Friends,
Its been a long time since i blogged. Blame it entirely on me. I apologise (once again).
I am now at a cross roads in life where its time for me to decide whether I really want to pursue CCIE !
I have tired three times with full steam ahead and have fallen short of labbing even once. Forget passing or failing.
Blame it on lot of circumstances, all of them which I could control but didn't..
Work has never been a problem with me, my manager and everyone else at work & home supports me for the lab. I have world's best of facilities including a free air ticket, visa, hotel accommodation and 3 free LAB attempts....
Personal life has had its UPs not many downs....I am now a father of 2 children and am required to pay more attention to them....
I have had no issues finding time to study....Its the perennial disease which has stalled my career for last 5 years......PROCRASTINATION....I for some screwed up reason love to procrastinate....a lot of it.
I also realise I have slipped into comfort zone at work and at home.. Nothing anymore excites me to run at it and grab it....I don't know how to shrug off this comfort.
Its been a long cherished dream to have a CCIE, a dream now for over 10years. I still dream about CCIE, but fall miserably short of putting it into action for sustaining it till end of the preparation and into the lab.
I need your earnest advice,
DO I lab or let it go... ?
Showing posts with label CCIE. Show all posts
Showing posts with label CCIE. Show all posts
Monday, May 31, 2010
Monday, April 07, 2008
Adv Technologies: EIGRP
#########EIGRP Authentication########
Takes some time, so will need to be patient. Need to chage system clock (clock set 00:22:00 1 Feb 2007) for Auth to kick in
OR
clear ip eigrp neigh will do
Also there is a typo, can u spot the mistake ?
key chain EIGRP
key 1
key-string CISCO123
accept-lifetime 00:00:00 Mar 1 2002 00:15:00 Jan 1 2007
send-lifetime 00:00:00 Mar 1 2002 00:00:00 Jan 1 2007
key 2
key-string CISCO456
accept-lifetime 23:45:00 Dec 31 2006 infinite
send-lifetime 00:00:00 Jan 1 2007 infinite
Rack1R4#sh key chain
Key-chain EIGRP:
key 1 -- text "CISCO123 "
accept lifetime (00:00:00 UTC Mar 1 2002) - (00:15:00 UTC Jan 1 2007) [valid now]
send lifetime (00:00:00 UTC Mar 1 2002) - (00:00:00 UTC Jan 1 2007) [valid now]
key 2 -- text "CISCO456"
accept lifetime (23:45:00 UTC Dec 31 2006) - (infinite)
send lifetime (00:00:00 UTC Jan 1 2007) - (infinite)
Rack1R4#
Rack1R5#sh key cha
Key-chain EIGRP:
key 1 -- text "CISCO123"
accept lifetime (00:00:00 UTC Jan 1 2002) - (00:15:00 UTC Jan 1 2007) [valid now]
send lifetime (00:00:00 UTC Jan 1 2002) - (00:00:00 UTC Jan 1 2007) [valid now]
key 2 -- text "CISCO456"
accept lifetime (23:45:00 UTC Dec 31 2006) - (infinite) [valid now]
send lifetime (00:00:00 UTC Jan 1 2007) - (infinite)
Rack1R5#
Ans: in R4 router, there is an additional space in the Key 1 "CISCO123 "
#########EIGRP Stub########
From Non Stub router only UPDATES are sent out to stub neighbor, no QUERIES sent to stub
But a Non Stub router will receive QUERIES from stub neighbor and will reply to the same.
########### Leak-map ########################
ip summary-address eigrp 100 0.0.0.0 0.0.0.0 leak-map LEAK
The benefit of route leaking (advertising a route) is that the leaked route is more specific than a summarized route and is therefore the preferred route.
#######How To ############
Configuring an EIGRP Summary Address to Leak a Component Route
There might be times when you have summarized routes, but you want a particular route to be advertised. The benefit of route leaking (advertising a route) is that the leaked route is more specific than a summarized route and is therefore the preferred route. Perform this task to leak an EIGRP route that would otherwise be suppressed by a summary route.
In general, leaking an EIGRP route is achieved by defining a standard IP access list (or IP prefix list) to identify the component route as a source address. Then the access list is referenced in a route map (in a match ip address command), and the route map is referenced by the leak-map keyword in the ip summary-address eigrp command.
You can use a single access list to permit all the routes that you want to leak through a single summary.
##Behavior if EIGRP Route Leaking Is Configured Incompletely##
The following default behavior occurs if the ip summary-address eigrp command is configured using the leak-map keyword and either the route map or access list is not configured:
--If the leak-map keyword is configured to reference a nonexistent route map, the configuration of this keyword has no effect. The summary address is advertised, but all component routes are suppressed.
--If the leak-map keyword is configured, but the access list does not exist or the route map does not reference the access list, the summary address and all component routes are sent.
###############ip default-network ############################
When deciding whether to use a default static route or a default network, keep in mind that if you want the routing protocol to propagate the default route, the ip default-network command will do that for you. But if you want only the local router to have the default route, a static IP route is the way to go.
http://blog.internetworkexpert.com/2008/01/15/issues-with-the-ip-default-network-command/
##############Changing Internal and External AD of EIGRP Routes ############
NOTE: We can not change distance for individual external EIGRP prefixes
distance eigrp 99 200
e.g all internal routes set to AD99 and external routes set to AD200
However we can still change {selectively} AD of internal routes from 99 to something else as shwon below, but cannot {selectively} change AD of external routes
NOTE: that you specify neighbor’s IP address (like with RIP and unlike OSPF)
when you fine-tune AD based on access-list
"distance 199 155.1.45.5 0.0.0.0 10"
e.g: This will set the routes recd from source-ip 155.1.45.5 to AD 199 if the routes match that in ACL 10
#################Filtering with Distribute Lists ############
router eigrp 100
distribute-list 99 in Serial 0/0
distribute-list 99 in Serial 0/1
A bit advanced distribute-list with route-map
router eigrp 100
distribute-list route-map FILTER_EIGRP in serial 0/1
distribute-list route-map FILTER_EIGRP in serial 0/0
Where all the magic happens in FILTER_EIGRP route-map to match against tag 100 and then selectively permit only those routes in, rest are filtered#########EIGRP AUthentication########
Takes some time, so will need to be patient. Need to chage system clock (clock set 00:22:00 1 Feb 2007) for Auth to kick in
OR
clear ip eigrp neigh will do
Also there is a typo, can u spot the mistake ?
