Route Redistribution Crib Notes

These are my ‘crib notes’ that I’ve made to serve as a last minute refresher. Please forgive the grammer / spelling as I did not develop these notes with publishing in mind.

Route Redistribution

***theory***

  • IGRP – Automatically redistributes with EIGRP under the same AS number
  • RIP – You must specify a seed metric other it takes it as 16 – invalid
    • E.g. Redistributed connected metric 2
    • OSPF – Default seed metric is 20 and type E 2, unless it BGP then the metric is 1
      • E.g. redistributed connected subnets
      • Must use subnets in order to get the subnets
      • Type 2 – fixed cost from ABR to destination (default)
      • Type 1 – Cost from local router
      • Default-Information Originate
        • Always – ASBR will always be Default route
        • Not always – ASBR will be default route only if default route is in routing table
        • EIGRP – When redistributing you must specify the 5 k or use default metric
        • Pitfalls – if you see a route in the table, it may not be able to reply if no 2-way redis
        • No seed metric on default for RIP, IGRP, EIGRP, ISIS is 0 – YOU MUST SPECIFY
        • Best Practice – redistribute connected
        • Sub optimal routing: Change AD, Route Metric and use distribute lists
        • Show IP protocols – best for route redistribution & verify on ASBR

  • Route Map: can be used for Policy Based Routing.  Andy DENY clause does not drop packets. If you want to drop it, match the IP address and set interface to null0
  • Passive Interfaces – Accepts routing updates but do not send them
    • OSPF – This will stop the interface from forming a relationship i.e. no hellos
  • Null0 – appear in routing table after manual route summarisation.
  • Distribute list – ACL used for route filtering
Advertisements

Multicast Crib Notes

These are my ‘crib notes’ that I’ve made to serve as a last minute refresher. Please forgive the grammer / spelling as I did not develop these notes with publishing in mind.

Multicasting

***theory***

  • 224.0.0.0 – 239.255.255.255 is multicast range
    • 224.0.0.0 – 224.0.0.255 reserved for network protocols / local network control block
      • 224.0.013 is PIMv2 and 224.0.0.22 is IGMPv3
  • 224.0.1.0 – 238.255.255.255 globally scoped addresses for internet etc
    • 224.0.1.1 Network Time Protocol (NTP)
  • 239.0.0.0 – 239.255.255.255 is private addresses / limited scope addresses / administratively scoped block
  • PIM – Protocol Independent Multicast. Creates a multicast tree. Source sits on top of the tree & sends Mcast stream. Recipients on logical branches. If no downstream router have mcast group , then that router does not forward mcast traffic
  • PIM-DENSE – No RP. Uses prune and flood technique to build tree. Initially floods network, if routers do not need it. It sends Prune to upstream. Ideal if mcast source & recipient are physically close. Few senders, all routers can forward mcast traffic.
  • PIM-SPARSE – uses RP. Ideal for mcast routers that are not close. Multiple and simultaneous streams. Stream not constant. Adds interface based on join message
    • RP can be statically configured on each router or can elect and find dynamically.
    • PIMV1 – Static or Auto-RP
    • PIMv2 – Static, Auto-RP or bootstrapping
    • Sparse-Dense Mode: If RP = Sparse. If no RP = Dense. Must define RP otherwise it will default to Dense mode
    • IGMP – Internet Group Management Protocol – Allows a host to join a multicast group
      • Ver 1 – host sends a membership report to it local router. Shows what mcast group the host wants to join. Router then queries, sends general query every 60 seconds to ask other hosts if they want to join that group to. Inefficient, too much traffic / renewing membership every 60 seconds. If host leaves mgroup, router waits 3 minutes until then keeps sending mcast traffic – hence inefficient
      • Ver 2 –Has a leave group message, when host quits. However router sends general query to all host if they want to continue the  group. Host replies with report. Lowest ip address router is the querier. Still sends general queries = inefficient
      • Ver 3 – Source filtering
      • Querier – Router with the lowest IP address
      • DR – Router with the highest IP address. NO DR on a POINT-TO-POINT link
      • RPF – Reverse Path Forwarding unicast routes towards destination. Multicast routes away from it source. Destination is a multicast group. Router needs to know how to route back to the source and what are the downstream paths.
      • RPF Check – inspects incoming multicast packet. If it arrived on the upstream interface, the packet is forwarded otherwise it is dropped#
      • IGMP Snooping – helps layer 2 switches. Listen to host reports, records multicast Mac addresses and port to determine which ports require stream rather than flood all ports. CPU Intensive, only ideal on higher end switches
      • CGMP like IGMP snooping helps layer 2 switches. It not as CPU intensive. Need to enable on both the router and switch
      • MAC Address – multicast MAC starts with 01-00-5e. The rest is the IP address (last 3 octet) of the multicast. E.g.
        • 224.0.1.12 = 11100000  00000000 00000001 00001100
        • Hex                                              00               01             0C
        • 224.0.1.12 = 01-00-5e-00-01-0c
        • 224.128.1.12 = 01-00-5e-00-01-0c

