and see the defaults. PacketFactory. DSL modems operating in router mode instead of bridge mode). Many of those devices are not capable of keeping NAT translation tables that big. It may take up to 90% of all traffic in some parts of the Internet. What you can experience is your file sharing client is ok but none of other network services seem to work – no HTTP.30 random networking and career tips.

3.info .2.4 This tool is used too often to waste seconds every time you need to make a trace.3. PacketFactory. © 2011 by Oleg Tikhonov Page 41 .2.2.4 UNIX: traceroute -n 1.30 random networking and career tips.3. Here is how to do this in Cisco IOS CLI: traceroute 1.Make your traceroute tool quick Traceroute is the second most popular network diagnostic tool after ping. Yet most of the people do not know how to use it properly. Each time traceroute gets a reply – it tries to make reverse DNS lookup. There is one simple trick – disable domain name resolution for all intermediate hops.4 numeric MS Windows: tracert -d 1. In most cases you don’t really care because you deal with IP addresses.

30 random networking and career tips.How to upgrade IOS Sometimes it is necessary to upgrade the currently running IOS in your Cisco to get rid of some bugs or enable some features.info . I always tend to free up enough flash: space to accommodate another IOS image. PacketFactory. Once you have two IOS images stored. I personally feel uneasy to remove the current IOS file from flash: and then upload a new one – the new image can have problems. power might be interrupted during upgrade. you can specify the image that should be booted after next reset: Router(config)#boot system flash imagename You can also have several startup config files and pick one of them: Router(config)#boot config flash filename If you use both commands make sure you haven’t mutually mistaken them. I once automatically typed boot config flash ios_image instead of system and the stupid box treated an image file as its startup config – I typed sh start but got a huge binary mess as an output :) The first thing you should check after your router boots up and loads the new image is to check logs to see if the new IOS version parsed and understood each command of your startup config file. © 2011 by Oleg Tikhonov Page 42 . etc.

It won’t matter for them anymore. People who once spent some effort to learn some stuff and then stopped will eventually have problems.Engineering career and rapid change of technology I’ve stumbled upon one online conversation recently. Only poor and weak people worry about changes.info . You should practice Systems Approach and teach yourself to see the bigger picture. You will be able to manipulate whatever building blocks you have. By the time clouds kick in. Surely you should try to get the best route and deal with the best technologies to boost your career but you will face changes anyway. I’m sarcastic but you should get my point. The point was that cloud computing would kill many jobs and make lots of engineers and other IT folk redundant.30 random networking and career tips. PacketFactory. © 2011 by Oleg Tikhonov Page 43 . My instant reaction was – should we really care? It was my understanding that everything in this world tries to evolve. Some particular technology doesn’t mean much once you become experienced. Someone shared his concerns about the rapid growth of cloud computing. most of current engineers will make their careers and become lazy managers or vogue architects.

Sign up to vote on this title
UsefulNot useful