key chain EIGRP
key 1
key-string CISCO123
accept-lifetime 00:00:00 Mar 1 2002 00:15:00 Jan 1 2007
send-lifetime 00:00:00 Mar 1 2002 00:00:00 Jan 1 2007
key 2
key-string CISCO456
accept-lifetime 23:45:00 Dec 31 2006 infinite
send-lifetime 00:00:00 Jan 1 2007 infinite
Rack1R4#sh key chain
Key-chain EIGRP:
key 1 -- text "CISCO123 "
accept lifetime (00:00:00 UTC Mar 1 2002) - (00:15:00 UTC Jan 1 2007) [valid now]
send lifetime (00:00:00 UTC Mar 1 2002) - (00:00:00 UTC Jan 1 2007) [valid now]
key 2 -- text "CISCO456"
accept lifetime (23:45:00 UTC Dec 31 2006) - (infinite)
send lifetime (00:00:00 UTC Jan 1 2007) - (infinite)
Rack1R4#
Rack1R5#sh key cha
Key-chain EIGRP:
key 1 -- text "CISCO123"
accept lifetime (00:00:00 UTC Jan 1 2002) - (00:15:00 UTC Jan 1 2007) [valid now]
send lifetime (00:00:00 UTC Jan 1 2002) - (00:00:00 UTC Jan 1 2007) [valid now]
key 2 -- text "CISCO456"
accept lifetime (23:45:00 UTC Dec 31 2006) - (infinite) [valid now]
send lifetime (00:00:00 UTC Jan 1 2007) - (infinite)
Rack1R5#
Ans: in R4 router, there is an additional space in the Key 1 "CISCO123 "
#########EIGRP Stub########
From Non Stub router only UPDATES are sent out to stub neighbor, no QUERIES sent to stub
But a Non Stub router will receive QUERIES from stub neighbor and will reply to the same.
########### Leak-map ########################
ip summary-address eigrp 100 0.0.0.0 0.0.0.0 leak-map LEAK
The benefit of route leaking (advertising a route) is that the leaked route is more specific than a summarized route and is therefore the preferred route.
#######How To ############
Configuring an EIGRP Summary Address to Leak a Component Route
There might be times when you have summarized routes, but you want a particular route to be advertised. The benefit of route leaking (advertising a route) is that the leaked route is more specific than a summarized route and is therefore the preferred route. Perform this task to leak an EIGRP route that would otherwise be suppressed by a summary route.
In general, leaking an EIGRP route is achieved by defining a standard IP access list (or IP prefix list) to identify the component route as a source address. Then the access list is referenced in a route map (in a match ip address command), and the route map is referenced by the leak-map keyword in the ip summary-address eigrp command.
You can use a single access list to permit all the routes that you want to leak through a single summary.
##Behavior if EIGRP Route Leaking Is Configured Incompletely##
The following default behavior occurs if the ip summary-address eigrp command is configured using the leak-map keyword and either the route map or access list is not configured:
--If the leak-map keyword is configured to reference a nonexistent route map, the configuration of this keyword has no effect. The summary address is advertised, but all component routes are suppressed.
--If the leak-map keyword is configured, but the access list does not exist or the route map does not reference the access list, the summary address and all component routes are sent.
###############ip default-network ############################
When deciding whether to use a default static route or a default network, keep in mind that if you want the routing protocol to propagate the default route, the ip default-network command will do that for you. But if you want only the local router to have the default route, a static IP route is the way to go.
http://blog.internetworkexpert.com/2008/01/15/issues-with-the-ip-default-network-command/
##############Changing Internal and External AD of EIGRP Routes ############
NOTE: We can not change distance for individual external EIGRP prefixes
distance eigrp 99 200
e.g all internal routes set to AD99 and external routes set to AD200
However we can still change {selectively} AD of internal routes from 99 to something else as shwon below, but cannot {selectively} change AD of external routes
NOTE: that you specify neighbor’s IP address (like with RIP and unlike OSPF)
when you fine-tune AD based on access-list
"distance 199 155.1.45.5 0.0.0.0 10"
e.g: This will set the routes recd from source-ip 155.1.45.5 to AD 199 if the routes match that in ACL 10
#################Filtering with Distribute Lists ############
router eigrp 100
distribute-list 99 in Serial 0/0
distribute-list 99 in Serial 0/1
A bit advanced distribute-list with route-map
router eigrp 100
distribute-list route-map FILTER_EIGRP in serial 0/1
distribute-list route-map FILTER_EIGRP in serial 0/0
Where all the magic happens in FILTER_EIGRP route-map to match against tag 100 and then selectively permit only those routes in, rest are filetered (denied)
(denied)
Takes some time, so will need to be patient. Need to chage system clock (clock set 00:22:00 1 Feb 2007) for Auth to kick in
OR
clear ip eigrp neigh will do
Also there is a typo, can u spot the mistake ?
key chain EIGRP
key 1
key-string CISCO123
accept-lifetime 00:00:00 Mar 1 2002 00:15:00 Jan 1 2007
send-lifetime 00:00:00 Mar 1 2002 00:00:00 Jan 1 2007
key 2
key-string CISCO456
accept-lifetime 23:45:00 Dec 31 2006 infinite
send-lifetime 00:00:00 Jan 1 2007 infinite
Rack1R4#sh key chain
Key-chain EIGRP:
key 1 -- text "CISCO123 "
accept lifetime (00:00:00 UTC Mar 1 2002) - (00:15:00 UTC Jan 1 2007) [valid now]
send lifetime (00:00:00 UTC Mar 1 2002) - (00:00:00 UTC Jan 1 2007) [valid now]
key 2 -- text "CISCO456"
accept lifetime (23:45:00 UTC Dec 31 2006) - (infinite)
send lifetime (00:00:00 UTC Jan 1 2007) - (infinite)
Rack1R4#
Rack1R5#sh key cha
Key-chain EIGRP:
key 1 -- text "CISCO123"
accept lifetime (00:00:00 UTC Jan 1 2002) - (00:15:00 UTC Jan 1 2007) [valid now]
send lifetime (00:00:00 UTC Jan 1 2002) - (00:00:00 UTC Jan 1 2007) [valid now]
key 2 -- text "CISCO456"
accept lifetime (23:45:00 UTC Dec 31 2006) - (infinite) [valid now]
send lifetime (00:00:00 UTC Jan 1 2007) - (infinite)
Rack1R5#
Ans: in R4 router, there is an additional space in the Key 1 "CISCO123 "
#########EIGRP Stub########
From Non Stub router only UPDATES are sent out to stub neighbor, no QUERIES sent to stub
But a Non Stub router will receive QUERIES from stub neighbor and will reply to the same.
########### Leak-map ########################
ip summary-address eigrp 100 0.0.0.0 0.0.0.0 leak-map LEAK
The benefit of route leaking (advertising a route) is that the leaked route is more specific than a summarized route and is therefore the preferred route.
#######How To ############
Configuring an EIGRP Summary Address to Leak a Component Route
There might be times when you have summarized routes, but you want a particular route to be advertised. The benefit of route leaking (advertising a route) is that the leaked route is more specific than a summarized route and is therefore the preferred route. Perform this task to leak an EIGRP route that would otherwise be suppressed by a summary route.
In general, leaking an EIGRP route is achieved by defining a standard IP access list (or IP prefix list) to identify the component route as a source address. Then the access list is referenced in a route map (in a match ip address command), and the route map is referenced by the leak-map keyword in the ip summary-address eigrp command.
You can use a single access list to permit all the routes that you want to leak through a single summary.