Convert 01-00-5e-04-43-AC in IP

  • X. 4 (04). 67 (43). 172 (AC)
  • 1110xxxx. 00000100             01000011             10101100
  • X                             4                              67                           172
  • 1110xxxx. 10000100             67                           172
  • X                             132                         67                           172

***commands***

Enables router for multicasting

  • R1 (config) # IP Multicasting-routing

RP Address

  • R1 (config) # IP pim rp-address

Enable PIM on interface

  • R1 (config-if) # IP pim sparse

Shows multicast neighbours . IP add, Interface, Version etc

  • R1# Show ip pim neighbour

ISIS Crib Notes

These are my ‘crib notes’ that I’ve made to serve as a last minute refresher. Please forgive the grammer / spelling as I did not develop these notes with publishing in mind.

ISIS

***theory***

  • Route summarisation – always do it on the ABR (L1/L2) router. Not from the advertising router. Also do it from router process
  • AD = 115, metric = 10, i in routing table code
  • ISIS treats NBMA as broadcast (not good)
  • Routing = Checks packet for area ID > If same > Routes via L1
    • If not same > send to L2 or L1/L2 router > L2 Routes via L2
    • Relationship =Hello (IIH) >Neighbour forms > CSNP (Complete sequence number packet) sent to each other to synchronise Link State Database (LSD) > sends hello to keep relationship alive
    • DIS (Designated Intermediate System) – Like the DR in OSPF, floods changes on broadcast segment. There is no Backup DIS.  Election via interface priority. Default is 64. If tied, highest subnet number (SNPA) is used. DIS creates pseudonode and this forms relationship with each router.
    • NSAP – Is the address of the CLNS packets. Each router only has one NSAP address. Is assigned at the router level (you can set up to 3)
      • Area ID (AFI+IDI+DSP)+ SYSTEM ID (L1) + NSEL (Set to 0 for router)
      • If the AFI is 49 = Private address. Area ID must be same for the area. System ID is unique, usually the MAC address
      • 49.0001.4356.1234.1245.00 (to break it down stared from right to left)
        • 00 is NSEL.
        • 4356.1234.1245 is the System ID (Next 12 numbers) – L1 routing with the area
        • 49.0001 is the Area ID (remaining numbers) – L2 routing between areas
        • NET (Network Entity Title)–Part of the NSAP address. NET refers to the host portion. NSEL is set to 0 to indicate a router. NET is assigned at the router level not interface.
        • SNPA (subnet point of attachment) – Layer 2 address e.g. MAC or highest DLCI
        • CLNS (Connectionless Network Service) – Own protocol and uses NSAP as it address
        • CLNP (Connectionless Network Protocol)
        • ES (End System) – Is a end system e.g. host. IS is intermediate System which is a router
        • 4 levels of routing
          • L1 = in single area and connects to L1/L2 router as default gateway. L1 has it own hello type and forms relationships with other L1 in same area
          • L2 = has it own hello type and can form relationships with any L2 in any area and L1/L2
          • L1/L2 = Maintains 2 databases.  L1 database & L2 database. L1/L2 is default setting on router. Can form relationship with any L1 in same area and L2 in any area.
          • Packets aka PDUs (Protocol Data Units)
            • Hello – sent every 3.3 seconds (fast)
            • Link State Packet – is used to build link state database (lsd) and is sent when a network change occurs
            • CSNP (Complete Sequence Number Packet) – every 10 seconds. Sends complete list of all link state packets (lsp) to neighbour. Helps synchronise between routers
            • PSNP (Partial Sequence Number Packet) – requests an LSP & Acks that a requested LSP has been received
            • Area
              • Backbone – group of L2 and L1/L2 routers
              • Metric = Cost & Default (Default), Delay, Expense, Error
              • OSPF vs ISIS
                • Ospf = ip & ISIS = CLNS
                • OSPF = 30 different process & ISIS = 1
                • ISIS = more default times. So more fine tuning
                • OSPF = Has more area types. So can limit route advertisement better
                • OSPF = LSU contain LSA & ISIS = LSP contain TLV
                • Both use cost as default metric & MD5 + clear text link authentication

