Packetfactory.

info
Networking moments, tips and ideas.

30 random networking and career tips for engineers.

By Oleg Tikhonov

Foreword
All my life I’ve been using other people’s products to gain my knowledge and skills, train myself and become a professional. I am not talking about my professors in the University or numerous books I bought and read. I am talking about community and its role: forum, IRC conversations, IM sessions, tutorials, self-study guides and so on. It was people who dedicated their spare time to create information which I used to get my answers. Years later I decided to give back. I have launched PacketFactory.info recently as a place where I could put my own findings about data networks, routing protocols, switching and so on for other people. Instead of losing this information in IM sessions with my colleagues and friends I made a rule to share this information with everyone else and make it publicly available.

This is a collection of 30 random articles bound together for easy reading or making a hard copy. They either help you to refresh some tricky aspects of routing and switching on Cisco devices or inspire you to think about your career and the future. Read it yourself and share it with your friends because this little book is free of charge.

I hope you will enjoy reading it!

Sincerely, Oleg Tikhonov oitikhonov@gmail.com

PacketFactory.info - 30 random networking and career tips. © 2011 by Oleg Tikhonov

Page 2

All brand names and products are Registered Trademarks of their respective Companies.

Table of Contents
My feedback on books ................................................................................................................................. 4 One more way to group routing protocols ................................................................................................... 5 There is only one best path in BGP ............................................................................................................... 6 Static routes and ARP ................................................................................................................................... 8 Two types of EIGRP ...................................................................................................................................... 9 BGP Next Hop 0.0.0.0 ................................................................................................................................. 11 Cisco BGP Weight ....................................................................................................................................... 13 BGP LOCAL_PREF by Cisco .......................................................................................................................... 14 Disable exec timeouts ................................................................................................................................ 15 How to get rid of typo pauses .................................................................................................................... 16 Annoying IOS terminal output.................................................................................................................... 17 No bit buckets for defaults ......................................................................................................................... 18 Mad ping tests............................................................................................................................................ 19 BGP RIB failure? ......................................................................................................................................... 20 BGP Multi-Exit Discriminator (MED) in Cisco .............................................................................................. 22 How to safely configure remote devices .................................................................................................... 23 Some tips on how to better start your career ............................................................................................ 24 Why Wireshark can be bad ........................................................................................................................ 26 Why Cisco emulation platform would be a good idea and why it is unlikely to happen............................. 27 Changing running configuration in Cisco .................................................................................................... 29 HSRP explained .......................................................................................................................................... 30 RIP Database .............................................................................................................................................. 32 EIGRP load balancing using “Variance” ...................................................................................................... 34 How Route Servers work at Internet Exchange Points ............................................................................... 36 OSPF and default routes............................................................................................................................. 37 OSPF Virtual Links ...................................................................................................................................... 39 Torrents and NAT ....................................................................................................................................... 40 Make your traceroute tool quick................................................................................................................ 41 How to upgrade IOS ................................................................................................................................... 42 PacketFactory.info - 30 random networking and career tips. © 2011 by Oleg Tikhonov Page 3

Engineering career and rapid change of technology................................................................................... 43

My feedback on books
It’s a well-known fact that our professional success almost directly depends on our knowledge and experience. Here I’m going to provide some feedback on books I’ve read recently. To put it simple – read the best. Even if you’re preparing for some exam on XYZ technology pick the one people label “Bible” rather than some special or “recommended” for this particular event. You will have to read them anyone – so why bother reading other books and waste your time? Let me through in few examples. I should also mention that I’m not going to tell anything about other topic aside routing this time mainly because routing is the core. Second of all, other technologies (e.g. VoIP, security) depend on marketing too much, technologies come and go. Routing stays.

Routing
Start with these to get some solid foundation: • • Routing TCP/IP, Volume 1 (2nd Edition) by Jeff Doyle, Jennifer Carroll Routing TCP/IP, Volume II (CCIE Professional Development) by Jeff Doyle, Jennifer DeHaven Carroll

Then deeply dig into each technology reading these: • • • • TCP/IP Illustrated, Vol. 1: The Protocols by W. Richard Stevens for TCP Internet Routing Architectures (2nd Edition) by Sam Halabi for BGP OSPF: Anatomy of an Internet Routing Protocol by John T. Moy for OSPF OSPF and IS-IS: Choosing an IGP for Large-Scale Networks by Jeff Doyle for OSPF and IS-IS

I can’t stress this enough – these books are superb. You will read them, read them again and you will keep coming back for years. Once you get through this list you will understand me. You don’t need any of useless money-greedy video lessons where some nervous guy screams and shouts stupid jokes for two hours just to tell you how ARP protocol works. You don’t need any of books by “experts” who managed to write 20 or more volumes crammed with conceptual mistakes and errors (the one who wrote 25 books is clearly a con, not an expert). I hope you got my point.

