As a CCNA / CCNP candidate you are expected to understand IPv6
During your career as a Cisco network engineer you will have to deal understanding IPv6 address structure.
For your CCNA and CCNP studies you have to at some point confront and understand IPv6. At first glance it can see quite daunting compared to IPv4 that we are all used to, in actual fact IPv6 is quite a simply addressing protocol once you get past the initial shock. In this article we are going to have a look at Neighbour discovery protocol for layer 2 mapping.
When an IPv6 host or router needs to send a packet to some other host on the same network it will first of all look into it’s own local neighbour database to find if it has an IPv6 to MAC mapping, if it finds the right mapping the host will use it, if there is no mapping the host will need to resolve the known layer 3 IPv6 address to a currently unknown Layer 2 MAC address and to do this the host uses the Neighbor Discovery Protocol or NDP to discover the MAC address dynamically.
The Sending host will use a multicast message called a Neighbor Solicitation (NS) icmp message to ask the receiving host for it’s MAC address, the receiving host will reply with a Neighbor Advertisement (NA) icmp message unicast in return with the requested MAC address.
How IPv6 achieves this is all in the construction of the Neighbor Solicitation message which makes use of a special IPv6 destination address called a “Solicited Node Multicast”, this solicited Node Multicast at any given moment represented all of the IPv6 hosts on the link, the last 24 bits of the Solicited Node Address are the last 24 bits of the IPv6 address of the device that a host is requesting the MAC from.
The IPv6 multicast destination address is FF02::1:FF:0/104 the final 24 bits are made up of the last 24 bits of the IPv6 address to which the message is being sent to. For example if a host wanted to discover the MAC address of an IPv6 host addressed as 2222:3333:4444:5555:6666:AAAA:BBBB:CCCC:DDDD/64 then the solicited Node Address will look like the following FF02::1:FF:CC:DDDD/104
When a sending hosts wants to get the MAC address from the IPv6 host of 2222:3333:4444:5555:6666:AAAA:BBBB:CCCC:DDDD/64 it will take the last 24 bits of the known IPv6 address and place them into the remaining 24 bits of the Solicited Node Address and since all IPv6 hosts listen to their own Solicited Node addresses, when they hear their address they will reply with the MAC address.
.
Joe Spoto is a senior lecturer at Commsupport networks
CCNA
in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNA
Tuesday, 5 October 2010
CCNA – CCNP Training – BGP Weights
As a CCNA / CCNP candidate you are expected to understand the BGP Weight component in BGP path selection.
During your career as a Cisco network engineer may come across BGP and will be required to configure certain aspects of it operation.
BGP is a very tuneable protocol which lets you engineer the paths which BGP chooses to reach prefixes it learned from any peers.
One of the settings within BGP on a cisco router which we can use to tune the path chosen by BGP is called “Weight”
A Cisco router can look at the weight given to a route and determine if to take that route. When a Cisco router receives a BGP update it will set the weight either on a single prefix or on all the routes learnt via a particular neighbour.
The weight feature is a Cisco only feature which is therefore not found on any other BGP implementation on any other routers. Weight is never advertised to a neighboring router so it cannot be learnt from another router Cisco or otherwise. To use the weight feature it has to be set to look at all incoming routes from a neighbour, since this feature is a proprietary one and not supported on any other it is not known to be a path attribute. In any event the BGP update packets have no field in which they could communicate the weight value even if they wished to do so.
The weight value is set on an inbound route and has a range of between 0 and 65,535 (2 to the 16 power minus 1), Higher weight values are preferred over lower values, and the default setting is always zero for learned routes and 32,768 for locally injected routes, it is by the way at the time of writing not possible to change the default of 0.
Imagine two routers, one router has a peering arrangement with a neighbour known as 3.3.3.3, we are going to match all routes advertised to our router from 3.3.3.3 matching 10.10.10.0/24 prefix and apply a weight of 1000
Below we create an access list which is to be referenced in a route map in the next step to match the prefix we want to alter the weigh of.
Router #conf t
Router (config)#access-list 1 permit 10.10.10.0 0.0.0.255
The route map below matches the previously configured access list and sets the weigh to 1000, we must also configure an empty route map statement or other routes will not be seen from the Router, the route map will be named TO-R1
Router (config)#route-map TO-R1 permit 10
Router (config-route-map)#match address 1
Router (config-route-map)#set weight 1000
Router (config)#route-map TO-R1 permit 20
Router (config-route-map)#exit
Now we have to assign the route map under the BGP process in an “in” direction since the10.10.10.0/24 prefix is being advertised in an inbound direction to the router , now this device will give the route to the 10.10.10.0/24 network higher preference via the 3.3.3.3 peer.
Router (config)#router bgp 400
Router (config-router)#neighbor 3.3.3.3 route-map TO-R1 in
R4(config-router)#end
Joe Spoto is a senior lecturer at Commsupport networks
CCNA
in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNA
During your career as a Cisco network engineer may come across BGP and will be required to configure certain aspects of it operation.
BGP is a very tuneable protocol which lets you engineer the paths which BGP chooses to reach prefixes it learned from any peers.
One of the settings within BGP on a cisco router which we can use to tune the path chosen by BGP is called “Weight”
A Cisco router can look at the weight given to a route and determine if to take that route. When a Cisco router receives a BGP update it will set the weight either on a single prefix or on all the routes learnt via a particular neighbour.
The weight feature is a Cisco only feature which is therefore not found on any other BGP implementation on any other routers. Weight is never advertised to a neighboring router so it cannot be learnt from another router Cisco or otherwise. To use the weight feature it has to be set to look at all incoming routes from a neighbour, since this feature is a proprietary one and not supported on any other it is not known to be a path attribute. In any event the BGP update packets have no field in which they could communicate the weight value even if they wished to do so.
The weight value is set on an inbound route and has a range of between 0 and 65,535 (2 to the 16 power minus 1), Higher weight values are preferred over lower values, and the default setting is always zero for learned routes and 32,768 for locally injected routes, it is by the way at the time of writing not possible to change the default of 0.
Imagine two routers, one router has a peering arrangement with a neighbour known as 3.3.3.3, we are going to match all routes advertised to our router from 3.3.3.3 matching 10.10.10.0/24 prefix and apply a weight of 1000
Below we create an access list which is to be referenced in a route map in the next step to match the prefix we want to alter the weigh of.
Router #conf t
Router (config)#access-list 1 permit 10.10.10.0 0.0.0.255
The route map below matches the previously configured access list and sets the weigh to 1000, we must also configure an empty route map statement or other routes will not be seen from the Router, the route map will be named TO-R1
Router (config)#route-map TO-R1 permit 10
Router (config-route-map)#match address 1
Router (config-route-map)#set weight 1000
Router (config)#route-map TO-R1 permit 20
Router (config-route-map)#exit
Now we have to assign the route map under the BGP process in an “in” direction since the10.10.10.0/24 prefix is being advertised in an inbound direction to the router , now this device will give the route to the 10.10.10.0/24 network higher preference via the 3.3.3.3 peer.
Router (config)#router bgp 400
Router (config-router)#neighbor 3.3.3.3 route-map TO-R1 in
R4(config-router)#end
Joe Spoto is a senior lecturer at Commsupport networks
CCNA
in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNA
Friday, 2 July 2010
CCNA Training Commsupport – OSPF LSA types Part 1
As a CCNA / CCNP candidate you are expected to understand how to set and interpret the different types of OSPF LSA’s.
During your career as a Cisco network engineer you will have to deal with setting and manipulating the many different types of OSPF LSA types.
Within an OSPF Area every router must maintain the same link state data base. The link state data base is constructed by the routers by the LSA (Link State Advertisements) it receives from other routers in the area.
From the Link State Data Base (LSDB) the router will run the shortest path first algorithm to calculate the best path based on cost to any network.
OSPF LSA types can be confusing but they all play a vital role within their particular scope of operation . For example some LSA types remain within an area, or advertise routes between areas and advertise routes from outside of OSPF completely.
For the CCNA exam your are expected to know of LSA type 1 and 2
LSA Type 1: Router LSA
Each and every router operating OSPF will generate it’s own Type 1 LSA to present itself. It will create an individual Type 1 LSA for each area it connects to.
The Type 1 LSA will contain the Router ID along with a list of all the interface IP addresses on the router that are within the area that the LSA is advertising into, example if a router is a member of two Areas 0 and 1 the LSA advertised into area 1 will contain a list of all interface IP addresses that are also members of area 1 but none which are members of Area 0. This type of LSA will flood within the same area, the neighbors receiving the Type 1 LSA will forward it to their neighbors until all routers in the area have a copy the advertisement.
Info which is listed inside the LSA
1. Lists the routers interface ip address/mask and interface cost (If no DR has been elected)
2. List the neighbors RID if there is no DR
3. Lists the IP address of the DR and a notation that the link attaches to a transit network.
4. The advertising router’s RID
LSA type 1 never traverse Area border routers. ABR’s create multiple LSA type 1’s, one per area.
During your career as a Cisco network engineer you will have to deal with setting and manipulating the many different types of OSPF LSA types.
Within an OSPF Area every router must maintain the same link state data base. The link state data base is constructed by the routers by the LSA (Link State Advertisements) it receives from other routers in the area.
From the Link State Data Base (LSDB) the router will run the shortest path first algorithm to calculate the best path based on cost to any network.
OSPF LSA types can be confusing but they all play a vital role within their particular scope of operation . For example some LSA types remain within an area, or advertise routes between areas and advertise routes from outside of OSPF completely.
For the CCNA exam your are expected to know of LSA type 1 and 2
LSA Type 1: Router LSA
Each and every router operating OSPF will generate it’s own Type 1 LSA to present itself. It will create an individual Type 1 LSA for each area it connects to.
The Type 1 LSA will contain the Router ID along with a list of all the interface IP addresses on the router that are within the area that the LSA is advertising into, example if a router is a member of two Areas 0 and 1 the LSA advertised into area 1 will contain a list of all interface IP addresses that are also members of area 1 but none which are members of Area 0. This type of LSA will flood within the same area, the neighbors receiving the Type 1 LSA will forward it to their neighbors until all routers in the area have a copy the advertisement.
Info which is listed inside the LSA
1. Lists the routers interface ip address/mask and interface cost (If no DR has been elected)
2. List the neighbors RID if there is no DR
3. Lists the IP address of the DR and a notation that the link attaches to a transit network.
4. The advertising router’s RID
LSA type 1 never traverse Area border routers. ABR’s create multiple LSA type 1’s, one per area.
Thursday, 24 June 2010
Once again Joe at Commsupport has shown the industry that anything is possible by launching the worlds first free CCNA live on-line CCNA course.
The course is run online using the latest in web based conferencing services, the students will be able to speak to the instructor asking and answering questions. The CCNA course will cover all the CCNA training that a CCNA candidate requires to become a comfortable with the CCNA course syllabus.
To register for the free on-line CCNA course. Only 30 students on each on-line course, so hurry
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at
Commsupport please visit us at CCNA
Commsupport run free one day training sessions and free on-line
webinars, CCNA
The course is run online using the latest in web based conferencing services, the students will be able to speak to the instructor asking and answering questions. The CCNA course will cover all the CCNA training that a CCNA candidate requires to become a comfortable with the CCNA course syllabus.
To register for the free on-line CCNA course. Only 30 students on each on-line course, so hurry
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at
Commsupport please visit us at CCNA
Commsupport run free one day training sessions and free on-line
webinars, CCNA
Wednesday, 16 June 2010
CCNA Training – OSPF Costs
CCNA Training – OSPF Costs
As a CCNA / CCNP candidate you are expected to understand how to set and interpret the OSPF cost function on your Cisco devices
During your career as a Cisco network engineer you will have to deal with setting and manipulating the OSPF costs on an interface.
OSPF uses a metric called “Cost” to calculate the metric of path. The cost is a cumulative value which is an incremental metric.
The cost is as a default based on the bandwidth of the interface. The Higher the interface bandwidth the lower the cost that is associated to that interface, to see the cost that is assigned to any given interface which is participating in OSPF issue the following command:
Router# show ip ospf interface
The output of this command will show the current cost given to this interface. The costs of the interface is calculated by taking the bandwidth of the interface and dividing this number by a value known as the “auto-cost reference-bandwidth”.
This auto-cost reference-bandwidth is an integer used to calculate a standard metric across OSPF and is set to 100,000,000. The cost is calculated as follows:
100,000,000/BW
If the interface bandwidth is 10Mbps, then the resulting cost would be 10:
100,000,000/10,000,000 = 10
If the interface bandwidth is 100Mbps, then the resulting cost would be 1:
100,000,000/100,000,000 = 1
The next example reveals some deficiencies with the auto-cost reference-bandwidth set at 100,000,000. If we had a 1Gbp interface it’s cost will be calculated by OSPF to be the exact same number as that for the 100Mbps interface.
100,000,000/1000,000,000 = 1
The same would apply for higher speed interfaces such as 10Gbps interfaces which would also be interpreted by OSPF as having a cost of 1, since OSPF cannot define interface costs as an integer part of a decimal number i.e. 0.5 or 0.125.
