BGP Crib Notes

These are my ‘crib notes’ that I’ve made to serve as a last minute refresher. Please forgive the grammer / spelling as I did not develop these notes with publishing in mind

BGP

***theory***

  • Facts
  • BGP current version 4 and designed to route IP through Autonomous Systems. Is capable of MD5 Authentication
  • Two flavours: i-bgp (Routers in the same AS) and e-bgp
  • BGP uses TCP 179 to maintain neighbour / peer relationships
  • Routing policies are based on BGP attributes
  • Neighbours are manually configured. BGP is SLOW so be patient when configuring! NETWORKS are manual and so not advertised by default
  • Hello messages sent every 60 seconds.
  • Holddown is 180 seconds
    • Starts in IDLE state
    • Active – It’s a bad thing if it stuck in Active. Otherwise okay
    • Open sent – Sent a open session message to neighbour
    • Open Confirmed – When open message is received from neighbour
    • Established – Peer successful!
    • Reason to run BGP 1) You are a ISP 2) You have 2 Primary links to separate ISPs.
    • Rule of synchronisation: Routes learned in bgp must exist in the internal routing table before being advertise to remote peers. This is for scenario if there is a router in the AS not using BGP – Quite rare.
      • Turn sync off if every router is running bgp
      • Rule of split horizon – Rules learned via iBgp will never be sent to another iBGP peer as it assumes all routers are fully meshed, however that not always feasible in very large networks to have fully meshed connection. So we use route reflectors.
      • Route Reflectors: helps to get around the split horizon rule! Instead of a full mesh, one router can reflect routers careful of loops though!
      • Confederations: Allow for sub-AS systems using private AS numbers (64.512 – 65,535)
      • Peer Groups: create a template statement for number of neighbours! Simplifies the neighbour statement by using a tag word – groups same statements
      • Summarisation: aggregate-address 172.0.0.0 255.0.0.0 summary-only. Show ip bgp will have a s notated next to it to show it’s  been surpressed
        • use surpress-map to summarise address and then on the neighbour statement use the unsurpress-map statement to get full routes while other neighbours will get the summarisation. Use accless lists and route maps!
        • Distribute lists – suppresses route updates via access list and can narrow down to neighbour using neighbour 1.1.1.1 distribute-list 10 out. Can also use the following
          • Prefix list – used to fix short coming of old access list but named access list can be resequenced
          • Attributes: Highest Weight > Highest Local Pref > Routes that the router originated > Shortest AS PATH > Lowest Origin Code > Lowest MED > EBGP over IBGP >…
            • Well Known – Must be supported on all BGP routers
              • Mandatory – Must be included in ALL bgp updates
                • AS-Path: Prepends each AS and used for Loop prevention (if it sees it own AS in the prepend)
                • Next Hop: IP address of the next hop. Causes problems on NBMA multipoint networks like Frame Relay. Way to fix it is put as point to point link.
                • Origin: where did it come from?
                  • IGP (I)
                  • EGP  (E)– Old version and you will NEVER see this
                  • Unknown ? – Very COMMON, especially in redistribution.
            • Discretionary – Up to you
              • Local Preference: Gives you control over preferred routers beng learned. Higher is better. 
              • Atomic Aggregate: Informs a router that a route has been summarised.
  • Optional – Does not have to be supported
    • Transitive – Will travel all systems
      • Aggregator
      • Community – Tagging routes
      • Non Transitive  – Will not propagate all systems
        • Weight: Cisco. Control routes on the same router (higher is better). Weight does not affect the routing policy of other routers
        • MED: Tries to suggest entry points into your AS. E.g. suggest to upstream AS router to come into your network through the router you choose.  (lower is better)
        • Communities: use neighbour 1.1.1.1 send community and then the route map others there will be issues
          • Internet: default, bo tag
          • Local AS: Will not advertise outside local AS including confederations
          • No Advertise: Wont advertise to peer even IBGP – like a secret
          • None – Strips community tags
          • Route Manipulation
            • Local Preference: can set a local preference to prefer routes, however this propagates through the whole AS
            • Weight: Same as above, but stays local to router and doesn’t affect routing decision for other routers in the AS
            • Multihoming
              • Single Provider – dual link to same upstream router – Very rare to use BGP. Create two static routes (floating). May use BGP for keepalives
              • Real single provider.
              • Configuration
                • Always good to setup relationship between loopback addresses
                • Using loop back addresses
                  • Ebgp multihop  2– must uses this for ebgp relationships that uses loopback addresses.
                  • Update-source – must uses this for ebgp relationships that uses loopback addresses.
                  • Neighbour 192.167.34.1 next hop self – tells iBgp routers that it can access routers via this router
  • Network – must match the subnet, not like other protocols where advertisement is sent via that network and includes that network by using MASK keyword
  • Next hop = 0.0.0.0 means it is us / this router
  • * but no > – If there is no best route, it means the rule of synchronisation is in play
  • Show ip bgp regexp ^2005 – shows all routes in AS 2500. Can use in the access list!
    • ^ – Begins with
    • $ – ends with
    • . – something
    • _ – beginning / end of string and blank space
Advertisements

