CCNP Practical Studies: Routing [illustrated edition] 9781587200540, 1587200546

Citation preview

CCNP Pract ical St udies: Rout ing Henry Benj am in Publisher : Cisco Pr ess First Edit ion April 12, 2002 I SBN: 1- 58720 -0 5 4- 6, 576 pages

Fr on t Mat t er Table of Cont ent s I n dex About t he Aut hor

I ndispensable as bot h a r out er configur at ion guide and a pr epar at ion t ool for t he CCNP Rout ing exam , CCNP Pr act ical St udies: Rout ing w ill pr epar e you for t he exam and give you t he hands- on ex per ience t o apply y our k now ledge on t he j ob. CCNP Pr act ical St udies: Rout ing pr ov ides y ou w it h rout ing and configur at ion infor m at ion fr om I P basics t o adv anced r out ing concept s and pr ot ocols, such as BGP and IS- I S. Each chapt er focuses on a specific r out ing t echnology or pr ot ocol w it h a bat t er y of scenar ios and pr act ical ex er cises t hat y ou can eit her configur e using your hom e, w or k , or r em ot e- access lab equipm ent or follow along by r ev iew ing t he book ’s ex am ple t ask s. The fiv e lab scenar ios in each chapt er ser v e t o challenge y our under st anding of t he chapt er t opics and m easur e y our apt it ude as a CCNP candidat e, w hile pr ov iding concr et e ex am ples of t he challenges faced in r eal- w or ld configur at ion. CCNP Pract ical St udies: Rout ing pr ov ides y ou w it h pr act ical infor m at ion on all of t he im por t ant concept s cent r al t o t he CCNP Rout ing exam , including basic and advanc ed BGP and OSPF, EI GRP, r out e r eflect or s, I P r out ing pr inciples, and I S I S. Begin w it h basic lab scenar ios t hat cov er display ing and analyzing I P r out ing t ables and using show and debug com m ands. Then gr aduat e t o m or e adv anced lab scenar ios, such as rout ing bet w een a classful and a classless net w or k ; configur ing VLSM; and w or king w it h m ult ihom ed BGP and connect ions t o I SPs. Lab scenar ios at t he end of t he book t ak e y ou st ep- by- st ep t hr ough r out e opt im izat ion and r edist r ibut ion. This book also cont ains a bonus CCI E( r) - level lab, w hich t ak es y ou bey ond t he pr ofessional lev el labs and ont o t he next st ep in becom ing a hands- on r out ing ex per t . Whet her y ou ar e seek ing pr act ical k now ledge t o enhance your preparat ion for t he CCNP Rout ing exam or you are a newly m int ed CCNP looking for hands- on ex per ience t o hone your on- t h e- j ob skills, CCNP Pract ical St udies: Rout ing has w hat y ou need t o t ak e y our pr act ical r out ing sk ills t o

1

t he next level. This book is par t of t he Cisco Pr ess Pr act ical St udies Ser ies, w hich offer s reader s a m eans t o apply t heor et ical k now ledge t hr ough hands- on lab scenarios. This unique appr oach enables r eader s t o pr act ice and hone t heir int er net w or k ing sk ills w hile pr epar ing for Cisco cer t ificat ion exam s.

CCNP® Pract ical St udies: Rout ing About t he Aut hor About t he Technical Reviewers Ack now ledgm ent s I nt r oduct ion Goals of This Book Audience Chapt er Or ganizat ion How Best t o Use This Book Get t ing Equipm ent How t o Use The Book if You Cannot Get Equipm ent Com m and Sy nt ax Conv ent ions Conclusion 1. I nt er net Pr ot ocol Basic I nt er net Pr ot ocol Variable - Lengt h Subnet Masks ( VLSM ) Sum m ar izat ion and How t o Configur e Sum m ar izat ion I P Helper Address Scenarios Scenario 1- 1: Configuring a Cisco Rout er for I P Scenario 1- 2: Efficient ly Configuring a Net w ork for I P Scenario 1- 3: Configur ing I P VLSM for a Lar ge Net w or k Scenario 1- 4: Sum m ar izat ion w it h EI GRP and OSPF Scenario 1- 5: Configuring I P Helper Address Pract ical Exercise: I P Review Quest ions Sum m ary 2. Rout ing Pr inciples Rout ing I P on Cisco Rout ers Dist ance Vect or and Link- St at e Rout ing Pr ot ocols Scenarios Scenario 2- 1: Rout ing I P on Cisco Rout ers Scenario 2- 2: Basic OSPF Scenario 2- 3: Basic I GRP

2

Scenario 2- 4: Basic EI GRP Scenario 2- 5: Using t he show , ping, t r ace, and debug Com m ands Pr act ical Ex er cise: RI P Ver sion 2 Review Quest ions Sum m ary 3. Basic Open Shor t est Pat h Fir st Basic OSPF Configuring OSPF in a Single Area OSPF and Nonbr oadcast Mult iaccess Env ir onm ent s Scenarios Scenario 3- 1: Configur ing OSPF in a Single Ar ea Scenario 3- 2: Configuring OSPF in Mult iple Ar eas Scenario 3- 3: How OSPF Monit or s, Manages, and Maint ains Rout es Scenario 3- 4: OSPF over Fram e Relay in an NBMA Environm ent Scenario 3- 5: Verifying OSPF Rout ing Pr act ical Exercise: Rout ing OSPF Review Quest ions Sum m ary 4. Adv anced OSPF and I nt egr at ed I nt er m ediat e Sy st em- t o- I nt er m ediat e Sy st em Adv anced OSPF I nt egr at ed I nt er m ediat e Sy st em- t o- I nt er m ediat e Sy st em Scenarios Scenario 4- 1: Configur ing OSPF w it h Mult iple Ar eas Scenario 4- 2: Configur ing OSPF Sum m ar izat ion Scenario 4- 3: Configur ing I nt egr at ed I S - IS Scenario 4- 4: OSPF and I nt egrat ed I S - I S Redist ribut ion Scenario 4- 5: Recom m endat ions for Designing OSPF Net w orks Pract ical Exercise: OSPF and RI P Redist ribut ion Review Quest ions Sum m ary 5. Enhanced I nt er ior Gat ew ay Rout ing Pr ot ocol I nt r oduct ion t o Enhanced I nt er ior Gat ew ay Rout ing Pr ot ocol ( EI GRP ) Discovering and Maint aining Rout es in EI GRP EI GRP in NBMA Env ir onm ent s EI GRP Rout e Sum m arizat ion and Large I P Net w ork Support Scenarios Scenario 5- 1: Conf igur ing EI GRP Scenario 5- 2: Sum m ar izat ion w it h EI GRP Scenario 5- 3: EI GRP and VLSM Scenario 5- 4: Configur ing Adv anced EI GRP and Redist r ibut ion Scenario 5- 5: Verifying EI GRP Configur at ion Pract ical Exercise: EI GRP Review Quest ions Sum m ary 6. Basic Bor der Gat ew ay Pr ot ocol Basic Border Gat ew ay Prot ocol ( BGP4) Defined BGP At t ribut es Configuring BGP Scenarios

3

Scenario 6- 1: EBGP and I BGP Scenario 6- 2: BGP and St at ic Rout es Scenario 6- 3: BGP w it h Policy- Based Rout ing Scenario 6- 4: BGP w it h Com m unit ies and Peer Groups Scenario 6- 5: Ver ify ing BGP Oper at ion Pr act ical Ex er cise: EBGP and At t r ibut es Review Quest ions Sum m ary 7. Advanced BGP Scalabilit y w it h Border Gat ew ay Prot ocol ( BGP4) Configuring Rout e Reflect ors Mult ihom ing Connect ions t o t he I nt er net Scenarios Scenario 7- 1: Configur ing Rout e Reflect or s Scenario 7- 2: Configur ing Advanced BGP Rout e Reflect or s Scenario 7- 3: Configur ing Dual- Hom ing I SP Connect ions Scenario 7- 4: Configur ing Pr efix List s Scenario 7- 5: Monit or ing BGP and Ver ifying Cor r ect Oper at ion Pract ical Exercise: Advanced BGP Review Quest ions Sum m ary 8. Rout e Redist r ibut ion and Opt im izat ion Cont r olling Rout ing Updat es Redist ribut ion Defined Redist r ibut ing fr om Classless t o Classful Pr ot ocols Cisco I OS Com m and Synt ax for Redist r ibut ion Scenarios Scenario 8- 1: Redist ribut ing Bet w een RI P and I GRP Scenario 8- 2: Migrat ing from RI P t o OSPF in t he Core Scenario 8- 3: Redist r ibut ing Bet w een EI GRP and OSPF Scenario 8- 4: Rout e Sum m ar izat ion Using St at ic Rout es Scenario 8- 5: Rout e Sum m ar izat ion Wit hout Using St at ic Rout es Pract ical Exercise: Redist r ibut ion Review Quest ions Sum m ary 9. CCNP Rout ing Self - St udy Lab How t o Best Use This Chapt er The Goal of t he Lab Physical Connect ivit y ( 1 Hour) Cat alyst Swit ch Set up 6509 ( 0. 25 Hours) I P Address Configurat ion ( 0.5 Hours) I GP Rout ing ( 7 Hours) BGP Rout ing Configurat ion ( 5 Hours) Self - St udy Lab Solut ion Sum m ary A. St udy Tips St rat egies for Cisco Exa m Pr epar at ion Hands- On Ex per ience St r at egies for t he Ex am

4

Cisco Cer t ificat ion St at us B. What t o Do Aft er CCNP ? St eps Requir ed t o Achiev e CCI E Cer t ificat ion CCI E Qualificat ion Exam Test For m at CCI E Lab Exam Test Form at C. Answ er s t o Review Quest ions Chapt er Chapt er 1 Chapt er Chapt er 2 Chapt er Chapt er 3 Chapt er Chapt er 4 Chapt er Chapt er 5 Chapt er Chapt er 6 Chapt er Chapt er 7 Chapt er Chapt er 8 D. CCI E Preparat ion —Sam ple Mult ipr ot ocol Lab Basic Set up ( 1 Hour) I P Configur at ion and I P Addr essing ( No Tim e) Fram e Relay Set up ( 0.5 Hours) I GP Rout ing ( 3 Hours) I PX Configurat ion ( 1 Hour) Basic I SDN Configurat ion ( 0.5 Hours) DLSw + Configurat ion ( 0.75 Hours) Flash Configur at ion ( 0.20 Hour s) VTY Changes ( 0.20 Hours) HTTP Ser ver ( 0.20 Hour s) Cat alyst 6509 Password Recovery ( 0.20 Hours) Privat e Address Space Allocat ion ( 0.20 Hours) BGP Rout ing Configurat ion ( 0.75 Hours)

About t he Aut hor

5

H e n r y Be n j a m in is a dual Cisco Cert ified I nt ernet Expert ( CCI E # 4695) , having been cert ified in Rout ing and Sw it ching in May 1999 and I SP Dial in June 2001. His ot her Cisco cer t ificat ions include CCNA and CCDA. He has m or e t han 10 year s exper ience in Cisco net w or ks, including planning, designing, and im plem ent ing lar ge I P net w or ks r unning I GRP, EI GRP, BGP, and

6

OSPF. Recent ly , Henr y w or k ed for Cisco Sy st em s, I nc. in t he int er nal I T depar t m ent as a k ey net w or k designer , designing and im plem ent ing net w or k s all ov er Aust r alia and Asia. I n t he past t w o year s, Henr y has been a key m em ber of t he CCI E global t eam based in Sydney, Aust r alia. As a senior and cor e m em ber of t he t eam , his t asks include w r it ing new labor at or y ex am inat ions and w r it t en quest ions for t he cov et ed CCI E R/ S cer t ificat ion, r ecert ificat ion ex am inat ions, and I SP labor at or y ex am inat ions. Pr oct or ing candidat es fr om all par t s of t he w or ld is a fav or it e past im e of his. Henr y has aut hor ed anot her book , CCI E Rout ing and Sw it ching Exam Cr am : Exam : 350001, for t he CCI E qualificat ion exam i nat ion and helped edit m any ot her t it les. Henr y holds a bachelor of aer onaut ical engineer ing degr ee fr om Sy dney Univ er sit y in Aust r alia.

Abou t t h e Te ch n ica l Re v ie w e r s Fr a n k Ar t e a ga w or k s as a suppor t engineer for Cisco Sy st em s, I nc. in Sy dney , Aust r alia. He holds a bachelor of engineer ing in t elecom m unicat ions degr ee as w ell as a m ast er s degr ee in m ult ichannel com m unicat ions, a Gr aduat e Diplom a in I nfor m at ion Sy st em s, and a Gr aduat e Cer t ificat e in I nt er net w or k ing. Fr ank has 11 y ear s of ex per ience in t he comput er indust r y and is also a CCNP, CCNA, CNE, and CNA. Pr ior t o w or k ing at Cisco, Fr ank has done consult ing, design, and suppor t w or k for com panies, such as EDS, Qant as, Schindler Lift s, The Univ er sit y of New Sout h Wales, and PDVSA. Ed d ie Ch a m i has t hr ee y ear s of net w or k ing ex per ience. Eddie ent er ed Cisco Sy st em s t w o y ear s ago, w her e he j oined t he Technical Assist ance Cent er ( TAC) at Cisco Syst em s in Aust ralia. During t his period, he at t ained his CCI E in Rout ing and Sw it ching and has also proct ored CCI E R/ S exam s. Wit h his ext ensive know ledge in t he net w or k ing field, Eddie found gr eat sat isfact ion in not only lear ning fr om ot her s but also t eaching ot her s. He is cur r ent ly w or king w it h t he WAN t eam , helping cust om er deploy m ent s and t r oubleshoot ing day - t o- day net w or k connect ivit y. Eddie's ot her int er est s ar e in t he ar eas of opt ical, DSL, w ir eless, and high- speed net w or ks. Eddie has a diplom a in aviat ion st udies and a com m er cial pilot license. His hobbies ar e spor t s, r eading, and fly ing. Cur r ent ly , Eddie is br oadening his knowledge in t he opt ical space field; he also has gr eat int er est s in GMPLS. He can be cont act ed at echam i@cisco. com.

Ack n ow le dgm e n t s Cisco Pr ess w as w onder ful t o w or k w it h—no bones about it . The t eam at Cis co Pr ess includes an am azing fam ily of har d- w or k ing people. I t has been a t r ue pleasur e t o be inv it ed t o w r it e t his book . Any aspir ing aut hor in t his field should ser iously consider w or k ing w it h Cisco Pr ess. I n par t icular , at Cisco Pr ess, I 'd lik e t o t hank Michelle St r oup for int r oducing m e t o t his pr oj ect and Andr ew Cupp for t he t ir eless w or k on t his book and com plet e t r ust in m e. Thank you Tam m i Ross for being such a gr eat help. I 'd also like t o t hank San Dee Phillips, Sydney Jones, Tim Wr ight , and Oct al Publishing, I nc. for all of t heir exper t w or k on t his book. I f I ever w r it e anot her book, it w ill be only w it h t he fine folks at Cisco Pr ess.

7

The t echnical edit or s, Eddie, Fr ank , and Dav in, pr ov ided v aluable t echnical ex per t ise, and all t hr ee show ed t hey hav e t he t echnical ex per t ise and k een ey e for det ail t o becom e accom plished aut hor s t hem selv es. Dav in and Eddie ar e CCI Es t hat I had t he pleasur e of passing, and I eager ly aw ait Fr ank 's at t em pt in t he near fut ur e. I w ould also like t o t hank m y w ife, Sharon, and m y one and only son, Sim on, w ho t ur ned eight y ear s old w hile I w as com plet ing t his book . I w as alw ay s gr at eful t o t hem bot h for t heir under st anding and k now ing w hen I needed t im e t o com plet e t his proj ect . I t reasure m y t im e wit h m y fam ily and m y growing lit t le boy who m akes m e pr oud t o be his dad. Sim on, I love you t o t he sun and keep going ar ound for ever and ever. This book would have never been writ t en if m y m um and dad had never t old m e t o st udy. Thank you Dad. Thank you Mum .

I nt r oduct ion The Cisco Cer t ified Net w or k Pr ofessional ( CCNP) cer t ificat ion on t he Rout ing and Sw it ching car eer t r ack is becom ing incr easingly popular . CCNP cer t ificat ion builds on y our foundat ion est ablished fr om t he Cisco Cer t ified Net w or k Associat e ( CCNA) cert ificat ion. The Ro ut ing 2.0 exam is one of t he exam s t hat you m ust pass t o becom e a CCNP. This book pr ov ides y ou w it h a pr act ical w ay t o pr epar e for t he Rout ing ex am inat ion and enables y ou t o obt ain som e pr act ical sk ills r equir ed t o fully appreciat e t he pow er of rout ing in any env ir onm ent . Pr ofessional- lev el cer t ificat ions, such as CCNP, open t he door t o m any car eer oppor t unit ies. CCNPs t oday ar e v aluable com par ed t o ev en CCI Es, based on t he fact t hat a com pany can hir e m any CCNPs w ho ar e t echnically v er y sound and can pr ov ide qualit y t echnical sk ills w it hout t he burden of paying large am ount s for a single individual w ho m ay have m ore ex per t ise but w hose v ast ex per t ise isn't necessar y for t hat com pany 's needs. By dem onst r at ing t he det er m inat ion t o pr epar e for and pass t he ext ensiv e CCNP ex am pr ocess, CCNPs also dem onst r at e a st r ong desir e t o succeed. CCNPs, t hr ough t he ex am inat ions r equir ed, dem onst r at e a lar ge k now ledge base t hat can be built upon w it h alm ost any com pany r unning any t echnology. Passing t he Rout ing 2.0 exam m e ans t hat y ou hav e m ast er ed t he concept s and im plem ent at ion sk ills necessar y t o build a com plex I P net w or k of Cisco r out er s. This is a gr eat skill and dem onst r at es t o any em ployer t hat you ar e r eady for any challenges t hat m ight be asked of you. CCNP Pr act ical St udies: Rout ing is int ended t o help y ou m ov e concept s and t heor ies int o pr act ical ex per ience on Cisco r out er s. N OTE The Rout ing 2.0 exam is a com put er- based exam wit h m ult iple - choice, fill- in- t h eblank, and list - in- or der st yle quest ions. The exam can be t ak en at any Sy lv an Pr om et r ic t est ing cent er ( 1- 800- 829- NETS, w w w . 2 t est . com) . The exam t akes appr ox im at ely 75 m inut es and has appr ox im at ely 60 quest ions. You should check w it h Sylvan Pr om et r ic for t he exa ct lengt h of t he ex am . The ex am is const ant ly under r ev iew , so be sur e t o check t he lat est updat es fr om Cisco at w w w .cisco.com / w ar p/ public/ 10/ w w t r aining/ .

8

Goa ls of Th is Book The prim ar y goal of t his book is t o ensur e t hat a CCNP candidat e has all t he pr act ical skills and know ledge r equir ed t o pass t he Rout ing 2.0 exam inat ion. Most Cisco cer t ificat ions r equir e pr act ical sk ills, and t he only w ay t o pr ov ide y ou w it h t hose sk ills is t o dem onst r at e t hem in a w or k ing env ir onm ent t hat uses com m on Cisco- defined t echniques. Having read m any books, I know t hat t echnical cont ent alone w ill pr obably not allow y ou t o at t ain t he sk ills necessar y t o pass a Cisco ex am inat ion. The second goal of t his book is t o pr ovide you w it h com pr ehensive cover age of Rout ing 2. 0 ex am- r elat ed t opics, w it hout t oo m uch cov er age of t opics not on t he ex am . Ult im at ely , t he goal of t his book is t o get y ou fr om w her e y ou ar e t oday t o t he point t hat y ou can confident ly pass t he Rout ing 2.0 ex am . Ther efor e, all t his book 's feat ur es, w hich ar e out lined in t his int r oduct ion, ar e gear ed t ow ar d helping y ou discov er t he I P r out ing challenges and configur at ion scenar ios t hat ar e on t he Rout ing exam , w her e you have a know ledge defic iency in t hese t opics, and w hat y ou need t o k now t o m ast er t hose t opics. The best m et hod t o accom plish t his is t o dem onst r at e t hese t opics and pr ov ide a st ep- by- st ep pr act ical st udies guide.

Au die n ce CCNP Pract ical St udies: Rout ing is t ar get ed t o net w or king pr ofessionals, fam iliar w it h net w or k ing concept s and t he pr inciples of r out ing t heor y , w ho desir e a hands- on appr oach t o apply ing t heir k now ledge. This book is designed t o allow a r eader , in a st r uct ur ed m anner , t o configur e an ent ir e net w or k consist ing of v ar ious t opologies, t echnologies, and r out ing pr ot ocols fr om st ar t t o finish. You should have CCNA - level k now ledge t o use t his book t o it s full ex t ent . Each chapt er st ar t s by br iefly descr ibing t he t echnology t hat is cov er ed in t he pr act ical por t ion of t he chapt er . This t echnology back gr ound is br ief and assum es t he r eader has a st r ong t echnical back gr ound and now desir es a pr act ical env ir onm ent t o apply t his knowledge. The bulk of each chapt er cont ains fiv e scenar ios, w hich pr ov ide y ou w it h an opport unit y t o apply t he m at er ial at hand pr act ically w it h t he aid of com plet e ex planat ions. A Pr act ical Ex er cise, at t he end of each chapt er , let s y ou t est y our self by apply ing y our k now ledge w it hout t he benefit of t he inline ex planat ions t hat ar e provided in t he scenar ios. You can assess your m ast er y of t he subj ect s by looking ov er t he Pr act ical Ex er cise solut ion. Finally , each chapt er ends w it h a ser ies of r ev iew quest ions designed t o allow y ou t o fur t her assess y our k now ledge of t he t echnology cov er ed. The final chapt er in t he book is a special chapt er t hat r einfor ces all t he concept s and t echnologies cov er ed in t his guide int o one com plex scenar io. Chapt er 9, “ CCNP Rout ing Self - St udy Lab,” is designed t o assist you in your final pr epar at ion for t he Rout ing exam by pr oviding you a lab scenar io t hat incor por at es m any t echnologies and concept s. Det ailed solut ions and t ips ar e pr ov ided t o guide y ou t hr ough t he configur at ions. By w or k ing t hr ough t hese v ar ious elem ent s, y ou w ill not only gain m or e confidence nav igat ing w it hin t he Cisco I OS but also an under st anding of how t hese v ar ious net w or k ing concept s r elat e. Var ious help t ools and aut hor ex per ience ar e included t o

9

ensur e t hat you ar e fully aw ar e of any pr oblem at ic configur at ions and challenges t hat face net w or k designer s in t oday 's lar ge net w or k s. The end r esult is t hat you w ill becom e a m or e com plet e net w or k engineer r eady t o t ack le and design any I P r out ing solut ion. CCNP Pr act ical St udies: Rout ing is for individuals st udying for t he CCNP Rout ing 2.0 exam w ho w ould like t o apply t heir k now ledge w hile pr epar ing t hem selv es for t he ex am . Again, t his book w as w r it t en assum ing you have CCNA- lev el ex per ience and k now ledge concer ning Cisco rout er s and r out ing pr ot ocols.

Ch a pt e r Or ga n iz a t ion This book has nine chapt er s. Each chapt er ( ex cept Chapt er 9) cont ains br ief back gr ound infor m at ion, fiv e scenar ios w it h det ailed explanat ions and full Cisco I OS configur at ions, a Pr act ical Ex er cise w it h solut ions, and r ev iew quest ions. This book also cont ains four appendixes. I n each chapt er , follow ing t he scenar ios, one pr act ical lab r equir es y ou t o configur e t he net w or k on your ow n. The solut ion cont ains t he full configur at ion, so r eader s w it hout net w or k equipm ent can st ill follow t he configur at ion r equir em ent s. A Rev iew Quest ions sect ion follow s each Pr act ical Ex er cise t o ensur e t hat y ou digest t he fundam ent al t er m s and conc ept s pr esent ed in each chapt er . The follow ing subsect ions br iefly descr ibe t he subj ect of each chapt er and appendix .

Cha pt er 1 , “I nt e r ne t Pr ot ocol” Chapt er 1 cover s basic I P addr essing, var iable - lengt h subnet m asks, and subnet t ing t opics. I P concept s ar e r ev iew ed and ex plained, follow ed by an ex planat ion of t he I P r out ing t able on Cisco rout ers and inst r uct ions about how t o m inim ize t he I P r out ing t able using sum m ar izat ion.

Cha pt er 2 , “Rout ing Principles” Chapt er 2 cov er s t he basic infor m at ion r equir ed on Cisco r out er s t o r out e I P dat a acr oss an I P net w or k . Topics include w hat a dist ance- vect or pr ot ocol is and how t o configur e one on Cisco r out er s. Link- st at e r out ing pr ot ocols ar e descr ibed and configured. Finally, I P rout ing t ables are covered in m ore det ail using com m on I P r out ing algor it hm s, such as RI P and I GRP. This is follow ed by som e com m on t echniques used t o ensur e I P dat a is r out ing as cor r ect ly and efficient ly as possible.

Cha pt er 3 , “Basic Open Short est Pat h First ” Chapt er 3 cov er s basic OSPF r out ing pr inciples and how OSPF r out ing is fundam ent al for any sm all or lar ge net w or k. Basic OSPF t er m inology is descr ibed and configur ed. The chapt er br iefly ex plains w hy OSPF is consider ed an im pr ov ed r out ing pr ot ocol over RI P by explaining how OSPF discover s, chooses, and m aint ains rout ing t ables.

10

Nonbr oadcast m ult iaccess ( NBMA) is dem onst r at ed using a com m on net w or k t opology . The issues and challenges facing net w or k designer s w hen configur ing OSPF in lar ger net w or k s ar e dem onst r at ed w it h t he pr act ical scenar ios.

Cha pt er 4 , “Advanced OSPF and I nt egrat ed I nt e r m e dia t e Syst e m - t o- I nt e r m e dia t e Syst e m ” Chapt er 4 cov er s t he m or e adv anced t opics in OSPF and anot her link- st at e rout ing prot ocol, I S- I S. OSPF is explained in m or e det ail, and t he chapt er explains how OSPF is used in lar ge I P r out ing env ir onm ent s and how OSPF can be configur ed t o r educe I P r out ing t ables and CPU usage, and low er t he m em or y r equir em ent s of access or edge r out er s. OSPF is a popular I P r out ing pr ot ocol, so m ost Cisco cer t ificat ions, including CCNP and CCI E, heav ily t est on OSPF.

Ch a pt er 5 , “Enhanced I nt erior Gat ew ay Rout ing Pr ot ocol” Chapt er 5 focuses on a pr ot ocol dev eloped by Cisco Sy st em s and used on Cisco I OS rout ers only, nam ely Enhanced I nt erior Ga t ew ay Rout ing Pr ot ocol ( EI GRP) . EI GRP is ex plained and configur ed on Cisco r out er s. You discov er how EI GRP lear ns about new neighbor s and how EI GRP oper at es in NMBA net w or k s.

Chapt er 6 , “Basic Border Gat ew ay Prot ocol” Chapt er 6 cov er s t he m ost im por t ant r out ing pr ot ocol in use t oday , Bor der Gat ew ay Pr ot ocol ( BGP) . The basics t er m s and configur at ion opt ions ar e descr ibed t o help y ou appr eciat e t he pow er ful nat ur e of BGP. Ther e ar e fiv e pr act ical scenar ios t o com plet e y our under st anding of BGP t o help y ou appr eciat e it s com plex it y .

Cha pt er 7 , “Advanced BGP” Chapt er 7 descr ibes BGP in gr eat er det ail; in par t icular , t he chapt er cov er s how BGP deals w it h lar ge net w or k s. Scalabilit y issues ar e pr esent ed, and w ay s t o ov er com e lar ge BGP net w or k s ar e cov er ed and configur ed on Cisco r out er s.

Cha pt er 8 , “Rout e Redist ribut ion a nd Opt im iza t ion” Chapt er 8 cov er s t he issues and challenges facing net w or k s w hen infor m at ion fr om one r out ing algor it hm is r edist r ibut ed int o anot her . This chapt er also cov er s how inform at ion can be cont rolled t o ensure t hat t he net w or k is r out ing I P as cor r ect ly and efficient ly as possible.

11

Cha pt er 9 , “CCN P Rout ing Se lf- St udy La b” Chapt er 9 is designed t o assist y ou in y our final pr epar at ion for t he Rout ing 2.0 ex am by pr ov iding y ou a lab scenar io t hat incor por at es m any of t he t echnologies and concept s cov er ed in t his book . The ex er cises pr esent ed ar e a com binat ion of all t he m ost cr it ical t opics found in t his book int o one scenar io. Full w or king configur at ions and sam ple display s ar e pr esent ed.

Appendix A, “St udy Tips” Appendix A descr ibes som e useful st udy t ips for CCNP candidat es. Com m on ex am t echniques and t he best st udy pr act ices ar e pr ov ided t o ensur e t hat y ou ar e fully pr epar ed on t he day of t he exam inat ion.

Appe ndix B, “W hat t o Do Aft er CCN P?” Appendix B descr ibes w hat a CCNP can achieve aft er becom ing CCNP cer t ified.

Appendix C, “Answ ers t o Review Quest ions” Appendix C pro v ides answ er s t o all of t he r ev iew quest ions.

Appendix D , “CCI E Preparat ion —Sa m ple M ult iprot o col La b” Appendix D is a bonus aid designed t o assist y ou in y our final pr epar at ion for t he m ost w idely sought aft er cer t ificat ion in t he w or ld t oday , nam ely CCI E ( Rout ing and Sw it ching) .

H ow Be st t o U se Th is Book This book pr ov ides a pr act ical appr oach t o lear ning net w or k ing concept s. Hav ing y our ow n equipm ent or access t o t he equipm ent is t he ideal w ay t o use t his book but is not required. Of course, m ost readers w ill appre ciat e t hat Cisco r out er s ar e not easy t o com e by , so full w or k ing solut ions and sam ple display s ar e pr esent ed t o ensur e t hat y ou under st and and fully appr eciat e all concept s. This giv es y ou t he oppor t unit y t o gain t he hands- on ex per ience of configur ing eac h r out er accor ding t o t he lab obj ect iv es w it hout t he need t o hav e any phy sical equipm ent . Sam ple display s ar e pr ov ided t o dem onst r at e t he w or k ing solut ions, and som e gr eat t ips ar e pr ov ided in t he ex planat ions t o show y ou how t o ensur e net w or k connect iv it y.

Ge t t in g Equ ipm e n t You can obt ain r easonably pr iced equipm ent fr om v ar ious places. I f y our place of em ploy m ent has spar e equipm ent t hat y ou can use, t his m ay be y our fir st opt ion. I f y ou w ant t o pur chase equipm ent , num er ous places ex ist on t he I nt er net ; c ont act Cisco Sy st em s for second- hand or used r out er s at ver y com pet it ive pr ices. Alt er nat iv ely , sear ch Cisco par t ner s or auct ion sit es for cheap dev ices t o help y ou.

12

Ther e ar e also sim ulat or s t hat offer a cheap solut ion t o pur chasing equipm ent . Cisco, for ex am ple, offer s a pr oduct called Cisco I nt er act iv e Ment or ( CI M) t hat enables candidat es t o sim ulat e r eal- life net w or ks. For m or e det ails on CI M, visit w w w . ciscopr ess. com. N OTE Visit t he follow ing w eb sit e for a num ber of qualit y t ools and I nt er net link s: w w w .iponev er y t hing.net

H ow t o Use Th e Book if You Ca n n ot Ge t Equ ipm e n t I f y ou ar e unable t o get equipm ent , do not despair ; y ou can st ill pr ofit from t his book . The book is st r uct ur ed t o w alk y ou t hr ough each configur at ion t ask st ep by st ep. I f y ou do not hav e t he equipm ent , pay closer at t ent ion t o t he figur es and ex am ples w it hin t he chapt er and obser v e t he changes t hat ar e m ade t o t he net w or k . Because each scenar io includes t hor ough ex planat ions, y ou w ill begin t o under st and how configur at ion t ask s ar e applied and im pact t he net w or k , ev en if y ou can't w or k along w it h t he scenar ios. You m ight find it handy t o keep not es as you w or k t hr ough t his book. Because som e ex per ience and k now ledge lev el has been assum ed of t he r eader , y ou m ight r un int o concept s about w hich y ou w ant addit ional infor m at ion. As a fut ur e CCNP, you should alw ays st r ive t o build upon your k now ledge beyond a st udying per spect iv e so t hat y ou can pr oceed t o a t echnical lev el far bey ond t he m inim um r equir ed for Cisco- based cer t ificat ions. I r ecom m end using t he follow ing r esour ces as r efer ence m at er ial w hile r eading t he book: • • • • • • •

Rout ing TCP/ I P, Volum es I and I I by Jeff Doy le and Jennifer DeHav en Car r oll ( Volum e I I only) ( Cisco Pr ess) . OSPF Net work Design Solut ions by Thom as M. Thom as I I ( Cisco Pr ess) . Rout ing in t he I nt ernet by Christ ian Huit em a ( Prent ice Hall PTR) . CCI E Rout ing and Sw it ching Ex am Cr am : Ex am : 350- 001 by Henry Benj am in and Tho m as M. Thom as I I ( The Coriolis Group) . I nt er net Rout ing Ar chit ect ur es, Second Edit ion, by Sam Halabi ( Cisco Press) . Building Cisco Mult ilay er Sw it ched Net w or ks by Kar en Webb ( Cisco Pr ess) . Building Scalable Cisco Net w or ks by Cat her ine Paquet and Diane Teare ( Cisco Pr ess) .

I n par t icular , I r ecom m end t he com panion book t o t his guide fr om Cisco Pr ess, CCNP Rout ing Exam Cert ificat ion Guide by Clar e Gough. As alw ay s, y ou w ill also find Cisco Connect ion Online ( w w w . cisco. com) t o be inv aluable. For m or e qualit y r esour ces visit w w w . ciscopr ess. com and follow t he link s guiding y ou t o cer t ificat ion m at er ials. Cisco Pr ess has plans t o ex pand it s line of Pr act ical St udies books, so be on t he lookout for Pr act ical St udies books t hat w ill help you pr epar e for t he ot her ex am s besides t he Rout ing ex am t hat y ou m ust pass t o achiev e CCNP st at us.

13

Com m a n d Sy n t a x Con v e n t ion s The conv ent ions used t o pr esent com m and sy nt ax in t his book ar e t he sam e conv ent ions used in t he Cisco I OS Com m and Refer ence, as follow s: • • • • •

Boldf a ce indicat es com m ands and k ey w or ds t hat ar e ent er ed lit er ally as show n. I n ex am ples ( not sy nt ax ) , boldface indicat es user input ( for ex am ple, a sh ow com m and) . I t alics indicat es ar gum ent s for w hich y ou supply v alues. Squar e br ack et s [ and ] indicat e opt ional elem ent s. Br aces { and } cont ain a choice of r equir ed k ey w or ds. Ver t ical bar s ( | ) separ at e alt er nat iv e, m ut ually ex clusiv e elem ent s.

Con clu sion The CCNP cer t ificat io n has gr eat value in t he net w or king envir onm ent . I t pr oves your com pet ence and dedicat ion. I t is r equir ed for sev er al ot her cer t ificat ions, and it is a huge st ep in dist inguishing y our self as som eone w ho has pr ov en k now ledge of Cisco pr oduct s and t echnology . CCNP Pract ical St udies: Rout ing is designed t o help you at t ain CCNP cer t ificat ion. I t is a CCNP cer t ificat ion book fr om t he only Ciscoaut hor ized publisher . The aut hor and edit or s at Cisco Pr ess believ e t hat t his book w ill help you achieve CCNP cert ific at ion. The dedicat ion r equir ed t o achiev e any success is up t o you. Having m any Cisco cer t ificat ions m yself, t he j oy and success I have achieved has significant ly changed m y life and t hat of m y fam ily. Ther e ar e alw ays challenges facing net w or k engineer s; and no doubt , aft er y ou ar e a qualified Cisco pr ofessional, m eet ing t hose challenges w ill dr iv e y ou t o acquir e sk ills y ou nev er t hought y ou could m ast er. I sincer ely hope you enj oy your t im e spent w it h t his book; it t ook m ont hs and long night s t o com plet e t o ensur e t hat y ou, as t he r eader , hav e t he per fect com panion t hr ough your j our ney t o becom ing a CCNP. And w hen you succeed in at t aining your cer t ificat ion, please feel fr ee t o e- m ail m e at benj am in@cisco. com, so I t oo can enj oy your success and j oy as w ell.

14

Ch a pt e r 1 . I n t e r n e t Pr ot ocol This chapt er focuses on a num ber of obj ect iv es falling under t he CCNP r out ing pr inciples. Under st anding basic I nt er net Pr ot ocol ( I P) net w or k ing not only applies t o t he CCNP cer t ificat ion but all Cisco- based cer t ificat ion. A concr et e under st anding of how I P is used in t oday 's net w or k ing env ir onm ent s is one of t he m ost im por t ant t ools t o have befor e t aking on t he m or e advanced chapt er s in t his guide. This chapt er st ar t s by cov er ing basic I P concept s. I t t hen br iefly ex plains how t o efficient ly configur e I P t o ensur e full use of addr ess space. Nex t , t his chapt er cov er s w hen and how I P r out ing t ables can be m inim ized using sum m ar izat ion t echniques w it h v ar ious r out ing pr ot ocols. Fiv e pr act ical scenar ios com plet e y our under st anding of t hese t opics and ensur e y ou hav e all t he basic I P net w or k ing k now ledge t o com plem ent y our k now ledge of t oday's m ost w idely used net w or king pr ot ocol, I P.

Ba sic I n t e r n e t Pr ot ocol I P is a t erm widely used in t oday 's net w or k ing w or ld t o descr ibe a Net w or k lay er pr ot ocol t hat logically defines a dist inct host or end syst em s such as a PC or r out er w it h an I P addr ess. An I P addr ess is configur ed on end sy st em s t o allow com m unicat ion bet w een host s t hat ar e geogr aphically disper sed. An I P addr ess is 32 bit s in lengt h w it h t he net w or k m ask or subnet m ask ( also 32 bit s in lengt h) defining t he host and subnet port ion. A subnet is a net w or k t hat y ou, as net w or k adm inist r at or , segm ent t o allow a hier ar chical r out ing t opology . Rout ing allow s com m unicat ion bet w een t hese subnet s. The host addr ess is a logical unique addr ess t hat r esides on a subnet . The I nt er net Engineer ing Task For ce ( I ETF) st andar ds body , w hich is a t ask for ce consist ing of over 80 working groups re sponsible for dev eloping I nt er net st andar ds, defined five classes of addr esses and t he appr opr iat e addr ess r anges. Table 1- 1 displays t he five r anges.

Table 1-1. Class A, B, C, D, and E Ranges Class of Address

Starting Bit Pattern

Range

Default Subnet Mask

Class A

0

1–126, 127 [ * ]

255.0.0.0

Class B

10

128 –1 91

255.255.0.0

Class C

110

192 –223

255.255.255.0

Class D

1110

224 –239

255.255.255.240

Class E

1111

240 –255

Reserved

[* ]

127.0.0.0 is reserved for loopbacks purposes. Ot her reserved addresses for privat e use as defined by RFC 1918 are 10. 0. 0. 0- 10.255.255 .255

15

172.16.0.0 -172.16.255.255 192.168.0.0- 192.168.255.255

Soon aft er t hese r anges w er e defined and t he I nt er net 's popular it y ex t ended bey ond t he Depar t m ent of Defense in t he Unit ed St at es, it becam e clear t hat t o ensur e t hat a lar ger com m unit y could connect t o t he Wor ld Wide Web t her e had t o be a w ay t o ex t end I P addr ess space by using subnet t ing. Subnet t ing allow s an adm inist r at or t o ex t end t he boundar y for any giv en subnet . To best illust r at e an I P addr ess and subnet por t ion, det er m ine how m any host s ar e av ailable on a par t icular subnet , or ev en how t o best ut ilize an I P addr ess space, consider t he follow ing ex am ple. You ar e given t he I P addr ess 131.108.1.56 and t he subnet m ask is 255.255.255.0. This ex am ple helps y ou det er m ine w hat t he subnet is, how m any host s can r eside on t his subnet , and w hat t he br oadcast addr ess is. You can deduce t he subnet for any I P addr ess by per for m ing a logical AND oper at ion along wit h t he subnet m ask. N OTE A logical AND oper at ion follow s t w o basic r ules. One is t hat posit iv e and posit ive equal posit ive, and t he second is t hat negat ive and posit ive or negat ive is negat ive. So, in binary ( posit ive is 1 and negat ive is 0) , 0 AND 0 is 0, 0 AND 1 is 0, 1 AND 1 is 1, 1 AND 0 is 0, and so fort h.

Figur e 1- 1 display s t he logical AND oper at ion used t o det er m ine t he subnet addr ess.

Figu r e 1 - 1 . AN D Logic Ope r a t ion

The r esult of t he logical AND oper at ion r eveals t he subnet addr ess is 131.108.1.0. The subnet addr ess is r eser v ed and cannot be assigned t o end dev ices. To det er m ine t he num ber of host s av ailable in any giv en subnet , y ou sim ply apply t h e form ula 2n - 2 w her e n is t he num ber of bor r ow ed bit s. This is best explained w it h ex am ples. To det er m ine t he num ber of bor r ow ed bit s, y ou m ust ex am ine t he subnet m ask in binar y. For a default Class C net w or k m ask of 255.255.255.0, t he last eight bit s repr esent t he bor r ow ed bit s. So, for a Class C net w or k , t he num ber of host s t hat can r eside ar e 28 - 2 = 256 - 2 = 254 host s. ( You subt r act t w o host addr esses for t he subnet addr ess and t he br oadcast addr ess, w hich ar e not per m it t ed t o be used by host dev ices.) I n I P, a broadcast address consist s of all

16

binar y 1s, so for t his exam ple, t he br oadcast addr ess for t he subnet 131.108.1.0 is 131.108.1.255. ( 255 in binar y is 11111111.) Now consider anot her ex am ple. Giv en t he host addr ess 171.224.10.67 and t he subnet m ask of 255.255.255.224, t his ex am ple show s y ou how t o det er m ine t he subnet and t he num ber of host s t hat can r eside on t his net w or k . To det erm ine t he subnet , perform a logical AND. Figur e 1- 2 displays t he oper at ion.

Figu r e 1 - 2 . Logica l AN D Ope r a t ion

The subnet is 171.224.10.64. The num ber of host s t hat can r eside on t his net w or k w it h a subnet m ask of 255.255.255.224 ( or 11100000, 5 bor r ow bit s) is 25 - 2 = 32 - 2 = 30 host s. You can apply t he t echnique used in t his sim ple exam ple t o any Class A, B, or C addr ess, and applying a subnet m ask t hat is not t he default or classful k ind enables y ou t o ex t end I P addr ess space and allow a lar ger num ber of dev ices t o connect t o t he I P net w or k . Table 1- 2 display s som e com m on subnet s used in t oday 's net w or k and t he num ber of host s av ailable on t hose subnet s.

Table 1-2. Common Subnets in Today's Networks Decimal

Subnets

Hosts

252 ( 1111 1100)

6 4 subnet s

2 h ost s[ * ]

248 ( 1111 1000)

3 2 subnet s

6 h ost s

240 ( 1111 0000)

1 6 subnet s

14 host s

224 ( 1110 0000)

8 subnet s

30 host s

192 ( 1100 0000)

4 subnet s

62 host s

128 ( 1000 0000)

2 subnet s

126 host s

64 ( 0100 0000) [* ]

Used com m only for WAN circuit s w hen no m ore t han 2 host s reside.

V a r ia b le- Le n g t h Su b n e t M a sk s ( V LSM ) A variable - lengt h subnet m ask ( VLSM) is designed t o allow m or e efficient use of I P addr ess space by bor r ow ing bit s fr om t he subnet m ask and allocat ing t hem t o host dev ices. To allow a gr eat er num ber of dev ices t o connect t o t he I nt er net and int r anet s, t he st andar ds body of v ar ious r out ing pr ot ocols designed an I P r out ing algor it hm t o cat er t o I P net w or k s w it h a differ ent subnet m ask t han t he default used in classful net w or ks.

17

N OTE The follow ing r out ing algor it hm s suppor t VLSM: RI P Ver sion 2, OSPF, I S - I S, EI GRP, and BGP4.

To dem onst r at e t he use of VLSM, consider t he ex am ple of connect ing t w o Cisco r out er s t hr ough a w ide- ar ea link. Only t w o devices host syst em s ar e needed. To use any I P addr ess space effect iv ely , it w ould be w ise t o use t he low est possible num ber of subnet bit s and low est possible num ber of host bit s. You could use a Class C m ask or a m ask t hat allows for 254 host s. For a link t hat never uses m ore t han t w o h ost s, t his w ast es a v ast am ount of space, 252 addr esses in fact . Apply t he for m ula t o det er m ine t he best subnet t o use t o cat er t o t w o host s on any giv en subnet and class of addr ess. Rem em ber t hat y ou m ust subt r act t w o host addr esses for t he subnet addr ess and br oadcast addr ess. Apply ing t he for m ula, y ou get 2n - 2 = 2, or 2n = 4, or n = 2 borrowed bit s. You need t o bor r ow only t w o bit s fr om t he subnet m ask t o allow for t w o host addr esses. The subnet m ask is 30 bit s in lengt h or 255.255.255.252 in binar y, w hich is r epr esent ed as 11111111.11111111.11111111.111111100. The last t w o bit s ( 00) ar e av ailable for host addr esses; t he subnet is 00; t he fir st host addr ess is 01, t he second is 10, and t he broadcast address is 11. N OTE Loopback int er faces configur ed on Cisc o r out er s ar e t y pically configur ed w it h a host address using a 32- bit subnet m ask, w hich allow s, for exam ple, a Class C net w ork w it h 255 host s am ong 255 differ ent r out er s and conser v es v aluable I P addr ess space.

Su m m a r iz a t ion a n d H ow t o Con f ig u r e Su m m a r iz at ion Sum m ar izat ion, put sim ply , enables a giv en r out ing pr ot ocol t o m inim ize I P r out ing t ables by t aking st eps t o adver t ise a sm aller or lesser I P r out e dest inat ion for a lar ge set of subnet s or net w or k s. I P r out ing ent r ies consum e bandw idt h of ex pensiv e link s bet w een differ ent geogr aphic locat ions, t ak e CPU cy cles on r out er s, and, m ost im por t ant ly, r equir e m em or y. To giv e net w or k designer s t he abilit y t o m anage lar ge net w or k s, sum m ar izat ion is im por t ant for lim it ing or r educing I P r out ing t ables. The m ost im por t ant consider at ion t o m ak e w hen sum m ar izing any I P addr ess space is t o ensur e a hier ar chical design. I n a hier ar chical design, I P addr ess space is configur ed acr oss any giv en r out er so t hat it can be easily sum m ar ized. To illust r at e t he capabilit ies of sum m ar izat ion consider t he follow ing I P addr ess r anges in Table 1- 3.

18

Table 1-3. IP Address Range IP Subnet

Binary Last Third Octet

131.108.1.0/ 24

0000 0001

131. 108.2.0/ 24

0000 0010

131.108.3.0/ 24

0000 0011

131.108.4.0/ 24

0000 0100

131.108.5.0/ 24

0000 0101

131.108.6.0/ 24

0000 0110

131.107.7.0/ 24

0000 0111

A r out er w ould nor m ally adv er t ise each of t he sev en I P addr ess r anges, fr om 131. 108. 1–7, as sev en differ ent I P r out e ent r ies. The binar y exam inat ion of t he subnet s 1 t o 7 in Table 1- 3 display s t hat t he fir st fiv e bit s ( shaded) ar e unchanged. The m ost im por t ant fact is t hat t hese sev en net w or k s ar e cont iguous or in a r ange t hat you can easily sum m ar ize. Because t he high- order bit s ar e com m on in Table 1- 3 ( 0000 0) and all seven rout es ar e cont iguous ( binar y 001 t o 111) , y ou can per for m sum m ar izat ion. Because t he fir st fiv e bit s ar e t he sam e, you can apply t he m ask 248 ( 11111 000) on t he t hir d oct et and send an adv er t isem ent encom passing all sev en r out es. Befor e look ing at how t o com p let e t his sum m ar izat ion using RI P, EI GRP, or OSPF, t he follow ing is a list of benefit s w hen using sum m ar izat ion: • • • •

Reduces r out ing t able sizes Allow s for net w or k gr ow t h Sim plifies r out ing algor it hm r ecalculat ion w hen changes occur Reduces requirem ent s for m e m ory and CPU usage on rout ers significant ly

The alt er nat iv es t o net w or k sum m ar izat ion ar e not easy t o accom plish, and t his includes r enum ber ing an I P net w or k or using secondar y addr essing on Cisco r out er s, w hich is not an ideal solut ion for m anagem ent pur poses and also pr ovides ext r a over head on a r out er . Also, it is im por t ant t o under st and t hat if a r ange of addr esses is not cont iguous ( t hat is, t hey do not st ar t fr om a r ange t hat can be easily sum m ar ized, such as t he r ange of addr esses 131.108.1.0/ 24 and 131. 108. 10. 0/ 24) , sum m ar izat ion is im possible. You could st ill sum m ar ize t he fir st seven net w or ks, for exam ple, but t hey m ight r eside in ot her par t s of your net w or k and cause I P r out ing pr oblem s. The best pr act ice is t o assign a gr oup of addr esses t o a geogr aphic ar ea so t hat t he dist r ibut ion lay er of any net w or k enables sum m ar izat ion t o be r elat iv ely easy t o com plet e. Depending on t he r out ing pr ot ocols in use, sum m ar izat ion m ay be enabled by default . Aut om at ic sum m ar izat ion sim ply announces a Class A net w ork wit h an 8- bit m ask, 255.0.0.0, Class B w it h 16- bit m ask, and a Class C m ask wit h a 24- bit m ask, 255.255.255.0. Wit h RI Pv 2, aut om at ic sum m ar izat ion occur s. I n ot her w or ds, y ou m ust disable aut om at ic sum m ar izat ion t o allow t he m or e specific r out es t o be adver t ised; ot her w ise a default m ask is assum ed. To disable aut om at ic sum m ar ies w it h RI Pv 2, use t he follow ing com m and:

19

router rip version 2 no auto-summary The com m and n o a u t o- su m m a r y disables aut om at ic sum m ar ies and allow s subnet s t o be adv er t ised. EI GRP also applies aut om at ic sum m ar ies but it also enables t he m anual configur at ion of sum m ar y addr esses. The follow ing ex am ple show s y ou how t o sum m ar ize t he net works in Table 1- 3 using EI GRP. To configur e sum m ar izat ion w it h EI GRP, y ou m ust fir st disable aut om at ic sum m ar izat ion w it h t he follow ing com m and:

router eigrp 1 no auto-summary Then, y ou apply t he m anual sum m ar izat ion on t he int er face t o w hich y ou w ant t o send t he adver t ised sum m ar y. Ex am ple 1- 1 display s t he com m and y ou use t o sum m ar ize t he sev en net w or k s in Table 1- 3.

Ex a m ple 1 - 1 Su m m a r y w it h EI GRP interface serial 0 ip summary-address eigrp 1 131.108.1.0 255.255.248.0 Ex am ple 1- 1 applies a sum m ar y on t he ser ial int er face. Also not e t hat t he EI GRP aut onom ous sy st em num ber is 1, m at ching t he configur at ion on t he r out er because y ou can hav e m or e t han one EI GRP pr ocess r unning. The act ual sum m ar y is 131.108.1.0 255.255.248.0, w hich r eplaces t he sev en indiv idual r out er s num ber ed 131. 108. 1- 7.0/ 24 w it h one sim ple r out e. OSPF allow s sum m ar izat ion m anually under t he OSPF pr ocess I D. Now look at how t o configure t he seven net w orks in Table 1- 3 w it h an OSPF sum m ar y . You use t he follow ing com m and in OSPF t o sum m ar ize int er nal OSPF r out es:

area area-id range address mask Ex am ple 1- 2 display s t he configur at ion r equir ed t o sum m ar ize t he seven net w or ks in Table 1- 3. Assum e t he ar ea- id for now is 1. N OTE Wit h OSPF, y ou can cor r ect ly configur e sum m ar izat ion only on area border rout ers ( ABRs) . An ABR r esides in m or e t han one OSPF ar ea. For t his ex am ple, assum e t he Cisco rout er is an ABR.

20

Ex a m ple 1 - 2 OSPF su m m a r y router ospf 1 area 1 range 131.108.1.0 255.255.248.0 N OTE OSPF also enables y ou t o sum m ar ize ex t er nal OSPF r out es r edist r ibut ed fr om such prot ocols as I GRP or RI P. BGP and I S- I S, covered in Chapt er s 4, “ Adv anced OSPF and I nt egr at ed I nt er m ediat e Sy st em- t o- I nt erm ediat e Syst em ,” 6, “ Basic Bor der Gat ew ay Pr ot ocol” and 7, “ Adv anced BGP, ” also pr ov ide com plex sum m ar izat ion t echniques.

I P H e lpe r Addr e ss As in any net w or k, br oadcast s ar e used t o find and discover end syst em s. I n a Layer 2 env ir onm ent , y ou use br oadcast s t o find an end sy st em 's MAC addr ess. Lay er 3 of t he TCP/ I P m odel, I P also uses br oadcast s for such ser v ices as sending I P dat agram s t o all host s on a par t icular net w or k. Br oadcast s on any net w or k consum e CPU and bandw idt h t o r educe t his even m or e. I n an I P net w or k, you use t he I P helper addr ess t o change a br oadcast int o a m or e specific dest inat ion addr ess so not all dev ices m ust v iew t he I P dat a, w hich conser v es bandw idt h. To sav e on bandw idt h, all Cisco r out er s inst alled w it h Cisco I nt er net Oper at ing Sy st em ( I OS) soft w ar e by default hav e an algor it hm t hat dict at es t hat not all br oadcast pack et s be for w ar ded. So t o allow t he abilit y t o for w ar d pack et s w isely , y ou can use t he I P helper addr ess com m and t o conv er t a br oadcast int o a m or e specific dest inat ion addr ess. The com m and t o enable an I P help addr ess is as follows:

ip helper-address address You can configur e m ore t han one helper addr ess per int er face on a Cisco r out er . The I P helper addr ess for w ar ds pack et s t hat ar e nor m ally discar ded by default t o t he follow ing ser v ices: • • • • • •

Tr iv ial File Tr ansfer Pr ot ocol ( TFTP) Dom ain Nam e Syst em ( DNS) BOOTP ser v er BOOTP client Net BI OS Nam e Ser v er Dy nam ic Host Configur at ion Pr ot ocol ( DHCP)

N OTE The m ost com m on use for t he helper addr ess is for client s r unning DHCP, w hich r em ot e ser v er s assign I P addr esses and subnet m ask s usually per for m ed locally t hrough a broadcast t o be served re m ot ely w it h a unicast ( one) pack et .

21

Sce n a r ios The follow ing scenar ios ar e designed t o dr aw t oget her som e of t he cont ent descr ibed in t his chapt er and som e of t he cont ent y ou hav e seen in y our ow n net w or k s or pr act ice labs. Ther e is no one r ight w ay t o accom plish m any of t he t asks present ed, and using good pr act ice and defining your end goal ar e im por t ant in any r eal- life design or solut ion. The five scenar ios pr esent ed in t his chapt er ar e based on sim ple I P t echnologies t o int r oduce y ou t o t he configur at ion of I P on Cisco rout ers and give y ou t he basic foundat ion r equir ed t o com plet e t he m or e adv anced t opics and scenar ios found lat er in t his book. Reader s w ho ar e fam iliar w it h t hese basics m ay w ant t o skip t his chapt er and m ove on t o Chapt er 2, “ Rout ing Pr inciples.”

Sce n a r io 1 - 1 : Con figu r in g a Cisco Rou t e r for I P I n t his scenar io, you see how t o configur e one Cisco r out er for I P r out ing using a Class B ( / 16) net w ork 161.108.1.0 w it h a Class C subnet m ask ( 255.255.255.0 or / 24 m ask) . Figur e 1- 3 display s t he one r out er , nam ed R1, w it h one Et her net int er face.

Figu r e 1 - 3 . I P Rou t in g on Cisco Rou t e rs

Ex am ple 1- 3 displays t he I P configur at ion per for m ed on R1's Et her net int er face.

Ex a m ple 1 - 3 I P Con f ig u r a t ion on R1 R1(config)#int e 0/0 R1(config-if)#ip address 161.108.1.1 255.255.255.0 R1(config-if)#no shutdown 4w1d: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up 4w1d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up N OTE

22

When y ou enable t he Et her net int er face w it h t he com m and [ no] sh u t dow n , t he I OS m essage t ells y ou t he Et her net int er face and t he line pr ot ocol ar e up. To see t hese m essages r em ot ely , enable t e r m ina l m o n i t o r on any VTY lines. Also, by default , all Cisco r out er s ar e enabled for I P r out ing w it h t he com m and ip r ou t in g. You can disable I P r out ing w it h t he com m and [ no] ip r ou t in g.

Ex am ple 1- 4 display s t he act iv e Et her net int er face up and t he cur r ent I P addr ess configur at ion.

Ex a m ple 1 - 4 sh ow in t e r fa ce e t h e r n e t e 0 / 0 on R1 R1#show interfaces ethernet 0/0 Ethernet0/0 is up, line protocol is up ? Interface is up and active Hardware is AmdP2, address is 0001.9645.ff40 (bia 0001.9645.ff40) Internet address is 161.108.1.1/24 ?configure IP address MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, rely 255/255, load 1/255 Encapsulation ARPA, loopback not set, keepalive set (10 sec) ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:21, output 00:00:02, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 315871 packets input, 30894958 bytes, 0 no buffer Received 315628 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 input packets with dribble condition detected 470705 packets output, 43588385 bytes, 0 underruns 0 output errors, 3 collisions, 45 interface resets 0 babbles, 0 late collision, 22 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Nex t , y ou see how t o configur e a secondar y addr ess on R1 using t he I P addr ess 131.108.1.1/ 24. Ex am ple 1- 5 display s t he secondar y I P addr ess assignm ent .

Ex a m ple 1 - 5 Se con da r y Addr e ss Con f igu r a t ion on R1 R1(config)#interface ethernet 0/0 R1(config-if)#ip address 131.108.1.1 255.255.255.0 secondary R1 now has t w o I P addr ess assignm ent s: 161.108.1.1/ 24 and 131.108.1. 1/ 24. Confir m t he I P addr ess assignm ent by display ing t he int er face st at ist ics w it h t he com m and sh o w in t e r fa ce s Et h e r n e t 0 / 0 . Ex am ple 1- 6 display s t he Et her net st at ist ics on R1 and is t r uncat ed for clar it y .

Ex a m ple 1 - 6 sh ow in t e r f a ce s e t h e r n e t 0 / 0 R1#show interfaces ethernet 0/0 Ethernet0/0 is up, line protocol is up Hardware is AmdP2, address is 0001.9645.ff40 (bia 0001.9645.ff40)

23

Internet address is 161.108.1.1/24 MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, rely 255/255, load 1/255 Encapsulation ARPA, loopback not set, keepalive set (10 sec) ...truncated Ex am ple 1- 6 does not show t he secondar y addr essing on R1. Unfor t unat ely , t he Cisco I OS does not display I P secondar y addr essing, and t he only w ay t o v iew any secondar y addr essing is t o v iew t he configur at ion. Ex am ple 1- 7 displays t he full w or king configur at ion on R1 along w it h t he secondar y I P addr ess, 131.108.1.1.

Ex a m ple 1 - 7 Fu ll w or k in g con figu r a t ion on R1 hostname R1 ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 secondary ip address 161.108.1.1 255.255.255.0 ! interface Serial0/0 shutdown ! interface Serial0/1 shutdown ! line con 0 line aux 0 line vty 0 4 ! end

Sce n a r io 1 - 2 : Ef f icie n t ly Con f igu r in g a N e t w or k f or I P Suppose y ou hav e been ask ed by a net w or k ar chit ect t o break up t he Class B addr ess 131.108.1.0/ 24 int o four equal subnet s t hat can be used t o allow at m ost 62 host s per subnet . I n addit ion t o t his, y ou m ust use t he addr ess space 131.108.2.0/ 24 for all w ide- ar ea net w or k ( WAN) connect ions t hat use no m or e t han t w o host s per subnet . The net w or k ar chit ect has also ask ed y ou t o docum ent all WAN addresses for fut ure use. Figur e 1- 4 display s t he net w or k t opology gr aphically .

Figu r e 1 - 4 . I P Addr e ss Con figu r a t ion Re qu ir e m e n t s

24

St ar t by br eak ing up t he subnet 131.108.1.0/ 24 int o four equal subnet s. To do t his, ex am ine t he subnet in binar y . The last eight bit s ar e used for host addr esses, so by default y ou hav e 254 I P addr ess av ailable. To allow at m ost 62 host s, y ou use t he for m ula 2n - 2 = 62, which becom es 2n = 64. n, w hich is t he borrow ed am ount of bit s, becom es six bit s. So t o allow at m ost 62 host s, you m ust use t he subnet m ask of 255.255.255.192, w her e 192 in binar y is 110 0 0 0 0 0. The host dev ices use t he last six bit s. This is only half t he j ob; you m ust also configur e t he four differ ent subnet s on R1 in Figur e 1- 4. To det er m ine t he four subnet s you m ust count in binar y. The fir st subnet st ar t s fr om 131.108.1.0. You k now t he br oadcast addr ess ends in all 1s, so count fr om binar y 0 t o all 1s. Count only fr om t he last oct et . Table 1- 4 display s t he binar y calculat ion.

Table 1-4. Binary Addition 1 Decimal

Binary

Comment

0

000000

Subnet ( all zeros)

1

000001

Fir st host addr ess

2

000010

Second host addr ess

3

000011

Thir d host addr ess

62

111110

Last host addr ess

63

111111

Broadcast address ( all 1s)

…

25

Table 1- 4 c ount s in binary from 0 t o 3 and so fort h unt il 63, w hich in binary is 001111111. Not ice t hat t he last six bit s ar e all 1s, w hich indicat es t he br oadcast addr ess, so t he fir st subnet r anges fr om 131.108.1.0 t o 131.108.1.63. The subnet is 131.108.1.0, and t he br oadcast addr ess is 131.108.1.63. Table 1- 5 per for m s t he sam e calculat ion in binar y w it hout t he int er m ediat e st eps t o dem onst r at e t he br oadcast addr ess for t he second subnet .

Table 1-5. Binary Addition Subnet 2 Decimal

Binary

Comment

64

1000000

Subnet all zeros

65

1000001

Fir st host addr ess

66

1000010

Second host addr ess

126

1111110

Last host addr ess

127

1111111

Host address

…

Table 1- 5 display s t he second subnet w it h all zer os as 131.108.1.64 and t he br oadcast of 131.108.1.127. Table 1- 6 display s t he t hir d subnet calculat ion st ar t ing fr om t he nex t av ailable decim al num ber of 128.

Table 1-6. Binary Addition Subnet 3 Decimal

Binary

Comment

128

10000000

Subnet ( all zer o's)

129

10000001

Fir st host addr ess

130

10000010

Second host address

131

10000011

Thir d host addr ess

190

10111110

Last host addr ess

191

10111111

Broadcast address ( all 1s)

…

Table 1- 6 display s t he subnet as 131.108.1.128, and t he br oadcast addr ess as 131.108.1.191. Finally , y ou can deduce t he last subnet av ailable in ex act ly t he sam e w ay . Table 1- 7 displays t he final binar y addit ion.

Table 1-7. Binary Addition Subnet 4 Decimal 192

Binary 11000000

Comment Subnet ( all zeros)

26

193

11000001

Fir st host addr ess

194

11000010

Second host addr ess

195

11000011

Thir d host addr ess

253

11111110

Last host addr ess

255

11111111

Br oadcast addr ess ( all 1s)

…

N OTE I f y ou ar e confused about how t o conv er t binar y fr om decim al, sim ply use a Window s- based calculat or t o per for m t he calculat ion t o assist in y our fir st few calculat ions. I t is v it al t hat y ou can per for m t hese st eps w it hout m uch t hought , so y ou can quickly br eak up any t ype of subnet in var ious design sit uat ions or ex am inat ion scenar ios.

Table 1- 7 display s t he subnet as 131.108.1.192 and t he br oadcast addr ess for t he final subnet as 131.108.1.255. Now t hat y ou hav e t he four br ok en subnet s, configur e t he Rout er R1 in Figur e 1- 4 for I P rout ing. Ex am ple 1- 8 display s t he I P configur at ion on t he four int er faces on R1.

Ex a m ple 1 - 8 I P Con f ig u r a t ion on R1 w it h Fou r Su b n e t s R1(config)#interface ethernet 0/0 R1(config-if)#ip address 131.108.1.1 255.255.255.192 R1(config)#interface ethernet 0/1 R1(config-if)#ip address 131.108.1.65 255.255.255.192 R1(config)#interface ethernet 0/2 R1(config-if)#ip address 131.108.1.129 255.255.255.192 R1(config)#interface ethernet 0/3 R1(config-if)#ip address 131.108.1.193 255.255.255.192 The m ask is 255.255.255.192 in Ex am ple 1- 8. The m ask or subnet m ask is derived fr om t he six bit s you bor r ow ed t o ext end t he Class B addr ess 131.108.1.0. Binary 1100000 is 192. To com plet e t his scenar io, y ou hav e t o br eak up t he net w or k 131.108.2.0/ 24 int o 30- bit sized subnet s so t hat t hey can be used on WAN cir cuit s t hat cont ain no m or e t han t w o host s. Once m or e, use t he sim ple for m ula 2n - 2 = 2, or 2n = 4, where n = 2. So, you need t w o bit s per subnet , and you have alr eady discover ed t hat t he m ask is 255.255.255.252. Table 1- 8 displays t he first four subnet s av ailable along w it h t he subnet , br oadcast addr ess, and binar y equiv alent .

27

Table 1-8. WAN Host Assignment Decimal

Binary

Comment

131.108.2.0

00000000

First subnet , last t w o bit s all zeros

131.108.2.1

00000001

First host

131.108.2.2

00000010

Second host

131.108.2.3

00000011

Br oadcast addr ess, last t w o bit s all 1s

131.108.2.4

00000100

Second subnet , last t w o bit s all zer os

131.108.2.5

00000101

First host

131.108.2.6

00000110

Second Host

131.108.2.7

00000111

Br oadcast addr ess, last t w o bit s all 1s

131.108.2.8

00001000

First subnet , last t w o bit s all zeros

131.108.2.9

00001001

First host

131. 108. 2. 10

00001010

Second host

131. 108. 2. 11

00001011

Br oadcast addr ess, last t w o bit s all 1s

131. 108. 2. 12

00001100

Second subnet , last t w o bit s all zer os

131. 108. 2. 13

00001101

First host

131. 108. 2. 14

00001110

Second host

131. 108. 2. 15

00001111

Br oadcast addr ess, last t w o bit s all 1s

As an ex er cise, y ou can t r y t o com plet e t he t able on y our ow n. Sim ply count in binar y and t he next available subnet is cle ar ly ev ident t o y ou. Not ice t hat t he subnet s in decim al count in four s, so t he fir st subnet is 131.108.2.0/ 30, t hen 131.108.2.4/ 30, 131.108.2.8/ 30, 131.108.2.12/ 30, and so for t h.

Sce n a r io 1 - 3 : Con figu r in g I P V LSM for a La r ge N e t w or k This scenario is slight ly m ore com plex. Figur e 1- 5 display s a net w or k r equir ing a cor e net w or k w it h a lar ge num ber of r out er s ( assum e ar ound 20) , a dist r ibut ion net w or k w it h t hree rout ers, and an access net w or k init ially cont aining only six r out er s. The access net w or k should have a pot ent ial for at m ost 25 r out er s ( com m only know n as access- lev el r out er s) t o be connect ed t hr ough t he dist r ibut ion r out er s. Figur e 1- 5 display s t he cor e net w or k sur r ounded by t hr ee dist r ibut ion r out er s and t he six access- level rout ers.

Figu r e 1 - 5 . V LSM in a La r ge N e t w or k

28

The Class B addr ess 141.108.0.0 has been assigned t o y ou for t his t ask . You should ensur e t his addr ess space is designed so t hat com pany gr ow t h allow s y ou t o use I P addr ess space w isely t o conser v e it . Ensur e sum m ar izat ion is possible w it h t he t hr ee dist r ibut ion r out er s. I t is im por t ant t hat t he I P addr essing schem e is cor r ect ly laid out in a hier ar chical fashion so t hat y ou can use sum m ar izat ion I P r out ing t ables t o k eep t hem t o a m inim um . St ar t w it h t he cor e of t he net w or k w it h a possible 20 r out er s. The cor e net w or k of any lar ge or ganizat ion t y pically gr ow s at a slow er pace t han access r out er s, so assum e t hat allow ing for ov er 1500 host s should suffice. Assign sev en Class C net w or ks for t he cor e, and r eser ve anot her eight for fut ur e use. Using 15 subnet s allow s for easy sum m ar izat ion as w ell. Assign t he r ange 141.108.1.0– 141.108.15.255 t o t he cor e net w or k . I n binar y , t his is t he r ange 00000001 t o 00001111, so t he fir st four bit s ar e com m on. The dist r ibut ion r out er s gener ally per for m all t he sum m ar izat ion, so y ou can assign anot her sev en subnet s and r eser v e anot her eight Class C net w or k s for fut ur e use. So now t he dist r ibut ion r out er s use t he r ange 141.108.16.0– 141.108.31.255. The access- lev el r out er s, w her e t he user s gener ally r eside, t y pically gr ow at a fast r at e, and in t his scenar io, each sit e has over 100 user s; it is also possible t hat over 30 ( 90 in t ot al) r em ot e sit es w ill be added in t he fut ur e. I t is v it al t hat t he subnet s used her e ar e cont iguous so t hat sum m ar izat ion can t ak e place on t he dist r ibut ion Rout er s R1, R2, and R3. The follow ing descr ibes a sam ple solut ion: •

For access Rout er s R4 and R5 and possible new r out er s, use t he r ange 141.108.32.0 t o 141.100.63.255; in binar y t hat r anges fr om 100000 ( 32) t o 63( 11111) .

29

• • •

For access Rout er s R6 and R7 and possible new r out er s, use t he r ange 141.108.64.0 t o 141.100.95.255; in binar y t hat r anges fr om 1000000( 64) t o 1011111( 95) . For access Rout er s R8 and R9 and possible new r out er s, use t he r ange 141.108.96.0 t o 141.108.127.255; in binar y t hat r anges fr om 1100000( 96) t o 1111111( 127) . You can r eser v e t he r em aining 128 subnet s for fut ur e use.

This is by no m eans t he only w ay you can accom plish t he t asks in t his scenar io, but you need t o apply t hese principles in any I P subnet addr essing design. N OTE Cisco I OS gives you even m or e I P addr ess space by allow ing t he use of subnet zer o w it h t he I OS com m and ip su b n e t - z e r o. Of cour se non- Cisco dev ices m ay not under st and subnet zer o. A good use for subnet zer o w ould be for WAN links or loopback int er faces and conser ving I P addr ess space for r eal host s, such as UNI X dev ices and user PCs. Subnet zer o, for ex am ple, w hen using t he Class B addr ess 141.108.0.0 is 141.108.0.0, so a host addr ess on a Cisco r out er could be 141. 108. 0.1/ 24.

When designing any I P net w or k , y ou m ust answ er t he follow ing cor e quest ions: • • • • • • • • • • •

How m any subnet s ar e av ailable? What I P r anges w ill be used; w ill pr iv at e addr ess space be applied t o conser v e public addresses? How m any host s r eside on t he edge of t he network? What are t he expansion possibilit ies for t he net w ork? What ar e t he geogr aphic locat ions of r em ot e sit es? I s t her e a connect ion t o t he I nt er net or WWW? I s an I P addr ess space cur r ent ly being used? What ar e t he cur r ent sizes of exit ing I P r out ing t ables? Are any non- I P pr ot ocols alr eady in use? I f so, can you t unnel t hese non- I P pr ot ocols? What r out ing pr ot ocols enable t he use of VLSM? These ar e j ust som e of t he m aj or quest ions t hat you need t o look at car efully. Cisco Sy st em s pr ov ides a com pr ehensiv e guide t o subnet s at t he follow ing URL: w w w . cisco. com / univ er cd/ cc/ t d/ doc/ cisint w k / idg4/ nd2003. ht m

N OTE Gr eat r esour ces for infor m at ion on I P addr essing and subnet calculat or s ar e also av ailable on t he I nt er net .

30

Sce n a r io 1 - 4 : Su m m a r iz a t ion w it h EI GRP a n d OSPF I n t his scenar io, given t he addr ess r anges in Table 1- 9, y ou see how t o configur e sum m ar izat ion w it h EI GRP and OSPF. Table 1- 9 displays t he I P addr ess r anges t o be sum m ar ized, as w ell as t he binar y r epr esent at ion of t he t hir d oct et or t he subnet por t of t he I P addr ess space.

Table 1-9. IP Address Ranges IP Subnet

Subnet Mask

Binary Representation of Third Octet

151.100.1.0

255.255.255.0

00000001

151.100.2.0

255.255.255.0

00000010

151.100.3.0

255.255.255.0

00000011

151.100.4.0

255. 255. 255. 0

00000100

151.100.5.0

255.255.255.0

00000101

151.100.6.0

255.255.255.0

00000110

151.100.7.0

255.255.255.0

00000111

151.100.8.0

255.255.255.0

00001000

151.100.9.0

255.255.255.0

00001001

151. 100. 10. 0

255.255.255.0

00001010

151. 100. 11. 0

255. 255. 255.0

00001011

151. 100. 12. 0

255.255.255.0

00001100

151. 100. 13. 0

255.255.255.0

00001101

151. 100. 14. 0

255.255.255.0

00001110

151. 100. 15. 0

255.255.255.0

00001111

151. 100. 16. 0

255.255.255.0

00010000

Befor e configur ing EI GRP or OSPF sum m ar izat ion, you fir s t need t o decide w het her sum m arizat ion is possible at all. Table 1- 9 display s 16 subnet s, num ber ed fr om 116. The first 15 subnet s all have one t hing in com m on w hen vie w ed in binar y : The fir st four bit s or high- or der bit s ar e alw ay s 0. Ther efor e, y ou can sum m ar ize t he fir st 15 net w or ks using t he subnet m ask 255.255.255.240. ( 240 in binar y is 1 1 1 1000 w her e t he fir st four bit s ar e com m on.) The last four bit s cont ains t he net w or k s 1 t o 15 or in binary encom pass all net w orks from 0000 t o 1111. The last r em aining subnet 151.100.16.0 is t he odd net w or k out . Alt hough it is cont iguous, y ou cannot sum m ar ize it along w it h t he fir st 15 net w or k , because any sum m ar y addr ess r ange encom passes net w or ks beyond 151.100.16.0, w hich m ay reside in ot her part s of t he net w ork. Configur e EI GRP t o sum m ar ize t hese r out es out of a ser ial por t ( ser ial 0/ 0 in t his ex am ple) . Ex am ple 1- 9 display s t he configur at ion r equir ed t o disable aut om at ic sum m ar izat ion and t he t w o r equir ed sum m ar y addr ess com m ands on t he ser ial 0/ 0 on a rout er nam ed R1.

31

Ex a m ple 1 - 9 EI GRP Su m m a r y R1(config)#router eigrp 1 R1(config-router)#no auto-summary R1(config)#interface serial 0/0 R1(config-if)#ip summary-address eigrp 1 151.100.1.0 255.255.255.240 R1(config-if)#ip summary-address eigrp 1 151.100.16.0 255.255.255.0 I n Ex am ple 1- 9, t he r out er R1 sends only t w o updat es: one for t he net w or ks r anging fr om 151.100.1.0 t o 151.100.15.0 and anot her for 151.100.16.0. These t w o ar e inst ead of 16 separ at e I P r out e ent r ies. Ev en in a sm all scenar io lik e t his, y ou sav ed 14 I P rout e ent ries. Reducing I P rout ing t ables m eans w hen a rout er perform s a r out ing t able sear ch, t he t im e it t ak es t o det er m ine t he out bound int er face is reduced allow ing end- user dat a t o be sent fast er over a given m edium . Wit h OSPF, y ou do not need t o disable aut om at ic sum m ar izat ion, because OSPF does not aut om at ically sum m ar ize I P subnet s. Hence, t o sum m ar ize t he sam e block of addr esses of a r out er ( OSPF ABR) , y ou apply t w o com m ands under t he OSPF pr ocess. Ex am ple 1- 10 display s t he sum m ar y com m ands r equir ed.

Ex a m ple 1 - 1 0 OSPF Su m m a r y R1(config)#router ospf 1 R1(config-router)#no area 1 range 151.100.16.0 255.255.255.240 R1(config-router)#area 1 range 151.100.16.0 255.255.255.0

Sce n a r io 1 - 5 : Con figu r in g I P H e lpe r Addr e ss The follow ing scenar io dem onst r at es t he pow er ful use of t he helper com m and and how br oadcast t r affic, w hich is dr opped by default on Cisco r out er s, can be for w ar ded in a m anageable fashion and enable I P connect iv it y acr oss a WAN. I n t his scenar io, you have a gr oup of user s on one segm ent r equir ing I P addr ess assignm ent . No local ser ver s r eside on t he segm ent w it h t his gr oup of user s. Figur e 1- 6 display s t he net w or k t opology .

Figu r e 1 - 6 . I P H e lpe r Re qu ir e m e n t

32

Now , w hen t he user s on t he local- area net work ( LAN) segm ent at t ached t o R1 send out a r equest for an I P addr ess, t his I P pack et is sent t o t he br oadcast addr ess, w hich is dr opped by default . Unless a local Dy nam ic Host Configur at ion Pr ot ocol ( DHCP) ser ver exist s on t his segm ent , t he user s' r equest s for an I P addr ess ar en't r esponded t o. To alleviat e t his pr oblem , you configur e a helper addr ess on R1 point ing t o t he r em ot e file ser v er ( s) ' addr ess. I n t his case, t w o ser v er s ar e av ailable for r edundancy , so y ou can configur e t w o helper addr esses on R1's Et her n et por t . N OTE Rem em ber, a helper address can forward m any UDP- based pr ot ocols such as DNS and BOOTP r equest s. You can fur t her r est r ict w hich pr ot ocols ar e sent by using t he I OS com m and ip f or w a r d - p r o t o co l { u d p [ por t ] } or y ou can for w ar d a pack et based on a par t icular por t num ber used by a cer t ain applicat ion.

Ex am ple 1- 11 displays t he helper addr ess configur at ion on R1.

Ex a m ple 1 - 1 1 I P H e lpe r Addr e ss Con figu r a t ion on R 1 R1(config)#interface ethernet 0/0 R1(config-if)#ip helper-address 131.108.1.99 R1(config-if)#ip helper-address 131.108.1.100 The fiv e basic scenar ios in t his fir st chapt er ar e aim ed at addr essing y our basic knowledge or re - enforcing w hat you already know . The Pr act ical Ex er cise t hat follow s giv es y ou an oppor t unit y t o t est y our self on t hese concept s.

33

Pr a ct ica l Ex e r cise : I P N OTE Pr act ical Ex er cises ar e designed t o t est y our k now ledge of t he t opics cov er ed in t his chapt er . The Pr act ical Ex er cise begins by giv ing y ou som e infor m at ion about a sit uat ion and t hen ask s y ou t o w or k t hr ough t he solut ion on y our ow n. The solut ion can be found at t he end.

Given t he I P addr ess r anges in Table 1- 10 and using EI GRP as your r out ing algor it hm , ensur e t hat t he least num ber of I P r out ing ent r ies ar e sent out t he Et her net 0/ 0 por t on a Cisco I OS- based rout er. Table 1- 10 display s t he I P subnet ranges.

Table 1-10. IP Subnet Ranges IP Subnet

Subnet Mask

Binary Value of Third Octet

171.100.1.0

255.255.255.0

00000 001

171.100.2.0

255.255.255.0

00000 010

171.100.3.0

255.255.255.0

00000 011

171. 100. 4. 0

255.255.255.0

00000 100

171.100.5.0

255.255.255.0

00000 101

171.100.6.0

255.255.255.0

00000 110

171.100.7.0

255.255.255.0

00000 111

Pr a ct ica l Ex e r cise Solut ion You should not ice t hat t he fir st fiv e bit s ar e t he sam e and t he last t hr ee encom pass t h e range 1- 7, so y ou can apply t he follow ing sum m ar y com m and:

ip summary address eigrp 1 171.100.1.0 255.255.255.248 Ex am ple 1- 12 display s t he configur at ion r equir ed t o sum m ar ize t he net w or k s fr om Table 1- 10 on an Et her net 0/ 0 por t using t he ? t ool t o dem onst r at e t he available opt ions r equir ed by Cisco I OS.

Ex a m ple 1 - 1 2 Sa m p le Con f ig u r at ion R1(config)#interface ethernet 0/0 R1(config-if)#ip summary-address ? eigrp Enhanced Interior Gateway Routing Protocol (EIGRP) R1(config-if)#ip summary-address eigrp 1 171.100.1.0 255.255.255.248 R1(config-if)#ip summary-address ? eigrp Enhanced Interior Gateway Routing Protocol (EIGRP) R1(config-if)#ip summary-address eigrp ?

34

Autonomous system number R1(config-if)#ip summary-address eigrp 1 ? A.B.C.D IP address R1(config-if)#ip summary-address eigrp 1 171.100.1.0 255.255.255.248 N OTE Ex am ple 1- 12 display s t he Cisco I OS pr om pt s t hat appear w hen t he user ent er s t he quest ion m ark ( ?) t o display t he opt ions or par am et er s t he Cisco I OS r equir es next . They ar e illust r at ed her e for y our r efer ence.

Re v ie w Qu e st ion s You can find t he answ er s t o t hese quest ions in Appendix C, “ Answ er s t o Rev iew Quest ions.”

1:

Giv en t he follow ing host addr ess and subnet m ask com binat ions, det er m ine t he subnet addr ess and br oadcast addr esses: • • • •

131.108.1.24 255.255.255.0 151. 108. 100. 67 255. 255. 255. 128 171.199. 100. 10 255. 255. 255. 224 161. 88. 40. 54 255. 255. 255. 192

2:

Giv en t he net w or k 141.56.80.0 and a subnet m ask of 255.255.254.0, how m any host s ar e av ailable on t his subnet ?

3:

What is t he br oadcast addr ess for t he subnet 131.45.1.0/ 24?

4:

What is t he pur pose of t he br oadcast addr ess in any giv en subnet ?

5:

Giv en t he subnet in binar y not at ion 1111111.11111111.00000000.00000000, w hat is t he decim al equiv alent ?

6:

Which r out ing pr ot ocols suppor t VLSM and w hy ?

7:

Which r out ing pr ot ocols do not suppor t VLSM?

8:

Which subnet m ask pr ov ides appr ox im at ely 1022 host s?

9:

What is t he equiv alent subnet m ask for t he not at ion 131.108.1.0/ 24?

10:

I dent ify t he privat e address ranges defined in RFC 1918.

35

Su m m a r y You hav e successfully w or k ed t hr ough fiv e scenar ios using com m on t echniques in t oday 's lar ge I P net w or k s. You can now begin t o apply t his k now ledge t o t he chapt er s ahead and w or k t hr ough m or e com plex scenar ios. The basic infor m at ion descr ibed in t his chapt er can be applied t o any net w or k ing scenar io y ou com e acr oss w hen designing and im plem ent ing a Cisco- pow er ed net w or k or any net w or k for t hat m at t er. Table 1- 11 sum m ar izes t he com m ands used in t his chapt er .

Table 1-11. Summary of IOS Commands Used in This Chapter Command

Purpose

a r e a ar ea- id r a n g e net w or k m ask

Sum m ar izes OSPF net w or k r anges bet w een ar ea bor der rout ers.

r ou t e r ospf pr ocess id

Enables OSPF r out ing. The pr ocess I D is local t o t he r out er . You can hav e m or e t han one OSPF r unning.

r ou t e r e igr p aut onom ous dom ain I D

Enables EI GRP r out ing under a com m on adm inist r at iv e cont r ol k now n as t he aut onom ous dom ain or AD.

n o a u t o- su m m a r y

Disables aut om at ic sum m ar izat ion.

sh ow in t e rf a ce s ethernet 0 / 0

Displays Et her net st at ist ics on por t 0/ 0.

v e r sion 2

Enables RI Pv2.

[ n o] sh u t d ow n

Enables or disables an int er face. All har dw ar e int er faces ar e shut dow n by default .

36

Ch a pt e r 2 . Rou t in g Pr in ciple s This chapt er descr ibes how t o configur e a Cisco I nt er net Oper at ing Syst em ( I OS) r out er for I P r out ing and ex plains com m on t r oubleshoot ing t echniques by cov er ing t he follow ing: • • • •

I nt er net Pr ot ocol ( I P) r out ing t ables Dy nam ic r out ing pr ot ocols Classful and classless r out ing Using show , d e b u g , p in g , and t r a ce com m ands

This chapt er focuses on a num ber of obj ect ives r elat ing t o t he CCNP r out ing pr inciples. Under st anding basic r out ing pr inciples not only applies t o t he CCNP cer t ificat ion but t o all Cisco- based cer t ificat ion. A concr et e under st anding of how t o r out e t r affic acr oss t he net w or k is fundam ent al for t he m or e adv anced t opics cov er ed lat er in t his book. This chapt er st ar t s by cov er ing t he basic infor m at ion a Cisco r out er r equir es t o r out e t r affic and t hen descr ibes classful and classless r out ing pr ot ocols. The chapt er t hen br iefly cov er s dist ance v ect or and link- st at e pr ot ocols and exam ines I P r out ing t ables and com m on t est ing t echniques used t o t r oubleshoot I P net w or k s. Five pr act ical scenar ios com plet e your under st anding and ensur e y ou hav e all t he basic I P r out ing skills t o com plem ent your under st anding of I P r out ing on Cisco I OS rout ers.

Rou t in g I P on Cisco Rou t e r s Rout ing is defined as a pr ocess w her eby a pat h t o a dest inat ion host is select ed by eit her a dy nam ic r out ing pr ot ocol or st at ic ( m anual) definit ion by a net w or k adm inist r at or . A r out ing pr ot ocol is an algor it hm t hat r out es t r affic or dat a acr oss t he net w or k. Each r out er m akes r out ing decisions fr om sour ce t o dest inat ion based on specific m et rics used by t he ro ut ing pr ot ocol in use. For ex am ple, Rout ing I nfor m at ion Pr ot ocol ( RI P) uses hop count ( com m only k now n as t he net w or k diam et er ) t o det er m ine w hich int er face on a r out er sends t he dat a. A low er hop count is alw ay s pr efer r ed. On t he ot her hand, Open Shor t est Pat h Fir st ( OSPF) uses a cost m et r ic; t he low er t he cost of t he pat h is t he m or e pr efer r ed pat h t o a dest inat ion. N OTE The m et hod by w hich a r out ing algor it hm , such as RI P/ OSPF, det er m ines t hat one r out e is bet t er t han anot her is based upon a m et r ic. The met r ic v alue is st or ed in r out ing t ables. Met r ics can include bandw idt h, com m unicat ion cost , delay , hop count , load, MTU, pat h cost , and r eliabilit y .

For r out ing I P acr oss a net w or k , Cisco r out er s r equir e I P addr ess allocat ion t o int er faces and t hen st at ic ally or dynam ically adver t ise t hese net w or ks t o local or

37

r em ot e r out er s. Aft er t hese net w or k s ar e adv er t ised, I P dat a can flow acr oss t he net w or k. Rout ing occur s at Layer 3, or t he net w or k layer , of t he Open Syst em I nt erconnect ion ( OSI ) m odel. By default , I P r out ing is enabled on Cisco r out er s. The com m and y ou use t o st ar t or disable it is [ no] ip r ou t in g. How ever , because I P r out ing is enabled, you do not see t his com m and by v iew ing t he r unning configur at ion as display ed w it h t he I OS com m and, sh ow r u n n in g - con fig. Consider a one- r out er net w or k w it h t w o dir ect ly connect ed Et her net int er faces as an int r oduct or y ex am ple, show n in Figur e 2- 1.

Figu r e 2 - 1 . Rou t in g I P w it h D ir e ct ly Con n e ct e d N e t w or k s

I n Figur e 2- 1 rout er R1 has t wo int erfaces: E0 ( I P addr ess 172.108.1.1/ 24) and E1 ( 172.108.2.1/ 24) . Assum e t her e ar e user s on E0 and E1 w it h PCs labeled PC 1 and PC 2. By default , an I P packet from PC 1 t o PC 2 is rout ed by R1 because bot h I P net w or k s connect dir ect ly t o R1. No r out ing algor it hm is r equir ed on a single Cisco r out er ( not at t ached t o any ot her r out er s) w hen all int er faces ar e dir ect ly connect ed as descr ibed in t his exam ple. Ex am ple 2- 1 displa ys R1's rout ing t able.

Ex a m ple 2 - 1 sh ow ip r ou t e Com m a n d on R1 R1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR Gateway of last resort is not set

C C R1#

172.108.0.0/24 is subnetted, 2 subnets 172.108.1.0 is directly connected, Ethernet0 172.108.2.0 is directly connected, Ethernet1

I n Ex ample 2- 1, t he C on t he left side of t he I P r out ing t able denot es t he t w o dir ect ly connect ed net w or k s. Cisco I OS r out er s suppor t m any dy nam ic r out ing pr ot ocols as w ell as st at ic ( denot ed by S) r out es. Lat er chapt er s in t his book cov er t he m ain dy nam ic r out ing pr ot ocols, such as t he Open shor t est Pat h Fir st ( OSPF) Pr ot ocol, RI P, I nt er ior Gat ew ay Rout ing Pr ot ocol ( I GRP) , and EI GRP. Scenar io 2- 1 covers all t he fields used in an I P r out ing t able.

38

N OTE The I P addr ess sour ce and dest inat ion in an I P dat agr am does not change, but t he Lay er 2 Media Access Cont r ol ( MAC) sour ce and dest inat ion do. For ex am ple, w hen PC 1 sends a packet t o PC 2, and because PC 2 r esides on a differ ent subnet , PC 1 aut om at ically sends t he I P pack et t o t he default r out er using t he dest inat ion MAC addr ess of Rout er R1 ( or E0 bur nt in addr ess) or t he default gat ew ay addr ess of 172.108.1.1/ 24 ( assum ing a default gat ew ay has been configur ed on PC 1 and PC 2) . The rout er t hen st rips t he Layer 2 header and inst alls it s ow n Layer 2 header w hen t he packet ent er s t he net w or k w her e PC 2 r esides. The Layer 2 header cont ains t he sour ce addr ess of R1 E1 and t he dest inat ion addr ess of t he PC 2 MAC address. The Layer 3 I P source and dest inat ion addr ess do not change. Som e ex cept ions ex ist , of cour se, and m any new em er ging t echnologies, because of I P addr ess deplet ion, change t he Lay er 3 addr essing t o allow m or e host s t o connect t o t he I nt er net . Ex am ple t echnologies include Net wor k Addr ess Tr anslat ion ( NAT) or t he im plem ent at ion of Web pr ox ies.

Cisco r out er s r equir e only I P addr essing and r out ing t o allow host s on differ ent segm ent s t o com m unicat e. This chapt er cov er s dy nam ic and st at ic r out ing in t he sect ion “ Classful and Classless Rout ing Pr ot ocols .”

Cisco I OS- Based Rout ers All Cisco r out er s suppor t I P r out ing. Ex am ple 2- 2 show s a full list of t he pr ot ocols t hat Cisco I OS- based r out er s suppor t .

Ex a m ple 2 - 2 Rou t in g Pr ot ocols You Ca n En a ble on a Cisco Rou t e r R1(config)#router ? bgp egp eigrp (EIGRP) igrp isis iso-igrp mobile odr ospf rip static traffic-engineering

Border Gateway Protocol (BGP) Exterior Gateway Protocol (EGP) Enhanced Interior Gateway Routing Protocol Interior Gateway Routing Protocol (IGRP) ISO IS-IS IGRP for OSI networks Mobile routes On Demand stub Routes Open Shortest Path First (OSPF) Routing Information Protocol (RIP) Static routes Traffic engineered routes

Bor der Gat ew ay Pr ot ocol ( BGP) , EI GRP, I GRP, I nt er m ediat e Sy st em- t o- I nt er m ediat e Syst em ( I S- I S) Pr ot ocol, OSPF, and RI P ar e dynam ic r out ing pr ot ocols and ar e all cover ed in t his book. You can use st at ic r out ing t o m inim ize lar ge r out ing t ables an d can m anually configur e it t o ov er r ide dy nam ic infor m at ion.

39

When y ou configur e m ult iple r out ing algor it hm s on a Cisco r out er , deciding w hich pat h t o t ak e is v it al. To ov er com e t his pr oblem , y ou assign each r out ing m et hod, w het her dy nam ic or st at ic, an administ r at iv e dist ance ( AD) . AD is im por t ant because r out er s cannot com par e, for ex am ple, RI P's m et r ic t o OSPF's m et r ic because hop count m eans not hing in OSPF and cost m eans not hing in a RI P dom ain. Using AD ensur es t hat t he Cisco r out er s can com par e t he r e m ot e dest inat ions t hey lear n t hr ough v ar ious r out ing algor it hm s. AD is defined as t he t r ust w or t hiness of a r out ing infor m at ion sour ce. The higher t he v alue ( bet w een 0– 255) , t he less t r ust ed t he sour ce. Table 2- 1 display s t he default AD values on a Cisco rout er.

Table 2-1. Cisco AD Default Values Routing Method

Administrative Distance

Connect ed int er face

0

St at ic r out e

1

Enhanced I GRP sum m ar y r out e

5

Ext ernal BGP

20

I nt er nal Enhanced I GRP

90

I GRP

100

OSPF

110

IS- I S

115

RI P

120

EGP

140

Ext ernal Enhanced I GRP

170

I nt ernal BGP

200

Unk now n

255

For exam ple, if a r out er has t w o pat hs t o a dest inat ion and one is list ed as OSPF ( AD is 110) and anot her as I GRP ( AD is 100) , t he r out er select s t he I GRP pat h because of t he low er AD. Cisco I OS enables t he net w or k designer t o change t he AD w it h t he dist a n ce com m and.

D ist a n ce V e ct or a n d Lin k - St a t e Rou t in g Pr ot ocols Now t hat you are aw are of t he rout ing m et hods available, t his sect ion look s at t he t w o m ain t ypes of r out ing m et hods t hat r out er s use t o det ect r em ot e dest inat ions dy nam ically . Dist ance v ect or pr ot ocols ( a v ect or cont ains bot h dist ance and dir ect ion) , such as RI P, det er m ine t he pat h t o r em ot e net w or k s using hop count as t he m et r ic. A hop count is defined as t he num ber of t im es a pack et needs t o pass t hr ough a r out er t o reach a rem ot e dest inat ion. For I P RI P, t he m axim um hop is 15. A hop count of 16 indicat es an unr eachable net w or k . Tw o v er sions of RI P ex ist : v er sion 1 and ver sion 2. I GRP is anot her ex am ple of a dist ance v ect or pr ot ocol w it h a higher hop count of

40

255 hops. A higher hop count s allow s y our net w or k t o scale lar ger . One of t he dr aw backs of pr ot ocols, such as RI P and I GRP, is conver gence t im e, w hich is t he t im e it t ak es for r out ing infor m at ion changes t o pr opagat e t hr ough all y our t opology . Table 2- 2 descr ibes t he char act er ist ics of dist ance v ect or pr ot ocols.

Table 2-2. Distance Vector Protocol Summary Characteristic

Description

Per iodic updat es

Periodic updat es are sent at a set int erval. For I P RI P, t his int erval is 30 seconds.

Br oadcast updat es

Updat es ar e sent t o t he br oadcast addr ess 255.255.255.255. Only dev ices r unning r out ing algor it hm s list en t o t hese updat es.

Full t able updat es

When an updat e is sent , t he ent ir e r out ing t able is sent .

Triggered updat es

Also k now n as Flash updat es, t hese ar e sent w hen a change occur s out side t he updat e int erval.

Spl it horizon

You use t his m et hod t o st op r out ing loops. Updat es ar e not sent out an out going int er face fr om w hich t he sour ce net w or k w as r eceiv ed. This saves on bandw idt h as w ell.

Count t o in fin it y

This is t he m axim um hop count . For RI P, it is 15 and for I GRP, it is 255.

Algor it hm

One algor it hm exam ple is Bellm an- Ford for RI P.

Exam ples

RI P and I GRP ar e ex am ples of dist ance v ect or pr ot ocols.

Link- st at e r out ing pr ot ocols, such as OSPF and I S - I S, cr eat e a t opology of t he net w or k and place t hem selv es at t he root of t he t ree. Link- st at e pr ot ocols im plem ent an algor it hm called t he shor t est pat h fir st ( SPF, also know n as Dij kst r a's Algor it hm ) t o det er m ine t he pat h t o a r em ot e dest inat ion. Ther e is no hop count lim it . ( For an I P dat agram , t he m axim um t im e t o liv e ensur es t hat loops ar e av oided.) N OTE Hello pack et s ar e used t o discov er neighbor ing r out er s, so w hen changes occur updat es can be sent im m ediat ely . Hello pack et s ar e used t o est ablish and m aint ain neighbors. OSPF uses t he Class D m ult icast addresses in t he r ange 224.0.0.0 t hr ough 239.255.255.255. The t w o m ost im por t ant r eser v ed addr esses ar e 224.0.0.5 for all OSPF r out er s and 224.0.0.6 for all DRs and BDRs. Any new OSPFenabled r out er s im m ediat ely t r ansm it a m ult icast Hello pack et by using t he OSPF rout er s m ult icast addr ess of 224.0.0.5. DRs use t he m ult icast addr ess 224.0.0.6 t o send updat es t o all ot her OSPF r out er s. Ther efor e, t w o r eser v ed m ult icast addr esses ar e v it al for m aint aining OSPF adj acencies acr oss any br oadcast m edia, such as Et her net or Token Ring.

The OSPF dat abase is populat ed w it h link- st at e adver t isem ent s ( LSAs) fr om neighbor ing r out er s. The LSA pack et s cont ain infor m at ion, such as cost and t he adver t ising r out er or t he r out er I D, w hich is t he highest I P addr ess configur ed on t he local r out er . Ty pically , OSPF adm inist r at or s configur e loopback int er faces t o ensur e

41

t hat t he OSPF pr ocess is not pr one t o failur es. ( Loopback int er faces nev er fail unless you shut t hem dow n or m anually delet e t hem .) I n t he event t hat m or e t han one loopback int er face is configur ed on a Cisco r out er , t he loopback int er face w it h ( num er ically ) t he highest I P addr ess is t he r out er I D. Table 2- 3 display s t he char act er ist ics of link- st at e pr ot ocols.

Table 2-3. Link-State Protocol Summary Characteristic

Explanation

Per iodic updat es

Only w hen changes occur . OSPF, for exam ple, also sends all sum m ar y infor m at ion ev er y 30 m inut es by default .

Br oadcast updat es

Only dev ices r unning rout ing algor it hm s list en t o t hese updat es. Updat es ar e sent t o a m ult icast addr ess.

Dat abase

A dat abase cont ains all t opological infor m at ion fr om w hich an I P r out ing t able is assem bled.

Algor it hm

Dij kst r a Algor it hm for OSPF.

Conv er gence

Updat es ar e fast er and conv er gence t im es ar e r educed.

CPU/ m em or y

Higher CPU and m em or y r equir em ent s t o m aint ain link- st at e dat abases.

Exam ples

OSPF and I S- I S.

N OTE EI GRP is consider ed an adv anced dist ance v ect or pr ot ocol because EI GRP sends out only increm ent al up dat es. BGP is consider ed a pat h v ect or pr ot ocol because aut onom ous sy st em num ber s ar e car r ied in all updat es, and t he v ect or indicat es t he dir ect ion and pat h t o a r em ot e net w or k . Also not e dist ance v ect or pr ot ocols ar e sim pler t o im plem ent , and link- st at e prot ocols are m ore com plex. BGP is considered t he m ost com plex r out ing pr ot ocol t o configur e, w her eas RI P is consider ed t he easiest .

Cla ssful a nd Cla ssless Rout ing Prot ocols Rout ing pr ot ocols can also be descr ibed as classful and classless. Classful addr e ssing is t he use of Class A, Class B, and Class C addresses. ( Class D is reserved for m ult icast s, and Class E is r eser ved for fut ur e use.) Class A, B, and C addr esses define a set num ber of binar y bit s for t he subnet por t ion. For ex am ple, a Class A net work r anges fr om 1– 127 and uses a subnet m ask of 255.0.0.0. A Class B net w ork uses t he m ask 255.255.0.0, and Class C uses 255.255.255.0. Classful r out ing pr ot ocols apply t he sam e r ules. I f a r out er is configur ed w it h a Class A addr ess 10.1.1.0, t he default m as k of 255.0.0.0 is applied and so fort h. This m et hod of r out ing does not scale w ell, and w hen designing net w or k s, classless r out ing bet t er ut ilizes addr ess space. For ex am ple, y ou can use a Class B net w or k , such as 131.108.0.0, and apply a Class C m ask ( 255.255.255.0, or / 24, m ask) . N OTE

42

The follow ing t hr ee blocks of I P addr ess space for pr ivat e net w or ks have been reserved according t o RFC 1597: • • •

10. 0. 0. 0– 10.255.255.255 172. 16. 0. 0– 172.31.255.255 192.168.0.0–192.168.255.255

Table 2- 4 sum m arizes t he addressing ranges in Class A, B, C, D, and E net w ork.

Table 2-4. IP Address Ranges IP Address Class

Typically Used By:

High-Order Bit(s)

Address Range

Maximum Hosts 16, 777, 214

A

Few large or ganizat ions

0

1.0.0.0–126. 0. 0. 0

B

Medium- sized or ganizat ions

1, 0

128.1.0.0–191. 254. 0. 0 65,543

C

Relat ively sm all or ganizat ions

1, 1, 0

192.0.1.0– 223.255.254.0

254

D

Mult icast gr oups ( RFC 1112)

1, 1, 1, 0

224.0.0.0– 239.255.255.255

N/ A

E

Ex per im ent al

1, 1, 1, 1

240.0.0.0– 254.255.255.255

N/ A

Ex am ples of classful r out ing pr ot ocols ar e RI Pv 1 and I GRP. Ex am ples of classless r out ing pr ot ocols ar e OSPF, I S - I S, EI GRP, and BGP. Wit h classless rout ing, t he abilit y t o apply sum m ar izat ion t echniques enables y ou t o r educe t he size of a r out ing t able. At last count ( Oct ober 2001) , t her e ar e over 80,000 I P r out ing t able ent r ies on t he I nt er net . Reducing t he I P r out ing t able size allow s for fast er deliv er y of I P pack et s and low er m em or y r equir em ent s.

Sce n a r ios The follow ing scenar ios and quest ions ar e designed t o dr aw t oget her som e of t he cont ent descr ibed in t his chapt er and som e of t he cont ent you have seen in your ow n net w or k s or pr act ice labs. Ther e is not alw ay s one r ight w ay t o accom plish t he t asks pr esent ed her e, and using good pr act ice and defining y our end goal ar e im por t ant in any r eal- life design or solut ion.

Sce n a r io 2 - 1 : Rou t in g I P on Cisco Rou t e r s I n t his scenar io, you configur e t w o Cisco r out er s for I P r out ing using a Class B ( / 16) net w or k addr ess, 131.108.0.0, w it h a Class C subnet m ask ( 255.255.255.0, or / 24) . You lear n how t o build a sm all net w or k up fr om t he physical layer and build an I P r out ing t able using one ser ial link bet w een t he t w o r out er s, R1 and R2. You also configure a num b er of loopback int er faces t o populat e t he I P r out ing t able.

43

N OTE A loopback int er face is a soft w ar e int er face. You can ping it and com m unicat e w it h it . Most im por t ant ly , it nev er goes dow n, and y ou can use it as a t ool t o populat e r out ing t ables.

Figur e 2- 2 show s t he net w or k for t his scenar io.

Figu r e 2 - 2 . Rou t in g I P w it h D ir e ct ly Con n e ct e d N e t w or k s

Rout ing I P w it h Cisco Rout ers Fir st , configur e r out er R1 for I P r out ing. You need t o st ar t by configur ing t he loopback s, Et her net , and t he ser ial int er face. A loopback int er face is a soft w ar e int er face t hat can be num bered fr om 02147483647. Loopback s ar e handy w hen y ou don't hav e access t o a lar ge num ber of r out er s and ar e v it al t ools w hen y ou ar e configur ing I OS on Cisco r out er s. Refer t o Figure 2- 2 for I P addr ess assignm ent s. R1 is dir ect ly connect ed t o R2 w it h b ack- t o- back serial cables. As wit h any wide- ar ea net w or k ( WAN) connect ion, clock ing is r equir ed t o enable t he t w o r out er s t o com m unicat e. N OTE To det er m ine w hich r out er r equir es a clock t o enable com m unicat ion at Lay er 2 of t he OSI m odel, use t he sh ow con t r olle r com m and t o det er m ine w hich end of t he net w or k is t he dat a cir cuit - t erm inat ing equipm ent ( DCE) . Typically, t his is a m odem .

Ex am ple 2- 3 displays t he hardw are inform at ion on R1.

Ex a m ple 2 - 3 sh ow con t r olle r s s0 / 1 on R1 44

R1#show controllers s0/1 Interface Serial0/1 Hardware is PowerQUICC MPC860 DCE V.35, no clock ...output omitted Not ice t hat R1 has t he DCE connect ion so y ou need t o configur e a clock r at e w it h t he clock r a t e speed com m and. Ex am ple 2- 4 displays t he hardw are inform at ion on R2.

Ex a m ple 2 - 4 sh ow con t r olle r s s0 / 1 on R2 R2#show controllers s1/0 CD2430 Slot 1, Port 0, Controller 0, Channel 0, Revision 15 Channel mode is synchronous serial idb 0x61209474, buffer size 1524, V.35 DTE cable output omitted N OTE The out put in Ex am ple 2- 4 is differ ent fr om t hat of Ex am ple 2- 3 because t his scenario uses different m odel rout ers for R1 ( 2600) and R2 ( 3600) , and t he cable t ypes used on t he r out er s ar e V.35. Rout er R2 has t he dat a t er m inal equipm ent ( DTE) , so R2 r equir es a clocking sour ce. I n t his case, R1, t he DCE, supplies t he clock.

To configur e t he loopback s w it h an I P addr ess, sim ply use t he follow ing com m and synt ax:

interface loopback number The value for num ber is a num ber w it hin t he r ange of 0- 2147483647. The Cisco I OS aut om at ically enables t he loopback int er face if y ou hav e not pr ev iously cr eat ed it . To configur e t he t hr e e loopback s for t his scenar io, t y pe t he com m ands on R1 as displayed in Ex am ple 2- 5.

Ex a m ple 2 - 5 I P Addr e ss Con figu r a t ion on R1 R1(config)#interface loopback 0 R1(config-if)# 2w1d: %LINK-3-UPDOWN: Interface Loopback0, changed state to up 2w1d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up R1(config-if)#ip address 131.108.4.1 255.255.255.0 R1(config-if)#interface loopback 1 2w1d: %LINK-3-UPDOWN: Interface Loopback1, changed state to up

45

2w1d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up R1(config-if)#ip address 131.108.5.1 255.255.255.0 R1(config-if)#interface loopback 2 2w1d: %LINK-3-UPDOWN: Interface Loopback2, changed state to up 2w1d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback2, changed state to up R1(config-if)#ip address 131.108.6.1 255.255.255.0 I n Ex am ple 2- 5 w hen t he t hat indicat es Loopback 0 You now sim ply configur e dem onst r at ed in Ex am ple

fir st int er face Loopback 0 is cr eat ed, you get a m essage is act ive. Sim ilar ly, t his happens for loopbacks 1 and 2. t he I P addr esses for t he Et her net and ser ial link t o R2, as 2- 6.

Ex a m ple 2 - 6 I P Addr e ss Con figu r a t ion on R1 R1(config)#interface ethernet 0/0 R1(config-if)#ip address 131.108.1.1 255.255.255.0 R1(config-if)#interface s 0/1 R1(config-if)#ip address 131.108.3.1 255.255.255.0 R1(config-if)#clock rate 128000 This t im e y ou did not get any m essages t o indicat e t he link is act iv e. The lack of such a m essage is because t hat all physical int er faces ar e shut dow n by default w hen you fir st configur e a r out er fr om t he default st at e. You need t o enable t he int er faces. You can assum e t hat t he Et her net on R1 is connect ed t o a Cat aly st sw it ch. Exam ple 2- 7 display s t he Et her net int er face and ser ial int er face on R1 being enabled. N OTE I f y ou do not hav e access t o any for m of sw it ch or hub, y ou can enable t he Et her net int er face w it h t he com m and k e e pa live 0 , in w hich case hardw are is un necessar y . Of cour se, no user s can at t ach t o y our net w or k , but for t r aining pur poses it is a gr eat com m and t o use. The Cisco I OS consider s t he int er face act iv e and includes t he net work in t he I P rout ing t able.

Ex a m ple 2 - 7 n o sh u t dow n Com m a n d on R1 R1(config-if)#interface e0/0 R1(config-if)#no shutdown R1(config-if)# 2w1d: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up 2w1d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up R1(config-if)#int s 0/1 R1(config-if)#no shutdown

46

The Et her net int er faces is r unning, but you st ill have no act ive connect ion on R1 ser ial link because R1 S0/ 1 connect s t o R2, and y ou hav e y et t o enable R2 ser ial int erface t o R1. Ex am ple 2- 8 display s I P addr ess configur at ion and t he enabling of t he hardware int erfaces on R2.

Ex a m ple 2 - 8 En a blin g E0 / 0 a n d S1 / 1 on R2 R2(config)#interface e0/0 R2(config-if)#ip address 131.108.2.1 255.255.255.0 R2(config-if)#no shutdown R2(config-if)# 2w1d: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up 2w1d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up R2(config-if)#int s 1/1 R2(config-if)#ip address 131.108.3.2 255.255.255.0 R2(config-if)#no shut R2(config-if)# 2w1d: %LINK-3-UPDOWN: Interface Serial1/1, changed state to up 2w1d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1/1, changed state to up On t his occasion, not ice bot h t he Et her net and ser ial connect ions are im m ediat ely act iv e because R2 is connect ed t o an Et her net sw it ch, and t he link t o R1 is act iv e because R1 is enabled and supply ing a clock sour ce. You hav e now configur ed t w o r out er s w it h I P addr essing.

View ing I P Rout ing Ta bles Now v iew t he r out ing t ables on R1 and R2 in Scenar io 2- 1 t o see w hat ex act ly is described in an I P rout ing t able. Ex am ple 2- 9 displays R1's rout ing t able.

Ex a m ple 2 - 9 sh ow ip r ou t e Com m a n d on R1 R1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR Gateway of last resort is not set

C C C C C

131.108.0.0/24 131.108.6.0 131.108.5.0 131.108.4.0 131.108.3.0 131.108.1.0

is is is is is is

subnetted, 5 subnets directly connected, Loopback2 directly connected, Loopback1 directly connected, Loopback0 directly connected, Serial0/1 directly connected, Ethernet0/0

47

R1# Ex am ple 2- 10 displays R2's I P rout ing t able.

Ex a m ple 2 - 1 0 sh ow ip r ou t e on R2 R2#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR Gateway of last resort is not set 131.108.0.0/16 is variably subnetted, 9 subnets, 3 masks C 131.108.9.0/24 is directly connected, Loopback2 C 131.108.8.0/25 is directly connected, Loopback1 C 131.108.7.0/24 is directly connected, Loopback0 C 131.108.3.0/30 is directly connected, Serial1/1 C 131.108.2.0/24 is directly connected, Ethernet0/0 R2# Bot h of t hese cases show r out ing ent r ies for only dir ect ly connect ed int er faces, w hich are denot ed by t he C on t he left side of each rout ing t able. Now , you t ake t he R1 rout ing t able and look at it in dept h. I n part icula r, look at t he shaded port ions in Ex am ple 2- 9. The fir st half of t he display sum m ar izes t he abbr ev iat ions t he Cisco I OS uses t o denot e how it lear ns or discov er s r out ing ent r ies. For ex am ple, ent r ies t hat display C ar e dir ect ly connect ed net w or k s; ent r ies denot ed by D ar e discov er ed by EI GRP, and so for t h. That t he gat ew ay of last r esor t is not set in t his case m eans t hat if t he r out er r eceiv es an I P pack et , by default if t he r out er doesn't know t he dest inat ion, it dr ops t he I P pack et . I f t he r out er k now s t he gat ew ay of last r esor t , w hich is t y pically r epr esent ed by a nex t hop addr ess, t he r out er for w ar ds t he I P pack et s t o t hat dest inat ion or next hop addr ess. The follow ing ent r y descr ibes t he fact t hat R1 has t he Class B net w or k 131.108.0.0 subnet t ed w it h fiv e indiv idual net w or k s, nam ely t he t hr ee loopback s, t he Et her net , and t he serial link t o R2:

131.108.0.0/24 is subnetted, 5 subnets To m ak e t he r out ing t able a lit t le m ore int erest ing, configure R1/ R2 wit h RI P and t hen OSPF. At t his st age, R1 is not aw ar e of any I P net w or k s on R2 and v ice v er sa. To st art , configure RI P on bot h R1 and R2. I P RI P is one of t he easiest rout ing pr ot ocols t o configur e. To enable I P RI P, y ou need t o per for m t he follow ing st eps:

48

St e p 1 . Enable t he r out ing pr ot ocol w it h t he com m and r ou t e r r ip . St e p 2 . Specify t he net w or ks on w hich RI P w ill r un. Wit h RI P, you need t o specify only t he m aj or net w or k because RI P is a classful pr ot ocol. I n t his exa m ple, t he Class B net w ork is 131.108.0.0. Ex am ple 2- 11 and Ex am ple 2- 12 displa y t he configurat ions required on R1 and R2, r espect ively, t o enable I P RI P.

Ex a m ple 2 - 1 1 En a ble I P RI P on R1 R1(config)#router rip R1(config-router)#network 131.108.0.0

Ex a m ple 2 - 1 2 En a ble I P RI P on R2 R2(config)#router rip R2(config-router)#network 131.108.0.0 Now enable debugging on R1 t o view t he rout ing updat es on R1. Ex am ple 2- 13 displays t he debug com m ands enabled on R1.

Ex a m ple 2 - 1 3 de bu g ip r ip Ou t pu t on R1 R1#debug ip rip RIP protocol debugging is on R1#debug ip rip events RIP event debugging is on 2w1d: RIP: received v1 update from 131.108.3.2 on Serial0/1 2w1d: 131.108.2.0 in 1 hops 2w1d: RIP: Update contains 1 routes 2w1d: RIP: sending v1 update to 255.255.255.255 via Ethernet0/0 (131.108.1.1) 2w1d: subnet 131.108.6.0, metric 1 2w1d: subnet 131.108.5.0, metric 1 2w1d: subnet 131.108.4.0, metric 1 2w1d: subnet 131.108.3.0, metric 1 2w1d: subnet 131.108.2.0, metric 2 2w1d: RIP: Update contains 5 routes 2w1d: RIP: Update queued 2w1d: RIP: sending v1 update to 255.255.255.255 via Serial0/1 (131.108.3.1) 2w1d: subnet 131.108.6.0, metric 1 2w1d: subnet 131.108.5.0, metric 1 2w1d: subnet 131.108.4.0, metric 1 2w1d: subnet 131.108.1.0, metric 1 2w1d: RIP: Update sent via Ethernet0/0 2w1d: RIP: Update contains 4 routes 2w1d: RIP: Update queued 2w1d: RIP: sending v1 update to 255.255.255.255 via Loopback0 (131.108.4.1) 2w1d: subnet 131.108.6.0, metric 1 2w1d: subnet 131.108.5.0, metric 1 2w1d: subnet 131.108.3.0, metric 1 2w1d: subnet 131.108.2.0, metric 2 2w1d: subnet 131.108.1.0, metric 1

49

2w1d: RIP: Update sent via Serial0/1 2w1d: RIP: Update contains 5 routes 2w1d: RIP: Update queued 2w1d: RIP: sending v1 update to 255.255.255.255 via Loopback1 (131.108.5.1) 2w1d: subnet 131.108.6.0, metric 1 2w1d: subnet 131.108.4.0, metric 1 2w1d: subnet 131.108.3.0, metric 1 2w1d: subnet 131.108.2.0, metric 2 2w1d: subnet 131.108.1.0, metric 1 2w1d: RIP: Update sent via Loopback0 2w1d: RIP: Update contains 5 routes 2w1d: RIP: Update queued 2w1d: RIP: sending v1 update to 255.255.255.255 via Loopback2 (131.108.6.1) 2w1d: subnet 131.108.5.0, metric 1 2w1d: subnet 131.108.4.0, metric 1 2w1d: subnet 131.108.3.0, metric 1 2w1d: subnet 131.108.2.0, metric 2 2w1d: subnet 131.108.1.0, metric 1 2w1d: RIP: Update sent via Loopback1 2w1d: RIP: Update contains 5 routes 2w1d: RIP: Update queued 2w1d: RIP: Update sent via Loopback2 Ex am ple 2- 13 displays rout ing updat es sent ( by default version 1 of RI P is sent and bot h versions 1 and 2 are accept ed) and received by R1 . Then R1 sends updat es t o loopbacks 0, 1, and 2, Et her net 0/ 0, and m ost im por t ant ly t o R2 t hr ough t he ser ial link S0/ 1. R1 sends infor m at ion about t he local int er faces so t hat R2 can dy nam ically insert t hese ent ries int o it s ow n rout ing t able. R2 perform s t he sam e r out ing funct ion; t hat is, it sends updat es t o R1. Ex am ple 2- 14 display s t he I P r out ing t able on R1.

Ex a m ple 2 - 1 4 R1 ' s I p Rou t in g Ta ble R1#show ip route

R R R C C C C R C R1#

131.108.0.0/24 131.108.9.0 131.108.8.0 131.108.7.0 131.108.6.0 131.108.5.0 131.108.4.0 131.108.3.0 131.108.2.0 131.108.1.0

is subnetted, 9 subnets [120/1] via 131.108.3.2, 00:00:08, [120/1] via 131.108.3.2, 00:00:08, [120/1] via 131.108.3.2, 00:00:08, is directly connected, Loopback2 is directly connected, Loopback1 is directly connected, Loopback0 is directly connected, Serial0/1 [120/1] via 131.108.3.2, 00:00:08, is directly connected, Ethernet0/0

Serial0/1 Serial0/1 Serial0/1

Serial0/1

Ex am ple 2- 15 show s j ust I P RI P r out es using t he com m and sh ow ip r ou t e r ip .

Ex a m ple 2 - 1 5 R1 's RI P En t r ie s On ly R1#show ip route rip 131.108.0.0/24 is subnetted, 9 subnets R 131.108.9.0 [120/1] via 131.108.3.2, 00:00:20, Serial0/1

50

R R R R1#

131.108.8.0 [120/1] via 131.108.3.2, 00:00:20, Serial0/1 131.108.7.0 [120/1] via 131.108.3.2, 00:00:20, Serial0/1 131.108.2.0 [120/1] via 131.108.3.2, 00:00:20, Serial0/1

As y ou can see in Ex am ple 2- 15, R2 is adver t ising t he Class B subnet t ed net w or ks 131.108.2. 0/ 24, 131.108.7.0/ 24, 131.108.8.0/ 24, and 131.108.108.9.0/ 24 t hr ough t he next hop addr ess 131.108.3.2. The out going int er face is ser ial 0/ 1. RI P w or ks in t his env ir onm ent because all t he net w or k s ar e Class C. Anot her im por t ant field described in t he I P rout ing t able is t he adm inist r at iv e dist ance and t he m et r ic. I n t he case of I P RI P, t he adm inist r at iv e dist ance is 120 and t he m et r ic is hop count . The hop count t o all t he rem ot e net w orks in Ex am ple 2- 15 is 1. Now change t he I P addr ess on t he ser ial link t o t he m ost com m only used subnet . To ensur e t he efficient use of I P addr ess space w hen designing net w or ks, you t ypically use a subnet t hat allow s only t w o host s. To allow t w o host s, y ou m ust use t he subnet m ask 255.255.255.252. Ex am ple 2- 16 displays t he I P address change on R1 and R2 using t he new subnet m ask of 255.255.255.252.

Ex a m ple 2 - 1 6 I P Addr e ss Ch a n ge on R1 a n d R2 R1(config)#int s R1(config-if)#ip R2(config)#int s R2(config-if)#ip

0/1 address 131.108.3.1 255.255.255.252 1/1 address 131.108.3.2 255.255.255.252

Look at t he I P rout ing t able on R1. Rem em ber t hat RI P is classful so it applies t he default subnet m ask, or w hat ever m ask is applied, t o a dir ect ly at t ached int er face. I n t he fir st RI P ex am ple, a / 24 net w or k w as used on all int er faces. Exam ple 2- 17 now displays t he new I P rout ing t able on R1.

Ex a m ple 2 - 1 7 sh ow ip r ou t e on R1 R1#show ip route 131.108.0.0/16 is C 131.108.6.0/24 C 131.108.5.0/24 C 131.108.4.0/24 C 131.108.3.0/30 C 131.108.1.0/24 R1#

variably subnetted, 5 subnets, 2 masks is directly connected, Loopback2 is directly connected, Loopback1 is directly connected, Loopback0 is directly connected, Serial0/1 is directly connected, Ethernet0/0

Not ice w hat happens t o t he I P RI P r out es. Also not ice t hat t he serial link t o R2 t hr ough Ser ial 0/ 1 is a / 30 subnet , w her eas all t he ot her dir ect ly connect ed int erfaces are / 24. Because you use a variable - lengt h subnet m ask ( VLSM) acr oss t his net w or k m eans you need a rout ing prot ocol t hat underst ands VLSM. I P RI P v er sion 1 does not . Enable ver sion 2 of I P RI P. To enable ver sion 2, you t ype t he com m and v e r sion 2 . You can also use st at ic r out es t o accom plish connect iv it y . Exam ple 2- 18 display s t he enabling of RI P version 2.

Ex a m ple 2 - 1 8 En a blin g RI Pv 2 on R1 a n d R2

51

R1(config)#router rip R1(config-router)#version 2 R2(config)#router rip R2(config-router)#version 2 I P RI Pv2 under st ands VLSM. Ex am ple 2- 19 displays t he new I P rout ing t able on R1.

Ex a m ple 2 - 1 9 R1 ' s I P Rou t e Ta ble w it h RI Pv2 En a ble d R1#show ip route

R R R C C C C R C

131.108.0.0/16 is 131.108.9.0/24 131.108.8.0/24 131.108.7.0/24 131.108.6.0/24 131.108.5.0/24 131.108.4.0/24 131.108.3.0/30 131.108.2.0/24 131.108.1.0/24

variably subnetted, 9 subnets, 2 masks [120/1] via 131.108.3.2, 00:00:00, Serial0/1 [120/1] via 131.108.3.2, 00:00:00, Serial0/1 [120/1] via 131.108.3.2, 00:00:00, Serial0/1 is directly connected, Loopback2 is directly connected, Loopback1 is directly connected, Loopback0 is directly connected, Serial0/1 [120/1] via 131.108.3.2, 00:00:00, Serial0/1 is directly connected, Ethernet0/0

The r em ot e net w or k s ar e now back in t he r out ing t able because RI Pv 2 under st ands VLSM. Anot her r out ing pr ot ocol t hat under st ands VLSM is OSPF. Befor e you lear n how t o configur e OSPF, Ex am ple 2- 20 and Ex am ple 2- 21 display t he full configurat ions for R1 and R2 using VLSM and RI Pv2.

Ex a m ple 2 - 2 0 R1 Fu ll Con figu r a t ion version 12.0 ! ! hostname R1 ! enable password cisco ! no ip domain-lookup ! interface Loopback0 ip address 131.108.4.1 255.255.255.0 no ip directed-broadcast ! interface Loopback1 ip address 131.108.5.1 255.255.255.0 no ip directed-broadcast ! interface Loopback2 ip address 131.108.6.1 255.255.255.0 no ip directed-broadcast ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 no ip directed-broadcast ! interface Serial0/0 shutdown

52

! interface Serial0/1 ip address 131.108.3.1 255.255.255.252 no ip directed-broadcast clockrate 128000 ! router rip version 2 network 131.108.0.0 ! line con 0 transport input none line aux 0 line vty 0 4 end

Ex a m ple 2 - 2 1 R2 Fu ll Con figu r a t ion version 12.0 ! hostname R2 ! enable password cisco no ip domain-lookup ! interface Loopback0 ip address 131.108.7.1 255.255.255.0 no ip directed-broadcast ! interface Loopback1 ip address 131.108.8.1 255.255.255.0 no ip directed-broadcast ! interface Loopback2 ip address 131.108.9.1 255.255.255.0 no ip directed-broadcast ! interface Ethernet0/0 ip address 131.108.2.1 255.255.255.0 ! interface Serial1/0 shutdown ! interface Serial1/1 ip address 131.108.3.2 255.255.255.252 ip directed-broadcast ! interface Serial1/2 shutdown ! interface Serial1/3 shutdown ! router rip version 2 network 131.108.0.0 !

