You are on page 1of 83

Why Cisco internetworking required?

To sort out the problems in LAN like


 Too many hosts in a broadcast domain,
 Broadcast Storm
 Multiplexing
 Low Bandwidth

Routers, Switches, Bridges and Hubs are used

Routers are used to break the broadcast domain,


Routers can filter the network based on IP Address and forwards the packet to other network

Switch breaks collision domain (every port is collision domain), but one broadcast domain
Switches are used to optimize the performance of LAN,
Switch switches frames from one port to another, does not forward it to other network
More manageable with VLANS, STP etc. than Bridge
100s of ports available

Bridge breaks collision domain (each port is collision domain like switch), but one broadcast domain, same
function as switch
16 ports maximum
Not manageable like switch

Hub does not break any domain. One Broadcast domain, one collision domain
Not manageable
Seven Layers & its Functions

Layer alia Layer Function Type of Application / Protocols Used


Name
Application Up Provides a User Interface / file, print, WWW, E-mail gateways (SMTP or X.400)
per message, database and application EDI (Electronic data interchange – flow control of
Lay services accounting, shipping, inventory tracking)
ers Special Interest bulleting boards – chat rooms
Internet navigation utilities – Google & Yahoo!
Search engines, Gopher, WAIS
Financial transaction services – currency exchange
rates, market trading,commodities etc.
Presentation Presents Data, Handles processes of PICT, TIFF, JPEG, MIDI, MPEG, RTF, Quick
encryption, compression and Time (manages audio and video applications of
translation services Macintosh programmers)
Session Setting up, managing and ending up NFS, SQL, RPC, X Window (GUI based protocol
sessions between presentation layer – like GUI interface in Linux), Apple Talk Session
entities, Protocol (ASP), Digital Network Architecture
Keeps different applications’ data Session Control Protocol (DNA SC) – DECnet
separate / Dialog Control session layer protocol
Transport Lo End to End Connectivity / Provides (TCP/UDP) Flow Control: prevents buffer from
wer reliable or unreliable deliver, overflowing in receiving host – no loss of data,
Lay Performs error correction before Connection Oriented Protocol, Windowing –
ers retransmit. Known as Acknowledgement
Communication Layer also
Network Routing / Provides logical Passes User Data Packets – routed protocols
addressing, which routers use for (IP/IPX)
path determination Passes Route Update Packets – routing protocols
(RIP, IGRP, EIGRP, OSPF, BGP)
Routing Tables : Protocol-specific network
address, Exit Interface, Metric (load, reliability,
bandwidth, MTU, hop count – distance), Access
lists, VLAN Connections, QoS for specific
network traffic
Data Link Framing / Combines packets into Provides physical transmission of data and handles
bytes and bytes into frames, Provides error notification, network topology and flow
access to media using MAC address, control.
Performs error detection not MAC Layer (802.3): Defines how packets are
correction placed on media. Physical addressing, logical
topologies (signal path through physical topology),
line discipline, error notification (not correction),
ordered delivery of frames, optional flow control.
LLC Layer (802.2): Identify the network layer
protocols and then encapsulate them. Decides
where to destined the packed when frame received
(IP Protocol at the network layer), flow control and
sequencing of control bits.
Layer 2 Switches and Bridges work here.
Physical Physical topology / Moves bits Sends / receives bits. (0s/1s). Different signaling
between devices, specifies voltage, methods for different type of medias. We can
wire speed and pin-out of cables identify the interface between DTE (attached
device) and DCE (located at service provider)
DTE can be accessed through modem or
CSU/DSU.

Ethernet Networking:
 A media access method that allows all hosts on a network to share the same bandwidth of a link
 It is scalable to Fast Ethernet and Giga Ethernet
 Easy to implement and troubleshoot
 Use Data Link and Physical layer specifications
 Uses CSMA/CD protocol to avoid collision of data being transferred by two devices at the same time
 Effect of CSMA/CD network sustaining heavy collision like Delay, Low throughput and Congestion
 Half Duplex (802.3) uses one pair of wire with a signal running in both directions on the wire
 Full Duplex uses two pairs of wire and sends and receives the data on separate pair makes data
transfer faster
 Full Duplex can be used between Switch to host, Switch to Switch, Host to Host
 When powered on, first connects to remote end, negotiate with the other end (called auto detect
mechanism method) which decides the exchange capability (10/100/1000 Mbps).
Ethernet at the Data Link Layer :
MAC Addressing and data transfer takes place through the form of frames like Ethernet II frame, 802.3
Ethernet frame, 802.2 SNAP frame and 802.2 SAP frame.
10 Base 2 : 10 Mbps, baseband technology, 185 Mtrs. length, thinnet, supports up to 30 nodes on a
single segment. Use BNC (British Naval Connector) and T-connectors. Use logical and physical bus
with AUI (15 pins) connectors. (Attachment Unit Interface allows one bit-at-a-time transfer to the
physical layer from data link media access method.)
10 Base 5 : 10 Mbps, baseband technology, 500 Mtrs. length, thicknet, up to 1024 users with 2500
meters with repeaters. Use logical and physical bus with AUI connectors.
10 Base T : 10 Mbps using Cat 3 UTP wiring, each device must connect to hub/switch so one host per
segment or wire. Uses RJ-45 connector (8 pin modular connector) with physical star and logical bus
topology.
100 Base TX : EIA/TIA Cat 5,6,or 7 UTP two-pair wiring. One user per segment, up to 100 Mtrs. long.
RJ-45 Connector with a physical star and a logical bus topology. Use MII -- Media Independent
Interface (uses nibble, defined as 4 bits) which provides 100 Mbps throughput.
100 Base FX : Use fiber cabling 62.5/125-micron multimode fiber. Point-to-point technology, up to 412
Mtrs. long, ST or SC connector which are MII.
1000 Base CX : Copper twisted-pair called twinax (a balanced coaxial pair) that can run up to only 25
meters. GMII interface.
1000 Base T : Cat 5 UTP four pair wiring up to 100 meters long.
1000 Base SX : MMF using 62.5/50 micron core, uses 850 nano-meter laser, and range is from 3 Kms
to 10 Kms

The Cisco Three-Layer Hierarchical Model


The Core Layer = Backbone
The Distribution Layer = Routing
The Access Layer = Switching

The Core Layer:


 Responsible for transporting large amounts of traffic reliably and quickly
 Only purpose is to switch traffic as fast as possible
 If failure, every single user will be affected
 FDDI, Fast Ethernet and ATMs are suitable technologies
 Routing protocols with lower convergence time

The Distribution Layer:


 Referred to as Workgroup Layer also
 Communication point between core and access layers
 Provides routing, filtering and WAN access and how packets access to the core if needed
 Place where policies are defined for network like ----
Routing
Access lists, packet filtering, queuing
Security and network policies, including address translation and firewalls
Redistributing between routing protocols and static routing
Routing between VLANs
Definitions of broadcast and multicast domains

The Access Layer:


 Also known as Desktop Layer
 Controls user and workgroup access to inter network resources
 Layer where end user directly connects
 Continued access control and policies from distribution layer
 Creates separate collision domain
 Workgroup connectivity into the distribution layer
 DDR and Ethernet Switching technologies
TCP/IP & DoD Model
TCP/IP suit was created by the Department of Defense to ensure and preserve data integrity.

DoD Model OSI Model Protocols Used Function


Process/ Application Telnet, FTP, Defines protocols for node-to-node application
Application Presentation LPD, SNMP, communication and also controls user-interface
Session TFTP, SMTP, specifications.
NFS, X Window
Host-to-Host Transport TCP, UDP Defines protocols for transmission service, creates
reliable end-to-end error free communication,
handles packet-sequencing and maintains data
integrity.
Internet Network ICMP, ARP, IP Designates the packet for transmission over
RARP, EIGRP, network, provides IP addresses to hosts and handles
IGRP, OSPF routing of packets among multiple networks.
Network Data link Ethernet, Fast Monitors the data exchange between the host and
Access Physical Ethernet, Token the network. Oversees hardware addressing and
Ring, FDDI defines protocols for physical transmission of data.

TCP Header Format


Bit 0 Bit 15 Bit16 Bit 31
Source Port (16) Destination Port (16)
Sequence Number (32)
Acknowledgement Number (32)
Header Reserved Code Bits Window (16)
Length (4) (6) (6)
Checksum (16) Urgent (16)
Options (0 or 32 if any)
Data (varies)

The TCP header is 20 bytes long, or 24 bytes with options.

UDP Header Format


Bit 0 Bit 15 Bit 16 Bit 31
Source Port (16) Destination Port (16)
Length (16) Checksum (16)
Data (if any)
Differences:
TCP UDP
Sequenced Un sequenced
Reliable Unreliable
Connection-oriented Connectionless
Virtual circuit Low overhead
Acknowledgements No acknowledgements
Windowing flow control No windowing or flow control

Port Numbers:
TCP and UDP must use port numbers to communicate with upper layers, because they keeps track of
different conversations crossing the network simultaneously. Source port numbers are assigned by the
source host dynamically with port starting number 1024.
Port Numbers for TCP and UDP
Application Layer FTP Telnet Doom DNS TFTP POP3 News
5621166
2 Port Numbers
3939061
Transport Layer TCP UDP
Port Numbers below 1024 are well-known ports and defined in RS 3232
1024 & above are used by upper layers to set up sessions with other hosts, and by TCP to use as source
and destination addresses in TCP segment

IP Header
Bit 0 Bit 15 Bit 16 Bit 31
Version Header Priority and Type Total Length
(4) Length (4) of Service (8) (16)
Identification (16) Flags Fragment Offset (13)
(3)
Time to Live (8) Protocol (8) Header Checksum (16)
Source IP Address (32)
Destination IP Address (32)
Options (0 or 32 if any)
Data (varies if any)

Protocol field in the IP header


Transport Layer TCP UDP

61 Protocol Number
7 Internet Layer IP
S
oS
In this example, protocol field tells IP header to send the data to either TCP (6) or UDP (17) port.
uo
Possible ruprotocols found in protocol field of the IP header
crc Protocol Protocol
ee Number
I ICMP 1
IGRP 9
IP EIGRP 88
Pa OSPF 89
d Ipv6 41
ad GRE 47
dre IPX in IP 111
dss Layer 2 Tunnel (L2TP) 115
r:
e3
s2
sbi
:t
IP
3a
2d
bes
is
tof
I
P

ICMP a
d
Internet Control Message Protocol works at the Network layer and is used by IP for many different
d
services. ICMP is a management protocol and messaging service provider for IP.
r
Its messages are carried as IP datagrams.
e
Events ofs ICMP:
s
Destination
o Unreachable: If router doesn’t know about the destination for packet it received, it will
send andfICMP-Destination Unreachable message back to the sending station.
Buffer Full: If a router’s memory buffer for receiving incoming datagrams is full, it will send the
message until the congestion abates.
Hops: Each IP datagram is allotted a certain number of routers, called hops, to pass through. If it
reaches its limit of hops before arriving at its destination, the last router to receive that datagram deletes
it.
Ping (Packet Internet Gropher): Uses ICMP echo messages to check the physical and logical
connectivity of machines on an internetwork.
Traceroute: Using ICMP timeouts, traceroute is used to discover the path a packet takes as it traverses
an internetwork.
ARP (Address Resolution Protocol)
 ARP finds hardware address from known IP address
 When IP has a packet to send, it must inform the Network Access Protocol (Ethernet or Token Ring)
of the destination’s hardware address on the local network.
 If IP doesn’t find the destination host’s hardware address in the ARP cache, it uses ARP to find this
information.
 ARP will work as IP’s detective by interrogating the local network by sending out a broadcast with
host’s IP address and asking for the hardware address.
RARP (Reverse Address Resolution Protocol)
 Resolves MAC address into IP address
 When any machine without disks know its MAC address, not IP address, so it broadcast its MAC
address to get its IP address to communicate to the network.
 Then this request go to the RARP Server through RARP request and that server will assign one IP
address to the received MAC address and thus the sending host will receive the MAC and IP address
from the server.

Binary to Decimal and Hexadecimal Conversion


Nibble Values (4 bits) = 8 4 2 1
Byte Values (8 bits) = 128 64 32 16 8 4 2 1
Hexa to Binary to Decimal Chart

Hexadecimal Value Binary Value Decimal Value


0 0000 0
1 0001 1
2 0010 2
3 0011 3
4 0100 4
5 0101 5
6 0110 6
7 0111 7
8 1000 8
9 1001 9
A 1010 10
B 1011 11
C 1100 12
D 1101 13
E 1110 14
F 1111 15
Example :
1) 0x6A = (to convert hex value to binary/decimal, take 4 bits as a nibble)
Hexa use nibble (4 bits) to represent one character
Here two characters = 6 and A.
(0x is a cisco style to know that they are a hex value, no any special meaning
otherwise)
So 6 = 0110 and A = 1010
Total 8 bits = 01101010 = binary
And decimal would be the total of binary, that is = 106
2) 01010101 = (to convert from binary to hex value, take a byte and break it into nibble)
so it would be two nibble here like 0101 and 0101
now 0101 = 5 (see the table) and other 0101 is also = 5
so hex value would be 55 for 01010101 binary number (75 in binary)

IP Addressing
 An IP address is a numeric identifier assigned to each machine on an IP network
 It designates the specific location of a device on the network
 It is a software (logical) address, not a hardware (physical) address like NIC
 It was designed to allow host on one network to communicate the with a host on other network
regardless of the types of LANs the hosts are participating in
IP Terminology
Bit A bit is one digit; either a 1 or a 0
Byte A byte is 7 or 8 bits, depending on whether parity is used. Mostly 8 bits.
Octet Made up of 8 bits, same as byte
Network address The designation used in routing to send packets to a remote network
Example: 10.0.0.0, 172.16.0.0 and 192.168.0.0
Broadcast address The address used by the applications and hosts to send information to all nodes on
a network is called the broadcast address.
Example: 255.255.255.255 which is all networks, all nodes on network
172.16.255.255 which is all subnets, all hosts on network 172.16.0.0
10.255.255.255 which broadcasts to all subnets and hosts on
Network 10.0.0.0

The hierarchical IP Addressing Scheme


The IP address consists of 32 bits of information which are divided into 4 octets or bytes of 8 bits each.
You can depict an IP address using one of the three methods:

1) Dotted-decimal, as in 172.16.30.56
2) Binary, as in 10101100.00010000.00011110.00111000
3) Hexadecimal, as in AC.10.1E.38
 All these examples represent the same IP address
 The Windows Registry key is a program that stores machine’s IP address in hex values
 Maximum 4.3 billion (4,29,49,67,296)
 It is a structured two-three layer numbering scheme which is based on telephone numbering system
like one large geographical code, then prefix, narrows the scope to a local calling area and then the final
segment zooms with direct customer number.
 Same in IP – network and host, or network, subnet and host.

Network Addressing
 It uniquely identifies each network
 Every machine on the same network shares that network address as part of its IP address
 In IP address 172.16.30.56, 172.16 is network number and 30.56 is node number
The networks are classified into three classes
Class A : small number of networks with large number of hosts
Class B : between very large networks and large hosts
Class C : numerous networks with small amount of hosts
Class A Network Host Host Host
Class B Network Network Host Host
Class C Network Network Network Host
Class D Multicast
Class E Research

Defined heading bit for classes to make routing decision faster


Class A : 0, Class B : 10, Class C : 110
(which helps router to decide which class an IP address belongs and make faster routing decision)
Reserved IP Addresses
Address Function
Network address of all 0s this network or segment
Network address of all 1s All networks
Network 127.0.0.1 Reserved for loopback tests. Designates the local node and allows that
node to send a test packet to itself without generating network traffic
Node address of all 0s Network address or any host on specified network
Node address of all 1s All nodes, on the specified network, for example, 128.2.255.255 means
all nodes on network 128.2 (class B network)
Entire IP address set to all 0s Used by Cisco routers to designate the default root. Could also mean any
network
Entire IP address set to all 1s (same Broadcast to all nodes on the current network; sometimes called an all 1s
as 255.255.255.255) broadcast or limited broadcast

Class A addresses:
Network.node.node.node
Range : 1.0.0.0 to 127.255.255.254
Class A Valid Host IDs
 All host bits off is the network address: 10.0.0.0
 All host bits on is the broadcast address: 10.255.255.255
 Valid hosts are between the network address and broadcast address: 10.0.0.1 through 10.255.255.254.
Class B addresses:
Network.network.node.node
Range: 128.0.0.1 to 191.255.255.254

Class B Valid Host IDs


 All host bits turned off is the network address: 172.16.0.0
 All host bits turned on is the broadcast address: 172.16.255.255
 Valid hosts between network and broadcast address: 172.16.0.1 through 172.16.255.254
Class C addresses:
Network.network.network.node
Range: 192.0.0.0 to 223.255.255.254
Class C Valid Host IDs
 All host bits turned off is the network ID: 192.168.100.0
 All host bits turned on is the broadcast address: 192.168.100.255
 Valid hosts between network and broadcast address:192.168.100.1 through 192.168.100.254
Private IP Addresses
 These addresses can be used on a private network, but they are not routable through the Internet
 This is designed for the purpose of creating a measure of well-needed security, but it also
conveniently saves valuable IP address space
Reserved IP Address Space
Address Class Reserved Address Space
Class A 10.0.0.0 through 10.255.255.255
Class B 172.16.0.0 through 172.31.255.255
Class C 192.168.0.0 through 192.168.255.255
Broadcast Addresses
Four types of broadcast address:
Layer 2 broadcasts These are sent to all nodes on a LAN. (one to all comm.)
Layer 3 broadcasts These are sent to all nodes on the network. (one to all comm..)
Unicast These are sent to a single destination host. (one to one comm.)
Multicast These are packets sent from a single source, and transmitted to many devices on different
networks (sends message to group of users only – one to many communication).

Components of Routing Data


Routing Tables: router#sh ip route
R or I or D 175.21.0.0/16 [120/1] or [100/1535548] via 10.10.10.1, 00:00:18, serial0/0
C 10.10.10.0 is directly connected, serial0/0
Where R means by which the entry was learned on this router. Here it is RIP. I means IGRP, D means
EIGRP
175.21.0.0/16 is the network address and number of bits in subnet mask of the destination network
[120 or 100 is the administrative distance of the route.
/1 or /1535548 is the metric of the route specific to the routing protocol used to determine the route. RIP
uses hops (max.15) as its metric. A hop is how many routers away the destination network is. And
composite metric (with bandwidth, delay of line by default plus reliability, load, MTU in igrp, eigrp)
via 10.10.10.1 is the next hop address for the route. This is the address the packet will need to be sent to
in order for the packet to reach its destination.
00:00:18 the length of the time since the route has been updated in the routing table. In this case the
route was updated 18 seconds ago.
Serial0/0 the interface the route was learned through. This is also the interface the packet will be
switched to I order for the packet to be forwarded toward its destination.

Statically Defined Routes


A statically defined route is one in which a route is manually entered into the router. A static route can be
entered into the router with the following command in global configuration mode:
2501(config)#ip route prefix mask {address | interface} distance
2501(config)#ip route 192.168.20.0 255.255.255.0 172.16.50.1

Default Route: ip route 0.0.0.0 0.0.0.0 172.16.50.1


Dynamic Routes: A dynamic routing is a process in which a routing protocol will find the best path
in a network and maintain that route. It will discover all the possible routes to one destination,
implement its predefined rules, and come up with the best route to the destination.

Dynamic Routing Protocols

Interior Gateway Protocol (IGP) Exterior Gateway Protocol (EGP)


Border Gateway Protocol
Categorized into two categories:
1. Classful Routing Protocol Classless Routing Protocol
RIPv1, IGRP RIPv2, EIGRP, OSPF, IS-IS, BGP
2. Distance-Vector Routing Protocol Link State Routing Protocol
RIP, IGRP, EGRP OSPF, IS-IS
Distance-Vector Comparisons
Characteristic RIPv1 RIPv2 IGRP EIGRP
Count to infinity X X X
Split horizon with poison reverse X X X X
Hold down timer X X X
Triggered update with route poisoning X X X X
Load balancing with equal paths X X X X
Load balancing with unequal paths X X
VLSM support X X
Automatic Summarization X X X X
Metric Hops Hops Composite Composite
Hop count limit 16 16 255 (100 by def.) 255 (100 by def.)
Support for size of network Medium Medium Large Large
IGRP & EIGRP are the only Cisco proprietary routing protocols.

