ccie rs lab prep
TRANSCRIPT
![Page 1: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/1.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 1
CCIE Routing and Switching
![Page 2: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/2.jpg)
2
Techtorial Session Topics
Session 1
Session 2
CCIE Program Overview/ Roadmap
Core Knowledge
Session 3 Multilayer Switching/Frame-Relay
Session 4 IP Routing Concepts/OSPF
Session 5 IP Version 6
Session 6 IP Routing BGP
Session 7 MPLS/VPN
Session 8 IP Multicast
Session 9 Quality of Service
Session 10 Troubleshooting
![Page 3: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/3.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 3
Program Overview and Roadmap
![Page 4: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/4.jpg)
4
www.cisco.com/go/learnnetspace
CCNACCENT
CCNP
CCIE
Cisco CCIE Certification
CCIE R&S: Configure and troubleshoot complex converged networks
CCIE Security: Configure complex, end-to-end secure networks, troubleshoot environments, and anticipate and respond to network attacks
CCIE Service Provider: Configure and troubleshoot advanced technologies to support service provider networks
CCIE Storage: Configure and troubleshoot storage area networks over a variety of interfaces
CCIE Voice: Configure complex, end-to-end telephony, as well as network, troubleshoot, and resolve VoIP-related problems
CCIE Wireless: Plan, design, implement, operate, and troubleshoot wireless network and mobility infrastructure
![Page 5: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/5.jpg)
5
Certification Process
CCIEs must pass two exams
The written qualification exam uses simulations and multiple-choice questions
The lab exam is what makes this certification different; the full-day, hands-on lab exam tests the ability to configure and troubleshoot equipment
Not all lab exams are offered at all lab locations
![Page 6: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/6.jpg)
6
Process: Step 1 The Written Exam
Available worldwide at Pearson VUE for $350 USD, adjusted for exchange rate and local taxes where applicable
Two-hour exam uses simulations and multiple-choice questions
Closed book; no outside reference materials allowed
Pass/fail results available immediately; passing score set by statistical analysis and subject to periodic change
Waiting period of five calendar days to retake the exam
Candidates must wait minimum of six months before retaking the same number exam
Must take first lab exam attempt within 18 months of passing written, or written exam expires
![Page 7: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/7.jpg)
7
Process: Step 2 The Lab Exam
Available in select Cisco locations for $1,400 USD, adjusted for exchange rates and local taxes where applicable, not including travel and lodging
Eight-hour exam requires working configurations and troubleshooting to demonstrate expertise
Cisco documentation available via Cisco Web; no personal materials of any kind allowed in lab
Minimum score of 80% to pass
Scores generally can be viewed online within 48 hours; failing score reports indicate areas where additional study may be useful
![Page 8: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/8.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 8
CCIE Routing and Switching
![Page 9: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/9.jpg)
9
CCIE Routing and Switching
Most popular track, over 80% of CCIE candidates attempt R&S first
Expert-level knowledge of LAN and WAN interfaces, Routing Protocols, and variety of routers and switches
Expert-level in troubleshoot to solve complex connectivity problems and apply solutions to increase bandwidth, improve response times, maximize performance, improve security, and support global applications
![Page 10: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/10.jpg)
10
Recent Changes to CCIE R&S
Reflect growth of network as a service platform
Aligning to job tasks of expert-level network engineers and expectations of employers
New certification standards released on May 5, 2009
New areas include: –planning and evaluating network changes
–MPLS and VPN networking
–implementing performance routing and optimized edge routing
–filtering and route distribution
–EIGRPv6
–IPv6 multicast
![Page 11: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/11.jpg)
11
CCIE R&S v4.0 Certification
Written and lab exams refreshed with new questions
Adding coverage of MPLS and VPN
Written exam adding simulations
Lab exam adding hands-on troubleshooting
Exam durations and pricing remain same
V4.0 exams scheduled for release October 18, 2009 and will immediately replace v3.0 exams
Last day to take v3.0 exam is October 17, 2009
![Page 12: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/12.jpg)
12
CCIE Exam Development Process
Job role and career development survey
Cisco business unit/ technology groups
Cisco Technical Support team
Comprehensive Job Task Analysis, performed by external and internal network experts
Customer Advisory Groups
Certification Standards
Exam Design
Development Inputs • Cisco content
advisory team
• CCIE program managers
• Customer validation survey
• Alpha review
• Beta test and statistical analysis
Validation and Feedback
Clearly defined and ISO-reviewed process ensures exams are relevant and valid.
![Page 13: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/13.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 13
CCIE Routing and Switching Written Exam
![Page 14: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/14.jpg)
14
CCIE R&S Written Exam
Covers networking theory related to:
Evaluate proposed changes to a Network
General networking*
Bridging and LAN switching (Implement Layer 2 Technologies)
IP and IP routing (Implement IPv4)
QoS (Implement Quality of Service)
WAN (Implement Layer 2 Technologies)
IP multicast (Implement IP Multicast)
Security (Implement Network Security)
IPv6 (Implement IPv6)
MPLS (Implement MPLS Layer 3 VPNs)
Implement Network Services
Troubleshoot a Network
Optimize the Network
Written lays foundation to the Lab Exam
Black = v3.0 blueprint
Red= v4.0 blueprint
* = removed fromv4.0
![Page 15: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/15.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 15
CCIE Routing and Switching Lab Exam
![Page 16: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/16.jpg)
16
R&S Lab LocationsTokyo
Sydney
Sao Paulo
Beijing
San Jose
RTP
Dubai
Brussels
Hong Kong
Permanent CCIE R&S Lab Locations
Bangalore
Upcoming Mobile Labs:
Moscow, Russia May 4-8, 2009Singapore, Singapore June 8-12, 2009Riyadh, Saudi Arabia June 20-24, 2009
![Page 17: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/17.jpg)
17
Introduction
Candidates build a network to a series of supplied specifications
The point values for each question are shown on the exam
Some questions depend upon completion of previous parts of the network
Report any suspected equipment issues to the proctor as soon as possible; adjustments cannot be made once the exam is over
![Page 18: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/18.jpg)
18
R&S Lab Exam: Topics Evaluate proposed changes to a Network
Bridging and Switching (Implement Layer 2 Technologies)
IP IGP Routing (which includes IPv6) (Implement IPv4 – includes BGP)
BGP
Implement IPv6
Implement MPLS Layer 3 VPNs
IP and Cisco IOS Features (Implement Network Services)
Implement MPLS Layer 3 VPNs
IP Multicast (Implement IP Multicast)
QoS (Implement Quality of Service)
Security (Implement Network Security)
Troubleshoot a Network
Optimize the Network
Black = v3.0 blueprint
Red= v4.0 blueprint
![Page 19: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/19.jpg)
19
Introduction
Each candidate has his/her own PC and rack of equipment
Equipment rack may or may not be with candidates desk and PC
Equipment requires no HW or Cabling configuration by candidate
If the candidate feels that a HW or cabling intervention is needed the CCIE lab proctor must be involved
Check the CCIE web page for the latest equipment list and IOS versions
![Page 20: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/20.jpg)
20
Rack Access
The Comm Server is pre-configured
The Candidate PC has the terminal emulator pre-configured to access all routers and switches (in general SecureCRT), browsers and any other needed application
Comm ServerCandidate PC
Exam Routers
Ethernet
Rack Connection Method
![Page 21: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/21.jpg)
21
Passwords
All routers and switches have a startup configuration: hostnames, passwords, line setup, and IP addresses for primary interfaces are already configured; since all tests require the router to be accessible via the VTY and AUX ports, do not change these established configurations
![Page 22: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/22.jpg)
22
Standard Restrictions
Static routes (of any kind)
Default routes
**Dynamic routes to null are permitted
Unless Specified within the exam you are NOT allowed to use
![Page 23: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/23.jpg)
23
R&S Lab Exam: Sample Topology
R1
R5
R4
R3
R2
Frame Relay
SW1
SW2
FA0/0-10.11/24 S0/0-11.1/24 S0/0-11.2/24
FA0/0-33.1/24
FA0/0-50.1/24
FA0/0-50.1/24
FA0/0-22.1/24
FA0/0-22.5/24
Lo0-1.1/24Lo1-172.16.1.1Lo2-172.16.2.2Lo3-172.16.3.3Lo4-172.16.4.4
Lo0-2.2/24
Lo0-5.5/24
R6 Lo0-4.4/24
Network Addressing 125.10.0.0
Frame Relay
![Page 24: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/24.jpg)
24
R&S Lab Exam: Sample Question
Configure RIPv2 on R1, R2, and R5
Redistribute between RIP and OSPF on R5
All routes should be visible on all routers
Score: 2 Points
Section: 2.5 RIP
![Page 25: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/25.jpg)
25
R&S Lab Exam: Sample Answer
R4 must have all routes on its routing tableR4#show ip route <-> 172.16.0.0/24 is subnetted, 4 subnetsO E2 172.16.4.0 [110/20] via 125.10.50.1, 22:34:38, Ethernet0/0O E2 172.16.1.0 [110/20] via 125.10.50.1, 22:36:03, Ethernet0/0O E2 172.16.2.0 [110/20] via 125.10.50.1, 22:36:03, Ethernet0/0O E2 172.16.3.0 [110/20] via 125.10.50.1, 22:34:58, Ethernet0/0 125.0.0.0/8 is variably subnetted, 8 subnets, 2 masksC 125.10.50.0/24 is directly connected, Ethernet0/0O E2 125.10.22.0/24 [110/20] via 125.10.50.1, 22:44:39, Ethernet0/0C 125.10.4.0/24 is directly connected, Loopback0O E2 125.10.2.0/24 [110/20] via 125.10.50.1, 22:44:40, Ethernet0/0O E2 125.10.1.0/24 [110/20] via 125.10.50.1, 22:44:40, Ethernet0/0O 125.10.5.5/32 [110/11] via 125.10.50.1, 22:44:40, Ethernet0/0O E2 125.10.11.0/24 [110/20] via 125.10.50.1, 22:44:40, Ethernet0/0O E2 125.10.10.0/24 [110/20] via 125.10.50.1, 22:44:44, Ethernet0/0R4#
Verification—1
![Page 26: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/26.jpg)
26
R&S Lab Exam: Grading
Proctors grade all lab exams
Automatic tools aid proctors with simple grading tasks
Automatic tools are never solely responsible for lab exam grading
Proctors complete grading of the exam and submit the final score within 48 hours
Partial credit is not awarded on questions
Points are awarded for working solutions only
Some questions have multiple solutions
![Page 27: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/27.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 27
Q and A
![Page 28: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/28.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 28
Session 2:
Core Knowledge
![Page 29: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/29.jpg)
29
Agenda
What is the Core Knowledge questions
How many questions?
Structure through the lab exam
Sample questions
![Page 30: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/30.jpg)
30
Core Knowledge Consists of four and computer-delivered short-answer
questions is being added to the lab exam in all global lab locations.
Candidates will be required to type out their answers, which typically require five words or less.
This section covers core concepts from the CCIE R&S exam objectives.
When candidates complete the Core Knowledge section, they may move immediately to the lab configuration portion of the exam.
You must be completed before the candidate moves to the lab configuration scenarios.
![Page 31: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/31.jpg)
31
Core Knowledge Sample Question - 1
Refer to the diagram below. On which routers can you enable summarization in OSPF?
(Answer: Any ABR router)
![Page 32: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/32.jpg)
32
Core Knowledge Sample Question - 2
What protocol do the following statements describe?
Integral to IPv6
Every node that implements IPv6 must fully implement this protocol.
Many IPv6 functions utilize this protocol e.g. MTU path discovery, and neighbor discovery, etc.
(Answer: ICMPv6)
![Page 33: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/33.jpg)
33
Core Knowledge Sample Question - 3
What device is used to dynamically announce the RP address to all routers in a PIM environment ?
Which open standard BGP attribute is used first in the BGP Best Path selection algorithm?
![Page 34: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/34.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 34
Session 3:
Multilayer Switching and Frame Relay
![Page 35: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/35.jpg)
35
Agenda
LAN Switching
MLS Concepts
Layer 2 Protocols
Layer 2 Features
Layer 3 Features
Troubleshooting Tips
Frame Relay
Concepts
Configuration Options
Troubleshooting Tips
![Page 36: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/36.jpg)
36
MLS Concepts
Layer 1:
Collision domain: Hub
Layer 2:
Broadcast domain: Vlan
VTP domain
STP domain
Layer 3 and 4: MLS
Wire-rate forwarding based on upper layer info
IP (address or TOS)
TCP/UDP ports
![Page 37: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/37.jpg)
37
Layer 2 VLAN’s
Broadcast domains spanning multiple switches
Default Vlan 1
Normal-range: 1 to 1005
Extended-range: 1006 to 4094
Deprecated vlan-database > vlan config-mode
Minimal port config once the Vlan is known:
switchport mode access
switchport access vlan X
![Page 38: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/38.jpg)
38
Layer 2 FeaturesVerify VLAN Configuration
switch#sh vlan brief
VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/4, Fa0/5 Fa0/7, Fa0/8, Fa0/9, Fa0/11 Fa0/12, Fa0/13, Fa0/14, Fa0/15 Fa0/16, Fa0/17, Fa0/18, Fa0/21 Fa0/22, Fa0/24, Gi0/1, Gi0/211 VLAN_BB1 active Fa0/1012 VLAN_BB2 active 13 VLAN_BB3 active 21 VLAN_A active 22 VLAN_B active 23 VLAN_C active 55 vlan_test active 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup switch#switch#s run int f0/10!interface FastEthernet0/10 switchport access vlan 11 switchport mode accessend
![Page 39: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/39.jpg)
39
Most LAN topologies consist of multiple VLANs
How to carry multiple VLANs on a single physical link, while maintaining isolation?
Trunking Protocols:IEEE 802.1q
4 bytes tag with Vlan ID
Supports Native Vlan (not tagged, must match on L2 links)
ISL (Cisco Proprietary)
30 bytes header (26 + 4) true encapsulation
No Native concepts, ALL frames encapsulated
Layer 2 Ethernet Trunk
X
10 VLANS
?
![Page 40: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/40.jpg)
40
Sample Question
Create trunking among the four switches meeting the following requirements:
Trunking will be formed unconditionally
Use ISL encapsulation
Choose the encapsulation and create a trunk between R6 and Sw2. Only VLAN_BB3 and VLAN_B must be allowed in the trunk
Implicit: refer to the diagrams to determine IP addresses
Score: 2 Points
![Page 41: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/41.jpg)
41
Sample Questions
You have multiple diagrams and have to figure out which ports to configure
Diagrams
FR FR
Sw1 Sw2
Fa0/19Fa0/20Fa0/21Fa0/22
Fa0/19Fa0/20Fa0/21Fa0/22
sw1
sw1
sw1
sw1
Fa0/1
Fa0/2
Fa0/3
Fa0/4
g0/0
g0/0
g0/0
g0/0
sw1 Fa0/10
g0/1
g0/2
g0/3
g0/4
Fa0/1
Fa0/2
Fa0/3
Fa0/4
Fa0/10
sw2
sw2
sw2
sw2
sw2BB1 BB2
R1
R2
R3
R4
![Page 42: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/42.jpg)
42
Sample Question—Solution
On switch-switch links, use ‘interface-range’ to speed up and minimize missed/wrong configConfig)#interface range fa0/19-20switchport trunk encapsulation islswitchport mode trunk
On switch-router, with the IOS running, only dot1Q is supported!
Router’ subinterface:-if)#encapsulation dot1q [vlanID]-if)#ip address [asPerDiagram…]
Switch port:-if)#switchport encapsulation dot1q-if)#switchport trunk allowed vlan 13,22-if)#switchport mode trunk
![Page 43: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/43.jpg)
43
Sample Question—Verification
switch#s int f0/x trunk
Port Mode Encapsulation Status Native vlanFa0/x on isl trunking 1
Port Vlans allowed on trunkFa0/x 1-4094
Port Vlans allowed and active in management domainFa0/x 1,11-13,21-23,55
Port Vlans in spanning tree forwarding state and not prunedFa0/x 1,11-12,21-23,55
![Page 44: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/44.jpg)
44
Layer 2 Protocols
CDP
Useful to discover L2 topology and detect weird forwarding issues (cdp neighbors appear where they shouldn’t)
switch3#sh cdp neigh
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
bb3-sw Fas 0/10 130 S I WS-C3550-4Fas 0/8
Switch4 Fas 0/24 178 R S I WS-C3560-2Fas 0/24
Switch4 Fas 0/23 178 R S I WS-C3560-2Fas 0/23
![Page 45: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/45.jpg)
45
Sample Question
Configure the amount of time a neighbor should hold CDP information sent by Sw2 before discarding it to 2 minutes
Score: 2 Points
![Page 46: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/46.jpg)
46
Sample Question—Solution
Sw2
Config)#cdp holdtime 120
Verification:
switch2#sh cdp
Global CDP information:
Sending CDP packets every 60 seconds
Sending a holdtime value of 120 seconds
Sending CDPv2 advertisements is enabled
![Page 47: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/47.jpg)
47
Layer 2 ProtocolsDTP (Dynamic Trunking Protocol)
Negotiate trunking encapsulation, enabled by default
Some basic error checking
![Page 48: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/48.jpg)
48
Sample Written Question
What trunk mode combination would not produce an operational ISL trunk?
Local: auto Remote: auto
Local: on Remote: auto
Local: nonegociate Remote: on
Local: nonegociate Remote: nonegociate
Local: auto Remote: desirable
Solution: AIf both sides are set to Auto, trunk will never come up
![Page 49: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/49.jpg)
49
Sample Lab Question
Completely disable DTP traffic on all Fast Ethernet ports on all switches
Score: 2 Points
![Page 50: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/50.jpg)
50
Sample Lab Question—Solution
if)#switchport mode access
if)#switchport nonegociate
Verification :
show interfaces switchport
Name: FaX/Y
Negotiation of Trunking: Off
![Page 51: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/51.jpg)
51
VLAN Trunk Protocol (VTP)
Same VTP domain, version (1 or 2) and password
3 modes: server—client—transparent
Pruning
Switch-1 Switch-2
VTP Domain is CCIE
VLAN 10
Switch-1(config-if)#vlan 10
![Page 52: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/52.jpg)
52
VTP CLI
sh vtp statusmost info comes out of this
sh vtp countersto see, whether pruning joins are received/transmitted
sh int pruningto see, which vlans are pruned and which vlans we request from upstream
sh int trunkto see, which vlans are (not) pruned and are forwarding
debug sw-vlan vtp <events|packets|xmit|pruning>
![Page 53: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/53.jpg)
53
Layer 2 FeaturesVTP Verification
3550# show vtp countersVTP statistics:Summary advertisements received : 734Subset advertisements received : 0 Request advertisements received : 0Summary advertisements transmitted : 2199…
3550# show vtp statusVTP Version : 2Configuration Revision : 16Maximum VLANs supported locally : 1005Number of existing VLANs : 9VTP Operating Mode : ServerVTP Domain Name : ciscoVTP Pruning Mode : EnabledVTP V2 Mode : Disabled…
![Page 54: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/54.jpg)
54
Layer 2 FeaturesEtherChannels
A logical aggregation of similar links (up to 8) 10/100/1000/10GE ports
Channel always point-to-point and viewed as one logical link by other protocols
Two flavors: Cisco’s PAgP and IEEE 802.3ad LACP
Each defines an “active” and “passive” side
![Page 55: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/55.jpg)
55
EtherChannels
Can aggregate L2 Access Ports, L2 Trunks or L3 Links
Load-balancing algorithm (default is src-mac)
Operates between switches, routers, and certain vendors’ NICs
![Page 56: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/56.jpg)
56
Sample Question
Create EtherChannels among Sw1 and Sw2 so that it will be formed unconditionally NOT using any protocol negotiation
Score: 2 Points
![Page 57: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/57.jpg)
57
Sample Question—Solution
Use interface range
Config)#int range FastEthernet0/x-y
Config)#channel-group z mode on
Verification
sh etherchannel z port-channel
sh etherchannel [sum|load]
sh pagp|lacp [[port-chan#] neigh|count|internal]
![Page 58: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/58.jpg)
58
Layer 2 FeaturesEtherChannel Verification
Rack08Sw2#sh etherchannel sum
...
Number of channel-groups in use: 1
Number of aggregators: 1
Group Port-channel Protocol Ports
------+-------------+-----------+--------------------------------------------
12 Po12(SU) - Fa0/23(P) Fa0/24(P)
switch#sh ether 12 port
Ports in the group:
-------------------
Port: Fa0/23
------------
Port state = Up Mstr In-Bndl
Channel group = 12 Mode = On/FEC Gcchange = -
Port-channel = Po12 GC = - Pseudo port-channel = Po12
Port index = 0 Load = 0x00 Protocol = -
Age of the port in the current state: 00d:00h:00m:17s
![Page 59: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/59.jpg)
59
Layer 2 FeaturesEtherChannel Verification [2]
switch#sh int port-channel 12
Port-channel12 is up, line protocol is up (connected)
Members in this channel: Fa0/23 Fa0/24
switch#sh pagp ?
<1-64> Channel group number
counters Traffic information
internal Internal information
neighbor Neighbor information
switch#sh lacp ?
<1-64> Channel group number
counters Traffic information
internal Internal information
neighbor Neighbor information
sys-id LACP System ID
![Page 60: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/60.jpg)
60
Spanning Tree
Provide loop free topology while physical redundant links/trunks are allowed between switches
Elects a root bridge and defines roles to the ports based on least cost path to the root
One Root port per bridge and one Designated port per segment
Blocks other ports to break loops(PDU still passes through)
![Page 61: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/61.jpg)
61
Spanning Tree
Port States
Blocking: No user traffic allowed, only BPDUs
Listening: Receives BPDUs and wait for convergence of BPDUs
Learning: Learn source MAC from user traffic to build CAM
Forwarding: Normal mode, forward user traffic AND BPDUs
Disabled: Port is shut (/admin or not)...