53

line con 0 exec-timeout 0 0 transport input none line aux 0 line vty 0 4 ! end N OTE I n bot h cases, t he com m and n o ip d o m a in- look u p is configur ed. This I OS com m and is a handy com m and t o disable w hen y ou ar e st udy ing on Cisco I OS r out er s. Ever y t im e you t ype an unknow n com m and on a r out er in exec or pr iv m ode, t he r out er aut om at ically quer ies t he DNS ser v er , w hich is t im e consum ing and annoying. On R2, t he ext r a ser ial int er faces ar e not configur ed and ar e in a sh u t dow n st at e or ar e not enabled by default .

Sce n a r io 2 - 2 : Ba sic OSPF I n t his scenar io, y ou lear n how t o change t he r out ing pr ot ocol t o OSPF on bot h Rout ers R1 and R2. Figure 2- 3 show s t he net w or k and ar eas you use for t his scenar io. You change t he I P addr esses as w ell t o lear n about VLSM. Leav e t he Et her net segm ent s w it h a Class C net w or k t o enable 254 host s t o at t ach t o t he rout er. Use a / 30 m ask on t he serial link and host addr essing or a / 32 m ask on all t he loopback s t o conser v e addr ess space.

Figu r e 2 - 3 . Ba sic OSPF

I n t his basic scenar io, you configur e t hr ee ar eas: 0, 1, and 2. Area 0 ( or area 0.0.0.0) is t he backbone; areas 1 and 2 cover t he Et hernet s on R1 and R2 and t heir r espect ive loopbacks. As on all good OSPF net w or ks, a backbone OSPF ar ea 0 is configur ed. To enable OSPF, y ou need t o per for m t he follow ing st eps: St e p 1 . Enable t he r out ing pr ot ocol w it h t he com m and r ou t e r osp f pr ocess num ber . The pr ocess num ber is significant t o only t he local r out er . You can r un m or e t han one pr ocess.

54

St e p 2 . Specify t he net w or k s on w hich OSPF w ill r un and t he ar ea assignm ent s. The I OS com m and t o enable OSPF per int er face is network address wildcard-mask area area-id The w ildcar d m ask defines w hat net w or ks ar e assigned; t he ar ea I D defines t he OSPF ar ea assignm ent . Befor e y ou configur e OSPF, r enum ber all int er faces and r em ov e I P RI P w it h t he com m and n o r ou t e r r ip . Ex am ple 2- 22 display s I P addr ess changes and t he rem oval of I P RI P.

Ex a m ple 2 - 2 2 I P Addr e ss Ch a n ge s a n d D isa blin g I P RI P on R1 R1(config)#int lo0 R1(config-if)#ip address 131.108.4.1 255.255.255.255 R1(config-if)#int lo1 R1(config-if)#ip address 131.108.4.2 255.255.255.255 R1(config-if)#int lo2 R1(config-if)#ip address 131.108.4.3 255.255.255.255 R1(config-if)#exit! it is not required to exit interface mode to remove RIP R1(config)#no router rip Ex am ple 2- 23 displays t he I P address changes and t he rem oval of I P RI P on R2.

Ex a m ple 2 - 2 3 I P Addr e ss Ch a n ge a n d D isa blin g I P RI P on R2 R2(config)#int lo0 R2(config-if)#ip address 131.108.4.4 255.255.255.255 R2(config-if)#int lo1 R2(config-if)#ip address 131.108.4.5 255.255.255.255 R2(config-if)#int lo2 R2(config-if)#ip address 131.108.4.6 255.255.255.255 R2(config-if)#exit ! it is not required to exit interface mode to remove RIP R2(config)#no router rip Now t hat RI P is rem oved and t he I P addressing is redone, configure R1 for OSPF by using t he process num ber 1 and for R2 using process num ber 2. Ex am ple 2- 24 and Ex am ple 2- 25 display t he new OSPF configurat ions on R1 and R2.

Ex a m ple 2 - 2 4 OSPF Con figu r a t ion on R1 R1(config)#router ospf 1 R1(config-router)#network R1(config-router)#network R1(config-router)#network R1(config-router)#network R1(config-router)#network

131.108.1.0 0.0.0.255 area 1 131.108.4.1 0.0.0.0 area 1 131.108.4.2 0.0.0.0 area 1 131.108.4.3 0.0.0.0 area 1 131.108.3.10 0.0.0.0 area 0

Ex a m ple 2 - 2 5 OSPF Con figu r a t ion on R2 R2(config)#router ospf 2

55

R2(config-router)#network R2(config-router)#network R2(config-router)#network R2(config-router)#network R2(config-router)#network

131.108.2.1 131.108.4.4 131.108.4.5 131.108.4.6 131.108.3.2

0.0.0.255 area 2 0.0.0.0 area 2 0.0.0.0 area 2 0.0.0.0 area 2 0.0.0.0 area 0

The w ildcar d m ask 0.0.0.0 indicat es an exact m at ch. The w ildcar d m ask 0.0.0.255 m eans t he first t hree oct et s m ust m a t ch and t he last oct et does not m at t er . For exam ple, t he com m and n e t w or k 1 3 1 .1 0 8 .1 .0 0 .0 .0 .2 5 5 m eans 131.108.1.1 t o 131.108.1.254 all m at ch. I n t his case, you can configur e any I P addr ess in t he r ange 131.108.1.1 t o 131.108.1.254 t o be in ar ea 1 on R1 E0/ 0. Ex am ple 2- 26 display s t he I P rout ing t able on R1.

Ex a m ple 2 - 2 6 I P Rou t in g Ta ble on R1 C C C C O O O C O

IA IA IA IA

131.108.0.0/16 is 131.108.4.3/32 131.108.4.2/32 131.108.4.1/32 131.108.3.0/30 131.108.4.6/32 131.108.2.0/24 131.108.4.5/32 131.108.1.0/24 131.108.4.4/32

variably subnetted, 9 subnets, 3 masks is directly connected, Loopback2 is directly connected, Loopback1 is directly connected, Loopback0 is directly connected, Serial0/1 [110/65] via 131.108.3.2, 00:01:29, Serial0/1 [110/74] via 131.108.3.2, 00:01:29, Serial0/1 [110/65] via 131.108.3.2, 00:01:29, Serial0/1 is directly connected, Ethernet0/0 [110/65] via 131.108.3.2, 00:01:29, Serial0/1

You can see fr om Ex am ple 2- 26 t hat R1 discover s four r em ot e net w or ks ( R2's Et her net and t hr ee loopback int er faces) t hr ough OSPF. I n addit ion, t her e ar e also t he dir ect ly at t ached link s. R1 dy nam ically lear ns t he r em ot e net w or k s on R2 t hr ough t he nex t hop addr ess of 131.108.3.2 and t he out bound int er face Ser ial 0/ 1. Not ice once again t he adm inist r at iv e dist ance and m et r ic pair ing. I n t he case of OSPF, t he adm inist r at ive dist ance is 110 ( m or e t r ust ed t han RI P at 120) and t he m et r ic used by OSPF is cost . The left side indicat es t he r out ing t y pe as O for OSPF. The I A ( int er- ar ea) indicat es t he r em ot e net w or k is par t of anot her ar ea, in t his case area 2. Ex am ple 2- 27 uses t he com m and sh ow ip r ou t e osp f on Rout er R2 t o display only t he OSPF r out es.

Ex a m ple 2 - 2 7 R2 OSPF Rou t in g Ta ble R2#show ip route ospf 131.108.0.0/16 is O IA 131.108.4.3/32 O IA 131.108.4.2/32 O IA 131.108.4.1/32 O IA 131.108.1.0/24 R2#

variably subnetted, 9 subnets, 3 masks [110/782] via 131.108.3.1, 00:43:09, Serial1/1 [110/782] via 131.108.3.1, 00:43:09, Serial1/1 [110/782] via 131.108.3.1, 00:43:09, Serial1/1 [110/791] via 131.108.3.1, 00:41:54, Serial1/1

Ex am ple 2- 28 and Ex am ple 2- 29 display t he com plet e configur at ions for R1 and R2 for your reference.

Ex a m ple 2 - 2 8 2 8 R1 Fu ll Con f igu r a t ion 56

version 12.0 ! hostname R1 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Loopback0 ip address 131.108.4.1 255.255.255.255 no ip directed-broadcast ! interface Loopback1 ip address 131.108.4.2 255.255.255.255 no ip directed-broadcast ! interface Loopback2 ip address 131.108.4.3 255.255.255.255 no ip directed-broadcast ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 no ip directed-broadcast ! interface Serial0/0 shutdown ! interface Serial0/1 ip address 131.108.3.1 255.255.255.252 clockrate 128000 ! router ospf 1 network 131.108.1.0 0.0.0.255 area 1 network 131.108.3.1 0.0.0.0 area 0 network 131.108.4.1 0.0.0.0 area 1 network 131.108.4.2 0.0.0.0 area 1 network 131.108.4.3 0.0.0.0 area 1 ! router rip version 2 network 131.108.0.0 ! ip classless ! line con 0 line aux 0 line vty 0 4 end

Ex a m ple 2 - 2 9 R2 Fu ll Con figu r at ion ! hostname R2 ! enable password cisco !

57

no ip domain-lookup interface Loopback0 ip address 131.108.4.4 255.255.255.255 ! interface Loopback1 ip address 131.108.4.5 255.255.255.255 ! interface Loopback2 ip address 131.108.4.6 255.255.255.255 ! interface Ethernet0/0 ip address 131.108.2.1 255.255.255.0 ! interface Serial1/0 shutdown ! interface Serial1/1 ip address 131.108.3.2 255.255.255.252 ! interface Serial1/2 shutdown ! interface Serial1/3 shutdown ! router ospf 2 network 131.108.2.0 0.0.0.255 area 2 network 131.108.3.2 0.0.0.0 area 0 network 131.108.4.4 0.0.0.0 area 2 network 131.108.4.5 0.0.0.0 area 2 network 131.108.4.6 0.0.0.0 area 2 ! router rip version 2 network 131.108.0.0 ! ip classless ! line con 0 exec-timeout 0 0 transport input none line aux 0 line vty 0 4 no login ! end

Sce n a r io 2 - 3 : Ba sic I GRP This scenar io is designed t o int r oduce y ou t o t he basics of I GRP and EI GRP configur at ions.

58

Once m or e, r ev isit t he t w o- r out er scenar io. I GRP is a classful r out ing pr ot ocol, so you hav e t o change t he I P addr essing back t o a non- VLSM net work. I n t his scenario, you use a differ ent class addr ess as w ell. Figur e 2- 4 displays t he net w or k t opology and IP addr essing schem e.

Figu r e 2 - 4 . Ba sic I GRP/ EI GRP N e t w or k

This scenar io st ar t s w it h I GRP and t hen changes t he r out ing pr ot ocol t o EI GRP. I n t his basic scenar io, you configur e t he t w o r out er s R1 and R2 for I GRP using t he sam e adm inist r at iv e dom ain. To shar e infor m at ion bet w een r out er s in I GRP, y ou need t o configur e t he sam e adm inist r at iv e dom ain. To enable I GRP, y ou need t o per for m t he follow ing st eps: St e p 1 . Use t he com m and r o u t e r ig r p adm inist r at iv e dom ain t o enable t he r out ing pr ot ocol. The adm inist r at iv e dom ain m ust be t he sam e for r out er s t hat ar e under a com m on adm inist r at ive cont r ol or t he sam e net w or k. St e p 2 . You t hen specify t he net w or k s on w hich I GRP runs. As w it h I P RI P, you need t o specify only t he m aj or class net w ork. Use t he Class C net w or k 199.100.1.0/ 24 t hr ough t o 199.100.9.0/ 24. Ex am ple 2- 30 displays t he I P address changes m ade t o Rout er R1.

Ex a m ple 2 - 3 0 I P Addr e ssin g on R1 R1(config)#int e 0/0 R1(config-if)#ip address R1(config-if)#int lo0 R1(config-if)#ip address R1(config-if)#int lo1 R1(config-if)#ip address R1(config-if)#int lo2 R1(config-if)#ip address R1(config-if)#int s0/1 R1(config-if)#ip address

199.100.1.1 255.255.255.0 199.100.4.1 255.255.255.0 199.100.5.1 255.255.255.0 199.100.6.1 255.255.255.0 199.100.3.1 255.255.255.0

Ex am ple 2- 31 displays t he I P address changes m ade t o rout er R2.

59

Ex a m ple 2 - 3 1 I P Addr e ssin g on R2 R2(config)#int e 0/0 R2(config-if)#ip address R2(config-if)#int lo0 R2(config-if)#ip address R2(config-if)#int lo1 R2(config-if)#ip address R2(config-if)#int lo2 R2(config-if)#ip address R2(config-if)#int s1/1 R2(config-if)#ip address

199.100.2.1 255.255.255.0 199.100.7.1 255.255.255.0 199.100.8.1 255.255.255.0 199.100.9.1 255.255.255.0 199.100.3.2 255.255.255.0

Ex am ple 2- 32 displays t he I OS com m ands required t o enable I GRP in AS 1. N OTE When using a class C net w or k w it h t he default class C m ask , y ou m ust specify each net work in I GRP.

Ex a m ple 2 - 3 2 I P Addr e ssin g on R1 R1(config)#router igrp 1 R1(config-router)#network R1(config-router)#network R1(config-router)#network R1(config-router)#network R1(config-router)#network

199.100.1.0 199.100.4.0 199.100.3.0 199.100.5.0 199.100.6.0

Ex am ple 2- 33 sim ilar ly displays t he I GRP com m ands configur ed on R2.

Ex a m ple 2 - 3 3 I P Addr e ssin g on R2 R2(config)#router igrp 1 R2(config-router)#network R2(config-router)#network R2(config-router)#network R2(config-router)#network R2(config-router)#network

199.100.2.0 199.100.3.0 199.100.7.0 199.100.8.0 199.100.9.0

Ex am ple 2- 34 now displays t he I P rout ing t able on R1.

Ex a m ple 2 - 3 4 R1 I P Rou t in g Ta ble R1#show ip route Gateway of last resort is not set I 199.100.9.0/24 [100/8976] via 199.100.3.2, 00:00:46, I 199.100.8.0/24 [100/8976] via 199.100.3.2, 00:00:46, C 199.100.3.0/24 is directly connected, Serial0/1 I 199.100.2.0/24 [100/8576] via 199.100.3.2, 00:00:46, C 199.100.1.0/24 is directly connected, Ethernet0/0 I 199.100.7.0/24 [100/8976] via 199.100.3.2, 00:00:47, C 199.100.6.0/24 is directly connected, Loopback2 C 199.100.5.0/24 is directly connected, Loopback1

Serial0/1 Serial0/1 Serial0/1 Serial0/1

60

C

199.100.4.0/24 is directly connected, Loopback0

On R1, you can see four r em ot e I GRP net w or ks lear ned t hr ough t he next hop address 199.100.3.2 ( R1's link t o R2) and t hrough t he out bound int erface Serial 0/ 1. R1 dy nam ically lear ns t he r em ot e net w or k s on R2 t hr ough t he nex t hop addr ess of 131.108.3.2 and t he out bound int er face Ser ial 0/ 1. Not ice t he adm inist r at iv e dist ance and m et r ic pair ing. I n t he case of I GRP, t he adm inist r at ive dist ance is 100 ( m ore t rust ed t han RI P at 120 and OSPF at 110) and t he m et ric I GRP uses is called a com posit e m et r ic. The left side indicat es t he r out ing t ype as I for I GRP. N OTE The calculat ion for a com posit e m et r ic is as follow s: Com posit e m et ric = K1 × bandwidt h + ( K2 × bandw idt h) / ( 256 - load) + K3 × delay The values K1 t hrough K5 are const ant s. I f t he default s are used, K1 = K3 = 1 and K2 = K4 = K5 = 0. Values K1 t hr ough K5 can be configur ed w it h nondefault s w it h t he I OS com m and m e t r ic w e igh t s t os k1 k2 k3 k4 k5, w her e t y pe of ser v ice m ust be zer o. I f K5 is not zero, t he form ula is as follows: I GRPm et ric = Met ric × [ K5 / ( reliabilit y + K4) ] . Typically, t he form ula wit h K2 = K4 = K5 = 0, K1 = K3 = 1 is as follows: I GRP com posit e m et ric = bandwidt h + delay

Ex am ple 2- 35 and Ex am ple 2- 36 display t he full configur at ions for R1 and R2, r espect ively.

Ex a m ple 2 - 3 5 Fu ll Con figu r a t ion for R1 hostname R1 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Loopback0 ip address 199.100.4.1 255.255.255.0 no ip directed-broadcast ! interface Loopback1 ip address 199.100.5.1 255.255.255.0

61

no ip directed-broadcast ! interface Loopback2 ip address 199.100.6.1 255.255.255.0 no ip directed-broadcast ! interface Ethernet0/0 ip address 199.100.1.1 255.255.255.0 no ip directed-broadcast ! interface Serial0/0 shutdown ! interface Serial0/1 ip address 199.100.3.1 255.255.255.0 clockrate 128000 ! router igrp 1 network 199.100.1.0 network 199.100.3.0 network 199.100.4.0 network 199.100.5.0 network 199.100.6.0 ! ip classless ! line con 0 transport input none line aux 0 line vty 0 4 no login ! end

Ex a m ple 2 - 3 6 Fu ll Con figu r a t ion for R2 Current configuration: ! version 12.0 ! service timestamps log uptime no service password-encryption ! hostname R2 ! enable password c ! ip subnet-zero no ip domain-lookup frame-relay switching ! interface Loopback0 ip address 199.100.7.1 255.255.255.0 no ip directed-broadcast ! interface Loopback1 ip address 199.100.8.1 255.255.255.0

62

no ip directed-broadcast ! interface Loopback2 ip address 199.100.9.1 255.255.255.0 no ip directed-broadcast ! interface Ethernet0/0 ip address 199.100.2.1 255.255.255.0 no ip directed-broadcast no cdp enable ! interface TokenRing0/0 no ip address no ip directed-broadcast shutdown ring-speed 16 no cdp enable ! interface Serial1/0 shutdown ! interface Serial1/1 ip address 199.100.3.2 255.255.255.0 ip directed-broadcast ! interface Serial1/2 shutdown ! interface Serial1/3 shutdown ! router igrp 1 network 199.100.2.0 network 199.100.3.0 network 199.100.7.0 network 199.100.8.0 network 199.100.9.0 ! no ip classless ! line con 0 exec-timeout 0 0 transport input none line aux 0 line vty 0 4 end Now r em ov e I GRP and use EI GRP inst ead. To configur e EI GRP, y ou sim ply enable t he r out ing pr ot ocol and define t he net w or k s. EI GRP enables net w or k sum m ar izat ion by default . That is, t he default m ask is assum ed, or a classful net w or k is assum ed. Also, t he m et ric EI GRP uses is t he sam e as t he m et ric I GRP uses, but it is m ult iplied by 256. You can use t he com m and n o a u t o- su m m a r y t o disable aut om at ic sum m ar izat ion. EI GRP als o suppor t s VLSM. Figur e 2- 5 show s t he sam ple net w or k for t his EI GRP exam ple.

63

Figu r e 2 - 5 . EI GRP Con figu r a t ion

Modify t he Et her net segm ent s on R1 and R2 t o use a differ ent class addr ess of 131.108.1.0/ 25 and 131.108.1.128/ 25, r espect iv ely . Ex am ple 2- 37 display s t he rem oval of I GRP and t he enabling of EI GRP in AS 1 on Rout er R1.

Ex a m ple 2 - 3 7 Con figu r in g EI GRP on R1 R1(config)#no router igrp 1 !remove igrp 1 R1(config)#router eigrp 1 !enable EIGRP in AS 1 R1(config-router)#network 131.108.1.0 !define network in eigrp R1(config-router)#network 199.100.4.0 R1(config-router)#network 199.100.5.0 R1(config-router)#network 199.100.6.0 R2(config-router)#network 131.108.1.0 R1(config-router)#network 199.9.3.0 R1(config-router)#int e 0/0 ! change IP address on R1 e0/0 R1(config-if)#ip address 131.108.1.1 255.255.255.128 Ex am ple 2- 38 display s t he r em ov al of I GRP and t he enabling of EI GRP in AS 1 on Rout er R2.

Ex a m ple 2 - 3 8 Con figu r in g EI GRP on R2 R2(config)#no router igrp 1 R2(config)#router eigrp 1 R2(config-router)#exit R2(config)#int e 0/0 R2(config-if)#ip address 131.108.1.129 255.255.255.128 R2(config-if)#router eigrp 1 R2(config-router)#network 199.100.7.0 R2(config-router)#network 199.100.8.0 R2(config-router)#network 199.100.9.0 R2(config-router)#network 131.108.1.0 R2(config-router)#network 199.9.3.0

64

Not ice I GRP is rem oved first and t he AS num ber is t he sam e in R1 and R2 so t hat bot h r out er s can shar e infor m at ion. You hav e not disabled aut om at ic sum m ar izat ion yet . Now view R1's EI GRP r out ing t able, as displayed in Ex am ple 2- 39.

Ex a m ple 2 - 3 9 R1 's I P Rou t in g Ta ble R1#show ip route eigrp D 199.100.9.0/24 [90/2297856] via 199.100.3.2, 00:00:55, Serial0/1 D 199.100.8.0/24 [90/2297856] via 199.100.3.2, 00:00:55, Serial0/1 131.108.0.0/16 is variably subnetted, 2 subnets, 2 masks D 131.108.0.0/16 is a summary, 00:00:55, Null0 D 199.100.7.0/24 [90/2297856] via 199.100.3.2, 00:00:55, Serial0/1 R1# On R1, you can see four r em ot e EI GRP net w or ks lear ned t hr ough t he next hop address 199.100.3.2 ( R1's link t o R2) and t hrough t he out bound int erface Serial 0/ 1. One of t hese r out es is t o null0. R1 dynam ically lear ns t he r em ot e net w or ks on R2 t hr ough t he nex t hop addr ess of 199.100.3.2 and t he out bound int er face Ser ial 0/ 1. Not ice t he adm inist r at iv e dist ance and m et r ic pair ing. I n t he case of EI GRP, t he adm inist ra t ive dist ance is 90 ( m or e t r ust ed t han RI P at 120, OSPF at 110, and I GRP at 100) , and t he m et r ic EI GRP uses is 256 t im es t hat of I GRP. The left side indicat es t he r out ing t ype as D for EI GRP. You'll also see D EX, w hich m eans r edist r ibut ed int o an EI GRP do m ain. The r em ot e net w or k 131.108.1.128/ 25 has no ent r y because R1 has a locally connect ed subnet 131.108.1.0/ 25. You can also see t hat all r out es for 131.108.0.0/ 16 ar e sent t o null0, shor t for t he bit bucket , or discar ded. Now , ping t he r em ot e net w or k 131.108.1.129/ 25 fr om R1. Ex am ple 2- 40 display s a sam ple ping from Rout er R1.

Ex a m ple 2 - 4 0 Pin g Re qu e st fr om R1 R1#ping 131.108.1.129 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.1.130, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) R1# The r esponse fr om t he r out er in Ex am ple 2- 40 is no reply ( ….) or , in t his case, t he pack et s ar e sent t o null0. Pack et s sent t o null0 ar e discar ded. To solv e t he pr oblem of pack et s being discar ded, y ou need t o disable aut om at ic sum m ar izat ion. Configur e R1 and R2 t o disable aut om at ic sum m ar izat ion as in Ex am ple 2- 41.

Ex a m ple 2 - 4 1 D isa blin g Au t om a t ic Su m m a r iz a t ion on R1 a nd R2 R1(config)#router eigrp 1 R1(config-router)#no auto-summary R2(config)#router eigrp 1

65

R2(config-router)#no auto-summary Ex am ple 2- 42 now display s R1's EI GRP r out ing t able and a sam ple ping r equest t o t he r em ot e net w or k 131.108.1.129.

Ex a m ple 2 - 4 2 sh ow ip r ou t e e igr p on R1 R1#show ip route eigrp D 199.100.9.0/24 [90/2297856] via 199.100.3.2, 00:00:01, Serial0/1 D 199.100.8.0/24 [90/2297856] via 199.100.3.2, 00:00:01, Serial0/1 131.108.0.0/25 is subnetted, 2 subnets D 131.108.1.128 [90/2195456] via 199.100.3.2, 00:00:01, Serial0/1 D 199.100.7.0/24 [90/2297856] via 199.100.3.2, 00:00:01, Serial0/1 R1#ping 131.108.1.129 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.1.129, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1# Not ice t hat t he 131.108.1.128/ 25 is inser t ed and t her e is a successful ping fr om R1 t o R2 Et her net int er face. I t is v it al y ou under st and t hese sim ple t opics, such as classful and classless, fix ed- lengt h variab le subnet m asks ( FLSMs) and VLSM. Ex am ple 2- 43 and Ex am ple 2- 44 display t he full configurat ions for R1 and R2, r espect ively, using EI GRP.

Ex a m ple 2 - 4 3 R1 Fu ll Con figu r a t ion version 12.0 ! service timestamps log uptime no service password-encryption ! hostname R1 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Loopback0 ip address 199.100.4.1 255.255.255.0 no ip directed-broadcast ! interface Loopback1 ip address 199.100.5.1 255.255.255.0 no ip directed-broadcast ! interface Loopback2 ip address 199.100.6.1 255.255.255.0 no ip directed-broadcast ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.128

66

no ip directed-broadcast ! interface Serial0/0 shutdown ! interface Serial0/1 ip address 199.100.3.1 255.255.255.0 no ip directed-broadcast clockrate 128000 ! router eigrp 1 network 131.108.0.0 network 199.100.3.0 network 199.100.4.0 network 199.100.5.0 network 199.100.6.0 no auto-summary ! ip classless ! line con 0 transport input none line aux 0 line vty 0 4 no login ! end

Ex a m ple 2 - 4 4 R2 Fu ll Con figu r a t ion version 12.0 ! service timestamps log uptime no service password-encryption ! hostname R2 ! enable password cisco ! no ip domain-lookup interface Loopback0 ip address 199.100.7.1 255.255.255.0 no ip directed-broadcast ! interface Loopback1 ip address 199.100.8.1 255.255.255.0 no ip directed-broadcast ! interface Loopback2 ip address 199.100.9.1 255.255.255.0 no ip directed-broadcast ! interface Ethernet0/0 ip address 131.108.1.129 255.255.255.128 no ip directed-broadcast no cdp enable !

67

interface Serial1/0 shutdown ! interface Serial1/1 ip address 199.100.3.2 255.255.255.0 ip directed-broadcast ! interface Serial1/2 shutdown ! interface Serial1/3 shutdown ! router eigrp 1 network 131.108.0.0 network 199.100.3.0 network 199.100.7.0 network 199.100.8.0 network 199.100.9.0 no auto-summary ! no ip classless ! line con 0 line aux 0 line vty 0 4 ! end

Sce n a r io 2 - 4 : Ba sic EI GRP This scenar io cov er s anot her sim ple ex am ple of r out ing bet w een classless and classful net w or ks. Her e, you need t o per for m r edist r ibut ion fr om one r out ing pr ot ocol t o anot her . This sim ple t w o- r out er exam ple uses t he sam e class net w or k and I GRP and OSPF. I t is easier t o underst and t his scenario if you use t he sam e Class B address 131.108.0.0. Figur e 2- 6 display s t he OSPF/ I GRP t opology and t he I P addr essing schem e in place bet ween R1 and R2.

Figu r e 2 - 6 . I GRP/ OSPF Top olog y

68

Ex am ple 2- 45 and Ex am ple 2- 46 display t he I P addr essing changes t o R1 and R2, r espect iv ely .

Ex a m ple 2 - 4 5 R1 I P Addr e ss Ch a n ge s R1(config)#int lo0 R1(config-if)#ip address R1(config-if)#int lo1 R1(config-if)#ip address R1(config-if)#int lo2 R1(config-if)#ip address R1(config-if)#int e 0/0 R1(config-if)#ip address R1(config-if)#int s 0/1 R1(config-if)#ip address

131.108.4.1 255.255.255.0 131.108.5.1 255.255.255.0 131.108.6.1 255.255.255.0 131.108.1.1 255.255.255.0 131.108.3.1 255.255.255.0

Ex a m ple 2 - 4 6 R2 I P Addr e ss Ch a n ge s R2(config)#int lo0 R2(config-if)#ip address R2(config-if)#int lo1 R2(config-if)#ip address R2(config-if)#int lo2 R2(config-if)#ip address R2(config-if)#int e 0/0 R2(config-if)#ip address R2(config-if)#int s 0/0 R2(config-if)#ip address

131.108.7.1 255.255.255.255 131.108.8.1 255.255.255.128 131.108.9.1 255.255.255.224 131.108.8.129 255.255.255.128 131.108.3.2 255.255.255.0

On R1, configure I GRP; again I GRP is classful, so you need t o enable I GRP only in AS 1. R2 r uns bot h I GRP and OSPF; hence r edist r ibut ion is r equir ed. Ex am ple 2- 47 enables I GRP in AS 1 on R1.

Ex a m ple 2 - 4 7 En a blin g I GRP on R1 R1(config)#router igrp 1 R1(config-router)#network 131.108.0.0

69

On R2, configur e I GRP and OSPF. Ex am ple 2- 48 enables I GRP in AS 1 and OSPF w it h a process I D of 1.

Ex a m ple 2 - 4 8 En a blin g I GRP on R1 R2(config)#router igrp 1 R2(config-router)#network 131.108.0.0 R2(config)#router ospf 1 R2(config-router)#network 131.108.8.0 0.0.0.255 area 0 R2(config-router)#network 131.108.7.1 0.0.0.0 area 0 R2(config-router)#network 131.108.9.1 0.0.0.0 area 0 R2(config-router)#no network 131.108.8.0 0.0.0.255 area 0 R2(config-router)#network 131.108.8.1 0.0.0.0 area 0 R2(config-router)#network 131.108.8.129 0.0.0.0 area 0 You also need t o configur e r edist r ibut ion on R2 so t hat R1 discov er s t he OSPF int er faces t hr ough I GRP. ( R1 is r unning only I GRP.) On R2, configur e I GRP t o r edist r ibut e t he OSPF int er faces int o I GRP. As w it h any for m of r edist r ibut ion, y ou m ust use t he m et r ic t hat t he r out ing pr ot ocol y ou ar e r edist r ibut ing int o uses. I GRP does not use OSPF cost but uses a com posit e m et r ic. Ther efor e, you need t o define values so t hat I GRP has a valid m et r ic. Follow t he prom p t s, as in Ex am ple 2- 49, using t he ? char act er t o discov er w hich m et r ic I GRP r equir es. You need t o advise R1 of t he bandw idt h ( 128 kbps) , delay ( 20000 m s) , r eliabilit y ( 1 is low , 255 is 100 percent loaded) , loading ( 1 out of 255, 255 being 100 per cent loaded) , and finally t he MTU ( 1500 by t es) . Ex am ple 2- 49 display s t he redist ribut ion and also display s t he v ar ious opt ions t he Cisco I OS Soft w ar e r equir es.

Ex a m ple 2 - 4 9 En a blin g Re dist r ibu t ion on R2 R2(config-router)#router igrp 1 R2(config-router)#redistribute ospf 1 metric ? Bandwidth metric in Kbits per second R2(config-router)#redistribute ospf 1 metric 128 ? IGRP delay metric, in 10 microsecond units R2(config-router)#redistribute ospf 1 metric 128 20000 ? IGRP reliability metric where 255 is 100% reliable R2(config-router)#redistribute ospf 1 metric 128 20000 255 ? IGRP Effective bandwidth metric (Loading) where 255 is 100% loaded R2(config-router)#redistribute ospf 1 metric 128 20000 255 1 ? IGRP MTU of the path R2(config-router)#redistribute ospf 1 metric 128 20000 255 1 150 Look on R1 and R2 t o find w hich I P net w orks have been discovered. Ex am ple 2- 50 displays R1's I P rout ing t able.

Ex a m ple 2 - 5 0 I P Rou t in g Ta ble on R1 R1#show ip route

70

C C C C C

131.108.0.0/24 131.108.6.0 131.108.5.0 131.108.4.0 131.108.3.0 131.108.1.0

is is is is is is

subnetted, 5 subnets directly connected, Loopback2 directly connected, Loopback1 directly connected, Loopback0 directly connected, Serial0/1 directly connected, Ethernet0/0

Ex am ple 2- 51 displays R2's I P rout ing t able.

Ex a m ple 2 - 5 1 I P Rou t in g Ta ble on R2 R2#show ip route C C C I C I I C I R2#

199.100.8.0/24 is directly connected, Loopback1 131.108.0.0/16 is variably subnetted, 8 subnets, 4 masks 131.108.8.128/25 is directly connected, Ethernet0/0 131.108.8.0/27 is directly connected, Loopback2 131.108.6.0/24 [100/80625] via 131.108.3.1, 00:00:52, 131.108.7.1/32 is directly connected, Loopback0 131.108.5.0/24 [100/80625] via 131.108.3.1, 00:00:52, 131.108.4.0/24 [100/80625] via 131.108.3.1, 00:00:52, 131.108.3.0/24 is directly connected, Serial1/1 131.108.1.0/24 [100/80225] via 131.108.3.1, 00:00:53,

Serial1/1 Serial1/1 Serial1/1 Serial1/1

On R1 in Ex am ple 2- 50, y ou only see t he direct ly connect ed rout es, but on R2, you see t he rem ot e rout es from R1. Why is t his so? This scenario is a t ypical rout ing pr oblem caused by t he lack of under st anding bet w een VLSM and FLSM. I GRP on R1 is configur ed using a / 24 bit subnet in all int er faces. On R2, y ou hav e applied a num ber of non- / 24 subnet s. You need t o t r ick R1 int o believing t hat all t hese net w or ks ar e indeed / 24 bit subnet s by using sum m ar izat ion t echniques on R2. To per for m sum m ar izat ion fr om OSPF t o I GRP, use t he follow ing com m and:

summary-address address mask For ex am ple, t o sum m ar ize t he loopback s and Et her net on R2 as / 24 bit s t o R1, per for m t he com m ands in Ex am ple 2- 52 under t he OSPF pr ocess. Exam ple 2- 52 displays t he I OS configur at ion t o enable t he sum m ar y of t he t hr ee net w or ks on R2.

Ex a m ple 2 - 5 2 En a blin g Re dist r ibu t ion on R2 R2(config)#router ospf 1 R2(config-router)#summary-address 131.108.7.0 255.255.255.0 R2(config-router)#summary-address 131.108.8.0 255.255.255.0 R2(config-router)#summary-address 131.108.9.0 255.255.255.0 Look at R1's rout ing t able now. Ex am ple 2- 53 displays t he I P rout ing t able on R1.

Ex a m ple 2 - 5 3 R1 's I P Rou t in g Ta ble R1#show ip route 131.108.0.0/24 is subnetted, 5 subnets

71

C C C C C

131.108.6.0 131.108.5.0 131.108.4.0 131.108.3.0 131.108.1.0

is is is is is

directly directly directly directly directly

connected, connected, connected, connected, connected,

Loopback2 Loopback1 Loopback0 Serial0/1 Ethernet0/0

St ill t her e ar e no r out ing ent r ies. Can you t hink w hy I GRP on R1 is st ill not aware of t he r em ot e net w or k s on R2? The pr oblem is t hat OSPF assum es t hat only a nonsubnet t ed net w or k w ill be sent . For ex am ple, in t his case, y ou ar e using t he Class B net w or k 131.108.0.0. You also need t o use t he com m and r e d ist r ibu t e d con n e ct e d su b n e t s t o adv ise OSPF t o send subnet t ed net w or k s. N OTE An alt er nat ive t o using sum m ar izat ion in t his scenar io is st at ic or default r out es.

Ex am ple 2- 54 display s t he configur at ion r equir ed so t hat OSPF r edist r ibut es t he Class B subnet t ed net w or k s.

Ex a m ple 2 - 5 4 Re dist r ibu t ion on R2 R2(config)#router ospf 1 R2(config-router)#redistribute connected subnets Ex am ple 2- 55 now displays R1's r out ing t able.

Ex a m ple 2 - 5 5 R1 's I P Rou t in g Ta ble R1#show ip route 131.108.0.0/24 I 131.108.9.0 I 131.108.8.0 I 131.108.7.0 C 131.108.6.0 C 131.108.5.0 C 131.108.4.0 C 131.108.3.0 C 131.108.1.0 R1#

is subnetted, 8 subnets [100/100125] via 131.108.3.2, 00:00:23, Serial0/1 [100/100125] via 131.108.3.2, 00:00:23, Serial0/1 [100/100125] via 131.108.3.2, 00:00:23, Serial0/1 is directly connected, Loopback2 is directly connected, Loopback1 is directly connected, Loopback0 is directly connected, Serial0/1 is directly connected, Ethernet0/0

The r em ot e subnet s 131.108.7– 9 now appear on R1 ( shaded in Ex am ple 2- 55) . Ex am ple 2- 56 and Ex am ple 2- 57 display t he full configurat ions on Rout ers R1 and R2.

Ex a m ple 2 - 5 6 R1 Fu ll Con figu r a t ion version 12.0 ! service timestamps log uptime no service password-encryption !

72

hostname R1 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Loopback0 ip address 131.108.4.1 255.255.255.0 no ip directed-broadcast ! interface Loopback1 ip address 131.108.5.1 255.255.255.0 no ip directed-broadcast ! interface Loopback2 ip address 131.108.6.1 255.255.255.0 no ip directed-broadcast ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! interface Serial0/0 shutdown ! interface Serial0/1 ip address 131.108.3.1 255.255.255.0 no ip directed-broadcast clockrate 128000 ! router igrp 1 network 131.108.0.0 ! ip classless ! line con 0 transport input none line aux 0 line vty 0 4 end

Ex a m ple 2 - 5 7 R2 Fu ll Con figu r a t ion version 12.0 ! service timestamps log uptime no service password-encryption ! hostname R2 ! enable password cisco ! no ip domain-lookup interface Loopback0 ip address 131.108.7.1 255.255.255.255 !

73

interface Loopback1 ip address 131.108.8.1 255.255.255.128 interface Loopback2 ip address 131.108.9.1 255.255.255.224 ! interface Ethernet0/0 ip address 131.108.8.129 255.255.255.128 ! interface Serial1/0 shutdown ! interface Serial1/1 ip address 131.108.3.2 255.255.255.0 ip directed-broadcast ! interface Serial1/2 shutdown ! interface Serial1/3 shutdown ! router ospf 1 redistribute connected subnets summary-address 131.108.8.0 255.255.255.0 summary-address 131.108.7.0 255.255.255.0 summary-address 131.108.9.0 255.255.255.0 redistribute igrp 1 metric 1 subnets network 131.108.7.1 0.0.0.0 area 0 network 131.108.8.1 0.0.0.0 area 0 network 131.108.8.129 0.0.0.0 area 0 network 131.108.9.1 0.0.0.0 area 0 ! router igrp 1 redistribute ospf 1 metric 128 20000 255 1 1500 passive-interface Ethernet0/0 !Stop IGRP sending out updates to E0/0 and similarly lo0/1/2 because we are running !OSPF on these interfaces. passive-interface Loopback0 passive-interface Loopback1 passive-interface Loopback2 network 131.108.0.0 ! ip classless ! line con 0 exec-timeout 0 0 transport input none line aux 0 line vty 0 4 end The R2 r out ing t able is m or e com plicat ed. Exam ple 2- 58 show s R2's r out ing t able.

Ex a m ple 2 - 5 8 sh ow ip r ou t e on R2

74

C O C O C O I C I I C I

131.108.0.0/16 is variably subnetted, 12 subnets, 4 masks 131.108.8.128/25 is directly connected, Ethernet0/0 131.108.9.0/24 is a summary, 00:04:59, Null0 131.108.9.0/27 is directly connected, Loopback2 131.108.8.0/24 is a summary, 00:04:59, Null0 131.108.8.0/25 is directly connected, Loopback1 131.108.7.0/24 is a summary, 00:04:59, Null0 131.108.6.0/24 [100/80625] via 131.108.3.1, 00:00:38, Serial1/1 131.108.7.1/32 is directly connected, Loopback0 131.108.5.0/24 [100/80625] via 131.108.3.1, 00:00:38, Serial1/1 131.108.4.0/24 [100/80625] via 131.108.3.1, 00:00:39, Serial1/1 131.108.3.0/24 is directly connected, Serial1/1 131.108.1.0/24 [100/80225] via 131.108.3.1, 00:00:39, Serial1/1

Not ice t he t w o ent r ies for t he sam e net w or k sent t o null0, or t he bit buck et . The longest m at ch r ule applies on all r out er s; so for ex am ple, w hen an I P packet ar r ives for t he net w or k 131.108.8.129, t he I P r out ing ent r y sends t hat t o t he dir ect ly connect ed int er face E0/ 0. Sim ilar ly , if a pack ar r iv es for net w or k 131.108.8.0/ 25, t he pack et is sent t o t he dir ect ly connect ed loopback 1 int er face. This is com m only know n as t he longest m at ch rule.

Sce n a r io 2 - 5 : Usin g t h e sh ow , pin g, t r a ce , a n d de bu g Com m a n d s The pr evious four scenar ios cover ed four r elat ively easy net w or ks. This scenar io show s y ou how t o use com m on show and debug t echniques and pin g and t r a ce com m ands t o det er m ine w hy r out ing ent r ies ar e m issing, for ex am ple, or w hy som e net w or k s ar e unr eachable. To see a r eal- life scenar io using t w o r out er s, r efer t o Scenario 2- 3 and v iew som e of t he out put fr om t he sh o w and d e b u g com m ands. This scenar io also display s som e sim ple ping and t r ace t est s. All show , pin g, t r a ce , and d e b u g com m ands ar e t ak en fr om Figur e 2- 6 in t he previous scenario. You ar e fam iliar w it h t he com m and sh ow ip r ou t e fr om t he pr ev ious scenar ios, so st ar t w it h t hat com m and on R1 fr om Figur e 2- 6. Here, you are only int erest ed in I GRP lear ned r out es. Ex am ple 2- 59 displays only I GRP rout es.

Ex a m ple 2 - 5 9 R1 ' s I GRP Rou t e s R1#show ip route igrp 131.108.0.0/24 is subnetted, 8 subnets I 131.108.9.0 [100/100125] via 131.108.3.2, 00:01:01, Serial0/1 I 131.108.8.0 [100/100125] via 131.108.3.2, 00:01:01, Serial0/1 I 131.108.7.0 [100/100125] via 131.108.3.2, 00:01:01, Serial0/1 Alm ost all t r oubleshoot ing t echniques inv olv e t he ping com m and. Ping is a sim ple t ool t hat sends an I CMP- r equest pack et t o t he r em ot e net w or k and back . A successful ping receives an I CMP- r eply. Ex am ple 2- 60 display s a sam ple ping fr om R1 t o R2 and t he t hr ee r em ot e net w or k s: 131.108.7.1, 131.108.8.1, and 131.108.9.1.

75

Ex a m ple 2 - 6 0 Pin g Te st s fr om R1 t o R2 R1#ping 131.108.7.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.7.1, timeout is !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max R1#ping 131.108.8.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.8.1, timeout is !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max R1#ping 131.108.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.1.1, timeout is !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max R1#

2 seconds: = 16/16/16 ms

2 seconds: = 16/16/16 ms

2 seconds: = 1/1/4 ms

This is an exam ple of t he st andar d pin g com m and. At t im es, an ex t ended pin g is r equir ed. The ex t ended pin g enables you t o pr ovide t he Cisco I OS w it h m or e par am et er s, such as t he sour ce addr ess, t he num ber of pack et s t o send, t he size of t he dat agram , and t he t im eout . The ex t ended ping is a useful t ool when users are com plaining, for ex am ple, t hat w hen t hey FTP lar ge files, t he dat a is not t r ansfer r ed or a par t icular net w or k of user s cannot r each a r em ot e dest inat ion. Ex am ple 2- 61 is an exam ple of an ext ended pin g using t he sour ce addr ess 131.108.1.1/ 24 ( t he Et her net addr ess of R1) , a m odified r epeat count of 10, a default dat agr am size of 100 by t es, and a t im eout of 2 seconds. To use t he ext ended p in g com m and, sim ply t y pe pin g, press Re t ur n, and t he opt ions appear . Ex am ple 2- 61 also display s t he opt ions in an ex t ended pin g.

Ex a m ple 2 - 6 1 Ex t e n d e d p in g Re q u e st on R1 R1#ping Protocol [ip]: Target IP address: 131.108.8.129 Repeat count [5]: 10 Datagram size [100]: Timeout in seconds [2]: Extended commands [n]: y Source address or interface: 131.108.1.1 Type of service [0]: Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: Type escape sequence to abort. Sending 10, 100-byte ICMP Echos to 131.108.8.129, timeout is 2 seconds: !!!!!!!!!! Success rate is 100 percent (10/10), round-trip min/avg/max = 16/16/16 ms R1# Table 2- 5 describes t he possible out put of a ping.

76

Table 2-5. Ping Output Symbols Output

Description

!

Each ex clam at ion point indicat es r eceipt of a r eply .

.

Each per iod indicat es t he net w or k ser v er t im ed out w hile w ait ing for a r eply .

U

A dest inat ion unr eachable er r or w as r eceiv ed.

C

A congest ion- ex per ienced pack et w as r eceiv ed.

I

User int er r upt ed t est .

?

Unk now n pack et t y pe.

&

Pack et lifet im e ex ceeded.

Table 2- 6 descr ibes t he par am et er s of t he ex t ended pin g com m and.

Table 2-6. Extended Ping Parameters Parameter Pr ot ocol [ ip] :

Description Suppor t s t he follow ing pr ot ocols ( not j ust ip) : a pple t a lk , cln s, ip, n ove ll, a pollo, v in e s, d e cn e t , or x n s. The default param et er is ip so y ou can sim ply pr ess Ret urn.

Tar get I P address:

Pr om pt s for t he IP addr ess or host nam e of t he dest inat ion node you plan t o ping. The default value is n on e .

Repeat count Num ber of ping pack et s sent t o t he dest inat ion addr ess. The default [ 5] : value is 5 . The m axim um is 2 1 4 7 4 8 3 6 4 7 . Dat agram size [ 100] :

Size of t he ping pack et ( in by t es) . The default is 1 0 0 by t es. Th e r ange of v alues allow ed is bet w een 1 and 2 1 4 7 4 8 3 6 4 7 by t es.

Tim eout in seconds [ 2] :

Tim eout int er v al. The default is 2 ( seconds) . The r ange is bet w een 0 and 3 6 0 0 .

Ex t ended com m ands [ n] :

Specifies w het her a ser ies of addit ional com m ands appear s. I f you ent er y for y es, y ou ar e pr om pt ed for t he follow ing infor m at ion. ( The default is n o.)

Sweep range of sizes [ n] :

Enables y ou t o v ar y t he sizes of t he echo pack et s being sent . This par am et er det er m ines t he m inim um MTU size configur ed along t he net w or k pat h fr om sour ce t o dest inat ion. This is t y pically used t o det er m ine w het her pack et fr agm ent at ion is causing net w or k pr oblem s.

N OTE To t er m inat e a lar ge ping t est , w it hin a few seconds, t y pe t he escape sequence, which is Ct r l+ Sh ift - ^ follow ed by x .

77

Look at a sim ulat ed net w or k failur e t o det er m ine w hat 's w r ong w it h a r em ot e net w or k . View R1 I GRP r out ing t able w hen t he r em ot e net w or k 131.108.10.0/ 24 is dow n. Ex am ple 2- 62 displays R1's I P rout ing t able.

Ex a m ple 2 - 6 2 R1 's I P Rou t in g Ta ble R1#show ip route igrp 131.108.0.0/24 is subnetted, 9 subnets I 131.108.10.0/24 is possibly down, routing via 131.108.3.2, Serial0/1 I 131.108.9.0 [100/100125] via 131.108.3.2, 00:00:03, Serial0/1 I 131.108.8.0 [100/100125] via 131.108.3.2, 00:00:03, Serial0/1 I 131.108.7.0 [100/100125] via 131.108.3.2, 00:00:03, Serial0/1 You can see fr om Ex am ple 2- 62 t hat t he r em ot e net w or k 131.108.10.0/ 24 is possibly dow n. Use t he com m and d e b u g ip r ou t in g t o see w het her y ou can see t he pr oblem . This debug displays r out ing ent r ies added or delet ed int o t he I P r out ing t able. Use t he com m and on R1. Ex am ple 2- 63 displays a com m and used t o debug t he I P r out ing t able and displays how t o for ce t he I P r out ing algor it hm , in t his case I GRP, t o add and delet e r em ot e r out es by using t he com m and cle a r ip r ou t e * .

Ex a m ple 2 - 6 3 de bu g ip r ou t in g a n d cle a r ip r ou t e * Com m a n ds R1#debug ip routing IP routing debugging is on R1#clear ip route * R1# 02:03:45: RT: add 131.108.1.0/24 02:03:45: RT: add 131.108.3.0/24 02:03:45: RT: add 131.108.4.0/24 02:03:45: RT: add 131.108.5.0/24 02:03:45: RT: add 131.108.6.0/24 02:03:45: RT: add 131.108.9.0/24 [100/100125] 02:03:45: RT: add 131.108.8.0/24 [100/100125] 02:03:45: RT: add 131.108.7.0/24 [100/100125]

via via via via via via

0.0.0.0, connected metric 0.0.0.0, connected metric 0.0.0.0, connected metric 0.0.0.0, connected metric 0.0.0.0, connected metric 131.108.3.2, igrp metric

[0/0] [0/0] [0/0] [0/0] [0/0]

via 131.108.3.2, igrp metric via 131.108.3.2, igrp metric

Ex am ple 2- 64 display s anot her cle a r ip r ou t e * aft er t he net w or k 131.108.10.0/ 24 is rest ored.

Ex a m ple 2 - 6 4 cle a r ip r ou t e * on R1 R1#clear ip route 02:07:25: RT: add 02:07:25: RT: add 02:07:25: RT: add 02:07:25: RT: add 02:07:25: RT: add 02:07:25: RT: add [100/8539] 02:07:25: RT: add [100/100125]

* 131.108.1.0/24 via 0.0.0.0, connected 131.108.3.0/24 via 0.0.0.0, connected 131.108.4.0/24 via 0.0.0.0, connected 131.108.5.0/24 via 0.0.0.0, connected 131.108.6.0/24 via 0.0.0.0, connected 131.108.10.0/24 via 131.108.3.2, igrp

metric metric metric metric metric metric

[0/0] [0/0] [0/0] [0/0] [0/0]

131.108.9.0/24 via 131.108.3.2, igrp metric

78

02:07:25: RT: [100/100125] 02:07:25: RT: [100/100125] 02:08:03: RT: [100/85] 02:08:03: RT:

add 131.108.8.0/24 via 131.108.3.2, igrp metric add 131.108.7.0/24 via 131.108.3.2, igrp metric delete route to 131.108.10.0 via 131.108.3.2, igrp metric no routes to 131.108.10.0, entering holddown

This t im e, y ou see t he r out e added, but it ent er s t he holddow n st at e, w hich m eans t he r em ot e net w or k 131.108.10.0 is not accept ed and inser t ed int o t he I P r out ing t able dur ing t he holddow n int er v al. This pr ev ent s r out ing loops. Now view t he I P rout e t able on R1. Ex am ple 2- 65 displays t he I P rout ing t able ( I GRP) on R1.

Ex a m ple 2 - 6 5 R1 I P Rou t e I GRP- On ly Ta b le R1#show ip route igrp 131.108.0.0/24 is subnetted, 9 subnets I 131.108.10.0/24 is possibly down, routing via 131.108.3.2, Serial0/1 I 131.108.9.0 [100/100125] via 131.108.3.2, 00:00:09, Serial0/1 I 131.108.8.0 [100/100125] via 131.108.3.2, 00:00:09, Serial0/1 I 131.108.7.0 [100/100125] via 131.108.3.2, 00:00:09, Serial0/1 When t he I P net w or k 131.108.10.0 goes int o holddow n m ode, t he ent r y in t he I P r out ing t able is display ed as possibly dow n dur ing holddow n. Aft er a set int er v al, k now n as t he flush t im er , t he ent r y is com plet ely r em oved. Ex am ple 2- 66 display s t he I P rout ing t able on R1 aft er t his happens.

Ex a m ple 2 - 6 6 R1 ' s I GRP Rou t in g Ta ble R1#show ip route igrp 131.108.0.0/24 is subnetted, 8 subnets I 131.108.9.0 [100/100125] via 131.108.3.2, 00:00:29, Serial0/1 I 131.108.8.0 [100/100125] via 131.108.3.2, 00:00:29, Serial0/1 I 131.108.7.0 [100/100125] via 131.108.3.2, 00:00:29, Serial0/1 I f t he rem ot e ent ry is re - adver t ised as a valid r out e aft er t he holddow n int er val, t he net work 131.108.1.0/ 24 is re - inser t ed int o t he I P r out ing t able. The com m and sh ow ip p r ot ocol is a useful com m and t hat display s t he char act er ist ic of t he pr ot ocols in use on a Cisco rout er. Perform t his com m and on R1. Ex am ple 2- 67 display s a sam ple out put of t he sh ow ip p r ot ocol com m and on R1.

Ex a m ple 2 - 6 7 sh ow ip p r ot ocol Com m an d R1#show ip protocol Routing Protocol is "igrp 1" Sending updates every 90 seconds, next due in 32 seconds Invalid after 270 seconds, hold down 280, flushed after 630 Outgoing update filter list for all interfaces is Incoming update filter list for all interfaces is Default networks flagged in outgoing updates Default networks accepted from incoming updates IGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0 IGRP maximum hopcount 100

79

IGRP maximum metric variance 1 Redistributing: igrp 1 Routing for Networks: 131.108.0.0 Routing Information Sources: Gateway Distance 131.108.3.2 100 Distance: (default is 100)

Last Update 00:00:06

R1# Aft er 270 seconds, t he r out e is m ar ked as invalid, and aft er 630 seconds, t he r out e is delet ed. The holddow n int er v al for I GRP is 280 seconds. Also not ice t hat t he default hop count is 100; y ou can set t his t o 255. The default const ant s ar e alw ay s displayed as t heir default values K1 = K3 = 1 and K2 = K4 = K5 = 0. Finally , t he ot her m ost w idely used com m and in t oday 's net w or k s is t he t r a ce com m and. The t r a ce com m and m akes use of t he Tim e t o Live ( TTL) . The TTL field is used t o st op r out ing loops. Per for m a t r a ce r out e com m and ov er t he Wor ld Wide Web. Ex am ple 2- 68 descr ibes t he r out e hops fr om t he sour ce t o dest inat ion for t he sit e w w w . cnn. com.

Ex a m ple 2 - 6 8 Tr a ce Rou t e t o w w w .cn n .com ccie-term#trace www.cnn.com Type escape sequence to abort. Tracing the route to cnn.com (207.25.71.26) 1 sydney-c6k-1-vlan333.abc.com (100.64.205.2) 0 msec 2 sydney-c6k-1-vlan150.abc.com (100.64.177.2) 4 msec 4 msec 3 telstra-c6k-bbn1-msfc-vlan51.abc.com (100.64.176.2) 4 msec 4 telstra-gw.abc.com (103.41.198.241) 8 msec sydney-1.abc.com (64.104.192.196) 4 msec telstra-gateway.abc.com (213.41.198.241) 4 msec 5 telstra-gw.abc.com (213.41.198.241) 4 msec 213.41.198.233 8 msec 4 msec 6 213.41.198.233 4 msec 4 msec 213.41.198.234 4 msec 7 FastEthernet6-1-0.chw12.Sydney.telstra.net (139.130.185.53) 8 msec 8 FastEthernet6-1-0.chw12.Sydney.telstra.net (139.130.185.53) 4 msec GigabitEthernet4-2.chw-core2.Sydney.telstra.net (203.50.6.205) 8 msec FastEthernet6-1-0.chw12.Sydney.telstra.net (139.130.185.53) 4 msec 9 Pos4-0.exi-core1.Melbourne.telstra.net (203.50.6.18) 20 msec GigabitEthernet4-2.chw-core2.Sydney.telstra.net (203.50.6.205) 4 msec Pos4-0.exi-core1.Melbourne.telstra.net (203.50.6.18) 16 msec 10 Pos4-0.exi-core1.Melbourne.telstra.net (203.50.6.18) 16 msec Pos5-0.way-core4.Adelaide.telstra.net (203.50.6.162) 32 msec Pos4-0.exi-core1.Melbourne.telstra.net (203.50.6.18) 16 msec 11 Pos6-0.wel-core3.Perth.telstra.net (203.50.6.194) 64 msec Pos5-0.way-core4.Adelaide.telstra.net (203.50.6.162) 32 msec Pos6-0.wel-core3.Perth.telstra.net (203.50.6.194) 60 msec 12 Pos6-0.wel-core3.Perth.telstra.net (203.50.6.194) 60 msec GigabitEthernet4-0.wel-gw1.Perth.telstra.net (203.50.113.18) 64 msec Pos6-0.wel-core3.Perth.telstra.net (203.50.6.194) 60 msec

80

13 Pos1-0.paix1.PaloAlto.net.reach.com (203.50.126.30) 288 msec GigabitEthernet4-0.wel-gw1.Perth.telstra.net (203.50.113.18) 60 msec Pos1-0.paix1.PaloAlto.net.reach.com (203.50.126.30) 288 msec 14 Pos1-0.paix1.PaloAlto.net.reach.com (203.50.126.30) 288 msec sjo-brdr-02.inet.qwest.net (205.171.4.105) 296 msec 292 msec 15 sjo-brdr-02.inet.qwest.net (205.171.4.105) 292 msec sjo-core-02.inet.qwest.net (205.171.22.69) 308 msec 304 msec 16 sjo-core-02.inet.qwest.net (205.171.22.69) 312 msec iah-core-01.inet.qwest.net (205.171.5.145) 344 msec 344 msec 17 iah-core-01.inet.qwest.net (205.171.5.145) 344 msec iah-core-03.inet.qwest.net (205.171.31.6) 332 msec 328 msec 18 iah-core-03.inet.qwest.net (205.171.31.6) 332 msec atl-core-01.inet.qwest.net (205.171.8.146) 364 msec 360 msec 19 atl-core-01.inet.qwest.net (205.171.8.146) 360 msec * 364 msec 20 atl-edge-05.inet.qwest.net (205.171.21.22) 364 msec 364 msec 21 208.47.124.130 ccie-term# Th e t r a ce com m and display s t he r out e t ak en fr om t he sour ce t o dest inat ion. Fr om Ex am ple 2- 68, y ou can det er m ine t he nex t hop, t he t im e t ak en, and w het her m ult iple hops ex ist . N OTE Th e t r a ce com m and w or k s by fir st sending t hr ee pack et s w it h a TTL of 1. The fir st r out er sees t hese packet s and r et ur ns an er r or m essage. Now t he sour ce of t he fir st hop is k now n. The nex t t hr ee pack et s ar e sent w it h a TTL of 2 and t his pr ocess is r epeat ed unt il t he final dest inat ion is r eached.

Pr a ct ica l Ex e r cise : RI P V e r sion 2 N OTE Pr act ical Ex er cises ar e designed t o t est y our k now ledge of t he t opics cov er ed in t his chapt er . The Pr act ical Ex er cise begins by giv ing y ou som e infor m at ion about a sit uat ion and t hen ask s y ou t o w or k t hr ough t he solut ion on y our ow n. The solut ion can be found at t he end.

Configur e t he net w or k in Figur e 2- 7 for I P r out ing using t he I P addr essing schem e pr ov ided. Ensur e t hat bot h Rout er s R1 and R2 hav e full connect iv it y t o each ot her . Use t he ping com m and t o ensur e all net w or k s are reachable. You m ust use I P RI P as your dynam ic r out ing pr ot ocol.

Figu r e 2 - 7 . Pr a ct ica l Ex e r cise : Rou t in g RI P

81

Pr a ct ica l Ex e r cise Solut ion You will not ice t hat t he ent ir e I P addr essing schem e is / 24 ex cept for t he ser ial link bet w een R1 and R2. The ser ial link cont ains a m ask t hat is 255.255.255.252, or / 30. Because you have / 24 and / 30, t he only w ay RI P can underst and variable - lengt h subnet m ask is w it h RI Pv 2 or w it h t he use of st at ic r out es. The configur at ions in Ex am ple 2- 69 and Ex am ple 2- 70 answ er t hese issues using RI Pv 2. St at ic r out es ar e fine t o configur e, but y ou m ust be aw ar e t hat st at ic r out es hav e an AD of 1, w hich m eans if you use any dynam ic r out ing pr ot ocols, st at ic infor m at ion is m or e t r ust ed, even t hough you m ay hav e a dy nam ic r out ing pr ot ocol such as RI Pv 2 adv er t ising t he net w or k's r eachabilit y and next hop det ails dynam ically. I n a changing net w or k, st at ic r out es can be cum ber som e t o docum ent and adm inist r at e. I f y ou do hav e access t o t w o r out er s, ex per im ent w it h RI Pv1 and st at ic rout es. Anot her m aj or disadv ant age of st at ic r out es is t hat t hey do not scale w ell in lar ge net w or k s and can lead t o r out ing loops or black holes ( discar ded pack et s) if configur ed incor r ect ly . I n t hat case, y ou should change t he pr ot ocols t o RI Pv2, OSPF, I GRP, or EI GRP and apply t he sk ills y ou lear ned in t his chapt er t o t est connect iv it y . Configur e loopback s w it h VLSM and ex per im ent w it h de bug com m ands t o discov er w hy I P ent r ies ar e added or not advert ised. Ex am ples 2- 69 and 2- 70 display t he full w or k ing configurat ion on R1 and R2.

Ex a m ple 2 - 6 9 R1 ' s Fu ll Con figu r a t ion version 12.0 ! hostname R1 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Loopback0 ip address 131.108.4.1 255.255.255.0 no ip directed-broadcast ! interface Loopback1 ip address 131.108.5.1 255.255.255.0 no ip directed-broadcast

82

! interface Loopback2 ip address 131.108.6.1 255.255.255.0 no ip directed-broadcast ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! interface Serial0/0 shutdown ! interface Serial0/1 ip address 131.108.3.1 255.255.255.252 clockrate 128000 ! router rip version 2 network 131.108.0.0 ! line con 0 transport input none line aux 0 line vty 0 4 ! end

Ex a m ple 2 - 7 0 R2 ' s Fu ll Con figu r a t ion ! service timestamps log uptime no service password-encryption ! hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Loopback0 ip address 131.108.7.1 255.255.255.0 no ip directed-broadcast ! interface Loopback1 ip address 131.108.8.1 255.255.255.0 no ip directed-broadcast ! interface Loopback2 ip address 131.108.9.1 255.255.255.0 no ip directed-broadcast ! interface Ethernet0/0 ip address 131.108.2.1 255.255.255.0 ! interface Serial1/0 shutdown !

83

interface Serial1/1 ip address 131.108.3.2 255.255.255.252 ip directed-broadcast ! interface Serial1/2 shutdown ! interface Serial1/3 shutdown ! router rip version 2 network 131.108.0.0 ! ip classless ! line con 0 exec-timeout 0 0 transport input none line aux 0 line vty 0 4 ! end

Re v ie w Qu e st ion s These r ev iew quest ions ar e based on t he Pr act ical Ex er cise. Use t he rout er displays t aken fr om R1 fr om t he pr eceding Pr act ical Exer cise t o answ er t he follow ing quest ions. View Ex am ple 2- 71 for sam ple out put t ak en fr om R1; t his out put inc ludes t he I P rout ing t able and sam ple pings t o t he rout er R2. You can find t he answ er s t o t hese quest ions in Appendix C, “ Answ er s t o Rev iew Quest ions.”

Ex a m ple 2 - 7 1 sh ow ip rou t e on R1 R1#show ip route Gateway of last resort 131.108.0.0/16 is R 131.108.9.0/24 R 131.108.8.0/24 R 131.108.7.0/24 C 131.108.6.0/24 C 131.108.5.0/24 C 131.108.4.0/24 C 131.108.3.0/30 R 131.108.2.0/24 C 131.108.1.0/24

is not set variably subnetted, 9 subnets, 2 masks [120/1] via 131.108.3.2, 00:00:05, Serial0/1 [120/1] via 131.108.3.2, 00:00:05, Serial0/1 [120/1] via 131.108.3.2, 00:00:05, Serial0/1 is directly connected, Loopback2 is directly connected, Loopback1 is directly connected, Loopback0 is directly connected, Serial0/1 [120/1] via 131.108.3.2, 00:00:05, Serial0/1 is directly connected, Ethernet0/0

R1#ping 131.108.7.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.7.1, timeout is 2 seconds:

84

!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1#ping 131.108.8.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.8.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1#ping 131.108.9.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.9.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms R1#show ip route rip 131.108.0.0/16 is R 131.108.9.0/24 R 131.108.8.0/24 R 131.108.7.0/24 R 131.108.2.0/24

variably subnetted, 9 subnets, 2 masks [120/1] via 131.108.3.2, 00:00:15, Serial0/1 [120/1] via 131.108.3.2, 00:00:15, Serial0/1 [120/1] via 131.108.3.2, 00:00:15, Serial0/1 [120/1] via 131.108.3.2, 00:00:15, Serial0/1

1:

What inform at ion is st ored in an I P rout ing t able as seen by R1?

2:

Which com m and do you use t o view only RI P r out es?

3:

Which com m and do you use t o v iew only connect ed r out es?

4:

How m any subnet s are know n by R1 using t he Class B net w ork 131.108.0.0/ 16?

5:

Fr om R1, a ping t est is sent t o t hr ee r em ot e net w or k s. I s t he ping t est successful or not ? Ex plain w hy or w hy not ?

6:

Why is t he com m and v e r sion 2 configur ed on each r out er ?

7:

Each r em ot e r out ing ent r y is labeled w it h t he follow ing infor m at ion: [ 120/ 1] . What does t he 120 r epr esent and w hat does t he 1 r epr esent ?

8:

Besides a ping t est , w hat ot her m et hods could y ou use t o ensur e connect iv it y t o t he r em ot e net w or ks?

Su m m a r y You have now successfully w orke d t hr ough fiv e r out ing pr inciples scenar ios using differ ent r out ing pr ot ocols and hav e configur ed I P addr essing acr oss a sam ple t w or out er net w or k . You should hav e a st r ong k now ledge base of r out ing pr inciples t o apply t o t he rem ainder of t his book. Table 2- 7 sum m ar izes t he com m ands used in t his chapt er .

85

Table 2-7. Summary of Commands Used in This Chapter Command

Purpose

sh ow ip r ou t e

Display s I P r out ing t able in full.

r ou t e r r ip

Enables RI P rout ing prot ocol.

r ou t e r igr p Enables I GRP r out ing in a par t icular aut onom ous syst em . aut onom ous sy st em r ou t e r e igr p Enables EI GRP r out ing in a par t icular aut onom ous sy st em . aut onom ous sy st em r ou t e r ospf pr ocess Enables OSPF r out ing. The pr ocess I D is local t o t he r out er . You id can hav e m or e t han one OSPF pr ocess r unning. n e t w or k

Enables net w or k adv er t isem ent s fr om a par t icular int er face and also t he r out ing of t he sam e int er face t hr ough a dy nam ic r out ing pr ot ocol.

p a ssiv e - in t e r fa ce in t er f ace

St ops t he r out er sending r out ing updat es on an int er face.

sh ow con t r olle r s

Display s har dw ar e infor m at ion about a par t icular int er face.

Ct r l- Sh ift - 6 , x

Escape sequence t o escape fr om t he cur r ent session and r et ur n t o t er m inal server.

in t e r f a ce loop b a ck Cr eat es a loopback int er face. num ber in t e r f a ce e t h e r n e t I n configur at ion m ode, enables you t o m odify Et her net par am et er s. in t e r f a ce se r ia l

I n configur at ion m ode, enables you t o m odify ser ial int er face par am et er s.

ip dom a in - look u p

Enables aut om at ic DNS look up. The I OS com m and n o ip d om a in- look u p disables aut om at ic DNS look ups.

ip su b n e t - zero

Enables you t o use subnet zero on a Cisco rout er.

p in g

Enables y ou t o send I CMP pack et s t o local and r em ot e dest inat ions t o t est net w or k connect iv it y .

t r a ce

Enables y ou t o find t he pat h t ak en fr om sour ce t o dest inat ion.

sh o w ip p r o t o co l

Displays all r out ing pr ot ocols in use on a Cisco r out er .

de bug

Tr oubleshoot ing com m and used t o display m essages r eceiv ed and sent by a Cisco rout er.

h ost n a m e nam e

Configures a nam e on a rout er.

[ no] sh u t d o w n

Enables or disables an int er face. All har dw ar e int er faces ar e shut dow n by default .

86

Ch a pt e r 3 . Ba sic Ope n Sh or t e st Pa t h Fir st This chapt er focuses on a num ber of obj ect iv es falling under t he CCNP rout ing pr inciples. Under st anding basic Open Shor t est Pat h Fir st ( OSPF) r out ing pr inciples not only applies t o t he CCNP cer t ificat ion but t o all Cisco- based cer t ificat ions. A concr et e under st anding of how OSPF r out ing w or k s is funda m ent al for any sm all or lar ge net w or k . OSPF is com m only used in lar ge ser v ice pr ov ider net w or k s or lar ge financial inst it ut ions. This chapt er assum es k now ledge of t he pr ev ious chapt er , w hich deals concept ually w it h I P r out ing pr inciples and in par t icular link- st at e r out ing pr ot ocols. The chapt er st ar t s by cov er ing t he basic OSPF concept s. I t t hen br iefly ex plains w hy OSPF is consider ed an im pr ov ed r out ing pr ot ocol ov er Rout ing I nfor m at ion Pr ot ocol ( RI P) by cover ing how OSPF discover s, chooses, and m aint ains r out ing t ables. Nonbr oadcast m ult iaccess ( NBMA) is a par t icular challenge in any net w or k env ir onm ent . This chapt er cov er s how OSPF ov er com es any lim it at ions im posed by NBMA net works. Fiv e pr act ical scenar ios, included in t he chapt er , help y ou com plet e y our under st anding and ensur e y ou hav e all t he basic OSPF r out ing sk ills t o com plem ent y our under st anding of how t o configur e and m aint ain OSPF on Cisco I nt er net Oper at ing Sy st em ( I OS) r out er s.

Ba sic OSPF OSPF is a link- st at e r out ing pr ot ocol. Link- st at e pr ot ocols use t he shor t est pat h fir st ( SPF) algor it hm t o populat e t he r out ing t able. OSPF shar es infor m at ion w it h ev er y rout er in t he net work. OSPF is consider ed a difficult pr ot ocol t o configur e and r equir es a t hor ough under st anding of t er m s t hat ar e com m only used. Table 3- 1 ex plains br iefly t he com m on OSPF t er m inology used t hr oughout t his chapt er .

Table 3-1. Common OSPF Terms Term

Description

Lin k st at e

I nform at ion is shar ed bet w een dir ect ly connect ed r out er s. This infor m at ion pr opagat es t hr oughout t he net w or k unchanged and is also used t o cr eat e a shor t est pat h fir st ( SPF) t r ee.

Area

A group of rout ers t hat share t he sam e area I D. All OSPF rout ers r equir e ar ea assign m ent s.

Aut onom ous syst em ( AS)

A net w or k under a com m on net w or k adm inist r at ion.

Cost

The r out ing m et r ic used by OSPF. Low er cost s ar e alw ay s pr efer r ed. You can m anually configur e t he cost w it h t he ip ospf cost com m and. By default , t he cost is calculat ed by using t he for m ula cost = 108 / bandwidt h.

87

Rout er I D

Each OSPF r out er r equir es a unique r out er I D, w hich is t he highest I P addr ess configur ed on a Cisco r out er or t he highest num ber ed loopback addr ess. You can m anually assign t he r out er I D.

Adj acenc y

When t w o OSPF r out er s hav e ex changed infor m at ion bet w een each ot her and hav e t he sam e t opology t able. An adj acency can hav e t he follow ing differ ent st at es or ex change st at es: 1. I n it st a t e — When Hello pack et s hav e been sent and ar e aw ait ing a r eply t o est ablish t wo- w ay com m unicat ion. 2. Est a blish bi- dir e ct ion a l ( t w o - w a y ) com m u n ica t ion— Accom plished by t he discov er y of t he Hello pr ot ocol rout ers and t he elect ion of a DR. 3. Ex st a r t — Tw o neighbor rout ers form a m ast er/ slave r elat ionship and agr ee upon a st ar t ing sequence t o be incr em ent ed t o ensur e LSAs ar e ack now ledged. 4. Ex ch a n g e st a t e — Dat abase Descr ipt ion ( DD) pack et s cont inue t o flow as t he slav e r out er ack now ledges t he m ast er 's pack et s. OSPF is oper at ional because t he r out er s can send and r eceiv e LSAs bet w een each ot her. DD pack et s cont ain infor m at ion, such as t he r out er I D, ar ea I D, check sum , if aut hent icat ion is used, link- st at e t y pe, and t he adv er t ising r out er . LSA pack et s cont ain infor m at ion, such as r out er I D also but in addit ion include MTU sizes, DD seq uence num ber ing, and any opt ions. 5. Loa d in g st a t e — Lin k- st at e r equest s ar e sent t o neighbor s ask ing for r ecent adv er t isem ent s t hat hav e not y et been discov er ed. 6. Fu ll st a t e — Neighbor r out er s ar e fully adj acent because t heir link- st at e dat abases ar e fully sy nchronized. Rout ing t ables begin t o be populat ed.

Topology t able

Also called t he link- st at e t able. This t able cont ains ev er y link in t he whole net work.

Designat ed r out er ( DR)

This r out er is r esponsible for ensur ing adj acencies bet w een all neighbors on a m ult iaccess net w or k ( such as Et her net ) . This ensur es all r out er s do not need t o m aint ain full adj acencies w it h each ot her. The DR is select ed based on t he r out er pr ior it y . I n a t ie, t he r out er w it h t he highest r out er I D is select ed.

Backup DR

A backup ro ut er designed t o per for m t he sam e funct ions in case t he DR fails.

Link- st at e adv er t isem ent ( LSA)

A pack et t hat cont ains all r elev ant infor m at ion r egar ding a r out er 's link s and t he st at e of t hose link s.

Pr ior it y

Set s t he rout er's priorit y so a DR or BDR can be cor r ect ly elect ed.

Rout er links

Descr ibe t he st at e and cost of t he r out er 's int er faces t o t he ar ea. Rout er links use LSA t ype 1.

88

Sum m ary links

Or iginat ed by ar ea bor der r out er s ( ABRs) and descr ibe net w or k s in t he AS. Sum m ar y link s use LSA t y pes 3 and 4.

Net work links

Originat ed by DRs. Net work links use LSA t ype 2.

Ext ernal links

Or iginat ed by aut onom ous sy st em boundar y r out er s ( ASBRs) and descr ibe ex t er nal or default r out es t o t he out side ( t hat is, non- OSPF) devices for use w it h redist ribut io n. Ex t er nal Link s use t he LSA t y pe 5.

Area border rout er Rout er locat ed on t he bor der of one or m or e OSPF ar eas t hat ( ABR) connect s t hose ar eas t o t he back bone net w or k . Aut onom ous sy st em boundar y r out er ( ASBR)

ABR locat ed bet w een an OSPF aut onom ous syst em and a nonOSPF net w or k.

OSPF has so m any feat ur es t hat t he m ost efficient w ay t o appr eciat e t hem is t o enable OSPF on r out er s and obser ve how t he r out er s dynam ically discover I P net w orks. Befor e cov er ing v ar ious OSPF scenar ios, t his chapt er cov er s how OSPF is configured in single and m ult iple OSPF areas.

Con figu r in g OSPF in a Sin gle Ar e a When configur ing any OSPF r out er , y ou m ust est ablish w hich ar ea assignm ent t o enable t he int er face for . OSPF has som e basic r ules w hen it com es t o ar ea assignm ent . OSPF m ust be configur ed w it h ar eas. The backbone ar ea 0, or 0.0.0.0, m ust be configur ed if y ou use m or e t han one ar ea assignm ent . You can configur e OSPF in one ar ea; y ou can choose any ar ea, alt hough good OSPF design dict at es t hat you configure area 0. To enable OSPF on a Cisco r out er and adv er t ise int er faces, t he follow ing t ask s ar e required: St e p 1 . Use t he com m and r ou t e r osp f pr ocess I D t o st ar t OSPF. St e p 2 . Use t he n e t w or k com m and t o enable t he int er faces. St e p 3 . I dent ify ar ea assignm ent s. St e p 4 . ( Opt ional) Assign t he r out er I D. Ex am ple 3- 1 display s OSPF w it h a pr ocess I D of 1 and places all int er faces configur ed w it h an I P addr ess in ar ea 0. The net w or k com m and ne t w or k 0 .0 .0 .0 2 5 5 .2 5 5 .2 5 5 .2 5 5 a r e a 0 dict at es t hat y ou do not car e ( 255. 255. 255. 255) w hat t he I P address is, but if an I P addr ess is enabled on any int erface, place it in area 0.

Ex a m ple 3 - 1 Con figu r in g OSPF in a Sin gle Ar e a router ospf 1 network 0.0.0.0 255.255.255.255 area 0

89

The follow ing is a list of r easons OSPF is consider ed a bet t er r out ing pr ot ocol t han RI P: • • • • • • • •

OSPF has no hop count lim it at ions. ( RI P has 15 hops only.) OSPF under st ands var iable - lengt h subnet m ask s ( VLSMs) and allow s for sum m ar izat ion. OSPF uses m ult icast s ( not br oadcast s) t o send updat es. OSPF conv er ges m uch fast er t han RI P, because OSPF pr opagat es changes im m ediat ely . OSPF allow s for load balancing w it h up t o six equal- cost pat hs. OSPF has aut hent icat ion available. ( RI Pv2 does also, but RI Pv1 does not .) OSPF allow s for t agging of ext er nal r out es inj ect ed by ot her aut onom ous syst em s. OSPF configur at ion, m onit or ing, and t r oubleshoot ing hav e a far gr eat er I OS t ool base t han RI P.

N OTE OSPF does hav e som e disadv ant ages, including t he lev el of difficult y and under st anding r equir ed t o configur e, m onit or , and t r oubleshoot it . The ot her t w o fact or s ar e t he m em or y and Cent r al Pr ocessing Unit ( CPU) r equir em ent s t hat can affect even high- end r out er per for m ance. You can configur e m or e t han one OSPF process, but y ou m ust be m indful t hat t he SPF calculat ions associat ed w it h m ult iple OSPF pr ocesses can consum e a consider able am ount of CPU and m em or y .

OSPF a n d N on br oa dca st M u lt ia cce ss En v ir on m e n t s A nonbr oadcast m ult iaccess ( NBMA) env ir onm ent pr esent s t he OSPF designer a num ber of challenges. The m ain challenge is t hat NBMA env ir onm ent s do not car r y br oadcast t r affic but hav e t he added char act er ist ics t hat m ult iple dest inat ions m ay be pr esent . I n a nor m al br oadcast env ir onm ent , t his is not a challenge because a packet can be sent t o a br oadcast or m ult icast addr ess and be r eceived by all r ecipient s. To over com e t hese pr oblem s, OSPF, and in par t icular Cisco I OS, allow s you t o define t he net w or k s t y pes and also allow s st at ic OSPF neighbor configur at ions. Cisco I OS enables you t o configur e five m ain net w or k t ypes as displayed in Table 32. These fiv e possible solut ions av ailable w it h Cisco I OS ar e list ed for y our r efer ence.

Table 3-2. OSPF over NBMA Using Cisco IOS Method

Description

Point - t o- point nonbr oadcast

Used t y pically for Fr am e Relay int er faces.

Point - t o- point

This is t he default m ode for subint er faces.

Point - t o- m ult ipoint

Used for m ult iple dest inat ions.

Nonbr oadcast

NBMA m ode.

Br oadcast

Used in Et her net and br oadcast env ir onm ent s in w hich t he

90

elect ion of DR/ BDR t ak es place. Scenar io 3- 4 illust rat es t he behavior of OSPF in an NBMA en v ir on m en t .

Sce n a r ios The follow ing scenar ios ar e designed t o dr aw t oget her and fur t her ex plor e t he cont ent descr ibed ear lier in t his chapt er and som e of t he cont ent y ou hav e seen in y our ow n net w or k s or pr act ice labs. Ther e is not alw ay s one r ight w ay t o accom plish t he t ask s pr esent ed, and using good pr act ice and defining y our end goal ar e im por t ant in any r eal- life design or solut ion.

Sce n a r io 3 - 1 : Con figu r in g OSPF in a Sin gle Ar e a I n t his scenar io, y ou configur e t w o Cisco r out er s for OSPF r out ing using a Class B ( / 16) net w or k ( 131.108.0.0) w it h a Class C subnet m ask ( 255.255.255.0, or / 24 m ask) . You build a sm all net w or k and an OSPF r out ing t able. You m ust also configur e a num ber of loopback int er faces t o populat e t he I P r out ing t able. Figur e 3- 1 displays t w o r out er s nam ed R1 and R2 connect ed t hr ough Et her net . Configur e t he r out er s of OSPF ar ea 1 and place t he loopbacks in ar ea 1 also.

Figu r e 3 - 1 . Ba sic OSPF

Figur e 3- 1 display s t he I P addr essing and ar ea assignm ent s for Rout ers R1 and R2. Configur e R1 for OSPF fir st . Assign all int er faces w it h t he ar ea assignm ent 1. Also not e t hat t his scenar io uses VLSM. Use t he n e t w or k com m and and m at ch t he I P subnet ex act ly . Ex am ple 3- 2 displays t he OSPF configurat ion perform ed on R1. N OTE Rout ers R1 and R2 reside in one area; so, in fact , you could apply t he one I OS com m and t o enable all int er faces configur ed w it h an I P addr ess in t he r ange 131.108.0.0 t hr ough 131.108.255.255 w it h t he com m and n e t w or k 1 3 1 .1 0 8 .0 .0 0 .0 .2 5 5 .2 5 5 a r e a 1 .

91

Ex a m ple 3 - 2 R1 OSPF Con figu r a t ion router ospf 1 network 131.108.1.0 0.0.0.255 area 1 network 131.108.4.0 0.0.0.127 area 1 network 131.108.4.128 0.0.0.127 area 1 network 131.108.5.0 0.0.0.31 area 1 Ex am ple 3- 3 display s t he OSPF configur at ion per for m ed on R2.

Ex a m ple 3 - 3 R2 OSPF Con figu r a t ion router ospf 2 network 131.108.1.0 0.0.0.255 area 1 network 131.108.5.32 0.0.0.31 area 1 network 131.108.6.1 0.0.0.0 area 1 network 131.108.6.2 0.0.0.0 area 1 N OTE R1 has a process I D of 1 and R2 has a process I D of 2. The process I D is locally significant only and doesn't need t o m at ch bet w een r out er s. The pr ocess I D can be any num ber bet w een 1–65535. Also, because R2 has host ( or / 32 subnet s) m ask s on loopbacks 2 and 3, t he inver se m ask is 0.0.0.0, or an exact m at ch.

Ex am ple 3- 4 display s t he t hr ee r em ot e net w or k s r eachable t hr ough OSPF w it h a cost m et r ic of 11 for all t hr ee. The nex t hop addr ess is 131.108.1.2 t hr ough Et her net 0/ 0. You m ight ask y our self w hy som e of t he r em ot e net w or k s ar e display ed as a / 32 rout e when you used a / 27 m ask. To discov er w hy loopback s appear as / 32 host r out er s, ex am ine Ex am ple 3- 4, w h ich displays t he I P rout ing t able on R1.

Ex a m ple 3 - 4 R1 's I P Ro u t in g Ta b le R1#show ip route 131.108.0.0/16 is variably subnetted, 7 subnets, 4 masks C 131.108.4.128/25 is directly connected, Loopback1 O 131.108.5.33/32 [110/11] via 131.108.1.2, 00:02:22, Ethernet0/0 O 131.108.6.1/32 [110/11] via 131.108.1.2, 00:02:22, Ethernet0/0 C 131.108.5.0/27 is directly connected, Loopback2 O 131.108.6.2/32 [110/11] via 131.108.1.2, 00:02:22, Ethernet0/0 C 131.108.4.0/25 is directly connected, Loopback0 C 131.108.1.0/24 is directly connected, Ethernet0/0 R1# The r em ot e net w or k is displayed as a / 32 r out e w hen a / 27 m ask is used because, by default , OSPF adv er t ises loopback s as host addr esses, or as / 32 r out es. Change t his default configur at ion and m ak e t he r out es appear as / 27 w it h t he configur at ion on R2, as displayed in Ex am ple 3- 5. To m ake t hings a lit t le m or e int er est ing, m odify t he cost as w ell t o 1000.

92

Ex a m ple 3 - 5 Adv e r t isin g Loopba ck s a s / 2 7 on R2 a n d Ch a n g in g t h e D e f a u lt Cost t o 1 0 0 0 R2#conf t Enter configuration commands, one per line. End with CNTL/Z. R2(config)#int loopback0 R2(config-if)#ip ospf cost 1000 R2(config-if)#ip ospf network point-to-point The com m and ip osp f cost 1 0 0 0 changes t he cost t o 1000. The com m and ip osp f n e t w or k poin t - t o- poin t changes t he r out e adv er t isem ent t o / 27. Ex am ple 3- 6 display s R1's r out ing t able aft er t hese changes.

Ex a m ple 3 - 6 R1 Rou t in g Ta b le R1#show ip route 131.108.0.0/16 is variably subnetted, 7 subnets, 4 masks C 131.108.4.128/25 is directly connected, Loopback1 O 131.108.5.32/27 [110/1010] via 131.108.1.2, 00:01:19, Ethernet0/0 O 131.108.6.1/32 [110/11] via 131.108.1.2, 00:01:19, Ethernet0/0 C 131.108.5.0/27 is directly connected, Loopback2 O 131.108.6.2/32 [110/11] via 131.108.1.2, 00:01:19, Ethernet0/0 C 131.108.4.0/25 is directly connected, Loopback0 C 131.108.1.0/24 is directly connected, Ethernet0/0 R1# I n Ex am ple 3- 6, t he subnet 131.108.5.32 displayed is 27 bit s. The r em aining loopbacks are st ill / 32, so you need t o m odify t hem also. The associat ed cost of t he r em ot e net w or k 131.108.5.32/ 27 is 1010. To figur e out w hy , r em em ber t hat OSPF calculat es t he t ot al cost fr om sour ce t o dest inat ion. The 1000 is t he cost R2 assigns and adver t ises t o R1. When R1 r eceives t he updat e, it m akes a calculat ion on t ot al cost . The pat h t ak en t o t he r em ot e net w or k 131.108.5.32 is t hr ough Et her net 0/ 0. Find out t he cost associat ed w it h R1 Et her net 0/ 0 by using t he sh ow ip osp f in t e r f a ce e t h e r n e t 0 / 0 com m and as display ed in Ex am ple 3- 7.

Ex a m ple 3 - 7 sh ow ip ospf in t e r fa ce e t h e r n e t 0 / 0 on R1 R1#show ip ospf interface ethernet 0/0 Ethernet0/0 is up, line protocol is up Internet Address 131.108.1.1/24, Area 1 Process ID 1, Router ID 131.108.5.1, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 131.108.5.1, Interface address 131.108.1.1 Backup Designated router (ID) 131.108.1.2, Interface address 131.108.1.2 Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:06 Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor 131.108.1.2 (Backup Designated Router) Suppress hello for 0 neighbor(s) R1#

93

The cost associat ed w it h t he pat h on t he Et her net segm ent is 10. Ther efor e, t he t ot al cost is 1000 ( as adver t ised by R2) plus 10, w hich equals 1010. Anot her m et hod you can use t o det er m ine t he cost w it h an Et her net segm ent is t o use t he cost calculat ion, cost = 10 8 / Bandwidt h = 108 / 107 = 10. Ex am ple 3- 8 displays t he full rout ing configurat ion on R1.

Ex a m ple 3 - 8 R1 Fu ll Con figu r a t ion version 12.0 ! hostname R1 ! enable password cisco ! no ip domain-lookup interface Loopback0 ip address 131.108.4.1 255.255.255.128 ! interface Loopback1 ip address 131.108.4.129 255.255.255.128 ! interface Loopback2 ip address 131.108.5.1 255.255.255.224 ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! interface Serial0/0 shutdown ! interface Serial0/1 shutdown router ospf 1 network 131.108.1.0 0.0.0.255 area 1 network 131.108.4.0 0.0.0.127 area 1 network 131.108.4.128 0.0.0.127 area 1 network 131.108.5.0 0.0.0.31 area 1 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 3- 9 displays t he full r out ing configur at ion on R2.

Ex a m ple 3 - 9 R2 Fu ll Con figu r a t ion version 12.0 ! hostname R2 ! enable password cisco ! no ip domain-lookup

94

! interface Loopback0 ip address 131.108.5.33 255.255.255.224 ip ospf network point-to-point ip ospf cost 1000 ! interface Loopback1 ip address 131.108.6.1 255.255.255.255 ! interface Loopback2 ip address 131.108.6.2 255.255.255.255 ! interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 ! interface Serial1/0 shutdown ! interface Serial1/1 shutdown ! interface Serial1/2 shutdown ! interface Serial1/3 shutdown ! router ospf 2 network 131.108.1.0 0.0.0.255 area 1 network 131.108.5.32 0.0.0.31 area 1 network 131.108.6.1 0.0.0.0 area 1 network 131.108.6.2 0.0.0.0 area 1 ! line con 0 line aux 0 line vty 0 4 end Now , apply t he OSPF pr inciples t o a lar ger , m or e com plex net w or k in Scenar io 3- 2.

Sce n a r io 3 - 2 : Con figu r in g OSPF in M u lt iple Ar e a s Tur n y our at t ent ion t o a far m or e com plex OSPF scenar io and apply som e of t he adv anced feat ur es in OSPF. This scenario uses four ro ut ers: R1 and R2 from scenar io 3- 1 and t w o new r out er s nam ed R6 and R3. Figur e 3- 2 disp lays t he r out er s in t his scenar io.

Figu r e 3 - 2 . OSPF Topology a n d I P Addr e ssin g

95

I n t his scenar io, you add t w o new r out er s, R3 and R6, and cr eat e an addit ional t w o new ar eas: Ar ea 0 and Ar ea 2. That m akes a t ot al of t hr ee ar eas: t he backbone Ar ea 0 bet ween R3 and R6, Area 2 covering t he link bet ween R6 and R2, and Area 1 covering t he Et hernet s bet ween R1 and R2. Rout ers R2 and R6 in t his case are referred t o ar ea bor der r out er s ( ABRs) because m or e t han one ar ea is configur ed on each r out er . OSPF includes a num ber of differ ent r out er t y pes. Table 3- 3 displays all t he possible r out er s t y pes.

Table 3-3. OSPF Router Types Router type

Description

I nt er nal r out er

This r out er is w it hin a specific ar ea only. I nt er nal r out er funct ions include m aint aining t he OSPF dat abase and for w ar ding dat a t o ot her net w or k s. All int er faces on int ernal rout ers are in t he sam e area.

Area border rout er ( ABR)

ABRs ar e r esponsible for connect ing t w o or m or e ar eas. ABRs cont ain t he full t opological dat abase of each ar ea t hey ar e connect ed t o and send t his infor m at ion t o ot her ar eas.

Aut onom o us sy st em ASBRs connect t o t he out side w or ld or per for m som e for m of bor der r out er r edist r ibut ion int o OSPF. ( ASBR) Back bone r out er

Back bone r out er s ar e connect ed t o ar ea 0, also k now as ar ea 0.0.0.0. Backbone r out er s can be int er nal r out er s and ASBRs.

I n Figur e 3- 2, R1 is an int ernal rout er; R2 is an ABR; R6 is a backbone rout er and ABR, and R3 is a backbone rout er.

96

Rout er R1 r equir es no configur at ion change, but you need t o m odify R2 and enable OSPF on R3 and R6. Ex am ple 3- 10 displays t he m odificat ions required on R2. Rem em ber t hat you have a link t o R6, so you need t o set I P addr essing and clocking as you did in t he Chapt er 2, “ Rout ing Pr inciples.” Ex am ple 3- 5 uses Cisco ser ial backt o- back V.35 cables.

Ex a m ple 3 - 1 0 Con figu r a t ion of R2 a s ABR R2(config)#router ospf 2 R2(config-router)#network 141.108.10.0 0.0.0.3 area 2 Now, enable OSPF on R3 and R6. Not ice t he I P addressing in Figur e 3- 2 has a m ix t ur e of t he Class B net w or k s 131.108.0.0 and 141.108.0.0 w it h differ ent subnet s. Hence, t his scenar io uses VLSM ex t ensiv ely t o illust r at e t he capabilit y of OSPF t o handle VLSM. To enable OSPF on R6, st ar t t he OSPF pr ocess w it h t he pr ocess I D 6 and enable t he int er faces t o adv er t ise t he net w or k s as display ed by Ex am ple 3- 11.

Ex a m ple 3 - 1 1 En a ble OSPF o n R6 w it h Pr oce ss I D 6 r6(config)#router ospf 6 r6(config-router)# network r6(config-router)# network r6(config-router)# network r6(config-router)# network r6(config-router)# network r6(config-router)# network

141.108.9.0 0.0.0.127 area 0 141.108.9.128 0.0.0.127 area 0 141.108.10.0 0.0.0.3 area 2 141.108.10.4 0.0.0.3 area 0 141.108.12.0 0.0.0.255 area 0 141.108.12.26 0.0.0.255 area 0

Sim ilarly, Ex am ple 3- 12 display s t he OSPF configurat ion required on R3.

Ex a m ple 3 - 1 2 En a ble OSPF on R3 R3(config)#router ospf 3 R3(config-router)#network R3(config-router)#network R3(config-router)#network R3(config-router)#network R3(config-router)#network

141.108.10.4 0.0.0.3 area 0 141.108.1.0 0.0.0.127 area 0 141.108.1.128 0.0.0.127 area 0 141.108.2.0 0.0.0.31 area 0 131.108.33.0 0.0.0.255 area 0

Now t hat OSPF is configur ed on all four r out er s, ex am ine t he r out ing t able on t he back bone net w or k t o ensur e t hat all net w or k s ar e r out able. Ex am ple 3- 13 display s t he I P rout ing t able on R6.

Ex a m ple 3 - 1 3 I P Rou t in g Ta ble on R6 r6#show ip route 141.108.0.0/16 is variably subnetted, 7 subnets, 3 masks O 141.108.1.128/25 [110/65] via 141.108.10.5, 00:00:32, Serial0 C 141.108.9.128/25 is directly connected, Loopback1 O 141.108.1.0/25 [110/65] via 141.108.10.5, 00:00:32, Serial0 C 141.108.9.0/25 is directly connected, Loopback0 C 141.108.10.0/30 is directly connected, Serial1 C 141.108.12.0/24 is directly connected, Loopback2 C 141.108.10.4/30 is directly connected, Serial0

97

O C r6#

131.108.0.0/24 is subnetted, 2 subnets 131.108.33.0 [110/74] via 141.108.10.5, 00:00:32, Serial0 131.108.26.0 is directly connected, Ethernet0

Ex am ple 3- 13 displays t he r em ot e net w or ks on Rout er R3, but not t he net w or ks fr om R1 or R2. For exam ple, t he Et her net net w or k 131.108.1.0/ 24 in ar ea 1 is not rout able from R6. Exam ine R3's rout ing t able. Ex am ple 3- 14 displays R3's I P r out ing t able.

Ex a m ple 3 - 1 4 R3 ' s I P Rou t in g Ta ble R3>show ip route 141.108.0.0/16 is variably subnetted, 8 subnets, 4 masks C 141.108.1.128/25 is directly connected, Loopback1 O 141.108.9.128/25 [110/65] via 141.108.10.6, 00:23:42, Serial1 C 141.108.1.0/25 is directly connected, Loopback0 C 141.108.2.0/27 is directly connected, Loopback2 O 141.108.9.0/25 [110/65] via 141.108.10.6, 00:23:42, Serial1 O IA 141.108.10.0/30 [110/128] via 141.108.10.6, 00:23:42, Serial1 O 141.108.12.0/24 [110/65] via 141.108.10.6, 00:23:42, Serial1 C 141.108.10.4/30 is directly connected, Serial1 131.108.0.0/24 is subnetted, 1 subnets C 131.108.33.0 is directly connected, Ethernet0 Once m ore, Ex am ple 3- 14 doesn't display t he net works in area 1 on Rout ers R1 and R2. Ex am ple 3- 15 displays R2's I P rout ing t able.

Ex a m ple 3 - 1 5 R2 's I P Rou t in g Ta ble R2>show ip route 141.108.0.0/16 is variably subnetted, 7 subnets, 3 masks O IA 141.108.1.128/25 [110/846] via 141.108.10.2, 00:08:05, Serial1/0 O IA 141.108.9.128/25 [110/782] via 141.108.10.2, 00:26:20, Serial1/0 O IA 141.108.1.0/25 [110/846] via 141.108.10.2, 00:08:15, Serial1/0 O IA 141.108.9.0/25 [110/782] via 141.108.10.2, 00:26:20, Serial1/0 C 141.108.10.0/30 is directly connected, Serial1/0 O IA 141.108.12.0/24 [110/782] via 141.108.10.2, 00:26:20, Serial1/0 O IA 141.108.10.4/30 [110/845] via 141.108.10.2, 00:26:20, Serial1/0 131.108.0.0/16 is variably subnetted, 8 subnets, 3 masks O 131.108.4.129/32 [110/11] via 131.108.1.1, 00:46:09, Ethernet0/0 C 131.108.5.32/27 is directly connected, Loopback0 O IA 131.108.33.0/24 [110/855] via 141.108.10.2, 00:09:06, Serial1/0 C 131.108.6.1/32 is directly connected, Loopback1 O 131.108.4.1/32 [110/11] via 131.108.1.1, 00:46:09, Ethernet0/0 O 131.108.5.1/32 [110/11] via 131.108.1.1, 00:46:09, Ethernet0/0 C 131.108.6.2/32 is directly connected, Loopback2 C 131.108.1.0/24 is directly connected, Ethernet0/0 R2> Not ice, how ev er , t hat R2 has access t o t he r em ot e net w or k s in ar ea 0 or on t he back bone, but not v ice v er sa, because Rout er R2 is connect ed t o area 2.

98

Ar ea 2 is not par t it ioned fr om t he back bone. I n fact , ar ea 2 is dir ect ly connect ed t o t he backbone t hrough Rout er R6. Ar ea 1 is not dir ect ly connect ed t o t he backbone. Ther efor e, Rout er R1 is m issing I P net w orks. The golden rule in any OSPF net w ork is t hat all areas m ust be cont iguous or all areas m ust be connect ed t o t he back bone. Scenar io 3- 2 includes t hr ee ar eas. I f an ar ea cannot be assigned t o t he back bone or is par t it ioned fr om t he back bone, a v ir t ual link is r equir ed. When designing a net w or k , y ou use a v ir t ual link t o at t ach ar eas t hat do not hav e a phy sical connect ion t o t he back bone or in cases in w hich t he back bone is par t it ioned, as in t he exam ple show n in Figur e 3- 2. Figur e 3- 3 displays t he areas and t he re quirem ent for a virt ual link.

Figu r e 3 - 3 . Ar e a Assign m e n t s a n d t h e V ir t u a l Lin k Re qu ir e m e n t

The virt ual link in t his scenario is required from R2 t o R6. The virt ual link allows infor m at ion about ar ea 1 t o be sent t o t he back bone. Anot her solut ion t o t his pr oblem is t o change t he ar ea 1 assignm ent t o ar ea 2 or t o connect a phy sical link fr om ar ea 1 t o t he back bone. I n t his scenar io, configur e a v ir t ual link bet ween R2 and R6. To cr eat e a v ir t ual link , y ou use t he follow ing com m and:

[no] area area-id virtual-link router-id [hello-interval seconds] [retransmit-interval seconds] [transmit-delay seconds] [dead-interval seconds] [[authentication-key key] | [message-digest-key keyid md5 key]] As y ou can see, t his com m and has m any opt ions. The follow ing is a sim plificat ion:

99

area area-id virtual-link router-id Th e ar ea- id is t he t r ansit net w or k bet w een t he t w o par t it ioned ar eas, in t his case ar ea 2. You can find t he r out er - id by using t he sh ow ip osp f d a t a b a se com m and, w hich display s t he com plet e OSPF dat abase. Exam ple 3- 1 6 show s y ou how t o discov er t he r out er I Ds on R2 and R6. Not e t hat t he ext ensive am ount of inform at ion t y pically supplied by t he sh ow ip osp f d a t a b a se com m and is not all displayed in Ex am ple 3- 16.

Ex a m ple 3 - 1 6 sh ow ip ospf da t a ba se Com m a n d on R2 a n d R6 R2>show ip ospf database OSPF Router with ID (131.108.6.2) (Process ID 2) r6>show ip ospf database OSPF Router with ID (141.108.12.1) (Process ID 6) You now hav e t he infor m at ion r equir ed t o configur e a vir t ual link bet w een R3 and R6. Ex am ples 3- 17 and 3- 18 display t he configurat ion perform ed on Rout ers R2 and R6.

Ex a m ple 3 - 1 7 Con f igu r in g a V ir t u a l Lin k on R2 R2(config)#router ospf 2 R2(config-router)#area 2 virtual-link 141.108.12.1

Ex a m ple 3 - 1 8 Con f igu r in g a V ir t u a l Lin k on R6 R6(config)#router ospf 6 r6(config-router)#area 2 virtual-link 131.108.6.2 Use t he sh o w ip o sp f v ir t u a l- link s com m and on R2, dem onst r at ed in Ex am ple 319, t o ensur e t hat t he v ir t ual link is act iv e.

Ex a m ple 3 - 1 9 sh ow ip ospf vir t u a l - lin k s R2#show ip ospf virtual-links Virtual Link OSPF_VL0 to router 141.108.12.1 is up Run as demand circuit DoNotAge LSA allowed. Transit area 2, via interface Serial1/0, Cost of using 781 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:07 Adjacency State FULL (Hello suppressed) Ex am ple 3- 19 displa ys an act ive link t o t he r em ot e OSPF r out er w it h t he I D 141.108.12.1. Now , view t he r out ing t ables on R3 t o det er m ine w het her t he ar ea 1 net w or k s hav e been inser t ed int o t he I P r out ing t able, as dem onst r at ed in Ex am ple 3- 20.

Ex a m ple 3 - 2 0 sh ow ip r ou t e on R3 R3#show ip route

100

C O C C O O IA O C O O C O O O O O O

IA IA IA IA IA IA IA

141.108.0.0/16 is variably subnetted, 8 subnets, 4 masks 141.108.1.128/25 is directly connected, Loopback1 141.108.9.128/25 [110/65] via 141.108.10.6, 00:01:43, Serial1 141.108.1.0/25 is directly connected, Loopback0 141.108.2.0/27 is directly connected, Loopback2 141.108.9.0/25 [110/65] via 141.108.10.6, 00:01:43, Serial1 141.108.10.0/30 [110/128] via 141.108.10.6, 00:01:43, Serial1 141.108.12.0/24 [110/65] via 141.108.10.6, 00:01:43, Serial1 141.108.10.4/30 is directly connected, Serial1 131.108.0.0/16 is variably subnetted, 9 subnets, 3 masks 131.108.4.129/32 [110/139] via 141.108.10.6, 00:01:43, Serial1 131.108.5.32/27 [110/1128] via 141.108.10.6, 00:01:43, Serial1 131.108.33.0/24 is directly connected, Ethernet0 131.108.6.1/32 [110/129] via 141.108.10.6, 00:01:43, Serial1 131.108.4.1/32 [110/139] via 141.108.10.6, 00:01:43, Serial1 131.108.6.2/32 [110/129] via 141.108.10.6, 00:01:43, Serial1 131.108.5.1/32 [110/139] via 141.108.10.6, 00:01:43, Serial1 131.108.1.0/24 [110/138] via 141.108.10.6, 00:01:43, Serial1 131.108.26.0/24 [110/74] via 141.108.10.6, 00:01:44, Serial1

Rout er R3 discov er s t he r em ot e net w or k s fr om t he par t it ioned ar ea 1 t hr ough t he vir t ual link bet w een t he r out er s R2 and R6 as dem onst r at ed by t he I P r out ing t able in Ex am ple 3- 20. Ex am ples 3- 21, 3- 22, and 3- 23 show t he t hree configurat ions of rout ers R2, R3, and R6, r espect iv ely . R1's configur at ion is unchanged fr om scenar io 3- 1.

Ex a m ple 3 - 2 1 Fu ll Con figu r a t ion on R2 Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname R2 ! enable password cisco ! no ip domain-lookup ! interface Loopback0 ip address 131.108.5.33 255.255.255.224 ip ospf network point-to-point ip ospf cost 1000 ! interface Loopback1 ip address 131.108.6.1 255.255.255.255 ! interface Loopback2 ip address 131.108.6.2 255.255.255.255 ! interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0

101

! interface TokenRing0/0 shutdown ! interface Serial1/0 ip address 141.108.10.1 255.255.255.252 ! interface Serial1/1 shutdown ! interface Serial1/2 shutdown ! interface Serial1/3 shutdown ! router ospf 2 area 2 virtual-link 141.108.12.1 network 131.108.1.0 0.0.0.255 area 1 network 131.108.5.32 0.0.0.31 area 1 network 131.108.6.1 0.0.0.0 area 1 network 131.108.6.2 0.0.0.0 area 1 network 141.108.10.0 0.0.0.3 area 2 ! line con 0 line aux 0 line vty 0 4 login ! end Ex am ple 3- 22 displays R3's full configur at ion.

Ex a m ple 3 - 2 2 Fu ll Con figu r a t ion on R3 version 12.0 ! hostname R3 ! enable password cisco ! interface Loopback0 ip address 141.108.1.1 255.255.255.128 ip ospf network point-to-point ! interface Loopback1 ip address 141.108.1.129 255.255.255.128 ip ospf network point-to-point ! interface Loopback2 ip address 141.108.2.1 255.255.255.224 ip ospf network point-to-point ! interface Ethernet0 ip address 131.108.33.1 255.255.255.0 !

102

interface Ethernet1 shutdown ! interface Serial0 shutdown ! interface Serial1 ip address 141.108.10.5 255.255.255.252 ! router ospf 3 network 131.108.33.0 0.0.0.255 area 0 network 141.108.1.0 0.0.0.127 area 0 network 141.108.1.128 0.0.0.127 area 0 network 141.108.2.0 0.0.0.31 area 0 network 141.108.10.4 0.0.0.3 area 0 line con 0 line aux 0 line vty 0 4 ! end Ex am ple 3- 23 displays R6's full configur at ion.

Ex a m ple 3 - 2 3 Fu ll Con figu r a t ion on R6 ! version 12.0 ! hostname r6 ! enable password cisco ! interface Loopback0 ip address 141.108.9.1 255.255.255.128 ip ospf network point-to-point ! interface Loopback1 ip address 141.108.9.129 255.255.255.128 ip ospf network point-to-point ! interface Loopback2 ip address 141.108.12.1 255.255.255.0 ip ospf network point-to-point ! interface Ethernet0 ip address 131.108.26.1 255.255.255.0 media-type 10BaseT ! interface Ethernet1 shutdown ! interface Serial0 ip address 141.108.10.6 255.255.255.252 clockrate 125000 ! interface Serial1

103

ip address 141.108.10.2 255.255.255.252 clockrate 125000 ! interface Serial2 shutdown ! interface Serial3 shutdown ! interface TokenRing0 shutdown ! interface TokenRing1 shutdown ! router ospf 6 area 2 virtual-link 131.108.6.2 network 141.108.9.0 0.0.0.127 area 0 network 141.108.9.128 0.0.0.127 area 0 network 141.108.10.0 0.0.0.3 area 2 network 141.108.10.4 0.0.0.3 area 0 network 131.108.26.0 0.0.0.255 area 0 ! line con 0 line aux 0 line vty 0 4 end Now , y ou m ov e on t o lear n about som e com m on OSPF com m ands y ou can use t o ensur e t hat r em ot e net w or k s ar e r eachable.

Sce n a r io 3 - 3 : H ow OSPF M on it or s, M a n a ge s, a n d M a in t a in s Rou t e s I n t his scenario, you re - exam ine in det ail t he net work in Figur e 3- 2 and discover som e of t he com m on OSPF com m ands for m onit or i ng, m anaging, and m aint aining I P r out ing t ables. This scenar io also look s at w ay s t o configur e OSPF t o m odify I P r out ing t able ent r ies, such as cost m et r ics and DR/ BDR elect ion. Table 3- 4 display s a sum m ar y of t he com m ands ex ecut ed in t his scenar io.

Table 3-4. OSPF Commands for Monitoring, Managing, and Maintaining IP Routing Tables Command

Description

sh ow ip osp f

Display s t he OSPF pr ocess and det ails such as OSPF process I D and rout er I D.

sh ow ip osp f d a t a b a se

Display s r out er s t opological dat abase.

sh ow ip osp f n e ig h b o r

Display s OSPF neighbor s.

104

sh ow ip osp f n e ig h b or d e t a il

Display s OSPF neighbor s in det ail, pr ov iding par am et er s, such as neighbor addr ess, hello int er v al, and dead int er v al.

sh ow ip osp f in t e r fa ce

Display s infor m at ion on how OSPF has been configur ed for a giv en int er face.

ip ospf pr ior it y

I nt er face com m and used t o change t he DR/ BDR elect ion pr ocess.

ip ospf cost

I nt er face com m and used t o change t he cost of an OSPF int er face.

Ex am ple 3- 24 show s t he out put of t he com m and sh ow ip osp f t ak en fr om t he backbone Rout er R3 in Figur e 3- 2. Table 3- 5 explains how t o r ead t he m ost im por t ant infor m at ion cont ained w it hin t he out put . N OTE Scenar io 3- 2, and t hus t his scenar io, hav e four r out er s w it h t he follow ing r out er I Ds: • • • •

R1— R2— R3— R6—

131. 108. 5. 1 131. 108. 6. 2 141. 108. 12. 1 141. 108. 2. 1

This inform at ion is show n in t he ex am ples t hat follow .

Ex a m ple 3 - 2 4 sh ow ip ospf Ou t pu t R3>show ip ospf Routing Process "ospf 3" with ID 141.108.2.1 Supports only single TOS(TOS0) routes SPF schedule delay 5 secs, Hold time between two SPFs 10 secs Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs Number of external LSA 0. Checksum Sum 0x0 Number of DCbitless external LSA 0 Number of DoNotAge external LSA 0 Number of areas in this router is 1. 1 normal 0 stub 0 nssa Area BACKBONE(0) Number of interfaces in this area is 4 Area has no authentication SPF algorithm executed 3 times Area ranges are Number of LSA 13. Checksum Sum 0x54D76 Number of DCbitless LSA 0 Number of indication LSA 0 Number of DoNotAge LSA 9

Table 3-5. Explanation of the show ip ospf Command Output Taken from R3 Field

Explanation

Rout ing pr ocess I D

Displays t he process I D. I n t his case 141.108.2.1.

Minim um LSA int erval 5

The am ount of t im e t hat t he I OS w ait s befor e t he SPF

105

secs Minim um LSA ar r ival 1 sec

calculat ion is com plet ed aft er r eceiv ing an updat e. The m inim um LSA int erval is five seconds and t he m inim um LSA ar r ival is one second on R3.

Num ber of areas in t his r out er is 1

Display s t he num ber of ar eas configur ed on t he local rout er. I n t his exam ple, R3 has all int erfaces in t he backbone, or ar ea 0. So only one ar ea is displayed by t his com m and.

Area BACKBONE( 0)

Displays t he area t he rout er is configured for. R3 is a back bone r out er , so t his out put adv ises t he ar ea in bac kbone 0.

Num ber of int er faces in t his area is 4

Displays t he num ber of int er faces in ar ea 0. R3 has four int erfaces in area 0.

Area has no aut hent icat ion

Displays t he fact t hat no aut hent icat ion is used on R3.

Ex am ple 3- 25 show s t he out put of t he com m and sh ow ip osp f d a t a b a se t aken from t he backbone R3 in Figur e 3- 2. Table 3- 6 explains how t o r ead t he m ost im por t ant infor m at ion cont ained w it hin t he out put .

Ex a m ple 3 - 2 5 sh ow ip ospf da t a ba se Ou t pu t R3>show ip ospf database OSPF Router with ID (141.108.2.1) (Process ID 3) Router Link States (Area 0) Link ID ADV Router Age Seq# Checksum count 131.108.6.2 131.108.6.2 7 (DNA) 0x80000002 0x38EB 141.108.2.1 141.108.2.1 559 0x80000003 0xCC2 141.108.10.5 141.108.10.5 3110 0x8000000B 0x1AC 141.108.12.1 141.108.12.1 153 0x80000010 0xC3A Summary Net Link States (Area 0) Link ID ADV Router Age Seq# Checksum 131.108.1.0 131.108.6.2 82 (DNA) 0x80000001 0xE663 131.108.4.1 131.108.6.2 82 (DNA) 0x80000001 0xC57F 131.108.4.129 131.108.6.2 82 (DNA) 0x80000001 0xC004 131.108.5.1 131.108.6.2 82 (DNA) 0x80000001 0xBA89 131.108.5.32 131.108.6.2 82 (DNA) 0x80000001 0x8ED4 131.108.6.1 131.108.6.2 82 (DNA) 0x80000001 0x4B02 131.108.6.2 131.108.6.2 82 (DNA) 0x80000001 0x410B 141.108.10.0 131.108.6.2 82 (DNA) 0x80000001 0x280C 141.108.10.0 141.108.12.1 1958 0x80000006 0x846B

Link 1 5 5 7

Table 3-6. Explanation of the show ip ospf database Command Field

Explanation

OSPF Rout er w it h I D ( 141.108.2.1) ( Process I D 3)

The r out er I D and pr ocess I D on t he r out er configur ed by t he net w ork adm inist rat or.

Rout er Link St at es ( Ar ea 0)

Displays t he link- st at e adv er t isem ent s fr om connect ed neighbor s discov er ed by t he Hello prot ocol.

Sum m ar y Net Link St at es ( Area 0)

I nfor m at ion display ed by ABRs.

106

To show you som e differ ent out put , look at t w o m or e exam ples fr om Scenar io 3- 2: one from R2 and one from R6. Ex am ple 3- 26 display s t he sh ow ip osp f n e ig h b or com m and from R2.

Ex a m ple 3 - 2 6 sh ow ip ospf n e igh bor fr om R2 R2>show ip ospf neighbor Neighbor ID Pri State Interface 131.108.5.1 1 FULL/DR Ethernet0/0 141.108.12.1 1 FULL/ Serial1/0

Dead Time

Address

00:00:39

131.108.1.1

00:00:34

141.108.10.2

Rout er R2 has t w o neighbor s: one acr oss t he Et her net segm ent and anot her t hr ough t he ser ial connect ion t o R6. The sh o w ip o sp f n e ig h b o r com m and display s t he neighbor r out er I D and t he pr ior it y of t he neighbor ( bot h 1 in t his ex am ple) as w ell as t he DR. Not ice t hat t he DR is R1 as seen by R2. The st at e of t he adj acency ( Full) and t he dead t im e ar e display ed. The dead t im e is t he am ount of t im e befor e t he adj acenc y is declar ed dead or inact ive if a Hello packet is not r eceived. The dead t im e m ust be t he sam e of t he adj acent r out er . The dead t im e is four t im es t he hello int er v al. The addr ess field display s t he r em ot e r out er 's I P addr ess. I n t his case, t he I P addr ess assigned t o R1 is 131.108.1. The int er face field descr ibes t he out bound int er face fr om w hich t he neighbor w as discov er ed. Ex am ple 3- 27 display s t he neighbors on R6 in m or e det ail by adding t he de t a il par am et er t o t he show ip ospf n e ig h b o r com m and.

Ex a m ple 3 - 2 7 sh ow ip ospf n e igh bor de t a il fr om R6 r6#show ip ospf neighbor detail Neighbor 141.108.2.1, interface address 141.108.10.5 In the area 0 via interface Serial0 Neighbor priority is 1, State is FULL, 6 state changes DR is 0.0.0.0 BDR is 0.0.0.0 Options 2 Dead timer due in 00:00:35 Neighbor 131.108.6.2, interface address 141.108.10.1 In the area 2 via interface Serial1 Neighbor priority is 1, State is FULL, 6 state changes DR is 0.0.0.0 BDR is 0.0.0.0 Options 2 Dead timer due in 00:00:33 Rout er R6 has no adj acency acr oss any br oadcast m edia, such as Et her net . Therefore, t he neighbors are all in a Full st at e but no DR or BDR is elect ed acr oss t he wide- ar ea net w or k ( WAN) link, because t he WAN link is consider ed a point - t o- point link . To det er m ine w hat t y pe of OSPF net w or k t he giv en int er face is, use t he show ip ospf in t e r fa ce com m and. Ex am ple 3- 28 displays t his com m and in it s m ost basic for m t aken fr om R6. You can pr ovide m or e par am et er s, such as in t e r f a ce se r ia l num ber .

Ex a m ple 3 - 2 8 sh ow ip ospf in t e r fa ce fr om R6 r6#show ip ospf interface Ethernet0 is up, line protocol is up

107

Internet Address 131.108.26.1/24, Area 0 Process ID 6, Router ID 141.108.12.1, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State WAITING, Priority 1 No designated router on this network No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:01 Wait time before Designated router selection 00:00:11 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback0 is up, line protocol is up Internet Address 141.108.9.1/25, Area 0 Process ID 6, Router ID 141.108.12.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback1 is up, line protocol is up Internet Address 141.108.9.129/25, Area 0 Process ID 6, Router ID 141.108.12.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback2 is up, line protocol is up Internet Address 141.108.12.1/24, Area 0 Process ID 6, Router ID 141.108.12.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Serial0 is up, line protocol is up Internet Address 141.108.10.6/30, Area 0 Process ID 6, Router ID 141.108.12.1, Network Type POINT_TO_POINT, Cost: 64 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:06 Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor 141.108.2.1 Suppress hello for 0 neighbor(s) Serial1 is up, line protocol is up Internet Address 141.108.10.2/30, Area 2 Process ID 6, Router ID 141.108.12.1, Network Type POINT_TO_POINT, Cost: 64 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:06 Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor 131.108.6.2

5

5

5

5

5

5

108

Suppress hello for 0 neighbor(s) r6# Rout er R6 has six int er faces configur ed w it h OSPF, so y ou should ex pect det ails about t hose int er faces. Ex am ple 3- 28 displays all int er face net w or k t ypes as point t o- point ( loopback s by default ar e configur ed as loopback , but t he I OS com m and ip ospf n e t w or k poin t - t o- poin t configur es t he loopback as point - t o- point net works) ex cept t he Et her net segm ent , because Et her net is a br oadcast m edium . Also not ice t hat because R6 has no neighbor s ov er t he Et her net net w or k , no DR/ BDR is elect ed, because t her e is no need. The dead int er val is four t im es t he hello int er val on all int er faces. Now use som e int er face com m ands on t he Figur e 3- 2 net w or k t o m odify t he behav ior of t he DR/ BDR elect ion pr ocess. St ar t by changing t he designat ed r out er in ar ea 1 and ensur e t hat Rout er R2 becom es t he DR. Ex am ple 3- 29 display s t he current DR and t he configurat ion change on R2 t o m ake t he priorit y higher t han R1 by set t ing t he priorit y t o 255.

Ex a m ple 3 - 2 9 Ch a n gin g t h e I P OSPF Pr ior it y on R2 R2#show ip ospf neighbor Neighbor ID Pri State Interface 131.108.5.1 1 FULL/DR Ethernet0/0 141.108.12.1 1 FULL/ Serial1/0 R2#configure term Enter configuration commands, one per R2(config)#interface e 0/0 R2(config-if)#ip ospf priority 255 R2# show ip ospf neighbor Neighbor ID Pri State Interface 131.108.5.1 1 FULL/DR Ethernet0/0 141.108.12.1 1 FULL/ Serial1/0 R2# show ip ospf neighbor Neighbor ID Pri State Interface 131.108.5.1 1 FULL/DR Ethernet0/0 141.108.12.1 1 FULL/ Serial1/0

Dead Time

Address

00:00:35

131.108.1.1

00:00:37

141.108.10.2

line.

End with CNTL/Z.

Dead Time

Address

00:00:33

131.108.1.1

00:00:34

141.108.10.2

Dead Time

Address

00:00:31

131.108.1.1

00:00:32

141.108.10.2

Ex am ple 3- 29 st ills display s t he DR as R1 and not R2 ev en aft er t he configur at ion set t ing changes t he pr ior it y t o 255, because t he elect ion pr ocess has alr eady t ak en place and R1 is st ill t he DR. Ex am ple 3- 3 0 sim ulat es a net w or k out age by shut t ing down R1 E0/ 0. Now look at t he OSPF neighbor on R1, as displayed by Ex am ple 3- 30.

Ex a m ple 3 - 3 0 Sh u t t in g D ow n R1 E0 / 0 a n d sh ow ip ospf n e igh bor Com m a n ds R1(config)#interface e 0/0

109

R1(config-if)#shutdown 1w6d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to down 1w6d: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up 1w6d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up R1(config-if)#no shutdown 1w6d: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to up 1w6d: %LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0/0, changed state to up R1#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 131.108.6.2 255 INIT/00:00:39 131.108.1.2 Ethernet0/0 R1#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 131.108.6.2 255 EXCHANGE/0:39 131.108.1.2 Ethernet0/0 R1#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 131.108.6.2 255 EXSTART/DR 00:00:39 131.108.1.2 Ethernet0/0 R1#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 131.108.6.2 255 LOADING/DR 0:00:39 131.108.1.2 Ethernet0/0 R1#show ip ospf nei Neighbor ID Pri State Dead Time Address Interface 131.108.6.2 255 FULL/DR 00:00:39 131.108.1.2 Ethernet0/0 Ex am ple 3- 30 display s som e int er est ing fact s. The fir st is t hat w hen y ou shut dow n t h e int er face and enable t he Et her net por t E0/ 0 on R1, I OS displays m essages t o adv ise y ou of t he changed st at e. Second, t he fir st neighbor st at e is I NI T, w hich m eans R1 sent Hello packet s, w hich ar e aw ait ing R2's r eply. The st at e of EXSTART/ DR m eans t he t w o ro ut er s hav e for m ed a m ast er r elat ionship. The LOADI NG st at e indicat es t hat link - st at e r equest s hav e been sent . The FULL st at e indicat es t he t w o r out er s ar e fully adj acent or shar e t he sam e OSPF dat abase. The DR indicat es t hat t he designat ed r out er is t he neighbor w it h t he I P addr ess 131.108.1.2, w hich is Rout er R2. Ex am ple 3- 31 display s t he neighbor st at e as seen by R2, w hich is now t he back up designat ed r out er ( BDR) .

Exa m ple 3 - 3 1 sh ow ip ospf n e igh bor on R2 R2#show ip ospf neighbor Neighbor ID Pri State Interface

Dead Time

Address

110

131.108.5.1 Ethernet0/0 141.108.12.1 Serial1/0

1

FULL/BDR

00:00:34

131.108.1.1

1

FULL/

00:00:35

141.108.10.2

-

The final com m and in t his scenario is t he ip osp f cost com m and. You use t his com m and t o change t he cost Cisco r out er s assign by default by using t he for m ula OSPF cost = 108 / bandwidt h. This com m and is not t he only m et hod y ou can use t o change t he cost . You can also use t he b a n d w id t h com m and on a par t icular int er face and let t he Cisco I OS use t he bandw idt h por t ion of t he cost for m ula t o calculat e t he n ew cost . N OTE You can also use t he com m and a u t o- cost r e f e r e n ce - ba n dw id t h r ef er en cebandw idt h dur ing t he OSPF pr ocess t o change t he bandw idt h por t ion of t he cost calculat ion. You should set t his com m and equally acr oss all y our r out er s if y ou choose t o use it . The r efer ence- bandw idt h is set t o 108 by default .

Assum e y ou hav e a r equest fr om t he net w or k adm inist r at or t hat all loopbacks on R1 being adv er t ised t o R2 hav e a t ot al cost of 100. Ex am ple 3- 32 display s t he cur r ent cost on R2.