Most distance-vector routing protocols have following characteristics:

Periodic Updates: The length of time before a router will send out an update. For RIP, its 30 seconds
and for IGRP, its 90 seconds.
Neighbors: Other routers on the same logical, or data link, connection.
Broadcast Updates: When a router becomes active it will send out a message to the broadcast address
stating that it is alive. In return, neighboring routers participating in the same routing protocol will
respond to this broadcast.
Full Routing Table Updates: Most d-v routing protocols will send their entire routing table to their
neighbors. This occurs when the periodic update timer expires.
Routing by Rumor: A router will send its routing table to all of its directly connected neighbors. In
return, all of the neighboring routers will send their routing tables to all of their directly connected
neighbors. This will continue until all routers running the same distance-vector routing protocol are
reached.
Invalid Timer: Determines the length of time that must elapse (180 seconds for RIP) before a router
determines that a route has become invalid. It happens when a router interface not heard any updates
about a particular route for that period.
Split Horizon: Prevents what is known as a reverse route. A reverse route occurs when a router learns a
route from a neighbor and the router turns around and sends that route back to the neighbor that the
router learned it from, causing an infinite loop. The split horizon prevents this by setting a rule that a
route cannot be advertised out the same interface the route was learned out.
Counting to Infinity: In networks that are slow to converge, another type of routing loop can occur.
This loop occurs when routers have multiple paths to the same destination. What happens in this case is
the routing table is populated with the best route to the destination even though it has two routes to the e
destination. So, when the destination network goes down, the updates about the destination being
unreachable can arrive at the router at different times. The router in turn advertises out that it has another
route to the destination. This will continue across the network, incrementing the hop count at each router
it encounters. Even though the destination network is down, all of the routers participating in the routing
process think they have an alternate route to the network, causing a loop. This issue has been corrected
by enforcing maximum hop counts. When a route reaches the maximum hop count limit, the route is
marked as unreachable and removed from the router’s routing table.
Triggered Updates: It increases the speed of convergence on a network. Instead of the router’s having
to wait until the periodic update timer expires and sends out an update, a triggered update will send out
an update as soon as a significant event occurs and speeding up convergence and cutting down on the
risk of the network loops due to convergence issues.
Hold-down Timer: It is used when information about a route changes. When the new information is
received or a route is removed, the router will place that route in a hold-down state. This means that the
router will not advertise, nor will it accept advertisements about this route for the time period specified
by the hold-down timer. After the time period expires, the router will start accepting and sending
advertisements about the route.

ROUTING INFORMATION PROTOCOL (RIP)


RIPv1 = Classful routing protocol (will not send a subnet mask in the routing update)
RIPv2 = Classless routing protocol (will send a subnet mask in the routing update)
Authentication of routing updates through clear text or md5 (optional)
Multicast route updates
Next-hop addresses carried with each route entry
Router(config)#router rip, version 2 command to use RIPv2

Characteristics of RIP
 Distance-Vector Routing Protocol
 Use Bellman-Ford algorithm
 Use hop count as metric, maximum 15, 16 is unreachable
 Route update timer, periodic updates is set to 30 seconds by default
 Route invalid timer is set to 180 seconds. This is the time it will take before a route will be
marked as unreachable.
 Route flush timer is 240 seconds. This is the time between the route being marked as unreachable
and the route being removed from the routing table. In the time period between the invalid timer
and the flush timer, neighboring routers will be notified about the route’s unreachable.

Link-State Routing:
 In link-state routing, each router knows the exact topology of the network.
 This will limit the number of bad routing decisions that can be made because each router in the
process has an identical view of the network.
 Each router in the network will report on its state, the directly connected links, and the state of each
link. The router will then propagate this information to all routers in the network.
 It does not pass the entire routing table, only the changed information or a message of no change
after a given period of time is passed. This is known as LSA (Link state advertisement).
 Each LSA will include an identifier for the link, the state of the link and a metric for the link.
 Use of LSA will reduce the bandwidth utilization.
 But more complex to configure than distance-vector routing protocol
 OSPF and IS-IS (Integrated Intermediate System to Intermediate System) LSR protocols

How LSR works:


 When router becomes active, it has to form adjacency with its directly connected neighbors
 After forming adjacencies, the router then sends out link-state advertisements to each of its
neighbors. After receiving and copying the information from the LSA, the router forwards, or floods, the
LSA to each of its neighbors.
 All of the routers then store the LSAs in their own database. This means all routers have the same
view of the network topology.
 Each router then uses the Dijkstra algorithm to compute its best route to a destination.

Link-State Comparisons
EIGRP is a hybrid protocol, contains the characteristics from both d-v and l-s routing protocols.
Characteristic OSPF IS-IS EIGRP
Hierarchical topology needed X X
Retains knowledge of all possible routes X X X
Manual route summarization X X X
Automatic route summarization X
Event-triggered announcement X X X
Load balancing with unequal paths X
Load balancing with equal paths X X X
VLSM support X X X
Metric Cost Cost Composite
Hop count limit Unlimited 1024 100 by def.
Support for size of network Large Very large Large

Default Administrative Distance


Source of Route Default AD Source of Route Default AD
Connected Interface 0 IS-IS 115
Static Route 1 RIP 120
EIGRP Summary 5 EGP 140
External BGP 20 External EIGRP 170
EIGRP 90 Internal BGP 200
IGRP 100 Unknown 255
OSPF 110

Verifying routes: 2501>sh ip route


Testing and troubleshooting: ping, traceroute

Network Address Translation:


NAT (Network Address Translation) and PAT (Port Address Translation) are used to extend the current
address space by translating one address to another and help to alleviate shortage.
NAT Terminology:
 NAT can be broken into two types, NAT and PAT.
 NAT is the one-to-one translation of IP addresses from an inside local IP address to an outside global
IP address that is unique and routable on the Internet.
 PAT is sometimes referred to as NAPT (Network Address and Port Translation). It is a many-to-one
translation because it can take multiple inside local IP addresses and translate them to one inside global
IP address.

Inside local: The inside local address is the IP address used by a host on the private side of the network.
Inside Global: The inside global address is the public IP address into which the inside local address will
be translated. This is typically a globally unique and routable IP address, which hosts on the outside
network would use to communicate with the inside local IP address.
Outside global: The outside global address is the actual IP address of a host that resides on the outside
public network and is usually a globally unique and routable IP address.
Outside local: The outside local address is the IP address used to translate an outside global IP address.
This may or may not be a registered IP address, but it must be routable on the inside of your network.

How NAT works: NAT Interface NAT Interface


Inside Host Outside Host

SA Inside DA Outside SA Inside DA Outside


Local
DA Inside Local
SA Outside NAT Global
DA Inside Global
SA Outside
Local Local Route Global Global
 Traffic that is sourced on the inside of the network from inside host (Inside Host), coming to an
interface marked as inside, will have an inside local address as its source IP address (SA Inside Local)
and an outside local address as the destination IP address (DA Outside Local).
 When that traffic reaches the NAT process and is switched to the outside network, going out an
interface marked as outside, the source IP address will be known as the inside global address (SA Inside
Global) and the destination IP address will be known as the outside global address (DA Outside Global).

 When traffic is sourced on the outside of the network from outside host (Outside Host), coming to an
interface marked as outside, the source IP address is known as the outside global address (SA Outside
Global), while the destination IP address is known as the inside global address (DA Inside Global).
 When the traffic reaches the NAT process and is switched to the inside network, going out an
interface marked as an inside, the source IP address will be known as the outside local address
(SA Outside Local) and the destination IP address will be known as the inside local address (DA Inside
Local).

Advantage of NAT:
 NAT allows you to incrementally increase or decrease the number of registered IP addresses without
changing devices (hosts, switches, routers etc.) in the network. But sometimes you need to change the
device with NAT.

 NAT can be used either statically or dynamically:


 Static translations are manually configured to translate a single global IP address to a single
local IP address and vice versa. This transaction always exists in the NAT table until it is manually
removed. Optionally, this translation could be configured between a single inside IP address and port
pair to a single outside IP address and port pair using either TCP or UDP. These port values needn’t be
the same value.
 Dynamic mappings are configured on the NAT border router by using a pool of one or more
registered IP addresses. Devices on the inside of the network that wish to communicate with a host on
the outside network can use these addresses in the pool. This allows multiple internal devices to utilize a
single pool of IP addresses. You can also use a single IP address by configuring overloading, which will
translate both the IP address and port number.
 NAT can be configured to allow the basic load sharing of packets among multiple servers
using the TCP load distribution feature. TCP load distribution uses a single outside IP address, which is
mapped to multiple internal IP addresses. Incoming connections are distributed in a round –robin fashion
among the IP addresses in the internal pool. The packets for each individual connection, or flow, are sent
to the same IP address to ensure proper session communications.
 If you switch Internet Service Providers and need to change the registered IP addresses you
are using, NAT makes it so you don’t have to renumber every device in your network. The only change
is the addresses that are being used in the NAT pool.
 You can configure NAT on the border router between your routing domain to translate the
address from one network to the other and vice versa.
Disadvantage of NAT:
 NAT increases latency (delay)
 NAT hides end-to-end IP addresses that render some applications unusable.
 Since NAT changes IP addresses, there is a loss in the ability to track an IP flow end-to-end.
 NAT also makes troubleshooting or tracking down where malicious traffic is coming from more
troublesome.
 A host needs to be accessed from the outside network will have two IP addresses, one inside and one
outside, this creates a problem called split DNS. You need to setup two DNS servers, one for external
addresses and one for internal addresses. This can lead to administrative nightmares and problems if
internal hosts are pointing to the external DNS server.
Supported NAT Traffic Types:
 TCP/UDP traffic that does not carry source and destination IP addresses inside the application stream
 HTTP, TFTP, NFS, ICMP, NTP (Network Time Protocol), FTP (FTP PORT and PASV command)
 Archie, which provides lists of anonymous FTP archives
 Finger, a tool that determines whether a person has an account on a particular computer
 Many of the r* Unix utilities (rlogin, rsh, rcp)
 NetBIOS over TCP (datagram, name and session services)
 Progressive Network’s RealAudio, White Pine’s CusSeeMe, Xing Technologies’ Stream Works
 DNS A and PTR queries
 H.323 (IOS releases 12.0(1)/12.0(1)T or later), VDOLive (IOS releases 11.3(4)/11.3(4)T or later)
 NetMeeting (IOS releases 12.0(1)/12.0(1)T or later), Vxtreme (IOS 11.2(4)/11.3(4)T or later)
 IP Multicast—source address translation only (IOS releases 12.0(1)T or later)
 PPTP support with Port Address Translation (PAT) (IOS releases 12.0(2)T or later)
 Skinny Client Protocol, IP Phone to Cisco CallManager (IOS releases 12.0(5)T or later)
Unsupported Traffic Types:
 Routing protocols, DNS zone transfers, BOOTP / DHCP, Talk, Ntalk, SNMP, Netshow
NAT Operations:
1. Translating inside local addresses
2. Overloading inside global addresses
3. Using TCP load distribution
4. Overlapping networks

Configuring NAT:
Border(config)#interface e0 Border(config)#interface s0
Border(config-if)#ip nat inside Border(config-if)#ip nat outside
Border(config-if)#exit Border(config-if)#exit

Static NAT:
Border(config)#ip nat inside source static 10.1.2.25 200.1.1.25
Border(config)#
This creates a permanent entry in the NAT table, and now when traffic is sent to IP address 200.1.1.25
from the outside network, it will be translated to 10.1.2.25 on the inside of the network and vice versa.
Optionally, you can configure just a certain port to be translated. Adding a protocol and port numbers to
the above command does this.
Border(config)#ip nat inside source static tcp 10.1.2.25 80 200.1.1.25 80
Border(config)#ip nat inside source static tcp 10.1.2.24 80 200.1.1.25 81
Border(config)#

Dynamic NAT:
Dynamic NAT is used to map inside IP addresses to outside IP addresses on the fly from a pool of
available IP addresses. Again, you must have IP addresses assigned to the interfaces on the router that
will be participating in the NAT process.

Border(config)#int e0
Border(config-if)#ip nat inside
Border(config-if)#exit
Border(config)#int s0
Border(config-if)#ip nat outside
Border(config-if)#exit
Border(config)#access-list 12 permit 10.1.2.0 0.0.0.255
Border(config)#ip nat pool outbound 200.1.1.2 200.1.1.254 prefix- length 24
Ip nat pool pool name (outbound/inbound) start ip end ip(200.1.1.2 200.1.1.254)
netmask net-mask or prefix-length length (prefix- length 24=CIDR/subnet bits)
Border(config)#ip nat inside source list 12 pool outbound
Border(config)#

 When source wants to send packet to host on the Internet, the nat border router receives a packet
from an interface NAT inside.
 Then any access lists or policy routing will be applied to the packet. So the routing will take place.
 The next step is to configure a pool of IP addresses that will be allocated to outbound sessions.
 Then the router will choose an available IP address from the pool and assign it to the NAT table entry.
Then that same IP will not be allocated to another translation entry until that entry times out or is
manually removed.
 Finally, you need to tie the access list and pool together with the ip nat inside source command.
Configuring NAT Using Overloading
 Once all IP addresses in a pool have been allocated, any new connection attempts will fail. So if your
ISP allocated you only 14 IP addresses, then only the first 14 users will be able to access the Internet
unless any existing user entry expires and release the IP address. This is not very efficient manner.
 So, configuring overloading allows the router to reuse each IP address in the pool. Because it changes
not only the IP address but also the port number. This is called Port Address Translation (PAT) or
Network Address and Port Translation (NPAT). The router will add the protocol and port information
for each translation entry, which allows more inside IP addresses to access the outside network than
there are IP addresses in the pool.

Border(config)#ip nat inside source list 12 pool outbound overload

The pool of addresses can even be just one IP address in size, but it can support approximately 64,000
inside users, using a single protocol by varying the outbound port numbers.

Border(config)#ip nat inside source list 12 interface ethernet1 overload (if DHCP used on outbound
interface)
Configuring TCP Load Distribution
 This allows a host that is heavily used, such as a web server, be able to handle the load of incoming
requests by spreading the load among several hosts. Destination addresses that match an access list are
replaced with addresses from a pool that has been designated as a rotary pool by adding the type rotary
keyword in the command.

Border(config)#int e0
Border(config-if)#ip nat inside
Border(config-if)#exit
Border(config)#int s0
Border(config-if)#ip nat outside
Border(config-if)#exit
Border(config)#ip nat pool web-hosts 10.1.1.1 10.1.1.9 netmask 255.255.255.0 type rotary
Border(config)#access-list 12 permit 10.1.1.254
Border(config)#ip nat inside destination list 12 pool web-hosts
Border(config)#

Configuring NAT for Overlapping Addresses


 Configuring NAT for overlapping address translation is similar to configuring dynamic NAT. The
--difference is that you must create and apply a pool of IP addresses for the traffic to the inside of the
network, as well as a pool for the outbound traffic.
 You still need to create an access list to identify the traffic to NAT, but you need to create second
pool. Then you need to use the ip nat outside source command to tie the access list and second pool to
NAT traffic coming from the outside interface.

Border(config)#access-list 12 permit 10.1.1.0 0.0.0.255


Border(config)#ip nat pool insidepool 10.1.2.1 10.1.2.254 netmask 255.255.255.0
Border(config)#ip nat pool outsidepool 200.1.1.2 200.1.1.254 prefix- length 24
Border(config)#ip nat inside source list 12 pool insidepool
Border(config)#ip nat outside source list 12 pool outsidepool
Border(config)#

Troubleshooting and Verifying NAT Configuration


 show ip nat translations  show ip nat translations verbose
 ip nat statistics  debug ip nat
IGRP (Interior Gateway Routing Protocol)
 IGRP was developed by Cisco to overcome the limitations of RIP in mid-1980s.
 Instead of hop count used by RIP, it uses composite metric of bandwidth, delay, load and
reliability, MTU to decide best path.
 IGRP does not use hop count as a metric, it only tracks hop count. It can travel up to 100 hops by
default, which can be changed to accommodate up to 255 hops.
 IGRP is Cisco proprietary protocol. It will not run on other routers.
 IGRP is a Classful distance-vector routing protocol, not scale well for large internetworks (does not
support VLSM)

Features and Operation:


 IGRP sends out periodic broadcasts of its entire routing table
 Upon initialization, IGRP broadcast a request out all IGRP-enabled interfaces.
 Then it performs a check on recd update with the previous update and confirm that it is of same
subnet
 Each router will then use the learned routes to determine the best route to every destination network
 IGRP recognizes three types of routes within its updates:
Interior: Network directly connected to a router interface
System: Routes advertised by other IGRP neighbors within the same IGRP AS
Exterior: Routes learned via GIFP from a different IGRP AS, which provides information
used by the router to set the gateway of last resort. The gateway of last resort is the path a packet will
take if a specific route isn’t found on the router.

IGRP Timers: Update Timer = 90 seconds


Invalid Timer = 270 seconds
Hold down Timer = 280 seconds
Flush Timer = 630 seconds

IGRP Metrics: Metrics are the mathematics used to select a route. Use Bellman-Ford algorithm
to calculate metric. Lower metric route is the desirable route. K values are metrics.

K1=Bandwidth (Be), K2=Delay (Dc), K3=Reliability(r ), K4=Load (utilization on path), K5=MTU

Metric = [K1 x BW) + [(K2 x Bw) / (256 – Load)] + (K3 x Delay)] + [K5/(Rel + K4)]
By default: K1 = 1, K2 = 0, K3 = 1, K4 = 0, K5 = 0.

If necessary, you can adjust metrics within the router configuration interface after enabling IGRP on a
router with the command: metric weights tos K1 K2 K3 K4 K5
Default metric is 100, you can change it with distance 1-255

Default-metric bandwidth delay reliability load MTU


(bandwidth-0 to 4294967295 kbps, delay=0-4294967295 in 10-microsecond units,
reliability=0-255 (255 is the most reliable), load=0-255 (255 means the link is completely loaded)
MTU = 0-4294967295 kbps.

Load Balancing: It is a way a router can send traffic over multiple paths to the same direction.
Maximum-paths number of paths (IGRP/EIGRP can load balance across unequal-cost paths)

The unequal-cost load balancing can occur is because of a variance. Variance is a multiplier that is used
to determine what the acceptable metric for a route is for it to be included in the routing table.
Variance multiplier
The path with the lowest metric is entered into the routing table. The variance is then applied to the
lowest metric to determine what other routes can be included in the routing table. Routes with a lower
metric than the product of the lowest metric and variance are known as feasible successor routes. A
feasible successor is a predetermined route to use should the optimal path be lost. These routes are then
added to the routing table. Once the paths have been selected, the traffic is then divided up according to
the metric of each path.

IGRP Redistribution: It is a process in which routes known to one routing protocol are shared with
another routing protocol. If you have Router1 with IGRP 100 and Router3 with EIGRP 150 AS, then
Router2 l
l
knows about all the routes in both IGRP 100 and EIGRP 150. So, we need to able Router1 and Router3 t
have all routes of both the protocol. For that, we redistribute IGRP 100 int

IGRP Configuration: Router IGRP AS#, network a.b.c.d, neighbor x.x.x.x

Passive-interface: As IGRP is the Classful routing protocol, it will advertise the interface status in the
broadcast. When you don’t want to do the same, use this command.
Passive-interface interface (on router configuration mode)
The passive-interface command will allow an interface to be advertised in IGRP, but the interface will
not listen to or send IGRP updates itself.

Router1>enable
Router1#config t
Router1(config)#router IGRP 100
Router1(config-router)#passive-interface E0

Sh ip route, sh ip protocol, sh int s2/0.1, debub ip igrp events, debug ip igrp transactions.

EIGRP (Enhanced Interior Gateway Routing Protocol)


 EIGRP allows for incremental routing updates, and formal neighbor relationships
 Uses DUAL (Diffusing Update Algorithm) for metric calculation, which allows the following:
 Backup route determination if one is available, VLSM support, Dynamic route recoveries,
Querying neighbors for unknown alternate routes, Sending out queries for an alternate route if no
route can be found
 Have features of both link-state and distance-vector routing protocol.
 Use protocol-dependent modules (PDMs) that is used on layer 3 for IP, IPX and AppleTalk, Reliable
Transport Protocol (RTP) which allows for guaranteed delivery in sequential order of EIGRP routing
updates), Neighbor discovery/recovery, DUAL.
 It reduces bandwidth by sending updates only when a topology change occurs which requires a path
or metric change to the routers require to receive the updates
 Can run only on cisco routers and route switch processors

Route Tagging: It is used to distinguish routes learned by the different EIGRP sessions. With different
AS number, EIGRP can run multiple sessions on a single router. With same AS numbers speak to each
other and share routing information, which includes the routes learned and the advertisement of
topology changes.

Neighbor Relationships and Route Calculation and Redundant Link Calculation: Uses Hello
multicast message every 5 seconds (224.0.0.10) (for x.25, Frame Relay and ATM with less than speed of
T1, the hello packet will be unicast every 60 seconds) (do not broadcast) to establishes and maintains
neighbor relationships with neighboring routers. Hello packet will contain EIGRP version number, the
AS number, K-values and hold time. To form the adjacencies, they must use the same AS number and K-
values). When Hello packets are sent out, replies to it will be sent to neighboring router’s topology table
(which is diff from the routing table and can store up to 6 routes to a destination network means six
redundant route information. Out of these six paths, router will decide the best path or primary and
standby or secondary paths to forward the data, the path with the lowest metric will become the
successor or the primary path and be added to the routing table. Any route that has an advertised
distance lower than the successor’s feasible distance will become a feasible successor route). The path-
cost decision will be made with the bandwidth and delay from the local and adjacent routers from
routing table, using this the composite metric is calculated, the local router adds its cost to the cost
advertised by the adjacent router, the total cost is the metric) and include each route’s metric
information. Then the Acknowledgement message will be sent out from the receiving router and the
routing table will be updated. Then this table will be advertised to the new router which will come
online. Then the route calculation process will begin. EIGRP uses 32-bit format for updates (IGRP uses
24-bit format). Then it exchanges route information. When two new neighbors start working, they will
exchange full routing table, after that only updates.