![Page 62: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/62.jpg)
62
Spanning-Tree Algorithm
A BPDU Is Superior than Another if it Has:
1. A lower Root Bridge ID
2. A lower path cost to the Root
3. A lower Sending Bridge ID
4. A lower Sending Port ID
![Page 63: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/63.jpg)
63
A Root
C Peer
D Peer
1
2
2
1
2
21
RP
DP
DP
RP
DP
DP
RP
NDP
1Core
Distribution
B Peer
Spanning Tree
32768:000000000003
8192:000000000001
32768:000000000004
32768:000000000002
Designated Ports: PortsSelected for Forwarding
Direction ofBPDU Flow
Root Ports: Port with LeastCost Path to the Root Bridge
Nondesignated Ports:Ports in Blocking
![Page 64: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/64.jpg)
64
Spanning Tree—RSTP—802.1w
switch(config)#spanning-tree mode ? mst Multiple spanning tree mode pvst Per-Vlan spanning tree mode rapid-pvst Per-Vlan rapid spanning tree mode
Mechanism of handshake to bypass listening/ forwarding state of the designated port if all bridges on a segment recognized this port as the designated
‘Disabled’+’Blocking’+’Listening’ states are merged into ‘Discarding’ state
![Page 65: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/65.jpg)
65
Spanning Tree—MST—802.1s
Enhances STP scalability (preserves CPU power)
Flexible load-balancing
Complex interoperability with other STP flavors
![Page 66: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/66.jpg)
66
Spanning Tree—MST—802.1s
MST Configuration: Identical for all switches in the same region
Digest of the config is sent in the MST BPDU
spanning-tree mode mst
spanning-tree mst configuration
name MST < up to 32bytes
revision 1
instance 1 vlan 20, 40, 60
instance 2 vlan 30, 50, 70
![Page 67: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/67.jpg)
67
Spanning Tree Features
Portfast
Bpduguard
Bpdufilter
Uplinkfast
Backbonefast
Rootguard
![Page 68: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/68.jpg)
68
Sample Lab Question
The 3550 switches in your topology are pre-cabled as shown in the diagram above. VLANs have already been assigned to the switches. Configure Sw1 and Sw2 to have the following behavior:
Only ODD VLANs should be forwarded on Fa0/23 during normal operationOnly EVEN VLANs should be forwarded on Fa0/24 during normal operationInterfaces should begin forwarding traffic within eight seconds of link-upDO THIS WITH EXACTLY WITH TWO COMMANDS PER SWITCH
Fa0/24
Fa0/23
Fa0/24
Fa0/23
Score: 3 Points
Sw2Sw1
![Page 69: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/69.jpg)
69
Sample Lab Question: Analysis
Analyze the Initial Status
Sw#sh vlan brief ; Sw1#sh int trunk
Only Vlan 1 and Vlan 2 are active
Fa0/23 and Fa0/24 are trunk ports on both sides
Sw#sh span vl [1 | 2]
Sw1 is the root for both Vlans, as per lower sys MAC
Sw2 is Forwarding both Vlans out of Fa0/23 as per lower port ID Sw2Sw1
Desg FWDRoot FWD
Altn BLK
![Page 70: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/70.jpg)
70
Vlan 1
Sw2Sw1
Sample Lab Question: Design
Think About It…
Vlan 2
Initial : Vlan 1 + 2
Possible Solution?
No, Because This Doesn’t Answer the “Exactly 2 Commands Per Switch” !
spanning-tree vlan 1 forward-time 4spanning-tree vlan 2 forward-time 4-if)#spanning-tree vlan 2 port-priority 112
Desg FWDRoot FWD
Altn BLK
Sw2Sw1
Sw2Sw1
![Page 71: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/71.jpg)
71
Sample Lab Question: Solution
So We Need Sw2 to Become Root for One Vlan!
spanning-tree vlan 1 forward-time 4spanning-tree vlan 2 priority 61440
spanning-tree vlan 2 forward-time 4-if)#spanning-tree vlan 2 port-priority 112
Desg FWDRoot FWD
Altn BLK
Vlan 1
Sw2Sw1
Vlan 2
Sw2Sw1
![Page 72: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/72.jpg)
72
Sample Lab Question: Verification
Sw1#s span vlan 1VLAN001 Spanning tree enabled protocol ieee Root ID Priority 32779 Address 0009.e8e2.6200 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 4 sec. . .
Sw1#s span vlan 2VLAN002 Spanning tree enabled protocol ieee Root ID Priority 32780 Address 0015.6286.7400 Cost 19 Port 24 (FastEthernet0/24) Hello Time 2 sec Max Age 20 sec Forward Delay 4 sec
Bridge ID Priority 61452 (priority 61440 sys-id-ext 2) Address 0009.e8e2.6200 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300
Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- --------------------------------Fa0/23 Altn BLK 19 128.23 P2p Fa0/24 Root FWD 19 128.24 P2p
![Page 73: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/73.jpg)
73
Layer 3 FeaturesSwitched Virtual Interface (SVI)
Software-based virtual interface
Configure SVIs for any VLANs for which you want to route traffic
SVI VLAN1 is created by default
3.0.0.1
5.0.0.4
5.0.0.1
Fa0/5
Fa0/1VLAN10
Fa0/2
Fa0/33.0.0.83.0.0.6
SVI
vlan10
![Page 74: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/74.jpg)
74
Layer 3 FeaturesRouted Ports
Acts like a port on a router
Not associated with a particular VLAN
Put the interface into Layer 3 mode with the no switchport interface configuration command
Routed Port
3.0.0.1
5.0.0.4
5.0.0.1
Fa0/5
Fa0/1VLAN10
Fa0/2Fa0/3
3.0.0.83.0.0.6
SVI 10
![Page 75: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/75.jpg)
75
Layer 3 FeaturesSVI/Routed Port Configuration
Routed Port
!interface Vlan10 ip address 3.0.0.1 255.0.0.0end
!interface FastEthernet0/5 no switchport ip address 5.0.0.1 255.0.0.0end
SVI
3.0.0.1
5.0.0.4
5.0.0.1
Fa0/5
Fa0/1VLAN10
Fa0/2Fa0/3
3.0.0.83.0.0.6
SVI 10
![Page 76: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/76.jpg)
76
Layer 2/Layer 3Troubleshooting Discussion
R1 R2E0/0
Fa0/1 Fa0/2
Fa0/0
Ping from R1 to R2 FailsHow Do You Troubleshoot?
![Page 77: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/77.jpg)
77
References
Cisco LAN Switching, Kennedy Clark, Cisco Press®
Interconnections, 2nd edition, Radia Perlman
Cisco Catalyst 3550 configuration guide CCOhttp://www.cisco.com/univercd/cc/td/doc/product/lan/c3550
Cisco Catalyst 3560 configuration guide CCOhttp://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/index.htm
![Page 78: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/78.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 78
Q and A
![Page 79: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/79.jpg)
79
Frame Relay
Concepts
Implementation Options
Troubleshooting Tips
![Page 80: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/80.jpg)
80
Frame Relay Concepts
DLCI—Data-link connection identifier
LMI—Local Management Interface
PVC—Permanent Virtual Circuit
Frame RelaySwitchLMI
PVC
DLCI DLCI
LMI
![Page 81: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/81.jpg)
81
Frame Relay: CCIE Lab FR Switch
Sample Configuration!frame-relay switching!interface Serial1/0 no ip address encapsulation frame-relay clockrate 1007616 frame-relay lmi-type ansi frame-relay intf-type dce frame-relay route 102 interface Serial1/2 201 frame-relay route 103 interface Serial2/0 301 frame-relay route 104 interface Serial2/2 401
FR-SWR1 R2
The Frame Relay Switch Is Pre-Configured
![Page 82: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/82.jpg)
82
NBMA—Hub and SpokeTypical Exam Scenario
R2
R3
Frame Relay R1
172.16.1.2/24
172.16.1.3/24
172.16.1.1/24
201
301
102
103
![Page 83: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/83.jpg)
83
Frame-Relay Inverse ARP
interface Serial0
ip address 172.16.1.1 255.255.255.0
encapsulation frame-relay
interface Serial1
ip address 172.16.1.2 255.255.255.0
encapsulation frame-relay
Dynamic L3 to L2 Address Mapping Uses Frame Relay Inverse ARP to Request the Next Hop Protocol Address for a Specific
Connection (DLCI)
Rtr A Rtr BS0 S1
140 401
![Page 84: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/84.jpg)
84
Frame-Relay Verification
RtrA# show frame-relay map
Serial0 (up): ip 172.16.1.2 dlci 140(0x8C,0x20C0), dynamic, broadcast,, status defined, active
RtrA# show frame-relay pvc
DLCI = 140, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0 input pkts 83 output pkts 87 in bytes 8144 out bytes 8408 dropped pkts 0 in FECN pkts0 in BECN pkts 0 out FECN pkts 0 out BECN pkts0 in DE pkts 0 out DE pkts 0 out bcast pkts 41 out bcast bytes 3652 pvc create time 01:31:50, last time pvc status changed 01:28:28
Rtr A Rtr BS0 S1
140 401
![Page 85: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/85.jpg)
85
Frame-Relay Static Mapping
interface Serial0
ip address 172.16.1.1 255.255.255.0
encapsulation frame-relay
no frame-relay inverse-arp
frame-relay map ip 172.16.1.2 140 broadcast
interface Serial1
ip address 172.16.1.2 255.255.255.0
encapsulation frame-relay
No frame-relay inverse-arp
Frame-relay map ip 172.16.1.1 401 broadcast
Manually Disable Inverse ARP!
Rtr A Rtr BS0 S1
140 401
![Page 86: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/86.jpg)
86
Hub and Spoke—Multipoint
R1interface Serial1 ip address 172.16.1.1 255.255.255.0 frame-relay map ip 172.16.1.2 102 broadcast frame-relay map ip 172.16.1.3 103 broadcast no frame-relay inverse-arp
R3interface Serial1 ip address 172.16.1.3 255.255.255.0 frame-relay map ip 172.16.1.1 301 broadcast frame-relay map ip 172.16.1.2 301 no frame-relay inverse-arp
R2
R3
Frame Relay R1
172.16.1.2/24
172.16.1.3/24
172.16.1.1/24
201
301
102
103
![Page 87: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/87.jpg)
87
Hub and Spoke—Point-to-Point
R2
R3
Frame Relay R1
172.16.1.2/24
172.16.1.3/24
172.16.1.1/24
201
301
102
103
R1interface Serial1 ip address 172.16.1.1 255.255.255.0 frame-relay map ip 172.16.1.2 102 broadcast frame-relay map ip 172.16.1.3 103 broadcast no frame-relay inverse-arp
R2interface Serial1.201 point-to-point ip address 172.16.1.2 255.255.255.0frame-relay interface dlci 201
![Page 88: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/88.jpg)
88
Frame Relay Troubleshooting
show interfaceshow frame-relay mapshow frame-relay lmishow frame-relay pvc
Rtr A Rtr BS0 S1
114 411
![Page 89: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/89.jpg)
89
Frame Relay Troubleshootingshow interface
R1#show interfaces s0/0/1
Serial0/0/1 is up, line protocol is up
…
Encapsulation FRAME-RELAY, loopback not set
Keepalive set (10 sec)
LMI enq sent 147, LMI stat recvd 147, LMI upd recvd 0, DTE LMI up
LMI enq recvd 0, LMI stat sent 0, LMI upd sent 0
LMI DLCI 0 LMI type is ANSI Annex D frame relay DTE
FR SVC disabled, LAPF state down
…
DCD=up DSR=up DTR=up RTS=up CTS=up
![Page 90: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/90.jpg)
90
Frame Relay Troubleshooting show frame-relay lmi
R1#show frame-relay lmi
LMI Statistics for interface Serial0/0/1 (Frame Relay DTE) LMI TYPE = ANSI
Invalid Unnumbered info 0 Invalid Prot Disc 0
Invalid dummy Call Ref 0 Invalid Msg Type 0
Invalid Status Message 0 Invalid Lock Shift 0
Invalid Information ID 0 Invalid Report IE Len 0
Invalid Report Request 0 Invalid Keep IE Len 0
Num Status Enq. Sent 183 Num Status msgs Rcvd 183
Num Update Status Rcvd 0 Num Status Timeouts 0
Last Full Status Req 00:00:24 Last Full Status Rcvd 00:00:24
![Page 91: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/91.jpg)
91
Frame Relay Troubleshootingshow frame-relay pvc
R1#show frame-relay pvc
PVC Statistics for interface Serial0/0/1 (Frame Relay DTE) Active Inactive Deleted StaticLocal 1 0 0 0Switched 0 0 0 0Unused 0 0 0 0
DLCI = 114, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/0/1
input pkts 20 output pkts 11 in bytes 1310
out bytes 1004 dropped pkts 0 in pkts dropped 0 out pkts dropped 0 out bytes dropped 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 2 out bcast bytes 68 5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/secpvc create time 00:32:30, last time pvc status changed 00:32:20
![Page 92: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/92.jpg)
92
Frame Relay Default Behavior
Multipoint
LMI type is “cisco”
Inverse ARP is enabled
Split Horizon is disabled
![Page 93: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/93.jpg)
93
References
Frame Relay Configuration Guide CCO
http://www.cisco.com/en/US/tech/tk713/tk237/technologies_tech_note09186a008014f8a7.shtml
![Page 94: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/94.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 94
Q and A
![Page 95: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/95.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 95
Session 4:
IP Routing Concepts
![Page 96: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/96.jpg)
96
IP Routing Concepts
Policy-based Routing
Administrative Distance
Passive Interfaces
![Page 97: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/97.jpg)
97
Policy-Based Routing
Configured on the receiving (ingress) interface
Packets are routed based on a configured policy specified in a route map
The route map statements can be marked as permit or deny
If a matching statement is marked as a deny, packets are sent back through the normal forwarding channels
Packets that not match any route map statements are sent back through the normal forwarding channels
If it is desired to drop packets that do not match the specified criteria, interface Null 0 should be specified as the last interface in the list
![Page 98: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/98.jpg)
98
Policy-Based Routing—Configuration
Configuration Steps
Define a sequenced Policy (route-map)route-map policyName [permit|deny]
[seq#]
Identify which traffic to policy-routematch…
Specify the policy for that traffic set…
Apply the policy to an interface-if)#ip policy route-map policyName
![Page 99: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/99.jpg)
99
Verification
R3#trace ip 140.10.1.1
Type escape sequence to abort.
Tracing the route to YY.YY.10.7
1 136.15.1.5 0 msec 0 msec 0 msec It goes to R5 than
2 140.10.1.1 20 msec 16 msec 16 msec it goes to R2 (not to R1)
PBR Sample Lab Question
Configure only R5 so that any received IP traffic that is sourced from 135.12.1.0 is forwarded to R2.
R2 R5
R3R1
135.12.1.0/24
140.10.1.1/24
R4
136.15.1.5/24
150.2.2.0/24
![Page 100: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/100.jpg)
100
Administrative Distance
A router with more than one IP routing protocol enabled will use the administrative distance to select a route if the route is learned from more than one protocol; a lower admin distance is preferred
Connected 0
Static 1
eBGP 20
EIGRP 90
IGRP 100
OSPF 110
IS-IS 115
RIP 120
Ext EIGRP 175
iBGP 200
Unknown 255 Not Believed
![Page 101: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/101.jpg)
101
Passive Interfaces
To disable sending routing updates out an interface, use the passive-interface command
Used in router configuration mode
Configuration Examples:
passive-interface gi0/0/0 no updates sent out interface gi0/0/0
passive-interface default no updates sent out any interfaces use no passive-interface on specified interfaces to send updates
** Note: A passive interface does not send routing protocol information. It does receive and process updates on the interface.
![Page 102: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/102.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 102
EIGRP
![Page 103: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/103.jpg)
103
Disclaimer—Reminder
With the time allocated, we can only review the cornerstones of the most important IGPs
EIGRP and OSPF
![Page 104: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/104.jpg)
104
EIGRP
Introduction and Review
Neighbor Relationships
Summarization
Load Balancing
![Page 105: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/105.jpg)
105
Advantages of EIGRP
Uses multicast instead of broadcast
Utilize composite metric (bandwidth, delay, load, reliability)
Unequal cost paths load balancing
More flexible than OSPF
Full support of distribute list
Manual summarization can be done in any interface at any router within network
![Page 106: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/106.jpg)
106
EIGRP
Introduction and Review
Neighbor Relationships
Load Balancing
Summarization
![Page 107: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/107.jpg)
107
EIGRP Packets
Hello: Establish neighbor relationships
Update: Send routing updates
Query: Ask neighbors about routing information
Reply: Response to query about routing information
Ack: Acknowledgement of a reliable packet
![Page 108: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/108.jpg)
108
EIGRP Neighbor Relationship
Two routers become neighbors when they see each other’s hello packet (see later for details)
Hello address = 224.0.0.10
Hellos sent once every five seconds on the following links:
Broadcast Media: Ethernet, Token Ring, FDDI, etc.
Point-to-point serial links: PPP, HDLC, point-to-point frame relay/ATM sub-interfaces
Multipoint circuits with bandwidth greater than T1: ISDN PRI, SMDS, Frame Relay
![Page 109: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/109.jpg)
109
EIGRP Neighbor Relationship
Hellos sent once every 60 seconds on thefollowing links:
Multi-point circuits with bandwidth less than T1: ISDN BRI, Frame Relay, SMDS, etc.
Neighbor declared dead when no EIGRP packets are received within hold interval
Not only Hello can reset the hold timer
Hold time by default is three times the hello time
Config-if)#ip hold-time eigrp as-number seconds
![Page 110: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/110.jpg)
110
EIGRP Neighbor Relationship
EIGRP will form neighbors even though hello time and hold time don’t match
EIGRP sources hello packets from primary address of the interface
EIGRP will not form neighbor if K-values are mismatched
EIGRP will not form neighbor if AS numbers are mismatched
![Page 111: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/111.jpg)
111
Neighbor Process—Review
Used for establishing and maintaining neighbors
Multicast hellos (by default)
224.0.0.10 (0100.5e00.000a)
Neighbor timers
Default Hello Interval—5 or 60 sec.
Default Hold time—15 or 180 sec.
A
B
Hello
![Page 112: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/112.jpg)
112
Checking Neighbor Status
Hold—How long to wait for an EIGRP packet before declaring this neighbor dead
Uptime—How long since last time this neighbor was discovered
RTRA#show ip eigrp neighbors IP-EIGRP neighbors for process 1 H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num 2 10.1.1.1 Et0 12 6d16h 20 200 0
233 1 10.1.4.3 Et1 13 2w2d 87 522 0 452 0 10.1.4.2 Et1 10 2w2d 85 510 0 3
![Page 113: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/113.jpg)
113
Checking Neighbor Status
EIGRP log-neighbor-changes is on by default since 12.1(3)
Don’t turn it off in the lab
Best to send to logs to console in the lab
RouterA(config) # router eigrp 100
RouterA(config-router) # eigrp log-neighbor-changes
RouterA(config) # logging console
![Page 114: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/114.jpg)
114
Log-Neighbor-Changes Messages
Common neighbor change messages
(Hint: Peer restarted means you have to check the peer; it’s the one that restarted)
Neighbor 10.1.1.1 (Ethernet0) is down: peer restarted
Neighbor 10.1.1.1 (Ethernet0) is up: new adjacency
Neighbor 10.1.1.1 (Ethernet0) is down: holding time expired
Neighbor 10.1.1.1 (Ethernet0) is down: retry limit exceeded
Neighbor 10.1.1.1 (Ethernet0) is down: route filter changed
![Page 115: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/115.jpg)
115
What Causes Neighbor Instability?
Holding time expired
Retry limit exceeded
Manual changes
Physical link instability
Stuck-in-active routes
![Page 116: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/116.jpg)
116
Holding Time Expired
Holding time expires when an EIGRP packet is not seen for the duration of the hold time
Usually caused by missing multicast hello packets
Typically caused by congestion, physical errorsor even routing issue
A
B
Hello
Neighbor 10.1.1.1 (Ethernet0) Is Down: Holding Time Expired
![Page 117: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/117.jpg)
117
Ping the multicast Address (224.0.0.10) from the Other Router
Ping 224.0.0.10
Note: If There Are Many Interfaces/Neighbors on Router B, You Should Use Extended Ping and Specify the Source Address/Interface of the Multicast Ping
Troubleshooting Holding Time Expiration
A
B
Neighbor 10.1.1.1 (Ethernet0) Is Down: Holding Time Expired
![Page 118: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/118.jpg)
118
Troubleshooting Holding Time Expiration
RouterA# debug eigrp packet hello
EIGRP Packets debugging is on (HELLO)
19:08:38.521: EIGRP: Sending HELLO on Serial1/1
19:08:38.521: AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
19:08:38.869: EIGRP: Received HELLO on Serial1/1 nbr 10.1.6.2
19:08:38.869: AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
19:08:39.081: EIGRP: Sending HELLO on FastEthernet0/0
19:08:39.081: AS 100, Fags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
Remember—Any Debug Can Be Hazardous
on a Live Network; It’s Ok in CCIE Lab Though
![Page 119: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/119.jpg)
119
Retry Limit Exceeded
EIGRP sends unreliable and reliable packets
Hellos and Acks are unreliable
Updates, Queries, and Replies are reliable
Reliable packets are sequenced and require an Acknowledgement
Reliable packets are retransmitted up to 16 times if not acknowledged
![Page 120: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/120.jpg)
120
Retry Limit Exceeded (Cont.)
Reliable packets are re-sent after Retransmit Time Out (RTO)
Typically 6 x Smooth Round Trip Time (SRTT)
Minimum RTO is 200 ms
Maximum RTO is 5000 ms (5 seconds)
16 retransmits takes between 50 seconds and 80 seconds
![Page 121: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/121.jpg)
121
A
B
Retry Limit Exceeded (Cont.)
If a reliable packet is not acknowledged before 16 retransmissions and the Hold Timer duration has passed, re-initialize the neighbor
UpdateAck
XXXXXXXXXXXXXX
Neighbor 10.1.1.1 (Ethernet0) Is Down: Retry Limit Exceeded
![Page 122: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/122.jpg)
122
Manual Changes
Some manual configuration changes also reset EIGRP neighbors:
Summary changes (manual and auto)
Route filter changes
This is normal behavior
Metric change does not reset neighbors
![Page 123: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/123.jpg)
123
Physical Link State Changes
Interface drivers tell EIGRP when a link goes down or comes up
EIGRP removes neighbors from the neighbor table when the interface used to reach them goes down
EIGRP (re)-initializes neighbors when a link comes up (and Hellos received)
Normal, but not nice
![Page 124: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/124.jpg)
124
EIGRP
Introduction and Review
Neighbor Relationships
Summarization
Load Balancing
![Page 125: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/125.jpg)
125
EIGRP Summarization
Purpose: Smaller routing tables, smaller updates
Auto summarization:
On major network boundaries, networks are summarized to the major networks
Auto summarization is turned on by default
150.150.X.X
150.150.X.X
151.151.X.X
![Page 126: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/126.jpg)
126
Manual Summarization
Configurable on per interface basis in any router within the network
When summarization is configured on an interface, the router immediate creates a route pointing to null zero with administrative distance of five
Loop prevention mechanism
When the last specific route of the summary goes away, the summary is deleted
The minimum metric of the specific routes is used as the metric of the summary route
![Page 127: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/127.jpg)
127
150.2.0.0/16
150.3.0.0/16
150.2.0.0/15
interface s0ip address 150.1.1.1 255.255.0.0ip summary-address eigrp 100 150.2.0.0 255.254.0.0
S0
AS 100
EIGRP Summarization
Manual Summarization Command:ip summary-address eigrp <as number> <address> <mask>
![Page 128: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/128.jpg)
128
Deploying Summarization
Summarization is simply a way to hide topological detail while maintaining reachability
But sometimes you have to be creative to summarize
10.1.1.0/24 10.1.3.0/24
10.1.0.0/22
A
B
C
![Page 129: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/129.jpg)
129
Deploying Summarization
For instance, can you still summarize here?