***commands***

Ip router isis

  • Use this to enable ISIS on an interface

Show clns neighbours (detail)

  • Shows neighbours and SNPA addresses for all routers

Show clns interface

  • Shows circuit type, adjcancies, DIS

Summary-address x.x.x.x x.x.x.x

  • Manual summarisation under routing process

IPV6 Crib Notes

These are my ‘crib notes’ that I’ve made to serve as a last minute refresher. Please forgive the grammer / spelling as I did not develop these notes with publishing in mind.

IPV6

***theory***

  • Anycast address: assigned to multiple interfaces & delivered to closes host that shares that address
  • (Aggregate able) global unicast address  (001)= IPV4 Public unicast address. Are routable to internet and can be summarised.
  • Multicast (1111 1111 or FF00::/8)
  • Link local (1111 1110 10 or FE80::/10) – Small scope, use to address a physical link (private address)
  • Site Local (1111 1110 11 or FEC0::/10)  – Allows devices in same organisation to exchange data = IPV4 private addresses
  • Loopback test (127.0.0.1) = ::1 OR 0:0:0:0:0:0:0:1
  • Unspecified / unknown address = ::/128
  • Default route =::/0
  • SLA – Site level aggregator – subnet for IPV4
  • IPV4 compatible address  – first 96bit are 0
  • IPV4 vs. IPV6: uses 128 bit address (16 bit hex). IPV4 uses 32 bit address. IPV4 has DHCP. IPV6 has Auto configuration (state and stateless)
    • Stateful – from server
    • Stateless – IPV6 host configures it own link-local. Does this by using FE80::0 followed by it MAC add for interface identifier e.g. FE80:ABCD:1234:5678. Once done, send (NS FF02::1 – all nodes) Neighbour Solicitation message to see if any host has same link local address.  If they do, that host sends a NA Neighbour Advertisement. The original host will then disable it local link address as part of DAD – Duplicate address detection procedure. It then sends a (RS FF01::2 – All routers multicast) Router Solicitation on to the segment once it happy it has a unique local link address.  The router then sends RA Router Advertisement which has additional information for the host to complete auto configuration
    • Header fields: 8 in IPV6
      • Version (set to 6). Traffic class (equivalent to ToS in IPV4), flow label (new. Allows packets in a flow to be marked), payload length (IPV4 equiv is Total Length Field), Hop Limit (equiv to IPV4 TTL field), Next Header (equiv to IPV4 protocol field), SAD & DAD NOW 128 bits!
      • IPV4 not in IPV6: Header Length, Identification, Flags, Fragment Offset, Header Checksum
      • IPV6: Has IPSec built in. IPV6 useful for IP Phones, GPS etc
      • IPV6 addressing (shortening):
        • Zero Compression: can condense consecutive zero with two colons (can only do ONCE). E.g.
          • 1234:1234:0000:0000:0000:0000:3456:3434
          • 1234:1234::3456:3434
  • Leading zeros can be compressed E.G.
    • 1234:0000:1234:0000:1234:0000:0123:1234
    • 1234:0:1234:0:1234:0:123:1234
  • Use both E.g.
    • 1111:0000:0000:1234:0011:0022:0033:0044
    • 1111::1234:11:22:33:44
    • IPV6 address convert to IPV4
      • ::D190:4E71
      • D1 = 13 X 16 + 1 x 1 = 209. 90 = 9 x 16 + 0 x 1 = 144. 4E = 4 x 16 + 14 x 1 = 78. 71 = 7 x 16 + 1 x 1 = 113 = 209.144.78.113
      • OPSF V3 – enabled on interface (unlike v4, enabled on router). Uses IPV4 address as it RID
      • MIGRATE IPV4 – IPV6
        • Dual Stack: Runs both IPV4 & IPV6 on an interface
        • 6to4 tunnel: automatic, session torn down when it ends & scalable. IPV6 encapsulated in IPV4 packet (protocol 41) through core. Uses 2002 + router IP address in hex. E.g. 2002:1234:83cd::/48
        • NAT PT