PacketFactory.info - 30 random networking and career tips. © 2011 by Oleg Tikhonov

Page 4

In contrast. distance vector. BGP and EIGRP rely on opposite peers/neighbors to either die and take all their routes with them or send an update to announce death of certain routes.One more way to group routing protocols We all know that routing protocols are either IGP or EGP. link-state. these timers can only be useful if there is some way resets them – like periodic updates. © 2011 by Oleg Tikhonov Page 5 .info . etc. If you think about it. I am going to remind you about one more way to logically group them: • • with periodic updates without periodic updates This can help you to understand and memorize why OSPFv2 has MaxAge (up to 1 hour) timer or why RIP routes also can be timed out so that router will forget them. PacketFactory.30 random networking and career tips. path vector.

naturally. 2. As NEXT_HOP and AS_PATH are always same inside one AS. “Split Horizon” Strictly speaking.info . iBGP learnt routes are never sent to other iBGP peers. split horizon is a wrong term in BGP context but it is a good way to memorize 2 facts: 1. It is possible to balance across more than one link in some implementations but only the best route will be announced to internal or external peers anyway. Most BGP implementations will not advertise a path for some prefix to a peer if the best path for this particular prefix was received from that peer. Next time you play with LOCAL_PREF or prepend AS_PATH keep in mind that some peers will have several routes for a particular prefix while others will have only one. BGP Best Path Algorithm always has a way to break any tie.There is only one best path in BGP Single path During labs it’s good to remember the fact that. © 2011 by Oleg Tikhonov Page 6 . Both routers peer with dedicated ISP eBGP peers and receive routing information from ISP: PacketFactory. Example You have two border BGP routers connected via iBGP.30 random networking and career tips. all iBGP peers must be full meshed to avoid loops or suboptimal routing. BGP does not have equal paths.

will have only one path (towards ISP1) as iBGP peer R2 will not send its variant of the path. this fact can be useful if you analyze traffic dumps in Wireshark.30 random networking and career tips. however. R2 router will have 2 possible paths per external prefix: • • from its eBGP peer ISP2 from its iBGP peer R1 (the best route) R1.info . PacketFactory. R1 will not send external paths back to ISP1. Moreover.You tweaked LOCAL_PREF so that only R1 will be used for all outbound traffic. R2 may send them back to ISP2. © 2011 by Oleg Tikhonov Page 7 . These routes will be discarded by ISP2 anyway because AS_PATH value will contain AS number of ISP which alarms a loop. However.

This will work if R2 has Proxy ARP enabled (which is default for Cisco). R1 will have a separate ARP Cache entry for each destination IP resolving to the very same MAC address of R2′s F1/1.0. R1 tries to forward packet to R2 via its default route and uses ARP to get the MAC address of packet’s destination because this default route looks like some universal physically connected LAN which has everyone on board.Static routes and ARP One common mistake people often make is related to Proxy ARP and the way Cisco IOS allows us to configure static routes. R2 will send ARP Replies in the name of hosts from networks it knows about. it behaves differently: every time an interface is provided instead of IP address. If R2′s IP address was used.info .0 FastEthernet0/0 Though it looks darn same.30 random networking and career tips. PacketFactory.0. It means that each time someone at R1′s LAN initiates packet exchange with The Internet. R1 would have only one ARP entry related to R2′s FastEthernet1/1 (next hop for R1). Meanwhile. like this: ip route 0.0. © 2011 by Oleg Tikhonov Page 8 . added route is treated as locally connected.0 0.0. Here R1 was configured with static default route and someone decided to provide an outgoing interface instead of next hop address.

As both R1 and R2 redistribute not only from EIGRP to OSPF but also from OSPF to EIGRP. However. However. “A” gets redistributed into OSPF domain as Type5 external route (R1 and R2 act as ASBRs for this domain) so that Ry gets familiar with “A”. redistributes it to OSPF and sends out LSU with LSA Type5 for “A” across OSPF domain.info . we can have a look from a different angle. This far everything looks fine. © 2011 by Oleg Tikhonov Page 9 . As almost every contraption in routing it helps to avoid routing loops. I’m going to cover one single fact only. Both R1 and R2 redistribute between these IGPs. Now. R1 gets “A” via EIGRP from Rx. Example There are to different IGPs running: OSPF and EIGRP. R2 gets too.Two types of EIGRP Ever wondered why are there 2 types of EIGRP with different Administrative Distances? This question implies some serious answers. Thankfully this won’t happen PacketFactory. • • Internal EIGRP has AD of 90 External EIGRP has AD of 170 Different AD values help to avoid routing loops when there are 2 routing domains and more than one redistributing router. R2 should try to redistribute “A” back to EIGRP because it is an average OSPF route. Rx announces subnet “A” across EIGRP domain so that both R1 and R2 have it in their RIBs with Administrative Distance of internal EIGRP which is 90.30 random networking and career tips.

it won’t happen: AD of OSPF is 110 which is less than external EIGRP’s 170 – none of redistributed variants of “B” will be in RIBs of R1 or R2 and as we know. due to IGPs internal differences the only source redistribution system has is RIB.info . PacketFactory. The second scenario is reversed: Ry announces “B” across OSPF domain. If any of the redistributing routers tries to push “B” back to OSPF. © 2011 by Oleg Tikhonov Page 10 . R1 and R2 redistribute it into EIGRP as an external EIGRP route with AD of 170. OSPF-learnt route for “A” won’t get into RIB thus it will not be redistributed.30 random networking and career tips.because EIGRP has AD of 90 which is less than OSPF’s 110.

internal 500 10.0. one route to which is redistributed from IGP: * i10.16.1) Origin incomplete.0 mean in the show ip bgp command output? A.0.4/30.0.0.1. metric 0.1.0. here is a fragment of sh ip bgp output which displays a prefix.16.16. localpref 100.0.13 0 100 0 ? * 10. localpref 100.1. PacketFactory.BGP Next Hop 0.0. best As we can see.1 30720 0 500 ? *> 172.4/30 172. metric 2.0.16. valid. external Local 172.16. I think this explanation is not very clear.1.1 from 10.16. version 5 Paths: (3 available.4 BGP routing table entry for 10. weight 32768.0.30 random networking and career tips.1 (16.0 (172. best #3.0.16.13) Origin incomplete.0.0. valid.0.13 from 172.1.0. the next hop is actually the one from IGP. sourced.0. table Default-IP-Routing-Table) Advertised to update-groups: 1 2 Local 172.13 2 32768 ? If we look further: R2#sh ip bgp 10. A network in the BGP table with a next hop address of 0. It is also present at Cisco.1.0.0.1. or via a network or aggregate command in the BGP configuration. Example First off.0 means that the network is locally originated via redistribution of Interior Gateway Protocol (IGP) into BGP. localpref 100.16.16. What does a next hop of 0.0.0.com BGP FAQ: Q.14) Origin incomplete.13 (172. valid.13 from 0.info .0 I once stumbled upon the following vogue explanation of show ip bgp output in a book. metric 30720.0. © 2011 by Oleg Tikhonov Page 11 .