QoS Written Notes

These are my ‘crib notes’ that I’ve made to serve as a last minute refresher. Please forgive the grammer / spelling as I did not develop these notes with publishing in mind

QoS

*** Theory ****

  • Best Effort – Is the default queuing method
  • IntServ – Integrated Services, reserves bandwidth for apps and is the 1st type of QoS. However inefficient as when the app is not using the bandwidth it is just wasted as other apps cannot use it. Not scalable
  • DiffServ – Divide traffic into classes and define how each class is treated.
  • IntServ vs DiffServ – Not all routers can support DiffServ and DiffServ does not provide the level of guarantee that IntServ does as it uses RSVP to carve out BW!.
  • QoS Methods
    • CLI – Legacy based and needs to be done interface by interface – not scalable!
    • MQC – Modular QoS CLI
      • Class maps – to classify
        • Config# class-map match-any JUNK_TRAFFIC
        • Config-cmap# match protocol // uses NBAR!
    • Policy maps – to mark
      • Config# policy-map MARKING
      • Config-pmap# class JUNK_TRAFFIC
      • Config-pmap-c# set precedence 0
  • AutoQoS – one command under the interface and it will automatically deploy QoS rules. It’s really good. Template on the network and same for all equipment!
  • QPM – QoS Policy Manager – GUI for cisco works
  • QoS Mechanisms
    • Classifications – Divide the traffic into classes
    • Marking – Mark as close to the source as possible
      • CoS – Marking at layer 2 e.g. switches
      • ToS – Marking at layer 3 e.g. router
        • IPPREC (0-7) – Legacy, maps CoS to ToS
        • DSCP (0-63) – Best way!
        • Queuing method Legacy
          • Queuing methods only exist if there is congestion
          • FIFO – Default
          • Priority Queuing – Suffers from queue starvation as it only service high priority queues first
          • Custom Queuing – Better than priority queuing,  can define how many packets / bytes to take from each queue via roud robin. Lessens starvation issue
          • Weighted Fair Queuing – prioritises the low volume senders over the high volume senders
          • Queuing methods – modern
            • Class-Based Weighted Fair Queuing
              • 16 queues  which has weighted fair queuing  of how many packets / bytes etc
  • LLQ
    • As soon as there is voice packets, that will go first with policing so no queue starvation and then everything else is CB-WFQ
    • Bandwidth
      • Bandwidth (CB-WFQ) statements should not be over 75% of the interface. Guarantees a minimum
      • Priority (LLQ) max bandwidth etc, polices it.
      • Remain – not often used, but uses 20% etc of the remaining percent e.g. 20% of 25%
      • WRED – combats taildrop which causes TCP synchronisation . It drops packets between the min value and max value, past the max it drops all of it.
      • Traffic Shaping – Outgoing only. Excess Traffic is queued. Typically used on FR and ATM networks
      • Traffic Policing – Incoming or Outgoing. Excess traffic is dropped or re-marked. Policing uses less memory buffers
        • Conforming traffic level  (CIR)-  e.g. transmits
        • Exceeding traffic level – e.g. remark the ip prec to say 0 and still transmit for WRED etc
        • Violating traffic level – e.g. drop the traffic!
        • Config-pmap-c# -Conform action transmit exceed-action drop
        • Link fragmenting and interleaving – operates at L2. Sometimes we may have large data packets in the hardware queue (not software queue) and until that is sent, voice packets will have to wait. What we can do is fragment the large data packet into smaller packets and mix them with voice packets so the voice packets do not have to wait so long. Useful for VoIP packets. Can do this on
          • Multilink PPP
          • FRF 12 (VoIP over Frae Relay)
          • L2 Compression / L2 Payload Compression – uses stacker, predictor and msoft.
            • Header Compression (Done at the interface and one side must be active)
              • TCP – IP and TCP header is compressed. Use with CBWFQ for good data transmissions.
              • RTP – IP (20 bytes), RTP(12 bytes) and UDP(8 bytes) headers are compressed to around 2 to 4 bytes. Use RTP HC and LLQ for voice, which is good