***commands***

  • R1 (Config)# IPV6 unicast-routing

Enables IPV6 on a router

  • R1(Config-if)# ipv6 ospf area 0

EIGRP Crib Notes

These are my ‘crib notes’ that I’ve made to serve as a last minute refresher. Please forgive the grammer / spelling as I did not develop these notes with publishing in mind.

EIGRP

***theory***

  • Best practice- always do no auto summary. Doing manual summarisation (done via interface) does NOT disable auto summary. Also manual summary creates null0 on the router creating the summary. ASBR best place to do manual summarisation.
  • When a successor route is down, the feasible route becomes the successor. The next route becomes Feasible route only is it meeting the AD is lower than FD successor rule
  • If no feasible successor, the route is marked as Active (unusable) & sends a query packet to neighbours for a route to destination.
  • 224.0.0.10 multicast address & IP protocol number 88 & uses RTP for reliability.
  • Neighbours do not need to agree on hello & holdtime timers unlike OSPF. They need to agree on K values / metric
  • Can form adjacency on secondary addresses, but shows the primary add under show neighbours but cannot form if between a secondary interface to a primary that not on a common subnet
  • Change metric  under routing process not interface
  • D in routing table & AD = 90
    • D EX is for redistributed routes AD = 170
    • Summary route AD=5
    • Feasible successor = Backup route kept in Topology table
    • Successors = Primary route and kept in Routing and Topology table
    • 3 x tables = Routing, Topology and Neighbour
    • AD = Distance from neighbour router to destination.
    • FD = Distance from local router to Destination (FD = FD+AD)
    • Routing loop prevention = AD must be lower than FD of the successor route
    • 5 K weights is Bandwidth & delay (defaults), load, reliability and MTU
    • Equal cost load sharing = 4 paths by default. 6 maximum.
    • 5 Packets
      • Unreliable (don’t use RTP)
        • Hello – To form neighbours on 224.0.0.10 & keep neighbour relationships alive. Sent every 5 seconds & 60 seconds on slow links (less than  T1)
        • Ack – acknowledges hello packets via unicast
  • Reliable (uses RTP)
    • Update – sent when changes occur in network & also for new routers to build routing and topology table
    • Query – sent when router loses successor route & has no feasible route.
    • Reply – Responds to query packets via unicast
    • Stuck in Active – loses successor and no feasible successor, so sends query. The neighbouring router does not respond to query and is therefore stuck in active SIA. SIA can happen if link is unidirectional (rare) or CPU to high to ack, or memory corrupt, or a bad link. Commonly to busy to answer due to high CPU or not enough memory
    • Variance command – For unequal cost load balancing. Done under routing process. Do lowest variance possible, as to high will load balance on undesirable routes. Once variance is done, routes will be seen in routing table e.g. feasible is now one of the successors. Clear ip route * to see in routing table.
      • Very important – No matter what the variance is, routes with AD higher than the successor FD will not be used
      • CIRS / Frame cloud
        • EIGRP uses 50% of bandwidth by default
        • No Subinterfaces, ALL VCs are equal = Add all spoke CIR
        • No Subinterfaces, ALL VCs are not equal = take the lowest CIR x no. Of spokes
          • Best practice for unequal spokes to make them point to point
  • Multipoint Subinterfaces, VCs are not equal = Add all spoke CIR
  • STUB – done in hub and spoke. Spoke no need to keep full routing as next hop is always hub. There for make as stub. Spoke not queried for routes. Has Default route to hub and is always neighbour with only a hub. Makes it very efficient and good for less powerful routers. Never has SIA issues as it not queried for successor routes etc. Stub only tells hub about connected & summary routes only. Won’t work if spokes are interconnected