Ex a m ple 3 - 3 2 R2 's OSPF Rou t in g Ta ble R2#show ip route ospf 141.108.0.0/16 is variably subnetted, 7 subnets, 3 masks O 141.108.1.128/25 [110/846] via 141.108.10.2, 3d03h, Serial1/0 O 141.108.9.128/25 [110/782] via 141.108.10.2, 3d03h, Serial1/0 O 141.108.1.0/25 [110/846] via 141.108.10.2, 3d03h, Serial1/0 O 141.108.9.0/25 [110/782] via 141.108.10.2, 3d03h, Serial1/0 O 141.108.12.0/24 [110/782] via 141.108.10.2, 3d03h, Serial1/0 O 141.108.10.4/30 [110/845] via 141.108.10.2, 3d03h, Serial1/0 131.108.0.0/16 is variably subnetted, 9 subnets, 3 masks O 131.108.4.129/32 [110/11] via 131.108.1.1, 00:02:03, Ethernet0/0 O 131.108.33.0/24 [110/855] via 141.108.10.2, 3d03h, Serial1/0 O 131.108.4.1/32 [110/11] via 131.108.1.1, 00:02:03, Ethernet0/0 O 131.108.5.1/32 [110/11] via 131.108.1.1, 00:02:03, Ethernet0/0 O 131.108.26.0/24 [110/791] via 141.108.10.2, 3d03h, Serial1/0 The t hr ee loopback s display a cost of 11. To incr ease t his t o 100, y ou can increase t he cost per int er face. Exam ple 3- 33 display s t he cost change on R1 loopback int er faces fr om t he default of 1 t o 90. Rem em ber t hat by default , t he cost of a 10MB Et hernet int erface is 10.

Ex a m ple 3 - 3 3 Ch a n gin g t h e D e fa u lt Cost on R1 E0 / 0 R1(config)#interface loopback 0 R1(config-if)#ip ospf cost 90 R1(config-if)#interface loopback 1 R1(config-if)#ip ospf cost 90

111

R1(config-if)#interface loopback 2 R1(config-if)#ip ospf cost 90 Changing t he default cost fr om 1 t o 90 m eans t hat t he t ot al cost R2 sees is 10, w hich is t he default cost on an Et her net int er face plus t he 90 you configur ed. Ex am ple 3- 34 now displays t he new OSPF r out ing t able w it h t he loopbacks fr om R1 wit h a new cost of 100.

Ex a m ple 3 - 3 4 R2 's OSPF Rou t in g Ta ble Aft e r t h e Cost Ch a n ge R2#show ip route ospf 141.108.0.0/16 is variably subnetted, 7 subnets, 3 masks O 141.108.1.128/25 [110/846] via 141.108.10.2, 3d03h, Serial1/0 O 141.108.9.128/25 [110/782] via 141.108.10.2, 3d03h, Serial1/0 O 141.108.1.0/25 [110/846] via 141.108.10.2, 3d03h, Serial1/0 O 141.108.9.0/25 [110/782] via 141.108.10.2, 3d03h, Serial1/0 O 141.108.12.0/24 [110/782] via 141.108.10.2, 3d03h, Serial1/0 O 141.108.10.4/30 [110/845] via 141.108.10.2, 3d03h, Serial1/0 131.108.0.0/16 is variably subnetted, 9 subnets, 3 masks O 131.108.4.129/32 [110/100] via 131.108.1.1, 00:00:35, Ethernet0/0 O 131.108.33.0/24 [110/855] via 141.108.10.2, 3d03h, Serial1/0 O 131.108.4.1/32 [110/100] via 131.108.1.1, 00:00:35, Ethernet0/0 O 131.108.5.1/32 [110/100] via 131.108.1.1, 00:00:35, Ethernet0/0 O 131.108.26.0/24 [110/791] via 141.108.10.2, 3d03h, Serial1/0 Ex am ple 3- 34 display s t he cost t o t he r em ot e net w or k s on R1 as 100. The nex t scenar io show s y ou how t o configur e an adv anced OSPF net w or k using a t hr ee- rout er net work over Fram e Relay.

Sce n a r io 3 - 4 : OSPF ov e r Fr a m e Re la y in a n N BM A En vir on m e n t This scenar io cover s configur ing OSPF over Fr am e Relay in an NBMA envir onm ent . This scenar io helps y ou discov er som e of t he adv anced feat ur es of OSPF, such as DR elect ion in an NBMA env ir onm ent . Figur e 3- 4 display s t he t hr ee- rout er net w ork over Fram e Relay used in t his scenario. I ncluded in Figur e 3- 4 are t he I P addressing schem e, Fram e Relay DLCI num bering, and OSPF ar ea assignm ent s.

Figu r e 3 - 4 . OSPF ove r Fr a m e Re la y

112

This scenar io inv olv es t hr ee r out er s r unning OSPF ov er Fr am e Relay . St ar t by configur ing t he Fr am e Relay par am et er s. Figur e 3- 4 displays t he Fram e Relay DLCI s and Local Managem ent I nt er face ( LMI ) t y pes. Exam ple 3- 35 display s R3's Fr am e Relay configur at ion. You do not use subint er faces in t his scenar io t o dem onst r at e an NBMA env ir onm ent .

Ex a m ple 3 - 3 5 R3 's Fr a m e Re la y Con figu r a t ion R3(config)#interface serial 0 R3(config-if)#ip address 141.108.1.1 255.255.255.248 R3(config-if)# encapsulation frame-relay R3(config-if)# frame-relay interface-dlci 103 R3(config-fr-dlci)# frame-relay interface-dlci 108 Ex am ple 3- 35 show s y ou how t o configur e t he I P addr ess and how t o enable Fr am e Relay encapsulat ion. R3 also requires t he DLCI inform at ion, as displayed in Figur e 34. The specific DLCI s ar e 103, w hich is t he pat h t o R4, and 108, w hich is t he pat h t o R5. Ex am ple 3- 36 and Ex am ple 3- 37 show t he configur at ions of R4 and R5, r espect iv ely .

Ex a m ple 3 - 3 6 Th e Fr a m e Re la y Con f ig u r a t ion on R4 interface Serial0 ip address 141.108.1.2 255.255.255.248 encapsulation frame-relay

113

frame-relay interface-dlci 107 frame-relay map ip 141.108.1.1 107 broadcast

Ex a m ple 3 - 3 7 Th e Fr a m e Re la y Con figu r a t ion on R5 interface Serial0 ip address 141.108.1.3 255.255.255.248 encapsulation frame-relay frame-relay interface-dlci 106 frame-relay map ip 141.108.1.1 106 broadcast N OTE I n Ex am ples 3- 36 and 3- 37, R4 and R5 m ap I P over Fram e Relay, but t his is not t he case on R3 in Ex am ple 3- 35. Fr am e Relay, like any pr ot ocol, needs t o m ap Layer 2 of t he Open Syst em I nt erconnect ion ( OSI ) m odel t o Layer 3. R3 is not configured for st at ic m apping, because Fr am e Relay dynam ically discover s t he m aps because R3 is a hub r out er using Fr am e Relay inv er se Addr ess r esolut ion Pr ot ocol ( ARP) pr ot ocol. Fr am e Relay inv er se ARP aut om at ically discov er s t he DLCI and nex t hop I P addr ess.

Now t hat y ou hav e enabled Fr am e Relay , y ou can st ar t t he OSPF configur at ion. Ex am ple 3- 38 display s t he OSPF configur at ion on R3 along w it h t he I P addr ess assignm ent t o E0.

Ex a m ple 3 - 3 8 OSPF a n d I P Addr e ss Con figu r a t ion on R3 R3(config)#interface ethernet 0 R3(config-if)#ip address 141.108.3.1 255.255.255.0 R3(config-if)#router ospf 3 R3(config-router)#network 141.108.3.0 0.0.0.255 area 3 R3(config-router)#network 141.108.1.0 0.0.0.7 area 0 You m ust also enable OSPF on Rout ers R4 and R5. Ex am ple 3- 39 display s t he OSPF configur at ion on R4 along w it h t he I P addr ess assignm ent t o E0.

Ex a m ple 3 - 3 9 OSPF a n d I P Addr e ss Con figu r a t ion on R4 R4(config)#interface ethernet 0 R4(config-if)#ip address 141.108.4.1 255.255.255.0 R4(config)#router ospf 4 R4(config-router)#network 141.108.4.0 0.0.0.255 area R4(config-router)#network 141.108.1.0 0.0.0.7 area 0 Ex am ple 3- 40 display s t he OSPF configur at ion on R5 along w it h t he I P addr ess assignm ent t o E0.

Ex a m ple 3 - 4 0 OSPF a n d I P Addr e ss Con figu r a t ion on R5 R5(config-if)#ip address 141.108.5.1 255.255.255.0 R5(config-if)#interface ethernet 1 R5(config-if)#ip address 141.108.6.1 255.255.255.0 R5(config-if)#router ospf 5 R5(config-router)#network 141.108.5.0 0.0.3.255 area 5

114

R5(config-router)#network 141.108.1.0 0.0.0.7 area 0 N OTE Ex am ple 3- 40 places t he t w o Et her net net w or k s w it h t he one OSPF st at em ent .

Ensur e t hat OSPF adj acencies ar e up and in a FULL st at e on R3. Ex am ple 3- 4 1 disp lays t he OSPF neighbor st at e on rout er R3.

Ex a m ple 3 - 4 1 sh ow ip ospf n e igh bor Com m a n d on R3 R3>show ip ospf neighbor R3> As y ou can see fr om t he lack of out put in Exam p le 3- 41, Rout er R3 has no adj acencies. The I OS on R3 in Ex am ple 3- 41 t ells y ou t her e ar e no OSPF r elat ionships t o R4 and R5. That lack of r elat ionships is because OSPF Hello pack et s ( using m ult icast addr ess, of cour se) ar e not sent over a nonbr oadcast OSPF net w or k t y pe. Figur e 3- 4 shows a classic exam ple of OSPF over NBMA. I n an NBMA env ir onm ent , broadcast s or m ult icast s do not propagat e over t he Fram e Relay. Ex am ple 3- 42 displays t he OSPF net w ork t ype on R3 link t o R4 and R5.

Ex a m ple 3 - 4 2 sh ow ip ospf in t e r fa ce se r ia l 0 Com m a n d on R3 R3>show ip ospf int s 0 Serial0 is up, line protocol is up Internet Address 141.108.1.1/29, Area 0 Process ID 3, Router ID 141.108.10.5, Network Type NON_BROADCAST, Cost: 64 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 141.108.10.5, Interface address 141.108.1.1 No backup designated router on this network Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5 Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Ex am ple 3- 42 display s no neighbor and t he m ain fact t hat t he link is consider ed a nonbr oadcast link . OSPF can be configur ed a v ar iet y of w ay s t o accom plish t his. To dem onst r at e OSPF ov er NBMA in t his scenar io, y ou do not m odify t he net w or k t y pe, but r at her you st at ically configur e a neighbor r elat ionship fr om R3 t o R4 and R5. To enable a st at ic OSPF neighbor relat io nship, ent er t he follow ing com m and:

neighbor ip address of neighbor Ex am ple 3- 43 displays t he configurat ion on R3 t o rem ot e rout ers R4 and R5.

115

Ex a m ple 3 - 4 3 St a t ic N e igh bor Con figu r a t ion on R3 R3(config)#router ospf 3 R3(config-router)#neighbor 141.108.1.2 R3(config-router)#neighbor 141.108.1.3 The com m and n e ig h b or 1 4 1 . 1 0 8 . 1 . 2 configur es t he neighbor t o R4. The com m and n e ig h b o r 1 4 1 . 1 0 8 . 1 . 3 configures t he neighbor t o R5. Ex am ple 3- 43 ov er com es t he need t o change t he net w or k env ir onm ent fr om nonbr oadcast and allow s a st at ic configur at ion of r em ot e OSPF r out er s. One m or e im por t ant t ask is required. Rout er R4 and R5 are spoke, or edge, rout ers. The hub rout er, R3, m ust becom e t he DR, because R3 has links t o bot h R4 and R5 and infor m at ion w ill be sent fr om R4 t o R5, for ex am ple, t hr ough R3. The easiest w ay t o m ake R3 t he DR is t o disable R4 and R5 fr om ever becom ing t he DR by applying a 0 priorit y on R4 and R5. Ex am ple 3- 44 dem onst r at es how t o set t he pr ior it y t o 0, in effect disabling any chance for R4 or R5 t o becom e t he DR.

Ex a m ple 3 - 4 4 I P OSPF Pr ior it y Se t t o 0 on R4 a n d R5 R4(config)#interface serial 0 R4(config-if)#ip ospf priority 0 R5(config)#interface serial 0 R5(config-if)#ip ospf priority 0 Ex am ples 3- 45 displays t he OSPF neighbors on R3.

Ex a m ple 3 - 4 5 sh ow ip ospf n e igh bor Com m a n d on R3 R3#show ip ospf nei Neighbor ID Pri Interface 141.108.5.1 0 Serial0 141.108.1.2 0 Serial0

State

Dead Time

Address

FULL/DROTHER

00:01:54

141.108.1.3

FULL/DROTHER

00:01:44

141.108.1.2

The st at e show n in Ex am ple 3- 45 display s a FULL adj acency and a st at e k now n as DROTHER, w hich indicat es t hat t he neighbor w as not chosen as t he DR or BDR and cannot be because t he pr ior it y has been set t o zer o. Exam ple 3- 46 display s t he full working configurat ion of R3.

Ex a m ple 3 - 4 6 R3 ' s Fu ll Con figu r a t ion version 12.0 ! hostname R3 ! enable password cisco ! ip subnet-zero ! interface Ethernet0 ip address 141.108.3.1 255.255.255.0 !

116

interface Ethernet1 no ip address shutdown ! interface Serial0 ip address 141.108.1.1 255.255.255.248 encapsulation frame-relay frame-relay interface-dlci 103 frame-relay interface-dlci 108 ! interface Serial1 ip address 141.108.10.5 255.255.255.252 ! router ospf 3 network 141.108.1.0 0.0.0.7 area 0 network 141.108.3.0 0.0.0.255 area 3 neighbor 141.108.1.3 neighbor 141.108.1.2 ! line con 0 line aux 0 line vty 0 4 end Ex am ple 3- 47 display s t he full working configurat ion of R4.

Ex a m ple 3 - 4 7 R4 ' s Fu ll Con figu r a t ion version 12.0 ! hostname R4 ! enable password cisco ! ip subnet-zero ! interface Ethernet0 ip address 141.108.4.1 255.255.255.0 interface Serial0 ip address 141.108.1.2 255.255.255.248 encapsulation frame-relay ip ospf priority 0 frame-relay map ip 141.108.1.1 107 broadcast frame-relay interface-dlci 107 frame-relay lmi-type cisco ! interface Serial1 shutdown ! router ospf 4 network 141.108.1.0 0.0.0.7 area 0 network 141.108.4.0 0.0.0.255 area 4 ! line con 0 line aux 0 line vty 0 4

117

! end Ex am ple 3- 48 displays t he full w orking configurat ion of R5.

Ex a m ple 3 - 4 8 R5 ' s Fu ll Con figu r a t ion version 12.0 ! hostname R5 ! enable password cisco ! ip subnet-zero ! interface Ethernet0 ip address 141.108.5.1 255.255.255.0 ! interface Ethernet1 ip address 141.108.6.1 255.255.255.0 ! interface Serial0 ip address 141.108.1.3 255.255.255.248 encapsulation frame-relay ip ospf priority 0 frame-relay map ip 141.108.1.1 106 broadcast frame-relay interface-dlci 106 ! interface Serial1 shutdown ! router ospf 5 network 141.108.1.0 0.0.0.7 area 0 network 141.108.4.0 0.0.3.255 area 5 ! line con 0 line aux 0 line vty 0 4 ! end The final scenar io cov er s com m on sh o w and d e b u g com m ands used t o v er ify cor r ect OSPF im plem ent at ion.

Sce n a r io 3 - 5 : V e r if y in g OSPF Rou t in g This scenar io cov er s com m on t echniques used in OSPF net w or k s t o v er ify cor r ect configur at ion in a single OSPF ar ea. I n t his scenar io, t he configur at ions supplied ar e not t he full w or k ing solut ions t o dem onst r at e t he pow er of OSPF. Figur e 3- 5 display s a sim ple t w o- rout er t opology . The t w o r out er s ar e nam ed SanFr an and Chicago. Figur e 3- 5 display s t he cor r ect I P addr ess assignm ent and OSPF ar ea assignm ent .

118

Figu r e 3 - 5 . Sa m p le N e t w or k for V e r ify in g OSPF Rou t in g

The net w or k adm inist r at or of R1 has t old you t hat a num ber of r em ot e net w or ks on R2 are not reachable by R1. N OTE Figur e 3- 5 display s t w o r out er s w it h t he nam es SanFr an and Chicago. To change t he nam e of a rout er, you use t he h ost n a m e nam e com m and. Also, not ice t hat t he back bone segm ent is display ed as 0.0.0.0. The back bone can be configur ed on Cisco rout ers as 0 or 0.0.0.0.

Ex am ple 3- 49 display s SanFr an's I P r out ing t able.

Ex a m ple 3 - 4 9 Sa n Fr a n ' s I P Rou t in g Ta ble SanFran#show ip route 131.108.0.0/24 is C 131.108.5.0 is C 131.108.4.0 is C 131.108.1.0 is R1#

subnetted, 3 subnets directly connected, Loopback1 directly connected, Loopback0 directly connected, Ethernet0/0

Ex am ple 3- 49 display s no r em ot e ent r ies on R1. St ar t by ensur ing t hat OSPF is cor r ect ly configur ed on R1 by using t he sh ow ip osp f in t e r f a ce com m and. Ex am ple 3- 50 display s a sam ple out put t ak en fr om t he r out er SanFr an.

Ex a m ple 3 - 5 0 sh ow ip ospf in t e r fa ce Com m a n d on Sa n Fr a n SanFran#show ip ospf interface Ethernet0/0 is up, line protocol is up Internet Address 131.108.1.1/24, Area 0.0.0.0 Process ID 1, Router ID 131.108.5.1, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 131.108.5.1, Interface address 131.108.1.1 No backup designated router on this network Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5 Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback0 is up, line protocol is up

119

Internet Address 131.108.4.1/24, Area 0.0.0.0 Process ID 1, Router ID 131.108.5.1, Network Type LOOPBACK, Cost: 90 Loopback interface is treated as a stub Host Loopback1 is up, line protocol is up Internet Address 131.108.5.1/24, Area 0.0.0.0 Process ID 1, Router ID 131.108.5.1, Network Type LOOPBACK, Cost: 90 Loopback interface is treated as a stub Host Ex am ple 3- 50 display s a num ber of im por t ant det ails, such as t he Et her net int er face on R1 r esides in ar ea 0.0.0.0, or t he back bone; t he net w or k t y pe ov er t he Et her net int er face is br oadcast ; and t he r out er SanFr an is t he elect ed DR. The loopback s on Chicago and SanFr an ar e act ive ( soft w ar e int er faces, like loopbacks, ar e act iv e as long as t hey ar e not adm inist r at iv ely shut dow n) , so OSPF look s lik e it is cor r ect ly configur ed on R1. Take t he sam e st eps on Chicago. Ex am ple 3- 5 1 displays a sam ple out put fr om t he sh ow ip ospf in t e r fa ce com m and.

Ex a m ple 3 - 5 1 sh ow ip ospf in t e r fa ce Com m a n d on Ch ica go Chicago#show ip ospf interface Loopback0 is up, line protocol is up Internet Address 131.108.6.1/24, Area 0.0.0.0 Process ID 2, Router ID 131.108.7.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback1 is up, line protocol is up Internet Address 131.108.7.1/24, Area 0.0.0.0 Process ID 2, Router ID 131.108.7.1, Network Type LOOPBACK, Cost: 1 Loopback interface is treated as a stub Host Ex am ple 3- 51 display s t he loopback s in OSPF pr ocess 2, but t he Et her net int er face is not enabled. Ex am ple 3- 52 display s t he OSPF configur at ion on Chicago.

Ex a m ple 3 - 5 2 OSPF Con figu r a t ion on Ch ica go router ospf 2 network 131.108.1.0 0.0.0.0 area 0.0.0.0 network 131.108.6.0 0.0.0.255 area 0.0.0.0 network 131.108.7.0 0.0.0.255 area 0.0.0.0 Ex am ple 3- 52 display s t he fault w it h t he r out er Chicago. The com m and n e t w o r k 1 3 1 .1 0 8 .1 .0 0 .0 .0 .0 causes t he r out er t o enable OSPF for t he int er face configur ed w it h t he I P addr ess 131.108.1.0. This addr ess is a r eser v ed addr ess for t he subnet 131.108.1.0/ 24; hence OSPF cannot r un. Rem ov e t his com m and and inst all t he cor r ect net w or k and m ask com m and. Exam ple 3- 53 display s t he r em ov al of t he incor r ect com m and and inser t ion of t he cor r ect net w or k st at em ent .

Ex a m ple 3 - 5 3 M odify in g t h e OSPF Con figu r a t ion on Ch ica go Chicago(config)#router ospf 2 Chicago (config-router)#no network 131.108.1.0 0.0.0.0 area 0.0.0.0

120

Chicago (config-router)#network 131.108.1.2 0.0.0.0 area 0.0.0.0 Mak e sur e t hat OSPF is enabled on Chicago's Et her net int er face. Ex am ple 3- 54 display s a sam ple out put w it h t he sh ow ip osp f in t e r f a ce com m and.

Ex a m ple 3 - 5 4 sh ow ip ospf in t e r fa ce Com m a n d on Ch ica go Ethernet0/0 is up, line protocol is up Internet Address 131.108.1.2/24, Area 0.0.0.0 Process ID 2, Router ID 131.108.7.1, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State WAITING, Priority 1 No designated router on this network No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 120, Retransmit 5 Hello due in 00:00:16 Wait time before Designated router selection 00:01:46 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback0 is up, line protocol is up Internet Address 131.108.6.1/24, Area 0.0.0.0 Process ID 2, Router ID 131.108.7.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback1 is up, line protocol is up Internet Address 131.108.7.1/24, Area 0.0.0.0 Process ID 2, Router ID 131.108.7.1, Network Type LOOPBACK, Cost: 1 Loopback interface is treated as a stub Host Ex am ple 3- 54 display s t hat t he Et her net int er face is now , in fact , enabled in OSPF ar ea 0.0.0.0. The fact t hat no adj acent neighbor is pr esent st ill r epr esent s a problem . Mov e back t o t he r out er nam ed SanFr an, and c heck for OSPF adj acency . Ex am ple 355 display s t he OSPF char act er ist ic of t he Rout er SanFr an.

Ex a m ple 3 - 5 5 sh ow ip ospf in t e r fa ce e t h e r n e t 0 / 0 Com m a n d on Sa n Fr a n SanFran#show ip ospf interface ethernet 0/0 Ethernet0/0 is up, line protocol is up Internet Address 131.108.1.1/24, Area 0.0.0.0 Process ID 1, Router ID 131.108.5.1, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 131.108.5.1, Interface address 131.108.1.1 No backup designated router on this network Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5 Hello due in 00:00:11 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s)

121

No neighbor ex ist s on t his segm ent . Now int r oduce a new com m and using t he de bug com m an d set :

debug ip ospf adj This com m and enables I OS out put of all ev ent s r elat ing t o adj acencies. Ex am ple 356 display s t he com m and being enabled and a sam ple out put t ak en fr om t he r out er SanFran.

Ex a m ple 3 - 5 6 de bu g ip ospf a dj a n d Sa m ple I OS D ispla y SanFran#debug ip ospf adj OSPF adjacency events debugging is on SanFran# 2w5d: OSPF: Rcv hello from 131.108.7.1 area 0.0.0.0 from Ethernet0/0 131.108.1.2 2w5d: OSPF: Mismatched hello parameters from 131.108.1.2 2w5d: Dead R 40 C 120, Hello R 10 C 30 Mask R 255.255.255.0 C 255.255.255.0 The error m essage display ed by t he I OS in Ex am ple 3- 56 clear ly st at es y ou hav e a m ism at ch in t he hello int erval. I n ot her w ords, t he hello int erval t he Rout er SanFran uses ( local r out er w her e t he display is t aken fr om ) is differ ent fr om t he r out er sending out a Hello pack et w it h t he r out er I D 131.108.7.1, t hr ough t he I P addr ess 131.108.1.2. Rem em ber t hat hello and dead int er vals m ust m at ch befor e neighbor ing r out er s can becom e fully adj acent . Ex am ple 3- 56 display s D e a d R 4 0 C 1 2 0 , H e llo R 1 0 C 3 0 . The fir st infor m at ion t ells y ou t hat t he dead int er v al ( display ed as Dead in t he debug out put ) r eceiv ed f r om t he r out er Chicago ( Dead R 40) is set t o 40 seconds, w her eas t he configur ed ( displayed as C fr om t he debug out put ) dead int er val ( Dead C 120) on SanFr an is 120 seconds. Ther efor e, t her e is a m ism at ch er r or . Sim ilar ly, t he hello int er val Chicago r eceiv es is set t o 10 seconds; w her eas t he configur ed hello int er v al on SanFr an is 30, anot her m ism at ch. The sam ple debug out put , as displayed in Ex am ple 3- 56, adv ises y ou t hat t he hello and dead int er v al should be cor r ect ly set on bot h r out er s: SanFr an and Chicago. OSPF r out er s nev er becom e adj acent ( in ot her w or ds, nev er ex change OSPF dat abases) unless all OSPF par am et er s, such as t he hello int er val or dead int er val, ar e t he sa m e. Ex am ple 3- 56 adv ises y ou t hat t he Chicago dead int er v al is 40 seconds, w her eas t he configur ed int er v al on SanFr an is 120 seconds. Ex am ple 3- 56 adv ises y ou t hat Chicago's hello int er v al is 10 seconds, w her eas t he configur ed hello int er v al on SanFr an is 30 seconds. These t w o clear ly do not m at ch. Ex am ple 3- 57 display s t he configur at ion change on SanFr an t o ensur e hello and dead int er v als ar e configur ed t he sam e w ay . The hello int er v al is set t o 10 seconds.

122

N OTE The dead int er val, by default , is four t im es t he hello int erval. Hence, Rout er SanFran is configur ed w it h a hello int er v al of 10 seconds, w hich aut om at ically configur es t he dead int er v al t o 40 seconds t her eby m at ching t he hello and dead int er v als set on t he r out er nam ed Chicago.

Ex a m ple 3 - 5 7 Ch a n gin g H e llo I n t e r va l t o 1 0 Se con ds on Sa n Fr a n SanFran(config)#interface ethernet 0/0 SanFran(config-if)#ip ospf hello-interval 10 SanFran(config-if)#^Z SanFran# 2w5d: %SYS-5-CONFIG_I: Configured from console by console SanFran# 2w5d: OSPF: Rcv hello from 131.108.7.1 area 0.0.0.0 from Ethernet0/0 131.108.1.2 2w5d: OSPF: End of hello processing 2w5d: OSPF: Rcv DBD from 131.108.7.1 on Ethernet0/0 seq 0x1235 opt 0x2 flag 0x7 len 32 mtu 1500 state INIT 2w5d: OSPF: 2 Way Communication to 131.108.7.1 on Ethernet0/0, state 2WAY 2w5d: OSPF: Neighbor change Event on interface Ethernet0/0 2w5d: OSPF: DR/BDR election on Ethernet0/02w5d: OSPF: Elect BDR 0.0.0.0 2w5d: OSPF: Elect DR 131.108.7.1 2w5d: OSPF: Elect BDR 131.108.5.1 2w5d: OSPF: Elect DR 131.108.7.1 2w5d: DR: 131.108.7.1 (Id) BDR: 131.108.5.1 (Id) 2w5d: OSPF: Send DBD to 131.108.7.1 on Ethernet0/0 seq 0x11C4 opt 0x2 flag 0x7 l en 32 2w5d: OSPF: Set Ethernet0/0 flush timer 2w5d: OSPF: Remember old DR 131.108.5.1 (id) 2w5d: OSPF: NBR Negotiation Done. We are the SLAVE 2w5d: OSPF: Send DBD to 131.108.7.1 on Ethernet0/0 seq 0x1235 opt 0x2 flag 0x2 l en 72 2w5d: OSPF: Rcv DBD from 131.108.7.1 on Ethernet0/0 seq 0x1236 opt 0x2 flag 0x3 len 92 mtu 1500 state EXCHANGE 2w5d: OSPF: Send DBD to 131.108.7.1 on Ethernet0/0 seq 0x1236 opt 0x2 flag 0x0 l en 32 2w5d: OSPF: Database request to 131.108.7.1 2w5d: OSPF: sent LS REQ packet to 131.108.1.2, length 24 2w5d: OSPF: Rcv DBD from 131.108.7.1 on Ethernet0/0 seq 0x1237 opt 0x2 flag 0x1l en 32 mtu 1500 state EXCHANGE 2w5d: OSPF: Exchange Done with 131.108.7.1 on Ethernet0/0 2w5d: OSPF: Send DBD to 131.108.7.1 on Ethernet0/0 seq 0x1237 opt 0x2 flag 0x0 l en 32

123

2w5d: OSPF: 2w5d: OSPF: 2w5d: OSPF: 2w5d: OSPF: seq 0x8000 0004 2w5d: OSPF: 131.108.1.2 2w5d: OSPF:

We are not DR to build Net Lsa for interface Ethernet0/0 Synchronized with 131.108.7.1 on Ethernet0/0, state FULL Include link to old DR on Ethernet0/0 Build router LSA for area 0.0.0.0, router ID 131.108.5.1,

Rcv hello from 131.108.7.1 area 0.0.0.0 from Ethernet0/0 End of hello processing

As soon as y ou cor r ect t he pr oblem , y ou see t he hello pr ocess com plet ed, and an OSPF dat abase ex change occur s. I n ot her w or ds, Rout er s Chicago and SanFr an ar e now OSPF neighbor s. Ex am ple 3- 57 highlight s t he OSPF neighbor st at e fr om t he init ial I NI T st at e t o t he FULL st at e. Exam ple 3- 58 now display s SanFran's I P rout ing t able.

Ex a m ple 3 - 5 8 Sa n Fr a n I P Rou t in g Ta ble SanFran#show ip route 131.108.0.0/16 is O 131.108.7.1/32 O 131.108.6.1/32 C 131.108.5.0/24 C 131.108.4.0/24 C 131.108.1.0/24

variably subnetted, 5 subnets, 2 masks [110/11] via 131.108.1.2, 00:01:25, Ethernet0/0 [110/11] via 131.108.1.2, 00:01:25, Ethernet0/0 is directly connected, Loopback1 is directly connected, Loopback0 is directly connected, Ethernet0/0

The Rout er SanFr an now discov er s t he r em ot e net w ork s 131.108.7.1/ 32 and 131.108.6.0/ 32 t hr ough OSPF. This scenar io has int r oduced y ou t o som e pow er ful OSPF com m ands t hat y ou can use t o discov er w hy OSPF is not funct ioning cor r ect ly . Cisco I OS is updat ed alm ost daily , so y ou need t o r efer ence t he I OS document at ion for new and ev er- ex panding com m ands. Ex am ple 3- 59 display s t he de bug and sh o w com m ands possible on a Cisco rout er running I OS release 12.0.10.

Ex a m ple 3 - 5 9 Po ssible sh ow a n d de bu g OSPF Com m a n ds SanFran#show ip ospf ?

Process ID number border-routers Border and Boundary Router Information database Database summary interface Interface information neighbor Neighbor list request-list Link state request list retransmission-list Link state retransmission list summary-address Summary-address redistribution Information virtual-links Virtual link information

SanFran#debug ip ospf ? adj OSPF adjacency events database-timer OSPF database timer events OSPF events flood OSPF flooding lsa-generation OSPF lsa generation packet OSPF packets

124

retransmission spf tree

OSPF retransmission events OSPF spf OSPF database tree

N OTE Using t he ? char act er on t he com m and- line int er face displays a list of com m ands av ailable t o t he user . Ex am ple 3- 59 t ak es adv ant age of t his t ool t o display com m ands av ailable t o t he net w or k adm inist r at or .

Ex am ple 3- 60 display s t he full w or k ing conf igur at ion on SanFr an.

Ex a m ple 3 - 6 0 Th e Fu ll W or k in g Con figu r a t ion on Sa n Fr a n version 12.0 hostname SanFran ! enable password cisco ! ip subnet-zero no ip domain-lookup interface Loopback0 ip address 131.108.4.1 255.255.255.0 ! interface Loopback1 ip address 131.108.5.1 255.255.255.0 ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! interface Serial0/0 shutdown ! interface Serial0/1 shutdown ! router ospf 1 network 0.0.0.0 255.255.255.255 area 0.0.0.0 ! ip classless line con 0 line aux 0 line vty 0 4 ! end Ex am ple 3- 61 display s t he full w or k ing configur at ion on Chicago.

Ex a m ple 3 - 6 1 Th e Fu ll W or k in g Con figu r a t ion on Ch ica go version 12.0 ! hostname Chicago

125

! enable password cisco ! ip subnet-zero no ip domain-lookup interface Loopback0 ip address 131.108.6.1 255.255.255.0 ! interface Loopback1 ip address 131.108.7.1 255.255.255.0 interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 ! interface Serial1/0 shutdown ! interface Serial1/1 shutdown ! router ospf 2 network 131.108.1.2 0.0.0.0 area 0.0.0.0 network 131.108.6.0 0.0.0.255 area 0.0.0.0 network 131.108.7.0 0.0.0.255 area 0.0.0.0 line con 0 line aux 0 line vty 0 4 ! end

Pr a ct ica l Ex e r cise : Rou t in g OSPF N OTE Pr act ical Ex er cises ar e designed t o t est y our k now ledge of t he t opics cov er ed in t his chapt er . The Pr act ical Ex er cise begins by giv ing y ou som e infor m at ion about a sit uat ion and t hen ask s y ou t o w or k t hr ough t he solut ion on y our ow n. The solut ion can be found at t he end.

Configur e t he net w or k in Figur e 3- 6 for OSPF r out ing using t he I P addr essing schem e provided. Ensure t hat bot h rout ers R1 and R2 have full connect iv it y t o Rout er s R3 and R6 in t he backbone. Use t he pin g com m and t o ensur e all net w or k s ar e r eachable. You m ust use OSPF as your only dynam ic r out ing pr ot ocol.

Figu r e 3 - 6 . Pr a ct ica l Ex e r cise : Rou t in g OSPF

126

Pr a ct ica l Ex e r cise Solut ion You w ill not ice t hat t he I P addr essing schem e uses VLSM and t he ser ial link s use t he subnet 141.108.10.0. The ser ial link cont ains a m ask t hat is 255.255.255.252, or / 30. The follow ing ex am ple configur at ions pr ov ide a solut ion using OSPF. This pr act ical exam ple is sim ilar t o Scenar io 2- 2 w it h t he ex t r a link bet w een ar ea 1 and ar ea 0. This m eans t hat you need t o configure t w o virt ual links: one from rout er R2 t o R6 and anot her bet ween R1 and R3. This second virt ual link is required in case of link failure or hardware failure from t he Rout ers R1 and R2. Configur e t he loopback s w it h VLSM and ex per im ent w it h d e b u g com m ands t o discover w hy I P ent r ies ar e added or not adver t ised. Rem ove t he second vir t ual link from R1 t o R3, and see how OSPF behaves w hen t he link bet w een R2 and R6 fails. You w ill find t hat because t he ar eas ar e par t it ioned, y ou act ually do need t w o v ir t ual link s t o ensur e full connect iv it y in any net w or k failur e sit uat ion. Ex am ple 3- 62 displays R1's full w or king configur at ion.

Ex a m ple 3 - 6 2 R1 ' s Fu ll Con figu r a t ion version 12.0 ! hostname R1 ! enable password cisco ! ip subnet-zero no ip domain-lookup

127

interface Loopback0 ip address 131.108.4.1 255.255.255.128 ip ospf cost 90 ! interface Loopback1 ip address 131.108.4.129 255.255.255.128 ip ospf cost 90 ! interface Loopback2 ip address 131.108.5.1 255.255.255.224 ip ospf cost 90 ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! interface Serial0/0 ip address 141.108.10.9 255.255.255.252 clockrate 125000 ! interface Serial0/1 no ip address shutdown clockrate 128000 ! router ospf 1 area 2 virtual-link 141.108.2.1 network 131.108.1.0 0.0.0.255 area 1 network 131.108.4.0 0.0.0.127 area 1 network 131.108.4.128 0.0.0.127 area 1 network 131.108.5.0 0.0.0.31 area 1 network 141.108.10.8 0.0.0.3 area 2 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 3- 63 display s R2's full w or k ing configur at ion.

Ex a m ple 3 - 6 3 R2 ' s Fu ll Con figu r a t ion version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Loopback0 ip address 131.108.5.33 255.255.255.224

128

ip ospf network point-to-point ip ospf cost 1000 ! interface Loopback1 ip address 131.108.6.1 255.255.255.255 ! interface Loopback2 ip address 131.108.6.2 255.255.255.255 ! interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 ip ospf priority 255 interface Serial1/0 ip address 141.108.10.1 255.255.255.252 ! interface Serial1/1 no ip address shutdown ! interface Serial1/2 no ip address shutdown ! interface Serial1/3 no ip address shutdown ! router ospf 2 area 2 virtual-link 141.108.12.1 network 131.108.1.0 0.0.0.255 area 1 network 131.108.5.32 0.0.0.31 area 1 network 131.108.6.1 0.0.0.0 area 1 network 131.108.6.2 0.0.0.0 area 1 network 141.108.10.0 0.0.0.3 area 2 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 3- 64 display s R3's w or k ing configur at ion.

Ex a m ple 3 - 6 4 R3 ' s Fu ll Con figu r a t ion version 12.0 hostname R3 ! enable password cisco ! ip subnet-zero interface Loopback0 ip address 141.108.1.1 255.255.255.128 ip ospf network point-to-point ! interface Loopback1

129

ip address 141.108.1.129 255.255.255.128 ip ospf network point-to-point ! interface Loopback2 ip address 141.108.2.1 255.255.255.224 ip ospf network point-to-point ! interface Ethernet0 ip address 131.108.33.1 255.255.255.0 ! interface Serial0 ip address 141.108.10.10 255.255.255.252 ! interface Serial1 ip address 141.108.10.5 255.255.255.252 ! router ospf 3 area 2 virtual-link 131.108.5.1 network 131.108.33.0 0.0.0.255 area 0 network 141.108.1.0 0.0.0.127 area 0 network 141.108.1.128 0.0.0.127 area 0 network 141.108.2.0 0.0.0.31 area 0 network 141.108.10.4 0.0.0.3 area 0 network 141.108.10.8 0.0.0.3 area 2 ! line con 0 line aux 0 line vty 0 4 ! end Finally, Ex am ple 3- 65 display s R6's w or k ing configur at ion.

Ex a m ple 3 - 6 5 R6 ' s Fu ll Con figu r a t ion version 12.0 hostname r6 ! enable password cisco ip subnet-zero ! interface Loopback0 ip address 141.108.9.1 255.255.255.128 ip ospf network point-to-point interface Loopback1 ip address 141.108.9.129 255.255.255.128 ip ospf network point-to-point interface Loopback2 ip address 141.108.12.1 255.255.255.0 ip ospf network point-to-point interface Ethernet0 ip address 131.108.26.1 255.255.255.0 media-type 10BaseT ! interface Serial0 ip address 141.108.10.6 255.255.255.252

130

clockrate 125000 ! interface Serial1 ip address 141.108.10.2 255.255.255.252 clockrate 125000 ! interface Serial2 shutdown ! interface Serial3 shutdown ! router ospf 6 area 2 virtual-link 131.108.6.2 network 131.108.26.0 0.0.0.255 area 0 network 141.108.9.0 0.0.0.127 area 0 network 141.108.9.128 0.0.0.127 area 0 network 141.108.10.0 0.0.0.3 area 2 network 141.108.10.4 0.0.0.3 area 0 network 141.108.12.0 0.0.0.255 area 0 ! line con 0 line aux 0 line vty 0 4 end

Re v ie w Qu e st ion s Use r out er out put t ak en fr om R1 fr om t he pr ev ious Pr act ical Ex er cise t o answ er t he follow ing quest ions. Ex am ple 3- 66 show s t his sam ple out put t ak en fr om R1 and includes t he I P r out ing t able and sam ple pings t o ar ea 1.

Ex a m ple 3 - 6 6 R1 's I P Rou t in g Ta ble a n d Pin g Re qu e st s t o Ar e a 1 R1>show ip route Gateway of last resort is not set 141.108.0.0/16 is variably subnetted, 8 subnets, 3 masks O 141.108.1.128/25 [110/65] via 141.108.10.10, 00:15:28, Serial0/0 O 141.108.9.128/25 [110/129] via 141.108.10.10, 00:15:28, Serial0/0 O 141.108.1.0/25 [110/65] via 141.108.10.10, 00:15:28, Serial0/0 C 141.108.10.8/30 is directly connected, Serial0/0 O 141.108.9.0/25 [110/129] via 141.108.10.10, 00:15:28, Serial0/0 O IA 141.108.10.0/30 [110/192] via 141.108.10.10, 00:15:28, Serial0/0 O 141.108.12.0/24 [110/129] via 141.108.10.10, 00:15:28, Serial0/0 O 141.108.10.4/30 [110/128] via 141.108.10.10, 00:15:29, Serial0/0 131.108.0.0/16 is variably subnetted, 9 subnets, 4 masks C 131.108.4.128/25 is directly connected, Loopback1

131

O 131.108.5.32/27 [110/1010] via 131.108.1.2, 00:16:04, Ethernet0/0 O 131.108.33.0/24 [110/74] via 141.108.10.10, 00:15:29, Serial0/0 O 131.108.6.1/32 [110/11] via 131.108.1.2, 00:16:04, Ethernet0/0 C 131.108.5.0/27 is directly connected, Loopback2 O 131.108.6.2/32 [110/11] via 131.108.1.2, 00:16:06, Ethernet0/0 C 131.108.4.0/25 is directly connected, Loopback0 C 131.108.1.0/24 is directly connected, Ethernet0/0 O 131.108.26.0/24 [110/138] via 141.108.10.10, 00:15:31, Serial0/0 R1#ping 131.108.4.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.4.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms R1#ping 131.108.4.129 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.4.129, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms R1#ping 131.108.5.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.5.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms R1#ping 131.108.5.33 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.5.33, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms R1#ping 131.108.6.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.6.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms R1#ping 131.108.6.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.6.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms R1# View Ex am ple 3- 66 t o answ er t he follow ing r ev iew quest ions. The answ er s t o t hese quest ion can be found in Appendix C, “ Answ er s t o Rev iew Quest ions.”

1:

Which infor m at ion is st or ed in an I P r out ing t able as seen by R1?

2:

Which com m and do y ou use t o v iew only OSPF rout es?

3:

How m any subnet s are know n by R1 using t he Class B net w orks 131.108.0.0/ 16 and 141.108.0.0/ 16?

132

4:

What pat h is t ak en t o t he r em ot e net w or k 141.108.100.1/ 24?

5:

Why is t he r em ot e net w or k 141.108.6.0/ 32 display ed as lear ned t hrough t he denot at ion: O I A?

6:

What is t he cost associat ed w it h t he r em ot e net w or k 131.108.33.0/ 24 [ 110/ 74] ?

Su m m a r y You have now com plet ed som e basic and challe nging OSPF scenar ios and discov er ed how pow er ful OSPF is w hen enabled on Cisco I OS r out er s. OSPF can be configur ed in single or m ult iple ar eas. You saw t hat all OSPF ar eas m ust be connect ed t o t he back bone for pr oper and cor r ect oper at ion. St andar d t echniques using Cisco I OS s h o w com m ands w er e dem onst r at ed t o ensur e t hat y ou hav e all t he required know ledge t o m onit or and m aint ain sm all or large OSPF net w orks. Table 3- 7 sum m arizes t he com m ands used in t his chapt er.

Table 3-7. Summary of IOS Commands used in this Chapter Command

Purpose

sh ow ip r ou t e

Display s I P r out ing t ables.

r ou t e r ospf pr ocess id

Enables OSPF r out ing. The pr ocess I D is local t o t he r out er . You c an have m ore t han one OSPF running.

n e t w o r k m a sk

Enables net w or k adv er t isem ent s out of a par t icular int er face and also t he r out ing of t he sam e int er face t hr ough OSPF.

sh ow ip osp f

Display s t he OSPF pr ocess and det ails, such as OSPF pr ocess I D and r out er I D.

sh ow ip osp f d a t a b a se

Display s r out er 's t opological dat abase.

sh ow ip osp f n e ig h b o r

Display s OSPF neighbor s.

sh ow ip osp f n e ig h b or d e t a il

Display s OSPF neighbor s in det ail, pr ov iding such par am et er s as neighbor addr ess, hello int er v al, and dead int er val.

sh ow ip osp f in t e r fa ce

Display s infor m at ion on how OSPF has been configur ed for a giv en int er face.

ip ospf cost

I nt er face com m and t hat changes t he cost of an OSPF int er face.

ip ospf pr ior it y

I nt er face com m and t hat changes t he DR/ BDR elect ion pr ocess.

ip ospf n e t w or k I nt er face com m and t hat changes t he net w or k t y pe. in t e r fa ce loop b a ck num ber

Cr eat es a loopback int er face.

in t e r fa ce

I n configur at ion m ode, enables you m odify an int er face num ber ,

133

Et h e r n e t m od/ num

for exam ple in t e r fa ce E0 / 0 .

in t e r f a ce se r ia l m od/ num

I n configur at ion m ode, enables you t o m odify ser ial int er face par am et er s by m odule and int er face num ber . For exam ple, in t e r fa ce S0 / 0 .

n o ip dom a in look u p

Disables aut om at ic DNS lookup.

ip su b n e t - zero

Enables y ou t o use subnet zero on a Cisco rout er.

sh ow ip p r o t o co l

Displays all r out ing pr ot ocols in use on a Cisco r out er .

d e b u g ip osp f a dj

Tr oubleshoot ing com m and t hat display s m essages, such as t he st at e of t he adj acency , r eceiv ed and sent by a Cisco r out er fr o m or t o neighbor ing OSPF r out er s.

h ost n a m e nam e Configures a nam e on a rout er. [ n o] sh u t d ow n

Enables or disables an int er face. All har dw ar e int er faces ar e shut dow n by default .

134

Ch a pt e r 4 . Adva n ce d OSPF a n d I n t e gr a t e d I nt e r m e dia t e Syst e m - t o- I n t e r m e dia t e Syst e m This chapt er focuses on a num ber of obj ect iv es falling under t he CCNP r out ing pr inciples. Under st anding adv anced OSPF r out ing pr inciples not only applies t o t he CCNP Rout ing cer t ificat ion but t o all Cisco- based cer t ificat ions, and it lay s t he foundat ions for fut ur e cer t ificat ions in any field of net w or k ing. Chapt er 3, “ Basic Open Shor t est Pat h Fir st ,” st ar t ed by cov er ing som e of t he basic Open Shor t est Pat h Fir st ( OSPF) concept s. This chapt er cov er s som e of t he w ay s OSPF deals w it h lar ge I nt er net Pr ot ocol ( I P) r out ing env ir onm ent s and how y ou can configur e OSPF t o r educe I P r out ing t ables and t he CPU and m em or y r equir em ent s of access or edge r out er s. OSPF is a popular I P r out ing pr ot ocol; t her efor e, m ost Cisco cer t ificat ion ex am s t est heav ily on OSPF. This chapt er cont ains fiv e pr act ical scenar ios t o com plet e y our under st anding and ensur e y ou hav e all t he OSPF r out ing sk ills t o com plem ent y our under st anding of how t o configur e and m aint ain OSPF in lar ge I P net w or ks. I nt egr at ed I nt er m ediat e Sy st em- t o- I nt erm ediat e Syst em ( I S- I S) is anot her link- st at e pr ot ocol com m on in t oday's net w or ks used t o r out e I P. I nt egr at ed I S - I S is covered in det ail in Scenar ios 4- 3 and 4- 4.

Ad v a n ce d OSPF OSPF is an indust ry - st andar d r out ing pr ot ocol dev eloped by t he I nt er net Engineer ing Task for ce ( I ETF) as a r eplacem ent for legacy r out ing pr ot ocols t hat did not scale w ell in lar ge env ir onm ent s. OSPF suppor t s t he follow ing feat ur es: • • • • • • •

Variable - lengt h subnet m ask s ( VLSM) . The use of ar eas t o m inim ize Cent r al Pr ocessing Unit ( CPU) and m em ory r equir em ent s. A sim ple cost m et r ic t hat y ou can m anipulat e t o suppor t up t o six equal cost pat hs. The num ber of pat hs is lim it ed only by t he I nt er net Oper at ing Sy st em ( I OS) . The use of aut hent icat ion t o ensur e OSPF updat es ar e secur e and t he use of m ult icast updat es t o conser v e bandw idt h. Fast er conv er gence t im es ensur ing updat es and changes ar e pr opagat ed across t he net work. No lim it at ion of net w or k diam et er or hop count . Lim it ing fact or s include only CPU and m em or y r esour ces. The abilit y t o t ag OSPF infor m at ion inj ect ed fr om any aut onom ous sy st em s.

The follow ing t opics ar e cov er ed in t his sect ion: • • •

Connect ing m ult iple OSPF ar eas VLSM and sum m ar izat ion w it h OSPF OSPF over m ult iarea NBMA

135

Conne ct ing M ult iple OSPF Ar e a s An OSPF ar ea is defined as a logical gr ouping of r out er s by a net w or k adm inist r at or . OSPF r out er s in any ar ea shar e t he sam e t opological v iew ( also k now n as t he OSPF dat abase) of t he net w or k . The cor e r eason t hat OSPF is configur ed in m ult iple ar eas is t o reduce r out ing t able sizes, w hich in t ur n r educes t he t opological dat abase and CPU/ m em or y r equir em ent s on a r out er . OSPF is not j ust configured in one large area, so all rout ers share t he sam e t opological dat abase. The use of m ult iple ar eas ensur es t hat t he flooding and dat abase m anagem ent r equir ed in lar ge OSPF net w or k s is r educed w it hin each ar ea so t hat t he pr ocess of flooding t he full dat abase and m aint aining full net w or k connect iv it y does not consum e a lar ge por t ion of t he CPU pr ocessing pow er . Ev er y time a net w or k change occur s, t he CPU on a r out er is int er r upt ed and a new OSPF t r ee is calculat ed. Running t he shor t est pat h fir st ( SPF) algor it hm it self is not CPU int ensiv e, but sending and flooding t he net w or k w it h new t opological infor m at ion is ext rem ely CPU int ensiv e. Rout ing t ables becom e v er y lar ge ev en w it h only 50 r out er s. The OSPF dat abase is exchanged ever y 30 m inut es in full, and if t his dat abase is t oo lar ge, ever y t im e t he ex change occur s, t he am ount of bandw idt h used ov er t he net w or k incr eases, w hich can cause sev er e delay s in sending user- based t r affic because conv er gence t im es incr ease. Consider ing t he dem ands on CPU and m em or y along w it h r educed I P r out ing t ables, y ou should now hav e a good under st anding of w hy OSPF r equir es m or e t han one area. I n Scenar io 3- 2 in Chapt er 3, y ou saw how t o configur e an OSPF net w or k t hat is par t it ioned fr om t he back bone. All OSPF ar eas m ust be connect ed t o t he back bone in case of net w or k failur e. When an ar ea cannot r eside phy sically or logically on t he back bone, a v ir t ual link is r equir ed. For par t it ioned ar eas, OSPF t r eat s t he ar ea as a separ at e ar ea, and no r out ing infor m at ion flow s t o t he back bone; t her efor e, y ou do not hav e I P connect iv it y . Vir t ual links add a layer of com plexit y and m ight cause addit ional pr oblem s w hen applied t o lar ge I P net w or ks. I t is best t o avoid vir t ual links in t he r eal w or ld. When configur ing a vir t ual link, you m ust be aw ar e of t he follow ing design r est r ict ions: • • •

Vir t ual links m ust be configur ed bet w een t w o ar ea bor der r out er s ( ABRs) . The t r ansit ar ea cannot be a st ub ar ea. The t ransit area m ust have full rout ing knowledge of bot h par t it ioned ar eas.

N OTE St ub ar eas ar e cov er ed lat er in t his chapt er . Rem em ber t hat all r out er s m ust be connect ed t o t he back bone logically or y ou m ust use a v ir t ual link . To under st and w hy logical link s ar e r equir ed in t oday 's net w or k s, consider t he case w er e Com pany XYZ buy s Com pany ACME. Bot h com panies use OSPF and hav e t heir ow n indiv idual backbones. Rat her t han re - addr ess t he net w or k s, a v ir t ual link can pr ov ide im m ediat e I P connect iv it y .

136

Table 4- 1 sum m ar izes t he four OSPF ar ea t y pes and t heir funct ions.

Table 4-1. OSPF Router Types Router Type

Description

I nt er nal r out er

This r out er is w it hin a specific ar ea only. I nt er nal r out er funct ions include m aint ain ing t he OSPF dat abase and for w ar ding dat a t o ot her net w or ks. All int er faces on int er nal rout ers are in t he sam e area.

Area border rout er ( ABR)

ABRs ar e r esponsible for connect ing t w o or m or e ar eas. An ABR cont ains t he full t opological dat abase for each area it is connect ed t o and sends t his infor m at ion t o ot her ar eas.

Aut onom ous sy st em boundary rout er ( ASBR)

ASBRs connect t o t he out side w or ld or per for m som e for m of r edist r ibut ion int o OSPF.

Back bone r out er

Back bone r out er s ar e connect ed t o ar ea 0, which is also r epr esent ed as ar ea 0.0.0.0. Back bone r out er s can be int er nal r out er s or ASBRs.

Figur e 4- 1 display s a t y pical OSPF ar ea assignm ent and t he funct ion of t hese r out er s.

Figu r e 4 - 1 . Ty pica l OSPF Ar e a Assign m e n t a n d OSPF Rou t e r s

I n Figur e 4- 1, t he r out er s r esiding in t he backbone ( ar ea 0) ar e called backbone r out er s. A backbone r out er connect ing t o anot her ar ea can also be an ABR. Rout er s t hat connect t o, for ex am ple, t he I nt er net and r edist r ibut e ex t er nal I P r out ing t ables fr om such pr ot ocols as Bor der Gat ew ay Pr ot ocol ( BGP) ar e t er m ed aut onom ous

137

sy st em boundar y r out er s ( ASBRs) . So, y ou can hav e a back bone r out er per for m ASBR funct ions as w ell as ABR funct ions. Each r out er , depending on it s funct ion, sends out a link- st at e adver t isem ent ( LSA) . An LSA is a pack et used by such r out ing pr ot ocols as OSPF ( t hat is, link- st at e rout ing pr ot ocols) t o send infor m at ion t o neighbor ing r out er s descr ibing net w or k s and pat h cost s. TI P Befor e flooding any neighbor ing r out er s w it h LSAs, Cisco I OS r out er s m ust fir st under go t he follow ing: St e p 1 . Ensur e t he neighbor ing r out er is in a st at e of adj acency. St e p 2 . The int er face cannot be a st ub ar ea ( LSA t y pe 5. St ub ar eas ar e discussed lat er in t his chapt er .) St e p 3 . Th e in t er face can n ot be connect ed t o a t ot ally st ubby ar ea. ( LSA t y pe 3, 4, or 5 w ill not be sent . Tot ally st ubby ar eas ar e discussed lat er in t his chapt er . ) For a det ailed sum m ar y of OSPF and t he pack et t y pes, t he Cisco Pr ess t it les Rout ing TCP/ I P, Volum es I and I I , by Jeff Doy le and Jennifer DeHaven Car r oll ( Volum e I I only ) ex plain all t he adv anced concept s y ou could ev er need.

OSPF suppor t s a num ber of LSA t y pes as w ell as t hr ee ot her ar ea t y pes: a st ub ar ea, a t ot ally st ubby area, and a not - so- st ubby area ( NSSA) . These addit ional ar eas pr ov ide ev en m or e funct ionalit y in OSPF. Befor e cov er ing t hese new ar eas in det ail, t his sect ion fir st goes over t he link- st at e adv er t isem ent t y pes and w hen t o use t hem in an OSPF env ir onm ent . The OSPF st andar d defines a num ber of LSAs t y pes. Unlik e dist ance v ect or pr ot ocols ( for exam ple, RI P) , OSPF does not act ually send it s r out ing t able t o ot her r out er s. I nst ead, OSPF sends t he LSA dat abase and der ives t he I P r out ing t able fr om LSAs. Table 4- 2 descr ibes t he six m ost com m on LSAs and t heir funct ions.

Table 4-2. Six Common Supported LSA Types on Cisco IOS Routers LSA Packet Type

Name

Function

1

Rout er link adv er t isem ent s

Descr ibes t he st at e and cost of t he rout er's own int er faces.

2

Net w ork link adv er t isem ent s

Used on m ult iaccess net w or k s. These ar e or iginat ed by t he designat ed r out er ( DR) .

3

Sum m ary link adv er t isem ent s ( ABRs)

Or iginat ed by ABRs only . This LSA t y pe sends out infor m at ion int o t he aut onomous sy st em

138

( AS) but out side of t he ar ea ( int er ar ea r out es) . 4

Sum m ary link adv er t isem ent s ( ASBRs)

Or iginat ed by ASBRs descr ibing I P net w or k s ex t er nal t o t he AS.

5

Aut onom ous sy st em ( AS) An LSA sent t o a r out er t hat connect s t o t h e ext ernal link I nt er net , for ex am ple. An adv er t isem ent sent adv er t isem ent s from ABR t o t he ASBR.

6

Not - so- st ubby ar eas ( NSSA)

An adver t isem ent bound t o an NSSA ar ea.

A st ub ar ea is defined as an ar ea t hat cont ains a single ex it point fr om t he ar ea. A st ub in t he English dic t ionary m eans a dead end, and t hat is exact ly w hat it m eans in OSPF. Ar eas t hat r eside on t he edge of t he net w or k w it h no ex it point ex cept one pat h can be t er m ed a st ub ar ea. St ubs com e in t hr ee t y pes. Table 4- 3 sum m ar izes t he funct ions of t hese new ar eas, called st ubby ar eas, t ot al st ubby areas, and not - so- st ubby ar eas. Tak e im por t ant not e of t he LSA t y pe allow ed or not allow ed t o fully appr eciat e t he v alue of a st ub area.

Table 4-3. Additional Area Types Area Type

Function

St ub area

This ar ea does not accept LSA t ypes 4 and 5, w hich ar e sum m ar y links and ex t er nal link adv er t isem ent s, r espect iv ely . The only w ay t o achiev e a r out e t o unknow n dest inat ions is, t her eby, a default r out e inj ect ed by t he ABR.

Tot ally st ubby area

This ar ea block s LSA t y pes 3, 4, and 5. Alt hough sim ilar t o a st ub ar ea, a t ot ally st ubby ar ea blocks LSAs of t ype 3 as w ell. This solut ion is Ciscopr opr iet ar y and is used t o fur t her r educe a t opological dat abase.

Not - sost ubby area

This ar ea is used pr im ar ily for connect ions t o an I SP. This ar ea is designed t o allow LSAs of t y pe 7 only . All adv er t ised r out es can be flooded t hr ough t he NSSA but are blocked by t he ABR. Basically, a t ype 7 LSA ( if t he P bit is set t o one) w ill be conv er t t o a t y pe 5 LSA and flooded t hr oughout t he r est of t he net w or k . I f t he P bit is set t o zer o, no t r anslat ion t ak es place. Ty pe 4 or 5 LSAs ar e not per m it t ed. This adv er t isem ent w ill not be pr opagat ed t o t he r est of t he net w or k. Typically used t o pr ovide a default r out e.

The only w ay t o appr eciat e t hese new ar eas is t o configur e t hem and v iew t he OSPF dat abase. The scenar ios t hat follow cov er st ub, t ot ally st ubby , and not - so- st ubby areas in m ore det ail. N OTE A st ub area cannot be a t ransit for a virt ual link. This is a design lim it at ion by t he pr ot ocol it self. When a r out er is defined as a st ub ar ea, a bit , called t he E bit , in t he Hello packet is set t o 0. All r out er s t hat for m any OSPF neighbor r elat ionship m ust hav e t he E bit set t o 0 as w ell; ot her w ise, no adj acency is for m ed.

139

Also a st ub ( does not per m it LSA t ypes 4 and 5) ar ea or t ot ally st ubby ( does not perm it LSA t ypes 3, 4, and 5) area does not allow ext ernal rout es. Nor is r edist r ibut ion allow ed. Those funct ions m ust be perform ed by ABRs or ASBRs.

Table 4- 4 sum m ar izes t he LSA t y pes by ar ea and indicat es w hich LSAs ar e per m it t ed or disallow ed in cer t ain ar eas.

Table 4-4. LSA Types and Area Restrictions Area

1/2

LSA Type Permitted? 3/4 6

7

NSSA

Yes

Yes

No

Yes

Tot ally st ubby

Yes

No

No

No

St ub

Yes

Yes

No

No

TI P All OSPF packet s are sent using I P prot ocol port num ber 89. OSPF runs over t he I P lay er ( also called t he Net w or k lay er ) of t he Open Sy st em I nt er connect ion ( OSI ) m odel.

VLSM a nd Sum m a riza t ion w it h OSPF OSPF suppor t s a num ber of feat ur es. The t w o m ain feat ur es t hat int er est m ost net w or k designer s ar e t hat it suppor t s VLSM and pr ov ides t he abilit y t o sum m ar ize net w orks. When an LSA pack et or r out ing updat e is r eceiv ed or sent , t he pack et includes t he follow ing infor m at ion: • • • • •

LSA t y pe Rout er I D ( unique I P address, no ot her rout er can share t he sam e rout er I D) Subnet m ask At t ached r out er Met ric

Because t he subnet m ask is car r ied along w it h t he updat e, OSPF can suppor t VLSM. Wit hout a m echanism t hat sends t he subnet m ask , t her e can be no suppor t for VLSM. Rout ing I nfor m at ion Pr ot ocol ( RI Pv 1) and I nt er ior Gat ew ay Rout ing Pr ot ocol ( I GRP) , for ex am ple, do not car r y t he subnet m ask w hen t hey send out updat es. Sum m ar izat ion occur s using t he LSA t ype 4 packet or by t he ASBR. You configur e OSPF in t w o w ay s t o sum m ar ize net w or k s using Cisco I OS r out er s:

140

• •

I nt er ar ea sum m ar izat ion cr eat ing t y pe 3 or 4 LSAs Ext er nal sum m ar izat io n w it h t y pe 5 LSAs

Consider an OSPF net w or k cont aining t w o r out er s acr oss an Et her net segm ent . Figur e 4- 2 display s t his t w o- rout er t opology wit h t he rout ers nam ed R1 and R2.

Figu r e 4 - 2 . Sa m ple N e t w or k f or OSPF Su m m a r iz a t ion Ex a m ple

R2 is sending R1 15 OSPF r out es r anging fr om 131.109.1.0 t o 131.109.15.0. I nst ead of populat ing R1's r out ing t able w it h 15 I P r out e ent r ies, you can use sum m ar izat ion. Ex am ple 4- 1 displays R1's r out ing t able.

Ex a m ple 4 - 1 R1 ' s OSPF Rou t in g Ta b le R1>show ip route ospf 131.109.0.0/24 is subnetted, 14 subnets O IA 131.109.14.0 [110/11] via 131.108.2.2, 00:00:48, Ethernet0/0 O IA 131.109.15.0 [110/11] via 131.108.2.2, 00:00:48, Ethernet0/0 O IA 131.109.12.0 [110/11] via 131.108.2.2, 00:00:48, Ethernet0/0 O IA 131.109.13.0 [110/11] via 131.108.2.2, 00:00:48, Ethernet0/0 O IA 131.109.10.0 [110/11] via 131.108.2.2, 00:00:58, Ethernet0/0 O IA 131.109.11.0 [110/11] via 131.108.2.2, 00:00:58, Ethernet0/0 O IA 131.109.8.0 [110/11] via 131.108.2.2, 00:00:58, Ethernet0/0 O IA 131.109.9.0 [110/11] via 131.108.2.2, 00:00:58, Ethernet0/0 O IA 131.109.6.0 [110/11] via 131.108.2.2, 00:00:00, Ethernet0/0 O IA 131.109.7.0 [110/11] via 131.108.2.2, 00:00:58, Ethernet0/0 O IA 131.109.4.0 [110/11] via 131.108.2.2, 00:00:58, Ethernet0/0 O IA 131.109.5.0 [110/11] via 131.108.2.2, 00:00:58, Ethernet0/0 O IA 131.109.2.0 [110/11] via 131.108.2.2, 00:01:08, Ethernet0/0 O IA 131.109.3.0 [110/11] via 131.108.2.2, 00:00:58, Ethernet0/0 O IA 131.109.1.0 [110/11] via 131.108.2.2, 00:02:54, Ethernet0/0 The r em ot e net w or ks ar e indicat ed by O I A, w hich indicat es int er ar ea r out es. I nt r a ar ea r out es ar e indicat ed by O. N OTE

141

Tw o m or e t y pes of OSPF r out es ex ist : ex t er nal t y pe 1 r out es, indicat ed by Cisco I OS as O E1, and ext er nal t ype 2 r out es, indicat ed by Cisco I OS as O E2. Ext er nal OSPF r out es ar e r out ing ent r ies in OSPF r out e t ables inj ect ed by an ex t er nal r out ing pr ot ocol, such as BGP or I GRP. When calculat ing t he cost t o a r em ot e net w or k , E1 r out es add t he t ot al cost t o dest inat ion; w her eas E2 r out es include only t he cost t o t he ext er nal net w or k.

Ex am ple 4- 1 display s an I P r out ing t able t elling y ou t hat R2 is in area 0 and anot her ar ea ( ABR) ; hence, R2 can per for m int er ar ea sum m ar izat ion. Because t he net w or k s 1 t o 15 are cont iguous, you can configure R2 t o m ask t he net w orks by m asking t he fir st 15 net w or k s w it h t he I OS a r e a ar ea I D r a n g e addr ess m ask com m a nd. Ex am ple 4- 2 display s t he sum m ar y applied t o R2 under t he OSPF r out er pr ocess I D of 1.

Ex a m ple 4 - 2 Su m m a r y of R2 R2(config)#router ospf 1 R2(config-router)#area 1 range 131.109.0.0 255.255.240.0 Ex am ple 4- 3 displays R1's r out ing t able now . Rem em ber t hat pr ev iously t her e w er e 15 I P rout ing ent ries.

Ex a m ple 4 - 3 OSPF Rou t e Ta ble on R1 Aft e r Su m m a r iz a t ion R1#sh ip route ospf 131.109.0.0/20 is subnetted, 1 subnets O IA 131.109.0.0 [110/11] via 131.108.2.2, 00:02:33, Ethernet0/0 R1# By using OSPF sum m ar izat ion t echniques, y ou can sum m ar ize a sim ple net w or k w it h 15 I P net works by using 1 I P r out ing ent r y . I n OSPF, you can also ext er nally sum m ar ize I P r out es by using t he su m m a r y ipa d d r e ss m a sk com m and. OSPF sum m ar izat ion ex am ples ar e included am ong t he fiv e scenar ios in t his chapt er .

OSPF over M ult ia rea N BM A OSPF over a m ult iple - ar ea NBMA net w or k pr esent s som e challenges t o a net w or k designer as you discover ed in Chapt er 3. Ty pically , in a lar ge NBMA env ir onm ent , t he back bone ( ar ea 0) assignm ent encom p asses t he NBMA connect ions t hem selv es, because all r em ot e or edge sit es need t o t r ansit t he NBMA net w or k . The sam e com m ands t hat applied in Chapt er 3 are used in large NBMA env ir onm ent s. To sum m ar ize t he com m and set used in lar ge NBMA env ir onm ent s, t he follow ing com m ands and st eps ar e r equir ed t o configur e OSPF in a m ult iar ea OSPF Net w or k:

142

1. Th e n e t w or k com m and enables OSPF acr oss int er faces. 2. Sum m ar izat ion enables net w or k s t o r educe I P r out ing t able sizes by using a r e a r a n ge on ABRs and t he su m m a r y addr ess subnet m ask com m and for an ASBR. 3. Any st ubby configur at ions t o r educe m em or y and CPU r equir em ent s. 4. Any virt ual links t hat m ay be required. 5. Any com m and t hat m anipulat es t he OSPF c ost m et r ics for equal cost s pat h load balancing. Nex t , t his chapt er descr ibes anot her com m on link- st at e r out ing pr ot ocol used in lar ge I P r out ing env ir onm ent s, nam ely I nt er m ediat e Sy st em- t o- I nt erm ediat e Syst em (I S- I S) .

I n t e gr a t e d I n t e r m e dia t e Sy st e m - t o- I n t e r m e dia t e Sy st e m I nt egrat ed I S- I S is a link- st at e r out ing pr ot ocol, but few people consider it an alt er nat ive t o OSPF. Even so, I S - I S is a com m on rout ing prot ocol t ypically used in large I SP environm ent s. I S- I S w as dev eloped at t he sam e t im e OSPF w as being developed. I n brief, I S- I S w as designed t o pr ovide t w o r out ing m echanism s ( in com pet it ion w it h OSPF for um , w hich could only r out e I P) at t he sam e t im e: one for I P and anot her for Decnet Phase V. This chapt er cov er s int egr at ed I S - I S I P rout ing capabilit ies only. As w it h any new pr ot ocol, you need t o be fam iliar w it h som e new t er m s and definit ions t o fully underst and I S- I S. I nst ead of using areas as OSPF does, I S- I S has r out er s per for m Lev el 1 ( L1) and Lev el 2 ( L2) funct ions. Rout er s t hat hav e no dir ect connect iv it y t o any ot her ar ea ar e called L1 r out er s. Rout er s t hat connect ar eas ar e called L2 r out er s. I n Figur e 4- 3, Rout ers R1 and R2 are Level 1/ Level 2 ( L1/ L2) rout ers , and t he edge rout ers R3 and R4, w hich are each in only one area, are L2 rout ers. An L1 rout er per for m s t he funct ions sim ilar t o t hose an OSPF int er nal r out er per for m s. A L1/ L2 r out er per for m s sim ilar funct ions t o an ABR in OSPF. Bot h L1 and L2 r out er s ma int ain link- st at e dat abases.

Figu r e 4 - 3 . I S- I S Te r m in ology D ia gr a m

143

N OTE IS- I S is t he pr ot ocol bet w een t w o I S - IS- enabled rout ers. IS- ES is t he pr ot oc ol—Connect ionless Net w or k Pr ot ocol ( CLNP) —bet w een an end syst em , such as a PC, and an I S- I S enabled rout er.

IS- I S has m any sim ilar it ies t o OSPF, including t he follow ing char act er ist ics: • • • • • •

IS- I S m aint ains a link- st at e dat abase. IS- I S uses hello pack et s t o form neighbor relat ions wit h ot her I S- I S enabled rout ers. IS- I S uses ar eas t o for m a hier ar chy . IS- I S suppor t s VLSM. IS- I S suppor t r out ing aut hent icat ion m echanism s. IS- I S on br oadcast net w or k s elect s a designat ed r out er ( DR) .

To configure I S- I S on a Cisco IOS r out er , you m ust per for m t he follow ing configur at ions and t ask s: • • •

Enable I S- I S w it h t he com m and r ou t e r isis. Configure any I S- I S int er face par am et er s, such as hello int er faces, and enable I S- I S t o send out updat es fr om an int er face. Configure area param e t er s.

Sce n a r ios The follow ing scenar ios ar e designed t o dr aw t oget her som e of t he cont ent descr ibed in t his chapt er and som e of t he cont ent y ou hav e seen in y our ow n net w or k s or

144

pr act ice labs. Ther e is no one r ight w ay t o accom plish m any of t he t ask s pr esent ed, and using good pr act ice and defining your end goal ar e im por t ant in any r eal- life design or solut ion. You st ar t by building an OSPF net w or k and t hen use t he m et hods descr ibed in t his chapt er t o help r educe t he size of I P r out ing t ables.

Sce n a r io 4 - 1 : Con figu r in g OSPF w it h M u lt iple Ar e a s I n t his scenar io, you configur e an eight - rout er, t hree- area net w ork w it h OSPF. Figure 4- 4 display s t he OSPF t opology and ar ea assign m en t .

Figu r e 4 - 4 . OSPF Topology a n d Ar e a Assign m e n t

This scenar io r epr esent s a t y pical OSPF net w or k w it h sem i- r edundancy and a hier ar chical addr ess assignm ent . To sim ulat e a lar ge net w or k env ir onm ent , y ou configur e sever al loopback addr ess assignm ent s on R1 and R2. Typically in an env ir onm ent lik e t his, t he host s ( dev ices, such as m ainfr am es, lar ge com put er host s, or pr int er s) r eside in t he back bone and t he end user s ar e connect ed t o t he r em ot e sit es. Assum e all I P t r affic is bet w een t he edge, or access, r out er s and t he back bone net work in area 0. Table 4- 5 display s t he I P addr ess assignm ent used in Figur e 4- 4.

Table 4-5. IP Address and Area Assignments Router R1

IP Address Range

Area

131.108.2.0–1 5 / 3 2 0

145

R2

131. 108. 16. 0– 31/ 3 2

0

R3

131. 108. 32– 33/ 32

0

R4

131. 108. 34– 35/ 32

0

R5

131.108.128.0/ 24

10

R6

131.108.129.0/ 24

10

R7

131.108.130.0/ 24

10

R8

131.108.131.0/ 24

11

WAN links

131.108.255.0

30- bit subnet m asks applied t o all WAN links

LAN link bet w een R3 and 131. 108. 3 6 . 0 R4

0

To st ar t OSPF on t he eight r out er s, you m ust fir st enable t he OSPF pr ocess by using t he com m and r ou t e r osp f process I D. I n t his scenar io, use t he sam e pr ocess I D of 1 on all r out er s, and r em em ber t hat t he pr ocess I D is locally significant only . To send and r eceiv e LSAs per int er face, use t he n e t w or k com m and. From Figur e 4- 4, t he r em ot e net w or k on Rout er R8, w it h t he I P subnet 131.108.131.0/ 24, resides in area 11. Ar ea 11 is par t it ioned fr om t he back bone and hence r equir es a vir t ual link so t hat all OSPF r out er s have a r out ing ent r y for t he subnet 131.108.131.0/ 24. Ex am ple 4- 4 displays t he I P r out ing t able on R1 aft er OSPF has been configured on all t he rout ers in t his net w ork.

Ex a m ple 4 - 4 R1 Rou t in g Ta b le R1#show ip route Codes: C - connected, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, 131.108.0.0/16 is variably subnetted, 39 subnets, 2 masks O IA 131.108.255.16/30 [110/855] via 131.108.1.2, 00:08:21, Ethernet0/0 O IA 131.108.255.20/30 [110/855] via 131.108.1.2, 00:05:29, Ethernet0/0 C 131.108.255.0/30 is directly connected, Serial0/0 O 131.108.255.4/30 [110/791] via 131.108.1.2, 00:12:44, Ethernet0/0 O IA 131.108.255.8/30 [110/128] via 131.108.255.2, 00:10:15, Serial0/0 O IA 131.108.255.12/30 [110/128] via 131.108.255.2, 00:07:02, Serial0/0 O IA 131.108.129.0/24 [110/865] via 131.108.1.2, 00:07:51, Ethernet0/0 - To R6 O IA 131.108.128.0/24 [110/138] via 131.108.255.2, 00:09:16, Serial0/0 - To R5 O IA 131.108.130.0/24 [110/138] via 131.108.255.2, 00:00:18, Serial0/0 - To R7 C 131.108.15.0/24 is directly connected, Loopback13 C 131.108.14.0/24 is directly connected, Loopback12 C 131.108.13.0/24 is directly connected, Loopback11 C 131.108.12.0/24 is directly connected, Loopback10

146

C C C C C C C C C C C O O O O O O O O O O O O O O O O O

131.108.11.0/24 is directly connected, Loopback9 131.108.10.0/24 is directly connected, Loopback8 131.108.9.0/24 is directly connected, Loopback7 131.108.8.0/24 is directly connected, Loopback6 131.108.7.0/24 is directly connected, Loopback5 131.108.6.0/24 is directly connected, Loopback4 131.108.5.0/24 is directly connected, Loopback3 131.108.4.0/24 is directly connected, Loopback2 131.108.3.0/24 is directly connected, Loopback1 131.108.2.0/24 is directly connected, Loopback0 131.108.1.0/24 is directly connected, Ethernet0/0 131.108.31.0/24 [110/11] via 131.108.1.2, 00:12:47, 131.108.30.0/24 [110/11] via 131.108.1.2, 00:12:47, 131.108.29.0/24 [110/11] via 131.108.1.2, 00:12:47, 131.108.28.0/24 [110/11] via 131.108.1.2, 00:12:47, 131.108.27.0/24 [110/11] via 131.108.1.2, 00:12:47, 131.108.26.0/24 [110/11] via 131.108.1.2, 00:12:47, 131.108.25.0/24 [110/11] via 131.108.1.2, 00:12:47, 131.108.24.0/24 [110/11] via 131.108.1.2, 00:12:47, 131.108.23.0/24 [110/11] via 131.108.1.2, 00:12:47, 131.108.22.0/24 [110/11] via 131.108.1.2, 00:12:47, 131.108.21.0/24 [110/11] via 131.108.1.2, 00:12:47, 131.108.20.0/24 [110/11] via 131.108.1.2, 00:12:47, 131.108.19.0/24 [110/11] via 131.108.1.2, 00:12:47, 131.108.18.0/24 [110/11] via 131.108.1.2, 00:17:10, 131.108.17.0/24 [110/11] via 131.108.1.2, 00:17:10, 131.108.16.0/24 [110/11] via 131.108.1.2, 00:17:10, 131.108.36.0/24 [110/11] via 131.108.1.2, 00:17:10,

Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0

Ex am ple 4- 4 display s t he r em ot e r out er s lear ned t hr ough Et her net int er face and t he next hop addr ess of 131.108.1.2, w hich is R2. Ther e is, of cour se, anot her pat h on R1 t hr ough t he ser ial link t o R2. Because t he cost is low er t hr ough t he Et her net LAN segm ent , R1 chooses t he pat h t o R2 as t he pr efer r ed pat h. The t hr ee r em ot e net w or k s on t he access Rout ers R5, R6, and R7 are list ed in Ex am ple 4- 4, but t he net w ork on R8 is not . Configure a virt ual link bet w een R4 and R8. Befor e you can configur e a vir t ual link, you m ust know t he rout er I D on R4 and R8. The sh ow ip osp f d a t a b a se com m and display s t he local r out er I D, w hich is t y pically a loopback addr ess or t he highest I P addr ess assignm ent . Loopback s ar e alw ays pr efer r ed because a loopback int er face is logically nev er going t o becom e unav ailable unless t he net w or k adm inist r at or r em ov es it . A r out er I D t hat is a phy sical int er face is pr one t o net w or k failur e and OSPF r ecalculat ions, w hich lead t o net w or k dow nt im es. To configur e a vir t ual link, use t he I OS com m and are a t r ansit ar ea r out er - id. Th e t r ansit ar ea in t his exam ple is ar ea 10, and t he r out er I D is t he I P addr ess of t he r em ot e r out er . Ex am ple 4- 5 display s t he r out er I D on Rout ers R4 and R8.

Ex a m ple 4 - 5 Rou t e r I D on R4 a n d R8 R4#show ip ospf database OSPF Router with ID (131.108.255.6) (Process ID 1) R8#show ip ospf database OSPF Router with ID (131.108.255.22) (Process ID 1)

147

Ex am ple 4- 6 displays t he virt ual link configurat ion on R4.

Ex a m ple 4 - 6 V ir t u a l Lin k Con figu r a t ion on R4 R4(config-router)#router ospf 1 R4(config-router)#area 10 virtual-link 131.108.255.22 Ex am ple 4- 7 displays t he vir t ual link configur at ion on R8 along w it h t he I OS ? com m and t o display t he av ailable opt ions.

Ex a m ple 4 - 7 V ir t u a l Lin k Con figu r a t ion a n d Opt ion s on R8 R8(config-router)#area 10 ? authentication Enable authentication default-cost Set the summary default-cost of a NSSA/stub area nssa Specify a NSSA area range Summarize routes matching address/mask (border routers only) stub Specify a stub area virtual-link Define a virtual link and its parameters R8(config-router)#area 10 virtual-link ? A.B.C.D ID (IP addr) associated with virtual link neighbor R8(config-router)#area 10 virtual-link 131.108.255.6 Ex am ple 4- 8 display s t he I P r out ing t able on t he cor e r out er , R1, along w it h t he r em ot e net w or k 131.108.131.0 because of t he v ir t ual link configur at ion.

Ex a m ple 4 - 8 sh ow ip r ou t e r osp f Com m a n d on R1 R1#show ip route ospf 131.108.0.0/16 is variably subnetted, 41 subnets, 2 masks O IA 131.108.255.16/30 [110/855] via 131.108.1.2, 00:00:47, Ethernet0/0 O IA 131.108.255.20/30 [110/855] via 131.108.1.2, 00:00:47, Ethernet0/0 O 131.108.255.4/30 [110/791] via 131.108.1.2, 00:00:47, Ethernet0/0 O IA 131.108.255.8/30 [110/128] via 131.108.255.2, 00:00:47, Serial0/0 O IA 131.108.255.12/30 [110/128] via 131.108.255.2, 00:00:47, Serial0/0 O IA 131.108.131.0/24 [110/865] via 131.108.1.2, 00:00:47, Ethernet0/0 O IA 131.108.130.0/24 [110/138] via 131.108.255.2, 00:00:48, Serial0/0 O IA 131.108.129.0/24 [110/865] via 131.108.1.2, 00:00:48, Ethernet0/0 O IA 131.108.128.0/24 [110/138] via 131.108.255.2, 00:00:48, Serial0/0 O 131.108.31.0/24 [110/11] via 131.108.1.2, 00:00:48, Ethernet0/0 O 131.108.30.0/24 [110/11] via 131.108.1.2, 00:00:48, Ethernet0/0 O 131.108.29.0/24 [110/11] via 131.108.1.2, 00:00:48, Ethernet0/0 O 131.108.28.0/24 [110/11] via 131.108.1.2, 00:00:48, Ethernet0/0 O 131.108.27.0/24 [110/11] via 131.108.1.2, 00:00:48, Ethernet0/0 O 131.108.26.0/24 [110/11] via 131.108.1.2, 00:00:48, Ethernet0/0 O 131.108.25.0/24 [110/11] via 131.108.1.2, 00:00:48, Ethernet0/0

148

O O O O O O O O O O

131.108.24.0/24 131.108.23.0/24 131.108.22.0/24 131.108.21.0/24 131.108.20.0/24 131.108.19.0/24 131.108.18.0/24 131.108.17.0/24 131.108.16.0/24 131.108.36.0/24

[110/11] [110/11] [110/11] [110/11] [110/11] [110/11] [110/11] [110/11] [110/11] [110/11]

via via via via via via via via via via

131.108.1.2, 131.108.1.2, 131.108.1.2, 131.108.1.2, 131.108.1.2, 131.108.1.2, 131.108.1.2, 131.108.1.2, 131.108.1.2, 131.108.1.2,

00:00:48, 00:00:48, 00:00:48, 00:00:48, 00:00:49, 00:00:49, 00:00:50, 00:00:50, 00:00:50, 00:17:10,

Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0

To v iew t he st at us of t he v ir t ual link , use t he sh o w ip o sp f v ir t u a l- link s com m and. Ex am ple 4- 9 displays sam ple out put fr om t his com m and used on R4.

Ex a m ple 4 - 9 sh ow ip ospf vir t u a l - lin k s on R4 R4#sh ip ospf virtual-links Virtual Link OSPF_VL0 to router 131.108.255.22 is up Run as demand circuit DoNotAge LSA allowed. Transit area 10, via interface Serial2, Cost of using 64 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:09 Adjacency State FULL (Hello suppressed) Index 2/4, retransmission queue length 0, number of retransmission 1 First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0) Last retransmission scan length is 1, maximum is 1 Last retransmission scan time is 0 msec, maximum is 0 msec You hav e successfully configur ed a com plex net w or k w it h eight Cisco r out er s in m ult iple ar eas. The r out ing t able, ev en w it h only eight r out er s, has ov er 20 I P r out e ent rie s. Befor e using sum m ar izat ion on t his net w or k t o r educe t he I P r out ing t able size, look at t he full w or k ing configur at ions on all r out er s. Pay par t icular at t ent ion t o t he shaded sect ions and t he r out er funct ions w it hin t he OSPF net w or k . Also not e how t he clock r a t e com m and is used t o enable back- t o- back ser ial high- level dat a link cont rol ( HDLC) connect ions am ong Cisco r out er s. Ex am ple 4- 10 display s R1's full w or k ing con figurat ion. R1 is a backbone rout er.

Ex a m ple 4 - 1 0 R1 ' s Fu ll Con figu r a t ion hostname R1 ! logging buffered 64000 debugging enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Loopback0 ip address 131.108.2.1 255.255.255.0 ip ospf network point-to-point

149

! interface Loopback1 ip address 131.108.3.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback2 ip address 131.108.4.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback3 ip address 131.108.5.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback4 ip address 131.108.6.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback5 ip address 131.108.7.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback6 ip address 131.108.8.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback7 ip address 131.108.9.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback8 ip address 131.108.10.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback9 ip address 131.108.11.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback10 ip address 131.108.12.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback11 ip address 131.108.13.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback12 ip address 131.108.14.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback13 ip address 131.108.15.1 255.255.255.0 ip ospf network point-to-point ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! interface Serial0/0

150

ip address 131.108.255.1 255.255.255.252 clockrate 125000 ! interface Serial0/1 shutdown ! router ospf 1 network 131.108.0.0 0.0.255.255 area 0 ! line con 0 line aux 0 line vty 0 4 end Ex am ple 4- 11 display s R2's full w or k ing configur at ion.

Ex a m ple 4 - 1 1 R2 ' s Fu ll Con figu r a t ion hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Loopback0 ip address 131.108.16.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback1 ip address 131.108.17.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback2 ip address 131.108.18.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback3 ip address 131.108.19.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback4 ip address 131.108.20.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback5 ip address 131.108.21.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback6 ip address 131.108.22.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback7 ip address 131.108.23.1 255.255.255.0 ip ospf network point-to-point

151

! interface Loopback8 ip address 131.108.24.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback9 ip address 131.108.25.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback10 ip address 131.108.26.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback11 ip address 131.108.27.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback13 ip address 131.108.28.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback14 ip address 131.108.29.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback15 ip address 131.108.30.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback16 ip address 131.108.31.1 255.255.255.0 ip ospf network point-to-point ! interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 ! interface Serial1/0 ip address 131.108.255.5 255.255.255.252 clockrate 128000 ! interface Serial1/1 shutdown ! interface Serial1/2 shutdown ! interface Serial1/3 shutdown ! router ospf 1 network 131.108.0.0 0.0.255.255 area 0 ! ip classless ! line con 0 line aux 0 line vty 0 4

152

! end Ex am ple 4- 12 displays R3's full working configurat ion. R3 is an ABR.

Ex a m ple 4 - 1 2 R3 ' s Fu ll Con figu r a t ion hostname R3 ! enable password cisco ! no ip domain-lookup ! interface Ethernet0 ip address 131.108.36.3 255.255.255.0 ! interface Serial0 ip address 131.108.255.2 255.255.255.252 ! interface Serial1 ip address 131.108.255.9 255.255.255.252 clockrate 128000 ! interface Serial2 ip address 131.108.255.13 255.255.255.252 clockrate 128000 ! interface Serial3 shutdown ! router ospf 1 network 131.108.255.0 0.0.0.3 area 0 network 131.108.36.0 0.0.0.255 area 10 network 131.108.255.8 0.0.0.3 area 10 network 131.108.255.12 0.0.0.3 area 10 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 4- 13 displays R4's full working configurat ion. R4 is an ABR.

Ex a m ple 4 - 1 3 R4 ' s Fu ll Con figu r a t ion hostname R4 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Ethernet 0 ip address 131.108.36.4 255.255.255.0 !

153

interface Serial0 ip address 131.108.255.6 255.255.255.252 ! interface Serial1 ip address 131.108.255.17 255.255.255.252 clockrate 128000 ! interface Serial2 ip address 131.108.255.21 255.255.255.252 clockrate 128000 ! interface Serial3 shutdown ! router ospf 1 area 10 virtual-link 131.108.255.22 network 131.108.255.4 0.0.0.3 area 0 network 131.108.36.0 0.0.0.255 area 10 network 131.108.255.16 0.0.0.3 area 10 network 131.108.255.20 0.0.0.3 area 10 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 4- 14 displays R5's full w or king configur at ion. R5 is an int er nal OSPF ar ea.

Ex a m ple 4 - 1 4 R5 ' s Fu ll Con figu r a t ion hostname R5 ! enable password cisco ! interface Ethernet0 ip address 131.108.128.1 255.255.255.0 ! interface Serial0 ip address 131.108.255.10 255.255.255.252 ! interface Serial1 shutdown ! router ospf 1 network 131.108.128.0 0.0.0.255 area 10 network 131.108.255.8 0.0.0.3 area 10 ! line con 0 line aux 0 line vty 0 4 end Ex am ple 4- 15 display s R6's full w or k ing configurat ion. R6 is an int ernal OSPF rout er.

Ex a m ple 4 - 1 5 R6 ' s Fu ll Con figu r a t ion 154

hostname R6 ! enable password cisco ! ip subnet-zero ! interface Ethernet0 ip address 131.108.129.1 255.255.255.0 ! interface Serial0 ip address 131.108.255.18 255.255.255.252 interface Serial1 shutdown ! router ospf 1 network 131.108.129.0 0.0.0.255 area 10 network 131.108.255.16 0.0.0.3 area 10 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 4- 16 displays R7's full w orking configurat ion. R7 is an int ernal OSPF area.

Ex a m ple 4 - 1 6 R7 ' s Fu ll Con figu r a t ion hostname R7 ! enable password cisco ! ip subnet-zero no ip domain-lookup interface Ethernet0 ip address 131.108.130.1 255.255.255.0 interface Serial0 ip address 131.108.255.14 255.255.255.252 ! interface Serial1 shutdown ! router ospf 1 network 131.108.130.0 0.0.0.255 area 10 network 131.108.255.12 0.0.0.3 area 10 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 4- 17 displays R8's full w orking configurat ion. R8 is an int ernal OSPF area, requiring a virt ual link because area 11 is not connect ed t o area 0.

155

Ex a m ple 4 - 1 7 R8 ' s Fu ll Con figu r a t ion hostname R8 enable password cisco ! no ip domain-lookup ! interface Ethernet0 ip address 131.108.131.1 255.255.255.0 ! interface Serial0 ip address 131.108.255.22 255.255.255.252 interface Serial1 shutdown ! router ospf 1 area 10 virtual-link 131.108.255.6 network 131.108.131.0 0.0.0.255 area 11 network 131.108.255.20 0.0.0.3 area 10 ! line con 0 line aux 0 line vty 0 4 ! end

Sce n a r io 4 - 2 : Con figu r in g OSPF Su m m a r iz a t ion This scenar io cov er s t he sam e net w or k t opology show n in Figur e 4- 4. The aim of any net w or k designer is t o use sum m ar izat ion w her ev er possible. OSPF, as y ou hav e seen, has som e adv anced feat ur es t o allow sum m ar izat ion. The fir st m et hod y ou can apply is int ra - ar ea sum m ar izat ion on t he backbone Rout er s R1 and R2. A t ot al of 30 net w or k s ( cont iguous) ex ist fr om 131.108.1.0 t o 131.108.31.255. For t he core rout ers in area 0, nam ely R1, R2, R3, and R4, which pass on rout ing inform at ion t o ot her core or re m ot e r out er s, you need t o have a m or e det ailed view of t he net w or k. This det ail is r equir ed so you do not per for m any sum m ar izat ion on t he cor e net w or k and m aint ain a full I P r out ing t opology in t he cor e ( or backbone) net work. The access- level rout ers, R5, R6, R7, and R8, do not t ypically require an I P rout ing ent r y for ev er y net w or k in t he cor e because t hey r equir e access t o only t he cor e net w or k in ar ea 0, t he backbone. Ther efor e, t hese r out er s ar e per fect exam ples of how y ou can use sum m ar izat ion t o r educe t he size of r out ing t ables. Only a single ex it point t o t he cor e of t he net w or k ex ist s, so y ou can configur e st ubby net w or k s. Fir st , use som e sum m ar y com m ands. Ex am ple 4- 18 displays R5's I P rout ing t able.

Ex a m ple 4 - 1 8 R5 ' s Cu r r e n t I P Rou t in g Ta ble R5#show ip route Codes: C - connected, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

156

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 131.108.0.0/16 is variably subnetted, 41 subnets, 2 masks O IA 131.108.255.16/30 [110/983] via 131.108.255.9, 04:14:50, Serial0 O IA 131.108.255.20/30 [110/983] via 131.108.255.9, 04:14:50, Serial0 O IA 131.108.255.0/30 [110/128] via 131.108.255.9, 04:14:51, Serial0 O IA 131.108.255.4/30 [110/919] via 131.108.255.9, 04:14:51, Serial0 C 131.108.255.8/30 is directly connected, Serial0 O 131.108.255.12/30 [110/128] via 131.108.255.9, 04:14:51, Serial0 O IA 131.108.131.0/24 [110/993] via 131.108.255.9, 04:05:58, Serial0 O 131.108.130.0/24 [110/138] via 131.108.255.9, 04:14:51, Serial0 O IA 131.108.129.0/24 [110/993] via 131.108.255.9, 04:14:51, Serial0 C 131.108.128.0/24 is directly connected, Ethernet0 O IA 131.108.15.0/24 [110/129] via 131.108.255.9, 03:51:04, Serial0 O IA 131.108.14.0/24 [110/129] via 131.108.255.9, 03:51:04, Serial0 O IA 131.108.13.0/24 [110/129] via 131.108.255.9, 03:51:14, Serial0 O IA 131.108.12.0/24 [110/129] via 131.108.255.9, 03:51:14, Serial0 O IA 131.108.11.0/24 [110/129] via 131.108.255.9, 03:51:14, Serial0 O IA 131.108.10.0/24 [110/129] via 131.108.255.9, 03:51:14, Serial0 O IA 131.108.9.0/24 [110/129] via 131.108.255.9, 03:51:15, Serial0 O IA 131.108.8.0/24 [110/129] via 131.108.255.9, 03:51:25, Serial0 O IA 131.108.7.0/24 [110/129] via 131.108.255.9, 03:51:25, Serial0 O IA 131.108.6.0/24 [110/129] via 131.108.255.9, 03:51:25, Serial0 O IA 131.108.5.0/24 [110/129] via 131.108.255.9, 03:51:25, Serial0 O IA 131.108.4.0/24 [110/129] via 131.108.255.9, 03:51:25, Serial0 O IA 131.108.3.0/24 [110/129] via 131.108.255.9, 03:51:25, Serial0 O IA 131.108.2.0/24 [110/129] via 131.108.255.9, 03:51:35, Serial0 O IA 131.108.1.0/24 [110/138] via 131.108.255.9, 04:14:52, Serial0 O IA 131.108.31.0/24 [110/139] via 131.108.255.9, 04:14:52, Serial0 O IA 131.108.30.0/24 [110/139] via 131.108.255.9, 04:14:52, Serial0 O IA 131.108.29.0/24 [110/139] via 131.108.255.9, 04:14:52, Serial0 O IA 131.108.28.0/24 [110/139] via 131.108.255.9, 04:14:52, Serial0 O IA 131.108.27.0/24 [110/139] via 131.108.255.9, 04:14:52, Serial0 O IA 131.108.26.0/24 [110/139] via 131.108.255.9, 04:14:52, Serial0 O IA 131.108.25.0/24 [110/139] via 131.108.255.9, 04:14:53, Serial0 O IA 131.108.24.0/24 [110/139] via 131.108.255.9, 04:14:53, Serial0 O IA 131.108.23.0/24 [110/139] via 131.108.255.9, 04:14:53, Serial0 O IA 131.108.22.0/24 [110/139] via 131.108.255.9, 04:14:53, Serial0 O IA 131.108.21.0/24 [110/139] via 131.108.255.9, 04:14:53, Serial0 O IA 131.108.20.0/24 [110/139] via 131.108.255.9, 04:14:53, Serial0 O IA 131.108.19.0/24 [110/139] via 131.108.255.9, 04:14:53, Serial0 O IA 131.108.18.0/24 [110/139] via 131.108.255.9, 04:14:53, Serial0 O IA 131.108.17.0/24 [110/139] via 131.108.255.9, 04:14:53, Serial0 O IA 131.108.16.0/24 [110/139] via 131.108.255.9, 04:14:53, Serial0 O 131.108.36.0/24 [110/11] via 131.108.255.9, 04:14:53, Serial0 Use OSPF sum m ar izat ion for t he cor e I P net w or k s r anging fr om 131.108.1.0 t o 131.108.31.255 on Rout ers R3 and R4. Ex am ple 4- 19 display s t he use of t he I OS a r e a area I D ra nge m a sk com m and on R3.

Ex a m ple 4 - 1 9 Su m m a r y on R3 R3(config)#router ospf 1 R3(config-router)#area 0 ?

157

authentication Enable authentication default-cost Set the summary default-cost of a NSSA/stub area nssa Specify a NSSA area range Summarize routes matching address/mask (border routers only) stub Specify a stub area virtual-link Define a virtual link and its parameters R3(config-router)#area 0 range 131.108.0.0 ? A.B.C.D IP mask for address R3(config-router)#area 0 range 131.108.0.0 255.255.224.0 The I OS t ells you only ABRs can perform OSPF sum m arizat ion. Rout ers R3 and R4 are ABRs; hence, you can perform net w ork sum m arizat ion on R3 and R4. Ex am ple 4- 20 displays t he OSPF sum m ar y on R4.

Ex a m ple 4 - 2 0 Su m m a r y on R4 R4(config)#router ospf 1 R4(config-router)#area 0 range 131.108.1.0 255.255.224.0 View t he I P rout ing t able on R5. Ex am ple 4- 21 display s R5's r out ing t able aft er net w ork sum m arizat ion is configured on R3 and R4. Also displayed in Ex am ple 4- 21 are a few ping r equest s t o I P net w or k s cov er ed in t he sum m ar y r ange 131.108.0.0/ 19, w hich ar e net w or k s cov er ing t he r ange 131.108.1.0 t o 131.108.31.255.

Ex a m ple 4 - 2 1 Su m m a r y on R5 R5#show ip route Codes: C - connected, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 131.108.0.0/16 is variably subnetted, 11 subnets, 3 masks O IA 131.108.255.16/30 [110/983] via 131.108.255.9, 05:09:00, Serial0 O IA 131.108.255.20/30 [110/983] via 131.108.255.9, 05:09:00, Serial0 O IA 131.108.255.0/30 [110/128] via 131.108.255.9, 05:09:00, Serial0 O IA 131.108.255.4/30 [110/919] via 131.108.255.9, 05:09:00, Serial0 C 131.108.255.8/30 is directly connected, Serial0 O 131.108.255.12/30 [110/128] via 131.108.255.9, 05:09:00, Serial0 O 131.108.36.0/24 [110/11] via 131.108.255.9, 05:14:53, Serial0 O IA 131.108.131.0/24 [110/993] via 131.108.255.9, 05:00:08, Serial0 O 131.108.130.0/24 [110/138] via 131.108.255.9, 05:09:00, Serial0 O IA 131.108.129.0/24 [110/993] via 131.108.255.9, 05:09:01, Serial0 C 131.108.128.0/24 is directly connected, Ethernet0 O IA 131.108.0.0/19 [110/129] via 131.108.255.9, 00:46:25, Serial0 R5#ping 131.108.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.1.1, timeout is 2 seconds: !!!!! (R1 Ethernet e0/0 address) Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms

158

R5#ping 131.108.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.2.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/31/32 ms R5#ping 131.108.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.3.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms R5#ping 131.108.31.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.31.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36 ms By using a sim ple com m and on t he ABRs, y ou hav e significant ly r educed t he I P r out ing t able size on R5 t o nine r em ot e OSPF ent r ies. The sam e occur s on Rout er s R6, R7, and R8. Also because R5 and R7 have single exit point s t o t he cor e, y ou can configur e a st ub net w or k . You cannot configur e a st ub net w or k on R8 because y ou hav e a v ir t ual link . To cr eat e a st ub net w or k , use t he a r e a area id st u b com m and. Cr eat e a st ub net work bet ween Rout ers R3 ( t he ABR) and R5. Ex am ple 4- 22 display s t he st ub configurat ion on R3.

Ex a m ple 4 - 2 2 St u b Con f ig u r a t ion on R3 R3(config)#router ospf 1 R3(config-router)#area 10 stub I f y ou at t em pt t o configur e a st ub net w or k on R4, Cisco's I OS display s t he m essage in Ex am ple 4- 23.

Ex a m ple 4 - 2 3 Con figu r in g a St u b Ar e a R4(config)#router ospf 1 R4(config-router)#area 10 stub % OSPF: Area cannot be a stub as it contains a virtual link R4(config-router)# You cannot cr eat e a st ub bet w een R4 and R8 because of t he v ir t ual link . So, change t he ar ea assignm ent s on R8 t o ar ea 10 so you can cr eat e a st ub. Figur e 4- 5 display s t he change of ar ea assignm ent s t o r em ov e t he necessit y of a virt ual link bet w een R8 and R4. To change t he area assignm ent on R8 from 11 t o 10, configur e t he follow ing com m ands on R8:

Figu r e 4 - 5 . OSPF Sa m ple N e t w or k Aft e r R8 Ar e a Ch a n ge

159

no network 131.108.131.0 0.0.0.255 area 11 network 131.108.131.0 0.0.0.255 area 10 Because a change has been m ade t o OSPF ar ea assignm ent , y ou m ust ensur e t hat OSPF is st ill act ive on R5. Ex am ple 4- 24 display s R5's OSPF neighbor st at e aft er y ou configur e t he A BR R3 as a st ub net work in area 10.

Ex a m ple 4 - 2 4 sh ow ip ospf n e igh bor Com m a n d on R5 R5#show ip ospf neighbor Neighbor ID Interface 131.108.255.13 Serial0

Pri

State

1

DOWN/

Dead Time -

-

Address 131.108.255.9

The OSPF relat ionship bet ween R3 and R5 is down because if one rout er is configur ed as a st ub, t he neighbor ing r out er m ust also be configur ed as a st ub, and in t his case, R5 has not y et been configur ed as a st ub. Ex am ple 4- 25 display s t he configur at ion of a st ub net w or k on R5 and t he OSPF r elat ionship change t o full adj acency .

Ex a m ple 4 - 2 5 St u b Con f ig u r a t ion on R5 R5(config)#router ospf 1 R5(config-router)#area 10 stub R5#sh ip ospf neighbor Neighbor ID Interface

Pri

State

Dead Time

Address

160

131.108.255.13 Serial0

1

FULL/

-

00:00:38

131.108.255.9

Now , view t he I P rout ing t able on R5. Ex am ple 4- 26 displays t he new I P r out ing t able aft er t he st ub configur at ion is com plet ed on bot h Rout er s R3 and R5.

Ex a m ple 4 - 2 6 R5 's Rou t in g Ta ble R5#sh ip route Gateway of last resort is 131.108.255.9 to network 0.0.0.0 131.108.0.0/16 is variably subnetted, 10 subnets, 3 masks O IA 131.108.255.16/30 [110/983] via 131.108.255.9, 00:01:22, Serial0 O IA 131.108.255.20/30 [110/983] via 131.108.255.9, 00:01:22, Serial0 O IA 131.108.255.0/30 [110/128] via 131.108.255.9, 00:01:22, Serial0 O IA 131.108.255.4/30 [110/919] via 131.108.255.9, 00:01:22, Serial0 C 131.108.255.8/30 is directly connected, Serial0 O 131.108.255.12/30 [110/128] via 131.108.255.9, 00:01:22, Serial0 O 131.108.36.0/24 [110/11] via 131.108.255.9, 00:01:22, Serial0 O 131.108.131.0/24 [110/128] via 131.108.255.9, 00:01:22, Serial0 O IA 131.108.131.0/24 [110/993] via 131.108.255.9, 00:01:22, Serial0 O IA 131.108.129.0/24 [110/993] via 131.108.255.9, 00:01:22, Serial0 C 131.108.128.0/24 is directly connected, Ethernet0 O IA 131.108.0.0/19 [110/129] via 131.108.255.9, 00:01:23, Serial0 O*IA 0.0.0.0/0 [110/65] via 131.108.255.9, 00:01:23, Serial0 You now have on R5 a default r out e labeled 0.0.0.0 t hr ough t he nex t hop addr ess 131.108.255.9 ( R3) . You hav e a gat ew ay of last r esor t , w hich effect iv ely m eans any pack et s t o unk now n dest inat ions ar e sent t o t he nex t hop addr ess 131.108.255.9 ( R3) . Configur ing a st ub net w or k per for m s ex act ly t his funct ion; it provides a default r out e. Now , y ou can assum e t hat all I P t r affic fr om t he edge r out er s is dest ined for t he cor e net w ork, so t here is no reason for R5 or R6 t o have net w ork ent ries for every individual I P rout e in t he core. All I P t raffic is dest ined for t he cor e any w ay . To fur t her r educe t he I P r out ing t able, you can configur e OSPF t o st op t he ent r ies labeled as O I A ( int er ar ea r out es) fr om populat ing t he edge r out er s by configur ing a st ubby net w or k w it h t he no- su m m a r y opt ion by apply ing t he I OS a r e a ar ea id st u b no- su m m a r y com m and. This opt ion pr ev ent s t he ABR fr om sending sum m ar y link adv er t isem ent s fr om ot her ar eas ex cept t he ar ea t hat connect s R5, ar ea 10 in t his case. To ensur e OSPF full adj acency is achieved bet ween R3, R4, R5, R6, R7, and R8, you m ust configure bot h t he cor e and edge r out er s. Ex am ple 4- 27 display s t he configur at ion of t he cor e r out er , R3, w it h t he no- su m m a r y opt ion.

Ex a m ple 4 - 2 7 Pr e v e n t in g Su m m a r y LSAs fr om Ot h e r Ar e a s R3(config)#router ospf 1 R3(config-router)#area 10 stub no-summary

161

You also com plet e t he a r e a 1 0 st u b n o- su m m a r y on t he r em aining r out er s. Exa m ple 4- 28 display s t he no- su m m a r y opt ion configured on R5.

Ex a m ple 4 - 2 8 n o - su m m a r y Com m a n d Opt ion on R5 R5(config)#router ospf 1 R5(config-router)#area 10 stub no-summary R5's r out ing t able should now cont ain ev en few er ent r ies. Ex am ple 4- 29 displays R5 I P rout ing t able. View t he I P rout ing t able on R5 in Ex am ple 4- 29 and com par e it t o Ex am ple 4- 26.

Ex a m ple 4 - 2 9 R5 's I P Rou t in g Ta ble R5#show ip route Gateway of last resort is 131.108.255.9 to network 0.0.0.0 131.108.0.0/16 is variably subnetted, 9 subnets, 2 masks O 131.108.255.16/30 [110/138] via 131.108.255.9, 00:01:04, Serial0 O 131.108.255.20/30 [110/138] via 131.108.255.9, 00:01:04, Serial0 C 131.108.255.8/30 is directly connected, Serial0 O 131.108.255.12/30 [110/128] via 131.108.255.9, 00:01:04, Serial0 O 131.108.131.0/24 [110/148] via 131.108.255.9, 00:01:04, Serial0 O 131.108.130.0/24 [110/138] via 131.108.255.9, 00:01:04, Serial0 O 131.108.129.0/24 [110/148] via 131.108.255.9, 00:01:04, Serial0 C 131.108.128.0/24 is directly connected, Ethernet0 O 131.108.36.0/24 [110/74] via 131.108.255.9, 00:01:04, Serial0 O*IA 0.0.0.0/0 [110/65] via 131.108.255.9, 00:01:04, Serial0 The only net w or ks displayed now ar e t he default net w or k and net w orks residing in t he sam e ar ea as Rout er R5, w hich is ar ea 10. You now have only 8 r em ot e ent r ies inst ead of over 30, as show n in Ex am ple 4- 18. The use of t he st ub configurat ion is effect iv e in t his t y pe of net w or k t opology . List t he full OSPF w orking configurat ions of t he ABR Rout ers R3 and R4 and t he edge r out er s t hat ar e configur ed as st ubby net w or k s. Ex am ple 4- 30 displays R3's OSPF configur at ion. The shaded por t ion highlight s t he configur at ion r equir ed for t he st ub net work. N OTE The configur at ion in Ex am ple 4- 30 cont ains only t he m essage in Ex am ple 4- 23; t he OSPF r out ing pr ocess changes because t he r em aining configur at ion is ident ical t o t hat in Ex am ples 4- 10 t o 4- 17.

Ex a m ple 4 - 3 0 R3 's OSPF W or k in g Con figu r a t ion router ospf 1 network 131.108.255.0 0.0.0.3 area 0 network 131.108.255.8 0.0.0.3 area 10

162

network 131.108.255.12 0.0.0.3 area 10 network 131.108.36.0 0.0.0.255 area 10 area 0 range 131.108.0.0 255.255.224.0 area 10 stub no-summary Ex am ple 4- 31 display s R4's full OSPF w or k ing configur at ion. The shaded por t ion highlight s t he configur at ion r equir ed for t he st ub net w or k .

Ex a m ple 4 - 3 1 R4 's OSPF W or k in g Con figu r a t ion router ospf 1 area 0 range 131.108.0.0 255.255.224.0 area 10 stub no-summary network 131.108.36.0 0.0.0.255 area 10 network 131.108.255.4 0.0.0.3 area 0 network 131.108.255.16 0.0.0.3 area 10 network 131.108.255.20 0.0.0.3 area 10 Ex am ple 4- 32 display s R5's OSPF w or k ing configur at ion. The shaded por t ion highlight s t he configur at ion r equir ed for t he st ub net w or k .

Ex a m ple 4 - 3 2 R5 's OSPF W or k in g Con figu r a t ion router ospf 1 area 10 stub no-summary network 131.108.128.0 0.0.0.255 area 10 network 131.108.255.4 0.0.0.3 area 10 ! Ex am ple 4- 33 display s R6's OSPF w or k ing configur at ion. The shaded por t ion highlight s t he configur at ion r equir ed for t he st ub net w or k .

Ex a m ple 4 - 3 3 R6 's OSPF W or k in g Con figu r a t ion router ospf 1 area 10 stub no-summary network 131.108.129.0 0.0.0.255 area 10 network 131.108.255.8 0.0.0.3 area 10 Ex am ple 4- 34 display s R7's OSPF w or k ing configur at ion. The shaded por t ion highlight s t he configur at ion r equir ed for t he st ub net w or k .

Ex a m ple 4 - 3 4 R7 's OSPF W or k in g Con figu r a t ion router ospf 1 area 10 stub no-summary network 131.108.130.0 0.0.0.255 area 10 network 131.108.255.12 0.0.0.3 area 10 Ex am ple 4- 35 display s R8's OSPF w or k ing configur at ion. The shaded po rt ion highlight s t he configur at ion r equir ed for t he st ub net w or k .

Ex a m ple 4 - 3 5 R8 's OSPF W or k in g Con figu r a t ion router ospf 1

163

area 10 stub no-summary network 131.108.131.0 0.0.0.255 area 10 network 131.108.255.20 0.0.0.3 area 10 TI P To best appr eciat e OSPF and t he feat ur es cov er ed her e, y ou can configur e a sim ple t w o- r out er net w or k w it h loopback addr ess and follow t he st eps com plet ed her e on a sm aller scale and cont inually v iew t he I P r out ing t able t o see t he benefit s of sum m ar izat ion and st ubby net w or k s.

Sce n a r io 4 - 3 : Con f ig u r in g I n t e g r a t e d I S- I S This scenar io show s y ou how t o configur e anot her link- st at e prot ocol, I S- I S, in a t hr ee- r out er t opology. The t opology for t his scenar io is displayed in Figur e 4- 6, w it h t he rout ers nam ed R4, R8, and R9.

Figu r e 4 - 6 . I S- I S w it h V LSM

Wher e t his scenar io cov er s r edist r ibut ion, y ou use t hese r out er s t o connect t o an OSPF rout er. The I P addressing schem e is displayed in Figur e 4- 6. Not e t hat VLSM is in use. I S- I S suppor t s VLSM, and y ou configur e t he t hr ee r out er s t o be in dom ain 1 using t he net w or k ent it y know n as t he sim ple for m at , w hich descr ibes t he ar ea and syst em I D.

164

N OTE Thr ee m et hods ( r efer r ed t o as net w or k ent it ies) can define t he ar ea: sim ple for m at , OSI form at , and Governm ent OSI Pro file ( GOSI P) for m at as descr ibed in t he follow ing list : Sim ple for m a t : Ar ea?Sy st em I D?SEL OSI f o r m a t : Dom ain?Ar ea?Sy st em I D?SEL GOSI P for m a t : AFI ?I CD?DFI ?AAI ?Reser v ed?RDI ?Ar ea Sy st em I D?SEL These fields ar e defined as follow s: • • • • • • • •

AFI— Aut hor it y and for m at ident ifier ( 47 for Cisco r out er s) I CD— I nt er nat ional code designat or D FI— Dom ain specific part AAI— Adm inist r at iv e aut hor it y ident ifier RDI — Rout ing dom ain ident ifier ( aut onom ous sy st em num ber ) SEL— Net w or k Ser v ice Access Por t ( NSAP) Area— Used by L2 rout er s Sy st em I D— Used by L1 r out er s; t y pically an int er face Media Access Cont r ol ( MAC) addr ess

Each I S- I S rout ers m ust be configured w it h t he follow ing: • • •

Enable I S- I S w it h t he com m and r ou t e r isis opt ional ar ea t ag. The t ag gr oups rout ers in one dom ain. You m ust also ent er t he global com m and cln s r ou t in g. Configur e t he net w or k int er faces w it h t he com m and n e t n et w or k- en t it y- t it le. Enable I S- I S per int er face w it h t he com m and ip r ou t e r isis.

Figur e 4- 6 show s a sm all t hree- r out er net w or k. All r out er s r eside in one ar ea. The ar eas ar e encoded as 00.0001, and t he sy st em I Ds ar e t he MAC addr esses fr om t he local Et her net int er face. The MAC addr esses of t he r espect ive r out er s ar e as follow s: • • •

R4— 0050.5460.98e8, net I D is 00.0001.0050.5460.98e8.00 R8— 00b0.64fc.d7bd, net I D is 00.0001.00b0.64fc.d7bd.00 R9— 00e0.b055.28ca, net I D is 00.0001.00e0.b055.28ca.00

165

Now , configure t he first rout er, R4, for I S- I S. Ex am ple 4- 36 display s t he configurat ion required t o enable I S- I S on Rout er R4.

Ex a m ple 4 - 3 6 Con figu r a t ion on R4 R4(config)#router isis R4(config-router)#net 00.0001.0050.5460.98e8.00 R4(config-router)#exit R4(config)#clns routing R4(config)#int ethernet 0 R4(config-if)#ip router isis R4(config-if)#inter serial 3 R4(config-if)#ip router isis R4(config-if)#int serial 2 R4(config-if)#ip router isis The fir st configur at ion com plet ed on R4 enables t he I P r out ing and t hen enables Connect ionless Net w or k Ser v ice ( CLNS) and int er face configur at ion on all part icipat ing I S- I S int er faces. Exam ple 4- 37 display s t he configurat ion of I S- I S on R8.

Ex a m ple 4 - 3 7 Con figu r a t ion on R8 R8(config)#router isis R8(config-router)#net 00.0001.00b0.64fc.d7bd.00 R8(config-router)#exit R8(config)#clns routing R8(config)#int ethernet 0 R8(config-if)#ip router isis R8(config)#interface serial 0 R8(config-if)#ip router isis R8(config-if)#interface serial 1 R8(config-if)#ip router isis Ex am ple 4- 38 displays t he configur at ion com plet ed on R9.

Ex a m ple 4 - 3 8 Co n figu r a t ion on R9 R9(config)#router isis R9(config-router)#net 00.0001.00e0.b055.28ca.00 R9(config-router)#exit R9(config)#clns routing R9(config)#int ethernet 0 R9(config-if)#ip router isis R9(config-if)#interface serial 0 R9(config-if)#ip router isis R9(config-if)#interface serial 1 R9(config-if)#ip router isis Now t hat I S- I S is configured on all t hree rout ers, exam ine t he I P rout ing t ables for I P connect iv it y . Exam ple 4- 39 displays R4's I P rout ing t able.

Ex a m ple 4 - 3 9 R4 's I P Rou t in g Ta ble R4#sh ip route

166

Codes i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - ISIS inter area

C C C i L1 i L1 i L1

141.108.0.0/16 is variably subnetted, 6 subnets, 2 masks 141.108.255.4/30 is directly connected, Serial2 141.108.255.0/30 is directly connected, Serial3 141.108.2.0/24 is directly connected, Ethernet0 141.108.4.0/24 [115/20] via 141.108.255.2, Serial3 141.108.3.0/24 [115/20] via 141.108.255.5, Serial2 141.108.255.8/30 [115/20] via 141.108.255.5, Serial2 [115/20] via 141.108.255.2, Serial3

R4's rout ing t able has four rem ot e ent ries, all of w hich are labeled L1 ( level 1 rout e) because all t hree rout ers reside in ar ea 1 as configur ed by t he n e t com m and. The adm inist r at ive dist ance for I S - I S is 115 and is followed by t he m et ric. The I S- I S m et r ic is bet w een 0 and 63. The default m et r ic is set t o 10, and t he t ot al m et r ic is calculat ed from source t o dest inat ion. Not ic e t he pat h t o t he r em ot e net w or k 141.108.255.8/ 30 is calculat ed w it h t w o pat hs: one pat h t hr ough Ser ial 2 and t he ot her t hrough Serial 3. I n ot her words, I S- I S suppor t s equal cost pat h load balancing, as does OSPF. As w it h OSPF, t he com m and set for m onit oring I S- I S is large. Now look at a few ex am ples of t he m ost com m only used sh o w com m ands. Ex am ple 4- 40 display s t he IS- I S neighbor st at es w it h t he sh ow cln s isis - n e igh bo r com m and.

Ex a m ple 4 - 4 0 Sa m ple Ou t pu t of sh ow cln s isis- n e igh bor Com m a n d fr om R4 R4#sh clns is-neighbors System Id Format R8 R9

Interface

State

Type Priority

Circuit Id

Se2 Se3

Up Up

L1L2 0 /0 L1L2 0 /0

00 00

Phase V Phase V

R4 has t wo CLNS neighbors, nam ely Rout ers R8 and R9. This m eans all rout ers share t he sam e I S- I S link- st at e dat abase. To view t he link- st at e dat abase on an I S - I S r out er , use t he com m and sh ow isis d a t a b a se , which is displayed in Ex am ple 4- 41.

Ex a m ple 4 - 4 1 Sa m ple Ou t pu t of sh ow isis da t a ba se Com m a n d fr om R4 R4#sh isis database IS-IS Level-1 Link State Database: LSPID LSP Seq Num ATT/P/OL R4.00-00 * 0x00000007 0/0/0 R8.00-00 0x00000007 0/0/0 00E0.B055.28CA.00-00 0x00000007 0/0/0 00E0.B055.28CA.01-00 0x00000002 0/0/0

LSP Checksum

LSP Holdtime

0xE25D

921

0xFE0A

788

0x3A8A

475

0x87A6

517

167

IS-IS Level-2 Link State Database: LSPID LSP Seq Num ATT/P/OL R4.00-00 * 0x00000009 0/0/0 R8.00-00 0x0000000A 0/0/0 00E0.B055.28CA.00-00 0x0000000B 0/0/0

LSP Checksum

LSP Holdtime

0xA3ED

928

0x49DC

794

0x0C26

926

Table 4- 6 sum m ar izes t he out put in Ex am ple 4- 41.

Table 4-6. Field Descriptions of show isis database Command Field

Description

LSPI D

Th e link- st at e prot ocol dat a unit ( PDU) I D.

LSP Seq Num

Link- st at e pack et ( LSP) Sequence num ber for t he LSP t hat allow s ot her sy st em s t o det er m ine w het her t hey hav e r eceiv ed t he lat est infor m at ion fr om t he sour ce.

LSP Checksum

Check sum of t he ent ir e LSP pack et .

LSP Holdt im e

Am ount of t im e t he LSP r em ains v alid, in seconds.

ATT

At t ach bit . This indicat es t hat t he r out er is also a Level 2 r out er and it can r each ot her ar eas.

P

P bit . Det ect s w het her t he area is part it ion- r epair capable.

OL

Overload b it .

IS- I S, as OSPF, is an advanced link- st at e r out ing pr ot ocol t hat y ou can use in lar ge envir onm ent s t o r out e I P. Befor e you look at r edist r ibut ing I S- I S wit h OSPF, here are t he full w orking configurat ions of t he t hree rout ers in t his I S- I S t opology. Ex am ple 442 display s R4's full w or k ing configur at ion.

Ex a m ple 4 - 4 2 R4 ' s Fu ll Con figu r a t ion hostname R4 ! enable password cisco ip subnet-zero no ip domain-lookup ! clns routing ! interface Ethernet0 ip address 141.108.2.1 255.255.255.0 ip router isis ! interface Serial0 shutdown ! interface Serial1 ip address 131.108.255.17 255.255.255.252

168

clockrate 128000 ! interface Serial2 ip address 141.108.255.6 255.255.255.252 ip router isis clockrate 128000! interface Serial3 ip address 141.108.255.1 255.255.255.252 ip router isis clockrate 128000 ! router isis net 00.0001.0050.5460.98e8.00 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 4- 43 display s R8's full w or k ing configur at ion.

Ex a m ple 4 - 4 3 R8 ' s Fu ll Con figu r a t ion hostname R8 ! enable password cisco ! ip subnet-zero no ip domain-lookup clns routing ! interface Ethernet0 ip address 141.108.3.1 255.255.255.0 ip router isis ! interface Serial0 ip address 141.108.255.5 255.255.255.252 ip router isis ! interface Serial1 ip address 141.108.255.10 255.255.255.252 ip router isis ! router isis net 00.0001.00b0.64fc.d7bd.00 line con 0 line 1 8 line aux 0 line vty 0 4 ! end Ex am ple 4- 44 display s R9's full w or k ing configur at ion.

Ex a m ple 4 - 4 4 R9 ' s Fu ll Con figu r a t ion 169

hostname R9 ! clns routing ! interface Ethernet0 ip address 141.108.4.1 255.255.255.0 ip router isis ! interface Serial0 ip address 141.108.255.2 255.255.255.252 ip router isis ! interface Serial1 ip address 141.108.255.9 255.255.255.252 ip router isis clockrate 128000 ! router isis net 00.0001.00e0.b055.28ca.00 ! line con 0 line 1 8 line aux 0 line vty 0 4 ! end Ex am ple 4- 45 display s som e sam ple ping r equest s and r eplies t o t he r em ot e net work t o dem onst r at e I P connect iv it y am ong all t hr ee r out er s.

Ex a m ple 4 - 4 5 Sa m ple Pin g Re qu e st s fr om R4 R4#ping 141.108.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.3.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/36/60 ms R4#ping 141.108.4.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.4.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms R4#ping 141.108.255.9 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.255.9, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms R4#ping 141.108.255.10 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.255.10, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/46/104 ms R4#

170

The I S- I S I OS com m and set is com pr ehensive. Table 4- 7 sum m ar izes t he m ost com m on I S- I S configur at ion and sh o w com m ands.

Table 4-7. IS-IS Command Summary Command

Description

a r e a - pa ssw or d passw or d

Configures I S- I S Lev el 1 aut hent icat ion

d om a in- pa ssw or d passw or d

Configur es t he dom ain passw or d for L2 r out er s

isis p a ssw or d passw or d

Configur es aut hent icat ion bet w een t w o I S - I S rout ers

ip r ou t e r isis [ t ag]

Enables I S- I S per int er face

cln s r ou t in g

Enables r out ing of CLNS pack et s

de fa ult - in for m a t ion or igin a t e

Gener at es a default rout e inside t he I S- I S dom ain

sh ow isis d a t a b a se

Displays t he link- st at e dat abase

su m m a r y - a ddr e ss addr ess Configur es addr ess sum m ar izat ion m ask sh ow isis sp f- log

Display s t he num ber of t im es t he SPF calculat ion has been com plet ed

Sce n a rio 4 - 4 : OSPF a n d I n t e gr a t e d I S- I S Re dist r ibu t ion I n t his scenario, you int egrat e t he I S- I S net w ork you configured in Scenar io 4- 3 w it h an OSPF net w ork. Figur e 4- 7 displays t he OSPF net w ork and I S- I S. Rout er R1 has loopbacks r anging fr om 131.108.2.0 t o 131.108.15.255.