So that OSPF may be able to calculate the cost of an interface based on the bandwidth of the interface with great accuracy we will need to change the value of the auto-cost reference-bandwidth value from 100,000,000 to a greater value.
To change the auto-cost reference-bandwidth use the following commands:
router(config)#router ospf 1
R2_4(config-router)#auto-cost reference-bandwidth 10000
% OSPF: Reference bandwidth is changed.
Please ensure reference bandwidth is consistent across all routers.
The auto-cost reference-bandwidth now has a value of 10000,000,000 (The value is set in Mbps), therefore now the OSPF process will view the 100Mbps interface as having a cost of 100, 1Gbps having a Cost of 10 and 10Gbps a cost of 1, another point worth mentioning is that the router will prompt you to make sure that the auto-cost reference-bandwidth value is set consistently across all your routers.
Note: The cost given to a path is added to the metric only when the route is received inbound on an interface, not outbound, therefore should you wish to alter the cost of the path you must do this on the inbound interface.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNACommsupport run free one day training sessions and free on-line webinars, CCNP
As a CCNA / CCNP candidate you are expected to understand how to set and interpret the OSPF cost function on your Cisco devices
During your career as a Cisco network engineer you will have to deal with setting and manipulating the OSPF costs on an interface.
OSPF uses a metric called “Cost” to calculate the metric of path. The cost is a cumulative value which is an incremental metric.
The cost is as a default based on the bandwidth of the interface. The Higher the interface bandwidth the lower the cost that is associated to that interface, to see the cost that is assigned to any given interface which is participating in OSPF issue the following command:
Router# show ip ospf interface
The output of this command will show the current cost given to this interface. The costs of the interface is calculated by taking the bandwidth of the interface and dividing this number by a value known as the “auto-cost reference-bandwidth”.
This auto-cost reference-bandwidth is an integer used to calculate a standard metric across OSPF and is set to 100,000,000. The cost is calculated as follows:
100,000,000/BW
If the interface bandwidth is 10Mbps, then the resulting cost would be 10:
100,000,000/10,000,000 = 10
If the interface bandwidth is 100Mbps, then the resulting cost would be 1:
100,000,000/100,000,000 = 1
The next example reveals some deficiencies with the auto-cost reference-bandwidth set at 100,000,000. If we had a 1Gbp interface it’s cost will be calculated by OSPF to be the exact same number as that for the 100Mbps interface.
100,000,000/1000,000,000 = 1
The same would apply for higher speed interfaces such as 10Gbps interfaces which would also be interpreted by OSPF as having a cost of 1, since OSPF cannot define interface costs as an integer part of a decimal number i.e. 0.5 or 0.125.
So that OSPF may be able to calculate the cost of an interface based on the bandwidth of the interface with great accuracy we will need to change the value of the auto-cost reference-bandwidth value from 100,000,000 to a greater value.
To change the auto-cost reference-bandwidth use the following commands:
router(config)#router ospf 1
R2_4(config-router)#auto-cost reference-bandwidth 10000
% OSPF: Reference bandwidth is changed.
Please ensure reference bandwidth is consistent across all routers.
The auto-cost reference-bandwidth now has a value of 10000,000,000 (The value is set in Mbps), therefore now the OSPF process will view the 100Mbps interface as having a cost of 100, 1Gbps having a Cost of 10 and 10Gbps a cost of 1, another point worth mentioning is that the router will prompt you to make sure that the auto-cost reference-bandwidth value is set consistently across all your routers.
Note: The cost given to a path is added to the metric only when the route is received inbound on an interface, not outbound, therefore should you wish to alter the cost of the path you must do this on the inbound interface.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNACommsupport run free one day training sessions and free on-line webinars, CCNP
Tuesday, 15 June 2010
CCNA Training – Recovering the IOS in ROMMON
CCNA Training – Recovering the IOS in ROMMON
As a CCNA / CCNP candidate you are expected to understand how to recover the IOS on a router when the router is in ROMMON mode
During your time as a network engineer you will come across Cisco routers that will have lost their IOS (Internetwork Operating System software).
Cisco router may lose their IOS by various means. The main reasons that the Cisco router may lose is IOS are:
1. User deletes the contents of flash and in the process also removes the IOS
2. The IOS becomes corrupt and fails to load
3. The user fails to upgrade the Cisco router and then reboots the router causing the router to boot into ROMMON
4. The user misspells the word start in the command “copy run start” causing the router to ask the user if they wish to delete the contents of flash, this last reason is all too common and causes no end of grief, we suggest that instead of using the “copy run start” command that you use the command “wri mem” which is an abbreviation of the command “write memory”.
When your router boots and drops into ROMMON do not think that the IOS is missing, it could be that the router has experienced a bad boot process, at the “ROMMON>” prompt type the “reset” command, watch the router reboot and watch for any messages from the router stating that the router is unable to find a file in flash.
So, we find ourselves in with a router that has booted into ROMMON what do we do next, the following steps will assist in recovering the routers IOS
1. Type the following command into the Router:
ROMMON>tftpdnld
At this point you will receive an output onto the console
2. Make sure that you have a laptop connected to the router either directly or via a switch with a TFTP program open and showing an address that will be an address within the same subnet that you will assign to the router in a moment.
3. Enter an address for the router
ROMMON>IP_ADDRESS=10.1.1.4
4. Enter the subnet for the routers interface
ROMMON>IP_SUBNET_MASK=255.255.255.0
5. Enter a default gateway for the router, at this point it is good practice to simply type in the address of the laptop.
DEFAULT_GATEWAY=10.1.1.100
6. Enter the IP address of the laptop
TFTP_SERVER=10.1.1.100
7. Enter the name of the file that you are attempting to load into the router. Make sure that the TFTP application on the laptop has been “browsed” to the location where this IOS image resides.
TFTP_FILE=c1841-advsecurityk9-mz.124-15.T1.bin
8. Press return, at this point the router will ask you is you wish to continue with the download type “yes”, the routers Ethernet LED will now turn on and attempt to locate the TFTP server. If you are successful you will see a series of exclamation marks issue across the screen.
Once the router has downloaded the complete IOS to flash it will perform a lengthy checksum when complete will present the ROMMON> prompt to you, at this point type reset forcing the router to reboot and load the new IOS into RAM and booting correctly.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNACommsupport run free one day training sessions and free on-line webinars, CCNP
As a CCNA / CCNP candidate you are expected to understand how to recover the IOS on a router when the router is in ROMMON mode
During your time as a network engineer you will come across Cisco routers that will have lost their IOS (Internetwork Operating System software).
Cisco router may lose their IOS by various means. The main reasons that the Cisco router may lose is IOS are:
1. User deletes the contents of flash and in the process also removes the IOS
2. The IOS becomes corrupt and fails to load
3. The user fails to upgrade the Cisco router and then reboots the router causing the router to boot into ROMMON
4. The user misspells the word start in the command “copy run start” causing the router to ask the user if they wish to delete the contents of flash, this last reason is all too common and causes no end of grief, we suggest that instead of using the “copy run start” command that you use the command “wri mem” which is an abbreviation of the command “write memory”.
When your router boots and drops into ROMMON do not think that the IOS is missing, it could be that the router has experienced a bad boot process, at the “ROMMON>” prompt type the “reset” command, watch the router reboot and watch for any messages from the router stating that the router is unable to find a file in flash.
So, we find ourselves in with a router that has booted into ROMMON what do we do next, the following steps will assist in recovering the routers IOS
1. Type the following command into the Router:
ROMMON>tftpdnld
At this point you will receive an output onto the console
2. Make sure that you have a laptop connected to the router either directly or via a switch with a TFTP program open and showing an address that will be an address within the same subnet that you will assign to the router in a moment.
3. Enter an address for the router
ROMMON>IP_ADDRESS=10.1.1.4
4. Enter the subnet for the routers interface
ROMMON>IP_SUBNET_MASK=255.255.255.0
5. Enter a default gateway for the router, at this point it is good practice to simply type in the address of the laptop.
DEFAULT_GATEWAY=10.1.1.100
6. Enter the IP address of the laptop
TFTP_SERVER=10.1.1.100
7. Enter the name of the file that you are attempting to load into the router. Make sure that the TFTP application on the laptop has been “browsed” to the location where this IOS image resides.
TFTP_FILE=c1841-advsecurityk9-mz.124-15.T1.bin
8. Press return, at this point the router will ask you is you wish to continue with the download type “yes”, the routers Ethernet LED will now turn on and attempt to locate the TFTP server. If you are successful you will see a series of exclamation marks issue across the screen.
Once the router has downloaded the complete IOS to flash it will perform a lengthy checksum when complete will present the ROMMON> prompt to you, at this point type reset forcing the router to reboot and load the new IOS into RAM and booting correctly.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNACommsupport run free one day training sessions and free on-line webinars, CCNP
Monday, 14 June 2010
DHCP IP Helper address in Cisco devices
DHCP IP Helper address in Cisco devices
As a CCNA / CCNP candidate you are expected to understand the purpose and function of the IP Helper address .
The CCNA / CCNP’s exam will ask of you to determine the purpose of the IP Helper command, what it contains and the role it plays in your network.
The purpose of the IP helper command for the purposes of DHCP (Dynamic Host Configuration Protocol) is to assist a host within a broadcast domain to acquire an IP address from a DHCP server that resides within another broadcast domain.
Before we take a detailed view of how the IP helper command works we will firstly need to look at what defines a broadcast domain. A broad is a message which is generated by host or hosts when they wish to either announce their presence to the other hosts on the network or they need to discover some entity on the network. The two most common types of broadcast messages that are issued from a host are ARP (Address Resolution Protocol) messages to resolve a known IP address to a Layer 2 MAC address or a DHCP discover message.
Both the ARP message and the DHCP discover message will received by all of the host within the VLAN or Subnet of the host that generated the broadcast message, if the broadcast message is received by a router interface the default action of the router interface is to discard the message unless it itself is the intended recipient of the broadcast, say for example the generating host was ARP’ing for it’s default gateways’ MAC address.
The router will not by default forward the broadcast of any nature across to another subnet. Imagine if the router did this and forwarded all broadcasts from one network into another network, your router at home or at the office is connected to the internet, imagine if your router as to forward by default your broadcasts from one subnet, i.e. yours over into the public network, and multiplied that by a few million times one for every router that is connected to the internet, well that would be a lot of traffic, so again by default it is not in the interest of performance that broadcasts are forwarded from one subnet to another.
So where does that leave us in regards to the client sending out DHCP Discover messages in the attempt of getting a valid host IP address. If no DHCP server resides within the same subnet that the client resides in because the DHCP server lives in another subnet in then there is no chance of the client getting an IP address.
We in this case have to assist the client in getting an IP address from the DHCP server which lives in another network and to do this we need to use the “IP helper-address” command which is placed on the same interface that is the default gateway for the host requesting the IP address. The command would be as follows
Router(config-if)#ip helper-address x.x.x.x
The x.x.x.x would represent the address of the DHCP server. It is important that the router knows how to reach the subnet that the DHCP resides within, unless this is the case the router will never be able to forward the DHCP discover messages which are generated by the client to the DHCP server.
When the routers’ interface receives the DHCP discover message from the client it will relay the DHCP discover message over to the DHCP server placing it’s own interface IP address in a field called the “Relay agent”, this is done so that the DHCP server knows from which of its address scopes to draw a valid address from. It is important to bear in mind at this point that the original DHCP discover message which is a broadcast is relayed over to the DHCP server as a unicast message.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNACommsupport run free one day training sessions and free on-line webinars, CCNP
As a CCNA / CCNP candidate you are expected to understand the purpose and function of the IP Helper address .
The CCNA / CCNP’s exam will ask of you to determine the purpose of the IP Helper command, what it contains and the role it plays in your network.
The purpose of the IP helper command for the purposes of DHCP (Dynamic Host Configuration Protocol) is to assist a host within a broadcast domain to acquire an IP address from a DHCP server that resides within another broadcast domain.
Before we take a detailed view of how the IP helper command works we will firstly need to look at what defines a broadcast domain. A broad is a message which is generated by host or hosts when they wish to either announce their presence to the other hosts on the network or they need to discover some entity on the network. The two most common types of broadcast messages that are issued from a host are ARP (Address Resolution Protocol) messages to resolve a known IP address to a Layer 2 MAC address or a DHCP discover message.
Both the ARP message and the DHCP discover message will received by all of the host within the VLAN or Subnet of the host that generated the broadcast message, if the broadcast message is received by a router interface the default action of the router interface is to discard the message unless it itself is the intended recipient of the broadcast, say for example the generating host was ARP’ing for it’s default gateways’ MAC address.
The router will not by default forward the broadcast of any nature across to another subnet. Imagine if the router did this and forwarded all broadcasts from one network into another network, your router at home or at the office is connected to the internet, imagine if your router as to forward by default your broadcasts from one subnet, i.e. yours over into the public network, and multiplied that by a few million times one for every router that is connected to the internet, well that would be a lot of traffic, so again by default it is not in the interest of performance that broadcasts are forwarded from one subnet to another.
So where does that leave us in regards to the client sending out DHCP Discover messages in the attempt of getting a valid host IP address. If no DHCP server resides within the same subnet that the client resides in because the DHCP server lives in another subnet in then there is no chance of the client getting an IP address.