Neighbor Table: directly connected neighbors, neighboring router’s IP address, hold time interval,
smooth round-trip timer (SRTT) and queue information which helps determine the topology changes
need to be propagated to neighboring routers.

Update and Changes:


An IP frame showing the protocol type to be EIGRP 6500136
Frame IP Header Protocol Packet Payload CRC
Header (88=EIGRP)
Frame Payload
EIGRP uses RTP and pacing (in order to prevent routing updates from consuming too much bandwidth
on lower speed links. Pacing allows EIGRP to regulate the amount of traffic it sends to a portion of the
interfaces bandwidth. The traffic contains Hello packets, routing updates, queries, replies and
acknowledgements. The default setting for pacing in EIGRP is 50 percent of the bandwidth on any given
interface. This can be changed on the interface config mode with the following command:

Ip bandwidth-percent eigrp as-number percent

Diffusing Update Algorithm: DUAL is the algorithm by which all computation of routes for EIGRP
occurs. If a feasible successor not found, then DUAL will start recalculating to find a new successor.
There are three instances that will cause DUAL to recalculate:
 An alternate route is not found,  the new best route still goes through the original successor,  The
new best route doesn’t go through a feasible successor.

EIGRP Metrics: EIGRP utilizes several databases or tables of information to calculate routes:
 The route database (routing table) where the best routes are stored,  The topology database
(topology table) where all route information resides,  A neighbor table that is used to house
information concerning other EIGRP neighbors.
Each of these databases exists separately for IP, IPX and AppleTalk sessions if all there in router.
IP-EIGRP, IPX-EIGRP, AT-EIGRP

Metric = 256 x [K1 x Bw + (K2 x Bw) / (256 – load) + K3 x Delay] + [K5 / (Rel + K4)]
The only difference between IGRP and EIGRP metric is the first multiplication of 256 for EIGRP.

EIGRP Tuning: (in router config mode) metric weights tos K1 K2 K3 K4 K5 (Same command in IGRP
/ EIGRP)
By default, administrative distance is 90 for EIGRP you can change it with distance 1-255 command.

RouterA(config-if)#int s0
RouterA(config-if)#ip hello-interval eigrp AS# seconds (default hello time = 60 seconds for low-
speed NBNA network and 5 seconds for all other networks)
RouterA(config-if)#ip hold-time eigrp AS# seconds
Redistribution: If another routing protocol is being redistributed into EIGRP, EIGRP will accept routes
that have implemented VLSM and routes that haven’t implemented VLSM.
Configuring EIGRP
Dallas>enable, Dallas#configure terminal, Dallas(config)#router EIGRP 100
Dallas(config-router)#network 172.20.0.0, Dallas(config-router)#network 192.168.24.0
Dallas(config-router)#no auto-summary (will show u the route information with show route
command, by default, auto summary is on so it will show u only one route)

Can change the summary information with this command also:


Dallas(config-router)#ip summary-address eigrp AS# address mask

Other Commands: sh ip route, sh ip route eigrp, sh ip eigrp topology, sh ip protocols, sh ip eigrp


interfaces, sh ip eigrp neighbor/detail, debug eigrp neighbors, debug ip eigrp, debug eigrp packets, sh ip
eigrp traffic, sh ip eigrp events.

OSPF Operation in a Single Area


OSPF is an open standard link-state routing protocol. It utilizes Dijkstra’s Shortest Path First (SPF)
algorithm which allows faster convergence. It is more popular because it supports Multi-Protocol Label
Switching (MPLS). (OSPF and IS-IS). OSPF can be used on multi vendor platforms.

Advantage of OSPF:
 Supports hierarchical network design through the use of areas
 The use of link-state databases reduces the chances of routing loops
 Full support of classless routing behavior
 Decrease size in routing tables through the use of route summarization
 Sends the routing information only when needed, decreasing the use of the network bandwidth
 Utilization of multicast packets decreases the impact on routers not running OSPF and end stations.
 Support of authentication, which allows the user to implement more secure networks

OSPF Terminology:
Neighbor: A neighbor is found via Hello packet, it is a connected (adjacent) router running OSPF
process within the same area.
Adjacency: It is a logical connection between a router and its corresponding designated routers and
backup designated routers.
Link: In OSPF, a link refers to a network or router interface assigned to any given network. It is a
synonymous of interface.
Interface: It is a logical or physical interface on a router. OSPF will consider it as a link. OSPF will
build link database on this basis.
Link-state Advertisement: LSA is an OSPF data packet containing link-state and routing information
that is shared among OSPF routers.
Designated Router: A DR is only used when the OSPF router is connected to a broadcast (multi-access)
network. It will receive and send the information to the broadcast network or link.
Backup Designated Router: A BDR is a hot standby for the DR on broadcast (multi-access) networks.
It receives all routing updates from OSPF adjacent routers but does not flood LSA updates.
OSPF Areas: It is similar to AS of EIGRP. It is used to establish hierarchical network. Four types of
areas are there.
Internal Router: An internal router is a router that has all of its interfaces participating in one area.
Area Border Router: It is a router with multiple area assignments with multiple interfaces.
Autonomous System Boundary Router: ASBR is a router with an interface connected to an external
network or a different AS like EIGRP. An ASBR is responsible for injecting route information learned
by routing protocol into OSPF.
Non-broadcast Multi Access: NBMA networks are networks like Frame Relay, X.25 and ATM. This
network allows for multi-access but has no broadcast ability like Ethernet.
Broadcast (multi-access): Network such as Ethernet allow multiple-access as well as provide broadcast
ability. A DR and BDR must be elected for multi-access broadcast network.
Point-to-Point: This type of network connection consists of a unique NBMA configuration. The
network can be configured using Frame Relay and ATM to allow point-to-point connectivity. This
eliminates the need for DRs and BDRs.
Router ID: It is an IP used to identify the router. If router id is not configured, the highest IP address of
all configured loopback interfaces will be considered as router id. If no loopback addresses are
configured, OSPF will choose the highest IP address of all configured interfaces.
OSPF Operation: (In three categories)
1. Neighbor and adjacency initialization, 2. LSA Flooding, 3. SPF Tree calculation.
Before detailed operation, step-by-step short operation is as under:
 OSPF routers send Hello packets out all interfaces participating in the OSPF process. If the router on
the other side of the connection agrees on the parameters set forth in the Hello packet, both the routers
form neighbor relationship.
 Some of the neighbors form adjacencies. It depends upon the Hello packets send by the router and
receiving router participating in the type of networks.
 The router will send link-state advertisements (LSAs), which contain description of the router’s links
and the state of each link to the adjacent router.
 The routers that receive the LSAs will add the link-state information into its database and forwards
the same to the other connected router which allows all routers have the same view of the network.
 After learning all LSAs, each router will run Dijkstra SPF algorithm to learn the shortest path to all
the known destinations. All routers will use this information to build their SPF tree and will be used to
populate the routing table.
Detailed information about all categories:
1. Neighbor and Adjacency Initialization:
 The Hello packets are used to discover neighbors and establish adjacencies. Hello packets are
multicast out every interface on a 10-second interval by default.
OSPF Hello Packet information
Originating Router Description
Characteristics
Router ID The configured router id OR highest loopback IP OR highest interface IP
Area ID The area to which the originating router interface belongs
Authentication Information The authentication type and corresponding information
Network Mask The IP mask of the originating router’s interface IP address
Hello Interval The period between Hello packets
Options OSPF options for neighbor formation
Router Priority An 8-bit value used to aid in the election of the DR and BDR (not set on point-
to-point links)
Router Dead Interval The length of time allotted for which a Hello packet must be received before
considering the neighbor down--four times the Hello packet, if not changed
DR The router ID of the current DR
BDR The router ID of the current BDR
Neighbor router IDs A list of the router IDs for all the originating router’s neighbors

Neighbor States: There are a total of eight states for OSPF neighbors:
Down: No hello packets have been received from the neighbor
Attempt: Neighbors must be configured manually. It applies to the NBMA connections only.
Init: A hello packet has been received from another router, but the local router has not seen itself in the
other router’s hello packets. Bi-directional communication has not yet been established.
2Way: Hello packets have been received that include their own Router ID in the neighbor field. Bi-
directional communication has been established.
ExStart: Master/Slave relationship is established in order to form an adjacency by exchanging Database
Description (DD) packets. (The router with the highest router id becomes the master).
Exchange: Routing information is exchanged using DD and LSR packets.

Loading: Link-state request packets are sent to neighbors to request any new LSAs that were found
while in the Exchange state.
Full: All LSA information is synchronized among adjacent neighbors.
Adjacency Requirements: Once neighbors have been identified, adjacencies must be established so
that routing (LSA) information can be exchanged. There are two steps required to change a neighboring
OSPF router into an adjacent OSPF router:
1. Establish two-way communication (achieved via the Hello protocol)
2. Establish database synchronization—this consists of three packet types being exchanged between
routers:
 Database Description (DD) packets,
 Link-State Request (LSR) packets,
 Link-State Update (LSU) packets
Once the database synchronization has taken place, the two routers are considered adjacent. This is how
adjacency is achieved.
 If the link is point-to-point, the two neighbors will become adjacent if the Hello packet information
for both routers is configured properly.
 NBMA neighbors require special configuration (e.g., point-to-point subinterfaces) for adjacency
formation
 On broadcast multi-access networks, adjacencies are formed only between the OSPF routers on the
network and the DR and BDR. All other routers form adjacencies with only DR and BDR.
RouterA>show ip ospf neighbor
DR and BDR Election Procedure: With OSPF interface (multi-access only) possesses a configurable
Router Priority. The Cisco default is 1. If you don’t want a router interface to participate in the DR/BDR
election, set the Priority to 0 using the ip ospf priority command in interface configuration mode.
RouterA>show ip ospf interface
The steps of DR and BDR election:
1. A list of eligible routers is created. The criteria for eligible routers are:
 Priority greater than 0,  OSPF state of 2Way,
 DR and BDR IP address is the same as the participating interface’s IP address
2. A list of all routers not claiming to be the DR (the DR IP address is the same as the participating
interface’s IP address) is complied from the list of eligible routers.
3. The BDR is chosen from the list in Step 2 based on the following criteria:
 The BDR IP address is the same as the participating interface’s IP address
 The router with the highest Router Priority becomes the BDR.
 If all Router Priorities are equal, the router with the highest Router ID becomes the BDR
OR If none of the above criteria hold true, the router with the highest Router Priority is chosen, and in
case of a tie, the router with the highest Router ID is chosen as BDR.
4. The DR is chosen from the remaining eligible routers based on the following criteria:
 The DR field is set with the router’s interface IP address
 The router with the highest Router Priority is chosen DR. If all Router Priorities are equal, the router
with the highest Router ID is chosen.
OR If none of the remaining eligible routers claim to be the DR, the BDR that was chosen in Step 3
becomes the DR. Step 3 would then be repeated to choose another BDR.

The above process occurs when multiple routers become active at the same time on a segment. If a DR
and BDR already exist on the segment, any new interfaces accept the DR and BDR regardless of their
own Router ID or Router Priority.
LSA Flooding: LSA flooding is the method by which OSPF share routing information. Via LSU
packets, LSA information containing link-state data is shared with all OSPF routers. The network
topology is created from the LSA updates. Flooding is used so that all OSPF routers have the topology

map from which SPF calculations may be made. Efficient flooding is achieved through the use of a
reserved multicast address, 224.0.0.5 (All SPF Routers) (224.0.0.6 All DR)

LSA Acknowledgement and Validation: It is sent from a router to the originating router to
acknowledge the receipt of a LSA. There are two different methods routers can use to acknowledge
receipt of LSAs:
Explicit acknowledgement: The recipient sends a link-state acknowledgement packet to the originating
interface.
Implicit acknowledgement: A duplicate of the flooded LSA is sent back to the originator.
Direct Method 1. A duplicate flooded LSA is received, 2. LSA age equals MaxAge (one hour).
Delayed Method  The recipient waits to send the LSA acknowledgement with other LSA
acknowledgements that need to be sent.

SPF Tree Calculation: SPF trees are paths through the network to any given destination. A separate
path exists for each known destination. There are two destination types recognized by OSPF: network
and router. Router destinations are specifically for Area Border Routers (ABRs) and Autonomous
System Boundary Routers (ASBRs). Once all the OSPF routers have synchronized link-state databases,
each router is responsible for calculating the SPF tree using Dijkstra algorithm for each known
destination, for this metrics for each link are required.

OSPF Metrics: OSPF uses a metric referred to as cost. A cost is associated with every outgoing
interface along an SPF tree. The cost of the entire path is the sum of costs of the outgoing interfaces
along the path. Cisco uses an equation of 10 8 / bandwidth. The bandwidth is the configured bandwidth
for the interface. This value may be overridden by ip ospf cost command. The cost range is 1-65535.
Since the cost is assigned to each link, the value must be changed on each interface.

NBMA Overview: Non-broadcast multi-access (Frame Relay and ATM) presents a special challenge for
OSPF. It uses an election process to select a DR and a BDR to represent all OSPF routers on the
network. This election process requires the participation of all routers on the multi-access network.
NBMA Environment: With extended configurations on NBMA interfaces, an administrator can cause
OSPF to behave as if it were running on one of the following four network types:
 Broadcast,  Non-Broadcast (by default in NBMA network type),  Point-to-Point,  Point-to-
multipoint
Network Type Hello / Dead Intervals Elects DR/BDR
Broadcast 10/40 Yes
Non-Broadcast (by default) 30/120 Yes
Point-to-Point 10/40 No
Point-to-multipoint 30/120 No
Broadcast: elects DR/BDR, must have full mesh topology.
This configuration guarantees that all routers have connectivity and
R2 that all will be able to participate in the DR/ BDR election process.
R BDR
1 Once the DR and BDR have been chosen, the meshed networks act
as a broadcast network. All LSA updates are sent to the DR and
BDR, and the DR floods the updates out every interface. To change
the network type for NBMA interfaces, you use the ip ospf
network type-of-network command in interface configuration
R R
mode. Make sure that all the interfaces have same hello and dead
3 4
interval otherwise they will not communicate.
D
R

Non-broadcast: This environment requires that all OSPF neighbors be manually configured. This is the
default setting for router. By manually configuring each neighbor, OSPF knows exactly which neighbors
need to participate and which neighbor is identified as the DR. Also, communication between neighbors
is done via unicast. This also requires the full mesh. To elect your DR manually, enter the neighbor ip
address priority value command in the router configuration mode for the selected OSPF process.

Point-to-Point: This environment uses subinterfaces on the physical interface to create point-to-point
connection with other OSPF neighbors. A full mesh not required, DR/BDR not elected, provides faster
convergence. PVCs on the subinterface may fail, but there is still OSPF connectivity to other PVCs on
the same physical interface.
Point-to-Multipoint: Similar to Point-to-Point, no DR/BDR election, all PVCs are treated as point-to-
point links. The only difference between point-to-point and multipoint is that all the PVCs go back to a
single router.
Point-to-Point Point-to-Multipoint

R1 R2 R1 R2

R3 R4 R3 R4

Configuring OSPF: The basic elements of OSPF configuration are:


 Enabling OSPF,  Configuring OSPF for different network types,  Configuring the OSPF area,
 Route summarization,  Route redistribution,  Interface parameters

Broadcast: RouterA(config-if)#router ospf 1 (Process ID)


RouterA(config-router)#network 172.16.230.0 0.0.0.255 area 0

Configuring OSPF – Single Area (NBMA Environment)


RouterA#config t
RouterA(config)#int s1
RouterA(config-if)#ip ospf network broadcast
RouterA(config-if)#encapsulation frame-relay
RouterA(config-if)#frame-relay map ip 172.16.11.2 102 broadcast
RouterA(config-if)#frame-relay map ip 172.16.11.3 103 broadcast
RouterA(config-if)#frame-relay map ip 172.16.11.4 104 broadcast
RouterA(config-if)#router ospf 1
RouterA(config-router)#network 172.16.11.0 0.0.0.255 area 0
RouterA(config-router)#^z

Non-broadcast Configuration
RouterB#conf t
RouterB(config)#int s1
RouterB(config-if)#ip ospf network non-broadcast
RouterB(config-if)#encapsulation frame-relay ietf
RouterB(config-if)#frame-relay map ip 172.16.25.10 210 broadcast
RouterB(config-if)#frame-relay map ip 172.16.25.11 211 broadcast
RouterB(config-if)#frame-relay map ip 172.16.25.12 212 broadcast
RouterB(config-if)#router ospf 1
RouterB(config-router)#neighbor 172.16.25.10 priority 1
RouterB(config-router)#neighbor 172.16.25.11 priority 1
RouterB(config-router)#neighbor 172.16.25.12 priority 1
RouterB(config-router)#network 172.16.25.0 0.0.0.255 area 0

RouterB(config-router)#^z

Point-to-Multipoint Configuration
RouterC#conf t
RouterC(config)#int s2
RouterC(config-if)#ip ospf network point-to-multipoint non-broadcast
RouterC(config-if)#encapsulation frame-relay ietf
RouterC(config-if)#frame-relay local dlci 300
RouterC(config-if)#frame-relay map ip 172.16.26.12 312 broadcast
RouterC(config-if)#frame-relay map ip 172.16.26.13 313 broadcast
RouterC(config-if)#router ospf 1
RouterC(config-router)#neighbor 172.16.26.12 priority 1
RouterC(config-router)#neighbor 172.16.26.13 priority 1
RouterC(config-router)#network 172.16.25.0 0.0.0.255 area 0
RouterC(config-router)#^z

OSPF Show Commands


Command Description
Show ip ospf Summarizes all relative OSPF information, such as OSPF processes, Router ID,
area assignments, authentication, and SPF statistics.
Show ip ospf process-id Shows the same information as the show ip ospf command but only for the
specified process
Show ip ospf border-routers Displays the Router Ids of all ABRs and ASBRs within the AS
Show ip ospf databases Displays the link-state database
Show ospf interface Displays interface OSPF parameters and other OSPF information specific to the
interface
Show ip ospf neighbor Displays each OSPF neighbor and adjacency states

Interconnecting OSPF Areas


Categories of Multi-Area Components:
Single Area OSPF Network Multi Area OSPF Network

R1 Area 0
R1

R2 R3 R2 R3

R4 R5 R6 R7
R4 R5 R6 R7

Area 0 Area 10 Area 20

OSPF Router Roles

EIGRP
Autonomous

System

Area 10 Area 0
RC RB RA

Internal Router Area Border Router Internal Router


Autonomous System Boundary Router Backbone Router
Backbone Router
Backbone Router: It is any router that exists (whole or in part) in OSPF Area O
Internal Router: It is any router that has all of its interfaces as members of the same area

Link State Advertisements: LSA Types


Type Code Description
1 Router LSA
2 Network LSA
3 Network Summary LSA
4 ASBR Summary LSA
5 AS External LSA
6 Group Membership LSA
7 NSSA External LSA
8 External Attributes LSA
9 Opaque LSA (link-local scope)
10 Opaque LSA (area-local scope)
11 Opaque LSA (AS scope)
Type 1 LSA: It is an advertisement sent by a router to all other routers in its area. It contains
information about all of the router’s links in the area, the status of each link, and the cost for each link. A
router, which has connections to multiple areas, will send a Type 1 LSA to each of the areas the router is
connected to.
Type 2 LSA: It is generated by designated routers (DRs). Recall that a DR is elected to represent other
routers in its network, and it has established adjacencies with each of the routers within its network. The
DR uses the Type 2 LSA to send out information about the state of other routers that are part of the same
network. This LSA is sent only to routers that are in the area containing the specific network.
Type 3 and Type 4 LSAs: These LSAs are generated by ABRs. These ABRs send these LSAs to all
routers within an area. These LSAs advertise intra-area routes, routes within an area, to the backbone
area (Area O) and both intra-area and inter-area routes, routes to other areas, to non-broadcast areas.
Type 3 LSA will advertise networks outside of an area into an area and Type 4 LSA will advertise
information about ASBRs into an area.
Type 5 LSA: These LSAs are sent by ASBRs. These ASBRs use Type 5 LSAs to advertise routes that
are external to the OSPF AS or a default route external to the OSPF AS that is reachable through them.
Type 7 LSA: To overcome the limitations of an ASBR not being able to belong to a stub area, this LSA
used. These LSAs are generated only by an ASBR in a not-so-stubby area (NSSA). These LSAs will
propagate across the area to the ABR. Once LSA reaches the ABR, the ABR will convert LSA 7 into a

LSA 5 and propagate it to the backbone. Type LSA advertises routes that are external to the OSPF
autonomous system.
OSPF Area Types: Subdivision of area will reduce the load on router. It is useful when any router don’t
need to have the entire network topology in its link-state databases.
Stub Area: Directly connected routers with one interface out in general manner.
 Area O (backbone area) cannot be made a stub area.
 More than one area must exist.
 Since ASBRs inject external routes, do no make any area containing an ASBR a stub area.
 Since routers within a stub area use a default route to get out of the stub area, typically there is only
one route out of the stub area. Therefore, a stub area should usually contain only a single area border
router. Keep in mind that since a default route is being used, if a stub area contains more than one ABR,
a non-optimal path may be used.