##Behavior if EIGRP Route Leaking Is Configured Incompletely##
The following default behavior occurs if the ip summary-address eigrp command is configured using the leak-map keyword and either the route map or access list is not configured:
--If the leak-map keyword is configured to reference a nonexistent route map, the configuration of this keyword has no effect. The summary address is advertised, but all component routes are suppressed.
--If the leak-map keyword is configured, but the access list does not exist or the route map does not reference the access list, the summary address and all component routes are sent.
###############ip default-network ############################
When deciding whether to use a default static route or a default network, keep in mind that if you want the routing protocol to propagate the default route, the ip default-network command will do that for you. But if you want only the local router to have the default route, a static IP route is the way to go.
http://blog.internetworkexpert.com/2008/01/15/issues-with-the-ip-default-network-command/
##############Changing Internal and External AD of EIGRP Routes ############
NOTE: We can not change distance for individual external EIGRP prefixes
distance eigrp 99 200
e.g all internal routes set to AD99 and external routes set to AD200
However we can still change {selectively} AD of internal routes from 99 to something else as shwon below, but cannot {selectively} change AD of external routes
NOTE: that you specify neighbor’s IP address (like with RIP and unlike OSPF)
when you fine-tune AD based on access-list
"distance 199 155.1.45.5 0.0.0.0 10"
e.g: This will set the routes recd from source-ip 155.1.45.5 to AD 199 if the routes match that in ACL 10
#################Filtering with Distribute Lists ############
router eigrp 100
distribute-list 99 in Serial 0/0
distribute-list 99 in Serial 0/1
A bit advanced distribute-list with route-map
router eigrp 100
distribute-list route-map FILTER_EIGRP in serial 0/1
distribute-list route-map FILTER_EIGRP in serial 0/0
Where all the magic happens in FILTER_EIGRP route-map to match against tag 100 and then selectively permit only those routes in, rest are filtered#########EIGRP AUthentication########
Takes some time, so will need to be patient. Need to chage system clock (clock set 00:22:00 1 Feb 2007) for Auth to kick in
OR
clear ip eigrp neigh will do
Also there is a typo, can u spot the mistake ?
key chain EIGRP
key 1
key-string CISCO123
accept-lifetime 00:00:00 Mar 1 2002 00:15:00 Jan 1 2007
send-lifetime 00:00:00 Mar 1 2002 00:00:00 Jan 1 2007
key 2
key-string CISCO456
accept-lifetime 23:45:00 Dec 31 2006 infinite
send-lifetime 00:00:00 Jan 1 2007 infinite
Rack1R4#sh key chain
Key-chain EIGRP:
key 1 -- text "CISCO123 "
accept lifetime (00:00:00 UTC Mar 1 2002) - (00:15:00 UTC Jan 1 2007) [valid now]
send lifetime (00:00:00 UTC Mar 1 2002) - (00:00:00 UTC Jan 1 2007) [valid now]
key 2 -- text "CISCO456"
accept lifetime (23:45:00 UTC Dec 31 2006) - (infinite)
send lifetime (00:00:00 UTC Jan 1 2007) - (infinite)
Rack1R4#
Rack1R5#sh key cha
Key-chain EIGRP:
key 1 -- text "CISCO123"
accept lifetime (00:00:00 UTC Jan 1 2002) - (00:15:00 UTC Jan 1 2007) [valid now]
send lifetime (00:00:00 UTC Jan 1 2002) - (00:00:00 UTC Jan 1 2007) [valid now]
key 2 -- text "CISCO456"
accept lifetime (23:45:00 UTC Dec 31 2006) - (infinite) [valid now]
send lifetime (00:00:00 UTC Jan 1 2007) - (infinite)
Rack1R5#
Ans: in R4 router, there is an additional space in the Key 1 "CISCO123 "
#########EIGRP Stub########
From Non Stub router only UPDATES are sent out to stub neighbor, no QUERIES sent to stub
But a Non Stub router will receive QUERIES from stub neighbor and will reply to the same.
########### Leak-map ########################
ip summary-address eigrp 100 0.0.0.0 0.0.0.0 leak-map LEAK
The benefit of route leaking (advertising a route) is that the leaked route is more specific than a summarized route and is therefore the preferred route.
#######How To ############
Configuring an EIGRP Summary Address to Leak a Component Route
There might be times when you have summarized routes, but you want a particular route to be advertised. The benefit of route leaking (advertising a route) is that the leaked route is more specific than a summarized route and is therefore the preferred route. Perform this task to leak an EIGRP route that would otherwise be suppressed by a summary route.
In general, leaking an EIGRP route is achieved by defining a standard IP access list (or IP prefix list) to identify the component route as a source address. Then the access list is referenced in a route map (in a match ip address command), and the route map is referenced by the leak-map keyword in the ip summary-address eigrp command.
You can use a single access list to permit all the routes that you want to leak through a single summary.
##Behavior if EIGRP Route Leaking Is Configured Incompletely##
The following default behavior occurs if the ip summary-address eigrp command is configured using the leak-map keyword and either the route map or access list is not configured:
--If the leak-map keyword is configured to reference a nonexistent route map, the configuration of this keyword has no effect. The summary address is advertised, but all component routes are suppressed.
--If the leak-map keyword is configured, but the access list does not exist or the route map does not reference the access list, the summary address and all component routes are sent.
###############ip default-network ############################
When deciding whether to use a default static route or a default network, keep in mind that if you want the routing protocol to propagate the default route, the ip default-network command will do that for you. But if you want only the local router to have the default route, a static IP route is the way to go.
http://blog.internetworkexpert.com/2008/01/15/issues-with-the-ip-default-network-command/
##############Changing Internal and External AD of EIGRP Routes ############
NOTE: We can not change distance for individual external EIGRP prefixes
distance eigrp 99 200
e.g all internal routes set to AD99 and external routes set to AD200
However we can still change {selectively} AD of internal routes from 99 to something else as shwon below, but cannot {selectively} change AD of external routes
NOTE: that you specify neighbor’s IP address (like with RIP and unlike OSPF)
when you fine-tune AD based on access-list
"distance 199 155.1.45.5 0.0.0.0 10"
e.g: This will set the routes recd from source-ip 155.1.45.5 to AD 199 if the routes match that in ACL 10
#################Filtering with Distribute Lists ############
router eigrp 100
distribute-list 99 in Serial 0/0
distribute-list 99 in Serial 0/1
A bit advanced distribute-list with route-map
router eigrp 100
distribute-list route-map FILTER_EIGRP in serial 0/1
distribute-list route-map FILTER_EIGRP in serial 0/0
Where all the magic happens in FILTER_EIGRP route-map to match against tag 100 and then selectively permit only those routes in, rest are filetered (denied)
(denied)
Sunday, April 06, 2008
Day3: OSPF
Day 3
OSPF
Process ID is LOCALLY Significant
Must have atleast one UP/UP inerface trunning IPV4 for router OSPF to pick it as Router-ID
Network Statement : Misconception: Network Statement relates to Subnet Mask of the network that you are trying to oroiginate
network Statement only is used to pick interface that matches the network statement
For e.g : network 0.0.0.0 255.255.255.255 area 0 ==> ALl interfaces , does not mean that we are originating the Default nwk
In older IOS, the order of entering the network statements were significant, NOt anymore, the newer IOS reorders the network statement to order more specific match first
Forming Adjacencies
########Must Match ####
-area
-hello/dead timers
- MTU
-(OR) ip ospf mtu-ignore
-compatible network types
-stub flags
-authentication
#########Must be unique #########
-Intf IP Address
- OSPF Router-ID
When doing OSPF Adj, chk sh system mtu, it must match one witht he router or use "ip mtu" cmd to change the MTU on rtr on certain interfaces
RECOMMEND: Manually define router-ID, assuming addressing is globally unique, but if u use Anycast IP, then u can have IP duplicates
RECOMMEND: Avoid using Rtr-ID 1.1.1.1 or 2.2.2.2 or like, cos BBRs (backbone routers )cud be using the same, and this can casue inconsistencies in the OSPF Databases.