Figu r e 4 - 7 . OSPF a n d I n t e gr a t e d I S- I S N e t w or k Topology

171

Because R4 is wit hin bot h t he OSPF and I S- I S dom ain, you can configur e redist ribut ion bet w een OSPF and I S- I S. To configur e r edist r ibut ion bet w een any I P r out ing pr ot ocols, you m ust configur e a m et r ic t hat is used w it hin t he I P dy nam ic r out ing pr ot ocol. For OSPF, y ou m ust define a cost m et r ic, for exam ple. Ex am ple 4- 46 display s t he configurat ion of OSPF redist ribut ion from OSPF t o I S- I S on R4 and t he st ep- by- st ep pr ocess r equir ed t o ensur e t hat all t he OSPF r out es ar e advert ised as I S- I S rout es in t he I S- I S dom ain. The ? t ool is used t o br ing up t he av ailable opt ions.

Ex a m ple 4 - 4 6 Rou t in g OSPF t o I S- I S on R4 R4(config)#router isis R4(config-router)#redistribute ? bgp Border Gateway Protocol (BGP) connected Connected egp Exterior Gateway Protocol (EGP) eigrp Enhanced Interior Gateway Routing Protocol (EIGRP) igrp Interior Gateway Routing Protocol (IGRP) isis ISO IS-IS iso-igrp IGRP for OSI networks level-1 IS-IS level-1 routes only level-1-2 IS-IS level-1 and level-2 routes level-2 IS-IS level-2 routes only

172

metric Metric for redistributed routes metric-type OSPF/IS-IS exterior metric type for redistributed routes mobile Mobile routes odr On Demand stub Routes ospf Open Shortest Path First (OSPF) rip Routing Information Protocol (RIP) route-map Route map reference static Static routes

R4(config-router)#redistribute ospf ? Process ID R4(config-router)#redistribute ospf 1 ? level-1 IS-IS level-1 routes only level-1-2 IS-IS level-1 and level-2 routes level-2 IS-IS level-2 routes only match Redistribution of OSPF routes metric Metric for redistributed routes metric-type OSPF/IS-IS exterior metric type for redistributed routes route-map Route map reference vrf VPN Routing/Forwarding Instance

R4(config-router)#redistribute ospf 1 level-2 ? match Redistribution of OSPF routes metric Metric for redistributed routes metric-type OSPF/IS-IS exterior metric type for redistributed routes route-map Route map reference

R4(config-router)#redistribute ospf 1 level-2 metric ? ISIS default metric R4(config-router)#redistribute ospf 1 level-2 metric 10 When redist ribut ing from OSPF t o I S- I S, you need t o define t he OSPF process I D fr om w hich t he OSPF r out es w ill be inj ect ed. The OSPF pr ocess I D is 1. Because OSPF uses cost as t he m et r ic for m aking r out ing decisions and I S - I S uses L1 or L2, you m ust define t he I S- I S r out er t y pe. ( The r out er t y pe along w ith I S- I S m et r ic is bet w een 0–63.) Thr ee opt ions ar e av ailable w hen y ou ar e r edist r ibut ing fr om OSPF t o I S - I S: L1, L2, and L1/ 2. I n t his scenario, you configure L2 rout es. Finally, you need t o define an I S- I S m et ric; t he chosen v alue of 10 is used. Any v alue bet w een 0 and 63 is a v alid m et r ic. View t he I P rout ing t able inside in I S- I S net work. Ex am ple 4- 47 display s t he I P rout ing t able on R8.

Ex a m ple 4 - 4 7 R8 's I P Rou t in g Ta b le R8#show ip route Codes: C - connected, i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level2, ia - IS-IS inter area 141.108.0.0/16 is variably subnetted, 6 subnets, 2 masks

173

C C i L1 C i L1 i L1 i i i i i i i i i i i i i i i

L2 L2 L2 L2 L2 L2 L2 L2 L2 L2 L2 L2 L2 L2 L2

141.108.255.8/30 is directly connected, Serial1 141.108.255.4/30 is directly connected, Serial0 141.108.255.0/30 [115/20] via 141.108.255.9, Serial1 141.108.3.0/24 is directly connected, Ethernet0 141.108.2.0/24 [115/30] via 141.108.255.9, Serial1 141.108.4.0/24 [115/20] via 141.108.255.9, Serial1 131.108.0.0/24 is subnetted, 15 subnets 131.108.254.0 [115/30] via 141.108.255.9, Serial1 131.108.15.0 [115/30] via 141.108.255.9, Serial1 131.108.14.0 [115/30] via 141.108.255.9, Serial1 131.108.13.0 [115/30] via 141.108.255.9, Serial1 131.108.12.0 [115/30] via 141.108.255.9, Serial1 131.108.11.0 [115/30] via 141.108.255.9, Serial1 131.108.10.0 [115/30] via 141.108.255.9, Serial1 131.108.9.0 [115/30] via 141.108.255.9, Serial1 131.108.8.0 [115/30] via 141.108.255.9, Serial1 131.108.7.0 [115/30] via 141.108.255.9, Serial1 131.108.6.0 [115/30] via 141.108.255.9, Serial1 131.108.5.0 [115/30] via 141.108.255.9, Serial1 131.108.4.0 [115/30] via 141.108.255.9, Serial1 131.108.3.0 [115/30] via 141.108.255.9, Serial1 131.108.2.0 [115/30] via 141.108.255.9, Serial1

Ex am ple 4- 47 display s t he rem ot e OSPF r out es r edist r ibut ed fr om t he OSPF backbone on R1 int o I S- I S as L2 rout es, and a m et ric of 30, w hich com es from t he addit ion of t he 10 used in r edist r ibut ion and t he t w o hop count s bet w een R4 t o R9 and R9 t o R8. Try t o ping t he rem ot e address. Ex am ple 4- 48 display s a sam ple ping request from R8 t o t he L2 I S- I S r out e 131.108.2.1 ( R2's loopback addr ess) .

Ex a m ple 4 - 4 8 Sa m ple Pin g Re qu e st t o 1 3 1 .1 0 8 .2 .1 fr om R8 R8#ping 131.108.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.2.1, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) R8# The ping r equest r eceives no r eplies. R8 has a r out ing ent r y for t his net w or k. The r eason t he ping r equest r eceiv es no r eplies is because R8 sends t he r equest t o t he nex t hop addr ess of 141.108.255.9 ( R9) and R9 sends t he r equest t o R4. Ex am ple 449 displays R9's I P r out ing t able confir m ing t he nex t hop addr ess.

Ex a m ple 4 - 4 9 I P Rou t in g Ta ble on R9 R9#sh ip route Codes: C - connected, i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level2, * - candidate default 141.108.0.0/16 is variably subnetted, 6 subnets, 2 masks C 141.108.255.8/30 is directly connected, Serial1 i L1 141.108.255.4/30 [115/50] via 141.108.255.1, Serial0 [115/50] via 141.108.255.10, Serial1

174

C i L1 i L1 C i i i i i i i i i i i i i i i

L2 L2 L2 L2 L2 L2 L2 L2 L2 L2 L2 L2 L2 L2 L2

141.108.255.0/30 is directly connected, Serial0 141.108.3.0/24 [115/20] via 141.108.255.10, Serial1 141.108.2.0/24 [115/20] via 141.108.255.1, Serial0 141.108.4.0/24 is directly connected, Ethernet0 131.108.0.0/24 is subnetted, 15 subnets 131.108.254.0 [115/20] via 141.108.255.1, Serial0 131.108.15.0 [115/20] via 141.108.255.1, Serial0 131.108.14.0 [115/20] via 141.108.255.1, Serial0 131.108.13.0 [115/20] via 141.108.255.1, Serial0 131.108.12.0 [115/20] via 141.108.255.1, Serial0 131.108.11.0 [115/20] via 141.108.255.1, Serial0 131.108.10.0 [115/20] via 141.108.255.1, Serial0 131.108.9.0 [115/20] via 141.108.255.1, Serial0 131.108.8.0 [115/20] via 141.108.255.1, Serial0 131.108.7.0 [115/20] via 141.108.255.1, Serial0 131.108.6.0 [115/20] via 141.108.255.1, Serial0 131.108.5.0 [115/20] via 141.108.255.1, Serial0 131.108.4.0 [115/20] via 141.108.255.1, Serial0 131.108.3.0 [115/20] via 141.108.255.1, Serial0 131.108.2.0 [115/20] via 141.108.255.1, Serial0

Ex am ple 4- 49 display s t he nex t hop addr ess of 141.108.255.1 ( R4) . Now , R4 can ping t he r em ot e addr ess as confir m ed by Ex am ple 4- 50.

Ex a m ple 4 - 5 0 Sa m ple Pin g fr om R4 t o 1 3 1 .1 0 8 .2 .1 R4>ping 131.108.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.2.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms R4> The last hop you need t o look at is R1. Ex am ple 4- 51 displays R1's OSPF r out ing t able. Rem em ber t hat R1 is configur ed for OSPF only .

Ex a m ple 4 - 5 1 R1 's OSPF Rou t in g Ta ble R1#sh ip route ospf R1# N OTE R4's rout ing t able cont ains all t he OSPF net w ork ent ries advert ised by R1, and because R1 and R4 ar e m aint aining a full OSPF adj acency and t he next hop address is a dir ect ly connect ed LAN, ping r equest s ar e r eplied t o w hen R4 pings t he addr ess 131.108.2.1.

The r eason t hat R1 has no r em ot e OSPF ent r ies and hence has no r et ur n pat h t o t he rem ot e rout ers R8 or R9 in t he I S- I S dom ain is t hat y ou hav e not r edist ribut ed from IS- I S t o OSPF. So far you have only configur ed one- w ay r edist r ibut ion; you m ust also advise t he OSPF dom ain of t he I S - I S rout es. Once m ore, configure redist ribut ion

175

on R4, but t his t im e, configure I S- I S t o OSPF r edist r ibut ion. Ex am ple 4- 52 display s t he configur at ion opt ions w hen r edist r ibut ing fr om I S - I S t o OSPF.

Ex a m ple 4 - 5 2 Con figu r in g I S - I S t o OSPF Re dist r ibu t ion R4(config)#router ospf 1 R4(config-router)#redistribute isis ? level-1 IS-IS level-1 routes only level-1-2 IS-IS level-1 and level-2 routes level-2 IS-IS level-2 routes only metric Metric for redistributed routes metric-type OSPF/IS-IS exterior metric type for redistributed routes route-map Route map reference subnets Consider subnets for redistribution into OSPF tag Set tag for routes redistributed into OSPF

WORD ISO routing area tag R4(config-router)#redistribute isis level-1-2 ? metric Metric for redistributed routes metric-type OSPF/IS-IS exterior metric type for redistributed routes route-map Route map reference subnets Consider subnets for redistribution into OSPF tag Set tag for routes redistributed into OSPF

R4(config-router)#redistribute isis level-1-2 metric 100 ? metric Metric for redistributed routes metric-type OSPF/IS-IS exterior metric type for redistributed routes route-map Route map reference subnets Consider subnets for redistribution into OSPF tag Set tag for routes redistributed into OSPF

R4(config-router)#redistribute isis level-2 metric 100 metric? metric metric-type R4(config-router)#redistribute isis level-2 metric 100 metric-type ? 1 Set OSPF External Type 1 metrics 2 Set OSPF External Type 2 metrics R4(config-router)#redistribute isis level-1-2 metric 100 metric-type 1 subnets N OTE The keyw ord su b n e t s is r equir ed her e because 141.108.0.0 is subnet t ed using a Class C addr ess, w hich is r equir ed w henev er r edist r ibut ion is configur ed t o a classless dom ain and a 30- bit m ask on ser ial connect ions.

Now, view R1's I P rout ing t able. Ex am ple 4- 53 displays R1's OSPF rout ing t able.

Ex a m ple 4 - 5 3 R1 's OSPF Rou t in g Ta ble R1>sh ip route ospf 141.108.0.0/16 is variably subnetted, 3 subnets, 2 masks O E2 141.108.255.8/30 [110/100] via 131.108.254.2, 00:00:00, Ethernet0/0

176

O E2 141.108.3.0/24 [110/100] via 131.108.254.2, 00:00:00, Ethernet0/0 O E2 141.108.4.0/24 [110/100] via 131.108.254.2, 00:00:00, Ethernet0/0 Thr ee r em ot e net w or k s ar e pr esent , but none of t he dir ect ly connect ed link s on R4 ar e pr esent . You also need t o r edist r ibut e any locally connect ed r out er s on R4. Configur e t his and use t ype 1 OSPF r out es t his t im e. Ex am ple 4- 54 display s t he configur at ion of locally connect ed r out es t o be inj ect ed int o I S- I S on R4.

Ex a m ple 4 - 5 4 Re dist r ibu t e Con n e ct e d on R4 R4(config-router)#router ospf 1 R4(config-router)# redistribute connected subnets metric 100 metrictype 1 Ex am ple 4- 55 now displays t he full I P net work present in t he I S- I S dom ain.

Ex a m ple 4 - 5 5 sh ow ip r ou t e ospf Com m a n d on R1 R1>sh ip route ospf 141.108.0.0/16 is variably subnetted, 6 subnets, 2 masks O E2 141.108.255.8/30 [110/100] via 131.108.254.2, 00:07:39, Ethernet0/0 O E2 141.108.3.0/24 [110/100] via 131.108.254.2, 00:07:39, Ethernet0/0 O E2 141.108.4.0/24 [110/100] via 131.108.254.2, 00:07:39, Ethernet0/0 O E1 141.108.2.0/24 [110/110] via 131.108.254.2, 00:07:29, Ethernet0/0 O E1 141.108.255.4/30 [110/110] via 131.108.254.2, 00:07:29, Ethernet0/0 O E1 141.108.255.0/30 [110/110] via 131.108.254.2, 00:07:29, Ethernet0/0 You hav e seen t he pow er of t he com m and r e d ist r ib u t e . By sim ply using keyw ords, y ou can r edist r ibut e r out es w it h t he appr opr iat e m et r ic and r out e t ype ( 1 or 2 in OSPF or L1/ L2 in I S- I S) . You can now pr ov ide connect iv it y bet w een t he t w o differ ent r out ing dom ains. Confir m connect ivit y by pinging fr om R8 t o R1 loopback addr esses 131.108.2.1/ 24 t hr ough 131.108.10.1/ 24, as displayed in Ex am ple 4- 56.

Ex a m ple 4 - 5 6 Sa m ple Pin gs fr om R8 t o R1 R8#ping 131.108.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.2.1, timeout is !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max R8#ping 131.108.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.3.1, timeout is !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max R8#ping 131.108.4.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.4.1, timeout is

2 seconds: = 16/17/20 ms

2 seconds: = 16/17/20 ms

2 seconds:

177

!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms R8#ping 131.108.5.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.5.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms R8#ping 131.108.6.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.6.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms R8#ping 131.108.7.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.7.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/18/20 ms R8#ping 131.108.8.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.8.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/18/20 ms R8#ping 131.108.9.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.9.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms R8#ping 131.108.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.10.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/18/20 ms R8# A sam ple t r ace fr om R9 t o R1 display s t he r out e pat h t ak en t o t he net w or k 131.108.2.1/ 24, as display ed in Ex am ple 4- 57.

Ex a m ple 4 - 5 7 Tr a ce Rou t e t o 1 3 1 .1 0 8 .2 .1 fr om R9 R9#trace 131.108.2.1 Type escape sequence to abort. Tracing the route to 131.108.2.1 1 141.108.255.1 8 msec 8 msec 12 msec 2 131.108.254.1 12 msec 8 msec * Assum e t he link bet w een R9 and R4 fails, so t he only pat h t o t he OSPF backbone is t hrough R8. Ex am ple 4- 58 display s a sam ple t r ace w hen t he pr im ar y pat h fails.

Ex a m ple 4 - 5 8 Tr a ce on R9 Th r ou gh R8 R9# trace 131.108.2.1 Type escape sequence to abort. Tracing the route to 131.108.2.1 1 141.108.255.10 8 msec 8 msec 12 msec

178

2 141.108.255.6 20 msec 16 msec 16 msec 3 131.108.254.1 16 msec 16 msec * The new I P r out ing t able on R9 cont ains a pat h t o all OSPF r out es t hr ough t he Ser ial connect ion t o R8. Ex am ple 4- 59 displays R9's I S- I S rout ing t able w hen t he link failur e t o R4 occur s.

Ex a m ple 4 - 5 9 sh ow ip r ou t e isis Com m a n d on R9 R9#sh ip route isis 141.108.0.0/16 is variably subnetted, 5 subnets, 2 masks i L1 141.108.255.4/30 [115/20] via 141.108.255.10, Serial1 i L1 141.108.3.0/24 [115/20] via 141.108.255.10, Serial1 i L1 141.108.2.0/24 [115/30] via 141.108.255.10, Serial1 131.108.0.0/24 is subnetted, 15 subnets i L2 131.108.254.0 [115/158] via 141.108.255.10, Serial1 i L2 131.108.15.0 [115/158] via 141.108.255.10, Serial1 i L2 131.108.14.0 [115/158] via 141.108.255.10, Serial1 i L2 131.108.13.0 [115/158] via 141.108.255.10, Serial1 i L2 131.108.12.0 [115/158] via 141.108.255.10, Serial1 i L2 131.108.11.0 [115/158] via 141.108.255.10, Serial1 i L2 131.108.10.0 [115/158] via 141.108.255.10, Serial1 i L2 131.108.9.0 [115/158] via 141.108.255.10, Serial1 i L2 131.108.8.0 [115/158] via 141.108.255.10, Serial1 i L2 131.108.7.0 [115/158] via 141.108.255.10, Serial1 i L2 131.108.6.0 [115/158] via 141.108.255.10, Serial1 i L2 131.108.5.0 [115/158] via 141.108.255.10, Serial1 i L2 131.108.4.0 [115/158] via 141.108.255.10, Serial1 i L2 131.108.3.0 [115/158] via 141.108.255.10, Serial1 i L2 131.108.2.0 [115/158] via 141.108.255.10, Serial1

Sce n a r io 4 - 5 : Re com m e n da t ion s f or D e sign in g OSPF N e t w or k s This scenar io pr esent s som e of t he design r ecom m endat ions found in com m on lit er at ur e. This is not a pr act ical scenar io but r at her a pr esent at ion of som e design guidelines t o help y ou in real- life net w or k sit uat ions you m ight com e acr oss in designing t oday 's com plex I P net w or k s. By no m eans ar e t hese r ules st andar d, and t hey ar e pr ov ided her e for r efer ence so y ou can easily r efer t o a sam ple net w or k design and t he com m on r ules ex per t s adhere t o in large OSPF net works. When ar chit ect ing a net w or k , y ou should t r y t o accom plish fiv e basic goals w it h dy nam ic r out ing pr ot ocols: • •

Fu n ct ion a lit y — The net w or k w or ks; t hat is, no m at t er w hat failur e or scenar io, t he net w or k m ust alw ays be funct ioning. Sca la bilit y — As t he net w or k gr ow s in size, your init ial t opology or design m ust be able t o cope w it h gr ow t h and new challenges, such as new acquisit ions.

179

• • •

Ada pt a bilit y — Wit h ev er- incr easing new t echnologies, such as Voice ov er I P, your net w or k should c ope w it h and em br ace new feat ur es. M a n a ge a bilit y — This point r efer s t o pr oact iv e m anagem ent . Any lar ge net w or k should be able t o for esee new challenges befor e t he net w or k gr inds t o a h alt . Cost e f f e ct iv e n e ss— I n r ealit y , cost dr iv es m ost net w or k designers. Th e bigger y our budget , t he bet t er able y ou ar e t o pr ov ide user s t he abilit y t o w or k ar ound net w or k failur es.

You can m anage and configur e OSPF so t hat t he pr eceding fiv e cr it er ia ar e fully suppor t ed. I m plem ent ing a hier ar chical I P addr essing schem e and per for m ing sum m ar izat ion w herever possible are t w o key point s in any large OSPF net w ork. The follow ing ar e som e gener al guidelines w hen designing a lar ge OSPF net w or k . Det er m ine t he num ber of r out er s in each ar ea. Any t hing bet w een 40– 50 is an accept able num ber . The num ber of calculat ions any giv en r out er m ust per for m giv en m LSAs is m logm . For exam ple, 100 rout ers require 100log 100 or 100 × 2 = 200. Keeping t hese calculat ions t o a m inim um m eans t he CPU/ m em or y r equir em ent s ar e also k ept low . The I ETF st andar ds com m it t ee pr ov ides t he follow ing sam ple design guidelines: • • •

The m inim um num ber of rout ers per dom ain is 20; t he m axim um is 1000. The m inim um rout ers per single area is 20; t he m axim um is 350. The num ber of areas per dom ain is 1; t he m axim um is 60.

TI P OSPF is such a lar ge t opic t hat m any book s hav e been w r it t en about it . For a concise guide t o OSPF and a m or e det ailed guide, y ou cannot inv est in any t hing bet t er t han t he follow ing t w o qualit y Cisco Pr ess t it les: Rout ing TCP/ I P by Jeff Doyle and OSPF Net work Design Solut ions by Tom Thom as.

Pr a ct ica l Ex e r cise : OSPF a n d RI P Re dist r ibu t ion N OTE Pr act ical Ex er cises ar e designed t o t est y our k now ledge of t he t opics cov er ed in t his chapt er . The Pr act ical Ex er cise begins by giv ing y ou som e infor m at ion about a sit uat ion and t hen ask s y ou t o w or k t hr ough t he solut ion on y our ow n. The solut ion can be found at t he end.

Configur e t he net w or k in Figur e 4- 8 for OSPF bet w een t he t hr ee rout ers nam ed SanFr an, Mel, and Sim on. Configur e t he edge r out er nam ed Sydney for RI P and ensure I P connect ivit y am ong all four rout ers. You m ust use only RI Pv1 and OSPF as y our I P r out ing pr ot ocols. Ensur e t hat a default r out e appear s on all r out er s so users

180

can connect t o t he I nt er net . Configur e sum m ar izat ion w her ev er possible t o m inim ize I P rout ing t ables.

Figu r e 4 - 8 . RI P- t o- OSPF Re dist r ibu t ion

Pra ct ica l Ex e r cise Solut ion The rout er nam ed Sim on is configured in t he OSPF area 0 ( backbone) and t he RI P dom ain and needs t o r un r edist r ibut ion bet w een OSPF and OSPF. Also, because y ou ar e using RI Pv1, you m ust also pr ovide sum m ar y addr esses for all net w or k s, but not / 24 because RI Pv 1 does not car r y subnet m ask infor m at ion in r out ing updat es. ( RI Pv2 does) . Rout er SanFr an is connect ed t o t he I nt er net , so y ou need t o configur e SanFr an t o pr ov ide a default r out e t o t he r est of t he int er nal net w or k by using t he OSPF com m and de fa ult - in f or m a t ion or ig in a t e a lw a y s. This I OS com m and inj ect s a default r out e int o t he OSPF dom ain and Rout er Sim on because r edist r ibut ion also inj ect s a default r out e int o t he RI P dom ain. The follow ing ar e t he full w or k ing configur at ions of all four r out er s w it h t he shaded por t ions highlight ing cr it ical configur at ion com m ands. Ex am ple 4- 60 display s t he full w or k ing configur at ion of Rout er Sy dney . Sy dney is r unning RI P only.

Ex a m ple 4 - 6 0 Fu ll W or k in g Con figu r a t ion of Rou t e r Sy dn e y 181

hostname Sydney ! logging buffered 64000 debugging enable password cisco ! ip subnet-zero no ip domain-lookup interface Ethernet0/0 ip address 141.108.1.1 255.255.255.0 no ip directed-broadcast ! interface Serial0/0 shutdown ! interface Serial0/1 shutdown ! router rip network 141.108.0.0 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 4- 61 display s t he full w or k ing configur at ion of Rout er Sim on. Sim on is r unning OSPF and RI P. You m ust alw ays be car eful w hen r edist r ibut ing infor m at ion fr om one r out ing dom ain int o anot her . Sim on adv er t ises t he non / 24 subnet s as Class C net w orks so t he RI P dom ain ( Sy dney r out er ) can inj ect t hem int o t he r out ing t able. Because RI Pv 1 is classless and t he subnet 141.108.1.0/ 24 is configur ed locally , all int er faces in t his Class B net w or k ( 141.108.0.0) ar e assum ed t o be Class C.

Ex a m ple 4 - 6 1 Fu ll W or k in g Con figu r a t ion of Rou t e r Sim on Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Simon ! enable password cisco ! ip subnet-zero no ip domain-lookup ! cns event-service server ! interface Ethernet0 ip address 141.108.2.1 255.255.255.128

182

! interface Ethernet1 ip address 141.108.1.4 255.255.255.0 ! interface Serial0 shutdown ! interface Serial1 shutdown ! interface Serial2 ip address 141.108.255.5 255.255.255.252 clockrate 128000 ! interface Serial3 ip address 141.108.255.1 255.255.255.252 clockrate 128000 ! router ospf 1 summary-address 141.108.2.0 255.255.255.0 summary-address 141.108.255.0 255.255.255.0 summary-address 141.108.3.0 255.255.255.0 summary-address 141.108.4.0 255.255.255.0 redistribute connected subnets redistribute rip metric 10 subnets network 141.108.2.0 0.0.0.127 area 0 network 141.108.255.0 0.0.0.255 area 0 ! router rip redistribute ospf 1 metric 2 passive-interface Ethernet0 -> Stops RIP updates on OSPF interfaces passive-interface Serial2 passive-interface Serial3 network 141.108.0.0 ! = ip route 141.108.3.0 255.255.255.0 Null0 ip route 141.108.4.0 255.255.255.0 Null0 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 4- 62 displays t he full w or king configur at ion of Rout er Mel. Mel is r unning OSPF only.

Ex a m ple 4 - 6 2 Fu ll W or k in g Con figu r a t ion of Rou t e r M e l hostname Mel enable password cisco ! ip subnet-zero no ip domain-lookup !

183

interface Ethernet0 ip address 141.108.3.1 255.255.255.248 ! interface Serial0 ip address 141.108.255.6 255.255.255.252 ! interface Serial1 shutdown ! router ospf 1 network 141.108.0.0 0.0.255.255 area 0 ! line con 0 line 1 8 line aux 0 line vty 0 4 ! end Ex am ple 4- 63 display s t he full w or k ing configur at ion of Rout er SanFr an. SanFr an has a default st at ic r out e point ing t o Ser ial 1, w hich is t he I nt er net connect ion. Under t he r out ing OSPF pr ocess, t his default r out e is inj ect ed by using t he de fa ult in for m a t ion or igin a t e a lw a y s com m and.

Ex a m ple 4 - 6 3 Fu ll W or k in g Con figu r a t ion of Rou t e r Sa n Fr a n hostname SanFran ! no ip domain-lookup ! interface Ethernet0 ip address 141.108.4.1 255.255.255.240 ! interface Serial0 ip address 141.108.255.2 255.255.255.252 ! interface Serial1 shutdown ! router ospf 1 network 141.108.0.0 0.0.255.255 area 0 default-information originate always ! ip route 0.0.0.0 0.0.0.0 Serial1 ! line con 0 line aux 0 line vty 0 4 ! end

184

Re v ie w Qu e st ion s Based on t he follow ing I P r out ing t able, answ er t he follow ing quest ions r elat ing t o t he pr eceding Pr act ical Ex er cise on OSPF/ RI P r out ing. Ex am ple 4- 64 displays t he I P r out ing t able of Rout er Sy dney .

Ex a m ple 4 - 6 4 Sy dn e y I P Rou t in g Ta ble Sydney#show ip route Gateway of last resort is 141.108.1.4 to network 0.0.0.0

R C R R R R*

141.108.0.0/24 is subnetted, 5 subnets 141.108.255.0 [120/2] via 141.108.1.4, 00:00:05, Ethernet0/0 141.108.1.0 is directly connected, Ethernet0/0 141.108.3.0 [120/1] via 141.108.1.4, 00:00:05, Ethernet0/0 141.108.2.0 [120/2] via 141.108.1.4, 00:00:05, Ethernet0/0 141.108.4.0 [120/1] via 141.108.1.4, 00:00:05, Ethernet0/0 0.0.0.0/0 [120/2] via 141.108.1.4, 00:00:05, Ethernet0/0

The answ er s t o t hese quest ion can be found in Appendix C, “ Answ er s t o Rev iew Quest ions.”

1:

What does t he rout ing ent ry shaded in Ex am ple 4- 64 display ?

2:

I n Ex am ple 4- 64, w hat is t he hop count or m et r ic t o t he r em ot e net w or k 141. 108. 2. 0/ 24?

3:

What pat h does t he pack et sent t o t he I P subnet 171.108.255.0/ 24 t ak e?

4:

What t y pe of OSPF r out er s ar e t he Rout er s Sim on, Mel, and SanFr an.

5:

Why are st at ic r out es inj ect ed int o t he r out er nam ed Sim on?

6:

How m any OSPF neighbor adj acencies do y ou ex pect t o see on t he r out er nam ed Sim on?

7:

Tw o m et hods ar e used in OSPF t o sum m ar ize I P net w or k s. What ar e t hey and w hat I OS com m and is used t o pr ov ide sum m ar izat ion?

8:

Why does cr eat ing ar eas r educe t he size of t he OSPF dat abase?

Su m m a r y OSPF and int egrat ed I S- I S have t he advant age of being an indust ry - w ide st andar d and hav e a long- t er m success r at e of r out ing I P in lar ge I P net w or k s. The capabilit ies of link- st at e r out ing pr ot ocols ar e dem onst r at ed in t his chapt er along w it h som e challenging scenar ios. Alt hough only one solut ion per scenar io is pr esent ed, t her e

185

are m any alt ernat ive w ays t o enable OSPF and I nt egrat ed I S- I S t o m eet t he needs of any net w or k in t oday 's lar ge net w or k ing env ir onm ent s. Table 4- 8 sum m ar izes t he OSPF com m ands used in t his chapt er .

Table 4-8. Summary of IOS Commands Used in This Chapter Command sh ow ip r ou t e

Purpose Display s I P r out ing t ables.

r ou t e r ospf pr ocess Enables OSPF r out ing. The pr ocess I D is local t o t he r out er . id You can hav e m or e t han one OSPF r unning. n e t w o r k m a sk

Enables net w or k adver t isem ent s fr om a par t ic ular int er face and also t he r out ing of t he sam e int er face t hr ough OSPF.

sh ow ip osp f

Display s t he OSPF pr ocess and det ails, such as OSPF pr ocess I D and rout er I D.

sh ow ip osp f d a t a b a se

Display s a r out er 's t opological dat abase.

sh ow ip osp f n e ig h b o r

Display s OSPF neighbor s.

sh ow ip osp f v ir t u a l- link s

Displays OSPF vir t ual links, if any.

sh ow ip osp f in t e r fa ce

Display s infor m at ion about how OSPF is configur ed for a giv en int er face.

in t e r f a ce loop b a ck Cr eat es a loopback int er face. num ber ip osp f n e t w or k poin t - t o- point

Enables a m or e specific r out e on loopback int er faces.

in t e r f a ce e t h e r n e t m od/ num

I n configur at ion m ode, enables you m odify t he Et her net , for ex am ple, in t e r f a ce Et h e r n e t 0 / 0 .

in t e r f a ce se r ia l m od/ num

I n configurat ion m ode, enables you t o m odify ser ial int er face par am et er s by m odule and int er face num ber , for exam ple, in t e r fa ce S0 / 0 .

n o ip dom a in look u p

Disables aut om at ic DNS lookup.

ip su b n e t - zero

Enables you t o use subnet zero on a Cisco rout er.

ip ospf n a m e look u p

Enables OSPF DNS lookup.

h ost n a m e nam e

Configures a nam e on a rout er.

su m m a r y net w or k m ask

Enables sum m ar izat ion of ex t er nal r out es in OSPF.

a r e a area id r a nge m ask

Enables int er ar ea sum m ar izat ion in OSPF.

r e dist r ibu t e

Redist ribut es from one I P rout ing pr ot ocol t o anot her .

[ no] sh u t d o w n

Enables or disables an int er face. All har dw ar e int er faces ar e shut dow n by default .

186

Ch a pt e r 5 . En h a n ce d I n t e r ior Ga t e w a y Rout ing Pr ot ocol Now t hat y ou hav e lear ned about and pr act iced w it h som e basic and adv anced r out ing pr ot ocols, t his chapt er cov er s a pr ot ocol dev eloped by Cisco Sy st em s used on Cisco I OS r out er s only . The chapt er st ar t s by cov er ing t he basic Enhanced I nt er ior Gat ew ay Rout ing Pr ot ocol ( EI GRP) concept s. I t t hen ex plains of how EI GRP can be configured and m onit ored. You discov er how EI GRP lear ns about new neighbor s and how EI GRP oper at es in NBMA net w or ks. The five scenar ios in t his chapt er help t o com plet e your under st anding of EI GRP and ensur e t hat y ou hav e all t he basic I P net w or k ing k now ledge t o com plem ent y our under st anding of t oday 's m ost w idely used net w or k ing pr ot ocol, I P.

I n t r odu ct ion t o En h a n ce d I n t e r ior Ga t e w a y Rou t in g Pr ot ocol ( EI GRP) Cisco Sy st em s follow ed t he dev elopm ent of I GRP w it h Enhanced I GRP. Enhanced I GRP com bines t he char act er is t ics of dist ance- v ect or pr ot ocols and link- st at e pr ot ocols. EI GRP is com m only r efer r ed t o as a hybr id r out ing pr ot ocol or an adv anced dist ance- vect or r out ing pr ot ocol. EI GRP can be used t o r out e I P, I PX, and AppleTalk t r affic. This chapt er concent r at es on I P rout ing w it h EI GRP. EI GRP uses dist ance- v ect or pr oper t ies t o det er m ine t he best pat h t o a net w or k , but it uses link- st at e pr oper t ies w hen changes occur or w hen det ect ing new neighbor s. Lik e OSPF, EI GRP sends hello pack et s t o find new neighbor s and m aint ain neighbor adj acencies. Som e of t he m ain feat ur es of EI GRP w hen used t o r out e I P dat a ar e as follow s: • • • • • •

The m et r ic is based on a com posit e t hat consider s delay , bandw idt h, and MTU sizes t o ensur e t he best possible pat h t o any dest inat ions cont aining dual pat hs. Per iodic updat es ar e not sent ; only net w or k changes ar e sent . EI GRP can load shar e up t o six pat hs. ( The default is four pat hs, as w it h OSPF.) By default , EI GRP uses up t o 50 per cent of t he bandw idt h of an int er face and can be configur ed t o go low er or higher. EI GRP includes suppor t for VLSM. EI GRP suppor t s aut hent icat ion of r out ing updat es.

EI GRP w as dev eloped by Cisco t o pr ov ide enhancem ent s t o I GRP and, in par t icular , t o pr ov ide suppor t for lar ge I P net w or k s and r educe t he conv er gence t im e for I P rout ing updat es. To achiev e t his goal, EI GRP has been designed w it h t he follow ing feat ur es:

187

• • •

D if f u sin g U p d a t e Alg or it h m ( D U AL) — Lik e any r out ing pr ot ocol, EI GRP uses DUAL t o m aint ain a loop- fr ee t opology . I n cr e m e n t a l u p d a t e s— I nst ead of sending t he com plet e I P rout ing t able, EI GRP sends incr em ent al updat es w hen net w or k changes occur . H e llo p r o t o co l— EI GRP uses hello pack et s t o discov er neighbor ing r out er s.

Table 5- 1 defines som e of t he com m on t er m inology used w hen discussing EI GRP net w orks.

Table 5-1. EIGRP Terms Term

Meaning

Neighbor

A r out er in t he sam e aut onom ous sy st em ( AS) r unning EI GRP

Hello

A packet used t o m onit or and m aint ain EI GRP neighbor r elat ionships

Query

A quer y pack et t hat is sent t o neighbor ing r out er s w hen a net work pat h is lost

Reply

A r eply pack et t o a quer y pack et

ACK

Ack now ledgm ent of a pack et , t y pically a hello pack et w it h n o dat a

Holdt im e

The lengt h of t im e a r out er w ait s for a hello pac ket befor e t ear ing dow n a neighbor adj acency

Sm oot h Rout e Trip Tim e The am ount of t im e r equir ed t o send a pack et r eliably t o an ( SSRT) ack now ledgm ent Ret r ansm ission Tim eout The am ount of t im e r equir ed t o r espond t o an ack now ledge ( RTO) pack et Feasible d ist an ce

Met r ic t o r em ot e net w or k; low est is pr efer r ed

Feasible successor

A neighbor ing r out er w it h a low er AD

Successor

A neighbor ing r out er t hat m eet s t he feasibilit y condit ion

St uck in Act ive ( SI A)

An EI GRP r out er w ait ing for an ack now ledgm ent fr om a neighboring rout er

Act iv e

The t im e dur ing w hich a r out er is quer ying neighbor ing r out er s about a net w or k pat h

Passiv e

Nor m al oper at ion of a r out e t o a r em ot e dest inat ion

You hav e alr eady configur ed I GRP and EI GRP in Chapt er 2, “ Rout ing Pr inciples.” This chapt er cov er s EI GRP in gr eat er det ail using a sim ple t w o- rout er t opology.

D iscov e r in g a n d M a in t a in in g Rou t e s in EI GRP EI GRP uses hello pack et s t o discov er new neighbor ing r out es, and aft er it finds a neighbor , t he Cisco r out er s adv er t ise all I P net w or k ent r ies. Figur e 5- 1 display s a sim ple t w o- r out er EI GRP net w or k in Aut onom ous Syst em 1. This sect ion show s y ou how t o enable EI GRP on bot h r out er s in Figur e 5- 1.

188

Figu r e 5 - 1 . Tw o- Rou t e r EI GRP N e t w or k

To st ar t EI GRP on a Cisco r out er , you m ust fir st enable EI GRP w it h t he com m and r ou t e r e igr p aut onom ous sy st em w hile in global configurat ion m ode. For r out er s shar ing t he sam e I P dom ain, t he AS needs t o be t he sam e. Ex am ple 5- 1 displays t he configurat ion of EI GRP on R1.

Ex a m ple 5 - 1 R1 EI GRP Con figu r a t ion R1(config)#router eigrp 1 R1(config-router)#network 131.108.1.0 Not ice t hat 131.108.1.0 is, by default , a Class B net w or k . Nex t , v iew t he configur at ion aft er y ou ent er t he n e t w or k 1 3 1 .1 0 8 .1 .0 com m and. Ex am ple 5- 2 display s t he r unning configur at ion of R1, t r uncat ed for clar it y .

Ex a m ple 5 - 2 R1 EI GRP Con figu r a t ion ... router eigrp 1 network 131.108.0.0 ... N OTE I OS v er sion 12.0.4( T) suppor t s t he use of t he w ildcar d m ask , w hich w or k s as t he OSPF w ildcar d m ask does. For ex am ple, t he n e t w o rk 1 3 1 .1 0 8 .1 .1 0 .0 .0 .0 com m and places t he Et her net int er face of R1 in EI GRP 1. Consult t he lat est com m and r efer ence on t he Cisco Web sit e at w w w . cisco. com / univ er cd/ hom e/ hom e. ht m for m ore infor m at ion. This URL can be accessed for fr ee and cont ains ev er y com m and av ailable on Cisco r out er s and sw it ches.

EI GRP needs only t he m aj or net w or k boundar y w hen using t he n e t w or k com m and. For exam ple, you can configure t he Class B net w ork, 131.108.0. 0, inst ead of ent er ing t he addr ess 131.108.1.0.

189

EI GRP suppor t s sum m ar izat ion and VLSM, w hich ar e cov er ed in t his chapt er . Ex am ple 5- 3 display s t he sam e EI GRP configur at ion on R2. The AS is set t o 1 on bot h r out er s t o enable bot h r out er s t o shar e I P r out ing infor m at ion.

Ex a m ple 5 - 3 R2 EI GRP Con figu r a t ion R2(config)#router eigrp 1 R2(config-router)#network 131.108.0.0 R2 has a num ber of loopback s t o populat e t he I P r out ing t ables r anging fr om 131.108.2.0 t o 131.108.15.0/ 24. To v iew EI GRP neighbor r elat ions bet w een t w o Cisco r out er s, use t he sh ow ip e ig r p n e ig h b or s com m and. Ex am ple 5- 4 d isplays t he EI GRP neighbors on R1.

Ex a m ple 5 - 4 EI GRP N e igh bor s on R1 R1#show ip eigrp neighbors IP-EIGRP neighbors for process 1 H Address Interface Seq Num 0 131.108.1.2

Et0/0

Hold Uptime

SRTT

(sec)

(ms)

12 00:00:34

4

RTO

Q Cnt

200

0

1

Ex am ple 5- 4 display s t he neighbor R2 w it h t he I P addr ess 131.108.1.2, and t he out bound int erface t he EI GRP neighbor ( in t his case R2) w as discovered. R1 discov er ed a r em ot e EI GRP neighbor t hr ough t he Et her net int er face ( display ed as Et 0/ 0) . The holdt im e indicat es t he lengt h of t im e, in seconds, t hat t he Cisco I OS Soft w ar e w ait s t o hear from t he peer before declaring it dow n. Sm oot h Round Trip Tim e ( SRTT) is t he num ber of m illiseconds it t ak es for an EI GRP pack et t o be sent t o t his neighbor and for t he local r out er t o r eceiv e an ack now ledgm ent of t hat pack et . Ret r ansm ission t im eout ( RTO) indicat es t he am ount of t im e t he I OS soft w ar e w ait s befor e r esending a pack et fr om t he local r et r ansm ission queue. Q Cnt indicat es t he num ber of updat e, quer y , or r eply pack et s t hat t he I OS soft w ar e is w ait ing t o send t o t he neighbor . Sequence num ber ( SEQ NUM) is t he last sequenced num ber used in an updat e, quer y, or r eply packet t hat w as r eceived fr om t his neighbor . To m aint ain EI GRP bet w een R1 and R2, you use hello packet s t o ensur e t hat bot h r out er s ar e act ive and r unning. Any updat es or changes ar e sent im m ediat ely and bot h r out er s m aint ain t opology t ables. A t opology t able is cr eat ed fr om updat es r eceived fr om all EI GRP neighbor s. The EI GRP t opology t able is used t o m aint ain I P r out ing ent r ies in t he I P r out ing t able. Ex am ple 5- 5 displays t he EI GRP t opology t able on R1 using t he I OS sh ow ip e ig r p t opology com m and.

Ex a m ple 5 - 5 R1 ' s EI GRP Topology Ta ble R1#show ip eigrp ? interfaces IP-EIGRP interfaces neighbors IP-EIGRP neighbors topology IP-EIGRP Topology Table

190

traffic IP-EIGRP Traffic Statistics R1#show ip eigrp topology IP-EIGRP Topology Table for process 1 Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, r - Reply status P 131.108.15.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.14.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.13.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.12.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.11.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.10.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.9.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.8.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.7.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.6.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.5.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.4.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.3.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.2.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.1.0/24, 1 successors, FD is 281600 via Connected, Ethernet0/0 Ex am ple 5- 5 display s a w ealt h of infor m at ion about all t he r em ot e ent r ies EI GRP discover s. Also, not ice t he num ber of differ ent I OS s h o w com m ands possible. Ent r ies in t his t opology t able can be updat ed by changes in t he net w or k or int er face failur es. For ex am ple, if a net w or k failur e does occur , t he t opology t able r eceiv es an updat e t o r ecalculat e t he pat h t o t he r em ot e ent r y using t he algor it hm called Diffusing Updat e Algor it hm ( DUAL) . DUAL is an algor it hm dev eloped by Cisco t hat perfor m s t he calculat ions on t he t opology t able. DUAL is based on det ect ing a net w or k change w it hin a finit e am ount of t im e. Any changes sent am ong neighbor ing r out er s ar e sent r eliably ( using sequence pack et s and ensur ing pack et deliv er y ) . Because t he algor it hm is calculat ed alm ost inst ant aneously, in or der , and w it h a finit e t im e, updat es ar e sent and r eceiv ed quick ly , w hich incr eases conv er gence t im e. Table 5- 2 sum m arizes t he cont ent s of t he t opology t able in Ex am ple 5- 5.

Table 5-2. EIGRP Topology Table Definitions Term Codes

Definition St at e of t his t opology t able ent r y .

191

P

Passiv e. No Enhanced I GRP com put at ions ar e being per for m ed for t his dest inat ion.

A

Act iv e. Enhanced I GRP com put at ions ar e being per for m ed for t his dest inat ion.

U

Updat e. I ndicat es t hat an updat e pack et w as sent t o t his dest inat ion.

Q

Quer y . I ndicat es t hat a quer y pack et w as sent t o t his dest inat ion.

R

Reply . I ndicat es t hat a r eply pack et w as sent t o t his dest inat ion.

r

Reply st at us. Flag t hat is set aft er t he soft w ar e has sent a quer y and is w ait ing for a reply.

131.108.15.0/ 24 and so on

These indicat e t he dest inat ion I P net w ork num ber and m ask, in t his case 255.255.255.0.

successor s

Num ber of successor s. This num ber cor r esponds t o t he num ber of nex t hops in t he I P r out ing t able. R1 has only one pat h, hence only one successor .

FD

Feasible dist ance. This value is used in t he feasibilit y condit ion check . I f t he neighbor 's r epor t ed dist ance ( t he m et r ic aft er t he slash) is less t han t he feasible dist ance, t he feasibilit y condit ion is m et , and t hat pat h is a feasible successor . Aft er t he soft w ar e det erm ines it has a feasible successor , it does not hav e t o send a quer y for t hat dest inat ion.

Replies

Num ber of r eplies t hat ar e st ill out st anding ( hav e not been r eceiv ed) w it h r espect t o t his dest inat ion. This infor m at ion appear s only w hen t he dest inat ion is in ac t ive st at e. R1's next hop address is 131.108.1.2.

St at e

Ex act enhanced I GRP st at e t hat t his dest inat ion is in. I t can be t he num ber 0, 1, 2, or 3. This infor m at ion appear s only w hen t he dest inat ion is act iv e.

Via

I P addr ess of t he peer t hat t ells t he soft w ar e about t his dest inat ion. The first N of t hese ent ries, w here N is t he num ber of successor s, ar e t he cur r ent successor s. The r em aining ent r ies on t he list ar e feasible successor s.

( 409600/ 128256)

The fir st num ber is t he Enhanced I GRP m et r ic t hat r epr esent s t he cost t o t he dest inat ion. The second num ber is t he Enhanced I GRP m et r ic t hat t his peer adv er t ises.

Et hernet 0/ 0

I nt er face fr om w hich t his infor m at ion w as lear ned.

Now t hat R1 has est ablished a r elat ionship w it h R2, by m aint aining a t opology t able, w it h all ent r ies in a passiv e st at e, y ou can ex pect t o see r em ot e I P r out ing ent r ies. ( Act ive m eans t he r em ot e ent r y is being r ecalculat ed.) Ex am ple 5- 6 displays R1's I P r out ing t able.

Ex a m ple 5 - 6 R1 ' s I P Rou t in g Ta b le R1#show ip route Codes: D - EIGRP, EX - EIGRP external 131.108.0.0/24 is subnetted, 15 subnets D 131.108.15.0 [90/409600] via 131.108.1.2, 00:31:02, Ethernet0/0 D 131.108.14.0 [90/409600] via 131.108.1.2, 00:31:02, Ethernet0/0

192

D D D D D D D D D D D D C

131.108.13.0 [90/409600] via 131.108.1.2, 00:31:02, Ethernet0/0 131.108.12.0 [90/409600] via 131.108.1.2, 00:31:02, Ethernet0/0 131.108.11.0 [90/409600] via 131.108.1.2, 00:31:02, Ethernet0/0 131.108.10.0 [90/409600] via 131.108.1.2, 00:31:02, Ethernet0/0 131.108.9.0 [90/409600] via 131.108.1.2, 00:31:02, Ethernet0/0 131.108.8.0 [90/409600] via 131.108.1.2, 00:31:02, Ethernet0/0 131.108.7.0 [90/409600] via 131.108.1.2, 00:31:02, Ethernet0/0 131.108.6.0 [90/409600] via 131.108.1.2, 00:31:02, Ethernet0/0 131.108.5.0 [90/409600] via 131.108.1.2, 00:31:02, Ethernet0/0 131.108.4.0 [90/409600] via 131.108.1.2, 00:31:02, Ethernet0/0 131.108.3.0 [90/409600] via 131.108.1.2, 00:31:02, Ethernet0/0 131.108.2.0 [90/409600] via 131.108.1.2, 00:31:04, Ethernet0/0 131.108.1.0 is directly connected, Ethernet0/0

I f y ou sim ulat e a net w or k failur e by shut t ing dow n t he net w or k 131.108.15.0 on R2, Ex am ple 5- 7 display s R1's new t opology t able.

Ex a m ple 5 - 7 R1 ' s Top olog y Ta b le R1#show ip eigrp topology IP-EIGRP Topology Table for process 1 P 131.108.14.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.13.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.12.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.11.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.10.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.9.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.8.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.7.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.6.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.5.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.4.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.3.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.2.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.1.0/24, 1 successors, FD is 281600 via Connected, Ethernet0/0 Ex am ple 5- 7 does not display t he r em ot e ent r y 131.108.15.0/ 24, and, t her efor e , it is not present in t he I P rout ing t able. EI GRP m aint ains I P rout es by using DUAL and m aint aining an EI GRP t opology t able. For r em ot e ent r ies w it h m ult iple r out es, EI GRP uses t he feasible condit ion ( FC) t o det er m ine t he best pat h.

193

The EI GRP rout ing algo r it hm alw ay s chooses t he pat h t o a r em ot e dest inat ion w it h t he low est m et r ic. The t opology t able m aint ains all pat hs t o r em ot e net w or k s, so by sim ply v iew ing t he t opology t able, y ou can discov er t he num ber of pat hs av ailable and w hy EI GRP chooses a cer t ain pat h. EI GRP suppor t s t he use of VLSM; all updat es cont ain an ent r y for t he subnet m ask . To dem onst r at e t his, m odify t he I P net w or ks on R2, and look at R1's t opology t able aft er you alt er all t he net w or ks fr om Class C net w or ks t o a r ange of var iable - lengt h subnet m asks ( VLSM) . Ex am ple 5- 8 display s R1's t opology t able aft er t he net w or k s on R2 hav e been changed.

Ex a m ple 5 - 8 R1 ' s Top olog y Ta b le R1#show ip eigrp topology IP-EIGRP Topology Table for process 1 P 131.108.15.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.14.0/24, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.13.0/29, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.12.0/30, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.11.0/30, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.10.0/27, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.9.0/25, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.8.0/25, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.7.0/26, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.6.0/27, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.5.0/28, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.4.0/29, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.3.0/30, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.2.0/27, 1 successors, FD is 409600 via 131.108.1.2 (409600/128256), Ethernet0/0 P 131.108.1.0/24, 1 successors, FD is 281600 via Connected, Ethernet0/0 Ex am ple 5- 8 displays a r ange of non- Class C net w or k s, dem onst r at ing t he pow er ful use of VLSM w it h EI GRP. Ex am ple 5- 9 displays t he new I P r out ing t able for com plet eness.

Ex a m ple 5 - 9 R1 ' s EI GRP Rou t in g Ta ble R1#show ip route eigrp

194

131.108.0.0/16 is variably subnetted, 15 subnets, 7 masks D 131.108.15.0/24 [90/409600] via 131.108.1.2, 00:20:15, Ethernet0/0 D 131.108.14.0/24 [90/409600] via 131.108.1.2, 00:58:15, Ethernet0/0 D 131.108.13.0/29 [90/409600] via 131.108.1.2, 00:02:20, Ethernet0/0 D 131.108.12.0/30 [90/409600] via 131.108.1.2, 00:02:22, Ethernet0/0 D 131.108.11.0/30 [90/409600] via 131.108.1.2, 00:02:24, Ethernet0/0 D 131.108.10.0/27 [90/409600] via 131.108.1.2, 00:02:25, Ethernet0/0 D 131.108.9.0/25 [90/409600] via 131.108.1.2, 00:02:27, Ethernet0/0 D 131.108.8.0/25 [90/409600] via 131.108.1.2, 00:02:29, Ethernet0/0 D 131.108.7.0/26 [90/409600] via 131.108.1.2, 00:02:30, Ethernet0/0 D 131.108.6.0/27 [90/409600] via 131.108.1.2, 00:02:32, Ethernet0/0 D 131.108.5.0/28 [90/409600] via 131.108.1.2, 00:02:34, Ethernet0/0 D 131.108.4.0/29 [90/409600] via 131.108.1.2, 00:02:35, Ethernet0/0 D 131.108.3.0/30 [90/409600] via 131.108.1.2, 00:02:37, Ethernet0/0 D 131.108.2.0/27 [90/409600] via 131.108.1.2, 00:02:39, Ethernet0/0

EI GRP in N BM A En v ir on m e n t s You can successfully c onfigur e EI GRP over NBMA net w or ks if you apply t he follow ing rules: • • •

EI GRP t r affic should not ex ceed t he com m it t ed infor m at ion r at e ( CI R) . EI GRP aggr egat ed t r affic ov er all v ir t ual cir cuit s should not ex ceed t he access line speed. The allocat ed bandw idt h for EI GRP m ust be t he sam e on each vir t ual cir cuit bet w een t w o r em ot e r out er s.

The use of t he b a n d w id t h com m and should r eflect t he t r ue speed of any int er face. Th e b a n d w id t h com m and is used in EI GRP m et r ic calculat ion and defines t he am ount of bandw idt h. ( By default , up t o 50 per cent of any link can be consum ed by EI GRP; t his is also configurable using t he ip b a n d w id t h - p e r ce n t e igr p AS per cent com m and.) EI GRP does not hav e any w ay of st at ically defined neighbor ing, so y ou m ust ensur e t hat EI GRP packet s or updat es ar e sent ov er a nonbr oadcast net w or k . Th e b a n d w id t h com m and does not alw ay s hav e t o r eflect t he act ual bandw idt h of t he int er face. I n fact , y ou can use t he b a n d w id t h com m and t o adj ust t he com posit e EI GRP m et r ic so t hat y ou can per for m equal- cost load balancing on unequal speed links. The I OS v a r ia n ce com m and pr ov ides anot her m et hod for achiev ing unequal load balancing.

195

Set t ing a v ar iance v alue let s t he Cisco I OS Soft w ar e det er m ine t he feasibilit y of a pot ent ial r out e, ev en t hough t he pat h m ight be ov er a slow er w ide- ar ea net w or k ( WAN) link. The follow ing t w o condit ions ar e r equir ed befor e load balancing ov er unequal pat hs can t ak e place: • •

The local best m et ric m ust be great er t han t he m et ric learned from t he next rout er. The m ult iplier t im es t he local best m et r ic for t he dest inat ion m ust be gr eat er t han or equal t o t he m et ric t hrough t he next rout er.

EI GRP Rou t e Su m m a r iz a t ion a n d La r ge I P N e t w or k Suppor t EI GRP suppor t s t he use of sum m ar izat ion t o conser v e I P r out ing t able size. Sum m ar izat ion in EI GRP can be configur ed on any r out er in t he sam e AS. By default , EI GRP aut om at ically sum m ar izes at t he m aj or net w or k boundar ies. To per for m st at ic sum m ar izat ion, y ou m ust disable t his feat ur e w it h t he n o a u t o- su m m a r y I OS com m and, under t he r out ing pr ocess. To m anua lly sum m ar ize net w or k s, y ou m ust adv er t ise t he super net , for ex am ple, on an int er face lev el w it h t he ip su m m a r y a d d r e ss e ig r p aut onom ous sy st em m ask com m and. Re- exam ine Figur e 5- 1 and sum m ar ize t he net w or k s 131.108.8.0 t o 131.108.15.255. Fir st , you m ust disable aut om at ic sum m ar izat ion on R2. Ex am ple 510 display s t he disabling of aut om at ic sum m arizat ion on R2.

Ex a m ple 5 - 1 0 D isa blin g Au t om a t ic Su m m a r iz a t ion on R2 R2(config)#router eigrp 1 R2(config-router)#no auto-summary Because t he net w or k s 131. 108. 8. 0– 131.108.15.0 ar e cont iguous, y ou can apply t he m ask 255. 255. 248. 0 t o incor por at e t he r ange of net w or ks fr om 131.108.8.255– 131.108.15.255. Ex am ple 5- 11 displays t he sum m ar y com m and com plet ed on R2's link t o R1.

Ex a m ple 5 - 1 1 Su m m a r y on R2 R2(config)#interface ethernet 0/0 R2(config-if)#ip summary-address eigrp 1 131.108.8.0 255.255.248.0 R1 should now hav e only one r em ot e r out ing ent r y for t he net w or k s 131.108.8.255– 131.108.15.255 as displayed in Ex am ple 5- 12.

Ex a m ple 5 - 1 2 R1 ' s EI GRP Rou t in g Ta b le R1#show ip route eigrp 131.108.0.0/16 is variably subnetted, 8 subnets, 2 masks

196

D 131.108.8.0/21 Ethernet0/0 D 131.108.7.0/24 Ethernet0/0 D 131.108.6.0/24 Ethernet0/0 D 131.108.5.0/24 Ethernet0/0 D 131.108.4.0/24 Ethernet0/0 D 131.108.3.0/24 Ethernet0/0 D 131.108.2.0/24 Ethernet0/0

[90/409600] via 131.108.1.2, 00:01:13, [90/409600] via 131.108.1.2, 00:01:13, [90/409600] via 131.108.1.2, 00:01:13, [90/409600] via 131.108.1.2, 00:01:13, [90/409600] via 131.108.1.2, 00:01:13, [90/409600] via 131.108.1.2, 00:01:13, [90/409600] via 131.108.1.2, 00:01:14,

To suppor t lar ge I P net w or k s, y ou can use sev er al Cisco I OS enhancem ent s, such as net w or k sum m ar izat ion, load balancing, and r educing t he load on WAN link s w it h t he b a n d w id t h com m and, t o fine- t une EI GRP. Sev er al fact or s can cont r ibut e t o a poor ly designed net w or k , such as t he am ount of r out ing infor m at ion ex changed bet w een r out er s, t he num ber of r out er s in y our net w or k , t he net w or k diam et er of y our net w or k ( hop count in EI GRP is st ill 255) , and t he num ber of alt er nat iv e pat hs bet w een r out er s. EI GRP can scale in a well- designed I P net w or k , and w it h pr oper configur at ion, it can be well- m aint ained. As w it h any legacy pr ot ocol, t he used- by dat e of EI GRP is fast approaching, especially in t oday's large I P- based net w or k . Open Shor t est Pat h Fir st ( OSPF) , I nt er m ediat e Sy st em- t o- I nt erm ediat e Syst em ( I S- I S) , and Border Gat ew ay Prot ocol ( BGP) ar e far m or e com m on r out ing pr ot ocols. I n t he follow ing fiv e scenar ios, y ou configur e and m onit or som e sam ple EI GRP net w or k s and apply t he k now ledge y ou hav e gained.

Sce n a r ios The follow ing scenar ios ar e designed t o dr aw t oget her som e of t he cont ent descr ibed in t his chapt er and som e of t he cont ent y ou hav e seen in y our ow n net w or k s or pr act ice labs. Ther e is no one r ight w ay t o accom plish m any of t he t ask s pr esent ed, and t he abilit ies t o use good pr act ice and define your end goal ar e im por t ant in any r eal- life design or solut ion.

Sce n a r io 5 - 1 : Con figu r in g EI GRP I n t his scenario, you configure eight Cisco rout ers for I P rout ing using a Class B ( / 16) net w or k 131.108.0.0 w it h a Class C subnet m ask ( 255.255.255.0 or / 24) . The ser ial links w ill use a t w o- host subnet t o dem onst r at e t he use of VLSM w it h EI GRP. Assum e t he cor e backbone net w or k r esides on t he Et her net bet w een R1 and R2. Figur e 5- 2 display s a net w or k w it h sev en r out er s in AS1 and one rem ot e rout er in AS2.

197

Figu r e 5 - 2 . EI GRP in AS 1 a n d AS 2

The I P address assignm ent for t he WAN links is described in Table 5- 3. Not e t he use of VLSM acr oss t he WAN Links.

Table 5-3. IP Address Assignments Router

IP Address Range

R1

131.108.2.1- 1 5 . 1 / 2 4

R2

131. 108. 16. 1- 31.1/ 24

R3

131. 108. 32. 1- 33.1. / 24

R4

131. 108. 34. 1- 35.1/ 24

R5

131.108.128.0/ 24

R6

131.108.129.0/ 24

R7

131.108.130.0/ 24

R8

168.131.1.0/ 24

WAN links

131.108.255.0/ 30

LAN link

131. 108. 36. 0/ 24

St art by enabling EI GRP on all t he rout ers in AS 1. Ex am ple 5- 13 display s enabling EI GRP on R1. The sam e configur at ion com m ands ar e applied t o all r out er s in AS 1 because t he sam e Class B net w or k, 131.108.0.0, is in use.

198

Ex a m ple 5 - 1 3 En a blin g EI GRP on R1 R1(config)#router eigrp ? Autonomous system number R1(config)#router eigrp 1 R1(config-router)#network 131.108.0.0 Ex am ple 5- 13 configur es R1 w it h EI GRP in AS 1 and enables EI GRP updat es t o be sent and r eceiv ed on all int er faces configur ed w it h an addr ess in t he r ange 131.108.0.0–131.108.255.255. To display t he int er face r unning EI GRP, issue t he sh ow ip e ig r p in t e r f a ce s com m and. Ex am ple 5- 14 displays t he int er faces r unning EI GRP on R1.

Ex a m ple 5 - 1 4 Sa m ple Ou t pu t of sh ow ip e igr p in t e r fa ce s on R1 R1#show ip eigrp interfaces IP-EIGRP interfaces for process 1 Xmit Queue Mean Pending Interface Peers Un/Reliable SRTT Routes Et0/0 1 0/0 2 0 Se0/0 1 0/0 57 0 Lo0 0 0/0 0 0 Lo1 0 0/0 0 0 Lo2 0 0/0 0 0 Lo3 0 0/0 0 0 Lo4 0 0/0 0 0 Lo5 0 0/0 0 0 Lo6 0 0/0 0 0 Lo7 0 0/0 0 0 Lo8 0 0/0 0 0 Lo9 0 0/0 0 0 Lo10 0 0/0 0 0 Lo11 0 0/0 0 0 Lo12 0 0/0 0 0 Lo13 0 0/0 0 0

Pacing Time

Multicast

Un/Reliable

Flow Timer

0/10

50

0/15

50

0/10

0

0/10

0

0/10

0

0/10

0

0/10

0

0/10

0

0/10

0

0/10

0

0/10

0

0/10

0

0/10

0

0/10

0

0/10

0

0/10

0

199

Ex am ple 5- 14 display s a num ber of phy sical ( E0/ 0 and Se0/ 0) int er faces r unning EI GRP and a num ber of loopback s num ber ed fr om 0 t o 13. Also, not e t hat y ou hav e EI GRP neighbor s t hr ough E0/ 0 and S0/ 0. I n ot her w or ds, R1 has est ablished a neighbor relat ionship t o R2 t hrough Et hernet 0/ 0 and R3 t hrough S0/ 0. Next , display t he neighbor s on R1 by using t he sh ow ip e ig r p n e ig h b or s com m and on R1. Ex am ple 5- 15 displays t he sam ple out put t aken fr om R1.

Ex a m ple 5 - 1 5 sh ow ip e igr p n e igh bor s Com m a n d on R1 R1#show ip eigrp neighbors IP-EIGRP neighbors for process 1 H Address Interface Seq Num 1 131.108.255.2 0 131.108.1.2

Se0/0 Et0/0

Hold Uptime

SRTT

(sec)

(ms)

14 03:41:45 10 03:43:42

57 2

RTO

Q Cnt

342 200

0 0

3 4

Tw o neighbor s ar e for m ed w it h R1, nam ely R2 ( 131.108.1.2) and R3 ( 131.108.1.2) . Ex am ple 5- 16 displays R1's EI GRP I P rout ing t able.

Ex a m ple 5 - 1 6 sh ow ip r ou t e e igr p on R1 R1#show ip route eigrp 131.108.0.0/16 is variably subnetted, 41 subnets, 2 masks D 131.108.255.16/30 [90/21529600] via 131.108.255.2, 00:00:15, Serial0/0 [90/21529600] via 131.108.1.2, 00:00:15, Ethernet0/0 D 131.108.255.20/30 [90/21529600] via 131.108.1.2, 00:04:14, Ethernet0/0 [90/21529600] via 131.108.255.2, 00:04:14, Serial0/0 D 131.108.255.4/30 [90/20537600] via 131.108.1.2, 00:04:16, Ethernet0/0 D 131.108.255.8/30 [90/21504000] via 131.108.255.2, 00:04:15, Serial0/0 D 131.108.255.12/30 [90/21504000] via 131.108.255.2, 00:04:16, Serial0/0 D 131.108.130.0/24 [90/21529600] via 131.108.255.2, 00:04:14, Serial0/0 D 131.108.129.0/24 [90/21555200] via 131.108.255.2, 00:00:10, Serial0/0 [90/21555200] via 131.108.1.2, 00:00:10, Ethernet0/0 D 131.108.128.0/24 [90/21529600] via 131.108.255.2, 00:04:14, Serial0/0 D 131.108.36.0/24 [90/20537600] via 131.108.255.2, 00:04:16, Serial0/0 D 131.108.31.0/24 [90/409600] via 131.108.1.2, 00:04:15, Ethernet0/0

200

D 131.108.30.0/24 Ethernet0/0 D 131.108.29.0/24 Ethernet0/0 D 131.108.28.0/24 Ethernet0/0 D 131.108.27.0/24 Ethernet0/0 D 131.108.26.0/24 Ethernet0/0 D 131.108.25.0/24 Ethernet0/0 D 131.108.24.0/24 Ethernet0/0 D 131.108.23.0/24 Ethernet0/0 D 131.108.22.0/24 Ethernet0/0 D 131.108.21.0/24 Ethernet0/0 D 131.108.20.0/24 Ethernet0/0 D 131.108.19.0/24 Ethernet0/0 D 131.108.18.0/24 Ethernet0/0 D 131.108.17.0/24 Ethernet0/0 D 131.108.16.0/24 Ethernet0/0

[90/409600] via 131.108.1.2, 00:04:15, [90/409600] via 131.108.1.2, 00:04:15, [90/409600] via 131.108.1.2, 00:04:15, [90/409600] via 131.108.1.2, 00:04:15, [90/409600] via 131.108.1.2, 00:04:15, [90/409600] via 131.108.1.2, 00:04:15, [90/409600] via 131.108.1.2, 00:04:15, [90/409600] via 131.108.1.2, 00:04:15, [90/409600] via 131.108.1.2, 00:04:15, [90/409600] via 131.108.1.2, 00:04:15, [90/409600] via 131.108.1.2, 00:04:15, [90/409600] via 131.108.1.2, 00:04:15, [90/409600] via 131.108.1.2, 00:04:16, [90/409600] via 131.108.1.2, 00:04:16, [90/409600] via 131.108.1.2, 00:04:16,

R1 has a dual pat h t o t hr ee r em ot e net w or k s because t he c om posit e m et ric is t he sam e. R1 has no pat h t o t he rem ot e net work on R8 in EI GRP AS 2. Next , configure EI GRP on R4 and R8 in AS 2. R4 resides in t wo aut onom ous syst em s: 1 and 2. The serial link bet w een R4 and R8 cont ains t he net w ork 168.131.2.0/ 30. Ex am ple 5- 17 display s t he EI GRP configur at ion on R4 in AS 2 ( net w or k 168.131.0.0) .

Ex a m ple 5 - 1 7 EI GRP in AS 2 on R4 R4(config)#router eigrp 2 R4(config-router)#network 168.131.0.0 Ex am ple 5- 18 display s t he EI GRP configur at ion on R8 in AS 2 ( net w or k 168.131.0.0) .

Ex a m ple 5 - 1 8 EI GRP in AS 2 on R8 R8(config)#router eigrp 2 R8(config-router)#network 168.131.0.0 You should expect t o see a neighbor bet w een R4 and R8. Ex am ple 5- 19 display s t he EI GRP neighbors on R4.

201

Ex a m ple 5 - 1 9 sh ow ip e igr p n e igh bor s on R4 R4#show ip eigrp neighbors IP-EIGRP neighbors for process 1 H Address Interface Seq Type Num 2 131.108.255.18 Se1 0 131.108.255.5 Se0 1 131.108.36.3 Et0 157 IP-EIGRP neighbors for process 2 H Address Interface Seq Type Num 0 168.131.2.2

Se2

Hold Uptime

SRTT

(sec)

(ms)

14 00:09:02 11 00:14:09 12 00:18:22

RTO

Q Cnt

640 15 1

3840 1164 200

0 0 0

Hold Uptime

SRTT

RTO

Q

(sec)

(ms)

12 00:04:04

239

4 92

Cnt 1434

0

3

Rout er R4 resides in t wo different aut onom ous syst em s: 1 and 2. Hence, R4 has est ablished EI GRP neighbor s w it h r out er s in AS 1 and AS 2. Display t he I P r out ing t able on R8, and ensur e connect iv it y t o t he r est of t he net w or k . Ex am ple 5- 20 displays t he I P rout ing t able on R8.

Ex a m ple 5 - 2 0 sh ow ip r ou t e n e igh bor s on R8 R8#show ip route 168.131.0.0/16 is variably subnetted, 2 subnets, 2 masks C 168.131.2.0/30 is directly connected, Serial0 C 168.131.1.0/24 is directly connected, Ethernet0 R8 has no rem ot e EI GRP ent ries because R4 is not redist ribut ing I P net w orks from EI GRP AS 1 int o 2. R4 m ust be configur ed for r edist r ibut ion because EI GRP does not aut om at ically r edist r ibut e am ong differ ent aut onom ous sy st em s. ( EI GRP and I GRP aut om at ic r edist ribut ion occurs only if t he AS is t he sam e.) I f t he rout ers in AS 1 w ant t o send dat a t o AS 2, R4 m ust pr ov ide t w o- w ay redist ribut ion. Ex am ple 5- 21 display s t he configur at ion of t w o- w ay redist ribut ion bet w een AS 1 and 2. The ? t ool is used her e t o highlight t he par am et er s t he Cisco I OS r equir es. TI P You m ust be car eful w hen per for m ing any r edist r ibut ion t o ensur e t hat net w or k s r esiding in one dom ain do not cont ain r out es or subnet s in t he r edist r ibut ed dom ain. Rout e m aps or dist ribut ed list s should alw ays be applied t o ensure rout ing loops do not occur .

Ex a m ple 5 - 2 1 Re dist r ibu t ion on R4 Be t w e e n AS 1 a n d 2 R4(config)#router eigrp 1 R4(config-router)#redistribute eigrp ? Autonomous system number R4(config-router)#redistribute eigrp 2 ?

202

metric Metric for redistributed routes route-map Route map reference

R4(config-router)#redistribute eigrp 2 metric ? Bandwidth metric in Kbits per second R4(config-router)#redistribute eigrp 2 metric 125 ? IGRP delay metric, in 10 microsecond units R4(config-router)#redistribute eigrp 2 metric 125 20000 ? IGRP reliability metric where 255 is 100% reliable R4(config-router)#redistribute eigrp 2 metric 125 20000 255 ? IGRP Effective bandwidth metric (Loading) where 255 is 100% loaded R4(config-router)#redistribute eigrp 2 metric 125 20000 255 1 ? IGRP MTU of the path R4(config-router)#redistribute eigrp 2 metric 125 20000 255 1 1500 R4(config-router)#router eigrp 2 R4(config-router)#redistribute eigrp 1 metric 125 20000 255 1 1500 Aft er you configur e r edist r ibut ion on R4, you can expect t o see R8 w it h I P r out ing inform at ion from AS 1. Ex am ple 5- 22 displays R8's I P rout ing t able.

Ex a m ple 5 - 2 2 sh ow ip r ou t e Com m a n d on R8 R8#show ip route Codes: C - connected, D - EIGRP, EX - EIGRP external 168.131.0.0/16 is variably subnetted, 2 subnets, 2 masks C 168.131.2.0/30 is directly connected, Serial0 C 168.131.1.0/24 is directly connected, Ethernet0 131.108.0.0/16 is variably subnetted, 41 subnets, 3 masks D EX 131.108.255.16/30 [170/26112000] via 168.131.2.1, 00:02:57, Serial0 D EX 131.108.255.0/30 [170/26112000] via 168.131.2.1, 00:02:57, Serial0 D EX 131.108.255.4/30 [170/26112000] via 168.131.2.1, 00:02:57, Serial0 D EX 131.108.255.8/30 [170/26112000] via 168.131.2.1, 00:02:58, Serial0 D EX 131.108.255.12/30 [170/26112000] via 168.131.2.1, 00:02:58, Serial0 D EX 131.108.130.0/24 [170/26112000] via 168.131.2.1, 00:02:58, Serial0 D EX 131.108.129.0/24 [170/26112000] via 168.131.2.1, 00:02:58, Serial0 D EX 131.108.128.0/24 [170/26112000] via 168.131.2.1, 00:02:58, Serial0 D EX 131.108.36.0/24 [170/26112000] via 168.131.2.1, 00:02:58, Serial0 D EX 131.108.15.0/24 [170/26112000] via 168.131.2.1, 00:02:58, Serial0

203

D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0 D EX Serial0

131.108.14.0/24 [170/26112000] via 168.131.2.1, 00:02:58, 131.108.13.0/24 [170/26112000] via 168.131.2.1, 00:02:58, 131.108.12.0/24 [170/26112000] via 168.131.2.1, 00:02:58, 131.108.11.0/24 [170/26112000] via 168.131.2.1, 00:02:58, 131.108.10.0/24 [170/26112000] via 168.131.2.1, 00:02:58, 131.108.9.0/24 [170/26112000] via 168.131.2.1, 00:02:58, 131.108.8.0/24 [170/26112000] via 168.131.2.1, 00:02:58, 131.108.7.0/24 [170/26112000] via 168.131.2.1, 00:02:58, 131.108.6.0/24 [170/26112000] via 168.131.2.1, 00:02:59, 131.108.5.0/24 [170/26112000] via 168.131.2.1, 00:02:59, 131.108.4.0/24 [170/26112000] via 168.131.2.1, 00:02:59, 131.108.3.0/24 [170/26112000] via 168.131.2.1, 00:02:59, 131.108.2.0/24 [170/26112000] via 168.131.2.1, 00:02:59, 131.108.1.0/24 [170/26112000] via 168.131.2.1, 00:02:59, 131.108.0.0/16 [170/26112000] via 168.131.2.1, 00:02:59, 131.108.31.0/24 [170/26112000] via 168.131.2.1, 00:02:59, 131.108.30.0/24 [170/26112000] via 168.131.2.1, 00:02:59, 131.108.29.0/24 [170/26112000] via 168.131.2.1, 00:02:59, 131.108.28.0/24 [170/26112000] via 168.131.2.1, 00:02:59, 131.108.27.0/24 [170/26112000] via 168.131.2.1, 00:02:59, 131.108.26.0/24 [170/26112000] via 168.131.2.1, 00:02:59, 131.108.25.0/24 [170/26112000] via 168.131.2.1, 00:02:59, 131.108.24.0/24 [170/26112000] via 168.131.2.1, 00:02:59, 131.108.23.0/24 [170/26112000] via 168.131.2.1, 00:03:00, 131.108.22.0/24 [170/26112000] via 168.131.2.1, 00:03:00, 131.108.21.0/24 [170/26112000] via 168.131.2.1, 00:03:00, 131.108.20.0/24 [170/26112000] via 168.131.2.1, 00:03:00, 131.108.19.0/24 [170/26112000] via 168.131.2.1, 00:03:00,

204

D EX 131.108.18.0/24 [170/26112000] via 168.131.2.1, 00:03:00, Serial0 D EX 131.108.17.0/24 [170/26112000] via 168.131.2.1, 00:03:00, Serial0 D EX 131.108.16.0/24 [170/26112000] via 168.131.2.1, 00:03:00, Serial0 R8 has an expanded I P r out ing t able. Not ice t hat all t he net w or ks fr om AS 1 ar e t agged as D EX, or ext er nal EI GRP, and t he AD dist ance is 170 ( or less t r ust ed t han I nt er nal EI GRP set at 90) . Befor e y ou configur e EI GRP t o sum m ar ize w her ev er possible in Figur e 5- 2, her e ar e t he full w or k ing configur at ions of all eight Cisco r out er s r unning EI GRP. Tak e par t icular not e of t he shaded sect ions, such as t he b a n d w id t h st at em ent used t o m at ch t he w ir e speed bet w een r out er s. The b a n d w id t h st at em ent ensur es pr oper calculat ion of t he EI GRP com posit e m et r ic and also ensur es t hat EI GRP does not consum e m or e t han 50 per cent of t he bandw idt h. By default , Cisco I OS r out er s set t he bandw idt h t o 1544 k bps. Ex am ple 5- 23 display s R1's full w or k ing configur at ion.

Ex a m ple 5 - 2 3 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 ! enable password cisco ! ip subnet-zero no ip domain-lookup interface Loopback0 ip address 131.108.2.1 255.255.255.0 ! interface Loopback1 ip address 131.108.3.1 255.255.255.0 ! interface Loopback2 ip address 131.108.4.1 255.255.255.0 ! interface Loopback3 ip address 131.108.5.1 255.255.255.0 ! interface Loopback4 ip address 131.108.6.1 255.255.255.0 ! interface Loopback5 ip address 131.108.7.1 255.255.255.0 ! interface Loopback6 ip address 131.108.8.1 255.255.255.0 ! interface Loopback7 ip address 131.108.9.1 255.255.255.0 ! interface Loopback8 ip address 131.108.10.1 255.255.255.0

205

! interface Loopback9 ip address 131.108.11.1 255.255.255.0 ! interface Loopback10 ip address 131.108.12.1 255.255.255.0 ! interface Loopback11 ip address 131.108.13.1 255.255.255.0 ! interface Loopback12 ip address 131.108.14.1 255.255.255.0 ! interface Loopback13 ip address 131.108.15.1 255.255.255.0 ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! interface Serial0/0 bandwidth 128 ip address 131.108.255.1 255.255.255.252 clockrate 128000 ! interface Serial0/1 shutdown ! router eigrp 1 network 131.108.0.0 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 5- 24 display s R2's full w or k ing configur at ion.

Ex a m ple 5 - 2 4 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Loopback0 ip address 131.108.16.1 255.255.255.0 ! interface Loopback1 ip address 131.108.17.1 255.255.255.0 ! interface Loopback2 ip address 131.108.18.1 255.255.255.0 !

206

interface Loopback3 ip address 131.108.19.1 ! interface Loopback4 ip address 131.108.20.1 ! interface Loopback5 ip address 131.108.21.1 ! interface Loopback6 ip address 131.108.22.1 ! interface Loopback7 ip address 131.108.23.1 ! interface Loopback8 ip address 131.108.24.1 ! interface Loopback9 ip address 131.108.25.1 ! interface Loopback10 ip address 131.108.26.1 ! interface Loopback11 ip address 131.108.27.1 ! interface Loopback13 ip address 131.108.28.1 ! interface Loopback14 ip address 131.108.29.1 ! interface Loopback15 ip address 131.108.30.1 ! interface Loopback16 ip address 131.108.31.1

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

! interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 ! interface Serial1/0 bandwidth 128 ip address 131.108.255.5 255.255.255.252 clockrate 128000 ! interface Serial1/1 shutdown router eigrp 1 network 131.108.0.0 ! ip classless

207

! line con 0 line aux 0 line vty 0 4 end Ex am ple 5- 25 display s R3's full w or k ing configur at ion.

Ex a m ple 5 - 2 5 R3 ' s Fu ll W or k in g Con figu r a t ion hostname R3 ! enable password cisco ! no ip domain-lookup ! interface Ethernet0 ip address 131.108.36.3 255.255.255.0 media-type 10BaseT ! interface Serial0 ip address 131.108.255.2 255.255.255.252 bandwidth 125 ! interface Serial1 ip address 131.108.255.9 255.255.255.252 bandwidth 125 clockrate 125000 ! interface Serial2 ip address 131.108.255.13 255.255.255.252 bandwidth 125 clockrate 125000 ! interface Serial3 no ip address shutdown ! router eigrp 1 network 131.108.0.0 ! line con 0 line aux 0 line vty 0 4 end Ex am ple 5- 26 displays R4's full w or king configur at ion. R4 is r edist r ibut ing bet w een t he t w o EI GRP aut onom ous syst em s, 1 and 2.

Ex a m ple 5 - 2 6 R4 ' s Fu ll W or k in g Con figu r a t ion hostname R4 ! enable password cisco ip subnet-zero no ip domain-lookup

208

interface Ethernet0 ip address 131.108.36.4 255.255.255.0 ! interface Serial0 bandwidth 125 ip address 131.108.255.6 255.255.255.252 ! interface Serial1 bandwidth 125 ip address 131.108.255.17 255.255.255.252 clockrate 125000 ! interface Serial2 bandwidth 125 ip address 168.131.2.1 255.255.255.252 clockrate 125000 ! interface Serial3 ip address 141.108.255.1 255.255.255.252 clockrate 125000 ! router eigrp 1 redistribute eigrp 2 metric 125 20000 255 1 1500 network 131.108.0.0 ! router eigrp 2 redistribute eigrp 1 metric 125 20000 255 1 1500 network 168.131.0.0 ! line con 0 line aux 0 line vty 0 4 end Ex am ple 5- 27 display s R5's full w or k ing configur at ion.

Ex a m ple 5 - 2 7 R5 ' s Fu ll W or k in g Con figu r a t ion hostname R5 ! enable password cisco ! ip subnet-zero interface Ethernet0 ip address 131.108.128.1 255.255.255.0 ! interface Serial0 bandwidth 125 ip address 131.108.255.10 255.255.255.252 ! interface Serial1 shutdown ! router eigrp 1 network 131.108.0.0 !

209

line con 0 line aux 0 line vty 0 4 end Ex am ple 5- 28 display s R6's full w or k ing configur at ion.

Ex a m ple 5 - 2 8 R6 ' s Fu ll W or k in g Con figu r a t ion hostname R6 ! enable password cisco ! ip subnet-zero interface Ethernet0 ip address 131.108.129.1 255.255.255.0 ! interface Serial0 bandwidth 125 ip address 131.108.255.18 255.255.255.252 ! interface Serial1 shutdown ! router eigrp 1 network 131.108.0.0 ! line con 0 line aux 0 line vty 0 4! end Ex am ple 5- 29 displays R7's full w or k ing configur at ion.

Ex a m ple 5 - 2 9 R7 ' s Fu ll W or k in g Con figu r a t ion hostname R7 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Ethernet0 ip address 131.108.130.1 255.255.255.0 ! interface Serial0 bandwidth 125 ip address 131.108.255.14 255.255.255.252 ! interface Serial1 shutdown ! router eigrp 1 network 131.108.0.0 !

210

line con 0 line aux 0 line vty 0 4 end Ex am ple 5- 30 displays R8's full w orking configurat ion. R8 is running EI GRP in AS 2 only.

Ex a m ple 5 - 3 0 R8 ' s Fu ll W or k in g Con figu r a t ion hostname R8 enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Ethernet0 ip address 168.131.1.1 255.255.255.0 ! interface Serial0 bandwidth 125 ip address 168.131.2.2 255.255.255.252 ! interface Serial1 shutdown ! router eigrp 2 network 168.131.0.0 ! line con 0 line aux 0 line vty 0 4 ! end

Sce n a r io 5 - 2 : Su m m a r iz a t ion w it h EI GRP I n t his scenar io, y ou use sum m ar izat ion w it h t he net work configured for EI GRP in Scenar io 5- 1 and r educe t he I P r out ing t able size w it hin an AS and ex t er nal t o t he AS. Figur e 5- 3 displays t he connect ed rout es being advert ised by R1 and R2.

Figu r e 5 - 3 . R1 a n d R2 Con n e ct e d N e t w or k s

211

The net w or k s r anging fr om 131.108.1.0 t o 131.108.31.255 r eside on t w o r out er s; in ot her w or ds, 31 subnet s or I P r out ing ent r ies populat e t he r out ing t ables in AS 1 and AS 2. Exam ple 5- 31 displays t he I P rout ing t able on R3.

Ex a m ple 5 - 3 1 R3 's I P Rou t in g Ta ble R3#show ip route 168.131.0.0/16 is variably subnetted, 3 subnets, 3 masks D EX 168.131.2.0/30 [170/25625600] via 131.108.36.4, 10:54:34, Ethernet0 D EX 168.131.1.0/24 [170/25625600] via 131.108.36.4, 10:54:34, Ethernet0 D EX 168.131.0.0/16 [170/25625600] via 131.108.36.4, 10:54:34, Ethernet0 131.108.0.0/16 is variably subnetted, 40 subnets, 2 masks D 131.108.255.16/30 [90/21017600] via 131.108.36.4, 11:13:47, Ethernet0 C 131.108.255.0/30 is directly connected, Serial0 D 131.108.255.4/30 [90/21017600] via 131.108.36.4, 11:17:45, Ethernet0 C 131.108.255.8/30 is directly connected, Serial1 C 131.108.255.12/30 is directly connected, Serial2 D 131.108.130.0/24 [90/21017600] via 131.108.255.14, 11:17:46, Serial2 D 131.108.129.0/24 [90/21043200] via 131.108.36.4, 11:13:41, Ethernet0

212

D 131.108.128.0/24 [90/21017600] via 131.108.255.10, 11:17:46, Serial1 C 131.108.36.0/24 is directly connected, Ethernet0 D 131.108.15.0/24 [90/21120000] via 131.108.255.1, 11:17:47, Serial0 D 131.108.14.0/24 [90/21120000] via 131.108.255.1, 11:17:47, Serial0 D 131.108.13.0/24 [90/21120000] via 131.108.255.1, 11:17:47, Serial0 D 131.108.12.0/24 [90/21120000] via 131.108.255.1, 11:17:47, Serial0 D 131.108.11.0/24 [90/21120000] via 131.108.255.1, 11:17:47, Serial0 D 131.108.10.0/24 [90/21120000] via 131.108.255.1, 11:17:47, Serial0 D 131.108.9.0/24 [90/21120000] via 131.108.255.1, 11:17:47, Serial0 D 131.108.8.0/24 [90/21120000] via 131.108.255.1, 11:17:47, Serial0 D 131.108.7.0/24 [90/21120000] via 131.108.255.1, 11:17:47, Serial0 D 131.108.6.0/24 [90/21120000] via 131.108.255.1, 11:17:47, Serial0 D 131.108.5.0/24 [90/21120000] via 131.108.255.1, 11:17:48, Serial0 D 131.108.4.0/24 [90/21120000] via 131.108.255.1, 11:17:48, Serial0 D 131.108.3.0/24 [90/21120000] via 131.108.255.1, 11:17:48, Serial0 D 131.108.2.0/24 [90/21120000] via 131.108.255.1, 11:17:48, Serial0 D 131.108.1.0/24 [90/21017600] via 131.108.255.1, 11:17:48, Serial0 D 131.108.31.0/24 [90/21145600] via 131.108.36.4, 11:17:48, Ethernet0 [90/21145600] via 131.108.255.1, 11:17:48, Serial0 D 131.108.30.0/24 [90/21145600] via 131.108.36.4, 11:17:48, Ethernet0 [90/21145600] via 131.108.255.1, 11:17:48, Serial0 D 131.108.29.0/24 [90/21145600] via 131.108.36.4, 11:17:48, Ethernet0 [90/21145600] via 131.108.255.1, 11:17:49, Serial0 D 131.108.28.0/24 [90/21145600] via 131.108.36.4, 11:17:49, Ethernet0 [90/21145600] via 131.108.255.1, 11:17:49, Serial0 D 131.108.27.0/24 [90/21145600] via 131.108.36.4, 11:17:49, Ethernet0 [90/21145600] via 131.108.255.1, 11:17:49, Serial0 D 131.108.26.0/24 [90/21145600] via 131.108.36.4, 11:17:49, Ethernet0 [90/21145600] via 131.108.255.1, 11:17:49, Serial0

213

D 131.108.25.0/24 [90/21145600] Ethernet0 [90/21145600] Serial0 D 131.108.24.0/24 [90/21145600] Ethernet0 [90/21145600] Serial0 D 131.108.23.0/24 [90/21145600] Ethernet0 [90/21145600] Serial0 D 131.108.22.0/24 [90/21145600] Ethernet0 [90/21145600] Serial0 D 131.108.21.0/24 [90/21145600] Ethernet0 [90/21145600] Serial0 D 131.108.20.0/24 [90/21145600] Ethernet0 [90/21145600] Serial0 D 131.108.19.0/24 [90/21145600] Ethernet0 [90/21145600] Serial0 D 131.108.18.0/24 [90/21145600] Ethernet0 [90/21145600] Serial0 D 131.108.17.0/24 [90/21145600] Ethernet0 [90/21145600] Serial0 D 131.108.16.0/24 [90/21145600] Ethernet0 [90/21145600] Serial0

via 131.108.36.4, 11:17:49, via 131.108.255.1, 11:17:49, via 131.108.36.4, 11:17:49, via 131.108.255.1, 11:17:50, via 131.108.36.4, 11:17:50, via 131.108.255.1, 11:17:50, via 131.108.36.4, 11:17:50, via 131.108.255.1, 11:17:50, via 131.108.36.4, 11:17:50, via 131.108.255.1, 11:17:50, via 131.108.36.4, 11:17:50, via 131.108.255.1, 11:17:50, via 131.108.36.4, 11:17:50, via 131.108.255.1, 11:17:50, via 131.108.36.4, 11:17:50, via 131.108.255.1, 11:17:50, via 131.108.36.4, 11:17:51, via 131.108.255.1, 11:17:51, via 131.108.36.4, 11:17:51, via 131.108.255.1, 11:17:51,

R3 has 31 separ at e net w or k ent r ies for t he r anges 131.108.1.0–131. 108. 31. 255. You can clear ly sum m ar ize t he net w or k s on R1 and R2 t o r educe t he I P r out ing t able. To sum m ar ize t he EI GRP net w or k, you apply t he ip su m m a r y - a d d r e ss e ig r p AS I P addr ess m ask com m and. Apply sum m ar izat ion on R1 for it s dir ect ly connect ed link s. Ex am ple 5- 32 display s t he int er face configur at ion r equir ed for sum m ar izing t he net w or k s r anging 131.108.1.0– 131. 108.15.255. The subnet m ask cover ing t his range is 255.255.240.0.

Ex a m ple 5 - 3 2 Su m m a r y Con f igu r a t ion on R1 w it h ? Tool R1(config)#interface serial 0/0 R1(config-if)#ip summary-address ?

214

eigrp Enhanced Interior Gateway Routing Protocol (EIGRP) R1(config-if)#ip summary-address eigrp ? Autonomous system number R1(config-if)#ip summary-address eigrp 1 ? A.B.C.D IP address R1(config-if)#ip summary-address eigrp 1 131.108.1.0 255.255.240.0 Next , display t he I P rout ing t able on R3. Ex am ple 5- 33 display s t he I P r out ing t able on R3 aft er sum m arizat ion is configured on R1.

Ex a m ple 5 - 3 3 R3 's I P Rou t in g Ta ble R3#show ip route eigrp 168.131.0.0/16 is variably subnetted, 3 subnets, 3 masks D EX 168.131.2.0/30 [170/25625600] via 131.108.36.4, 00:02:45, Ethernet0 D EX 168.131.1.0/24 [170/25625600] via 131.108.36.4, 00:02:45, Ethernet0 D EX 168.131.0.0/16 [170/25625600] via 131.108.36.4, 00:02:45, Ethernet0 131.108.0.0/16 is variably subnetted, 41 subnets, 3 masks D 131.108.255.16/30 [90/21017600] via 131.108.36.4, 00:02:45, Ethernet0 D 131.108.255.4/30 [90/21017600] via 131.108.36.4, 00:02:45, Ethernet0 D 131.108.130.0/24 [90/21017600] via 131.108.255.14, 00:02:46, Serial2 D 131.108.129.0/24 [90/21043200] via 131.108.36.4, 00:02:46, Ethernet0 D 131.108.128.0/24 [90/21017600] via 131.108.255.10, 00:02:46, Serial1 D 131.108.15.0/24 [90/21171200] via 131.108.36.4, 00:02:51, Ethernet0 D 131.108.14.0/24 [90/21171200] via 131.108.36.4, 00:02:51, Ethernet0 D 131.108.13.0/24 [90/21171200] via 131.108.36.4, 00:02:51, Ethernet0 D 131.108.12.0/24 [90/21171200] via 131.108.36.4, 00:02:51, Ethernet0 D 131.108.11.0/24 [90/21171200] via 131.108.36.4, 00:02:51, Ethernet0 D 131.108.10.0/24 [90/21171200] via 131.108.36.4, 00:02:51, Ethernet0 D 131.108.9.0/24 [90/21171200] via 131.108.36.4, 00:02:51, Ethernet0 D 131.108.8.0/24 [90/21171200] via 131.108.36.4, 00:02:51, Ethernet0 D 131.108.7.0/24 [90/21171200] via 131.108.36.4, 00:02:51, Ethernet0 D 131.108.6.0/24 [90/21171200] via 131.108.36.4, 00:02:51, Ethernet0 D 131.108.5.0/24 [90/21171200] via 131.108.36.4, 00:02:52, Ethernet0 D 131.108.4.0/24 [90/21171200] via 131.108.36.4, 00:02:52, Ethernet0

215

D 131.108.3.0/24 [90/21171200] via 131.108.36.4, 00:02:52, Ethernet0 D 131.108.2.0/24 [90/21171200] via 131.108.36.4, 00:02:53, Ethernet0 D 131.108.1.0/24 [90/21043200] via 131.108.36.4, 00:02:53, Ethernet0 D 131.108.0.0/20 [90/21120000] via 131.108.255.1, 00:02:48, Serial0 D 131.108.31.0/24 [90/21145600] via 131.108.36.4, 00:02:48, Ethernet0 [90/21145600] via 131.108.255.1, 00:02:48, Serial0 D 131.108.30.0/24 [90/21145600] via 131.108.36.4, 00:02:48, Ethernet0 [90/21145600] via 131.108.255.1, 00:02:48, Serial0 D 131.108.29.0/24 [90/21145600] via 131.108.36.4, 00:02:49, Ethernet0 [90/21145600] via 131.108.255.1, 00:02:49, Serial0 D 131.108.28.0/24 [90/21145600] via 131.108.36.4, 00:02:49, Ethernet0 [90/21145600] via 131.108.255.1, 00:02:49, Serial0 D 131.108.27.0/24 [90/21145600] via 131.108.36.4, 00:02:49, Ethernet0 [90/21145600] via 131.108.255.1, 00:02:49, Serial0 D 131.108.26.0/24 [90/21145600] via 131.108.36.4, 00:02:49, Ethernet0 [90/21145600] via 131.108.255.1, 00:02:49, Serial0 D 131.108.25.0/24 [90/21145600] via 131.108.36.4, 00:02:49, Ethernet0 [90/21145600] via 131.108.255.1, 00:02:49, Serial0 D 131.108.24.0/24 [90/21145600] via 131.108.36.4, 00:02:49, Ethernet0 [90/21145600] via 131.108.255.1, 00:02:49, Serial0 D 131.108.23.0/24 [90/21145600] via 131.108.36.4, 00:02:49, Ethernet0 [90/21145600] via 131.108.255.1, 00:02:50, Serial0 D 131.108.22.0/24 [90/21145600] via 131.108.36.4, 00:02:50, Ethernet0 [90/21145600] via 131.108.255.1, 00:02:50, Serial0 D 131.108.21.0/24 [90/21145600] via 131.108.36.4, 00:02:50, Ethernet0 [90/21145600] via 131.108.255.1, 00:02:50, Serial0 D 131.108.20.0/24 [90/21145600] via 131.108.36.4, 00:02:50, Ethernet0 [90/21145600] via 131.108.255.1, 00:02:50, Serial0

216

D 131.108.19.0/24 [90/21145600] Ethernet0 [90/21145600] Serial0 D 131.108.18.0/24 [90/21145600] Ethernet0 [90/21145600] Serial0 D 131.108.17.0/24 [90/21145600] Ethernet0 [90/21145600] Serial0 D 131.108.16.0/24 [90/21145600] Ethernet0 [90/21145600] Serial0

via 131.108.36.4, 00:02:50, via 131.108.255.1, 00:02:50, via 131.108.36.4, 00:02:50, via 131.108.255.1, 00:02:51, via 131.108.36.4, 00:02:51, via 131.108.255.1, 00:02:51, via 131.108.36.4, 00:02:51, via 131.108.255.1, 00:02:51,

R3 st ill has t he 15 net wor k ent r ies adv er t ised t hr ough t he nex t hop addr ess 131.108.36.4, or R4, as w ell as t he sum m ar y addr ess 131.108.0.0/ 20. ( This encom passes t he r ange 131.108.1.0–131. 108. 15. 255. ) R3 has t w o pat hs t o t he rem ot e rout er R1. Cisco EI GRP- enabled r out er s alw ay s accept an incom ing r out e w it h a m ore specific dest inat ion. When y ou per for m ed sum m ar izat ion, y ou configur ed only R1 t o sum m ar ize t o R3; you m ust also pr ovide t he sam e sum m ar y addr ess t o R2. Ex am ple 5- 34 configur es sum m ar izat ion on R1 point ing t o R2. The int er face t hat R1 and R2 ar e adj acent t o, nam ely Et her net 0/ 0, is w her e y ou need t o apply t he sam e sum m ar y com m and used in Ex am ple 5- 32.

Ex a m ple 5 - 3 4 Su m m a r y on R1 Poin t in g t o R2 R1(config)#interface ethernet 0/0 R1(config-if)#ip summary-address eigrp

1 131.108.1.0 255.255.240.0

Before you look at R3's I P rout ing t able, you m ust perform t he sam e sum m ar y configur at ion on R2 because R2 has 15 dir ect ly cont iguous net w or ks r anging fr om 131.108.16.0 t o 131.108.31.255. Ex am ple 5- 35 display s t he sum m ar y configur at ion on R2. Tw o sum m ar y com m ands ar e r equir ed: one t o R1 t hr ough Et her net 0/ 0 and anot her t o R4 t hr ough Ser ial 1/ 0.

Ex a m ple 5 - 3 5 Su m m a r y on R2 R2(config)#interface ethernet 0/0 R2(config-if)#ip summary-address eigrp 1 131.108.16.0 255.255.240.0 R2(config-if)#interface serial1/0 R2(config-if)#ip summary-address eigrp 1 131.108.16.0 255.255.240.0 Ex am ple 5- 36 displays t he I P rout ing t able on R3.

Ex a m ple 5 - 3 6 sh ow ip r ou t e e igr p on R3 R3#show ip route eigrp 168.131.0.0/16 is variably subnetted, 3 subnets, 3 masks

217

D EX 168.131.2.0/30 [170/25625600] via 131.108.36.4, 00:02:17, Ethernet0 D EX 168.131.1.0/24 [170/25625600] via 131.108.36.4, 00:02:17, Ethernet0 D EX 168.131.0.0/16 [170/25625600] via 131.108.36.4, 00:02:17, Ethernet0 131.108.0.0/16 is variably subnetted, 12 subnets, 3 masks D 131.108.255.16/30 [90/21017600] via 131.108.36.4, 00:02:17, Ethernet0 D 131.108.255.4/30 [90/21017600] via 131.108.36.4, 00:02:22, Ethernet0 D 131.108.130.0/24 [90/21017600] via 131.108.255.14, 00:12:20, Serial2 D 131.108.129.0/24 [90/21043200] via 131.108.36.4, 00:02:17, Ethernet0 D 131.108.128.0/24 [90/21017600] via 131.108.255.10, 00:12:20, Serial1 D 131.108.1.0/24 [90/21043200] via 131.108.36.4, 00:02:14, Ethernet0 D 131.108.0.0/20 [90/21120000] via 131.108.255.1, 00:02:14, Serial0 D 131.108.16.0/20 [90/21145600] via 131.108.255.1, 00:02:14, Serial0 [90/21145600] via 131.108.36.4, 00:02:14, Ethernet0 R3's I P r out ing t able has been significant ly r educed fr om 31 net w or k ent r ies for t he subnet s r anging fr om 1 t o 31 t o t w o net w or k ent r ies. Pr ior t o sum m ar izat ion, t her e w er e 41 subnet s; now only 12 subnet s ar e pr esent in t he Class B net w or k 131.108.0.0 in R3's rout ing t able. Also, not e t hat load balancing is in place t o R2's dir ect ly connect ed loopback s because t he EI GRP m et r ics ar e t he sam e t hr ough ser ial 0 and Et her net 0. Also, in t ur n, sum m ar izat ion r educes t he EI GRP t opology t able. The added benefit of sum m ar izat ion is t hat a net w or k failur e on any one net w or k is not pr opagat ed t o r em ot e net w or k s t o w hich a sum m ar y r out e is sent . Ex am ple 5- 37 display s R4's I P r out ing t able t o dem onst r at e sim ilar benefit s.

Ex a m ple 5 - 3 7 sh ow ip r ou t e e igr p Com m a n d on R4 R4>sh ip route eigrp 168.131.0.0/16 is variably subnetted, 3 subnets, 3 masks D 168.131.1.0/24 [90/21017600] via 168.131.2.2, 11:29:38, Serial2 D 168.131.0.0/16 is a summary, 11:29:40, Null0 131.108.0.0/16 is variably subnetted, 13 subnets, 4 masks D 131.108.255.0/30 [90/21017600] via 131.108.36.3, 00:06:27, Ethernet0 D 131.108.255.8/30 [90/21017600] via 131.108.36.3, 11:30:01, Ethernet0 D 131.108.255.12/30 [90/21017600] via 131.108.36.3, 11:30:01, Ethernet0 D 131.108.130.0/24 [90/21043200] via 131.108.36.3, 11:30:01, Ethernet0

218

D 131.108.129.0/24 [90/21017600] via 131.108.255.18, 11:30:01, Serial1 D 131.108.128.0/24 [90/21043200] via 131.108.36.3, 11:30:01, Ethernet0 D 131.108.1.0/24 [90/21017600] via 131.108.255.5, 00:06:28, Serial0 D 131.108.0.0/20 [90/21145600] via 131.108.36.3, 00:06:28, Ethernet0 [90/21145600] via 131.108.255.5, 00:06:28, Serial0 D 131.108.16.0/20 [90/21120000] via 131.108.255.5, 00:06:29, Serial0 Because R4 is dir ect ly connect ed t o R2, t her e is only one pat h ( low er m et r ic) t ak en t o R2's dir ect ly connect ed int er faces, w hile load balancing is t aking place for R1's dir ect ly connect ed net w or k s. Ex am ple 5- 38 displays t he sum m ar y EI GRP configur at ion on R1.

Ex a m ple 5 - 3 8 Su m m a r y EI GRP Con figu r a t ion on R1 interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ip summary-address eigrp 1 131.108.0.0 255.255.240.0 ! interface Serial0/0 bandwidth 128 ip address 131.108.255.1 255.255.255.252 ip summary-address eigrp 1 131.108.0.0 255.255.240.0 clockrate 125000 Ex am ple 5- 39 displays t he sum m ar y EI GRP configur at ion on R2.

Ex a m ple 5 - 3 9 Su m m a r y EI GRP Con figu r a t ion on R2 interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 ip summary-address eigrp 1 131.108.16.0 255.255.240.0 ! interface Serial1/0 bandwidth 128 ip address 131.108.255.5 255.255.255.252 ip summary-address eigrp 1 131.108.16.0 255.255.240.0 clockrate 128000

Sce n a r io 5 - 3 : EI GRP a n d V LSM This scenar io dem onst r at es t he capabilit y of EI GRP t o handle VLSM w it h a sim ple four- r out er t opology . Figur e 5- 4 displays t he four - r out er t opology along w it h t he I P addr essing schem e.

219

Figu r e 5 - 4 . V LSM a n d EI GRP Top olog y

Four rout ers in Figur e 5- 4 r eside in t he sam e AS, so y ou do not need t o configur e any r edist r ibut ion. Also, t he Class A addr esses, 10.1.1.0/ 25 and 10.1.1.128/ 25, ar e configur ed on t he Et her net int er faces on R3 and R4, r espect ively. VLSM is used on all four r out er s. The Class A addr ess, 10.0.0.0/ 8, is r eser v ed for pr iv at e use and not r out able in t he I nt er net . Enable EI GRP in AS 1 on all four rout ers. Ex ample 5- 40 display s t he EI GRP configur at ion on r out er s R1 and R2. Bot h r out er s r eside in AS 1 and ar e connect ed t o only t he net work 131.108.1.0, so t he EI GRP configurat ion is t he sam e on R1 and R2.

Ex a m ple 5 - 4 0 EI GRP Con figu r a t ion on R1 a n d R2 router eigrp 1 network 131.108.0.0 R3 and R4 require bot h 131.108.0.0 and 10.0.0.0 n e t w o r k st at em ent s, as display ed by Ex am ple 5- 41.

Ex a m ple 5 - 4 1 EI GRP Con figu r a t ion on R3 a n d R4 router eigrp 1 network 131.108.0.0 network 10.0.0.0 View t he I P r out ing t able on R1 t o ensure t hat all subnet s are rout able t hrough R1. Ex am ple 5- 42 displays R1's r out ing t able.

220

Ex a m ple 5 - 4 2 R1 's I P Rou t in g Ta ble R1#show ip route D 10.0.0.0/8 [90/20537600] via 131.108.1.18, 00:06:19, Serial0/0 131.108.0.0/16 is variably subnetted, 4 subnets, 3 masks C 131.108.1.0/28 is directly connected, Ethernet0/0 D 131.108.1.20/30 [90/20537600] via 131.108.1.2, 00:08:55, Ethernet0/0 C 131.108.1.16/30 is directly connected, Serial0/0 R1's I P r out ing t ables display a t ot al of t w o dynam ically lear ned EI GRP r out er s: one r out e t o t he net w or k 131.108.1.20/ 30 ( t he serial link bet ween R2 and R4) and one t o net w or k r em ot e net w or k 10.0.0.0 t hr ough R3. Tak e a closer look at t he r em ot e I P net w or k on R3. R3 is configur ed w it h t he net w or k 10.1.1.0/ 25, yet R1 assum es t hat t he ent ir e Class A net w or k is available t hr ough Ser ial 0/ 0, or R3. Ex am ple 5- 43 displays R2's I P rout ing t able.

Ex a m ple 5 - 4 3 R2 's I P Rou t in g Ta ble R2#show ip route D 10.0.0.0/8 [90/20537600] via 131.108.1.22, 00:02:15, Serial1/0 131.108.0.0/16 is variably subnetted, 3 subnets, 2 masks C 131.108.1.0/28 is directly connected, Ethernet0/0 C 131.108.1.20/30 is directly connected, Serial1/0 D 131.108.1.16/30 [90/20537600] via 131.108.1.1, 00:02:16, Ethernet0/0 R2 also has t w o r em ot e EI GRP r out es: one point ing t o t he r em ot e net w or k 131.108.1.20/ 30 ( t he ser ial link bet w een R1 and R3) and t he ent ir e Class A net w or k 10.0.0.0 t hrough R4. Therefore, Rout ers R1 and R2 do not cont ain m ore specific rout ing ent r ies for t he 10.0.0.0 net w or k. EI GRP, by default , aut om at ically sum m ar izes at t he net w or k boundar y for any I P net w or k s not locally configur ed. Because R1 and R2 do not hav e any int er faces configur ed in t he Class A addr ess 10.0.0.0, bot h r out er s assum e t he default Class A m ask of 255.0.0.0. You can t ur n t his feat ur e off w it h t he n o a u t o- su m m a r y com m and under t he EI GRP r out ing pr ocess. Disable aut om at ic sum m ar izat ion on R1 and R2. Ex am ple 5- 44 displays t he disabling of aut om at ic sum m arizat ion on R1 and R2.

Ex a m ple 5 - 4 4 D isa blin g Au t o Su m m a r y on R1 a n d R2 R1(config)#router eigrp 1 R1(config-router)#no auto-summary R2(config)#router eigrp 1 R2(config-router)#no auto-summary Ex am ple 5- 45 displays t he I P rout ing t able on R1.

Ex a m ple 5 - 4 5 R1 ' s EI GRP I P Rou t in g Ta ble R1#show ip route eigrp D 10.0.0.0/8 [90/20537600] via 131.108.1.18, 00:00:24, Serial0/0

221

131.108.0.0/16 is variably subnetted, 3 subnets, 2 masks D 131.108.1.20/30 [90/20537600] via 131.108.1.2, 00:00:24, Ethernet0/0 R1 st ill assum es t he ent ir e Class A net w or k is t hr ough R3 because ev en aft er y ou disable aut om at ic su m m arizat ion, you m ust st ill sum m arize on t he edge rout ers: R3 and R4. Sum m arize 10.1.1.0/ 25 on R3 and 10.1.1.128/ 25 on R4. Ex am ple 5- 46 displays t he sum m ar y on R3.

Ex a m ple 5 - 4 6 Su m m a r y Con f ig u r a t ion on R3 R3(config)#interface serial 0 R3(config-if)#ip summary-address eigrp 1 10.1.1.0 255.255.255.128 Ex am ple 5- 47 display s t he sum m ar y on R4.

Ex a m ple 5 - 4 7 Su m m a r y Con f ig u r a t ion on R4 R4(config)#interface serial 0 R4(config-if)#ip summary-address eigrp 1 10.1.1.128 255.255.255.128 R3 and R4 send an updat e t o R1 and R2. Ex am ple 5- 48 displays R1's I P rout ing t able.

Ex a m ple 5 - 4 8 R1 's I P Rou t in g Ta ble R1#show ip route 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks D 10.1.1.0/0 [90/20537600] via 131.108.1.18, 00:01:29, Serial0/0 D 10.1.1.128/25 [90/20563200] via 131.108.1.2, 00:02:07, Ethernet0/0 131.108.0.0/16 is variably subnetted, 3 subnets, 2 masks C 131.108.1.0/28 is directly connected, Ethernet0/0 D 131.108.1.20/30 [90/20537600] via 131.108.1.2, 00:04:46, Ethernet0/0 C 131.108.1.16/30 is directly connected, Serial0/0 Ex am ple 5- 49, for com plet eness, displays R2's I P r out ing t able.

Ex a m ple 5 - 4 9 R2 's I P Rou t in g Ta ble R2#show ip route 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks D 10.1.1.0/0 [90/20537600] via 131.108.1.1, 00:02:00, Ethernet0/0 D 10.1.1.128/25 [90/20537600] via 131.108.1.22, 00:03:17, Serial1/0 131.108.0.0/16 is variably subnetted, 3 subnets, 2 masks C 131.108.1.0/28 is directly connected, Ethernet0/0 C 131.108.1.20/30 is directly connected, Serial1/0 D 131.108.1.16/30 [90/20537600] via 131.108.1.1, 00:06:06, Ethernet0/0

222

EI GRP suppor t s VLSM, and you have j ust seen how careful you m ust be w hen using EI GRP as y our I P r out ing pr ot ocol. EI GRP suppor t s VLSM as all I P r out ing updat es do, w hen configur ed appr opr iat ely, and sends t he subnet m ask along w it h t he net w or k infor m at ion. Ex am ple 5- 50 display s R1's full w or k ing configur at ion.

Ex a m ple 5 - 5 0 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 ! logging buffered 64000 debugging enable password cisco ! ip subnet-zero no ip domain-lookup interface Ethernet0/0 ip address 131.108.1.1 255.255.255.240 ! interface Serial0/0 bandwidth 128 ip address 131.108.1.17 255.255.255.252 clockrate 125000 ! interface Serial0/1 shutdown ! router eigrp 1 network 131.108.0.0 no auto-summary ! line con 0 line aux 0 line vty 0 4 end Ex am ple 5- 51 display s R2's full w or k ing configur at ion.

Ex a m ple 5 - 5 1 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Ethernet0/0 ip address 131.108.1.2 255.255.255.240 ! interface Serial1/0 bandwidth 128 ip address 131.108.1.21 255.255.255.252 clockrate 128000 ! interface Serial1/1

223

shutdown ! interface Serial1/2 shutdown! interface Serial1/3 shutdown ! router eigrp 1 network 131.108.0.0 no auto-summary line con 0 line aux 0 line vty 0 4 ! end Ex am ple 5- 52 display s R3's full w or k ing configur at ion.

Ex a m ple 5 - 5 2 R3 ' s Fu ll W or k in g Con figu r a t ion hostname R3 ! enable password cisco ! no ip domain-lookup ! interface Ethernet0 ip address 10.1.1.1 255.255.255.128 ! interface Serial0 ip address 131.108.1.18 255.255.255.252 ip summary-address eigrp 1 10.1.1.0 255.255.255.128 bandwidth 125 ! interface Serial1 shutdown interface Serial2 shutdown interface Serial3 shutdown ! router eigrp 1 network 131.108.0.0 network 10.0.0.0 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 5- 53 display s R4's full w or k ing configur at ion.

Ex a m ple 5 - 5 3 R4 ' s Fu ll W or k in g Con figu r a t ion hostname R4

224

! enable password cisco ! ip subnet-zero no ip domain-lookup interface Ethernet0 ip address 10.1.1.129 255.255.255.128 interface Serial0 bandwidth 125 ip address 131.108.1.22 255.255.255.252 ip summary-address eigrp 1 10.1.1.128 255.255.255.128 ! interface Serial1 shutdown interface Serial2 shutdown interface Serial3 shutdown ! router eigrp 1 network 10.0.0.0 network 131.108.0.0 ! line con 0 line aux 0 line vty 0 4 end

Sce n a r io 5 - 4 : Con figu r in g Adv a n ce d EI GRP a n d Re dist r ibu t ion I n t his scenar io, y ou configur e a net w or k com posed of six Cisco r out er s r unning a com binat ion of IP r out ing pr ot ocols, nam ely EI GRP in AS 1, I GRP in AS 10, and OSPF, as displayed in Figur e 5- 5.

Figu r e 5 - 5 . I P Rou t in g Topology U sin g EI GRP, I GRP, a n d OSPF

225

N OTE The I GRP dom ain is configur ed w it h a Class C m ask ever yw her e because I GRP does not suppor t VLSM.

The Class B net w or k , 131.108.0.0, is pr esent on all r out er s. The Class A net w or k r esides in OSPF ar ea 0. Finally, t he Class B addr ess, 141.108.0.0, is locat ed in I GRP AS 10. R3 and R4 need t o have r edist r ibut ion configur ed am ong t he differ ent r out ing dom ains. Rout er R3 needs t o run EI GRP in AS 1 and I GRP 10. R3 m ust ensur e t hat EI GRP updat es ar e sent t o int er faces E0 and Ser ial 0 only, and because you ar e using t he sam e Class B addr ess, you m ust m ake t he int er faces not in I GRP AS 10 passive. The sam e condit ion applies t o t he I GRP pr ocess; you should also m ake int er faces not in I GRP 10 passive. Ther e is no r eason t o send EI GRP updat es, for exam ple, t o R7 and w ast e CPU and WAN bandw idt h because R7 is configur ed for I GRP only . The classful behav ior of I GRP and EI GRP m eans y ou m ust be car eful w hen using t he sam e class net w or k am ong differ ent r out ing dom ains. St art by configuring R3. Ex am ple 5- 54 displays t he EI GRP and I GRP configur at ion on R3.

226

Ex a m ple 5 - 5 4 EI GRP a n d I GRP Con figu r a t ion on R3 R3(config)#router eigrp 1 R3(config-router)#network 131.108.0.0 R3(config-router)#passive-interface serial 2 R3(config)#router igrp 10 R3(config-router)#network 131.108.0.0 R3(config-router)#passive-interface ethernet 0 R3(config-router)#passive-interface serial 0 As y et , y ou hav e not configur ed any r edist r ibut ion on R3. Configur e r edist r ibut ion bet w een EI GRP and I GRP ( bot h w ays) on R3. Ex am ple 5- 55 display s how t o configur e r edist r ibut ion fr om I GRP t o EI GRP. Ev en t hough t he m et ric used by I GRP and EI GRP is t he sam e, you m ust st ill advise EI GRP of t he m et r ic v alues because t he AS num ber s ar e differ ent .

Ex a m ple 5 - 5 5 Re dist r ibu t ion on R3 R3(config)#router igrp 10 R3(config-router)#redistribute eigrp 1 ? metric Metric for redistributed routes route-map Route map reference

R3(config-router)#redistribute eigrp 1 metric ? IGRP bandwidth metric in kilobits per second R3(config-router)#redistribute eigrp 1 metric 128 ? IGRP delay metric, in 10 microsecond units R3(config-router)#redistribute eigrp 1 metric 128 20000 ? IGRP reliability metric where 255 is 100% reliable R3(config-router)#redistribute eigrp 1 metric 128 20000 255 ? IGRP Effective bandwidth metric (Loading) where 255 is 100% loaded R3(config-router)#redistribute eigrp 1 metric 128 20000 255 1 255 Exam p le 5- 56 display s r edist r ibut ion fr om EI GRP t o I GRP.

Ex a m ple 5 - 5 6 Re dist r ibu t in g EI GRP in t o I GRP on R3 R3(config-router)#redistribute eigrp 1 ? metric Metric for redistributed routes route-map Route map reference

R3(config-router)#redistribute eigrp 1 metric ? IGRP bandwidth metric in kilobits per second R3(config-router)#redistribute eigrp 1 metric 128 ? IGRP delay metric, in 10 microsecond units R3(config-router)#redistribute eigrp 1 metric 128 20000 ? IGRP reliability metric where 255 is 100% reliable R3(config-router)#redistribute eigrp 1 metric 128 20000 255 ? IGRP Effective bandwidth metric (Loading) where 255 is 100% loaded R3(config-router)#redistribute eigrp 1 metric 128 20000 255 1 ? IGRP MTU of the path R3(config-router)#redistribute eigrp 1 metric 128 20000 255 1 1500

227

Nex t , exam ine R7's I P r out ing t able t o see w het her t he EI GRP net w or k s ar e inst alled. Ex am ple 5- 57 displays R7's I P rout ing t able.

Ex a m ple 5 - 5 7 sh ow ip r ou t e on R7 R7#show ip route 141.108.0.0/24 is subnetted, 1 subnets C 141.108.128.0 is directly connected, Ethernet0 131.108.0.0/24 is subnetted, 2 subnets C 131.108.254.0 is directly connected, Serial0 I 131.108.1.0 [100/84100] via 131.108.254.1, 00:00:05, Serial0 R7 I GRP ent r ies ar e only t hose net w or k s t hat ar e classful or Class C because t he dir ect ly connect ed ser ial int er face t o R3 is a Class C m ask. Those net works in t he EI GRP dom ain t hat ar e not Class C net w or ks, such as t he Ser ial link bet w een R1 and R2 ( / 30) or t he Et hernet segm ent bet w een R3 and R4 ( / 25) , are not present in R7's r out ing t able. You can use st at ic rout es on R7 t o cor r ect ly ident ify t he net w or k s in t he EI GRP dom ain. ( You hav e y et t o lear n how t o configur e st at ic r out es; st at ic r out es ar e covered in Chapt ers 6, “ Basic Bor der Gat ew ay Pr ot ocol.” ) Ex am ple 5- 58 display s t he st at ic I P r out ing configur at ion on R7 point ing t o t he r em ot e net w or ks 131.108.2.128/ 25 and 131.108.255.0/ 30 net w or k s. The v ar iably subnet t ed net w or k , 131.108.2.128/ 25, is not pr esent on R7's I P ( I GRP) r out ing t able because I GRP does not suppor t VLSM. You can use st at ic r out es t o ov er com e t his lim it at ion because st at ic r out er hav e a m or e t r ust ed adm inist r at iv e dist ance of 1.

Ex a m ple 5 - 5 8 St a t ic Rou t e Con f igu r a t ion on R7 R7(config)#ip R7(config)#ip R7(config)#ip R7(config)#ip

route route route route

131.108.2.128 131.108.255.0 131.108.255.4 131.108.255.8

255.255.255.128 255.255.255.252 255.255.255.252 255.255.255.252

Serial0 Serial0 Serial0 Serial0

Ex am ple 5- 59 display s R7's r out ing t able along w it h som e successful pings t o t he non- Class C net w or ks.

Ex a m ple 5 - 5 9 R7 's I P Rou t in g Ta ble a n d Pin g Re qu e st s R7#show ip route 141.108.0.0/24 is subnetted, 1 subnets C 141.108.128.0 is directly connected, Ethernet0 131.108.0.0/16 is variably subnetted, 6 subnets, 3 masks S 131.108.255.0/30 is directly connected, Serial0 C 131.108.254.0/24 is directly connected, Serial0 S 131.108.255.4/30 is directly connected, Serial0 S 131.108.255.8/30 is directly connected, Serial0 S 131.108.2.128/25 is directly connected, Serial0 I 131.108.1.0/24 [100/84100] via 131.108.254.1, 00:00:57, Serial0 R7#ping 131.108.255.5 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.255.5, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/32/36 ms

228

R7#ping 131.108.255.6 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.255.6, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms R7#ping 131.108.255.9 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.255.9, timeout is 2 seconds: !!!!! Configur e R4 for r edist r ibut ion because R4 is at t ached t o t he EI GRP 1 dom ain and OSPF. Once m ore, you need t o m ake any int erfaces not required in t he EI GRP dom ain passiv e. Ex am ple 5- 60 displays t he r edist r ibut ion fr om OSPF int o EI GRP 1.

Ex a m ple 5 - 6 0 Re dist r ibu t ion on R4 f r om OSPF t o EI GRP R4(config)#router eigrp 1 R4(config-router)#passive-interface s2 R4(config-router)#redistribute ospf 1 metric ? Bandwidth metric in Kbits per second R4(config-router)#redistribute ospf 1 metric 128 ? IGRP delay metric, in 10 microsecond units R4(config-router)#redistribute ospf 1 metric 128 20000 ? IGRP reliability metric where 255 is 100% reliable R4(config-router)#redistribute ospf 1 metric 128 20000 255 ? IGRP Effective bandwidth metric (Loading) where 255 is 100% loaded R4(config-router)#redistribute ospf 1 metric 128 20000 255 1 ? IGRP MTU of the path R4(config-router)#redistribute ospf 1 metric 128 20000 255 1 1500 Ex am ple 5- 61 display s t he r edist r ibut ion fr om EI GRP int o OSPF. Rem em ber , EI GRP dom ains have subnet t ed net w or ks, so you m ust apply t he keyw or d su bn e t s w hen r edist r ibut ing fr om EI GRP t o OSPF.

Ex a m ple 5 - 6 1 Re dist r ibu t ion fr om EI GRP t o OSPF on R4 R4(config-router)#router ospf 1 R4(config-router)#redistribute eigrp ? Autonomous system number R4(config-router)#redistribute eigrp 1 ? metric Metric for redistributed routes metric-type OSPF/IS-IS exterior metric type for redistributed routes route-map Route map reference subnets Consider subnets for redistribution into OSPF tag Set tag for routes redistributed into OSPF

R4(config-router)#redistribute eigrp 1 metric 100 ? metric Metric for redistributed routes metric-type OSPF/IS-IS exterior metric type for redistributed routes route-map Route map reference subnets Consider subnets for redistribution into OSPF tag Set tag for routes redistributed into OSPF

R4(config-router)#redistribute eigrp 1 metric 100 subnets

229

View t he I P rout ing t able on R1 in EI GRP 1 t o ensure t hat R1 has a pat h t o every net w ork in t his t opology. Ex am ple 5- 62 displays R1's I P rout ing t able.

Ex a m ple 5 - 6 2 R1 's I P Rou t in g Ta ble R1>sh ip route Codes: C - connected D - EIGRP, EX - EIGRP external, D EX 141.108.0.0/16 [170/21529600] via 131.108.255.2, 00:19:05, Serial0/0 D 10.0.0.0/8 [90/25657600] via 131.108.255.2, 00:08:30, Serial0/0 [90/25657600] via 131.108.1.2, 00:08:30, Ethernet0/0 131.108.0.0/16 is variably subnetted, 6 subnets, 3 masks D 131.108.254.0/24 [90/21504000] via 131.108.255.2, 00:19:06, Serial0/0 D 131.108.255.4/30 [90/20537600] via 131.108.1.2, 00:19:06, Ethernet0/0 D 131.108.255.8/30 [90/21529600] via 131.108.1.2, 00:19:06, Ethernet0/0 [90/21529600] via 131.108.255.2, 00:19:06, Serial0/0 D 131.108.2.128/25 [90/20537600] via 131.108.255.2, 00:19:06, Serial0/0 C 131.108.1.0/24 is directly connected, Ethernet0/0 C 131.108.255.0/30 is directly connected, Serial0/0 R1 has an I P rout ing ent ry for all EI GRP net works in AS 1, as well as t he ext ernal EI GRP net w or k r out ing fr om OSPF and I GRP. To confir m net w or k connect ivit y, ping fr om R1 t o all t he r em ot e net w or ks. Ex am ple 5- 63 displays a ping r equest and r eply fr om R1 t o all t he r em ot e net w or ks in Figur e 5- 5.