***commands***

  • Show ip eigrp traffic
    • Shows sent/received of all packets as well as SIA.
    • Show ip eigrp neighbour
      • Shows neighbours, interface, uptime
      • Debug eigrp packets
        • Debugs all packets. Shows what packet received / sent on what interface
        • Shows stuff like k-value mismatch
        • Debug eigrp neighbours
          • Says neighbours not found, or shows new peers, hold time expired etc
          • Eigrp stub
            • Makes it stub. Do under routing process.

BGP Crib Notes

These are my ‘crib notes’ that I’ve made to serve as a last minute refresher. Please forgive the grammer / spelling as I did not develop these notes with publishing in mind.

BGP

***theory***

  • Must specify neighbour & do soft reset when making BGP changes
  • About: Used between internet and ISP. It is an EGP. Supports CIDR, VLSM, SUMMARISATION. It is a PATH VECTOR protocol.  BGP sends attributes in their updates
  • Uses TCP port 179 and does not need to be directly connected or same subnet / AS. Only one instance of BGP on a router
  • i-BGP – peer in same AS. E-BGP – peer in different AS. eBGP should be directly connected. Ibgp does not need to be.
  • When to use? If connecting to more than 1 ISP (multihoming) & concern on link for sending & receiving. If you are an ISP & if your policy is different from your ISP
  • Best Practice: Do no auto & no synchronisation under BGP process(see syn rule below) .Use loopback interface to establish relationships. Must use ebgp multi-hop and update source command so router knows how to get to loopback address. Also create static route so router know how to route to remote loopback address if no IGP running
  • BGP FAILING – Check AS number is correct > check ebgp multihop > open TCP port 179
  • Transitive AS – AS 500 talks to AS 200 via AS 100. AS 100 is a transitive AS
  • Network command – unlike IGP, where network command enables interface with that address to advertise. BGP uses network command to purely advertise networks
  • Next Hop Self command –Also needed for loopback interfaces. Needed because some routes may be inaccessible e.g. R3 connects to LAN A. R3 advertises this to R2 (Ebgp). R2 advertise this to R1 with the next hop address of R3 (Ibgp). R1 doesn’t have R3 as next hop. This is solved by next hop self, so R2 advertise itself as next hop to R1 in order to get to R3 then LAN A. Put this command on R2
  • Third Party Next Hop – BGP Speak is allowed to advertise the IP address of an internal peer as the next hop address IF the external peer is receiving the route has a subnet in common with the internal peer
  • iBGP rules: Ibgp routers does not send updates to every single iBGP neighbour. When an IBGP speaker learns a router for Ibgp peer, it will only advertise this to eBGP neighbour/ Because iBGP routers do not advertise routes from one internal router to another internal router. This means every AS needs to be fully meshed in order for full advertisements However full meshed is sometimes not possible so use rule of synchronisation.
  • Synchronisation: if AS is a transit area and also non bgp speaks in transit area. If AS500 talks to AS200 via AS100, then AS100 is a transit AS. R2 and R4 are iBGP neighbours but are connected to R3 which is not a BGP router. R2 speaks to R4 via R3. R4 will advertise AS200 to AS500 but problem is that if AS500 sends to AS200, R3 in AS100 will drop it as it has no route. Rule of Synchronisation states do not advertise a route unless all neighbours in that transit AS (AS100) knows how to route, therefore R4 won’t advertise AS200 to AS500 unless R2, R4 and R3 all know how to get to these AS’s. TURN this off if fully meshed. Rule of Sync is not ideal.
    • Turn off Synchronisation if 1) all routers in the AS are running BGP 2) If there a full mesh 3) If the AS is not a transit AS
    • BGP Split Horizon: 1 iBGP peer can’t lean about a path from 1 iBGP peer & then advertise it to another iBGP peer. Therefore BGP speaker requires full mesh which is not practical as it too much administration, tcp session, too much bandwidth etc. To get round this use Route Reflectors