 

Multicast Written Notes

These are my ‘crib notes’ that I’ve made to serve as a last minute refresher. Please forgive the grammer / spelling as I did not develop these notes with publishing in mind

Multicasting

***theory***

Switches: they will broadcast multicast – not good

  • Switch <config#> ip igmp snooping – will not treat it as broadcast

Frame relay networks etc not allowing multicast

  • Config-if# ip pim nbma-mode – treats multicast as unicast

Multicast – Is Class D and ranges from 224-239. Local network protocol uses Multicast 224.0.0.1 – 224.0.0.255

  • 224.0.0.0 – 239.255.255.255 is multicast range
    • 224.0.0.0 – 224.0.0.255 reserved for network protocols / local network control block and uses TTL=1
      • 224.0.013 is PIMv2 and 224.0.0.22 is IGMPv3
  • 224.0.1.0 – 238.255.255.255 globally scoped addresses for internet etc
    • 224.0.1.1 Network Time Protocol (NTP)
  • 239.0.0.0 – 239.255.255.255 is private addresses / limited scope addresses / administratively scoped block e.g  CEO ends video stream to internal users
  • PIM – Protocol Independent Multicast. Its the routing protocol of the multicast network.

  • Config# ip multicast-routing enables multicast routing!
  • Config-if# ip imgp join-group emulates a mcast server!
  • Show ip mroute – shows multicast routing table

  • Source trees Creates a multicast tree. Source sits on top of the tree & sends Mcast stream. Recipients on logical branches. If no downstream router have mcast group , then that router does not forward mcast traffic. Each router creates an entry e.g.
    • (192.168.2.1, 239.1.1.1). First IP is the Server and the 2nd is the multicast address
    • Easier to set up
  • Shared Tree – All multicast sources registers with the RP. Each router has an entry like this
    • (*, RP) – So all non –RP points to the RP as their Default Gateway. So the RP will proxy it essentially.
    • More efficient
    • PIM-DENSE (uses Source tree – PUSH the mcast stream) – No RP. Uses prune and flood technique to build tree. Initially floods network, if routers do not need it. It sends Prune to upstream. Ideal if mcast source & recipient are physically close. Few senders, all routers can forward mcast traffic.  Go under all multicast interface mode and enable it with
      • Config-if# ip pim dense-mode and that is it
      • Cons – every router enabled for PIM will get the multicast which is not ideal. They get it and then eventually and slowly prune back, but it the initial flood that’s the concern. Flood and prune every 3 minutes which is not ideal again! Only good for small networks like RIP
      • PIM-SPARSE (uses Shared Tree – PULL the source upon request) – uses RP. Ideal for mcast routers that are not close. Multiple and simultaneous streams. Stream not constant. Adds interface based on join message
        • RP can be statically configured on each router or can elect and find dynamically.
        • PIMV1 – Static or Auto-RP
        • PIMv2 – Static, Auto-RP or bootstrapping
        • Sparse-Dense Mode: If RP = Sparse. If no RP = Dense. Must define RP otherwise it will default to Dense mode
          • Auto RP – Sends RP announce so routers can dynamically learn who the RP is. Only works in sparse-dense mode only
            • Config# ip pim send-rp-announce s0/0.1 scope 15
              • Scope is how many hops to announce this too
    • Config# ip pim send-rp-discovery scope 15
    • Config# ip pim accept-rp auto-rp – need to do this on the non RP routers
  • Config-if# ip pim sparse-dense-mode verify with show ip pin interface to verify


Multicast – Is Class D and ranges from 224-239. Local network protocol uses Multicast 224.0.0.1 – 224.0.0.255