Note that A has a component which is part of 10.1.0.0/22 behind it
10.1.1.0/24 10.1.3.0/24
10.1.0.0/22
10.1.2.0/24
A
B
C
![Page 130: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/130.jpg)
130
Deploying Summarization
Sure
Routers always route to the longest prefix
Destinations within 10.1.2.0/24 will be routed towards A, while destinations within 10.1.1.0/24 and 10.1.3.0/24 will be routed towards C
10.1.1.0/24 10.1.3.0/24
10.1.0.0/22
10.1.2.0/24
A
B
C
10.1.2.0/24
10.1.0.0/22
![Page 131: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/131.jpg)
131
EIGRP
Introduction and Review
Neighbor Relationships
Summarization
Load Balancing
![Page 132: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/132.jpg)
132
EIGRP Load Balancing
Routes with equal metric to the minimum metric, will be installed in the routing table (equal cost load balancing)
There can be up to six entries in the routing table for the same destination (default = 4)
ip maximum-paths <1-6>
![Page 133: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/133.jpg)
133
EIGRP UnequalCost Load Balancing
EIGRP offers unequal cost load balancing feature with the command:
Variance <multiplier>
Variance command will allow the router to include routes with a metric smaller than multiplier times the minimum metric route for that destination, where multiplier is the number specified by the variance command
![Page 134: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/134.jpg)
134
10
20
10
10
20
25
A
B
C
D
E
Variance 2
Variance Example
Router E will choose router C to get tonet 172.16.10.0/24 FD=20
With variance of 2, router E will also choose router B to get to net 172.16.10.0/24
Router D will not be used to get to net 172.16.10.0/24
Net 172.16.10.0.24
![Page 135: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/135.jpg)
135
EIGRP Sample Lab Question Configure EIGRP 100 on VLAN_30.
Make mutual redistribution between OSPF and EIGRP on R2 only.
At this point, you must be able to ping between EIGRP 100 subnets and the OSPF subnets, and the Backbone 3 router IP address 100.3.1.254.
Backbone 3
R1
R2
R5
VLAN_30
EIGRP 100
Frame Relay
R1
OSPF Area 0
Verification
R5#ping 100.3.1.254
<..>
!!!!!
R5#ping YY.YY.14.4
<…>
!!!!!
R5#sh ip route
D EX YY.YY.12.0/30
D EX YY.YY.14.0/24
D EX YY.YY.20.0/24
D EX YY.YY.40.0/24
D EX YY.YY.50.0/24
![Page 136: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/136.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 136
Q and A
![Page 137: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/137.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 137
OSPF
![Page 138: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/138.jpg)
138
OSPF
Review
Dealing with NBMA
Commands
Preparing for OSPF
![Page 139: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/139.jpg)
139
OSPF
Review
Dealing with NBMA
Commands
Preparing for OSPF
![Page 140: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/140.jpg)
140
OSPF Areas
OSPF uses a two-level hierarchical model
Backbone area
All other areas
Areas defined with 32 bit number
Defined in IP address format
Can also be defined using single decimal value (i.e., Area 0.0.0.0, or Area 0)
0.0.0.0 reserved for the backbone area
Area boundaries are at the routers
Each link is in one and only one area
Area 0
Area 1
Area 2
Area 3
![Page 141: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/141.jpg)
141
OSPF LSAs
Router and network LSA’s within an area
Summary LSA Type 3 outside the area
Summary LSA Type 4and Type 5 forredistributed routes
Area 0
Area 1
Area 2
Area 3
![Page 142: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/142.jpg)
142
OSPF LSAs
![Page 143: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/143.jpg)
143
OSPF Virtual Links
Allow areas to connect to areas other than 0
Repair a discontinuousarea 0
Backup purposeArea 0
Area 1
Area 2
Area 3
X
X
Can Be Useful for Several Purposes
![Page 144: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/144.jpg)
144
OSPF Router Types
A router with at least one interface in area 0 and 1 or more interfaces in one or more non-backbone areas
OSPF routes can only be summarized on an ABR
Area Border Router—ABR
Area 0Area 51
ABR
![Page 145: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/145.jpg)
145
OSPF Router Types
A router with at least one interface in an OSPF area that is redistributing routes from another protocol into OSPF; external routes can be summarized on an ASBR
ASBR
BGPRIPIGRPEIGRPStaticConnected
Area 0Area 51
ABR
Autonomous System Boundry Router—ASBR
![Page 146: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/146.jpg)
146
OSPF Area Types
Area 0Area 1Stub Redistribute
Connected
A B C10.1.1.1/30
S0/1S0
S010.1.1.2/30
S1
10.1.1.5/3010.1.1.6/30 192.168.3.3/32
Stub AreaRedistributed Routes (OSPF External Routes or Type 5) are not advertised into a Stub Area; OSPF Inter-Area Routes are advertised into a Stub Area; the ABR will advertise a default into the Stub Area
RTR-A(config-router)# area 1 stub
RTR-B(config-router)# area 1 stubconfigure on all routers in the area
ABR ASBR
Default RouteOSPF Inter-Area Routes (10.1.1.4)
OSPF External Routes (192.168.3.3) X
![Page 147: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/147.jpg)
147
Area 0Area 1Totally Stubby
S0/1S0
S0S1
10.1.1.5/30
OSPF Area Types
Default RouteOSPF Inter-Area Routes (10.1.1.4)
OSPF External Routes (192.168.3.3) XX
ABR ASBR
Totally Stubby AreaRedistributed Routes (OSPF External Routes or Type 5) andOSPF Inter-Area Routes are Not Advertised Into a Totally Stubby Area; the ABR will Advertise a Default into the Stub AreaRTR-A(config-router)# area 1 stubRTR-B(config-router)# area 1 no-summary
configure no-summary on the ABR
A B C
RedistributeConnected
10.1.1.1/30 10.1.1.2/30
10.1.1.6/30 192.168.3.3/32
![Page 148: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/148.jpg)
148
OSPF Area Types
Redistributed Routes (OSPF External Routes) are advertised as Type 7 at the ASBR; the ABR converts them toType 5; the ABR will not advertise a default into the NSSA AreaRTR-B(config-router)# area 1 nssaRTR-C(config-router)# area 1 nssa
configure on all routers in the area
S1S0
Area 0
ASBR
RedistributeRIP
A B C10.1.1.1/30
S0/1S0
S010.1.1.2/30S1
10.1.1.5/3010.1.1.6/30
10.1.1.10/3010.1.1.9/30
RIP V2 172.26.32.1/24
172.26.33.1/24D
Not So Stubby Area—NSSA
OSPF Inter-Area Routes (10.1.1.0) Type 3
OSPF External RoutesType 5
X
Area 1NSSA
ABR
OSPF Type 5Routes
OSPF Type 7 Routes toOSPF Type 5 Routes
RIP Routes toOSPF Type 7 Routes
![Page 149: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/149.jpg)
149
OSPF Area Types
S1S0
Area 1Totally Stubby
NSSAABR
RedistributeRIP
B C10.1.1.1/30
S0/1S0
S010.1.1.2/30S1
10.1.1.5/3010.1.1.6/30
10.1.1.10/3010.1.1.9/30
RIP V2 172.26.32.1/24
172.26.33.1/24
OSPF Type 5Routes
OSPF Type 7 Routes toOSPF Type 5 Routes
RIP Routes toOSPF Type 7 Routes
OSPF Inter-Area Routes (10.1.1.0) Type 3
OSPF External RoutesType 5
XX
OSPF Inter-Area Default Route
DA
Totally Stubby NSSA
Area 0
ASBR
Redistributed Routes (OSPF External Routes) are advertised as Type 7 at the ASBR; the ABR converts them back to Type 5; OSPF Inter-Area Routes are not advertised into the Totally Stub Not So Stubby Area; the ABR Will Advertise a Default Route into the Totally Stubby NSSARTR-B(config-router)# area 1 nssa no summary
RTR-C(config-router)# area 1 nssa
configure no-summary on the ABR
![Page 150: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/150.jpg)
150
Designated Routers
On a multi-access network, the DR is responsible for distributing LSAs to other attached OSPF routers; DR is selected by highest priority (default = 1), highest loopback address, or highest IP address assigned to a physical interface
Always configure a loopback interface before configuring OSPF—stable OSPF Router ID
DR
Designated Router—DR
![Page 151: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/151.jpg)
151
Designated Routers
The BDR will assume the DR role if the DR fails
Listens and learns all information that the DR learns—a “hot standby”
BDRDR
Backup Designated Router—BDR
![Page 152: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/152.jpg)
152
Designated Routers
All other routers on the multi-access network segment
DROTHER DROTHERBDRDR
DROTHER—Not the DR or BDR
![Page 153: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/153.jpg)
153
Designated Routers
On a multi-access network, all OSPF routers will become adjacent with the DR and BDR
Full2-Way
DROTHER DROTHERBDRDR
Adjacency
![Page 154: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/154.jpg)
154
Broadcast and Non-Broadcast Multi-Access
Full—Router and network LSAs exchanged, databases are fully synchronized; normal state
2-Way—Bi-directional communications have been established; normal state between DROTHER routers
Full2-Way
DROTHER DROTHERBDRDR
Adjacency
![Page 155: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/155.jpg)
155
Designated Routers
A router stuck in any other state has a problem
router# show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.16.5.1 1 INIT/- 00:00:34 172.16.1.1 Serial0
router#
Full2-Way
DROTHERBDRDR
Adjacency
![Page 156: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/156.jpg)
156
OSPF Domain RIP Domain
RIP Cost = 5OSPF Cost = 10
Type 1 Cost = 15 Type 2 Cost = 5
External CostsExternal Routes
![Page 157: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/157.jpg)
158
OSPF
Review
Dealing with NBMA
Commands
Preparing for OSPF
![Page 158: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/158.jpg)
159
Point-to-Point Media
Serial links
Multicast used
No DR or BDR
![Page 159: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/159.jpg)
160
Frame Relay
Non-Broadcast Multi-Access Media (NBMA)
Several possibilities: Point-to-point, broadcast, point-to-multipoint, or nonbroadcast
Frame Relay (Multipoint), X.25
![Page 160: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/160.jpg)
161
Dealing with NBMA
Benefits: Individual costs can be configured; can be simple, treated like standard point-to-point links
Drawbacks: Complex to configure if the NBMA network is big or redundant; wastes address space
Point-to-Point Model
![Page 161: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/161.jpg)
162
Dealing with NBMA
Benefits: Simple to configure; treated like a multi-access network
Drawbacks: Must maintain an L2 full-mesh at all times; one metric for all VCs
Broadcast Model
![Page 162: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/162.jpg)
163
Dealing with NBMA
Benefits: Only one IP subnet used
Drawbacks: Complex to configure and scale; need to manually configure each neighbor
Non-Broadcast (NBMA) Model
![Page 163: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/163.jpg)
164
Dealing with NBMA
Point-to-multipoint model:
Benefits: Simple to configure; no neighbor configuration (unless you want individual costs); no requirement for a full mesh at L2
Drawbacks: Compared to other choices—none
This is the recommended method of dealing with NBMA networks
![Page 164: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/164.jpg)
165
OSPF
Review
Dealing with NBMA
Commands
Preparing for OSPF
![Page 165: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/165.jpg)
166
OSPF Commands—Router
The router-id command is used to explicitly specify the router ID OSPF will use
If the OSPF process already has neighbors, this command will not take effect until the next reload or manual restart of the OSPF process
clear ip ospf
Order of determining the RID
Manually configured RID
Highest loopback interface IP address (if available)
Highest active interface IP address
router-id
![Page 166: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/166.jpg)
167
OSPF Commands—Router
The network command is used to determine which interfaces will be enabled for OSPF
network 10.2.1.1 0.0.0.0 area 0
network 10.2.2.1 0.0.0.0 area 1
network 10.2.3.1 0.0.0.0 area 2
network
10.2.1.1/24 10.2.3.1/24
10.2.2.1/24
![Page 167: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/167.jpg)
168
OSPF Commands—Router
network 10.2.1.0 0.0.0.255 area 0
network 10.2.2.0 0.0.0.255 area 1
network 10.2.3.0 0.0.0.255 area 2
network
10.2.1.1/24 10.2.3.1/24
10.2.2.1/24
![Page 168: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/168.jpg)
169
OSPF Commands—Router
network 10.2.0.0 0.0.255.255 area 0or in this example
Network 0.0.0.0 255.255.255.255 area 0is the equivalent
Do you know why?
10.2.1.1/24 10.2.3.1/24
10.2.2.1/24
network
![Page 169: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/169.jpg)
170
OSPF Commands—Router
By default, redistributed routes have external metric type 2; Type 2 routes have a cost which consists of the external cost only; Type 1 routes include the cost of traversing the OSPF domain
ASBR(config-router)#redistribute rip metric-type? 1 Set OSPF External Type 1 metrics 2 Set OSPF External Type 2 metrics
ASBR(config-router)#redistribute rip metric-type 1
redistribute metric-type
![Page 170: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/170.jpg)
171
OSPF Commands—Router
Addresses can be summarized into OSPF on an ASBR
ASBR(config-router)# summary-address 10.1.0.0 255.255.252.0
OSPF Domain10.1.0.0/22
RIP Domain10.1.0.0/2410.1.1.0/2410.1.2.0/2410.1.3.0/24ASBR
summary-address
![Page 171: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/171.jpg)
172
OSPF Commands—Router
Addresses can be summarized on an ABR into area 0 or from area 0
Area 110.2.0.0/2410.2.1.0/2410.2.2.0/2410.2.3.0/24
10.1.0.0/22
Area 010.1.0.0/2410.1.1.0/2410.1.2.0/2410.1.3.0/24
10.2.0.0/22
ABR
OSPF Does Not Allow Summarizing Anywhere Else (Only ASBR and ABR)
area range
ABR(config-router)# area 1 range 10.2.0.0 255.255.252.0
ABR(config-router)# area 0 range 10.1.0.0 255.255.252.0
![Page 172: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/172.jpg)
173
OSPF Commands—Router
All routers in the area must be configured as stub
Add no-summary at the ABR and the area becomes totally stubby
Area 1 Area 0
ABR
area stub
RTR(config-router)# area 1 stubABR(config-router)# area 1 stub [no summary]
![Page 173: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/173.jpg)
174
OSPF Commands—Router
All routers in the area must be configured as NSSA
Add no-summary at the ABR and the area becomes totally stubby NSSA
Area 0
RTR(config-router)# area 1 nssaABR(config-router)# area 1 nssa [no summary]
ABR
RIP Domain
ASBR
Area 1
area nssa
![Page 174: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/174.jpg)
175
OSPF Commands—Router
Area 0Area 1Transit
AreaArea 51
Virtual Link
Rtr ARID=10.10.254.254
Rtr BRID = 10.11.254.254
Rtr A Rtr B
router ospf 1 router ospf 1 area 1 virtual-link 10.11.254.254 area 1 virtual-link 10.10.254.254
area virtual-link
![Page 175: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/175.jpg)
176
OSPF Commands—Router
Designate neighbors on non-broadcast networks
Must be the primary address of the neighbor’s interface
RTR(config-router)# neighbor ip-address [additional optional
keywords]
neighbor
Frame Relayor
X.25
![Page 176: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/176.jpg)
177
Commands—Interface
Pvcs Can Be on Same Subnet or on Different SubnetsPractice and Understand the Effect of OSPF Network Types
RTR(config-if)# ip ospf network point-to-multipoint (Hello = 30, Dead = 120)RTR(config-if)# ip ospf network point-to-point (Hello = 10, Dead = 40)RTR(config-if)# ip ospf network broadcast (Hello = 10, Dead = 40)
Non-Broadcast Multi-Access (NBMA) Network
Frame Relayor
X.25
![Page 177: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/177.jpg)
178
OSPF Commands—Interface
OSPF interfaces have a cost equal toref-bw / bandwidth (defined by the bandwidth statement)
ref-bw = 100,000,000 by defaultFastEthernet = 100,000,000 / 100,000,000 = 1Ethernet = 100,000,000 / 10,000,000 = 10T1 = 100,000,000 / 1,544,000 = 64
The auto-cost command is used to change the reference value, which changes the cost of every OSPF interface on the router
Rtr(config-router)#auto-cost reference-bandwidth ref-bw
ref-bw <1-4294967> in Mbits per second
auto-cost
![Page 178: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/178.jpg)
179
OSPF Commands—Interface
ip ospf cost interface-cost
Specify the cost of sending a packet on the interface
ip ospf hello-interval seconds
Specify the interval between hello packets sent on the interface
ip ospf dead-interval seconds
Specify the interval during which at least one hello packet is received before declaring the neighbor down
The default dead-interval is the hello-interval * 4
ip ospf priority
Set the router priority for DR / BDR selection (highest wins)
ip ospf keyword(s)
![Page 179: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/179.jpg)
180
OSPF Commands—Security
Authentication requires router and/or interface commands; the router command is used to enable authentication for an area and the interface command is used to enable authentication on an interface and set the authentication password
Area 0
Rtr A Rtr BS0 S0
Rtr A Rtr Binterface serial 0 interface serial 0 ip ospf authentication ip ospf authentication ip ospf authentication-key cisco ip ospf authentication-key cisco! !router ospf 1 router ospf 1 area 0 authentication area 0 authentication
Authentication—Clear Text
![Page 180: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/180.jpg)
181
OSPF Commands—Security
Rtr A Rtr Binterface serial 0 interface serial 0 ip ospf authentication message-digest ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco ip ospf message-digest-key 1 md5 cisco! !router ospf 1 router ospf 1 area 0 authentication message-digest area 0 authentication message-digest
Authentication—Message Digest
Area 0
Rtr A Rtr BS0 S0
![Page 181: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/181.jpg)
182
OSPF Commands—Security
Area 0Area 1Transit
AreaArea 51
Virtual Link
Rtr ARID=130.10.254.254
Rtr BRID = 130.11.254.254
Rtr Arouter ospf 1 area 1 virtual-link 130.11.254.254 authentication-key cisco area 0 authentication
Rtr Brouter ospf 1 area 1 virtual-link 130.10.254.254 authentication-key cisco area 0 authentication
Authentication—Clear Text—Virtual Link
![Page 182: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/182.jpg)
183
OSPF Commands—Security
Interface
ip ospf authenticationip ospf authentication-key password
ip ospf authentication message-digestip ospf message-digest key-id md5 password
ip ospf authentication null
Virtual Link
area area-id virtual-link router-id authentication authentication-key password
area area-id virtual link router-id authentication message–digestarea area-id virtual link router-id message-digest-key key-id md5 password
area area-id virtual-link router-id authentication null
Authentication—Can Be Applied per Interface or Virtual Link
![Page 183: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/183.jpg)
184
OSPF Commands—Monitoring
Show ip ospf Neighbor
Neighbor ID Pri State Dead Time Address Interface
10.1.1.254 1 2WAY/DROTHER 00:00:35 10.1.2.1 Ethernet0
10.1.3.254 1 FULL/BDR 00:00:39 10.1.2.2 Ethernet0
10.1.4.254 1 FULL/DR 00:00:37 10.1.2.3 Ethernet0
10.1.5.254 1 FULL/--- 00:00:36 10.1.6.1 Serial0
Show IP OSPF Neighbor
DR BDR DROTHER DROTHER
![Page 184: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/184.jpg)
185
OSPF Commands—Monitoring
DR BDR DROTHER DROTHER
RTR# show ip ospf interface s0/0 Internet Address 10.255.255.201/30, Area 0 Process ID 1, Router ID 10.255.254.3, Network Type NON_BROADCAST, Cost: 400 Transmit Delay is 1 sec, State BDR, Priority 1 Designated Router (ID) 10.255.254.4, Interface address 10.255.255.202 Backup Designated router (ID) 10.255.254.3, Interface address 10.255.255.201 Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5 Hello due in 00:00:14 Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 1, maximum is 3 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor 10.255.254.4 (Designated Router) Suppress hello for 0 neighbor(s)
show ip ospf interface
![Page 185: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/185.jpg)
186
OSPF
Review
Dealing with NBMA
Commands
Preparing for OSPF
![Page 186: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/186.jpg)
187
Preparation Suggestions
Practice every OSPF command
Both Rtr(config-router)# & Rtr(config-if)# commands
Practice OSPF over Frame Relay
Point-to-point, point-to-multipoint, broadcast, non-broadcast
DR & BDR, Wildcard masks
Virtual link
Authentication
Redistribution and route feedback filtering
VERIFY YOUR CONFIGURATION WITH SH CMD!
![Page 187: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/187.jpg)
188
OSPF Sample Lab Question Area 0 covers the serial link
between R1 and R4.
Area 1 covers the serial link between R1 and R2.