We in this case have to assist the client in getting an IP address from the DHCP server which lives in another network and to do this we need to use the “IP helper-address” command which is placed on the same interface that is the default gateway for the host requesting the IP address. The command would be as follows
Router(config-if)#ip helper-address x.x.x.x
The x.x.x.x would represent the address of the DHCP server. It is important that the router knows how to reach the subnet that the DHCP resides within, unless this is the case the router will never be able to forward the DHCP discover messages which are generated by the client to the DHCP server.
When the routers’ interface receives the DHCP discover message from the client it will relay the DHCP discover message over to the DHCP server placing it’s own interface IP address in a field called the “Relay agent”, this is done so that the DHCP server knows from which of its address scopes to draw a valid address from. It is important to bear in mind at this point that the original DHCP discover message which is a broadcast is relayed over to the DHCP server as a unicast message.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNACommsupport run free one day training sessions and free on-line webinars, CCNP
CCNA House keeping Logging Synchronous Command.
CCNA House keeping commands
Logging Synchronous Command.
For our students coming into Cisco networking for the first time they are always surprised by a few of the default command settings that are present on the Cisco switches and routers.
These default command settings are a real draw back if left at the default settings so unless the student changes the default settings then the CCNA student is generally going to become increasingly frustrated.
At Commsupport we continually practice the procedure of instructing our CCNA students (and sometimes our CCNP students) that they must change the default settings in order to make their programming via the command line a lot more fluid and without interruption.
The first of our house keeping commands is the “Logging Synchronous” command.
The no logging synchronous command is enabled by default. The purpose of this command is to so that when events occur on your Cisco device these events are reported to the administrators console but unfortunately the messages do by default interrupt the typing and can make life difficult for the administrator to type in command fluidly.
To prevent the console from reporting device events directly to the users console screen you can if you wish completely disable the logging to the console. To disable any logging to the console issue the following command in the global configuration mode:
Router(config)#logging console
If you do decide to disable all logging messages to the console you will lose all visibility of the any events that are occurring on the device, such events may be interfaces enabling or disabling, routing protocols losing or gaining neighbors, or interface duplex mismatches, all of these events are important to you the network administrator.
So that you may retain visibility of events that occur on the device you may wish to log the events to a syslog server on a machine that your device knows of. To turn on syslog on the Cisco device, follow these commads:
Router(config)#logging x.x.x.x
Note: x.x.x.x is the ip address of the P.C with the logging software.
To prevent device events from interrupting your typing but no to prevent the events from being issued onto the console screen you will enter the following command under the line Console prompt, also whilst we are in the line console setting we will also instruct the console that it must never time-out the session even if see that there is no activity i.e. typing commands, this command is the “exec-timeout 0 0”. The two zeros represent minutes and seconds respectively. By setting the values to “0 0” we have instructed the console never to time out
Router(conf)# line console 0
Router(config-line)#no logging synchronous
Router(config-line)#exec-time 0 0
Now when events occur on the Cisco router or switch those very same messages which interrupted your typing will still be displayed onto the console screen but now what ever command you were typing in will simply be dropped down to the next available prompt and no longer chopped in half.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNACommsupport run free one day training sessions and free on-line webinars, CCNP
Logging Synchronous Command.
For our students coming into Cisco networking for the first time they are always surprised by a few of the default command settings that are present on the Cisco switches and routers.
These default command settings are a real draw back if left at the default settings so unless the student changes the default settings then the CCNA student is generally going to become increasingly frustrated.
At Commsupport we continually practice the procedure of instructing our CCNA students (and sometimes our CCNP students) that they must change the default settings in order to make their programming via the command line a lot more fluid and without interruption.
The first of our house keeping commands is the “Logging Synchronous” command.
The no logging synchronous command is enabled by default. The purpose of this command is to so that when events occur on your Cisco device these events are reported to the administrators console but unfortunately the messages do by default interrupt the typing and can make life difficult for the administrator to type in command fluidly.
To prevent the console from reporting device events directly to the users console screen you can if you wish completely disable the logging to the console. To disable any logging to the console issue the following command in the global configuration mode:
Router(config)#logging console
If you do decide to disable all logging messages to the console you will lose all visibility of the any events that are occurring on the device, such events may be interfaces enabling or disabling, routing protocols losing or gaining neighbors, or interface duplex mismatches, all of these events are important to you the network administrator.
So that you may retain visibility of events that occur on the device you may wish to log the events to a syslog server on a machine that your device knows of. To turn on syslog on the Cisco device, follow these commads:
Router(config)#logging x.x.x.x
Note: x.x.x.x is the ip address of the P.C with the logging software.
To prevent device events from interrupting your typing but no to prevent the events from being issued onto the console screen you will enter the following command under the line Console prompt, also whilst we are in the line console setting we will also instruct the console that it must never time-out the session even if see that there is no activity i.e. typing commands, this command is the “exec-timeout 0 0”. The two zeros represent minutes and seconds respectively. By setting the values to “0 0” we have instructed the console never to time out
Router(conf)# line console 0
Router(config-line)#no logging synchronous
Router(config-line)#exec-time 0 0
Now when events occur on the Cisco router or switch those very same messages which interrupted your typing will still be displayed onto the console screen but now what ever command you were typing in will simply be dropped down to the next available prompt and no longer chopped in half.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNACommsupport run free one day training sessions and free on-line webinars, CCNP
Friday, 11 June 2010
Spanning Tree for the CCNA
Portfast
As a CCNA / CCNP candidate you are expected to understand the purpose and function of Spanning-tree Portfast. The CCNA / CCNP’s exam will ask of you to determine the purpose of the Portfast within the spanning-tree protocol.
Before we go into the detail for the purpose and operation of the Portfast feature we need to understand the switched network environment behaviour before the introduction of portfast as a command.
As you may recall the Spanning-tree protocol is designed to prevent physical and/or logical loops in your layer 2 network. Spanning-tree achieves this loop free environment by first of all electing a device to act as the focal point of the network which all other switches measure themselves from. This focal point role is an elected role. The election of the focal point known as the “Root Bridge” is done at the very start of spanning-tree determining the loop free topology, the election of the Root Bridge is carried out by using a combination of the switches MAC address and a value known as the “Default Priority”.
From the “BPDU Guard” article you will recall that the stability of the Root Bridge is of paramount importance in the operation and continual uninterrupted service of spanning-tree and that a change in the position of the Root Bridge will cause service disruption on the network; another important factor to bear in mind is that is it not just the changing of the position of the Root Bridge that can cause network disruption but events such as access switchports transitioning on/off line can create an unstable network.
When a port first goes on-line spanning-tree will treat it like it treats any other port and will cycle through the normal spanning-tree port roles, i.e. blocking, listening. Learning, forwarding. The port will transition to the forwarding state after 30secs. In which no user traffic is allowed to pass.
At the point that the port went on-line the switch would have generated a new type of Bridge Protocol data unit called a “Topology Change Notification” BPDU, this TCN is relayed up out of the Root port towards the Root Bridge, the Root Bridge will register this TCN as a “Topology Change” and reset the TCN timer. These timers can be viewed by issuing the “show spanning-tree vlan # detail”. These false readings will cause no end of confusion in your fault finding and network disruption as you chase false positives.
The major benefit of Portfast on the access port, (since this command can only an should only be configured in access ports) is that it causes spanning-tree to bypass the lengthy forward delay timers on that port.
Port fast is enabled on an access port:
Swith(config-if)#spanning-tree portfast
Once PortFast is enabled it place the port directly into the forwarding state, bypassing the spanning-tree forward delay timers, but at the same time the PortFast feature will keep an eye open for any BPDU’s entering the access ports. If at any time the port received a BPDU it will default back to normal operation.
With the Portfast feature on the port the switch does not generate any more TCN’s when the port transitions on/off line, this means that any “Topology Changes” that you view from the output of the “show spanning-tree detail” you will see valid TCN’s along with the port that the TCN was received on.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
As a CCNA / CCNP candidate you are expected to understand the purpose and function of Spanning-tree Portfast. The CCNA / CCNP’s exam will ask of you to determine the purpose of the Portfast within the spanning-tree protocol.
Before we go into the detail for the purpose and operation of the Portfast feature we need to understand the switched network environment behaviour before the introduction of portfast as a command.
As you may recall the Spanning-tree protocol is designed to prevent physical and/or logical loops in your layer 2 network. Spanning-tree achieves this loop free environment by first of all electing a device to act as the focal point of the network which all other switches measure themselves from. This focal point role is an elected role. The election of the focal point known as the “Root Bridge” is done at the very start of spanning-tree determining the loop free topology, the election of the Root Bridge is carried out by using a combination of the switches MAC address and a value known as the “Default Priority”.
From the “BPDU Guard” article you will recall that the stability of the Root Bridge is of paramount importance in the operation and continual uninterrupted service of spanning-tree and that a change in the position of the Root Bridge will cause service disruption on the network; another important factor to bear in mind is that is it not just the changing of the position of the Root Bridge that can cause network disruption but events such as access switchports transitioning on/off line can create an unstable network.
When a port first goes on-line spanning-tree will treat it like it treats any other port and will cycle through the normal spanning-tree port roles, i.e. blocking, listening. Learning, forwarding. The port will transition to the forwarding state after 30secs. In which no user traffic is allowed to pass.
At the point that the port went on-line the switch would have generated a new type of Bridge Protocol data unit called a “Topology Change Notification” BPDU, this TCN is relayed up out of the Root port towards the Root Bridge, the Root Bridge will register this TCN as a “Topology Change” and reset the TCN timer. These timers can be viewed by issuing the “show spanning-tree vlan # detail”. These false readings will cause no end of confusion in your fault finding and network disruption as you chase false positives.
The major benefit of Portfast on the access port, (since this command can only an should only be configured in access ports) is that it causes spanning-tree to bypass the lengthy forward delay timers on that port.
Port fast is enabled on an access port:
Swith(config-if)#spanning-tree portfast
Once PortFast is enabled it place the port directly into the forwarding state, bypassing the spanning-tree forward delay timers, but at the same time the PortFast feature will keep an eye open for any BPDU’s entering the access ports. If at any time the port received a BPDU it will default back to normal operation.
With the Portfast feature on the port the switch does not generate any more TCN’s when the port transitions on/off line, this means that any “Topology Changes” that you view from the output of the “show spanning-tree detail” you will see valid TCN’s along with the port that the TCN was received on.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
Understanding PortFast for the CCNA
Portfast
As a CCNA / CCNP candidate you are expected to understand the purpose and function of Spanning-tree Portfast. The CCNA / CCNP’s exam will ask of you to determine the purpose of the Portfast within the spanning-tree protocol.
Before we go into the detail for the purpose and operation of the Portfast feature we need to understand the switched network environment behaviour before the introduction of portfast as a command.
As you may recall the Spanning-tree protocol is designed to prevent physical and/or logical loops in your layer 2 network. Spanning-tree achieves this loop free environment by first of all electing a device to act as the focal point of the network which all other switches measure themselves from. This focal point role is an elected role. The election of the focal point known as the “Root Bridge” is done at the very start of spanning-tree determining the loop free topology, the election of the Root Bridge is carried out by using a combination of the switches MAC address and a value known as the “Default Priority”.
From the “BPDU Guard” article you will recall that the stability of the Root Bridge is of paramount importance in the operation and continual uninterrupted service of spanning-tree and that a change in the position of the Root Bridge will cause service disruption on the network; another important factor to bear in mind is that is it not just the changing of the position of the Root Bridge that can cause network disruption but events such as access switchports transitioning on/off line can create an unstable network.
When a port first goes on-line spanning-tree will treat it like it treats any other port and will cycle through the normal spanning-tree port roles, i.e. blocking, listening. Learning, forwarding. The port will transition to the forwarding state after 30secs. In which no user traffic is allowed to pass.
At the point that the port went on-line the switch would have generated a new type of Bridge Protocol data unit called a “Topology Change Notification” BPDU, this TCN is relayed up out of the Root port towards the Root Bridge, the Root Bridge will register this TCN as a “Topology Change” and reset the TCN timer. These timers can be viewed by issuing the “show spanning-tree vlan # detail”. These false readings will cause no end of confusion in your fault finding and network disruption as you chase false positives.
The major benefit of Portfast on the access port, (since this command can only an should only be configured in access ports) is that it causes spanning-tree to bypass the lengthy forward delay timers on that port.
Port fast is enabled on an access port:
Swith(config-if)#spanning-tree portfast
Once PortFast is enabled it place the port directly into the forwarding state, bypassing the spanning-tree forward delay timers, but at the same time the PortFast feature will keep an eye open for any BPDU’s entering the access ports. If at any time the port received a BPDU it will default back to normal operation.
With the Portfast feature on the port the switch does not generate any more TCN’s when the port transitions on/off line, this means that any “Topology Changes” that you view from the output of the “show spanning-tree detail” you will see valid TCN’s along with the port that the TCN was received on.