###############Types###############################
-Broadcast
-Non-Broadcast
-Point-to-Point
-Point-to-Multipoint
-Point-to-Multipoint Non-Boradcast
-Loopback
-Broadcast
-Send Hellos as multicast
-224.0.0.5 (all ospf rtrs in seg ) /224.0.0.6 (all DR/BDR rtrs in the seg)
-uses DR/BDR, to minimise LSA Replication 9Like BGP Router Reflector)
in FR Hub and spoke env
- interface level cmd: "ip ospf network broadcast" on all neighbor's interfaces required.
- ip ospf prio 0 req for spoke sites, so as to avoid them becoming DR/BDR
- no neighbor cmds required on hub
- frame-realy map stmts need broadcast keyword
- If you notice: Next HOp Modification doesn't happen.
- if you notice: DR/BDR are elected.
DR/BDR Election
-Priority, 0 ==> wont participate in election, 255 is max and its best
-No premption in DR/BDR election
==> once DR/BDR are elected, later on a higher prio rtr cannot preempt the DR
-Router-ID
if all teh devices in the segment have the same priority, thena the router0-d wil be chosen
Higer rtr-id is better
Rtr-ID doesnt need to be a valid IP or valid routeable Number, its can be any number in dotted decimal format, for e.g 255.255.255.255 will be the most preferred rtr id
-- Caveat: DR/BDR also depends on whiuch Router is configured first and whose OSPF process converges faster.
#########Debug OSPF####
access-list 100 permit 89 any any
debug ip packet 100
How to find who is the DR in Broadcast/NBMA segments using sho ip ospf Database cmd ??????????
Ans:--The "Net Link States" table shows Who is the DR (BDR cant be found) in teh Adv Router Column for the given Segment as represented by the Link ID
Network Type : NBMA (Updates sent as Replicated Unicast) Has DR/BDR Election, but needs neighbor stmts to be added for Updates to be sent to it as unicast
Hello = 30s , Dead = 120s
FR Main Int
FR multipoint sub-int
ATM interfaces
in FR Hub and spoke env
- Default Network Type for FR (NBMA)
- neighbor cmds under ospf process required on hub, since updates sent as Unicast
- frame-realy map stmts DON'T need broadcast keyword
- ip ospf prio 0 req for spoke sites, so as to avoid them becoming DR/BDR
- If you notice: Next HOp Modification doesn't happen.
- if you notice: DR/BDR are elected.
#################OSPF Network Point to Multipoint #####################
-Not a default Option , need to ue intf cmd "ip ospf network point-to-multipoint"
-Sends hellos as Multicast on 224.0.0.5
-Modifies the next hop
-No DR/BDR elecetion
-Adds in routing table Host /32 route for end points of the links, then uses recursive looksups to find the interface.
-Ensure that you have a broadcast keyword in frame-relay map cmd to allow multicast traffic
-U need to have ONLY 1 Mapping from Spoke to HUB. Rest of L2 mapping is taken care at L3 via OSPF mulitpoint technology
The functional difference between OSPF network type point-to-multipoint versus
broadcast and non-broadcast network types is how point-to-multipoint deals with nexthop
resolution on a non-broadcast media. OSPF network type point-to-multipoint treats
the network as a collection of point-to-point links instead of one flat broadcast network.
With the network types non-broadcast and broadcast, OSPF does not understand that
the underlying layer 2 topology may not mirror a flat layer 3 network. With OSPF network
types broadcast and non-broadcast, next hop values are not modified when updates are
transmitted across an NBMA media. This implies that devices on the NBMA cloud
require layer 3 to layer 2 resolution for any endpoint injecting routes into the network.
With OSPF network type point-to-multipoint, next hop values are modified to the address
of the directly connected neighbor when they are advertised across the NBMA cloud.
This implies that routers on the NBMA network only need layer 3 to layer 2 resolution for
directly connected neighbors when running OSPF network point-to-mulitpoint.
in FR Hub and spoke env
- NOT a Default Network Type for FR
- NO neighbor cmds under ospf process required on hub, since updates sent as multicast
- frame-realy map stmts need broadcast keyword, but only "ONE" map stmt to the HUB, rest are resolved by
- ip ospf prio 0 NOT req for spoke sites, NO DR/BDR in this TYpe
- If you notice: Next HOp Modification DOES happen. There are /32 Routes added for the Link address and the Remtoe networks are pointed to this Link /32 Address.
- if you notice: DR/BDR are NOT elected ( Not supported).
#################OSPF Network Point to Multipoint NonBroadcast #######
-Not a Default Option, use intf cmd "ip ospf network point-to-multipoint non-broadcast"
- Sends hellos as unicast
-neighbor stmts required
-no DR/BDR electioin
- Modifies next-hop
-Can be used when we have PVCs with different costs
-in ethernet : diff BW values for diff neighbors in the link
in FR Hub and spoke env
- NOT a Default Network Type for FR
- Neighbor cmds under ospf process required on hub, since updates sent as unicast
- frame-realy map stmts DON'T need broadcast keyword, AND only "ONE" map stmt to the HUB, rest are resolved by L3 (OSPF)
- ip ospf prio 0 NOT req for spoke sites, NO DR/BDR in this TYpe
- If you notice: Next HOp Modification DOES happen. There are /32 Routes added for the Link address and the Remtoe networks are pointed to this Link /32 Address.
- if you notice: DR/BDR are NOT elected ( Not supported).
- if you notice: ONLY this Network Type, allows COST to be modifed under OSPF process when defining neighbors. => neighbor 10.0.0.4 cost 50 , etc
##########How to change the Cost of a Link ? #########################
Typically to be used in scenarios where u have links > 100mbps , for e.g gig, 10g, OC3, etc
- Interface"Bandwidth"
- Interface "ip ospg cost"
- Process "auto-cost"
-Process "neighbor w.x.y.z cost" ==> used in Multipoint
TIP: How to calculate the Cost of an OPSF Link without using the formual ourselves ?