    • Route Reflectors: advertise from one iBGP peer to another iBGP peer (contrary to split horizon). IBGP peer that sends route to route reflectors are known as route reflector clients. Client sends to route reflector. Route reflector reflects the advertisement to another Ibgp peer. It like a partial mesh . also RR routers sends an originator-ID, that way if it sees it own ID it disgard the packet to avoid loops & is how it bypass split horizon
      • RR sends updates to all clients and non client peers if the updates was learnt from  a RR CLIENT
      • RR sends updates to all clients and non client peers if the update was learnt from a Ebgp peer
      • RR sends updates to all clients in the cluster if the update was learnt from a non-client peer
      • Clusters: are a combination of route reflectors & clients. Must strategically place RR and consider resources and position.
      • BGP Peer Groups: Reduces resource & config needed for neighbour relationships. Name is locally significant & not passed to other routers
      • BGP Confederations: One step further than peer groups. It a logical grouping of AS. Confederation 321 could represent AS 123, 7,99. AS 6 will see this as 321. & would use this as the remote-as command. Done under BGP process
      • Route Map – use for setting MED or weight and preferring one route to a destination etc. Use with IP Access Lists
      • Prefix list: Used as a better alternative to controlling in/out updates in BGP. Apply to neighbour command
      • Route loops – AS PATH, if router sees it own AS in update, it will discard it
      • Private AS numbers – 64512 – 65535 (not advertised to external networks )
      • Route Table
        • Origin codes (?) = from redistribute
        • * = valid route
        • > = best route
        • *> = valid and best route – this would be the best route cause it valid and best
        • BGP States
          • Idle – Initial state. It waiting for a start event, waiting for TCP connection
          • Connect – Waiting for TCP connection response
          • Active – like eigrp, this is not good. TCP connection response not received & no relationship
          • Opensent – TCP connection response received and determined BGP state (i or ebgp)
          • Openconfirmed – waiting for keepalive
          • Established – relationship complete and updates are sent
          • BGP Message types
            • Open – holdtime & RID. Sent between peers once connection is established
            • Keepalive – Keeps neighbour relationship alive
            • Update – BGP path & attributes. Sent when attributes changed or routes are lost
            • Notfication – sent when error detected & termination of peer
            • Route refresh  – request routing information
            • Attributes: Weight (cisco propierity & locally significant to the router & not advertised) > Local Pref (100 by default if not shown & local to routers in that AS – IBGP peers) > Self Originated > AS Path > Origin Code > lowest MED > eBGP over iBGP
              • Well Known mandatory: AS PATH, origin, Next Hop (in all updates)
              • Well known discretionary: Local pref, atomic  aggregate
              • Optional transitive aggregator, community
              • Optional non-transitive (this attribute stays local AS & connected remote AS, will not be sent in update to other non connected remote AS): lowest MED (tries to influence better links). MED can be done via Route Map

***commands***

Show ip bgp neighbours

  • Show neighbours, remote AS, BGP peer type, State Active (acti ve is not good), show if route reflector client, show last reset & why

Show ip bgp summary

  • About the local router. Shows neighbours, AS number, sent/received msgs, shows how long the link has been up

Show ip bgp x.x.x.x

  • Really good to see issues with route table e.g. inaccessible

Show IP BGP destination address x.x.x.x

  • Good to see if route metric does not make sense in the attribute list. Sometimes show as inaccessible (no ip connectivity) use BGP next hop self command

Aggregate-address x.x.x.x. x.x.x.x summary-only

  • Under BGP process, route summarisation. Without summary only, it will send the summary and specific routes#

Clear ip bgp * soft

  • Soft reset