Joe is a senior lecturer at Commsupport networks CCNA training in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Course Commsupport run free one day training sessions and free on-line webinars, CCNA training
As a CCNA / CCNP candidate you are expected to understand the purpose and function of Spanning-tree Portfast. The CCNA / CCNP’s exam will ask of you to determine the purpose of the Portfast within the spanning-tree protocol.
Before we go into the detail for the purpose and operation of the Portfast feature we need to understand the switched network environment behaviour before the introduction of portfast as a command.
As you may recall the Spanning-tree protocol is designed to prevent physical and/or logical loops in your layer 2 network. Spanning-tree achieves this loop free environment by first of all electing a device to act as the focal point of the network which all other switches measure themselves from. This focal point role is an elected role. The election of the focal point known as the “Root Bridge” is done at the very start of spanning-tree determining the loop free topology, the election of the Root Bridge is carried out by using a combination of the switches MAC address and a value known as the “Default Priority”.
From the “BPDU Guard” article you will recall that the stability of the Root Bridge is of paramount importance in the operation and continual uninterrupted service of spanning-tree and that a change in the position of the Root Bridge will cause service disruption on the network; another important factor to bear in mind is that is it not just the changing of the position of the Root Bridge that can cause network disruption but events such as access switchports transitioning on/off line can create an unstable network.
When a port first goes on-line spanning-tree will treat it like it treats any other port and will cycle through the normal spanning-tree port roles, i.e. blocking, listening. Learning, forwarding. The port will transition to the forwarding state after 30secs. In which no user traffic is allowed to pass.
At the point that the port went on-line the switch would have generated a new type of Bridge Protocol data unit called a “Topology Change Notification” BPDU, this TCN is relayed up out of the Root port towards the Root Bridge, the Root Bridge will register this TCN as a “Topology Change” and reset the TCN timer. These timers can be viewed by issuing the “show spanning-tree vlan # detail”. These false readings will cause no end of confusion in your fault finding and network disruption as you chase false positives.
The major benefit of Portfast on the access port, (since this command can only an should only be configured in access ports) is that it causes spanning-tree to bypass the lengthy forward delay timers on that port.
Port fast is enabled on an access port:
Swith(config-if)#spanning-tree portfast
Once PortFast is enabled it place the port directly into the forwarding state, bypassing the spanning-tree forward delay timers, but at the same time the PortFast feature will keep an eye open for any BPDU’s entering the access ports. If at any time the port received a BPDU it will default back to normal operation.
With the Portfast feature on the port the switch does not generate any more TCN’s when the port transitions on/off line, this means that any “Topology Changes” that you view from the output of the “show spanning-tree detail” you will see valid TCN’s along with the port that the TCN was received on.
Joe is a senior lecturer at Commsupport networks CCNA training in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Course Commsupport run free one day training sessions and free on-line webinars, CCNA training
OSPF Hellos for the CCNA and CCNP
As a CCNA / CCNP candidate you are expected to understand the purpose and function of the OSPF protocol.
The CCNA / CCNP’s exam will ask of you to determine the purpose of the OSPF hello packet, what it contains and the role it plays
Inside the OSPF Hello Packet
OSPF routers create neighbor relationships with directly connected routers by exchanging hello messages. OSPF Router exchange hellos addressed to the ALLSPFROUTERS multicast destination address of 224.0.0.5.
OSPF sends out hello packets every 10 seconds with a hold time of 40secs on a broadcast link or Point-to-point link
OSPF sends out hello packets every 30 seconds with a hold time of 120secs on a non-broadcast link
The Hello Packet contains the following data:
1. ROUTER ID = Router ID, this is a 32-bit number that is unique to this router
2. *HELLOS & DEAD INTERVALS = Hello and dead interval Period of time between
hellos and the dead timer, these values must match between two routers becoming neighbors
3. NEIGHBOUR LIST = Is a List of neighbor Router Ids that this router sees as their neighbor
4. *AREA ID = Area ID Area number, this value must be identical between two routers becoming neighbors
5. ROUTER PRIORIY = Router Priority of this interface, the router advertising the highest priority is elected the designated router during the DR/DBR election process.
6. ROUTER ID = The Router ID of who this router believes is the DR and BDR IP address of designated routers
7. *AUTHENTICATION = If you have authentication set it is important that the Password matches between the two routers becoming neighbors.
8. *STUB AREA FLAG = If the routers becoming neighbors are in a Stub Area, then the Stub Area Flag must be set
Two routers will initially exchange hello and examine the contents of the Hello Packets to verify that the fields which need to match do indeed match.
If any of the fields do not match the routers cannot form any neighbor adjacency, to view the reasons for any possible issues run the following command:
R1#debug ip ospf adj
If you see your neighbour adjacency like below, where the state is FULL means the adjacency has formed:
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.1.3 1 FULL/DR 00:00:39 192.168.1.3 Ethernet0/0
If you see your neighbour adjacency like below, where the state is 2-way means the neighbour relationship has formed and that the neighbour is neither the DR nor the BDR:
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.1.3 1 2-WAY/DROTHER 00:00:39 192.168.1.3 Ethernet0/0
If you see your neighbour adjacency like below, where the state is Exstart the neighbors are past the 2-way state and are determining which device is going to start the exchange of the summary of the Link state database. If the state continues to display exstart can mean that the Interface MTU sizes are mismatched. Run the “debug ip ospf adj” command to show any neighbour formation issues.
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.1.3 1 Exstart/DR 00:00:39 192.168.1.3 Ethernet0/0
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
The CCNA / CCNP’s exam will ask of you to determine the purpose of the OSPF hello packet, what it contains and the role it plays
Inside the OSPF Hello Packet
OSPF routers create neighbor relationships with directly connected routers by exchanging hello messages. OSPF Router exchange hellos addressed to the ALLSPFROUTERS multicast destination address of 224.0.0.5.
OSPF sends out hello packets every 10 seconds with a hold time of 40secs on a broadcast link or Point-to-point link
OSPF sends out hello packets every 30 seconds with a hold time of 120secs on a non-broadcast link
The Hello Packet contains the following data:
1. ROUTER ID = Router ID, this is a 32-bit number that is unique to this router
2. *HELLOS & DEAD INTERVALS = Hello and dead interval Period of time between
hellos and the dead timer, these values must match between two routers becoming neighbors
3. NEIGHBOUR LIST = Is a List of neighbor Router Ids that this router sees as their neighbor
4. *AREA ID = Area ID Area number, this value must be identical between two routers becoming neighbors
5. ROUTER PRIORIY = Router Priority of this interface, the router advertising the highest priority is elected the designated router during the DR/DBR election process.
6. ROUTER ID = The Router ID of who this router believes is the DR and BDR IP address of designated routers
7. *AUTHENTICATION = If you have authentication set it is important that the Password matches between the two routers becoming neighbors.
8. *STUB AREA FLAG = If the routers becoming neighbors are in a Stub Area, then the Stub Area Flag must be set
Two routers will initially exchange hello and examine the contents of the Hello Packets to verify that the fields which need to match do indeed match.
If any of the fields do not match the routers cannot form any neighbor adjacency, to view the reasons for any possible issues run the following command:
R1#debug ip ospf adj
If you see your neighbour adjacency like below, where the state is FULL means the adjacency has formed:
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.1.3 1 FULL/DR 00:00:39 192.168.1.3 Ethernet0/0
If you see your neighbour adjacency like below, where the state is 2-way means the neighbour relationship has formed and that the neighbour is neither the DR nor the BDR:
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.1.3 1 2-WAY/DROTHER 00:00:39 192.168.1.3 Ethernet0/0
If you see your neighbour adjacency like below, where the state is Exstart the neighbors are past the 2-way state and are determining which device is going to start the exchange of the summary of the Link state database. If the state continues to display exstart can mean that the Interface MTU sizes are mismatched. Run the “debug ip ospf adj” command to show any neighbour formation issues.
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.1.3 1 Exstart/DR 00:00:39 192.168.1.3 Ethernet0/0
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
OSPF DR and BDR for the CCNA and CCNP
As a CCNA / CCNP candidate you are expected to understand the purpose and function of the OSPF protocol.
The CCNA / CCNP’s exam will ask of you to determine the purpose of the DR and BDR along with the election procedure.
OSPF Designated Router and Backup Designated Router elections
OSPF routing algorithm is CPU intensive. Each and everytime the OSPF process runs the Dikstras shortest path first algorithm it will have an impact on the router. In a point to point network OSPF events are limited to the periodic Hello packet (Default 10secs on a PPP, HDLC, 30sec Frame Relay NBMA), 30 mins for each route entry in the Link state database and triggered events.
In a Multi-access broadcast network where routers are connected to a common broadcast segment i.e many routers in one vlan) all routers would need to create an adjacency with all other routers in the same broadcast domain. Also event which causes an LSA to be generated would require the advertising router to create one LSA to be multicasted to all neighbours.
The more routers there are in the broadcast multicast network the more adjacencies would be required:
Two routers require the following number of adjacencies:
2(2–1) / 2 = 1
Four routers require the following number of adjacencies:
4(4–1)/2=6
Ten routers require the following number of adjacencies:
10(10–1)/2=45
Note: DR’s and BDR’s are not elected on point-to-point links because there can be only one adjacency and the point of electing the DR and BDR is for effiecienty
The more routers you have on a segment will increase the number of adjacencies consume more bandwidth and use more processing power on the routers
We need to reduce the amount of work which each router has to do on the next by electing one router as a Designated Router which all other routers with form adjacencies with.
When you use a Designated Router in your Multiaccess broadcast network the number of adjacencies is reduced along with the reduction in processing and bandwidth.
All routers will form full adjacencies with the Designated router, when you run the command on a cisco router which is not the DR:
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.1.3 1 FULL/DR 00:00:39 192.168.1.3 Ethernet0/0
You will see that your router has formed a “FULL” neighbour adjacency with the DR and the output also defines which neighbor is the DR. The router ID of the neighbour in the output above is 192.168.1.3 and that this neighbour is the DR
Any events which occur are advertised to the DR using the Multicast address of 224.0.0.6
When the DR advertises any events to the Non-DR devices it is done using the address of 224.0.0.5
Designated and Backup Designated Router Election
The DR is elected based on the router with the highest router priority. The default router priority is 1, the range is 0 to 255. Setting the router priority to 0 means the interface cannot participate in any DR or BDR election. If you set a current DR’s r current BDR’s router priority to 0 it will relinquish the role immediately.
Routers which are not elected either as DR or BDR still form neighbor adjacencies, although they will not exchange any routing information between each other, only hellos are exchanged and these are sent to multicast address of 224.0.0.5
Despite the name “router priority” it is in fact a priority which s set on an interface level as follows:
R1(conf)#interface fastethernet 0/0
R1(conf-if)#ip ospf priority 1
In the event that two or more interfaces sharing a common broadcast domain have the same router priority the OSPF router ID is used as a tie-breaker.
The election process is as follows:
1. To participate in the election any router with its OSPF priority set between 1-255 can attempt to become DR by putting its own Router ID into the DR field of its sent hellos. You can view the election process by running the command “debug ip ospf adj”, the elections occurs during the 2-way process.
2. Each and every router in the common broadcast domain examine the received Hellos, looking at other routers’ priority settings
3. If a received Hello from another router has a better router priority then that router stops claiming to be DR and asserts that the better candidate should be the DR by placing the Router ID of the DR into the DR field of it’s Hello packets. Therefore the first criteria for better is a router with the highest priority
4. If the Router Priorities are identical, the router with the higher RID is chosen as the DR
5. The with the next highest priority or next highest Router ID in the case hat there is a tie in the value of the Router Priority becomes the BDR, (Backup Designated Router).
6. If a new router comes onto the network after the election of the DR and/or BDR, or if any existing router improves it’s priority it will not be able to pre-empt the existing DR or even the BDR, remember that DR and BDR roles are non-preemptive.
7. If the DR fails the existing BDR will take over as DR and another election is held for the BDR.
8. If the previous DR comes back online it will not be able to resume it’s previous role.
When a router which is neither the DR or the BDR needs to advertise an event to its neighbors on the common broadcast network it will send the LSA (Type 1) to the DR using the address of 224.0.0.6 (The BDR listens passively to this exchange and maintains a relationship with all the routers), the DR will then advertise the event to all adjacent routers on the common broadcast network LSA (Type 2) All routers will then acknowledge the receipt with an ACK packet ensures that each has a synchronized copy of the LSDB.
Facts about the DR and BDR
1. These roles are not pre-emptive, once a device is a DR or BDR the only events that can cause it to give up the roles are as follows:
a. Shut the interface down
b. Set Priority to 0
c. Restart the router
d. Restart the OSPF router process (clear ip ospf process)
e. Unplug the cable from the interface
2. The router which becomes the DR is the first one which boots up, starts it’s OSPF processes and gets past the 40sec wait timer, before it sees another router sending it’s own hello packet claiming the DR role.
The wait timer can be seen in the output below, 8th line down.