its next hop will be derived from IGP so that it can be routed.0. The key moment here is that redistributed route will have 0.0. It makes sense to have 0.30 random networking and career tips. © 2011 by Oleg Tikhonov Page 12 .0 as its next hop if it is local from IGP perspective (thus.0.0.0. it originated locally).info .0 0.0. PacketFactory.0 as the next hop for aggregates and routes injected via network command because these routes start their existence in this very device.0.The meaning of 0. It doesn’t however make any sense for routes redistributed from IGP if they were originated somewhere else in IGP domain.0 symbolizes the local device.0. Otherwise.

PacketFactory. local routes are more important than routes with better LOCAL_PREF inside each device. it is also a shortcut for locally injected routes (which. If this fact looks unimportant. you can still find it helpful and use Weight to quickly spot locally added routes in show ip bgp outpout. while usually local preference is considered first. This way.info . However. at some point. Cisco device assigns a Weight of 32768 for all locally injected routes which is bigger (and better) than default 0 for all other sources.30 random networking and career tips. © 2011 by Oleg Tikhonov Page 13 .Cisco BGP Weight As we all know Cisco has a proprietary addition to BGP Best Path algorithm – Weight attribute (kind of). are more preferable than iBGP/eBGP ones) to be considered at the very beginning. it’s not just an extra step for the algorithm. Here is the part of the best path selection algorithm we’re interested in: • • • Prefer highest Weight (Cisco only) Prefer highest LOCAL_PREF Prefer locally injected path o tie break: added via network or redistribute added via aggregate-address • • Prefer shortest AS_PATH etc. It is the first so-called attribute considered (if synchronization is ok and next hop is accessible).

metric 0.1.BGP LOCAL_PREF by Cisco Here is a small note about one BGP glitch in Cisco products. internal The possible reason is that some IOS snippet reads LOCAL_PREF from some structure derived from received updates but routes learned via eBGP obviously don’t transport LOCAL_PREF in updates.16. LOCAL_PREF will show up: R2#show ip bgp 0.0.13 (172.30 random networking and career tips. However. best 500 10.1 (16.0. best #1. valid.0.16.0.13) Origin IGP. table Default-IP-Routing-Table) Advertised to update-groups: 1 500 10.0.info .0/0. external.16. if we dig a bit deeper.1) Origin IGP.0.5 (metric 2) from 172. PacketFactory. R2#sh ip bgp Network *> 0.0. For some weird reason cisco box won’t show you the default local preference while it’s still there.0.0.0.0 BGP routing table entry for 0.1 from 10. localpref 100. valid.16.0.1 10.0. © 2011 by Oleg Tikhonov Page 14 .0. localpref 100.0.5 Metric LocPrf Weight Path 0 0 500 i 0 100 0 500 i As you can see.0. version 28 Paths: (2 available. there is emptiness for the first route. metric 0.0 *i Next Hop 10.1.0.

info . PacketFactory.Disable exec timeouts There is one more convenient feature of IOS which allows for infinite configuration time on lines if configured with 0 minutes 0 seconds: Router1(config)# line con 0 [vty 0 4] Router1(config-line)# exec-timeout 0 0 Here is the result: Router1#sh line con 0 <skipped> Timeouts: Idle EXEC Idle Session Modem Answer Session Dispatch never never none not set Idle Session Disconnect Warning never Make sure to apply it to both console and vty lines. It may not be acceptable in live networks due to security or political issues but it is obviously useful for labs. © 2011 by Oleg Tikhonov Page 15 .30 random networking and career tips.

255.255.255) Translating “rw”…domain server (255.663: %SYS-5-CONFIG_I: Configured from console by console R4# Certainly.255.255. © 2011 by Oleg Tikhonov Page 16 .255. it’s not appropriate in many production situations but we almost never have excuses not to use this simple technique in Lab environments.30 random networking and career tips. I’ve tried to save config by using old-school wr command: R4#rw Translating “rw”…domain server (255.info . or unable to find computer address R4# There is an obvious solution – use no ip domain-lookup command to disable DNS lookup: R4#rw Translating “rw” Translating “rw” % Unknown command or computer name.255) (255.255.255) % Unknown command or computer name. PacketFactory. trying to either cram in that tricky abort key sequence or wait till DNS resolver cools down (which takes a while)? For example. or unable to find computer address R4# *Jan 18 14:05:05.How to get rid of typo pauses Isn’t it annoying to mistype some command and become stuck.

etc. Configuration: Router(config)# line vty 0 4 Router(config-line)# logging synchronous Every time some output pops up in the middle of the CLI line you’re currently editing. IOS will make a new line and paste all your work there so that you’ll be able to continue.info . debugs.30 random networking and career tips. yet many engineers tend to forget about this useful command (including myself): logging synchronous Being applied to line config (line Console or VTYs) it allows you to keep typing without being disturbed by those annoying logs. this one is quite popular. © 2011 by Oleg Tikhonov Page 17 . PacketFactory.Annoying IOS terminal output Alright.