Area 2 covers VLAN_C. Frame Relay
FrameRelay
R2
R1
R4
OSPF Backbone
OSPF Area 1
OSPF Area 2
VLAN_C
Verification
R1#show ip ospf virtual-link
Virtual Link OSPF_VL0 to router 2.2.2.2 is up
<…>
R1#show ip route ospf
##.0.0.0/8 is variably subnetted, 19 subnets, 4 masks
O IA 1.1.20.0/24 ... Serial0/0/0
O IA 1.1.40.0/24 ... Serial0/0/1
![Page 188: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/188.jpg)
189
References
Cisco OSPF Command and Configuration Handbook, William R. Parkhurst, Cisco Press
OSPF Network Design Solutions, Thomas M. Thomas, Cisco Press
Cisco Documentation
![Page 189: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/189.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 190
Q and A
![Page 190: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/190.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 191
Route Distribution
![Page 191: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/191.jpg)
192
Metrics
Be aware of metric requirements going from one protocol to another
RIP metric is a value from 1–16
OSPF metric is from 1–65535
EIGRP uses a composite metric based on
bandwidth, delay, reliability, load, & MTU
Two ways to specify a metric
In the redistribution statement
config-router)# redistribute rip subnets metric 10
or specify a default metric
config-router)# redistribute rip subnets
config-router)# default-metric 10
![Page 192: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/192.jpg)
193
Assigning Metrics
You can include a default metric command as a precaution unless specifically told not to
router ospf 1network 10.1.0.0 0.0.255.255 area 0.0.0.0 redistribute rip subnetsredistribute eigrp 100 metric 10Default-metric 120
router eigrp 100network 172.16.0.0 0.0.255.255 redistribute ospf 1Default-metric 10000 100 255 1 1500
router ripnetwork 192.168.1.0 redistribute eigrp 100Default-metric 1
Note: when routes are redistributed into OSPF, only routes that are not subnetted are redistributed if the subnets keyword is not specified
![Page 193: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/193.jpg)
194
Assigning Metrics
OSPF 1
EIGRP 100
RIP
Redistribute OSPF and EIGRP into RIP;Assign Assign all routes a Metric (hop count) of 2
router rip redistribute ospf 1 redistribute eigrp 3 default-metric 2
Redistribute OSPFand EIGRP into RIP; Assign OSPF routes a metric (hop count) of 1 and EIGRP routes a metric of 2
router rip redistribute ospf 1 metric 1 redistribute eigrp 3 default-metric 2
![Page 194: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/194.jpg)
195
Redistribute OSPF and EIGRP into RIP;Assign OSPF routes 172.16.0.0/16 a metric(hop count) of 1, all other OSPF routes ametric of 3; all EIGRP routes a metric of 2
router rip redistribute ospf 1 route-map ospfmetric redistribute eigrp 100 default-metric 2
route-map ospfmetric permit 10 match ip address 1 set metric 1route-map ospfmetric permit 20 set metric 3
access-list 1 permit 172.16.0.0 0.0.255.255
Route RedistributionRoute Maps
OSPF 1
EIGRP 100
RIP
![Page 195: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/195.jpg)
196
Route Maps
Redistribute OSPF and EIGRP into RIP;block redistribution of OSPF routes 172.16.0.0/16, all other OSPF routes are redistributed with a metric of 3, EIGRP routes with a metric of 2
router rip redistribute ospf 1 route-map ospfmetric redistribute eigrp 100 default-metric 2
route-map ospfmetric deny 10 match ip address 1route-map ospfmetric permit 20 set metric 3
access-list 1 permit 172.16.0.0 0.0.255.255
Route Redistribution
OSPF 1
EIGRP 100
RIP
![Page 196: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/196.jpg)
197
R&S Lab Exam: Sample Topology
R1
R5
R4
R3
R2
Frame Relay
SW1
SW2
FA0/0-10.11/24 S0/0-11.1/24 S0/0-11.2/24
FA0/0-33.1/24
FA0/0-50.1/24
FA0/0-50.1/24
FA0/0-22.1/24
FA0/0-22.5/24
Lo0-1.1/24Lo1-172.16.1.1Lo2-172.16.2.2Lo3-172.16.3.3Lo4-172.16.4.4
Lo0-2.2/24
Lo0-5.5/24
R6 Lo0-4.4/24
Network Addressing 125.10.0.0
Frame Relay
![Page 197: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/197.jpg)
198
R&S Lab Exam: Sample Question
Configure RIPv2 on R1, R2, and R5
Redistribute between RIP and OSPF on R5
All routes should be visible on all routers
Score: 2 Points
Section: 2.5 RIP
![Page 198: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/198.jpg)
199
R&S Lab Exam: Sample Answer
R4 must have all routes on its routing tableR4#show ip route <-> 172.16.0.0/24 is subnetted, 4 subnetsO E2 172.16.4.0 [110/20] via 125.10.50.1, 22:34:38, Ethernet0/0O E2 172.16.1.0 [110/20] via 125.10.50.1, 22:36:03, Ethernet0/0O E2 172.16.2.0 [110/20] via 125.10.50.1, 22:36:03, Ethernet0/0O E2 172.16.3.0 [110/20] via 125.10.50.1, 22:34:58, Ethernet0/0 125.0.0.0/8 is variably subnetted, 8 subnets, 2 masksC 125.10.50.0/24 is directly connected, Ethernet0/0O E2 125.10.22.0/24 [110/20] via 125.10.50.1, 22:44:39, Ethernet0/0C 125.10.4.0/24 is directly connected, Loopback0O E2 125.10.2.0/24 [110/20] via 125.10.50.1, 22:44:40, Ethernet0/0O E2 125.10.1.0/24 [110/20] via 125.10.50.1, 22:44:40, Ethernet0/0O 125.10.5.5/32 [110/11] via 125.10.50.1, 22:44:40, Ethernet0/0O E2 125.10.11.0/24 [110/20] via 125.10.50.1, 22:44:40, Ethernet0/0O E2 125.10.10.0/24 [110/20] via 125.10.50.1, 22:44:44, Ethernet0/0R4#
Verification—1
![Page 199: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/199.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 200
Session 5:
IP Version 6
![Page 200: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/200.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 201
IPv6 Addressing, Header and Basic
![Page 201: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/201.jpg)
202
IPv6 Addressing
232 = 4,294,967,296
2128 = 340,282,366,920,938,463,463,374,607,431,768,211,456
2128 = 332 * 296
IPv4 32-bits
IPv6 128-bits
![Page 202: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/202.jpg)
203
IPv6 Addressing
16-bit hexadecimal numbers
Numbers are separated by (:)
Hex numbers are not case-sensitive
Example:
2003:0000:130F:0000:0000:087C:876B:140B
Representation
![Page 203: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/203.jpg)
204
IPv6 Address Representation
16-bit fields in case-insensitive colon hexadecimal representation
2031:0000:130F:0000:0000:09C0:876A:130B
Leading zeros in a field are optional
2031:0:130F:0:0:9C0:876A:130B
Successive fields of 0 represented as (::), but only once in an address
2031:0:130F::9C0:876A:130B
2031::130F::9C0:876A:130B not valid!
![Page 204: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/204.jpg)
205
IPv6 Addressing
Representation of prefix is just like CIDR
In this representation you attach the prefix length
IPv4 address: 198.10.0.0/16
IPv6 address: 3ef8:ca62:12FE::/48
Prefix Representation
![Page 205: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/205.jpg)
206
IPv6 Address Range Reserved or Assigned
2000::/3 (001) is for aggregatable global unicast addresses
FE80::/10 (1111 1110 10) for link-local
FEC0::/10 (1111 1110 11 ) for site-local
FF00::/8 (1111 1111) is for multicast
::/8 is reserved for the “unspecified address”
Other values are currently unassigned (approx. 7/8 of total)
Site-Local Address Deprecated in RFC 3879
Of the Full Address Space
![Page 206: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/206.jpg)
207
Unicast
Unicast addresses are used in a one-to-one context
IPv6 unicast addresses are
Unspecified, loopback, IPv4 mapped, and IPv4 compatible
Link-local
Site-local (deprecated)
Unique-local (IETF draft)
Aggregatable global unicast
![Page 207: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/207.jpg)
208
IPv6 Address Representation
IPv4 mapped
0:0:0:0:0::FFFF:IPv4 = ::FFFF:IPv4
0:0:0:0:0:FFFF:192.168.30.1 = ::FFFF:C0A8:1E01
IPv4 compatible
0:0:0:0:0:0:IPv4 = ::IPv4
0:0:0:0:0:0:192.168.30.1 = ::192.168.30.1 = ::C0A8:1E01
![Page 208: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/208.jpg)
209
FFFF
IPv4 Mapped Addresses
IPv6 application asks DNS for the address of a host
Host is IPv4 only
DNS creates IPv4 mapped address
Kernal uses IPv4 communication
0
32 bits80 bits
0:0:0:0:0:FFFF:192.168.30.1
= ::FFFF:192.168.30.1
= ::FFFF:C0A8:1E01
IPv4 Address
![Page 209: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/209.jpg)
210
IPv4-Compatible Addresses
IPv4 compatible address
Is a way to insert the IPv4 address into an IPv6 address
Enables easy automatic tunneling
96 bits 32 bits
0:0:0:0:0:0:192.168.30.1
= ::192.168.30.1
= ::C0A8:1E01
IPv4 Address0
![Page 210: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/210.jpg)
211
IPv6 Address Representation
Loopback address representation
0:0:0:0:0:0:0:1=> ::1
Same as 127.0.0.1 in IPv4
Identifies self
Unspecified address representation
0:0:0:0:0:0:0:0=> ::
Used as a placeholder when no address available
(Initial DHCP request, Duplicate Address Detection DAD)
![Page 211: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/211.jpg)
212
IPv6 Addressing
IPv6 addressing rules are covered by multiple RFCs
Architecture defined by RFC 3513
Address types are
Unicast: One to one (global, link local, compatible)
Anycast: One to nearest (allocated from unicast)
Multicast: One to many
Reserved
A single interface may be assigned multiple IPv6 addresses of any type (unicast, anycast, multicast)
No broadcast address use multicast
![Page 212: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/212.jpg)
213
3
Interface IDSubnet
Aggregatable Global Unicast Addresses
Aggregatable global unicast addresses are
Addresses for generic use of IPv6
Structured as a hierarchy to keep the aggregation
See RFC 3513
64 bits45 bits 16 bits
Provider
LANPrefix Host
001
Global Routing Prefix
![Page 213: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/213.jpg)
214
Link-local addresses
Have a limited scope of the link
Are automatically configured with the interface ID
Link-Local
Interface ID0
128 bits
10 bits
64 bits1111 1110 10
FE80::/10
![Page 214: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/214.jpg)
215
2001::4:
Link-Local
Aggregatable Address
FE80:0:0:0
Link-Local Address204:9AFF:FEAC:7D80
204:9AFF:FEAC:7D80
![Page 215: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/215.jpg)
216
Aggregatable Global Unicast Addresses
Lowest-order 64-bit field of unicast addresses may be assigned in several different ways
Auto-configured from a 64-bit EUI-64, or expanded from a 48-bit MAC address (e.g. Ethernet address)
Auto-generated pseudo-random number (to address privacy concerns)
Assigned via DHCP
Manually configured
![Page 216: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/216.jpg)
217
Aggregatable Global Unicast Addresses
Use the EUI-64 format for stateless auto-configuration
This format expands the 48-bit MAC address to 64 bits by inserting FFFE into the middle 16 bits
To make sure that the chosen address is from a unique Ethernet MAC address, the universal/local (“u” bit) is set to 1 for global scope and 0 for local scope
![Page 217: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/217.jpg)
218
00 90 27 17 FC 0F
00 90 27 17 FC 0F
EUI-64
EUI-64 address is formed by inserting “FFFE” and ORing a bit identifying the uniqueness of the MAC address
00 90 27
02 90 27
17 FC 0F
17 FC 0F
000000X0 Where X=1 = Unique
0 = Not UniqueX = 1
Ethernet MAC Address (48 bits)
64-bit Version
Uniqueness of the MAC
EUI-64 Address FF FE
FF FE
FF FE
![Page 218: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/218.jpg)
219
Anycast
Anycast allows a source node to transmit IP datagrams to a single destination node out of a group of destination nodes with same subnet ID based on the routing metrics
![Page 219: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/219.jpg)
220
Anycast
Is one-to-nearest type of address
Has a current limited use
Anycast Address
111111X111111… 111Prefix
128 bits
7 bits
Anycast ID0 If EUI-64 Format
1 If Non-EUI-64 FormatX =
![Page 220: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/220.jpg)
221
Multicast is used in the context of one-to-many; a multicast scope is new in IPv6
Multicast
Multicast Group ID0
1111 1111
8 bits
Flag
8 bits
ScopeFFFlag =
0 If Permanent
1 If Temporary
Scope =
1 = Node
2 = Link
5 = Site (Deprecated)
8 = Organization
E = Global
128 bits
![Page 221: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/221.jpg)
222
Multicast Mapping over Ethernet
Mapping of IPv6 multicast address to Ethernet address is
33:33:<last 32 bits of the IPv6 multicast address>
IPv6 Multicast Address
Corresponding Ethernet Address
Multicast Prefix for Ethernet
Multicast
FF17 FC0F
FF 17 FC 0F33 33
FF02 0000 0000 0000 0000 0001
![Page 222: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/222.jpg)
223
Expanded Address Space
Address Scope Meaning
FF01::1 Node-Local All Nodes
FF02::1 Link-Local All Nodes
FF01::2 Node-Local All Routers
FF02::2 Link-Local All Routers
FF05::2 Site-Local (Deprecated) All Routers
FF02::1:FFXX:XXXX Link-Local Solicited-Node
Multicast Assigned Addresses (RFC 3306)
![Page 223: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/223.jpg)
224
IPv4 and IPv6 Header Comparison
Version HLType of Service
Total Length
Identification FlagsFragment
Offset
Time to Live Protocol Header Checksum
Source Address
Destination Address
Options Padding
VersionTraffic Class
Flow Label
Payload LengthNext
HeaderHop Limit
Source Address
Destination Address
IPv4 Header IPv6 Header
Field’s Name Kept from IPv4 to IPv6
Fields Not Kept in IPv6
Name and Position Changed in IPv6
New Field in IPv6
![Page 224: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/224.jpg)
225
IPv4 and IPv6 Header Comparison
Version: A 4-bit field that contains the number 6 instead of 4 Version Traffic Class Flow Label
Payload Length Next HeaderHop Limit
Source Address
Destination Address
IPv6 Header
![Page 225: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/225.jpg)
226
IPv4 and IPv6 Header ComparisonFields Renamed
Traffic Class: An 8-bit field that is similar to the TOS field in IPv4
It tags the Packet® with a traffic class that can be used in differentiated services
These functionalities are the same as in IPv4
IPv6 Header
VersionTraffic Class
Flow Label
Payload Length Next HeaderHop Limit
Source Address
Destination Address
![Page 226: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/226.jpg)
227
Version Traffic Class Flow Label
Payload Length Next HeaderHop Limit
Source Address
Destination Address
IPv4 and IPv6 Header Comparison Fields Renamed
Payload Length: This is similar to the total length in IPv4, except it does not include the 40-byte header
IPv6 Header
![Page 227: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/227.jpg)
228
IPv4 and IPv6 Header Comparison Fields Renamed
Hop Limit: Like TTL field, decrements by one for each router
IPv6 Header
Version Traffic Class Flow Label
Payload Length Next HeaderHop Limit
Source Address
Destination Address
![Page 228: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/228.jpg)
229
Version Traffic Class Flow Label
Payload LengthNext
HeaderHop Limit
Source Address
Destination Address
IPv4 and IPv6 Header Comparison Fields Renamed
Next Header: Similar to the protocol field in IPv4
The value in this field tells you what type of information follows
e.g. TCP, UDP, extension header
IPv6 Header
![Page 229: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/229.jpg)
230
Version HL Type of Service
Total Length
Identification FlagsFragment
Offset
Time to Live Protocol Header Checksum
Source Address
Destination Address
Options Padding
IPv4 and IPv6 Header ComparisonFields Removed
Header Length: IPv6 has a fixed header length (40 bytes)
IPv4 Header
![Page 230: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/230.jpg)
231
IPv4 and IPv6 Header ComparisonFields Removed
Fragmentation: IPv6 does not do fragmentation
If a sending host wants to do fragmentation, it will do it through extension headers
IPv4 Header
Version HLType of Service
Total Length
Identification FlagsFragment
Offset
Time to Live Protocol Header Checksum
Source Address
Destination Address
Options Padding
![Page 231: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/231.jpg)
232
IPv4 and IPv6 Header ComparisonFields Removed
Identification: Used to identify the datagram from the source
No fragmentation is done in IPv6 so no need for identification, also no need for flags
IPv4 Header
Version HLType of Service
Total Length
Identification FlagsFragment
Offset
Time to Live Protocol Header Checksum
Source Address
Destination Address
Options Padding
![Page 232: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/232.jpg)
233
IPv4 and IPv6 Header ComparisonFields Removed
Checksum not needed because both media access and upper layer protocol (UDP and TCP) have the checksum; IP is best-effort, plus removing checksum helps expedite Packet processing
IPv4 Header
Version HLType of Service
Total Length
Identification FlagsFragment
Offset
Time to Live ProtocolHeader
Checksum
Source Address
Destination Address
Options Padding
![Page 233: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/233.jpg)
234
IPv4 and IPv6 Header Comparison Fields Added
20-bit flow label field to identify specific flows needing special QoS
Each source chooses its own flow label values; routers use source addr + flow label to identify distinct flows
Flow label value of 0 used when no special QoS requested (the common case today)
IPv6 Header
Version Traffic Class Flow Label
Payload Length Next HeaderHop Limit
Source Address
Destination Address
RFC 3697
![Page 234: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/234.jpg)
235
Extension Headers
Extension Headers Are Daisy Chained
TCP Header+ Data
IPv6 HeaderNext Header = Routing
Routing HeaderNext Header = TCP
TCP Header+ Data
IPv6 HeaderNext Header = TCP
IPv6 HeaderNext Header = Routing
Routing HeaderNext Header = Destination
Destination HeaderNext Header = TCP
Fragment of TCP Header+ Data
![Page 235: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/235.jpg)
236
Header Format Simplification IPv6 Extension Headers
Next Header = TCP/UDP or extension header
Extension headers are optional following the IPv6 basic header
Each extension header is 8 octets (64 bits) aligned
IPv6 Basic Header (40 Octets)
Any Number of Extension Headers
Data (Ex. TCP or UDP)
IPv6 Packet
Ext Hdr Data
Ext Hdr LengthNext Header
![Page 236: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/236.jpg)
237
Upper Layer HeaderUser Datagram Protocol (Protocol 17)
Upper layer (UDP, TCP, ICMPv6) checksum must be computed These are the typical headers used inside a Packet to transport data This could be UDP (Protocol 17), TCP (Protocol 6), or ICMPv6
(Protocol 58)
UDP Packet
IPv6 Basic Header (40 Octets)
Any Number of Extension Headers
Data (UDP)
IPv6 Packet
Source Port Destination Port
UDP Data Portion
Length UDP Checksum
![Page 237: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/237.jpg)
238
Upper Layer HeaderICMPv6 (Protocol 58)
ICMPv6 is similar to IPv4: provides diagnostic and error messages
Additionally, it’s used for neighbor discovery, path MTU discovery, and Mcast listener discovery (MLD)
ICMv6 Packet
IPv6 Basic Header
ICMPv6 Packet
ICMPv6 Data
ICMPv6 CodeICMPv6 Type Checksum
![Page 238: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/238.jpg)
239
Header Format Simplification Path MTU Discovery
DefinitionsLink MTU is link’s maximum transmission unitPath MTU is the minimum MTU of all the links in a path between a source and a destination
Minimum link MTU for IPv6 is 1280 octets (68 octets for IPv4)
On links with MTU < 1280, link-specific fragmentation and reassembly must be used
Implementations are expected to perform path MTU discovery to send Packets bigger than 1280 octets
For each destination, start by assuming MTU of first-hop linkIf a Packet reaches a link in which it cannot fit, will invoke ICMP “Packet too big” message to source, reporting the link’s MTU; MTU is cached by source for specific destination
![Page 239: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/239.jpg)
240
Header Format Simplification Path MTU Discovery
Minimum Link MTU for IPv6 is 1280 Octets (Versus 68 Octets for IPv4)
Source Destination
MTU = 1500
MTU = 1500
MTU = 1400
MTU = 1300
Packet with MTU=1500
ICMP Error: Packet Too Big Use MTU = 1400
Packet with MTU=1400
ICMP Error: Packet Too Big Use MTU = 1300
Packet with MTU=1300
Packet ReceivedPath MTU = 1300
![Page 240: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/240.jpg)
241
Header Format SimplificationNeighbor Discovery (RFC 2463)
Uses ICMP messages and solicited-node multicast addresses
Determines the link-layer address of a neighbor on the same link
Finds neighbor routers Verifies the reachability of neighbors Comprised of different message types:
Neighbor Solicitation (NS)/Neighbor Advertisement (NA)
Router Solicitation (RS)/Router Advertisement (RA)
Redirect
Renumbering
Protocol Built on Top of ICMPv6 (RFC 2463) Combination of IPv4 Protocols (ARP, ICMP, IGMP, etc.)
![Page 241: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/241.jpg)
242
Solicited-Node Multicast Address
For each unicast and anycast address configured, there is a corresponding solicited-node multicast
This address has link-local significance only
This is specially used for two purposes: for the replacement of ARP, and DAD
![Page 242: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/242.jpg)
243
Solicited-Node Multicast Address
FF02:0000:0000:0000:0000:0001:FF00:0000/104
FF02::1:FF00:0000/104
Gets the lower 24 bits from the unicast address
![Page 243: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/243.jpg)
244
Solicited-Node Multicast Address
A solicited-node address is:
A multicast address with a link-local scope
Formed by a prefix and the right-most 24 bits of the aggregatable address
128 bits
Prefix
Aggregatable Address
Solicited-Node Multicast Address
FFFF02 Lower 240 1
24 bits
Interface ID
![Page 244: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/244.jpg)
245
Solicited-Node Multicast Address
24 bits
2001:DB8:0:4:
Aggregatable Address 2001:DB8:0:4:204:98FF:FEAC:7D80
Solicited-Node Multicast Address FF02::1:FFAC:7D80
FFFF02 0 1 AC7D80
AC:7D80204:9AFF:FE
![Page 245: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/245.jpg)
246
Neighbor Solicitation and Advertisement
Neighbor Solicitation:ICMP type = 135 Src = A Dst = Solicited-node multicast address of BData = Link-layer address of A Query = What is your link-layer address?