R1_x#show ip ospf interface
Fastethernet0/0 is up, line protocol is up
Internet Address 192.168.x.1/24, Area 0
Process ID 1, Router ID 192.168.3.1, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 192.168.3.1, Interface address 192.168.3.1
Backup Designated router (ID) 192.168.3.2, Interface address 192.168.3.2
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
================output omitted for brevity ========================
3. A router should only be a DR for one LAN segment.
4. Set the DR by setting it’s Router priority to 255.
5. Set the BDR by setting it’s Router Priority to 250
6. Set all other routers Router Priority to 1, never set them to 0 because in the event that you lose both the DR and BDR the routers with the Router Priority of 0 will never become fully adjacent neighbors and in turn will never exchange routing information
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
The CCNA / CCNP’s exam will ask of you to determine the purpose of the DR and BDR along with the election procedure.
OSPF Designated Router and Backup Designated Router elections
OSPF routing algorithm is CPU intensive. Each and everytime the OSPF process runs the Dikstras shortest path first algorithm it will have an impact on the router. In a point to point network OSPF events are limited to the periodic Hello packet (Default 10secs on a PPP, HDLC, 30sec Frame Relay NBMA), 30 mins for each route entry in the Link state database and triggered events.
In a Multi-access broadcast network where routers are connected to a common broadcast segment i.e many routers in one vlan) all routers would need to create an adjacency with all other routers in the same broadcast domain. Also event which causes an LSA to be generated would require the advertising router to create one LSA to be multicasted to all neighbours.
The more routers there are in the broadcast multicast network the more adjacencies would be required:
Two routers require the following number of adjacencies:
2(2–1) / 2 = 1
Four routers require the following number of adjacencies:
4(4–1)/2=6
Ten routers require the following number of adjacencies:
10(10–1)/2=45
Note: DR’s and BDR’s are not elected on point-to-point links because there can be only one adjacency and the point of electing the DR and BDR is for effiecienty
The more routers you have on a segment will increase the number of adjacencies consume more bandwidth and use more processing power on the routers
We need to reduce the amount of work which each router has to do on the next by electing one router as a Designated Router which all other routers with form adjacencies with.
When you use a Designated Router in your Multiaccess broadcast network the number of adjacencies is reduced along with the reduction in processing and bandwidth.
All routers will form full adjacencies with the Designated router, when you run the command on a cisco router which is not the DR:
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.1.3 1 FULL/DR 00:00:39 192.168.1.3 Ethernet0/0
You will see that your router has formed a “FULL” neighbour adjacency with the DR and the output also defines which neighbor is the DR. The router ID of the neighbour in the output above is 192.168.1.3 and that this neighbour is the DR
Any events which occur are advertised to the DR using the Multicast address of 224.0.0.6
When the DR advertises any events to the Non-DR devices it is done using the address of 224.0.0.5
Designated and Backup Designated Router Election
The DR is elected based on the router with the highest router priority. The default router priority is 1, the range is 0 to 255. Setting the router priority to 0 means the interface cannot participate in any DR or BDR election. If you set a current DR’s r current BDR’s router priority to 0 it will relinquish the role immediately.
Routers which are not elected either as DR or BDR still form neighbor adjacencies, although they will not exchange any routing information between each other, only hellos are exchanged and these are sent to multicast address of 224.0.0.5
Despite the name “router priority” it is in fact a priority which s set on an interface level as follows:
R1(conf)#interface fastethernet 0/0
R1(conf-if)#ip ospf priority 1
In the event that two or more interfaces sharing a common broadcast domain have the same router priority the OSPF router ID is used as a tie-breaker.
The election process is as follows:
1. To participate in the election any router with its OSPF priority set between 1-255 can attempt to become DR by putting its own Router ID into the DR field of its sent hellos. You can view the election process by running the command “debug ip ospf adj”, the elections occurs during the 2-way process.
2. Each and every router in the common broadcast domain examine the received Hellos, looking at other routers’ priority settings
3. If a received Hello from another router has a better router priority then that router stops claiming to be DR and asserts that the better candidate should be the DR by placing the Router ID of the DR into the DR field of it’s Hello packets. Therefore the first criteria for better is a router with the highest priority
4. If the Router Priorities are identical, the router with the higher RID is chosen as the DR
5. The with the next highest priority or next highest Router ID in the case hat there is a tie in the value of the Router Priority becomes the BDR, (Backup Designated Router).
6. If a new router comes onto the network after the election of the DR and/or BDR, or if any existing router improves it’s priority it will not be able to pre-empt the existing DR or even the BDR, remember that DR and BDR roles are non-preemptive.
7. If the DR fails the existing BDR will take over as DR and another election is held for the BDR.
8. If the previous DR comes back online it will not be able to resume it’s previous role.
When a router which is neither the DR or the BDR needs to advertise an event to its neighbors on the common broadcast network it will send the LSA (Type 1) to the DR using the address of 224.0.0.6 (The BDR listens passively to this exchange and maintains a relationship with all the routers), the DR will then advertise the event to all adjacent routers on the common broadcast network LSA (Type 2) All routers will then acknowledge the receipt with an ACK packet ensures that each has a synchronized copy of the LSDB.
Facts about the DR and BDR
1. These roles are not pre-emptive, once a device is a DR or BDR the only events that can cause it to give up the roles are as follows:
a. Shut the interface down
b. Set Priority to 0
c. Restart the router
d. Restart the OSPF router process (clear ip ospf process)
e. Unplug the cable from the interface
2. The router which becomes the DR is the first one which boots up, starts it’s OSPF processes and gets past the 40sec wait timer, before it sees another router sending it’s own hello packet claiming the DR role.
The wait timer can be seen in the output below, 8th line down.
R1_x#show ip ospf interface
Fastethernet0/0 is up, line protocol is up
Internet Address 192.168.x.1/24, Area 0
Process ID 1, Router ID 192.168.3.1, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 192.168.3.1, Interface address 192.168.3.1
Backup Designated router (ID) 192.168.3.2, Interface address 192.168.3.2
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
================output omitted for brevity ========================
3. A router should only be a DR for one LAN segment.
4. Set the DR by setting it’s Router priority to 255.
5. Set the BDR by setting it’s Router Priority to 250
6. Set all other routers Router Priority to 1, never set them to 0 because in the event that you lose both the DR and BDR the routers with the Router Priority of 0 will never become fully adjacent neighbors and in turn will never exchange routing information
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
OSI Basics for the CCNA
OSI model
One of the very first concepts I ever learnt in networking indeed the very first word I learnt to do with networking was the word “protocol”, the second word was “stack”, these two words put together became the foundation of everything else I would ever learn in networking, so what on earth is a “Protocol stack”.
In the beginning, no not the beginning of the universe but in the beginning of the whole networking or computing universe there where many different makers of systems all with their own ways of taking data produced by the users and conveyed from one machine to another across whatever physical or ethereal medium they choose. This all worked fine until users wanted to move data between machines from various makers.
This sort of did not work too well, the first hurdle they faced was will these machines talk to one another?, will the signals from one machine e interpreted correctly, the chances were slim as system designers had decided that created proprietary systems was the best way to ensure that they lock users and customers in and increase market share.
The last days of proprietary communications protocols was nigh with the development of the ARPANET (Advanced Research Projects Agency Network) which was the world's first operational packet switching network, and the predecessor of the global Internet.
The purpose of the ARPANET was to connect geographically disparate systems across either a university campus or across continents and allow them to send and receive data, for them to do so they need to speak the same language they need to operate the same communications protocol stack
One of the first communications protocols was Network Control Protocol (NCP) which provided the network layer functions running on an ARPANET computer, this protocol was replaced in 1983 with the protocol that we are all familiar with which is TCP/IP.
But this still does not explain what the OSI model is, so lets get on with it.
The OSI model was created by the ISO (International Standards Institute) which was sponsored by governments and the industry to create a common set of standards to provide interoperability between every systems vendor.
The OSI model was slow in development and by the time the final draft came into being the TCP/IP model had gained huge prominence on the ARPANET and other fledgling networks, to have replaced all the systems using TCP/IP with the OSI model which is more complex would have cost system users money even though the US government had also promoted it’s use.
The OSI model is now used as a teaching tool to explain the processes which occur as data flows from the wire to the user where the data as it flows from the wire/air as electrical/light/radio activity to the user it passes through 7 different layers or steps.
Why is the OSI model or even the TCP/IP model broken up into layers as opposed to having simple just one process?, the reasons are straight forward.
First and foremost it makes the teaching of networking easier, make fault finding much more efficient, makes the addition or removal of functions straight forward.
The OSI model is built using seven layers, counting from the bottom to the top, the first layer is called the Physical Layer or (L_1), this layer is responsible for connecting the host to the network and determining Functional, Procedural, Electrical and Mechanical aspects of the interface.
The layer above the Physical layer is called the Data Link Layer (L_2), this layer is responsible for how the host accesses the physical medium, error detection, hardware addressing, flow control, and identifying upper layer protocols.
Above the Data link layer we find the Network Layer (L_3), this layer is responsible for logical host addressing, Routed protocols and routing Protocols and identifying upper layer protocols.
The Transport layer (L_4) follows, this layer is one of the most interesting of all, as it provides reliable and unreliable transmission of data, segmentation. Sequencing of data, flow control using windowing, error correction.
The Session layer (L_5) which sits above the transport layer is responsible for establishing, maintaining and terminating session between end-user applications. Sessions between end-user applications are maintained using requests and responses, if a connection is lost between two applications the session layer will attempt to recover the connection by placing regular check points in the data flow and recovering the failed connection to the previous check point.
The Presentation layer (L_6) is responsible for formatting the user data from the layer above, an example of presenting the user data is ASCII or EBCDIC, encryption and compression is also performed here.
The top layer is the Application layer (L_7) is used by network applications. This layer provides services to programs that reside on your P.C such as HTTP provides a service to your browser
The description of each of the layers is a simple over view and we are going to cover all 7 layers in greater detail in other articles. But the point is that each layer has specific roles to perform as data passes up from the physical all the way to the application layer, this makes explaining each layer easier.
Each layer works independently from the layer above or below, let’s take a layer and call it L_N.
L_N receives user data from the layer above L_N+1 and acts upon it and then passes the data down to the layer below L_N-1, each layer adds their own information to the data they receive from L_N+1 and they subtracts their reciprocal layers data that was added by the sending host when they receive the data from below L_N-1.
By making each layer independent of other layers makes it easier for any procedure carried out at any layer to be changed without affecting any of the other layers.
Fault finding is also made easier by having a layered model, if I need to diagnose a problem with the logical addressing I just need to concentrate my efforts on L_3, if I have issues with connectivity I only need to fix L_1 without affecting any of the other layers. Having a layered model makes it easy to change, fix and modify any particular protocol or process without having to understand the inner workings of any of the other layers
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
One of the very first concepts I ever learnt in networking indeed the very first word I learnt to do with networking was the word “protocol”, the second word was “stack”, these two words put together became the foundation of everything else I would ever learn in networking, so what on earth is a “Protocol stack”.
In the beginning, no not the beginning of the universe but in the beginning of the whole networking or computing universe there where many different makers of systems all with their own ways of taking data produced by the users and conveyed from one machine to another across whatever physical or ethereal medium they choose. This all worked fine until users wanted to move data between machines from various makers.
This sort of did not work too well, the first hurdle they faced was will these machines talk to one another?, will the signals from one machine e interpreted correctly, the chances were slim as system designers had decided that created proprietary systems was the best way to ensure that they lock users and customers in and increase market share.
The last days of proprietary communications protocols was nigh with the development of the ARPANET (Advanced Research Projects Agency Network) which was the world's first operational packet switching network, and the predecessor of the global Internet.
The purpose of the ARPANET was to connect geographically disparate systems across either a university campus or across continents and allow them to send and receive data, for them to do so they need to speak the same language they need to operate the same communications protocol stack
One of the first communications protocols was Network Control Protocol (NCP) which provided the network layer functions running on an ARPANET computer, this protocol was replaced in 1983 with the protocol that we are all familiar with which is TCP/IP.
But this still does not explain what the OSI model is, so lets get on with it.
The OSI model was created by the ISO (International Standards Institute) which was sponsored by governments and the industry to create a common set of standards to provide interoperability between every systems vendor.
The OSI model was slow in development and by the time the final draft came into being the TCP/IP model had gained huge prominence on the ARPANET and other fledgling networks, to have replaced all the systems using TCP/IP with the OSI model which is more complex would have cost system users money even though the US government had also promoted it’s use.
The OSI model is now used as a teaching tool to explain the processes which occur as data flows from the wire to the user where the data as it flows from the wire/air as electrical/light/radio activity to the user it passes through 7 different layers or steps.
Why is the OSI model or even the TCP/IP model broken up into layers as opposed to having simple just one process?, the reasons are straight forward.
First and foremost it makes the teaching of networking easier, make fault finding much more efficient, makes the addition or removal of functions straight forward.
The OSI model is built using seven layers, counting from the bottom to the top, the first layer is called the Physical Layer or (L_1), this layer is responsible for connecting the host to the network and determining Functional, Procedural, Electrical and Mechanical aspects of the interface.
The layer above the Physical layer is called the Data Link Layer (L_2), this layer is responsible for how the host accesses the physical medium, error detection, hardware addressing, flow control, and identifying upper layer protocols.
Above the Data link layer we find the Network Layer (L_3), this layer is responsible for logical host addressing, Routed protocols and routing Protocols and identifying upper layer protocols.