 If you decide to make a particular area a stub area, be sure to configure all the routers in the area as
stubby. If a router within a stub area has not been configured as stubby, it will not be able to correctly
form adjacencies and exchange OSPF routes.
Stub Area / Totally Stubby Area
Area 25
Area 0
R E0 Summary Route
10.1.1.2/24 information Summary Route
C 10.1.1.1/24 Information
E1 R
10.1.1.2/24 E2 R
E0 10.1.2.1/24 1.1.1.1/24 A
B
R E0
Default Route Information
D
External Route Information
d
Configuration:
RouterB(config)#router ospf 10 (Process ID)
RouterB(config-router)#network 1.0.0.0 0.255.255.255 area 0
(where 1.0.0.0 0.255.255.255 is the network and wildcard mask of a network connected to Router B and
where 0 is the area that network 1.1.1.0/24 is a member of)
RouterB(config-router)#network 10.0.0.0 0.255.255.255 area 25
(where 10.0.0.0 0.255.255.255 is a summary network and wildcard mask of network connected to
Router B and where 25 is the area that networks 10.1.1.0/24 and 10.1.2.0/24 are member of)
RouterB(config-router)#area 25 stub
(where 25 is the area that we have designated as stubby)

RouterC(config)#router ospf 10
RouterC(config-router)#network 10.0.0.0 0.255.255.255 area 25
RouterC(config-router)#area 25 stub

RouterD(config)#router ospf 10
RouterD(config-router)#network 10.0.0.0 0.255.255.255 area 25
RouterD(config-router)#area 25 stub

 the syntax to make a router stubby is area area-id stub


 All routers that are part of Area 25 are configured as stubby
 Area 25 has only one ABR (i.e., only one path out of the area)
 The ABR used the area area-id stub command only for Area 25, not for Area ), which is not stubby.

Totally Stubby Area Configuration


Difference between Stubby and Totally Stubby area is that a totally stubby area doesn’t allow summary
routes to be injected into it; we need to change only Router B configuration from above example.
Since Router B is the ABR, it will be the router that will have the responsibility for blocking summary
routes from entering the totally stubby area. So we are going to use the same topology from the previous
example and make Area 25 totally stubby area. Same figure used from the previous example.

RouterB(config)#router ospf 10 (Process ID)


RouterB(config-router)#network 1.0.0.0 0.255.255.255 area 0
RouterB(config-router)#network 10.0.0.0 0.255.255.255 area 25
RouterB(config-router)#area 25 stub no-summary

Not-So-Stubby Area Configuration


NSSA is useful when there is an area that requires the injection of external routes from an ASBR, but we
still want to eliminate the injection of Type 5 LSAs from the ABR. In following scenario, we want to
prevent Area 0 from injecting Type 5 LSAs into Area 1, yet we still need external routes from the RIP
routing process to be injected into Area 1 and propagated to other OSPF areas. The solution to these
requirements is to make Area 1 an NSSA.

RIP OSPF OSPF

Area 1 Area 0

R RC 1.1.1.2/24 E1 RB 10.1.2.2/24 E1 R 10.1.1.1/24


172.16.2.1/24 172.16.1.2/24
D E1 E0 A E0
E0 1.1.1.1/24
E1 E0 10.1.2.1/24 Ethernet
172.16.1.1/24
Ethernet
Not-So-Stubby Area

RouterA(config)#router ospf 24
RouterA(config-router)#network 10.0.0.0 0.255.255.255 area 0
RouterB(config)#router ospf 24
RouterB(config-router)#network 10.0.0.0 0.255.255.255 area 0
RouterB(config-router)#network 1.0.0.0 0.0.255.255.255 area 1
RouterB(config-router)#area 0 range 10.0.0.0 255.0.0.0
(when 10.0.0.0 255.0.0.0 is the network number and subnet mask of a network that summarizes the
individual networks within Area 0, thus reducing the number of a router’s routing table)
RouterB(config-router)#area 1 nssa
(where 1 is the area that is being designated as a not-so-stubby area)
RouterC(config)#network ospf 24
RouterC(config-router)#redistribute rip
(where rip is the routing protocol whose routes are being injected into the OSPF routing process)
RouterC(config-router)#network 1.0.0.0 0.255.255.255 area 1
RouterC(config-router)#default-metric 128
(where 128 is the OSPF metric value to be assigned to routes being redistributed into the OSPF routing process)
RouterC(config-router)#area 1 nssa
RouterC(config-router)#router rip (This enables RIP routing process on the router)
RouterC(config-router)#redistribute ospf 24
(Where ospf 25 is the routing process whose routes are being injected into the RIP routing process)
RouterC(config-router)#network 172.16.0.0
RouterC(config-router)#default-metric 3
(where 3 is the RIP metric value (hop count) to be assigned to OSPF routes being redistributed into the
RIP routing process)

Router D is internal to the RIP routing process. Therefore, Router D does not require any NSSA specific
configuration:
RouterD(config)#router rip
RouterD(config-router)#network 172.16.0.0

OSPF Virtual Links: When designing a multi-area OSPF network, all areas should be connected to the
backbone area. However, there may be instances when an area will need to cross another area to reach
the backbone area, as shown in the following. Since, in this example, Area 20 does not have a direct link
to Area 0, we need to create a virtual link. (through loopback address/interface)

Area 0 Area 10 Area 20

Lo0:2.2.2.1/24
1.1.1.1/24 3.3.3.1/24
R E0 R 4.4.4.1/24 E0 C
7.7.7.1/24
B
E0 A E1 E1 4.4.4.2/24 E1 Ethernet
3.3.3.2/24
Ethernet

Lo0:5.5.5.1/24 Lo0:6.6.6.1/24
The syntax for creating a virtual link across an area is:
Area area-id virtual-link router-id
Where area-id is the number of the transit area, (area 10), and router-id is the IP address of the highest
loopback interface configured on a router or can be manually set. (Use router-id id-in-IP-address-
format to manually configure the router id in router configuration mode)

RouterB(config)#router ospf 10
RouterD(config-router)#network 3.0.0.0 0.255.255.255 area 0
RouterD(config-router)#network 4.0.0.0 0.255.255.255 area 10
RouterD(config-router)#area 10 virtual-link 6.6.6.1
(where 10 is the area id of the transit area and 6.6.6.1 is the highest loopback address of the ABR joining
the transit area to Area 20)

RouterC(config)#router ospf 10
RouterC(config-router)#network 4.0.0.0 0.255.255.255 area 10
RouterC(config-router)#network 7.0.0.0 0.255.255.255 area 20
RouterC(config-router)#area 10 virtual-link 5.5.5.1
(where 10 is the area id of the transit area and 5.5.5.1 is the highest loopback address of the ABR joining
the transit area to the backbone area)

Verifying and Troubleshooting OSPF


Route Information: sh ip route, sh ip route ospf, sh ip route 192.168.24.0
LSA Database Information: sh ip ospf database
Routing Protocol Information: sh ip ospf, sh ip ospf interface
Viewing Neighbor Information: sh ip ospf neighbor, sh ip ospf neighbor detail, debug ip ospf adj
Viewing OSPF Packets: debug ip ospf packet

INTEGRATED INTERMEDIATE SYSTEM TO INTERMEDIATE SYSTEM (IS-IS)


It is a link-state routing protocol developed bye DEC as an ISO protocol to route Connectionless
Network Services (CLNS), which is a network layer protocol of the OSI suits of protocols. An extension
to this protocol was added to allow the simultaneous routing of both IP and CLNS. This extension
became known as integrated IS-IS. So it can route either in a CLNS or IP or both the environment.

Same Characteristics of IS-IS / OSPF


 both are link-state routing protocol
 both uses Dijkstra SPF algorithm
 both support hierarchical network topology through area
 both use Hello packets to form adjacencies with their network
 for broadcast network, both elects a DR,
 both allow VLSM and summarization of areas
 both allow authentication to ensure a more secure network
Difference between IS-IS / OSPF
 Only one IS-IS Process can be enabled on a device
 OSPF routers can be a part of multiple areas, whereas an IS-IS router belongs to only one area
 In OSPF, the boundaries of areas are set in the router. In IS-IS, the boundaries of areas are on the
network connections.
 IS-IS utilizes CLNS protocol data units (PDUs) to send information between routers instead of using
IP packets, like OSPF does.
 IS-IS allows for the preempting of DRs, where OSPF does not.
 The backbone of an IS-IS network is designated by the type of routers in it instead of being
designated by an area number.
So OSPF is better than IS-IS.

IS-IS Terminology:
ES: An End System is a non-routing network device, such as a host
IS: An Intermediate System is a routing device, in our case a router
ES-IS: End System to Intermediate System (ES-IS) is the protocol used to enable end systems to
discover intermediate systems and vice versa.
SNPA: The Subnetwork Point of Attachment is the point at which Subnetwork services are provided
PDUs: Protocol data units are the data passed between an OSI layer of one node to the peer OSI layer of
another node.
DLPDU: A Data Link frame is referred to as a data link PDU.
NPDU: A packet is referred to as a network PDU.
LSP: The Link State PDU is the IS-IS equivalent of the OSPF LSA. The main difference between the
two is that the LSA is encapsulated behind the OSPF header and the IP packet, whereas the LSP is a
packet all its own.
Level 1 Intermediate System: It route within an area. When the destination is outside an area, they
route toward a Level 2 system.
Level 2 Intermediate System: It route between areas and towards other ASs.
NET: The Network Entity Title uniquely defines each router on the network. The NET is a network
address, which contains a System ID and an Area ID.
IS-IS AREAS: OSPF Areas

Area 0
Area Area
1 2
ABR ABR
IS-IS
Area 3 Areas

L L
1 1
L L L
1 2 1
L L L L
1 2 2 1

L
1
L
2
L L
1 1

 Notice that the area boundaries for IS-IS are on the connections, not the routers.
 The routers are completely within an area, don’t have interfaces in different areas.
 Backbone can have any Area ID. Not limited to Area 0 like OSPF.
L1 Routers:  A Level 1 router is a router in a non-backbone area.
 It knows only about intra-area routes.
 These routers know about the default route to the LA/L2 router for the inter-area.
 All routers within a Level 1 area contain the same link-state database.
 These routers receive link-state PDUs (LSPs) only from within the area. Not from other areas.
 L1 router will not receive any information from L2 router.
 It is an equivalent of an Internal Router of OSFP.
L2 Routers:  A Level 2 routers are backbone routers and handle all inter-area traffic.
 An L2 router can belong to only backbone area.
 An L2 routers will send LSPs to all other L2 routers and to all L1/L2 routers, regardless of the area
the L1/L2 belongs to.
 It is an equivalent to a backbone router of the OSPF.
L1/L2 Routers:  These routers are similar in functions of an OSPF ABR.
 These routers will send LSPs to both L1 and L2 routers. So L1 and L2 router will be able to maintain
their link-state database respectively (level 1 link-state database and level 2 link-state database).
 The L1/L2 router contains two link-state databases, and information stored in the Level 2 link-state
database will not be shared with any L1 routers.
An IS-IS level 1 area is similar to OSPF totally stubby area. So all the L1 routers within the area know
only about each other, and if they needed to reach to the remote area or the routers which are not in their
area, they must communicate through L1/L2 routers.
Three different level of routing for IS-IS:
Level 1 Routing: It is a routing between intermediate systems within the same area. It is basically an
intra-area routing and it occurs between all routers contained within the same area.
Level 2 Routing: It is a routing between intermediate systems in different areas. All level 2 routing will
cross the backbone at same point. So it is an inter-area routing and it occurs between routers in different
IS-IS areas.
Level 3 Routing: It is a routing between different routing domains. This is required when traffic needs
to leave the IS-IS routing domain to reach another routing domain. So it is an internetwork routing.
Since IS-IS routers are totally merged in one area, the Area ID is associated with the entire router
instead of an interface as in the OSPF. IS-IS will allow up to three Area IDs to be associated with
one router. The main use of multiple areas being configured on a router is for migrating from one
area to another. So Network Entity Title (NET) will be used to create and uniquely identify a
router in that area.
Network Entity Title (NET): The main focus is to know how Integrated IS-IS route IP packets.
 An IS-IS is a CLNP protocol, not a TCP/IP protocol. This means that though the IP routing is
supported, IS-IS still communicates with CLNS PDUs.
 So an ISO addressing scheme (NET) must be implemented for IS-IS to function. For this NET is
used, just like IP address, to uniquely identify a router on the internetwork.
 A NET can be in various standard formats. Each of these formats has three common values:
Area ID: It is a one-octet field, but can be longer, that preceded the System ID. The Area ID is used to
signify the area the router belongs to. The area id can span up to two octets if need be.
System ID: It is used to identify the router. (Similar to router id in OSPF) It can be up to eight octets in
length. Cisco supports only six octets. The same octet length must be used throughout the routing
domain. Normally, the MAC addresses of the router will be set as the System ID and it must be unique
in the IS-IS routing domain.
SEL: The NSAP Selector (SEL) is a one-octet field that represents the service being offered at the
network level of the device. For our representation of IS-IS, SEL will always be 00. 00 is represents the
router. (SEL is like an IP protocol number being included with a destination address in an IP packet. So
it tells you what service is being offered for the particular address.)
NET can be in following formats:
 Standard 8-octet format (with Area 0, System ID, SEL field)
 OSI NSAP format (Domain, Area Id, System ID, SEL)
 GOSIP format (AFI, ICD, DFI, AAI, Reserved, RDI, Area ID, System ID, SEL)
AFI=Authority and format identifier, ICD=International code Designator, DFI=Domain Specific Part
Format Identifier, AAI=Administrative Authority Identifier, RDI=Routing Domain Identifier, SEL)

Neighbor and Adjacency Initialization:


 IS-IS utilizes Hello PDUs to discover neighbors and form adjacencies with them.
 After adjacencies, the Hello packets are sent out every 10 seconds by default to maintain it.
 Hello packets contain the information about router, router’s capabilities and interfaces through which
hello packets are sent.
 If the two routers agree on their capabilities and parameters set forth, the routers will form adjacency.
 Here the same Hello and Dead intervals are not required like OSPF. Because the Hello packet will
contain the hold time set by the neighboring router. The router will use this specific hold time for
neighbor so it will not be considered dead until the hold time exhausted. This allows different hello and
dead intervals to be used by neighboring routers.

Adjacencies are two types: Level 1 and Level 2


 Level 1 adjacency will be formed between two L1 neighboring routers and L1 and L1/L2 routers in
the same area.
 Level 2 adjacency will be formed between two L2 neighboring routers and L2 and L1/L2 routers
 If two L1/L2 routers are neighboring, the both Level 1 and Level 2 adjacency will be formed between
the two routers.
 But an adjacency will never be formed between L1 and L2 routers.

Designated Router:  For broadcast networks, IS-IS supports the election of a DR like OSPF. But DR
in IS-IS is known as Designated IS (DIS).
 The DIS will reduce the traffic required to advertise broadcast networks and the amount of traffic
required to flood the LSPs.
 The DIS advertises a pseudonode. It is a representation of the network all the routers are connected
to. The DIS appears in the link-state database as another router. Each router on that network will then
form one adjacency with the pseudonode.
 The DIS will assign a one-octet pseudonode ID to the broadcast network, which is then added to the
System ID of the DIS to create the LAN ID. The LAN ID will be the source of the LSPs for the
pseudonode in the link-state database.
 Routers in an area will form an adjacency with the DIS, but the routers will still from adjacencies
with each other. Each router will multicast LSPs to its neighbors.
 The main function of the DIS is to make sure the routers receive all the LSPs. This is done by SNPs
(Sequence number PDUs.)
 There can be more than one DISs also. If there is a Level 1 and Level 2 adjacencies, there are Level 1
and Level 2 DISs also. If both level areas are in the same broadcast network, a DIS will be elected for
each level. But a DIS is not elected for a point-to-point network. In this case the same router will play
the role of L1 DIS and L2 DIS. Each of the pseudonodes created will be independent of each other.
 While electing the DIS, the router priority is considered. It may be anywhere between 0-127. The
router with the 0 priority will never be elected. The default priority for cisco devices is 64.The router
with the highest priority (or System ID if the priorities are same for more than one router) will win. If a
router is L1/L2, you can set the priorities for both the portions differently.
Use isis priority value level-1 / level-2 command to set the priority manually.
Use show clns interface command to see the current router priority setting for an IS-IS interface.

IS-IS PDUs: Hello PDUs, Link-State PDUs (LSP), Sequence number PDU (SNP)
Hello PDU: It is used to initialize and maintain router adjacencies. There are three types of hello PDUs.
1. Level 1 LAN IS-IS Hello PDU: It is used by L1 routers to form adjacencies on broadcast networks.
These PDUs are passed only between Level 1 routers and L1/L2 routers to form Level 1 adjacencies.
2. Level 2 LAN IS-IS Hello PDU: It is used to form level 2 adjacencies on broadcast networks. L2 and
L1/L2 routers will use these PDUs to form Level 2 adjacencies.
3. Point-to-Point IS-IS Hello PDU: This PDUs are used on non-broadcast point-to-point connections to
form adjacencies. This can be used to form a level 1 or level 2 adjacency.
 An L1/L2 router will use a combination of these Hello PDUs to form its level 1 and level 2 adjacencies.

Link-State PDU (LSP): It uses in the same way that an OSPF router uses its LSA packets. The LSP is
used to advertise routing information.
Level 1 LSP: It is used to advertise level 1 link-state routing information between level 1 routers. It
contains data about the routing information that the advertising level 1 router knows. Level 1 LSPs are
used to form the level 1 link-state database.
Level 2 LSP: It is used to advertise the link-state routing information a level 2 router knows about. This
information is used to help form the level 2 link-state database.
 If a router is L1/L2, it utilizes both these LSPs. It will use level 1 LSP to help it form its level 1 link-
state database and level 2 LSP to help it form level 2 link-state database.
 After a router receives all of the LSPs, it will utilize the SPF algorithm to select the routes to populate
its routing table.
 In a broadcast network, routers will multicast LSPs. Level 1 LSPs are multicast to the MAC address
0180.C200.0014. This MAC address is known as AllL1ISs. MAC address 0180.C200.0015, known as
AllL2ISs, where routers will multicast all Level 2 LSPs on a broadcast network. Routers will use unicast
instead of multicast on point-to-point non-broadcast networks.

Sequence Number PDU (SNP): It is used primarily to ensure that routers have the most up-to-date
LSPs. It is same as acknowledgement packets.
Complete Sequence Number PDU (CSNP): It contains most up-to-date list of all LSPs. When a link
first comes up, CSNPs are used to ensure the routers have the latest LSPs to form their link-state
databases. CSNPs will also be used periodically to ensure routers have the latest information. Level 1
and Level 2 have their own CSNPs. It means level 1 CSNP will be used only for level 1 information and
a level 2 CSNP will be used only for level 2 information.
Partial Sequence Number PDU (PSNP): It contains only the latest sequence number information for a
few LSPs. PSNPs are used on point-to-point connections. PSNPs can be used to request LSP
information. Like CSNPs, PSNPs are also specific to the level they are representing.

Different PDUs are used to create a router’s link-state database


LSP Flooding:  In order to construct the router’s link-state databases, LSP flooding is utilized. In
order to create level 1 link-state database, level 1 LSPs are flooded throughout the level 1 area. Flooding
level 2 LSPs over all level 2 adjacencies creates a level 2 link-state database. The creation of these link-
state databases would not be possible without the use of SNPs.
 All routers on a broadcast network will receive multicast LSPs from their neighbors. The DIS router
for level 1 will multicast address ALL1ISs. A level 2 DIS will do the same except it will multicast the
CSNP to the AllL2ISs multicast address. The default time the CSNP will be multicast is 10 seconds for
cisco devices.
 After the DIS has multicast the CSNP, all of the routers on that broadcast network will compare the
CSNP to all the LSPs stored in their link-state database. If a router detects that it has an LSP that is
missing from the CSNP or if the router has an LSP that is newer than the CSNP, the router will multicast
the LSP to all its neighbors. The neighbors could detect the missing LSP in the CSNP, but they will not
do anything because they will receive the missing LSP from their neighbor.
 A PSNP will be multicast by a router if the router notices that an LSP contained in the CSNP is
missing from its link-state database. The DIS will then send the LSP to the router that requested it.
 LSP flooding works differently on point-to-point non-broadcast networks. A router will send an LSP
to its neighbor on the non-broadcast network. The router will then wait for PSNP to be sent from the
neighbor acknowledging the receipt of the LSP. If the router doesn’t receive the PSNP in a specified
period (5 seconds for cisco devices), it will retransmit the LSP to the neighbor.
 Once a router receives all of the LSPs, it will run the SPF algorithm to select the routes to populate its
routing table.