A B
Neighbor Advertisement:ICMP type = 136 Src = B Dst = A Data = Link-layer address of B
A and B Can Now Exchange Packets on This Link
![Page 246: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/246.jpg)
247
At Boot Time, an IPv6 Host Builds a Link-Local Address,
Then Its Global IPv6 Address(es) from RA
RA Indicates Subnet PrefixAdvertised
IPv6 Auto-Configuration
Stateless (RFC2462)
Router solicitations are sent by booting nodes to request RAs for configuring the interfaces
Host autonomously configures its own link-local address
Stateful
DHCPv6
SUBNET PREFIX + MAC ADDRESS
SUBNET PREFIX + MAC ADDRESS
Subnet Prefix Received + MAC
Address
Subnet Prefix Received + MAC
Address
RA: Router Advertisement
![Page 247: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/247.jpg)
248
IPv6 Auto-Configuration
Host renumbering is done by modifying the RA to announce the old prefix with a short lifetime and the new prefix
Router renumbering protocol (RFC 2894), to allow domain-interior routers to learn of prefix introduction/withdrawal
Renumbering
![Page 248: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/248.jpg)
249
Stateless Auto-Configuration
1. ICMP Type = 133 (RS)
Src = Link-local address (FE80::/10)
Dst = All-routers multicast address (FF02::2)
Query = please send RA
2. RA1. RS
2. ICMP Type = 134 (RA)
Src = Link-local address (FE80::/10)
Dst = All-nodes multicast address (FF02::1)
Data = options, subnet prefix, lifetime, autoconfig flag
Router solicitations (RS) are sent by booting nodes to request RAs for configuring the interfaces
![Page 249: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/249.jpg)
250
Duplicate Address Detection (DAD)
1. Host A boots up and assigns itself
LINK LOCAL ADDRESS (FF80::/10)
2. Host A sends RS (ICMP Type 133)
3. Host A receives RA (ICMP Type 134) with subnet prefix (2001:DB8:410:1/64)
A BRS
RA
![Page 250: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/250.jpg)
251
Duplicate Address Detection (DAD)
Host A wants to assign itself a unique global unicast address 2001:DB8:0410:1::34:123A
Before it does that, it sends out a DAD request to all nodes on the link
NS
A B
![Page 251: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/251.jpg)
252
Duplicate Address Detection (DAD)
4. Host A sends NS (ICMP Type 135) with
Source address (::)
Destination address FF02::1:FF34:123A (solicited-node Mcast address for 2001:DB8:0410:1::34:123A )
5. If Host A does not receive a reply back, it will assign itself 2001:DB8:0410:1::34:123A
NS
A B
![Page 252: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/252.jpg)
253
Redirect
Redirect is used by a router to signal the reroute of a Packet to a better router
Redirect:Src = R2Dst = AData = good router = R12001:DB8:C18:2::/64
R1
R2A B
Src = A Dst IP = 2001:DB8:C18:2::1 Dst Ethernet = R2 (default router)
![Page 253: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/253.jpg)
254
Renumbering
Renumbering—modify the RA to announce the old prefix with a short lifetime and the new prefix
RA
RA Packet definitions:ICMP Type = 138Src = Router link-local addressDst = All-nodes multicast addressData= 2 prefixes:
Current prefix (to be deprecated) with short lifetimeNew prefix (to be used) with normal lifetime
![Page 254: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/254.jpg)
255
Enabling IPv6
To enable IPv6 on a Cisco router, you must
Enable IPv6 traffic forwarding
ipv6 unicast-routing
Enable IPv6 on the interface(s) by configuring an IPv6 address on the interface
ipv6 address <ipv6addr>[/<prefix-length>]
ipv6 enable (can be used, but only for link-local addresses)
![Page 255: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/255.jpg)
256
Cisco IOS Address Configuration
ipv6 address
Enables IPv6 on the interface
Configures the interface link-local and global IPv6 addresses
Syntax:
ipv6 address <ipv6addr>[/<prefix-length>] [link-local]
ipv6 address <ipv6prefix>/<prefix-length> eui-64
ipv6 unnumbered <interface>
ipv6 enable
![Page 256: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/256.jpg)
257
ipv6 unicast-routing
interface Ethernet0/0 ipv6 enable
IPv6 Address Configuration Link Local
MAC address: 0004:9AAC:7D80
router#show ipv6 interface Ethernet 0/0Ethernet0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::204:9AFF:FEAC:7D80 No global unicast address is configured Joined group address(es): FF02::1 (All Nodes Link Local) FF02::2 (All Routers Link Local) FF02::1:FFAC:7D80 (Solicited-Node Multicast) MTU is 1500 bytes
r1#show interface ethernet 0/0Ethernet0/0 is up, line protocol is up Hardware is AmdP2, address is 0004.9aac.7d80 (bia 0004.9aac.7d80)
Ethernet0/0
![Page 257: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/257.jpg)
258
IPv6 Address Configuration Ethernet EUI-64
Ethernet0/0
router# show ipv6 interface Ethernet0/0Ethernet0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::204:9AFF:FEAC:7D80 Global unicast address(es): 2001:DB8:0:4:204:9AFF:FEAC:7D80, subnet is 2001:DB8:0:4::/64 Joined group address(es): FF02::1 FF02::2 FF02::1:FFAC:7D80 MTU is 1500 bytes
ipv6 unicast-routing
interface Ethernet0/0 ipv6 address 2001:DB8:0:4::/64 eui-64
Link-Local Automatically Configured
LAN: 2001:DB8:0:4::/64
MAC address: 0004:9AAC:7D80
![Page 258: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/258.jpg)
259
IPv6 Address ConfigurationEthernet (No EUI-64)
LAN: 2001:DB8:0:4::/64
ipv6 unicast-routing
interface Ethernet0/0 ipv6 address 2001:DB8:0:4:1:2:3:4/64
Ethernet0/0
MAC address: 0004:9AAC:7D80
router# show ipv6 interface Ethernet0/0Ethernet0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::204:9AFF:FEAC:7D80 Global unicast address(es): 2001:DB8:0:4:1:2:3:4, subnet is 2001:DB8:0:4::/64 Joined group address(es): FF02::1 FF02::2
FF02::1:FF03:4 FF02::1:FFAC:7D80 MTU is 1500 bytes
![Page 259: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/259.jpg)
260
R1ipv6 unicast-routing
interface Serial0/0 encapsulation frame-relay ipv6 address 2001:DB8:0:1:1:2:3:1/126 frame-relay map ipv6 FE80::204:C1FF:FE09:1DA1 102 broadcast frame-relay map ipv6 2001:DB8:0:1:1:2:3:2 102 broadcast no frame-relay inverse-arp
R2ipv6 unicast-routing
interface Serial0/0 encapsulation frame-relay ipv6 address 2001::1:1:2:3:2/126 frame-relay map ipv6 FE80::204:9AFF:FEAC:7D80 201 broadcast frame-relay map ipv6 2001:DB8:0:1:1:2:3:1 201 broadcast no frame-relay inverse-arp
IPv6 Address ConfigurationFrame Relay
R1 R2
S0/0 S0/02001:DB8:0:1:1:2:3:0/126
![Page 260: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/260.jpg)
261
R1r1#show ipv6 interface serial 0/0Serial0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::204:C1FF:FE09:1DA1 Global unicast address(es): 2001:DB8:0:1:1:2:3:1, subnet is 2001:DB8:0:1:1:2:3:0/126 Joined group address(es): FF02::1 FF02::2 FF02::9 FF02::1:FF03:2 FF02::1:FF09:1DA1 MTU is 1500 bytes
IPv6 Address Configuration Frame Relay
E0/0 MAC address: 0004:C109:1DA1
R1 R2
S0/0 S0/02001:DB8:0:1:1:2:3:0/126
E0/0
![Page 261: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/261.jpg)
262
r1#ping fe80::204:9aff:feac:7d80Output Interface: serial0/0Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to FE80::204:9AFF:FEAC:7D80, timeout is 2 seconds:Packet sent with a source address of FE80::204:C1FF:FE09:1DA1!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/32 ms
r1#ping 2001:DB8:0:1:1:2:3:2
Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 2001:DB8:0:1:1:2:3:2, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/4 ms
IPv6 Address Configuration Verification
R1 R2
S0/0 S0/02001:DB8:0:1:1:2:3:0/126
E0/0
![Page 262: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/262.jpg)
263
Cisco IOS Neighbor Discovery Parameters
Router Advertisements
Default router
IPv6 network prefix
Lifetime of advertisementAutoconfiguring IPv6 Hosts
![Page 263: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/263.jpg)
264
Cisco IOS Neighbor Discovery Command Syntax
ipv6 nd prefix-advertisement <routing-refix>/<length> <valid-lifetime> <preferred-lifetime> [onlink] [autoconfig]
Valid-Lifetime—the amount of time (in seconds) that the specified IPv6 prefix is advertised as being valid
Preferred-Lifetime—the amount of time (in seconds) that the specified IPv6 prefix is advertised as being preferred
Onlink—indicates that the specified prefix is assigned to the link; nodes sending traffic to such addresses that contain the specified prefix consider the destination to be locally reachable on the link
Autoconfig—indicates to hosts on the local link that the specified prefix can be used for IPv6 auto-configuration
![Page 264: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/264.jpg)
265
Configuring Neighbor Discovery
LAN1: 2001:DB8:c18:1::/64
LAN2: 2001:DB8:c18:2::/64
RA
RA
Ethernet0
Ethernet1
Ethernet0
interface Ethernet0 ipv6 nd prefix-advertisement 2001:DB8:c18:1::/64 43200 43200 onlink autoconfig ipv6 nd ra-lifetime 0
interface Ethernet1 ipv6 nd prefix-advertisement 2001:DB8:c18:2::/64 43200 43200 onlink autoconfig
interface Ethernet0 ipv6 nd prefix-advertisement 2001:DB8:c18:1::/64 43200 43200 onlink autoconfig
Router2
Router1
IPv6 Internet
![Page 265: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/265.jpg)
266
Cisco IOS Prefix Renumbering Scenario
Network Prefix: 2001:DB8:c18:1::/64
interface Ethernet0 ipv6 nd prefix-advertisement 2001:DB8:c18:1::/64 43200 43200 onlink autoconfig
preferred address 2001:DB8:c18:1:260:8ff:fede:8fbe
Router Configuration Before Renumbering
Host ConfigurationAuto-Configuring
IPv6 Hosts
Router Advertisements
Network Prefix: 2001:DB8:c18:1::/64
![Page 266: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/266.jpg)
267
deprecated address 2001:DB8:c18:1:260:8ff:fede:8fbepreferred address 2001:DB8:c18:2:260:8ff:fede:8fbe
interface Ethernet0 ipv6 nd prefix-advertisement 2001:DB8:c18:1::/64 43200 0 onlink autoconfig ipv6 nd prefix-advertisement 2001:DB8:c18:2::/64 43200 43200 onlink autoconfig
Cisco IOS Prefix Renumbering Scenario
NEW Network Prefix: 2001:DB8:c18:2::/64Deprecated Prefix: 2001:DB8:c18:1::/64
Host Configuration
Router Advertisements
Router Configuration After Renumbering
Auto-Configuring IPv6 Hosts
![Page 267: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/267.jpg)
268
DHCPv6
Client first detects the presence of routers on the link
If found, then examines router advertisements to determine if DHCP can be used
If no router found or if DHCP can be used, then:
DHCP solicit message is sent to the All-DHCP-agents multicast address
Using the link-local address as the source address
![Page 268: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/268.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 269
OSPFv3 (RFC 2780)
![Page 269: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/269.jpg)
270
Similarities with OSPFv2
OSPFv3 is OSPF for IPv6 (RFC 2740)
Based on OSPFv2, with enhancements
Distributes IPv6 prefixes
Runs directly over IPv6
OSPFv3 and v2 can be run concurrently, because each address family has a separate SPF (ships in the night)
![Page 270: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/270.jpg)
271
Similarities with OSPFv2
OSPFv3 uses the same basic Packet types as OSPFv2, such as hello, database description blocks (DDB), link state request (LSR), link state update (LSU), and link state advertisements (LSA)
Neighbor discovery and adjacency formation mechanism are identical
RFC-compliant NBMA and point-to-multipoint topology modes are supported; also supports other modes from Cisco, such as point-to-point and broadcast, including the interface
LSA flooding and aging mechanisms are identical
![Page 271: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/271.jpg)
272
Differences from OSPFv2
OSPF Packet type
OSPFv3 will have the same five Packet types, but some fields have been changed
All OSPFv3 Packets have a 16-byte header verses the 24-byte header in OSPFv2
Packet Type Description
1 Hello
2 Database Description
3 Link State Request
4 Link State Update
5 Link State Acknowledgement
Version Type Packet Length
Router ID
Area ID
Checksum Autype
Authentication
Authentication
Version Type Packet Length
Router ID
Area ID
Checksum Instance ID 0
![Page 272: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/272.jpg)
273
Differences from OSPFv2
IPv6 connects interfaces to links
Multiple IP subnets can be assigned to a single link
Two nodes can talk directly over a single even if they do not share a common subnet
The terms “network” and “subnet” are being replaced with “link”
An OSPF interface now connects to a link instead of a subnet
OSPFv3 Protocol Processing Per-Link, Not Per-Subnet
![Page 273: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/273.jpg)
274
Differences from OSPFv2
This allows for separate ASes, each running OSPF, to use a common link; single link could belong to multiple areas
Instance ID is a new field that is used to have multiple OSPFv3 protocol instances per link
In order to have two instances talk to each other, they need to have the same instance ID; by default it is 0, and for any additional instance it is increased
Multiple OSPFv3 Protocol Instances Can Now Run Over a Single Link
![Page 274: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/274.jpg)
275
Differences from OSPFv2
Multicast addressesFF02::5—represents all SPF routers on the link-local scope, equivalent to 224.0.0.5 in OSPFv2FF02::6—represents all DR routers on the link-local scope, equivalent to 224.0.0.6 in OSPFv2
Removal of address semanticsIPv6 addresses are no longer present in OSPF Packet header (part of payload information)Router LSA, Network LSA do not carry IPv6 addressesRouter ID, Area ID, and Link State ID remain at 32 bitsDR and BDR are now identified by their Router ID and no longer by their IP address
Security OSPFv3 uses IPv6 AH and ESP extension headers instead of variety of mechanisms defined in OSPFv2
![Page 275: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/275.jpg)
276
OSPFv3 Configuration Example
IPv6 Prefix2001:DB8:101::/48
OSPFArea 0
Loopback 0Subnet 2
Area 1
Loopback 0Subnet 3
Area 51 Subnet 1
S0/0S0/0
A B
![Page 276: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/276.jpg)
277
OSPFv3 Configuration Example
Router A
ipv6 unicast-routing
interface Loopback0 no ip address ipv6 address 2001:DB8:101:3::/64 eui-64 ipv6 ospf 1 area 51
interface Serial0/0 no ip address encapsulation frame-relay ipv6 address 2001:DB8:101:1::/64 eui-64 ipv6 ospf network point-to-point ipv6 ospf 1 area 0 frame-relay map ipv6 FE80::204:9AFF:FE5C:8B41 602 broadcast frame-relay map ipv6 2001:DB8:101:1:204:9AFF:FE5C:8B41 602 broadcast ipv6 router ospf 1 router-id 10.1.1.1
![Page 277: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/277.jpg)
278
OSPFv3 Configuration Example
Router B
ipv6 unicast-routing
interface Loopback0 no ip address ipv6 address 2001:DB8:101:2::/64 eui-64 ipv6 ospf 1 area 1
interface Serial0/0 no ip address encapsulation frame-relay ipv6 address 2001:DB8:101:1::/64 eui-64 ipv6 ospf network point-to-point ipv6 ospf 1 area 0 frame-relay map ipv6 FE80::204:C1FF:FE09:1DA1 206 broadcast frame-relay map ipv6 2001:DB8:101:1:204:C1FF:FE09:1DA1 206 broadcast ipv6 router ospf 1 router-id 10.1.1.2
![Page 278: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/278.jpg)
279
OSPFv3 Verification
rA#show ipv6 route ospfIPv6 Routing Table - 7 entriesCodes: C - Connected, L - Local, S - Static, R - RIP, B - BGP U - Per-user Static route I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2OI 2001:DB8:101:2:204:9AFF:FE5C:8B41/128 [110/64] via FE80::204:9AFF:FE5C:8B41, Serial0/0
ra#show ipv6 ospf neighbor
Neighbor ID Pri State Dead Time Interface ID Interface10.1.1.2 1 FULL/ - 00:00:33 3 Serial0/0
![Page 279: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/279.jpg)
280
OSPFv3 Router Commands
A(config)#ipv6 router ospf 1A(config-rtr)#? area OSPF area parameters auto-cost Calculate OSPF interface cost according to bandwidth compatible OSPF compatibility list default Set a command to its defaults default-information Distribution of default information default-metric Set metric of redistributed routes discard-route Enable or disable discard-route installation distance Administrative distance distribute-list Filter networks in routing updates
![Page 280: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/280.jpg)
281
OSPFv3 Router Commands
exit Exit from IPv6 routing protocol configuration modeignore Do not complain about specific eventlog-adjacency-changes Log changes in adjacency statemaximum-paths Forward packets over multiple pathsno Negate a command or set its defaultspassive-interface Suppress routing updates on an interfaceredistribute Redistribute IPv6 prefixes from another routing protocolrouter-id router-id for this OSPF processsummary-prefix Configure IPv6 summary prefixtimers Adjust routing timers
![Page 281: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/281.jpg)
282
OSPFv3 Router Commands
A(config-rtr)#area 1 ? default-cost Set the summary default-cost of a NSSA/stub area nssa Specify a NSSA area range Summarize routes matching address/mask (border routers only) stub Specify a stub area virtual-link Define a virtual link and its parameters
![Page 282: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/282.jpg)
283
OSPFv3 Interface Commands
r2(config)#int s0/0r2(config-if)#ipv6 ospf ? <1-65535> Process ID cost Interface cost database-filter Filter OSPF LSA during synchronization and flooding dead-interval Interval after which a neighbor is declared dead demand-circuit OSPF demand circuit flood-reduction OSPF Flood Reduction hello-interval Time between HELLO packets mtu-ignore Ignores the MTU in DBD packets neighbor OSPF neighbor network Network type priority Router priority retransmit-interval Time between retransmitting lost link state advertisements transmit-delay Link state transmit delay
![Page 283: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/283.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 284
Q and A
![Page 284: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/284.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 285
Session 6:
IP Routing BGP
![Page 285: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/285.jpg)
286
Topics
Introduction
BGP Path Section
BGP Attributes
Debugging
![Page 286: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/286.jpg)
287
Introduction
What Is BGP?
How Does BGP Work
EBGP and IBGP
What Is a Peer (Neighbor)
![Page 287: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/287.jpg)
288
Configuring BGP
Rtr A Rtr Brouter bgp 1 router bgp 2
10.1.1.1/24 10.1.1.2/24
Rtr A Rtr B
AS 1 AS 2
![Page 288: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/288.jpg)
289
Configuring Peers
*address-family Enter address family command mode
***aggregate-address Configure BGP aggregate entries
*auto-summary Enable automatic network number summarization
*bgp BGP specific commands
default Set a command to its defaults
*default-information Control distribution of default information
*default-metric Set metric of redistributed routes
*distance Define an administrative distance
+++distribute-list Filter networks in routing updates
exit Exit from routing protocol configuration mode
Importance: ***High **Medium *Low+++: Do Not Use with BGP
Use neighbor x.x.x.x distribute-list {in|out}
Rtr(config-router)#?
![Page 289: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/289.jpg)
290
help Description of the interactive help system
*maximum-paths Forward packets over multiple paths
***neighbor Specify a neighbor router
**network Specify a network to announce via BGP
no Negate a command or set its defaults
***redistribute Redistribute information from another routing protocol
*synchronization Perform IGP synchronization
*table-map Map external entry attributes into routing table
*timers Adjust routing timers
Configuring Peers (Cont.)
Rtr(config-router)#?
Importance: ***High **Medium *Low
![Page 290: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/290.jpg)
291
Rtr A Rtr Brouter bgp 1 router bgp 2 neighbor 10.1.1.2 remote-as 2 neighbor 10.1.1.1 remote-as 1
Configuring BGP Peers (Cont.)
10.1.1.1/24 10.1.1.2/24
Rtr A Rtr B
AS 1 AS 2
Neighbor
![Page 291: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/291.jpg)
292
BGP Issue: Synchronization
Rtr B does not know about 172.16.0.0; therefore Rtr C should not advertise 172.16.0.0 to Rtr D
Redistribute 172.16.0.0 into IGP (not recommended); or use a full iBGP mesh and disable synchronization (default)
eBGP eBGP
iBGP
172.16.0.0
Rtr A
Rtr B
Rtr C
Rtr D
12.2(8)T—Default changedto no synchronization
A BGP Router will Not Advertise a Route to an eBGP Neighbor Unless the Route Is Already in the IP Routing Table
![Page 292: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/292.jpg)
293
BGP Path Selection
Ignore a route if the next hop is not known
Ignore external routes with local AS in path
1. Prefer the route with the largest weight
2. Prefer the route with the largest local preference
3. Prefer the route that was locally originated
via network, aggregate or redistribution from an IGP
![Page 293: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/293.jpg)
294
BGP Path Selection (Cont.)
4. Prefer the route with the shortest AS path
If using bgp bestpath as-path ignore then skip this step; when using the as-set option for aggregated routes then the as_set counts as 1 regardless of the number of AS entries in the set; confederation sub AS numbers are not used to determine the AS-path length
5. Prefer the route with the lowest origin(IGP < EGP < Incomplete)
6. Prefer the route with the lowest MED
This comparison is only between routes advertised by the same external AS
7. Prefer eBGP paths to iBGP path
![Page 294: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/294.jpg)
295
BGP Path Selection (Cont.)
8. For iBGP paths, prefer the path with lowest IGP metric to the BGP next hop
9. For eBGP paths, prefer the oldest (most stable) path
10.Prefer the path received from the router with the lowest router ID
![Page 295: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/295.jpg)
296
BGP Attributes: Next Hop
The next hop IP address that is used to reach a destination
For eBGP, the next hop is the IP address specified in the neighbor command
For iBGP, the eBGP next hop information is carried into iBGP
10.1.1.1 10.1.1.2 10.1.20.1 10.1.20.2
AS 1 AS 2
172.16.0.0
172.16.0.0Next Hop = 10.1.1.1
Router C
Does Router C Know How to Get to the Next Hop?