Ex a m ple 5 - 6 3 Sa m ple Pin g Re qu e st fr om R1 R1>ping 141.108.128.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.128.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/31/32 ms R1>ping 10.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/36 ms R1>ping 131.108.255.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.255.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/32 ms R1>ping 131.108.255.9 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.255.9, timeout is 2 seconds:

230

!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1>ping 131.108.2.129 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.2.129, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms You hav e j ust configur ed a com plex net w or k w it h t hr ee differ ent I P r out ing pr ot ocols and hav e successfully enabled net w or k I P connect iv it y am ong all r out er s. Ex am ple 5- 64 pr ov ides t he full w or k ing configur at ion of R1.

Ex a m ple 5 - 6 4 sh ow r u n n in g - con f ig on R1 hostname R1 ! logging buffered 64000 debugging enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! interface Serial0/0 bandwidth 125 ip address 131.108.255.1 255.255.255.252 clockrate 125000 ! interface Serial0/1 shutdown ! router eigrp 1 network 131.108.0.0 line con 0 line aux 0 line vty 0 4 ! end Ex am ple 5- 65 pr ov ides t he full w or k ing configur at ion of R2.

Ex a m ple 5 - 6 5 sh ow r u n n in g - con f ig on R2 hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 ! interface Serial1/0

231

bandwidth 128 ip address 131.108.255.5 255.255.255.252 clockrate 128000 ! interface Serial1/1 shutdown ! router eigrp 1 network 131.108.0.0 line con 0 line aux 0 line vty 0 4 end Ex am ple 5- 66 pr ov ides t he full w or k ing configur at ion of R3.

Ex a m ple 5 - 6 6 sh ow r u n n in g - con f ig on R3 hostname R3 ! enable password cisco ! no ip domain-lookup ! interface Ethernet0 ip address 131.108.2.129 255.255.255.128 ! interface Serial0 ip address 131.108.255.2 255.255.255.252 bandwidth 125 ! interface Serial1 shutdown ! interface Serial2 ip address 131.108.254.1 255.255.255.0 bandwidth 125 clockrate 125000 ! interface Serial3 shutdown ! router eigrp 1 redistribute igrp 10 metric 128 20000 255 1 255 passive-interface Serial2 network 131.108.0.0 ! router igrp 10 redistribute eigrp 1 metric 128 20000 255 1 1500 passive-interface Ethernet0 passive-interface Serial0 network 131.108.0.0 ! line con 0 line aux 0 line vty 0 4

232

end Ex am ple 5- 67 pr ov ides t he full w or k ing configur at ion of R4.

Ex a m ple 5 - 6 7 sh ow r u n n in g - con f ig on R4 hostname R4 ! enable password cisco ip subnet-zero no ip domain-lookup interface Ethernet0 ip address 131.108.2.130 255.255.255.128 interface Serial0 shutdown ! interface Serial1 shutdown ! interface Serial2 bandwidth 125 ip address 131.108.255.9 255.255.255.252 clockrate 125000 ! interface Serial3 shutdown ! router eigrp 1 redistribute ospf 1 metric 128 20000 255 1 1500 passive-interface Serial2 network 131.108.0.0 ! router ospf 1 redistribute eigrp 1 metric 100 subnets network 131.108.255.8 0.0.0.3 area 0 line con 0 line aux 0 line vty 0 4 end Ex am ple 5- 68 pr ov ides t he full w or k ing configur at ion of R7.

Ex a m ple 5 - 6 8 sh ow r u n n in g - con f ig on R7 hostname R7 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Ethernet0 ip address 141.108.128.1 255.255.255.0 ! interface Serial0 bandwidth 125

233

ip address 131.108.254.2 255.255.255.0 ! interface Serial1 shutdown ! router igrp 10 network 131.108.0.0 network 141.108.0.0 ! ip route 131.108.2.128 255.255.255.128 Serial0 ip route 131.108.255.0 255.255.255.252 Serial0 ip route 131.108.255.4 255.255.255.252 Serial0 ip route 131.108.255.8 255.255.255.252 Serial0 ! line con 0 line aux 0 line vty 0 4 end Ex am ple 5- 69 pr ov ides t he full w or k ing configur at ion of R8.

Ex a m ple 5 - 6 9 sh ow r u n n in g - con f ig on R8 hostname R8 enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Ethernet0 ip address 10.1.1.1 255.255.255.0 ! interface Serial0 bandwidth 125 ip address 131.108.255.10 255.255.255.252 interface Serial1 shutdown ! router ospf 1 network 10.1.1.0 0.0.0.255 area 0 network 131.108.255.8 0.0.0.3 area 0 ! line con 0 line aux 0 line vty 0 4 ! end

Sce n a r io 5 - 5 : V e r ify in g EI GRP Con figu r a t ion This final scenar io look s at w ay s t he Cisco I OS enables y ou t o m onit or and v er ify EI GRP I P r out ing w it hin a Cisco r out er net w or k.

234

Th is scenario uses t he net work in Figur e 5- 5 t o dem onst r at e som e com m on s h o w com m ands t hat v er ify t hat EI GRP is oper at ing cor r ect ly . Pr oper ly using sh o w and d e b u g com m ands can be valuable, not only in t he r eal- life net w orks you w ill com e across but also on your cert ificat ion exam s —par t icular ly w hen y ou t ak e t he nex t st ep in y our car eer and t r y for CCI E cer t ificat ion. This scenar io cover s t he follow ing s h o w com m ands: • • • •

sh ow ip sh ow ip sh ow ip r eceiv ed sh ow ip r eceiv ed

e ig rp n e ig h b or s — Displays EI GRP neighbors e ig r p t op olog y — Displays t he t opology t able e ig r p in t e r f a ce s— Displays int er faces in w hich EI GRP is sent and e igr p t r a ffic — Display s t he num ber of EI GRP pack et s sent and

Ex am ple 5- 70 display s t he use of t he sh o w ip e ig r p n e ig h b o r t aken from R1. N OTE This scenar io uses t he net w or k in Figur e 5- 5 ( t he one y ou configur ed in Scenar io 54) t o dem onst r at e t hese com m ands.

Ex a m ple 5 - 7 0 sh ow ip e igr p n e igh bor s Com m a n d on R1 R1>show ip eigrp neighbors IP-EIGRP neighbors for process 1 H Address Interface Seq Num 1 131.108.255.2 558 0 131.108.1.2 337

Hold Uptime

SRTT

(sec)

(ms)

RTO

Q Cnt

Se0/0

14 00:48:21

14

1140

0

Et0/0

10 01:22:13

1

200

0

Ex am ple 5- 70 show s t hat R1 has t w o r em ot e EI GRP neighbor s: one t hr ough Ser ial 0/ 0 and anot her t hr ough Et her net 0/ 0. The EI GRP pr ocess is also ident ified as 1. Ex am ple 5- 71 display s t he t opology t able w it h t he sh ow ip e ig r p t op olog y com m and.

Ex a m ple 5 - 7 1 sh ow ip e igr p t opology Com m a n d on R1 R1>sh ip eigrp topology IP-EIGRP Topology Table for process 1 Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, r - Reply status P 10.0.0.0/8, 2 successors, FD is 25657600 via 131.108.255.2 (25657600/25145600), Serial0/0 via 131.108.1.2 (25657600/25632000), Ethernet0/0

235

P 131.108.255.0/30, 1 successors, FD is 20512000 via Connected, Serial0/0 P 131.108.254.0/24, 1 successors, FD is 21504000 via 131.108.255.2 (21504000/20992000), Serial0/0 P 131.108.255.4/30, 1 successors, FD is 20537600 via 131.108.1.2 (20537600/20512000), Ethernet0/0 P 131.108.255.8/30, 2 successors, FD is 21529600 via 131.108.255.2 (21529600/21017600), Serial0/0 via 131.108.1.2 (21529600/21504000), Ethernet0/0 P 131.108.2.128/25, 1 successors, FD is 20537600 via 131.108.255.2 (20537600/281600), Serial0/0 P 141.108.0.0/16, 1 successors, FD is 21529600 via 131.108.255.2 (21529600/21017600), Serial0/0 P 131.108.1.0/24, 1 successors, FD is 281600 via Connected, Ethernet0/0 The t able in Ex am ple 5- 71 cont ains a w ealt h of infor m at ion. The P on t he left side indicat es t hat r em ot e net w or k s ar e passiv e and r out able. Any act iv e ent r y ( display ed as A) should concer n y ou if any ent r ies r em ain act iv e or st uck in act iv e ( SI A) . A r em ot e ent r y in an act iv e st at e ( SI A) r esult s in a loss of net w or k connect iv it y becau se EI GRP is quer y ing t he r em ot e EI GRP neighbor s about t he pat h t o t he r em ot e net w or k in quest ion. Because a r eply has not been r eceived, t he EI GRP t opology t able inst alls t he r em ot e net w or k in an act iv e st at e. Ex am ple 5- 72 display s sam ple out put fr om R1 w it h t he sh ow ip e ig r p in t e r f a ce s com m and.

Ex a m ple 5 - 7 2 sh ow ip e igr p in t e r f a ce s Com m a n d R1>show ip eigrp interfaces IP-EIGRP interfaces for process 1 Xmit Queue Mean Pending Interface Peers Un/Reliable SRTT Routes Et0/0 1 0/0 1 0 Se0/0 1 0/0 14 0

Pacing Time

Multicast

Un/Reliable

Flow Timer

0/10 5/190

50 250

This com m and is ex t r em ely useful w hen y ou ar e t r y ing t o ex plain w hy neighbor s ar e not adj acent . The out put in Ex am ple 5- 72 display s t w o int er faces r unning EI GRP in AS 1 and one peer per int erface, nam ely t o R2 t hrough Et hernet 0/ 0 and R3 t hrough Serial 0/ 0. Ex am ple 5- 73 display s t he out put fr om t he sh ow ip e igr p t r a ffic com m and.

Ex a m ple 5 - 7 3 sh ow ip e igr p t r a f f ic Com m a n d R1>show ip eigrp traffic IP-EIGRP Traffic Statistics for process 1 Hellos sent/received: 387565/387575 Updates sent/received: 545/219 Queries sent/received: 98/47 Replies sent/received: 47/84

236

Acks sent/received: 283/265 Th e t raffic com m ands sum m ar ize t he num ber of hello pack et s R1 r eceiv es and sends. Tr a ffic com m ands show how m any updat es, quer ies, r eplies, and ack now ledges R1 uses t o ensur e t hat EI GRP is r unning cor r ect ly and w it h adj acent EI GRP r out er s. Wit h ev er y v er sion of I OS, t her e ar e alw ay s new com m ands and changes in I OS displays. Use t he ? t ool t o view all your opt ions. Ex am ple 5- 74 display s t he de bug com m ands possible w it h EI GRP on Cisco I OS r unning v er sion 120.10- ent er pr ise code. You m ust be in pr iv ilege m ode t o v iew t he de bug com m and set .

Ex a m ple 5 - 7 4 de bu g ip e igr p ? Com m a n d on R1 R1#debug ip eigrp ?

AS number neighbor IP-EIGRP neighbor debugging notifications IP-EIGRP event notifications summary IP-EIGRP summary route processing

For a com pr ehensiv e list of EI GRP com m ands, v isit t he Cisco w eb sit e for fr ee infor m at ion at w w w . cisco. com / univ er cd/ hom e/ hom e. ht m.

Pr a ct ica l Ex e r cise : EI GRP N OTE Pr act ical Ex er cises ar e designed t o t est y our k now ledge of t he t opics cov er ed in t his chapt er . The Pr act ical Ex er cise begins by giv ing y ou som e inf or m at ion about a sit uat ion and t hen ask s y ou t o w or k t hr ough t he solut ion on y our ow n. The solut ion can be found at t he end.

Configur e t he net w or k in Figur e 5- 6 for EI GRP in aut onom ous sy st em 1. Ensur e t hat SanFr an has all t he r em ot e ent r ies being adver t ised by Rout er Sydney and t he r out er in t he RI P dom ain. Sum m ar ize w her ev er possible t o r educe t he I P r out ing t able on t he Rout er SanFr an.

Figu r e 5 - 6 . EI GRP N e t w or k

237

Pr a ct ica l Ex e r cise Solut ion All rout ers in t his pract ical exercise use t he sam e Class B net w ork, nam ely 131.108.0.0/ 24. The RI P net w or k at t ached t o Br ussels shar es t he ident ical subnet in t he EI GRP 1 dom ain. Ther efor e, t o av oid a r out ing loop, any r edist r ibut ion y ou configur e on t he Rout er Sy dney has t o ensur e t hat t hese net w or k s ar e not pr opagat ed. To st op EI GRP updat es fr om being sent t o t he RI P dom ain, y ou m ust also use passiv e int er faces on Rout er Sy dney . Lik ew ise for RI P, y ou should m ak e sur e passiv e int er faces ar e not r unning RI P. You use r out e m aps t o ensur e t hat net w or ks ar e not adver t ised incor r ect ly . You can also use dist r ibut e list s. For sum m ariz at ion, y ou can pr ov ide a sum m ar y in EI GRP AS 1 cov er ing t he net w or k s 171.109.1.0–171.108.3.0 w it h t he follow ing com m and:

ip summary-address eigrp 1 171.109.0.0 255.255.252.0 Ex am ple 5- 75 display s t he configur at ion r equir ed on Rout er SanFr an.

Ex a m ple 5 - 7 5 Sa n Fr a n ' s Fu ll W or k in g Con figu r a t ion hostname SanFran ! ip subnet-zero no ip domain-lookup ! interface Ethernet0/0

238

ip address 131.108.1.1 255.255.255.0 ! interface Serial0/0 shutdown ! interface Serial0/1 shutdown router eigrp 1 network 131.108.0.0 no auto-summary ! line con 0 line aux 0 line vty 0 4 end Ex am ple 5- 76 display s t he configur at ion r equir ed on Rout er Sydney. To m ake t he configur at ion a lit t le m or e int er est ing, r out e m aps have been applied t o r edist r ibut ion on Rout er Sydney. Rout e m aps are covered in m ore det ail in Chapt er s 6 and 7, “ Advanced BGP.”

Ex a m ple 5 - 7 6 Sy dn e y ' s Fu ll W or k in g Con figu r a t ion hostname Sydney ! enable password cisco ! ip subnet-zero no ip domain-lookup interface Loopback0 ip address 171.109.1.1 255.255.255.0 ! interface Loopback1 ip address 171.109.2.1 255.255.255.0 ! interface Loopback2 ip address 171.109.3.1 255.255.255.0 interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 no ip directed-broadcast ip summary-address eigrp 1 171.109.0.0 255.255.252.0 ! interface Serial1/0 bandwidth 128 ip address 131.108.255.1 255.255.255.0 clockrate 128000 ! router eigrp 1 redistribute rip metric 128 20000 255 1 1500 route-map riptoeigrp passive-interface Serial1/0 network 131.108.0.0 network 171.109.0.0 no auto-summary ! router rip redistribute eigrp 1 metric 2 route-map eigrptorip

239

passive-interface Ethernet0/0 network 131.108.0.0 ! access-list 1 deny access-list 1 permit route-map riptoeigrp match ip address 1 ! route-map eigrptorip match ip address 1 line con 0 line aux 0 line vty 0 4 end

131.108.1.0 0.0.0.255 any permit 10

permit 10

Ex am ple 5- 77 displays t he configur at ion r equir ed on Rout er Br ussels.

Ex a m ple 5 - 7 7 Br u sse ls' Fu ll W or k in g Con f ig u r a t ion hostname Brussels ! enable password cisco ip subnet-zero no ip domain-lookup interface Ethernet0 ip address 131.108.1.1 255.255.255.0 ! interface Serial0 bandwidth 125 ip address 131.108.255.2 255.255.255.0 router rip network 131.108.0.0 ! line con 0 line aux 0 line vty 0 4 end Ex am ple 5- 78 display s SanFr an's I P r out ing t able, w hich show s t he r em ot e RI P link and t he sum m ar y addr ess adv er t ised by Rout er Sy dney .

Ex a m ple 5 - 7 8 sh ow ip r ou t e Com m a n d on Sa n Fr a n SanFran#show ip route 171.109.0.0/22 is subnetted, 1 subnets 171.109.0.0 [90/409600] via 131.108.1.2, 00:05:41, Ethernet0/0 131.108.0.0/24 is subnetted, 2 subnets D 131.108.255.0 [90/20537600] via 131.108.1.2, 00:05:41, Ethernet0/0 C 131.108.1.0 is directly connected, Ethernet0/0 D

240

Re v ie w Qu e st ion s The follow ing quest ions ar e based on m at er ial cov er ed in t his chapt er . Ex am ples 579 and 5- 80 ar e fr om t he pr ev ious Pr act ical Ex er cise. Refer t o t he ex am ples t o answ er t he fir st quest ion. The answ er s t o t hese quest ions can be found in Appendix C, “ Answ er s t o Rev iew Quest ions.” Ex am ple 5- 79 display s t he det ailed pat hs t o t he t hr ee r em ot e net w or k s, 171.109.1.0, 171.109. 2.0 and 171.109.3.0/ 24, as seen by Rout er SanFr an along w it h a successful pin g t o t he r em ot e net w or k s.

Ex a m ple 5 - 7 9 sh ow ip r ou t e a n d pin g on Sa n Fr a n SanFran#show ip route 171.109.1.0 Routing entry for 171.109.0.0/22 Known via "eigrp 1", distance 90, metric 409600, type internal Redistributing via eigrp 1 Last update from 131.108.1.2 on Ethernet0/0, 00:13:26 ago Routing Descriptor Blocks: * 131.108.1.2, from 131.108.1.2, 00:13:26 ago, via Ethernet0/0 Route metric is 409600, traffic share count is 1 Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit Reliability 255/255, minimum MTU 1500 bytes Loading 1/255, Hops 1 SanFran#ping 171.109.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 171.109.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms SanFran#show ip route 171.109.2.0 Routing entry for 171.109.0.0/22 Known via "eigrp 1", distance 90, metric 409600, type internal Redistributing via eigrp 1 Last update from 131.108.1.2 on Ethernet0/0, 00:13:32 ago Routing Descriptor Blocks: * 131.108.1.2, from 131.108.1.2, 00:13:32 ago, via Ethernet0/0 Route metric is 409600, traffic share count is 1 Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit Reliability 255/255, minimum MTU 1500 bytes Loading 1/255, Hops 1 SanFran#ping 171.109.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 171.109.2.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms SanFran#show ip route 171.109.3.0 Routing entry for 171.109.0.0/22 Known via "eigrp 1", distance 90, metric 409600, type internal Redistributing via eigrp 1 Last update from 131.108.1.2 on Ethernet0/0, 00:13:38 ago Routing Descriptor Blocks: * 131.108.1.2, from 131.108.1.2, 00:13:38 ago, via Ethernet0/0 Route metric is 409600, traffic share count is 1

241

Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit Reliability 255/255, minimum MTU 1500 bytes Loading 1/255, Hops 1 SanFran#ping 171.109.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 171.109.3.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms I f you perform a sh ow ip r ou t e t o t he net w or k 171.109.4.0/ 24 on SanFr an, y ou see t he out put displayed in Ex am ple 5- 80.

Ex a m ple 5 - 8 0 sh ow ip r ou t e 1 7 1 .1 0 9 .4 .0 on Sa n Fr a n SanFran#show ip route 171.109.4.0 % Subnet not in table The r eason t hat subnet 4 is not included in t he I P r out ing t able is t hat t he sum m ar y address configured on Rout er Sydney includes only t he subnet s 1, 2, and 3.

1:

Ex am ple 5- 79 display s t he I P r out ing t able of t he Rout er SanFr an. Which net w or k s does t he ent r y 171.109.0.0/ 2 2 em br ace?

2:

What is t he default adm inist r at iv e dist ance for EI GRP int er nal r out es?

3:

Which I OS com m and is used t o display t he out put in Ex am ple 5- 81?

Ex a m ple 5 - 8 1 N e igh bor s Ou t pu t IP-EIGRP neighbors for process 1 H Address Interface Seq Num 0 131.108.1.2 353

Et0/0

Hold Uptime

SRTT

(sec)

(ms)

11 00:18:37

4

RTO

Q Cnt

200

4:

Why does EI GRP need t o be m anually configur ed t o r edist r ibut e int o anot her aut onom ous syst em ?

5:

When is t he EI GRP t opology t able updat ed?

6:

What is t he pur pose of t he com m and n o a u t o - su m m a r y ?

7:

What is t he v a r ia n ce com m and used for?

8:

What does t he t er m St uck in Act iv e m ean?

0

242

Su m m a r y Alt hough EI GRP is not an indust r y st andar d acr oss r out ing vendor s, it is a pot ent ia lly useful pr ot ocol for r out ing I P. EI GRP t er m inology and t he fundam ent al oper at ion of EI GRP is cov er ed in t his chapt er , along w it h som e det ailed configur at ions, show ing how EI GRP int er act s w it h ot her classful and classless r out ing algor it hm s. Sum m ar izat io n is descr ibed t o dem onst r at e t he pow er ful nat ur e of EI GRP and it s capabilit y t o t ak e adv ant age of VLSM t o opt im ize I P addr ess space usage acr oss sm all or lar ge I P net w or ks. Table 5- 4 sum m ar izes t he m ost useful com m ands fr om t his chapt er .

Table 5-4. Summary of IOS Commands Command

Purpose

r ou t e r e igr p aut onom ous sy st em

Enables EI GRP r out ing under a com m on adm inist r at iv e cont r ol k now n as t he aut onom ous dom ain ( AD)

n e t w or k n et w or k

Enables EI GRP on a r out er int er face

n o a u t o- su m m a r y

Disables aut om at ic net w or k sum m ar izat ion

ip su m m a r y - a ddr e ss e ig r p AS addr ess m ask

Manual net w or k sum m ar y com m and

b a n d w id t h link speed

Configur es act ual bandw idt h on a WAN int er face

v a r ia n ce m ult iplier

Allow s EI GRP t o load balance acr oss unequal pat hs

sh ow ip e ig r p n e ig h b or s

Display s EI GRP neighbor s

sh ow ip e ig r p t op olog y

Display s t he EI GRP t opology t able

sh ow ip e igr p t r a ffic

Show s EI GRP t r affic on t he r out er

243

Ch a pt e r 6 . Ba sic Bor de r Ga t e w a y Pr ot ocol This chapt er focuses on Bor der Gat ew ay Pr ot ocol Ver sion 4 ( BGP4) . BGP4 is cover ed only slight ly in t he CCNP r out ing ex am inat ion. How ev er , t his chapt er cov er s BGP4 in a lit t le m ore det ail t o ensure t hat you hav e a good appr eciat ion of t he w ay net w or k s connect t o t he I nt er net or in lar ge or ganizat ions. This chapt er cov er s t he basics of Bor der Gat ew ay Pr ot ocol ( BGP) . Chapt er 7, “ Adv anced BGP,” cov er s m or e adv anced BGP t opics and scenar ios. This chapt er cont ains fiv e pr act ical scenar ios t o com plet e y our under st anding of basic BGP and t o help y ou appr eciat e t he com plex it y of BGP.

Ba sic Bor de r Ga t e w a y Pr ot ocol ( BGP4 ) D e fin e d The different versions of BGP range from 1–4; t he indust r y st andar d is Ver sion 4. You can, how ever , configur e BGP Ver sions 2, 3, and 4 on a Cisco I OS r out er . The default st andard is BGP Version 4 and is referred t o as BGP4. BGP4 is defined in indust ry st andard RFC 1771. BGP enables y ou t o cr eat e an I P net w or k fr ee of r out ing loops am ong differ ent aut onom ous sy st em s. An AS is a set of r out er s under t he sam e adm inist r at ive cont r ol. BGP is called a p at h- v ect or pr ot ocol because BGP car r ies a sequence of AS num ber s t hat indicat e t he pat h t aken t o a r em ot e net w or k. This infor m at ion is st or ed so t hat r out ing loops can be av oided. BGP uses Tr ansm ission Cont r ol Pr ot ocol ( TCP) as it s Lay er 4 pr ot ocol ( TCP por t num ber 179) . No ot her r out ing pr ot ocol in use t oday r elies on TCP. This allow s TCP t o ensur e t hat updat es ar e sent r eliably , leav ing t he r out ing pr ot ocol t o concent r at e on gat her ing infor m at ion about r em ot e net w or k s and ensur ing a loop- fr ee t opology . Rout er s configur ed for BGP ar e t ypically called BGP speaker s, and any t wo BGP r out er s t hat for m a BGP TCP sessions ar e called BGP peer s or BGP neighbor s. BGP peer s ex change full BGP r out ing t ables init ially . Aft er t hat , only BGP updat es ar e sent bet w een peer s, ensur ing t hat only useful dat a is sent , unless a change occur s. BGP4 uses t he follow ing four m essage t y pes t o ensur e t hat peer s ar e act iv e and updat es ar e sent : • • • •

Op e n m e ssa g e s— These m essages ar e used w hen est ablishing BGP peer s. Ke e pa liv e s— These m essages ar e sent per iodically t o ensur e t hat connect ions ar e st ill act iv e or est ablished. U p d a t e m e ssa g e s— Any change t hat occur s, such as a loss of net w or k availabilit y, r esult s in an updat e m essage. N ot ifica t ion — These m essages ar e used only t o not ify BGP peer s of receiving errors.

The k ey char act er ist ics of BGP include t he follow ing:

244

• • • • • • • • •

BGP is t er m ed a pat h v ect or pr ot ocol. BGP uses TCP as t he t r anspor t lay er pr ot ocol. Full r out ing t ables ar e exchanged only dur ing t he init ial BGP session. Updat es are sent over TCP port 179. BGP sessions ar e m aint ained by keepalive m essages. Any net w ork changes result in updat e m essages. BGP has it s ow n BGP t able. Any net w or k ent r y m ust r eside in t he BGP t able fir st . BGP has a com plex ar r ay of m et r ics, called at t r ibut es, w hich include t he nex t hop addr ess and or igin. BGP support s variable - lengt h subnet m asking ( VLSM) and sum m ar izat ion ( som et im es called classless int er dom ain r out ing [ CI DR] ) .

The capabilit y of BGP4 t o guar ant ee r out ing deliv er y and t he com plex it y of t he r out ing decision pr ocess ensur e t hat BGP w ill be w idely used in any lar ge I P rout ing env ir onm ent , such as t he I nt er net . The I nt er net consist s of ov er 80,000 BGP net w or k ent r ies, and t her e is no doubt t hat only BGP can handle such a com plex r out ing t able. Befor e y ou look at som e sim ple ex am ples, t he follow ing sect ion descr ibes t he BGP at t r ibut es.

BGP At t r ibu t e s BGP has a num ber of com plex at t r ibut es used t o det er m ine a pat h t o a r em ot e net w or k . These at t r ibut es allow gr eat er flex ibilit y and enable a com plex r out ing decision t o ensur e t hat t he pat h t o a r em ot e net w or k is t he best possible pat h. The net w or k designer can also m anipulat e t hese at t r ibut es. BGP, w hen supplied w it h m ult iple pat hs t o a r em ot e net w or k , alw ay s chooses a single pat h t o a specific dest inat ion. ( Load balancing is possible w it h st at ic r out es.) BGP alw ay s pr opagat es t he best pat h t o any peer s. BGP at t r ibut es ar e car r ied in updat e pack et s. Table 6- 1 descr ibes t he w ell- know n and opt ional at t ribut es used in BGP4.

Table 6-1. Well-Known and Optional BGP Attributes Attribute Origin

Description This at t r ibut e is m andat or y and defines t he or igin of t he pat h and can have t hr ee differ ent values: • • •

I GP indicat es t he r em ot e pat h or iginat ed fr om w it hin t he AS. Ty pically , w hen t he n e t w or k com m and or r edist r ibut ion is configur ed, BGP inst alls t he net w or k w it h an or igin set t o I GP. EBG m eans lear ned t hr ough an Ext er nal Gat ew ay Pr ot ocol. I ncom plet e m eans t he BGP r out e w as discover ed using r edist r ibut ion or st at ic r out er s.

245

AS_ Pat h

This at t r ibut e descr ibes t he sequence of aut onom ous sy st em s t hat t he pack et has t r av er sed.

Next Hop

This at t r ibut e descr ibes t he nex t hop addr ess t ak en t o a r em ot e pat h, t ypically t he BGP peer.

Local Pr efer ence

This at t r ibut e indicat es t o t he AS t he pr efer r ed pat h t o ex it t he AS. A higher local pr efer ence is alw ays pr efer r ed.

MED

Mult iexit Discr im inat or infor m s BGP peer s in ot her aut onom ous syst em s w hich pat h t o t ake t o a r em ot e net w or k. A low er MED is alw ays pr efer r ed.

Weight

This Cisco- only at t ribut e is used in lo cal r out er select ion. Weight is not sent t o ot her BGP peer s, and a higher w eight v alue is alw ay s pr efer r ed. The w eight v alue is bet w een 0–294967295.

At om ic

This at t r ibut e adv ises BGP r out er s t hat aggr egat ion has t ak en place and is not used in t he r out er- select ion pr ocess.

Aggr egat or

This is t he rout er I D responsible for aggregat ion and is not used in t he r out er- select ion pr ocess.

Com m u n it y

Com m unit ies allow r out es t o be t agged for use w it h a gr oup of r out er s shar ing t he sam e char act er ist ics.

Or iginat or ID

This at t r ibut e is used t o pr event r out ing loops. This infor m at ion is not used for r out er select ion.

Clust er- List

This at t r ibut e is used in r out e- r eflect or envir onm ent s. This infor m at ion is not used for r out er select ion.

I nt ernal BGP ( I BGP) and Ex t er nal BGP ( EBGP) ar e t he t w o t y pes of BGP sessions. I BGP is a connect ion bet w een t w o BGP speaker s in t he sam e AS. EBGP is a connect ion bet w een t w o BGP speak er s in differ ent aut onom ous sy st em s. Figur e 6- 1 displays a sim ple t hr ee- rout er BGP t opology and t he different BGP connect ion t y pes: I BGP and EBGP.

Figu r e 6 - 1 . I BGP a n d EBGP

246

I BGP peer s also m ak e cer t ain t hat r out ing loops cannot occur by ensur ing t hat any r out es sent t o anot her AS ar e k now n t hr ough an int er ior r out ing pr ot ocol, such as Open Shor t est Pat h Fir st ( OSPF) , befor e sending t he r out e infor m at ion. I n ot her w or ds, t he r out er s m ust be synchr onized. The benefit of t his addit ional r ule in I BGP TCP sessions is t hat infor m at ion is not sent unless t he r em ot e pat h is r eachable, w hich r educes any unnecessar y t r affic, and, t her efor e, sav es bandw idt h. You can disable t his feat ur e w it h t he n o sy n ch r on iz a t ion com m an d, w hich is cover ed lat er in t his chapt er. The BGP r out ing decision is quit e com plex and t ak es int o account t he at t r ibut es list ed in Table 6- 1. The pr ocess a Cisco r out er r unning BGP4 t akes is as follow s: St e p 1 . I f t he nex t hop addr ess is r eachable, consider it . St e p 2 . Pr efer t he r out e w it h t he highest w eight ( Cisco I OS r out er s only ) . St e p 3 . I f t he w eight is t he sam e, pr efer t he lar gest local pr efer ence at t r ibut e. St e p 4 . I f t he local pr efer ence is t he sam e, pr efer t he r out e t his local r out er or iginat ed. St e p 5 . Pr efer t he r out e w it h t he shor t est AS pat h. St e p 6 . I f t his is equal, pr efer t he r out e w it h t he or igin set t o or iginat ed ( t hr ough BGP) ; I GP is pr efer r ed t o EGP follow ed by incom plet e.

247

St e p 7 . I f t he or igin codes ar e t he sam e, pr efer t he r out e w it h t he low est MED. St e p 8 . I f t he MED is t he sam e, prefer EBGP over I BGP. St e p 9 . Pr efer t he closest pat h. St e p 1 0 . Finally , if all pat hs are equal, prefer t he pat h w it h low est BGP rout er I D.

Con figu r in g BGP To st ar t BGP on a Cisco r out er , t he follow ing com m and is r equir ed:

router bgp autonomous system number To define net w or k s t o be adv er t ised, apply t he follow ing com m and:

network network-number mask network-mask You m ust be aw ar e t hat t he n e t w or k com m and is not used in t he sam e w ay y ou use it w hen you apply net w orks in OSPF or EI GRP. Wit h BGP, you use t he n e t w o r k com m and t o adv er t ise net w or k s t hat or iginat e fr om t he r out er and need t o be adver t ised t hr ough BGP. To ident ify peer r out er s, apply t he follow ing com m and:

neighbor ip-address | peer-group name remote-as autonomous system number Nex t , y ou see how t o configur e I BGP and EBGP am ong t he t hr ee r out er s in Figur e 61. Ex am ple 6- 1 displays t he I BGP configurat ion on R1 t o R2.

Ex a m ple 6 - 1 I BGP on R1 R1(config)#router bgp ? Autonomous system number R1(config)#router bgp 1 R1(config-router)#neighbor 131.108.1.2 remote 1 Ex am ple 6- 2 display s t he I BGP configurat ion t o R1 and EBGP configur at ion t o R3.

Ex a m ple 6 - 2 I BGP/ EBGP on R2 R2(config)#router bgp 1 R2(config-router)#neighbor 131.108.1.1 remote-as 1 R2(config-router)#neighbor 131.108.255.2 remote-as 2

248

Finally, Ex am ple 6- 3 displays t he EBGP connect ion from R3 t o R2.

Ex a m ple 6 - 3 EBGP on R3 R3(config)#router bgp ? Autonomous system number R3(config)#router bgp 2 R3(config-router)#neighbor 131.108.255.1 remote-as 1 At t his st age, because no n e t w or k st at em ent s hav e been applied, no BGP ent r ies ar e on any r out er s. Use som e loopback int er faces on R1 and adv er t ise t hem t hr ough BGP t o R2 and R3. Ex am ple 6- 4 displays t he t hr ee new loopback addr esses on R1, r anging fr om 131.108.2.0 t o 131.108.4.0.

Ex a m ple 6 - 4 Loopba ck Con figu r a t ion on R1 R1(config)#interface loopback 0 R1(config-if)#ip address 131.108.2.1 255.255.255.0 R1(config-if)#interface loopback 1 R1(config-if)#ip address 131.108.3.1 255.255.255.0 R1(config-if)#interface loopback 2 R1(config-if)#ip address 131.108.4.1 255.255.255.0 You m ust nex t adv er t ise t hese loopback s w it h t he n e t w or k com m and. Because t hese net w or k s ar e local t o R1 and pr esent in R1's I P r out ing t able as connect ed r out es, y ou can apply t he n e t w or k com m and as displayed in Ex am ple 6- 5.

Ex a m ple 6 - 5 n e t w or k Com m a n d on R1 R1(config)#router bgp 1 R1(config-router)#network 131.108.2.0 mask 255.255.255.0 R1(config-router)#network 131.108.3.0 mask 255.255.255.0 R1(config-router)#network 131.108.4.0 mask 255.255.255.0 Ex am ple 6- 6 display s t he BGP t able on R1, using t he com m and sh ow ip b g p .

Ex a m ple 6 - 6 sh ow ip b g p on R1 R1#show ip bgp BGP table version is 4, local router ID is 131.108.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 131.108.2.0/24 *> 131.108.3.0/24 *> 131.108.4.0/24

Next Hop 0.0.0.0 0.0.0.0 0.0.0.0

Metric LocPrf Weight Path 0 32768 i 0 32768 i 0 32768 i

The BGP t able on R1 displays t hr ee local net w or ks ( next hop is 0.0.0.0 or local int er faces) . Ex am ple 6- 6 also displays t he pat h as i, or adver t ised t hr ough BGP. The local rout er I D is 131.108.1.1.

249

Ex am ple 6- 7 displays t he BGP t able on R2.

Ex a m ple 6 - 7 sh ow ip b g p on R2 R2#show ip bgp BGP table version is 7, local router ID is 171.109.3.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network * i131.108.2.0/24 * i131.108.3.0/24 * i131.108.4.0/24

Next Hop 131.108.1.1 131.108.1.1 131.108.1.1

Metric LocPrf Weight Path 0 100 0 i 0 100 0 i 0 100 0 i

R2's local rout er is 131.108.1.2, and it learns t he rem ot e loopbacks on R1 t hrough t he nex t hop addr ess 131.108.1.1, or R1's Et her net int er face. Not ice t hat R2 has set t he local pr efer ence t o 100 ( default v alue) ; t he or igin at t r ibut e is set t o i or I GP. Because R1 and R2 ar e r unning only I BGP and no ot her int er ior gat ew ay pr ot ocol, R2's I P r out ing t able does not hav e t he BGP ent r ies inser t ed because of sy nchr onizat ion. Ex am ple 6- 8 confir m s t his w it h only t he locally connect ed r out es visible on R2.

Ex a m ple 6 - 8 sh ow ip r ou t e on R2 R2#show ip route 131.108.0.0/24 is subnetted, 2 subnets C 131.108.255.0 is directly connected, Serial1/0 C 131.108.1.0 is directly connected, Ethernet0/0 To enable BGP t o inser t t he r out es, you m ust disable synchr onizat ion or configur e an I GP r out ing pr ot ocol. R2, in t ur n, does not pr opagat e t he loopback s t o R3; t her efor e, R3 does not have any ent ries at all, eit her in t he BGP t able or I P rout ing t able. Disable synchronizat ion on R1 and R2. Ex am ple 6- 9 display s t he no sy n ch r on iz a t ion com m and on R1 and R2.

Ex a m ple 6 - 9 D isa b lin g Sy n ch r on iz a t ion on R1 / R2 R1(config)#router bgp 1 R1(config-router)#no synchronization R2(config)#router bgp 1 R2(config-router)#no synchronization Ex am ple 6- 10 displays R2's r out ing t able.

Ex a m ple 6 - 1 0 R2 's Rou t in g Ta ble R2#sh ip route 131.108.0.0/24 is subnetted, 5 subnets C 131.108.255.0 is directly connected, Serial1/0 B 131.108.4.0 [200/0] via 131.108.1.1, 00:00:43 B 131.108.3.0 [200/0] via 131.108.1.1, 00:00:43

250

B C

131.108.2.0 [200/0] via 131.108.1.1, 00:00:43 131.108.1.0 is directly connected, Ethernet0/0

The t hree rem ot e net w orks are insert ed int o t he I P rout ing t ables as BGP- learned net w orks. Ex am ple 6- 11 display s R3's BGP and I P rout ing t able.

Ex a m ple 6 - 1 1 R3 ' s BGP a n d I P Ta ble s R3>show ip bgp BGP table version is 10, local router ID is 131.108.255.2 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 131.108.2.0/24 131.108.255.1 0 1 i *> 131.108.3.0/24 131.108.255.1 0 1 i *> 131.108.4.0/24 131.108.255.1 0 1 i R3>show ip route 131.108.0.0/24 is subnetted, 5 subnets C 131.108.255.0 is directly connected, Serial0 B 131.108.4.0 [20/0] via 131.108.255.1, 00:02:09 B 131.108.3.0 [20/0] via 131.108.255.1, 00:02:09 B 131.108.2.0 [20/0] via 131.108.255.1, 00:02:09 C 131.108.1.0 is directly connected, Ethernet0 Not ice t hat t he nex t hop addr ess on R3 is R2. The AS pat h on R3 indicat es t hat t he r em ot e net w or k s, 131.108.2.0 t o 131.108.4.0/ 24, t r ansv er se aut onom ous sy st em num ber 1, as displayed in t he BGP t able in Ex am ple 6- 11. The follow ing five scenar ios exam ine how BGP is configur ed and m onit or ed and how BGP can use policy- based rout ing t o c hange t he rout ing decision of any I P net w ork using pow er ful t ools, such as r out e m aps and t he changing t he BGP at t r ibut es.

Sce n a r ios The follow ing scenar ios ar e designed t o dr aw t oget her som e of t he cont ent descr ibed in t his chapt er and som e of t he cont ent you have seen in your ow n net w orks or pr act ice labs. Ther e is no one r ight w ay t o accom plish m any of t he t ask s pr esent ed, and t he abilit ies t o use good pr act ice and define your end goal ar e im por t ant in any r eal- life design or solut ion. Again, use loopbac k int er faces t o help populat e BGP t ables, and use back- t o- back ser ial connect ions am ong Cisco r out er s.

Sce n a r io 6 - 1 : EBGP a n d I BGP Configur e t he four - rout er t opology in Figur e 6- 2 for I BGP and EBGP. OSPF is configured bet w een R1 and R2, and t o ensure a loop- fr ee t opology, do not disable synchr onizat ion on any r out er . Ensur e t hat t he loopback addr esses on R1 ( 131.108.2.0–131.108.5.0/ 24) and R2 ( 131.108.5.0–1 3 1 . 1 0 8 . 7 . 0 ) are r eachable from R3 and R4.

251

Figu r e 6 - 2 . I BGP/ EBGP

I n t his scenario, you configure BGP on four rout ers and ensure t hat all BGP peers hav e r em ot e I P rout ing ent r ies. R1 and R2 ar e r unning OSPF acr oss t he Et her net subnet 131.108.1.0/ 24. Also, not ice t hat t his net w or k cont ains a pot ent ial r out ing loop, so you discover how BGP helps you avoid loops. Ex am ple 6- 12 display s t he OSPF configur at ion on R1; t he loopback s ar e placed in area 0.

Ex a m ple 6 - 1 2 R1 OSPF Con figu r a t ion R1(config)#router ospf 1 R1(config-router)# network R1(config-router)# network R1(config-router)# network R1(config-router)# network

131.108.1.0 131.108.2.0 131.108.3.0 131.108.4.0

0.0.0.255 0.0.0.255 0.0.0.255 0.0.0.255

area area area area

0 0 0 0

Ex am ple 6- 13 display s t he OSPF configurat ion on R2.

Ex a m ple 6 - 1 3 R2 OSPF Con figu r a t ion R2(config)#router ospf 1 R2(config-router)#network R2(config-router)#network R2(config-router)#network R2(config-router)#network

131.108.1.0 131.108.5.0 131.108.6.0 131.108.7.0

0.0.0.255 0.0.0.255 0.0.0.255 0.0.0.255

area area area area

0 0 0 0

Ex am ple 6- 14 confir m s t hat OSPF neighbor s ar e act iv e t o R2.

252

Ex a m ple 6 - 1 4 sh ow ip ospf n e igh bor on R1 R1#show ip ospf neighbor Neighbor ID Pri State Interface 131.108.7.1 1 FULL/BDR Ethernet0/0

Dead Time

Address

00:00:36

131.108.1.2

Nex t , enable I BGP bet w een R1 and R2 and EBGP connect ions bet w een R1/ R3 and R2/ R4. Ex am ple 6- 15 display s t he I BGP configur at ion t o R2 and t he EBGP configur at ion t o R3, bot h on R1.

Ex a m ple 6 - 1 5 I BGP/ EBGP Con figu r a t ion on R1 R1(config-router)#router bgp 1 R1(config-router)# neighbor 131.108.1.2 remote-as 1 R1(config-router)# neighbor 131.108.255.6 remote-as 3 Now t hat y ou hav e configur ed BGP4 ( by default , BGP Ver sion 4 is enabled on Cisco I OS rout ers) , Ex am ple 6- 16 displays R1's BGP t able.

Ex a m ple 6 - 1 6 R1 ' s BGP Ta ble R1#show ip bgp BGP table version is 1, local router ID is 131.108.4.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *i131.108.0.0

Next Hop 131.108.1.2

Metric LocPrf Weight Path 0 100 0 ?

R1's BGP t able has no infor m at ion about t he locally connect ed loopback s 131. 108. 2. 0, 131. 108.3.0, or 131.108.4.0, and t he only net w or k in t he BGP t able is t he rem ot e net w ork 131.108.0.0 t hrough R2. You need t o use t he n e t w or k com m and t o configur e t he local int er faces. Exam ple 617 displays t he net w or k configur at ion on R1.

Ex a m ple 6 - 1 7 I n se r t in g Loca l Loopba ck on R1 R1(config)#router bgp 1 R1(config-router)#network 131.108.2.0 mask 255.255.255.0 R1(config-router)#network 131.108.3.0 mask 255.255.255.0 R1(config-router)#network 131.108.4.0 mask 255.255.255.0 The sam e net w or k configur at ion is r equir ed on R2. Ex am ple 6- 18 display s t he net work configurat ion on R2.

Ex a m ple 6 - 1 8 I n se r t in g Loca l Loop b a ck on R2 R2(config)#router bgp 1 R2(config-router)#network 131.108.5.0 mask 255.255.255.0

253

R2(config-router)#network 131.108.6.0 mask 255.255.255.0 R2(config-router)#network 131.108.7.0 mask 255.255.255.0 N OTE Whenever you m ake BGP configur at ion changes on Cisco I OS r out er s, you m ust use t h e cle a r ip b g p * com m and t o clear t he TCP sessions ( * for all BGP TCP peers) . You use t he cle a r ip b g p ip –addr ess- of- peer com m and t o clear a specific BGP peer.

Ex am ple 6- 19 displays t he BGP t able on R1 aft er t he loopbacks on R1 and R2 ar e adver t ised t hr ough BGP.

Ex a m ple 6 - 1 9 R1 ' s BGP Ta ble R1#show ip bgp BGP table version is 4, local router ID is 131.108.4.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network * i131.108.0.0 *> 131.108.2.0/24 *> 131.108.3.0/24 *> 131.108.4.0/24 * i131.108.5.0/24 * i131.108.6.0/24 * i131.108.7.0/24

Next Hop 131.108.1.2 0.0.0.0 0.0.0.0 0.0.0.0 131.108.1.2 131.108.1.2 131.108.1.2

Metric LocPrf Weight Path 0 100 0 ? 0 32768 i 0 32768 i 0 32768 i 0 100 0 i 0 100 0 i 0 100 0 i

R1 has t hr ee local int er faces in BGP and t hr ee r em ot e net w or ks adver t ised by R2 ( nex t hop addr ess is 131.108.1.2) . Also, not ice t hat t he default w eight on R1 is set t o 32768 ( for local net w or k s) , and t he local pr efer ence is 100 for t he r em ot e net w or k s. These set t ings ar e set by default . You can change any BGP at t r ibut e, as you discover shor t ly. The fir st ent r y in Ex am ple 6- 19 display s t he r em ot e net w or k 131.108.0.0 r eachable t hr ough R2 ( 131.108.1.2) . By default , BGP aut om at ically sum m ar izes at t he net w or k boundar y . To t ur n off t his behav ior , y ou apply t he n o a u t o- su m m a r y com m and. Ex am ple 6- 20 displays t his configurat ion com plet ed on R1 and R2.

Ex a m ple 6 - 2 0 D isa blin g Au t om a t ic Su m m a r iz a t ion on R1 a nd R2 R1(config)#router bgp 1 R1(config-router)#no auto-summary R2(config)#router bgp 1 R2(config-router)#no auto-summary Aft er clear ing t he BGP session t o R2 w it h t he cle a r ip b g p 1 3 1 .1 0 8 .1 .2 com m and, y ou can ex pect t he BGP t able on R1 t o cont ain only specific net w or k ent r ies. Ex am ple 6- 21 displays R1's BGP t able.

254

Ex a m ple 6 - 2 1 R1 ' s BGP Ta ble R1#show ip bgp BGP table version is 5, local router ID is 131.108.4.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *>i131.108.1.0/24 131.108.1.2 0 100 0 ? *> 131.108.2.0/24 0.0.0.0 0 32768 i *> 131.108.3.0/24 0.0.0.0 0 32768 i *> 131.108.4.0/24 0.0.0.0 0 32768 i * i131.108.5.0/24 131.108.1.2 0 100 0 i * i131.108.6.0/24 131.108.1.2 0 100 0 i * i131.108.7.0/24 131.108.1.2 0 100 0 i One of t he m ost im por t ant com m ands used in BGP net w or k s is t he I OS sh ow ip b g p n e ig h b o r com m and, w hich display s t he r em ot e BGP peer s and t heir st at es. Exam ple 6- 22 display s t he r em ot e BGP peer s on R1. Not e t hat t he infor m at ion r elat es t o t he BGP peer t o R2 and R3.

Ex a m ple 6 - 2 2 sh ow ip bgp n e igh bor s on R1 R1#sh ip bgp neighbors BGP neighbor is 131.108.1.2, remote AS 1, internal link Index 1, Offset 0, Mask 0x2 BGP version 4, remote router ID 131.108.255.1 BGP state = Established, table version = 5, up for 00:04:30 Last read 00:00:30, hold time is 180, keepalive interval is 60 seconds Minimum time between advertisement runs is 5 seconds Received 1297 messages, 0 notifications, 0 in queue Sent 1290 messages, 0 notifications, 0 in queue Prefix advertised 14, suppressed 0, withdrawn 0 Connections established 7; dropped 6 Last reset 00:04:39, due to User reset 4 accepted prefixes consume 128 bytes 0 history paths consume 0 bytes Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Local host: 131.108.1.1, Local port: 11632 Foreign host: 131.108.1.2, Foreign port: 179 Enqueued packets for retransmit: 0, input: 0 Event Timers (current time is 0x190F313B): Timer Starts Wakeups Retrans 9 0 TimeWait 0 0 AckHold 10 3 SendWnd 0 0 KeepAlive 0 0 GiveUp 0 0 PmtuAger 0 0 DeadWait 0 0 iss: 249485567 16178

snduna:

249485774

sndnxt:

mis-ordered: 0 (0 bytes)

Next 0x0 0x0 0x0 0x0 0x0 0x0 0x0 0x0 249485774

sndwnd:

255

irs: 3880799333 rcvnxt: 3880799843 rcvwnd: 15875 509 SRTT: 510 ms, RTTO: 3547 ms, RTV: 1263 ms, KRTT: 0 ms minRTT: 0 ms, maxRTT: 300 ms, ACK hold: 200 ms Flags: higher precedence, nagle

delrcvwnd:

Datagrams (max data segment is 1460 bytes): Rcvd: 16 (out of order: 0), with data: 10, total data bytes: 509 Sent: 13 (retransmit: 0), with data: 8, total data bytes: 206 BGP neighbor is 131.108.255.6, remote AS 3, external link Index 2, Offset 0, Mask 0x4 BGP version 4, remote router ID 0.0.0.0 BGP state = Active, table version = 0 Last read 00:17:54, hold time is 180, keepalive interval is 60 seconds Minimum time between advertisement runs is 5 seconds Received 0 messages, 0 notifications, 0 in queue Sent 0 messages, 0 notifications, 0 in queue Prefix advertised 0, suppressed 0, withdrawn 0 Connections established 0; dropped 0 Last reset 00:17:55, due to User reset 0 accepted prefixes consume 0 bytes 0 history paths consume 0 bytes No active TCP connection The BGP neighbor s on R1 ar e est ablished t o R2, but not t o R3. You have yet t o configur e BGP on R3. Anyt hing ot her t han t he keyw or d est ablished bet w een t w o BGP indicat es a pr oblem . The possible BGP st at es ar e as follow s: • • • • • •

I dle — BGP is w ait ing for a st ar t ing event , w hich is init iat ed by an oper at or of BGP, such as clear ing t he BGP peer s. Con n e ct — BGP is w ait ing for t he TCP connect ion t o be com ple t ed. Act iv e — BGP is t r ying t o acquir e a r em ot e peer by init iat ing a new TCP connect ion. Ope n Se n t — BGP is wait ing for an open m essage from t he rem ot e peer. Ope n Con fir m — BGP is w ait ing for a keepalive m essage. Est a blish e d— Aft er a keepalive m essage is sent , t his is t he final st age of BGP peer negot iat ion dur ing w hich bot h peer s ex change t heir BGP t ables.

Next , you enable EBGP bet w een R1 and R3. Ex am ple 6- 23 display s t he BGP configur at ion on R3, along w it h t he n e t w or k st at em ent , so t hat R3 adv er t ises t he net w or k 141.108.1.0/ 24 as or iginat ing fr om AS 3. Also, not e t he EBGP connect ion bet w een R3 ( AS 3) and R4 ( AS 2) .

Ex a m ple 6 - 2 3 EBGP Con f ig u r a t ion on R3 R3(config)#router bgp 3 R3(config-router)#network 141.108.1.0 mask 255.255.255.0 R3(config-router)#neighbor 131.108.255.5 remote-as 1 The BGP peers on R1 are displayed in Ex am ple 6- 24 ( t r uncat ed for clar it y ) .

Ex a m ple 6 - 2 4 sh ow ip bgp n e igh bor s on R1 ( Tr u n ca t e d) R1>show ip bgp neighbors

256

BGP neighbor is 131.108.1.2, remote AS 1, internal link Index 1, Offset 0, Mask 0x2 BGP version 4, remote router ID 131.108.255.1 BGP state = Established, table version = 8, up for 00:58:56 Last read 00:00:56, hold time is 180, keepalive interval is seconds Minimum time between advertisement runs is 5 seconds Received 1351 messages, 0 notifications, 0 in queue Sent 1347 messages, 0 notifications, 0 in queue Prefix advertised 16, suppressed 0, withdrawn 1 Connections established 7; dropped 6 Last reset 00:59:05, due to User reset 4 accepted prefixes consume 128 bytes 0 history paths consume 0 bytes Connection state is ESTAB, I/O status: 1, unread input bytes: Local host: 131.108.1.1, Local port: 11632 Foreign host: 131.108.1.2, Foreign port: 179 ... BGP neighbor is 131.108.255.6, remote AS 3, external link Index 2, Offset 0, Mask 0x4 BGP version 4, remote router ID 141.108.1.1 BGP state = Established, table version = 8, up for 00:38:16 Last read 00:00:16, hold time is 180, keepalive interval is seconds Minimum time between advertisement runs is 30 seconds Received 46 messages, 0 notifications, 0 in queue Sent 48 messages, 0 notifications, 0 in queue Prefix advertised 8, suppressed 0, withdrawn 0 Connections established 2; dropped 1 Last reset 00:38:38, due to Peer closed the session 1 accepted prefixes consume 32 bytes 0 history paths consume 0 bytes Connection state is ESTAB, I/O status: 1, unread input bytes: Local host: 131.108.255.5, Local port: 179 Foreign host: 131.108.255.6, Foreign port: 11001 ... R1>

60

0

60

0

R1 has t w o est ablished peer s: one I BGP peer t o R2, and an EBGP peer t o R3. Ex am ple 6- 25 enables EBGP bet ween R4 and R2.

Ex a m ple 6 - 2 5 Con f ig u r in g BGP on R4 R4(config)#router bgp 2 R4(config-router)#neighbor 131.108.255.1 remote-as 1 R4(config-router)#neighbor 131.108.255.9 remote 3 R4(config-router)#network 151.108.1.0 mask 255.255.255.0 Th e sh ow ip b g p su m m a r y com m and is a useful com m and t hat sum m ar izes all BGP peers. Ex am ple 6- 26 display s t he BGP peer s on R4 in a sum m ar ized for m at .

Ex a m ple 6 - 2 6 sh ow ip b g p su m m a r y on R4 R4#show ip bgp ? A.B.C.D

IP prefix /, e.g., 35.0.0.0/8

257

A.B.C.D Network in the BGP routing table to display cidr-only Display only routes with non-natural netmasks community Display routes matching the communities community-list Display routes matching the community-list dampened-paths Display paths suppressed due to dampening filter-list Display routes conforming to the filter-list flap-statistics Display flap statistics of routes inconsistent-as Display only routes with inconsistent origin ASs ipv4 Address family neighbors Detailed information on TCP and BGP neighbor connections paths Path information peer-group Display information on peer-groups quote-regexp Display routes matching the AS path "regular expression" regexp Display routes matching the AS path regular expression summary Summary of BGP neighbor status vpnv4 Display VPNv4 NLRI specific information | Output modifiers

R4#show ip bgp summary BGP router identifier 151.108.1.1, local AS number 2 BGP table version is 9, main routing table version 9 8 network entries and 8 paths using 1064 bytes of memory 4 BGP path attribute entries using 208 bytes of memory 1 BGP AS-PATH entries using 24 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP activity 8/0 prefixes, 8/0 paths, scan interval 15 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 131.108.255.1 4 1 32 22 13 0 0 00:01:21 7 131.108.255.9 4 3 7 8 13 0 0 00:01:15 5 Table 6- 2 sum m ar izes t he descr ipt ions and field definit ion, as display ed by t he I OS sh ow ip b g p su m m a r y com m and.

Table 6-2. Field Summary for show ip bgp summary Field

Description

BGP rout er ident ifier

I n or der of pr ecedence and av ailabilit y , r out er ident ifier specified by t h e b g p r ou t e r- id com m and, loopback addr ess, or low est I P address. For Ex am ple, in Ex am ple 6- 26, t he rout er I D of R4 is 151.108.1.1/ 24.

BGP t able ver sion

I nt er nal v er sion num ber of BGP dat abase.

m ain r out ing t able v er sion

Last v er sion of BGP dat abase inj ect ed int o m ain r out ing t able.

Neighbor

I P address of a neighbor.

V

BGP v er sion num ber spok en t o t hat neighbor . Ty pically y ou see only

258

version 4. AS

Peer aut onom ous syst em .

MsgRcv d

BGP m essages received from t hat neighbor.

MsgSent

BGP m essages sent t o t hat neighbor .

TblVer

Last v er sion of t he BGP dat abase sent t o t hat neighbor .

I nQ

Num ber of m essages fr om t hat neighbor w ait ing t o be pr ocessed.

Out Q

Num ber of m essages w ait ing t o be sent t o t hat neighbor .

Up/ Dow n

The le ngt h of t im e t hat t he BGP session has been in t he Est ablished st at e, or t he cur r ent st at e, if t he st at e is not Est ablished.

St at e/ Pfx Rcd

Cur r ent st at e of t he BGP session/ t he num ber of pr efix es t he r out er has r eceiv ed fr om a neighbor or peer gr oup. When t he m axim um num ber ( as set by t he n e igh bor m a x im u m - prefix com m and) is r eached, t he st r ing, PfxRcd, appear s in t he ent r y, t he neighbor is shut dow n, and t he connect ion is idle. No infor m at ion below t he st at e indicat es an act ive peer , as displayed in Ex am ple 6- 26.

Next , view som e I P r out ing t ables t o ensur e t hat you ar e r out ing I P. Exam ple 6- 27 displays R3's I P rout ing t able.

Ex a m ple 6 - 2 7 R3 's I P Rou t in g Ta ble R3#show ip route 141.108.0.0/24 is subnetted, 1 subnets C 141.108.1.0 is directly connected, Ethernet0 131.108.0.0/16 is variably subnetted, 12 subnets, 3 masks C 131.108.255.4/30 is directly connected, Serial0 C 131.108.255.8/30 is directly connected, Serial3 B 131.108.7.0/24 [20/0] via 131.108.255.10, 00:06:10 B 131.108.6.0/24 [20/0] via 131.108.255.10, 00:06:10 B 131.108.5.0/24 [20/0] via 131.108.255.10, 00:06:10 B 131.108.4.1/32 [20/0] via 131.108.255.10, 00:06:10 B 131.108.4.0/24 [20/0] via 131.108.255.5, 00:56:22 B 131.108.2.1/32 [20/0] via 131.108.255.10, 00:06:11 B 131.108.3.0/24 [20/0] via 131.108.255.5, 00:56:23 B 131.108.3.1/32 [20/0] via 131.108.255.10, 00:06:11 B 131.108.2.0/24 [20/0] via 131.108.255.5, 00:56:23 B 131.108.1.0/24 [20/0] via 131.108.255.5, 00:56:24 151.108.0.0/24 is subnetted, 1 subnets B 151.108.1.0 [20/0] via 131.108.255.10, 00:05:46 R3 has a full set of BGP r out es for all BGP AS net w or ks. To view m or e infor m at ion about how t he BGP ent r ies w er e lear ned, v iew t he BGP t able w it h t he sh ow ip bgp com m and. Ex am ple 6- 28 displays R3's BGP t able.

Ex a m ple 6 - 2 8 R3 ' s BGP Ta ble R3#show ip bgp BGP table version is 16, local router ID is 141.108.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path

259

* *> *> *> *> *> *> *> *> *> *> *> *>

131.108.1.0/24 131.108.2.0/24 131.108.2.1/32 131.108.3.0/24 131.108.3.1/32 131.108.4.0/24 131.108.4.1/32 131.108.5.0/24 131.108.6.0/24 131.108.7.0/24 141.108.1.0/24 151.108.1.0/24

131.108.255.10 131.108.255.5 131.108.255.5 131.108.255.10 131.108.255.5 131.108.255.10 131.108.255.5 131.108.255.10 131.108.255.10 131.108.255.10 131.108.255.10 0.0.0.0 131.108.255.10

0 0 0

0 0

0 0 0 0 0 0 0 0 0 0 0 32768 0

2 1 1 2 1 2 1 2 2 2 2 i 2

1 ? i 1 i 1 i 1 1 1 1

?

? ? ? i i i

i

A lot of infor m at ion is st or ed her e. St ar t by analy zing w hy t he r em ot e net w or k 131. 108. 1.0 has a dual pat h and w hy t he next hop addr ess 13.108.255.5, or t he link t o R1, is pr efer r ed as t he pat h t hr ough R4. BGP does not load balance and alw ays chooses one pat h. ( St at ic r out es can be used t o change t his behav ior .) R3 chooses t he pat h t hr ough t he ser ial link t o R1 because t he BGP algor it hm decision is based on 10 par am et er s and because t he fir st four ar e t he sam e ( nex t hop r eachable, w eight equal, local pr efer ence t he sam e, not or iginat ed by local r out er ) . The nex t decision is based on t he pat h w it h t he shor t est AS pat h. The pat h t o R1 is t hr ough one AS pat h only as opposed by t w o AS pat hs t o R4. Because w eight has a higher pr efer ence t han AS pat h, change t he w eight on R3 t o pr efer t he pat h t hr ough R4. Ex am ple 6- 29 display s how t o use t he n e ig h b or com m and t o set all ent r ies adver t ised t hr ough R4 t o a w eight value of 1 so t hat t he net w or k adver t ised by R4 has a higher w eight v alue for t he net w or k 131.108.1.0/ 24 only. ( There are m any w ay s t o accom plish t his t ask .)

Ex a m ple 6 - 2 9 Ch a n gin g t h e W e igh t on R3 R3(config)#router bgp 3 R3(config-router)#neighbor 131.108.255.10 weight 1 Ex am ple 6- 30 display s t he BGP t able on R3 aft er t he configur at ion change.

Ex a m ple 6 - 3 0 sh ow ip bgp on R3 R3#show ip bgp BGP table version is 16, local router ID is 141.108.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * 131.108.1.0/24 131.108.255.10 0 2 1 ? *> 131.108.255.5 1 0 1 ? *> 131.108.2.0/24 131.108.255.5 0 0 1 i *> 131.108.2.1/32 131.108.255.10 0 2 1 ? *> 131.108.3.0/24 131.108.255.5 0 0 1 i *> 131.108.3.1/32 131.108.255.10 0 2 1 ? *> 131.108.4.0/24 131.108.255.5 0 0 1 i *> 131.108.4.1/32 131.108.255.10 0 2 1 ? *> 131.108.5.0/24 131.108.255.10 0 2 1 i *> 131.108.6.0/24 131.108.255.10 0 2 1 i

260

*> 131.108.7.0/24 *> 141.108.1.0/24 *> 151.108.1.0/24

131.108.255.10 0.0.0.0 131.108.255.10

0 0

0 2 1 i 32768 i 0 2 i

The change is not im plem ent ed because y ou m ust fir st clear t he BGP peer session. Clear t he BGP TCP peer session on R3 t o R4 w it h t he cle a r ip bgp 1 3 1 .1 0 8 .2 5 5 .1 0 com m and. Ex am ple 6- 31 displays t he BGP t able on R3 aft er t he BGP TCP peer is est ablished again.

Ex a m ple 6 - 3 1 sh ow ip bgp on R3 R3#show ip bgp BGP table version is 32, local router ID is 141.108.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path R3#show ip bgp BGP table version is 16, local router ID is 141.108.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 131.108.1.0/24 131.108.255.10 1 2 1 ? * 131.108.255.5 100 0 1 ? *> 131.108.2.0/24 131.108.255.5 100 0 1 i *> 131.108.2.1/32 131.108.255.10 1 2 1 ? *> 131.108.3.0/24 131.108.255.5 100 0 1 i *> 131.108.3.1/32 131.108.255.10 1 2 1 ? *> 131.108.4.0/24 131.108.255.5 100 0 1 i *> 131.108.4.1/32 131.108.255.10 1 2 1 ? *> 131.108.5.0/24 131.108.255.10 1 2 1 i *> 131.108.6.0/24 131.108.255.10 1 2 1 i *> 131.108.7.0/24 131.108.255.10 1 2 1 i *> 141.108.1.0/24 0.0.0.0 0 32768 i *> 151.108.1.0/24 131.108.255.10 0 1 2 i Even t hough t he pat h t o t he r em ot e net w or k 131.108.1.0/ 24 t hr ough R1 has a shor t er AS pat h ( t hr ough AS 1 only ) because w eight has a higher pr efe r ence t han AS pat h in t he BGP r out ing decision, t he pat h t o 131.108.1.0/ 24 is now pr efer r ed t hrough R4 ( w eight is 1) as opposed t o t he link t hrough R1. All ent ries advert ised t hr ough t he nex t hop addr ess 131.108.255.10, or R4, hav e t he w eight v alue set t o 1. You have successfully configur ed a four - r out er t opology w it h BGP4. Pr ovided her e for your reference are t he four configurat ions on t he Rout ers R1 t hrough R4. Exam ple 6- 32 display R1's full w or k ing configur at ion.

Ex a m ple 6 - 3 2 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 enable password cisco ! ip subnet-zero

261

no ip domain-lookup ! interface Loopback0 ip address 131.108.2.1 255.255.255.0 ! interface Loopback1 ip address 131.108.3.1 255.255.255.0 ! interface Loopback2 ip address 131.108.4.1 255.255.255.0 ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! interface Serial0/0 ip address 131.108.255.5 255.255.255.252 clockrate 125000 ! router ospf 1 network 131.108.1.0 0.0.0.255 area 0 network 131.108.2.0 0.0.0.255 area 0 network 131.108.3.0 0.0.0.255 area 0 network 131.108.4.0 0.0.0.255 area 0 ! router bgp 1 network 131.108.2.0 mask 255.255.255.0 network 131.108.3.0 mask 255.255.255.0 network 131.108.4.0 mask 255.255.255.0 neighbor 131.108.1.2 remote-as 1 neighbor 131.108.255.6 remote-as 3 no auto-summary line con 0 line aux 0 line vty 0 4 end Ex am ple 6- 33 display R2's full w or king configur at ion.

Ex a m ple 6 - 3 3 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! no ip domain-lookup interface Loopback0 ip address 131.108.5.1 interface Loopback1 ip address 131.108.6.1 ! interface Loopback2 ip address 131.108.7.1 ! interface Ethernet0/0 ip address 131.108.1.2 !

255.255.255.0 255.255.255.0

255.255.255.0

255.255.255.0

262

interface Serial1/0 ip address 131.108.255.1 255.255.255.0 clockrate 128000 ! router ospf 1 network 131.108.1.0 0.0.0.255 area 0 network 131.108.5.0 0.0.0.255 area 0 network 131.108.6.0 0.0.0.255 area 0 network 131.108.7.0 0.0.0.255 area 0 ! router bgp 1 network 131.108.5.0 mask 255.255.255.0 network 131.108.6.0 mask 255.255.255.0 network 131.108.7.0 mask 255.255.255.0 redistribute ospf 1 metric 100 neighbor 131.108.1.1 remote-as 1 neighbor 131.108.255.2 remote-as 2 no auto-summary ! line con 0 line aux 0 line vty 0 4 end Ex am ple 6- 34 d isplay R3's full w or k ing configur at ion.

Ex a m ple 6 - 3 4 R3 ' s Fu ll W or k in g Con figu r a t ion hostname R3 ! enable password cisco ! no ip domain-lookup ! interface Ethernet0 ip address 141.108.1.1 255.255.255.0 media-type 10BaseT ! interface Serial0 ip address 131.108.255.6 255.255.255.252 bandwidth 125 ! interface Serial1 shutdown ! interface Serial2 shutdown ! interface Serial3 ip address 131.108.255.9 255.255.255.252 ! router bgp 3 network 141.108.1.0 mask 255.255.255.0 neighbor 131.108.255.5 remote-as 1 neighbor 131.108.255.10 remote-as 2 neighbor 131.108.255.10 weight 1

263

! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 6- 35 display R4's full w or k ing configur at ion.

Ex a m ple 6 - 3 5 R4 ' s Fu ll W or k in g Con figu r a t ion hostname R4 ! enable password cisco no ip domain-lookup interface Ethernet0 ip address 151.108.1.1 255.255.255.0 interface Serial0 ip address 131.108.255.2 255.255.255.252 ! interface Serial1 shutdown ! router bgp 2 network 151.108.1.0 mask 255.255.255.0 neighbor 131.108.255.1 remote-as 1 neighbor 131.108.255.9 remote-as 3 ! line con 0 line aux 0 line vty 0 4 end

Sce n a r io 6 - 2 : BGP a n d St a t ic Rou t e s I n t his scenario, you use st at ic rout es t o load balance BGP ov er a du al- pat h connect ion bet w een t w o r out er s. BGP chooses only one pat h t o a r em ot e net w or k. To achieve any for m of load balancing of t w o or m or e net w or k pat hs, y ou can use st at ic r out es t o t he r em ot e peer addr ess. Figur e 6- 3 display s a sim ple t w o- rout er BGP t opology.

Figu r e 6 - 3 . BGP Topology

264

Enable BGP on R1 and configur e t he n e t w or k com m and t o adv er t ise t he Et her net I P net w or k 131.108.1.0/ 24. Because y ou ar e r unning EBGP, sy nchr onizat ion is not an issue in t his net w or k. Also, t o achieve load balancing, you need t o peer t he BGP neighbor s using t he Et her net I P addr esses. I n t he case of R1, t he next hop peer address is 161.108.1.1/ 24, and in t he case of R2, t he peer address is 131.108.1.1/ 24. Wit h BGP, if t he next hop address in EBGP is not used, such as in t his scenario in w hich y ou w ant t o achiev e load balancing, you m ust enable EBGP m ult ihop so t hat t he EBGP peer is est ablished. The I OS com m and t o enable EBGP m ult ihop is n e ig h b o r peer addr ess e bgp- m u lt ih op. Also, because t he nex t hop addr ess is not a dir ect ly connect ed addr ess, BGP needs t o adv er t ise t he updat e sour ce I P addr ess t o EBGP. I n t he case of R1, it is 131.108.1.1 ( Et hernet 0/ 0) , and in t he case of R2, it is 161.108.1.0/ 24 ( Et her net 0/ 0) . Ex am ple 6- 36 display s t he EBGP configurat ion ( wit h m ult ihop) on R1.

Ex a m ple 6 - 3 6 EBGP Con f ig u r a t ion on R1 R1(config)#router bgp 1 R1(config-router)#network 131.108.1.0 mask 255.255.255.0 R1(config-router)#neighbor 161.108.1.1 remote-as 2 R1(config-router)#neighbor 161.108.1.1 ebgp-multihop R1(config-router)#neighbor 161.108.1.1 update-source Ethernet0/0 Ex am ple 6- 37 display s t he EBGP configur at ion on R2.

Ex a m ple 6 - 3 7 EBGP Con f ig u r a t ion on R2 R2(config)#router bgp 2 R2(config-router)#network 161.108.1.0 mask 255.255.255.0 R2(config-router)#neighbor 131.108.1.1 remote-as 1 R2(config-router)#neighbor 131.108.1.1 ebgp-multihop R2(config-router)#neighbor 131.108.1.1 update-source Ethernet0/0 Now t hat R1 and R2 ar e configur ed w it h EBGP, ensur e t hat BGP peer sessions ar e up w it h t he sh ow ip b g p n e ig h b or com m and. Ex am ple 6- 38 displays t he peers on R1.

265

Ex a m ple 6 - 3 8 sh ow ip bgp n e igh bor s on R1 R1#show ip bgp neighbors BGP neighbor is 161.108.1.1, remote AS 2, external link Index 1, Offset 0, Mask 0x2 BGP version 4, remote router ID 0.0.0.0 BGP state = Active, table version = 0 Last read 00:03:37, hold time is 180, keepalive interval is 60 seconds Minimum time between advertisement runs is 30 seconds Received 0 messages, 0 notifications, 0 in queue Sent 0 messages, 0 notifications, 0 in queue Prefix advertised 0, suppressed 0, withdrawn 0 Connections established 0; dropped 0 Last reset never 0 accepted prefixes consume 0 bytes 0 history paths consume 0 bytes External BGP neighbor may be up to 255 hops away. No active TCP connection R1 has no peer relat ionship t o R2. To discover w hy, display t he I P ro ut ing t able on R1. Ex am ple 6- 39 displays R1's I P rout ing t able.

Ex a m ple 6 - 3 9 sh ow ip r ou t e on R1 R1#show ip route 131.108.0.0/16 is variably subnetted, 2 subnets, 2 masks C 131.108.255.0/30 is directly connected, Serial0/0 C 131.108.255.4/30 is directly connected, Serial0/1 C 131.108.1.0/24 is directly connected, Ethernet0/0 R1 does not hav e any ent r ies for t he r em ot e net w or k 161.108.1.0/ 24 and t her eby cannot est ablish a TCP session t o R2. Configur e t w o st at ic r out es on R1 point ing t o t he rem ot e net w ork t hrough Serial 0/ 0 and Serial 0/ 1. Ex am ple 6- 40 display s t he I P st at ic rout e configurat ion on R1.

Ex a m ple 6 - 4 0 St a t ic Rou t e Con f igu r a t ion on R1 R1(config)#ip route 161.108.1.0 255.255.255.0 serial 0/0 R1(config)#ip route 161.108.1.0 255.255.255.0 serial 0/1 To ensur e t hat R2 can r out e t o t he r em ot e net w or k 131.108.1.0, inst all t w o st at ic r out es point ing t o R1 over Ser ial 1/ 0 and Ser ial 1/ 1. Ex am ple 6- 41 display s t he I P st at ic rout e configurat ion on R2.

Ex a m ple 6 - 4 1 St a t ic Rou t e Con f igu r a t ion on R2 R2(config)#ip route 131.108.1.0 255.255.255.0 serial 1/0 R2(config)#ip route 131.108.1.0 255.255.255.0 serial 1/1 The BGP peers on R1 display t he est ablished peer t o R1. Ex am ple 6- 42 show s a t runcat ed display of t he peer w it h R2.

Ex a m ple 6 - 4 2 sh ow ip bgp n e igh bor s on R1 266

R1#show ip bgp neighbors BGP neighbor is 161.108.1.1, remote AS 2, external link Index 1, Offset 0, Mask 0x2 BGP version 4, remote router ID 161.108.1.1 BGP state = Established, table version = 3, up for 00:03:51 Last read 00:00:51, hold time is 180, keepalive interval is 60 seconds Minimum time between advertisement runs is 30 seconds Received 7 messages, 0 notifications, 0 in queue Sent 7 messages, 0 notifications, 0 in queue Prefix advertised 1, suppressed 0, withdrawn 0 Connections established 1; dropped 0 Last reset 00:04:21, due to User reset 1 accepted prefixes consume 32 bytes 0 history paths consume 0 bytes External BGP neighbor may be up to 255 hops away. ..[truncated display] Ensur e t hat load balancing is t ak ing place by pinging t he r em ot e net w or k 161.108.1.1/ 24 fr om R1. Tur n on d e b u g ip p a ck e t , so y ou can see on w hich out bound int erface t he ping re quest is sent . Exam ple 6- 43 show s t he ping r equest aft er t he de bu g ip pa ck e t com m and is enabled. This com m and enables y ou t o v iew w her e I P pack et s ar e sent t o and r eceived from .

Ex a m ple 6 - 4 3 D e bu g Ou t pu t on R1 R1#debug ip packet IP packet debugging is on R1#ping 161.108.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 161.108.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms 00:09:27: IP: s=131.108.255.1 (local), d=161.108.1.1 (Serial0/0), len 100, sending 00:09:27: IP: s=161.108.1.1 (Serial0/0), d=131.108.255.1 (Serial0/0), len 100, rcvd 3 00:09:27: IP: s=131.108.255.5 (local), d=161.108.1.1 (Serial0/1), len 100, sending 00:09:27: IP: s=161.108.1.1 (Serial0/1), d=131.108.255.5 (Serial0/1), len 100, rcvd 3 00:09:27: IP: s=131.108.255.1 (local), d=161.108.1.1 (Serial0/0), len 100, sending 00:09:27: IP: s=161.108.1.1 (Serial0/0), d=131.108.255.1 (Serial0/0), len 100, rcvd 3 00:09:27: IP: s=131.108.255.5 (local), d=161.108.1.1 (Serial0/1), len 100, sending 00:09:27: IP: s=161.108.1.1 (Serial0/1), d=131.108.255.5 (Serial0/1), len 100,

267

rcvd 3 00:09:27: IP: s=131.108.255.1 (local), d=161.108.1.1 (Serial0/0), len 100, sending 00:09:27: IP: s=161.108.1.1 (Serial0/0), d=131.108.255.1 (Serial0/0), len 100, rcvd 3 You can see fr om Ex am ple 6- 43 t h at t h e f irst ping request is sent t hrough Serial 0/ 0 and t he r eply is r eceived t hr ough Ser ial 0/ 0. The second ping r equest is sent t hr ough Ser ial 0/ 1, and t he r eply is r eceived t hr ough Ser ial 0/ 1; t her efor e, load balancing is occur r ing. I t is im por t ant t o not e t hat BGP st ill only sends pack et s t hr ough one pat h, but because I P at Layer 3 is load balancing, in effect you ar e load balancing BGP by using st at ic r out es. Ex am ple 6- 44 display s t he full w or k ing configur at ion of R1. Tak e not e of t he shaded sect ions, w hich cont ain t he cr it ical com m ands used t o achiev e load balancing bet ween R1 and R2.

Ex a m ple 6 - 4 4 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 no ip directed-broadcast ! interface Serial0/0 ip address 131.108.255.1 255.255.255.252 clockrate 125000 ! interface Serial0/1 ip address 131.108.255.5 255.255.255.252 clockrate 125000 ! router bgp 1 network 131.108.1.0 mask 255.255.255.0 neighbor 161.108.1.1 remote-as 2 neighbor 161.108.1.1 ebgp-multihop 255 neighbor 161.108.1.1 update-source Ethernet0/0 ! ip route 161.108.1.0 255.255.255.0 Serial0/0 ip route 161.108.1.0 255.255.255.0 Serial0/1 ! line con 0 line aux 0 line vty 0 4 end Ex am ple 6- 45 display s R2's full w or k ing configur at ion.

268

Ex a m ple 6 - 4 5 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Ethernet0/0 ip address 161.108.1.1 255.255.255.0 ! interface Serial1/0 ip address 131.108.255.2 255.255.255.252 interface Serial1/1 ip address 131.108.255.6 255.255.255.252 ! router bgp 2 network 161.108.1.0 mask 255.255.255.0 neighbor 131.108.1.1 remote-as 1 neighbor 131.108.1.1 ebgp-multihop 255 neighbor 131.108.1.1 update-source Ethernet0/0 ! ip route 131.108.1.0 255.255.255.0 Serial1/0 ip route 131.108.1.0 255.255.255.0 Serial1/1 ! line con 0 line aux 0 line vty 0 4 end

Sce n a r io 6 - 3 : BGP w it h Policy - Ba se d Rou t in g I n t his scenar io, y ou configur e EBGP using t he nex t hop addr esses and use policybased r out ing t o allow cer t ain net w or k design policies t o af fect I P rout ing decisions. Policy- based rout ing is used for t he following m ain reasons: • • •

To cont r ol t r affic flow dir ect ion eit her by sour ce or dest inat ion addr ess To change t he nex t hop addr ess To change t he w ay t r affic is sent t o a neighbor ing r out er

Th e advant ages of using policy r out ing is t he abilit y t o load shar e t o pr ovide highqualit y ser vice and cost saving, based on dat a t r affic, for expensive links. Figur e 6- 4 display s t he sam e t w o- rout er net work used in Scenar io 6- 3, ex cept t his t im e you configur e t w o EBGP sessions bet w een R1 and R2 and use BGP t o r out e dy nam ically w it hout st at ic r o ut ing.

Figu r e 6 - 4 . Tw o- EBGP Se ssion Topology

269

Configure t w o EBGP TCP sessions bet w een R1 and R2. Ex am ple 6- 46 display s t he EBGP configur at ion on R1. ( Not ice, you don't need EBGP m ult ihop because you ar e using a dir ect ly connect ed peer .)

Ex a m ple 6 - 4 6 EBGP on R1 R1(config)#router bgp 1 R1(config-router)#network 131.108.1.0 mask 255.255.255.0 R1(config-router)#neighbor 131.108.255.2 remote-as 2 R1(config-router)#neighbor 131.108.255.6 remote-as 2 Ex am ple 6- 47 display s t he t w o EBGP sessions configured on R2.

Ex a m ple 6 - 4 7 EBGP on R2 R2(config)#router bgp 2 R2(config-router)#network 161.108.1.0 mask 255.255.255.0 R2(config-router)#neighbor 131.108.255.1 remote-as 1 R2(config-router)#neighbor 131.108.255.5 remote-as 1 Ex am ple 6- 48 displays t he I P BGP t able on R1 aft er t he t w o BGP sessions ar e est ablished.

Ex a m ple 6 - 4 8 BGP Ta ble on R1 R1#show ip bgp BGP table version is 3, local router ID is 131.108.255.5 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 131.108.1.0/24 * 161.108.1.0/24

Next Hop 0.0.0.0 131.108.255.6

Metric LocPrf Weight Path 0 32768 i 0 0 2 i

270

*>

131.108.255.2

0

0 2 i

Ex am ple 6- 48 display s R1 choosing t he pat h t hr ough t he next hop addr ess. 131.108.255.2. t o r each t he r em ot e net w or k 161.108.1.0/ 24 because BGP does not load balance as you discover ed in Scenar io 6- 2. The pat h is chosen t hrough 131.108.255.2 because of it s low er I P addr esses; all ot her par am et er s t hat BGP bases decisions on ar e equal in t his case. Assum e t hat all t r affic fr om t he Et her net segm ent on R1 bound for 161.108.1.0 m ust be sent t hr ough t he next hop addr ess 131.108.255.6, or Ser ial 1/ 1, and all t r affic dest ined for t he I nt er net is sent t hr ough Serial 1/ 0. You can for ce BGP t o com plet e t his t ask by using policy- based rout ing or changing BGP at t r ibut es. But , suppose y ou w ant t o send int er nal t r affic t hr ough one pat h and all I nt er net t r affic t hr ough t he second link . Nex t , y ou lear n t o configur e policy- based r out ing t o illust r at e how y ou can use r out e m aps t o achiev e t his. To illust r at e policy- based rout ing, configure R1 t o choose a different next hop address for I P I CMP pack et s dest ined for t he r em ot e net w or k 161.108.1.0 ( Ser ial 1/ 1) t han for all ot her dest inat ions ( for ex am ple, I nt er net - based t r affic) , w hich w ill be t hr ough t he second link ( Ser ial 1/ 0) . Policy r out ing is based on incom ing pack et s only , so y ou need t o apply t he policy com m and on t he Et hernet int erface on R1. First , configure R2 t o advert ise a default rout e t o R1. Ex am ple 6- 49 displays t he configur at ion on R2 so t hat it sends a default BGP r out e t o R1. Tw o default st at em ent s ar e configur ed for r edundancy pur poses.

Ex a m ple 6 - 4 9 D e fa u lt Rou t e Con figu r a t ion on R2 R2(config)#router bgp 2 R2(config-router)#neighbor 131.108.255.1 default-originate R2(config-router)#neighbor 131.108.255.5 default-originate Ex am ple 6- 50 displays t he BGP default r out e in R1's BGP t able.

Ex a m ple 6 - 5 0 sh ow ip bgp Com m a n d on R1 R1>show ip bgp BGP table version is 4, local router ID is 131.108.255.5 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network * 0.0.0.0 *> *> 131.108.1.0/24 * 161.108.1.0/24 *>

Next Hop 131.108.255.6 131.108.255.2 0.0.0.0 131.108.255.6 131.108.255.2

Metric LocPrf Weight 0 0 0 32768 0 0 0 0

Path 2 i 2 i i 2 i 2 i

271

Ex am ple 6- 50 t ells y ou t hat R1 is choosing all t r affic t hr ough t he nex t hop addr ess 131.108.255.2. Ex am ple 6- 51 confir m s t his w hen y ou v iew t he I P r out ing t able on R1.

Ex a m ple 6 - 5 1 sh ow ip r ou t e Com m a n d on R1 R1>show ip route Gateway of last resort is 131.108.255.2 to network 0.0.0.0 131.108.0.0/16 is variably subnetted, 3 subnets, 2 masks C 131.108.255.0/30 is directly connected, Serial1/0 C 131.108.255.4/30 is directly connected, Serial1/1 C 131.108.1.0/24 is directly connected, Ethernet0/0 161.108.0.0/24 is subnetted, 1 subnets B 161.108.1.0 [20/0] via 131.108.255.2, 00:23:11 B* 0.0.0.0/0 [20/0] via 131.108.255.2, 00:13:58 Policy r out ing needs t o be configur ed on R1 t o ensur e t hat I P I CMP packet s dest ined for t he rem ot e net w ork 161.108.1.0/ 24 are sent t hr ough t he nex t hop addr ess 131.108.255.6 and all ot her t r affic is sent t hr ough 131.108.1.1 ( Ser ial 1/ 0 t o R2) . To configur e policy r out ing, y ou apply t he p olicy st at em ent on t he out bound int er face and r efer ence a r out e m ap. The I OS com m and is ip po licy r ou t e - m a p r ou t e- m ap- nam e. Ex am ple 6- 52 display s t he policy r out ing int er face configur at ion on R1. The r out e m ap nam e is an arbit rary nam e you can assign. This exa m ple assigns a rout e m ap called nondefault .

Ex a m ple 6 - 5 2 Policy Con figu r a t ion on R1 R1(config)#interface E0/0 R1(config-if)#ip policy route R1(config-if)#ip policy route-map ? WORD Route map name R1(config-if)#ip policy route-map nondefault Nex t , y ou must set t he condit ions on R1 so t hat policy r out ing can occur . Ex am ple 653 set s all I P I CMP t r affic fr om t he Et her net segm ent on R1 dest ined for 161.108.1.0/ 24 t hr oug h Ser ial 1/ 1 ( nex t hop addr ess 131.108.255.6) and all default t r affic t hr ough Ser ial 1/ 0 ( nex t hop addr ess 131.108.255.1) . Rem em ber t hat BGP, as displayed in Ex am ple 6- 50, is sending all t r affic t hr ough Ser ial 1/ 0 on R1. Ex am ple 652 uses t he ? t ool t o illust r at e t he opt ions av ailable t o y ou.

Ex a m ple 6 - 5 3 Rou t e M a p Con figu r a t ion on R1 route-map default permit 10 match ip address 100 set ip next-hop 131.108.255.6 access-list 100 permit icmp 131.108.1.0 0.0.0.255 161.108.1.0 0.0.0.255 The r out e m ap on R1 policy r out es any I P I CMP packet s w it h a sour ce addr ess in t he range 131.108.1.1–131.108.1.255 t hr ough t he nex t hop addr ess 131.108.255.6.

272

Unfor t unat ely , y ou cannot v er ify policy r out ing w it h t he I P r out ing t able. Ex am ple 654 display s R1's I P r out ing t able.

Ex a m ple 6 - 5 4 sh ow ip r ou t e on R1 R1#show ip route 131.108.0.0/16 is variably subnetted, 3 subnets, 2 masks C 131.108.255.0/30 is directly connected, Serial1/0 C 131.108.255.4/30 is directly connected, Serial1/1 C 131.108.1.0/24 is directly connected, Ethernet0/0 161.108.0.0/24 is subnetted, 1 subnets B 161.108.1.0 [20/0] via 131.108.255.2, 00:22:52 B* 0.0.0.0/0 [20/0] via 131.108.255.2, 00:22:52 Ex am ple 6- 54 st ills display s t hat all r em ot e net w or k s ar e r out ed t hr ough 131.108.255.2, or Serial 1/ 0. An ext ended ping r equest along w it h a d e b u g ip p olicy on R1 display s any policy rout ing. Ex am ple 6- 55 display s an ex t ended ping using t he sour ce addr ess 131.108.1.1 ( R1's Et her net int er face) t o t he r em ot e net w or k 161.108.1.0/ 4.

Ex a m ple 6 - 5 5 Ex t e n de d Pin g on R1 R1#debug ip policy Policy routing debugging is on R1#ping Protocol [ip]: Target IP address: 161.108.1.1 Repeat count [5]: Datagram size [100]: Timeout in seconds [2]: Extended commands [n]: y Source address or interface: 131.108.1.1 Type of service [0]: Set DF bit in IP header? [no]: Validate reply data? [no]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 161.108.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/18/20 ms 00:26:57: IP: s=131.108.1.1 (local), d=161.108.1.1, len 100, policy match 00:26:57: IP: route map default, item 10, permit 00:26:57: IP: s=131.108.1.1 (local), d=161.108.1.1 (Serial1/1), len 100, policy routed 00:26:57: IP: local to Serial1/1 131.108.255.6 00:26:57: IP: s=131.108.1.1 (local), d=161.108.1.1, len 100, policy match 00:26:57: IP: route map default, item 10, permit

273

00:26:57: IP: 100, policy routed 00:26:57: IP: 00:26:57: IP: match 00:26:57: IP: 00:26:57: IP: 100, policy routed 00:26:57: IP: 00:26:57: IP: match 00:26:57: IP: 00:26:57: IP: 100, policy routed 00:26:57: IP: 00:26:57: IP: match 00:26:57: IP: 00:26:57: IP: 100, policy routed 00:26:57: IP:

s=131.108.1.1 (local), d=161.108.1.1 (Serial1/1), len

local to Serial1/1 131.108.255.6 s=131.108.1.1 (local), d=161.108.1.1, len 100, policy route map default, item 10, permit s=131.108.1.1 (local), d=161.108.1.1 (Serial1/1), len

local to Serial1/1 131.108.255.6 s=131.108.1.1 (local), d=161.108.1.1, len 100, policy route map default, item 10, permit s=131.108.1.1 (local), d=161.108.1.1 (Serial1/1), len

local to Serial1/1 131.108.255.6 s=131.108.1.1 (local), d=161.108.1.1, len 100, policy route map default, item 10, permit s=131.108.1.1 (local), d=161.108.1.1 (Serial1/1), len

local to Serial1/1 131.108.255.6

Ex am ple 6- 55 display s t he fiv e ping r equest s successfully policy r out ed t hr ough Ser ial 1/ 1, or t he nex t hop addr ess 131.108.255.6. Ex am ple 6- 56 display s a ping r equest t o t he unk now n net w or k 141.108.1.1 on R1 and t he subsequent policy debug out put .

Ex a m ple 6 - 5 6 pin g 1 4 1 .1 0 8 .1 .1 on R1 R1#ping 141.108.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms 00:30:35: IP: s=131.108.255.1 (local), d=141.108.1.1, len 100, policy rejected - normal forwarding 00:30:35: IP: s=131.108.255.1 (local), d=141.108.1.1, len 100, policy rejected - normal forwarding 00:30:35: IP: s=131.108.255.1 (local), d=141.108.1.1, len 100, policy rejected - normal forwarding 00:30:35: IP: s=131.108.255.1 (local), d=141.108.1.1, len 100, policy rejected - normal forwarding 00:30:35: IP: s=131.108.255.1 (local), d=141.108.1.1, len 100, policy rejected - normal forwarding 00:30:37: IP: s=131.108.255.1 (local), d=131.108.255.2, len 59, policy rejected

274

-- normal forwarding 00:30:39: IP: s=131.108.255.5 (local), d=131.108.255.6, len 59, policy rejected -- normal forwarding R1 sends all pack et s t o an unk now n dest inat ion t hr ough nor m al for w ar ding t hr ough Ser ial 1/ 0. The debug out put in Ex am ple 6- 56 display s a nonm at ching policy ; hence, t he I P dat agr am is for w ar ded t hr ough t he nor m al out bound int er face. This sim ple scenar io dem onst r at es t he pow er ful use of policy- based rout ing on sour ce and dest inat ion addr esses. Wit h t he use of ex t ended access list s, y ou can also base r out ing on por t num ber s. For ex am ple, y ou can do t his if y ou w ant Telnet sessions t o go t hr ough one int er face or anot her. Configur e R1 t o send all Telnet t r affic or iginat ed fr om t he net w or k 131.108.1.0/ 24 t hr ough t he next hop int er face 131.108.255.6. Ex am ple 6- 57 display s t he access- list configur at ion t o allow Telnet sessions t hr ough Serial 1/ 1.

Ex a m ple 6 - 5 7 Allow in g Te ln e t t o Be Policy Rou t e d on R1 access-list 100 permit tcp 131.108.1.0 0.0.0.255 161.108.1.0 0.0.0.255 eq telnet

Ex a m ple 6 - 5 8 Sa m ple de bu g ip policy Ou t pu t on R1 R1#debug ip policy Policy routing debugging is on R1#telnet 161.108.1.1 /source-interface ethernet 0/0 Trying 161.108.1.1 ... Open R2> 01:04:00: IP: s=131.108.1.1 (local), d=161.108.1.1, len 44, policy match 01:04:00: IP: route map default, item 10, permit 01:04:00: IP: s=131.108.1.1 (local), d=161.108.1.1 (Serial1/1), len 44, policy routed 01:04:00: IP: local to Serial1/1 131.108.255.6 01:04:00: IP: s=131.108.1.1 (local), d=161.108.1.1, len 40, policy match 01:04:00: IP: route map default, item 10, permit 01:04:00: IP: s=131.108.1.1 (local), d=161.108.1.1 (Serial1/1), len 40, policy routed 01:04:00: IP: local to Serial1/1 131.108.255.6 01:04:00: IP: s=131.108.1.1 (local), d=161.108.1.1, len 52, policy match 01:04:00: IP: route map default, item 10, permit 01:04:00: IP: s=131.108.1.1 (local), d=161.108.1.1 (Serial1/1), len 52, policy routed 01:04:00: IP: local to Serial1/1 131.108.255.6 01:04:00: IP: s=131.108.1.1 (local), d=161.108.1.1, len 40, policy match

275

01:04:00: 01:04:00: policy routed 01:04:00: 01:04:00: match 01:04:00: 01:04:00: policy routed 01:04:00: 01:04:00: match 01:04:00: 01:04:00: policy routed 01:04:00: 01:04:00: match 01:04:00: 01:04:00: policy routed 01:04:00: 01:04:00: match 01:04:00: 01:04:00: policy routed 01:04:00: 01:04:00: match 01:04:00: 01:04:00: policy routed 01:04:00:

IP: route map default, item 10, permit IP: s=131.108.1.1 (local), d=161.108.1.1 (Serial1/1), len 40,

IP: local to Serial1/1 131.108.255.6 IP: s=131.108.1.1 (local), d=161.108.1.1, len 43, policy IP: route map default, item 10, permit IP: s=131.108.1.1 (local), d=161.108.1.1 (Serial1/1), len 43,

IP: local to Serial1/1 131.108.255.6 IP: s=131.108.1.1 (local), d=161.108.1.1, len 43, policy IP: route map default, item 10, permit IP: s=131.108.1.1 (local), d=161.108.1.1 (Serial1/1), len 43,

IP: local to Serial1/1 131.108.255.6 IP: s=131.108.1.1 (local), d=161.108.1.1, len 49, policy IP: route map default, item 10, permit IP: s=131.108.1.1 (local), d=161.108.1.1 (Serial1/1), len 49,

IP: local to Serial1/1 131.108.255.6 IP: s=131.108.1.1 (local), d=161.108.1.1, len 43, policy IP: route map default, item 10, permit IP: s=131.108.1.1 (local), d=161.108.1.1 (Serial1/1), len 43,

IP: local to Serial1/1 131.108.255.6 IP: s=131.108.1.1 (local), d=161.108.1.1, len 40, policy IP: route map default, item 10, permit IP: s=131.108.1.1 (local), d=161.108.1.1 (Serial1/1), len 40,

IP: local to Serial1/1 131.108.255.6

Ex am ple 6- 58 display s a sam ple debug out put w hen y ou t elnet t o 161.108.1.1 fr om R1 using t he source address of 131.108.1.1. R2 has no login on vt y 0 4 lines; t her efor e, w hen you t elnet fr om R1 t o R2, you ar e im m ediat ely placed at t he R2 pr om pt . Because a policy is m at ched on access list 100, R1 sends all Telnet t raffic t hrough Serial 1/ 1. Ex am ple 6- 59 display s R1's full w or k ing configur at ion.

Ex a m ple 6 - 5 9 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 ! enable password cisco

276

! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ip route-cache policy ip policy route-map default ! interface Serial1/0 ip address 131.108.255.1 255.255.255.252 clockrate 128000 ! interface Serial1/1 ip address 131.108.255.5 255.255.255.252 clockrate 128000 ! router bgp 1 network 131.108.1.0 mask 255.255.255.0 neighbor 131.108.255.2 remote-as 2 neighbor 131.108.255.6 remote-as 2 ! ip local policy route-map default access-list 100 permit icmp 131.108.1.0 0.0.0.255 161.108.1.0 0.0.0.255 access-list 100 permit tcp 131.108.1.0 0.0.0.255 161.108.1.0 0.0.0.255 eq telnet route-map default permit 10 match ip address 100 set ip next-hop 131.108.255.6 line con 0 line aux 0 line vty 0 4 no login ! end Ex am ple 6- 60 display s R2's full w or k ing configur at ion.

Ex a m ple 6 - 6 0 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! interface Loopback0 ip address 141.108.1.1 255.255.255.255 ! interface Ethernet0/0 ip address 161.108.1.1 255.255.255.0 ! interface Serial1/0 ip address 131.108.255.2 255.255.255.252 interface Serial1/1 ip address 131.108.255.6 255.255.255.252 router bgp 2 network 161.108.1.0 mask 255.255.255.0 neighbor 131.108.255.1 remote-as 1 neighbor 131.108.255.1 default-originate neighbor 131.108.255.5 remote-as 1

277

neighbor 131.108.255.5 default-originate ! line con 0 line aux 0 line vty 0 4 no login ! end

Sce n a r io 6 - 4 : BGP w it h Com m u n it ie s a n d Pe e r Gr ou ps BGP deals w it h lar ge BGP peer s by using m any differ ent scalable solut ions, such as t he com m unit y at t r ibut e and peer gr oups. I n t his scenar io, y ou discov er how BGP uses t he com m unit y at t r ibut e along w it h a peer gr oup t o ensur e t hat I BGP is scalable in a la r ge net w or k env ir onm ent . A com m unit y is a gr oup of r out er s shar ing t he sam e pr oper t y . A peer gr oup is a gr oup of BGP neighbor s shar ing t he sam e updat e policies. I n t his scenar io, y ou configur e a w ell- k now n BGP com m unit y and discov er t he adv ant ages of peer gr oups. N OTE The com m unit y at t r ibut e is a num ber defined in t he r ange 1 t o 4,294,967,200. The I OS se t com m u n it y com m u n it y- num ber [ a ddit iv e ] com m and is used t o define a v alue. Som e w ell- k now n com m unit y at t r ibut es, such as no- ex port ( do not adv er t ise t o EBGP peer s) and no- a d v e r t ise ( do not adv er t ise t his r out e t o any peer ) , can subst it ut e for com m u n it y- num ber . The no ex por t com m unit y at t r ibut e adv ises a BGP r out er car r y ing t his at t r ibut e t hat t he r out e adv er t ised should not be adv er t ised t o any peer s out side t he AS. The no adv er t ise com m unit y at t r ibut e adv ises a BGP r out er car r y ing t his at t r ibut e t hat t he r out e adv er t ised should not be adv er t ised t o any peer s. To apply t he com m unit y at t r ibut e t o a r em ot e BGP neighbor , use t he n e igh bor com m and:

neighbor {ip address | peer group} send-community

Figur e 6- 5 displays a sim ple four- r out er t opology , including an I nt er net connect ion on R1 and R2. R1 peers t o an EBGP peer wit h t he I P addr ess 141.199.1.1 ( Rem ot e AS 1001) , and R2 peer s t o an EBGP peer w it h t he I P addr ess 151.100.1.1 ( Rem ot e AS 1002) . Ty pically , lar ge com panies hav e m or e t han one I nt er net connect ion, so t o ensur e t hat R1 and R2 ar e not t he t r ansit pat hs for any I SP- based t r affic, y ou set t he com m unit y at t r ibut e ( w ell- know n) no- e x por t on R1 and R2.

278

Figu r e 6 - 5 . I BGP

Ex am ple 6- 61 displays t he com m unit y at t r ibut e set t ing on R1.

Ex a m ple 6 - 6 1 BGP Con f igu r a t ion on R1 R1(config)#router bgp 1 R1(config-router)#neighbor 141.199.1.1 R1(config-router)#neighbor 141.199.1.1 R1(config-router)#neighbor 141.199.1.1 in Apply map to incoming routes out Apply map to outbound routes R1(config-router)#neighbor 141.199.1.1

remote-as 1001 send-community route-map setcommunity ?

route-map setcommunity out

R1 is configur ed for EBGP and I BGP. The EBGP connect ion t o t he r em ot e peer addr ess, 141.199.1.1, is t he I nt er net gat ew ay . Ther efor e, y ou m ust send t he 6com m unit y t o t he r em ot e peer and apply an out bound r out e m ap, so t he I nt er net r out er s do not use R1 as a t r ansit pat h. You hav e y et t o apply t he rout e m ap nam ed set com m unit y ( ar bit r ar y nam e) . Ex am ple 6- 62 display s t he r out e m ap configur at ion on R1. Apply t he well- k now n com m unit y no- e x por t , w hich infor m s t he neighbor ing r out er not t o use R1 for any t r affic not dest ined for t he net w or k 131.108.0.0/ 16.

Ex a m ple 6 - 6 2 Rou t e M a p Con figu r a t ion on R1 R1(config)#route-map setcommunity R1(config-route-map)#set community ? community number aa:nn community number in aa:nn format additive Add to the existing community local-AS Do not send outside local AS (well-known community) no-advertise Do not advertise to any peer (well-known community) no-export Do not export to next AS (well-known community) none No community attribute

279

R1(config-route-map)#set community no-export Not ice t hat t he ? t ool display s all t he com m unit y v ar iat ions, including a com m unit y num ber and t he t w o ot her w ell- know n com m unit y values: loca l- AS and noa dv e r t ise . You m ust ensur e t hat t he I SP connect ed t o R2 does not use R2 as a t r ansit pat h. Ex am ple 6- 63 configur es R2 t o ensur e t hat t he I SP is not using t he net w or k of Rout ers R1 – R4 as a t ransit pat h.

Ex a m ple 6 - 6 3 Com m u n it y Con figu r a t ion on R2 R2(config)#router bgp 1 R2(config-router)#neighbor 151.100.1.1 remote-as 1002 R2(config-router)#neighbor 151.100.1.1 remote-as 1002 R2(config-router)#neighbor 151.100.1.1 se R2(config-router)#neighbor 151.100.1.1 send-community R2(config-router)#neighbor 151.100.1.1 route-map setcommunity out R2(config-router)#exit R2(config)#route-map setcommunity R2(config-route-map)#set community no-export The r out e m ap nam e is t he sam e as t he nam e used on R1 because rout e m ap nam es ar e locally significant on Cisco r out er s. Next , configur e t he four r out er s, R1– R4, for I BGP, and set t he sam e policies on all four r out er s. Assum e t he net w or k designer has ask ed y ou t o ensure t hat R1 does not receive any default rout es from R2, R3, or R4. Also set t he n e x t - hop- se lf at t r ibut e on all I BGP peer sessions. Ensur e t hat R1 set s t he com m unit y t o t he value 2000. For a sm all net w or k such as t his, t he configur at ion on R1 can gr ow quit e lar ge. Tak e advant age of peer gr oups and configur e one policy, and apply t hat policy on R1 t o all t hree rem ot e rout ers ( R2, R3, and R4) . Fir st , t o dem onst r at e t he pow er of peer gr oups, configur e I BGP on R1. Ex am ple 6- 64 configur es R1 for I BGP t o R2 only , set s t he n e x t- hop- se lf at t r ibut e ( no default s r out es per m it t ed) , sends t he com m unit y v alue of 2000, and set s t he weight t o 1000.

Ex a m ple 6 - 6 4 R1 's I BGP Con figu r a t ion t o R2 R1(config-router)#neighbor 131.108.1.2 route-map setattributes in R1(config-router)#neighbor 131.108.1.2 next-hop-self R1(config-router)#neighbor 131.108.1.2 distribute-list 1 in R1(config-router)#neighbor 131.108.1.2 send-community R1(config-router)#neighbor 131.108.1.2 weight 1000 R1(config)#route-map setattributes R1(config-route-map)#set community 2000 R1(config)#access-list 1 deny 0.0.0.0

280

To configur e R1 t o set t he sam e at t r ibut es and condit ions t o R3 and R4, you need t o com plet e t he sam e set of I OS com m ands ( sev en I OS com m ands in t ot al) and hav e differ ent r out e m aps and access list s. Clear ly w it h a lar ge net w or k, t his is not scalable. To cr eat e a BGP peer gr oup, use t he n e ig h b or p e e r- gr ou p com m and, beginning in r out er configur at ion m ode. Ex am ple 6- 65 creat es a peer group on R1 nam ed int er nal; again, t he nam e is an ar bit r ar y nam e.

Ex a m ple 6 - 6 5 Pe e r Gr ou p Com m a n d on R1 R1(config)#router bgp 1 R1(config-router)#neighbor internal peer-group You m ust t hen assign t he opt ions, such as t he w eight and com m unit y v alue, t o t he peer groups. Ex am ple 6- 66 display s all t he av ailable opt ions y ou can assign t o a peer group.

Ex a m ple 6 - 6 6 Pe e r Gr ou ps Opt ion s R1(config-router)#neighbor internal ? advertise-map specify route-map for conditional advertisement advertisement-interval Minimum interval between sending EBGP routing updates default-originate Originate default route to this neighbor description Neighbor specific description distribute-list Filter updates to/from this neighbor ebgp-multihop Allow EBGP neighbors not on directly connected networks filter-list Establish BGP filters maximum-prefix Maximum number of prefix accept from this peer next-hop-self Disable the next hop calculation for this neighbor password Set a password peer-group Configure peer-group prefix-list Filter updates to/from this neighbor remote-as Specify a BGP neighbor remove-private-AS Remove private AS number from outbound updates route-map Apply route map to neighbor route-reflector-client Configure a neighbor as Route Reflector client send-community Send Community attribute to this neighbor shutdown Administratively shut down this neighbor soft-reconfiguration Per neighbor soft reconfiguration timers BGP per neighbor timers unsuppress-map Route-map to selectively unsuppress suppressed routes The shaded sect ions in Ex am ple 6- 66 cont ain t he opt ions y ou set . Exam ple 6- 67 displays t he set t ing of a dist r ibut ion list t o st op a default r out e fr om being accept ed on R1, adver t ising t he n e x t - hop- se lf at t r ibut e, set t ing t he r em ot e AS num ber t o 1

281

( sam e on all I BGP peer s) , and ensur ing t hat com m unit y 2000 is sent t o R2, R3, and R4.

Ex a m ple 6 - 6 7 Pe e r Gr ou p D e fin it ion s R1(config-router)#neighbor R1(config-router)#neighbor R1(config-router)#neighbor R1(config-router)#neighbor

internal distribute-list 1 in internal next-hop-self internal remote-as 1 internal route-map setattributes in

Finally, apply t hese set t ings t o all t he r em ot e peer s. Ex am ple 6- 68 show s how t o m ake R2, R3, and R4 m em bers of t he peer group called int ernal.

Ex a m ple 6 - 6 8 M a k in g R2 , R3 , a n d R4 M e m be r s of t h e Pe e r Gr ou p I n t e r n a l router bgp 1 neighbor 131.108.1.2 peer-group internal neighbor 131.108.255.6 peer-group internal neighbor 131.108.255.14 peer-group internal R1 has defined t hr ee r em ot e I BGP peer s w it h one st at em ent t hat set s all t he param et ers defined by t he peer group int ernal. You can configur e BGP peer s t o ov er r ide configur at ion opt ions if r equir ed. The beaut y of using peer gr oups is t hat y ou can add m or e BGP peer s by using only one com m and. This scales m uch bet t er t han configur ing a m ult it ude of I OS com m ands on sev er al r out ers. Chapt er 7 descr ibes t w o ot her m ain m et hods used in BGP net w or ks t o scale in lar ge net w or ks, nam ely r out e r eflect or s ( y ou m ight not ice t his net w or k is fully m eshed, t hat is , ev er y BGP r out er s has a peer t o each ot her ) and confeder at ions. Ex am ple 6- 69 display s t he full w or k ing configur at ion on R1. Tak e not e of t he shaded sect ions t hat configur e R1 t o set local- based policies t o all t hree I BGP peers. Peer groups can also be applied t o EBGP peers and are com m only used in large I SP net w or k s in w hich m any t housands of cust om er s m ight hav e I nt er net connect ions.

Ex a m ple 6 - 6 9 R1 's Fu ll W or k in g Co n figu r a t ion hostname R1 ! enable password cisco ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! interface Serial1/0 ip address 131.108.255.5 255.255.255.252 clockrate 128000 ! interface Serial1/1 Description Link to Internet ip address 141.199.2.1 255.255.255.252 ! interface Serial1/2 ip address 131.108.255.13 255.255.255.252 no ip directed-broadcast

282

! router bgp 1 no synchronization network 131.108.255.4 mask 255.255.255.252 network 131.108.255.12 mask 255.255.255.252 neighbor internal peer-group neighbor internal remote-as 1 neighbor internal distribute-list 1 in neighbor internal route-map setattributes in neighbor 131.108.1.2 peer-group internal neighbor 131.108.255.6 peer-group internal neighbor 131.108.255.14 peer-group internal neighbor 141.199.1.1 remote-as 1001 neighbor 141.199.1.1 send-community neighbor 141.199.1.1 route-map setcommunity out access-list 1 deny 0.0.0.0 access-list 1 permit any route-map setcommuntiy permit 10 set community no-export ! route-map setattributes permit 10 match ip address 2 set weight 1000 set community 1000 line con 0 line aux 0 line vty 0 4 end Ex am ple 6- 70 display s t he full w or k ing configur at ion on R2. Not ice R2 is not configur ed for peer gr oups.

Ex a m ple 6 - 7 0 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 interface Serial1/0 bandwidth 128 ip address 131.108.255.1 255.255.255.252 no ip directed-broadcast no ip mroute-cache ! interface Serial1/1 Description Link to Internet ip address 151.100.2.1 255.255.255.252 ! interface Serial1/2 ip address 131.108.255.9 255.255.255.252 clockrate 128000 ! router bgp 1 no synchronization

283

network 131.108.255.0 mask 255.255.255.252 network 131.108.255.8 mask 255.255.255.252 neighbor 131.108.1.1 remote-as 1 neighbor 131.108.255.2 remote-as 1 neighbor 131.108.255.10 remote-as 1 neighbor 151.100.1.1 remote-as 1002 neighbor 151.100.1.1 send-community neighbor 151.100.1.1 route-map setcommunity out ! route-map setcommunity permit 10 set community no-export ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 6- 71 display s t he full w or k ing configur at ion on R3. Not ice R3 is not configur ed for peer gr oups.

Ex a m ple 6 - 7 1 R3 ' s Fu ll W or k in g Con figu r a t ion hostname R3 ! enable password cisco ! interface Ethernet0 ip address 141.108.1.1 255.255.255.0 ! interface Serial0 ip address 131.108.255.6 255.255.255.252 ! interface Serial1 ip address 131.108.255.10 255.255.255.252 ! router bgp 1 no synchronization network 141.108.1.0 mask 255.255.255.0 network 131.108.255.4 mask 255.255.255.252 network 131.108.255.8 mask 255.255.255.252 neighbor 131.108.255.5 remote-as 1 neighbor 131.108.255.9 remote-as 1 ! no ip classless route-map setweight permit 10 match ip address 1 set weight 1 ! route-map setweight permit 20 match ip address 2 ! line con 0 line aux 0 line vty 0 4 end

284

Ex am ple 6- 72 display s t he full w or k ing configur at ion on R4. Not ice R4 is not configur ed for peer gr oups.

Ex a m ple 6 - 7 2 R4 ' s Fu ll W or k in g Con figu r a t ion hostname R4 ! enable password cisco ! interface Ethernet0 ip address 151.108.1.1 255.255.255.0 ! interface Serial0 ip address 131.108.255.2 255.255.255.252 clockrate 125000 ! interface Serial1 ip address 131.108.255.14 255.255.255.252 clockrate 125000 ! interface Serial3 ip address 131.108.255.10 255.255.255.252 clockrate 125000 ! router bgp 1 no synchronization network 131.108.255.0 mask 255.255.255.252 network 131.108.255.12 mask 255.255.255.252 network 151.108.1.0 mask 255.255.255.0 neighbor 131.108.255.1 remote-as 1 neighbor 131.108.255.13 remote-as 1 ! line con 0 line aux 0 line vty 0 4 end

Sce n a r io 6 - 5 : V e r ify in g BGP Ope r a t ion This final scenar io looks at Cisco I OS m echanism s for m onit or ing and ver ifying BGP r out ing w it hin a Cisco rout er net w ork. Refer t o Figure 6- 4 and t he BGP t opology t o see how t o use som e com m on sh o w com m ands t o v er ify t hat BGP is oper at ing cor r ect ly . Sh o w and d e b u g com m ands can be v aluable, not only in t he r eal- life net w orks you com e acr oss, but also dur ing y our cer t ificat ion ex am s. This scenar io cov er s t he follow ing com m ands: • •

sh ow ip b g p sum m ary — Displays BGP neighbors in sum m ary m ode sh ow ip b g p— Display s t he BGP t opology t able

285

• • •

cle a r ip b g p * — Clears all BGP TCP sessions sh ow t cp b r ie f— Display s all TCP sessions ( BGP uses TCP) d e b u g ip b g p e v e n t s— Display s any BGP ev ent s, such as neighbor st at e changes

Ex am ple 6- 73 displays a sam ple out put t aken from R1 in Figur e 6- 4 using t he I OS sh ow ip b g p su m m a r y com m and.

Ex a m ple 6 - 7 3 sh ow ip b g p su m m a r y o n R1 R1#show ip bgp summary BGP router identifier 131.108.255.13, local AS number 1 BGP table version is 11, main routing table version 11 6 network entries and 10 paths using 854 bytes of memory 3 BGP path attribute entries using 280 bytes of memory BGP activity 50/44 prefixes, 73/63 paths Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ State/PfxRcd 131.108.1.2 4 1 194 195 11 0 0 2 131.108.255.6 4 1 84 83 11 0 0 3 131.108.255.14 4 1 152 152 11 0 0 3 141.199.1.1 4 1001 0 0 0 0 0 Idle

Up/Down 00:03:22 00:03:23 00:03:23 never

Exa m ple 6- 73 display s a lot of useful infor m at ion, including t he local r out er ident ifier 131.108.255.13, t he local AS of 1, and t he BGP t able v er sion of 11. ( An incr easing v er sion num ber indicat es a net w or k change is occur r ing; if no changes occur , t his num b er r em ains t he sam e.) I t also show s six net w or k pat hs on R1, using 854 by t es of m em ory. Mem or y is im por t ant in BGP because in a lar ge net w or k , such as t he I nt er net , m em or y can be a lim it ing fact or . As m or e BGP ent r ies populat e t he I P r out ing t able, more me m ory is required. Ex am ple 6- 73 display s four configur ed r em ot e peer s: t he fir st t hr ee ar e I BGP ( because t he AS is 1 and t he sam e as t he local AS) and one r em ot e peer t hat has nev er been act iv e. ( The out put indicat es an idle session, and t he up/ dow n t im e display s t his connect ion w as nev er est ablished.) The BGP t able is one t hat confuses m ost people. Most engineer s ar e fam iliar w it h a st andar d Cisco I OS I P r out ing t able and m ist ak enly apply t he sam e pr inciples t o t he BGP t able. The BGP t able is not an I P r out ing t able. The BGP t able displays infor m at ion, such as r em ot e and local net w or k ent r ies, BGP at t r ibut es, and select ed pat hs. Ent r ies ar e t hen inser t ed int o t he I P r out ing t able. Ex am ple 6- 74 display s t he BGP t able on R1 in Figur e 6- 4. Not ice t he show ip b g p com m and can be per for m ed in execut ive m ode.

Ex a m ple 6 - 7 4 sh ow ip bgp R1>show ip bgp BGP table version is 11, local router ID is 131.108.255.13

286

Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *>i131.108.255.0/30 131.108.1.2 0 100 1000 i * i 131.108.255.14 0 100 1000 i *> 131.108.255.4/30 0.0.0.0 0 32768 i * i 131.108.255.6 0 100 1000 i *>i131.108.255.8/30 131.108.1.2 0 100 1000 i * i 131.108.255.6 0 100 1000 i *> 131.108.255.12/30 0.0.0.0 0 32768 i * i 131.108.255.14 0 100 1000 i *>i141.108.1.0/24 131.108.255.6 0 100 1000 i *>i151.108.1.0/24 131.108.255.14 0 100 1000 i Again, t he BGP t able ver sion is displayed as 11 and t he local rout er I D is 131.108.255.13. The var ious net w or ks ar e list ed along w it h t he next hop addr ess, m et r ic ( MED) , local pr efer ence ( Locpr ef) , w eight , and t he pat h. The i on t he left side ( par t of t he st at us codes) indicat es an int er nal BGP r out e and t he i on t he right side of Ex am ple 6- 74 indicat es t he or igin. ( i is for I GP, par t of t he or igin codes.) I f a BGP configur at ion change is com plet ed on Cisco I OS r out er s , t he BGP peer session m ust be clear ed. The com m and t o clear all sessions is cle a r ip bgp * . To clear a single peer rout er, use t he cle a r ip b g p peer - ip- addr ess com m and. Ex am ple 6- 75 clear s all BGP sessions on R1 aft er a configur at ion change t o set all I BGP peer lo ca lp r e f at t r ibut es t o 1000, inst ead of t he default v alue of 100. Exam ple 6- 75 display s t he BGP t able aft er t he change is configur ed and y ou clear all BGP peers sessions on R1.

Ex a m ple 6 - 7 5 cle a r ip bgp * a n d sh ow ip bgp on R1 R1#clear ip bgp ? * Clear all connections

AS number of the peers A.B.C.D BGP neighbor address to clear dampening Clear route flap dampening information flap-statistics Clear route flap statistics peer-group Clear BGP connections of peer-group R1#clear ip bgp * R1#show ip bgp BGP table version is 11, local router ID is 131.108.255.13 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *>i131.108.255.0/30 131.108.1.2 0 1000 1000 i * i 131.108.255.14 0 1000 1000 i *> 131.108.255.4/30 0.0.0.0 0 32768 i * i 131.108.255.6 0 1000 1000 i *>i131.108.255.8/30 131.108.1.2 0 1000 1000 i * i 131.108.255.6 0 1000 1000 i *> 131.108.255.12/30 0.0.0.0 0 32768 i * i 131.108.255.14 0 1000 1000 i

287

*>i141.108.1.0/24 *>i151.108.1.0/24

131.108.255.6 131.108.255.14

0 0

1000 100

1000 i 1000 i

Th e ? t ool displays a num ber of opt ions, including clear ing BGP sessions based on AS num bers or rem ot e peer address. On Cisco I OS rout ers, you m ust cle ar t he BGP sessions if y ou w ant a change t o t ak e place because BGP does not updat e changes aft er a BGP session is est ablished. You can, how ev er , configur e soft configur at ions w it h t he n e igh bor peer addr ess soft - r e con f ig u r a t ion in b ou n d com m and, w hich enable s you t o m ake changes and not have t o clear t he TCP peer , r esult ing in no dow nt im e. Ex am ple 6- 76 display s t he out put fr om t he sh o w t cp b r ie f com m and on R1.

Ex a m ple 6 - 7 6 sh ow t cp br ie f R1#show tcp brief TCB Local Address 812CC228 131.108.255.5.11040 812CF508 131.108.1.1.11039 812D0054 131.108.255.13.11041

Foreign Address 131.108.255.6.179 131.108.1.2.179 131.108.255.14.179

(state) ESTAB ESTAB ESTAB

Rout er R1, as displayed in Ex am ple 6- 76, has t hr ee TCP sessions in an est ablished st at e. The TCP por t num ber s ar e also list ed. This com m and is useful because y ou need t o be cer t ain t hat TCP is act iv e at Lay er 4 of t he OSI m odel w hen t r oubleshoot ing t o discov er w hy t w o BGP peer s ar e not sending updat es, for exam ple. The for eign addr esses list t he TCP por t as 179, and t he local addr ess is a num ber TCP gener at es. This t ells y ou t hat R1 has t hr ee TCP sessions act iv e, and y ou can ex pect BGP t o send updat es and k eepaliv es acr oss each TCP session. Debugging BGP is useful. The m ost widely used t ool when est ablishing why BGP is or is not peering is t h e d e b u g ip b g p e v e n t s com m and. Nex t , clear all BGP sessions on R1 wit h t his d e b u g com m and t ur ned on t o discov er t he session y ou act iv at ed. Ex am ple 6- 77 display s t he sam ple out put t aken fr om R1 w hen t he BGP sessions ar e clear ed for dem onst r at ion pur poses. You w ould nev er use t his com m and dur ing nor m al w or k ing hour s, because BGP loses peer ing t o any r em ot e peer s. Also, not ice t h at t h e cle a r and de bug com m ands ar e per for m ed in privileged m ode.

Ex a m ple 6 - 7 7 de bu g ip bgp e v e n t s a n d cle a r ip bgp * on R1 R1#debug ip bgp events BGP events debugging is on R1#clear ip bgp * 4d01h: BGP: reset all neighbors due to User reset 4d01h: BGP: 131.108.1.2 went from Established to Idle 4d01h: BGP: 131.108.255.6 went from Established to Idle 4d01h: BGP: 131.108.255.14 went from Established to Idle 4d01h: BGP: 131.108.1.2 went from Idle to Active 4d01h: BGP: 131.108.255.6 went from Idle to Active 4d01h: BGP: 131.108.255.14 went from Idle to Active 4d01h: BGP: 131.108.255.6 went from Active to OpenSent 4d01h: BGP: 131.108.255.6 went from OpenSent to OpenConfirm 4d01h: BGP: 131.108.255.6 went from OpenConfirm to Established

288

4d01h: BGP: 131.108.255.6 computing updates, neighbor version 0, table version 1, starting at 0.0.0.0 4d01h: BGP: 131.108.255.6 update run completed, ran for 0ms, neighbor version 0, start version 1, throttled to 1, check point net 0.0.0.0 4d01h: BGP: 131.108.255.14 went from Active to OpenSent 4d01h: BGP: 131.108.255.14 went from OpenSent to OpenConfirm 4d01h: BGP: 131.108.255.14 went from OpenConfirm to Established 4d01h: BGP: 131.108.255.14 computing updates, neighbor version 0, table version 1, starting at 0.0.0.0 4d01h: BGP: 131.108.255.14 update run completed, ran for 0ms, neighbor version 0, start version 1, throttled to 1, check point net 0.0.0.0 4d01h: BGP: 131.108.1.2 went from Active to OpenSent 4d01h: BGP: 131.108.1.2 went from OpenSent to OpenConfirm 4d01h: BGP: 131.108.1.2 went from OpenConfirm to Established 4d01h: BGP: 131.108.1.2 computing updates, neighbor version 0, table version 1, starting at 0.0.0.0 4d01h: BGP: 131.108.1.2 update run completed, ran for 0ms, neighbor version 0, start version 1, throttled to 1, check point net 0.0.0.0 4d01h: BGP: 131.108.255.6 computing updates, neighbor version 1, table version 9, starting at 0.0.0.0 4d01h: BGP: 131.108.255.6 update run completed, ran for 0ms, neighbor version 1, start version 9, throttled to 9, check point net 0.0.0.0 4d01h: BGP: scanning routing tables 4d01h: BGP: scanning routing tables 4d01h: BGP: scanning routing tables The sam ple out put from Ex am ple 6- 77 display s t he BGP session's t ear dow n st at e ( r eset by user) and t he re - est ablishing of TCP sessions t o t he t hr ee peer s: 131.108.255.14, 131.108.255.14, and 131.108.1.2. Aft er t he sessions ar e act iv e, only changes ar e sent acr oss t he TCP peer s. You can v iew k eepaliv es w it h t he de bug ip bgp k e e pa liv e s com m and. Ex am ple 6- 78 display s a sam ple out put t ak en fr om R1 aft er t he TCP peer s ar e est ablished.