The Transport layer (L_4) follows, this layer is one of the most interesting of all, as it provides reliable and unreliable transmission of data, segmentation. Sequencing of data, flow control using windowing, error correction.
The Session layer (L_5) which sits above the transport layer is responsible for establishing, maintaining and terminating session between end-user applications. Sessions between end-user applications are maintained using requests and responses, if a connection is lost between two applications the session layer will attempt to recover the connection by placing regular check points in the data flow and recovering the failed connection to the previous check point.
The Presentation layer (L_6) is responsible for formatting the user data from the layer above, an example of presenting the user data is ASCII or EBCDIC, encryption and compression is also performed here.
The top layer is the Application layer (L_7) is used by network applications. This layer provides services to programs that reside on your P.C such as HTTP provides a service to your browser
The description of each of the layers is a simple over view and we are going to cover all 7 layers in greater detail in other articles. But the point is that each layer has specific roles to perform as data passes up from the physical all the way to the application layer, this makes explaining each layer easier.
Each layer works independently from the layer above or below, let’s take a layer and call it L_N.
L_N receives user data from the layer above L_N+1 and acts upon it and then passes the data down to the layer below L_N-1, each layer adds their own information to the data they receive from L_N+1 and they subtracts their reciprocal layers data that was added by the sending host when they receive the data from below L_N-1.
By making each layer independent of other layers makes it easier for any procedure carried out at any layer to be changed without affecting any of the other layers.
Fault finding is also made easier by having a layered model, if I need to diagnose a problem with the logical addressing I just need to concentrate my efforts on L_3, if I have issues with connectivity I only need to fix L_1 without affecting any of the other layers. Having a layered model makes it easy to change, fix and modify any particular protocol or process without having to understand the inner workings of any of the other layers
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
EIGRP LOAD BALANCING for CCNA & CCNP
EIGRP LOAD BALANCING
Load balancing also referred to as load sharing gives the network the ability to use the bandwidth which is available on links which would have been only used in the event of the primary link failing.
Another use of Load balancing is much faster convergence since there are multiple routes in the routing table with the same prefix, in actual fact the convergence time in testing has been shown to be essentially instant.
As an example imagine we have a branch router with two routes to towards the headquarters prefix, if one of the routes was to fail EIGRP would not need to look for a Feasible successor in the topology nor will it go active on the route since the other route is already in the routing table. (For the record EIGRP will only look in the topology table or go active on a route if a prefix to the network does not exist in the routing table)
Enabling load balancing in EIGRP is quite simple and requires only two commands, the first of these commands is configured under the EIGRP path:
Router(conf-router)#maximum-path number
This command is defaulted to 4 paths which is generally seen as big enough since most networks would not have more than 4 possible paths.
The second command to configuring EIGRP load balancing is the variance command. The variance command gives you control of an operation known as a “multiplier”. This multiplier allows you to get around the problem of EIGRP’s rather large metric.
Consider a network with 2 or more paths through the network to a common destination, the chances of EIGRP’s metric being identical for all the routes is unlikely due to the fact that EIGRP uses such an unwieldy metric.
With the variance command you can instruct EIGRP to consider Feasible Successors as viable routes to be placed into the routing table along side the Successor route.
The variance is a multiplier which allows you to tell the EIGRP process to consider Feasible Successors which have Feasible Distances that fall within the value of the multiplier.
The way the variance works is you set the multiplier as a number between 1 and 128. The EIGRP process will then multiply the Successor’s route Feasible Distance by the value of the variance multiplier and any Feasible Successors whose Feasible Distance is less than the result of the variance multiplied by the Feasible distance will be placed into the routing table and treated as equal to the original route. The number of routes that can be placed into the routing table for the same prefix length is the value set by the “maximum-path” command which as you’ll recall is 4.
One point to always bear in mind is that unless a route in the topology table the path cannot be used to load balance across. For the route to make it into the topology table the Advertised distance of the route must be less than the Feasible Distance of the Successor route.
Traffic is load balanced across the path proportionally according to the route metrics with more traffic being sent across the lower metric paths, or the router will send all the traffic across the best metric path and leaving the other path in active standby in the event the primary path fails.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
Load balancing also referred to as load sharing gives the network the ability to use the bandwidth which is available on links which would have been only used in the event of the primary link failing.
Another use of Load balancing is much faster convergence since there are multiple routes in the routing table with the same prefix, in actual fact the convergence time in testing has been shown to be essentially instant.
As an example imagine we have a branch router with two routes to towards the headquarters prefix, if one of the routes was to fail EIGRP would not need to look for a Feasible successor in the topology nor will it go active on the route since the other route is already in the routing table. (For the record EIGRP will only look in the topology table or go active on a route if a prefix to the network does not exist in the routing table)
Enabling load balancing in EIGRP is quite simple and requires only two commands, the first of these commands is configured under the EIGRP path:
Router(conf-router)#maximum-path number
This command is defaulted to 4 paths which is generally seen as big enough since most networks would not have more than 4 possible paths.
The second command to configuring EIGRP load balancing is the variance command. The variance command gives you control of an operation known as a “multiplier”. This multiplier allows you to get around the problem of EIGRP’s rather large metric.
Consider a network with 2 or more paths through the network to a common destination, the chances of EIGRP’s metric being identical for all the routes is unlikely due to the fact that EIGRP uses such an unwieldy metric.
With the variance command you can instruct EIGRP to consider Feasible Successors as viable routes to be placed into the routing table along side the Successor route.
The variance is a multiplier which allows you to tell the EIGRP process to consider Feasible Successors which have Feasible Distances that fall within the value of the multiplier.
The way the variance works is you set the multiplier as a number between 1 and 128. The EIGRP process will then multiply the Successor’s route Feasible Distance by the value of the variance multiplier and any Feasible Successors whose Feasible Distance is less than the result of the variance multiplied by the Feasible distance will be placed into the routing table and treated as equal to the original route. The number of routes that can be placed into the routing table for the same prefix length is the value set by the “maximum-path” command which as you’ll recall is 4.
One point to always bear in mind is that unless a route in the topology table the path cannot be used to load balance across. For the route to make it into the topology table the Advertised distance of the route must be less than the Feasible Distance of the Successor route.
Traffic is load balanced across the path proportionally according to the route metrics with more traffic being sent across the lower metric paths, or the router will send all the traffic across the best metric path and leaving the other path in active standby in the event the primary path fails.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
EIGRP metrics
EIGRP metrics
EIGRP is a Cisco proprietary routing protocol, developed to be an alternative to the IETF OSPF Link state routing protocol and an advance on restrictive and limited Distance Vector protocols like RIP and IGRP.
EIGRP is unusual like is predecessor in that it’s metric is not a cumulative value of one single path value such as hop count or bandwidth but a collection of interface values . This collection of values goes to create a metric called a Composite.
The Composite metric is composed of the following values:
1. Bandwidth
2. Delay (Measured in 10s
3. Reliability
4. Load
5. MTU (Maximum Transmission Unit)
Even though EIGRP can use all five of these metrics only minimum bandwidth and delay are used to calculate the path metric.
It must be stressed that minimum bandwidth is the minimum bandwidth of the complete path, which means the bandwidth value does not indicate in any way number of router hops or how many low bandwidth interfaces there are along the path to the destination. Delay unlike bandwidth is a cumulative value which increments as the route is propagated along the path.
Cisco do not recommend Using Reliability and Load since these values are variable and will change dynamically causing the EIGRP protocol to recalculate the routes using cpu cycles allowing the device down. The MTU is NOT used in the calculation of the metric.
Bandwidth:
EIGRP uses 50% of the configured interface bandwidth. You might want to change the bandwidth value if a different value so that EIGRP updates do not consume or swamp the interface unnecessarily
The Metrics are also referred to as K values, and it is these values under the EIGRP routing process which need to be altered to either turn off and on or cause one metric value to be preferred more than another metric value.
Bandwidth is inverse minimum bandwidth of the path in bits per second scaled by a factor of 2.56 * 1012.
Delay:
Delay is calculated a cumulative value of the complete path. The delay is measured in tens of microseconds. Setting the interface delay to 1 will display the delay as 10us will represent 0.01ms, or setting the delay to 10 will display the delay as 100us will represent 0.10ms
The formula to calculate the metric is:
metric = [k1 * bandwidth + (k2 * bandwidth)/(256 - load) + k3 * delay]
If k5 is not equal to zero, you will need to perform the additional operation:
metric = metric * [k5/(reliability + k4)]
The k values setting are carried across in every EIGRP hello packet, if the K values are mismatched it will cause the EIGRP neighbour relationship to fail
The EIGRP metric is represented with a 32-bit field max EIGRP metric is decimal 4,294,967,040
Metrics are configured as follows:
R2(config)#router eigrp 1
R2(config-router)#metric ?
holddown Enable EIGRP holddown
maximum-hops Advertise EIGRP routes greater than as unreachable
weights Modify EIGRP metric coefficients
R2(config-router)#metric weights ?
<0-4293967295> Type Of Service (Only TOS 0 supported)
TOS was intended by cisco to be used to mark EIGRP messages so they may be handled by QoS
R2(config-router)#metric weights 0 ?
<0-4293967295> K1
K1 = Bandwidth, this K value represents Bandwidth which is by default set to 1
R2(config-router)#metric weights 0 1 ?
<0-4293967295> K2
K2 = Load, this K value represents Load, which is by default set to 0
R2(config-router)#metric weights 0 1 0 ?
<0-4293967295> K3
K3 = Load, this K value represents Delay, which is by default set to 1
R2(config-router)#metric weights 0 1 0 1 ?
<0-4293967295> K4
K4 = Load, this K value represents Reliability, which is by default set to 0
R2(config-router)#metric weights 0 1 0 1 0 ?
<0-4293967295> K5
K5= Load, this K value represents MTU, which is by default set to 0
R2(config-router)#metric weights 0 1 0 1 0 0
The eigrp K-value is used to set how much importance is given to a component of the eigrp metric.
So, by default, eigrp is set so that the "importance" of all K values apart from from bandwidth and delay is zero because the k-value for those components is zero.
The "importance" of bandwidth and delay is, by default, 1 because those components of the metric have a K-value of 1.
If you wanted eigrp to consider bandwidth twice as important as delay, for example, you would make bandwidth's K-value twice as large as the delay's K-value.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
EIGRP is a Cisco proprietary routing protocol, developed to be an alternative to the IETF OSPF Link state routing protocol and an advance on restrictive and limited Distance Vector protocols like RIP and IGRP.
EIGRP is unusual like is predecessor in that it’s metric is not a cumulative value of one single path value such as hop count or bandwidth but a collection of interface values . This collection of values goes to create a metric called a Composite.
The Composite metric is composed of the following values:
1. Bandwidth
2. Delay (Measured in 10s
3. Reliability
4. Load
5. MTU (Maximum Transmission Unit)
Even though EIGRP can use all five of these metrics only minimum bandwidth and delay are used to calculate the path metric.
It must be stressed that minimum bandwidth is the minimum bandwidth of the complete path, which means the bandwidth value does not indicate in any way number of router hops or how many low bandwidth interfaces there are along the path to the destination. Delay unlike bandwidth is a cumulative value which increments as the route is propagated along the path.
Cisco do not recommend Using Reliability and Load since these values are variable and will change dynamically causing the EIGRP protocol to recalculate the routes using cpu cycles allowing the device down. The MTU is NOT used in the calculation of the metric.
Bandwidth:
EIGRP uses 50% of the configured interface bandwidth. You might want to change the bandwidth value if a different value so that EIGRP updates do not consume or swamp the interface unnecessarily
The Metrics are also referred to as K values, and it is these values under the EIGRP routing process which need to be altered to either turn off and on or cause one metric value to be preferred more than another metric value.
Bandwidth is inverse minimum bandwidth of the path in bits per second scaled by a factor of 2.56 * 1012.
Delay:
Delay is calculated a cumulative value of the complete path. The delay is measured in tens of microseconds. Setting the interface delay to 1 will display the delay as 10us will represent 0.01ms, or setting the delay to 10 will display the delay as 100us will represent 0.10ms
The formula to calculate the metric is:
metric = [k1 * bandwidth + (k2 * bandwidth)/(256 - load) + k3 * delay]
If k5 is not equal to zero, you will need to perform the additional operation:
metric = metric * [k5/(reliability + k4)]
The k values setting are carried across in every EIGRP hello packet, if the K values are mismatched it will cause the EIGRP neighbour relationship to fail
The EIGRP metric is represented with a 32-bit field max EIGRP metric is decimal 4,294,967,040
Metrics are configured as follows:
R2(config)#router eigrp 1
R2(config-router)#metric ?
holddown Enable EIGRP holddown
maximum-hops Advertise EIGRP routes greater than
weights Modify EIGRP metric coefficients
R2(config-router)#metric weights ?
<0-4293967295> Type Of Service (Only TOS 0 supported)
TOS was intended by cisco to be used to mark EIGRP messages so they may be handled by QoS
R2(config-router)#metric weights 0 ?
<0-4293967295> K1
K1 = Bandwidth, this K value represents Bandwidth which is by default set to 1
R2(config-router)#metric weights 0 1 ?