![Page 296: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/296.jpg)
297
BGP Attributes: Weight
A Cisco defined attribute which is used for path selection; the weight is assigned locally and is not propagated in routing updates
Value: 0–65535 Default is 32768 for local routes, 0 for all others
Higher value is preferred
Net 172.16.0.0Weight = 0
Net 172.16.0.0Weight = 80
Preferred
AS 1
AS 2AS 3
172.16.0.0/16
AS 4
![Page 297: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/297.jpg)
298
BGP Attributes: Local Pref
Signals which path is preferred to exit the AS and is exchanged among all BGP speakers in the AS; local preference is not exchanged between ASs
Value: 0–4294967295
Default value: 100
Higher value is preferred
AS 2AS 3
172.16.0.0/16
AS 4
Net 172.16.0.0Loc Pref = 100
Net 172.16.0.0Loc Pref = 800
Preferred
AS 1
![Page 298: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/298.jpg)
299
BGP Attribute: AS Path
10.1.0.0/2410.1.1.1/24
AS 5
^1$
^1$
^1$
^2 1$
^3$
^4 1$
AS 1
AS Path Attribute—the List of AS Numbers That a Route Has Traversed to Reach a Destination
AS 2
AS 3
AS 4
![Page 299: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/299.jpg)
300
BGP Attributes: Origin
IGP—i
Network Layer Reachability Information (NLRI) is interior to the originating AS; network statement or redistribute IGP routes
EGP—e
NLRI is learned via eBGP
Incomplete—?
NLRI is unknown; redistributing static into BGP
![Page 300: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/300.jpg)
301
BGP Attributes: Metric (MED)
Also known as the Multi-Exit-Discriminator (MED); metric is used as a suggestion to other ASs about the preferred path into the AS; exchanged between ASs
Value: 0–4294967295 Default value: 0 Lower value is preferred
AS 1
Net 172.16.1.0Metric = 80
Net 172.16.1.0Metric = 0 Preferred
172.16.1.0
AS 2
![Page 301: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/301.jpg)
302
BGP Path Selection—BGP Table
The best routes to the destination networks are selected from the BGP table
![Page 302: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/302.jpg)
303
BGP Path Selection Summary
Prefer highest weight (local to router)
Prefer highest local preference (global within AS)
Prefer routes that the router originated
Prefer shorter AS paths (only length is compared)
Prefer lowest origin code (IGP < EGP < Incomplete)
Prefer lowest MED
Prefer external (EBGP) paths over internal (IBGP)
For IBGP paths, prefer path through closest IGP neighbor
For EBGP paths, prefer oldest (most stable) path
Prefer paths from router with the lower BGP router-ID
![Page 303: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/303.jpg)
304
Atomic Aggregate—The Route Has Been Summarized and Path Information Is Lost
RouterD# show ip bgpBGP table version is 6, local router ID is 4.4.4.4Status codes: s suppressed, d damped, h history, * valid, > best, i – internalOrigin codes: i - IGP, e - EGP, ? – incomplete Network Next Hop Metric LocPrf Weight Path*> 160.0.0.0/8 4.4.4.1 0 300 i
Other BGP Attributes: Atomic Aggregate
Use of the as-set CommandWhen Aggregating (Router C) Will Propagate the Path Information
![Page 304: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/304.jpg)
305
BGP Attributes: Community
Used to group destinations and apply routing decisions according to community; by default, not sent to any peers
Value: 0–4,294,967,200 or 0:0–65535:65535
Values of all-zeroes and all-ones in the high order 16 bits are reserved
Well known communities
no-export (Do not export to next AS)
no-advertise (Do not advertise to any peer)
Internet (Advertise to all routers)
local-AS (Do not advertise outside local AS)
To send community values to a peer use the send-community keyword
neighbor 1.1.1.1 send-community
![Page 305: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/305.jpg)
306
BGP Attributes: Community (Cont.)
AS 1250 AS 88 AS 51
AS 1
201.3.3.196/26144.8.1.0/24144.9.3.128/2712.1.0.0/16
197.4.3.0/27152.1.1.0/24152.4.5.128/2628.5.0.0/17
201.3.3.196/22144.8.1.0/24144.9.3.128/2312.1.0.0/16
AS 1 Wants to Adjust the BGP Attributes of the Underlined Routes;How Can We Do That? AS-Path? Prefix and Mask?
![Page 306: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/306.jpg)
307
BGP Attributes: Community (Cont.)
Use the Community Attribute
AS 1250 AS 88 AS 51
AS 1
201.3.3.196/26,1:4144.8.1.0/24144.9.3.128/2712.1.0.0/16
197.4.3.0/27152.1.1.0/24, :44152.4.5.128/26,1:428.5.0.0/17
201.3.3.196/22144.8.1.0/24, 1:4144.9.3.128/2312.1.0.0/16, 1:4
![Page 307: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/307.jpg)
308
BGP Attributes: Community (Cont.)
router bgp 51 neighbor 10.1.1.1 remote-as 1 neighbor 10.1.1.1 send-community neighbor 10.1.1.1 route-map setcomm out!access-list 1 permit 144.8.1.0 0.0.0.255access-list 1 permit 12.1.0.0 0.0.255.255!route-map setcomm permit 10 match ip address 1 set community 1:4!route-map setcomm permit 20
Setting the Community Value
![Page 308: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/308.jpg)
309
BGP Attributes: Community (Cont.)
rtrA#sh ip bgp 172.16.1.0BGP routing table entry for 172.16.1.0/24, version 7Paths: (1 available, best #1, table Default-IP-Routing-Table) Advertised to non peer-group peers: 172.10.2.2 172.10.6.6 254 10.1.1.1 from 10.1.1.1 (199.172.15.254) Origin IGP, metric 0, localpref 100, valid, external, best Community: 65546
Viewing the Community Value—Old Format
![Page 309: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/309.jpg)
310
BGP Attributes: Community (Cont.)
ip bgp-community new-format (global configuration)
rtrA#sh ip bgp 172.16.1.0BGP routing table entry for 172.16.1.0/24, version 7Paths: (1 available, best #1, table Default-IP-Routing-Table) Advertised to non peer-group peers: 172.10.2.2 172.10.6.6 254 10.1.1.1 from 10.1.1.1 (199.172.15.254) Origin IGP, metric 0, localpref 100, valid, external, best Community: 1:10
Viewing the Community Value—New Format
![Page 310: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/310.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 311
Controlling the Flow of BGP Updates
![Page 311: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/311.jpg)
312
Aggregate Addresses
Used to minimize the size of the routing table
Combines characteristics of several routes to allow a single route to be advertised
RTB#
router bgp 200
neighbor 3.3.3.1 remote-as 300
network 160.10.0.0
RTC#
router bgp 300
neighbor 3.3.3.3 remote-as 200
neighbor 2.2.2.2 remote-as 100
network 170.10.0.0
aggregate-address 160.0.0.0 255.0.0.0
![Page 312: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/312.jpg)
313
Aggregate Addresses (Cont.)
aggregate-address address mask advertises the prefix route and all of the more specific routes
aggregate-address address mask summary-only This advertises the prefix only; all the more specific routes are suppressed*
aggregate-address address-mask suppress-map map-nameThis command advertises the prefix route and the more specific routes but it suppresses advertisement according to a route map
![Page 313: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/313.jpg)
314
Example: Aggregate Address
Question: Advertise the aggregate route 132.0.0.0/8 into AS 3. Ensure that the aggregate address and only 132.108.10.0/24 is allowed through to AS 3
![Page 314: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/314.jpg)
315
Example (Cont.): Configuration
r8(config)#router bgp 4
r8(config-router)#aggregate-address 132.0.0.0 255.0.0.0 suppress-map AGGREGATE_MAP1
r8(config-router)#exit
r8(config)#access-list 3 deny 132.108.10.0 0.0.0.255
r8(config)#access-list 3 permit any
r8(config)#route-map AGGREGATE_MAP1 permit 10
r8(config-route-map)#match ip address 3
r8(config-route-map)#end
![Page 315: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/315.jpg)
316
Example (Cont.): Verification
r5#sh ip ro bgp
B 141.108.0.0/16 [200/0] via 142.108.10.6, 2d03h
B 131.108.0.0/16 [20/0] via 162.108.21.8, 00:06:41
B 161.108.0.0/16 [20/0] via 162.108.21.8, 00:06:41
132.108.0.0/16 is variably subnetted, 2 subnets, 2 masks
B 132.108.10.0/24 [20/0] via 162.108.21.8, 00:06:41
B 132.108.0.0/16 [200/0] via 142.108.10.6, 2d03h
B 132.0.0.0/8 [20/0] via 162.108.21.8, 00:06:41
![Page 316: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/316.jpg)
317
BGP Route Filtering
Filter networks in incoming or outgoing BGP updates based on IP address
Rtr A Rtr Brouter bgp 1 router bgp 2 neighbor 10.1.1.2 distribute-list 1 in neighbor 10.1.1.1 distribute-list 2 out
access-list 1 permit 172.16.0.0 0.0.255.255 access-list 2 permit 192.30.8.0 0.0.0.255
Route Filtering
10.1.1.1/24 10.1.1.2/24
Rtr A Rtr B
AS 1 AS 2
Do You See A Problem Here?
![Page 317: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/317.jpg)
318
BGP Route Filtering
Path filtering—filter networks in incoming or outgoing BGP updates based on AS path information
Rtr A Rtr Brouter bgp 1 router bgp 2 neighbor 1.1.1.2 filter-list 1 in neighbor 1.1.1.1 filter-list 2 out… ...ip as-path access-list 1 deny ^2$ ip as-path access-list 2 permit ^$(deny routes belonging to AS 2) (allow routes from this AS only)ip as-path access-list 1 permit .*
Route Filtering
10.1.1.1/24 10.1.1.2/24
Rtr A Rtr B
AS 1 AS 2
Do You See A Problem Here?
![Page 318: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/318.jpg)
319
Route-Map Overview
Route-maps are very complex access-lists:
Access-lists have lines Route-maps contain statements
Access-lists use addresses and masks Route-maps use match conditions
With access-lists, there is an access-list number With route-maps, there is a route-map name
Statements in route-maps are numbered
You can insert and delete statements in a route-map
You can edit match conditions in a statement
Route-map statements can modify matched routes with “set” options
Route Maps
![Page 319: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/319.jpg)
320
Route-Map Overview (Cont.)
The default statement action is “permit”
A route not matched by any statement is dropped
“Permit all” is achieved by specifying “permit” without a “match” clause
Match conditions in one statement are ANDed together
The first matching statement permits or denies the route
Route Maps
![Page 320: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/320.jpg)
321
Route-Map Overview (Cont.)
router bgp 300
network 172.16.0.0
neighbor 2.2.2.2 remote−as 100
neighbor 2.2.2.2 route−map STOPUPDATES out
…
route−map STOPUPDATES deny 10
match ip address 1
route−map STOPUPDATES permit 20
…
access−list 1 permit 170.16.0.0 0.0.255.255
Blocks Advertisement of Network 172.16.0.0 to Neighbor 2.2.2.2
Route Maps
![Page 321: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/321.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 322
Debugging BGP
![Page 322: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/322.jpg)
323
Debugging
Test the IP connection between the BGP routers
If you can ping the remote endpoint then you can form a BGP connection
Rtr A#ping 1.1.1.2 Rtr B#ping 1.1.1.1
10.1.1.1/24 10.1.1.2/24
Rtr A Rtr B
AS 1 AS 2
![Page 323: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/323.jpg)
324
Debugging
Rtr A# Rtr B#
router bgp 1 router bgp 2 neighbor 1.1.1.2 remote-as 2 neighbor 1.1.1.1 remote-as 1
10.1.1.1/24 10.1.1.2/24
Rtr A Rtr B
AS 1 AS 2
Start with a Minimum BGP Configuration
![Page 324: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/324.jpg)
325
Debugging
Rtr A#show ip bgp neighbors
BGP neighbor is 1.1.1.2, remote AS 2, external link BGP version 4, remote router ID 1.1.1.2 BGP state = Established, table version = 1, up for 0:12:20 Last read 0:00:20, hold time is 180, keepalive interval is 60 seconds Minimum time between advertisement runs is 30 seconds Received 15 messages, 0 notifications, 0 in queue Sent 15 messages, 0 notifications, 0 in queue Connections established 1; dropped 0Connection state is ESTAB, I/O status: 1, unread input bytes: 0Local host: 10.1.1.7, Local port: 11002Foreign host: 10.1.1.1, Foreign port: 179
IF BGP Stat = Established Then Continue with Your BGP Configuration
![Page 325: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/325.jpg)
326
Further Possible Areas of Study
IBGP—Route Reflector
IBGP—Confederations
EBGP—Neighbor Local-as
BGP Multipath
BGP Conditional Advertisement
![Page 326: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/326.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 327
Q and A
![Page 327: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/327.jpg)
328
Recommended Reading
Internet Routing Architectures, Bassam Halabi, Cisco Press
Cisco BGP-4 Command and Configuration Handbook, William Parkhurst, Cisco Press
Available Onsite at the Cisco Company Store
![Page 328: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/328.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 329
Session 7:
MPLS/VPN
![Page 329: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/329.jpg)
330
Agenda
MPLS Technology Introduction
MPLS Network Ingredients
Building MPLS Services
MPLS VPNs
MPPS Layer 3 VPNs
![Page 330: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/330.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 331
MPLS Technology Introduction
![Page 331: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/331.jpg)
332
What Is MPLS Technology?
Multi Protocol Label Switching is a technology for delivery of IP services MPLS technology switches packets instead of routing, to transport data A highly scalable mechanism that is topology driven rather than
flow driven Single infrastructure architecture supporting multitudes of applications MPLS has evolved long way from its original goal, now serving as a
foundation for value-added services
VPLSTraffic
Engineer
Unicast &multicastL3 VPNs
MPLS
Single Network Infrastructure
IP+OpticalGMPLS
Any TransportOver MPLS
![Page 332: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/332.jpg)
333
Evolving Infrastructures, Growing Requirements
Fast Convergence
Fast Convergence
High Availability
High Availability
RedundancyRedundancy
Resilience Resilience and Scaleand Scale
Resilience Resilience and Scaleand Scale
Next Generation Services Networks Require Next Generation Services Networks Require a Transport that Offers End-to-End:a Transport that Offers End-to-End:
Next Generation Services Networks Require Next Generation Services Networks Require a Transport that Offers End-to-End:a Transport that Offers End-to-End:
ReportReport
MeasureMeasure
Test andVerify
Test andVerify
ProvisionProvision
OAMOAMOAMOAM
Point to Point
Point to Point
Point to MultipointPoint to Multipoint
Service Service FlexibilityFlexibilityService Service
FlexibilityFlexibility
Mutipoint to Multipoint
Mutipoint to Multipoint
Traffic ClassesTraffic Classes
BW GuaranteesBW Guarantees
SLA SLA GuaranteesGuarantees
SLA SLA GuaranteesGuarantees
Traffic PriorityTraffic Priority
![Page 333: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/333.jpg)
334
CustomerA
Remote Users/ Telecommuters
MPLS Backbone
VPN B
PE2
VPN B
Local or Direct
Dial ISP
HQ AHQ A
Internet
ProviderNetworks
Branch OfficeBranch Office
HQ CHQ C
HQ BHQ B
FR/ATM/
Carrier Ethernet
VPN C
MPLS Use Case
P1 P2
VPN A
VPN A
VPN C
VPN BPE3
Mobile Backhaul
Shared/Managed Services
ERP VideoServer
HostedContent
PE4
PE1
Mobile Backhaul
P3 P4
VMVM
VMVM
VMVM
VMVM
Requirements: L2 pt-pt, L2 fully meshed,L3 fully meshed sites through HQ site, all sites
directly access Hosted content and the Internet with SLA
MPLS to MPLS to IPsecIPsec//PEPE
PE5
![Page 334: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/334.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 335
MPLS Network Ingredients
![Page 335: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/335.jpg)
336
MPLS Network Ingredients Network devices
P (Provider) routers = label switching routers = core routers
PE (Provider Edge) routers = edge LSR = provider edge device
ProtocolsIGP: core routing protocol, OSPF, EIGRP, IS-IS
Label Distribution Protocol (LDP)
Multiprotocol e/iBGP
Resource reservation (RSVP) protocol
MPLS labelForwarding Equivalence Class (FEC)
MPLS label
MPLS label encapsulation
MPLS planesMPLS control planes
MPLS forwarding planes
![Page 336: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/336.jpg)
337
MPLS Network Devices
P (Provider) routers = label switching routers = core routers
Switch packets from ingress PE to egress PE
PE (Provider Edge) routers = edge LSR = provider edge device
MPLS services are enabled on PE devices. They interconnect customer sites
PE
P
P
P
P
PE
PE
PE
PE
PE
![Page 337: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/337.jpg)
338
P
P
PE
PE
PE
PE
P
P
PE
PE
IGPRSVP
LDP
MPLS Network Protocols
IGP: OSPF, EIGRP, IS-IS on core facing and core links
RSVP and/or LDP on core and/or core facing links
MP-e/iBGP on PE devices
![Page 338: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/338.jpg)
339
Label Distribution Protocol
Defined in RFC 3035 and 3036, LDP-superset of Tag Distribution Protocol
Uses UDP for session discovery and TCP(646) for the rest of the messages
LDP Header:
Uses per-interface or per-platform label space, each needing separate LDP sessions
Label distribution protocols distribute labels for prefixes advertised by unicast routing protocols (OSPF, IS-IS, EIGRP, etc.) using LDP or BGP
Multiple phases to establish a session & allocate labels so that traffic can be switched:
Discovery mechanisms
Session establishment
Label distribution and management
Label binding advertisement (unsolicited or on-demand), distribution, liberal retention
Version (2 Octets)
PDU Length (2 Octets)
LDP ID (6 Octets)
![Page 339: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/339.jpg)
340
MPLS Label and Label Encapsulation
LabelPPP Header Layer 2/L3 PacketPPP Header(Packet over SONET/SDH)
Label MAC Header Layer 2/L3 PacketLAN MAC Label Header
MPLS Label Encapsulation
COS/EXP = Class of Service: 3 Bits; S = Bottom of Stack; TTL = Time to Live
0 1 2 30 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Label # – 20bits EXP S TTL-8bits
MPLS Label
![Page 340: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/340.jpg)
341
Forwarding Equivalence Class
FEC Is Used by Label Switching Routers to Determine How Packets Are Mapped to Label Switching Paths (LSP):
IP prefix/host address
Layer 2 circuits (ATM, FR, PPP, HDLC, Ethernet)
Groups of addresses/sites—VPN x
A bridge/switch instance—VSI
Tunnel interface—traffic engineering
![Page 341: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/341.jpg)
342
MPLS Control Plane and Forward Plane
Control plane used to distribute labels and build label-switched paths
Routing Process
MPLS Process
RIB
LIB
Route Updates/Adjacency
Label BindUpdates/Adjacency
Forwarding plane consists of label imposition, swapping, and disposition—no matter what the control plane
Destination-based unicast/multicast
Labels divorce forwarding from IP address
Labels define destination and service
MFI FIB
IP TrafficMPLS Traffic
![Page 342: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/342.jpg)
343
MPLS Control Plane Downstream Unsolicited Mode
Step I: Core Routing Convergence
128.89
171.69
1
01
In Label
Address Prefix
128.89
171.69
…
OutI’face
1
1
…
Out Label
In Label
Address Prefix
128.89
171.69
…
OutI’face
0
1
…
Out Label
In Label
Address Prefix
128.89
…
OutI’face
0
…
Out Label
0
Routing Updates (OSPF, EIGRP, …)
You Can Reach 128.89 Thru Me
You Can Reach 171.69 Thru Me
You Can Reach 128.89 and 171.69 Thru Me
![Page 343: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/343.jpg)
344
Step II: Assigning Labels
MPLS Control PlaneDownstream Unsolicited Mode
1
Use Label 7 for 171.69
Use Label 4 for 128.89 andUse Label 5 for 171.69
128.89
01
0
171.69
In Label
Address Prefix
128.89
171.69
…
OutI’face
1
1
…
Out Label
In Label
Address Prefix
128.89
171.69
…
OutI’face
0
1
…
Out Label
In Label
Address Prefix
128.89
…
OutI’face
0
…
Out Label
4
5
…
-
-
…
9
7
…
4
5
…
-
…
9
…
Use Label 9 for 128.89
Downstream Node Advertise Labels for Prefixes/FEC Reachable via that Device
![Page 344: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/344.jpg)
345
1
0
1
128.89.25.4 Data4128.89.25.4 Data
128.89.25.4 Data
128.89.25.4 Data9
Label Switch Forwards Based on Label
128.890
171.69
In Label
Address Prefix
128.89
171.69
…
OutI’face
1
1
…
Out Label
In Label
Address Prefix
128.89
171.69
…
OutI’face
0
1
…
Out Label
In Label
Address Prefix
128.89
…
OutI’face
0
…
Out Label
4
5
…
-
-
…
9
7
…
4
5
…
-
…
9
…
MPLS Forwarding Plane
Step III: Forwarding Labeled Packets
![Page 345: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/345.jpg)
346
Label Stacking
There may be more than one label in an MPLS packet
As we know labels correspond to forwarding equivalence classesExample—there can be one label for routing the packet to an egress point and another that separates a customer A packet from customer B
Inner labels can be used to designate services/FECs, etc.
e.g. VPNs, fast reroute
Outer label used to route/switch the MPLS packets in the network
Last label in the stack is marked with EOS bit
Allows building services such as MPLS VPNs
Traffic engineering and fast reroute
VPNs over traffic engineered core
Any transport over MPLS
TE Label
LDP Label
VPN Label
Inner Label
Outer Label
IP Header
![Page 346: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/346.jpg)
347
MPLS Core Architecture Summary1a. Existing Routing Protocols (e.g. OSPF, IS-IS) Establish Reachability to Destination Networks
1b. LDP Establishes Label to Destination Network Mappings
2. Ingress Edge LSR Receives Packet, Performs Layer 3 Value-Added Services, and “Labels” Packets 3. LSR Switches Packets
Using Label Swapping
4. Edge LSR at Egress Removes Label and Delivers Packet
!ip cefmpls label protocol ldp!Interface ether0/0mpls ip!
![Page 347: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/347.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 348
MPLS VPNs
![Page 348: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/348.jpg)
349
What Is a Virtual Private Network?