Ex a m ple 6 - 7 8 de bu g ip bgp k e e pa liv e s on R1 R1#debug ip bgp keepalives BGP keepalives debugging is on 4d01h: BGP: 131.108.255.6 sending KEEPALIVE 4d01h: BGP: 131.108.255.6 KEEPALIVE rcvd 4d01h: BGP: 131.108.255.14 sending KEEPALIVE 4d01h: BGP: 131.108.255.14 KEEPALIVE rcvd 4d01h: BGP: 131.108.1.2 sending KEEPALIVE 4d01h: BGP: 131.108.1.2 KEEPALIVE rcvd R1 is sending and r eceiv ing k eepaliv es t o t he t hr ee r em ot e peer s t o ensur e t hat t he r em ot e r out er s ar e st ill act ive. Assum e t hat R1 is r eloaded.

289

I f you display t he TCP sessions now , you w ill discover t hr ee TCP sessions using a new local TCP por t num ber because t he sessions have been r e - est ablished and a new r andom local TCP por t num ber has been chosen by TCP. Ex am ple 6- 79 display s t he TCP sessions on R1.

Ex a m ple 6 - 7 9 sh ow t cp br ie f on R1 R1#sh tcp TCB 812CF984 812CCB20 812CC6A4

brief Local Address 131.108.255.5.11042 131.108.1.1.11044 131.108.255.13.11043

Foreign Address 131.108.255.6.179 131.108.1.2.179 131.108.255.14.179

(state) ESTAB ESTAB ESTAB

Pr a ct ica l Ex e r cise : EBGP a n d At t r ibu t e s N OTE Pr act ical Ex er cises ar e designed t o t est y our k now ledge of t he t opics cov er ed in t his chapt er . The Pr act ical Ex er cise begins by giv ing y ou som e infor m at ion about a sit uat ion and t hen ask s y ou t o w or k t hr ough t he solut ion on y our ow n. The solut ion can be found at t he end.

Using t he I P addr essing schem e pr ov ided and BGP4 as y our r out ing pr ot ocol, configure t he net w ork in Figur e 6- 6 for I P r out ing. Ensur e t hat bot h Rout er s R1 and R2 hav e full connect iv it y t o each ot her . Use t he ping com m and t o ensur e t hat all net w or ks ar e r eachable. You m ust use BGP4 as your dynam ic r out ing pr ot ocol. Ensur e t hat all r out es r eceiv ed by R2 ar e t agged as follow s:

Figu r e 6 - 6 . EBGP Topology

290

• • • •

All All All All

even rout es have w eight set t o 100. odd r out es hav e w eight set t o 200. even rout es have MED set t o 100. odd r out es have MED set t o 200.

Pr a ct ica l Ex e r cise Solut ion You w ill not ice t hat all t he I P addr essing schem es ar e / 24, ex cept for t he ser ial link bet w een R1 and R2. The serial link cont ains a m ask, 255.255.255.252 or / 30. BGP has no issues w it h VLSM. The 16 loopbacks on R1 ar e adver t ised t o R2 using t he r e d ist r ib u t e con n e ct e d com m and. The no- a u t o su m m a r y com m and ensur es t hat R2 sees all 16 individual r out es. The access list on R2 m ust be set w it h a m ask of 0.0.254.255, or all ev en net w or k s m at ch t hese cr it er ia. The dual- pat h connect ions bet w een R1 and R2 allow r edundancy. Ther e ar e t w o EBGP sessions bet w een R1 and R2; t herefore, t he rout e m ap on R2 is applied t o bot h EBGP peers in case of link failure. Ex am ples 6- 80 and 6- 81 display t he full w or king configur at ion on R1 and R2, r espect iv ely . Tak e not e of t he shaded sect ions, as t hey cont ain cr it ical I OS com m ands t hat ensur e t he desir ed solut ion is achiev ed.

Ex a m ple 6 - 8 0 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Loopback0 ip address 131.108.110.1 255.255.255.0

291

! interface Loopback1 ip address 131.108.101.1 255.255.255.0 ! interface Loopback2 ip address 131.108.102.1 255.255.255.0 ! interface Loopback3 ip address 131.108.103.1 255.255.255.0 ! interface Loopback4 ip address 131.108.104.1 255.255.255.0 ! interface Loopback5 ip address 131.108.105.1 255.255.255.0 ! interface Loopback6 ip address 131.108.106.1 255.255.255.0 ! interface Loopback7 ip address 131.108.107.1 255.255.255.0 ! interface Loopback8 ip address 131.108.108.1 255.255.255.0 ! interface Loopback9 ip address 131.108.109.1 255.255.255.0 ! interface Loopback10 ip address 131.108.111.1 255.255.255.0 ! interface Loopback11 ip address 131.108.112.1 255.255.255.0 ! interface Loopback12 ip address 131.108.113.1 255.255.255.0 ! interface Loopback13 ip address 131.108.114.1 255.255.255.0 ! interface Loopback14 ip address 131.108.115.1 255.255.255.0 ! interface Loopback15 ip address 131.108.116.1 255.255.255.0 ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! interface Serial1/0 shutdown ! interface Serial1/1 shutdown ! interface Serial1/2 ip address 131.108.255.1 255.255.255.252

292

! interface Serial1/3 ip address 131.108.255.5 255.255.255.252 ! router bgp 1 redistribute connected metric 100 neighbor 131.108.255.2 remote-as 2 neighbor 131.108.255.6 remote-as 2 no auto-summary line con 0 line aux 0 line vty 0 4 ! end Ex am ple 6- 81 sh ow s t he R2's full w or k ing configur at ion.

Ex a m ple 6 - 8 1 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup interface Ethernet0/0 ip address 161.108.1.1 255.255.255.0 interface Serial1/0 shutdown ! interface Serial1/1 shutdown ! interface Serial1/2 ip address 131.108.255.2 255.255.255.252 clockrate 128000 ! interface Serial1/3 ip address 131.108.255.6 255.255.255.252 clockrate 128000 ! router bgp 2 network 161.108.1.0 mask 255.255.255.0 neighbor 131.108.255.1 remote-as 1 neighbor 131.108.255.1 route-map setweight in neighbor 131.108.255.5 remote-as 1 neighbor 131.108.255.5 route-map setweight in no auto-summary ! access-list 1 permit 131.108.0.0 0.0.254.0 ! route-map setweight permit 10 match ip address 1 set local-preference 100 set weight 100 !

293

route-map setweight permit 20 set local-preference 200 set weight 200 ! line con 0 line aux 0 line vty 0 4 ! end

Re v ie w Qu e st ion s The follow ing quest ions ar e based on m at er ial cov er ed in t his chapt er . The answ er s t o t hese quest ion can be found in Appendix C, “ Answ er s t o Rev iew Quest ions.”

1:

Which I OS com m and clear s all BGP sessions on a Cisco r out er ?

2:

Which I OS com m and is used t o enable BGP4 on a Cisco r out er ?

3:

Ex am ple 6- 82 display s t he out put fr om t he sh o w t cp b r ie f com m and. How m any BGP sessions ar e in use?

Ex a m ple 6 - 8 2 sh ow t cp br ie f R2>show tcp brief TCB Local Address 613EE508 131.108.255.6.11009 613ED584 131.108.255.2.11008 611654BC 161.108.1.1.23 4:

Foreign Address 131.108.255.5.179 131.108.255.1.179 131.108.255.1.11051

(state) ESTAB ESTAB ESTAB

Which pat h is chosen t o t he r em ot e net w or k 131.108.1.0/ 24 in Ex am ple 6- 83? Use Ex am ple 6- 83 t o answ er quest ions 4- 6. Ex am ple 6- 83 display s t he BGP t able on a Cisco BGP rout er.

Ex a m ple 6 - 8 3 sh ow ip bgp R2>show ip bgp BGP table version is 21, local router ID is 161.108.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * 131.108.1.0/24 131.108.255.5 100 200 200 1 ? *> 131.108.255.1 100 200 200 1 ? * 131.108.101.0/24 131.108.255.5 100 200 200 1 ? *> 131.108.255.1 100 200 200 1 ? *> 161.108.1.0/24 0.0.0.0 0 32768 i 5:

Whic h aut onom ous sy st em does t he net w or k 131.108.101.0/ 24 or iginat e from ?

294

6:

What is t he m et r ic and local pr efer ence for t he r em ot e net w or k 131. 108. 101. 0/ 24?

7:

Ex am ple 6- 84 display s t he out put fr om t he sh ow ip b g p su m m a r y com m and for a Cisco BGP- enabled r out er . What is t he BGP aut onom ous sy st em t hat R2 resides in? How m any BGP sessions are act ive, and w hat version of BGP is configured on t he rout er nam ed R2?

Ex a m ple 6 - 8 4 sh ow ip b g p su m m a r y on R2 R2>show ip bgp summary BGP router identifier 161.108.1.1, local AS number 2 BGP table version is 21, main routing table version 21 20 network entries and 39 paths using 3028 bytes of memory 4 BGP path attribute entries using 432 bytes of memory BGP activity 61/41 prefixes, 119/80 paths Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 131.108.255.1 4 1 2755 2699 21 0 0 1d20h 19 131.108.255.5 4 1 2755 2699 21 0 0 1d20h 19 8:

On a Cisco r out er , w hat v alue is pr efer r ed, higher or low er w eight , and w hat is t he r ange of v alues for w eight ?

9:

What are t he t erm s peer or neighbor used t o describe in BGP?

10:

What is t he BGP t able?

Su m m a r y You can now begin t o apply t his k now ledge t o t he m or e com plex scenar ios found in t he next chapt er . You lear ned how t o successfully configur e I BGP and EBGP, along w it h t echniques used t o load balance BGP using st at ic r out es. The BGP pr inciples pr esent ed in t his chapt er 's Pr act ical Exer cise w ill benefit you in t he next chapt er 's adv anced BGP scenar ios. Table 6- 3 sum m arizes t he BGP com m ands used in t his chapt er.

Table 6-3. Summary of IOS Commands Command

Purpose

r ou t e r bgp num ber

Enables BGP r out ing pr ot ocol

n e ig h b o r r em ot e I P addr ess r e m ot e - a s as

Configures a BGP TCP peer

sh ow ip b g p

Displays BGP t able

{ no } sy n ch r on iz a t ion

Enables or disables ( no) BGP synchr onizat ion

sh ow ip bgp n e igh bor s

Display s t he st at us of BGP TCP peer sessions

295

sh ow ip b g p su m m a r y

Displays st at us of BGP TCP peer sessions in sum m ar y for m at

296

Ch a pt e r 7 . Adva n ce d BGP This chapt er focuses on t he adv anced feat ur es of Bor der Gat ew ay Pr ot ocol Ver sion 4 ( BGP4) and builds on t he m at erial present ed in Chapt er 6, “ Basic Bor der Gat ew ay Pr ot ocol.” This chapt er cov er s BGP4 in ev en gr eat er det ail t han t he CCNP Rout ing Ex am does in or der t o ensur e t hat y ou hav e a good appr eciat ion for how net w or k s ar e connect ed t o t he I nt er net . BGP is a r out ing pr ot ocol designed for use in lar ge I P net w or k s. The fiv e pr act ical scenar ios in t his chapt er com plet e y our under st anding and ensur e t hat y ou hav e adv anced BGP net w or k ing k now ledge t o com plem ent y our under st anding of t oday 's m ost w idely used net w or k ing pr ot ocol, I P.

Sca la b ilit y w it h Bor d e r Ga t e w a y Pr ot ocol ( BGP4 ) BGP is a com plex rout ing prot ocol t hat requires t hat all rout ers be fully m eshed in an I nt er nal BGP ( I BGP) net w or k . To m aint ain accur at e and up- t o- dat e inform at ion in I BGP net w orks, all rout ers m ust peer t o one anot her. Consider a net w or k consist ing of 100 r out er s. Hav ing t his m any r out er s leads t o a lar ge num ber of TCP BGP peer s. I n fact , y ou can easily calculat e t he num ber of peer s by using t he for m ula n( n- 1) / 2, w her e n is t he num ber of BGP r out er s. N OTE To av oid r out ing loops, BGP only pr opagat es updat es lear ned fr om I BGP connect ions t o ot her I BGP sessions t hat are fully m eshed. Fully m eshed net w or ks cont ain a BGP peer t o every BGP speaker in t he net w ork.

For a 100- r out er net w or k , t her e ar e 100( 100- 1) / 2 = 100( 99) / 2 = 4950 TCP peers. I BGP w or ks w ell in sm all net w or ks, and as t he net w or k gr ow s even t o j ust 100 r out er s, t he scalabilit y and administ r at ion of BGP becom es a t ask you m ust car efully consider. BGP deals w it h large BGP net w orks using t w o m et hods: • •

Rout e r eflect or s Confeder at ions ( adv anced for m of r out e r eflect or s; confeder at ions ar e bey ond t he scope of t his chapt er . )

Rout e r eflect or s ar e used t o addr ess t he scalabilit y issues in lar ge I BGP net w or ks. A r out e r eflect or is a BGP r out er configur ed t o for w ar d r out ing updat es t o BGP peer s w it hin t he sam e aut onom ous sy st em ( AS) . Rout e r eflect or s ar e not used in Ex t er nal BGP ( EBGP) sessions. Figur e 7- 1 displays a sim ple four- rout er net w ork running I BGP.

297

Figu r e 7 - 1 . Fou r- Rou t e r I BGP N e t w or k

The num ber of I BGP sessions r equir ed t o m aint ain full connect iv it y in t he net w or k in Figur e 7- 1 is 4( 3) / 2 = 6 I BGP sessions. By using r out e r eflect or s, y ou can r educe t he num ber of I BGP sessions fr om six t o t hr ee ( a 50 per cent r educt ion) . Figur e 7- 2 displays R1 r eflect ing ( r out e r eflect or ) BGP rout ing inform at ion t o R2, R3, and R4.

Figu r e 7 - 2 . R1 Con figu r e d a s Rou t e Re fle ct or

298

Sim ilar ly , for a net w or k consist ing of 100 r out er s, inst ead of 4950 I BGP TCP sessions ( fully m eshed) , using r out e r eflect or s can r educe t his num ber t o 99 I BGP sessions ( a 98 per cent r educt ion) . I n r ealit y , w hat happens is t hat a r out er or r out er s r unning BGP becom e t he focal point for dissem inat ing r out ing infor m at ion, and t hese rout ers are called rout e r eflect or s. The r out er s on t he edge ar e t er m ed t he r out er r eflect or client s ( or j ust client s) . The level of com plexit y, m anageabilit y, and scalabilit y concer ns in a lar ge BGP net w or k can be ov er com e by specify ing a cor e rout er( s) , also know n as a rout e r eflect or , t o per for m cor e r out ing funct ions, such as r out ing updat es t o all edge r out er s. Rout e r eflect or s r educe t he need t o configur e I BGP ( full- m esh) large net w orks. TI P Clust er is a t erm used t o describe a rout e reflec t or and t he client s. For ex am ple, t he four rout ers in Figur e 7- 2 for m a BGP clust er . Confeder at ions ar e anot her w ay of dealing w it h t he explosion of an I BGP net w or k and ar e t y pically used in net w or k s t hat cont ain t housands of I BGP peer s. The concept of confeder at ions is based on m ult iple subaut onom ous sy st em s.

The follow ing ar e t he char act er ist ics of r out er r eflect or s: • • • • • • • •

Rout e r eflect or configur at ion is enabled only on t he r out e r eflect or ; client s ar e configur ed nor m ally as I BGP peer s. The usual BGP rout ing algorit hm is applied t o all BGP rout es t o ensure a loopfr ee t opology . Rout e r eflect or s pr eser ve all BGP at t r ibut es. Updat es ar e sent fr om t he r out e r eflect or t o all c lient s. Client s r eceiv e all updat es fr om t he r out e r eflect or only . I n any clust er, t here m ust be at least one rout e reflect or. Nonclient s ( not part of a clust er) m ust st ill be fully m eshed t o m aint ain full connect iv it y . All updat es cont ain t he or igin a t or- I D at t r ibut e, w hich ensur es a loop- fr ee t opology , in w hich t he r out e r eflect or ignor es any updat e it r eceiv es w it h it s ow n or iginat or- I D.

Con figu r in g Rou t e Re fle ct or s Configur ing r out e r eflect or s is a r elat iv ely st r aight for w ar d ex er cise. On t he r out e reflect or, apply t he follow ing I OS com m and t o all I BGP peers:

neighbor ip-address route-reflector-client Next , configure t he four rout ers in Figur e 7- 2 for r out e r eflect or s wit h R1 configured as t he rout e reflect or.

299

Ex am ple 7- 1 display s t he configur at ion on R1, w hich is configur ed as t he r out e r eflect or , t o R2 ( peer addr ess 131.108.2.2) , R3 ( peer address ( 131.108.3.2) , and R4 ( peer addr ess 131.108.4.2) .

Ex a m ple 7 - 1 Con figu r a t ion on R1 for Rou t e Re fle ct ion router bgp 1 ! Connection to R2 neighbor 131.108.2.2 neighbor 131.108.2.2 ! connection to R3 neighbor 131.108.3.2 neighbor 131.108.3.2 ! Connection to R4 neighbor 131.108.4.2 neighbor 131.108.4.2

remote-as 1 route-reflector-client remote-as 1 route-reflector-client remote-as 1 route-reflector-client

Ex am ple 7- 1 displays t he r out e r eflect or I OS com m and point ing t o R2, R3, and R4. Also, w henev er y ou configur e r out e r eflect or s, y ou m ust st ill configur e t he I BGP session indicat ing t he I BGP peer t o R2, R3, and R4. Hence, R1 is configur ed as an I BGP peer t o all client s, as you w ould nor m ally configur e an I BGP net w or k. The benefit s of using r out e r eflect or s include t he follow ing: • • • • •

Addr essing of scalabilit y issues Enables a hier ar chical design Reduces t he num ber of TCP peer s and, t her efor e, t he am ount of t r affic acr oss WAN cir cuit s Fast conv er gence in pr opagat ion of infor m at ion Pr ov ides easier t r oubleshoot ing as t he infor m at ion is t y pically sent fr om one sou r ce

Filt ering is vit al t o any large BGP net w ork, and t o allow t he net w ork designer flexibilit y, BGP c an be filt ered using t he follow ing m et hods: • • •

Acce ss list s — Used w hen configur ing r out e m aps and filt er ing net w or ks based on I P net w or k s using filt er- based list s D ist r ibu t e list s — Filt er incom ing or out going I P net w orks Pr e fix list s— Filt er infor m at ion based on t he pr efix of any addr ess, for ex am ple, all net w or k s st ar t ing w it h 131.108.0.0

Prefix list s are a new and a m ore efficient w ay of ident ifying rout es for m at ching and filt er ing BGP infor m at ion. Pr efix list s ar e efficient because BGP r out er s per for m look ups on only t he pr efix ( beginning) addr ess and can m ak e fast er r out ing decisions. For exam ple, you m ight w ant t o accept all net w or ks in t he r ange 4.0.0.0 t o 4.255.255.255 and r ej ect all ot her net w or k s. I n t his case, a pr efix list accom plishes t his t ask efficient ly and easily . Use t he follow ing I OS com m and t o enable a pr efix list :

ip prefix-list list-name [seq seq value] {deny | permit} network | len [ge ge-value] [le le-value]

300

To apply a prefix list t o a BGP peer, t he follow ing I OS com m and synt ax is r equir ed:

neighbor {ip address | peer-group} prefix-list prefix-list-name {in | out} To ver ify pr efix list configur at ion, use t he sh ow ip pr e fix - list com m and in ex ec m ode. Table 7- 1 displays som e com m on pr efix list exam ples used in t oday's lar ge BGP net w orks.

Table 7-1. Prefix List Examples Using the Prefix Name CCNP Filtering required

Example IOS command

Deny default r out es

ip prefix - list ccn p d e n y 0 .0 .0 .0 / 0

Per m it a default r out e

ip prefix - list ccn p p e r m it 0 .0 .0 .0 / 0

Per m it exact pr efix 30.0.0.0/ 8

ip prefix - list ccn p p e r m it 3 0 .0 .0 .0 / 8

Deny m ask lengt hs great er t han 25 bit s in rout es w it h a prefix of 131/ 8

ip prefix - list ccn p d e n y 1 3 1 .0 .0 .0 / 8 ge 2 5

Per m it mask lengt hs fr om 8 t o 24 bit s in all addr ess spaces

ip prefix - list ccn p p e r m it 0 .0 .0 .0 / 0 ge 8 le 2 4

M u lt ih om in g Con n e ct ion s t o t h e I n t e r n e t Today , m ost or ganizat ions hav e one or m or e connect ions t o t he I nt er net . When a com pany connect s t w o or m or e connect ions t o t he I nt er net , t he BGP connect ion bet w een t he com pany and t he I SP is t er m ed a m ult ihom ed connect ion. Connect ions can be t o t he sam e I SP; how ev er , t y pically , for r edundancy , t hey ar e connect ed t o t w o differ ent I SPs. This pr esent s a pr oblem because, in pr act ice, t w o or m or e connect ions pr ov ide t he sam e BGP r out ing infor m at ion, and t he BGP net w or k designer m ust ensur e t hat t he I SPs do not use t he com pany 's net w or k as a t r ansit , specific r out ing infor m at ion is not r eceiv ed t hr ough t heir I nt er net connect ion, and only a default r out e is accept ed. Rem em ber , r out ing inv olv es k now ing only t he nex t hop and not t he full pat h t o a r em ot e dest inat ion; as long as a nex t hop r out er ex ist s, t r affic t r ansv er ses t he I nt er net . I t is not uncom m on t o accept a full BGP r out ing t able, but in pr act ice, t his has lit t le or no v alue because all t r affic t o a default r out e is sent t hr ough t he I SP connect ion. Anot her pr im ar y concer n of a m ult ihom ed connect ion is r edist r ibut ing int er ior r out ing pr ot ocols int o BGP. You can use t hr ee basic m et hods t o accom plish t his t ask:

301

• •

•

n e t w or k com m a n d— As you saw in Chapt er 6, t he n e t w or k com m and enables y ou t o adv er t ise net w or k s t o ot her BGP r out er s. r e d ist r ib u t ion com m a n d — To avoid rout ing loops, you m ust be careful w hen you configur e r edist r ibut ion fr om one int er ior pr ot ocol t o and fr om BGP . Rout e m aps ar e t ypically used t o ensur e t hat only t he cor r ect net w or ks ar e sent t o t he I SP and v ice v er sa. St a t ic r ou t e s— Ty pically , st at ic r out es ar e used t o send all t r affic t o unk now n dest inat ions t hr ough t he I SP connect ion. The I SP, on t he ot her hand, has t he net w or k in t he BGP t able, so t r affic fr om t he I nt er net can be dir ect ed t o t he cor r ect out going int er face.

Sce n a r i os The follow ing scenar ios ar e designed t o in t his chapt er and som e of t he cont ent pr act ice labs. Ther e is no one r ight w ay and t he abilit y t o use good pr act ice and r eal- life design or solut ion.

dr aw t oget her som e of t he cont ent descr ibed y ou hav e seen in y our ow n net w or k s or t o accom plish m any of t he t ask s pr esent ed, define your end goal ar e im por t ant in any

The fiv e scenar ios pr esent ed in t his chapt er ar e based on com plex BGP t echnologies so t hat you becom e fully aw are of t he pow erful nat ure of BGP in large I P net w or k s.

Sce n a r io 7 - 1 : Con f ig u r in g Rou t e Re f le ct or s Configur e t he four - rout er t opology in Figur e 7- 3 for I BGP using r out e r eflect or s w it h R1 as t he r out e r eflec t or and R2, R3, and R4 as t he client s. To r educe TCP t r affic am ong all BGP- speak ing r out er s, ensur e t hat t he m inim um num ber of peer s ex ist .

Figu r e 7 - 3 . Fou r- Rou t e r Topology w it h Rou t e Re fle ct or s

302

Figur e 7- 3 displays a sim ple four- r out er t opology in AS 333. Also, not ice t hat t he Class B address 131.1.08.0.0 is used t hr oughout t his net w or k . Ty pically , in a w elldesigned I P net w or k , t he designer applies a hier ar chical I P addr ess design t o ensur e t hat all I P address space is used efficient ly. The WAN links bet w een R1 and R2, for exam ple, use a 30- bit subnet m ask, allow ing for only t w o host s. R1 is configur ed as t he r out e r eflect or , and R2, R3, and R4 ar e t he client s. First , you m ust configure I BGP on Rout er R1. Ex am ple 7- 2 display s t he I BGP configurat ion on R1.

Ex a m ple 7 - 2 R1 I BGP Con figu r a t ion R1(config)#router bgp 333 ! Peer to R2 R1(config-router)#neighbor 131.108.1.2 remote-as 333 ! Peer to R3 R1(config-router)#neighbor 131.108.255.6 remote-as 333 ! Peer to R4 R1(config-router)#neighbor 131.108.255.2 remote-as 333 R1 is t he rout e reflect or, so you m ust configure R1 t o reflect BGP inform at ion t o R2, R3, and R4. Ex am ple 7- 3 display s t he configur a t ion w it h R1 as a rout e reflect or.

Ex a m ple 7 - 3 R1 Rou t e Re fle ct or Con figu r a t ion R1(config)#router bgp 333 ! RR to R2 R1(config-router)#neighbor 131.108.1.2 route-reflector-client ! RR to R3 R1(config-router)#neighbor 131.108.255.6 route-reflector-client ! RR to R4 R1(config-router)#neighbor 131.108.255.2 route-reflector-client Ex am ple 7- 4 display s t he BGP neighbor s on R1 in sum m ar y for m at .

Ex a m ple 7 - 4 sh ow ip b g p su m m a ry Com m a n d on R1 R1#show ip bgp summary BGP router identifier 131.108.255.5, local AS number 333 BGP table version is 3, main routing table version 3 3 network entries and 3 paths using 363 bytes of memory 1 BGP path attribute entries using 92 bytes of memory BGP activity 6/3 prefixes, 7/4 paths Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ State/PfxRcd 131.108.1.2 4 333 15 13 1 0 0 1 131.108.255.2 4 333 10 12 3 0 2 0 131.108.255.6 4 333 13 13 2 0 0 2

Up/Down 00:00:03 00:00:00 00:00:01

Ex am ple 7- 4 show s t hat t hr ee r em ot e peer s, t o R2 ( 131.108.1.2) , R3 ( 131.108.255.6) , and R4 ( 131.108.255.2) , ar e est ablished.

303

Ex am ple 7- 5 displays t he BGP t able on R1.

Ex a m ple 7 - 5 sh ow ip b g p Com m a n d on R1 R1#show ip bgp BGP table version is 5, local router ID is 131.108.255.5 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 131.108.1.0/24 0.0.0.0 0 32768 i * i 131.108.1.2 0 100 0 i * i131.108.3.0/24 131.108.255.6 0 100 0 i * i131.108.4.0/24 131.108.255.2 0 100 0 i *>i131.108.255.0/30 131.108.255.2 0 100 0 i *>i131.108.255.4/30 131.108.255.6 0 100 0 i R1 dy nam ically lear ns t he r em ot e net w or k s 131.108.3.0/ 24 and 131.108.4.0/ 24. The I P t able on R1, how ev er , display s som et hing quit e differ ent . Ex am ple 7- 6 displays t he I P rout ing t able on R1.

Ex a m ple 7 - 6 sh ow ip r ou t e on R1 R1>show ip route 131.108.0.0/16 is variably subnetted, 3 subnets, 2 masks C 131.108.255.0/30 is directly connected, Serial1/1 C 131.108.255.4/30 is directly connected, Serial1/0 C 131.108.1.0/24 is directly connected, Ethernet0/0 The R1 r out ing t able cont ains no BGP ent r ies because, w it h r out e r eflect or s, I BGP does not insert any net w or k int o t he I P r out ing t able due t o synchr onizat ion. I n t his sim ple case, y ou hav e no ot her I GP configur ed, so y ou m ust disable sy nchr onizat ion. Disable synchronizat ion on R1, R2, R3, and R4. Ex am ple 7- 7 display s disabling synchr onizat ion on Rout er R1; t he sam e com m and should be com plet ed on all four rout ers in Figur e 7- 3.

Ex a m ple 7 - 7 D isa blin g Sy n ch r on iz a t ion on R1 R1(config)#router bgp 333 R1(config-router)#no synchronization The I P rout ing t able on R1 is displayed in Ex am ple 7- 8.

Ex a m ple 7 - 8 sh ow ip r ou t e on R1 R1#show ip route Codes: C - connected, B - BGP 131.108.0.0/16 is variably subnetted, 5 subnets, 2 masks C 131.108.255.0/30 is directly connected, Serial1/1 C 131.108.255.4/30 is directly connected, Serial1/0 B 131.108.4.0/24 [200/0] via 131.108.255.2, 00:00:32 B 131.108.3.0/24 [200/0] via 131.108.255.6, 00:00:32 C 131.108.1.0/24 is directly connected, Ethernet0/0

304

R1 can now r each t he t w o r em ot e net w or k s: 131.108.3.0/ 24 ( R3) and 131.108.4.0/ 24 ( R4) . Ver ify t hat R2 can also r each t hese net w or k s because R2 is a r out e r eflect or client . Ex am ple 7- 9 displays t he I P rout ing t able on R2.

Ex a m ple 7 - 9 sh ow ip r ou t e on R2 R2#show ip route C 131.108.1.0 is directly connected, Ethernet0/0 R2, ev en t hough sy nchr onizat ion is disabled, has no r em ot e BGP ent r ies. To discov er why, view t he BGP t able on R2. Ex am ple 7- 10 displays t he BGP t able on R2.

Ex a m ple 7 - 1 0 sh ow ip b g p a n d sh ow ip r ou t e on R2 R2#show ip bgp BGP table version is 3, local router ID is 131.108.7.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop *> 131.108.1.0/24 0.0.0.0 * i 131.108.1.1 * i131.108.3.0/24 131.108.255.6 * i131.108.4.0/24 131.108.255.2 * i131.108.255.0/30 131.108.255.2 * i131.108.255.4/30 131.108.255.6 R2#show ip route 131.108.255.6 % Subnet not in table R2#show ip route 131.108.255.2 % Subnet not in table

Metric LocPrf Weight Path 0 32768 i 0 100 0 i 0 100 0 i 0 100 0 i 0 100 0 i 0 100 0 i

Ex am ple 7- 10 display s t he r em ot e ent r ies pr esent in R2's BGP t able w it h a next hop addr ess t hat is not r out able. I n ot her w or ds, BGP does not inser t any r em ot e net w or k w hen t he nex t hop addr ess is not r out able. To fix t his, configur e R1 t o advert ise t he WAN links t o R2 and R3. Ex am ple 7- 11 displays t he configurat ion on R1.

Ex a m ple 7 - 1 1 Adve r t isin g W AN lin k s on R1 R1(config)#router bgp 333 R1(config-router)#network 131.108.255.0 mask 255.255.255.252 R1(config-router)#network 131.108.255.4 mask 255.255.255.252 Aft er y ou clear all t he BGP sessions on R1 w it h t he cle a r ip bgp * com m and, t he BGP t able on R2 displays t he rem ot e BGP ent ries in it s I P rout ing t able. Ex am ple 7- 12 display s t he I P r out ing t able on R2 and som e successful ping r equest s t o R3 E0 ( 131.108.3.1/ 24) and R4 E0 ( 131.108.4.1/ 24) .

Ex a m ple 7 - 1 2 sh ow ip bgp on R2 a n d pin g on R2 R2#show ip route 131.108.0.0/16 is variably subnetted, 5 subnets, 2 masks

305

B 131.108.255.0/30 [200/0] via 131.108.1.1, 00:02:58 B 131.108.255.4/30 [200/0] via 131.108.1.1, 00:02:58 B 131.108.4.0/24 [200/0] via 131.108.255.2, 00:03:25 B 131.108.3.0/24 [200/0] via 131.108.255.6, 00:03:20 C 131.108.1.0/24 is directly connected, Ethernet0/0 R2#ping 131.108.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.3.1, timeout is 2 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = R2#ping 131.108.4.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.4.1, timeout is 2 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max =

seconds: 16/16/20 ms

seconds: 16/16/20 ms

Ex am ple 7- 12 display s t he r em ot e BGP ent r ies on R2, a successful ping r equest , and a reply t o t he rem ot e net works at t ached t o R3 and R4. Befor e you consider a m or e com plex r out e r eflect or scenar io, her e ar e t he full w or king configur at ions on all four r out er s. Take par t icular not e of t he shaded sect ions, w hich cont ain cr it ical com m ands, especially on R1, t he r out e r eflect or . Ex am ple 7- 13 display s R1's full w or k ing configur at ion.

Ex a m ple 7 - 1 3 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 ! enable password cisco ! ip subnet-zero no ip domain-lookup interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! interface Serial1/0 ip address 131.108.255.5 255.255.255.252 clockrate 128000 ! interface Serial1/1 ip address 131.108.255.1 255.255.255.252 ! router bgp 333 no synchronization network 131.108.1.0 mask 255.255.255.0 network 131.108.255.0 mask 255.255.255.252 network 131.108.255.4 mask 255.255.255.252 neighbor 131.108.1.2 remote-as 333 neighbor 131.108.1.2 route-reflector-client neighbor 131.108.255.2 remote-as 333 neighbor 131.108.255.2 route-reflector-client neighbor 131.108.255.6 remote-as 333 neighbor 131.108.255.6 route-reflector-client line con 0 line aux 0

306

line vty 0 4 end Ex am ple 7- 14 display s R2's full w or k ing configur at ion.

Ex a m ple 7 - 1 4 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 ! R2 is a RR client to R1 router bgp 333 no synchronization network 131.108.1.0 mask 255.255.255.0 neighbor 131.108.1.1 remote-as 333 line con 0 line aux 0 line vty 0 4 end Ex am ple 7- 15 display s R3's full w or k ing configur at ion.

Ex a m ple 7 - 1 5 R3 ' s Fu ll W or k in g Con figu r a t ion hostname R3 ! enable password cisco ! no ip domain-lookup ! interface Ethernet0 ip address 131.108.3.1 255.255.255.0 ! interface Serial0 ip address 131.108.255.6 255.255.255.252 bandwidth 125 ! interface Serial1 shutdown router bgp 333 no synchronization network 131.108.3.0 mask 255.255.255.0 network 131.108.255.4 mask 255.255.255.252 neighbor 131.108.255.5 remote-as 333 ! line con 0 line aux 0 line vty 0 4 end

307

Ex am ple 7- 16 displays R4's full w or k ing configur at ion.

Ex a m ple 7 - 1 6 R4 ' s Fu ll W or k in g Con figu r a t ion hostname R4 ! enable password cisco ! ip subnet-zero no ip domain-lookup interface Ethernet0 ip address 131.108.4.1 255.255.255.0 ! interface Serial0 bandwidth 125 ip address 131.108.255.2 255.255.255.252 clockrate 125000 ! interface Serial1 shutdown ! router bgp 333 no synchronization network 131.108.4.0 mask 255.255.255.0 network 131.108.255.0 mask 255.255.255.252 neighbor 131.108.255.1 remote-as 333 line con 0 line aux 0 line vty 0 4 ! end

Sce n a r io 7 - 2 : Con figu r in g Adva n ce d BGP Rou t e Re fle ct or s Figur e 7- 4 display s a t y pical dual- hom ed BGP net w or k and ex pands upon t he net work in Scenar io 7- 1. OSPF is t he int erior rout ing prot ocol used on rout ers R1 – R5, and each r out er is assigned a loopback addr ess of t he for m 131.108.254.1 for R1, 131.108.254.2 for R2, 131.108.25 3.3 for R3, 131.108.254.4 for R4, and 131.108.254.5 for R5.

Figu r e 7 - 4 . Sce n a r io 7 - 2 Ph y sica l Topology

308

Ensur e t hat as long as t her e is I P connect iv it y , t he I BGP sessions ar e est ablished t o R1 and R2. The t w o r out er s, R1 and R2, have one connect ion t o t he I nt er net t hr ough Ser ial 1/ 0. Figur e 7- 4 display s t he phy sical t opology . Assum e t he Rout ers R1– R5 ar e par t of a lar ge com pany and r out e r eflect or s ar e configured on R1 and R2 for redundancy purposes. Figur e 7- 5 display s t he I BGP and EBGP connect ions logically .

Figu r e 7 - 5 . BGP Log ica l Con n e ct ion s

309

The prim ary pat h for t he edge rout ers R3, R4, and R5 is t hrough R1; if R1 fails, t he prim ary pat h is t hrough R2. Hence, R1 and R2 are bot h configured as rout er r eflect or s t o pr ov ide r edundancy . Enable OSPF on t he I GP r out er s by enabling all int er faces in ar ea 0, so y ou can t ak e adv ant age of loopback s for t he sour ce and dest inat ion addr ess for all I BGP peer sessions. Ex am ple 7- 17 configures all I P- enabled int er faces on R1 in area 0.

Ex a m ple 7 - 1 7 R1 OSPF Con figu r a t ion R1(config)#router ospf 1 R1(config-router)# network 0.0.0.0 255.255.255.255 area 0 Configur e t he sam e t w o com m ands on R2– R5 t o enable OSPF as t he I GP. Next , configur e I BGP on R1 and use t he loopback addr esses as t he nex t hop addr esses because as long as y ou hav e I P connect iv it y , BGP should r em ain act iv e. I n fact , good I BGP design alw ay s uses loopback s so t hat one r out ing failur e does not r esult in loss ( TCP fails) of I BGP connect iv it y . Ex am ple 7- 18 configures I BGP on R1 t o act as a rout e reflect or t o R3, R4, and R5 using t he loopback int er faces as t he sour ce and peer addr esses. OSPF is used as t he I GP t o ensur e I P connect ivit y am ong all loopback int er faces.

Ex a m ple 7 - 1 8 I BGP on R1 router bgp 333 network 131.108.1.0 mask 255.255.255.0 neighbor 131.108.254.2 remote-as 333 neighbor 131.108.254.2 update-source Loopback0 neighbor 131.108.254.3 remote-as 333 neighbor 131.108.254.3 update-source Loopback0 neighbor 131.108.254.3 route-reflector-client neighbor 131.108.254.4 remote-as 333 neighbor 131.108.254.4 update-source Loopback0 neighbor 131.108.254.4 route-reflector-client neighbor 131.108.254.5 remote-as 333 neighbor 131.108.254.5 update-source Loopback0 neighbor 131.108.254.5 route-reflector-client Ex am ple 7- 18 display s t he local adv er t isem ent of t he net w or k 131.108.1.0 on R1 and displays t he enabling of R1 t o reflect BGP inform at ion t o R3, R4, and R5. For r edundancy pur poses, R1 is configur ed t o peer t o R2 but not as a r out e r eflect or . R1 is configur ed t o peer t o t he loopback int er faces t o ensur e t hat as long as t her e is I P connect iv it y , BGP is est ablished. Ex am ple 7- 19 displays t he configur at ion of R2 as a backup r out e r eflect or t o R3, R4, and R5.

Ex a m ple 7 - 1 9 I BGP on R2 router bgp 333

310

network 131.108.1.0 mask 255.255.255.0 neighbor 131.108.254.1 remote-as 333 neighbor 131.108.254.1 update-source Loopback0 neighbor 131.108.254.3 remote-as 333 neighbor 131.108.254.3 update-source Loopback0 neighbor 131.108.254.3 route-reflector-client neighbor 131.108.254.4 remote-as 333 neighbor 131.108.254.4 update-source Loopback0 neighbor 131.108.254.4 route-reflector-client neighbor 131.108.254.5 remote-as 333 neighbor 131.108.254.5 update-source Loopback0 neighbor 131.108.254.5 route-reflector-client neighbor 131.108.255.2 remote-as 333 neighbor 131.108.255.2 update-source Loopback0 Ex am ple 7- 19 display s t he local adv er t isem ent of t he net w or k 131.108.1.0 on R2 and t he enabling of R2 t o reflect BGP inform at ion t o R3, R4, and R5. R2 is configured t o peer t o t he loopback int er faces t o ensur e t hat as long as t her e is I P connect iv it y , I BGP is est ablished. Next , configure one of t he edge rout ers, R3, for I BGP. Ex am ple 7- 20 displays t he I BGP configur at ion on R3 point ing t o R1 and R2. Because R3 is locally connect ed t o 131.108.3.0, use t he n e t w or k com m and t o adv er t ise t his net work t o R1 and R2.

Ex a m ple 7 - 2 0 I BGP on R3 router bgp 333 network 131.108.3.0 mask 255.255.255.0 neighbor 131.108.254.1 remote-as 333 neighbor 131.108.254.1 update-source Loopback0 neighbor 131.108.254.2 remote-as 333 neighbor 131.108.254.2 update-source Loopback0 R3 is configur ed nor m ally for I BGP t o R1 and R2. Aft er t he BGP peer sessions ar e est ablished on rout ers R4 and R5, you can t ake a look at t he BGP t ables. Ex am ple 7- 21 and Ex am ple 7- 22 display t he I BGP configurat ion on R4 and R5, r espect iv ely .

Ex a m ple 7 - 2 1 I BGP on R4 router bgp 333 network 131.108.4.0 mask 255.255.255.0 neighbor 131.108.254.1 remote-as 333 neighbor 131.108.254.1 update-source Loopback0 neighbor 131.108.254.2 remote-as 333 neighbor 131.108.254.2 update-source Loopback0

Ex a m ple 7 - 2 2 I BGP on R5 router bgp 333 network 131.108.5.0 mask 255.255.255.0 neighbor 131.108.254.1 remote-as 333

311

neighbor 131.108.254.1 update-source Loopback0 neighbor 131.108.254.2 remote-as 333 neighbor 131.108.254.2 update-source Loopback0 All t he rout ers in Figur e 7- 5 hav e I BGP peer s configur ed. Ex am ple 7- 23 display s t he BGP t able on t he client rout er R3.

Ex a m ple 7 - 2 3 sh ow ip bgp on R3 R3#show ip bgp Network *>i131.108.1.0/24 * i *> 131.108.3.0/24 *>i131.108.4.0/24 * i *>i131.108.5.0/24 * i

Next Hop 131.108.254.2 131.108.254.1 0.0.0.0 131.108.254.4 131.108.254.4 131.108.254.5 131.108.254.5

Metric LocPrf Weight Path 0 100 0 i 0 100 0 i 0 32768 i 0 100 0 i 0 100 0 i 0 100 0 i 0 100 0 i

R3's BGP t able has t he local net w or k 131.108.3.0/ 24 ( indicat ed w it h t he nex t of 0.0.0.0) . Also pr esent in t he BGP t able is t he r em ot e net w or k , 131.108.1.0/ 24, advert ised by R1 and R2. R4 advert ises 131.108.4.0/ 24, and R5 advert ises 131.108.5.0. To confir m I P connect iv it y, view t he I P rout ing t able on R3. Ex am ple 724 displays t he I P r out ing t able on R3; r em em ber t hat you have OSPF configur ed as t he I GP.

Ex a m ple 7 - 2 4 sh ow ip r ou t e o n R3 R3#show ip route Codes: C - connected, B - BGP, O - OSPF 131.108.0.0/16 is variably subnetted, 12 subnets, 3 masks O 131.108.255.0/30 [110/1581] via 131.108.255.5, 00:29:59, Serial0 O 131.108.254.1/32 [110/801] via 131.108.255.5, 00:29:59, Serial0 C 131.108.254.3/32 is directly connected, Loopback0 O 131.108.254.2/32 [110/811] via 131.108.255.5, 00:29:59, Serial0 O 131.108.254.5/32 [110/1582] via 131.108.255.5, 00:29:59, Serial0 C 131.108.255.4/30 is directly connected, Serial0 O 131.108.254.4/32 [110/1582] via 131.108.255.5, 00:29:59, Serial0 O 131.108.255.8/30 [110/1581] via 131.108.255.5, 00:29:59, Serial0 O 131.108.5.0/24 [110/1591] via 131.108.255.5, 00:04:22, Serial0 O 131.108.4.0/24 [110/1591] via 131.108.255.5, 00:04:22, Serial0 C 131.108.3.0/24 is directly connected, Ethernet0 O 131.108.1.0/24 [110/810] via 131.108.255.5, 00:04:10, Serial0 R3's I P r out ing t able displays t he r em ot e net w or ks 131.108.4.0/ 24 and 131.108.5. 0/ 24 discov er ed by OSPF ( indicat ed by t he O on t he left side of t he I P r out ing t able) . Even t hough BGP ( view t he BGP t able in Ex am ple 7- 23) has inser t ed t he r em ot e net w or k s, 131.108.1.0/ 24, 131.108.4.0/ 24, and 131.108.5.0/ 24, as OSPF discov er ed r out es, y ou need t o disable sy nchr onizat ion on all t he I BGP r out er s so

312

t hat BGP ent r ies ar e inser t ed int o t he I P r out ing t able t o see w het her t his solv es t he problem . Ex am ple 7- 25 display s t he disabling of sy nchr onizat ion on all fiv e r out er s.

Ex a m ple 7 - 2 5 D isa blin g Sy n ch r on iz a t ion on R1 – R5 R1(config)#router bgp 333 R1(config-router)#no synchronization R2(config)#router bgp 333 R2(config-router)#no synchronization R3(config)#router bgp 333 R3(config-router)#no synchronization R4(config)#router bgp 333 R4(config-router)#no synchronization R5(config)#router bgp 333 R5(config-router)#no synchronization Aft er you clear all I BGP sessions on R1 and R2 w it h t he cle a r ip b g p * com m and, you can expect t o see BGP rout ing ent ries in t he I P rout ing t able on R3. Exam ple 726 displays t he I P rout ing t able on R3.

Ex a m ple 7 - 2 6 sh ow ip r ou t e on R3 R3#show ip route 131.108.0.0/16 is variably subnetted, 12 subnets, 3 masks O 131.108.255.0/30 [110/1581] via 131.108.255.5, 01:04:33, Serial0 O 131.108.254.1/32 [110/801] via 131.108.255.5, 01:04:33, Serial0 C 131.108.254.3/32 is directly connected, Loopback0 O 131.108.254.2/32 [110/811] via 131.108.255.5, 01:04:33, Serial0 O 131.108.254.5/32 [110/1582] via 131.108.255.5, 01:04:33, Serial0 C 131.108.255.4/30 is directly connected, Serial0 O 131.108.254.4/32 [110/1582] via 131.108.255.5, 01:04:33, Serial0 O 131.108.255.8/30 [110/1581] via 131.108.255.5, 01:04:33, Serial0 O 131.108.5.0/24 [110/1591] via 131.108.255.5, 00:21:51, Serial0 O 131.108.4.0/24 [110/1591] via 131.108.255.5, 00:21:53, Serial0 C 131.108.3.0/24 is directly connected, Ethernet0 O 131.108.1.0/24 [110/810] via 131.108.255.5, 00:38:44, Serial0 The r eason t hat OSPF is chosen for t he pr efer r ed pat h is t hat OSPF has a low er adm inist r at iv e dist ance of 110, com par ed t o 200 for I BGP. Change t he default adm inist r at ive dist ance on all five r out er s so t hat int er nal BGP is t he pr efer r ed pat h in t his five- rout er net work. N OTE The sam e scenar io can be duplicat ed using EBGP, in w hich case, y ou use t he concept of a backdoor t o ensure t hat your I GP is t he preferred rout ing m et hod. For exam ple, if EBGP is configur ed bet w een t w o r out er s and OSPF is t he int er ior r out ing pr ot ocol, EBGP adm inist r at iv e dist ance is 20, far lower t han OSPF ( AD is 110) . By default , a low er AD is alw ays pr efer r ed; t her efor e, t he next hop addr ess is t he EBGP

313

connect ion. To change t his default behav ior w it hout t he changing AD v alues, use t he n e t w or k < net w or k subnet - m ask > b a ck d o o r com m and. Specify ing t he net w or k allow s t he r out er t o choose OSPF as t he pr efer r ed pat h r at her t han t he EBGP discov er ed pat h. Changing t he adm inist r at iv e dist ance is not alw ay s t he m ost desir able m et hod because all r out er s t ypically need m odificat ion, as in t his sc enario.

The I OS com m and t o change t he default BGP dist ance is as follow s:

distance bgp external-distance internal-distance local-distance The ext er nal dist ance is for EBGP r out es ( default is 20) ; t he int er nal dist ance is for I BGP rout es ( default is 200) , and t he local dist ance defines t he AD for locally connect ed r out es ( default is 200) . Ex am ple 7- 27 display s t he dist ance configur at ion on R1 and is configur ed on all fiv e r out er s. You use t he ? t ool t o display t he opt ions as y ou ent er t he v alues.

Ex a m ple 7 - 2 7 Ch a n gin g D e fa u lt D ist a n ce R1(config)#router bgp 333 R1(config-router)#distance ? Administrative distance bgp BGP distance R1(config-router)#distance bgp ? Distance for routes external to the AS R1(config-router)#distance bgp 20 ? Distance for routes internal to the AS R1(config-router)#distance bgp 20 109 ? Distance for local routes R1(config-router)#distance bgp 20 109 109 The int er nal dist ance is set t o 109 ( less t han OSPF 110) ; t he ex t er nal dist ance is unchanged at 20, and t he local dist ance is also changed t o 109. Ex am ple 7- 28 display s t he I P r out ing t able on R3 aft er t he TCP peer s ar e clear ed.

Ex a m ple 7 - 2 8 sh ow ip r ou t e on R3 R3#sh ip route 131.108.0.0/16 is variably subnetted, 12 subnets, 3 masks O 131.108.255.0/30 [110/1581] via 131.108.255.5, 01:18:33, Serial0 O 131.108.254.1/32 [110/801] via 131.108.255.5, 01:18:33, Serial0 C 131.108.254.3/32 is directly connected, Loopback0 O 131.108.254.2/32 [110/811] via 131.108.255.5, 01:18:33, Serial0 O 131.108.254.5/32 [110/1582] via 131.108.255.5, 01:18:33, Serial0 C 131.108.255.4/30 is directly connected, Serial0 O 131.108.254.4/32 [110/1582] via 131.108.255.5, 01:18:33, Serial0

314

O Serial0 B B C B

131.108.255.8/30 [110/1581] via 131.108.255.5, 01:18:33, 131.108.5.0/24 131.108.4.0/24 131.108.3.0/24 131.108.1.0/24

[109/0] via [109/0] via is directly [109/0] via

131.108.254.5, 00:01:38 131.108.255.2, 00:01:37 connected, Ethernet0 131.108.254.1, 00:00:50

R1 now uses BGP w it h an AD of 109 as t he pr efer r ed pat h t o t he rem ot e net works connect ed t o R1/ R2, R4, and R5. This scenar io built a r edundant I BGP net w or k . Nex t , sim ulat e a r out ing BGP failur e t o R1 and ensur e t hat R2 becom es t he pr efer r ed pat h on all r out e r eflect or client s. Ex am ple 7- 29 displays t he current BGP t able on R3.

Ex a m ple 7 - 2 9 sh ow ip bgp on R3 R3#show ip bgp BGP table version is 84, local router ID is 131.108.254.3 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network * i131.108.1.0/24 *>i *> 131.108.3.0/24 *>i131.108.4.0/24 * i *>i131.108.5.0/24 * i

Next Hop 131.108.254.2 131.108.254.1 0.0.0.0 131.108.254.4 131.108.254.4 131.108.254.5 131.108.254.5

Metric LocPrf Weight Path 0 100 0 i 0 100 0 i 0 32768 i 0 100 0 i 0 100 0 i 0 100 0 i 0 100 0 i

The pr efer r ed pat h on R3 t o 131.108.1.0/ 24 is t hr ough R1; t he peer addr ess is 131.108.254.1 ( R1's loopback addr ess) . When t he TCP peer t o R1 fails on R3, t he pr efer r ed pat h is t hr ough R2 ( a r out e r eflect or ) . Ex am ple 7- 30 display s t he BGP t able on R3 aft er t he BGP failur e.

Ex a m ple 7 - 3 0 sh ow ip bgp on R3 a f t e r R1 Fa ilu r e R3#show ip bgp BGP table version is 86, local router ID is 131.108.254.3 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *>i131.108.1.0/24 131.108.254.2 0 100 0 i *> 131.108.3.0/24 0.0.0.0 0 32768 i *>i131.108.4.0/24 131.108.254.4 0 100 0 i *>i131.108.5.0/24 131.108.254.5 0 100 0 i The pat h t o 131.108.1.0/ 24 is now t hrough R2.

315

Befor e y ou build upon t his scenar io and add t he EBGP connect ions t o t he t w o different I SP rout ers, view t he full w orking configurat ions of R1 – R5. Ex am ple 7- 31 display s R1's full w or king configur at ion.

Ex a m ple 7 - 3 1 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Loopback0 ip address 131.108.254.1 255.255.255.255 ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! interface Serial1/0 ip address 131.108.255.5 255.255.255.252 clockrate 128000 ! interface Serial1/1 ip address 131.108.255.1 255.255.255.252 ! interface Serial1/2 ip address 131.108.255.9 255.255.255.252 clockrate 128000 ! interface Serial1/3 shutdown ! router ospf 1 network 0.0.0.0 255.255.255.255 area 0 ! router bgp 333 no synchronization network 131.108.1.0 mask 255.255.255.0 neighbor 131.108.254.2 remote-as 333 neighbor 131.108.254.2 update-source Loopback0 neighbor 131.108.254.3 remote-as 333 neighbor 131.108.254.3 update-source Loopback0 neighbor 131.108.254.3 route-reflector-client neighbor 131.108.254.4 remote-as 333 neighbor 131.108.254.4 update-source Loopback0 neighbor 131.108.254.4 route-reflector-client neighbor 131.108.254.5 remote-as 333 neighbor 131.108.254.5 update-source Loopback0 neighbor 131.108.254.5 route-reflector-client distance bgp 20 109 109 ! line con 0 line aux 0 line vty 0 4

316

end Ex am ple 7- 32 display s R2's full w or k ing configur at ion.

Ex a m ple 7 - 3 2 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup interface Loopback0 ip address 131.108.254.2 255.255.255.255 ! interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 ! router ospf 1 network 0.0.0.0 255.255.255.255 area 0 ! router bgp 333 no synchronization network 131.108.1.0 mask 255.255.255.0 neighbor 131.108.254.1 remote-as 333 neighbor 131.108.254.1 update-source Loopback0 neighbor 131.108.254.3 remote-as 333 neighbor 131.108.254.3 update-source Loopback0 neighbor 131.108.254.3 route-reflector-client neighbor 131.108.254.4 remote-as 333 neighbor 131.108.254.4 update-source Loopback0 neighbor 131.108.254.4 route-reflector-client neighbor 131.108.254.5 remote-as 333 neighbor 131.108.254.5 update-source Loopback0 neighbor 131.108.254.5 route-reflector-client neighbor 131.108.255.2 remote-as 333 neighbor 131.108.255.2 update-source Loopback0 distance bgp 20 109 109 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 7- 33 display s R3's full w or k ing configur at ion.

Ex a m ple 7 - 3 3 R3 ' s Fu ll W or k in g Con figu r a t ion hostname R3 ! enable password cisco ! no ip domain-lookup ! interface Loopback0

317

ip address 131.108.254.3 255.255.255.255 ! interface Ethernet0 ip address 131.108.3.1 255.255.255.0 ! interface Serial0 ip address 131.108.255.6 255.255.255.252 bandwidth 125 ! interface Serial1 shutdown ! router ospf 1 network 0.0.0.0 255.255.255.255 area 0 ! router bgp 333 no synchronization network 131.108.3.0 mask 255.255.255.0 neighbor 131.108.254.1 remote-as 333 neighbor 131.108.254.1 update-source Loopback0 neighbor 131.108.254.2 remote-as 333 neighbor 131.108.254.2 update-source Loopback0 distance bgp 20 109 109 ! line con 0 line aux 0 line vty 0 4 ! end Exam p le 7- 34 display s R4's full w or k ing configur at ion.

Ex a m ple 7 - 3 4 R4 ' s Fu ll W or k in g Con figu r a t ion hostname R4 ! enable password cisco ! ip subnet-zero no ip domain-lookup interface Loopback0 ip address 131.108.254.4 255.255.255.255 ! interface Ethernet0 ip address 131.108.4.1 255.255.255.0 ! interface Serial0 ip address 131.108.255.2 255.255.255.252 clockrate 125000 ! interface Serial1 shutdown ! router ospf 1 network 0.0.0.0 255.255.255.255 area 0 !

318

router bgp 333 no synchronization network 131.108.4.0 mask 255.255.255.0 neighbor 131.108.254.1 remote-as 333 neighbor 131.108.254.1 update-source Loopback0 neighbor 131.108.254.2 remote-as 333 neighbor 131.108.254.2 update-source Loopback0 distance bgp 20 109 109 line con 0 line aux 0 line vty 0 4 ! end Ex am ple 7- 35 display s R5's full w or k ing configur at ion.

Ex a m ple 7 - 3 5 R5 ' s Fu ll W or k in g Con figu r a t ion hostname R5 ! enable password cisco ! ip subnet-zero interface Loopback0 ip address 131.108.254.5 255.255.255.255 ! interface Ethernet0 ip address 131.108.5.1 255.255.255.0 ! interface Serial0 ip address 131.108.255.10 255.255.255.252 ! interface Serial1 shutdown ! router ospf 1 network 0.0.0.0 255.255.255.255 area 0 ! router bgp 333 no synchronization network 131.108.5.0 mask 255.255.255.0 neighbor 131.108.254.1 remote-as 333 neighbor 131.108.254.1 update-source Loopback0 neighbor 131.108.254.2 remote-as 333 neighbor 131.108.254.2 update-source Loopback0 distance bgp 20 109 109 line con 0 line aux 0 line vty 0 4 ! end

319

Sce n a r io 7 - 3 : Con figu r in g D u a l - H om in g I SP Con n e ct ion s I n t his scenar io, you build upon t he I BGP net w or k in Figur e 7- 4 and configur e EBGP on R1 and R2 and sim ulat e a dual- hom ing I SP connect ion. Because m ost CCNP candidat es do not hav e t w o I SP connect ions t o configur e in a lab env ir onm ent , y ou configur e t w o r out er s and inj ect default r out es along w it h a la r ge I P rout ing t able t o sim ulat e an I SP rout er. Figur e 7- 6 displays t he EBGP connect ions on R1 and R2 and t he I P addr essing.

Figu r e 7 - 6 . EBGP Con n e ct ion s

Configur e t he r out er s I SP1 and I SP2 for EBGP and adv er t ise a default r out e t o t he int er nal BGP net w or k along w it h som e r out es t hat sim ulat e an I nt er net env ir onm e n t . Ex am ple 7- 36 configur es I SP1 for EBGP and allow s a default r out e t o be adv er t ised t o t he EBGP peer t o R1.

Ex a m ple 7 - 3 6 EBGP on I SP1 router bgp 50001 neighbor 171.108.1.2 remote-as 333 neighbor 171.108.1.2 default-originate Ex am ple 7- 37 display s t he EBGP configur at ion on I SP2. Rem em ber t hat bot h I nt er net r out er s, I SP1 and I SP2, are providing default rout es t o R1 and R2, r espect iv ely .

320

Ex a m ple 7 - 3 7 EBGP on I SP2 router bgp 4000 neighbor 160.100.1.2 remote-as 333 neighbor 160.100.1.2 default-originate View t he BGP t ables on R1 and R2 and ensure t hat t he BGP t able cont ains a default r out e. Ex am ple 7- 38 displays R1's BGP t able.

Ex a m ple 7 - 3 8 R1 's BGP t a ble R1#show ip bgp BGP table version is 8, local router ID is 131.108.254.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 0.0.0.0 * i *> 131.108.1.0/24 * i * i131.108.3.0/24 *>i * i131.108.4.0/24 *>i * i131.108.5.0/24 *>i

Next Hop 171.108.1.1 160.100.1.1 0.0.0.0 131.108.254.2 131.108.254.3 131.108.254.3 131.108.254.4 131.108.254.4 131.108.254.5 131.108.254.5

Metric LocPrf Weight 0 100 0 0 32768 0 100 0 0 100 0 0 100 0 0 100 0 0 100 0 0 100 0 0 100 0

Path 50001 i 4000 i i i i i i i i i

R1, because it has a dir ect connect ion t o t he EBGP peer t o I SP1, select s I SP1 for default - based t r affic. Ex am ple 7- 39 d isplays R2's BGP t able.

Ex a m ple 7 - 3 9 R2 's BGP t a ble R2#show ip bgp BGP table version is 12, local router ID is 131.108.254.2 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network * i0.0.0.0 *> * i131.108.1.0/24 *> * i131.108.3.0/24 *>i * i131.108.4.0/24 *>i * i131.108.5.0/24 *>i

Next Hop 171.108.1.1 160.100.1.1 131.108.254.1 0.0.0.0 131.108.254.3 131.108.254.3 131.108.254.4 131.108.254.4 131.108.254.5 131.108.254.5

Metric LocPrf Weight Path 100 0 50001 i 0 4000 i 0 100 0 i 0 32768 i 0 100 0 i 0 100 0 i 0 100 0 i 0 100 0 i 0 100 0 i 0 100 0 i

321

Sim ilar ly , because R2 has a dir ect connect ion t o t he EBGP peer t o I SP2, R2 select s I SP2 for all default - based t r affic. This m eans t hat t r affic is sent t o differ ent I SP r out er s for any t r affic t o t he I nt er net . This t r affic pat t er n is undesir able because I P pack et s m ight t ak e differ ent pat hs and not r each t he dest inat ion in a t im ely m anner, result ing in loss or slow user- dat a t r ansfer , such as HTTP t r affic. I deally , a dual- hom e connect ion is for r edundancy pur poses only . Configur e R2 t o send all default t r affic t hr ough t he connect ion on R1 t o I SP1, unless R1 loses t he connect ion t o I SP1. To accom plish t his t ask, you m odify t he MED value on R2 t o ensur e t hat all default t r affic is sent t hr ough R1. Low er MED values ar e pr efer r ed, and MED influences only EBGP connect ions. Ex am ple 7- 40 display s t he MED configur at ion on R2. To dem onst r at e anot her m et hod, an ex am ple using AS_Pat h m anipulat ion follow s.

Ex a m ple 7 - 4 0 M ED M odifica t ion on R2 R2(config)#router bgp 333 R2(config-router)#neighbor 131.108.254.1 route-map setmedr1 in R2(config-router)#neighbor 160.100.1.1 route-map setmedisp2 in R2(config)#route-map setmedr1 R2(config-route-map)#match ip address 1 R2(config-route-map)#set metric 100 R2(config-route-map)#exit R2(config)#route-map setmedisp2 R2(config-route-map)#match ip address 1 R2(config-route-map)#set metric 200 Aft er you clear t he BGP sessions t o R1 and I SP2 on R2, t he BGP t able on R2 is displayed, as show n in Ex am ple 7- 41.

Ex a m ple 7 - 4 1 sh ow ip bgp on R2 R2#show ip bgp BGP table version is 9, local router ID is 131.108.254.2 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 0.0.0.0 160.100.1.1 200 0 4000 i * i 171.108.1.1 100 100 0 50001 i * i131.108.1.0/24 131.108.254.1 100 100 0 i *> 0.0.0.0 0 32768 i *>i131.108.3.0/24 131.108.254.3 0 100 0 i * i 131.108.254.3 100 100 0 i *>i131.108.4.0/24 131.108.254.4 0 100 0 i * i 131.108.254.4 100 100 0 i * i131.108.5.0/24 131.108.254.5 100 100 0 i *>i 131.108.254.5 0 100 0 i

322

As displayed in Ex am ple 7- 41, t he pr efer r ed pat h t o t he nex t hop 160.100.1.1, ev en t hough t he MED is low er , is t hr ough I SP2. The MED at t r ibut e is com par ed only for pat hs fr om neighbor s in t he sam e AS. R1 ( in AS 333) and I SP2 ( in AS 4000) ar e in differ ent aut onom ous sy st em s, so t o enable BGP t o com par e MED in differ ent aut onom ous sy st em s, y ou m ust enable t he b g p a lw a y s- com pa r e - m e d com m and. The b g p a lw a y s- com pa r e - m e d com m and allow s t he MED values t o be com par ed, and BGP decisions ar e ev en t hough t he t w o r out er s, R1 and R2, ar e in differ ent aut onom ous syst em s. Ex am ple 7- 42 display s t he configur at ion on R2 t o allow MED t o be com par ed bet ween R1 and I SP2.

Ex a m ple 7 - 4 2 bgp a lw a ys- com p a r e- m e d Com m a n d on R2 R2(config)#router bgp 333 R2(config-router)#bgp always-compare-med Aft er you clear t he BGP sessions on R2, t he BGP t able on R2 displays t he pr efer r ed default r out e 0.0.0.0/ 0 t hr ough R1. Ex am ple 7- 43 displays t he BGP t able on R2.

Ex a m ple 7 - 4 3 sh ow ip bgp on R2 R2#show ip bgp BGP table version is 9, local router ID is 131.108.254.2 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * 0.0.0.0 160.100.1.1 200 0 4000 i *>i 171.108.1.1 100 100 0 50001 i * i131.108.1.0/24 131.108.254.1 100 100 0 i *> 0.0.0.0 0 32768 i *>i131.108.3.0/24 131.108.254.3 0 100 0 i * i 131.108.254.3 100 100 0 i *>i131.108.4.0/24 131.108.254.4 0 100 0 i * i 131.108.254.4 100 100 0 i *>i131.108.5.0/24 131.108.254.5 0 100 0 i * i 131.108.254.5 100 100 0 i Ex am ple 7- 43 show s t hat t he new pr efer r ed pat h is t hr ough R1 because t he MED is lower. Befor e r em ov ing t he configur at ion com par ing MED on R2 and dem onst r at ing how t he AS_Pat h at t r ibut e can also be used t o accom plish t he t ask , Ex am ple 7- 44 displays R2's full w or k ing configur at ion.

Ex a m ple 7 - 4 4 R2 ' s Fu ll W or k in g Con f ig u r a t ion U sin g M ED hostname R2 ! enable password cisco

323

! ip subnet-zero no ip domain-lookup ! interface Loopback0 ip address 131.108.254.2 255.255.255.255 no ip directed-broadcast ! interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 ! interface Serial1/3 ip address 160.100.1.2 255.255.255.252 clockrate 128000 ! router ospf 1 network 0.0.0.0 255.255.255.255 area 0 ! router bgp 333 no synchronization bgp always-compare-med network 131.108.1.0 mask 255.255.255.0 neighbor 131.108.254.1 remote-as 333 neighbor 131.108.254.1 update-source Loopback0 neighbor 131.108.254.1 route-map setmedr1 in neighbor 131.108.254.3 remote-as 333 neighbor 131.108.254.3 update-source Loopback0 neighbor 131.108.254.3 route-reflector-client neighbor 131.108.254.4 remote-as 333 neighbor 131.108.254.4 update-source Loopback0 neighbor 131.108.254.4 route-reflector-client neighbor 131.108.254.5 remote-as 333 neighbor 131.108.254.5 update-source Loopback0 neighbor 131.108.254.5 route-reflector-client neighbor 160.100.1.1 remote-as 4000 neighbor 160.100.1.1 route-map setmedisp2 in distance bgp 20 109 109 access-list 1 permit 0.0.0.0 ! route-map setmedr1 permit 10 match ip address 1 set metric 100 ! route-map setmedisp2 permit 10 match ip address 1 set metric 200 ! line con 0 line aux 0 line vty 0 4 ! end I n Chapt er 6, you lear ned t he BGP r out ing decisions and one of t he decisions ar e based on shor t est AS_Pat h. Configure R2 t o prepend AS_Pat hs ( add AS_Pat hs) from I SP2 so t hat R1's connect ion t o I SP1 is t he pr efer r ed pat h for default r out ing.

324

Ex a m ple 7 - 4 5 AS_ Pa t h M a n ipu la t ion of R2 R2(config)#router bgp 333 R2(config-router)#no neighbor 160.100.1.1 route-map setmedisp2 in R2(config-router)#no neighbor 131.108.254.1 route-map setmedr1 in R2(config-router)#neighbor 160.100.1.1 route-map aspath in R2(config)#route-map aspath R2(config-route-map)#set ? as-path Prepend string for a BGP AS-path attribute automatic-tag Automatically compute TAG value clns OSI summary address comm-list set BGP community list (for deletion) community BGP community attribute dampening Set BGP route flap dampening parameters default Set default information interface Output interface ip IP specific information level Where to import route local-preference BGP local preference path attribute metric Metric value for destination routing protocol metric-type Type of metric for destination routing protocol origin BGP origin code tag Tag value for destination routing protocol weight BGP weight for routing table R2(config-route-map)#set as-path ? prepend Prepend to the as-path tag Set the tag as an AS-path attribute R2(config-route-map)#set as-path prepend 4000 3999 3998 Th e? t ool in Ex am ple 7- 45 display s t he opt ions for pr epending AS_Pat hs on R2. Next , configure t he AS_Pat h t o 4000 3999 3998 on R2 for all incom ing rout es from I SP2. Exam ple 7- 46 displays t he BGP t able on R2.

Ex a m ple 7 - 4 6 sh ow ip bgp on R2 R2#show ip bgp BGP table version is 7, local router ID is 131.108.254.2 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * 0.0.0.0 160.100.1.1 0 4000 3999 3998 4000 i *>i 171.108.1.1 100 0 50001 i *> 131.108.1.0/24 0.0.0.0 0 32768 i * i 131.108.254.1 0 100 0 i * i131.108.3.0/24 131.108.254.3 0 100 0 i *>i 131.108.254.3 0 100 0 i * i131.108.4.0/24 131.108.254.4 0 100 0 i *>i 131.108.254.4 0 100 0 i * i131.108.5.0/24 131.108.254.5 0 100 0 i *>i 131.108.254.5 0 100 0 i R2 now pr efer s t he pat h t hr ough t he nex t hop addr ess 171.108.1.1 ( R1's link t o I SP1) because t he AS_Pat h is only 50001 ( one hop) , or a low er hop count aw ay com par ed t o 4000 3999 3998 ( t hr ee hops) .

325

You have seen t w o m et hods used on R2 and discover ed how pow er ful BGP can be in allow ing t he net w or k adm inist r at or t o m anipulat e BGP and achiev e any r out ing pat h desir ed. Som e ot her com m on configur at ions com plet ed on r out er s connect ed t o t he I nt er net include t he follow ing: • •

Ensur ing t hat only a default r out e is accept ed Ensur ing t hat y ou ar e not a t r ansit pat h for any I nt ernet t raffic

Nex t , configur e R1 and R2 t o accept only a default r out e and ensur e t hat t he ser v ice pr ovider s, I SP1 and I SP2, do not use t he net w or k bet w een R1 and R2 as a t r ansit pat h. Ex am ple 7- 47 display s t he configur at ion on R1 t o allow only default r out es and display s set t ing t he no- ex port com m unit y t o I SP1. You can use a filt er list along w it h a rout e m ap t o perm it a default rout e.

Ex a m ple 7 - 4 7 R1 Allow in g On ly D e fa u lt Rou t e s ( Filt e r List ) a n d Se t t in g Com m u n it y R1(config)#router bgp 333 R1(config-router)#neighbor 171.108.1.1 filter R1(config-router)#neighbor 171.108.1.1 filter-list 1 R1(config-router)#neighbor 171.108.1.1 filter-list 1 in R1(config-router)#neighbor 171.108.1.1 send-community R1(config-router)#neighbor 171.108.1.1 route-map noexport ? R1(config-router)#neighbor 171.108.1.1 route-map noexport out R1(config)#route-map no-export R1(config-route-map)#set community no-export R1(config)#access-list 1 permit 0.0.0.0 Ex am ple 7- 47 display s t he configur at ion on R2 t o allow only default r out es and set t ing t he no expor t com m unit y t o I SP1. Ex am ple 7- 48 also show s t he use of a w ell- know n com m unit y value: n o- e x por t . Th e no- ex port com m unit y at t r ibut e adv ises a BGP r out er car r y ing t his at t r ibut e t hat t he r out e adver t ised shoul d not be adv er t ised t o any peer s out side t he AS. Ex am ple 7- 48 configur es R2 ( because R2 is also connect ed t o an I SP r out er ) using a r out e m ap t o set t he com m unit y and allow ing only a default rout e using a filt er list on inbound updat es. I n t he next scenar io, you use pr efix list s t o accom plish t he sam e t ask.

Ex a m ple 7 - 4 8 R2 Allow in g On ly D e fa u lt Rou t e s ( Filt e r List ) a n d Se t t in g Com m u n it y R2(config)#router bgp 333 R2(config-router)#neighbor 160.100.1.1 route-map setcommuntiy out R2(config-router)#neighbor 160.100.1.1 send-community R2(config-router)#neighbor 160.100.1.1 filter-list 1 in R2(config)#access 1 permit 0.0.0.0 R2(config)#route-map setcommuntiy

326

R2(config-route-map)#set community no-export Befor e looking at how t o use pr efix list s t o achieve com plex r out ing filt er s, view t he full w or king configur at ions of t he four m ain r out er s in t his scenar io. Ex am ple 7- 49 display s I SP1's full w or k ing configur at ion.

Ex a m ple 7 - 4 9 I SP1 ' s Fu ll W or k in g Con figu r a t ion hostname ISP1 ! enable password cisco ! ip subnet-zero ! interface Serial0 ip address 171.108.1.1 255.255.255.252 interface Serial1 shutdown ! router bgp 50001 neighbor 171.108.1.2 remote-as 333 neighbor 171.108.1.2 default-originate ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 7- 50 disp lay s I SP2's full w or k ing configur at ion.

Ex a m ple 7 - 5 0 I SP2 ' s Fu ll W or k in g Con figu r a t ion hostname ISP2 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Serial0 ip address 160.100.1.1 255.255.255.252 ! interface Serial1 shutdown ! router bgp 4000 neighbor 160.100.1.2 remote-as 333 neighbor 160.100.1.2 default-originate line con 0 line aux 0 line vty 0 4 ! end

327

Ex am ple 7- 51 display s R1's full w or k ing configur at ion.

Ex a m ple 7 - 5 1 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Loopback0 ip address 131.108.254.1 255.255.255.255 no ip directed-broadcast ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 no ip directed-broadcast ! interface Serial1/0 ip address 131.108.255.5 255.255.255.252 clockrate 128000 ! interface Serial1/1 ip address 131.108.255.1 255.255.255.252 ! interface Serial1/2 ip address 131.108.255.9 255.255.255.252 clockrate 128000 ! interface Serial1/3 ip address 171.108.1.2 255.255.255.252 clockrate 128000 ! router ospf 1 network 0.0.0.0 255.255.255.255 area 0 ! router bgp 333 no synchronization network 131.108.1.0 mask 255.255.255.0 neighbor 131.108.254.2 remote-as 333 neighbor 131.108.254.2 update-source Loopback0 neighbor 131.108.254.3 remote-as 333 neighbor 131.108.254.3 update-source Loopback0 neighbor 131.108.254.3 route-reflector-client neighbor 131.108.254.4 remote-as 333 neighbor 131.108.254.4 update-source Loopback0 neighbor 131.108.254.4 route-reflector-client neighbor 131.108.254.5 remote-as 333 neighbor 131.108.254.5 update-source Loopback0 neighbor 131.108.254.5 route-reflector-client neighbor 171.108.1.1 remote-as 50001 neighbor 171.108.1.1 send-community neighbor 171.108.1.1 route-map noexport out neighbor 171.108.1.1 filter-list 1 in distance bgp 20 109 109 !

328

route-map noexport permit 10 set community no-export ! line con 0 line aux 0 line vty 0 4 end Ex am ple 7- 52 display s R2's full w or k ing configur at ion.

Ex a m ple 7 - 5 2 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup interface Loopback0 ip address 131.108.254.2 255.255.255.255 no ip directed-broadcast ! interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 ! interface Serial1/3 ip address 160.100.1.2 255.255.255.252 clockrate 128000 ! router ospf 1 network 0.0.0.0 255.255.255.255 area 0 ! router bgp 333 no synchronization bgp always-compare-med network 131.108.1.0 mask 255.255.255.0 neighbor 131.108.254.1 remote-as 333 neighbor 131.108.254.1 update-source Loopback0 neighbor 131.108.254.3 remote-as 333 neighbor 131.108.254.3 update-source Loopback0 neighbor 131.108.254.3 route-reflector-client neighbor 131.108.254.4 remote-as 333 neighbor 131.108.254.4 update-source Loopback0 neighbor 131.108.254.4 route-reflector-client neighbor 131.108.254.5 remote-as 333 neighbor 131.108.254.5 update-source Loopback0 neighbor 131.108.254.5 route-reflector-client neighbor 160.100.1.1 remote-as 4000 neighbor 160.100.1.1 send-community neighbor 160.100.1.1 route-map aspath in neighbor 160.100.1.1 route-map setcommuntiy out neighbor 160.100.1.1 filter-list 1 in distance bgp 20 109 109 ! access-list 1 permit 0.0.0.0 route-map setcommunity permit 10

329

set community no-export ! route-map setcommuntiy permit 10 set community no-export ! route-map aspath permit 10 set as-path prepend 4000 3999 3998 ! route-map setmedr1 permit 10 match ip address 1 set metric 100 ! route-map setmedisp2 permit 10 match ip address 1 set metric 200 ! line con 0 line aux 0 line vty 0 4 ! end

Sce n a r io 7 - 4 : Con figu r in g Pr e fix List s I n this scenar io, y ou build upon t he net w or k in Figur e 7- 6. You use som e handy configur at ion t ips t o sim ulat e an I SP env ir onm ent and use pr efix list s on R1 t o ensur e t hat y ou r eceive only necessar y infor m at ion t o save bandw idt h and I P and BGP t able sizes. This scenar io encom passes only t w o r out er s t o dem onst r at e t he pow er of BGP. Figur e 7- 7 display s t he t w o- rout er t opology w it h t he rout er nam ed I SP1 sim ulat ing an I SP env ir onm ent .

Figu r e 7 - 7 . Tw o- Rou t e r I SP Sim u la t ion

330

First , configure som e r out es on I SP1 point ing t o Null0 ( a bit buck et , com m only used in BGP t o adv er t ise r out es st at ically for ent r ies in t he I P r out ing t able) . You use t he r e dist r ibu t e st a t ic com m and t o inj ect net w or k s int o R1. To m ak e t hings sim pler , you rem ove all t he I BGP sessions on R1 and adver t ise t hese st at ic r out es t o R1. N OTE All filt ering, rout e m aps, and I BGP peers configured in t he previous scenario have been rem oved from Rout er R1 for clarit y.

Ex am ple 7- 53 display s t he st at ic r out e configur at ion of 25 net w or k s on I SP1 and t he adver t isem ent of t hese st at ic r out es t o R1.

Ex a m ple 7 - 5 3 St a t ic Rou t e Con f igu r a t ion on I SP1 ip route 1.0.0.0 255.0.0.0 Null0 ip route 2.0.0.0 255.0.0.0 Null0 ip route 3.0.0.0 255.0.0.0 Null0

331

ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip

route route route route route route route route route route route route route route route route route route route route route route

4.0.0.0 255.0.0.0 Null0 5.0.0.0 255.0.0.0 Null0 6.0.0.0 255.0.0.0 Null0 7.0.0.0 255.0.0.0 Null0 8.0.0.0 255.0.0.0 Null0 10.0.0.0 255.0.0.0 Null0 11.0.0.0 255.0.0.0 Null0 100.0.0.0 255.0.0.0 Null0 101.0.0.0 255.0.0.0 Null0 102.0.0.0 255.0.0.0 Null0 141.100.0.0 255.255.0.0 Null0 142.100.0.0 255.255.0.0 Null0 143.100.0.0 255.255.0.0 Null0 144.100.0.0 255.255.0.0 Null0 145.100.0.0 255.255.0.0 Null0 146.100.0.0 255.255.0.0 Null0 147.100.0.0 255.255.0.0 Null0 148.100.0.0 255.255.0.0 Null0 149.100.0.0 255.255.0.0 Null0 150.100.1.0 255.255.255.0 Null0 141.108.0.0 255.255.0.0 Null0 0.0.0.0 0.0.0.0 null0

Ex am ple 7- 53 display s t he st at ic r out e configur at ion of Class A net w or k s r anging fr om 1. 0. 0. 0– 11.0.0.0; t he Class A net w or k s 100.0.0.0, 101.0.0.0, and 102.0.0.0; and finally t he Class B net w or k s r anging fr om 141.100.0.0– 150.100.0.0/ 16. The last ent r y , 0.0.0.0/ 0, is a default r out e adv er t isem ent . I n a r eal- w orld BGP env ir onm ent , t he r out er I SP1 w ould have m or e specific ent r ies t o all t hese net w or ks, and a st at ic r out e w ould be configur ed so t hat infor m at ion can be sent ov er t he EBGP peer s w it hout t he need for dy nam ic r out ing adv er t isem ent s. Null r out es and loopbacks ar e gr eat lear ning t ools. To sim ulat e a r eal env ir onm ent , configur e I SP1 t o pr epend som e of t he st at ic r out es w it h v ar y ing aut onom ous sy st em s. Ex am ple 7- 54 configur es all net w or k s in t he r ange 1.0.0.0–11.0.0.0. The or igin AS is 1000, w it h t he pat h t hr ough 998 999. All ot her net w or k s ar e pr epended w it h t he aut onom ous syst em s 400, 300, and 200. The r out e m ap nam e is set t o pr epend.

Ex a m ple 7 - 5 4 Pr e pe n din g Rou t e s on I SP1 router bgp 50001 neighbor 171.108.1.2 route-map prepend out access-list 1 permit 1.0.0.0 0.255.255.255 access-list 1 permit 2.0.0.0 0.255.255.255 access-list 1 permit 3.0.0.0 0.255.255.255 access-list 1 permit 4.0.0.0 0.255.255.255 access-list 1 permit 5.0.0.0 0.255.255.255 access-list 1 permit 6.0.0.0 0.255.255.255 access-list 1 permit 7.0.0.0 0.255.255.255 access-list 1 permit 8.0.0.0 0.255.255.255 access-list 1 permit 9.0.0.0 0.255.255.255 access-list 1 permit 10.0.0.0 0.255.255.255 access-list 1 permit 11.0.0.0 0.255.255.255 access-list 2 permit any route-map prepend permit 10 match ip address 1

332

set origin igp set as-path prepend 998 999 ! route-map prepend permit 20 match ip address 2 set origin igp set as-path prepend 400 300 200 The r out e m ap also configur es t he BGP or ig in at t r ibut e t o I GP ( as adv er t ised by t he n e t w or k com m and) . All subnet s allow ed by access list 1 pr epend all net w or k s t o 998 999 and set t he origin t o I GP. Sim ilarly, line 20 in t he rout e m ap ( r ou t e - m a p p r e p e n d p e r m it 2 0 ) st at em ent configur es all net w or k s in access list 2 wit h an I GP or ig in at t r ibut e. The net w or k s defined in access list 2 are prepended w it h an AS of 400, 300, and 200 or { 400 300 200} . Ex am ple 7- 55 con fir m s t h at t he at t r ibut es ar e set cor r ect ly , by v iew ing t he BGP t able on R1.

Ex a m ple 7 - 5 5 sh ow ip bgp on R1 R1#show ip bgp BGP table version is 25, local router ID is 131.108.254.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 1.0.0.0 999 i *> 2.0.0.0 999 i *> 3.0.0.0 999 i *> 4.0.0.0 999 i *> 5.0.0.0 999 i *> 6.0.0.0 999 i *> 7.0.0.0 999 i *> 8.0.0.0 999 i *> 10.0.0.0 999 i *> 11.0.0.0 999 i *> 100.0.0.0 300 200 i *> 101.0.0.0 300 200 i *> 102.0.0.0 300 200 i

Next Hop 171.108.1.1

Metric LocPrf Weight Path 0 0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 400

171.108.1.1

0

0 50001 400

171.108.1.1

0

0 50001 400

333

*> 131.108.1.0/24 *> 141.100.0.0 300 200 i *> 141.108.0.0 300 200 i *> 142.100.0.0 300 200 i *> 143.100.0.0 300 200 i *> 144.100.0.0 300 200 i *> 145.100.0.0 300 200 i *> 146.100.0.0 300 200 i *> 147.100.0.0 300 200 i *> 148.100.0.0 300 200 i *> 149.100.0.0 300 200 i

0.0.0.0 171.108.1.1

0 0

32768 i 0 50001 400

171.108.1.1

0

0 50001 400

171.108.1.1

0

0 50001 400

171.108.1.1

0

0 50001 400

171.108.1.1

0

0 50001 400

171.108.1.1

0

0 50001 400

171.108.1.1

0

0 50001 400

171.108.1.1

0

0 50001 400

171.108.1.1

0

0 50001 400

171.108.1.1

0

0 50001 400

The fir st eleven net w or ks in Ex am ple 7- 55 m at ch access list 1 configured on I SP1. To dem onst r at e full I P connect ivit y, view t he I P r out ing t able on R1. Ex am ple 7- 56 displays t he I P ( BGP r out es only) r out ing t able on R1.

Ex a m ple 7 - 5 6 sh ow ip r ou t e bgp on R1 R1#show ip route bgp B 102.0.0.0/8 [20/0] via 171.108.1.1, 00:04:02 B 1.0.0.0/8 [20/0] via 171.108.1.1, 00:04:02 B 2.0.0.0/8 [20/0] via 171.108.1.1, 00:04:02 B 100.0.0.0/8 [20/0] via 171.108.1.1, 00:04:02 B 3.0.0.0/8 [20/0] via 171.108.1.1, 00:04:02 B 101.0.0.0/8 [20/0] via 171.108.1.1, 00:04:02 B 4.0.0.0/8 [20/0] via 171.108.1.1, 00:04:02 B 5.0.0.0/8 [20/0] via 171.108.1.1, 00:04:02 B 141.100.0.0/16 [20/0] via 171.108.1.1, 00:04:02 B 141.108.0.0/16 [20/0] via 171.108.1.1, 00:04:02 B 6.0.0.0/8 [20/0] via 171.108.1.1, 00:04:03 B 142.100.0.0/16 [20/0] via 171.108.1.1, 00:04:03 B 7.0.0.0/8 [20/0] via 171.108.1.1, 00:04:03 B 143.100.0.0/16 [20/0] via 171.108.1.1, 00:04:03 B 145.100.0.0/16 [20/0] via 171.108.1.1, 00:04:03 B 8.0.0.0/8 [20/0] via 171.108.1.1, 00:04:03 B 144.100.0.0/16 [20/0] via 171.108.1.1, 00:04:03 B 147.100.0.0/16 [20/0] via 171.108.1.1, 00:04:03 B 10.0.0.0/8 [20/0] via 171.108.1.1, 00:04:03 B 146.100.0.0/16 [20/0] via 171.108.1.1, 00:04:03 B 11.0.0.0/8 [20/0] via 171.108.1.1, 00:04:03 B 149.100.0.0/16 [20/0] via 171.108.1.1, 00:04:03 B 148.100.0.0/16 [20/0] via 171.108.1.1, 00:04:03

334

Ex am ple 7- 56 display s all t he net w or k s adv er t ised t hr ough I SP1. ( Nex t hop addr ess is 171.108.1.1, t he EBGP peer addr ess of I SP1.) N OTE I f you t ry t o ping any of t hese net w orks from R1, t he ping request reaches I SP1, but because y ou hav e configur ed a null0 r out e, t he pack et s ar e dr opped on I SP1. For t he pur poses of t his ex er cise, all y ou need t o be int er est ed in is gener at ing r out es. Ther e are ot her m et hods t o gener at e BGP r out es, such as BGP gener at or s. Cisco I OS ( int er nal only ) allow s a r out er t o gener at e as m any r out es as y ou could ev er need t o sim ulat e t he I nt er net . Alt er nat iv ely , y ou could peer t o y our cor por at e I nt er net gat ew ay and r eceive t he full BGP t able, alt hough t his is not a recom m ended exercise. Manually gener at ing r out es t o null0 using st at ic r out es is a gr eat lear ning t ool t o deploy in any pract ice lab.

As you can det er m ine, Ex am ple 7- 56 show s m any BGP ent ries. There is no need for R1, or t he I BGP net w or k, t o be fully aw ar e of all t he ent r ies adver t ised fr om I SP1 because y ou alr eady hav e a default r out e. This is especially t r ue because I SP1 is advert ising t he nonrout able 10.0.0.0 net w ork, w hich m ight be in use on Rout er R1, or an int ernal net w ork running an I GP, such as OSPF. Configure a prefix list on R1 t o st op unnecessar y r out ing t r affic. Next , you configur e a pr efix list on R1 t o st op any BGP r out es, m at ching t he follow ing cr it er ia: • • • •

Perm it t he default rout e 0.0.0.0. Allow any r out es in t he r ange 1.0.0.0– 11.0.0.0, but not 10.0.0.0/ 24. Allow all r out es 141.1.0.0/ 16 only. ( This m ight be a net w or k, for exam ple, w her e a vir t ual pr ivat e net w or k m ight be configur ed for ex t r anet s, so y ou m ight w ant specific r out ing infor m at ion such as t his.) Deny all ot her r out es.

N OTE Pr efix list s follow sequence num ber s j ust as r out e m aps do. You do not need t o specify t he sequence; t he init ial num ber is 5 and is incr em ent ed by 5 each t im e. When y ou v iew t he final configur at ion, y ou w ill discov er t he I OS has inser t ed t he sequence num ber s for y ou.

Configur e a pr efix list on R1 t o obt ain t he pr eceding obj ect ives. Exam ple 7- 57 uses t h e ? t o guide you t hr ough t he var ious opt ions. Fir st , configur e a pr efix list on inbound t raffic from I SP1 on R1. Ex am ple 7- 57 display s t he filt er list configur at ion in BGP configurat ion m ode.

335

Ex a m ple 7 - 5 7 I n it ia l Pr e fix List Con figu r a t ion on R1 Poin t in g t o I SP1 R1(config-router)#neighbor 171.108.1.1 prefix-list ? WORD Name of a prefix list R1(config-router)#neighbor 171.108.1.1 prefix-list ccnp ? in Filter incoming updates out Filter outgoing updates R1(config-router)#neighbor 171.108.1.1 prefix-list ccnp in R1 is configur ed t o apply a pr efix list t o all inbound t r affic fr om t he r out er I SP1. As y et , y ou have not defined t he pr efix list . As w it h an access list , you need t o configur e t he opt ions for t he pr efix list t o per for m any filt er ing. Ex am ple 7- 58 display s t he pr efix list configur at ion in global configur at ion m ode.

Ex a m ple 7 - 5 8 Pr e f ix List Con f igu r a t ion on R1 R1(config)#ip prefix-list ? WORD Name of a prefix list sequence-number Include/exclude sequence numbers in NVGEN R1(config)#ip prefix-list ccnp ? deny Specify packets to reject description Prefix-list specific descriptin permit Specify packets to forward seq sequence number of an entry R1(config)#ip prefix-list ccnp permit ? A.B.C.D IP prefix /, e.g., 35.0.0.0/8 R1(config)#ip prefix-list ccnp permit 0.0.0.0/0 R1(config)#ip prefix-list ccnp permit ? A.B.C.D IP prefix /, e.g., 35.0.0.0/8 R1(config)#ip prefix-list ccnp permit 1.0.0.0/8 R1(config)#ip prefix-list ccnp permit 2.0.0.0/8 R1(config)#ip prefix-list ccnp permit 2.0.0.0/8 R1(config)#ip prefix-list ccnp permit 3.0.0.0/8 R1(config)#ip prefix-list ccnp permit 45.0.0.0/8 R1(config)#no ip prefix-list ccnp permit 45.0.0.0/8 R1(config)#ip prefix-list ccnp permit 4.0.0.0/8 R1(config)#ip prefix-list ccnp permit 5.0.0.0/8 R1(config)#ip prefix-list ccnp permit 6.0.0.0/8 R1(config)#ip prefix-list ccnp permit 7.0.0.0/8 R1(config)#ip prefix-list ccnp permit 8.0.0.0/8 R1(config)#ip prefix-list ccnp permit 9.0.0.0/8 R1(config)#ip prefix-list ccnp permit 11.0.0.0/8 R1(config)#ip prefix-list ccnp permit 141.1.0.0/16 Pr efix list s, by default , im plicit ly deny all ot her net w or k s. You do not need t o deny any ot her net w or k s because t he Cisco I OS aut om at ically denies all net w or k s not specif ically perm it t ed in t he prefix list , nam ed ccnp in Ex am ple 7- 58. Ex am ple 7- 59 d isplay s t he configur at ion on R1 w hen t he sh ow r u n n in g- con fig com m and is ent er ed in pr ivilege m ode on R1 ( t r uncat ed) .

Ex a m ple 7 - 5 9 sh ow r u n n in g - con f ig on R1

336

R1#show running-config Building configuration... Current configuration: !...truncated ! router bgp 333 network 131.108.1.0 mask 255.255.255.0 neighbor 171.108.1.1 remote-as 50001 neighbor 171.108.1.1 prefix-list ccnp in ! ip prefix-list ccnp seq 5 permit 0.0.0.0/0 ip prefix-list ccnp seq 10 permit 1.0.0.0/8 ip prefix-list ccnp seq 15 permit 2.0.0.0/8 ip prefix-list ccnp seq 20 permit 3.0.0.0/8 ip prefix-list ccnp seq 25 permit 4.0.0.0/8 ip prefix-list ccnp seq 30 permit 5.0.0.0/8 ip prefix-list ccnp seq 35 permit 6.0.0.0/8 ip prefix-list ccnp seq 40 permit 7.0.0.0/8 ip prefix-list ccnp seq 45 permit 8.0.0.0/8 ip prefix-list ccnp seq 50 permit 9.0.0.0/8 ip prefix-list ccnp seq 55 permit 11.0.0.0/8 ip prefix-list ccnp seq 60 permit 141.1.0.0/16 The Cisco I OS aut om at ically configur es sequence num ber ing st ar t ing fr om 5– 60. N OTE The exam ples of prefix list s ar e pr act ically endless. For m or e gr eat ex am ples, v isit w w w .cisco.com / univ er cd/ cc/ t d/ doc/ pr oduct / soft w ar e/ ios122/ 122cgcr / fipr _c/ ipcpr t 2/ 1cfbgp. ht m # x t ocid798074. Cisco r ecom m ends t hat pr efix list s be used in pr efer ence t o r out e m aps because pr efix list s ar e har d coded in soft w ar e ( com plied in code t er m s) and t ake less t im e t o pr ocess.

Ex am ple 7- 60 displays t he BGP t able on R1 aft er t he BGP peer is cleared and re est ablished on R1.

Ex a m ple 7 - 6 0 sh ow ip bgp on R1 R1#show ip bgp BGP table version is 12, local router ID is 171.108.1.2 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 0.0.0.0 171.108.1.1 0 50001 i *> 1.0.0.0 171.108.1.1 0 0 50001 998 999 i *> 2.0.0.0 171.108.1.1 0 0 50001 998 999 i *> 3.0.0.0 171.108.1.1 0 0 50001 998 999 i

337

*> 4.0.0.0 999 i *> 5.0.0.0 999 i *> 6.0.0.0 999 i *> 7.0.0.0 999 i *> 8.0.0.0 999 i *> 11.0.0.0 999 i *> 131.108.1.0/24

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

0.0.0.0

0

32768 i

R1 defines only t he net w or k s in t he pr efix list nam ed ccnp. Ty pically , pr efix list s ar e used by lar ge I SPs net w or k s and ar e used t o ensur e t hat only r out es per m it t ed int o an I SP ar e r out ed int o t he I nt er net . Som e I SPs, for exam ple, use t he Class A 10.0.0.0 pr ivat e addr ess for net w or k- layer addr essing on all net w or k devices and, t her efor e, block t his net w or k fr om all BGP sessions using prefix list s. The best m et hod you can apply t o fully appreciat e prefix list s is t o set up a sim ple t w o- r out er t opology and configur e pr efix list s t o see t he effect on t he BGP t able. Ex am ple 7- 61 display s R1's full w or k ing configur at ion.

Ex a m ple 7 - 6 1 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! interface Serial1/3 ip address 171.108.1.2 255.255.255.252 clockrate 128000 ! router bgp 333 network 131.108.1.0 mask 255.255.255.0 neighbor 171.108.1.1 remote-as 50001 neighbor 171.108.1.1 prefix-list ccnp in ! ip prefix-list ccnp seq 5 permit 0.0.0.0/0 ip prefix-list ccnp seq 10 permit 1.0.0.0/8 ip prefix-list ccnp seq 15 permit 2.0.0.0/8 ip prefix-list ccnp seq 20 permit 3.0.0.0/8 ip prefix-list ccnp seq 25 permit 4.0.0.0/8 ip prefix-list ccnp seq 30 permit 5.0.0.0/8 ip prefix-list ccnp seq 35 permit 6.0.0.0/8

338

ip prefix-list ip prefix-list ip prefix-list ip prefix-list ip prefix-list ! line con 0 line aux 0 line vty 0 4 end

ccnp ccnp ccnp ccnp ccnp

seq seq seq seq seq

40 45 50 55 60

permit permit permit permit permit

7.0.0.0/8 8.0.0.0/8 9.0.0.0/8 11.0.0.0/8 141.1.0.0/16

Ex am ple 7- 62 display s I SP1's full w or k ing configur at ion.

Ex a m ple 7 - 6 2 I SP1 ' s Fu ll W or k in g Con figu r a t ion hostname ISP1 ! enable password cisco ! interface Serial0 ip address 171.108.1.1 255.255.255.252 ! router bgp 50001 redistribute static neighbor 171.108.1.2 remote-as 333 neighbor 171.108.1.2 default-originate neighbor 171.108.1.2 route-map prepend out ! ip classless ip route 0.0.0.0 0.0.0.0 Null0 ip route 1.0.0.0 255.0.0.0 Null0 ip route 2.0.0.0 255.0.0.0 Null0 ip route 3.0.0.0 255.0.0.0 Null0 ip route 4.0.0.0 255.0.0.0 Null0 ip route 5.0.0.0 255.0.0.0 Null0 ip route 6.0.0.0 255.0.0.0 Null0 ip route 7.0.0.0 255.0.0.0 Null0 ip route 8.0.0.0 255.0.0.0 Null0 ip route 10.0.0.0 255.0.0.0 Null0 ip route 11.0.0.0 255.0.0.0 Null0 ip route 100.0.0.0 255.0.0.0 Null0 ip route 101.0.0.0 255.0.0.0 Null0 ip route 102.0.0.0 255.0.0.0 Null0 ip route 141.100.0.0 255.255.0.0 Null0 ip route 141.108.0.0 255.255.0.0 Null0 ip route 142.100.0.0 255.255.0.0 Null0 ip route 143.100.0.0 255.255.0.0 Null0 ip route 144.100.0.0 255.255.0.0 Null0 ip route 145.100.0.0 255.255.0.0 Null0 ip route 146.100.0.0 255.255.0.0 Null0 ip route 147.100.0.0 255.255.0.0 Null0 ip route 148.100.0.0 255.255.0.0 Null0 ip route 149.100.0.0 255.255.0.0 Null0 ! access-list 1 permit 1.0.0.0 0.255.255.255 access-list 1 permit 2.0.0.0 0.255.255.255

339

access-list 1 permit 3.0.0.0 0.255.255.255 access-list 1 permit 4.0.0.0 0.255.255.255 access-list 1 permit 5.0.0.0 0.255.255.255 access-list 1 permit 6.0.0.0 0.255.255.255 access-list 1 permit 7.0.0.0 0.255.255.255 access-list 1 permit 8.0.0.0 0.255.255.255 access-list 1 permit 9.0.0.0 0.255.255.255 access-list 1 permit 10.0.0.0 0.255.255.255 access-list 1 permit 11.0.0.0 0.255.255.255 access-list 2 permit any route-map prepend permit 10 match ip address 1 set origin igp set as-path prepend 998 999 ! route-map prepend permit 20 match ip address 2 set origin igp set as-path prepend 400 300 200 ! line con 0 line aux 0 line vty 0 4 end

Sce n a r io 7 - 5 : M on it or in g BGP a n d V e r ify in g Cor r e ct Ope r a t ion Chapt er 6 cover ed com m on BGP sh o w com m ands. This scenar io cov er s som e of t he m or e adv anced BGP m onit or ing com m ands. The full list of available s h o w com m ands used in BGP is displayed in Ex am ple 7- 63.

Ex a m ple 7 - 6 3 Fu ll sh ow ip bgp Com m a n d List R1#show ip bgp ? A.B.C.D A.B.C.D cidr-only community community-list dampened-paths filter-list flap-statistics inconsistent-as neighbors connections paths peer-group regexp expression summary

IP prefix /, e.g., 35.0.0.0/8 Network in the BGP routing table to display Display only routes with non-natural netmasks Display routes matching the communities Display routes matching the community-list Display paths suppressed due to dampening Display routes conforming to the filter-list Display flap statistics of routes Display only routes with inconsistent origin ASs Detailed information on TCP and BGP neighbor Path information Display information on peer-groups Display routes matching the AS path regular Summary of BGP neighbor status

340

This scenar io cov er s t he highlight ed opt ions in Ex am ple 7- 63. N OTE The follow ing sam ple I OS display s ar e t ak en fr om t he t w o- rout er t opology in Figur e 7- 7. For m or e exam ples of t he full I OS com m and set , visit w w w . cisco. com / univ er cd/ cc/ t d/ doc/ pr oduct / soft w ar e/ ios122/ 122cgcr / fipr r p_r / bgp_r / 1 r f b g p 2 . h t m.

Suppose you w ant Rout er R1 t o det ail infor m at ion about t he r em ot e net w or k 1.0.0.0/ 8. Ex am ple 7- 64 d isplay s t he out put of t he I OS sh ow ip b g p 1 . 0 . 0 . 0 / 8 com m and.

Ex a m ple 7 - 6 4 sh ow ip bgp 1 .0 .0 .0 / 8 R1#show ip bgp 1.0.0.0/8 BGP routing table entry for 1.0.0.0/8, version 3 Paths: (1 available, best #1) Not advertised to any peer 50001 998 999 171.108.1.1 from 171.108.1.1 (171.108.1.1) Origin IGP, metric 0, localpref 100, valid, external, best, ref 2 Ex am ple 7- 64 show s t hat t he r em ot e ent r y is r eachable t hr ough t he nex t hop addr ess 171.108.1.1 ( I SP1) . The net w or k 1.0.0.0/ 8 is not adver t ised t o any peer because R1 has only one EBGP peer t o I SP1. The pat h t r av er sed t o r each 1.0.0.0/ 8 is t hr ough t he AS pat hs 50001 ( I SP1) , t hen 998, and finally or iginat es fr om 999; t h e or ig in at t r ibut e is set t o I GP ( m eaning t hat BGP adv er t ised t his net w or k t hr ough t he n e t w or k com m and) . This I OS com m and is t y pically used t o det er m ine w hich AS pat h is t aken t o r each a r em ot e net w or k and t he adver t ised peer . Table 7- 2 sum m arizes all t he fields from Ex am ple 7- 64.

Table 7-2. show ip bgp 1.0.0.0/8 Explained Field BGP t able ver sion

Description I nt er nal v er sion num ber of t he t able. This num ber is incr em ent ed w henev er t he t able changes. Ever y net w or k change r esult s in a new t able ver sion num ber incr em ent ed by 1 for ev er y change.

St at u s codes St at us of t he t able ent r y . The st at us is display ed at t he beginning of each line in t he t able. I t can be one of t he follow ing v alues: s—Ent r y suppr essed. * —Ent ry is valid.

341

> —Ent r y is t he best ent r y . i—Ent r y w as lear ned t hr ough an int er nal BGP ( I BGP) . Or igin codes Or igin of t he ent r y. The or igin code is placed at t he end of each line in t he t able. I t can be one of t he follow ing v alues: i—Ent r y or iginat ed fr om I nt er ior Gat ew ay Pr ot ocol ( I GP) and w as adver t ised w it h a n e t w o r k r out er configur at ion com m and. e—Ent r y or iginat ed fr om Ex t er ior Gat ew ay Pr ot ocol ( EGP) . ?—Or igin of t he pat h is not clear . Usually , t his is a r out er t hat is r edist r ibut ed int o BGP fr om an I GP. Net w or k

I P addr ess of a net w or k ent it y , 1.0.0.0/ 8, for ex am ple.

Next Hop

I P addr ess of t he next syst em t hat is used w hen for w ar ding a pack et t o t he dest inat ion net w or k.

Met ric

MED.

LocPrf

Local pr efer ence v alue as set w it h t he se t loca l- p r e f e r e n ce r ou t em ap configur at ion com m and. The default v alue is 100.

Weight

Weight of t he r out e, Cisco- specific only.

Pat h

Aut onom ous sy st em pat hs t o t he dest inat ion net w or k . I n Ex am ple 766, t he AS pat h is 50001 998 999.

To display r out es w it h unnat ur al net w or k m ask s ( t hat is, classless int erdom ain r out ing [ CI DR] ) , use t he sh ow ip b g p cid r- only com m and. Ex am ple 7- 65 display s t he out put fr om t he sh o w ip b g p cid r- only com m and on R1. You should ex pect t he net w or k 131.108.1.0 ( Class B subnet t ed or / 24 net w or k m ask) .

Ex a m ple 7 - 6 5 sh ow ip b g p cid r- on ly on R1 R1#show ip bgp cidr-only BGP table version is 12, local router ID is 171.108.1.2 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 131.108.1.0/24

Next Hop 0.0.0.0

Metric LocPrf Weight Path 0 32768 i

Table 7- 3 display s t he field descr ipt ions for t he sh ow ip bgp cidr - only com m and.

Table 7-3. show ip bgp cidr-only Descriptions Field

Description

BGP t able ver sion is 12

I nt er nal ver sion num ber for t he t able. This num ber is increm ent ed w henev er t he t able changes.

local r out er I D

I P addr ess of t he r out er .

171.108.1.2

342

St at u s codes

St at us of t he t able ent r y . The st at us is display ed at t he beginning of each line in t he t able. I t can be one of t he follow ing values: s—The t able ent r y is suppressed. * —The t able ent r y is v alid. > —The t able ent r y is t he best ent r y t o use for t hat net work. i—The t able ent r y w as lear ned t hr ough an int er nal BGP ( I BGP) session.

Or igin codes ( 131.108.1.0 is advert ised using t he n e t w or k com m and. Hence, I is display ed. )

Or igin of t he ent r y . The or igin code is placed at t he end of each line in t he t able. I t can be one of t he follow ing values: i—Ent r y or iginat ed fr om I nt er ior Gat ew ay Pr ot ocol ( I GP) and w as adv er t ised w it h a n e t w or k rout er configur at ion com m and. e—Ent r y or iginat ed fr om Ex t er ior Gat ew ay Pr ot ocol ( EGP) . ?—Or igin of t he pat h is not clear . Usually , t his is a r out er t hat is r edist r ibut ed int o BGP fr om an I GP.

Net w or k ( 131.108.1.0/ 24)

I nt er net addr ess of t he net w or k t he ent r y descr ibes.

Nex t Hop ( 171.108.1.1)

I P addr ess of t he next syst em t o use w hen for w ar ding a pack et t o t he dest inat ion net w or k .

Met ric

MED.

LocPrf

Local pr efer ence v alue, as set w it h t he se t loca lpr e fe r e n ce r ou t e- m ap configur at ion com m and.

Weight

Weight of t he r out e, as set t hr ough aut onom ous sy st em filt er s.

Pat h

Aut onom ous sy st em pat hs t o t he dest inat ion net w or k. Ther e can be one ent r y in t his field for each aut onom ous sy st em in t he pat h. At t he end of t he pat h is t he or igin code for t he pat h: i—The ent r y w as or iginat ed w it h t he I GP and adver t ised w it h a n e t w o r k r out er configur at ion com m and. e—The r out e or iginat ed w it h EGP. ?—The or igin of t he pat h is not clear . Usually t his is a pat h t hat is redist ribut ed int o BGP from an I GP

343

The final com m and m ost net w or k designer s use is t he sh o w ip b g p r e g e x p com m and. This I OS com m and is used t o m at ch net w or k s m eet ing cer t ain pat h descr ipt ions. For exam ple, if you w ant t o discover all t he pat hs or iginat ing locally, y ou w ould use t he sh ow ip bgp r e ge x p ^ $ com m and. This com m and is used t o discov er w hich net w or k s m at ch cer t ain pat hs. Ex am ple 7- 66 display s t he out put t aken fr om R1 m at ching all net w or ks or iginat ing locally. N OTE Regular ex pr essions ( REGEXP) ar e not defined as par t of t he CCNP cer t ificat ion ex am but ar e so useful t hey ar e cover ed her e for r eader s developing exper t - level skills. Regular ex pr essions ar e pat t er ns t hat m at ch input st r ings. For ex am ple, t he . char act er m at ches any single char act er , t he ^ m at ches t he beginning of an input st ring, and $ m at ches t he end of an input st ring.

Ex a m ple 7 - 6 6 sh ow ip b g p r e g e x p ^ $ R1#show ip bgp regexp ^$ BGP table version is 12, local router ID is 171.108.1.2 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 131.108.1.0/24

Next Hop 0.0.0.0

Metric LocPrf Weight Path 0 32768 i

Because R1 is adv er t ising t he net w or k 131.108.1.0 ( connect ed t o E0) , t he out put from t he sh ow ip b g p r e g e x p ^ $ com m and display s all locally connect ed or iginat ing r out es. Ex am ple 7- 67 display s all net w or k s com ing t hr ough AS 998, as seen on R1.

Ex a m ple 7 - 6 7 sh ow ip bgp r e ge x p_ 9 9 8 _ R1#show ip bgp regexp _998_ BGP table version is 12, local router ID is 171.108.1.2 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 1.0.0.0 999 i *> 2.0.0.0 999 i *> 3.0.0.0 999 i *> 4.0.0.0 999 i *> 5.0.0.0 999 i *> 6.0.0.0 999 i

Next Hop 171.108.1.1

Metric LocPrf Weight Path 0 0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

344

*> 7.0.0.0 999 i *> 8.0.0.0 999 i *> 11.0.0.0 999 i

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

171.108.1.1

0

0 50001 998

Aft er you ascer t ain w hich net w or ks ar e encom passed in pat h AS 998, you m ight w ant t o im plem ent a r out e m ap. For ex am ple, y ou could im plem ent a r out e m ap t hat set s t he MED t o 100 and w eight t o 1000 for only t hose pat hs passing t hr ough 998. REGEXPs are used pr ior t o m ak ing changes t o BGP neighbor s t o ensur e t hat t he cor r ect net w or k s ar e t agged for fur t her pr ocessing. You can easily discov er t he pow er of BGP—ev en by using only t he m ost basic show com m ands descr ibed in t his book.

Pr a ct ica l Ex e r cise : Adv a n ce d BGP N OTE Pr act ical Ex er cises ar e designed t o t est y our k now ledge of t he t opics cov er ed in t his chapt er . The Pr act ical Ex er cise begins by giv ing y ou som e infor m at ion about a sit uat ion and t hen ask s y ou t o w or k t hr ough t he solut ion on y our ow n. The solut ion can be found at t he end.

Configur e t he fiv e- rout er t opology in Figur e 7- 8 for I P rout ing. R3 runs only OSPF. R1 and R2 run BGP and OSPF.

Figu r e 7 - 8 . Fiv e- Rou t e r Top olog y

345

R1 has an EBGP peer t o R5 and an I BGP peer t o R2. R2 has an EBGP peer t o R4 and I BGP peer t o R1. Ensur e t hat t he 15 loopback s on R1 ( 131.108. 2. 0–131.108.16.0/ 24) ar e adv er t ised t o R5 and t hat R5 m odifies all even net w orks w it h a local w eight t o 1000 and m et ric ( MED) t o 100. For all odd net w or k s, set t he w eight t o 2000 and t he m et r ic ( MED) t o 200. Ensur e t hat R1 adv er t ises a default r out e t o R5 and t hat R2 advert ises a default rout e t o R4. Use a prefix list t o accom plish t his t ask. Ensur e t hat R4 does not accept any net w or k s in t he r ange 131.108.0.0 but does accept a default rout e only. All ot her net works m ust be denied on R4. Ensure t hat R3 c an reach all BGP- adv er t ised net w or k s using OSPF as t he only r out ing prot ocol. ( That is, redist ribut ion is required on R1/ R2) .

Pr a ct ica l Ex e r cise Solut ion You hav e a lot t o accom plish and y ou should begin by ensur ing Lay er 1, or t he phy sical lay er bet w een all r out er s, is r unning. Ensur e t hat I P addr essing is accur at e. Then, per for m som e sim ple pings, for exam ple, fr om R1 t o R5 and R2 t o R4. Aft er Layer 1 is up, st ar t by configur ing OSPF bet w een R1/ R2 and R3. Then configur e I BGP bet w een R1 and R2, follow ed by EBGP bet w een R1/ R5 and R2/ R4. Redist r ibut ion is r equir ed on R1/ R2 so t hat R3 can dynam ically lear n t he r em ot e BGP net w or ks on R4/ R5 t hr ough OSPF ( ex t er nal r out es Ty pe 2) .

346

Ex am ple 7- 68 display s t he full w or k ing configur at ion on R1. The shaded por t ions call y our at t ent ion t o cr it ical com m ands r equir ed for full I P connect iv it y . R1 has OSPF and BGP enabled. Synchr onizat ion is disabled, and t he next hop self - at t ribut e is set t o R5 so t hat R5 is able t o r each R4's Et her net net w or k, 141.108.1.0/ 24.

Ex a m ple 7 - 6 8 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Loopback0 ip address 131.108.2.1 255.255.255.0 ! interface Loopback1 ip address 131.108.3.1 255.255.255.0 ! interface Loopback2 ip address 131.108.4.1 255.255.255.0 ! interface Loopback3 ip address 131.108.5.1 255.255.255.0 ! interface Loopback4 ip address 131.108.6.1 255.255.255.0 ! interface Loopback5 ip address 131.108.7.1 255.255.255.0 ! interface Loopback6 ip address 131.108.8.1 255.255.255.0 ! interface Loopback7 ip address 131.108.9.1 255.255.255.0 ! interface Loopback8 ip address 131.108.10.1 255.255.255.0 ! interface Loopback9 ip address 131.108.11.1 255.255.255.0 ! interface Loopback10 ip address 131.108.12.1 255.255.255.0 ! interface Loopback11 ip address 131.108.13.1 255.255.255.0 ! interface Loopback12 ip address 131.108.14.1 255.255.255.0 ! interface Loopback13 ip address 131.108.15.1 255.255.255.0 ! interface Loopback14

347

ip address 131.108.16.1 255.255.255.0 ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! interface Serial1/0 ip address 171.108.1.1 255.255.255.252 ! clockrate 128000 ! router ospf 1 redistribute connected metric 100 subnets redistribute bgp 100 metric 100 subnets network 0.0.0.0 255.255.255.255 area 0 ! router bgp 100 no synchronization network 131.108.1.0 mask 255.255.255.0 network 131.108.2.0 mask 255.255.255.0 network 131.108.3.0 mask 255.255.255.0 network 131.108.4.0 mask 255.255.255.0 network 131.108.5.0 mask 255.255.255.0 network 131.108.6.0 mask 255.255.255.0 network 131.108.7.0 mask 255.255.255.0 network 131.108.8.0 mask 255.255.255.0 network 131.108.9.0 mask 255.255.255.0 network 131.108.10.0 mask 255.255.255.0 network 131.108.11.0 mask 255.255.255.0 network 131.108.12.0 mask 255.255.255.0 network 131.108.13.0 mask 255.255.255.0 network 131.108.14.0 mask 255.255.255.0 network 131.108.15.0 mask 255.255.255.0 network 131.108.16.0 mask 255.255.255.0 neighbor 131.108.1.2 remote-as 100 neighbor 171.108.1.2 remote-as 200 neighbor 171.108.1.2 next-hop-self neighbor 171.108.1.2 default-originate ! ip classless ip route 0.0.0.0 0.0.0.0 Null0 ! line con 0 line aux 0 line vty 0 4 end Ex am ple 7- 69 display s t he full w or k ing configur at ion on R2. The shaded por t ions call y our at t ent ion t o cr it ical com m ands r equir ed for full I P connect iv it y . R2 has OSPF and BGP enabled. Sy nchr onizat ion is disabled, and t he n e x t - hop- se lf at t r ibut e is set t o R4 so t hat R4 can reach R5's Et hernet net work, 151.108.1.0/ 24.

Ex a m ple 7 - 6 9 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco

348

! ip subnet-zero no ip domain-lookup ! interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 ! interface Serial1/0 ip address 171.108.1.5 255.255.255.252 clockrate 128000 ! router ospf 1 redistribute connected metric 100 subnets redistribute bgp 100 metric 100 subnets network 0.0.0.0 255.255.255.255 area 0 ! router bgp 100 no synchronization network 131.108.1.0 mask 255.255.255.0 redistribute ospf 1 metric 100 neighbor 131.108.1.1 remote-as 100 neighbor 171.108.1.6 remote-as 300 neighbor 171.108.1.6 next-hop-self neighbor 171.108.1.6 default-originate ! ip classless ip route 0.0.0.0 0.0.0.0 Null0 line con 0 line aux 0 line vty 0 4 ! end Ex am ple 7- 70 display s t he full w orking configurat ion on R3. The shaded port ions call your at t ent ion t o cr it ical com m ands r equir ed for full I P connect ivit y. R3 is r unning only OSPF.

Ex a m ple 7 - 7 0 R3 ' s Fu ll W or k in g Con figu r a t ion hostname R3 ! enable password cisco ! no ip domain-lookup ! interface Ethernet0 ip address 131.108.1.3 255.255.255.0 ! Places all interfaces in OSPPD area 0 router ospf 1 network 0.0.0.0 255.255.255.255 area 0 ! line con 0 line aux 0 line vty 0 4 end

349

Ex am ple 7- 71 display s t he full w or k ing configur at ion on R4. The shaded por t ions call y our at t ent ion t o cr it ical com m ands r equir ed for full I P connect iv it y .

Ex a m ple 7 - 7 1 R4 ' s Fu ll W or k in g Con figu r a t ion R4 hostname R4 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! cns event-service server ! interface Loopback0 ip address 131.108.254.4 255.255.255.255 no ip directed-broadcast ! interface Ethernet0 ip address 141.108.1.1 255.255.255.0 ! interface Serial0 ip address 171.108.1.6 255.255.255.252 router bgp 300 network 141.108.1.0 mask 255.255.255.0 neighbor 171.108.1.5 remote-as 100 neighbor 171.108.1.5 prefix-list default in ip prefix-list default seq 5 permit 0.0.0.0/0 ! line con 0 line aux 0 line vty 0 4 end Ex am ple 7- 72 display s t he full w or k ing configur at ion on R5. The shaded por t ions call y our at t ent ion t o cr it ical com m ands r equir ed for full I P connect iv it y .

Ex a m ple 7 - 7 2 R5 's Fu ll W or k in g Con f igu r a t ion hostname R5 ! enable password cisco ! ip subnet-zero interface Ethernet0 ip address 151.108.1.1 255.255.255.0 ! interface Serial0 ip address 171.108.1.2 255.255.255.252 ! router bgp 200 network 151.108.1.0 mask 255.255.255.0 neighbor 171.108.1.1 remote-as 100 neighbor 171.108.1.1 route-map changeattributes in no auto-summary !

350

ip classless !This ACL permits all even networks access-list 1 permit 131.108.0.0 0.0.254.255 route-map changeattributes permit 10 match ip address 1 set metric 100 set weight 1000 ! This statement matches all odd statements as ACL matches even networks route-map changeattributes permit 20 set metric 200 set weight 2000 ! line con 0 line aux 0 line vty 0 4 ! end

Re v ie w Qu e st ion s The answ er s t o t hese quest ion can be found in Appendix C, “ Answ er s t o Rev iew Quest ions.”

1:

What does a r out e r eflect or do t o nonclient I BGP peer ?

2:

What is a BGP clust er?

3:

How is a r out e r eflect or client configur ed for I BGP?

4:

Which I OS com m and is used t o display t he follow ing out put ?

BGP table version is 61, local router ID is 131.108.254.4 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 0.0.0.0 *> 141.108.1.0/24

Next Hop 171.108.1.5 0.0.0.0

Metric LocPrf Weight Path 0 100 i 0 32768 i

5:

How m any TCP peers are required in a 1000 I BGP net work?

6:

Pr ov ide t he I OS com m and sy nt ax t o enable a default r out e t o be sent t o a rem ot e peer.

7:

To display rout e re flect or client s, w hich sh ow com m and( s) can y ou use, if any?

351

8:

View t he follow ing BGP t able. What is t he or iginat ing AS for t he r em ot e pr efer r ed pat h t o t he r em ot e net w or k 141.108.1.0/ 24?

R5#show ip bgp BGP table version is 22, local router ID is 171.108.1.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 141.108.1.0/24 300 i *> 151.108.1.0/24 *> 171.108.0.0 9:

10:

Next Hop 171.108.1.1 0.0.0.0 171.108.1.1

Metric LocPrf Weight Path 200 2000 100 0 200

32768 i 2000 100 ?

Using a r out e m ap, w hich I OS com m and set s t he w eight and local pr efer ence at t ribut e t o 100. Can y ou set t he BGP at t r ibut e n e x t - hop- se lf t o bot h EBGP and I BGP peer s?

Su m m a r y Aft er configur ing m any of t he adv anced feat ur es deploy ed in t oday 's lar ge I P env ir onm ent s and t he I nt er net com m unit y , y ou can now under st and and appr eciat e t he lev el of com plexit y of BGP. You discov er ed how BGP is enabled efficient ly in lar ge I BGP net w or k s, how BGP can be m odified using BGP at t ribut es, and t he result ing rout ing decisions t hat are m ade based on t he configur at ion. The alt er nat ive m et hods used t o change t he r o ut ing decision m ade by BGP were also configured, and you saw how t o m onit or BGP. BGP is a fav or it e t opic on m any Cisco cer t ificat ion ex am inat ions. Table 7- 4 sum m arizes t he BGP com m ands used in t his chapt er .

Table 7-4. Summary of IOS BGP Commands Command

Purpose

r ou t e r bgp num ber

Enables BGP r out ing pr ot ocol

n e ig h b o r r em ot e I P addr ess r e m ot e - a s as

Configures a BGP TCP peer

sh ow ip b g p

Displays a BGP t able

[ no] sy n ch r on iz a t ion

Enables or disables ( no) BGP synchr onizat ion

sh ow ip bgp n e igh bor s

Display s st at us of BGP TCP peer sessions

sh ow ip b g p su m m a r y

Displays st at us of BGP TCP peer sessions in sum m ar y for m at

352

n e ig h b o r i p- addr ess r ou t e r e f le ct or- clie nt

Configur es a r em ot e r out er as a r out e r eflect or client

ip prefix - list nam e pe r m it | deny

Configur es a pr efix list in global configur at ion m ode.

sh ow ip b g p r ou t e

Displays t he BGP t able

sh ow ip b g p cid r- only

Display s CI DR net w or k s ( classless net w orks)

sh ow ip bgp r e ge x p w or d

Finds m at ching net w orks based on a regular ex pr ession

353

Ch a pt e r 8 . Rou t e Re dist r ibu t ion a n d Opt im iza t ion This chapt er cov er s t he issues and challenges facing net w or k s w hen infor m at ion fr o m one r out ing algor it hm is r edist r ibut ed int o anot her . I n such a sit uat ion, infor m at ion can be cont r olled t o ensur e t hat t he net w or k is r out ing I nt er net Pr ot ocol ( I P) as correct ly and efficient ly as possible. Rout ing w it h one part icular algorit hm is diffic ult enough, and m anaging and cont r olling m any differ ent r out ing algor it hm s t hat m ight be used in a net w or k is a consider able challenge. The CCNP Rout ing ex am dev ot es appr ox im at ely 25 per cent of it s t est quest ions t o r out e opt im izat ion. A t hor ough k now ledge of how r out ing infor m at ion can be shar ed acr oss differ ent r out ing dom ains not only aids y ou on t he CCNP Rout ing ex am but also in t he m ore difficult scenarios you m ight experience in real- life net w or ks. This chapt er cont ains fiv e pr act ical scenar ios t o complet e y our under st anding of r out e r edist r ibut ion and opt im izat ion and ensur e t hat y ou hav e all t he pr act ical k now ledge y ou need for under st anding r out ing opt im izat ion.