Ans: Configure on of the physcial lkinsk and change their BW in kbps and then type "sh ip ospf interface" to get its cost
############Point to Point #########
-no DR/BDR
-Update sent as Multicast
"ip ospf 1 area 0 " ==> Eabled at Interface level means that we include the interface for a given area, and ALSO, the secondary addresses if any configured on the itnerface are also enabled for OSPF
This means the secondary addresses will also send out "hello" and form adj
in FR Hub and spoke env
- NOT a Default Network Type for FR
- NO Neighbor cmds under ospf process required on hub, since updates sent as multicast
- frame-realy map stmts need broadcast keyword, since only 1 neighbor, only 1 MAP stmt
- ip ospf prio 0 NOT req for spoke sites, NO DR/BDR in this TYpe
- If you notice: Next HOp Modification DOES NOT happen.
- if you notice: DR/BDR are NOT elected ( Not supported).
Summaray: OSPF network Types
Broadcast can be adj to Non-Broadcast as they both have DR/BDR concept, however we need to ensure tha the Hello/Dead timers are matched
Point-to-point can be adj with Point-to-Multipoint OR adj with point-to-multipoint non-broadcast, as they dont have DR/BDR concept, however we need to ensure tha the Hello/Dead timers are matched
V.V IMP: What gets affected with non-compatible nwks but it appears that u are formining adj , but actually its a neighbor relnaship but not truly adj
-unicast/multicast
-DR/BDR Election
-Next-hop processing
######### OSPF fast Hellos ##############
ip ospf dead-interval minimal hello-multiplier 5
- interface level cmd
- dead int = 1s , hello= 200msx5=1000ms =1s
-so hello sent out every 200ms
OSPF
Process ID is LOCALLY Significant
Must have atleast one UP/UP inerface trunning IPV4 for router OSPF to pick it as Router-ID
Network Statement : Misconception: Network Statement relates to Subnet Mask of the network that you are trying to oroiginate
network Statement only is used to pick interface that matches the network statement
For e.g : network 0.0.0.0 255.255.255.255 area 0 ==> ALl interfaces , does not mean that we are originating the Default nwk
In older IOS, the order of entering the network statements were significant, NOt anymore, the newer IOS reorders the network statement to order more specific match first
Forming Adjacencies
########Must Match ####
-area
-hello/dead timers
- MTU
-(OR) ip ospf mtu-ignore
-compatible network types
-stub flags
-authentication
#########Must be unique #########
-Intf IP Address
- OSPF Router-ID
When doing OSPF Adj, chk sh system mtu, it must match one witht he router or use "ip mtu" cmd to change the MTU on rtr on certain interfaces
RECOMMEND: Manually define router-ID, assuming addressing is globally unique, but if u use Anycast IP, then u can have IP duplicates
RECOMMEND: Avoid using Rtr-ID 1.1.1.1 or 2.2.2.2 or like, cos BBRs (backbone routers )cud be using the same, and this can casue inconsistencies in the OSPF Databases.
###############Types###############################
-Broadcast
-Non-Broadcast
-Point-to-Point
-Point-to-Multipoint
-Point-to-Multipoint Non-Boradcast
-Loopback
-Broadcast
-Send Hellos as multicast
-224.0.0.5 (all ospf rtrs in seg ) /224.0.0.6 (all DR/BDR rtrs in the seg)
-uses DR/BDR, to minimise LSA Replication 9Like BGP Router Reflector)
in FR Hub and spoke env
- interface level cmd: "ip ospf network broadcast" on all neighbor's interfaces required.
- ip ospf prio 0 req for spoke sites, so as to avoid them becoming DR/BDR
- no neighbor cmds required on hub
- frame-realy map stmts need broadcast keyword
- If you notice: Next HOp Modification doesn't happen.
- if you notice: DR/BDR are elected.
DR/BDR Election
-Priority, 0 ==> wont participate in election, 255 is max and its best
-No premption in DR/BDR election
==> once DR/BDR are elected, later on a higher prio rtr cannot preempt the DR
-Router-ID
if all teh devices in the segment have the same priority, thena the router0-d wil be chosen
Higer rtr-id is better
Rtr-ID doesnt need to be a valid IP or valid routeable Number, its can be any number in dotted decimal format, for e.g 255.255.255.255 will be the most preferred rtr id
-- Caveat: DR/BDR also depends on whiuch Router is configured first and whose OSPF process converges faster.
#########Debug OSPF####
access-list 100 permit 89 any any
debug ip packet 100
How to find who is the DR in Broadcast/NBMA segments using sho ip ospf Database cmd ??????????
Ans:--The "Net Link States" table shows Who is the DR (BDR cant be found) in teh Adv Router Column for the given Segment as represented by the Link ID
Network Type : NBMA (Updates sent as Replicated Unicast) Has DR/BDR Election, but needs neighbor stmts to be added for Updates to be sent to it as unicast
Hello = 30s , Dead = 120s
FR Main Int
FR multipoint sub-int
ATM interfaces
in FR Hub and spoke env
- Default Network Type for FR (NBMA)
- neighbor cmds under ospf process required on hub, since updates sent as Unicast
- frame-realy map stmts DON'T need broadcast keyword
- ip ospf prio 0 req for spoke sites, so as to avoid them becoming DR/BDR
- If you notice: Next HOp Modification doesn't happen.
- if you notice: DR/BDR are elected.
#################OSPF Network Point to Multipoint #####################
-Not a default Option , need to ue intf cmd "ip ospf network point-to-multipoint"
-Sends hellos as Multicast on 224.0.0.5
-Modifies the next hop
-No DR/BDR elecetion
-Adds in routing table Host /32 route for end points of the links, then uses recursive looksups to find the interface.
-Ensure that you have a broadcast keyword in frame-relay map cmd to allow multicast traffic
-U need to have ONLY 1 Mapping from Spoke to HUB. Rest of L2 mapping is taken care at L3 via OSPF mulitpoint technology
The functional difference between OSPF network type point-to-multipoint versus
broadcast and non-broadcast network types is how point-to-multipoint deals with nexthop
resolution on a non-broadcast media. OSPF network type point-to-multipoint treats
the network as a collection of point-to-point links instead of one flat broadcast network.
With the network types non-broadcast and broadcast, OSPF does not understand that
the underlying layer 2 topology may not mirror a flat layer 3 network. With OSPF network
types broadcast and non-broadcast, next hop values are not modified when updates are
transmitted across an NBMA media. This implies that devices on the NBMA cloud
require layer 3 to layer 2 resolution for any endpoint injecting routes into the network.
With OSPF network type point-to-multipoint, next hop values are modified to the address
of the directly connected neighbor when they are advertised across the NBMA cloud.