VPN is a set of sites or groups which are allowed to communicate with each other
VPN is defined by a set of administrative policiesPolicies established by VPN customers
Policies could be implemented completely by VPN service providers
Flexible intersite connectivity
Ranging from complete to partial mesh
Sites may be either within the same or in different organizations
VPN can be either intranet or extranet
Site may be in more than one VPN
VPNs may overlap
Not all sites have to be connected to the same service provider
VPN can span multiple providers
![Page 349: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/349.jpg)
350
L2 vs. L3 VPNs
Point-to-Point Layer 2 VPNs Customer endpoints (CPE) connected via Frame Relay DLCI, ATM VC or
point-to-point connection No routing with the provider network. VPN CEs peer with each other,
much better propagation delay Good for point to point L2 connectivity, provider will need to manually fully
mesh end points if any-to-any connectivity is required
Multipoint Layer 2 VPNs Customer endpoints (CPE) connected via Ethernet (VLAN or ethernet) Fully meshed, hub-spoke service possible w/o routing
Layer 3 VPN Any access medium is supported Customer end points peer with providers’ routers @ L3 and exchange
VPN site-routing information Reduced provisioning, Scales
![Page 350: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/350.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 351
MPLS L3 VPNs
![Page 351: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/351.jpg)
352
VPN A
VPN B
VPN A
VPN B
VPN CVPN A
VPN C
VPN B
IP L3 vs. MPLS L3 VPNs
Overlay VPN
ACLs, ATM/FR, IP tunnels, IPSec, … etc. requiring n*(n-1) peering points
Transport dependent
Groups endpoints, not groups
Pushes content outside the network
Costs scale exponentially
NAT necessary for overlapping subnets
Limited scaling, QoS Complexity
MPLS-Based VPNs
Point-to-cloud single point of connectivity
Transport independent
Easy grouping of users and services
Enables content hosting inside the network
“Flat” cost curve
Supports private overlapping IP addresses
Scalable to over millions of VPNs
Per VPN QoS
Hosting
Multicast
VoIP
Intranet
Extranet
![Page 352: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/352.jpg)
353
MPLS L3 VPN Control Plane Basics
1. VPN service is enabled on PEs
2. VPN site’s CE1 connects to a VRF enabled interface on a PE1
3. VPN site CE1 distributes routes to PE1
4. PE1 allocates VPN label for each prefix, redistributes routes into MP-iBGP, sets itself as a next hop and relays VPN site routes to PE3
5. PE3 distributes CE1’s routes to CE2
VRF
VRF
VRF
MP-iBGP—VPNv4 Label Exchange
MP-iBGP—VPNv4 iBGP—VPNv4
PE1
PE3
PE2CE1
CE4
CE3
CE2
P1 P2
VRF VRF
P3
Static, EIGRP, OSPF, eBGP
![Page 353: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/353.jpg)
354
How Control Plane Information Is Separated
PE1
P1 P2
PE2
CE2CE1
IPv4 Route Exchange
VPN-IPv4Net=RD:16.1/16NH=PE1Route Target100:1Label=42
16.1/16
IGP/eBGP Net=16.1/16
IGP/eBGP Net=16.1/16
No VPN Routes in
the Core(P)
ip vrf YellowRD 1:100route-target export 1:100route-target import 1:100
Route Distinguisher (RD): 8-byte field—unique value assigned by a provider to each VPN to make different VPN routes unique
VPNv4 address: RD+VPN IP prefix Route Target (RT): 8-byte field, unique value assigned by a provider to define the
import/export rules for the routes from/to each VPN MP-iBGP: facilitates advertisement of VPNv4* prefixes + labels between BGP
peers Virtual Routing Forwarding Instance (VRF): contains VPN site routes Multi-VRF CE: CE device supporting multiple VRFs w/o MP-iBGP & VPN labels
![Page 354: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/354.jpg)
355
PE1 PE2CE1 Forwards IPv4 Packet
MPLS L3 VPN Forwarding PlaneHow Data Plane Is Separated
1. PE1 imposes pre-allocated label for the prefix
2. Core facing interface allocates IGP label
3. Core swaps IGP labels
4. PE2 strips off VPN label and forwards the packet to CE2 as an IP packet
CE2 Receives IPv4 Packet
!Interface S1/0ip vrf forwarding Yellow!
P1 P2
CE2CE1
IPv4 IPv4
IPv4 IPv4 IPv4
![Page 355: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/355.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 356
MPLS L3 VPNs Applications
![Page 356: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/356.jpg)
357
CustomerA
Remote Users/ Telecommuters
MPLS Backbone
VPN B
Local or Direct
Dial ISP
HQ Hub
Internet
ProviderNetworks
MPLS to IPsec/PE
Branch Office
Business Partner
FR/ATM/
VPN A
Deployment Example I:
P1 P2
VPN A
VPN A
VPN A
VPN AVMVM
VMVM
VMVMPE2
PE3
Remote Site
VMVM
PE1
MPLS VPN SP Interconnecting VPN Sites for different Access Technologies
![Page 357: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/357.jpg)
358
Deployment Example II: MPLS VPNs in Enterprise Campus
L2 access
Multi-VRF-CE at distribution
BGP/MPLS VPNs in core only
Multi-VRF between core and distribution
Multi-VRF doesn’t require MPLS labels
Layer 3
L2
L2
MP-iBGP
VPN1
VPN2
802.1Q
CE (Multi-VRF)
BGP/MPLS VPN
PE w/VRF
P
![Page 358: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/358.jpg)
359
Remote SitesEnterprise-A
Enterprise-AHub-1-UK Global Backbone
Service Provider AS100
Deployment Example III: End-to-End VPN Services Using Multiple MPLS SPs
Remote SitesEnterprise-A
Enterprise-A Hub-2-US
Enterprise-AHub-3-India
Remote SitesEnterprise-A
Regional SP1
MPLS Core AS1
Regional SP2
MPLS Core AS2
Regional SP3
MPLS CoreAS3
![Page 359: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/359.jpg)
360
MPLS L3 VPNs Summary
SPs can provide Intranet, extranet, hub-spoke, fully-meshed connectivity services
Advanced multicast VPNs, shared hosting, voice, video, Internet and traditional IP services can also be supported over a single infrastructure
SP configured route target can be used to filter/limit import/export of VPN routes
SP configured per VPN route distinguisher segregates VPN control plane traffic
Unique per-VPN labels segregates data plane traffic
Subscribers have several access medium and routing protocol options to connect to the providers
SPs can offer service level guarantees using QoS and traffic engineering applications for MPLS L3 VPNs
MPLS L3VPNs over IP
![Page 360: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/360.jpg)
361
Terminology ReferenceTerminology Description
AC Attachment Circuit. An AC Is a Point-to-Point, Layer 2 Circuit Between a CE and a PE.
AS Autonomous System (a Domain)
CoS Class of Service
ECMP Equal Cost Multipath
IGP Interior Gateway Protocol
LAN Local Area Network
LDP Label Distribution Protocol, RFC 3036.
LER Label Edge Router. An Edge LSR Interconnects MPLS and non-MPLS Domains.
LFIB Labeled Forwarding Information Base
LSP Label Switched Path
LSR Label Switching Router
NLRI Network Layer Reachability Information
P Router An Interior LSR in the Service Provider's Autonomous System
PE RouterAn LER in the Service Provider Administrative Domain that Interconnects the Customer Network and the Backbone Network.
PSN Tunnel Packet Switching Tunnel
![Page 361: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/361.jpg)
362
Terminology ReferenceTerminology Description
Pseudo-WireA Pseudo-Wire Is a Bidirectional “Tunnel" Between Two Features on a Switching Path.
PWE3 Pseudo-Wire End-to-End Emulation
QoS Quality of Service
RD Route Distinguisher
RIB Routing Information Base
RR Route Reflector
RT Route Target
RSVP-TE Resource Reservation Protocol based Traffic Engineering
VPN Virtual Private Network
VFI Virtual Forwarding Instance
VLAN Virtual Local Area Network
VPLS Virtual Private LAN Service
VPWS Virtual Private WAN Service
VRF Virtual Route Forwarding Instance
VSI Virtual Switching Instance
![Page 362: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/362.jpg)
363
MPLS/L3VPN Sample Lab Question
Backbone 1
VLAN_B
Backbone 2
Sw1 Sw2
Sw3Sw4
R2
R5
R3
R1
R4
Fa0/0.25.5/24
Gi0/0.25.2/24
Gi0/1.20.2/24
VLAN_C
VLAN_A
Fa0/1.100.5/24
Gi0/1.100.1/24
Gi0/1.100.3/24
Gi0/0.30.3/24
Fa0/1.50.4/24
Fa0/0150.1.YY.1/24
Gi0/0150.2.YY.1/24
S0/0/0.12.2/30
S0/0/1.12.1/30
S0/0/0.14.4/24
S0/0/0.14.1/24
SVI .30.9/24
VLAN_D
SVI .30.10/24
SVI .50.7/24
SVI .50.8/24
VLAN_E
CE
CE
PE
PE
P P
PE
PE
CE CE
P
PE
P
P
VPN Tunnel
MP-BGP/IGP/MPLS
IGP/MPLS
IGP/MPLS
PECEStatic Route/No MPLS
VPN Tunnel
Static Route/No MPLS
170.1.9.9/24
170.1.7.7/24
![Page 363: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/363.jpg)
364
MPLS/L3VPN Sample Lab Question (Cont.)
MP-BGP should be configured to carry vpnv4 updates.
VRF instance should be named "ccie"
RT & RD values is upon candidates discretion.
Include only the relevant interface in the vrf instance.
Configure the vrf route as appropriate on PEs
You are allowed to use static route from CE to PE for the private traffic.
There is a private network on Sw3 170.1.9.0 and another on Sw1 170.1.7.0. Build a VPN tunnel to carry the private traffic between these two networks using the MPLS core and edge infrastructure.
![Page 364: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/364.jpg)
365
MPLS/L3VPN Sample Lab Question (Cont.)Verification
R3: Verify VPNv4 routes are received from R4(PE):
R3#sh ip route vrf ccie
Routing Table: ccie
170.1.0.0/32 is subnetted, 2 subnets
S 170.1.9.9 [1/0] via 1.1.30.9
B 170.1.7.7 [200/0] via 1.1.4.4, 3d16h---Loopback intf.(Private Network) on Sw1
1.0.0.0/24 is subnetted, 2 subnets
C 1.1.30.0 is directly connected, GigabitEthernet0/0
B 1.1.50.0 [200/0] via 1.1.4.4, 3d16h R4: Verify VPNv4 routes are received from R3(PE):
R3#sh ip route vrf ccie
Routing Table: ccie
170.1.0.0/32 is subnetted, 2 subnets
S 170.1.7.7 [1/0] via 1.1.50.7
B 170.1.9.9 [200/0] via 1.1.3.3, 3d16h---Loopback intf.(Private Network) on Sw3
1.0.0.0/24 is subnetted, 2 subnets
C 1.1.50.0 is directly connected, GigabitEthernet0/1
B 1.1.30.0 [200/0] via 1.1.3.3, 3d16h
![Page 365: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/365.jpg)
366
Further Reading
http://www.cisco.com/go/mpls
http://www.ciscopress.com
MPLS and VPN Architectures—Jim Guichard, Ivan Papelnjak—Cisco Press®
Traffic Engineering with MPLS—Eric Osborne, Ajay Simha—Cisco Press
Layer 2 VPN Architectures— Wei Luo, Carlos Pignataro, Dmitry Bokotey, Anthony Chan—Cisco Press
MPLS QoS—Santiago Alvarez-Cisco Press
![Page 366: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/366.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 367
Q and A
![Page 367: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/367.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 368
Session 8:
IP Multicast
![Page 368: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/368.jpg)
369
Agenda
Multicast Concepts
PIM-SM Configuration and Verification
Multicast Troubleshooting
![Page 369: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/369.jpg)
370
Multicast At-a-Glance
PIM
IGMPP
IMP
IM
IGMP
![Page 370: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/370.jpg)
371
McastSample Written Question
Which of the following is NOT true of IP Multicast Addressing?
1. Multicast Group addresses comprise the range 224.0.0.0–239.255.255.255
2. The Link-Local Address Range is 224.0.0.0–224.0.0.255
3. Administratively Scoped Addresses (239.0.0.0– 239.255.255.255) are assigned to user applications by IANA
4. EIGRP Hello’s to 224.0.0.10 have a TTL = 1
5. Scope Relative Addresses are the top 256 addresses of a scoped address range
![Page 371: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/371.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 372
Multicast Forwarding
![Page 372: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/372.jpg)
373
Unicast vs. Multicast Forwarding
Destination IP address directly determines where to forward the packet
Decision based on route table
Hop-by-hop forwarding continues even during routing topology changes
Unicast Forwarding
![Page 373: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/373.jpg)
374
Unicast vs. Multicast Forwarding
Destination IP address doesn’t directly indicate where to forward packet
Forwarding is connection-oriented
Receivers must first “connect” to the source before traffic begins to flow
Connection messages (PIM Joins) follow unicast routing table toward multicast source
Build Multicast Distribution Trees that determine where to forward packets
Distribution Trees rebuilt dynamically in case of network topology changes
Mulitcast Forwarding
![Page 374: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/374.jpg)
375
Reverse Path Forwarding (RPF)
The multicast source address is checked against the unicast routing table
This determines the interface and upstream router in the direction of the source to which PIM Joins are sent
This interface becomes the “Incoming” or RPF interface
A router forwards a multicast datagram only if received on the RPF interface
The RPF Calculation
![Page 375: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/375.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 376
PIM Sparse Mode
![Page 376: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/376.jpg)
377
PIM Sparse Mode
Protocol-independent
Supports all underlying unicast routing protocols including: static, RIP, IGRP, EIGRP, IS-IS, BGP, and OSPF
Sparse mode
Uses “pull” model
Traffic sent only to where it is requested
Explicit join behavior
![Page 377: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/377.jpg)
378
PIM-SM Shared Tree Join
Receiver
RP
PIM (*, G) Join(*, G) State Created OnlyAlong the Shared Tree
Shared Tree
IGMP (*, G) Join
![Page 378: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/378.jpg)
379
PIM-SM Sender Registration
Receiver
RP
(S, G) Join
Source
(S, G) Register (unicast)
(S, G) State Created OnlyAlong the Source Tree
Source Tree
Traffic Flow
Shared Tree
![Page 379: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/379.jpg)
380
PIM-SM Sender Registration
Receiver
RPSource
RP Sends a Register-Stop Back to the First-Hop Router to Stop the Register Process
(S, G) Register-Stop (unicast)
(S, G) Register (unicast)
(S, G) Traffic Begins Arriving at the RP Via the Source Tree
Source Tree
Traffic Flow
Shared Tree
![Page 380: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/380.jpg)
381
PIM-SM Sender Registration
Receiver
RPSource
Source Traffic Flows NativelyAlong SPT to RP
From RP, Traffic Flows Downthe Shared Tree to ReceiversSource Tree
Traffic Flow
Shared Tree
![Page 381: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/381.jpg)
382
PIM-SM SPT Switchover
Receiver
RP
(S, G) Join
Source
Last-Hop Router Joins the Source Tree
Source Tree
Traffic Flow
Shared Tree
![Page 382: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/382.jpg)
383
PIM-SM SPT Switchover
Receiver
RPSource
Last-Hop Router Joins the Source Tree
Additional (S, G) State Is Created Along New Part of the Source TreeSource Tree
Traffic Flow
Shared Tree
![Page 383: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/383.jpg)
384
PIM-SM SPT Switchover
Receiver
RPSource
(S, G)RP-bit Prune
Traffic begins Flowing Down the New Branch of the Source Tree
Additional (S, G) State is Created Along the Shared Tree to Prune off (S, G) Traffic
Source Tree
Traffic Flow
Shared Tree
![Page 384: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/384.jpg)
385
PIM-SM SPT Switchover
Receiver
RPSource
Shared Tree
(S, G) Traffic Flow Is Now Pruned off of the Shared Tree and Is Flowing to the Receiver via the Source TreeSource Tree
Traffic Flow
Shared Tree
![Page 385: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/385.jpg)
386
PIM-SM SPT Switchover
Receiver
RPSource
Shared Tree
(S, G) Traffic Flow Is No Longer Needed by the RP So it Prunes the Flow of (S, G) Traffic
(S, G) Prune
Source Tree
Traffic Flow
Shared Tree
![Page 386: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/386.jpg)
387
PIM-SM SPT Switchover
Receiver
RPSource
Source Tree
(S, G) Traffic Flow Is Now Only Flowing to the Receiver via a Single Branch of the Source Tree
Traffic Flow
Shared Tree
![Page 387: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/387.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 388
PIM Sparse Mode Configuration and Verification
![Page 388: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/388.jpg)
389
PIM Sparse Mode Static RP
R4 R3
R2
R1
E0/0 10.1.1.1/24ip pim sparse-mode
E0/0 10.1.1.2/24ip pim sparse-mode
S0/1 10.2.2.2/24ip pim sparse-mode
S0/1 10.2.2.3/24ip pim sparse-mode
S0/0 10.2.3.2/24ip pim sparse-mode
On Every RouterGlobal Configuration Command
S0/0 10.2.3.4/24ip pim sparse-mode
ip multicast-routingip pim rp-address 10.1.22.22
LO0 10.1.22.22/32ip pim sparse-mode
![Page 389: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/389.jpg)
390
PIM Sparse Mode Static RP—Verification
R4 R3
R2
R1
E0/0 10.1.1.1/24ip pim sparse-mode
E0/0 10.1.1.2/24ip pim sparse-mode
S0/1 10.2.2.2/24ip pim sparse-mode
S0/1 10.2.2.3/24ip pim sparse-mode
S0/0 10.2.3.2/24ip pim sparse-mode
On Every RouterGlobal Configuration Command
S0/0 10.2.3.4/24ip pim sparse-mode
ip multicast-routingip pim rp-address 10.1.22.22
LO0 10.1.22.22/32ip pim sparse-mode
r3# show ip pim rp mappingGroup(s): 224.0.0.0/4, Static RP: 10.1.22.22 (R2)
![Page 390: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/390.jpg)
391
R4 R3
R2
R1
E0/0 10.1.1.1/24ip pim sparse-mode
E0/0 10.1.1.2/24ip pim sparse-mode
S0/1 10.2.2.2/24ip pim sparse-mode
S0/1 10.2.2.3/24ip pim sparse-mode
S0/0 10.2.3.2/24ip pim sparse-mode
On Every RouterGlobal Configuration Command
S0/0 10.2.3.4/24ip pim sparse-mode
ip multicast-routingip pim rp-address 10.1.22.22
LO0 10.1.22.22/32ip pim sparse-mode
PIM Sparse Mode Static RP—Verification
r2# show ip pim interface Address Interface Ver/ Nbr Query DR DR Mode Count Intvl Prior10.1.1.2 Ethernet0/0 v2/S 1 30 1 10.1.1.210.2.3.2 Serial0/0 v2/S 1 30 1 10.2.3.410.2.2.2 Serial0/1 v2/S 1 30 1 10.2.2.3
![Page 391: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/391.jpg)
392
R4 R3
R2
R1
E0/0 10.1.1.1/24ip pim sparse-mode
E0/0 10.1.1.2/24ip pim sparse-mode
S0/1 10.2.2.2/24ip pim sparse-mode
S0/1 10.2.2.3/24ip pim sparse-mode
S0/0 10.2.3.2/24ip pim sparse-mode
On Every RouterGlobal Configuration Command
S0/0 10.2.3.4/24ip pim sparse-mode
ip multicast-routingip pim rp-address 10.1.22.22
LO0 10.1.22.22/32ip pim sparse-mode
PIM Sparse Mode Static RP—Verification
r2# show ip pim neighborPIM Neighbor TableNeighbor Interface Uptime/Expires Ver DRAddress Priority/Mode10.1.1.1 Ethernet0/0 1d00h/00:01:17 v2 1 / B S10.2.3.4 Serial0/0 1d00h/00:01:44 v2 1 / DR B S10.2.2.3 Serial0/1 1d00h/00:01:44 v2 1 / DR B S
![Page 392: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/392.jpg)
393
PIM Sparse Mode Auto-RP
Routers automatically learn RP address
Only routers that are candidate RPs or mapping agents need to be configured
Makes use of multicast to distribute info
Two specially IANA-assigned groups used
Cisco-Announce—224.0.1.39
Cisco-Discovery—224.0.1.40
Typically dense mode is used forward these groups
Permits backup RP’s to be configured
![Page 393: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/393.jpg)
394
PIM Sparse Mode Auto-RP
ip pim send-rp announce loopback 0 scope 16
On Every RouterGlobal Configuration Command
ip multicast-routing
Interface Configuration Command
ip pim sparse-dense-modeor
ip pim sparse-mode with
Global command: ip pim auto-rp listener
R4
R2
R1
ip pim send-rp-discovery loopback 0 scope 16
R3
RP
MA
![Page 394: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/394.jpg)
395
ip pim send-rp announce loopback 0 scope 16
On Every RouterGlobal Configuration Command
ip multicast-routing
Interface Configuration Command
ip pim sparse-dense-modeor
ip pim sparse-mode with
Global command: ip pim auto-rp listener
R4
ip pim send-rp-discovery loopback 0 scope 16
R3MA
PIM Sparse Mode Auto-RP—Verification
R2
R1
RP
r2# show ip pim rp mappingPIM Group-to-RP MappingsThis system is an RP (Auto-RP) Group(s) 224.0.0.0/4 RP 10.1.22.22 (r2), v2v1 Info source: 10.1.44.44 (R3), via Auto-RP Uptime: 00:02:19, expires: 00:02:38
![Page 395: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/395.jpg)
396
ip pim send-rp announce loopback 0 scope 16
On Every RouterGlobal Configuration Command
ip multicast-routing
Interface Configuration Command
ip pim sparse-dense-modeor
ip pim sparse-mode with
Global command: ip pim auto-rp listener
R4
ip pim send-rp-discovery loopback 0 scope 16
R3MA
PIM Sparse Mode Auto-RP—Verification
R2
R1
RP
r3# show ip pim rp mappingPIM Group-to-RP MappingsThis system is an RP-mapping agent (Loopback0) Group(s) 224.0.0.0/4 RP 10.1.22.22 (r2), v2v1 Info source: 10.1.22.22 (R2), via Auto-RP Uptime: 00:02:55, expires: 00:02:00
![Page 396: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/396.jpg)
397
ip pim send-rp announce loopback 0 scope 16
On Every RouterGlobal Configuration Command
ip multicast-routing
Interface Configuration Command
ip pim sparse-dense-modeor
ip pim sparse-mode with
Global command: ip pim auto-rp listener
R4
ip pim send-rp-discovery loopback 0 scope 16
R3MA
PIM Sparse Mode Auto-RP—Verification
R2
R1
RP
r4# show ip pim rp mappingPIM Group-to-RP Mappings Group(s) 224.0.0.0/4 RP 10.1.22.22 (r2), v2v1 Info source: 10.1.44.44 (R3), via Auto-RP Uptime: 00:24:29, expires: 00:02:17
![Page 397: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/397.jpg)
398
PIM Sparse Mode BSR
ip pim rp-candidate loopback 0
ip pim bsr-candidate loopback 0
On Every RouterGlobal Configuration Command
ip multicast-routing
Interface Configuration Command
ip pim sparse-mode
R4 R3BSR
R2
R1
RP
![Page 398: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/398.jpg)
399
ip pim rp-candidate loopback 0
ip pim bsr-candidate loopback 0
On Every RouterGlobal Configuration Command
ip multicast-routing
Interface Configuration Command
ip pim sparse-mode
R4 R3BSR
PIM Sparse Mode BSR—Verification
R2
R1
RP
r2# show ip pim rp mappingPIM Group-to-RP MappingsThis system is a candidate RP (v2) Group(s) 224.0.0.0/4 RP 10.1.22.22 (?), v2 Info source: 10.1.44.44 (?), via bootstrap Uptime: 00:04:09, expires: 00:02:27
![Page 399: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/399.jpg)
400
ip pim rp-candidate loopback 0
ip pim bsr-candidate loopback 0
On Every RouterGlobal Configuration Command
ip multicast-routing
Interface Configuration Command
ip pim sparse-mode
R4 R3BSR
PIM Sparse Mode BSR—Verification
R2
R1
RP
r2# show ip pim bsr-routerPIMv2 Bootstrap information BSR address: 10.1.44.44 (?) Uptime: 00:06:16, BSR Priority: 0, Hash mask length: 0 Expires: 00:01:55 Next Cand_RP_advertisement in 00:00:39 RP: 10.1.22.22(Loopback0)
![Page 400: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/400.jpg)
401
Anycast RP: Overview
Uses single statically defined RP address
Two or more routers have same RP address
RP address defined as a loopback interface
Loopback address advertised as a host route
Senders and receivers join/register with closest RP
Closest RP determined from the unicast routing table
Can never fall back to dense mode
Because RP is statically defined
MSDP session(s) run between all RPs
Informs RPs of sources in other parts of network
RPs join SPT to active sources as necessary
![Page 401: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/401.jpg)
402
ip pim rp-address 10.1.1.1ip pim rp-address 10.1.1.1
Interface loopback 0 ip address 10.1.1.1 255.255.255.255
Interface loopback 1 ip address 10.0.0.2 255.255.255.255!ip msdp peer 10.0.0.1 connect-source loopback 1ip msdp originator-id loopback 1
Interface loopback 0 ip address 10.1.1.1 255.255.255.255
Interface loopback 1 ip address 10.0.0.1 255.255.255.255!ip msdp peer 10.0.0.2 connect-source loopback 1ip msdp originator-id loopback 1
MSDPB
RP2
A
RP1
X Y
Anycast RP MSDP Configuration
![Page 402: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/402.jpg)
403
References
Developing IP Multicast Networks; Beau Williamson, Cisco Press
Routing TCP/IP Volume II; Jeff Doyle, Cisco Press
ftp://ftpeng.cisco.com/ipmulticast/training/index.html
Available Onsite at the Cisco Company Store
![Page 403: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/403.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 404
Session 9:
Quality of Services
![Page 404: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/404.jpg)
405
Quality of Service (QoS)
What Is Qos, Why?