only some part of 10. all packets routed to Null interfaces simply get dropped).info . all traffic must be either routed deeper in the network or dropped (as we know.0. Let’s suppose that BDR is the only router which runs BGP. Obviously.0.0.No bit buckets for defaults A mate of mine once stumbled upon one trivial network behavior which has some philosophical idea behind its simplicity. We all know that RIB entries which point to Null interface are necessary for each summary or aggregate route created.0. In order to receive all Internet-bound traffic.0.30 random networking and career tips.0/8 pointing to Null0 interface in its RIB – BDR is the only entering point into 10 network.0.0.0. This is why BDR has to has 10. it must not have 0.0/0 prefix which is used throughout the network. In this case. © 2011 by Oleg Tikhonov Page 18 .0. Once he created a default route in OSPF and expected it to create the route to Null because 0. it didn’t happen and here is why: Here we can see border router (BDR) which runs BGP with ISP router to receive default route from it and announce its own 10. PacketFactory. As the bottom cloud suggests.0.0/8 is currently used but in this scenario 10.0/0 is ultimately an outstanding form of aggregation which spans across all address space.0/0 route pointing to Null interface because it needs to forward all outgoing traffic to ISP via another default route: 0.0.0. BDR announces default route to the rest of the network.0/0 pointed to NEXT_HOP of ISP. He knew about that and got used to it.0.0/8 is dedicated to the whole network.0.

Second of all. If you do – you still can’t measure it accurately since ICMP packets are often treated with less priority. was request or reply dropped. You did apply some sensible load on the network but in many cases this doesn’t give you much information. And finally: IP packet. due to its header has limits on maximum packet size. PacketFactory. in most situations you either get a direct error from your host (if you disabled fragmentation) or simply send some big request and receive some big reply (both get fragmented and reassembled by IP layer).info . large pings may be blocked or filtered by security mechanisms.30 random networking and career tips. In most cases DF bit is not set for ICMP and UDP by default. Third: Payload for ICMP Reply packet should be exactly the same as in received Request. Besides. Let’s recall the following things: • • • • MTU DF bit of IP ICMP payload Maximum IP packet size First of all. in general networks). it also can’t address an infinite OFFSET. I suppose it is something we sometimes do unconsciously. etc.Mad ping tests I bet we all saw some guy desperate to troubleshoot a network with echo requests of increasing sizes without any idea why. The bottom line Using large ICMP Request payloads can be meaningful but there should be a clear reason and understanding of what’s going to happen. So. MTU size is pretty consistent nowadays (again. © 2011 by Oleg Tikhonov Page 19 . You don’t know where on the network the bottleneck occurred. we should know if our host machine which we use to initiate ping (echo request) sets Don’t Fragment bit for IP packets which encapsulate our echo requests.

0 15.0. Conclusion In many cases RIB failures don’t indicate any dramatic problems on the network.0. h history.BGP RIB failure? If you haven’t worked with Cisco implementation of BGP enough you may stumble upon BGP RIB failure in sh ip bgp output and wonder what it means. traffic share count is 1 As you can see here. local router ID is 18.0. > best. Here is some output: R7#sh ip bgp BGP table version is 31.0 15.0. distance 1.0.9 Route metric is 0.15.0.0.0. the route received from BGP cannot be inserted into RIB because there is a static route with lower Administrative Distance (1 vs. Now. * valid.1 0 100 0 i *> 0.15. d damped.0 15.15.0 0 32768 i r> i88. For example.0.18.0. © 2011 by Oleg Tikhonov Page 20 .15.0.1 RIB-failure RIB-NH Matches Higher admin distance n/a This gives us a hint.0.0. ? – incomplete Network Next Hop Metric LocPrf Weight Path * i0. if we check RIB we’ll get the source of this anomaly: R7#sh ip route 88. metric 0 Routing Descriptor Blocks: * 10. S Stale Origin codes: i – IGP. e – EGP.info .0 Routing entry for 88. 20).1 0 100 0 666 i Now we can try to investigate the matter: R7#sh ip bgp rib-failure Network Next Hop 88.0/8 Known via “static”. i – internal.1 Status codes: s suppressed.15. it can be your eBGP peer which was configured with network command which hooked up your PacketFactory.18. r RIB-failure.0.15.30 random networking and career tips.

© 2011 by Oleg Tikhonov Page 21 .30 random networking and career tips. However. PacketFactory.info . it might be a good idea to keep an eye on them using show ip bgp rib-failure command.transport /30 subnet between BGP peers.

16.1/32 172. MED is the best entering point for some particular prefix in AS. Here is a snippet from my lab network which OSPF redistribution into BGP: * i192.BGP Multi-Exit Discriminator (MED) in Cisco Multi-Exit Discriminator is a BGP attribute generally used to advise single external AS you peer with about the best entrance to your own AS. you must configure route-map and advise the router to put IGP metric of some prefix into MED field of BGP update for this prefix: route-map set_MED permit 10 set metric-type internal One tricky moment here is that the word internal means 2 different things in IOS: R2(config-route-map)#set metric-type ? external IS-IS external metric internal IS-IS internal metric or Use IGP metric as the MED for BGP type-1 OSPF external type 1 metric type-2 OSPF external type 2 metric Cisco devices have one more interesting addition to this behavior: Every time you redistribute IGP routes in BGP. The best entering point is the best path across AS cloud between some border router and some final subnet in terms of IGP (because IGP is used for routing inside AS in most cases).222. In order to use MED.2 3 32768 ? 0? As you can see.10 2 100 *> 172. if you have 2 border routers which peer with 2 other routers of AS “X” you can tweak MED to advice “X” to use the 1st router of yours for all traffic towards your Autonomous System. Cisco will put IGP metric in MED automatically.1. So. “2″ and “3″ actually came from OSPF costs.168.30 random networking and career tips.info . the best border router (the one peering with other AS via eBGP) in terms of MED is the one which has the shortest IGP path to final prefix.16. © 2011 by Oleg Tikhonov Page 22 . For example. As we stated. PacketFactory.1.