Con t r ollin g Rou t in g Upda t e s By now , y ou hav e discov er ed t hat m inim izing r out ing t able size and sim plify ing how r out er s choose t he next hop dest inat ion pat h ar e cr it ical for a w ell- t uned I P net w or k . When r out ing infor m at ion fr om one r out ing pr ot ocol, such as Open shor t est Pat h Fir st ( OSPF) , is r edist r ibut ed int o I nt er net Gat ew ay Rout ing Pr ot oc ol ( I GRP) , for exam ple, you m ust alw ays be m indful of possible rout ing loops. A r out ing loop is a pat h t o a r em ot e net w or k t hat alt er nat es bet w een t w o r out er s, each of w hich assum es t he pat h is r eachable t hr ough t he ot her . Hence, t he t im e t o liv e pr esent in ever y I P packet expir es, and t he packet or user dat a is dr opped, r esult ing in t he loss of net w or k connect iv it y . Rout ing using a single rout ing algorit hm is usually m ore desirable t han running m ult iple I P and non- I P r out ing pr ot ocols, especially fr om a configurat ion and t r oubleshoot ing per spect iv e. How ev er , w it h t oday 's changing net w or k s, m er ger s, depar t m ent polit ics, and acquisit ions, m or e t han one I P r out ing pr ot ocol is oft en in use. You can use sev er al m et hods t o cont r ol infor m at ion sent fr om one pr ot oc ol t o anot her t o ensur e t hat y ou av oid a r out ing loop. Cisco I OS Soft w ar e allow s t he follow ing m et hods t o cont r ol r out e filt er ing: •

•

Pa ssiv e in t e r fa ce s— A passiv e int er face is a Cisco int er face configur ed for r out ing, but it does not send any r out ing infor mat ion on t he out bound int er face. Rout ing infor m at ion ( if any ex ist s) is st ill r eceiv ed and pr ocessed nor m ally . D ist r ib u t ion list s— Dist r ibut ion list s define w hich net w or ks ar e per m it t ed or denied w hen receiving or sending rout ing updat es. Dist ribut ion lis t s r equir e

354

•

t hat y ou configur e access list s t o define w hich net w or k s ar e per m it t ed or denied. Rou t e m a p s— Rout e m aps can also be used t o define w hich net w orks are per m it t ed or denied. Rout e m aps can also be used along w it h access list s t o define w hich net wor k s ar e per m it t ed or denied w hen apply ing m at ch st at em ent s under any r out e m ap configur at ion opt ions.

Along w it h passiv e int er faces and filt er ing, y ou can also use st at ic r out es, policy r out ing, default r out es, or r out es t o null0 ( r out ing black hole or bit buck et ) t o ensur e t hat net w or k pat hs t o nonex ist ing dest inat ions ar e dr opped.

Re dist r ibu t ion D e fin e d Redist r ibut ion is defined as t he exchange of r out ing updat es fr om one r out ing pr ot ocol t o anot her . Ev er y r out ing pr ot ocol in use t oday can suppor t r edist r ibut ion. Because pr ot ocols, such as OSPF or RI P, have defined m et r ics, w hen you per for m any r edist r ibut ion y ou m ust conv er t t he m et r ic. For ex am ple, w hen r edist r ibut ing fr om RI P t o OSPF, y ou m ust conv er t t he m et r ic fr om hop count ( RI P) t o OSPF cost . N OTE The Cisco I OS Soft w ar e aut om at ically r edist r ibut es bet w een I GRP and Ex t ended I nt er net Gat ew ay Rout ing Pr ot ocol ( EI GRP) w hen t he sam e aut onom ous sy st em ( AS) is defined. This is t he only for m of aut om at ic r edist r ibut ion t hat t he Cisco I OS Soft w ar e per for m s. All ot her m et hods m ust be m anually configur ed, as you discover in t his chapt er.

The r easons t hat m ult iple I P r out ing pr ot ocols m ight be configur ed in any one net w or k ar e num er ous. Her e ar e som e r easons w hy a net w or k adm inist r at or m ight configure m ore t han one rout ing algorit hm : •

• • •

An or ganizat ion m ight hav e pur chased anot her com pany t hat r uns anot her r out ing pr ot ocol. I nst ead of r econfigur ing pot ent ially t housands of r out er s, it is easier t o configur e r edist r ibut ion on one r out er and allow im m ediat e com m u n icat ion. An or ganizat ion m ight be t r ansit ioning fr om one pr ot ocol t o anot her , for ex am ple, fr om legacy RI P t o OSPF. Som e business unit s w it hin an or ganizat ion m ight hav e host - based rout ing and r equir e RI P, for ex am ple, t o be configur ed on t he edge of t he net work. RI P is fine for a LAN- based net work. Polit ical r easons w it hin an or ganizat ion or depar t m ent can im pact r out ing algor it hm decisions. For ex am ple, pay r oll m ight hav e specific needs or an engineer m ight pr efer a differ ent r out ing algor it hm t o ensur e t hat only cert ain net w or k s ar e pr opagat ed bet w een each ot her .

The num ber of r easons is count less. What is definit e is t hat you need t o under st and r edist r ibut ion and how it is configur ed and cont r olled on Cisco I OS- based r out er s. Ther e ar e t w o pr im ar y concer ns w hen r edist r ibut ing fr om one pr ot ocol t o anot her :

355

• •

Met r ic conv er sion Adm inist r at iv e dist ances

You have seen alr eady in t his guide t he var ious m et r ics used by OSPF or RI P. Cisco I OS rout ers alw ays choose adm inist rat ive dist ance over any m et ric; hence, you m u st be car eful w hen changing adm inist r at iv e dist ances. Table 8- 1 display s t he adm inist r at iv e dist ances Cisco r out er s use by default .

Table 8-1. Cisco Default Administrative Distances Default Administrative Distances Route Source

Default Distance

Connect ed int er face

0

St at ic r out e

1

Enhanced I GRP sum m ar y r out e

5

Ext ernal BGP

20

I nt er nal Enhanced I GRP

90

I GRP

100

OSPF

110

IS- I S

115

RI P

120

EGP

140

Ext ernal Enhanced I GRP

170

I nt ernal BGP

200

Unk now n

255

Table 8- 1 show s t hat a Cisco rout er alw ays prefers an EI GRP rout e ( AD is 100) over an OSPF ( AD is 110) or RI P ( AD is 120) , for exam ple.

Re dist r ibu t in g fr om Cla ssle ss t o Cla ssfu l Pr ot ocols Any for m of r edist r ibut ion fr om classless or classful I P r out ing pr ot ocols m ust be car efully configur ed. To under st and, consider t he sim ple design r ules w hen configur ing bet w een classle ss pr ot ocols and classful pr ot ocols. TI P Classful prot ocols do not underst and variable - lengt h subnet m asks ( VLSM) , nor do t hey send updat es w it h t he subnet m ask . Ex am ples of classful pr ot ocols ar e I GRP and RI P. Classless pr ot ocols under st and VLSM and exam p les include I S- I S, OSPF, and BGP.

For ever y r out er configur ed in a classful net w or k, t he follow ing r ules apply:

356

•

•

The r out er configur ed as a classless r out er has one or m or e int er faces at t ached t o a m aj or net w or k , such as a Class A, B, or C net w or k . For exa m ple, t he local r out er m ight have t he Class A net w or k 9.1.1.1/ 8 configur ed locally and assum es t he sam e Class A m ask on any net w or k s r eceiv ed on any giv en int er face. The r out er does not hav e any int er faces at t ached t o t he m aj or net w or k being adver t ised, and hence, assum es t he subnet m ask is at t he bit boundary: 8 bit s for Class A ( 255.0.0.0) , 16 bit s for Class B ( 255.255.0.0) , and 24 bit s for Class C ( 255.255.255.0) .

Consider t he exam ple in Figur e 8- 1.

Figu r e 8 - 1 . R1 I s Re dist r ibu t in g OSPF Rou t e s t o RI P ( t o R2 )

Figur e 8- 1 displays R1 configur ed for r edist r ibut ion t o R2. R1 has a num ber of local int er faces subnet t ed using t he Class B net w or k 131.108.0.0. R2, on t he ot her hand, is running RI P and has t w o local int erfaces configure d in t he Class B net work wit h Class C r out er s: 131.108.1.0/ 24 and 131.108.2.0/ 24. The RI P process on R2 assum es all net w orks in t he Class B net w ork 131.108.0.0 have a 24- bit subnet m ask because of t he local at t ached int er faces. Hence, t he subnet t ed r out es on R1 ar e not passed t o R2. The 141.108.0.0 net w or k on R1 is adver t ised t o R2 as a Class B net w or k. I n ot her w or ds, R2 assum es t he ent ir e Class B net w or k , 141.108.0.0, is r eachable t hr ough R1 for net w or k s not locally connect ed. To solve t his pr oblem and ot her s y ou encount er , t his chapt er cov er s t he Cisco I OS com m and r equir ed for enabling r edist r ibut ion.

Cisco I OS Com m a n d Sy n t a x for Re dist r ibu t ion To configur e r edist r ibut ion am ong r out ing pr ot ocols, t he follow ing com m and is used under t he r out ing pr ocess configurat ion:

357

redistribute protocol [process-id] {level-1 | level-1-2 | level-2} [asnumber] [metric metric-value] [metric-type type-value] [match {internal | external 1 | external 2}] [tag tag-value] [route-map map-tag] [weight number-value] [subnets] The redist ribut ion com m and synt ax is furt her explained in Table 8- 2.

Table 8-2. Command Syntax for Redistribution Syntax Pr ot ocol

Description Sour ce pr ot ocol fr om w hich r out es ar e being r edist r ibut ed. I t can be one of t he follow ing keyw or ds: b g p , con n e ct e d , e gp, igr p, isis, m obile , ospf, st a t ic [ i p] , or r ip. Th e st a t ic [ ip] k ey w or d is used t o r edist r ibut e I P st at ic r out es. The opt ional ip k ey w or d is used w hen r edist r ibut ing int o t he I nt er m ediat e Sy st em- t o- I nt erm ediat e Syst em ( I S- I S) prot ocol. Th e con n e ct e d k ey w or d r efer s t o r out es t hat ar e est ablished aut om at ically by v ir t ue of hav ing enabled I P on an int er face. For r out ing pr ot ocols, such as OSPF and I S- I S, t hese r out es ar e r edist r ibut ed as ex t er nal t o t he aut onom ous sy st em ( AS) .

pr ocess- id

( Opt ional) For t he bgp, e gp, or igr p keyw ord, t his is an aut onom ous syst em num ber , w hich is a 16- bit decim al num ber. For t he ospf k ey w or d, t his is an appr opr iat e OSPF process I D from w hich r out es ar e t o be r edist r ibut ed.

le v e l- 1

Specifies t hat for I S - I S, level 1 r out es ar e r edist r ibut ed int o ot her I P r out ing pr ot ocols independent ly .

le v e l- 1 - 2

Spe cifie s t h a t for I S - I S, b ot h le v e l 1 a n d le v e l 2 r ou t e s a r e r e dist r ibu t e d in t o ot h e r I P r ou t in g p r ot ocols.

le v e l- 2

Spe cifie s t h a t for I S - I S, le v e l 2 r ou t e s a r e r e d ist r ib u t e d in t o ot h e r I P r ou t in g p r ot ocols in d e p e n d e n t ly .

as- num ber

AS num ber for t he r edist r ibut ed r out e.

m et ric m et r ic value

( Opt ional) Met r ic used for t he redist ribut ed rout e. I f a value is not specified for t his opt ion, and no value is specified using t he de fa ult - m e t r ic com m and, t he default m et ric value is 0. Use a v alue consist ent w it h t he dest inat ion pr ot ocol.

m et ric- t y p e t y pe- value

( Opt ional) For OSPF, t he ex t er nal link t y pe associat ed w it h t he default r out e adv er t ised int o t he OSPF r out ing dom ain. I t can be one of t w o v alues: 1 —Ty pe 1 ex t er nal r out e 2 —Ty pe 2 ex t er nal r out e I f a m et ric- t y p e is not specified, t he Cisco I OS soft w ar e adopt s a

358

Type 2 ext ernal rout e. For I S- I S, it can be one of t w o v alues: in t e r n a l— IS- I S m et ric t hat is < 63 e x t e r n a l— IS- I S m et ric t hat is > 64 < 128 The default is int e r na l. m a t ch { in t e r n a l | external 1 | external 2 }

( Opt ional) For t he cr it er ia by w hich OSPF r out es ar e r edist r ibut ed int o ot her r out ing dom ains. I t can be one of t he follow ing: in t e r n a l— Rout es t hat ar e int er nal t o a specific aut onom ous system . e x t e r n a l 1 — Rout es t hat ar e ex t er nal t o t he aut onom ous sy st em , but ar e im por t ed int o OSPF as Ty pe 1 ex t er nal r out es. e x t e r n a l 2 — Rout es t hat ar e ex t er nal t o t he aut onom ous sy st em , but ar e im por t ed int o OSPF as Ty pe 2 ex t er nal r out es.

t a g t ag- value

( Opt ional) 32- bit decim al value at t ached t o each ext er nal r out e. This is not used by OSPF it self. I t can be used t o c om m unicat e infor m at ion bet w een aut onom ous sy st em boundar y r out er s ( ASBRs) . I f none is specified, t he r em ot e AS num ber is used for r out es fr om Bor der Gat ew ay Pr ot ocol ( BGP) and Ext er ior Gat ew ay Pr ot ocol ( EGP) ; for ot her pr ot ocols, zer o ( 0) is used.

r out e - m a p

( Op t ion a l) Allow s y ou t o in d ica t e a r ou t e m a p t h a t sh ou ld b e in t e r r og a t e d t o f ilt e r t h e im p or t a t ion of r ou t e s f r om t h is sou r ce r ou t in g p r ot ocol t o t h e cu r r e n t r ou t in g p r ot ocol. I f n ot sp e cif ie d , a ll r ou t e s a r e r e d ist r ib u t e d . I f t h is k e y w or d is sp e cif ie d , b u t n o r ou t e m a p t a g s a r e list e d , n o r ou t e s a r e im por t e d.

m ap- t ag

( Opt ional) I dent ifier of a configured rout e m ap.

w e igh t num ber - v alue

( Opt ional) Net w ork w eight w hen redist ribut ing int o BGP. An int eger from 0 t o 65,535.

su bn e t s

( Op t ion a l) For r e d ist r ib u t in g r ou t e s in t o OSPF, t h e scop e of r e d ist r ib u t ion f or t h e sp e cif ie d p r ot ocol.

Rout ing r edist r ibut ion is best descr ibed by ex am ples, so t he fiv e pr act ical scenar ios in t his chapt er concent r at e on how r edist r ibut ion is configur ed on Cisco I OS r out er s. You hav e alr eady encount er ed som e r edist r ibut ion in pr ev ious scenar ios, and t he follow ing fiv e scenar ios ar e designed t o enhance y our k now ledge of w hy , w hen, and how t o successfully and efficient ly r edist r ibut e r out ing pr ot ocols.

Sce n a r ios The follow ing scenar ios ar e designed t o dr aw t oget her som e of t he cont ent descr ibed in t his chapt er and som e of t he cont ent y ou hav e seen in y our ow n net w or k s or pr act ice labs. Ther e is no one r ight w ay t o accom plish m any of t he t ask s pr esent ed,

359

and t he abilit ies t o use good pr act ice and define your end goal ar e im por t ant in any r eal- life design or solut ion. The fiv e scenar ios pr esent ed in t his chapt er ar e based on com plex r edist r ibut ion t echnologies so t hat y ou becom e fully aw ar e of t he pow er ful nat ur e of r edist r ibut ion in large I P net works.

Sce n a r io 8 - 1 : Re dist r ibu t in g Be t w e e n RI P a n d I GRP I n t his scenario, you configure t hree rout ers running RI P and I GRP. Rout er R1 is r unning bot h RI P and I GRP, and you configur e it for r edist r ibut ion. Figur e 8- 2 display s t he t hr ee- rout er t opology w it h t he Rout er R1 running RI P and I GRP.

Figu r e 8 - 2 . RI P/ I GRP Re dist r ibu t ion

Figur e 8- 2 display s a sim ple scenar io w it h t he Class A net w or k 9.0.0.0 subnet t ed wit h a Class C m ask. Not ice t hat R2 has t he Class 10.1.1.0/ 24 net w or k configur ed locally on t he Et her net int er face. St art by configuring t he edge devices for I GRP on R3 and RI P on R2. Ex am ple 8- 1 display s t he I P addr ess configur at ion on R1 and t he enabling of I GRP in AS 100.

Ex a m ple 8 - 1 I P Addr e ss Con figu r a t ion a n d En a blin g I GRP on R3 R3(config)#interface ethernet 0 R3(config-if)#ip address 9.1.3.1 255.255.255.0 R3(config-if)#interface serial0 R3(config-if)#ip address 9.1.2.2 255.255.255.0 R3(config-if)#exit R3(config)#router igrp 10 R3(config-router)#network 9.0.0.0

360

Not ice, on R3, w hen enabling I GRP in AS 10, t he n e t w or k com m and used is n e t w or k 9 . 0 . 0 . 0 because I GRP is classful and aut om at ically sum m ar izes at t he Class A net w or k boundar y . Ex am ple 8- 2 configures R2 for I P addressing and enables RI P.

Ex a m ple 8 - 2 I P Addr e ss Con figu r a t ion a n d En a blin g RI P R2(config)#interface ethernet 0/0 R2(config-if)#ip address 10.1.1.2 255.255.255.0 R2(config-if)#interface serial 1/0 R2(config-if)#ip address 9.1.1.2 255.255.255.0 R2(config)#router rip R2(config-router)#network 9.0.0.0 R2(config-router)#network 10.0.0.0 R2 is r unning anot her classful I P r out ing pr ot ocol: RI P. Ther efor e, w hen defining net w or ks under t he RI P pr ocess, you need t o ident ify only t he m aj or net w or k boundar y, in t his case 9.0.0.0 and 10.0.0.0. R2 is configur ed for RI P and I GRP, and hence, r equir es r edist r ibut ion, and you m ust ensur e t he m et r ics ar e conv er t ed fr om RI P ( hop count ) t o I GRP ( com posit e m et r ic) . Ex am ple 8- 3 display s t he I P addr ess configur at ion on R1 along w it h enabling I GRP and RI P. No r edist r ibut ion is configur ed at t his t im e.

Ex a m ple 8 - 3 En a ble I P a n d RI P/ I GRP on R1 R1(config)#interface S1/0 R1(config-if)#ip address 9.1.1.1 255.255.255.0 R1(config-if)#interface S1/1 R1(config-if)#ip address 9.1.2.1 255.255.255.0 R1(config-if)#exit R1(config)#router rip R1(config-router)#network 9.0.0.0 R1(config-router)#exit R1(config)#router igrp 10 R1(config-router)#network 9.0.0.0 R1 is configured locally for t he Class A subnet net w ork 9.0.0.0 for bot h RI P and I GRP. Ther efor e, you m ust ensur e t hat RI P updat es ar e not sent t o R3, w hich is r unning only I GRP, and ensur e I GRP updat es ar e not sent t o R2, w hich is r unning only I GRP. Ex am ple 8- 4 configur es passiv e int er faces t o ensur e t hat only RI P updat es ar e sent t o R2 and I GRP updat es are sent t o R3.

Ex a m ple 8 - 4 Pa ssive I n t e r fa ce s on R1 R1(config)#router rip !Ensure RIP updates are not sent to R3 R1(config-router)#passive-interface s1/1 R1(config-router)#router igrp 10 !Ensure IGRP updates are not sent to R2

361

R1(config-router)#passive-interface s1/0 Ex am ple 8- 5 displays t he I P rout ing t able on R1.

Ex a m ple 8 - 5 I P Rou t in g Ta ble on R1 R1#show ip route 9.0.0.0/24 is subnetted, 3 subnets C 9.1.1.0 is directly connected, Serial1/0 C 9.1.2.0 is directly connected, Serial1/1 I 9.1.3.0 [100/80225] via 9.1.2.2, 00:00:31, Serial1/1 R 10.0.0.0/8 [120/1] via 9.1.1.2, 00:00:15, Serial1/0 Current ly, t he I P rout ing t able on R1 displays net w ork connect ivit y t o R2 and R3. R1 has full I P connect iv it y t o R2 and R3. Also, not ice t hat R1 assum es t hat t he ent ir e Class A net w ork 10.0.0.0/ 8 is reachable t hrough R2 because R1 does not hav e any locally connect ed r out es in t he 10.0.0.0 net w or k. Ex am ple 8- 6 displays t he I P rout ing t able on R2.

Ex a m ple 8 - 6 sh ow ip r ou t e on R2 R2#show ip route 9.0.0.0/24 is subnetted, 2 subnets C 9.1.1.0 is directly connected, Serial1/0 R 9.1.2.0 [120/1] via 9.1.1.1, 00:00:27, Serial1/0 10.0.0.0/24 is subnetted, 1 subnets C 10.1.1.0 is directly connected, Ethernet0/0 The rout ing t able on R2 in Ex am ple 8- 6 display s no net w or k connect iv it y t o t he LAN segm ent 9.1.3.0/ 24 because y ou hav e y et t o configur e r edist r ibut ion on R1. To configur e r edist r ibut ion, you m ust perform t he follow ing t asks on R1: St e p 1 . Use t he r e dist r ibu t e com m and on R1 t o specify t he r out es t o be r edist r ibut ed. St e p 2 . Specify t he m et r ic t o be assigned t o any r edist r ibut ed r out es. Ex am ple 8- 7 display s t he r e dist r ibu t ion com m and on R1. You set t he m et r ic for r edist r ibut ing I GRP t o RI P t o a hop count of 1.

Ex a m ple 8 - 7 Re dist r ibu t in g I GRP in t o RI P on R1 R1(config)#router rip R1(config-router)#redistribute igrp 10 metric 1 At t his st age, y ou hav en't configur ed r edist r ibut ion fr om RI P int o I GRP so t hat R3 has full connect ivit y t o R2. Ex am ple 8- 8 display s r edist r ibut ion fr om RI P t o I GRP. The ? t ool is used t o display s I GRP m et r ics. Ty pically , t he m et r ics used m at ch t hose on t he link from R1 t o R2 ( using t he sh ow in t e r f a ce s se r ia l 1 / 0 com m and and using t he values out put fr om t his display) .

362

Ex a m ple 8 - 8 Re dist r ibu t ion f r om RI P t o I GRP on R1 R1(config)#router igrp 10 R1(config-router)#redistribute rip ? metric Metric for redistributed routes route-map Route map reference

R1(config-router)#redistribute rip metric ? Bandwidth metric in Kbits per second R1(config-router)#redistribute rip metric 128 ? IGRP delay metric, in 10 microsecond units R1(config-router)#redistribute rip metric 128 20000 ? IGRP reliability metric where 255 is 100% reliable R1(config-router)#redistribute rip metric 128 20000 255 ? IGRP Effective bandwidth metric (Loading) where 255 is 100% loaded R1(config-router)#redistribute rip metric 128 20000 255 1 ? IGRP MTU of the path R1(config-router)#redistribute rip metric 128 20000 255 1 1500 Exam ine t he I P rout ing t ables on R2 and R3 t o ensure I P connect ivit y by pinging t he rem ot e net w ork 9.1.3.1 as displayed in Ex am ple 8- 9.

Ex a m ple 8 - 9 I P Rou t in g Ta ble a n d Pin g Re qu e st t o 9 .1 .3 .1 / 2 4 on R2 R2#show ip route 9.0.0.0/24 is subnetted, 3 subnets C 9.1.1.0 is directly connected, Serial1/0 R 9.1.2.0 [120/1] via 9.1.1.1, 00:00:09, Serial1/0 R 9.1.3.0 [120/1] via 9.1.1.1, 00:00:09, Serial1/0 10.0.0.0/24 is subnetted, 1 subnets C 10.1.1.0 is directly connected, Ethernet0/0 R2#ping 9.1.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 9.1.3.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms Ex am ple 8- 9 display s t he r em ot e net w or k 9.1.3.0 r eachable t hr ough t he nex t hop addr ess 9.1.1.1, and t he m et r ic is 1, as defined by t he r e d ist r ib u t ion com m and in Ex am ple 8- 7. A ping t o t he rem ot e address 10.1.1.1/ 24 on R3 is successful. Ex am ple 8- 10 displays t he I P r out ing t able on R3, as w ell as a ping r equest and r eply t o t he r em ot e net w or k 9.1.3.1/ 24.

Ex a m ple 8 - 1 0 I P Rou t in g Ta ble a n d Pin g Re qu e st on R3 R3#show ip route 9.0.0.0/24 is subnetted, 3 subnets I 9.1.1.0 [100/84000] via 9.1.2.1, 00:00:58, Serial0 C 9.1.2.0 is directly connected, Serial0 C 9.1.3.0 is directly connected, Ethernet0 I 10.0.0.0/8 [100/102000] via 9.1.2.1, 00:00:58, Serial0 R3#ping 10.1.1.1 Type escape sequence to abort.

363

Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms A ping t o t he r em ot e addr ess 10.1.1.1/ 24 on R3 is successful because t he r em ot e n et w ork 10.0.0.0/ 8 is reachable t hrough t he next hop address 9.1.2.1 or t hrough R1. Next , you configur e a new subnet on R3 t o m ake t he net w or ks a lit t le m or e com plex. Configur e t he addr ess 10.1.2.1 as a loopback int er face on R3 using a 24- bit subnet m ask, and enable I GRP on R3 t o adver t ise t he 10.0.0.0 net w or k. Ex am ple 8- 11 display s t he loopback cr eat ion on R3 and t he enabling of I GRP t o adv er t ise t he loopback under I GRP.

Exa m ple 8 - 1 1 Loopba ck Cr e a t ion on R3 R3(config-if)#interface loopback 0 R3(config-if)#ip address 10.1.2.1 255.255.255.0 R3(config-if)#router igrp 10 R3(config-router)#network 10.0.0.0 R3 does not adver t ise t he 10.0.0.0 net w or k t o R1. Rem em ber fr om Ex am ple 8- 5, R1 had seen t he 10.0.0.0/ 8 net w or k adver t ised t hr ough RI P w it h an AD of 120 t hr ough R2 ( RI P) . Ex am ple 8- 12 display s t he I P r out ing t able on R1 aft er an I GRP updat e is sent from R3 t o R1.

Ex a m ple 8 - 1 2 sh ow ip r ou t e on R1 R1#show ip route 9.0.0.0/24 is subnetted, 3 subnets C 9.1.1.0 is directly connected, Serial1/0 C 9.1.2.0 is directly connected, Serial1/1 I 9.1.3.0 [100/80225] via 9.1.2.2, 00:00:23, Serial1/1 I 10.0.0.0/8 [100/80625] via 9.1.2.2, 00:00:23, Serial1/1 R1 changes t he pat h t o 10.0.0.0 t hr ough R3 because t he AD of I GRP is 100, com pared t o RI P, w hich is 120. I n effect , R1 sends all t r affic for t he 10.0.0.0 net w or k t hrough R3. Ex am ple 8- 13 display s a ping r equest t o t he I P addr ess 10.1.1.1 ( R3's Et her net int er face) and 10.1.2.1 ( R3's loopback int er face) .

Ex a m ple 8 - 1 3 Pin g Re qu e st on R1 R1#ping 10.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: ..... Success rate is 0 percent (0/5) R1#ping 10.1.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.2.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms

364

All packet s ar e sent t o R3 because t he I P r out ing t able select s I GRP as t he pr efer r ed pat h t o all net w or ks in t he Class A r ange 10.0.0.0. Of cour se, t his is not t he desir ed solut ion because you have 10.0.0.0 net w or ks configur ed on R2 and R3. Ther e ar e a num ber of differ ent solut ions t o t his, but in t his case, configur e R1 t o r ej ect any n et wor ks in t he 10.0.0.0 r ange because t he only t r ust ed infor m at ion for t his Class A net work is from t he RI P dom ain. N OTE Anot her m et hod t o ov er com e net w or k connect iv it y pr oblem s is t o configur e st at ic r out es on R1 or enable an int er face in t he 10.0.0.0/ 24 r ange on R1.

Ex am ple 8- 14 configures a dist ribut ion list on R1, rej ect s all net w orks in t he 10.0.0.0 r ange, and accept s all ot her net w or k s.

Ex a m ple 8 - 1 4 D ist r ibu t ion List on R1 R1(config)#router igrp 10 R1(config-router)#distribute-list 1 in R1(config-router)#exit R1(config)#access-list 1 deny 10.0.0.0 R1(config)#access-list 1 permit any Th e dist r ibu t e - list com m and, w hen configur ed on R1, does not per m it t he 10.0.0.0 net work, as displayed in Ex am ple 8- 14. Ther efor e, w hen 10.0.0.0 is adv er t ised by R3 t o R1, R1 does not accept t he 10.0.0.0 net w ork. Ex am ple 8- 15 confir m s t he inst allat ion on t he RI P- discovered rout e t hrough R2.

Ex a m ple 8 - 1 5 sh ow ip r ou t e on R1 R1#sh ip route 9.0.0.0/24 C 9.1.1.0 C 9.1.2.0 I 9.1.3.0 R 10.0.0.0/8

is subnetted, 3 subnets is directly connected, Serial1/0 is directly connected, Serial1/1 [100/80225] via 9.1.2.2, 00:00:07, Serial1/1 [120/1] via 9.1.1.2, 00:00:07, Serial1/0

Any for m of r edist r ibut ion r equir es car eful filt er ing. At t his point , R1 has lost connect iv it y t o t he 10.1.2.0/ 24. To solv e t his pr oblem , configur e a st at ic r out e on R1 wit h a m ore specific dest inat ion point ing t o R3. Ex am ple 8- 16 display s t he st at ic rout e configurat ion on R1.

Ex a m ple 8 - 1 6 St a t ic I P Rou t e on R1 R1(config)#ip route 10.1.2.0 255.255.255.0 Serial1/1 Cisco I OS r out er s, because t he AD of st at ic r out es is 1 and is low er t hen RI P at 120, send t r affic for t he m or e specific r out e t hr ough Ser ial 1/ 1 for host s in t he r ange 10. 1. 2. 1– 254/ 24.

365

Ex am ple 8- 17 display s t he I P r out ing t able on R1 and a successful ping r equest t o 10.1.1.1 ( t o R2) and 10.1.2.1 ( t o R3)

Ex a m ple 8 - 1 7 sh ow ip r ou t e a n d Pin g Re qu e st on R1 R1#show ip ro 9.0.0.0/24 is subnetted, 3 subnets C 9.1.1.0 is directly connected, Serial1/0 C 9.1.2.0 is directly connected, Serial1/1 I 9.1.3.0 [100/80225] via 9.1.2.2, 00:00:54, Serial1/1 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks S 10.1.2.0/24 is directly connected, Serial1/1 R 10.0.0.0/8 [120/1] via 9.1.1.2, 00:00:36, Serial1/0 R1#ping 10.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1#ping 10.1.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.2.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms I n a sim ple t hr ee r out er net w or k , y ou can det er m ine t hat w it h ev en a few net w or k s, r edist r ibut ion causes r out er s t o m isint er pr et infor m at ion based on net w or k configur at ion and classful behav ior of rout ing pr ot ocols, such as RI P and I GRP. I n t he scenar ios t hat follow , you apply r out e m aps inst ead of dist r ibut ion list s t o lear n t o use ot her filt er ing m et hods. You also use t he p a ssiv e - in t e r fa ce com m and t o ensur e t hat a net w or k r unning r out e r edist r ibut ion is configur ed as efficient ly as possible. Ex am ple 8- 18 display s R1's full w or k ing configur at ion.

Ex a m ple 8 - 1 8 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 ! enable password cisco ! interface Serial1/0 ip address 9.1.1.1 255.255.255.0 clockrate 128000 ! interface Serial1/1 ip address 9.1.2.1 255.255.255.0 clockrate 128000 ! router rip redistribute igrp 10 metric 1 passive-interface Serial1/1 network 9.0.0.0 ! router igrp 10 redistribute rip metric 128 20000 255 1 1500 passive-interface Serial1/0 network 9.0.0.0

366

distribute-list 1 in ip route 10.1.2.0 255.255.255.0 Serial1/1 ! access-list 1 deny 10.0.0.0 access-list 1 permit any line con 0 line aux 0 line vty 0 4 end Ex am ple 8- 19 display s R2's full w or k ing configur at ion.

Ex a m ple 8 - 1 9 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Ethernet0/0 ip address 10.1.1.1 255.255.255.0 ! interface Serial1/0 bandwidth 128 ip address 9.1.1.2 255.255.255.0 ! router rip network 9.0.0.0 network 10.0.0.0 line con 0 line aux 0 line vty 0 4 end Ex am ple 8- 20 display s R3's full w or k ing configur at ion.

Ex a m ple 8 - 2 0 R3 ' s Fu ll W or k in g Con figu r a t ion hostname R3 ! enable password cisco ! interface Loopback0 ip address 10.1.2.1 255.255.255.0 ! interface Ethernet0 ip address 9.1.3.1 255.255.255.0 interface Serial0 ip address 9.1.2.2 255.255.255.0 bandwidth 125 router igrp 10 network 9.0.0.0 network 10.0.0.0 !

367

no ip classless line con 0 line aux 0 line vty 0 4 ! end

Sce n a r io 8 - 2 : M igr a t in g fr om RI P t o OSPF in t h e Cor e I n t his scenar io, y ou m igr at e a t y pical RI P net w or k t o OSPF in t he cor e of t he net w or k and leav e RI P on t he edge of t he net w or k , w her e t y pically , on LAN- based segm ent s, bandw idt h is not a m aj or concer n. I P addressing and loopback addr ess assignm ent s hav e alr eady been com plet ed. Figur e 8- 3 display s t he cur r ent RI P net w or k t hat y ou m igr at e t o OSPF.

Figu r e 8 - 3 . RI P Topology

Loopbacks have been configured in R1, R2, and R3 t o populat e t he I P rout ing t ables. The Class B net w or k, 141.108.0.0, has been subnet t ed using a Class C m ask t hroughout . Because all RI P- enabled r out er s hav e a local int er face configur ed using a Class C m ask, net w or k connect ivit y is m aint ained.

368

The current I P rout ing t able on R1 is displayed in Ex am ple 8- 21.

Ex a m ple 8 - 2 1 sh ow ip r ou t e on R1 R3#show ip route 141.108.0.0/24 is subnetted, 26 subnets R 141.108.253.0 [120/1] via 141.108.255.2, 00:00:15, Serial1/0 [120/1] via 141.108.254.2, 00:00:11, Serial1/1 C 141.108.255.0 is directly connected, Serial1/0 C 141.108.254.0 is directly connected, Serial1/1 C 141.108.1.0 is directly connected, Ethernet0/0 C 141.108.3.0 is directly connected, Loopback1 C 141.108.2.0 is directly connected, Loopback0 C 141.108.5.0 is directly connected, Loopback3 C 141.108.4.0 is directly connected, Loopback2 C 141.108.7.0 is directly connected, Loopback5 C 141.108.6.0 is directly connected, Loopback4 R 141.108.9.0 [120/1] via 141.108.255.2, 00:00:16, Serial1/0 R 141.108.8.0 [120/1] via 141.108.255.2, 00:00:16, Serial1/0 R 141.108.11.0 [120/1] via 141.108.255.2, 00:00:16, Serial1/0 R 141.108.10.0 [120/1] via 141.108.255.2, 00:00:16, Serial1/0 R 141.108.13.0 [120/1] via 141.108.255.2, 00:00:16, Serial1/0 R 141.108.12.0 [120/1] via 141.108.255.2, 00:00:16, Serial1/0 R 141.108.15.0 [120/1] via 141.108.255.2, 00:00:17, Serial1/0 R 141.108.14.0 [120/1] via 141.108.255.2, 00:00:17, Serial1/0 R 141.108.17.0 [120/1] via 141.108.254.2, 00:00:12, Serial1/1 R 141.108.16.0 [120/1] via 141.108.254.2, 00:00:12, Serial1/1 R 141.108.19.0 [120/1] via 141.108.254.2, 00:00:12, Serial1/1 R 141.108.18.0 [120/1] via 141.108.254.2, 00:00:12, Serial1/1 R 141.108.21.0 [120/1] via 141.108.254.2, 00:00:12, Serial1/1 R 141.108.20.0 [120/1] via 141.108.254.2, 00:00:13, Serial1/1 R 141.108.23.0 [120/1] via 141.108.254.2, 00:00:13, Serial1/1 R 141.108.22.0 [120/1] via 141.108.254.2, 00:00:13, Serial1/1 Ex am ple 8- 21 display s ov er 25 differ ent net w or k s. The m ain aim of conv er t ing t he r out ing algor it hm fr om RI P t o OSPF is t o enable VLSM in t he WAN and sum m ar izat ion am ong r out er s t o r educe I P r out ing t able sizes. Ex am ple 8- 22 displays t he cur r ent w or king configur at ion on R1 r unning RI P as t he prim ary rout ing algorit hm .

Ex a m ple 8 - 2 2 R1 's RI P Con figu r a t ion hostname R1 ! enable password cisco ! ip subnet-zero ! interface Loopback0 ip address 141.108.2.1 255.255.255.0 ! interface Loopback1 ip address 141.108.3.1 255.255.255.0 ! interface Loopback2

369

ip address 141.108.4.1 255.255.255.0 ! interface Loopback3 ip address 141.108.5.1 255.255.255.0 ! interface Loopback4 ip address 141.108.6.1 255.255.255.0 ! interface Loopback5 ip address 141.108.7.1 255.255.255.0 ! interface Ethernet0/0 ip address 141.108.1.1 255.255.255.0 interface Serial1/0 ip address 141.108.255.1 255.255.255.0 clockrate 128000 ! interface Serial1/1 ip address 141.108.254.1 255.255.255.0 clockrate 128000 ! router rip network 141.108.0.0 ! line con 0 end Ex am ple 8- 23 display s R2's cur r ent w or k ing configur at ion.

Ex a m ple 8 - 2 3 R2 's RI P Con figu r a t ion hostname R2 ! enable password cisco interface Loopback0 ip address 141.108.9.1 255.255.255.0 ! interface Loopback1 ip address 141.108.10.1 255.255.255.0 ! interface Loopback2 ip address 141.108.11.1 255.255.255.0 ! interface Loopback3 ip address 141.108.12.1 255.255.255.0 ! interface Loopback4 ip address 141.108.13.1 255.255.255.0 ! interface Loopback5 ip address 141.108.14.1 255.255.255.0 ! interface Loopback6 ip address 141.108.15.1 255.255.255.0 ! interface Ethernet0/0

370

ip address 141.108.8.1 255.255.255.0 ! interface Serial1/0 bandwidth 128 ip address 141.108.255.2 255.255.255.0 ! interface Serial1/1 ip address 141.108.253.2 255.255.255.0 router rip network 141.108.0.0 ! ip classless ! end Ex am ple 8- 24 display s R3's cur r ent w or k ing configur at ion.

Exa m ple 8 - 2 4 R3 's RI P Con figu r a t ion hostname R3 ! enable password cisco ! no ip domain-lookup ! interface Loopback0 ip address 141.108.17.1 255.255.255.0 ! interface Loopback1 ip address 141.108.18.1 255.255.255.0 ! interface Loopback2 ip address 141.108.19.1 255.255.255.0 ! interface Loopback3 ip address 141.108.20.1 255.255.255.0 ! interface Loopback4 ip address 141.108.21.1 255.255.255.0 ! interface Loopback5 ip address 141.108.22.1 255.255.255.0 ! interface Loopback6 ip address 141.108.23.1 255.255.255.0 ! interface Ethernet0 ip address 141.108.16.1 255.255.255.0 ! interface Serial0 ip address 141.108.254.2 255.255.255.0 bandwidth 125 ! interface Serial1 ip address 141.108.253.1 255.255.255.0 bandwidth 125

371

clockrate 125000 ! router rip network 141.108.0.0 ! end To st ar t , add OSPF t o t he cent er of t he net w or k , and place all t he WAN int er faces in area 0. Maint ain t he Class C m ask for now t o m ake redist ribut ion relat ivit y easy t o configur e. This st ep is com m on w hen m igr at ing fr om one pr ot ocol t o anot her. Ex am ple 8- 25 configur es R1 for OSPF acr oss t he WAN t o R1 and R2. You t ak e t he sam e configurat ion st eps on R2 and R3.

Ex a m ple 8 - 2 5 OSPF Con figu r a t ion on R1 R1(config)#router ospf1 R1(config-router)#network 141.108.255.0 0.0.0.255 area 0 R1(config-router)#network 141.108.254.0 0.0.0.255 area 0 R1(config-router)#router rip R1(config-router)#passive-interface serial 1/0 R1(config-router)#passive-interface serial 1/1 R1 is configur ed not t o send any RI P updat es t o Ser ial 1/ 0 ( t o R2) and Ser ial 1/ 1 ( t o R3) ; t his configur at ion st ops t he sending of unnecessar y updat es acr oss WAN link s. At t his st age, y ou hav e not configur ed any r edist r ibut ion, so t her e is no connect iv it y am ong t he Et her net and loopback int er faces. Exam ple 8- 26 confir m s t he st at us of I P connect iv it y aft er t he show ip r out e com m and is ent ered on R1.

Ex a m ple 8 - 2 6 sh ow ip r ou t e on R1 R1#show ip route 141.108.0.0/24 is subnetted, 10 subnets O 141.108.253.0 [110/1562] via 141.108.255.2, 00:00:04, Serial1/0 C 141.108.255.0 is directly connected, Serial1/0 C 141.108.254.0 is directly connected, Serial1/1 C 141.108.1.0 is directly connected, Ethernet0/0 C 141.108.3.0 is directly connected, Loopback1 C 141.108.2.0 is directly connected, Loopback0 C 141.108.5.0 is directly connected, Loopback3 C 141.108.4.0 is directly connected, Loopback2 C 141.108.7.0 is directly connected, Loopback5 C 141.108.6.0 is directly connected, Loopback4 The only v isible r out e on R1 is t he locally connect ed r out es and t he WAN cir cuit bet ween R2 and R3. Nex t , configur e r edist r ibut ion on rout ers R1, R2, and R3 t o advert ise t he RI P net w or k s t o t he OSPF back bone. Ex am ple 8- 27 display s t he RI P t o OSPF r edist r ibut ion on R1. Ex am ple 8- 27 also display s r edist r ibut ion fr om OSPF t o RI P t o allow com m unicat ion fr om R2/ R3

372

Et her net segm ent s t o R1's locally connect ed net w or k , w hich, at t he m om ent , is advert ised by only RI P. The ? t ool is used t o display t he available opt ions.

Ex a m ple 8 - 2 7 Re dist r ibu t ion on R1 R1(config)#router ospf 1 R1(config-router)#redistribute rip metric ? OSPF default metric R1(config-router)#redistribute rip metric 100 subnets R1(config-router)#exit R1(config)#router rip R1(config-router)#redistribute ospf 1 metric ? Default metric R1(config-router)#redistribute ospf 1 metric 3 R1(config-router)#distribute-list 1 out R1(config-router)#exit R1(config)#access-list 1 deny 141.108.1.0 0.0.0.255 R1(config)#access-list 1 deny 141.108.2.0 0.0.0.255 R1(config)#access-list 1 deny 141.108.3.0 0.0.0.255 R1(config)#access-list 1 deny 141.108.4.0 0.0.0.255 R1(config)#access-list 1 deny 141.108.5.0 0.0.0.255 R1(config)#access-list 1 deny 141.108.6.0 0.0.0.255 R1(config)#access-list 1 deny 141.108.7.0 0.0.0.255 R1(config)#access-list 1 permit any R1 is now configur ed t o r edist r ibut e fr om RI P t o OSPF and v ice v er sa. Ex am ple 8- 27 display s t he k ey w or d su bn e t s because t he Class B net w or k 141.108.0.0 has been subnet t ed acr oss t he net w or k . Wit hout t his k ey w or d, only classful net w or k s w ould not be adver t ised. ( I n t his case, you ar e using classless net w or ks on all rout ers.) Also, t he m et rics have been set t o 100 for all RI P- t o- OSPF net works, and t he hop count for all redist ribut ed OSPF net w orks int o RI P is set t o 3. Ty pically , net w or k s hav e som e ot her pat hs or back door s bet w een any giv en r out ing t opologies. To ensur e t hat net w or k s r esiding on R1 ar e nev er adv er t ised by t he OSPF back bone, t he dist r ibut ion list on R1 denies any net w or k s r esiding in 141.108.1.0– 141.108.7.255 fr om being adver t ised fr om OSPF t o RI P. This ensur es t hat a r out ing loop cannot occur . Th e access list 1, pr ev iously defined w it h sev en st at em ent s, can be r eplaced w it h t he configur at ion in Ex am ple 8- 28 t o deny t he r ange of net w or k s 141.108.0.0– 141.108.7.0 and per m it all ot her net w or k s. Ex am ple 8- 28 r eplaces t he sev en- line access list w it h t w o lines of I OS configur at ion. ( The no a cce ss- list 1 com m and r em ov es t he configu r at ion cur r ent ly pr esent for access list 1.)

Ex a m ple 8 - 2 8 Acce ss List Con figu r a t ion on R1 R1(config)#no access-list 1 R1(config)#access-list 1 deny 141.108.0.0 0.0.7.255 R1(config)#access-list 1 permit any Ex am ple 8- 29 displays t he r edist r ibut ion and filt er ing r equir ed on R2.

373

Ex a m ple 8 - 2 9 Re dist r ibu t ion on R2 R2(config)#router rip R2(config-router)#distribute-list 1 out R2(config-router)#redistribute ospf 1 metric 3 R2(config-router)#router ospf 1 R2(config-router)#redistribute rip metric 10 subnets R2(config)#access-list 1 deny 141.108.8.0 0.0.7.255 R2(config)#access-list 1 permit any Ex am ple 8- 30 displays t he redist ribut ion and filt ering on R3.

Ex a m ple 8 - 3 0 Re dist r ibu t ion on R3 R3(config)#router rip R3(config-router)#redistribute ospf 1 metric 3 R3(config-router)#distribute-list 1 out R3(config-router)#router ospf 1 R3(config-router)#redistribute rip metric 10 subnets R3(config-router)#exit R3(config)#access-list 1 deny 141.108.23.0 0.0.7.255 R3(config)#access-list 1 permit any Confir m I P r out ing connect ivit y fr om R1. Ex am ple 8- 3 1 displays t he I P r out ing t able on R1 and som e sam ple ping r equest s t hat confor m I P connect iv it y .

Ex a m ple 8 - 3 1 sh ow ip r ou t e a n d Pin gs on R1 R1#show ip route Codes: C - connected,E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP 141.108.0.0/24 is subnetted, 26 subnets O 141.108.253.0 [110/1562] via 141.108.255.2, 00:00:51, Serial1/0 C 141.108.255.0 is directly connected, Serial1/0 C 141.108.254.0 is directly connected, Serial1/1 C 141.108.1.0 is directly connected, Ethernet0/0 C 141.108.3.0 is directly connected, Loopback1 C 141.108.2.0 is directly connected, Loopback0 C 141.108.5.0 is directly connected, Loopback3 C 141.108.4.0 is directly connected, Loopback2 C 141.108.7.0 is directly connected, Loopback5 C 141.108.6.0 is directly connected, Loopback4 O E2 141.108.9.0 [110/10] via 141.108.255.2, 00:00:51, Serial1/0 O E2 141.108.8.0 [110/10] via 141.108.255.2, 00:00:51, Serial1/0 O E2 141.108.11.0 [110/10] via 141.108.255.2, 00:00:51, Serial1/0 O E2 141.108.10.0 [110/10] via 141.108.255.2, 00:00:51, Serial1/0 O E2 141.108.13.0 [110/10] via 141.108.255.2, 00:00:51, Serial1/0 O E2 141.108.12.0 [110/10] via 141.108.255.2, 00:00:51, Serial1/0 O E2 141.108.15.0 [110/10] via 141.108.255.2, 00:00:51, Serial1/0 O E2 141.108.14.0 [110/10] via 141.108.255.2, 00:00:52, Serial1/0 O E2 141.108.17.0 [110/10] via 141.108.254.2, 00:00:52, Serial1/1 O E2 141.108.16.0 [110/10] via 141.108.254.2, 00:00:52, Serial1/1 O E2 141.108.19.0 [110/10] via 141.108.254.2, 00:00:52, Serial1/1 O E2 141.108.18.0 [110/10] via 141.108.254.2, 00:00:52, Serial1/1 O E2 141.108.21.0 [110/10] via 141.108.254.2, 00:00:52, Serial1/1 O E2 141.108.20.0 [110/10] via 141.108.254.2, 00:00:52, Serial1/1 O E2 141.108.23.0 [110/10] via 141.108.254.2, 00:00:52, Serial1/1

374

O E2 141.108.22.0 [110/10] via 141.108.254.2, 00:00:52, Serial1/1 R1#ping 141.108.9.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.9.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1#ping 141.108.22.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.22.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms The next st ep in m igr at ion is t o r em ove RI P and enable OSPF acr oss all int er faces in t he net w or ks. Befor e you com plet e t his m igr at ion, look at t he r out ing configur at ions on Rout ers R1, R2, and R3. Ex am ple 8- 32 displays t he I P rout ing configurat ion on R1.

Ex a m ple 8 - 3 2 sh ow r u n n in g - con fig ( Tr u n ca t e d) on R1 router ospf 1 redistribute rip metric 100 subnets network 141.108.254.0 0.0.0.255 area 0 network 141.108.255.0 0.0.0.255 area 0 ! router rip redistribute ospf 1 metric 3 passive-interface Serial1/0 passive-interface Serial1/1 network 141.108.0.0 distribute-list 1 out access-list 1 deny 141.108.0.0 0.0.7.255 access-list 1 permit any Ex am ple 8- 33 displays t he I P rout ing configurat ion on R2.

Ex a m ple 8 - 3 3 sh ow r u n n in g - con fig ( Tr u n ca t e d) on R2 router ospf 1 redistribute rip metric 10 subnets network 141.108.253.0 0.0.0.255 area 0 network 141.108.255.0 0.0.0.255 area 0 ! router rip redistribute ospf 1 metric 3 passive-interface Serial1/0 passive-interface Serial1/1 network 141.108.0.0 distribute-list 1 out ! ip classless ! access-list 1 deny 141.108.8.0 0.0.7.255 access-list 1 permit any Ex am ple 8- 34 displays t he I P rout ing configurat ion on R3.

375

Ex a m ple 8 - 3 4 sh ow r u n n in g - con fig ( Tr u n ca t e d) on R3 router ospf 1 redistribute rip metric 10 subnets network 141.108.254.0 0.0.0.255 area 0 network 141.108.253.0 0.0.0.255 area 0 ! router rip redistribute ospf 1 metric 3 passive-interface Serial0 passive-interface Serial1 network 141.108.0.0 distribute-list 1 out ! access-list 1 deny 141.108.16.0 0.0.7.255 access-list 1 permit any Figur e 8- 4 display s t he OSPF ar ea assignm ent t o com plet e t he RI P t o OSPF m igr at ion.

Figu r e 8 - 4 . OSPF Ar e a Assign m e n t s

Figur e 8- 4 display s t he OSPF ar ea assignm ent along w it h t he abilit y t o r e- address t he WAN cir cuit t o / 30 subnet s because OSPF under st ands VLSM.

376

Ex am ple 8- 35 displays t he rem oval of RI P on R1 and t he OSPF and I P address assignm ent on R1. Also, not e t he new I P addr ess assignm ent for t he WAN link s w it h / 30 subnet s.

Ex a m ple 8 - 3 5 Re m ova l of RI P on R1 a n d OSPF/ I P Addr e ss Assign m e n t R1(config)#no router rip R1(config)#router ospf 1 R1(config-router)#network 141.108.255.0 0.0.0.255 area 0 R1(config-router)#network 141.108.0.0 0.0.7.255 area 1 R1(config)#interface s1/0 R1(config-if)#ip address 141.108.255.1 255.255.255.252 R1(config-if)#interface s1/1 R1(config-if)#ip address 141.108.255.5 255.255.255.252 Ex am ple 8- 36 displays t he rem oval of RI P on R2 and t he OSPF and I P address assignm ent on R2.

Ex a m ple 8 - 3 6 Re m ova l of RI P on R2 a n d OSPF/ I P Addr e ss Assign m e n t R2(config)#no router rip R2(config)#router ospf 1 R2(config-router)#network 141.108.255.0 0.0.0.255 area 0 R2(config-router)#network 141.108.8.0 0.0.7.255 area 2 R2(config-router)#exit R2(config)#interface s1/0 R2(config-if)#ip address 141.108.255.2 255.255.255.252 R2(config-if)#interface s1/1 R2(config-if)#ip address 141.108.255.10 255.255.255.252 Ex am ple 8- 37 display s t he r em ov al of RI P on R3 and t he OSPF and I P address assignm ent on R3.

Ex a m ple 8 - 3 7 Re m ova l of RI P on R3 a n d OSPF/ I P Addr e ss Assign m e n t R3(config)#router ospf 1 R3(config-router)#network 141.108.23.0 0.0.7.255 area 3 R3(config-router)#network 141.108.255.0 0.0.0.255 area 0 R3(config-router)#exit R3(config)#interface serial0 R3(config-if)#ip address 141.108.255.6 255.255.255.252 R3(config-if)#interface serial1 R3(config-if)#ip address 141.108.255.9 255.255.255.252 N OTE Rem oving RI P from Rout ers R1, R2, and R3 causes t he Cisco I OS t o r em ov e any r edist r ibut ion bet w een RI P and OSPF aut om at ically . Ther efor e, m anual r em ov al of redist ribut ion is not required on Rout ers R1, R2, and R3.

377

Now t hat OSPF is configur ed acr oss all r out er s, view t he I P r out ing t able on R1. Ex am ple 8- 38 displays R1's I P rout ing t able.

Ex a m ple 8 - 3 8 R1 's I P Rou t in g Ta ble R1#show ip route Codes: C - connected, , O - OSPF, IA - OSPF inter area 141.108.0.0/16 is variably subnetted, 26 subnets, 3 masks O 141.108.255.8/30 [110/1562] via 141.108.255.2, 00:00:27, Serial1/0 C 141.108.255.4/30 is directly connected, Serial1/1 C 141.108.255.0/30 is directly connected, Serial1/0 C 141.108.1.0/24 is directly connected, Ethernet0/0 C 141.108.3.0/24 is directly connected, Loopback1 C 141.108.2.0/24 is directly connected, Loopback0 C 141.108.5.0/24 is directly connected, Loopback3 C 141.108.4.0/24 is directly connected, Loopback2 C 141.108.7.0/24 is directly connected, Loopback5 C 141.108.6.0/24 is directly connected, Loopback4 O IA 141.108.9.1/32 [110/782] via 141.108.255.2, 00:00:27, Serial1/0 O IA 141.108.8.0/24 [110/791] via 141.108.255.2, 00:00:27, Serial1/0 O IA 141.108.10.1/32 [110/782] via 141.108.255.2, 00:00:27, Serial1/0 O IA 141.108.11.1/32 [110/782] via 141.108.255.2, 00:00:27, Serial1/0 O IA 141.108.12.1/32 [110/782] via 141.108.255.2, 00:00:27, Serial1/0 O IA 141.108.13.1/32 [110/782] via 141.108.255.2, 00:00:28, Serial1/0 O IA 141.108.14.1/32 [110/782] via 141.108.255.2, 00:00:28, Serial1/0 O IA 141.108.15.1/32 [110/782] via 141.108.255.2, 00:00:28, Serial1/0 O IA 141.108.17.1/32 [110/782] via 141.108.255.6, 00:00:28, Serial1/1 O IA 141.108.16.0/24 [110/791] via 141.108.255.6, 00:00:28, Serial1/1 O IA 141.108.18.1/32 [110/782] via 141.108.255.6, 00:00:28, Serial1/1 O IA 141.108.19.1/32 [110/782] via 141.108.255.6, 00:00:28, Serial1/1 O IA 141.108.20.1/32 [110/782] via 141.108.255.6, 00:00:28, Serial1/1 O IA 141.108.21.1/32 [110/782] via 141.108.255.6, 00:00:28, Serial1/1 O IA 141.108.22.1/32 [110/782] via 141.108.255.6, 00:00:28, Serial1/1 O IA 141.108.23.1/32 [110/782] via 141.108.255.6, 00:00:28, Serial1/1 I n Ex am ple 8- 32, t he r edist r ibut ed r out es appear as E2 ( Ex t er nal Ty pe 2) and OSPF is configured across all t hree rout ers. The OSPF t ype rout e is displayed as O I A in Ex am ple 8- 38. OSPF can suppor t VLSM and net w or k sum m ar izat ion, so configur e each r out er in Figur e 8- 4 t o sum m ar ize locally connect ed r out es, w hich ar e cont iguous. ( All r out er s

378

ar e ABRs because each r out er r esides in ar eas 0, 1, 2, or 3.) Ex am ple 8- 39 display s t he sum m ar izat ion for net w or k s 141. 108. 0. 0– 141.108.7.0. To sum m ar ize int er nal OSPF r out es, t he a r e a ar ea- id r a nge net w or k subnet m ask I OS com m and is required. The loopback addresses on R1 reside in OSPF area 1. Ex am ple 8- 39 display s t he a r e a su m m a r y com m and on R1.

Ex a m ple 8 - 3 9 Ar e a Su m m a r y on R1 R1(config)#router ospf 1 R1(config-router)#area 1 ? authentication Enable authentication default-cost Set the summary default-cost of a NSSA/stub area nssa Specify a NSSA area range Summarize routes matching address/mask (border routers only) stub Specify a stub area virtual-link Define a virtual link and its parameters R1(config-router)#area 1 range ? A.B.C.D IP address to match R1(config-router)#area 1 range 141.108.0.0 ? A.B.C.D IP mask for address R1(config-router)#area 1 range 141.108.0.0 255.255.248.0 Th e ? t ool is used t o display t he v ar ious opt ions. The m ask, 255.255.248.0, encom passes t he sev en net w or k s r anging fr om 141.108.0.0–141.108.7.0. You m ay ask yourself w hy you are not using 141.108.0.0 on R1 or subnet zero. Wit h large I P net w or k s, t he net w or k I P designer should alw ay s use all t he addr ess space available; subnet zer o is a per fect ex am ple. To enable subnet zer o, you m ust configur e t he global ip su b n e t - zero com m and on R1. Ex am ple 8- 40 enables t he use of zer o subnet s on R1.

Ex a m ple 8 - 4 0 Su b n e t Ze r o En a b lin g on R1 R1(config)#ip subnet-zero R1(config-if)#interface loopback 6 R1(config-if)#ip address 141.108.0.1 255.255.255.0 Ex am ple 8- 41 display s t he sum m ar izat ion r equir ed on R2 t o encom pass t he net w or k s 141.108.8.0–141.108.15.255. ( These net w or k s r eside in ar ea 2.)

Ex a m ple 8 - 4 1 Ar e a Su m m a r y on R2 R2(config)#router ospf 1 R2(config-router)#area 2 range 141.108.8.0 255.255.248.0 Ex am ple 8- 42 display s t he sum m ar izat ion r equir ed on R3 t o encom pass t he net w or k s 141. 108. 16. 0– 141.108.23.255. ( These net w or ks r eside in ar ea 3.)

Ex a m ple 8 - 4 2 Ar e a Su m m a r y on R2 379

R3(config)#router ospf 1 R3(config-router)#area 3 range 141.108.16.0 255.255.248.0 Ex am ple 8- 43 displays t he OSPF I P r out ing t able on R1. ( I nit ially, w hen RI P w as t he prim ary rout ing algorit hm , you had 17 RI P ent ries, as displayed in Ex am ple 8- 21. )

Ex a m ple 8 - 4 3 sh ow ip r ou t e ospf on R1 R1#show ip route ospf 141.108.0.0/16 is variably subnetted, 13 subnets, 3 masks O 141.108.255.8/30 [110/1562] via 141.108.255.2, 00:04:57, Serial1/0 O IA 141.108.8.0/21 [110/791] via 141.108.255.2, 00:04:57, Serial1/0 O IA 141.108.16.0/21 [110/782] via 141.108.255.6, 00:01:13, Serial1/1 R1 has 3 OSPF net w or k ent r ies as opposed t o 17 using RI P. Now , y ou can see w hy net w or k s ar e conv er t ed fr om classful r out ing pr ot ocols, such as RI P, t o classless pr ot ocols, such as OSPF. The m igr at ion in t his scenar io dem onst r at es t he pow er f ul use of r edist r ibut ion and w hat you should be aw ar e of w hen configur ing m et r ics. Befor e looking at anot her scenar io, view t he full w or king configurat ions of all t hree rout ers in Figur e 8- 4. Ex am ple 8- 44 display s R1's full w or k ing configur at ion.

Ex a m ple 8 - 4 4 R1 ' s Fu ll W or k in g Con figu r a t ion Hostname R1 ! enable password cisco ! ip subnet-zero interface Loopback0 ip address 141.108.2.1 ! interface Loopback1 ip address 141.108.3.1 ! interface Loopback2 ip address 141.108.4.1 ! interface Loopback3 ip address 141.108.5.1 ! interface Loopback4 ip address 141.108.6.1 ! interface Loopback5 ip address 141.108.7.1 ! interface Loopback6 ip address 141.108.0.1 ! interface Ethernet0/0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

380

ip address 141.108.1.1 255.255.255.0 ! interface Serial1/0 ip address 141.108.255.1 255.255.255.252 no ip mroute-cache no fair-queue clockrate 128000 ! interface Serial1/1 ip address 141.108.255.5 255.255.255.252 clockrate 128000 ! router ospf 1 area 1 range 141.108.0.0 255.255.248.0 network 141.108.0.0 0.0.7.255 area 1 network 141.108.255.0 0.0.0.255 area 0 ! ip classless end Ex am ple 8- 45 display s R2's full w or k ing configur at ion.

Ex a m ple 8 - 4 5 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup interface Loopback0 ip address 141.108.9.1 255.255.255.0 ! interface Loopback1 ip address 141.108.10.1 255.255.255.0 ! interface Loopback2 ip address 141.108.11.1 255.255.255.0 ! interface Loopback3 ip address 141.108.12.1 255.255.255.0 ! interface Loopback4 ip address 141.108.13.1 255.255.255.0 ! interface Loopback5 ip address 141.108.14.1 255.255.255.0 ! interface Loopback6 ip address 141.108.15.1 255.255.255.0 ! interface Ethernet0/0 ip address 141.108.8.1 255.255.255.0 ! interface TokenRing0/0 no ip address

381

shutdown ring-speed 16 ! interface Serial1/0 bandwidth 128 ip address 141.108.255.2 255.255.255.252 ! interface Serial1/1 ip address 141.108.255.10 255.255.255.252 ! router ospf 1 area 2 range 141.108.8.0 255.255.248.0 network 141.108.8.0 0.0.7.255 area 2 network 141.108.255.0 0.0.0.255 area 0 ! ip classless ! end Ex ample 8- 46 display s R3's full w or k ing configur at ion.

Ex a m ple 8 - 4 6 R3 ' s Fu ll W or k in g Con figu r a t ion hostname R3 ! enable password cisco ! no ip domain-lookup ! interface Loopback0 ip address 141.108.17.1 ! interface Loopback1 ip address 141.108.18.1 ! interface Loopback2 ip address 141.108.19.1 ! interface Loopback3 ip address 141.108.20.1 ! interface Loopback4 ip address 141.108.21.1 ! interface Loopback5 ip address 141.108.22.1 ! interface Loopback6 ip address 141.108.23.1 ! interface Ethernet0 ip address 141.108.16.1 media-type 10BaseT ! interface Ethernet1 no ip address

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

382

! interface Serial0 ip address 141.108.255.6 255.255.255.252 bandwidth 125 ! interface Serial1 ip address 141.108.255.9 255.255.255.252 bandwidth 125 clockrate 125000 ! router ospf 1 network 141.108.16.0 0.0.7.255 area 3 network 141.108.255.0 0.0.0.255 area 0 area 3 range 141.108.16.0 255.255.248.0 ! end

Sce n a r io 8 - 3 : Re dist r ibu t in g Be t w e e n EI GRP a n d OSPF I n t his scenar io, you configur e a five- r out er t opology w it h four differ ent aut onom ous sy st em s using t w o I P r out ing algor it hm s: OSPF and EI GRP. The end design goal of t his scenario is t o ensure full I P connect ivit y am ong all int er faces. The int ernet w ork in Figur e 8- 5 has an OSPF dom ain and t hr ee EI GRP dom ains.

Figu r e 8 - 5 . OSPF a n d EI GRP D om a in s

383

Rout er s R1, R2, and R3 ar e configur ed in OSPF pr ocess 1. ( Rem em ber t hat OSPF has a pr ocess I D t hat is only locally significant .) R4 is configur ed in EI GRP dom ain 1, and R5 is configured in EI GRP dom ain 2. The WAN link bet ween R4 and R5 resides in EI GRP dom ain 3. Figur e 8- 5 det ails t he I P addr ess assignm ent . Also, not ice t hat a r edundant pat h exist s bet w een R4 and R5. Therefore, you m ust carefully consider any rout e r edist r ibut ion t o av oid r out ing loops. St ar t by enabling t he r out ing pr ot ocols in use, nam ely OSPF on Rout er s R1– R3. Figur e 8- 5 depict s a sim ple OSPF net w or k w it h one ar ea, t he backbone. All of Rout er R1's int erfaces reside in area 0; hence, you can use one I OS com m and t o place all R1's int er faces in OSPF ar ea 0 or t he backbone. Ex am ple 8- 47 places all int er faces on R1 in ar ea 0, t he back bone net w or k in OSPF. Figur e 8- 5 displa y s t he OSPF ar ea assignm ent s r equir ed for t his t opology .

Ex a m ple 8 - 4 7 R1 's OSPF Con figu r a t ion R1(config)#router ospf 1 R1(config-router)#network 0.0.0.0 255.255.255.255 area 0 Rout ers R2 and R3 reside in OSPF and EI GRP dom ains. Ex am ple 8- 48 configures R2's serial link t o R1 t o reside in area 0.

384

Ex a m ple 8 - 4 8 R2 's OSPF Con figu r a t ion R2(config)#router ospf 1 R2(config-router)#network 141.108.255.2 0.0.0.0 area 0 The inverse m ask, 0.0.0.0, configur es t he I P addr ess 141.108.255.2 int o ar ea 0. Ex am ple 8- 49 configures R3's serial link t o R1 t o reside in area 0.

Ex a m ple 8 - 4 9 R3 's OSPF Con figu r a t ion R3config)#router ospf 1 R3config-router)#network 141.108.255.6 0.0.0.0 area 0 R1 should now hav e full OSPF adj acency t o R2 and R3. Ex am ple 8- 50 confir m s t hat OSPF has form ed a full relat ionship t o R2 and R3.

Ex a m ple 8 - 5 0 sh ow s ip ospf n e igh bor on R1 R1#show ip ospf neighbor Neighbor ID Interface 141.108.255.17 Serial1/0 141.108.255.13 Serial1/1

Pri

State

1

FULL/

1

FULL/

Dead Time

Address

-

00:00:38

141.108.255.2

-

00:00:38

141.108.255.6

R1 is fully adj acent ( Full) t o R2 and R3, and no designat ed r out er ( DR) or backup designat ed r out er ( BDR) is select ed over a point - t o- point ( in t his case back- t o- back ser ial connect ed Cisco r out er s) . Befor e y ou configur e r edist r ibut ion, configur e t he EI GRP dom ains on R4 and R5. Ex am ple 8- 51 configures R4 in EI GRP dom ains 1 and 3.

Ex a m ple 8 - 5 1 EI GRP Con figu r a t ion on R4 R4(config)#router eigrp 1 R4(config-router)# passive-interface Serial1 R4(config-router)# network 141.108.0.0 R4(config-router)#network 161.100.0.0 R4(config-router)# no auto-summary R4(config-router)#! R4(config-router)#router eigrp 3 R4(config-router)# passive-interface Ethernet0 R4(config-router)# passive-interface Serial0 R4(config-router)# network 141.108.0.0 R4(config-router)# no auto-summary Aut om at ic sum m ar izat ion is disabled on R4, so y ou can apply som e sum m ary com m ands lat er . Also on R4, for int er faces in EI GRP dom ain 1, you need t o apply t he p a ssiv e int er face com m and t o ensur e t hat no r out ing updat es ar e sent . Sim ilarly, in EI GRP dom ain 3, only one net w ork resides in EI GRP 3, t he WAN link t o R5.

385

Ex am ple 8- 52 confirm s t he EI GRP int erfaces in dom ains 1 and 3.

Ex a m ple 8 - 5 2 sh ow ip e igr p in t e r fa ce s on R4 R4#show ip eigrp interfaces IP-EIGRP interfaces for process 1 Xmit Queue Mean Pending Interface Peers Un/Reliable SRTT Routes Se0 1 0/0 7 0 Et0 0 0/0 0 0 IP-EIGRP interfaces for process 3 Xmit Queue Mean Pending Interface Peers Un/Reliable SRTT Routes Se1 0 0/0 0

Pacing Time

Multicast

Un/Reliable

Flow Timer

5/194

226

0/10

0

Pacing Time

Multicast

Un/Reliable

Flow Timer

0/10

0

0

Ex am ple 8- 52 confir m s t hat t he Et her net int er face and link t o R3 r eside in EI GRP 1 and t he WAN link t o R5 resides in EI GRP 3. The peers on R4 confirm t hat EI GRP is configured on R3. There is no EI GRP peer t o R5 because EI GRP is not enabled on R5 y et . Ex am ple 8- 53 configures R5 in EI GRP 2 and EI GRP 3.

Exa m ple 8 - 5 3 EI GRP Con figu r a t ion on R5 R5(config)#router eigrp 3 R5(config-router)# passive-interface Ethernet0 R5(config-router)# passive-interface Serial0 R5(config-router)# network 141.108.0.0 R5(config-router)# no auto-summary R5(config-router)#! R5(config-router)#router eigrp 2 R5(config-router)# passive-interface Serial1 R5(config-router)# network 141.108.0.0 R5(config-router)# network 160.100.0.0 R5(config-router)# no auto-summary At t his st age, y ou hav e not configur ed any r edist r ibut ion. St ar t by conf iguring r edist r ibut ion in t he EI GRP dom ains 1, 2, and 3. Redist r ibut ing fr om one EI GRP AS t o anot her does not r equir e you t o define a m et r ic because EI GRP conser ves t he m et r ic. Ther efor e, you r edist r ibut e only net w or ks using t he m et r ic fr om t he or iginal AS or dom ain. You do hav e t o ensur e t hat r out e m aps or dist r ibut ion list s ar e used t o av oid loops. You configure rout e m aps on R2 and R3, t he core rout ers in t he net work, lat er in t his chapt er. Ex am ple 8- 54 configures redist ribut ion from EI GRP dom ain 1 t o 3 on Rout er R4 and also configur es a sum m ar y r out e on R4, adv er t ising t he subnet 160.100.0.0/ 17.

386

Ex a m ple 8 - 5 4 Re dist r ibu t ion on R4 R4(config)#interface s0 R4(config-if)#ip summary-address eigrp 1 160.100.0.0 255.255.128.0 R4(config)#router eigrp 1 R4(config-router)#redistribute eigrp 3 R4(config-router)#exit R4(config)#router eigrp 3 R4(config-router)#redistribute eigrp 1 Ex am ple 8- 55 configures redist ribut ion from EI GRP dom ain 2 t o 3 on Rout er R5 and also configur es a sum m ar y r out e on R4, adv er t ising t he subnet 160.100.128.0/ 17.

Ex a m ple 8 - 5 5 Re dist r ibu t ion on R5 R5(config-router)#interface Serial0 R5(config-if)# ip summary-address eigrp 2 160.100.128.0 255.255.128.0 R5(config-if)#exit R5(config)#router eigrp 3 R5(config-router)# redistribute eigrp 2 R5(config-router)#router eigrp 2 R5(config-router)# redistribute eigrp 3 To ensure I P connect ivit y, display t he I P rout ing t ables on R2 and R3. Ex am ple 8- 56 displays t he I P rout ing t able ( EI GRP only) on R2.

Ex a m ple 8 - 5 6 sh ow ip r ou t e e igr p on R2 R2#sh ip route eigrp 141.108.0.0/16 is variably subnetted, 13 subnets, 2 masks D 141.108.255.20/30 [90/21024000] via 141.108.255.18, 00:01:26, Serial1/1 D EX 141.108.255.12/30 [170/22016000] via 141.108.255.18, 00:01:26, Serial1/1 160.100.0.0/17 is subnetted, 2 subnets D 160.100.128.0 [90/20537600] via 141.108.255.18, 00:01:26, Serial1/1 D EX 160.100.0.0 [170/21049600] via 141.108.255.18, 00:01:26, Serial1/1 R2 has t he sum m ar y r out e fr om R4 appear ing as an int er nal EI GRP r out e ( D) because t he net w or k r esides in t he sam e AS. The second sum m ar y r out e redist ribut ed from dom ain 3 t o 2 appears as an ext ernal EI GRP ( D EX) rout e. Exa m ple 8- 57 displays t he I P r out ing t able ( EI GRP) in R3.

Ex a m ple 8 - 5 7 sh ow ip r ou t e e igr p on R3 R3#show ip route eigrp 160.100.0.0/17 is subnetted, 2 subnets D EX 160.100.128.0 [170/21529600] via 141.108.255.14, 00:06:21, Serial1 D 160.100.0.0 [90/21017600] via 141.108.255.14, 00:10:12, Serial1 141.108.0.0/16 is variably subnetted, 13 subnets, 2 masks D 141.108.255.20/30 [90/21504000] via 141.108.255.14, 00:10:12, Serial1

387

D EX 141.108.255.16/30 [170/22016000] via 141.108.255.14, 00:07:27, Serial1 Sim ilar ly, R3 has an int er nal ( D 160.100.0.0) and ext er nal sum m ar y r out e ( D EX 160.100.128.0) for t he r em ot e Et her net segm ent s on R4 and R5, r espect iv ely . R1's I P r out ing t able does not cont ain t he EI GRP net w or k s because t he OSPF r out er s R2 and R3 ( ABRs and ASBRs) have yet t o enable r edist r ibut ion fr om EI GRP ( com posit e m et r ic) t o OSPF ( cost m et r ic) . Because OSPF and EI GRP use differ ent m et r ics for r out ing, you m ust assign m et r ics w hen r edist r ibut ing and ensur e, by using r out e m aps, t hat no r edist r ibut ed infor m at ion causes a r out ing loop. Ex am ple 8- 58 configur es R2 for r edist r ibut ing OSPF r out es int o EI GRP and EI GRP rout es int o OSPF. R2 is configured not t o perm it any rout es from R4 advert ising net w or k s in t he r ange 141.108.0.0–141.108.7.255 and also t he WAN subnet s 141.108.255.0/ 30 ( Link R1/ R2) and 141.108.255.4/ 30 ( Link R1/ R3) ; t his pr ev ent s er r oneous r out ing infor m at ion and r out ing loops fr om occur r ing.

Ex a m ple 8 - 5 8 Re t r ibu t ion on R2 router eigrp 2 redistribute ospf 1 metric 1500 2000 255 1 1500 route-map allowintoeigrp ! router ospf 1 redistribute eigrp 2 metric 100 subnets route-map allowintoospf ! route-map allowintoeigrp permit 10 match ip address 1 ! route-map allowintoospf permit 10 match ip address 2 ! Networks in Access list 1 reside in the EIGRP domain access-list 1 deny 160.100.0.0 0.0.255.255 access-list 1 permit any ! Networks in Access-list 2 reside in the OSPF domain access-list 2 deny 141.108.0.0 0.0.7.255 access-list 2 deny 141.108.255.0 0.0.0.3 access-list 2 deny 141.108.255.4 0.0.0.3 access-list 2 permit any R2 is configur ed t o r edist r ibut e OSPF net w or ks w it h a r out e m ap nam ed allow int oeigr p, indicat ing t hat only net w or ks m at ching access list 1 ar e allow ed int o OSPF. Sim ilar ly , w hen r edist r ibut ing EI GRP net w or k s int o OSPF, t he r out e m ap nam ed allow int oospf per m it s all net w or k s m at ching access- list 2, as shaded in Ex am ple 8- 58. Ex am ple 8- 59 displays t he OSPF t o EI GRP r edist r ibut ion on Rout er R3 w it h a r out e m ap configur ed t o ensur e t hat er r oneous inform at ion is not sent fr om eit her r out ing dom ain.

Ex a m ple 8 - 5 9 Re dist r ibu t ion on R3 router eigrp 1

388

redistribute ospf 1 metric 1500 20000 255 1 1500 route-map allowintoeigrp ! router ospf 1 redistribute eigrp 1 metric 100 subnets route-map allowintoospf ! Networks in Access list 1 reside in the EIGRP domain access-list 1 deny 160.100.0.0 0.0.255.255 access-list 1 permit any ! Networks in Access-list 2 reside in the OSPF domain access-list 2 deny 141.108.0.0 0.0.7.255 access-list 2 deny 141.108.255.0 0.0.0.3 access-list 2 deny 141.108.255.4 0.0.0.3 access-list 2 permit any route-map allowintoeigrp permit 10 match ip address 1 ! route-map allowintoospf permit 10 match ip address 2 N OTE I f t he WAN link bet w een R4 and R5 goes dow n, EI GRP dom ain 3 is isolat ed. I n ot her w or ds, R4 w on't be able t o get t o t he net w or k s connect ed t o R5 because t he 160.100.0.0 net w or k is denied fr om being r edist r ibut ed int o EI GRP fr om OSPF. To fix t his, y ou can add t he net w or k 160.100.0.0 as par t of t he access list . For t he pur poses of t his ex er cise, assum e t he back- t o- back ser ial connect ions bet w een R4 and R5 never fail.

Now t hat r edist r ibut ion is com plet ed and filt er ed on cor e r out er s, ex am ine som e I P r out ing t ables st ar t ing fr om t he cor e r out er R1 in OSPF ar ea 0, or t he backbone. A com m on t echnique t o ensur e net w or k connect iv it y is t o ping I P int er faces. Ex am ple 8- 60 display s t he I P r out ing t able ( OSPF r out es only ) on R1 and som e sam ple pings t o t he r em ot e EI GRP net w or k s 160.100.1.1/ 25 and 150.100.1.129/ 25.

Ex a m ple 8 - 6 0 sh ow ip r ou t e ospf a n d Pin gs on R1 R1#show ip route ospf 141.108.0.0/16 is variably subnetted, 13 subnets, 2 masks O E2 141.108.255.20/30 [110/100] via 141.108.255.6, 01:16:02, Serial1/1 O E2 141.108.255.16/30 [110/100] via 141.108.255.6, 01:16:02, Serial1/1 O E2 141.108.255.12/30 [110/100] via 141.108.255.6, 01:16:02, Serial1/1 160.100.0.0/17 is subnetted, 2 subnets O E2 160.100.128.0 [110/100] via 141.108.255.2, 01:16:11, Serial1/0 O E2 160.100.0.0 [110/100] via 141.108.255.6, 01:16:02, Serial1/1 R1#ping 160.100.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 160.100.1.1, timeout is 2 seconds: !!!!!

389

Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/32 ms R1#ping 160.100.128.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 160.100.128.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/31/32 ms R1# Ex am ple 8- 61 displays t he I P rout ing t able on R4.

Ex a m ple 8 - 6 1 sh ow ip r ou t e on R4 R4#show ip route 141.108.0.0/16 is variably subnetted, 13 subnets, 2 masks C 141.108.255.20/30 is directly connected, Serial1 D 141.108.255.16/30 [90/21504000] via 141.108.255.22, 01:42:25, Serial1 C 141.108.255.12/30 is directly connected, Serial0 D 141.108.255.4/30 [90/21504000] via 141.108.255.13, 01:42:51, Serial0 D EX 141.108.255.0/30 [170/22016000] via 141.108.255.22, 01:42:25, Serial1 D EX 141.108.1.0/24 [170/22016000] via 141.108.255.22, 01:21:46, Serial1 D EX 141.108.0.0/24 [170/22016000] via 141.108.255.22, 01:21:46, Serial1 D EX 141.108.3.0/24 [170/22016000] via 141.108.255.22, 01:21:46, Serial1 D EX 141.108.2.0/24 [170/22016000] via 141.108.255.22, 01:21:46, Serial1 D EX 141.108.5.0/24 [170/22016000] via 141.108.255.22, 01:21:46, Serial1 D EX 141.108.4.0/24 [170/22016000] via 141.108.255.22, 01:21:46, Serial1 D EX 141.108.7.0/24 [170/22016000] via 141.108.255.22, 01:21:46, Serial1 D EX 141.108.6.0/24 [170/22016000] via 141.108.255.22, 01:21:47, Serial1 160.100.0.0/17 is subnetted, 2 subnets D EX 160.100.128.0 [170/21017600] via 141.108.255.22, 01:42:27, Serial1 C 160.100.0.0 is directly connected, Ethernet0 Full connect ivit y is displayed on R4, and not ice t hat t he shaded r out es in Ex am ple 861 encom pass all t he r out es fr om 141.108.0.0– 141.108.7.255. ( These r out es ar e t he loopback int erfaces on R1.) Ex am ple 8- 62 display s a successful ping from R4 t o all t he rem ot e loopbacks on R1 t o ensur e t hat y ou hav e net w or k connect iv it y fr om t he EI GRP dom ain.

Ex a m ple 8 - 6 2 Pin gin g Loopba ck s fr om R4 R4#ping 141.108.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.0.1, timeout is 2 seconds:

390

!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max R4#ping 141.108.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.1.1, timeout is !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max R4#ping 141.108.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.2.1, timeout is !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max R4#ping 141.108.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.3.1, timeout is !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max R4#ping 141.108.4.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.4.1, timeout is !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max R4#ping 141.108.5.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.5.1, timeout is !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max ms R4#ping 141.108.6.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.6.1, timeout is !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max

= 36/37/44 ms

2 seconds: = 36/37/40 ms

2 seconds: = 36/36/40 ms

2 seconds: = 36/37/40 ms

2 seconds: = 36/38/40 ms

2 seconds: = 36/50/100

2 seconds: = 36/38/40 ms

Because R4 and R5 hav e a r edundant pat h t o t he OSPF back bone, t he EI GRP t opology t able on R4 and R5 displays feasible successor s. Ex am ple 8- 63 display s t he out put from t h e sh ow ip e ig r p t op olog y com m and on R4.

Ex a m ple 8 - 6 3 sh ow ip e ig r p t op olog y on R4 R4#show ip eigrp topology IP-EIGRP Topology Table for AS(1)/ID(160.100.1.1) Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, r - Reply status P 141.108.255.20/30, 1 successors, FD is 20992000 via Connected, Serial1 P 141.108.255.16/30, 1 successors, FD is 21504000 via Redistributed (21504000/0) P 141.108.255.12/30, 1 successors, FD is 20992000 via Connected, Serial0 P 141.108.255.4/30, 1 successors, FD is 21504000 via 141.108.255.13 (21504000/20992000), Serial0 P 141.108.255.0/30, 1 successors, FD is 22016000 via Redistributed (22016000/0) via 141.108.255.13 (26112000/6826496), Serial0 P 160.100.128.0/17, 1 successors, FD is 21017600

391

via Redistributed (21017600/0) via 141.108.255.13 (26112000/6826496), Serial0 P 160.100.0.0/17, 1 successors, FD is 281600 via Connected, Ethernet0 P 141.108.1.0/24, 1 successors, FD is 22016000 via Redistributed (22016000/0) via 141.108.255.13 (26112000/6826496), Serial0 P 141.108.0.0/24, 1 successors, FD is 22016000 via Redistributed (22016000/0) via 141.108.255.13 (26112000/6826496), Serial0 P 141.108.3.0/24, 1 successors, FD is 22016000 via Redistributed (22016000/0) via 141.108.255.13 (26112000/6826496), Serial0 P 141.108.2.0/24, 1 successors, FD is 22016000 via Redistributed (22016000/0) via 141.108.255.13 (26112000/6826496), Serial0 P 141.108.5.0/24, 1 successors, FD is 22016000 via Redistributed (22016000/0) via 141.108.255.13 (26112000/6826496), Serial0 P 141.108.4.0/24, 1 successors, FD is 22016000 via Redistributed (22016000/0) via 141.108.255.13 (26112000/6826496), Serial0 P 141.108.7.0/24, 1 successors, FD is 22016000 via Redistributed (22016000/0) via 141.108.255.13 (26112000/6826496), Serial0 P 141.108.6.0/24, 1 successors, FD is 22016000 via Redistributed (22016000/0) via 141.108.255.13 (26112000/6826496), Serial0 IP-EIGRP Topology Table for AS(3)/ID(160.100.1.1) P 141.108.255.20/30, 1 successors, FD is 20992000 via Connected, Serial1 via Reconnected (20992000/0) P 141.108.255.16/30, 1 successors, FD is 21504000 via 141.108.255.22 (21504000/2169856), Serial1 P 141.108.255.12/30, 1 successors, FD is 20992000 via Connected, Serial0 via Reconnected (20992000/0) P 141.108.255.4/30, 1 successors, FD is 21504000 via Redistributed (21504000/0) via 141.108.255.22 (22016000/2730496), Serial1 P 141.108.255.0/30, 1 successors, FD is 22016000 via 141.108.255.22 (22016000/21024000), Serial1 via Redistributed (26112000/0) P 160.100.128.0/17, 1 successors, FD is 21017600 via 141.108.255.22 (21017600/281600), Serial1 P 160.100.0.0/17, 1 successors, FD is 281600 via Redistributed (281600/0) P 141.108.1.0/24, 1 successors, FD is 22016000 via 141.108.255.22 (22016000/2730496), Serial1 via Redistributed (26112000/0) P 141.108.0.0/24, 1 successors, FD is 22016000 via 141.108.255.22 (22016000/2730496), Serial1 via Redistributed (26112000/0) P 141.108.3.0/24, 1 successors, FD is 22016000 via 141.108.255.22 (22016000/2730496), Serial1 via Redistributed (26112000/0) P 141.108.2.0/24, 1 successors, FD is 22016000

392

P

P

P

P

via 141.108.255.22 (22016000/2730496), via Redistributed (26112000/0) 141.108.5.0/24, 1 successors, FD is 22016000 via 141.108.255.22 (22016000/2730496), via Redistributed (26112000/0) 141.108.4.0/24, 1 successors, FD is 22016000 via 141.108.255.22 (22016000/2730496), via Redistributed (26112000/0) 141.108.7.0/24, 1 successors, FD is 22016000 via 141.108.255.22 (22016000/2730496), via Redistributed (26112000/0) 141.108.6.0/24, 1 successors, FD is 22016000 via 141.108.255.22 (22016000/2730496), via Redistributed (26112000/0)

Serial1

Serial1

Serial1

Serial1

Serial1

I n Ex am ple 8- 63, R4 has a num ber of dual pat hs t o r em ot e net w or ks, as shaded in t he out put . Because t he m et r ic is low er t hr ough Ser ial 1, t he chosen pat h t o t he r em ot e net w or k 141.108.6.0/ 24 is t hr ough Ser ial 1, for ex am ple. Nex t , sim ulat e a net w ork failure by shut t ing dow n t he serial link t o R5 on R4. Ex am ple 8- 64 disables t he link t o R5.

Ex a m ple 8 - 6 4 Sh u t D ow n S1 on R4 R4(config)#interface serial 1 R4(config-if)#shutdown 04:02:11: %LINK-5-CHANGED: Interface Serial1, changed state to administratively down 04:02:12: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1, changed state to down The I P r out ing t able on R4 displays t he pat h t o t he r em ot e loopbacks and OSPF net w ork t hrough Serial 0. Ex amp le 8- 65 confir m s t he I P r out ing t able; not e t he EI GRP com posit e m et r ic, w hich is higher t han t hr ough Ser ial 1 t o R5 ( 22016000 com par ed t o 26112000) .

Ex a m ple 8 - 6 5 sh ow ip r ou t e e igr p on R4 R4#show ip route eigrp 141.108.0.0/16 is variably subnetted, 11 subnets, 2 masks D 141.108.255.4/30 [90/21504000] via 141.108.255.13, 02:53:02, Serial0 D EX 141.108.255.0/30 [170/26112000] via 141.108.255.13, 00:02:07, Serial0 D EX 141.108.1.0/24 [170/26112000] via 141.108.255.13, 00:02:07, Serial0 D EX 141.108.0.0/24 [170/26112000] via 141.108.255.13, 00:02:07, Serial0 D EX 141.108.3.0/24 [170/26112000] via 141.108.255.13, 00:02:07, Serial0 D EX 141.108.2.0/24 [170/26112000] via 141.108.255.13, 00:02:07, Serial0 D EX 141.108.5.0/24 [170/26112000] via 141.108.255.13, 00:02:08, Serial0

393

D EX 141.108.4.0/24 [170/26112000] via 141.108.255.13, 00:02:08, Serial0 D EX 141.108.7.0/24 [170/26112000] via 141.108.255.13, 00:02:08, Serial0 D EX 141.108.6.0/24 [170/26112000] via 141.108.255.13, 00:02:08, Serial0 160.100.0.0/17 is subnetted, 2 subnets D EX 160.100.128.0 [170/26112000] via 141.108.255.13, 00:02:08, Serial0 This scenar io dem onst r at es t he m et r ic and filt er ing t echniques com m on in t oday 's lar ge I P net w or k s and t he car e t hat y ou must t ak e w hen sending net w or k s fr om one r out ing algor it hm t o anot her . You m ust pay par t icular at t ent ion t o t he m et r ic and avoid any rout ing loops. Ex am ple 8- 66 displa ys R1's full w or king configur at ion.

Ex a m ple 8 - 6 6 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 ! enable password cisco ! interface Loopback0 ip address 141.108.2.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback1 ip address 141.108.3.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback2 ip address 141.108.4.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback3 ip address 141.108.5.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback4 ip address 141.108.6.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback5 ip address 141.108.7.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback6 ip address 141.108.0.1 255.255.255.0 ip ospf network point-to-point ! interface Ethernet0/0 ip address 141.108.1.1 255.255.255.0 ! interface Serial1/0 ip address 141.108.255.1 255.255.255.252

394

clockrate 128000 ! interface Serial1/1 ip address 141.108.255.5 255.255.255.252 clockrate 128000 ! router ospf 1 redistribute connected subnets network 0.0.0.0 255.255.255.255 area 0 ! end Ex am ple 8- 67 display s R2's full w or k ing configur at ion.

Ex a m ple 8 - 6 7 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Serial1/0 bandwidth 128 ip address 141.108.255.2 255.255.255.252 no ip mroute-cache ! interface Serial1/1 ip address 141.108.255.17 255.255.255.252 ! router eigrp 2 redistribute ospf 1 metric 1500 2000 255 1 1500 route-map allowintoeigrp passive-interface Serial1/0 network 141.108.0.0 no auto-summary ! router ospf 1 summary-address 141.108.0.0 255.255.248.0 redistribute eigrp 2 metric 100 subnets route-map allowintoospf redistribute eigrp 1 network 141.108.255.2 0.0.0.0 area 0 access-list 1 deny 160.100.0.0 0.0.255.255 access-list 1 permit any access-list 2 deny 141.108.0.0 0.0.7.255 access-list 2 deny 141.108.255.0 0.0.0.3 access-list 2 deny 141.108.255.4 0.0.0.3 access-list 2 permit any route-map allowintoeigrp permit 10 match ip address 1 ! route-map allowintoospf permit 10 match ip address 2 ! end

395

Ex am ple 8- 68 display s R3's full w or k ing configur at ion.

Ex a m ple 8 - 6 8 R3 ' s Fu ll W or k in g Con figu r a t ion hostname R3 ! enable password cisco ! no ip domain-lookup ! interface Serial0 ip address 141.108.255.6 255.255.255.252 bandwidth 125 ! interface Serial1 ip address 141.108.255.13 255.255.255.252 bandwidth 125 clockrate 125000 ! router eigrp 1 redistribute ospf 1 metric 1500 20000 255 1 1500 route-map allowintoeigrp passive-interface Serial0 network 141.108.0.0 no auto-summary ! router ospf 1 redistribute eigrp 1 metric 100 subnets route-map allowintoospf network 141.108.255.6 0.0.0.0 area 0 access-list 1 deny 160.100.0.0 0.0.255.255 access-list 1 permit any access-list 2 deny 141.108.0.0 0.0.7.255 access-list 2 deny 141.108.255.0 0.0.0.3 access-list 2 deny 141.108.255.4 0.0.0.3 access-list 2 permit any route-map allowintoeigrp permit 10 match ip address 1 ! route-map allowintoospf permit 10 match ip address 2 ! end Ex am ple 8- 69 display s R4's full w or k ing configur at ion.

Ex a m ple 8 - 6 9 R4 ' s Fu ll W or k in g Con figu r a t ion hostname R4 ! enable password cisco ! interface Ethernet0 ip address 160.100.1.1 255.255.128.0 ! interface Serial0 bandwidth 125 ip address 141.108.255.14 255.255.255.252

396

ip summary-address eigrp 1 160.100.0.0 255.255.128.0 5 ! interface Serial1 bandwidth 125 ip address 141.108.255.21 255.255.255.252 clockrate 125000 ! router eigrp 1 redistribute eigrp 3 passive-interface Serial1 network 141.108.0.0 network 160.100.0.0 no auto-summary ! router eigrp 3 redistribute eigrp 1 passive-interface Ethernet0 passive-interface Serial0 network 141.108.0.0 no auto-summary access-list 1 permit 160.100.0.0 0.0.127.255 access-list 2 permit 160.100.0.0 0.0.127.255 route-map allowtoR3 permit 10 match ip address 1 ! route-map allowtoR5 permit 10 match ip address 2 end Ex am ple 8- 70 display s R5's full w or k ing configur at ion.

Ex a m ple 8 - 7 0 R5 ' s Fu ll W or k in g Con figu r a t ion hostname R5 ! enable password cisco interface Ethernet0 ip address 160.100.128.1 255.255.128.0 ! interface Serial0 ip address 141.108.255.18 255.255.255.252 ip summary-address eigrp 2 160.100.128.0 255.255.128.0 clockrate 125000 ! interface Serial1 ip address 141.108.255.22 255.255.255.252 no ip directed-broadcast ! router eigrp 3 redistribute eigrp 2 passive-interface Ethernet0 passive-interface Serial0 network 141.108.0.0 no auto-summary ! router eigrp 2

397

redistribute eigrp 3 passive-interface Serial1 network 141.108.0.0 network 160.100.0.0 no auto-summary ! ip classless ! end

Sce n a r io 8 - 4 : Rou t e Su m m a r iz a t ion Usin g St a t ic Rou t e s The int ernet w ork in Figur e 8- 6 display s a sim ple t w o- r out er t opology w it h t w o r out ing algor it hm s in use. This scenar io cont ains only t w o r out er s, so you can easily r eplicat e t his net w or k w it h y our ow n set of Cisco I OS r out er s.

Figu r e 8 - 6 . Ro u t in g I P Be t w e e n RI P a n d OSPF

The end goal of t his scenar io is t o ensur e full I P connect iv it y bet w een t he t w o differ ent I P net w or k s. The abilit y t o configur e net w or k s fr om a classless and classful dom ain and vice ver sa is cr it ical. This scenar io is designed t o ensur e t hat you ar e fully aw ar e of all t he pot ent ial pr oblem s w hen r out ing bet w een OSPF ( classless r out ing pr ot ocol) and RI P ( classful r out ing pr ot ocol) . Rout er R1 has a num ber of int erfaces in OSPF area 333, and R2 is running RI P only. This scenar io uses st at ic r out es t o ensur e connect iv it y bet w een t he classless ( RI P) dom ain t o t he classful ( OSPF) dom ain. You configur e R1 for r edist r ibut ion bet ween RI P and OSPF.

398

Ex am ple 8- 71 configur es R1 for I P addr essing and enables OSPF and RI P. Ensur e t hat RI P updat es ar e sent t o only t he Et her net int er faces on R1 by conf iguring R1 w it h passiv e int er faces, ev en on t he loopback s, because OSPF adv er t ises t hese r out es. To ensur e t hat r out ing r esour ces ar e not w ast ed, allow only one r out ing algor it hm t o adv er t ise each int er face. To do t his, y ou apply passiv e int er faces w her e requir ed.

Ex a m ple 8 - 7 1 R1 Con figu r a t ion R1(config)#interface Loopback0 R1(config-if)# ip address 131.108.2.1 255.255.255.0 R1(config-if)#interface Loopback1 R1(config-if)# ip address 131.108.3.1 255.255.255.128 R1(config-if)#interface Loopback2 R1(config-if)# ip address 131.108.3.129 255.255.255.128 R1(config-if)#interface Loopback3 R1(config-if)# ip address 131.108.4.1 255.255.255.248 R1(config-if)#interface Loopback4 R1(config-if)# ip address 131.108.5.1 255.255.255.248 R1(config)#router ospf 1 R1(config-router)#network 131.108.2.1 0.0.0.0 area 333 R1(config-router)#network 131.108.3.1 0.0.0.0 area 333 R1(config-router)#network 131.108.3.129 0.0.0.0 area 333 R1(config-router)#network 131.108.4.1 0.0.0.0 area 333 R1(config-router)#network 131.108.5.1 0.0.0.0 area 333 R1(config-router)#router rip R1(config-router)#network 131.108.0.0 R1(config-router)#pass R1(config-router)#passive-interface lo0 R1(config-router)#passive-interface lo1 R1(config-router)#passive-interface lo2 R1(config-router)#passive-interface lo3 R1(config-router)#passive-interface lo4 Ex am ple 8- 72 enables I P RI P on R2.

Ex a m ple 8 - 7 2 RI P Con f igu r a t ion on R2 R2(config)#interface ethernet 0/0 R2(config-if)#ip address 131.108.1.2 255.255.255.0 R2(config-if)#exit R2(config)#router rip R2(config-router)#network 131.108.0.0 To enable R2 t o lear n t he OSPF loopback int er faces on R1 dynam ically, enable RI Pt o- OSPF redist ribut ion on R1, by set t ing t he m et ric t o 1 ( hop cou n t ) . Ex am ple 8- 73 display s t he r edist r ibut ion on R1 fr om RI P t o OSPF.

Ex a m ple 8 - 7 3 Re dist r ibu t ion on R1 fr om RI P t o OSPF R1(config)#router rip R1(config-router)#redistribute ospf 1 metric 1

399

View t he I P r out ing t able on R2 t o det er m ine w hich RI P net w or ks R1 adver t ises t o R2. Ex am ple 8- 74 displays t he I P rout ing t able on R1.

Ex a m ple 8 - 7 4 sh ow ip r ou t e R1 R2#show ip route 131.108.0.0/24 is subnetted, 2 subnets R 131.108.2.0 [120/1] via 131.108.1.1, 00:00:06, Ethernet0/0 C 131.108.1.0 is directly connected, Ethernet0/0 The only I P net work in Ex am ple 8- 74 is t he subnet 131.108.2.0, w hich is a Class C subnet t ed r out e. Because R2 is configur ed w it h a classful r out ing pr ot ocol, only 24bit net w or k s ar e adv er t ised by R1 and accept ed by R2. You can use t w o m et hods t o solve t his scenar io. The fir st is t o use st at ic r out es, and t he second m et hod uses sum m arizat ion t echniques on R1. Configur e R2 w it h st at ic r out es and ensur e net w or k connect ivit y t o R1 loopback int er faces. Ex am ple 8- 75 configur es R2 w it h four st at ic r out es point ing t o t he nex t hop dest inat ion t o R1's Et her net I P addr ess of 131.108.1.1.

Ex a m ple 8 - 7 5 St a t ic Rou t e Con f igu r a t ion on R2 R2(config)#ip R2(config)#ip R2(config)#ip R2(config)#ip

route route route route

131.108.3.0 255.255.255.128 131.108.1.1 131.108.3.128 255.255.255.128 131.108.1.1 131.108.4.0 255.255.255.248 131.108.1.1 131.108.5.0 255.255.255.248 131.108.1.1

R2 is configur ed w it h st at ic r out ing infor m at ion, ev en t hough t he r em ot e net w or k s ar e not Class C subnet s. Confir m net w or k connect iv it y by v iew ing t he I P r out ing t able on R2 and pinging all rem ot e loopback int erfaces on R1. Ex am ple 8- 76 displays R2's I P rout ing t able and five ping request s t o all R1's loopback int er faces.

Ex a m ple 8 - 7 6 sh ow ip r ou t e a n d pin g on R2 R2#show ip route Codes: C - connected, S - static,R - RIP 131.108.0.0/16 is variably subnetted, 6 subnets, 3 masks S 131.108.3.128/25 [1/0] via 131.108.1.1 S 131.108.5.0/29 [1/0] via 131.108.1.1 S 131.108.4.0/29 [1/0] via 131.108.1.1 S 131.108.3.0/25 [1/0] via 131.108.1.1 R 131.108.2.0/24 [120/1] via 131.108.1.1, 00:00:13, Ethernet0/0 C 131.108.1.0/24 is directly connected, Ethernet0/0 R2#ping 131.108.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.2.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

400

R2#ping 131.108.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.3.1, timeout is 2 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = R2#ping 131.108.3.129 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.3.129, timeout is !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = R2#ping 131.108.4.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.4.1, timeout is 2 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = R2#ping 131.108.5.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 131.108.5.1, timeout is 2 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = R2#

seconds: 1/3/4 ms

2 seconds: 1/3/4 ms

seconds: 1/3/4 ms

seconds: 1/2/4 ms

Ex am ple 8- 76 displays I P net w or ks inst alled in t he r out ing t able. Even t hough RI P is classful, y ou can use st at ic r out es t o ov er com e t he lim it at ions of r out ing bet w een VLSM net w orks or fixed- lengt h subnet m ask ( FLSM) net w orks. I n t he nex t scenar io, y ou configur e r out ing bet w een VLSM and FLSM net w or k s w it hout using st at ic r out ing. Ex am ple 8- 77 display s R1's full w or k ing configur at ion.

Ex a m ple 8 - 7 7 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 ! enable password cisco ! ip subnet-zero interface Loopback0 ip address 131.108.2.1 255.255.255.0 ! interface Loopback1 ip address 131.108.3.1 255.255.255.128 interface Loopback2 ip address 131.108.3.129 255.255.255.128 interface Loopback3 ip address 131.108.4.1 255.255.255.248 ! interface Loopback4 ip address 131.108.5.1 255.255.255.248 ! interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 router ospf 1 network 131.108.2.1 0.0.0.0 area 333 network 131.108.3.1 0.0.0.0 area 333

401

network 131.108.3.129 0.0.0.0 area 333 network 131.108.4.1 0.0.0.0 area 333 network 131.108.5.1 0.0.0.0 area 333 ! router rip redistribute ospf 1 metric 1 passive-interface Loopback0 passive-interface Loopback1 passive-interface Loopback2 passive-interface Loopback3 passive-interface Loopback4 network 131.108.0.0 ! end Ex am ple 8- 78 display s R2's full w or k ing configur at ion.

Ex a m ple 8 - 7 8 R2 ' s Fu ll W or k in g Con figu r a t ion ( Tr u n ca t e d) hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 ! router rip network 131.108.0.0 ! ip route 131.108.3.0 255.255.255.128 131.108.1.1 ip route 131.108.3.128 255.255.255.128 131.108.1.1 ip route 131.108.4.0 255.255.255.248 131.108.1.1 ip route 131.108.5.0 255.255.255.248 131.108.1.1 end

Sce n a r io 8 - 5 : Rou t e Su m m a r iz a t ion W it h ou t Usin g St a t ic Rou t e s I n t his scenario, you revisit t he t opology in Figur e 8- 6 and use dy nam ic r out ing t o inser t t he non- class C net w orks int o R2's rout ing t able. Ex am ple 8- 79 r em ov es t he st at ic r out e configur at ion on R2.

Ex a m ple 8 - 7 9 Re m ov in g t h e St a t ic Rou t e Con f ig u r a t ion on R2 R2(config)#no ip route 131.108.3.0 255.255.255.128 131.108.1.1 R2(config)#no ip route 131.108.3.128 255.255.255.128 131.108.1.1 R2(config)#no ip route 131.108.4.0 255.255.255.248 131.108.1.1

402

R2(config)#no ip route 131.108.5.0 255.255.255.248 131.108.1.1 The I P r out ing t able on R2 now cont ains only t he 131.108.2.0/ 24 net w or k , as displayed in Ex am ple 8- 74. To redist ribut e t he net works in R1's net w or k , y ou can apply t he su m m a r y - a d d r e ss n et w or k- m ask com m and. R1 is an ASBR, so y ou can use t he su m m a r y com m and t o send an updat e t o RI P w it h any m ask y ou need. Because all Cisco I OS r out er s alw ay s choose a pat h w it h a m or e specific r out e, y ou can adv er t is e all loopbacks on R1 as Class C subnet s t o R2. Ex am ple 8- 80 configur es sum m ar izat ion on R1 for t he four loopback s.

Ex a m ple 8 - 8 0 su m m a r y - a ddr e ss Com m a n d on R1 R1(config)#router ospf 1 R1(config-router)#summary-address 131.108.3.0 255.255.255.0 R1(config-router)#summary-address 131.108.4.0 255.255.255.0 R1(config-router)#summary-address 131.108.5.0 255.255.255.0 R1(config-router)#redistribute connected subnets The last c om m and in Ex am ple 8- 80 ensur es t hat all connect ed r out es ( in t his case, t he loopbacks on R1) are redist ribut ed t o R2. Ex am ple 8- 81 displays t he I P rout ing t able on R2.

Ex a m ple 8 - 8 1 sh ow ip r ou t e on R2 R2#show ip route 131.108.0.0/24 R 131.108.5.0 R 131.108.4.0 R 131.108.3.0 R 131.108.2.0 C 131.108.1.0

is subnetted, 5 subnets [120/1] via 131.108.1.1, 00:00:06, [120/1] via 131.108.1.1, 00:00:06, [120/1] via 131.108.1.1, 00:00:06, [120/1] via 131.108.1.1, 00:00:06, is directly connected, Ethernet0/0

Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0

R2 assum es all 131.108.0.0 net w or k s ar e subnet t ed as 24- bit net works, as displayed in Ex am ple 8- 81. To ensur e t hat r out ing loops cannot occur , R1 sends only t he loopback s int er faces and R2 accept s only r out es t hat ar e not locally connect ed. Ex am ple 8- 82 configur es a r out e m ap, called allow out , t hat per m it s only t he nonclass C net w or k s t o be advert ised t o R2.

Ex a m ple 8 - 8 2 Rou t e M a p Con figu r a t ion on R1 R1(config)#router ospf 1 R1(config-router)#redistribute connected subnets route-map allowout R1(config-router)#exit R1(config)#route-map R1(config)#route-map allowout R1(config-route-map)#match in R1(config-route-map)#match interface ? Ethernet IEEE 802.3

403

Loopback Loopback interface Null Null interface Serial Serial

R1(config-route-map)#match interface R1(config-route-map)#match interface R1(config-route-map)#match interface R1(config-route-map)#match interface

loopback loopback loopback loopback

1 2 3 4

R1 is configur ed t o per m it only t he loopback int er faces 1–4 t o be r edist r ibut ed int o RI P. Loopback 0 is a Class C subnet r out e, so y ou do not need t o add t his int er fac e. To ensur e t hat R1 nev er accept s r out es t hat ar e locally r eachable, configur e a dist r ibut ion list t hat allow s only t he loopbacks configur ed on R1. Ex am ple 8- 83 conf igures a dist ribut ion list on R2 perm it t ing only loopbacks 0–4 int o R2's I P r out ing t able; all ot her net w or k s ar e r ej ect ed.

Ex a m ple 8 - 8 3 D ist r ibu t ion List Con f igu r a t ion on R2 R2(config)#router rip R2(config-router)#distribute-list 1 in R2(config-router)#exit R2(config)#access-list 1 permit 131.108.2.0 R2(config)#access-list 1 permit 131.108.3.0 R2(config)#access-list 1 permit 131.108.4.0 R2(config)#access-list 1 permit 131.108.5.0 Ex am ple 8- 84 confirm s t he I P rout ing t able on R2.

Ex a m ple 8 - 8 4 sh ow ip r ou t e r ip on R2 R2#show ip route rip 131.108.0.0/24 is subnetted, 5 subnets R 131.108.5.0 [120/1] via 131.108.1.1, R 131.108.4.0 [120/1] via 131.108.1.1, R 131.108.3.0 [120/1] via 131.108.1.1, R 131.108.2.0 [120/1] via 131.108.1.1,

00:00:00, 00:00:00, 00:00:00, 00:00:00,

Ethernet0/0 Ethernet0/0 Ethernet0/0 Ethernet0/0

The sam e pr inciples applied her e can be applied t o any num ber of r out er s, and as long as r out e m aps and filt er ing ar e applied, t he net w or k should be fr ee of r out ing loops and m aint ain full net w or k connect iv it y . Ex am ple 8- 85 displays R1's full w or k ing configur at ion.

Ex a m ple 8 - 8 5 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 ! enable password cisco ! interface Loopback0 ip address 131.108.2.1 255.255.255.0 ! interface Loopback1

404

ip address 131.108.3.1 255.255.255.128 ! interface Loopback2 ip address 131.108.3.129 255.255.255.128 ! interface Loopback3 ip address 131.108.4.1 255.255.255.248 ! interface Loopback4 ip address 131.108.5.1 255.255.255.248 interface Ethernet0/0 ip address 131.108.1.1 255.255.255.0 ! router ospf 1 summary-address 131.108.3.0 255.255.255.0 summary-address 131.108.4.0 255.255.255.0 summary-address 131.108.5.0 255.255.255.0 redistribute connected subnets route-map allowout network 131.108.2.1 0.0.0.0 area 333 network 131.108.3.1 0.0.0.0 area 333 network 131.108.3.129 0.0.0.0 area 333 network 131.108.4.1 0.0.0.0 area 333 network 131.108.5.1 0.0.0.0 area 333 ! router rip redistribute ospf 1 metric 1 passive-interface Loopback0 passive-interface Loopback1 passive-interface Loopback2 passive-interface Loopback3 passive-interface Loopback4 network 131.108.0.0 ! route-map allowout permit 10 match interface Loopback1 Loopback2 Loopback3 Loopback4 ! end Ex am ple 8- 86 displays R2's full w or k ing configur at ion.

Ex a m ple 8 - 8 6 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Ethernet0/0 ip address 131.108.1.2 255.255.255.0 ! router rip network 131.108.0.0 distribute-list 1 in access-list 1 permit 131.108.5.0

405

access-list access-list access-list access-list end

1 1 1 1

permit permit permit deny

131.108.4.0 131.108.3.0 131.108.2.0 160.100.0.0 0.0.255.255

Pr a ct ica l Ex e r cise : Re dist r ibu t ion N OTE Pr act ical Ex er cises ar e designed t o t est y our k now ledge of t he t opics cov er ed in t his chapt er . The Pr act ical Ex er cise begins by giv ing y ou som e infor m at ion about a sit uat ion and t hen ask s y ou t o w or k t hr ough t he solut ion on y our ow n. The solut ion can be found at t he end.

Figur e 8- 7 displays a t hr ee- r out er t opology r unning four r out ing algor it hm s, all using / 24- bit subnet m asks. Loopbacks are used on Rout ers R1 – R3 t o populat e t he net w or k w it h IP r out ing ent r ies.

Figu r e 8 - 7 . Pr a ct ica l Ex e r cise Topology

406

Configur e all t hr ee r out er s. Use filt er ing and m ake ext ensive use of passive int er faces t o av oid r out ing loops. Ensur e t hat r out ing updat es ar e sent t o only t he r elev ant int er faces.

Pr a ct ica l Ex e r cise Solut ion The issue of FLSM and VLSM is not par am ount in t his t opology because all subnet s are / 24. So t he m ain issue t o be aware of is filt ering. Each r out er is configur ed for local loopback s and an int er ior r out ing pr ot ocol, EI GRP, is configur ed acr oss t he WAN. Aft er y ou configur e t he loopback s and WAN link s ar e oper at ional, y ou st ar t by enabling t he local LAN int er faces. Then configur e r edist r ib ut ion by using filt er ing w her ev er r equir ed t o av oid r out ing loops. One com m on t r oubleshoot ing scenar io is t o cr eat e a loop by disabling split hor izon and t hen configur ing r out e m aps and/ or filt ering t o st op t he rout ing loop —gr eat fun, but only in a pr act ic e lab, of course. The follow ing configur at ions pr ov ide a sam ple w or k ing solut ion t o t he net w or k t opology in Figur e 8- 7. You can, how ev er , configur e t his net w or k m any differ ent w ays. St at ic r out es ar e not used in t his design. R1 is configur ed for RI P and EI GRP. The r edist r ibut ion on R1 is filt er ed t o deny any locally sourced net w orks on R1. All ot her net w orks are allow ed int o R1's I P rout ing t able. The shaded port ions in Ex am ple 8- 87 ar e k ey configur at ion com m ands for filt ering. Ex am ple 8- 87 displays R1's full w or king configur at ion.

Ex a m ple 8 - 8 7 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 ! enable password cisco ! ip subnet-zero interface Loopback0 ip address 141.108.2.1 ! interface Loopback1 ip address 141.108.3.1 ! interface Loopback2 ip address 141.108.4.1 ! interface Loopback3 ip address 141.108.5.1 ! interface Loopback4 ip address 141.108.6.1 ! interface Loopback5 ip address 141.108.7.1 !

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

255.255.255.0

407

interface Loopback6 ip address 141.108.0.1 255.255.255.0 ! interface Ethernet0/0 ip address 141.108.1.1 255.255.255.0 ! interface Serial1/0 bandwidth 128 ip address 151.108.255.1 255.255.255.0 clockrate 128000 ! interface Serial1/1 bandwidth 128 ip address 151.108.254.1 255.255.255.0 clockrate 128000 ! router eigrp 1 redistribute rip metric 128 20000 255 1 1500 network 151.108.0.0 distribute-list 1 in ! router rip passive-interface Serial1/0 passive-interface Serial1/1 network 141.108.0.0 ! ip classless ! access-list 1 deny 141.108.0.0 0.0.7.255 access-list 1 permit any ! line con 0 line aux 0 line vty 0 4 end Ex am ple 8- 88 display s R2's full w or k ing configur at ion.

Ex a m ple 8 - 8 8 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! ip subnet-zero ! interface Loopback0 ip address 141.108.9.1 255.255.255.0 ! interface Loopback1 ip address 141.108.10.1 255.255.255.0 ! interface Loopback2 ip address 141.108.11.1 255.255.255.0 ! interface Loopback3

408

ip address 141.108.12.1 255.255.255.0 ! interface Loopback4 ip address 141.108.13.1 255.255.255.0 ! interface Loopback5 ip address 141.108.14.1 255.255.255.0 ! interface Loopback6 ip address 141.108.15.1 255.255.255.0 ! interface Ethernet0/0 ip address 141.108.8.1 255.255.255.0 ! interface Serial1/0 bandwidth 128 ip address 151.108.255.2 255.255.255.0 interface Serial1/1 bandwidth 128 ip address 151.108.253.2 255.255.255.0 ! router eigrp 1 network 151.108.0.0 distribute-list 1 in ! router igrp 1 passive-interface Serial1/0 passive-interface Serial1/1 network 141.108.0.0 ! ip classless ! access-list 1 deny 141.108.8.0 0.0.7.255 access-list 1 permit any ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 8- 89 display s R3's full w or k ing configur at ion.

Ex a m ple 8 - 8 9 R3 ' s Fu ll W or k in g Con figu r a t ion hostname R3 ! enable password cisco ! no ip domain-lookup ! interface Loopback0 ip address 141.108.17.1 255.255.255.0 ! interface Loopback1 ip address 141.108.18.1 255.255.255.0

409

! interface Loopback2 ip address 141.108.19.1 255.255.255.0 ! interface Loopback3 ip address 141.108.20.1 255.255.255.0 ! interface Loopback4 ip address 141.108.21.1 255.255.255.0 ! interface Loopback5 ip address 141.108.22.1 255.255.255.0 ! interface Loopback6 ip address 141.108.23.1 255.255.255.0 ! interface Ethernet0 ip address 141.108.16.1 255.255.255.0 media-type 10BaseT ! interface Ethernet1 no ip address ! interface Serial0 ip address 151.108.254.2 255.255.255.0 bandwidth 128 ! interface Serial1 ip address 151.108.253.1 255.255.255.0 bandwidth 128 clockrate 128000 ! router eigrp 1 redistribute ospf 1 metric 128 20000 1 1 1500 network 151.108.0.0 distribute-list 1 in ! router ospf 1 network 141.108.16.0 0.0.7.255 area 100 ! ip classless access-list 1 deny 141.108.16.0 0.0.7.255 access-list 1 permit any ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 8- 90 display s t he I P r out ing t able on R1, dem onst r at ing full net w or k connect iv it y .

Ex a m ple 8 - 9 0 sh ow ip r ou t e on R1 R1#show ip route

410

141.108.0.0/24 is subnetted, 24 subnets C 141.108.1.0 is directly connected, Ethernet0/0 C 141.108.0.0 is directly connected, Loopback6 C 141.108.3.0 is directly connected, Loopback1 C 141.108.2.0 is directly connected, Loopback0 C 141.108.5.0 is directly connected, Loopback3 C 141.108.4.0 is directly connected, Loopback2 C 141.108.7.0 is directly connected, Loopback5 C 141.108.6.0 is directly connected, Loopback4 D EX 141.108.9.0 [170/20640000] via 151.108.255.2, 00:06:20, Serial1/0 D EX 141.108.8.0 [170/20537600] via 151.108.255.2, 00:06:21, Serial1/0 D EX 141.108.11.0 [170/20640000] via 151.108.255.2, 00:06:21, Serial1/0 D EX 141.108.10.0 [170/20640000] via 151.108.255.2, 00:06:21, Serial1/0 D EX 141.108.13.0 [170/20640000] via 151.108.255.2, 00:06:21, Serial1/0 D EX 141.108.12.0 [170/20640000] via 151.108.255.2, 00:06:21, Serial1/0 D EX 141.108.15.0 [170/20640000] via 151.108.255.2, 00:06:21, Serial1/0 D EX 141.108.14.0 [170/20640000] via 151.108.255.2, 00:06:21, Serial1/0 D EX 141.108.17.0 [170/25632000] via 151.108.254.2, 00:06:22, Serial1/1 D EX 141.108.16.0 [170/25632000] via 151.108.254.2, 00:06:22, Serial1/1 D EX 141.108.19.0 [170/25632000] via 151.108.254.2, 00:06:22, Serial1/1 D EX 141.108.18.0 [170/25632000] via 151.108.254.2, 00:06:22, Serial1/1 D EX 141.108.21.0 [170/25632000] via 151.108.254.2, 00:06:22, Serial1/1 D EX 141.108.20.0 [170/25632000] via 151.108.254.2, 00:06:22, Serial1/1 D EX 141.108.23.0 [170/25632000] via 151.108.254.2, 00:06:22, Serial1/1 D EX 141.108.22.0 [170/25632000] via 151.108.254.2, 00:06:22, Serial1/1 151.108.0.0/24 is subnetted, 3 subnets C 151.108.255.0 is directly connected, Serial1/0 C 151.108.254.0 is directly connected, Serial1/1 D 151.108.253.0 [90/21024000] via 151.108.254.2, 00:06:22, Serial1/1 [90/21024000] via 151.108.255.2, 00:06:22, Serial1/0 R1# The r edist r ibut ed net w or ks fr om R2 and R3 appear as ext er nal EI GRP r out es ( D EX) . Also, because t he com posit e m et r ic t o t he WAN net wor k 151.108.253.0/ 24 is t he sam e, EI GRP is load balancing. The EI GRP t opology t able on R1 confir m s t he sam e com posit e m et r ic.

411

Ex am ple 8- 91 display s t he EI GRP t opology t able on R1. The shaded por t ions display t he dual pat h t o 151.108.253.0.

Ex a m ple 8 - 9 1 sh ow ip e ig r p t op olog y on R1 R1#show ip eigrp topology IP-EIGRP Topology Table for process 1 Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, r - Reply status P 151.108.255.0/24, 1 successors, FD is 20512000 via Connected, Serial1/0 P 151.108.254.0/24, 1 successors, FD is 20512000 via Connected, Serial1/1 P 151.108.253.0/24, 2 successors, FD is 21024000 via 151.108.255.2 (21024000/20512000), Serial1/0 via 151.108.254.2 (21024000/20512000), Serial1/1 P 141.108.1.0/24, 1 successors, FD is 25120000 via Redistributed (25120000/0) P 141.108.0.0/24, 1 successors, FD is 25120000 via Redistributed (25120000/0) P 141.108.3.0/24, 1 successors, FD is 25120000 via Redistributed (25120000/0) P 141.108.2.0/24, 1 successors, FD is 25120000 via Redistributed (25120000/0) P 141.108.5.0/24, 1 successors, FD is 25120000 via Redistributed (25120000/0) P 141.108.4.0/24, 1 successors, FD is 25120000 via Redistributed (25120000/0) P 141.108.7.0/24, 1 successors, FD is 25120000 via Redistributed (25120000/0) P 141.108.6.0/24, 1 successors, FD is 25120000 via Redistributed (25120000/0) P 141.108.9.0/24, 1 successors, FD is 20640000 via 151.108.255.2 (20640000/128256), Serial1/0 P 141.108.8.0/24, 1 successors, FD is 20537600 via 151.108.255.2 (20537600/281600), Serial1/0 P 141.108.11.0/24, 1 successors, FD is 20640000 via 151.108.255.2 (20640000/128256), Serial1/0 P 141.108.10.0/24, 1 successors, FD is 20640000 via 151.108.255.2 (20640000/128256), Serial1/0 P 141.108.13.0/24, 1 successors, FD is 20640000 via 151.108.255.2 (20640000/128256), Serial1/0 P 141.108.12.0/24, 1 successors, FD is 20640000 via 151.108.255.2 (20640000/128256), Serial1/0 P 141.108.15.0/24, 1 successors, FD is 20640000 via 151.108.255.2 (20640000/128256), Serial1/0 P 141.108.14.0/24, 1 successors, FD is 20640000 via 151.108.255.2 (20640000/128256), Serial1/0 P 141.108.17.0/24, 1 successors, FD is 25632000 via 151.108.254.2 (25632000/25120000), Serial1/1 P 141.108.16.0/24, 1 successors, FD is 25632000 via 151.108.254.2 (25632000/25120000), Serial1/1 P 141.108.19.0/24, 1 successors, FD is 25632000 via 151.108.254.2 (25632000/25120000), Serial1/1 P 141.108.18.0/24, 1 successors, FD is 25632000 via 151.108.254.2 (25632000/25120000), Serial1/1 P 141.108.21.0/24, 1 successors, FD is 25632000

412

via 151.108.254.2 (25632000/25120000), P 141.108.20.0/24, 1 successors, FD is 25632000 via 151.108.254.2 (25632000/25120000), P 141.108.23.0/24, 1 successors, FD is 25632000 via 151.108.254.2 (25632000/25120000), P 141.108.22.0/24, 1 successors, FD is 25632000 via 151.108.254.2 (25632000/25120000), R1#

Serial1/1 Serial1/1 Serial1/1 Serial1/1

Ex ample 8- 92 confir m s net w or k I P connect iv it y by pinging all t he r em ot e net w or k s from R1.

Ex a m ple 8 - 9 2 Pin gin g Re m ot e N e t w or k s on R1 R1#ping 141.108.8.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.8.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms R1#ping 141.108.9.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.9.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1#ping 141.108.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.10.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1#ping 141.108.11.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.11.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/17 ms R1#ping 141.108.12.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.12.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1#ping 141.108.13.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.13.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1#ping 141.108.14.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.14.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1#ping 141.108.15.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.15.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1#ping 141.108.16.1 Type escape sequence to abort.

413

Sending 5, 100-byte ICMP Echos to 141.108.16.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms R1#ping 141.108.17.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.17.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms R1#ping 141.108.18.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.18.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1#ping 141.108.19.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.19.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1#ping 141.108.20.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.20.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/13/16 ms R1#ping 141.108.21.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.21.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/17 ms R1#ping 141.108.22.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.22.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/17 ms R1#ping 141.108.23.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 141.108.23.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1#

Re v ie w Qu e st ion s The answ er s t o t hese quest ion can be found in Appendix C, “ Answ er s t o Rev iew Quest ions.”