SPF Algorithm: Once the router’s link-state database has been created, the router will need to create the
shortest path tree to select the routes to populate the router’s routing table. The IS-IS metric used for this
by default is, delay, expense and error. (Cisco supports only default metric for IS-IS.)
 The default metric value can be 0-63. Cisco default value is 10. The default metric can be set
differently for a different IS-IS interface and a different level. The metric for an IS-IS route is the sum of
all outgoing interfaces involved in the path. IS-IS will choose the route with the lowest metric like
OSPF. The maximum value IS-IS supports for a route is 1023.
 IS-IS classifies routes on their level. Level 1 routes are always internal to an IS-IS routing domain.
L2 routes can be further classified as internal or external. An L2 external route is a route that is external
to the IS-IS routing domain, whereas an L2 internal route is internal to the IS-IS routing domain. A level
1 route is always preferred over an level 2 route.
 If multiple routes are found to a destination, the route with the best metric will be selected. If multiple
routes with the same metric are found, IS-IS will use all of the routes. For load balancing, IS-IS supports
up to six paths of equal cost.

Network Types: IS-IS supports only two types of network instead of four in OSPF. These two are
broadcast and point-to-point networks. But these network types are non-configurable. You can not
change the network types like in OSPF.
 To form adjacencies on broadcast networks, the router will send out either a level 1 LAN Hello PDU
or a Level 2 LAN Hello PDU dependent on the router is an L1, L2 or L1/L2 router. On point-to-point
networks, routers will send out a point-to-point Hello PDU.
 The network type of broadcast is assigned to all broadcast interfaces on a router. For NBMA
networks, broadcast is assigned to multipoint subinterfaces and point-to-point is assigned to all point-to-
point subinterfaces. Physical interfaces, which are connected to NBMA networks, are considered to be
multipoint interfaces, so the broadcast network type is assigned to them also. Because all multicast WAN
connections are treated by IS-IS as the broadcast LAN connection, the same type of Hello PDUs are
used and a DIS is selected.
 On NBMA Networks:
 Physical interfaces can connect to other physical interface or to multipoint subinterfaces.
 Multipoint subinterfaces can connect to the multipoint subinterfaces or physical interfaces.
 point-to-point subinterfaces can connect only to other point-to-point subinterfaces.
Configuring IS-IS: Your IOS must supports CLNS to configure IS-IS.

Backbone Area 2

S1.1
R S0.1
.2 C .1

192.168.30.0/24 192.168.20.0/24

Area 1 S0.1 .1 S1.1 Area 3


S1.1 .2
R R S0.1
.2 .1 192.168.10.0/24
192.168.40.0/24 B D
S0.1 S0.1
R R
E0 .2
A .1 192.168.50.0/24 192.168.1.0/24 E
E
Ethernet
Ethernet

RouterA#config t
RouterA(config)#router isis (to enable isis on router)
RouterA(config-router)#net 01.0000.0000.0001.00 (to set the NET value)
RouterA(config-router)#is-type level-1 (to configure the level of the router)
RouterA(config-router)#^Z
RouterA(config)#interface e0
RouterA(config-if)#ip router isis (to enable isis on interface)
RouterA(config-if)#exit
RouterA(config)#interface s0.1
RouterA(config-if)#ip router isis
RouterA(config-if)#^Z
RouterA#

RouterB#config t
RouterB(config)#router isis
RouterB(config-router)#net 01.0000.0000.0002.00
RouterB(config-router)#is-type level-1 level-2
RouterB(config-router)#^Z
RouterB(config)#interface s0.1
RouterB(config-if)#ip router isis
RouterB(config-if)#exit
RouterB(config)#interface s1.1
RouterB(config-if)#ip router isis
RouterB(config-if)#^Z
RouterB#
RouterC#config t
RouterC(config)#router isis
RouterC(config-router)#net 02.0000.0000.0003.00
RouterC(config-router)#is-type level-2 only
RouterC(config-router)#^Z
RouterC(config)#interface s0.1
RouterC(config-if)#ip router isis
RouterC(config-if)#exit
RouterC(config)#interface s1.1
RouterC(config-if)#ip router isis
RouterC(config-if)#^Z
RouterC#

RouterD#config t
RouterD(config)#router isis
RouterD(config-router)#net 03.0000.0000.0004.00
RouterD(config-router)#is-type level-1 level-2
RouterD(config-router)#^Z
RouterD(config)#interface s0.1
RouterD(config-if)#ip router isis
RouterD(config-if)#exit
RouterD(config)#interface s1.1
RouterD(config-if)#ip router isis
RouterD(config-if)#^Z
RouterD#

RouterE#config t
RouterE(config)#router isis
RouterE(config-router)#net 03.0000.0000.0005.00
RouterE(config-router)#is-type level-1
RouterE(config-router)#^Z
RouterE(config)#interface s0.1
RouterE(config-if)#ip router isis
RouterE(config-if)#exit
RouterE(config)#interface s1.1
RouterE(config-if)#ip router isis
RouterE(config-if)#^Z
RouterE#

To enable IS-IS for CLNS, enter the clns router isis command in interface configuration mode.

Verifying and Troubleshooting IS-IS:


Route Information: sh ip route, sh ip route isis
Link-State Database Information: sh isis database, sh isis database detail level-1/2, debug isis update-
packets
Routing Protocol Information: sh clns protocol, sh clns interface
Viewing Neighbor Information: sh clns is-neighbors, debug isis adj-packets
Viewing SPF Information: sh isis spf-log, debug isis spf-events, debug isis spf-triggers,
Debug isis spf-statistics.

BORDER GATEWAY PROTOCOL: BGP is known as the internet routing protocol. It is an EGP
(Exterior Gateway Protocol). As internet is made up of numerous autonomous systems, BGP is used to
share routing information between these different autonomous systems.
 BGP utilizes TCP with port number 179 to establish connections.
 Since, TCP works at Layer 4 (Transport Layer), BGP is able to eliminate the need to implement
explicit update fragmentation, retransmission, acknowledgement and sequencing.

BGP Terminology:
Autonomous System: (Old Definition): A set of devices under the same administrative control that used
a single IGP for intra-AS routing and an EGP for inter-AS routing.
(New Definition): An AS is a set of devices under the same administrative control with one or more
IGPs controlling intra-AS routing and an EGP for inter-AS routing.
IGP Speaker: Any routing device running a BGP routing process is known as a BGP speaker.
Peers: When two BGP speakers form a TCP connection between them, they are known as peers.
EBGP: Exterior BGP is the routing protocol used to exchange routing information between BGP peers
in different ASs.
IBGP: Internal BGP is the routing protocol used to exchange routing information between BGP peers in
the same ASs.
Inter-AS routing: It is a routing occurs between different ASs.
Intra-AS routing: It is a routing occurs within the same ASs.

BGP Operation:

AS AS
1
2 AS 2000

AS
98
AS 5921
AS 7

AS
10
 All BGP speaking devices contained within the same AS will use internal BGP to communicate with
each other. All multiple BGP speaking devices within the same AS must peer with one another. So you
must configure full mesh for IBGP to operate properly. This doesn’t mean all devices must be connected
to one another—just they all have layer-3 reachablility. IBGP will utilize the TCP protocol to form the
peering sessions between the IBGP peers.
 External BGP is utilized between BGP speaking devices in different ASs. Like IBGP, EBGP peering
sessions require the BGP speaking devices participating to have layer-3 connectivity among themselves.
TCP will then be utilized by EBGP to form the peering sessions.
 After forming peers, the BGP speaking devices will use the peering information to create a loop-free
map of the ASs involved. This is known as BGP Tree.
 Once BGP speaking devices have formed peers and created their BGP tree, they will start exchanging
routing information. These devices will first exchange their entire BGP routing table. Then they
exchange incremental updates of their BGP routing tables and KEEPALIVE messages to keep the
connection up.
How BGP Operates: Message Header Format: BGP will process a message when entire message has
been received. It requires minimum 19 octets to maximum 4096 octets.
Message Header Format:

Marker
Length Type
Marker: It is 16 bytes long field. It is used to detect a loss of synchronization between a set of BGP
peers and to also authenticate incoming BGP messages. If an OPEN message does not contain
authentication information, the Marker must be set to all ones.
Length: It is 2 bytes field and indicates the length of the entire message including Marker. The length
value can be 19-4096 octets.
Type: This is one byte long field and indicates one of the four types of message given below:
1.OPEN message, 2. UPDATE message, 3. NOTIFICATION message, 4. KEEPALIVE message.

OPEN message: This is the first type of message after a TCP session has been formed. When the OPEN
message is accepted, a KEEPALIVE message confirming the OPEN message is returned. After the
KEEPALIVE message is sent to confirm the OPEN message, incremental UPDATE messages,
NOTIFICATION messages, and KEEPALIVE messages will be exchanged between the BGP peers.

OPEN message format:


Version

My Autonomous System

Hold Time

BGP Identifier

Optional Parameter
Length

Optional Parameters

Version: 1 byte long and determines the version of BGP for the neighbor to use. The highest version
number of two BGP neighbor will be negotiated. If not match, an error message will be sent to the
sender and TCP session will be torn down. Then the session will be established with the lower version
number. This process continues until the common version number is reached.
My Autonomous System: 2 bytes long and contains the AS number of the sending BGP speaker. This
will help in creating the BGP speaker’s BGP tree.
Hold Time: 2 bytes long and inform the receiving BGP speaker about the hold time the sending BGP
speaker has. The receiving speaker will calculate the lowest of its configured hold time and keep that
value in Hold Time field. This will determine the number of seconds the BGP speaker will expect
between the receipt of KEEPALIVE and/or UPDATE messages. If one of these messages is not received
in the time specified by the hold time, the neighbor will be considered dead. Each time one of the
message is received, the hold time is reset to 0.
BGP Identifier: 4 bytes long and it contains the BGP particular identifier of the sending BGP speaker.
The BGP identifier will be highest loopback IP OR highest IP address configured for physical interface.
This is set during the startup process of BGP. So it will not change unless you restart the BGP process.
Optional Parameters Length: 1 byte long and represents the total length of the OP field. 0 value
suggests that no OP have been set.
Optional Parameters: This is a variable-length field and contains Parameter Type, Parameter Length,
and Parameter Value fields used in the BGP neighbor negotiation.

UPDATE message: After BGP speakers have been peers, they will exchange incremental UPDATE
messages. It contains the routing information for BGP. This information is used to construct a loop-free
routing environment.
UPDATE message format:
Unfeasible routes length (2 bytes)
Withdrawn Routes (variable)

Total Path Attributes Length (2 bytes)

Path Attributes (variable)

Network Layer Reachability Information


(variable)
Unfeasible Routes Length: 2 bytes long and contains the length of withdrawn routes field. A value of 0
signifies that WR field is not present in the UPDATE message.
Withdrawn Routes: It contains a list of IP address prefixes that will be withdrawn. Ip address prefix
format will contain Length (1 byte, 0 means all IP address prefixes) and Prefix (of variable length,
contains the IP address prefix) fields.
Total Path Attributes Length: 2 bytes long and contains the length of the Path Attributes field.
Path Attributes: It contains a sequence of attributes about a path present in the UPDATE message. The
information contained in this field is used to track route information and for routing decisions and
filtering. Each path attribute is broken down into an attribute type, attribute length, attribute value triplet.
The attribute type field is 2 bytes long and contains the Attribute Flags byte followed by the Attribute
Type Code byte.
Attribute Flags: contains the Well-known mandatory, Well-known discretionary, Optional transitive and
Optional non-transitive attributes.
 Well-known mandatory: This attribute must be recognized by all implementations of BGP and be
present in the UPDATE message. A BGP session will be terminated if this is not present in the UPDATE
message.
 Well-known discretionary: This attribute must be recognized by all implementations of BGP but
doesn’t need to be present in the UPDATE message.
 Optional transitive: This attribute allows for optional attributes that are not recognized by an
implementation of BGP to be passed along to a BGP speaker’s peers.
 Optional non-transitive: It is an optional attribute is not recognized by an implementation of BGP
and the transitive flag is not set, this will not be passed on to the BGP speaker’s peers.
Attribute Type Code: This specifies the type of Path Attribute.
Type Code Attribute Name Category
1 ORIGIN Well-known mandatory
2 AS_PATH Well-known mandatory
3 NEXT_HOP Well-known mandatory
4 MULTI_EXIT_DISC Optional non-transitive
5 LOCAL_PREF Well-known discretionary
6 ATOMIC_AGGREGATE Well-known discretionary
7 AGGREGATOR Optional transitive
8 COMMUNITY Optional transitive
9 ORIGINATOR_ID Optional non-transitive
10 CLUSTER_LIST Optional non-transitive
11 DPA Destination Point Attribute for BGP
12 Advertiser BGP/IDRP Route Server
13 RCID_PATH/CLUSTER_ID BGP/IDRP Route Server
14 Multiprotocol Reachable NLRI Optional non-transitive
15 Multiprotocol Unreachable NLRI Optional non-transitive
16 Extended Communities N/A
256 Reserved for development N/A
NLRI (Network Layer Reachability Information: BGPv4 supports VLSM. BGPv4 is able to
advertise routes regardless of Classful boundaries. It accomplishes this through the use of the NLRI
field.
NLRI is a variable-length field, which contains IP address prefix of the route. It contains 1 byte long
Length field and a variable-length Prefix field. Length of IP address prefix. It is same as subnet mask. If
the value is 0 of this field, it indicates all IP addresses are included. Prefix field contains the actual IP
address prefix.

KEEPALIVE message: These messages are used to ensure connectivity still exists between peers. It is
made up of only the fixed-size BGP Message Header. A KEEPALIVE message will be sent in order to
restart the hold timer. The interval at which a KEEPALIVE message is sent is to be one-third the hold
time value. This is why the hold time must be at least 3 seconds if it is not 0. A KEEPALIVE message
will not be sent if an UPDATE message was sent during this period of time. If the hold time is set to 0, a
KEEPALIVE message will never be sent.

NOTIFICATION message: Whenever an error occurs during a BGP session, the BGP speaker
generates the NOTIFICATION message. As soon as the BGP speaker generates NOTIFICATION
message, the session is terminated. The NOTIFICATION contains error codes and error sub-codes that
allow network administrator to troubleshoot the problem.

NOTIFICATION message format:


Error Code Error Sub-Code Data
Error Code Type Error Sub-Code Type
Number Number
1 Message Header Error 1 Connection Not Synchronized
2 Bad Message Length
3 Bad Message Type
2 OPENmessage Error 1 Unsupported Version Number
2 Bad Peer AS
3 Bad BGP Identifier
4 Unsupported Optional Parameters
5 Authentication Failure
6 Unacceptable Hold Timer
3 UPDATEmessage Error 1 Malformed Attribute List
2 Unrecognized Well-known Attribute
3 Missing Well-known Attribute
4 Attribute Flags Error
5 Attribute Length Error
6 Invalid ORIGIN Attribute
7 AS Routing Loop
8 Invalid NEXT_HOP attribute
9 Optional Attribute Error
10 Invalid Network Field
11 Malformed AS_PATH
4 Hold Timer expired
5 Finite State Machine Error
6 Cease

Neighbor Negotiation: Before BGP communication can occur, BGP speakers must become neighbors,
or peers.
 The first step in forming a peer is to form a TCP session using TCP port 179 with each other. If this
does not occur, the GBP speakers will never become peers.
 After the TCP session has been established, the BGP speakers will send an OPEN message to each
other.
 From that point forward the peers will send incremental UPDATE messages, NOTIFICATION
messages and KEEPALIVE messages.

Finite State Machine: The process through which the forming of neighbors occurs is known as the
finite state machine which contains six states.
Idle State: This is the first state a BGP speaker will enter when starting a BGP session.
 The BGP speaker is waiting for the BGP start event (which can be initiated by BGP speaker or
administrator), will initially refuse all incoming BGP connections.
 Once a start event has occurred, the BGP speaker then start the ConnectRetry timer, initiate a TCP
connection to the peer, and also listen for any connection attempt started by other BGP speaker.
 If the session ended, the BGP speaker will wait 60 seconds before it retry the connection.
Connections State:  BGP speaker will clear ConnectRetry timer, complete initialization and send an
OPEN message to the remote speaker with its OpenSent transition after the TCP session has been
formed successfully.
 If any other types of events cause an error, the BGP speaker will close the TCP connection and
changed state to Idle. All BGP start events will be ignored in the Connection state.
Active State: After above two states, if the BGP speaker detects another BGP speaker trying to form a
TCP session with it and the remote BGP speaker’s IP address is not the expected IP address, the BGP
speaker will reject the connection, reset the ConnectRetry timer, continue to listen for an attempted
connection from the remote BGP speaker, and stay in Active state.
 If any other events occur, the BGP speaker will close the TCP connection and transition its state to
Idle. All BGP start events will be ignored in the Active state.
OpenState State:  The BGP speaker is waiting to receive an OPEN message from the remote BGP
speaker and after receiving it all the filed will be checked.
 If an error occurred, it will send a NOTIFICATION message to the remote BGP speaker and
terminate the TCP connection and will be in Idle state.
 If no error occurred, it sends a KEEPALIVE message to the remote BGP speaker, set the keepalive
timer, and set the old timer to the negotiated value. The BGP speaker will then negotiate the hold time
and decides whether it will be a IBGP (if two speakers are in same AS) or EBGP (in different AS),
because this will affect the UPDATE processing. (A value of 0 mean that the keepalive timer and the
hold timer will never be reset)
 Once the type of BGP is determined, the state will be OpenConfirm.
 If TCP connection disconnected message occur during this state, the BGP speaker will be in the
Active state. In all other error modes, it will be in the Idle state.
OpenConfirm State:  BGP speaker will wait for the KEEPALIVE message from remote speaker.
Once it is received, BGP speaker will reset the hold timer and transition to the Established state. At this
point, the peer relationship has been formed.
 If a NOTIFICATION message is received instead of KEEPALIVE message, it will be in Idle state.
 All BGP start events will be ignored in the OpenConfirm state.
Established State:  In this state, all of the neighbor negotiations are complete and all peers will
exchange UPDATE and KEEPALIVE messages and reset its hold timer each time it sends a messages.
 If the hold timer ever expires before U/K message received, the speaker will send a NOTIFICATION
message to its peer, terminate the TCP session and change its state to Idle.
 All BGP start events will be ignored in the Established state.

Route Selection: Once BGP peers have reached the Established state, they will start exchanging routing
information. To understand how the routing information will be received and process, Routing
Information Base must be understood.
Routing Information Bases: When a BGP speaker learns a route, that route will need to pass through
the BGP speaker’s RIB. All BGP speaking devices contain a RIB. A RIB is broken down into three
parts:
Adj-RIBs-In: One Adj-RIB-In exists for each peer a BGP speaker has. This RIP is where incoming
BGP routes are stored. After BGP routes have been placed, they are then put through the inbound policy
engine. This is where the routes are filtered or have their attributes manipulated, based on a predefined
policy set by the router’s administrator. If a BGP route makes it through the inbound policy filter, it is
then sent to the Loc-RIB.
Loc-RIB: The Loc-RIB is what the router will use to make its own BGP routing decisions. The router
will then send all of the BGP routes contained in the Loc-RIB to the outbound policy engine. The
Outbound Policy engine is a predefined policy set by the administrator for the purpose of filtering and
manipulating BGP routes before placing them in the Adj-RIBs-Out.
Adj-RIBs-Out: If a BGP route makes it through the outbound policy engine, the route will be placed in
the Adj-RIBs-Out. This exists for each peer of a BGP speaker. The routes that are placed in the Adj-
RIBs-Out will be advertised to the BGP speaker’s peers.
A BGP route will continue this routine for each BGP speaker it is advertised to.
BGP Route Processing:

2 4 6 8 1
3 5 7 9 1
0
1 1
Adj-RIBs-In Inbound Loc-RIB Outbound Adj-RIBs-Out
Policy Engine Policy
Engine
1. The BGP speaker receives the BGP routes
2. The received BGP routes are placed in the Adj-RIBs-In.
3. The BGP routes are sent to the inbound policy engine
4. The inbound policy engine filters and manipulates routes based on the policy set by the router’s
administrator. BGP routes that are filtered out by the inbound policy engine are dropped at this
point.
5. The remaining BGP routes are then forwarded to the Loc-RIB.
6. The BGP speaker stores the routes in the Loc-RIB. The router uses these routes to make BGP
routing decisions.
7. The BGP routes are then forwarded to the outbound policy engine
8. The outbound policy engine filters and manipulates routes based on the policy set by the router’s
administrator. BGP routes that are filtered out by the outbound policy engine are dropped at this
point.
9. The BGP routes that make it through the outbound policy engine are then forwarded to the Adj-
RIBs-Out.
10. The received BGP routes will then be stored in the Adj-RIBs-Out.
11. All BGP routes stored in the Adj-RIBs-Out are then advertised to all of the BGP speaker’s peers.