Differentiated Services Architecture
Modular QoS Command Line
Classification/Marking
Queuing
Policing/Shaping
References
![Page 405: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/405.jpg)
406
What Is QoS in Internetworking?
Qos is applicable in many domains outside networking (supermarket, public roads,…)
In networking, we refer to the set of requirements an application imposes along an end to end pipe
Loss rate
Latency, jitter
Bandwidth
How can we control these, in order to offer the requested service?
![Page 406: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/406.jpg)
407
Aggregation Speed Mismatch
10 Mbps
1000 Mbps
LAN to WAN
10 Mbps
64 Kbps
Congestion Points
Example of network node congestion
Points of substantial speed mismatch and points of aggregation
Transmit buffers have the tendency to fill
Buffering reduces loss, but introduces delay
![Page 407: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/407.jpg)
408
IETF QoS Model: Differentiated Services
Specify QoS via a packet header value: DSCP
Network uses the QoS specification to classify, shape, and police traffic, as well as perform intelligent queuing
Enables scalable service discrimination in the Internet without the need for per-flow state and signaling at every hop
Group flows into aggregates—“A collection of packets crossing a link in a particular direction”
![Page 408: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/408.jpg)
409
IPv4 ToS vs. DS-Field(The ToS Byte Is Re-Defined)
![Page 409: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/409.jpg)
410
DiffServ Architecture
![Page 410: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/410.jpg)
411
Assured Forwarding PHB
Guarantees bandwidth
Allow access to extra bandwidth if available
Four standard classes (af1, af2, af3, af4)
DSCP value range: ”aaadd0” where “aaa is a binary value of the class and “dd” is the drop probability
![Page 411: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/411.jpg)
412
Expedited Forwarding PHB
Guarantees bandwidth with prioritized forwarding
Polices bandwidth—(excess traffic is dropped)
Recommended DSCP value is 101110 (46)
Looks like IP Precedence 5 to non-DS-compliant devices
![Page 412: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/412.jpg)
413
DSCP Usage
DSCP selects the per-hop behavior (PHB) throughout the network:
Default PHB 000000
Class Selector PHB—maps to IP Precedence
Assured forwarding PHB (AF)
Expedited forwarding PHB (EF)
![Page 413: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/413.jpg)
414
DSCP ECNDS Field
DSCP
High Priority = EF = 101110 = 46 Best Effort = 000000 = 0
DROP Precedence
Class #1 Class #2 Class #3 Class #4
Low Drop Precedence
AF11(001010)
10
AF21(010010)
18
AF31011010)
26
AF41(100010)
34
Medium Drop Precedence
AF12(001100)
12
AF22(010100)
20
AF32011100)
28
AF42(100100)
36
High Drop Precedence
AF13(001110)
14
AF23(010110)
22
AF33(011110)
30
AF43(100110)
38
![Page 414: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/414.jpg)
415
MQC—3 Steps to Configure a QoS Policy
1. class-map—Define traffic classes. Apply same class-map to different policies
2. policy-map—Associate policies/actions with each class of traffic
3. service-policy—Attach policies to interfaces (logical or physical) either in input or output
Note: MQC does not equate to CBWFQ CBWFQ is a queuing mechanism configurable via MQC
![Page 415: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/415.jpg)
416
Configuring class-map
Creates a named traffic class
Specifies packet-matching criteria that identifies packets belonging to a class
class-map <class-name>
match <match-criteria>
match not <match-criteria>
match class-map <class name>
![Page 416: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/416.jpg)
417
match-any vs match-all
Define classes consisting of multiple match criteria
class-map match-any <class-name>
match <match-criteria-1> …
match <match-criteria-n>
match-any—When only one match criterion must be met for a packet to match the specified traffic class
match-al—When all match criteria must be met for a packet to match the traffic class. Default when not configured
![Page 417: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/417.jpg)
418
class-map match-any Gold match access-group 101 match dscp EFclass-map match-all Silver match access-group 102
access-list 101 permit ip 10.1.0.0 0.0.0.255 anyaccess-list 102 permit ip 10.2.0.0 0.0.0.255 any
Configuration Example: class-map
![Page 418: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/418.jpg)
419
Implicit pre-existing class—No need to be configured
Contains traffic not matching any user-defined class
Features configurable by referencing class-default directly in a policy-map:
policy-map foo class class-default
<feature>
class-default class
![Page 419: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/419.jpg)
420
Understanding policy-map
Named object representing a set of policies that are to be applied to a set of traffic classes
e.g. Police traffic class to some maximum rate
e.g. Guarantee traffic minimum bandwidth
policy-map <map-name> class <class-map-name-1> <policy-1> <policy-n>
class <class-map-name-n> <policy-n>
![Page 420: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/420.jpg)
421
policy-map wan_policy class Gold bandwidth 512 queue-limit 64 random-detect class Silver bandwidth 256 class class-default fair-queue
Configuration Example: policy-map
![Page 421: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/421.jpg)
422
service-policy Command
Used to attach a policy-map and thereby the associated policies to an interface, subinterface, PVC, etc.
Indicate input or output direction
(config-if)#service-policy {[output | input policy-name]}
![Page 422: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/422.jpg)
423
Hierarchical Policies
Parent PolicyClass-default
Shape
Class 2Bandwidth
Class 1Priority
Child Policy
![Page 423: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/423.jpg)
424
Hierarchical Policies
Configure the child or second-level policy
policy-map child class http bandwidth <bw specification> class ftp
Configure the parent or first-level policy
policy-map parent class class-default shape average <CIR> service-policy child
![Page 424: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/424.jpg)
425
Other MQC Features with shape
With MQC you can use several QoS features simultaneously in the same policy-map
bandwidth—minimum bandwidth guarantee
shape—maximum rate limit (with buffering)
Police—limits traffic rate (no buffering)
Set—marking
Priority—configures LLQ
…
Note: Not all combinations are supported and/or make sense
![Page 425: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/425.jpg)
426
Classification/Marking Options
Ip precedence/DSCP Values
Other Values
Layer 2—802.1Q, ISL, CLP Bit, DE Bit
MPLS—Experimental Bits
NBAR— (L4, dynamic ports)
Traditional—ACLs, qos-group
![Page 426: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/426.jpg)
427
Three Bits Used for CoS(User Priority bits)
Three Bits (3 LSB of User Field) Used for CoS
Standard IPV4: Three MSB Called IP PrecedenceDiffServ: Six MSB Called DSCP Plus Two for ECN
Layer 2802.1Q/p
Layer 2ISL
Layer 3IPV4
Marking and Classification
VersionLength Len ID Offset TTL Proto FCS IP-SA IP-DA Data
Encapsulated Frame
FCSDATAPTSADASFDPREAM.
FCS4 Bytes
ISL Header26 Bytes
TAG4 Bytes
ToS1 Byte
![Page 427: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/427.jpg)
428
Marking Options
Marking Can Be Done via
CAR (Committed Access Rate)
CBpolicing
CBmarking
PBR (Policy Based Routing)
QPPB (QoS Policy Propagation via BGP)
![Page 428: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/428.jpg)
429
Classification Options
router(config-cmap)#match ? access-group Access group any Any packets class-map Class map cos IEEE 802.1Q/ISL class of service/uses priority values
destination-address Destination address input-interface Select an input interface to match
ip IP specific values (prec, dscp, rtp)
mpls Multi Protocol Label Switching specific values
not Negate this match result protocol Protocol qos-group Qos-group source-address Source address
![Page 429: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/429.jpg)
430
Queuing
Queuing + Scheduling = Congestion Management
Buffering packets in queues
Scheduling packets out of the queues
Outbound Packets
Scheduler
Packets inVarious Queues
![Page 430: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/430.jpg)
431
Congestion Management—Queuing and Scheduling
Queuing
Congestion management entails the creation of queues, assignment of packets to those queues based on classification
Scheduling
Congestion management controls congestion by determining the order in which packets are sent from different queues out an interface based on packet priorities.
Scheduling policy specifies how packets of different classes are served with respect to each other. Example scheduling policies include FIFO and WFQ
![Page 431: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/431.jpg)
432
Backpressure
‘Backpressure’ is the term used for the mechanism which triggers the congestion management (queuing and scheduling)
Backpressure comes from
tx-ring of an interface is full
Token-bucket of a shaper is empty
Others (platform specific like tofab queuing on GSR)
![Page 432: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/432.jpg)
433
scheduler
What’s a txQ ?
Every interface has 2 sets of queues Software queues ( FIFO, WFQ, …)
Any type of software queuing other than FIFO is also referred to as FANCY Queuing
Hardware queue ( =TxQ ) which is always FIFO!The TxQ, also called tx-ring, is a FIFO queue in between the scheduler and the interface asic
Software Q 1
Software Q n
Tx-ring
Wire Signal
![Page 433: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/433.jpg)
434
CBWFQ—MQC Config Example
policy-map mypolicy
class multimedia
bandwidth 3000
class www
bandwidth 2250
class ftp
bandwidth 1500
class class-default
bandwidth 750
![Page 434: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/434.jpg)
435
#sh policy-map interface e1/1
Ethernet1/1
Service-policy output: mypolicy
Class-map: multimedia (match-all)
0 packets, 0 bytes
5 minute offered rate 0 bps, drop rate 0 bps
Match: access-group 101
Weighted Fair Queueing
Output Queue: Conversation 264
Bandwidth 3000 (kbps) Max Threshold 64 (packets)
(pkts matched/bytes matched) 0/0
(depth/total drops/no-buffer drops) 0/0/0
CBWFQ—MQC Verification
![Page 435: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/435.jpg)
436
Low Latency Queueing (LLQ) aka priority Command
Implements both a minimum and maximum bandwidth guarantee
It is a strict priority queue with a specified amount of available bandwidth
During congestion, LLQ cannot use any excess bandwidth. This is achieved with a conditional, built-in policer
![Page 436: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/436.jpg)
437
policy-map wan_policy
class Gold
priority 512
class Silver
bandwidth 256
class class-default
random-detect
Configuration Example:Low Latency Queuing (LLQ)
show policy-map interface
Verification
![Page 437: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/437.jpg)
438
Policing vs. ShapingT
raff
ic
Time
Traffic Rate
Tra
ffic
Time
Traffic Rate
Policing
Tra
ffic
Time
Traffic RateTraffic Rate
Tra
ffic
Time
Shaping
Data Lost
Data Preserved
![Page 438: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/438.jpg)
439
Ways to Limit Throughput
Common mechanism to meter traffic is a Token Bucket
Policing
CAR, CBpolicing: Token bucket(s), NO queue
Conform/exceed actions are configurable
Traffic Shaping
GTS, FRTS, CBshaping: Token bucket + queue
Conform/exceed actions are always transmit/queue
![Page 439: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/439.jpg)
440
Token Bucket
Bc Tokens are Added Every Tc
The Packets are Sent at Access Speed as Long as There are Enough Tokens
Bc + Be: Is the Maximum Number of Token-bits That you Can Store
Tc=Bc/CIR : Time Interval Between 2 Replenishments of Token Bucket (with Bc tokens)
![Page 440: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/440.jpg)
441
Bc = 1M CIR = 1Mbps
Tc—Interval—Hypothetical Example
Time (s)
Rat
e (M
bp
s)
=> TC = 1s
1 2 3
1
2
Bc Bc
If there is continuous traffic, then on average we achieve a shaped rate of 1M (2M during 1/2s, every second = 1Mbps)
interface rate = 2Mbps
Tc1 Tc2 Tc3
![Page 441: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/441.jpg)
442
Be—Excess Burst
Token Bucket Dimensioning:
Every Tc, we add Bc tokens
Allow the token bucket to grow as deep as Be + Bc if not all Bc tokens are used in an interval Bc
Be
![Page 442: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/442.jpg)
443
Class-Based Shaping
Shaping on a class via MQC (shape command)
Classification with extensive MQC match criteria (e.g. NBAR)
Shaping queue is WFQ, CBWFQ, or LLQ
Two forms:
shape average
shape peak
shape {average | peak} [percent percent] [bc] [be]
![Page 443: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/443.jpg)
444
Average vs. Peak
Difference in number of tokens given per Tc and how excess tokens are accrued:
Average—Bc only is added every Tc to the token bucket
Peak—Bc+Be is added every Tc to the token bucket
(To burst at Bc + Be)
Average rate shaper must be idle for some time to build Be with unused tokens added by Bc
Peak rate shaper gets increment of Bc + Be per Tc and does not need to be idle
![Page 444: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/444.jpg)
445
CBShaping: shape average
policy-map SHAPING class AF shape average 241000
Router# show policy interface Serial 3/0
…
Traffic Shaping
Target Byte Sustain Excess Interval Increment Adap
Rate Limit bits/int bits/int (ms) (bytes) Active
241000 1928 7712 7712 32 964 -
Queue Packets Bytes Packets Byte
Depth Delayed Delayed Active
41 3980 978872 3967 975686 yes
![Page 445: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/445.jpg)
446
CBpolicing—Actions
R2(config-pmap-c)#police 30000 conform-action ?
drop drop packet
exceed-action action when rate is within conform and
conform + exceed burst
set-clp-transmit set atm clp and send it
set-discard-class-transmit set discard-class and send it
set-dscp-transmit set dscp and send it
set-frde-transmit set FR DE and send it
set-mpls-exp-imposition-transmit set exp at tag imposition and send it
set-mpls-exp-topmost-transmit set exp on topmost label and send it
set-prec-transmit rewrite packet precedence and send it
set-qos-transmit set qos-group and send it
transmit transmit packet
![Page 446: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/446.jpg)
447
Multi-Action Policers
Two or more set parameters as a conform, exceed or violate action
policy-map QOS class class-default police cir 80000 pir 100000 conform-action transmit exceed-action set-prec-transmit 4 exceed-action set-frde-transmit violate-action set-prec-transmit 2 violate-action set-frde-transmit
![Page 447: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/447.jpg)
448
Hierarchical Policer
Policy Map outer_police Class class-default police cir 110000 bc 5000 be 5000 conform-action transmit exceed-action drop violate-action drop service-policy inner_police
Policy Map inner_police Class ef police cir 10000 bc 1500 conform-action transmit exceed-action drop
![Page 448: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/448.jpg)
449
Trust Boundaries
Trust Boundary
Endpoints Access Distribution CoreWAN
Aggregation
1
2
3
A device is trusted if it correctly classifies packets For scalability, classification should be done as close to the edge as possible The outermost trusted devices represent the trust boundary and are optimal, is acceptable (if the access switch cannot perform classification)1 2 3
![Page 449: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/449.jpg)
450
Catalyst Qos—Gotchas
Understand the concept of (un)trusted ports
‘mls qos’ needs to be enabled first in global config mode
Most catalysts have their own CLI for configuring various features (e.g. queuing)—not always MQC!
Every catalyst model has its own restrictions and qos featureset
Be familiar with 3550 and 3560 specific implementations
Read UCD!
![Page 450: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/450.jpg)
451
WRR Queuing with WRED (Gig Only) or Tail-Drop (Default)
Optional Expedite Queue
Identify and Class Traffic with an Internal DSCP or Trust Existing QoS Value and Map to Internal DSCP
Done on a per Interface Basis
Classification/Reclassification
Policing Marking
Queue/Schedule
Congestion Control
QoS Actions at Ingress
QoS Actions at Egress
Catalyst QoS: Catalyst 3550 Operation
![Page 451: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/451.jpg)
452
QOS—3560 Switch
Packets are assigned an internal QoS label
Queuing is done via SRR (Shaped Round Robin)
Classify
Policer
Policer
Policer
Policer
Marker
Marker
Marker
Marker
IngressQueues
EgressQueues
SRRSRR
![Page 452: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/452.jpg)
453
References
End-to-End QoS Network Design Quality of Service in LANs, WANs, and VPNs, by Tim Szigeti, Christina Hattingh
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/index.htm
http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/index.htm
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/index.htm
www.cisco.com/go/qos
![Page 453: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/453.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 454
Q and A
![Page 454: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/454.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 455
Session 10:
Troubleshooting
![Page 455: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/455.jpg)
456
Agenda
Overview
Troubleshooting approach
Sample scenario
Sample lab question
![Page 456: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/456.jpg)
457
Overview
“The minimally qualified Routing and Switching CCIE can abstract functional elements of a complex network environment, understand how infrastructure components interoperate, grasp subtle issues, perceive problem areas, and quickly resolve problems. The expert’s fluency makes them ideally suited for configuring and validating implementations, troubleshooting critical network issues, and participating in network design teams.”
Definition of a Minimum Qualified R&S CCIE Candidate (from the
Exam Design Session)
![Page 457: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/457.jpg)
458
Troubleshooting Approach
When analyzing a problem you should consider the following facts:
Make sure you have a clear definition of the problem.
Gather all the relevant facts and consider the likely possibilities.
Create and implement an action plan and then observe the results.
If the symptoms do not stop try another action plan and gather additional facts. If you try one thing and it doesn’t work you should take that configuration or feature off. In case you make the situation worse, always keep the basic and get back to a known position.
If the symptoms do stop, document how you fixed the problem.
![Page 458: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/458.jpg)
459
Sample TS Lab Scenario
E0/0
S0/0
Frame Relay
R5
R4
R3
R2
EIGRP 10
OSPF Area 0
R1R6
OSPF Area 3
R8
R7
R9
OSPF Area 1NSSA
OSPFArea 2Stub
E0/0
E0/0
E0/0E0/0
E0/0
E0/0
E1/0
E1/0
E2/0
E2/0
S0/0S0/0
S1/0DCE
S1/0
NetworkYY.YY.0.0/16
.1.49/28.1.50/28
.1.18/29
.1.19/29
.1.17/29
.0.10/30.0.9/30
.1.33/28
.1.34/28
.0.65/28
.0.66/28
E1/0
.0.97/28.0.98/28
.0.112/28
.0.113/28
.0.81/28
.0.82/28
Lo0= .0.4/32
Lo0= .0.1/32
Lo0= .1.3/32
Lo0= .1.2/32
Lo0= .1.1/32
Lo0= .0.3/32
Lo0= .0.2/32
Lo0= .1.5/32
Lo0= .1.4/32
![Page 459: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/459.jpg)
460
Sample TS Lab Scenario (Cont.)
R1R6
R8
Lo0: 2001:404:200::1S2/0: 2001:303:100::1
Lo0: 2001:200:208::8E0/0: 2001:308:806::8
E1/0: 2001:300:608::6
OSPFv3
EIGRPv6
Lo0: 2001:333:600::6S2/0: 2001:303:100::6
IPv6 topology
![Page 460: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/460.jpg)
461
Sample TS Lab Scenario (Cont.)
Incident 8Router R1 cannot ping the IPv6 route 2001:200:208::8. 1 fault - Score: 2 Points
Issue:R1#ping ipv6 2001:200:208::8<…>..... IPv6 ping failsSuccess rate is 0 percent (0/5)Verification:R1#ping ipv6 2001:200:208::8!!!!! IPv6 ping success
Possible cause(s)• Address configuration• Routing protocols configuration• Redistribution configuration• Other?
![Page 461: Ccie Rs Lab Prep](https://reader033.vdocuments.mx/reader033/viewer/2022061111/5455e121b1af9f27308b4c30/html5/thumbnails/461.jpg)
© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicTECCCIE-3000_c3 462
Q and A