  • 224.0.0.0 – 239.255.255.255 is multicast range
    • 224.0.0.0 – 224.0.0.255 reserved for network protocols / local network control block and uses TTL=1
      • 224.0.013 is PIMv2 and 224.0.0.22 is IGMPv3
  • 224.0.1.0 – 238.255.255.255 globally scoped addresses for internet etc
    • 224.0.1.1 Network Time Protocol (NTP)
  • 239.0.0.0 – 239.255.255.255 is private addresses / limited scope addresses / administratively scoped block e.g  CEO ends video stream to internal users
  • PIM – Protocol Independent Multicast. Its the routing protocol of the multicast network.
    • Source trees Creates a multicast tree. Source sits on top of the tree & sends Mcast stream. Recipients on logical branches. If no downstream router have mcast group , then that router does not forward mcast traffic. Each router creates an entry e.g.
      • (192.168.2.1, 239.1.1.1). First IP is the Server and the 2nd is the multicast address
      • Easier to set up
  • Shared Tree – All multicast sources registers with the RP. Each router has an entry like this
    • (*, RP) – So all non –RP points to the RP as their Default Gateway. So the RP will proxy it essentially.
    • More efficient
    • PIM-DENSE (uses Source tree – PUSH the mcast stream) – No RP. Uses prune and flood technique to build tree. Initially floods network, if routers do not need it. It sends Prune to upstream. Ideal if mcast source & recipient are physically close. Few senders, all routers can forward mcast traffic.  Go under all multicast interface mode and enable it with
      • Config-if# ip pim dense-mode and that is it
      • Cons – every router enabled for PIM will get the multicast which is not ideal. They get it and then eventually and slowly prune back, but it the initial flood that’s the concern. Flood and prune every 3 minutes which is not ideal again! Only good for small networks like RIP
      • PIM-SPARSE (uses Shared Tree – PULL the source upon request) – uses RP. Ideal for mcast routers that are not close. Multiple and simultaneous streams. Stream not constant. Adds interface based on join message
        • RP can be statically configured on each router or can elect and find dynamically.
        • PIMV1 – Static or Auto-RP
        • PIMv2 – Static, Auto-RP or bootstrapping
        • Sparse-Dense Mode: If RP = Sparse. If no RP = Dense. Must define RP otherwise it will default to Dense mode
        • IGMP – Internet Group Management Protocol – Allows a host to join a multicast group
          • Ver 1 – host sends a membership report to it local router. Shows what mcast group the host wants to join. Router then queries, sends general query every 60 seconds to ask other hosts if they want to join that group to. Inefficient, too much traffic / renewing membership every 60 seconds. If host leaves mgroup, router waits 3 minutes until then keeps sending mcast traffic – hence inefficient
          • Ver 2 –Has a leave group message, when host quits. However router sends general query to all host if they want to continue the  group. Host replies with report. Lowest ip address router is the querier. Still sends general queries = inefficient
          • Ver 3 – Source filtering
          • Querier – Router with the lowest IP address
          • DR – Router with the highest IP address. NO DR on a POINT-TO-POINT link
          • RPF – Reverse Path Forwarding unicast routes towards destination. Multicast routes away from it source. Destination is a multicast group. Router needs to know how to route back to the source and what are the downstream paths.
          • RPF Check – inspects incoming multicast packet. If it arrived on the upstream interface, the packet is forwarded otherwise it is dropped#
          • IGMP Snooping – helps layer 2 switches. Listen to host reports, records multicast Mac addresses and port to determine which ports require stream rather than flood all ports. CPU Intensive, only ideal on higher end switches
          • CGMP like IGMP snooping helps layer 2 switches. It not as CPU intensive. Need to enable on both the router and switch
          • MAC Address – multicast MAC starts with 01-00-5e. The rest is the IP address (last 3 octet) of the multicast. E.g.
            • 224.0.1.12 = 11100000  00000000 00000001 00001100
            • Hex                                              00               01             0C
            • 224.0.1.12 = 01-00-5e-00-01-0c
            • 224.128.1.12 = 01-00-5e-00-01-0c

Convert 01-00-5e-04-43-AC in IP

  • X. 4 (04). 67 (43). 172 (AC)
  • 1110xxxx. 00000100             01000011             10101100
  • X                             4                              67                           172
  • 1110xxxx. 10000100             67                           172
  • X                             132                         67                           172

***commands***

Enables router for multicasting

  • R1 (config) # IP Multicasting-routing

RP Address

  • R1 (config) # IP pim rp-address

Enable PIM on interface

  • R1 (config-if) # IP pim sparse

Shows multicast neighbours . IP add, Interface, Version etc

  • R1# Show ip pim neighbour

 

IP Access List Written Notes

These are my ‘crib notes’ that I’ve made to serve as a last minute refresher. Please forgive the grammer / spelling as I did not develop these notes with publishing in mind