This implies that routers on the NBMA network only need layer 3 to layer 2 resolution for
directly connected neighbors when running OSPF network point-to-mulitpoint.
in FR Hub and spoke env
- NOT a Default Network Type for FR
- NO neighbor cmds under ospf process required on hub, since updates sent as multicast
- frame-realy map stmts need broadcast keyword, but only "ONE" map stmt to the HUB, rest are resolved by
- ip ospf prio 0 NOT req for spoke sites, NO DR/BDR in this TYpe
- If you notice: Next HOp Modification DOES happen. There are /32 Routes added for the Link address and the Remtoe networks are pointed to this Link /32 Address.
- if you notice: DR/BDR are NOT elected ( Not supported).
#################OSPF Network Point to Multipoint NonBroadcast #######
-Not a Default Option, use intf cmd "ip ospf network point-to-multipoint non-broadcast"
- Sends hellos as unicast
-neighbor stmts required
-no DR/BDR electioin
- Modifies next-hop
-Can be used when we have PVCs with different costs
-in ethernet : diff BW values for diff neighbors in the link
in FR Hub and spoke env
- NOT a Default Network Type for FR
- Neighbor cmds under ospf process required on hub, since updates sent as unicast
- frame-realy map stmts DON'T need broadcast keyword, AND only "ONE" map stmt to the HUB, rest are resolved by L3 (OSPF)
- ip ospf prio 0 NOT req for spoke sites, NO DR/BDR in this TYpe
- If you notice: Next HOp Modification DOES happen. There are /32 Routes added for the Link address and the Remtoe networks are pointed to this Link /32 Address.
- if you notice: DR/BDR are NOT elected ( Not supported).
- if you notice: ONLY this Network Type, allows COST to be modifed under OSPF process when defining neighbors. => neighbor 10.0.0.4 cost 50 , etc
##########How to change the Cost of a Link ? #########################
Typically to be used in scenarios where u have links > 100mbps , for e.g gig, 10g, OC3, etc
- Interface"Bandwidth"
- Interface "ip ospg cost"
- Process "auto-cost"
-Process "neighbor w.x.y.z cost" ==> used in Multipoint
TIP: How to calculate the Cost of an OPSF Link without using the formual ourselves ?
Ans: Configure on of the physcial lkinsk and change their BW in kbps and then type "sh ip ospf interface" to get its cost
############Point to Point #########
-no DR/BDR
-Update sent as Multicast
"ip ospf 1 area 0 " ==> Eabled at Interface level means that we include the interface for a given area, and ALSO, the secondary addresses if any configured on the itnerface are also enabled for OSPF
This means the secondary addresses will also send out "hello" and form adj
in FR Hub and spoke env
- NOT a Default Network Type for FR
- NO Neighbor cmds under ospf process required on hub, since updates sent as multicast
- frame-realy map stmts need broadcast keyword, since only 1 neighbor, only 1 MAP stmt
- ip ospf prio 0 NOT req for spoke sites, NO DR/BDR in this TYpe
- If you notice: Next HOp Modification DOES NOT happen.
- if you notice: DR/BDR are NOT elected ( Not supported).
Summaray: OSPF network Types
Broadcast can be adj to Non-Broadcast as they both have DR/BDR concept, however we need to ensure tha the Hello/Dead timers are matched
Point-to-point can be adj with Point-to-Multipoint OR adj with point-to-multipoint non-broadcast, as they dont have DR/BDR concept, however we need to ensure tha the Hello/Dead timers are matched
V.V IMP: What gets affected with non-compatible nwks but it appears that u are formining adj , but actually its a neighbor relnaship but not truly adj
-unicast/multicast
-DR/BDR Election
-Next-hop processing
######### OSPF fast Hellos ##############
ip ospf dead-interval minimal hello-multiplier 5
- interface level cmd
- dead int = 1s , hello= 200msx5=1000ms =1s
-so hello sent out every 200ms
Day 2: IP Routing, PPP, RIP
CCIE IE CoD IP ROuting
31/03/2008
####Load Balancing occurs at L2 #######
For e.g U might see multiple enteries in routing table for a particular detination
However, we might not have enabled the Load Balancing on L2, i.e CEF disabled
####Can we debug Traffic ? #########
UNless traffic is process switched, we will not see its debug on deb ip packet o/p
Also traffic LOCALLY destined to and from the router is always process switched
Thus to disable CEF, do no ip mroute-cache (for multicast) no ip route-cache at interface level to debug transist traffic
If at any stage in debug messages, if we see, encapsulation failed, ==> no L2 to l3 Mappings are available (true for Ethernet/FR)
########Floating Static ROute ############
Frame Relay: Main Interface Status ( UP/UP, etc) is based on LMI whereas
Sub-Interface Status is based on the PVC status
Hence route Pointed to Main Interface never goes down as long as the LMI from Switch are recd by the Router
==> Floating Static ROute with Higer AD never gets installed as the primary static route is never removed
For Point to Point Subinterface: If PVC goes down, then implicitly Main intf goes down as well
For Multipoint Subinterface: If PVC goes down, Sub iNtf goes down, but for Main intg to go down we need all the DLCI to go down
############GRE ######################
IP Protocol 47
has ability to do end to end keepalives
tunnel dest must not recurse out the tunnel interface, use one of the physical interfaces...
##################RIP ###################
RIP v2 works overs Multicast 224.0.0.9, but provides an option on chaninging it to Broadcast using cmd "ip rip v2 broadcast"
So why shud we know this ? Cos in LAB when we asked to FILTER (ACL) we can use Log stmt so tht we can see if it breaks RIP in the DENY Log
RIPv1 is not UNofficially a topic in LAB, but can exspect to be asked to support Rece or Send of RIP v1
RIPv2 might appear in LAB
no auto-summary is not always need to be applied, so dont make it a habit
wht's done at interface level overrides the stuff done at routing (global) level
default:send v1, rec v1 and v2 , but if we cchange this in routin proc, it changes the interface level stuff to send --v2 and rec -v2
Split Horizon: Enabled for all interfaces except for main int in FR
"ip spilt-horizon"
affects FR Hub and Spoke , so we need to disable under a FR sub-interface
If its main interface, split-horizin is disabled automatically
NOTE: For SVI, split-horizon is enabled
For EIGRP: Look into sh run to chk if its disabled or not
"sh ip interface" will show only for RIP
Under Router Rip, when u give a network cmd
==> it automatically advertises the Network is included under that network
To avoid that use Passive interface to disable sending the updates, but cannot stop receiving the updates and advertsing tht network via other interface
To avoid sending out (advertising) the network via other interfaces, use distribute list
If u dont want to rec updates, use ACL or use Authentication ON, and fail them (but this needs to set receive-ver v2),
OR, use neighbor cmd on the routers and on the switch black-hole the MAC address used by the Multicast Address
OR, use distance and set it to 255, but can only affect inbound routes not for outbound routes
Offset-list
Can be used to increase (cannot decrease) the metric along with an ACL
if access-list "0" is provided mean all routers
Can be used also for RIp by {Poisoning} by setting unusable routers by adding offset to 15 or 16, need to find in REAL LAB. Think about the HOP count already received by you. No HARD Coded Rule
Access-list used for Offset List need to be such that it doesnt look at the subnet mask, it only needs to look at the NETWORK portion of the route only.
for e.g : /24 route , access-list 1 permit 150.1.5.0 0.0.0.0 and not 0.0.0.255
o validate-update-source. ==>Disable the validation of the source IP address of incoming RIP routing updates.