It has however one crucial feature which must be used by every engineer – reload command.info .How to safely configure remote devices Sometimes we face with the most annoying task – configuration of some router which is infinite miles away.30 random networking and career tips. your device will reload as scheduled and you’ll get your console back. Unfortunately. This very simple command will save you heaps of your nerves. If you mess up and loose management connection. You should know about these 3 arguments: reload in minutes reload at time cancel reload Before making any changes to running config you must issue any of the first 2 commands to tell the router to reload in some minutes or reload at precise time without saving the config. Cisco IOS is pretty ancient in terms of flexibility of operations with config files. After you alter configuration and check that your box is still accessible. © 2011 by Oleg Tikhonov Page 23 . you should cancel reload task you’ve scheduled by providing cancel reload. PacketFactory. You don’t want to know the stories people got into after changing ACLs or shutting down ports thus cutting themselves out of the box.

The bitter fact of this life is that you’ll almost never see the best positions in public access.info . This is the curse of this industry – you will never succeed if you work 9 till 5. read several books to prepare for your exam. The better some position is (in terms of money or interest) the more chances that someone will try to hire from his/her social network. PacketFactory. So. not by socializing only. The very first thing is this: train yourself to study hard. etc. © 2011 by Oleg Tikhonov Page 24 . They study constantly. their colleagues. I learned this from my modest experience. don’t be fooled that you’ll be able to find a job in a week once you become skilled and expensive. Don’t rush after money and don’t work with silly technologies – you’ll regret it.Some tips on how to better start your career Many of you plan or just started their careers in the industry. remember that those people earned their expertise by studying hard. Believe me. Plan your technical career 2-3 years ahead and stick to it (unless you discover that your plan is silly). I’m not sharing with you. even if you work for a top Cisco Gold Partner System Integrator most of your self-development will concentrate in few time clusters when you faced a big chunk of some new technology. If you’re young – don’t run after quick money. It is ok to sort of polish some questions and technical oddities but please – invest your time wisely. If you’re 1st line support engineer – you may get lots of responses to your CV. They spend their own time cut from their families. You should. In fact. I still regret that I was blind and haven’t stayed in a less-paid but more perspective position in ISP. IRC channels and other communities and feel yourself involved wasting all your time on those resources. Don’t blame your boring entry-level position for all your misfortunes and luck of progress. Personal example: I once went for some money which looked good back then for me and wasted almost a year working with Videoconferencing and similar trivial crap until I realized that such a specialization is poor in terms of growth. etc. Most of the good engineers I know never rely on their company. They never loiter and learn nothing in wait for some mythical good big projects to come. however.30 random networking and career tips. 90% of the time you’ll be doing same old boring crap and won’t learn anything new. learn how to build your professional network. friends. You may see lots of experienced people in forums. I would like to share some of my thoughts on the matter with you. There isn’t anything dirty in this – people simply try to work with someone they know and trust. The more skilled you become the less responses you get. And the last one for now – yet the most important – don’t be too geeky. Some people realize it pretty late too. I’m sharing with myself but young and novice.

info . © 2011 by Oleg Tikhonov Page 25 .30 random networking and career tips. They split and unite again many times. This industry is very small as you’ll see.Lots of engineers actually migrate from one company into another in flocks – someone becomes chief engineer and brings his mates from the previous company. PacketFactory.

Besides. The very first thing which comes into my mind is a habit of bottom-up troubleshooting and debugging approach packet analyzing tools develop in you. you won’t be able to identify many problems from the dump only. tcpdump or IOS-embedded packet sniffer are great learning and troubleshooting instruments. PacketFactory. Learning and lab experience reinforce this behavior even more. like smokers without tobacco. © 2011 by Oleg Tikhonov Page 26 . Cisco TAC engineers ask you to provide traffic dump either when other techniques failed or when they don’t have time to work on your case right away. To utilize the best approach in some particular situation you really have to be familiar with debugging commands of your vendor. I personally try to keep this in mind to gradually become a better engineer.30 random networking and career tips. It is good to know stuff deeply but sniffing is not the best option for every problem. However. some negative impacts on your skills and work. Once you become familiar with under the hood logic of some technology or protocol.info . They didn’t feel comfortable. You don’t want to collect traffic dumps too often – it is almost always faster to type in some commands and nail the bug than to sniff everything and then compute stuff in your head. There are several troubleshooting methodologies which are appropriate for problems of different features. to be able to predict problems and act by mind. you may tend to sniff traffic as the first step of nailing problems. all traffic sniffing tools have. This may sound preachy but I’ve seen people whose problem solving efficiency decreased once they stumbled upon some remote issue in a situation when it was simply impossible to collect traffic.Why Wireshark can be bad Wireshark. not by habit. in my opinion.