Decision Process: This is the actual process that decides what routes the BGP speaker will accept, the
routes it will use locally, and the routes it will advertise to its peers. It happens with following three
phases:
Phase 1:  This phase calculates the degree of preference for a route learned from a neighboring AS.
Whenever a BGP speaker receives an UPDATE message from a peer in a neighboring AS, phase 1
begin. Then it will lock the Adj-RIB-In used for that peer.
 The BGP speaker will leave the Adj-RIB-In locked until the completion of phase 1. For each feasible
route the BGP speaker receives, it will calculate the degree of preference. The degree of preference is
the attractiveness of a route.
 The BGP speaker will calculate the degree of preference based on the locally pre-configured policy.
Phase 2:  It is known as Route Selection Phase. During this phase, the BGP speaker will lock all of its
Adj-RIBs-In and unlock them once the phase is complete.
 At this point, any routes that have a NEXT_HOP attribute set to an address the BGP speaker doesn’t
have a route to should be excluded. The BGP speaker will select a route that is the only route to a
destination to put in the Loc-RIB. If multiple routes exist to the same destination, the BGP speaker will
select the route with the highest degree of preference. This route will then be inserted into the BGP
speaker’s Loc-RIB.
 In case that multiple routes exist to the same destination and they have the same degree of preference,
the following tie breaking rules will apply:
 If the BGP speaker is configured to use the MULTI_EXIT_DISC (MED) and the MEDs of the routes
differ, the BGP speaker will select the route with the lowest MED.
 If the BGP speaker is not configured to used the MED or the MEDs do not differ, the BGP speaker
will select the route with the lowest cost to the next-hop address.
 If the cost of the routes does not differ, the BGP speaker will select the route that was advertised by a
BGP speaker in a neighboring AS with the lowest BGP identifier.
 If the route was not advertised by a BGP speaker in a neighboring AS, the BGP speaker will select
the route with the lowest BGP identifier.
Phase 3: It is also knows as the Route Dissemination phase. It will be initiated when any of the
following four events occur:
 Phase 2 completes
 When routes, stored in the Loc-RIB, to local destinations change.
 When any locally generated routes, not learned by BGP, change.
 When a new BGP connection has been established.
During this phase, the routes stored in the Loc-RIB will be passed through the outbound policy engine.
The routes through the policy engine will be placed in the Adj-RIBs-Out. Theses are the routes the BGP
speaker will advertise to its peers. The BGP speaker can optionally perform route aggregation during
this phase.
Cisco uses 10 steps for route selection:
1. If the route specifies a next hop that is inaccessible, drop the update
2. Prefer the route with the largest weight
3. If the weights are the same, prefer the route with the largest local preference.
4. If the local preferences are the same, prefer the route that was originated by BGP running on this
router.
5. If no route was originated, prefer the route that has the shortest AS_PATH.
6. If all routes have the same AS_PATH length, prefer the route with the lowest origin type (where
IGP is lower than EGP, and EGP is lower than Incomplete).
7. If the origin codes are the same, prefer the route with the lowest MED attribute.
8. If the routes have the same MED, prefer the external route over the internal route.
9. If the routes are still the same, prefer the route through the lowest metric IGP neighbor.
10. Prefer the route with the lowest IP address, as specified by the BGP Router ID.
Route Filtering: The system administrator can affect the routing decisions a BGP speaker makes. The
way this is done is through route filtering. Route filtering for BGP can be used for many different
reasons. It can be used to permit or deny certain routes in the BGP speaker.
Ingress filtering: This is occurs when a route is received by the BGP speaker and passed to the inbound
policy engine. Here, the administrator can decide the permit and deny policy.
Egress filtering: This is occurs when a route is passed into the outbound policy engine. The only
difference between the Egress and Ingress filtering is that the BGP speaker is making the decisions on
the routes being advertised to its peers and manipulating those routes’ BGP attributes.
The most commonly used techniques for route filtering are: Route Maps, Distribute Lists and Prefix
Lists (for more detail, see chapter 9)

BGP Synchronization:
Transit AS: It is an AS connected to multiple ASs, allowing the routes learned from one AS to be passed
along to another AS.

AS AS
100 300
R R
1 6
R
R
5
2

AS 200

R R
3 4

 AS 200 would be a transit AS. The routes the AS learns from AS 300 will transit AS 200 and be
received by AS 100. The same is true for AS 100. The routes AS 200 learns from AS 100 will transit the
AS and be passed on to AS 300. In other words, a transit AS is an AS that allows information learned
from another AS to transit through to another AS.

Stub AS: It is an AS that does not allow information to transit through it to another AS. Here, AS 100
and AS 300 are both single homed Stub ASs with one entry and exit point.
AS 100 AS 300

R1 R5

AS 200
R2 R3 R4

By default, BGP Synchronization is on. Since IBGP requires a full mesh, it will be off in real world. Use
No synchronization command to turn off.

Route Aggregation: Known as route summarization, is a means by which multiple routes can be
combined into a single consuming less memory. It occurs during phase 3 of the BGP decision process.
 If routes contain the MED and NEXT_HOP attributes, these attributes must be identical in order for
the routes to be aggregated.
 Paths with different attribute type codes cannot be aggregated together.
 Paths with the same attribute type codes can be aggregated together.

When and When Not to Use BGP:


When Not to Use: Default or Static Routes are advisable than BGP  The routers in your network don’t
have much memory and/or processing power causing the delays in network with the huge internet
routes.
 Your AS is connected to only one other AS and you do not need to enforce any policies
 Your network doesn’t have enough bandwidth to support the amount of traffic that BGP must pass.
When to use BGP: When you need to enforce inbound and/or outbound policies on information
entering or leaving your network.
 When your network has multiple connections to different ASs and you want your AS to pass
information from one AS to another AS. In other words, you want your AS to be a transit AS.
 When connecting different Internet service providers to one another.

Configuring BGP:
Minimal BGP Configuration:

AS 100 AS 300
R1 R3
S0 S0
.1 10.10.10.0/30 20.20.20.0/30 .1
AS 200
S0 S1
.2 R2 .2
R1#conf t
R1(config)#router bgp 100 (to enable BGP on a device – router bgp AS no)
R1(config-router)#neighbor 10.10.10.2 remote-as 200 (the neighbor to be peers)
R1(config-router)#^Z
R1#

R2#conf t
R2#(config)#router bgp 200
R2#(config-router)#neighbor 10.10.10.1 remote-as 100
R2#(config-router)#neighbor 20.20.20.1 remote-as 300
R2#(config-router)#^Z
R2#

R3#config t
R3#(config)#router bgp 300
R3#(config-router)#neighbor 20.20.20.2 remote-as 200
R3#(config-router)#^Z
R3#
IBGP & EBGP Configuration: The loopback address of each router participating in IBGP will be used
in the neighbor statement when referring to the router. The directly connected interface addresses will be
used for the EBGP connections. A loopback interface is always up and will never go down unless
administratively shut down. If an IBGP speaker has multiple paths, it will never go down if at least one
link is working. Use the following command while you use loopback interface for BGP sessions without
which the BGP speakers will never form peers with one another:
Neighbor address update-source interface

IBGP AND EBGP Network:

AS 100 AS 300

R1 R5
.1 S0 .1
S0
10.10.10.0/30 20.20.20.0/30
AS 200
.2 S0 S1 .2
R2 R4
.1 S1 S0 .1
30.30.30.0/30 40.40.40.0/30
S0 .2 S1 .2
R3

We don’t want BGP to be synchronized with the IGP. So we will use no synchronization command on
each router in AS 200. The loopback address of the R2 router, R3 router and R4 router will be 2.2.2.2,
3.3.3.3 and 4.4.4.4 respectively.

R1#config t
R1(config)#router bgp 100
R1(config-router)#neighbor 10.10.10.2 remote-as 200
R1(config-router)#^Z

R2#config t
R2(config)#router bgp 200
R2(config-router)#no synchronization
R2(config-router)#neighbor 10.10.10.1 remote-as 100
R2(config-router)#neighbor 3.3.3.3 remote-as 200
R2(config-router)#neighbor 4.4.4.4 remote-as 200
R2(config-router)#neighbor 3.3.3.3 update-source lo0
R2(config-router)#neighbor 4.4.4.4 update-source lo0
R2(config-router)#^Z

R3#config t
R3(config)#router bgp 200
R3(config-router)#no synchronization
R3(config-router)#neighbor 2.2.2.2 remote-as 200
R3(config-router)#neighbor 4.4.4.4 remote-as 200
R3(config-router)#neighbor 2.2.2.2 update-source lo0
R3(config-router)#neighbor 4.4.4.4 update-source lo0
R3(config-router)#^Z

R4#config t
R4(config)#router bgp 200
R4(config-router)#no synchronization
R4(config-router)#neighbor 20.20.20.1 remote-as 300
R4(config-router)#neighbor 3.3.3.3 remote-as 200
R4(config-router)#neighbor 2.2.2.2 remote-as 200
R4(config-router)#neighbor 3.3.3.3 update-source lo0
R4(config-router)#neighbor 2.2.2.2 update-source lo0
R4(config-router)#^Z
R5#config t
R5(config)#router bgp 300
R5(config-router)#neighbor 20.20.20.2 remote-as 200
R5(config-router)#^Z

EBGP MULTIHOP CONFIGURATION: When the remote BGP speaker is not directly connected
between the local BGP speaker’s egress interface and the remote BGP speaker’s ingress interface.
 There is another router in between the local BGP speaker and the remote BGP speaker that cannot run
BGP.
 You are sourcing the BGP connection from a loopback interface on at least one of the BGP speakers
involved.
EBGP MULTIHOP & INJECTING ROUTES FIGURE

AS 100
192.168.200.0/24
E0 R1 S0 S1 R2
.1 .1 10.10.10.0/30 .2
S0 .1
E1 .1
20.20.20.0/30
R1 Lo0-1.1.1.1
R3 Lo0-3.3.3.3 192.168.24.0/24
AS 200
R1#config t
R1(config)#router bgp 100 S0 .2
R1(config-router)#neighbor 3.3.3.3 remote-as 200 R3 E0 192.168.100.0/24
R1(config-router)#neighbor 3.3.3.3 update-source Lo0 .1
R1(config-router)#neighbor 3.3.3.3 ebgp-multihop
R1(config-router)#^Z

R3#config t
R3(config)#router bgp 200
R3(config-router)#neighbor 1.1.1.1 remote-as 100
R3(config-router)#neighbor 1.1.1.1 update-source Lo0
R3(config-router)#neighbor 1.1.1.1 ebgp-multihop
R3(config-router)#^Z
Injecting Routes into BGP: There are two ways to inject routes into BGP for advertisements:
1. You could redistribute the IGP into BGP. It is a process of injecting the routing information known by
one routing protocol into another routing protocol. (if many routes are there)
2. You can manually configure the routes for BGP to advertise. (if less routes are there)

1. Manually injecting routes into BGP:


R2#config t
R2(config)#router bgp 100
R2(config-router)#neighbor 3.3.3.3 remote-as 200
R2(config-router)#neighbor 3.3.3.3 update-source Lo0
R2(config-router)#neighbor 3.3.3.3 ebgp-multihop
R2(config-router)#network 10.10.10.0 mask 255.255.255.252
R2(config-router)#network 192.168.24.0 mask 255.255.255.0
R2(config-router)#^Z
R2#
R3#config t
R3(config)#router bgp 200
R3(config-router)#neighbor 2.2.2.2. remote-as 100
R3(config-router)#neighbor 2.2.2.2 update-source Lo0
R3(config-router)#neighbor 2.2.2.2 ebgp-multihop
R3(config-router)#network 192.168.100.0 mask 255.255.255.0
R3(config-router)#^Z
R3#
Redistributing Routes into BGP:
Redistribute protocol process-id (the routing protocol to redistribute)(E/IGRP=AS Number,
OSPF=Process Id, RIP/IS-IS=Process id is not needed)
R2#config t
R2(config)#router bgp 100
R2(config-router)#neighbor 3.3.3.3 remote-as 200
R2(config-router)#neighbor 3.3.3.3 update-source Lo0
R2(config-router)#neighbor 3.3.3.3 ebgp-multihop
R2(config-router)#redistribute eigrp 100
R2(config-router)#^Z
R2#
R3#config t
R3(config)#router bgp 200
R3(config-router)#neighbor 2.2.2.2 remote-as 100
R3(config-router)#neighbor 2.2.2.2 update-source Lo0
R3(config-router)#neighbor 2.2.2.2 ebgp-multihop
R3(config-router)#redistribute eigrp 100
R3(config-router)#^Z
R3#
Verifying and Troubleshooting the Operation of BGP:
Route Information: sh ip route, sh ip bgp
Viewing Neighbor Information: sh ip bgp summary, sh ip bgp neighbors
Debugging BGP Information: debug ip bgp ip address / dampening / events / keepalives / updates
Debug ip bgp updates, debug ip 2.2.2.2 updates
Advanced Border Gateway Protocol (ABGP)

 As a network grows in size, IBGP can cause scalability issues in fully mesh inside an AS.
 IBGP devices will not advertise a route they have learned from an IBGP neighbor to another IBGP
neighbor which is why IBGP requires a fully meshed network.
 The reason fully meshing an IBGP network causes a problem is the number of sessions needed to
fully mesh the network and it will be harder to manage these sessions when more BGP speakers will be
added.
There are a couple of alternatives to fully meshed IBGP networks in use today. Each of these
alternatives can be used by itself or together to overcome the IBGP scalability issue.
1. Route Reflection and 2. Confederations.

Route Reflection: It allows a BGP speaker, known as a route reflector, to advertise IBGP-learned routes
to certain other IBGP peers.
 Route reflection is the operation of a BGP speaker advertising an IBGP learned route to other IBGP
peers.
 It is the BGP speaker that advertises the IBGP-learned route to other IBGP peers.
 Reflected route is a route that has been through the route reflection operation.
 Client peers are BGP speakers, which will receive reflected routes from a route reflector and
participate in that route reflector’s cluster.
 Non-client peer is a BGP speaker that must be fully meshed and doesn’t participated in a route
reflector’s cluster.
 Cluster is a route reflector and all of its client peers.

There are three specific criteria set for the route reflection needs to meet.
Simplicity: An alternative to fully meshed IBGP must be simple to understand and configure.
Easy transition: When transitioning from a fully meshed IBGP network, the alternative must not cause
a change to the topology or AS. This allows for easy migration from fully meshed IBGP to route
reflection.
Compatibility: A non-compliant BGP peer must continue to participate in the AS without any loss of
BGP routing information.

Route reflection
EBGP EBGP
AS 200
AS100 AS 300
R R IBGP R IBGP R R
1 2 3 4 5
Route Reflector Client Route Reflector Route Reflector Client

If the route reflector was not configured and if it was non-meshed IBGP, then the route
information wouldn’t have reached to the router 5.
But in this case, the following process occur:
 R1 sends the route to R2
 R2 receives the route and stores it locally
 R2 sends the route to R3
 R3 receives the route and stores it locally
 R3 reflects the route to R4
 R4 receives the route and stores it locally
 Depending on the policies in place for the AS, R4 could have sent the route to R5.
There is one major disadvantage with route reflection. It can create a single point failure. A single point
of failure is a point that if it fails will cause all information for the devices below it not to reach them. To
overcome this limitations, you can implement multiple reflectors in the same cluster. Implementing
redundant route reflectors for a cluster will eliminate the single point of failure. Both route reflectors
will reflect routes to all of the clients in the cluster, to each other, and to all other IBGP peers.When one
route reflector in a cluster receives a route from another route reflector in the same cluster, it will ignore
the route. This is accomplished by assigning all route reflectors in the same cluster the same cluster ID.
That way, when a route reflector receives a route from a route reflector with the same Cluster ID, it
knows to ignore the route. This aids in avoiding routing loops. If you don’t configure the Cluster ID, the
router reflector’s Router ID will be used.
Configuring Route Reflection for IBGP
Basic Route Reflection:
AS 100
R1

R2 R3 R4
R1 Lo0-1.1.1.1
R2 Lo0-2.2.2.2
R3 Lo0-3.3.3.3
R4 Lo0-4.4.4.4
R1#conf t
R1(config)#router bgp 100
R1(config-router)#no synchronization
R1(config-router)#neighbor 2.2.2.2 remote-as 100
R1(config-router)#neighbor 2.2.2.2 update-source lo0
R1(config-router)#neighbor 3.3.3.3 remote-as 100
R1(config-router)#neighbor 3.3.3.3 update-source lo0
R1(config-router)#neighbor 4.4.4.4 remote-as 100
R1(config-router)#neighbor 4.4.4.4 update-source lo0
R1(config-router)#neighbor 2.2.2.2 route-reflector client
R1(config-router)#neighbor 3.3.3.3 route-reflector client
R1(config-router)#neighbor 4.4.4.4 route-reflector client
R1(config-router)#^Z
R1#
R2#conf t
R2(config)#router bgp 100
R2(config-router)#no synchronization
R2(config-router)#neighbor 1.1.1.1 remote-as 100
R2(config-router)#neighbor 1.1.1.1. update-source lo0
R2(config-router)#^Z
R2#
R3#conf t
R3(config)#router bgp 100
R3(config-router)#no synchronization
R3(config-router)#neighbor 1.1.1.1 remote-as 100
R3(config-router)#neighbor 1.1.1.1. update-source lo0
R3(config-router)#^Z
R3#
R4#conf t
R4(config)#router bgp 100
R4(config-router)#no synchronization
R4(config-router)#neighbor 1.1.1.1 remote-as 100
R4(config-router)#neighbor 1.1.1.1. update-source lo0
R4(config-router)#^Z
It is to be noted that the client’s configuration doesn’t change in basic IBGP route reflection, only the
route reflector’s configuration changes. When configuring multiple route reflectors in a cluster, we will
need to assign each of the route reflectors the Cluster ID for the cluster with the bgp cluster-id cluster
ID command.
Multiple route reflector cluster

R1 Lo0-1.1.1.1 AS 100
R2 Lo0-2.2.2.2
R3 Lo0-3.3.3.3 R1 R2
R4 Lo0-4.4.4.4
R5 Lo0-5.5.5.5

R3 R4 R5
R1#conf t
R1(config)#router bgp 100
R1(config-router)#no synchronization
R1(config-router)#neighbor 2.2.2.2 remote-as 100
R1(config-router)#neighbor 2.2.2.2 update-source lo0
R1(config-router)#neighbor 3.3.3.3 remote-as 100
R1(config-router)#neighbor 3.3.3.3 update-source lo0
R1(config-router)#neighbor 4.4.4.4 remote-as 100
R1(config-router)#neighbor 4.4.4.4 update-source lo0
R1(config-router)#neighbor 5.5.5.5 remote-as 100
R1(config-router)#neighbor 5.5.5.5 update-source lo0
R1(config-router)#bgp cluster-id 1
R1(config-router)#neighbor 3.3.3.3 route-reflector client
R1(config-router)#neighbor 4.4.4.4 route-reflector client
R1(config-router)#neighbor 5.5.5.5 route-reflector client
R1(config-router)#^Z
R1#

R2#conf t
R2(config)#router bgp 100
R2(config-router)#no synchronization
R2(config-router)#neighbor 1.1.1.1 remote-as 100
R2(config-router)#neighbor 1.1.1.1 update-source lo0
R2(config-router)#neighbor 3.3.3.3 remote-as 100
R2(config-router)#neighbor 3.3.3.3 update-source lo0
R2(config-router)#neighbor 4.4.4.4 remote-as 100
R2(config-router)#neighbor 4.4.4.4 update-source lo0
R2(config-router)#neighbor 5.5.5.5 remote-as 100
R2(config-router)#neighbor 5.5.5.5 update-source lo0
R2(config-router)#bgp cluster-id 1
R2(config-router)#neighbor 3.3.3.3 route-reflector client
R2(config-router)#neighbor 4.4.4.4 route-reflector client
R2(config-router)#neighbor 5.5.5.5 route-reflector client
R2(config-router)#^Z
R2#

R3#conf t
R3(config)#router bgp 100
R3(config-router)#no synchronization
R3(config-router)#neighbor 1.1.1.1 remote-as 100
R3(config-router)#neighbor 1.1.1.1 update-source lo0
R3(config-router)#neighbor 2.2.2.2 remote-as 100
R3(config-router)#neighbor 2.2.2.2 update-source lo0
R3(config-router)#^Z
R3#

R4#conf t
R4(config)#router bgp 100
R4(config-router)#no synchronization
R4(config-router)#neighbor 1.1.1.1 remote-as 100
R4(config-router)#neighbor 1.1.1.1 update-source lo0
R4(config-router)#neighbor 2.2.2.2 remote-as 100
R4(config-router)#neighbor 2.2.2.2 update-source lo0
R4(config-router)#^Z
R4#

R5#conf t
R5(config)#router bgp 100
R5(config-router)#no synchronization
R5(config-router)#neighbor 1.1.1.1 remote-as 100
R5(config-router)#neighbor 1.1.1.1 update-source lo0
R5(config-router)#neighbor 2.2.2.2 remote-as 100
R5(config-router)#neighbor 2.2.2.2 update-source lo0
R5(config-router)#^Z
R5#
Confederations:  It allows you to break one AS into multiple mini-autonomous systems. This will allow IBGP
to run only within each mini-AS. The sessions between the mini-ASs will be EBGP sessions. The outside world
will know only about the main AS.
 AS confederation is a collection of ASs that appear to the outside world as one AS
 AS confederation Identifier (ID) is an AS number that represents the confederation as a whole and is advertised
to other AS.
 Member-AS is an AS that is contained within the confederation.
 Member-AS number is an AS number that represents the particular member-AS.
 Mini-AS is also known as the member-AS.
 Private AS is an AS number that should not be advertised to the outside world. The AS number reserved for
private ASs are 64,512 to 65,535.
 Public AS is an AS number that must be assigned. The public AS number range is 1 to 64,511 and is assigned
by ARIN.
 It is important to note that all BGP speakers participating in a mini-AS must be fully meshed for IBGP. That
means the rules are same for IBGP within normal AS and mini-AS. So the same normal routing will be performed
in the mini-AS. So we can use route reflectors within the mini-AS to further reduce the full mesh issue. The
NEXT_HOP, MED and LOCAL_PREF attributes will be retained when crossing mini-AS boundaries.
Confederation:
AS200
AS 65000 AS 65001
R3 R4 R5 R6
IBGP EBGP IBGP

R2 R7

EBGP
R1 R8

NETWORKING

1. What are the two types of transmission technology available?

(i) Broadcast and (ii) point-to-point

2. What is subnet?

A generic term for section of a large networks usually separated by a bridge or router.
3. Difference between the communication and transmission.