<0-4293967295> K2
K2 = Load, this K value represents Load, which is by default set to 0
R2(config-router)#metric weights 0 1 0 ?
<0-4293967295> K3
K3 = Load, this K value represents Delay, which is by default set to 1
R2(config-router)#metric weights 0 1 0 1 ?
<0-4293967295> K4
K4 = Load, this K value represents Reliability, which is by default set to 0
R2(config-router)#metric weights 0 1 0 1 0 ?
<0-4293967295> K5
K5= Load, this K value represents MTU, which is by default set to 0
R2(config-router)#metric weights 0 1 0 1 0 0
The eigrp K-value is used to set how much importance is given to a component of the eigrp metric.
So, by default, eigrp is set so that the "importance" of all K values apart from from bandwidth and delay is zero because the k-value for those components is zero.
The "importance" of bandwidth and delay is, by default, 1 because those components of the metric have a K-value of 1.
If you wanted eigrp to consider bandwidth twice as important as delay, for example, you would make bandwidth's K-value twice as large as the delay's K-value.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
Configuring CCNA Dynamic DHCP on a Cisco Router Part 2
Configuring CCNA Dynamic DHCP on a Cisco Router Part 2
For the CCNA certification you must have a solid understanding in how to configure Dynamic Host Configuration Protocol (DHCP) on a Cisco router to serve IP address information to one or multiple subnets
Step 1: The first step is to enable the DHCP service on the Cisco Router
Router(config)# service dhcp
This command enables the Cisco DHCP server on the Router and relay features on your router.
To remove the command use the same command with no at the beginning
Configuring the DHCP Pool Name
Configure the DHCP pool name and, use the following command in global configuration mode:
Router(config)# ip dhcp pool name
This command creates a name for the DHCP Server IP address pool and puts you into DHCP pool configuration mode, the prompt changes to dhcp-config# .
Setting up the DHCP Address Pool Subnet and Mask
Next step is to setup a subnet and mask for the DHCP address pool you just created. This pool contains the valid range of IP addresses which the DHCP Server will assign to DHCP clients:
Router(dhcp-config)# network network-number [mask | /prefix-length]
The prefix length indicates the number of bits which make up the address prefix. The prefix is the alternative way to specify the network mask of the client.
Setting up the Domain Name for the Client
The domain name for a DHCP client puts the client into that domain.
Router(dhcp-config)# domain-name domain
Setting up the IP Domain Name System Servers for the Client
When DHCP clients query DNS IP servers when they need to resolve host names or URLS to IP addresses.
Router(dhcp-config)# dns-server address [address2 ... address5]
Specifies the IP address of a DNS server that is available to a DHCP client. Only one IP address is needed but you can configure up to 8 of them.
Configuring the Default Router for the Client
The DHCP client needs to route off of the network and needs to know the IPaddress of the default gateway or default router. The IP address of the default router has to be on the same subnet as the DHCP client.
Router(dhcp-config)# default-router address [address2 ... address8]
Specifies the IP address of a DNS server that is available to a DHCP client. Only one IP address is needed but you can configure up to 8 of them.
Setting up the Address Lease Time
The default lease time for each IP address assigned by a DHCP Server one-day. This is the period of time which the leased address is valid. To change the lease value for an IP address:
Router(dhcp-config)# lease {days [hours][minutes] | infinite}
Configuring Dynamic DHCP on a Cisco Router Part 2
For the CCNA certification you must have a solid understanding in how to configure Dynamic Host Configuration Protocol (DHCP) on a Cisco router to serve IP address information to one or multiple subnets
Example Configuration of DHCP
Router(config)# service dhcp
Router(config)# ip dhcp pool CCNA
Router(dhcp-config)# network 10.1.1.0 255.255.255.0
Router(dhcp-config)# domain-name COMMSUPPORT.LOCAL
Router(dhcp-config)# dns-server 10.1.1.1
Router(dhcp-config)# default-router 10.1.1.254
Router(dhcp-config)# lease 5 2 3
The above configuration will assign an address in the range between 10.1.1.2 and 10.1.1.253 to any DHCP client, the DHCP server will also tell the DHCP client that the domain name is commsupport.local, that the DNS server on the subnet is 10.1.1.1, to use a gateway known as 10.1.1.254 and to hold onto the address for 5 days 2 hours and 3 minutes
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
For the CCNA certification you must have a solid understanding in how to configure Dynamic Host Configuration Protocol (DHCP) on a Cisco router to serve IP address information to one or multiple subnets
Step 1: The first step is to enable the DHCP service on the Cisco Router
Router(config)# service dhcp
This command enables the Cisco DHCP server on the Router and relay features on your router.
To remove the command use the same command with no at the beginning
Configuring the DHCP Pool Name
Configure the DHCP pool name and, use the following command in global configuration mode:
Router(config)# ip dhcp pool name
This command creates a name for the DHCP Server IP address pool and puts you into DHCP pool configuration mode, the prompt changes to dhcp-config# .
Setting up the DHCP Address Pool Subnet and Mask
Next step is to setup a subnet and mask for the DHCP address pool you just created. This pool contains the valid range of IP addresses which the DHCP Server will assign to DHCP clients:
Router(dhcp-config)# network network-number [mask | /prefix-length]
The prefix length indicates the number of bits which make up the address prefix. The prefix is the alternative way to specify the network mask of the client.
Setting up the Domain Name for the Client
The domain name for a DHCP client puts the client into that domain.
Router(dhcp-config)# domain-name domain
Setting up the IP Domain Name System Servers for the Client
When DHCP clients query DNS IP servers when they need to resolve host names or URLS to IP addresses.
Router(dhcp-config)# dns-server address [address2 ... address5]
Specifies the IP address of a DNS server that is available to a DHCP client. Only one IP address is needed but you can configure up to 8 of them.
Configuring the Default Router for the Client
The DHCP client needs to route off of the network and needs to know the IPaddress of the default gateway or default router. The IP address of the default router has to be on the same subnet as the DHCP client.
Router(dhcp-config)# default-router address [address2 ... address8]
Specifies the IP address of a DNS server that is available to a DHCP client. Only one IP address is needed but you can configure up to 8 of them.
Setting up the Address Lease Time
The default lease time for each IP address assigned by a DHCP Server one-day. This is the period of time which the leased address is valid. To change the lease value for an IP address:
Router(dhcp-config)# lease {days [hours][minutes] | infinite}
Configuring Dynamic DHCP on a Cisco Router Part 2
For the CCNA certification you must have a solid understanding in how to configure Dynamic Host Configuration Protocol (DHCP) on a Cisco router to serve IP address information to one or multiple subnets
Example Configuration of DHCP
Router(config)# service dhcp
Router(config)# ip dhcp pool CCNA
Router(dhcp-config)# network 10.1.1.0 255.255.255.0
Router(dhcp-config)# domain-name COMMSUPPORT.LOCAL
Router(dhcp-config)# dns-server 10.1.1.1
Router(dhcp-config)# default-router 10.1.1.254
Router(dhcp-config)# lease 5 2 3
The above configuration will assign an address in the range between 10.1.1.2 and 10.1.1.253 to any DHCP client, the DHCP server will also tell the DHCP client that the domain name is commsupport.local, that the DNS server on the subnet is 10.1.1.1, to use a gateway known as 10.1.1.254 and to hold onto the address for 5 days 2 hours and 3 minutes
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
Configuring Cisco Trunk links for CCNA
Configuring Cisco Trunk links
As a CCNA candidate you must be familiar with the functions and configuration of trunk links.
In brief a trunk link is any connection between two switches where there is the need to carry traffic for multiple vlans.
When a switch sends traffic out of one of it’s switch ports belonging to a vlan across to another switch it must mark the frame as being a member of that originating vlan on the sending switch so that the receiving switch can determine into which vlan to place the frame.
In the CCNA there are various methods of trunk link configuration that you must know and understand.
The first method of trunk link configuration you must know for the CCNA is the mode known as dynamic desirable. In this mode the port will take it upon itself to negotiate with the peer connecting port to become a trunk link.
This Protocol is known as DTP (Dynamic Trunking Protocol), in the CCNA the way in which DTP operates is expected.
Switch(config-if)#switchport mode dynamic auto
As a CCNA candidate you have to know that a port set to DTP (Default on many Cisco Switches) will always try to become a trunk, periodically the port set to Dynamic Desirable will send out a DTP frame, if it receives a DTP frame in return then at that point the two ports will become trunks.
The second method for port setting is known as Dynamic Auto, another topic that as a CCNA student you must know and experiment with. Unlike Dynamic Desirable, the Auto mode is in a passive state and will not issue DTP frames until it receives a DTP frame from an attached port, at which point the auto mode port will reply with it’s own DTP frame and the two ports will then become trunk links and carry all vlans by default.
Switch(config-if)#switchport mode dynamic auto
The third method which as a CCNA candidate you must be aware of is the generally preferred method and is called simply “Trunk”. In this particular mode the port is going to become a static trunk regardless how the other end is set.
Switch(config-if)#switchport mode trunk
When setting a port to “Trunk” many CCNA students believe that DTP is disabled, this is not the case, to disable DTP one must run an exclusive command under the interface prompt, his command is
Switch(config-if)#switchport nonegociate
It is advisable that all ports connecting switches together are set for static trunking and that DTP is turned off.
The point of turning off DTP is so that is no other Cisco device (By somebody wanting view your traffic) to is connected to your switch they will not inadvertently negotiate a trunk link, at which point all of your broadcast traffic from all vlans is visible.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
As a CCNA candidate you must be familiar with the functions and configuration of trunk links.
In brief a trunk link is any connection between two switches where there is the need to carry traffic for multiple vlans.
When a switch sends traffic out of one of it’s switch ports belonging to a vlan across to another switch it must mark the frame as being a member of that originating vlan on the sending switch so that the receiving switch can determine into which vlan to place the frame.
In the CCNA there are various methods of trunk link configuration that you must know and understand.
The first method of trunk link configuration you must know for the CCNA is the mode known as dynamic desirable. In this mode the port will take it upon itself to negotiate with the peer connecting port to become a trunk link.
This Protocol is known as DTP (Dynamic Trunking Protocol), in the CCNA the way in which DTP operates is expected.
Switch(config-if)#switchport mode dynamic auto
As a CCNA candidate you have to know that a port set to DTP (Default on many Cisco Switches) will always try to become a trunk, periodically the port set to Dynamic Desirable will send out a DTP frame, if it receives a DTP frame in return then at that point the two ports will become trunks.
The second method for port setting is known as Dynamic Auto, another topic that as a CCNA student you must know and experiment with. Unlike Dynamic Desirable, the Auto mode is in a passive state and will not issue DTP frames until it receives a DTP frame from an attached port, at which point the auto mode port will reply with it’s own DTP frame and the two ports will then become trunk links and carry all vlans by default.
Switch(config-if)#switchport mode dynamic auto
The third method which as a CCNA candidate you must be aware of is the generally preferred method and is called simply “Trunk”. In this particular mode the port is going to become a static trunk regardless how the other end is set.
Switch(config-if)#switchport mode trunk
When setting a port to “Trunk” many CCNA students believe that DTP is disabled, this is not the case, to disable DTP one must run an exclusive command under the interface prompt, his command is
Switch(config-if)#switchport nonegociate
It is advisable that all ports connecting switches together are set for static trunking and that DTP is turned off.
The point of turning off DTP is so that is no other Cisco device (By somebody wanting view your traffic) to is connected to your switch they will not inadvertently negotiate a trunk link, at which point all of your broadcast traffic from all vlans is visible.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
Cisco CCNA Switched VLAN’s Tutorial
Cisco CCNA Switched VLAN’s Tutorial
As a CCNA students you must be familiar with and comfortable with the concepts of Vlans Before you get into what they are is you need to understand what a Local area network is.
The definition of a Local Area Network (LAN) is a collection of network devices located on a shared broadcast domain. This broadcast domain may comprise one physical backbone like a Co-axial cable with drop cables running back to the hosts on the LAN.
The number of devices on the shared broadcast domain will have an impact on the performance of your network. Hosts on the network are continually sending out broadcasts on discover other hosts on the local network segment. Broadcasts are a necessary evil on your networks, without them your hosts would and could not discover the layer 2 addresses of other machines on the local LAN.
This is where you start to consider implementing vlans on your network. With vlans operating on your networks you can control the scope or range of the broadcast and contain it and prevent it from affecting all host across your lans.
Not only can you prevent broadcasts from unnecessarily interrupting hosts you also use vlans to group hosts with similar functions into a common vlan for the purposes of security. Once a Host is on a vlan it is protected from seeing or being seen by devices on other vlans, even of the host on other vlan is on the next port along. Using vlans allows us to logical partition your switches.
Using vlans to logically partition your switches you do away with the need to purchase any further equipment to segment your network.
Lets look at partitioning the switch into logical segments. When the switch first arrives out of the box or is defaulted back to factory defaults all of the ports are in one common vlan known as VLAN 1. This entity is also referred to as the NATIVE VLAN.