Here is my 2 cents. Vendors consider that provision of emulation platforms is not an option. This industry doesn’t look mature and professional enough. Why getting needed instruments it is unlikely to become reality PacketFactory. Integrators do not offer any solid and tested solutions from their portfolio. This is why people laugh at you when you reveal your profession and then call yourself an engineer. no system approach. We can only go there and test it during the project. Some people have started to promote an idea of asking Cisco to provide us with the official emulation platform for learning and testing purposes. Imagine several iterations of producing parts of some aircraft by heart just to test if they will assemble together. Software licenses state that they are ready to get your money but won’t guarantee anything in return. time and patience. nothing. etc. they sell hope that everything will be fine.info . engineers lose nerves because they’re obliged to be responsible for solutions they know nothing about. Imagine a factory without standards. It’s still a geek playground. We don’t use CAD systems to thoroughly test proposed solutions before selling or deploying them. We don’t have instruments to prepare good solutions. © 2011 by Oleg Tikhonov Page 27 . No responsibility. service providers lose manhours. migration of ISP track to XR and restricting software access via CCO inflate those talks even more.Why Cisco emulation platform would be a good idea and why it is unlikely to happen We all like dynamips/dynagen/gns. Why emulation is good Imagine a group of architects building a bridge after reading some books and scratching in PowerPoint. However. Recent changes in IOS 15. The current response by vendors is simple – buy twice as much and build an equivalent lab. this is how modern Telco and IT operate. Such a situation doesn’t look plausible – it’s not how big and serious things are done in tough segments of our economy. Customers lose money.30 random networking and career tips. planning.

Problems generate support market. people will complain tomorrow that they’re unable to test this and that. Cisco. Second of all. © 2011 by Oleg Tikhonov Page 28 . we should just embrace the fact that in this field everything is messed up and make sure the client believes in that. Probably. Modeling and testing systems for such extraordinary things cost more than your networking projects. You can’t build a much cheaper equivalent of something with same functions. Third: technological foundation of building a bridge changes slower than things in IT. It’s dirt cheap for Cisco. Playing with dynamips is a very good thing but it is not a product you purchased.info . Space crafts are more expensive than migration of an office to VoIP. or even two if you need. If your project is that expensive. If some vendor ships a product similar to dynamips today. it is a technological problem. They can’t ship their developing stuff either – I presume it is buggy semi-hardware kit collection difficult to manage or operate because it’s was not developed with end users in mind.First of all. for example. you will buy yourself a lab. If you are an immense government organization. PacketFactory. Nobody will invest resources just to make it easier for you to pass CCNA. I don’t think they care. simply has labs for its engineers.30 random networking and career tips. you can justify building a lab. If they build The Product it will cost heaps but will be emulation anyway. If you’re a small enterprise – it’s your problem if something won’t go as planned.

Changing running configuration in Cisco Many people mess up stuff when they try to copy some config file into running configuration. If you’re after complete replacement of running configuration. © 2011 by Oleg Tikhonov Page 29 . use the second command instead.30 random networking and career tips. PacketFactory. It adds command from file if they are missing in current running configuration or alter those commands overwriting the ones in current running config with the ones from provided file.info . The most common mistake is that this command will not delete any commands from running config if they’re not present in provided file. There is one important thing about it in Cisco IOS. There are two commands which have major difference in their operation: • • copy file running-config config replace file The first command does merge operation. It will wipe the running config and put the one from its argument.

Participating networking devices communicate with each other and provide a virtual IP and MAC addresses for servers or workstations. Here I am going to give a basic example of HSRP from design angle. © 2011 by Oleg Tikhonov Page 30 . You may google more details. Even though it is described in RFC it’s still a Cisco proprietary thing because RFC 2281 is informational. HSRP Design Here is an example of how it may be implemented on the network: PacketFactory.info . Standby (the router with next-highest priority) will start answering ARP requests for virtual IP.30 random networking and career tips. elect the Active and Standby roles.HSRP explained I’ve noticed that HSRP protocol is usually described from operational point of view only. HSRP Basics Hot Standby Router Protocol is a next hop or default gateway redundancy instrument. If Active one dies.

23.23.3 Sample config for CS1: interface Vlan23 ip address 192.168.23.23. CS2) terminate VLANs on SVI ports.1 SVI 23 on CS1 – 192. PacketFactory.0 standby 10 ip 192. © 2011 by Oleg Tikhonov Page 31 . L3 Core switches (CS1.info .23.We have a L2 access layer switches (SW1…SWn.168. • • • SVI 23 on CS1 – 192.255.168.168.168.23.23.1q trunks for redundancy.3 standby 10 priority 200 standby 10 preempt standby 10 track 1 decrement 100 I hope this may help to grasp HSRP implementations for those who struggle.255. for example a switch per floor) which connect to both core devices via 802. Both core switches will have SVI interfaces for VLAN 23 configured with their own IP addresses in 192.168.30 random networking and career tips. One subnet per VLAN is assigned (192.0/24 subnet plus HSRP group will be configured on those SVI interfaces with its own IP address from the subnet.168.1 255.0/24 for VLAN 23).2 HSRP group on both SVIs – 192.

This is all simple and logical but let’s have a closer look on the third drop reason: Both RIP and EIGRP protocols are configured on some routers (nobody knows why.0.0 15.0.0 in 1 hops However. maybe there is some IGP migration in process).0. 120): PacketFactory. An inbound update will be dropped and won’t get into RIP table if: • • • It was filtered by some inbound filtering There is a better RIP route for this prefix (less hops) There is a route in RIB with better Administrative Distance As was stated above.30 random networking and career tips.info . It implicates that if some route hasn’t reached the database it will not be sent out. RIP uses this database to generate outbound updates. R3 has 15.0. However.0/8 directly connected.0.0.827: RIP: received v1 update from R3 on FastEthernet1/0 *Jan 28 22:16:37.0. Loopback1 R3 shares it with R2: R2#debug ip rip *Jan 28 22:16:37.0.RIP Database IP has a special route database to keep all received updates and uses this database to send outbound updates as well. RIP differs from other IGP protocols in a way that it doesn’t keep all topology information. RIP processes inbound updates to decide if they should go into route database.0/8 prefix in its RIP table: R3#sh ip rip database 15.0. R2 does not put this route into its RIP Database because it also receives an EIGRP update for the same prefix and EIGRP has better AD than RIP (90 vs.0.0 255.827: 15. © 2011 by Oleg Tikhonov Page 32 .