Transmission is a physical movement of information and concern issues like bit polarity,
synchronisation, clock etc.

Communication means the meaning full exchange of information between two communication
media.

4. What are the possible ways of data exchange?

(i) Simplex (ii) Half-duplex (iii) Full-duplex.

5. What is SAP?

Series of interface points that allow other computers to communicate with the other layers of
network protocol stack.

6. What do you meant by "triple X" in Networks?

The function of PAD (Packet Assembler Disassembler) is described in a document known as X.3.
The standard protocol has been defined between the terminal and the PAD, called X.28; another
standard protocol exists between hte PAD and the network, called X.29. Together, these three
recommendations are often called "triple X"

7. What is frame relay, in which layer it comes?

Frame relay is a packet switching technology. It will operate in the data link layer.

8.What is terminal emulation, in which layer it comes?

Telnet is also called as terminal emulation. It belongs to application layer.

9. What is Beaconing?

The process that allows a network to self-repair networks problems. The stations on the network
notify the other stations on the ring when they are not receiving the transmissions. Beaconing is
used in Token ring and FDDI networks.

10. What is redirector?

Redirector is software that intercepts file or prints I/O requests and translates them into network
requests. This comes under presentation layer.

11. What is NETBIOS and NETBEUI?

NETBIOS is a programming interface that allows I/O requests to be sent to and received from a
remote computer and it hides the networking hardware from applications.

NETBEUI is NetBIOS extended user interface. A transport protocol designed by microsoft and IBM
for the use on small subnets.

12. What is RAID?

A method for providing fault tolerance by using multiple hard disk drives.
13. What is passive topology?

When the computers on the network simply listen and receive the signal, they are referred to as
passive because they don’t amplify the signal in any way. Example for passive topology - linear
bus.

14. What is Brouter?

Hybrid devices that combine the features of both bridges and routers.

15. What is cladding?

A layer of a glass surrounding the center fiber of glass inside a fiber-optic cable.

16. What is point-to-point protocol

A communications protocol used to connect computers to remote networking services including


Internet service providers.

17. How Gateway is different from Routers?

A gateway operates at the upper levels of the OSI model and translates information between two
completely different network architectures or data formats

18. What is attenuation?

The degeneration of a signal over distance on a network cable is called attenuation.

19. What is MAC address?

The address for a device as it is identified at the Media Access Control (MAC) layer in the network
architecture. MAC address is usually stored in ROM on the network adapter card and is unique.

20. Difference between bit rate and baud rate.

Bit rate is the number of bits transmitted during one second whereas baud rate refers to the
number of signal units per second that are required to represent those bits.

baud rate = bit rate / N

where N is no-of-bits represented by each signal shift.

21. What is Bandwidth?

Every line has an upper limit and a lower limit on the frequency of signals it can carry. This limited
range is called the bandwidth.

22. What are the types of Transmission media?

Signals are usually transmitted over some transmission media that are broadly classified in to two
categories.
23. Guided Media:

These are those that provide a conduit from one device to another that include twisted-pair, coaxial
cable and fiber-optic cable. A signal traveling along any of these media is directed and is contained
by the physical limits of the medium. Twisted-pair and coaxial cable use metallic that accept and
transport signals in the form of electrical current. Optical fiber is a glass or plastic cable that
accepts and transports signals in the form of light.

b) Unguided Media:

This is the wireless media that transport electromagnetic waves without using a physical conductor.
Signals are broadcast either through air. This is done through radio communication, satellite
communication and cellular telephony.

24. What is Project 802?

It is a project started by IEEE to set standards to enable intercommunication between equipment


from a variety of manufacturers. It is a way for specifying functions of the physical layer, the data
link layer and to some extent the network layer to allow for interconnectivity of major LAN
protocols.

It consists of the following:

 802.1 is an internetworking standard for compatibility of different LANs and MANs across
protocols.
 802.2 Logical link control (LLC) is the upper sublayer of the data link layer which is non-
architecture-specific, that is remains the same for all IEEE-defined LANs.
 Media access control (MAC) is the lower sublayer of the data link layer that contains some
distinct modules each carrying proprietary information specific to the LAN product being
used. The modules are Ethernet LAN (802.3), Token ring LAN (802.4), Token bus LAN
(802.5).
 802.6 is distributed queue dual bus (DQDB) designed to be used in MANs.

25. What is Protocol Data Unit?

The data unit in the LLC level is called the protocol data unit (PDU). The PDU contains of four fields
a destination service access point (DSAP), a source service access point (SSAP), a control field and
an information field. DSAP, SSAP are addresses used by the LLC to identify the protocol stacks on
the receiving and sending machines that are generating and using the data. The control field
specifies whether the PDU frame is a information frame (I - frame) or a supervisory frame (S -
frame) or a unnumbered frame (U - frame).

26. What are the different type of networking / internetworking devices?

Repeater:

Also called a regenerator, it is an electronic device that operates only at physical layer. It receives
the signal in the network before it becomes weak, regenerates the original bit pattern and puts the
refreshed copy back in to the link.

Bridges:
These operate both in the physical and data link layers of LANs of same type. They divide a larger
network in to smaller segments. They contain logic that allow them to keep the traffic for each
segment separate and thus are repeaters that relay a frame only the side of the segment
containing the intended recipent and control congestion.

Routers:

They relay packets among multiple interconnected networks (i.e. LANs of different type). They
operate in the physical, data link and network layers. They contain software that enable them to
determine which of the several possible paths is the best for a particular transmission.

Gateways:

They relay packets among networks that have different protocols (e.g. between a LAN and a WAN).
They accept a packet formatted for one protocol and convert it to a packet formatted for another
protocol before forwarding it. They operate in all seven layers of the OSI model.

27. What is ICMP?

ICMP is Internet Control Message Protocol, a network layer protocol of the TCP/IP suite used by
hosts and gateways to send notification of datagram problems back to the sender. It uses the echo
test / reply to test whether a destination is reachable and responding. It also handles both control
and error messages.

28. What are the data units at different layers of the TCP / IP protocol suite?

The data unit created at the application layer is called a message, at the transport layer the data
unit created is called either a segment or an user datagram, at the network layer the data unit
created is called the datagram, at the data link layer the datagram is encapsulated in to a frame
and finally transmitted as signals along the transmission media.

29. What is difference between ARP and RARP?

The address resolution protocol (ARP) is used to associate the 32 bit IP address with the 48 bit
physical address, used by a host or a router to find the physical address of another host on its
network by sending a ARP query packet that includes the IP address of the receiver.

The reverse address resolution protocol (RARP) allows a host to discover its Internet address when
it knows only its physical address.

30. What is the minimum and maximum length of the header in the TCP segment and IP
datagram?

The header should have a minimum length of 20 bytes and can have a maximum length of 60
bytes.

31. What is the range of addresses in the classes of internet addresses?

Class A 0.0.0.0 - 127.255.255.255

Class B 128.0.0.0 - 191.255.255.255

Class C 192.0.0.0 - 223.255.255.255


Class D 224.0.0.0 - 239.255.255.255

Class E 240.0.0.0 - 247.255.255.255

32. What is the difference between TFTP and FTP application layer protocols?

The Trivial File Transfer Protocol (TFTP) allows a local host to obtain files from a remote host but
does not provide reliability or security. It uses the fundamental packet delivery services offered by
UDP.

The File Transfer Protocol (FTP) is the standard mechanism provided by TCP / IP for copying a file
from one host to another. It uses the services offer by TCP and so is reliable and secure. It
establishes two connections (virtual circuits) between the hosts, one for data transfer and another
for control information.

33. What are major types of networks and explain?

 Server-based network
 Peer-to-peer network

Peer-to-peer network, computers can act as both servers sharing resources and as clients using the
resources.

Server-based networks provide centralized control of network resources and rely on server
computers to provide security and network administration

34. What are the important topologies for networks?

 BUS topology:

In this each computer is directly connected to primary network cable in a single line.

Advantages:

Inexpensive, easy to install, simple to understand, easy to extend.

STAR topology:

In this all computers are connected using a central hub.

Advantages:

Can be inexpensive, easy to install and reconfigure and easy to trouble shoot physical problems.

RING topology:

In this all computers are connected in loop.

Advantages:

All computers have equal access to network media, installation can be simple, and signal does not
degrade as much as in other topologies because each computer regenerates it.

35. What is mesh network?


A network in which there are multiple network links between computers to provide multiple paths
for data to travel.

36. What is difference between baseband and broadband transmission?

In a baseband transmission, the entire bandwidth of the cable is consumed by a single signal. In
broadband transmission, signals are sent on multiple frequencies, allowing multiple signals to be
sent simultaneously.

37. Explain 5-4-3 rule?

In a Ethernet network, between any two points on the network ,there can be no more than five
network segments or four repeaters, and of those five segments only three of segments can be
populated.

38. What MAU?

In token Ring , hub is called Multistation Access Unit(MAU).

39. What is the difference between routable and non- routable protocols?

Routable protocols can work with a router and can be used to build large networks. Non-Routable
protocols are designed to work on small, local networks and cannot be used with a router

40. Why should you care about the OSI Reference Model?

It provides a framework for discussing network operations and design.

41. What is logical link control?

One of two sublayers of the data link layer of OSI reference model, as defined by the IEEE 802
standard. This sublayer is responsible for maintaining the link between computers when they are
sending data across the physical network connection.

42. What is virtual channel?

Virtual channel is normally a connection from one source to one destination, although multicast
connections are also permitted. The other name for virtual channel is virtual circuit.

43. What is virtual path?

Along any transmission path from a given source to a given destination, a group of virtual circuits
can be grouped together into what is called path.

44. What is packet filter?

Packet filter is a standard router equipped with some extra functionality. The extra functionality
allows every incoming or outgoing packet to be inspected. Packets meeting some criterion are
forwarded normally. Those that fail the test are dropped.

45. What is traffic shaping?

One of the main causes of congestion is that traffic is often busy. If hosts could be made to
transmit at a uniform rate, congestion would be less common. Another open loop method to help
manage congestion is forcing the packet to be transmitted at a more predictable rate. This is called
traffic shaping.

46. What is multicast routing?

Sending a message to a group is called multicasting, and its routing algorithm is called multicast
routing.

47. What is region?

When hierarchical routing is used, the routers are divided into what we will call regions, with each
router knowing all the details about how to route packets to destinations within its own region, but
knowing nothing about the internal structure of other regions.

48. What is silly window syndrome?

It is a problem that can ruin TCP performance. This problem occurs when data are passed to the
sending TCP entity in large blocks, but an interactive application on the receiving side reads 1 byte
at a time.

49. What are Digrams and Trigrams?

The most common two letter combinations are called as digrams. e.g. th, in, er, re and an. The
most common three letter combinations are called as trigrams. e.g. the, ing, and, and ion.

50. Expand IDEA.

IDEA stands for International Data Encryption Algorithm.

51. What is wide-mouth frog?

Wide-mouth frog is the simplest known key distribution center (KDC) authentication protocol

52. What is Mail Gateway?

It is a system that performs a protocol translation between different electronic mail delivery
protocols.

53. What is IGP (Interior Gateway Protocol)?

It is any routing protocol used within an autonomous system.

54. What is EGP (Exterior Gateway Protocol)?

It is the protocol the routers in neighboring autonomous systems use to identify the set of
networks that can be reached within or via each autonomous system.

55. What is autonomous system?

It is a collection of routers under the control of a single administrative authority and that uses a
common Interior Gateway Protocol.

56. What is BGP (Border Gateway Protocol)?


It is a protocol used to advertise the set of networks that can be reached with in an autonomous
system. BGP enables this information to be shared with the autonomous system. This is newer
than EGP (Exterior Gateway Protocol).

57. What is Gateway-to-Gateway protocol?

It is a protocol formerly used to exchange routing information between Internet core routers.

58. What is NVT (Network Virtual Terminal)?

It is a set of rules defining a very simple virtual terminal interaction. The NVT is used in the start of
a Telnet session.

59. What is a Multi-homed Host?

It is a host that has a multiple network interfaces and that requires multiple IP addresses is called
as a Multi-homed Host.

60. What is Kerberos?

It is an authentication service developed at the Massachusetts Institute of Technology. Kerberos


uses encryption to prevent intruders from discovering passwords and gaining unauthorized access
to files.

61. What is OSPF?

It is an Internet routing protocol that scales well, can route traffic along multiple paths, and uses
knowledge of an Internet's topology to make accurate routing decisions.

62. What is Proxy ARP?

It is using a router to answer ARP requests. This will be done when the originating host believes
that a destination is local, when in fact is lies beyond router.

63. What is SLIP (Serial Line Interface Protocol)?

It is a very simple protocol used for transmission of IP datagrams across a serial line.

64. What is RIP (Routing Information Protocol)?

It is a simple protocol used to exchange information between the routers.

65. What is source route?

It is a sequence of IP addresses identifying the route a datagram must follow. A source route may
optionally be included in an IP datagram header.
Cisco Router Configuration Commands (click here for more Cisco stuff)
Requirement Cisco Command

Set a console password to cisco Router(config)#line con 0


Router(config-line)#login
Router(config-line)#password cisco

Set a telnet password Router(config)#line vty 0 4


Router(config-line)#login
Router(config-line)#password cisco

Stop console timing out Router(config)#line con 0


Router(config-line)#exec-timeout 0 0

Set the enable password to cisco Router(config)#enable password cisco

Set the enable secret password to peter. Router(config)#enable secret peter

This password overrides the enable password and is encypted


within the config file

Enable an interface Router(config-if)#no shutdown

To disable an interface Router(config-if)#shutdown

Set the clock rate for a router with a DCE cable to 64K Router(config-if)clock rate 64000

Set a logical bandwidth assignment of 64K to the serial Router(config-if)bandwidth 64


interface Note that the zeroes are not missing

To add an IP address to a interface Router(config-if)#ip addr 10.1.1.1


255.255.255.0

To enable RIP on all 172.16.x.y interfaces Router(config)#router rip


Router(config-router)#network
172.16.0.0

Disable RIP Router(config)#no router rip

To enable IRGP with a AS of 200, to all interfaces Router(config)#router igrp 200


Router(config-router)#network
172.16.0.0

Disable IGRP Router(config)#no router igrp 200


Static route the remote network is 172.16.1.0, with a mask of Router(config)#ip route 172.16.1.0
255.255.255.0, the next hop is 172.16.2.1, at a cost of 5 hops 255.255.255.0 172.16.2.1 5

Disable CDP for the whole router Router(config)#no cdp run

Enable CDP for he whole router Router(config)#cdp run

Disable CDP on an interface Router(config-if)#no cdp enable

Cisco Router Show Commands


Requirement Cisco Command

View version information show version

View current configuration (DRAM) show running-config

View startup configuration (NVRAM) show startup-config

Show IOS file and flash space show flash

Shows all logs that the router has in its memory show log

View the interface status of interface e0 show interface e0

Overview all interfaces on the router show ip interfaces brief

View type of serial cable on s0 show controllers 0 (note the space between the
's' and the '0')

Display a summary of connected cdp devices show cdp neighbor

Display detailed information on all devices show cdp entry *

Display current routing protocols show ip protocols

Display IP routing table show ip route

Display access lists, this includes the number of show access-lists


displayed matches
Check the router can see the ISDN switch show isdn status

Check a Frame Relay PVC connections show frame-relay pvc

show lmi traffic stats show frame-relay lmi

Display the frame inverse ARP table show frame-relay map

Cisco Router Basic Operations


Requirement Cisco Command

Enable Enter privileged mode

Return to user mode from privileged disable

Exit Router Logout or exit or quit

Recall last command up arrow or <Ctrl-P>

Recall next command down arrow or <Ctrl-N>

Suspend or abort <Shift> and <Ctrl> and 6 then x

Refresh screen output <Ctrl-R>

Compleat Command TAB

Cisco Router Copy Commands


Requirement Cisco Command

Save the current configuration from copy running-config startup-config


DRAM to NVRAM

Merge NVRAM configuration to DRAM copy startup-config running-config

Copy DRAM configuration to a TFTP copy runing-config tftp


server

Merge TFTP configuration with current copy tftp runing-config


router configuration held in DRAM

Backup the IOS onto a TFTP server copy flash tftp

Upgrade the router IOS from a TFTP copy tftp flash


server

Cisco Router Debug Commands


Requirement Cisco Command

Enable debug for RIP debug ip rip

Enable summary IGRP debug information debug ip igrp events

Enable detailed IGRP debug information debug ip igrp transactions

Debug IPX RIP debug ipx routing activity

Debug IPX SAP debug IPX SAP

Enable debug for CHAP or PAP debug ppp authentication

Switch all debugging off no debug all


undebug all

Commands
Commands - General

There are 3 different modes of operation within the Cisco IOS.

1. Disabled mode
2. Enabled mode
3. Configuration mode

In the Disabled mode you can use a limited number of commands. This is used primarily to monitor the router.
The Enabled mode is used to show configuration information, enter the configuration mode, and make changes
to the configuration.

The Configuration mode is used to enter and update the runtime configuration.