IP Access Lists

*** Theory ****

  • Access List: Runs top to bottom. Implicit deny at the end at stop at match like a FW. Put common rules at top for lesser overheads.
  • Standard list – Need to place as close to the destination router
  • Extended List: uses more specifics but more overheads and close to the source as possible. Extended is better as  it doesn’t waste bandwidth by going all the way to the destination
  • Named Access Lists: puts sequence numbers in access lists so you can add and remove when needed
    • Use “ip” so, ip access-list extended DEMO then hit return1
  • Dynamic Access List: access list that requires user to authenticate.
    • Access-list 101 permit tcp any host 192.168.1.3 eq telnet
      • Need to telnet in and authenticate
  • Access-list 101 dynamic DEMO timeout 120 (cuts them off even not idle) permit ip any any
  • Line vty # autocommand access-enable host timeout 1
    • Without the host keyword, it will allow the whole subnet through! Becareful!
    • Timeout is idle timeout
    • Time based access list: Can set a time
      • Config# time range HTTP_LUNCH
      • # absolute
      • # period – allowes for a number of times e.g. every Monday to Friday 12pm to 1pm
      • Then add time-range command to the access list

 

HSRP Written Notes

These are my ‘crib notes’ that I’ve made to serve as a last minute refresher. Please forgive the grammer / spelling as I did not develop these notes with publishing in mind.

HSRP

*** Theory ****

  • Hot Standby Routing Protocol (HRSP): Allows two or more routers to share an IP address, e,g. Default gateway so that if one goes down the other router can still serve. Create a standby address that the standy group will share. Cisco calls this a phantom router.
    • MAC Address: Has its own (virtual) MAC address to avoid long arp cache timeouts and the HSRP primary router will respond to it.
    • How it works: The group sends multicast hellos to eachother 1 in every 3 seconds
    • Primary router: elected via priority.
    • Failover: Next router becomes primary and then announces it is the primary and all other routers will re-arrange their roles / priority to know who will be next
    • Resign: failover router resigns if primary router comes back up and sends hello which still has the higher priority if pre-empt is enabled
    • Enabling it: conf-if# standby 10 ip 1.1.1.1
    • Pre=empt:allows it to reclaim as primary
    • Interface tracking – Monitors additional interface
    • Defaults: priority is 100 and no pre-empt

 

 

  • Hot Standby Routing Protocol (HSRP) – Cisco. 1 router is primary. Host uses virtual MAC/IP. (pseudorouter).  Hello timers etc can be changed. Highest priority determines primary router (pre-empt is disabled by default , so changing priority will not take immediate effect)
    • 00-00-0c-070ac0xx = HSRP well known MAC. Xx is group number, e.g. 05 or 17 = 11 (16 + 1)
    • States
      • Disabled
      • Initial (init) – interface is up but HSRP not running
      • Learn – Learn about the active router etc
      • Listen – knows the VMAC and listening for Hellos
      • Speak – Sending hellos
      • Standby  – Sends hello and is candidate for active
      • Active – Router is forwarding to VIP
    • HSRP Interface tracking – Monitor additional interface e.g. (WAN). If WAN goes down, the router priority goes down allowing the other router to be high priority and takeover (pre-empt enabled) – config-if#standby 1 track serial 0 decrement

NTP Written Notes

These are my ‘crib notes’ that I’ve made to serve as a last minute refresher. Please forgive the grammer / spelling as I did not develop these notes with publishing in mind.

NTP

*** Theory ****

  • Stratums: How accurate the clock.3 or 4  is a good stratum
  • NTP Modes
    • Broadcast client mode: We are a client and expect to receive the time as a broadcast
      • Config-if# ntp broadcast client
      • Show ntp associations
      • Choses the best NTP based on lower stratum
    • Static client mode: We are the client and we choose who to receive it from. Most common
      • Config# ntp server tmc.edu
      • Show ntp status
    • Master mode: The router is the master clock. It receives it from atomic clock and then sends to others.
      • Config# ntp server tmc.edu
      • Config# ntp master
      • 127,127,7,1 loopback as a NTP source
    • Peer association: top-down relationship. Top master typically associates with an atomic clock on internet
      • Config# ntp peer ip
  • Timezone: need to set timezone
    • Config# clock timezone Arizona -7
    • Config# clock summer-time
    • Authentication
      • Config# ntp authentication-key 1 md5 cisco
      • Config# ntp authentication-key 2 md5 nugget
      • Config# ntp trusted-key 2

 

OSPF Written Notes

These are my ‘crib notes’ that I’ve made to serve as a last minute refresher. Please forgive the grammer / spelling as I did not develop these notes with publishing in mind.