FastEthernet1/0 This also means that R1 which runs RIP only will never know about 15.0/30 directly connected.0/8 auto-summary 10.0.0/8 [90/156160] via 10.0.0.0 D 15.0.2.0.0.100. 00:15:22.168.100.0.0/24 auto-summary 192. FastEthernet2/0 <skipped> R2#sh ip route | i 15.0.R2#sh ip rip database 10. FastEthernet1/0 172.0/30 directly connected. FastEthernet1/1 192.30 random networking and career tips.16. © 2011 by Oleg Tikhonov Page 33 .0/8 directly connected.info .10.16.0.168.0.0/16 auto-summary 172.0.0/8 network. PacketFactory.0.0.

info . EIGRP process on R1 needs to find its way to 10. Let’s calculate EIGRP in our head: • • • R2: Advertised Distance (or Reported Distance) is 5.EIGRP load balancing using “Variance” EIGRP is probably the only widespread IGP capable of unequal cost path load balancing.0. R1 receives the route from R2. R3 will become FS because 5 < 10.0/8. FD is 15 R4: AD(RD) is 20. It is quite easy to configure this feature though there is one important thing to remember about it – such load balancing has nothing to do with Feasible Successor (FS) elections. © 2011 by Oleg Tikhonov Page 34 . Feasible Distance (FD) via R2 is 10 R3: AD (RD) is 5.0. R4 will become nobody because 20 > 10. Feasible Successors As we can see in this example network. FD is 25 R2 will become Successor because of the lowest FD (10). R3 and R4.30 random networking and career tips. Load sharing Even though the path via R3 is worse in terms of metric than the one via R2 it is still possible to put this route into RIB table by providing variance command: router eigrp 10 variance 2 PacketFactory.

info . PacketFactory. otherwise it could create routing loops. © 2011 by Oleg Tikhonov Page 35 .30 random networking and career tips. We can set variance to 5 but R4 still won’t be considered.This command increases the reference metric – it multiplies FD of the successor by provided argument (in this example 2). Variance multiplier is used only to allow FS into RIB. For our network this means that R1 will put the route from R3 into its RIB because 15 (the FD of R3) is less than the new reference metric of 20 (10*2=20). R4 will still be an outsider because 25 is still > 20 and because R4 is not even a FS. EIGRP checks feasibility condition and picks successor and feasible successors first. Once again.

How Route Servers work at Internet Exchange Points Route Servers are used at points of traffic exchange where big enterprises and ISPs interconnect with each other to actually create The Internet. Moreover. © 2011 by Oleg Tikhonov Page 36 . Route Server acts like Route Reflector in iBGP – it receives some routing information. All participants exchange actual traffic across some sort of a switch farm. each participant peers with Route Server only thus full BGP peering mesh is avoided. All prefixes have NEXT_HOP attribute of original router which shared this information with Route Server. PacketFactory. Each time someone new pops up – everybody has to configure another neighbor. Route Servers help to simplify BGP peering: As you can see. The most crucial thing here is that Route Server does not forward real traffic. Now imagine a facility where tens of Autonomous Systems peer. some networking policies must be implemented in different varieties among independent routing domains.info .30 random networking and career tips. processes it and sends out to other peers. As we know. in order to exchange routing information between Autonomous Systems BGP peering must be established between each pair of peers because BGP works on top of TCP and does not create neighborships automatically via some multicast magic like IGPs do in most of the cases.

info . we create a static default route and redistribute it into IGP.255 area 0 default-information originate … PacketFactory.0/0 is already present in RIB table (for example.0.30 random networking and career tips.0 172.OSPF and default routes This post is about some common mistake again. © 2011 by Oleg Tikhonov Page 37 .0.0 255.255.255. but EIGRP will behave in the same manner: R2#sh ip ospf database external OSPF Router with ID (192.0.16. this won’t work.255.0 0. router ospf 1 log-adjacency-changes network 0.255 area 0 ! ip forward-protocol nd ip route 0. Another command must be used instead. router ospf 1 log-adjacency-changes redistribute static subnets network 0. In the case of OSPF.168.0.0.1 OSPF does not redistribute default routes when redistribute command is utilized.0.0/0? Usually. it was received from eBGP peer). redistribute command skipped the static default – R2 does not have this external route in its database.0.10. I use static route redistribution in this example.100. You may think of it as of some special form of redistribution command: • • default-information originate default-information originate always Issued without any arguments it will make the router ASBR and inject an E2 Type 5 default route into OSPF only if 0.255. The always argument tells the router to originate default even if it has no default in its RIB.0. How to tell OSPF router to announce 0.0 255.2) (Process ID 1) As you can see.0.0.0.0.

you don’t want to attract traffic with a static default towards a router with failed BGP session. © 2011 by Oleg Tikhonov Page 38 .168.0 (External Network Number ) Advertising Router: 192.10.info . It may also be proposed that having the special command for default routes is safer in terms of configuration errors – you’re less likely to redistribute default routes accidentally.R2#sh ip ospf database external OSPF Router with ID (192.168. If you have 2 BGP border routers and receive 0/0 routes from ISPs.0.0.1 External Route Tag: 1 It is a better idea because it is conditional.2 LS Seq Number: 80000001 Checksum: 0x21F9 Length: 36 Network Mask: /0 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 1 Forward Address: 172.16.100. DC) LS Type: AS External Link Link State ID: 0.2) (Process ID 1) Type-5 AS External Link States LS age: 2 Options: (No TOS-capability.100. while static defaults are obviously not.30 random networking and career tips. PacketFactory.