To get a list of the commands for the cisco type '?' at the prompt. To get further information about any command,
type the command followed by a '?'.

clear Reset functions


clock Manage the system clock
configure Enter configuration mode
debug Debugging functions (see also 'undebug')
disable Turn off privileged commands
enable Turn on privileged commands
erase Erase flash or configuration memory
exit Exit from the EXEC
help Description of the interactive help system
login Log in as a particular user
logout Exit from the EXEC
no Disable debugging functions
ping Send echo messages
reload Halt and perform a cold restart
setup Run the SETUP command facility
show Show running system information
telnet Open a telnet connection
terminal Set terminal line parameters
test Test subsystems, memory, and interfaces
traceroute Trace route to destination
tunnel Open a tunnel connection
undebug Disable debugging functions (see also 'debug')
verify Verify checksum of a Flash file
write Write running configuration to memory, network, or terminal

show
access-lists List access lists
arp ARP table
buffers Buffer pool statistics
configuration Contents of Non-Volatile memory
controllers Interface controller status
debugging State of each debugging option
dialer Dialer parameters and statistics
extended Extended Interface Information
flash System Flash information
flh-log Flash Load Helper log buffer
history Display the session command history
hosts IP domain-name, lookup style, name servers, and host table
interfaces Interface status and configuration
ip IP information
isdn ISDN information
line TTY line information
logging Show the contents of logging buffers
memory Memory statistics
privilege Show current privilege level
processes Active process statistics
protocols Active network routing protocols
queue Show queue contents
queueing Show queueing configuration
reload Scheduled reload information
route-map route-map information
running-config Current operating configuration
sessions Information about Telnet connections
smf Software MAC filter
stacks Process stack utilization
startup-config Contents of startup configuration
subsys Show subsystem information
tcp Status of TCP connections
terminal Display terminal configuration parameters
users Display information about terminal lines
version System hardware and software status
Other Useful Commands

View the Software Version


View the Ethernet IP
View the Serial IP
View the Default Route
View the Filters
View the Bandwidth
Add a Static Route
Change the Dial Number
Turn Filters On and Off
Ping from the Router
Traceroute from the Router

View the Software Version


Cisco>en
Cisco#wr term <--- Shows the running configuration
Building configuration...
Current configuration:
!
version 11.2
no service udp-small-servers
no service tcp-small-servers
!
hostname Cisco
!
interface Ethernet0
ip address 192.168.1.1 255.255.255.0
!
interface Serial0
ip address 192.168.6.1 255.255.255.0
encapsulation frame-relay
frame-relay lmi-type ansi
!
interface Serial1
ip address 192.168.4.2 255.255.255.0
encapsulation frame-relay
bandwidth 1536
keepalive 5
frame-relay map ip 192.168.4.1 101 IETF
!
router rip
version 2
network 192.168.4.0
network 192.168.6.0
neighbor 192.168.6.2
neighbor 192.168.4.1
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.6.2
ip route 0.0.0.0 0.0.0.0 192.168.4.1
!
line con 0
line aux 0
line vty 0 4
login
!
end
View the Ethernet IP
From the enable command prompt:
Router#wr term
This will show the running configuration.
Within the configuration, you will see an interface ethernet 0 section:
interface Ethernet0
ip address 38.150.93.1 255.255.255.0
no ip directed-broadcast
View the Serial IP
From the enable command prompt:
Router#wr term
Within the configuration, you will see an interface serial 0 section:
interface Serial0
ip address 38.21.10.100 255.255.255.0
ip broadcast-address 38.21.10.255
ip access-group 106 in
encapsulation frame-relay
bandwidth 56
no fair-queue
frame-relay map ip 38.21.10.1 500 IETF
View the Default Route
From the enable command prompt:
Router#wr term
Within the configuration, you will see an ip route section.
In the ip route section, look for a route:
ip route 0.0.0.0 0.0.0.0 38.167.29.1
The last ip address is the POP ip.
View the Filters
From the enable command prompt:
Router#wr term
Under interface serial 0, look for:
ip access-group 104 in
ip access-group 105 out
This means that access-group 104 is the inbound filter set and
access-group 105 is the outbound filter set.
Then, continue to look in the configuration for the access-list statements:

(Example access-list statements)


access-list 104 deny ip 38.166.101.0 0.0.0.255 any
access-list 104 permit tcp any any established
access-list 104 permit tcp any eq ftp-data any gt 1023
access-list 104 permit udp any eq domain any gt 1023
access-list 104 permit udp any eq domain any eq domain
access-list 104 permit icmp any any
access-list 104 permit udp any eq snmp any gt 1023
access-list 105 deny ip any 38.166.101.0 0.0.0.255
access-list 105 permit tcp any any established
access-list 105 permit tcp any any eq ftp
access-list 105 deny udp any eq netbios-ns any
access-list 105 deny udp any eq netbios-dgm any
access-list 105 permit ip any any
View the Bandwidth
From the enable command prompt:
Router#wr term
Within the config, you will see an interface serial 0 section:
interface Serial0
ip address 38.21.10.100 255.255.255.0
ip broadcast-address 38.21.10.255
ip access-group 106 in
encapsulation frame-relay
bandwidth 56
no fair-queue
frame-relay map ip 38.21.10.1 500 IETF
Add a Static Route
From the enable command prompt:
Cisco#config t
Enter configuration commands, one per line. End with CNTL/Z.
Cisco(config)#ip route DEST.DEST.DEST.DEST MASK.MASK.MASK.MASK GATE.GATE.GATE.GATE
where: DEST.DEST.DEST.DEST = The destination network the static route is for
MASK.MASK.MASK.MASK = The subnet mask of the destination network
GATE.GATE.GATE.GATE = The gateway of the static route
Example route statement:
ip route 38.222.75.0 255.255.255.0 38.20.5.1
Cisco(config)#^Z (hit <control> z)
Write the entry to memory:
Cisco#wr mem
Building configuration...
[OK]
Change the Dial Number
At the prompt:
Type en to put the router in enable mode:
test.com>en
The password should be the same as the one used to telnet in.
Password:
To view the router's configuration, type:
test.com#show config
There will be a line in the configuration that says:
dialer map IP 38.1.1.1 speed 64 name LD3330 2707000
The 2707000 is the dial number.
NOTE: Record what interface the dialer map IP line is under
because you will need to use that interface when changing the number.

Type config t to configure from terminal.


test.com#config t
Enter configuration commands, one per line. End with CNTL/Z.
Enter the interface that the dialer map IP line is under:
test.com(config)#interface BRI0
Add in the new dialer map IP line with the new phone number:
test.com(config)#dialer map IP 38.1.1.1 speed 64 name LD3330 [new number]
Now, remove the old dialer map IP line.
To remove a line, type no and then the line.
For example, to remove the old dialer map IP, type:
test.com(config)#no dialer map IP 38.1.1.1 speed 64 name LD3330 2707020
Now leave config mode:
test.com(config)# [control] z
Save changes:
test.com# write mem
Building configuration...
[OK]
Verify the new number is in the config:
test.com#show config
The new number should be in the dialer map IP line.
Turn Filters On and Off
From the enable command prompt:
To turn the filters off:
Router#configure terminal
Router(config)#interface Serial0
Router(config-if)#no ip access-group 104 in
Router(config-if)#no ip access-group 105 out
Router(config-if)# Hit CTRL-Z
Router#wr mem
Building configuration...
[OK]
Router#

To turn the filters on:

Router#configure terminal
Router(config)#interface Serial0
Router(config-if)#ip access-group 104 in
Router(config-if)#ip access-group 105 out
Router(config-if)# Hit CTRL-Z
Router#wr mem
Building configuration...
[OK]
Router#
Ping from the Router
From the enable command prompt, type:
Cisco#ping <hostname>
Example:
Cisco#ping 38.8.14

1. What this document covers

There are several methods available for configuring Cisco routers. It can be done over the network from
a TFTP server. It can be done through the menu interface provided at bootup, and it can be done from
the menu interface provided by using the command setup. This tutorial does not cover these methods. It
covers configuration from the IOS command-line interface only. Useful for anyone new to Cisco routers,
and those studying for CCNA.

Note that this tutorial does not cover physically connecting the router to the networks it will be routing
for. It covers operating system configuration only.

1.1 Reasons for using the command-line

The main reason for using the command-line interface instead of a menu driven interface is speed. Once
you have invested the time to learn the command-line commands, you can perform many operations
much more quickly than by using a menu. This is basically true of all command-line vs. menu interfaces.
What makes it especially efficient to learn the command-line interface of the Cisco IOS is that it is
standard across all Cisco routers. Also, some questions on the CCNA exam require you to know
command-line commands.

2. Getting started with Cisco

Initially you will probably configure your router from a terminal. If the router is already configured and
at least one port is configured with an IP address, and it has a physical connection to the network, you
might be able to telnet to the router and configure it across the network. If it is not already configured,
then you will have to directly connect to it with a terminal and a serial cable. With any Windows box
you can use Hyperterminal to easily connect to the router. Plug a serial cable into a serial (COM) port on
the PC and the other end into the console port on the Cisco router. Start Hyperterminal, tell it which
COM port to use and click OK. Set the speed of the connection to 9600 baud and click OK. If the router is
not on, turn it on.

If you wish to configure the router from a Linux box, either Seyon or Minicom should work. At least
one of them, and maybe both, will come with your Linux distribution.

Often you will need to hit the Enter key to see the prompt from the router. If it is unconfigured it will
look like this:

Router>

If it has been previously configured with a hostname, it will look like this:

hostname of router>

If you have just turned on the router, after it boots it will ask you if you wish to begin initial
configuration. Say no. If you say yes, it will put you in the menu interface. Say no.
2.1 Modes

The Cisco IOS command-line interface is organized around the idea of modes. You move in and out of
several different modes while configuring a router, and which mode you are in determines what
commands you can use. Each mode has a set of commands available in that mode, and some of these
commands are only available in that mode. In any mode, typing a question mark will display a list of the
commands available in that mode.

Router>?
2.2 Unprivileged and privileged modes

When you first connect to the router and provide the password (if necessary), you enter EXEC mode, the
first mode in which you can issue commands from the command-line. From here you can use such
unprivileged commands as ping, telnet, and rlogin. You can also use some of the show
commands to obtain information about the system. In unprivileged mode you use commands like, show
version to display the version of the IOS the router is running. Typing show ? will diplay all the show
commands available in the mode you are presently in.

Router>show ?

You must enter privileged mode to configure the router. You do this by using the command enable.
Privileged mode will usually be password protected unless the router is unconfigured. You have the
option of not password protecting privileged mode, but it is HIGHLY recommended that you do. When
you issue the command enable and provide the password, you will enter privileged mode.

To help the user keep track of what mode they are in, the command-line prompt changes each time you
enter a different mode. When you switch from unprivileged mode to privileged mode, the prompt
changes from:

Router>

to

Router#

This would probably not be a big deal if there were just two modes. There are, in fact, numerous modes,
and this feature is probably indispensable. Pay close attention to the prompt at all times.

Within privileged mode there are many sub-modes. In this document I do not closely follow Cisco
terminology for this hierarchy of modes. I think that my explanation is clearer, frankly. Cisco describes
two modes, unprivileged and privileged, and then a hierarchy of commands used in privileged mode. I
reason that it is much clearer to understand if you just consider there to be many sub-modes of
privileged mode, which I will also call parent mode. Once you enter privileged mode (parent mode) the
prompt ends with a pound sign (#). There are numerous modes you can enter only after entering
privileged mode. Each of these modes has a prompt of the form:

Router(arguments)#

They still all end with the pound sign. They are subsumed within privileged mode. Many of these modes
have sub-modes of their own. Once you enter priliged mode, you have access to all the configuration
information and options the IOS provides, either directly from the parent mode, or from one of its
submodes.

3. Configuring your Cisco Router

If you have just turned on the router, it will be completely unconfigured. If it is already configured, you
may want to view its current configuration. Even if it has not been previously configured, you should
familiarize yourself with the show commands before beginning to configure the router. Enter privileged
mode by issuing the command enable, then issue several show commands to see what they display.
Remember, the command show ? will display all the showcommands aavailable in the current mode.
Definately try out the following commands:

Router#show interfaces
Router#show ip protocols
Router#show ip route
Router#show ip arp

When you enter privileged mode by using the command enable, you are in the top-level mode of
privileged mode, also known in this document as "parent mode." It is in this top-level or parent mode
that you can display most of the information about the router. As you now know, you do this with the
show commands. Here you can learn the configuration of interfaces and whether they are up or down.
You can display what IP protocols are in use, such as dynamic routing protocols. You can view the route
and ARP tables, and these are just a few of the more important options.

As you configure the router, you will enter various sub-modes to set options, then return to the parent
mode to display the results of your commands. You also return to the parent mode to enter other sub-
modes. To return to the parent mode, you hit ctrl-z. This puts any commands you have just issued into
affect, and returns you to parent mode.

3.1 Global configuration (config)

To configure any feature of the router, you must enter configuration mode. This is the first sub-mode of
the parent mode. In the parent mode, you issue the command config.

Router#config
Router(config)#

As demonstrated above, the prompt changes to indicate the mode that you are now in.

In connfiguration mode you can set options that apply system-wide, also refered to as "global
configurations." For instance, it is a good idea to name your router so that you can easily identify it. You
do this in configuration mode with the hostname command.

Router(config)#hostname ExampleName
ExampleName(config)#

As demonstrated above, when you set the name of the host with the hostname command, the prompt
immediately changes by replacing Router with ExampleName. (Note: It is a good idea to name your
routers with an organized naming scheme.)
Another useful command issued from config mode is the command to designate the DNS server to be
used by the router:

ExampleName(config)#ip name-server aa.bb.cc.dd


ExampleName(config)#ctrl-Z
ExampleName#

This is also where you set the password for privileged mode.

ExampleName(config)#enable secret examplepassword


ExampleName(config)#ctrl-Z
ExampleName#

Until you hit ctrl-Z (or type exit until you reach parent mode) your command has not been put into
affect. You can enter config mode, issue several different commands, then hit ctrl-Z to activate them
all. Each time you hit ctrl-Z you return to parent mode and the prompt:

ExampleName#

Here you use show commands to verify the results of the commands you issued in config mode. To
verify the results of the ip name-server command, issue the command show host.

3.2 Configuring Cisco router interfaces

Cisco interface naming is straightforward. Individual interfaces are referred to by this convention:

media type slot#/port#

"Media type" refers to the type of media that the port is an interface for, such as Ethernet, Token Ring,
FDDI, serial, etc. Slot numbers are only applicable for routers that provide slots into which you can
install modules. These modules contain several ports for a given media. The 7200 series is an example.
These modules are even hot-swapable. You can remove a module from a slot and replace it with a
different module, without interrupting service provided by the other modules installed in the router.
These slots are numbered on the router.

Port number refers to the port in reference to the other ports in that module. Numbering is left-to-right,
and all numbering starts at 0, not at one.

For example, a Cisco 7206 is a 7200 series router with six slots. To refer to an interface that is the third
port of an Ethernet module installed in the sixth slot, it would be interface ethernet 6/2. Therefor, to
display the configuration of that interface you use the command:

ExampleName#show interface ethernet 6/2

If your router does not have slots, like a 1600, then the interface name consists only of:

media type port#

For example:

ExampleName#show interface serial 0


Here is an example of configuring a serial port with an IP address:

ExampleName#config
ExampleName(config)#interface serial 1/1
ExampleName(config-if)#ip address 192.168.155.2 255.255.255.0
ExampleName(config-if)#no shutdown
ExampleName(config-if)#ctrl-Z
ExampleName#

Then to verify configuration:

ExampleName#show interface serial 1/1

Note the no shutdown command. An interface may be correctly configured and physically connected,
yet be "administratively down." In this state it will not function. The command for causing an interface
to be administratively down is shutdown.

ExampleName(config)#interface serial 1/1


ExampleName(config-if)#shutdown
ExampleName(config-if)#ctrl-Z
ExampleName#show interface serial 1/1

In the Cisco IOS, the way to reverse or delete the results of any command is to simply put no infront of
it. For instance, if we wanted to unassign the IP address we had assigned to interface serial 1/1:

ExampleName(config)#interface serail 1/1


ExampleName(config-if)#no ip address 192.168.155.2 255.255.255.0
ExampleName(config-if)ctrl-Z
ExampleName#show interface serial 1/1

Configuring most interfaces for LAN connections might consist only of assigning a network layer
address and making sure the interface is not administratively shutdown. It is usually not necessary to
stipulate data-link layer encapsulation. Note that it is often necessary to stipulate the appropriate data-
link layer encapsulation for WAN connections, such as frame-relay and ATM. Serial interfaces default to
using HDLC. A discussion of data-link protocols is outside the scope of this document. You will need to
look up the IOS command encapsulation for more details.

3.3 Configuring Cisco Routing

IP routing is automatically enabled on Cisco routers. If it has been previously disabled on your router,
you turn it back on in config mode with the command ip routing.

ExampleName(config)#ip routing
ExampleName(config)#ctrl-Z

There are two main ways a router knows where to send packets. The administrator can assign static
routes, or the router can learn routes by employing a dynamic routing protocol.

These days static routes are generally used in very simple networks or in particular cases that necessitate
their use. To create a static route, the administrator tells the router operating system that any network
traffic destined for a specified network layer address should be forwarded to a similiarly specified
network layer address. In the Cisco IOS this is done with the ip route command.
ExampleName#config
ExampleName(config)#ip route 172.16.0.0 255.255.255.0 192.168.150.1
ExampleName(config)#ctrl-Z
ExampleName#show ip route

Two things to be said about this example. First, the packet destination address must include the subnet
mask for that destination network. Second, the address it is to be forwarded to is the specified addres of
the next router along the path to the destination. This is the most common way of setting up a static
route, and the only one this document covers. Be aware, however, that there are other methods.

Dynamic routing protocols, running on connected routers, enable those routers to share routing
information. This enables routers to learn the routes available to them. The advantage of this method is
that routers are able to adjust to changes in network topologies. If a route is physically removed, or a
neighbor router goes down, the routing protocol searches for a new route. Routing protocols can even
dynamically choose between possible routes based on variables such as network congestion or network
reliability.

There are many different routing protocols, and they all use different variables, known as "metrics," to
decide upon appropriate routes. Unfortunately, a router needs to be running the same routing protocols
as its neighbors. Many routers can, however, run mutliple protocols. Also, many protocols are designed
to be able to pass routing information to other routing protocols. This is called "redistribution." The
author has no experience with trying to make redistribution work. There is an IOS redistribute
command you can research if you think this is something you need. This document's compagnion case
study describes an alternative method to deal with different routing protocols in some circumstances.

Routing protocols are a complex topic and this document contains only this superficial description of
them. There is much to learn about them, and there are many sources of information about them
available. An excellent source of information on this topic is Cisco's website, http://www.cisco.com.

This document describes how to configure the Routing Information Protocol (RIP) on Cisco routers.
From the command-line, we must explicitly tell the router which protocol to use, and what networks the
protocol will route for.

ExampleName#config
ExampleName(config)#router rip
ExampleName(config-router)#network aa.bb.cc.dd
ExampleName(config-router)#network ee.ff.gg.hh
ExampleName(config-router)#ctrl-Z
ExampleName#show ip protocols

Now when you issue the show ip protocols command, you should see an entry describing RIP
configuration.

3.4 Saving your Cisco Router configuration

Once you have configured routing on the router, and you have configured individual interfaces, your
router should be capable of routing traffic. Give it a few moments to talk to its neighbors, then issue the
commands show ip route and show ip arp. There should now be entries in these tables learned from
the routing protocol.
If you turned the router off right now, and turned it on again, you would have to start configuration over
again. Your running configuration is not saved to any perminent storage media. You can see this
configuration with the command show running-config.

ExampleName#show running-config

You do want to save your successful running configuration. Issue the command copy running-config
startup-config.

ExampleName#copy running-config startup-config

Your configuration is now saved to non-volatile RAM (NVRAM). Issue the command show startup-
config.

ExampleName#show startup-config

Now any time you need to return your router to that configuration, issue the command copy startup-
config running-config.

ExampleName#copy startup-config running-config


3.5 Example Cisco Router configuration
1. Router>enable
2. Router#config
3. Router(config)#hostname N115-7206
4. N115-7206(config)#interface serial 1/1
5. N115-7206(config-if)ip address 192.168.155.2 255.255.255.0
6. N115-7206(config-if)no shutdown
7. N115-7206(config-if)ctrl-z
8. N115-7206#show interface serial 1/1
9. N115-7206#config
10. N115-7206(config)#interface ethernet 2/3
11. N115-7206(config-if)#ip address 192.168.150.90 255.255.255.0
12. N115-7206(config-if)#no shutdown
13. N115-7206(config-if)#ctrl-z
14. N115-7206#show interface ethernet 2/3
15. N115-7206#config
16. N115-7206(config)#router rip
17. N115-7206(config-router)#network 192.168.155.0
18. N115-7206(config-router)#network 192.168.150.0
19. N115-7206(config-router)#ctrl-z
20. N115-7206#show ip protocols
21. N115-7206#ping 192.168.150.1
22. N115-7206#config
23. N115-7206(config)#ip name-server 172.16.0.10
24. N115-7206(config)#ctrl-z
25. N115-7206#ping archie.au
26. N115-7206#config
27. N115-7206(config)#enable secret password
28. N115-7206(config)#ctrl-z
29. N115-7206#copy running-config startup-config
30. N115-7206#exit
4. Troubleshooting your Cisco router

Inevitably, there will be problems. Usually, it will come in the form of a user notifying you that they can
not reach a certain destination, or any destinattion at all. You will need to be able to check how the
router is attempting to route traffic, and you must be able to track down the point of failure.

You are already familiar with the show commands, both specific commands and how to learn what other
show commands are available. Some of the most basic, most useful commands you will use for
troubleshooting are:

ExampleName#show interfaces
ExampleName#show ip protocols
ExampleName#show ip route
ExampleName#show ip arp
4.1 Testing connectivity

It is very possible that the point of failure is not in your router configuration, or at your router at all. If
you examine your router's configuration and operation and everything looks good, the problem might be
be farther up the line. In fact, it may be the line itself, or it could be another router, which may or may
not be under your administration.
One extremely useful and simple diagnostic tool is the ping command. Ping is an implementation of the
IP Message Control Protocol (ICMP). Ping sends an ICMP echo request to a destination IP address. If
the destination machine receives the request, it responds with an ICMP echo response. This is a very
simple exchange that consists of:
Hello, are you alive?
Yes, I am.

ExampleName#ping xx.xx.xx.xx

If the ping test is successful, you know that the destination you are having difficulty reaching is alive
and physically reachable.
If there are routers between your router and the destination you are having difficulty reaching, the
problem might be at one of the other routers. Even if you ping a router and it responds, it might have
other interfaces that are down, its routing table may be corrupted, or any number of other problems may
exist.
To see where packets that leave your router for a particular destination go, and how far, use the trace
command.

ExampleName#trace xx.xx.xx.xx

It may take a few minutes for this utility to finish, so give it some time. It will display a list of all the
hops it makes on the way to the destination.

4.2 debug commands

There are several debug commands provided by the IOS. These commands are not covered here. Refer
to the Cisco website for more information.
4.3 Hardware and physical connections

Do not overlook the possibility that the point of failure is a hardware or physical connection failure. Any
number of things can go wrong, from board failures to cut cables to power failures. This document will
not describew troubleshooting these problems, except for these simple things.
Check to see that the router is turned on. Also make sure that no cables are loose or damaged. Finally,
make sure cables are plugged into the correct ports. Beyond this simple advice you will need to check
other sources.

4.4 Out of your control

If the point of failure is farther up the line, the prolem might lie with equipment not under your
administration. Your only option might be to contact the equipment's administrator, notify them of your
problem, and ask them for help. It is in your interest to be courtious and respectful. The other
administrator has their own problems, their own workload and their own priorities. Their agenda might
even directly conflict with yours, such as their intention to change dynamic routing protocols, etc. You
must work with them, even if the situation is frustrating. Alienating someone with the power to block
important routes to your network is not a good idea.