REMEMBER: CCIE Test is not a test for Best Practise and Design, So even though ur traffic takes a sub-optimal routing, U DONT CARE, UNLESS THEY ASK U TO WORRY ABT IT
REMEMBER: Similary for REDUCNDANCY case. If they dont explicity ask, we dont worry abt it
#################### PPP ###################################
Features as compared v/s HDLC
-Authentication
-Multilink
-Reliability (RFC 1663)
-ppp reliable-link
-Error Thresholds
-ppp quality percentage
-Optimised PPP Negotiation
-ROuting
-peer neighbor route (ON by Default)
##peer neighbor route##
-Used to provide reacability whe both ends of the PPP link are not on the same logical subnet e.g ip Unnumbered
-Can be safely disabled when both ends of the link are on the same logical IP subnet
- Only needed if using ip unnumbered
NOTE: Subnet mask is not learned with PPP, So it can cause routing issues, Beware.
IN REAL World: Either FR or PPP or HDLC , in WAN Env, you cannot ping yourself
Cos the Ping Packet is placed on the Wire, if the Link's down and if the Remote End is down, then
u cant ping remote end and u cant ping urself, since the packet it sent across the wire. Even if u ping urself, the Packet is sent across the wire
REMEMBER: For PPP Authentication PAP (or CHAP) password must be saved using useranme ... password 0 (or 7) ......
Dont get trapped into using username .... secret ......
Since secret == mean encrypt using MD5,
==> PAP/CHAP cannot work with this HASH value, they need the clear text value to generate their own HASH
###################Policy ROuting ########################
NOTE: When creating new access-list, alwasy ensure that its not already created for some other task
by issuing sh ip access-list.
31/03/2008
####Load Balancing occurs at L2 #######
For e.g U might see multiple enteries in routing table for a particular detination
However, we might not have enabled the Load Balancing on L2, i.e CEF disabled
####Can we debug Traffic ? #########
UNless traffic is process switched, we will not see its debug on deb ip packet o/p
Also traffic LOCALLY destined to and from the router is always process switched
Thus to disable CEF, do no ip mroute-cache (for multicast) no ip route-cache at interface level to debug transist traffic
If at any stage in debug messages, if we see, encapsulation failed, ==> no L2 to l3 Mappings are available (true for Ethernet/FR)
########Floating Static ROute ############
Frame Relay: Main Interface Status ( UP/UP, etc) is based on LMI whereas
Sub-Interface Status is based on the PVC status
Hence route Pointed to Main Interface never goes down as long as the LMI from Switch are recd by the Router
==> Floating Static ROute with Higer AD never gets installed as the primary static route is never removed
For Point to Point Subinterface: If PVC goes down, then implicitly Main intf goes down as well
For Multipoint Subinterface: If PVC goes down, Sub iNtf goes down, but for Main intg to go down we need all the DLCI to go down
############GRE ######################
IP Protocol 47
has ability to do end to end keepalives
tunnel dest must not recurse out the tunnel interface, use one of the physical interfaces...
##################RIP ###################
RIP v2 works overs Multicast 224.0.0.9, but provides an option on chaninging it to Broadcast using cmd "ip rip v2 broadcast"
So why shud we know this ? Cos in LAB when we asked to FILTER (ACL) we can use Log stmt so tht we can see if it breaks RIP in the DENY Log
RIPv1 is not UNofficially a topic in LAB, but can exspect to be asked to support Rece or Send of RIP v1
RIPv2 might appear in LAB
no auto-summary is not always need to be applied, so dont make it a habit
wht's done at interface level overrides the stuff done at routing (global) level
default:send v1, rec v1 and v2 , but if we cchange this in routin proc, it changes the interface level stuff to send --v2 and rec -v2
Split Horizon: Enabled for all interfaces except for main int in FR
"ip spilt-horizon"
affects FR Hub and Spoke , so we need to disable under a FR sub-interface
If its main interface, split-horizin is disabled automatically
NOTE: For SVI, split-horizon is enabled
For EIGRP: Look into sh run to chk if its disabled or not
"sh ip interface" will show only for RIP
Under Router Rip, when u give a network cmd
==> it automatically advertises the Network is included under that network
To avoid that use Passive interface to disable sending the updates, but cannot stop receiving the updates and advertsing tht network via other interface
To avoid sending out (advertising) the network via other interfaces, use distribute list
If u dont want to rec updates, use ACL or use Authentication ON, and fail them (but this needs to set receive-ver v2),
OR, use neighbor cmd on the routers and on the switch black-hole the MAC address used by the Multicast Address
OR, use distance and set it to 255, but can only affect inbound routes not for outbound routes
Offset-list
Can be used to increase (cannot decrease) the metric along with an ACL
if access-list "0" is provided mean all routers
Can be used also for RIp by {Poisoning} by setting unusable routers by adding offset to 15 or 16, need to find in REAL LAB. Think about the HOP count already received by you. No HARD Coded Rule
Access-list used for Offset List need to be such that it doesnt look at the subnet mask, it only needs to look at the NETWORK portion of the route only.
for e.g : /24 route , access-list 1 permit 150.1.5.0 0.0.0.0 and not 0.0.0.255
o validate-update-source. ==>Disable the validation of the source IP address of incoming RIP routing updates.
REMEMBER: CCIE Test is not a test for Best Practise and Design, So even though ur traffic takes a sub-optimal routing, U DONT CARE, UNLESS THEY ASK U TO WORRY ABT IT
REMEMBER: Similary for REDUCNDANCY case. If they dont explicity ask, we dont worry abt it
#################### PPP ###################################
Features as compared v/s HDLC
-Authentication
-Multilink
-Reliability (RFC 1663)
-ppp reliable-link
-Error Thresholds
-ppp quality percentage
-Optimised PPP Negotiation
-ROuting
-peer neighbor route (ON by Default)
##peer neighbor route##
-Used to provide reacability whe both ends of the PPP link are not on the same logical subnet e.g ip Unnumbered
-Can be safely disabled when both ends of the link are on the same logical IP subnet
- Only needed if using ip unnumbered
NOTE: Subnet mask is not learned with PPP, So it can cause routing issues, Beware.
IN REAL World: Either FR or PPP or HDLC , in WAN Env, you cannot ping yourself
Cos the Ping Packet is placed on the Wire, if the Link's down and if the Remote End is down, then
u cant ping remote end and u cant ping urself, since the packet it sent across the wire. Even if u ping urself, the Packet is sent across the wire
REMEMBER: For PPP Authentication PAP (or CHAP) password must be saved using useranme ... password 0 (or 7) ......
Dont get trapped into using username .... secret ......