1. Anyway. PacketFactory. this topic is not about the reasons behind virtual links – I’m going to tell you about some ubiquitous mistakes people make when they try to create an OSPF virtual link. not an IP address of the other router’s interface in transit area.1. it’s not a stub Configuration snippet for R1: router ospf 1 area 2 virtual-link 2. You may stumble upon some problem when it’s physically impossible to connect some distant OSPF Area into Area 0 (the backbone).2. © 2011 by Oleg Tikhonov Page 39 .OSPF Virtual Links OSPF virtual link might not be the best thing which may happen to your network because it either indicates problems in design or backbone connectivity issues.g.30 random networking and career tips.info . An example of connecting isolated Area 3 to backbone to fulfill OSPF design rule – all areas must connect to backbone area: Virtual links can be created when: • • • • Both routers are ABRs Both routers share common Area – transit area One router is connected to Area 0 Transit area has full routing information e. though I doubt.2 R1: router ospf 1 area 2 virtual-link 1.1 The final warning – virtual-link command takes RID or Router ID.2. You may also have some disaster on your backbone which caused Area 0 to split and create 2 separate OSPF domains.

ideally you have 65k *2 of streams. There is a problem – p2p file sharing clients tend to open and keep huge amounts of TCP sockets. Most of us have cheap consumer-grade devices which connect us to The Internet (for example. If some crooks use their office computers to download and seed lots of stuff and keep it running 24×7 because power and Internet access are free. Many people own dedicated set-top boxes or simple home PCs which run for months and keep seeding files. What you can experience is your file sharing client is ok but none of other network services seem to work – no HTTP. In such situations engineers get orders from above to unleash the witch-hunt.Torrents and NAT It’s not a secret that peer-to-peer traffic is tremendously widespread nowadays. the whole network can degrade. We also still live in the age of IPv4 and NAT. DSL modems operating in router mode instead of bridge mode). You may dig into your torrent client options and see the defaults. PacketFactory. So. It may take up to 90% of all traffic in some parts of the Internet. Yet may engineers never think about the behavior of p2p file sharing and ubiquitous NAT combined.info . It happens all the time. Another problem is when employees use p2p networks at work. © 2011 by Oleg Tikhonov Page 40 . IM or email – you router is loaded and can’t accommodate NAT translations for other traffic. Many of those devices are not capable of keeping NAT translation tables that big. Middle size enterprises usually have only a couple of public IP addresses for NAT service.30 random networking and career tips.

Each time traceroute gets a reply – it tries to make reverse DNS lookup.3. There is one simple trick – disable domain name resolution for all intermediate hops.4 This tool is used too often to waste seconds every time you need to make a trace.2.3. Yet most of the people do not know how to use it properly. © 2011 by Oleg Tikhonov Page 41 .30 random networking and career tips.Make your traceroute tool quick Traceroute is the second most popular network diagnostic tool after ping. Here is how to do this in Cisco IOS CLI: traceroute 1.info .4 numeric MS Windows: tracert -d 1.4 UNIX: traceroute -n 1.2. PacketFactory.2.3. In most cases you don’t really care because you deal with IP addresses.

© 2011 by Oleg Tikhonov Page 42 . Once you have two IOS images stored. I personally feel uneasy to remove the current IOS file from flash: and then upload a new one – the new image can have problems.30 random networking and career tips. I once automatically typed boot config flash ios_image instead of system and the stupid box treated an image file as its startup config – I typed sh start but got a huge binary mess as an output :) The first thing you should check after your router boots up and loads the new image is to check logs to see if the new IOS version parsed and understood each command of your startup config file.How to upgrade IOS Sometimes it is necessary to upgrade the currently running IOS in your Cisco to get rid of some bugs or enable some features. PacketFactory.info . etc. power might be interrupted during upgrade. you can specify the image that should be booted after next reset: Router(config)#boot system flash imagename You can also have several startup config files and pick one of them: Router(config)#boot config flash filename If you use both commands make sure you haven’t mutually mistaken them. I always tend to free up enough flash: space to accommodate another IOS image.

Surely you should try to get the best route and deal with the best technologies to boost your career but you will face changes anyway. You should practice Systems Approach and teach yourself to see the bigger picture. Only poor and weak people worry about changes. PacketFactory. By the time clouds kick in. My instant reaction was – should we really care? It was my understanding that everything in this world tries to evolve. You will be able to manipulate whatever building blocks you have.info . People who once spent some effort to learn some stuff and then stopped will eventually have problems. The point was that cloud computing would kill many jobs and make lots of engineers and other IT folk redundant. Someone shared his concerns about the rapid growth of cloud computing. It won’t matter for them anymore.30 random networking and career tips. Some particular technology doesn’t mean much once you become experienced. I’m sarcastic but you should get my point.Engineering career and rapid change of technology I’ve stumbled upon one online conversation recently. © 2011 by Oleg Tikhonov Page 43 . most of current engineers will make their careers and become lazy managers or vogue architects.

Sign up to vote on this title
UsefulNot useful