OSPF

*** Theory ***

  • OSPF hello Multicast address is 224.0.0.5
  • OSPF DR and BDR Multicast address is 224.0.0.6
  • DBD – Database Description – Packets used to exchange the link state database. Once done, SPF is performed.
  • Hello packet contains the following (bolded are ones that must match to form a relationship): Router ID, Area ID, Address of originating interface, Authentication Information, Hello Interval, Dead Interval, priority, DR & BDR ID, Neighbour router ID
  • OSPF Networks                – Hello timers etc are different for each network
    • Point to point: two routers, no DR or BDR election. All updates sent to 224.0.0.5.
      • Timers: Hello 10, Dead 40, Wait 40
  • Broadcast (default for Ethernet): Rather then form relationships with every router, each router forms relationship with DR and BDR to avoid insufficient full mesh. DR keeps topology upto date.
    • Timers: Hello 10, Dead 40, Wait 40
  • NBMA (default for point-to-multipoint): Statically define all neighbours using the neighbour ip command only on the hub router and send hello via unicast not multicast. DR must be connected to all neighbours so usually the hub not spokes. Relationships may take around 45 seconds to form!
    • Conf-if: ip ospf priority 255 to make sure hubs is the DR
    • Conf-if: ip ospf priority 0 to make sure spokes do not participate in elections
    • Timers: Hello 30, Dead 120, Wait 120
  • Point to Multipoint: No DR election and messages are multicasted. Treats each link as point to pont, sends hello down each dlci  – Preferred network type.
  • DR/BDR elections
    • Init: lists eachother as neighbours. Stays in init state if core fields don’t match
    • 2way: DR/BDR election
    • ExStart: Exchange of DBD
    • Full state: Proper relationship
      • Conf-if: ip ospf priority 255 to make sure hubs is the DR
      • Conf-if: ip ospf priority 0 to make sure spokes do not participate in elections
      • Area types
        • Area 0 (Back bone) – all areas connect to this
        • Stub area – blocks external routes e.g. RIP etc (blocks type 5 LSA)
        • Totally stub – blocks external routes and routes from other areas as ABR generates default route to all other internal routers (blocks Type 3,4,5 LSA) – blocks inter-area
          • Must only do area 3 stub no-summary on ABR only
  • routers and just only keep intra-area routes
  • NSSA – When a stub has a ASBR (e.g. acquired another company), uses Type 7 LSA
  • Totally stubby not so stubby area – same as NSSA?
  • Router types
    • Internal – inside an area
    • Backbone – Internal router in Area 0
    • Area Border – 2 or more interfaces connected to 2 more areas – Only router that can do summarisation!
    • Autonomous system boundary – 1 or more interfaces connected to external networks
    • LSA Types
      • LSA 1 – Routing update to DR
      • LSA 2 – routing update from DR to all internal in area
      • LSA 3 – Generated by ABR (Summarisation route)
      • LSA 4 – IP Address of ABR
      • LSA 5 – External routes generated by ASBR
      • LSA 7 – generated by NSSA to get to stub routers that generally block Type 5 LSA – Kind of like encapsulation as type 7 and then into type 5 when back in stub area, like a bandage
      • Route tables
        • IA – Inter-Area route
        • External type 1 – metric will increment per hop
        • External type 2 – metric will remain the same per hop
        • Best practice: Set router-id to router name for ease of logs etc
        • Summarisation: area 0 range 172.16.0.0 255.255.0.0  – do at ABR to summarise routes from one area to another
          • Summary-address – use this to summarise external routes
          • Tag – tag routes so for example in redistribution you can filter on another router based on tag!
          • Virtual Link
            • Create on the transit router e.g. R1-R6-R7. R6 is the transit area.
            • On the transit router do it on the area directly connected to area 0 e.g. area 1
            • Create with neighbour ID not the ip address
            • Partner virtual link is going to be with the router  connected in area 0 e.g. R1
            • Redistribution
              • Always set an access list with routes you want to redistribute and TAG them
              • Do it both ways or you might not be able to ping etc even if it shows in the routing table
              • When redistributing ospf into another protocol, it good to match it to internal routes only as this will prevent routing loops
              • Default-information redistribute always – advertises a default route to all ospf neighbours. Always will advertise even if that router looses it’s default route
              • Authentication
                • Config-router# Area 0 authentication message digest
                • Config-subif# ip ospf message-digest-key 1 (number of keys) md5 cisco (name)
                  • Becareful of spaces in password when hitting return
                  • Must do this for virtual links too if necessary