When you connect your network hosts into the ports all subsequent traffic which they generate will be placed into the vlan of that connected port, in the default case this would be V1, all devices which are connected to this vlan are going to see all other hosts broadcast traffic, so here we see that by merely placing the devices into a vlan does not mean the broadcasts will cease.
We are going to use and example 24 port switch to see how to configure the device.
In this exercise the task is to create 3 additional vlans and place 8 ports into each vlan, the result ought to be that the switch has 3 new broadcast domain.
Switch#
Switch#configure terminal
Switch(config)#vlan 2
Switch(config-vlan)#exit
Switch(config)#vlan 3
Switch(config-vlan)#exit
Switch(config)#vlan 4
Switch(config-vlan)#exit
In the example above the commands used created and additional 3 vlans on our switch
Switch(config)#interface range fastethernet 0/1 - 8
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 2
Switch(config-if-range)#exit
Switch(config)#interface range fastethernet 0/9 - 16
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 3
Switch(config-if-range)#exit
Switch(config)#interface range fastethernet 0/17 - 24
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 4
In the commands above:
The ports numbered from 1 through 8 were assigned to v2
The ports numbered from 9 through 16 were assigned to v3
The ports numbered from 17 through 24 were assigned to v4
Switch(config-if-range)#end
Switch#copy run start
Finally we save our configuration.
In all our fictional switch now has 3 new broadcast domains, by populating all of our switchports with hosts it would have the effect of securing the visibility of host on one broadcast domain from seeing hosts on one of the other broadcast domains from a security stand point this is ideal and from a performance point of view it achieves exactly what we need
Commsupport Networks provides you with low cost quality Cisco CCNA training in the uk in a classroom or live on-line web based environment.
Warning: Purely CD or DVD ROM training should be avoided, Learning by watching television is NOT ideal.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
As a CCNA students you must be familiar with and comfortable with the concepts of Vlans Before you get into what they are is you need to understand what a Local area network is.
The definition of a Local Area Network (LAN) is a collection of network devices located on a shared broadcast domain. This broadcast domain may comprise one physical backbone like a Co-axial cable with drop cables running back to the hosts on the LAN.
The number of devices on the shared broadcast domain will have an impact on the performance of your network. Hosts on the network are continually sending out broadcasts on discover other hosts on the local network segment. Broadcasts are a necessary evil on your networks, without them your hosts would and could not discover the layer 2 addresses of other machines on the local LAN.
This is where you start to consider implementing vlans on your network. With vlans operating on your networks you can control the scope or range of the broadcast and contain it and prevent it from affecting all host across your lans.
Not only can you prevent broadcasts from unnecessarily interrupting hosts you also use vlans to group hosts with similar functions into a common vlan for the purposes of security. Once a Host is on a vlan it is protected from seeing or being seen by devices on other vlans, even of the host on other vlan is on the next port along. Using vlans allows us to logical partition your switches.
Using vlans to logically partition your switches you do away with the need to purchase any further equipment to segment your network.
Lets look at partitioning the switch into logical segments. When the switch first arrives out of the box or is defaulted back to factory defaults all of the ports are in one common vlan known as VLAN 1. This entity is also referred to as the NATIVE VLAN.
When you connect your network hosts into the ports all subsequent traffic which they generate will be placed into the vlan of that connected port, in the default case this would be V1, all devices which are connected to this vlan are going to see all other hosts broadcast traffic, so here we see that by merely placing the devices into a vlan does not mean the broadcasts will cease.
We are going to use and example 24 port switch to see how to configure the device.
In this exercise the task is to create 3 additional vlans and place 8 ports into each vlan, the result ought to be that the switch has 3 new broadcast domain.
Switch#
Switch#configure terminal
Switch(config)#vlan 2
Switch(config-vlan)#exit
Switch(config)#vlan 3
Switch(config-vlan)#exit
Switch(config)#vlan 4
Switch(config-vlan)#exit
In the example above the commands used created and additional 3 vlans on our switch
Switch(config)#interface range fastethernet 0/1 - 8
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 2
Switch(config-if-range)#exit
Switch(config)#interface range fastethernet 0/9 - 16
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 3
Switch(config-if-range)#exit
Switch(config)#interface range fastethernet 0/17 - 24
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 4
In the commands above:
The ports numbered from 1 through 8 were assigned to v2
The ports numbered from 9 through 16 were assigned to v3
The ports numbered from 17 through 24 were assigned to v4
Switch(config-if-range)#end
Switch#copy run start
Finally we save our configuration.
In all our fictional switch now has 3 new broadcast domains, by populating all of our switchports with hosts it would have the effect of securing the visibility of host on one broadcast domain from seeing hosts on one of the other broadcast domains from a security stand point this is ideal and from a performance point of view it achieves exactly what we need
Commsupport Networks provides you with low cost quality Cisco CCNA training in the uk in a classroom or live on-line web based environment.
Warning: Purely CD or DVD ROM training should be avoided, Learning by watching television is NOT ideal.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
BPDU Guard for CCNA
BPDUGuard
As a CCNA / CCNP candidate you are expected to understand the purpose and function of Spanning-tree BPDU guard. The CCNA / CCNP’s exam will ask of you to determine the purpose of the BPDUGuard (Bridge Protocol Data Unit) within the spanning-tree protocol.
Before we go into detail as to the purpose of the BPDU Guard feature a quick recap on the spanning-tree protocol is required.
Spanning-tree is a protocol which is designed to prevent physical and/or logical loops in your layer 2 network. Spanning-tree achieves this loop free environment by first of all electing a device to act as the focal point of the network which all other switches measure themselves from. This focal point role is an elected role. The election of the focal point known as the “Root Bridge” is done at the very start of spanning-tree determining the loop free topology, the election of the Root Bridge is carried out by using a combination of the switches MAC address and a value known as the “Default Priority”.
These two values are conveyed into the network via BPDU’s. BPDU’s are used by spanning-tree to maintain a stable state network. In standard 802.1D spanning-tree for instance only the Root Bridge generated a BPDU.
The stability of the Root Bridge is of paramount importance in the operation and continual uninterrupted service of spanning-tree. A change in the position of the Root Bridge will cause service disruption on the network with data and voice session timing out.
It is important to consider what events could cause a change in the position of the Root Bridge, events such as links failing between the existing Root Bridge and the rest of the network would cause a change, or possibly a duplex mismatch between the Root Bridge and downstream switches causing the spanning-tree messages from the Root Bridge from reaching the other parts of the network. These events are easily fixed and resolved none of which would require the use of the BPDU Guard feature.
In our network we want to enforce the Spanning-tree domain borders and keep our active topology and the position of our Root Bridge predictable.
In our network we enable BPDU Guard only on access ports (access ports lead to end user devices) so that any end user devices on these ports that have BPDU Guard enabled are not able to influence the Spanning-tree topology.
BPDU Guard is enabled on an access port:
Swith(config-if)#spanning-tree bpduguard enable
Once BPDU Guard is enabled it will keep an eye open for any BPDU’s entering the access ports. The only devices which can reliably create and transmit BPDU’s are switches.
We want to keep a predictable topology and not allow other switches outside our control onto our network. If a rogue switch is introduced into our topology it will in most cases transmit a BPDU, if the rogue switch has “better” values than the existing Root Bridge it will cause a topology change in the switched network. Any topology change is bad news for the users.
By configuring the “BPDU Guard” feature on the access-ports enables the spanning-tree protocol to shut the port down in the event that is receives a BPDU. As a rule of thumb, BPDU’s are really only expected across trunk links.
If a rogue switch is plugged into a port configured for BPDU Guard, the port will disable as soon as the first BPDU is received, by shutting the port down we prevent the rogue switch from affecting our spanning-tree topology.
To re-enable a port disabled by BDPU Guard you will need to remove the offending device and then bounce the port by issuing the shut/no shut command.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
As a CCNA / CCNP candidate you are expected to understand the purpose and function of Spanning-tree BPDU guard. The CCNA / CCNP’s exam will ask of you to determine the purpose of the BPDUGuard (Bridge Protocol Data Unit) within the spanning-tree protocol.
Before we go into detail as to the purpose of the BPDU Guard feature a quick recap on the spanning-tree protocol is required.
Spanning-tree is a protocol which is designed to prevent physical and/or logical loops in your layer 2 network. Spanning-tree achieves this loop free environment by first of all electing a device to act as the focal point of the network which all other switches measure themselves from. This focal point role is an elected role. The election of the focal point known as the “Root Bridge” is done at the very start of spanning-tree determining the loop free topology, the election of the Root Bridge is carried out by using a combination of the switches MAC address and a value known as the “Default Priority”.
These two values are conveyed into the network via BPDU’s. BPDU’s are used by spanning-tree to maintain a stable state network. In standard 802.1D spanning-tree for instance only the Root Bridge generated a BPDU.
The stability of the Root Bridge is of paramount importance in the operation and continual uninterrupted service of spanning-tree. A change in the position of the Root Bridge will cause service disruption on the network with data and voice session timing out.
It is important to consider what events could cause a change in the position of the Root Bridge, events such as links failing between the existing Root Bridge and the rest of the network would cause a change, or possibly a duplex mismatch between the Root Bridge and downstream switches causing the spanning-tree messages from the Root Bridge from reaching the other parts of the network. These events are easily fixed and resolved none of which would require the use of the BPDU Guard feature.
In our network we want to enforce the Spanning-tree domain borders and keep our active topology and the position of our Root Bridge predictable.
In our network we enable BPDU Guard only on access ports (access ports lead to end user devices) so that any end user devices on these ports that have BPDU Guard enabled are not able to influence the Spanning-tree topology.
BPDU Guard is enabled on an access port:
Swith(config-if)#spanning-tree bpduguard enable
Once BPDU Guard is enabled it will keep an eye open for any BPDU’s entering the access ports. The only devices which can reliably create and transmit BPDU’s are switches.
We want to keep a predictable topology and not allow other switches outside our control onto our network. If a rogue switch is introduced into our topology it will in most cases transmit a BPDU, if the rogue switch has “better” values than the existing Root Bridge it will cause a topology change in the switched network. Any topology change is bad news for the users.
By configuring the “BPDU Guard” feature on the access-ports enables the spanning-tree protocol to shut the port down in the event that is receives a BPDU. As a rule of thumb, BPDU’s are really only expected across trunk links.
If a rogue switch is plugged into a port configured for BPDU Guard, the port will disable as soon as the first BPDU is received, by shutting the port down we prevent the rogue switch from affecting our spanning-tree topology.
To re-enable a port disabled by BDPU Guard you will need to remove the offending device and then bounce the port by issuing the shut/no shut command.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, CCNP
CCNA House keeping commands
CCNA House keeping commands
IP Domain-lookup Commands.
For people coming into Cisco networking for the first time they are always surprised by a few of the default command settings that are present on the Cisco routers and switches.
These default command settings can be a real pain if left at their default settings and unless they are changed the CCNA student is generally going to become increasingly frustrated.
At Commsupport we continually practice the procedure of instructing our CCNA students (and sometimes our CCNP students) that they must change the default settings in order to make their programming via the command line a lot more fluid and without interruption.
The first of our house keeping commands is the “ip domain-lookup” command.
The ip domain-lookup command is enabled by default. The purpose of this command is to assist the administrator resolve names into ip addresses so they may telnet to remote devices. This seems on the face of it a good setting, the issues are that the system does not understand the difference between a valid hostname and a typo. In most cases if not all the system will interpret a typo as a hostname and start to broadcast out to DNS on the address of 255.255.255.255.
The broadcast itself is a minor nuisance on the network but the major issue that our CCNA students find is that in a majority of times the console from which they are configuring the system from be it tera-term, hyper terminal etc will lock up whilst it is broadcasting out for the non-existent IP address for the typo. Being new to Cisco our CCNA students will inevitably make typing mistakes, (although even the most dog eared of network administrators will also making typing mistakes)
To prevent the console from timing out every time a typo is issued it important to turn the “ip domain-lookup” off. At this point it is important to mention that only typos executed at the “user mode” and “privileged exec mode” will cause a time-out to occur, if a typo is issued under any off the other commands prompts the Cisco device will simply return an error message and return the command prompt without any console timeout.
To turn off the default issue the following command:
Note: The prompt is “router” but this command can also be executed on a switch.
Router(config)#no ip domain-lookup
The emphasis is on the “no” argument. Execute the command by pressing the return key. At this point if a typo is executed at the “user mode” and “privileged exec mode” will not cause a time-out to occur but instead the Cisco device will try to interrupt a typo to an IP address using only the local host table held within the “ip host” table.
Using the local “IP host” table is quite common, so rather than having to enter the full IP address of the destination device that you have to telnet to you would simply enter the host name of the device and the Cisco device will lookup the name in the local host table for a matching name and then resolve the name to the associated IP address.
Joe Spoto is a senior lecturer at Commsupport networks CCNA in the United Kingdom. Joe teaches Cisco CCNA, CCNP, CCVP courses when he is not out on the road fixing and building networks, if you want to find out more about what we do at Commsupport please visit us at CCNA Commsupport run free one day training sessions and free on-line webinars, http://www.commsupport.co.uk/02_ccnp.htm">CCNP>
Subscribe to:
Posts (Atom)