Since secret == mean encrypt using MD5,
==> PAP/CHAP cannot work with this HASH value, they need the clear text value to generate their own HASH
###################Policy ROuting ########################
NOTE: When creating new access-list, alwasy ensure that its not already created for some other task
by issuing sh ip access-list.
Tuesday, March 25, 2008
CoD: Frame Relay
1) Multipoint Interfaces
Assign MAP statements automatically assigns Circuit (DLCI) to the interface.
So frame-relay map ... config applied ==> No need to do frame-relay interface-dlci .....
2) Layer 3 to Layer 2 Resoultion is only Locally Significatnt.
==> You can use IARP at one end and frame-relay map at other and viceversa
3) sh frame-relay map cmd o/p on Point-to-point interface
When the configuration is verified with the show frame-relay map command, a unicast
layer 3 address is not associated with the DLCI. Instead, the output point-to-point dlci
indicates that any traffic transiting the subinterface will use the DLCI specified on the
interface. In addition to this, broadcast support is automatically enabled on point-to-point
NBMA circuits. This can be seen by the output of the show frame-relay map command,
as the broadcast keyword is associated with the mapping.
4) Not only is layer 3 to layer 2 resolution only locally significant, the type of interface,
whether a main interface, multipoint subinterface, or point-to-point subinterface, is also
only locally significant.
5) no frame-relay inverse-arp ip 405 ==> to remove Mappings for Unused DLCI
6) V V IMP: Minimise Redundant Broadcast Between Hub-Spoke
--Note that on R4 and R5, multiple mapping statements resolve to the same layer 2
address. This is due to the fact that in order for traffic to pass between R4 and R5, it
must first transit R1. Also, note that the broadcast keyword on the end of their frame relay map statements is only used on one mapping. This prevents the spokes from
duplicating the same broadcast or multicast packet that is sent to the interface out the
same circuit.
--Note that the mapping that the broadcast keyword is associated with is
arbitrary, and could be moved to the mapping for R4 and R5's addresses respectively.
This is due to the fact that the broadcast resolution does not relate to the unicast
address, but instead only relates to the layer 2 circuit address.
Assign MAP statements automatically assigns Circuit (DLCI) to the interface.
So frame-relay map ... config applied ==> No need to do frame-relay interface-dlci .....
2) Layer 3 to Layer 2 Resoultion is only Locally Significatnt.
==> You can use IARP at one end and frame-relay map at other and viceversa
3) sh frame-relay map cmd o/p on Point-to-point interface
When the configuration is verified with the show frame-relay map command, a unicast
layer 3 address is not associated with the DLCI. Instead, the output point-to-point dlci
indicates that any traffic transiting the subinterface will use the DLCI specified on the
interface. In addition to this, broadcast support is automatically enabled on point-to-point
NBMA circuits. This can be seen by the output of the show frame-relay map command,
as the broadcast keyword is associated with the mapping.
4) Not only is layer 3 to layer 2 resolution only locally significant, the type of interface,
whether a main interface, multipoint subinterface, or point-to-point subinterface, is also
only locally significant.
5) no frame-relay inverse-arp ip 405 ==> to remove Mappings for Unused DLCI
6) V V IMP: Minimise Redundant Broadcast Between Hub-Spoke
--Note that on R4 and R5, multiple mapping statements resolve to the same layer 2
address. This is due to the fact that in order for traffic to pass between R4 and R5, it
must first transit R1. Also, note that the broadcast keyword on the end of their frame relay map statements is only used on one mapping. This prevents the spokes from
duplicating the same broadcast or multicast packet that is sent to the interface out the
same circuit.
--Note that the mapping that the broadcast keyword is associated with is
arbitrary, and could be moved to the mapping for R4 and R5's addresses respectively.
This is due to the fact that the broadcast resolution does not relate to the unicast
address, but instead only relates to the layer 2 circuit address.
Saturday, March 22, 2008
The Strategy !
#########What I will miss##############
1) 2nd Anniversary
2) Play Time with the new born kid ! He will be 7 months Old when I attempt the lab !
3) Socialsing with family .
4) > 8 hours of sleep / day
##########What I will need to do#############
1) Get over my procrastination
2) Read a lot
3) Practise a lot
4) Compensate my time spent in Travel to Siddhivinayak every Tuesdays ??
5) Eat a lot of low fat and low spiced food, Get over Acidity !
SO i will have how many days to do it ? ( Considering this from 24March08)
8 x march08
30x april08
31xmay08
30xjune08
17xjuly08
_________
116 days
#########How Will I do it ?#####################
Now assuming I will put in roughly 5 hours a days until End of May08
==> 69 days x 5 hours = 345hours
==> Will need to be able to finish
1) IEWB CoD
2) Know how to navigate Doc CD
3) IEWB Advanced Technologies Lab
Now assuming I will put in 12 hours a day from June08 till 17th July 08
===> 47 days x 12 hours = 564 hours
===> Will need to be able to finish
1) 10 labs from IEWB VOl2 Workbook / OR / 10 Labs from IEWB Vol 1 Workbook
2) 10 labs from IEWB Vol3 Core Workbook
3) Narbik's Soup to Nuts CCBootcamp Vol1 to Vol3
############Where will i do it ? #######################
1) In my own house and at Work on my laptop running dynamips
###### What Will I get ? ##########################
1) CCIE (Probably)
2) Got over my Procrastination
3) Proved myself that I am still good for the hard stuff
4) Learnt a lot more than I would have ever imagined !
5) Live my dream !
1) 2nd Anniversary
2) Play Time with the new born kid ! He will be 7 months Old when I attempt the lab !
3) Socialsing with family .
4) > 8 hours of sleep / day
##########What I will need to do#############
1) Get over my procrastination
2) Read a lot
3) Practise a lot
4) Compensate my time spent in Travel to Siddhivinayak every Tuesdays ??
5) Eat a lot of low fat and low spiced food, Get over Acidity !
SO i will have how many days to do it ? ( Considering this from 24March08)
8 x march08
30x april08
31xmay08
30xjune08
17xjuly08
_________
116 days
#########How Will I do it ?#####################
Now assuming I will put in roughly 5 hours a days until End of May08
==> 69 days x 5 hours = 345hours
==> Will need to be able to finish
1) IEWB CoD
2) Know how to navigate Doc CD
3) IEWB Advanced Technologies Lab
Now assuming I will put in 12 hours a day from June08 till 17th July 08
===> 47 days x 12 hours = 564 hours
===> Will need to be able to finish
1) 10 labs from IEWB VOl2 Workbook / OR / 10 Labs from IEWB Vol 1 Workbook
2) 10 labs from IEWB Vol3 Core Workbook
3) Narbik's Soup to Nuts CCBootcamp Vol1 to Vol3
############Where will i do it ? #######################
1) In my own house and at Work on my laptop running dynamips
###### What Will I get ? ##########################
1) CCIE (Probably)
2) Got over my Procrastination
3) Proved myself that I am still good for the hard stuff
4) Learnt a lot more than I would have ever imagined !
5) Live my dream !
Subscribe to:
Posts (Atom)