1:

How m any I P rout ing t ables are t here w hen m ore t han one rout ing prot ocol is configur ed on a Cisco r out er ?

2:

Which pat h is pr efer r ed if OSPF and EI GRP hav e dy nam ically discov er ed a rem ot e net work?

414

3:

What com m on m et hods ar e used t o cont r ol r out ing updat es and filt er ing?

4:

What is t he m et r ic used by OSPF, and is t he low er or higher m et r ic t he chosen pat h?

5:

I s a st at ic r out e alw ay s pr efer r ed ov er a dir ect ly connect ed r out e?

6:

Which com m and st ops updat es fr om being sent out of any int er face?

7:

Which par am et er does t he Cisco I OS alw ay s com par e befor e look ing at r out ing m et r ics, such as hop count or OSPF cost ?

8:

Giv e t w o ex am ples of classful pr ot ocols?

9:

Giv e t w o ex am ples of classless pr ot ocols?

10:

What ar e t he t hr ee m et hods com m only applied t o avoid r out ing loops w hen r edist r ibut ion is r equir ed?

Su m m a r y Redist r ibut ion fr om one r out ing pr ot ocol t o anot her has been ext ensively cover ed in t his chapt er . The issues of r out ing loops and met r ic conv er sion fr om one r out ing pr ot ocol t o anot her hav e been dem onst r at ed, and y ou should now hav e t he sk ills necessar y t o enable any for m of r out e r edist r ibut ion. Rout ing bet w een classless and classful dom ains is one of t he m aj or lear ning t ools you m ust m ast er quickly in any I P net w or k . I n such a sit uat ion, infor m at ion can be cont r olled t o ensur e t hat t he net w or k is r out ing I P as cor r ect ly and efficient ly as possible. Mast er ing dist r ibut ion list s, st at ic r out ing, and r out e m aps enables y ou t o av oid rout ing loops and ensur e t hat full I P connect iv it y st ill ex ist s. You should now be r eady t o apply t he infor m at ion in t his and all of t he pr evious chapt er s t o t he self- st udy lab in Chapt er 9, “ CCNP Rout ing Self - St udy Lab.” Table 8- 3 sum m ar izes t he m ost im por t ant com m ands used in t his chapt er .

Table 8-3. Summary of IOS Commands Command a r e a ar ea- id r a n g e addr ess m ask

Purpose Sum m ar izes OSPF net w or k r anges.

r ou t e r ospf pr ocess id Enables OSPF r out ing. The pr ocess I D is local t o t he r out er . You can hav e m or e t han one OSPF pr ocess I D r unning. r ou t e r e igr p Enables EI GRP r out ing under a com m on adm inist r at iv e aut onom ous dom ain I D cont r ol, k now n as t he aut onom ous dom ain. n o a u t o- su m m a r y

Disables aut om at ic sum m ar izat ion.

415

sh ow ip r ou t e

Display s t he com plet e I P r out ing t able.

sh ow ip e ig r p t opology

Display s t he EI GRP t opology t able. Useful for det erm ining ot her pat hs av ailable on an EI GRP r out er .

[ no] sh u t d o w n

Enables or disables an int er face. All har dw ar e int er faces ar e shut dow n by default .

p in g ip- addr ess

Test s I P connect iv it y .

r e dist r ibu t e opt ions

Enables r edist r ibut ion. See Table 8- 2 for a com plet e list ing of available opt ions.

p a ssiv e - in t e r fa ce

Disables updat es sent out bound but st ill list ens t o updat es.

416

Ch a pt e r 9 . CCN P Rou t in g Se lf- St u dy La b This chapt er is designed t o assist you in your final pr epar at ion for t he Rout ing exam by pr ov iding y ou an ex t ensiv e lab scenar io t hat incor por at es m any of t he t echnologies and concept s cov er ed in t his book . The lab pr esent ed her e r equir es a br oad per spect iv e and k now ledge base. This m eans t hat any k now ledge y ou hav e acquir ed t hr ough t he pr act ical ex am ples pr esent ed in t his guide and r eal- life net w ork im plem ent at ions w ill help y ou achiev e t he end goal—a r out able net w or k accor ding t o t he set design crit eria. This lab is pr esent ed in sm all sect ions and pr ov ides y ou a specific am ount of t im e t o com plet e t he t ask s so t hat y ou can ensur e t hat all feat ur es ar e configur ed in a t im ely m anner , allow ing y ou t he abilit y t o t ack le any sim ilar Cisco- based cer t ificat ion or r eal- life net w or k t opology configur at ion. N OTE The follow ing lab is designed t o dr aw t oget her som e of t he cont ent descr ibed in t his book and som e of t he cont ent y ou hav e seen in y our ow n net w or k s or pr act ice la bs. Ther e is no one r ight w ay t o accom plish m any of t he t ask s pr esent ed her e. The abilit ies t o use good pr act ice and define y our end goal ar e im por t ant in any r eal- life design or solut ion. The Et her net int er faces on all r out er s ar e connect ed t o a Cat aly st 6509 sw it ch. Hint s ar e pr ov ided t o ensur e t hat y ou ar e aw ar e of any issues or ex t r a configur at ion com m ands r equir ed t o com plet e a specific t ask .

H ow t o Be st U se Th is Ch a pt e r The following self - st udy lab cont ains a six- r out er net w or k w it h t w o I nt er net ser v ice pr ov ider ( I SP) r out er s pr ov iding connect ions t o t he I nt er net . Alt hough on t he CCNP Rout ing ex am y ou do not hav e t o configur e six r out er s r unning m ult iple pr ot ocols, t his lab is designed t o ensur e t hat y ou hav e all t he pr act ical sk ills t o achiev e alm ost any I P r out ing r equir em ent s in r eal- life net w or k s. Mor e im por t ant ly , it t est s y our pr act ical sk ill set so y ou can pass t he CCNP Rout ing ex am inat ion w it h confidence. Full w or k ing solut ions ar e pr ov ided, along w it h t he configur at ion of a Cat aly st 6509 used t o cr eat e t he LAN- based net w or ks, and t he t w o I SP r out er s sim ulat ing an I nt er net ser v ice. Follow ing t he full configur at ions in t he solut ion sect ion, a sect ion displays sam ple r out ing t ables t aken fr om each r out er , as w ell as som e sam ple p i n g and t e ln e t com m ands t o dem onst r at e full I P connect iv it y . The I BGP and EBGP net w or k connect iv it y is dem onst r at ed display ing t he BGP t ables. Figur e 9- 1 displays t he six- r out er t opology used in t his lab.

417

Figu r e 9 - 1 . Rou t e r Topology

Th e Goa l of t h e La b The end goal of t his lab is t o ensur e t hat all devices in Figur e 9- 1 can r out e t o all net w or k s. This ensur es, for ex am ple, t hat user s on R5's Et her net net w or k s ( E0 and E1) can r each all par t s of t he net w or k.

Ph y sica l Con n e ct iv it y ( 1 H ou r ) Const ruct y our net w or k as show n on Figur e 9- 1. All back- t o- back ser ial connect ions r equir e a clock sour ce. Use com m on Cisco defined t echniques by using t he I OS d e scr ip t ion nam e of link com m and t o pr ov ide docum ent at ion for all ser ial link s and v ir t ual LANs.

418

Ca t a ly st Sw it ch Se t u p 6 5 0 9 ( 0 .2 5 H ou r s) Configur e t he Et her net sw it ch for sev en VLANs and cable a cat aly st sw it ch for t he follow ing VLAN num ber assignm ent s: • • • • • • •

VLAN VLAN VLAN VLAN VLAN VLAN VLAN

100 200 300 400 500 550 600

is is is is is is is

connect ed connect ed connect ed connect ed connect ed connect ed connect ed

to to to to to to to

R1 R2 R3 R4 R5 R5 R6

E0/ 0. E0/ 0. E0. E0. E0. E1. E0.

Configur e t he m anagem ent int er face ( or sc0) on t he sw it ch w it h t he I P addr ess 133.33.1.2/ 29, and ensur e t hat all r out er s can Telnet t o t he sw it ch aft er y ou hav e com plet ed configur ing y our I GP pr ot ocols. Configur e a default r out e point ing t o R1's Et her net int er face, I P addr ess 133.33.1.1/ 29 on Cat aly st 6509.

I P Addr e ss Con figu r a t ion ( 0 .5 H ou r s) Use t he Class B I P addr ess 130.33.0.0. Configur e I P addr essing as follow s: • • • • •

Use a 29- bit 300. Use a 27- bit Use a 24- bit Use a 30- bit Use a 24- bit R4/ R6.

m ask for VLAN 100 and a 25- bit m ask for VLAN 200 and VLAN m ask m ask m ask m ask

for for for for

VLAN 400. VLAN 500, VLAN 550, and VLAN 600. all WAN connect ions on Rout ers R1, R2, R3, and R4. t he WAN connect ion bet w een Rout er s R4/ R5 and

Aft er I P r out ing is com plet ed, all int er faces should be pingable fr om any r out er. Table 9- 1 displays t he I P address assignm ent for Rout ers R1 – R6.

Table 9-1. IP Address Assignment Router Interface

IP Address

R1 E0/ 0

133. 33. 1. 1/ 29

R1 S0/ 0

1 7 1 . 108. 1. 6/ 30 ( t o I SP2)

R1 S1/ 0

133. 33. 7. 1/ 30

R1 S1/ 1

133. 33. 7. 5/ 30

R1 S1/ 3

171.108.1.2/ 30 ( t o I SP1)

R2 E0/ 0

133. 33. 3. 1/ 25

R2 S1/ 0

133. 33. 7. 2/ 30

R2 S1/ 1

133. 33. 7. 9/ 30

R3 E0

133. 33. 4. 1/ 25

419

R3 S0

133.33.7.10/ 30

R3 S1

133.33.7.13/ 30

R3 S2

133. 33. 7. 6/ 30

R4 E0

133. 33. 5. 1/ 27

R4 S1

133.33.7.14/ 30

R4 S2

133.33.10.2/ 24

R4 S3

133.33.11.2/ 24

R5 E0

133. 33. 8. 1/ 24

R5 E1

133. 33. 9. 1/ 24

R5 S0

133.33.10.1/ 24

R6 E0

133. 33. 6. 1/ 24

R6 S1

133.33.11.1/ 24

I SP1 S0

171.108.1.1/ 30

I SP1 E0

141.108.1.1/ 24

I SP2 S0

171.10 8.1.5/ 30

I SP2 E0

141.108.1.2/ 24

Loopback I P Addressing: Part I ( 0 .2 5 Hours) Configur e each r out er w it h a loopback int er face. Assign t he loopback s on each r out er using t he r ange of addr esses fr om 133.33.201.0–133.33.206.0 and a Class C m ask. I t m ust be possible t o ping and t elnet t o t he loopback s fr om any one r out er . Test I P connect iv it y by pinging fr om R1, and ensur e t hat y ou can t elnet t o any r out er w it hin y our net w or k aft er y ou com plet e all I GP r out ing pr ot ocol configur at ions. Table 9- 2 displays t he loopback addr esses you need t o assign t o all six r out er s.

Table 9-2. Loopback Address Assignments Router

Loopback 0

R1

133. 33. 201. 1/ 24

R2

133. 33. 202. 1/ 24

R3

133.33. 203. 1/ 24

R4

133. 33. 204. 1/ 24

R5

133. 33. 205. 1/ 24

R6

133. 33. 206. 1/ 24

Ensure t hat all loopbacks in Table 9- 2 appear as 24- bit net works in all I P rout ing t ables, by using t he int er face ip osp f n e t w or k p oin t - t o- poin t com m and for all r out er s configur ed w it h OSPF.

420

Loopback I P Addressing: Part I I ( 0 .2 5 H ours) Cr eat e sev en loopback int er faces in R1 by using 24- bit net work m asks in m aj or net w or ks r anging fr om 133.33.16.0/ 24– 13 3.33.23.0/ 24. Cr eat e sev en loopback int er faces in R2 by using 24- bit net work m asks in m aj or net w or ks r anging fr om 133.33.24.0/ 24 t o 133.33.31.0/ 24. Ensur e t hat y ou per for m net w or k sum m ar izat ion of t hese loopback s t o r educe I P r out ing t able size w her ever possible. Configur e a st at ic r out e on R5 t o ensur e t hat all loopbacks r anging fr om 133.33.16.0 t o 133.33.31.0 ar e encom passed by a single st at ic r out ing ent r y . ( Hint : The subnet m ask for a st at ic r out e is 255.255.240.0.)

I GP Rou t in g ( 7 H ou r s) This sect ion re quir es y ou t o configur e OSPF, I GRP, and EI GRP acr oss t he six r out er s and ensur e t hat r edist r ibut ion is used t o pr ov ide I P connect iv it y am ong all r out ing dom ains.

I GRP Configurat ion ( 1 .0 H our) Configure I GRP ( AS 1) on R4 and R5 t o m eet t he follow ing specificat ions: • • • • •

Configure I GRP on R5 E0/ E1 and for t he serial link bet ween R4 and R5. Ensur e pr oper filt er ing is configur ed on R4 t o send only net w or k s t hat do not reside on R5. Redist r ibut e t he I GRP r out e int o OSPF/ EI GRP dom ain. View t he OSPF sect ion for det ails on redist ribut ion. Mak e sur e y ou can see dist r ibut ed I GRP r out es t hr oughout t he t opology . By using t he I OS p a ssiv e - in t e r fa ce com m and, ensur e t hat only t he cor r ect int er faces r esiding in t he I GRP AS ar e configur ed t o send and r eceive I GRP updat es. This ensur es t hat r out er r esour ces ar e not unnecessar ily consum ed.

EI GRP Configura t ion ( 1 .5 H ours) Configure EI GRP on Rout ers R1, R4, and R6: • • • • •

Configure t he link bet ween R4 and R6 in EI GRP dom ain 1. Configure VLAN 600 t o reside in dom ain 2. Redist r ibut e bet w een EI GRP 1 and 2 and ensur e net w or k connect iv it y . Ensur e t hat t he I GRP dom ain and OSPF dom ain hav e t hese net w or k s pr esent in t heir r espect ive I P r out ing t ables. Ensur e t hat VLAN 600 ( 133.33.6.0/ 24) and t he loopback subnet on R6 ( 133.33.206.0/ 24) OSPF cost m et r ic ar e set t o 1000. ( Met r ic t y pe 2 by default is configur ed w hen r edist r ibut ing fr om any pr ot ocol int o OSPF.) Hint : Use t he r out e - m a p com m and t o com plet e t his t ask .

421

•

Configure R6 t o set all ext ernal EI GRP rout es ( D EX) in AS 1 wit h an adm inist r at iv e dist ance of 90 ( t he sam e AD as int er nal EI GRP r out es) .

OSPF Configurat ion ( 2 .5 H ours) Configure OSPF on R1, R2, R3, and R4: • • • • • • • • • •

Configur e t he ser ial back- t o- back links bet ween R1/ R2, R2/ R3, and R1/ R3 in t he back bone ( ar ea 0.0.0.0) . Configur e t he ser ial link bet w een R3 and R4 in OSPF area 350. Configure VLAN 100 in area 100. Configure VLAN 200 in area 200. Configure VLAN 300 in area 300. Configure VLAN 400 in area 350. Addit ional ar eas ar e not r equir ed. Ensur e t hat any OSPF ar eas not connect ed t o ar ea 0 ar e configur ed w it h an OSPF vir t ual link t o ensur e I P connect ivit y. ( Hint : No vir t ual links ar e r equir ed because no OSPF ar eas ar e par t it ioned fr om t he back bone ar ea, or 0.0.0.0.) Assign any loopback s int o alr eady ex ist ing ar eas. Redist ribut e OSPF int o EI GRP and I GRP t o m a int ain full- net w or k connect iv it y .

OSPF M odificat ions ( 2 H ours) Configur e OSPF t o per for m t he follow ing funct ions: • • • • • • •

Ensur e t hat R3 is alw ay s t he DR on VLAN 300 by set t ing t he OSPF pr ior it y t o 255. Change t he Hello int er v al bet w een R1/ R3 WAN link t o 25 seconds. Configur e MD5 aut hent icat ion bet w een R1/ R3 WAN link set t ing t he passw or d t o ccnp. ( Hint : All r out er s in ar ea 0 r equir e aut hent icat ion; hence, t he ser ial link bet w een R1/ R2 r equir es MD5 aut hent icat ion as w ell.) Configure t he local nam es of Rout ers R1 – R6 so t hat all OSPF- enabled rout ers can per for m an OSPF nam e look up ( using t he loopback s in Table 9- 2 as I P addr esses) for all OSPF adj acencies. Ensur e t hat t he r out er I D on all OSPF enabled- r out er s ( R1 t o R4) m at ch t he loopbacks used in Table 9- 2. ( Hint : Use t he r ou t e r- i d com m and under t he OSPF process I D.) Configur e ar ea 200 as a st ub area. Ensure t hat t he OSPF cost as seen by R1 and R3 for VLAN 200 is 1000.

BGP Rou t in g Con figu r a t ion ( 5 H ou r s) The aim of t his exer cise is t o configur e I BGP am ong t he r out er s in your I GP net w or k ( Rout ers R1 – R6) and m inim ize t he num ber of I BGP peer sessions for easy configurat ion. R1 is t he focal point for all I BGP peering sessions and has t w o EBGP connect ions t o t he sam e I SP pr ov ided for r edundancy pur poses. You w ill also be asked t o configur e BGP at t r ibut es t o influence r out ing decisions m ade in your I BGP

422

net w or k and also influence w hich pat h t he I nt er net I SP r out er s, I SP1 and I SP2, choose t o use for net w or k s r esiding in y our r out ing dom ain.

I BGP Configurat ion ( 2 H ours) Configur e I BGP ( your aut onom ous syst em num ber is 1) w it hin your net w or k t o m eet t h e following condit ions: • • • • •

All r out er s ar e configur ed w it h m inim um num ber of I BGP peer s for scalabilit y; t his m eans you m ust use rout e reflect ors and configure R1 as t he rout e reflect or t o R2, R3, R4, R5, and R6 ( rout e reflect or client s) . Use BGP peer groups on R1 t o m inim ize t he BGP configur at ion code r equir ed on R1. Disable BGP synchr onizat ion on all I BGP r out er s. All I BGP rout ers should receive rout ing updat es from R1 only . All I BGP connect ions m ust be act ive as long as t here is an act ive pat h bet w een t he r out er s; hence, use t he assigned loopback int er faces as y our sour ce and nex t hop peer addr ess for est ablishing TCP sessions. ( Hint : Because t her e ar e r edundant pat hs, t he best pr act ice in an I BGP net w or k is t o use loopback int er faces as t he sour ce and dest inat ion addresses for all I BGP peer sessions.)

EBGP Configurat ion ( 1 H our) • • • •

Rout er R1 has t w o EBGP connect ions t o t he sam e I SP for r edundancy purposes. Configure R1 - R6 t o m eet t he follow ing requirem ent s: Configur e EBGP bet w een R1 ( AS 1) and I SP1/ I SP2 ( AS 1024) . The Rout er s I SP1/ I SP2 ar e bot h connect ed t o AS 1024. Configur e I SP1 and I SP2 t o pr ov ide a default r out e t o R1, along w it h som e specific r out ing dest inat ions using st at ic r out es t o Null0. Ex am ple 9- 1 displays t he st at ic r out e configur at ions on I SP1 and I SP2.

Ex a m ple 9 - 1 St a t ic Rou t e s on I SP1 / I SP2 ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip ip

route route route route route route route route route route route route route route route route route route route

0.0.0.0 0.0.0.0 Null0 1.0.0.0 255.0.0.0 Null0 2.0.0.0 255.0.0.0 Null0 3.0.0.0 255.0.0.0 Null0 4.0.0.0 255.0.0.0 Null0 5.0.0.0 255.0.0.0 Null0 6.0.0.0 255.0.0.0 Null0 7.0.0.0 255.0.0.0 Null0 8.0.0.0 255.0.0.0 Null0 10.0.0.0 255.0.0.0 Null0 11.0.0.0 255.0.0.0 Null0 100.0.0.0 255.0.0.0 Null0 101.0.0.0 255.0.0.0 Null0 102.0.0.0 255.0.0.0 Null0 141.100.0.0 255.255.0.0 Null0 141.108.0.0 255.255.0.0 Null0 142.100.0.0 255.255.0.0 Null0 143.100.0.0 255.255.0.0 Null0 144.100.0.0 255.255.0.0 Null0

423

ip ip ip ip ip

route route route route route •

145.100.0.0 146.100.0.0 147.100.0.0 148.100.0.0 149.100.0.0

255.255.0.0 255.255.0.0 255.255.0.0 255.255.0.0 255.255.0.0

Null0 Null0 Null0 Null0 Null0

The I SP has pr ov ided y ou w it h t he follow ing nex t hop addr esses and y our local AS num ber: - The R1 S0/ 0 next hop addr ess is 171.108.1.1/ 30, and t he r em ot e AS is 1024. - The R1 S1/ 3 next hop addr ess is 171.108.1.5/ 30, and t he r em ot e AS is 1024.

•

Configure EBGP on R1 and ensure t hat all advert ised rout es from I SP1 and I SP2 are present in R1's BGP t able.

Adva nced BGP Configura t ion: Policy Rout ing ( 1 H our) Using policy- based r out ing, ensur e t hat all t r affic sent fr om R3 ( fr om user s on VLAN 300) m eet s t he follow ing crit eria: • • • •

All I nt er net t r affic sent t o t he default rout e 0.0.0.0 is sent t hrough R1. All I CMP t raffic is sent t hrough R2. All ot her t raffic is sent t hrough R1. Using t he I OS d e b u g ip p olicy com m and, ensur e t hat I P t r affic is sent ov er t he cor r ect int er face.

Adva nce d BGP Configur a t ion: Att ribut e M odifica t ion ( 1 H our ) Configur e R1 t o set t he follow ing at t r ibut es for net w or k s fr om t he I SP r out er s nam ed I SP1/ I SP2: • •

Pr epend all net w or k s in t he r ange 1.0.0.0 t o 9.0.0.0 w it h t he AS_Pat h 400 300 200 and set t he or igin at t r ibut e t o incom plet e. Set t he weight of all net works received from I SP1 t o 100 and I SP2 t o 200.

Se lf- St u dy La b Solu t ion The follow ing sam ple configur at ion files achiev e t he desir ed design cr it er ia. This is by no m eans t he only possible solut ion. As y ou hav e discov er ed t hr oughout t his pr act ical guide, t her e is not alw ay s one r ight w ay t o accom plish t he t ask s pr esent ed. I n fact , t he best possible w ay t o lear n m or e is t o change t he quest ions t o m eet your ow n goals and use sh o w and d e b u g com m ands t o v er ify I P connect iv it y . Pr esent ed her e ar e nine configur at ion files.

424

Ex am ple 9- 2 display s R1's full w or k ing configur at ion.

Ex a m ple 9 - 2 R1 ' s Fu ll W or k in g Con figu r a t ion hostname R1 ! enable password cisco ! ip subnet-zero ip host R6 133.33.206.1 ip host R5 133.33.205.1 ip host R4 133.33.204.1 ip host R3 133.33.203.1 ip host R2 133.33.202.1 ip host r1 133.33.201.1 ! interface Loopback0 ip address 133.33.201.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback1 ip address 133.33.16.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback2 ip address 133.33.18.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback3 ip address 133.33.17.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback4 ip address 133.33.19.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback5 ip address 133.33.20.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback6 ip address 133.33.21.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback7 ip address 133.33.22.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback8 ip address 133.33.23.1 255.255.255.0 ip ospf network point-to-point ! interface Ethernet0/0 description VLAN 100 (OSPF Area 100) ip address 133.33.1.1 255.255.255.248 ! interface Serial0/0

425

description Serial Link to ISP2 S0 ip address 171.108.1.6 255.255.255.252 no ip mroute-cache no fair-queue clockrate 125000 ! interface Serial1/0 description Serial Link to R2 S1/0 bandwidth 125 ip address 133.33.7.1 255.255.255.252 ip ospf authentication message-digest ip ospf authentication-key ccnp clockrate 128000 ! interface Serial1/1 description Serial Link to R3 S2 bandwidth 125 ip address 133.33.7.5 255.255.255.252 ip ospf authentication message-digest ip ospf authentication-key ccnp ip ospf hello-interval 25 ! interface Serial1/2 shutdown ! interface Serial1/3 description Serial Link to ISP1 S0 bandwidth 125 ip address 171.108.1.2 255.255.255.252 ! router ospf 1 router-id 133.33.201.1 area 0 authentication message-digest area 100 range 133.33.16.0 255.255.248.0 network 133.33.1.1 0.0.0.0 area 100 network 133.33.7.1 0.0.0.0 area 0 network 133.33.7.5 0.0.0.0 area 0 network 133.33.16.0 0.0.7.255 area 100 network 133.33.201.1 0.0.0.0 area 0 ! router bgp 1 no synchronization redistribute connected redistribute ospf 1 neighbor ibgpnetwork peer-group neighbor ibgpnetwork remote-as 1 neighbor ibgpnetwork update-source Loopback0 neighbor ibgpnetwork next-hop-self neighbor 133.33.202.1 peer-group ibgpnetwork neighbor 133.33.203.1 peer-group ibgpnetwork neighbor 133.33.204.1 peer-group ibgpnetwork neighbor 133.33.205.1 peer-group ibgpnetwork neighbor 133.33.206.1 peer-group ibgpnetwork neighbor 171.108.1.1 remote-as 1024 neighbor 171.108.1.1 route-map setattributes in neighbor 171.108.1.1 weight 100 neighbor 171.108.1.5 remote-as 1024

426

neighbor 171.108.1.5 route-map setattributes in neighbor 171.108.1.5 weight 200 no auto-summary ! ip classless ip ospf name-lookup ! access-list 1 permit 1.0.0.0 access-list 1 permit 2.0.0.0 access-list 1 permit 3.0.0.0 access-list 1 permit 4.0.0.0 access-list 1 permit 5.0.0.0 access-list 1 permit 6.0.0.0 access-list 1 permit 7.0.0.0 access-list 1 permit 8.0.0.0 access-list 1 permit 9.0.0.0 access-list 2 permit any route-map setattributes permit 10 match ip address 1 set origin incomplete set as-path prepend 400 300 200 ! route-map setattributes permit 20 match ip address 2 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 9- 3 display s R2's full w or k ing configur at ion.

Ex a m ple 9 - 3 R2 ' s Fu ll W or k in g Con figu r a t ion hostname R2 ! enable password cisco ! ip subnet-zero no ip domain-lookup ip host R6 133.33.206.1 ip host R5 133.33.205.1 ip host R4 133.33.204.1 ip host R3 133.33.203.1 ip host R2 133.33.202.1 ip host R1 133.33.201.1 ! interface Loopback0 ip address 133.33.202.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback1 ip address 133.33.24.1 255.255.255.0 ip ospf network point-to-point !

427

interface Loopback2 ip address 133.33.26.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback3 ip address 133.33.25.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback4 ip address 133.33.27.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback5 ip address 133.33.28.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback6 ip address 133.33.29.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback7 ip address 133.33.30.1 255.255.255.0 ip ospf network point-to-point ! interface Loopback8 ip address 133.33.31.1 255.255.255.0 ip ospf network point-to-point ! interface Ethernet0/0 description VLAN 200 (OSPF Area 200) ip address 133.33.3.1 255.255.255.128 ip ospf cost 200 ! interface TokenRing0/0 no ip address shutdown ring-speed 16 ! interface Serial1/0 description Serial Link to R1 S1/0 bandwidth 125 ip address 133.33.7.2 255.255.255.252 ip ospf authentication message-digest ip ospf authentication-key ccnp no ip mroute-cache no fair-queue ! interface Serial1/1 description Serial Link to R3 S0 bandwidth 125 ip address 133.33.7.9 255.255.255.252 ! interface Serial1/2 no ip address shutdown ! interface Serial1/3

428

no ip address shutdown ! router ospf 1 router-id 133.33.202.1 area 0 authentication message-digest area 200 stub area 200 range 133.33.24.0 255.255.248.0 network 133.33.3.1 0.0.0.0 area 200 network 133.33.7.2 0.0.0.0 area 0 network 133.33.7.9 0.0.0.0 area 0 network 133.33.24.0 0.0.7.255 area 200 network 133.33.202.1 0.0.0.0 area 0 ! router bgp 1 no synchronization neighbor 133.33.201.1 remote-as 1 neighbor 133.33.201.1 update-source Loopback0 ! ip classless ip ospf name-lookup ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 9- 4 display s R3's full w or k ing configur at ion.

Ex a m ple 9 - 4 R3 ' s Fu ll W or k in g Con figu r a t ion hostname R3 ! enable password cisco ip subnet-zero no ip domain-lookup ip host r1 133.33.201.1 ip host r2 133.33.202.1 ip host R3 133.33.203.1 ip host r4 133.33.204.1 ip host R5 133.33.205.1 ip host R6 133.33.206.1 ! interface Loopback0 ip address 133.33.203.1 255.255.255.0 ip ospf network point-to-point ! interface Ethernet0 description VLAN 300 (OSPF Areas 300) ip address 133.33.4.1 255.255.255.128 no ip directed-broadcast ip ospf priority 255 ip policy route-map sendtraffic media-type 10BaseT !

429

interface Ethernet1 no ip address no ip directed-broadcast shutdown ! interface Serial0 description Serial Link to R2 S1/1 bandwidth 125 ip address 133.33.7.10 255.255.255.252 no ip directed-broadcast ip ospf authentication-key ccnp fair-queue 64 256 0 clockrate 125000 ! interface Serial1 description Serial Link to R4 S1 bandwidth 125 ip address 133.33.7.13 255.255.255.252 no ip directed-broadcast fair-queue 64 256 0 clockrate 2000000 ! interface Serial2 description Serial Link to R1 S1/1 ip address 133.33.7.6 255.255.255.252 ip ospf authentication-key ccnp ip ospf hello-interval 25 clockrate 125000 ! interface Serial3 shutdown ! router ospf 1 router-id 133.33.203.1 area 0 authentication message-digest network 133.33.4.1 0.0.0.0 area 300 network 133.33.7.6 0.0.0.0 area 0 network 133.33.7.10 0.0.0.0 area 0 network 133.33.7.13 0.0.0.0 area 350 network 133.33.203.1 0.0.0.0 area 0 ! router bgp 1 no synchronization neighbor 133.33.201.1 remote-as 1 neighbor 133.33.201.1 update-source Loopback0 ! ip local policy route-map sendtraffic ip ospf name-lookup ! access-list 1 permit 0.0.0.0 access-list 100 permit icmp any any access-list 101 permit ip any any route-map sendtraffic permit 10 match ip address 1 set interface Serial2 ! route-map sendtraffic permit 20

430

match ip address 100 set interface Serial0 ! route-map sendtraffic permit 30 match ip address 101 set interface Serial2 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 9- 5 display s R4's full w or k ing configur at ion.

Ex a m ple 9 - 5 R4 ' s Fu ll W or k in g Con figu r a t ion hostname R4 ! enable password cisco ip subnet-zero no ip domain-lookup ip host R6 133.33.206.1 ip host R5 133.33.205.1 ip host r4 133.33.204.1 ip host r3 133.33.203.1 ip host R2 133.33.202.1 ip host R1 133.33.201.1 ! cns event-service server ! interface Loopback0 ip address 133.33.204.1 255.255.255.0 ip ospf network point-to-point ! interface Ethernet0 description VLAN 400 (OSPF Area 400) ip address 133.33.5.1 255.255.255.224 ! interface Serial0 no ip address shutdown ! interface Serial1 description Serial Link to R3 S1 ip address 133.33.7.14 255.255.255.252 ! interface Serial2 description Serial Link to R5 S0 ip address 133.33.10.2 255.255.255.0 ! interface Serial3 description Serial Link to R6 S1 ip address 133.33.11.2 255.255.255.0 clockrate 125000 !

431

router eigrp 1 redistribute ospf 1 metric 128 20000 255 1 1500 route-map allowospf passive-interface Ethernet0 passive-interface Loopback0 passive-interface Serial1 passive-interface Serial2 network 133.33.0.0 distribute-list 3 out ! router ospf 1 router-id 133.33.204.1 redistribute connected subnets route-map connectedroutes redistribute eigrp 1 metric 100 subnets route-map eigrpnets redistribute igrp 1 metric 100 subnets route-map igrpnets network 133.33.5.1 0.0.0.0 area 350 network 133.33.7.14 0.0.0.0 area 350 network 133.33.204.1 0.0.0.0 area 350 ! router igrp 1 redistribute static metric 128 20000 255 1 1500 redistribute ospf 1 metric 128 20000 255 1 1500 passive-interface Ethernet0 passive-interface Loopback0 passive-interface Serial1 passive-interface Serial3 network 133.33.0.0 distribute-list 1 out ! router bgp 1 no synchronization neighbor 133.33.201.1 remote-as 1 neighbor 133.33.201.1 update-source Loopback0 ! ip classless ip route 133.33.1.0 255.255.255.0 Null0 ip route 133.33.3.0 255.255.255.0 Null0 ip route 133.33.4.0 255.255.255.0 Null0 ip route 133.33.5.0 255.255.255.0 Null0 ip route 133.33.7.0 255.255.255.0 Null0 no ip http server ip ospf name-lookup ! access-list 1 deny 133.33.205.0 access-list 1 deny 133.33.8.0 access-list 1 deny 133.33.9.0 access-list 1 permit any access-list 2 permit 133.33.205.0 access-list 2 permit 133.33.8.0 access-list 2 permit 133.33.9.0 access-list 2 permit 133.33.10.0 access-list 3 deny 133.33.206.0 access-list 3 deny 133.33.6.0 access-list 3 deny 133.33.11.0 access-list 3 permit any access-list 4 permit 133.33.206.0 access-list 4 permit 133.33.6.0 access-list 5 deny 133.33.206.0

432

access-list 5 deny 133.33.6.0 access-list 5 permit any access-list 6 permit 133.33.204.0 access-list 6 permit 133.33.5.0 access-list 6 permit 133.33.10.0 access-list 6 permit 133.33.7.12 access-list 6 permit 133.33.11.0 route-map igrpnets permit 10 match ip address 2 ! route-map eigrpnets permit 10 match ip address 4 set metric 1000 ! route-map allowospf permit 10 match ip address 5 ! route-map connectedroutes permit 10 match ip address 6 ! line con 0 transport input none line aux 0 line vty 0 4 no login ! end Ex am ple 9- 6 display s R5's full w or k ing configur at ion.

Ex a m ple 9 - 6 R5 ' s Fu ll W or k in g Con figu r a t ion hostname R5 ! enable password cisco ! ip subnet-zero no ip domain-lookup ip host R6 133.33.206.1 ip host R5 133.33.205.1 ip host R4 133.33.204.1 ip host R3 133.33.203.1 ip host R2 133.33.202.1 ip host R1 133.33.201.1 ! interface Loopback0 ip address 133.33.205.1 255.255.255.0 ! interface Ethernet0 description VLAN 500 (EIGRP AS 1) ip address 133.33.8.1 255.255.255.0 ! interface Ethernet1 description VLAN 550 (EIGRP AS 1) ip address 133.33.9.1 255.255.255.0 !

433

interface Serial0 description Serial Link to R4 S2 ip address 133.33.10.1 255.255.255.0 clockrate 125000 ! interface Serial1 shutdown ! router igrp 1 network 133.33.0.0 ! router bgp 1 no synchronization neighbor 133.33.201.1 remote-as 1 neighbor 133.33.201.1 update-source Loopback0 ! ip classless ip route 133.33.16.0 255.255.240.0 Serial0 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 9- 7 display s R6's full w or k ing configur at ion.

Ex a m ple 9 - 7 R6 ' s Fu ll W or k in g Con figu r a t ion hostname R6 ! enable password cisco ! ip subnet-zero no ip domain-lookup ip host R6 133.33.206.1 ip host R5 133.33.205.1 ip host R4 133.33.204.1 ip host R3 133.33.203.1 ip host R2 133.33.202.1 ip host R1 133.33.201.1 ! interface Loopback0 ip address 133.33.206.1 255.255.255.0 ! interface Ethernet0 description VLAN 600 (EIGRP AS 2) ip address 133.33.6.1 255.255.255.0 ! interface Serial0 shutdown ! interface Serial1 description Serial Link to R4 S3 ip address 133.33.11.1 255.255.255.0 !

434

router eigrp 1 redistribute eigrp 2 route-map allowout passive-interface Ethernet0 passive-interface Loopback0 passive-interface Serial0 network 133.33.0.0 distance eigrp 90 90 ! router eigrp 2 passive-interface Serial1 network 133.33.0.0 ! router bgp 1 no synchronization neighbor 133.33.201.1 remote-as 1 neighbor 133.33.201.1 update-source Loopback0 ! ip classless ! access-list 2 permit 133.33.206.0 access-list 2 permit 133.33.6.0 route-map allowout permit 10 match ip address 1 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 9- 8 display s I SP1's full w or k ing configur at ion.

Ex a m ple 9 - 8 I SP1 ' s Fu ll W or k in g Con figu r a t ion hostname ISP1 ! enable password cisco ! ip subnet-zero no ip domain-lookup ! interface Ethernet0 description ISP LAN connection to ISP2 ip address 141.108.1.1 255.255.255.0 ! interface Serial0 description Serial Link to R1 S1/2 ip address 171.108.1.1 255.255.255.252 clockrate 125000 ! interface Serial1 shutdown ! router bgp 1024 redistribute static neighbor 141.108.1.2 remote-as 1024

435

neighbor 171.108.1.2 remote-as 1 neighbor 171.108.1.2 default-originate no auto-summary ! ip classless ip route 0.0.0.0 0.0.0.0 Null0 ip route 1.0.0.0 255.0.0.0 Null0 ip route 2.0.0.0 255.0.0.0 Null0 ip route 3.0.0.0 255.0.0.0 Null0 ip route 4.0.0.0 255.0.0.0 Null0 ip route 5.0.0.0 255.0.0.0 Null0 ip route 6.0.0.0 255.0.0.0 Null0 ip route 7.0.0.0 255.0.0.0 Null0 ip route 8.0.0.0 255.0.0.0 Null0 ip route 10.0.0.0 255.0.0.0 Null0 ip route 11.0.0.0 255.0.0.0 Null0 ip route 100.0.0.0 255.0.0.0 Null0 ip route 101.0.0.0 255.0.0.0 Null0 ip route 102.0.0.0 255.0.0.0 Null0 ip route 141.100.0.0 255.255.0.0 Null0 ip route 141.108.0.0 255.255.0.0 Null0 ip route 142.100.0.0 255.255.0.0 Null0 ip route 143.100.0.0 255.255.0.0 Null0 ip route 144.100.0.0 255.255.0.0 Null0 ip route 145.100.0.0 255.255.0.0 Null0 ip route 146.100.0.0 255.255.0.0 Null0 ip route 147.100.0.0 255.255.0.0 Null0 ip route 148.100.0.0 255.255.0.0 Null0 ip route 149.100.0.0 255.255.0.0 Null0 ! line con 0 line aux 0 line vty 0 4 ! end Ex am ple 9- 9 display s I SP2's full w or k ing configur at ion.

Ex a m ple 9 - 9 I SP2 's Fu ll W or k in g Con figu r a t ion hostname ISP2 ! enable password cisco ! ip subnet-zero no ip finger no ip domain-lookup ! interface Ethernet0 description ISP LAN connection to ISP1 ip address 141.108.1.2 255.255.255.252 ! interface Serial0 description Serial Link to R1 S1/3 ip address 171.108.1.5 255.255.255.252 !

436

interface Serial1 shutdown ! interface Serial2 shutdown ! interface Serial3 shutdown ! router bgp 1024 bgp log-neighbor-changes redistribute static neighbor 141.108.1.1 remote-as 1024 neighbor 171.108.1.6 remote-as 1 neighbor 171.108.1.6 default-originate ! ip classless ip route 0.0.0.0 0.0.0.0 Null0 ip route 1.0.0.0 255.0.0.0 Null0 ip route 2.0.0.0 255.0.0.0 Null0 ip route 3.0.0.0 255.0.0.0 Null0 ip route 4.0.0.0 255.0.0.0 Null0 ip route 5.0.0.0 255.0.0.0 Null0 ip route 6.0.0.0 255.0.0.0 Null0 ip route 7.0.0.0 255.0.0.0 Null0 ip route 8.0.0.0 255.0.0.0 Null0 ip route 10.0.0.0 255.0.0.0 Null0 ip route 11.0.0.0 255.0.0.0 Null0 ip route 100.0.0.0 255.0.0.0 Null0 ip route 101.0.0.0 255.0.0.0 Null0 ip route 102.0.0.0 255.0.0.0 Null0 ip route 141.100.0.0 255.255.0.0 Null0 ip route 141.108.0.0 255.255.0.0 Null0 ip route 142.100.0.0 255.255.0.0 Null0 ip route 143.100.0.0 255.255.0.0 Null0 ip route 144.100.0.0 255.255.0.0 Null0 ip route 145.100.0.0 255.255.0.0 Null0 ip route 146.100.0.0 255.255.0.0 Null0 ip route 147.100.0.0 255.255.0.0 Null0 ip route 148.100.0.0 255.255.0.0 Null0 ip route 149.100.0.0 255.255.0.0 Null0 ! line con 0 line aux 0 line vty 0 4 end Ex am ple 9- 10 display s t he full w or k ing configur at ion of t he Cat aly st 6509 sw it ch. ( The follow ing configur at ion is also t r uncat ed; t he # s ar e com m ent lines in Cat aly st 6500 ser ies soft w ar e placed by Cat aly st I OS) .

Ex a m ple 9 - 1 0 Fu ll W or k in g Con f igu r a t ion of Ca t a ly st s Sw it ch 6 5 0 9 #vtp set vtp domain ccnp

437

set vlan 1 name default type ethernet mtu 1500 said 100001 state active set vlan 100 name VLAN_100_R1E0/0 type ethernet mtu 1500 said 100100 state active set vlan 200 name VLAN_200_R2E0/0 type ethernet mtu 1500 said 100200 state active set vlan 300 name VLAN_300_R3E0 type ethernet mtu 1500 said 100300 state active set vlan 400 name VLAN_400_R4E0 type ethernet mtu 1500 said 100400 state active set vlan 500 name VLAN_500_R5E0 type ethernet mtu 1500 said 100500 state active set vlan 550 name VLAN_550_R5E1 type ethernet mtu 1500 said 100550 state active set vlan 600 name VLAN_600_R6E0 type ethernet mtu 1500 said 100600 state active set vlan 700 name VLAN_700_ISP_BACKBONE_ETHERNET type ethernet mtu 1500 said 100700 state active set vlan 1002 name fddi-default type fddi mtu 1500 said 101002 state active set vlan 1004 name fddinet-default type fddinet mtu 1500 said 101004 state active stp ieee set vlan 1005 name trnet-default type trbrf mtu 1500 said 101005 state active stp ibm set vlan 1003 name token-ring-default type trcrf mtu 1500 said 101003 state active mode srb aremaxhop 7 stemaxhop 7 backupcrf off ! #ip set interface sc0 100 133.33.1.2/255.255.255.248 133.33.1.7 set ip route 0.0.0.0/0.0.0.0 133.33.1.1 ! #set boot command set boot config-register 0x102 set boot system flash bootflash:cat6000-sup.5-5-4.bin ! #mls set mls enable ipx ! # default port status is enable ! #module 1 : 2-port 1000BaseX Supervisor ! #module 2 empty ! #module 3 : 48-port 10/100BaseTX Ethernet set vlan 100 3/1 set vlan 200 3/2 set vlan 700 3/11,3/15 set port name 3/1 R1 E0/0 set port name 3/2 R2 E0/0 set port name 3/3 R3 E0 set port name 3/5 R4 E0

438

set port name 3/7 R5 E0 set port name 3/8 R5 E1 set port name 3/9 R6 E0 set port name 3/11 ISP2 E0 set port name 3/15 ISP1 E0 set spantree portfast 3/1-48 enable #module 4 empty #module 5 empty #module 6 empty #module 7 empty #module 8 empty #module 9 : 8-port 1000BaseX Ethernet #module 15 : 1-port Multilayer Switch Feature Card #module 16 empty end Cat6509> (enable) New cat aly st soft w ar e display s only nondefault configur at ions, as display ed in Ex am ple 9- 10.

Sam ple show , ping, and t elnet Com m ands The follow ing display s ar e pr esent ed her e t o dem onst r at e I P connect iv it y am ong all six r out er s. The fir st com m and used, sh ow ip r ou t e , is t he m ost widely used com m and on Cisco I OS r out er s. Som e ping and t elnet r equest s fr om each r out er ar e also show n. Finally, BGP t ables ar e pr esent ed t o display BGP at t r ibut es and next hop pat h t aken from each rout er. Any net w or k designer m ust use com m on v er ificat ion t ools t o ensur e t hat I P connect iv it y is achiev ed. Cisco I OS cont ains bugs and cav eat s, so ev en cor r ect configur at ions do not alw ay s guar ant ee connect iv it y . You should fam iliar ize y our self t hor oughly w it h t he com m on show , d e b u g , pin g, and t e ln e t com m ands. This sect ion st ar t s by looking at t he I GP net w or k nam ely, OSPF, EI GRP, and I GRP. Ex am ple 9- 11 displays t he I P ( OSPF) rout ing t able on R1.

Ex a m ple 9 - 1 1 sh ow ip r ou t e ospf on R1 R1#show ip route ospf 133.33.0.0/16 is variably subnetted, 28 subnets, 6 masks O IA 133.33.204.0/24 [110/1601] via 133.33.7.6, 00:03:34, Serial1/1 O E2 133.33.205.0/24 [110/100] via 133.33.7.6, 00:03:34, Serial1/1 O E2 133.33.206.0/24 [110/1000] via 133.33.7.6, 00:03:34, Serial1/1 O 133.33.202.0/24 [110/801] via 133.33.7.2, 00:13:17, Serial1/0 O 133.33.203.0/24 [110/801] via 133.33.7.6, 00:13:17, Serial1/1 O IA 133.33.4.0/25 [110/810] via 133.33.7.6, 00:03:34, Serial1/1 O IA 133.33.5.0/27 [110/1610] via 133.33.7.6, 00:03:34, Serial1/1 O E2 133.33.6.0/24 [110/1000] via 133.33.7.6, 00:03:35, Serial1/1 O IA 133.33.3.0/25 [110/1000] via 133.33.7.2, 00:03:35, Serial1/0 O 133.33.7.8/30 [110/1600] via 133.33.7.6, 00:13:18, Serial1/1 [110/1600] via 133.33.7.2, 00:13:18, Serial1/0 O E2 133.33.8.0/24 [110/100] via 133.33.7.6, 00:03:35, Serial1/1 O E2 133.33.9.0/24 [110/100] via 133.33.7.6, 00:03:35, Serial1/1

439

O O O O

E2 E2 IA IA

133.33.10.0/24 133.33.11.0/24 133.33.7.12/30 133.33.24.0/21

[110/20] via 133.33.7.6, 00:02:41, Serial1/1 [110/20] via 133.33.7.6, 00:02:42, Serial1/1 [110/1600] via 133.33.7.6, 00:03:36, Serial1/1 [110/801] via 133.33.7.2, 00:03:36, Serial1/0

R1 has an OSPF cost m et r ic t o net w or ks 133.33.3.0/ 24, 133.33.206.0/ 24, and 133.33.6.0/ 24 as 1000, as r equir ed. The OSPF adj acency on R1 is display ed in Ex am ple 9- 12.

Ex a m ple 9 - 1 2 sh ow ip ospf n e igh bor on R1 R1#show ip ospf neighbor Neighbor ID Interface R2 Serial1/0 R3 Serial1/1

Pri

State

1

FULL/

1

FULL/

Dead Time

Address

-

00:00:36

133.33.7.2

-

00:01:37

133.33.7.6

Because R1 is configur ed w it h t he I OS ip osp f n a m e - look u p com m and and t her e is a host ent ry for R2 and R3, t he rem ot e neighboring rout ers are list ed as R2 and R3 in Ex am ple 9- 12. Ex am ple 9- 13 display s a ping r equest t o all I P int er faces pr esent in Figur e 9- 1 's int er ior I P r out ing net w or k t o dem onst r at e I P connect ivit y. The loopbacks in Table 92 are used t o ping from R1.

Ex a m ple 9 - 1 3 Pingin g Loca l Loopba ck s on R1 R1#ping 133.33.201.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.201.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms R1#ping 133.33.202.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.202.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R1#ping 133.33.203.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.203.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/31/32 ms R1#ping 133.33.204.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.204.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms R1#ping 133.33.205.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.205.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36 ms R1#ping 133.33.206.1

440

Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.206.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms Ex am ple 9- 14 display s I P connect iv it y t o t he r em aining I P int er faces as descr ibed in Table 9- 1. ( Not e t he local int er faces on R1 ar e not displayed or pinged from R1.)

Ex a m ple 9 - 1 4 Pin gin g LAN / W AN I n t e r fa ce s fr om R1 R1#ping 133.33.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.3.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 R1#ping 133.33.7.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.7.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 R1#ping 133.33.7.9 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.7.9, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/20/28 R1#ping 133.33.4.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.4.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/32 R1#ping 133.33.7.10 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.7.10, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 R1#ping 133.33.7.13 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.7.13, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/32 R1#ping 133.33.7.6 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.7.6, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 R1#ping 133.33.7.14 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.7.14, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 R1#ping 133.33.10.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.10.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 R1#ping 133.33.10.1

ms

ms

ms

ms

ms

ms

ms

ms

ms

441

Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.10.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36 R1#ping 133.33.11.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.11.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/33 R1#ping 133.33.11.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.11.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 R1#ping 133.33.8.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.8.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/37/48 R1#ping 133.33.8.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.8.2, timeout is 2 seconds: !!!!! Success rate is 0 percent (5/5) R1#ping 133.33.9.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.9.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36 R1#ping 133.33.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.10.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/33 R1#ping 133.33.10.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.10.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 R1#ping 171.108.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 171.108.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 R1#ping 171.108.1.5 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 171.108.1.5, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 R1#

ms

ms

ms

ms

ms

ms

ms

ms

ms

Ex am ple 9- 15 display s out put w hen t he sh ow ip ospf in t e r fa ce com m and is ent ered on R1.

Ex a m ple 9 - 1 5 sh ow ip ospf in t e r fa ce on R1

442

R1#show ip ospf interface Ethernet0/0 is up, line protocol is up Internet Address 133.33.1.1/29, Area 100 Process ID 1, Router ID 133.33.201.1, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) r1, Interface address 133.33.1.1 No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:05 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Serial1/0 is up, line protocol is up Internet Address 133.33.7.1/30, Area 0 Process ID 1, Router ID 133.33.201.1, Network Type POINT_TO_POINT, Cost: 800 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:04 Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor r2 Suppress hello for 0 neighbor(s) Message digest authentication enabled No key configured, using default key id 0 Serial1/1 is up, line protocol is up Internet Address 133.33.7.5/30, Area 0 Process ID 1, Router ID 133.33.201.1, Network Type POINT_TO_POINT, Cost: 800 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 25, Dead 100, Wait 100, Retransmit 5 Hello due in 00:00:18 Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor r3 Suppress hello for 0 neighbor(s) Message digest authentication enabled No key configured, using default key id 0 Loopback0 is up, line protocol is up Internet Address 133.33.201.1/24, Area 0 Process ID 1, Router ID 133.33.201.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Message digest authentication enabled No key configured, using default key id 0 Loopback1 is up, line protocol is up Internet Address 133.33.16.1/24, Area 100 Process ID 1, Router ID 133.33.201.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s)

443

Loopback2 is up, line protocol is up Internet Address 133.33.18.1/24, Area 100 Process ID 1, Router ID 133.33.201.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback3 is up, line protocol is up Internet Address 133.33.17.1/24, Area 100 Process ID 1, Router ID 133.33.201.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback4 is up, line protocol is up Internet Address 133.33.19.1/24, Area 100 Process ID 1, Router ID 133.33.201.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback5 is up, line protocol is up Internet Address 133.33.20.1/24, Area 100 Process ID 1, Router ID 133.33.201.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback6 is up, line protocol is up Internet Address 133.33.21.1/24, Area 100 Process ID 1, Router ID 133.33.201.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback7 is up, line protocol is up Internet Address 133.33.22.1/24, Area 100 Process ID 1, Router ID 133.33.201.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback8 is up, line protocol is up Internet Address 133.33.23.1/24, Area 100

5

5

5

5

5

5

444

Process ID 1, Router ID 133.33.201.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) R1# Ex am ple 9- 15 display s t he ar ea assignm ent s, t he OSPF neighbor st at es, and w het her aut hent icat ion is in use. You can v er ify OSPF ar ea assignm ent s and ot her det ails, such as Hello and dead int er vals, w it h t he sam e com m and ( sh ow ip o sp f in t e r fa ce ) . Ex am ple 9- 16 displays t he I P OSPF rout ing t able on R2.

Ex a m ple 9 - 1 6 sh ow ip r ou t e ospf on R2 R2#show ip route ospf 133.33.0.0/16 is variably subnetted, 37 subnets, 6 masks O IA 133.33.204.0/24 [110/1601] via 133.33.7.10, 00:06:21, Serial1/1 O E2 133.33.205.0/24 [110/100] via 133.33.7.10, 00:06:21, Serial1/1 O E2 133.33.206.0/24 [110/1000] via 133.33.7.10, 00:06:21, Serial1/1 O 133.33.201.0/24 [110/801] via 133.33.7.1, 17:03:37, Serial1/0 O 133.33.203.0/24 [110/801] via 133.33.7.10, 17:03:37, Serial1/1 O IA 133.33.4.0/25 [110/810] via 133.33.7.10, 00:06:21, Serial1/1 O IA 133.33.5.0/27 [110/1610] via 133.33.7.10, 00:06:22, Serial1/1 O E2 133.33.6.0/24 [110/1000] via 133.33.7.10, 00:06:22, Serial1/1 O IA 133.33.1.0/29 [110/810] via 133.33.7.1, 00:06:22, Serial1/0 O 133.33.7.4/30 [110/864] via 133.33.7.10, 17:03:37, Serial1/1 O E2 133.33.8.0/24 [110/100] via 133.33.7.10, 00:06:22, Serial1/1 O E2 133.33.9.0/24 [110/100] via 133.33.7.10, 00:06:22, Serial1/1 O E2 133.33.10.0/24 [110/20] via 133.33.7.10, 00:05:29, Serial1/1 O E2 133.33.11.0/24 [110/20] via 133.33.7.10, 00:05:29, Serial1/1 O IA 133.33.7.12/30 [110/1600] via 133.33.7.10, 00:06:23, Serial1/1 O IA 133.33.16.0/21 [110/801] via 133.33.7.1, 00:06:23, Serial1/0 Ex am ple 9- 17 display s a successful ping r equest t o all six loopback s int er faces dem onst r at ing full I P connect ivit y am ong all six r out er s in Figur e 9- 1.

Ex a m ple 9 - 1 7 Pin g Re qu e st on R2 t o Re m ot e N e t w or k s R2#ping 133.33.201.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.201.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms R2#ping 133.33.202.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.202.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms R2#ping 133.33.203.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.203.1, timeout is 2 seconds: !!!!!

445

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R2#ping 133.33.204.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.204.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms R2#ping 133.33.205.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.205.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36 ms R2#ping 133.33.206.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.206.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms Ex am ple 9- 18 display s t he out put fr om t he I OS sh ow ip ospf in t e r fa ce com m and.

Ex a m ple 9 - 1 8 sh ow ip ospf in t e r fa ce on R2 R2#show ip ospf interfac Ethernet0/0 is up, line protocol is up Internet Address 133.33.3.1/25, Area 200 Process ID 1, Router ID 133.33.202.1, Network Type BROADCAST, Cost: 200 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 133.33.202.2, Interface address 133.33.3.1 No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:09 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Serial1/0 is up, line protocol is up Internet Address 133.33.7.2/30, Area 0 Process ID 1, Router ID 133.33.202.1, Network Type POINT_TO_POINT, Cost: 800 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:08 Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor r1 Suppress hello for 0 neighbor(s) Message digest authentication enabled No key configured, using default key id 0 Serial1/1 is up, line protocol is up Internet Address 133.33.7.9/30, Area 0 Process ID 1, Router ID 133.33.202.1, Network Type POINT_TO_POINT, Cost: 800 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:08 Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor r3 Suppress hello for 0 neighbor(s) Message digest authentication enabled

446

No key configured, using default key id 0 Loopback0 is up, line protocol is up Internet Address 133.33.202.1/24, Area 0 Process ID 1, Router ID 133.33.202.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Message digest authentication enabled No key configured, using default key id 0 Loopback1 is up, line protocol is up Internet Address 133.33.24.1/24, Area 200 Process ID 1, Router ID 133.33.202.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback2 is up, line protocol is up Internet Address 133.33.26.1/24, Area 200 Process ID 1, Router ID 133.33.202.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback3 is up, line protocol is up Internet Address 133.33.25.1/24, Area 200 Process ID 1, Router ID 133.33.202.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback4 is up, line protocol is up Internet Address 133.33.27.1/24, Area 200 Process ID 1, Router ID 133.33.202.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback5 is up, line protocol is up Internet Address 133.33.28.1/24, Area 200 Process ID 1, Router ID 133.33.202.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s)

5

5

5

5

5

5

447

Loopback6 is up, line protocol is up Internet Address 133.33.29.1/24, Area 200 Process ID 1, Router ID 133.33.202.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback7 is up, line protocol is up Internet Address 133.33.30.1/24, Area 200 Process ID 1, Router ID 133.33.202.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback8 is up, line protocol is up Internet Address 133.33.31.1/24, Area 200 Process ID 1, Router ID 133.33.202.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:00 Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) R2# Exam ple 9- 19 displays t he OSPF neighbors on R2.

Ex a m ple 9 - 1 9 sh ow ip ospf n e igh bor on R2 R2#show ip ospf neighbor Neighbor ID Pri State Interface R1 1 FULL/ Serial1/0 R3 1 FULL/ Serial1/1

Dead Time

Address

-

00:00:35

133.33.7.1

-

00:00:36

133.33.7.10

Ex am ple 9- 20 displays t he I P ( OSPF) rout ing t able on R3.

Ex a m ple 9 - 2 0 sh ow ip r ou t e ospf on R3 R3#show ip route ospf 133.33.0.0/16 is variably subnetted, 29 subnets, 6 masks O 133.33.204.0/24 [110/801] via 133.33.7.14, 00:07:08, Serial1 O E2 133.33.205.0/24 [110/100] via 133.33.7.14, 00:07:08, Serial1 O E2 133.33.206.0/24 [110/1000] via 133.33.7.14, 00:07:08, Serial1 O 133.33.201.0/24 [110/65] via 133.33.7.5, 17:04:09, Serial2 O 133.33.202.0/24 [110/801] via 133.33.7.9, 17:04:09, Serial0 O 133.33.5.0/27 [110/810] via 133.33.7.14, 00:07:08, Serial1 O E2 133.33.6.0/24 [110/1000] via 133.33.7.14, 00:07:08, Serial1 O 133.33.7.0/30 [110/864] via 133.33.7.5, 17:04:10, Serial2 O IA 133.33.1.0/29 [110/74] via 133.33.7.5, 00:07:08, Serial2

448

O O O O O O O

IA E2 E2 E2 E2 IA IA

133.33.3.0/25 [110/1000] via 133.33.7.9, 00:07:08, Serial0 133.33.8.0/24 [110/100] via 133.33.7.14, 00:07:08, Serial1 133.33.9.0/24 [110/100] via 133.33.7.14, 00:07:08, Serial1 133.33.10.0/24 [110/20] via 133.33.7.14, 00:06:10, Serial1 133.33.11.0/24 [110/20] via 133.33.7.14, 00:06:10, Serial1 133.33.16.0/21 [110/65] via 133.33.7.5, 00:07:09, Serial2 133.33.24.0/21 [110/801] via 133.33.7.9, 00:07:09, Serial0

Ex am ple 9- 21 display s a successful ping r equest t o all r out er s by using t he nam es configured on R3. ( Refer t o t he full configurat ion in Ex am ple 9- 4) .

Ex a m ple 9 - 2 1 Pin gin g All Loopba ck s Usin g N a m e s on R3 R3#ping r1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.201.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 20/22/24 ms R3#ping r2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.202.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R3#ping r3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.203.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms R3#ping r4 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.204.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms R3#ping r5 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.205.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/33/36 ms R3#ping r6 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.206.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36 ms R3# Ex am ple 9- 22 display s t he out put w hen t he sh ow ip ospf in t e r fa ce com m and is ent ered on R3.

Ex a m ple 9 - 2 2 sh ow ip ospf in t e r fa ce on R3 R3#show ip ospf interface Ethernet0 is up, line protocol is up Internet Address 133.33.4.1/25, Area 300 Process ID 1, Router ID 133.33.203.1, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State DR, Priority 255

449

Designated Router (ID) r3, Interface address 133.33.4.1 No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:04 Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 0, maximum is 0 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback0 is up, line protocol is up Internet Address 133.33.203.1/24, Area 0 Process ID 1, Router ID 133.33.203.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:00 Index 3/5, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 0, maximum is 0 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Message digest authentication enabled No key configured, using default key id 0 Serial0 is up, line protocol is up Internet Address 133.33.7.10/30, Area 0 Process ID 1, Router ID 133.33.203.1, Network Type POINT_TO_POINT, Cost: 800 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:02 Index 2/3, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 1, maximum is 9 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor r2 Suppress hello for 0 neighbor(s) Message digest authentication enabled No key configured, using default key id 0 Serial1 is up, line protocol is up Internet Address 133.33.7.13/30, Area 350 Process ID 1, Router ID 133.33.203.1, Network Type POINT_TO_POINT, Cost: 800 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit Hello due in 00:00:02 Index 1/4, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 1, maximum is 9 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor r4 Suppress hello for 0 neighbor(s) Serial2 is up, line protocol is up Internet Address 133.33.7.6/30, Area 0

5

5

5

5

450

Process ID 1, Router ID 133.33.203.1, Network Type POINT_TO_POINT, Cost: 64 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 25, Dead 100, Wait 100, Retransmit 5 Hello due in 00:00:01 Index 1/2, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 1, maximum is 9 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor r1 Suppress hello for 0 neighbor(s) Message digest authentication enabled No key configured, using default key id 0 R4 is configur ed for t hr ee int er ior r out ing pr ot ocols: OSPF, I GRP, and EI GRP. Ex am ple 9- 23 displays t he full I P r out ing t able on R4 including t he BGP r out es.

Ex a m ple 9 - 2 3 sh ow ip r ou t e on R4 R4#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 133.33.201.1 to network 0.0.0.0 B 102.0.0.0/8 [200/0] via 133.33.201.1, 01:12:20 B 1.0.0.0/8 [200/0] via 133.33.201.1, 01:12:20 171.108.0.0/30 is subnetted, 2 subnets B 171.108.1.4 [200/0] via 133.33.201.1, 01:12:04 B 171.108.1.0 [200/0] via 133.33.201.1, 01:12:04 B 2.0.0.0/8 [200/0] via 133.33.201.1, 01:12:20 B 100.0.0.0/8 [200/0] via 133.33.201.1, 01:12:20 B 3.0.0.0/8 [200/0] via 133.33.201.1, 01:12:20 B 101.0.0.0/8 [200/0] via 133.33.201.1, 01:12:20 B 4.0.0.0/8 [200/0] via 133.33.201.1, 01:12:20 B 5.0.0.0/8 [200/0] via 133.33.201.1, 01:12:20 B 141.100.0.0/16 [200/0] via 133.33.201.1, 01:12:20 B 141.108.0.0/16 [200/0] via 133.33.201.1, 01:12:20 B 6.0.0.0/8 [200/0] via 133.33.201.1, 01:12:20 B 142.100.0.0/16 [200/0] via 133.33.201.1, 01:12:20 B 7.0.0.0/8 [200/0] via 133.33.201.1, 01:12:20 B 143.100.0.0/16 [200/0] via 133.33.201.1, 01:12:20 B 145.100.0.0/16 [200/0] via 133.33.201.1, 01:12:20 B 8.0.0.0/8 [200/0] via 133.33.201.1, 01:12:20 B 144.100.0.0/16 [200/0] via 133.33.201.1, 01:12:21 B 147.100.0.0/16 [200/0] via 133.33.201.1, 01:12:21 B 10.0.0.0/8 [200/0] via 133.33.201.1, 01:12:21 B 146.100.0.0/16 [200/0] via 133.33.201.1, 01:12:21 B 11.0.0.0/8 [200/0] via 133.33.201.1, 01:12:21

451

B B C I D O IA O IA O IA O IA S S C D O IA S O IA S O IA O IA S O IA I I C C C B B B B O IA B B B B O IA B*

149.100.0.0/16 [200/0] via 133.33.201.1, 01:12:21 148.100.0.0/16 [200/0] via 133.33.201.1, 01:12:21 133.33.0.0/16 is variably subnetted, 34 subnets, 6 masks 133.33.204.0/24 is directly connected, Loopback0 133.33.205.0/24 [100/8976] via 133.33.10.1, 00:01:04, Serial2 133.33.206.0/24 [90/2297856] via 133.33.11.1, 02:53:58, Serial3 133.33.201.0/24 [110/129] via 133.33.7.13, 00:19:02, Serial1 133.33.202.0/24 [110/865] via 133.33.7.13, 00:19:02, Serial1 133.33.203.0/24 [110/65] via 133.33.7.13, 00:19:02, Serial1 133.33.4.0/25 [110/74] via 133.33.7.13, 00:19:02, Serial1 133.33.4.0/24 is directly connected, Null0 133.33.5.0/24 is directly connected, Null0 133.33.5.0/27 is directly connected, Ethernet0 133.33.6.0/24 [90/2195456] via 133.33.11.1, 02:53:59, Serial3 133.33.7.0/30 [110/928] via 133.33.7.13, 00:19:02, Serial1 133.33.7.0/24 is directly connected, Null0 133.33.1.0/29 [110/138] via 133.33.7.13, 00:19:02, Serial1 133.33.1.0/24 is directly connected, Null0 133.33.3.0/25 [110/1064] via 133.33.7.13, 00:19:02, Serial1 133.33.7.4/30 [110/128] via 133.33.7.13, 00:19:02, Serial1 133.33.3.0/24 is directly connected, Null0 133.33.7.8/30 [110/864] via 133.33.7.13, 00:19:03, Serial1 133.33.8.0/24 [100/8576] via 133.33.10.1, 00:01:05, Serial2 133.33.9.0/24 [100/8576] via 133.33.10.1, 00:01:05, Serial2 133.33.10.0/24 is directly connected, Serial2 133.33.7.12/30 is directly connected, Serial1 133.33.11.0/24 is directly connected, Serial3 133.33.20.0/24 [200/0] via 133.33.201.1, 01:12:07 133.33.21.0/24 [200/0] via 133.33.201.1, 01:12:07 133.33.22.0/24 [200/0] via 133.33.201.1, 01:12:07 133.33.23.0/24 [200/0] via 133.33.201.1, 01:12:07 133.33.16.0/21 [110/129] via 133.33.7.13, 00:19:03, Serial1 133.33.16.0/24 [200/0] via 133.33.201.1, 01:12:07 133.33.17.0/24 [200/0] via 133.33.201.1, 01:12:07 133.33.18.0/24 [200/0] via 133.33.201.1, 01:12:07 133.33.19.0/24 [200/0] via 133.33.201.1, 01:12:07 133.33.24.0/21 [110/865] via 133.33.7.13, 00:19:03, Serial1 0.0.0.0/0 [200/0] via 133.33.201.1, 01:12:23

R4's I P ro ut ing t able has ent r ies for OSPF, I GRP, and EI GRP. BGP is supplied a default r out e fr om R1, and hence, t he gat ew ay of last r esor t is set . Ex am ple 9- 24 display s t he out put from t he I OS sh ow ip ospf in t e r fa ce com m and.

Ex a m ple 9 - 2 4 sh ow ip ospf in t e r fa ce on R4 R4#show ip ospf interface Ethernet0 is up, line protocol is up Internet Address 133.33.5.1/27, Area 350 Process ID 1, Router ID 133.33.204.1, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) r4, Interface address 133.33.5.1 No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:03

452

Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 0, maximum is 0 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Loopback0 is up, line protocol is up Internet Address 133.33.204.1/24, Area 350 Process ID 1, Router ID 133.33.204.1, Network Type POINT_TO_POINT, Cost: 1 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:00 Index 3/3, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 0, maximum is 0 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Serial1 is up, line protocol is up Internet Address 133.33.7.14/30, Area 350 Process ID 1, Router ID 133.33.204.1, Network Type POINT_TO_POINT, Cost: 64 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:02 Index 2/2, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 1, maximum is 10 Last flood scan time is 0 msec, maximum is 4 msec Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor r3 Suppress hello for 0 neighbor(s) Ex am ple 9- 25 display s t he out put fr om t he I OS sh ow ip osp f n e ig h b or com m and on R4.

Exa m ple 9 - 2 5 sh ow ip ospf n e igh bor on R4 R4#show ip ospf neighbor Neighbor ID Pri State Interface r3 1 FULL/ Serial1

-

Dead Time

Address

00:00:33

133.33.7.13

Ex am ple 9- 26 display s t he out put fr om t he I OS sh ow ip e ig r p in t e r f a ce s com m and.

Ex a m ple 9 - 2 6 sh ow ip e igr p in t e r fa ce s on R4 R4#show ip eigrp interfaces IP-EIGRP interfaces for process 1 Xmit Queue Mean Pending Interface Peers Un/Reliable SRTT Routes

Pacing Time

Multicast

Un/Reliable

Flow Timer

453

Se3 0

1

0/0

33

0/15

115

Ex am ple 9- 27 display s t he out put fr om t he I OS sh ow ip e ig r p n e ig h b or s com m and on R4.

Ex a m ple 9 - 2 7 sh ow ip e igr p n e igh bor s on R4 R4#show ip eigrp neighbors IP-EIGRP neighbors for process 1 H Address Interface Seq Type Num 0 133.33.11.1

Se3

Hold Uptime

SRTT

(sec)

(ms)

12 02:58:28

33

RTO

Q Cnt

200

0

62

Ex am ple 9- 28 displays a ping r equest fr om R4 t o all I P addr esses in Table 9- 2 t o dem onst r at e I P connect iv it y .

Ex a m ple 9 - 2 8 Pin gin g Loopba ck s on R4 R4#ping 133.33.201.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.201.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms R4#ping 133.33.202.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.202.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms R4#ping 133.33.203.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.203.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms R4#ping 133.33.204.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.204.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms R4#ping 133.33.205.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.205.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms R4#ping 133.33.206.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.206.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms Ex am ple 9- 29 displays t he I GRP I P rout ing t able on R5.

Ex a m ple 9 - 2 9 I GRP I P Rou t in g Ta ble on R5

454

R5#show ip route igrp 133.33.0.0/16 is variably subnetted, 34 subnets, 7 masks I 133.33.204.0/24 [100/8976] via 133.33.10.2, 00:00:44, Serial0 I 133.33.206.0/24 [100/10976] via 133.33.10.2, 00:00:44, Serial0 I 133.33.201.0/24 [100/100125] via 133.33.10.2, 00:00:44, Serial0 I 133.33.202.0/24 [100/100125] via 133.33.10.2, 00:00:44, Serial0 I 133.33.203.0/24 [100/100125] via 133.33.10.2, 00:00:44, Serial0 I 133.33.4.0/24 [100/100125] via 133.33.10.2, 00:00:44, Serial0 I 133.33.5.0/24 [100/100125] via 133.33.10.2, 00:00:45, Serial0 I 133.33.6.0/24 [100/10576] via 133.33.10.2, 00:00:45, Serial0 I 133.33.7.0/24 [100/100125] via 133.33.10.2, 00:00:45, Serial0 I 133.33.1.0/24 [100/100125] via 133.33.10.2, 00:00:45, Serial0 I 133.33.3.0/24 [100/100125] via 133.33.10.2, 00:00:45, Serial0 I 133.33.11.0/24 [100/10476] via 133.33.10.2, 00:00:45, Serial0 R5 is r unning only I GRP, and because t he local int er faces ar e configur ed w it h t he Class B net w ork 133.33.0.0 w it h a Class C m ask, R4 has been configured t o send all net w or ks as / 24, as displayed in Ex am ple 9- 29. Ex am ple 9- 30 dem onst r at es full I P connect iv it y by pinging all t he loopback int er faces in Table 9- 2 and som e of t he non- Class C net w or ks, such as t he subnet s 133.33.7.0 and 133.3.1.0/ 29.

Ex a m ple 9 - 3 0 Pin gin g All Loopba ck s on R5 R5#ping 133.33.201.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.201.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36 ms R5#ping 133.33.202.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.202.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms R5#ping 133.33.203.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.203.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/32/36 ms R5#ping 133.33.204.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.204.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R5#ping 133.33.205.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.205.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms R5#ping 133.33.206.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.206.1, timeout is 2 seconds: !!!!!

455

Success rate is 100 percent (5/5), round-trip R5#ping 133.33.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.1.1, !!!!! Success rate is 100 percent (5/5), round-trip R5#ping 133.33.7.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.7.1, !!!!! Success rate is 100 percent (5/5), round-trip R5#ping 133.33.7.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.7.2, !!!!! Success rate is 100 percent (5/5), round-trip R5#ping 133.33.7.5 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.7.5, !!!!! Success rate is 100 percent (5/5), round-trip

min/avg/max = 32/32/32 ms

timeout is 2 seconds: min/avg/max = 32/32/32 ms

timeout is 2 seconds: min/avg/max = 32/33/36 ms

timeout is 2 seconds: min/avg/max = 40/40/40 ms

timeout is 2 seconds: min/avg/max = 32/32/36 ms

Ex am ple 9- 31 display s t he EI GRP rout ing I P t able on R6, w hich is running EI GRP in t wo dom ains: 1 and 2.

Ex a m ple 9 - 3 1 sh ow ip r ou t e e igr p on R6 R6#show ip route eigrp 133.33.0.0/16 is variably subnetted, 26 subnets, 6 masks D 133.33.204.0/24 [90/2297856] via 133.33.11.2, 00:02:34, Serial1 D EX 133.33.205.0/24 [90/2809856] via 133.33.11.2, 00:02:34, Serial1 D EX 133.33.201.0/24 [90/25632000] via 133.33.11.2, 00:00:35, Serial1 D EX 133.33.202.0/24 [90/25632000] via 133.33.11.2, 00:00:35, Serial1 D EX 133.33.203.0/24 [90/25632000] via 133.33.11.2, 00:00:35, Serial1 D EX 133.33.4.0/25 [90/25632000] via 133.33.11.2, 00:00:35, Serial1 D 133.33.4.0/24 [90/2169856] via 133.33.11.2, 00:02:35, Serial1 D 133.33.5.0/27 [90/2195456] via 133.33.11.2, 00:02:35, Serial1 D 133.33.5.0/24 [90/2169856] via 133.33.11.2, 00:02:35, Serial1 D EX 133.33.7.0/30 [90/25632000] via 133.33.11.2, 00:00:35, Serial1 D 133.33.7.0/24 [90/2169856] via 133.33.11.2, 00:02:35, Serial1 D EX 133.33.1.0/29 [90/25632000] via 133.33.11.2, 00:00:35, Serial1 D 133.33.1.0/24 [90/2169856] via 133.33.11.2, 00:02:35, Serial1 D EX 133.33.7.4/30 [90/25632000] via 133.33.11.2, 00:00:35, Serial1 D EX 133.33.3.0/25 [90/25632000] via 133.33.11.2, 00:00:36, Serial1 D 133.33.3.0/24 [90/2169856] via 133.33.11.2, 00:02:35, Serial1 D EX 133.33.7.8/30 [90/25632000] via 133.33.11.2, 00:00:36, Serial1 D EX 133.33.8.0/24 [90/2707456] via 133.33.11.2, 00:02:35, Serial1 D EX 133.33.9.0/24 [90/2707456] via 133.33.11.2, 00:02:35, Serial1 D 133.33.10.0/24 [90/2681856] via 133.33.11.2, 00:02:35, Serial1 D 133.33.7.12/30 [90/2681856] via 133.33.11.2, 00:02:35, Serial1 D EX 133.33.16.0/21 [90/25632000] via 133.33.11.2, 00:00:36, Serial1 D EX 133.33.24.0/21 [90/25632000] via 133.33.11.2, 00:00:37, Serial1

456

Ex am ple 9- 32 displays t he int er faces configur ed in EI GRP 1 and 2.

Ex a m ple 9 - 3 2 sh ow ip e igr p in t e r fa ce s on R6 R6#show ip eigrp interfaces IP-EIGRP interfaces for process 1 Xmit Queue Mean Pending Interface Peers Un/Reliable SRTT Routes Se1 1 0/0 818 0 IP-EIGRP interfaces for process 2 Xmit Queue Mean Pending Interface Peers Un/Reliable SRTT Routes Et0 0 0/0 0 0 Lo0 0 0/0 0 0

Pacing Time

Multicast

Un/Reliable

Flow Timer

0/15

6287

Pacing Time

Multicast

Un/Reliable

Flow Timer

0/10

0

0/10

0

Ex am ple 9- 33 displays t he EI GRP neighbor s on R6.

Ex a m ple 9 - 3 3 EI GRP N e igh bor s on R6 R6#show ip eigrp neighbors IP-EIGRP neighbors for process 1 H Address Interface Seq Num 0 133.33.11.2 Se1 IP-EIGRP neighbors for process 2

Hold Uptime

SRTT

(sec)

(ms)

10 03:06:26

818

RTO

Q Cnt

4908

0

8

Not e t hat only one neighbor is point ing t o R4. No EI GRP rout ers exist in dom ain 2. Ex am ple 9- 34 display s a successful ping r equest t o all loopback int er faces in Figure 9- 1.

Ex a m ple 9 - 3 4 Pin gin g Loopba ck s on R6 R6#ping 133.33.201.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.201.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36 ms R6#ping 133.33.202.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.202.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/36 ms R6#ping 133.33.203.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.203.1, timeout is 2 seconds: !!!!!

457

Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms R6#ping 133.33.204.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.204.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms R6#ping 133.33.205.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.205.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms R6#ping 133.33.206.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 133.33.206.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms R6# Telnet fr om t he classful dom ain on R5 and ensur e t hat y ou can t elnet t o all fiv e r em ot e r out er s. Ex am ple 9- 35 displays an execut ive user t elnet ing fr om R5 t o all r em ot e r out er s using t he loopback int er faces in Table 9- 2.

Ex a m ple 9 - 3 5 Te ln e t in t o R1 , R2 , R3 , R4 , a n d R6 fr om R5 . R5>telnet 133.33.204.1 Trying 133.33.204.1 ... Open R4>quit [Connection to 133.33.204.1 closed R5>telnet 133.33.206.1 Trying 133.33.206.1 ... Open R6>quit [Connection to 133.33.206.1 closed R5>telnet 133.33.201.1 Trying 133.33.201.1 ... Open R1>quit [Connection to 133.33.201.1 closed R5>telnet 133.33.202.1 Trying 133.33.202.1 ... Open R2>quit [Connection to 133.33.202.1 closed R5>telnet 133.33.203.1 Trying 133.33.203.1 ... Open R3>quit [Connection to 133.33.203.1 closed R5>telnet 133.33.204.1 Trying 133.33.204.1 ... Open R4>quit [Connection to 133.33.204.1 closed R5>telnet 133.33.206.1 Trying 133.33.206.1 ... Open R6>quit [Connection to 133.33.206.1 closed R5>

by foreign host]

by foreign host]

by foreign host]

by foreign host]

by foreign host]

by foreign host]

by foreign host]

Telnet is an applicat ion lay er pr ot ocol, so if y ou can t elnet fr om t he r out er , user s on connect ed int er faces r out ed t hr oughout t his net w or k also hav e full I P connect iv it y .

458

View t he BGP t ables on R1 and R2. Because I BGP is running am ong R1 ( rout e reflect or) and rout e reflect or client , Rout ers R2 – R6, t he BGP t ables on R3– R6 are exact ly t he sam e as R2. Ther efor e, only R2's BGP t able is pr esent ed her e for your r efer ence. Ex am ple 9- 36 displays t he BGP t able on R1.

Ex a m ple 9 - 3 6 sh ow ip bgp on R1 R1#show ip bgp BGP table version is 77, local router ID is 133.33.201.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 0.0.0.0 171.108.1.5 200 1024 i * 171.108.1.1 100 1024 i *> 1.0.0.0 171.108.1.5 0 200 400 300 200 1024 ? * 171.108.1.1 0 100 400 300 200 1024 ? *> 2.0.0.0 171.108.1.5 0 200 400 300 200 1024 ? * 171.108.1.1 0 100 400 300 200 1024 ? *> 3.0.0.0 171.108.1.5 0 200 400 300 200 1024 ? * 171.108.1.1 0 100 400 300 200 1024 ? *> 4.0.0.0 171.108.1.5 0 200 400 300 200 1024 ? * 171.108.1.1 0 100 400 300 200 1024 ? *> 5.0.0.0 171.108.1.5 0 200 400 300 200 1024 ? * 171.108.1.1 0 100 400 300 200 1024 ? *> 6.0.0.0 171.108.1.5 0 200 400 300 200 1024 ? * 171.108.1.1 0 100 400 300 200 1024 ? *> 7.0.0.0 171.108.1.5 0 200 400 300 200 1024 ? * 171.108.1.1 0 100 400 300 200 1024 ? *> 8.0.0.0 171.108.1.5 0 200 400 300 200 1024 ? * 171.108.1.1 0 100 400 300 200 1024 ? Network Next Hop Metric LocPrf Weight Path *> 10.0.0.0 171.108.1.5 0 200 1024 ? * 171.108.1.1 0 100 1024 ? *> 11.0.0.0 171.108.1.5 0 200 1024 ? * 171.108.1.1 0 100 1024 ? *> 100.0.0.0 171.108.1.5 0 200 1024 ? * 171.108.1.1 0 100 1024 ?

459

*> * *> * *> *> *> *> *> *> *> *> *> *> *> *> *> *> *> *> *> *> *> *> *> *> * *> * *> * *> * *> * *> * *> * *> * *> * *> * *> *>

101.0.0.0 102.0.0.0 133.33.1.0/29 133.33.3.0/25 133.33.4.0/25 133.33.5.0/27 133.33.7.0/30 133.33.7.4/30 133.33.7.8/30 133.33.7.12/30 133.33.16.0/24 133.33.17.0/24 133.33.18.0/24 133.33.19.0/24 Network 133.33.20.0/24 133.33.21.0/24 133.33.22.0/24 133.33.23.0/24 133.33.24.0/21 133.33.201.0/24 133.33.202.0/24 133.33.203.0/24 133.33.204.0/24 141.100.0.0 141.108.0.0 142.100.0.0 143.100.0.0 144.100.0.0 145.100.0.0 146.100.0.0 Network 147.100.0.0 148.100.0.0 149.100.0.0 171.108.1.0/30 171.108.1.4/30

171.108.1.5 171.108.1.1 171.108.1.5 171.108.1.1 0.0.0.0 133.33.7.2 133.33.7.6 133.33.7.6 0.0.0.0 0.0.0.0 133.33.7.2 133.33.7.6 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 Next Hop 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 133.33.7.2 0.0.0.0 133.33.7.2 133.33.7.6 133.33.7.6 171.108.1.5 171.108.1.1 171.108.1.5 171.108.1.1 171.108.1.5 171.108.1.1 171.108.1.5 171.108.1.1 171.108.1.5 171.108.1.1 171.108.1.5 171.108.1.1 171.108.1.5 Next Hop 171.108.1.1 171.108.1.5 171.108.1.1 171.108.1.5 171.108.1.1 171.108.1.5 171.108.1.1 0.0.0.0 0.0.0.0

0 200 1024 ? 0 100 1024 ? 0 200 1024 ? 0 100 1024 ? 0 32768 ? 1000 32768 ? 810 32768 ? 1610 32768 ? 0 32768 ? 0 32768 ? 1600 32768 ? 1600 32768 ? 0 32768 ? 0 32768 ? 0 32768 ? 0 32768 ? Metric LocPrf Weight Path 0 32768 ? 0 32768 ? 0 32768 ? 0 32768 ? 801 32768 ? 0 32768 ? 801 32768 ? 801 32768 ? 1601 32768 ? 0 200 1024 ? 0 100 1024 ? 0 200 1024 ? 0 100 1024 ? 0 200 1024 ? 0 100 1024 ? 0 200 1024 ? 0 100 1024 ? 0 200 1024 ? 0 100 1024 ? 0 200 1024 ? 0 100 1024 ? 0 200 1024 ? Metric LocPrf Weight Path 0 100 1024 ? 0 200 1024 ? 0 100 1024 ? 0 200 1024 ? 0 100 1024 ? 0 200 1024 ? 0 100 1024 ? 0 32768 ? 0 32768 ?

Ex am ple 9- 37 displays t he BGP t able on R2.

Ex a m ple 9 - 3 7 sh ow ip bgp on R2 R2#show ip bgp BGP table version is 370, local router ID is 133.33.202.1

460

Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *>i0.0.0.0 *>i1.0.0.0 200 1024 ? *>i2.0.0.0 200 1024 ? *>i3.0.0.0 200 1024 ? *>i4.0.0.0 200 1024 ? *>i5.0.0.0 200 1024 ? *>i6.0.0.0 200 1024 ? *>i7.0.0.0 200 1024 ? *>i8.0.0.0 200 1024 ? *>i10.0.0.0 *>i11.0.0.0 *>i100.0.0.0 *>i101.0.0.0 *>i102.0.0.0 *>i133.33.1.0/29 *>i133.33.3.0/25 *>i133.33.4.0/25 *>i133.33.5.0/27 Network *>i133.33.7.0/30 *>i133.33.7.4/30 *>i133.33.7.8/30 *>i133.33.7.12/30 *>i133.33.16.0/24 *>i133.33.17.0/24 *>i133.33.18.0/24 *>i133.33.19.0/24 *>i133.33.20.0/24 *>i133.33.21.0/24 *>i133.33.22.0/24 *>i133.33.23.0/24 *>i133.33.24.0/21 *>i133.33.201.0/24 *>i133.33.202.0/24 *>i133.33.203.0/24 *>i133.33.204.0/24 *>i141.100.0.0 *>i141.108.0.0 *>i142.100.0.0 *>i143.100.0.0 *>i144.100.0.0 Network *>i145.100.0.0 *>i146.100.0.0

Next Hop 133.33.201.1 133.33.201.1

Metric LocPrf Weight Path 100 0 1024 i 0 100 0 400 300

133.33.201.1

0

100

0 400 300

133.33.201.1

0

100

0 400 300

133.33.201.1

0

100

0 400 300

133.33.201.1

0

100

0 400 300

133.33.201.1

0

100

0 400 300

133.33.201.1

0

100

0 400 300

133.33.201.1

0

100

0 400 300

133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 Next Hop 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 Next Hop 133.33.201.1 133.33.201.1

0 100 0 1024 ? 0 100 0 1024 ? 0 100 0 1024 ? 0 100 0 1024 ? 0 100 0 1024 ? 0 100 0 ? 1000 100 0 ? 810 100 0 ? 1610 100 0 ? Metric LocPrf Weight Path 0 100 0 ? 0 100 0 ? 1600 100 0 ? 1600 100 0 ? 0 100 0 ? 0 100 0 ? 0 100 0 ? 0 100 0 ? 0 100 0 ? 0 100 0 ? 0 100 0 ? 0 100 0 ? 801 100 0 ? 0 100 0 ? 801 100 0 ? 801 100 0 ? 1601 100 0 ? 0 100 0 1024 ? 0 100 0 1024 ? 0 100 0 1024 ? 0 100 0 1024 ? 0 100 0 1024 ? Metric LocPrf Weight Path 0 100 0 1024 ? 0 100 0 1024 ?

461

*>i147.100.0.0 *>i148.100.0.0 *>i149.100.0.0 *>i171.108.1.0/30 *>i171.108.1.4/30 R2#

133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1 133.33.201.1

0 0 0 0 0

100 100 100 100 100

0 0 0 0 0

1024 ? 1024 ? 1024 ? ? ?

Ex am ple 9- 38 display s t he BGP peer sessions on R1 in sum m ar y for m at using t he I OS sh ow ip b g p su m m a r y com m and.

Ex a m ple 9 - 3 8 sh ow ip b g p su m m a r y on R1 R1#show ip bgp summary BGP router identifier 133.33.201.1, local AS number 1 BGP table version is 77, main routing table version 77 47 network entries and 71 paths using 6455 bytes of memory 10 BGP path attribute entries using 1004 bytes of memory BGP activity 266/219 prefixes, 533/462 paths Neighbor State/PfxRcd 133.33.202.1 0 133.33.203.1 0 133.33.204.1 0 133.33.205.1 0 133.33.206.1 0 171.108.1.1 24 171.108.1.5 24

V

AS MsgRcvd MsgSent

TblVer

InQ OutQ Up/Down

4

1

182

274

77

0

0 01:48:26

4

1

182

274

77

0

0 01:48:27

4

1

182

274

77

0

0 01:48:31

4

1

182

274

77

0

0 01:48:30

4

1

146

255

77

0

0 00:18:14

4

1024

229

322

77

0

0 01:48:17

4

1024

217

317

77

0

0 01:48:14

The shaded peer s in Ex am ple 9- 38 ar e r out e r eflect or client s t o R1. Ex am ple 9- 39 display s t he TCP sessions on R1 w it h t he I OS sh o w t cp b r ie f com m and.

Ex a m ple 9 - 3 9 sh ow t cp br ie f on R1 R1#show tcp brief TCB Local Address 812F0240 171.108.1.6.11074 812EFDC4 171.108.1.2.11073 8130B85C r1.11071 812F1F10 r1.11070 813029BC r1.179 81308298 r1.11069 812F1A94 r1.11068

Foreign Address 171.108.1.5.179 171.108.1.1.179 r2.179 r3.179 R6.11001 R5.179 R4.179

(state) ESTAB ESTAB ESTAB ESTAB ESTAB ESTAB ESTAB

R1 is configur ed w it h seven BGP TCP peer s, and Ex am ple 9- 39 confir m s t hat BGP is configur ed w it h t he TCP por t num ber 179. ( BGP uses TCP por t 179.)

462

Su m m a r y You hav e com plet ed a com plex r out ing t opology , and alt hough it m ay not be a net w or k you w ill ever need t o configur e, you have discover ed how t o r out e I P w it h any r out ing pr ot ocol and subnet addr essing. I P r out ing algor it hms ar e com plex , and t he abilit y t o configur e OSPF or RI P cor r ect ly and ensur e net w or k connect ivit y is a r ar e skill, not found in m any engineer s. I t is now up t o you t o t ake t he skills you learned in t his book and ext end t hem fur t her , ev en int o ar eas y ou t hought you could never m ast er . For exam ple, as a fur t her exer cise, you could m odify t he t opology in Figur e 9- 1 and change t he r out ing algor it hm s in use t o see w het her y ou can m aint ain a fully rout able net w ork.

463

Appe n dix A. St u dy Tips This appendix is a shor t st udy guide, but it is by no m eans t he only r esour ce you should use t o pr epar e for any Cisco cer t ificat ion. Pr ov ided her e ar e som e useful st udy t ips. Becom ing Cisco cer t ified in one of t he cer t ificat ion t r acks r equir es m uch m or e t han sim ply picking up a m anual or book and cr am m ing or lear ning. Cisco cer t ificat ions, including t he m ost covet ed CCI E exam inat ion, ar e r egar ded as t he m ost dif ficult and well- r espect ed I T cer t ificat ion ex am s in t he w or ld. CCNPs ar e highly r egar ded in t he I T indust ry. Tak ing any Cisco ex am inat ion is not an ex er cise y ou w ant t o do r epeat edly . A t y pical com put er- based ex am cost s appr ox im at ely $250, so y ou do not w ant t o at t em pt an ex am m or e t han once if y ou can help it . This appendix pr ov ides som e handy st udy t ips.

St r a t e gie s for Cisco Ex a m Pr e pa r a t ion The fir st st ep, par t icular ly if you'r e a beginner , is t o det er m ine your st r engt hs and weaknesses. Self - analysis is one of t he m ost difficult t asks t o under t ake. Be honest w it h y our self because t he Cisco cer t ificat ion ex am s w ill be 100 per cent honest w it h you. The exam s require self - st udy and m ay be ev en classr oom t r aining. Cisco ( w w w .cisco.com / w ar p/ cust om er / 10/ w w t r aining/ t r aining_ov er / ) offers m any t r aining cour ses, so it 's best t o det er m ine w het her you need a t r aining cour se t o help lay t he foundat ions. Tr aining cour ses ar e alw ay s pack ed w it h ot her candidat es and offer a par t icular lear ning st y le, so y ou m ight not get t he at t ent ion y ou r equir e. I f t his is t he case, self - st udy is w here you w ill acquire m ost of your know ledge. Cisco cer t ificat ion ex am s ar e com put er- based. As such, t hey are const ant ly evolving and quest ions ar e changed, r em ov ed, or added at any t im e. Ensur e t hat y ou ar e alw ay s updat ed about ex am changes t hr ough t he Cisco Web sit e. Cisco com put er- based exam inat ions cont ain all m ult iple - choice quest ions. Ty pically , you ar e pr ovided four or five possible answ er s, and som e quest ions r equir e m or e t han one answ er . Any incor r ect answ er y ou select r esult s in zer o point s. N OTE The follow ing link pr ovides all t he infor m at ion you need on t he Rout ing exam , including fr ee sam ple exam inat ion quest ions: w w w .cisco.com / w ar p/ public/ 10/ w w t r aining/ cer t pr og/ t est ing/ cur r ent _ex am s/ 640503.ht m l

464

Dow nload t he fr ee challenge t est and gr ade your self. This sim ple t ool can be useful in det er m ining w eak ar eas befor e y ou ev en book t he r eal ex am inat ion.

I n any m ult iple - choice ex am inat ion, t he pr ocess of elim inat ion is im por t ant . To achieve t im e - m anagem ent pr oficiency and t he sk ills r equir ed t o answ er quest ions cor r ect ly , y ou m ust pr act ice w it h a sim ulat ion t hat places y ou in an ex am sit uat ion. ( See t he pr evious not e for a sam ple sim ulat ion pr ogr am .) Ty pically , t he quest ions hav e t w o opt ions t hat init ially appear t o be cor r ect , so y ou c an quick ly elim inat e t w o or t hr ee opt ions. I f y ou can nar r ow t he opt ions t o t w o choices, y ou giv e y our self a 50 per cent chance of scor ing t he v aluable point s. The t est s alw ay s include easy and har d quest ions, so if y ou com e acr oss a difficult quest ion, m ark t he quest ion for lat er r ev iew and m ov e on t o t he nex t quest ion. Tim e m anagem ent is cr ucial; if y ou don't at t em pt ev er y quest ion, y ou ar e at a sev er e disadv ant age because y ou w ill not scor e any point s for quest ions y ou do not at t em pt .

H a n ds- On Ex pe r ie n ce Alm ost all CCI E, CCNP, and CCNA engineer s w ill t ell y ou t hat hands- on ex per ience w it h Cisco r out er s and sw it ches is t he m ost valuable lear ning t ool. I f you w or k daily w it h r out er s in y our pr esent j ob, ensur e t hat y ou ut ilize y our daily access t o v iew h ow t he net w or k is funct ioning using t he t echniques pr esent ed in t his guide. By building a sm all pr act ice lab, ev en w it h j ust t w o r out er s, y ou can st udy any rout ing algorit hm using loopback int erfaces, as discussed in several scenarios in t his book. Cisco Sy st ems even pr ovides lab access at var ious Cisco sit es ar ound t he w or ld, so y ou can v iew t he t echnology and spend t im e configur ing Cisco I OS feat ur es for fr ee. Tak e adv ant age of t his fr ee access t o t r y new configur at ions and get ex per t adv ice from local Cisco engineer s. Cont act your Cisco r epr esent at ive for m or e infor m at ion. Var ious I nt er net sit es, t oo m any t o m ent ion her e, pr ov ide t uit ion and v ir t ual labs. ( These labs ar e called v ir t ual but , in fact , ar e r eal Cisco dev ices.) You can hir e and act ually configur e Cisco I OS r out er s and sw it ches for a set fee. Point y our sear ch engine t ow ar d t he k ey w or ds, Cisco v ir t ual labs. Cisco pr ov ides an ex cellent pr oduct called Cisco I nt er act iv e Ment or ( CI M) . CI M is a v ir t ual I OS sim ulat or t hat enables y ou t o configur e a set nu m ber of I OS feat ur es w it hout hav ing t o pur chase ex pensiv e Cisco r out er s. The follow ing link provides m ore det ails about t his virt ual lab program :

St r a t e gie s for t h e Ex a m This sect ion cov er s som e sim ple t hings y ou can do t he day befor e and dur ing t he exam .

465

On t he day befor e t he exam , do t he follow ing t hings: • • • •

Call Sy lv an Pr om et r ics or w hom ev er is host ing y our ex am inat ion and confir m your seat , t he t im e, and t he locat ion of t he exam . Ensur e t hat y ou hav e t he cor r ect dir ect ions for t he t est ing cent er . Confir m t hat y our phot o I D w ill be accept ed; it 's best t o t ak e y our passpor t so you w ill not have any pr oblem s. Hav e a r elax ing ev ening. Som e candidat es at t em pt t o cr am in t oo m uch lear ning t he night befor e at t he cost of a good night 's sleep. The ex am inat ion quest ions ar e w r it t en by folks w ho w ant you t o pick t he fir st answ er t hat looks good, so you need t o be on your guard m ent ally.

On t he exam day, do t he follow ing t hings: •

• • •

Leav e plent y of t im e t o get t o t he t est ing cent er ; par k and t ak e a few m om ent s t o r elax befor e t he exam . Allow at least an ext r a hour for any t r av eling inv olv ed. Som et im es, y ou can go in ear ly , so y ou can t ak e advant age of your adr enaline r ush if you ar r ive ear ly. The t est ing cent er pr ov ides a pen and som e for m of w r it ing paper , t y pically an era sable sheet . You ar e not allow ed any t hing in t he ex am r oom , ex cept a r efr eshm ent and t he pr ovided w r it ing m at er ials. Leav e all t hose heav y book s at hom e. Wear loose, com for t able clot hing and t ak e a sw eat er in case t he r oom is t oo cold.

Dur ing t he exam , do t he follow ing t hings: •

• •

I f you do not know t he answ er t o a quest ion, t r y answ er ing t he quest ion by a pr ocess of elim inat ion. Alw ay s at t em pt a quest ion ev en if y ou ar e unsur e of t he cor r ect answ er . Mar k quest ions y ou ar e unsur e of or didn't answ er so t hat you can r et ur n t o t hem w it h a fr esh per spect iv e aft er y ou hav e w or k ed t hr ough ot her quest ions. Use t he m at er ials pr ovided t o w or k out t he logic of som e quest ions. Typically, t w o answ er s w ill st and out , so t r y and elim inat e t he t w o obv iously incor r ect answ ers as soon as y ou can. Tr y t o st ay calm . Rem em ber t hat y ou can t ak e t he ex am m ult iple t im es, so ev en if y ou ar e st r uggling, y ou can use t he ex am t o y our adv ant age by r em em ber ing t he t opics t hat ar e not y our st r engt hs.

I m m ediat ely aft er t he ex am inat ion, w r it e dow n t he t opics y ou w er e not com for t able w it h and t he sour ce m at er ials y ou need t o acquir e t hat k now ledge, ev en if y ou passed. What m akes you a CCNP is passing a couple of exam s, but w hat m akes you a qualit y CCNP is t he desir e t o ext end your abilit y w it h ev er y passing m om ent .

Cisco Ce r t ifica t ion St a t u s As soon as y ou pass all t est s for a giv en Cisco cer t ificat ion, y ou at t ain t hat Cisco cer t ificat ion st at us. Cisco also gener at es t r anscr ipt s t hat indicat e w hich ex am s y ou hav e passed and y our cor r esponding t est scor es. Cisco sends t hese t r anscr ipt s t o you. I n addit ion, you r eceive a login I D and passw or d, Cisco cer t ificat ion logos, and m or e ( som et im es ev en a fr ee shir t ) .

466

Tra ck ing Cisco Cert ifica t ion Online Cisco also pr ov ides online t r ack ing, so y ou can t r ack y our st at us of any cer t ificat ion pat h at w w w .galt on.com / ~ cisco/ . This Web sit e t ak es about sev en day s fr om y our ex am inat ion dat e t o be updat ed. You can also dow nload Cer t ificat ion logos for use on y our business car ds, and y ou can k eep y our dem ogr aphic infor m at ion up t o dat e so y ou ar e alw ay s infor m ed of any changes.

St e ps Re qu ir e d t o Ach ie v e CCI E Ce r t ifica t ion The CCI E pr ogr am r equir es a candidat e t o per for m t w o qualificat ion st eps: St e p 1 . Pass a t wo- hour , com put er- based qualificat ion ex am inat ion consist ing of 100 quest ions. The passing m ar k is appr ox im at ely 70 per cent , but var ies accor ding t o st at ist ics and m ay float bet w een 65- 75 per cent . St e p 2 . Pass an eight - hour lab exam inat ion w here t he passing scor e is set at 80 per cent . Hist or ically , t he lab ex am inat ion w as a full t w o- day lab; t hat changed in Oct ober 2001.

CCI E Qu a lifica t ion Ex a m Te st For m a t The CCI E Rout ing and Sw it ching qualificat ion ex am uses t he t y pical cer t ificat ion t est form at wit h m ult iple - choice quest ions t hat hav e one or m or e cor r ect answ er s per quest ion. What m akes som e of quest ions m ore difficult on t he exam is t hat m ore t han fiv e answ er choices ar e list ed for all or m ost quest ions. This r educes t he effect iv eness of elim inat ing obv iously incor r ect answ er s and choosing fr om t he r em aining answ er s. The t opics t est ed include t he follow ing: • • • • • • • • • • •

Cisco dev ice oper at ion Gener al net w or king t heor y Br idging and LAN sw it ching I nt er net Pr ot ocol I P r out ing pr ot ocols Desk t op pr ot ocols Per for m ance m anagem ent WAN ( addr essing, signaling, fr am ing, and so on) LAN Secu r it y Mult iser v ice

467

The bluepr int for t his ex am inat ion is locat ed at w w w .cisco.com / w ar p/ cust om er / 625/ ccie/ cer t ificat ions/ r sbluepr int .ht m l. The t w o- hour , com put er- based ex am inat ion is sim ilar t o ot her Cisco cer t ificat ions, alt hough it is a lit t le m ore difficult wit h m any m ore in- dept h quest ions. You can v iew som e sam ple quest ions at w w w .cisco.com / w ar p/ cust om er / 625/ ccie/ cer t ificat ions/ sam ple_r out ing.ht m l. N OTE Occasionally , Cisco announces a bet a t r ial for t he Rout ing and Sw it ching qualificat ion t est , and if you book t he t est , you pay only a sm all fee com par ed t o t he st andar d fee of appr oxim at ely $250. The follow ing link has m or e infor m at ion: w w w . c isco.com / w ar p/ cust om er / 625/ ccie/ ccie_pr ogr am / w hat snew .ht m l

CCI E La b Ex a m Te st For m a t Passing t he qualificat ion ex am inat ion is t he easier par t of t he CCI E ex am j our ney . To pass t he lab exam , your life needs t o change dr am at ically, and you need t o st udy on r out er s full t im e for at least t hr ee t o six m ont hs. The good new s is t hat t he for m at of t he lab exam inat ion has changed fr om t w o full days t o one day only. You ar e no longer r equir ed t o t r oubleshoot a net w or k ( r egar ded as t he t r ue m et hod t o t est a CCI E's abilit y t o r est or e a net w or k back t o full I P connect iv it y ) ; y ou ar e now r equir ed t o configur e only a set num ber of feat ur es. Aft er you pass t he qualificat ion t est , you ar e eligible t o sit for t he lab exam inat ion. You can book y our lab ex am inat ion online at t he follow ing addr ess: ht t p: / / t ools. cisco. com / CCI E/ Schedule_Lab/ j sp/ login. j sp The lab ex am inat ion cont ains t he follow ing dev ices: • • • • • •

2500 series rout ers 2600 series rout ers 360 0 series rout ers 4000 and 4500 series rout ers 3900 ser ies Tok en Ring sw it ches Cat aly st 5000 ser ies sw it ches

Ensur e t hat y ou pr act ice w it h and under st and t hese dev ices. Pr act ice configur ing alm ost ev er y I OS feat ur e, and fully under st and w hat each I OS com m and act ually enables, inst ead of r ely ing on lim it ed ex per ience w it h cer t ain com m ands. Any one can configur e a Cisco r out er , but t he abilit y t o under st and t he full consequence of a com m and is cr ucial t o passing t he CCI E Lab Ex am inat ion.

CCI E Lab Exam Frequent ly Ask ed Quest ions The follow ing ar e som e fr equent ly ask ed quest ions r egar ding t he difficult one- day CCI E Lab Ex am inat ion:

468

1:

When did t he lab for m at change fr om t w o day s t o one day ?

A:

Oct ober 2001. All CCI E cer t ificat ion labs ar ound t he w or ld ar e t est ing candidat es in t he new one- day for m at .

2:

Wher e can I t ak e t he lab ex am inat ion?

A:

For locat ions and cont act infor m at ion, cont act t he follow ing: •

For la b loca t ion s in N or t h Am e r ica , Sou t h Am e r ica , Eu r op e , a n d Afr ica San Jose, California Research Triangle Park, Nort h Carolina Halifax , Nov a Scot ia, Canada Sao Paulo, Brazil Br ussels, Belgium Johannesbur g, Sout h Afr ica E- m ail: ccie_ ucsa@cisco. com Tel: 1- 800- 829- 6387 ( select opt ion 2) or 1- 919- 3 9 2- 4525 Fax : 1- 919- 3 9 2- 0166

•

For la b loca t ion s in Be ij in g Ch in a , a n d Sin g a p or e Tel: + 86 10 6526 7777 Ext . 5710 Fax: + 86 10 8518 2096 E- m ail: ccie_ apt @cisco. com

•

For la b loca t ion s in Ch a t sw ood , N SW , Au st r a lia , a n d Ba n g a lor e , I ndia Tel: + 61 2 8446 6135 Fax: + 61 2 8448 7980 E- m ail: ccie_ apt @cisco. com

469

•

For la b loca t ion s in Tok y o, Ja p a n Tel: + 81- 3- 5324- 4111 Fax: + 81- 3- 5324- 4022 E- m ail: ccie@cisco. co. j p

3:

What ar e t he m ax im um scor e and t he passing scor e r equir ed?

A:

The t ot al ex am inat ion is w or t h 100 point s and t he passing gr ade is 80 per cent . The passing r at e for fir st at t em pt s is low , so ex pect t o t ak e t he ex am inat ion m or e t han once. Cisco w ill not r elease t he passing r at e.

4:

What if I have a quest ion and cannot find t he answ er ?

A:

E- m ail your quest ion t o ccie@cisco. com. The CCI E t eam r esponds t o all quest ions.

5:

What happens aft er t he exam ?

A:

You w ill be escor t ed out side t he lab. You w ill receive an e- m ail not ificat ion w it hin 24 hours. The e- m ail not ificat ion w ill not ify you t hat t he result of your lab at t em pt is av ailable online at t ools.cisco.com / CCI E/ Schedule_Lab/ j sp/ login.j sp.

6:

Can I use Not epad and Window s calculat or?

A:

Yes y ou can, but y ou ar e not per m it t ed t o sav e any files. You can cut and past e t o and fr om Not epad, how ev er . The calculat or is useful for det er m ining subnet s and bit boundar ies or conv er t ing hex adecim al t o decim al.

7:

How m any t im es can I r et ak e t he lab ex am inat ion?

A:

You m ust allow 30 day s bet w een lab at t em pt s. Ther e is no lim it on t he num ber of lab at t em pt s.

8:

What happens if I pass?

A:

I n addit ion t o becom ing a CCI E, y ou also gain access t o an ex clusiv e CCI E chat forum and CCI E m erchand ise, and y ou get a CCI E m edallion and cer t ificat e. Cisco also pr ov ides a for um accessible only by CCI E's at w w w .cisco.com / k obay ashi/ chat / cciechat .ht m l, w hich allow s y ou t o com m unicat e w it h ot her CCI Es fr om any w her e ar ound t he w or ld. The follow ing URL pr ov ides m or e det ails on CCI E benefit s: w w w . cisco. com / w ar p/ cust om er / 625/ ccie/ r ecer t ificat ions/ ccie_infor m at ion.ht m l

9:

What happens if I fail? Am I t old in w hich areas I scored poorly?

A:

Cisco w ill not t ell y ou specific ar eas of w eak ness; t hat is left t o y ou t o decipher

470

fr om t he br ief scor e r epor t . You can, how ev er , pay a fee t o have your lab rout ers re - ex am ined for accur acy . Ev en w it h a r egr ade, no addit ional infor m at ion is pr ov ided t o y ou; y ou'r e pr ov ided only a br ief scor e r epor t t hr ough e- m ail wit h your new grade, pass or fail. 10: A:

11:

What m at erials can I bring int o t he lab? You ar e per m it t ed t o br ing only necessar y m edicat ion and a dict ionar y. No ot her m at er ials ar e per m it t ed. Cisco pr ovides r efr eshm ent s at all CCI E lab sit es. Lunch is also pr ov ided. What is t he r ole of t he pr oct or ?

A:

You can seek clar ificat io n fr om a pr oct or if you do not under st and a quest ion or t he obj ect ive of a quest ion. The proct or w ill not provide answ ers but w ill ensur e you under st and t he quest ion. The pr oct or m ay also m ake any changes r equir ed in case of net w or k har dw ar e failur es or exam inat ion m ist ak es. At t he end of t he day , y ou ar e pr ov ided an elect r onic feedback for m so t hat y ou can m ak e any com m ent on t he lab ex am or pr oct or . The pr oct or is t her e t o ensur e t hat y ou hav e t he best possible chance of success and should not hinder y our abilit y t o pass t he t est . I f y ou feel ot her w ise, y ou can e- m ail y our concer ns t o ccie@cisco. com.

12:

Wher e can I find out m or e about CCI E and all t he differ ent cer t ificat ion t r acks?

A:

The follow ing URL pr ov ides all t he m at erial required for any of t he t hree m ain CCI E t r ack s: w w w . cisco. com / w ar p/ cust om er / 625/ ccie/

471

Appe n dix C. An sw e r s t o Re vie w Qu e st ion s This appendix cont ains t he answ er s t o each chapt er 's r ev iew quest ions. The or iginal quest ions ar e included for your convenience. The answ er s ar e in bold.

Ch a pt e r 1 1:

Given t he follow ing host addr ess and subnet m ask com binat ions, det er m ine t he subnet addr ess and br oadcast addr esses: • • • •

A:

131.108.1.24 255.255.255.0 151. 108. 100. 67 255. 255. 255. 128 171. 199. 100. 10 255. 255. 255. 224 161. 88. 40. 54 255. 255. 255. 192

Per for m ing a logical AND r eveals t he follow ing: • • • •

Su b n e t Su b n e t Su b n e t Su b n e t

1 3 1 .1 8 .1 .0 a n d b r oa d ca st a d d r e ss 1 3 1 .1 0 8 .1 .2 5 5 1 5 1 . 1 0 8 . 1 0 0 . 0 a n d b r oa d ca st a d d r e ss 1 5 1 . 1 0 8 . 1 . 1 2 7 1 7 1 . 1 9 9 . 1 0 0 . 0 a n d b r oa d ca st a d d r e ss 1 7 1 . 1 9 9 . 1 0 0.3 1 1 6 1 .8 8 .4 0 .0 a n d b r oa d ca st a d d r e ss 1 6 1 .8 8 .4 0 .6 3

2:

Giv en t he net w or k 141.56.80.0 and a subnet m ask of 255.255.254.0, how m any host s ar e av ailable on t his subnet ?

A:

Using t he for m ula 2n - 2 = 29 - 2 = 512 host s, t he subnet m ask 255.255.254.0 borrows nine ( or n) bit s from t he subnet m ask.

3:

What is t he br oadcast addr ess for t he subnet 131.45.1.0/ 24?

A:

The br oadcast addr ess is 131.145.1.255 w her e 255 r epr esent s all binar y 1s.

4:

What is t he pur pose of t he br oadcast addr ess in any giv en subnet ?

A:

The m ain pur pose of a br oadcast addr ess in t he case of I P is t o send out ont o t he w ir e a pack et t hat all host s com m on t o t he par t icular subnet s w ill see and r eceiv e. Cisco r out er s dr op br oadcast s unless y ou configur e br idging.

5:

Given t he subnet in binar y not at ion 1111111.11111111.00000000.00000000, w hat is t he decim al equiv alent ?

A:

The decim al equivalent is 255.255.0.0, or a Class B addr ess.

6:

Which rout ing pr ot ocols suppor t VLSM and w hy?

A:

RI Pv2, OSPF, I S- I S, EI GRP, and BGP. These r out ing pr ot ocols suppor t VLSM because t he r out ing pr ot ocols send t he subnet m ask as part of any rout ing updat e.

472

7:

Which r out ing pr ot ocols do not suppor t VLSM?

A:

I GRP and RI P I . The only w ay t o over com e t his is t o use a com binat ion of st at ic I P r out es or a default r out e.

8:

Which subnet m ask pr ov ides appr ox im at ely 1022 host s?

A:

2 n - 2 = 1022, or 2n = 1024. The num ber of bit s required in t he subnet m ask is 10 bit s, or t he subnet m ask 255.255.252.0 ( 1111111. 11111111. 11111100. 00000000)

9:

What is t he equiv alent subnet m ask for t he not at ion 131.108.1.0/ 24?

A:

The slash not at ion is c om m on in t oday 's docum ent at ion and on Cisco I OS, t he slash bit not at ion r epr esent s t he num ber of bit s assigned t o t he subnet m ask : / 24 m eans 24 bit s. I n binar y t his is 11111111.11111111.11111111.00000000 or 255.255.255.0.

10: A:

I dent ify t he pr iv at e addr ess ranges defined in RFC 1918? RFC 1918 defines t hr ee m aj or classes for pr ivat e use, w hich ar e addr ess r anges t hat ar e not r out able in t he I nt er net . The follow ing ar e t he t hr ee pr iv at e ranges: • • •

Cla ss A: 1 0 . 0 . 0 . 0- 1 0 . 2 5 5 . 2 5 5 . 2 5 5 Cla ss B: 1 7 2 . 1 6 . 0 . 0- 1 7 2 . 1 6 . 2 5 5 . 2 5 5 Cla ss C:1 9 2 . 1 6 8 . 1- 1 9 2 .1 6 8 .2 5 5 .2 5 5

I t is com m on in la r g e or g a n iz a t ion s t o u t iliz e t h e p r iv a t e Cla ss A a d d r e ss a n d u se p u b lic a d d r e sse s on ly on t h e I n t e r n e t con n e ct ion u sin g N e t w or k Ad d r e ss Tr a n sla t ion ( N AT) .

Ch a pt e r 2 1:

What inform at ion is st ored in an I P rout ing t able as seen by R1?

A:

RI P r out ing ent r ies and connect ed r out es.

2:

Which com m and do you use t o view only RI P r out es?

A:

show ip rout e rip or sh ip ro r.

3:

Which com m and do y ou use t o v iew only connect ed r out es?

A:

show ip r out e connect ed or sh ip r o c.

4:

How m any subnet s are know n by R1 using t he Class B net w or k 131.108.0.0/ 16?

473

A:

Ther e ar e nine subnet s using t w o m asks, 255.255.255.0 ( or / 24) and 255.255.255.252 ( or / 30) .

5:

From R1, a ping t est is sent t o t hree rem o t e net w or k s. I s t he ping t est successful or not ? Ex plain w hy or w hy not ?

A:

The ping t est s t o r em ot e net w or k s 131.108.7.0/ 24, 131.108.8.0/ 24, and 131.108.9.0/ 24 ar e all successful because t he 5 I CMP pack et s ar e all r eachable as display ed by t he fiv e ! char act er s.

6:

Why is t he com m and v e r sion 2 configur ed on each r out er ?

A:

Because you ar e using t w o t ypes of m asks, or VLSM. RI Pv1 does not under st and VLSM, so RI Pv 2 has been enabled t o cat er t o t he 30- bit m ask bet w een t he rout ers.

7:

Each r em ot e r out ing ent r y is labeled w it h t he follow ing infor m at ion: [ 120/ 1] . What does t he 120 repre sent and w hat does t he 1 r epr esent ?

A:

The 120 is t he default adm inist r at iv e dist ance or t r ust w or t hiness of t he infor m at ion, and 1 r epr esent s t he hop count t o r each t he rem ot e net work. I n t his case, all t he r em ot e net w or k s ar e 1 hop count aw ay .

8:

Besides a ping t est , w hat ot her m et hods could y ou use t o ensur e connect iv it y t o t he r em ot e net w or ks?

A:

You can use t he t elnet applicat ion or t he t r ace com m and t o ensur e connect iv it y .

Ch a pt e r 3 1:

Which infor m at ion is st or ed in an I P r out ing t able as seen by R1?

A:

OSPF r out ing ent r ies and connect ed r out es.

2:

Which com m and do you use t o view only OSPF r out es?

A:

show ip r out e ospf, w hich can be t r uncat ed as sh ip r o os.

3:

How m any subnet s are know n by R1 using t he Class B net w orks 131.108.0.0/ 16 and 141.108.0.0/ 16?

A:

Ther e ar e eight subnet s using t hr ee m asks for t he Class B addr ess 141.108.0.0. There are nine subnet s using t hree different m asks for t he Class B net w ork 131.108.0.0.

4:

What pat h is t ak en t o t he r em ot e net w or k 141.108.100.1/ 24?

A:

R1's r out ing t able has no ent r y for t he net w or k 141.108.100.1, and because

474

t her e is no default net w or k or gat ew ay of last r esor t , pack et s t o t his net w or k are dropped. 5:

Why is t he r em ot e net w or k 141.108.6.0/ 32 display ed as lear ned t hr ough t he denot at ion: O I A?

A:

O I A indicat es t his r em ot e net w or k is lear ned t hr ough OSPF ( O) and resides in an ar ea not local t o t he r out er ( I A) . I n ot her w or ds, t his is an int r a - ar ea OSPF r out e.

6:

What is t he cost associat ed w it h t he r em ot e net w or k 131.108.33.0/ 24 [ 110/ 74] ?

A:

The cost is 74 and t he adm inist r at ive dist ance is 110.

Ch a pt e r 4 1:

What does t he rout ing ent ry shaded in Ex am ple 4- 64 display ?

A:

The I P r out e labeled as R* m eans t hat any I P packet designat ed for a r em ot e dest inat ion not specific ally list ed in t he I P r out ing t able is t o be sent t o t he nex t hop addr ess of 141.108.1.4 ( r out er Sim on) . This is com m only r efer r ed t o as t he Gat ew ay of Last Resor t ( GOLR) . This is t ypically I nt er net - based t r affic. The gat ew ay of last r esor t is also set t o 141.108.1.4.

2:

I n Ex am ple 4- 64, w hat is t he hop count or m et r ic t o t he r em ot e net w or k 141. 108. 2. 0/ 24?

A:

The RI P m et r ic is set t o 2. The act ual hop count is set by t he ASBR ( r out er Sim on) in Figur e 4- 8. Sim on is configur ed t o set all net w or ks w it h a hop count of 2 by using t he com m and redist ribut e ospf 1 m et ric 2.

3:

What pat h does t he pack et sent t o t he I P subnet 171.108.255.0/ 24 t ak e?

A:

Because t his net w ork is not list ed in Sydney's I P rout ing t able, t he packet is sent t o t he default r out ing ent r y or t he next hop addr ess of 141.108.1.4.

4:

What t y pe of OSPF r out er s ar e t he Rout er s Sim on, Mel, and SanFr an?

A:

Sim on is a backbone OSPF rout er in area 0, as w ell as a rout er t hat perform s r out e r edist r ibut ion ( an ASBR) . M e l is con t a in e d w it h in on e a r e a on ly a n d b e ca u se t h a t a r e a is t h e b a ck b on e , M e l is a b a ck b on e r ou t e r . Sa n Fr a n is a lso a b a ck b on e r ou t e r , b u t it su p p lie s a d e f a u lt r ou t e r a n d ca n a lso b e cla sse d a s a n ASBR.

475

5:

Why ar e st at ic r out es inj ect ed int o t he r out er nam ed Sim on?

A:

St at ic r out es ar e configur ed on t his ASBR t o inst all t hem int o t he I P r out ing t able. Because Sim on has m or e specific r out ing ent r ies, nam ely 141.108.3.1/ 29 and 141.108.4.1/ 28, t he longest m at ch r ule is used t o r out e pack et s t o t he r em ot e net w or k s. Ex am ple 4- 65 display s t he I P r out ing t able on Sim on.

Ex a m ple 4 - 6 5 Sim on ' s I P Rou t in g Ta ble Simon#show ip route Gateway of last resort is 141.108.255.2 to network 0.0.0.0

C O C C S O C S O O O

141.108.0.0/16 is variably subnetted, 10 subnets, 5 masks 141.108.255.4/30 is directly connected, Serial2 141.108.255.0/24 is a summary, 00:12:23, Null0 141.108.255.0/30 is directly connected, Serial3 141.108.1.0/24 is directly connected, Ethernet1 141.108.3.0/24 is directly connected, Null0 141.108.3.0/29 [110/74] via 141.108.255.6, 00:31:46, Serial2 141.108.2.0/25 is directly connected, Ethernet0 141.108.4.0/24 is directly connected, Null0 141.108.2.0/24 is a summary, 00:12:23, Null0 141.108.4.0/28 [110/74] via 141.108.255.2, 00:31:47, Serial3 141.108.2.0/24 is a summary, 00:12:23, Null0

6:

How m any OSPF neighbor adj acencies do y ou ex pect t o see on t he r out er nam ed Sim on?

A:

Ther e should be t w o OSPF neighbor s: one t o SanFr an and one t o Mel. Configur e t he com m and ip ospf dom ain- lookup in global configurat ion m ode t o allow OSPF t o assign a nam e t o an I P addr ess. Ex a m p le 4- 6 6 d isp la y s t h e OSPF n e ig h b or s on t h e r ou t e r Sim on .

Ex a m ple 4 - 6 6 sh ow ip ospf n e igh bor Com m a n d on Sim o Simon#show ip ospf neighbor Neighbor ID Interface mel Serial2 sanfran Serial3

Pri

State

1

FULL/

1

FULL/

Dead Time

Address

-

00:00:30

141.108.255.6

-

00:00:30

141.108.255.2

7:

Tw o m et hods are used in OSPF t o sum m ar ize I P net w or k s. What ar e t hey and w hat I OS com m and is used t o pr ov ide sum m ar izat ion?

A:

I nt er- ar ea sum m ar izat ion w it h ar ea area id r ange m ask com m and. Ex t e r n a l su m m a r iz a t ion w it h t h e I OS com m a n d su m m a r y n e t w or k m a sk com m a n d.

476

8:

Why does cr eat ing ar eas r educe t he size of t he OSPF dat abase?

A:

Reducing t he num ber of ar eas leads t o t he r educt ion of SPF calculat ions and, in t ur n, r educes t he t opology t able. Changes ar e less lik ely t o occur w it hin a sm all gr oup of r out er s t han in a lar ge gr oup, leading t o few er SPF calculat ions as w ell.

Ch a pt e r 5 Ex am ple 5- 79 display s t he det ailed pat hs t o t he t hr ee r em ot e net w or k s, 171.109.1.0, 171.109.2.0, and 171.109.3.0/ 24, as seen by t he r out er SanFr an along w it h a successful pin g t o t he r em ot e net w or k s.

Ex a m ple 5 - 7 9 sh ow ip r ou t e a n d pin g on Sa n Fr a n SanFran#show ip route 171.109.1.0 Routing entry for 171.109.0.0/22 Known via "eigrp 1", distance 90, metric 409600, type internal Redistributing via eigrp 1 Last update from 131.108.1.2 on Ethernet0/0, 00:13:26 ago Routing Descriptor Blocks: * 131.108.1.2, from 131.108.1.2, 00:13:26 ago, via Ethernet0/0 Route metric is 409600, traffic share count is 1 Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit Reliability 255/255, minimum MTU 1500 bytes Loading 1/255, Hops 1 SanFran#ping 171.109.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 171.109.1.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms SanFran#show ip route 171.109.2.0 Routing entry for 171.109.0.0/22 Known via "eigrp 1", distance 90, metric 409600, type internal Redistributing via eigrp 1 Last update from 131.108.1.2 on Ethernet0/0, 00:13:32 ago Routing Descriptor Blocks: * 131.108.1.2, from 131.108.1.2, 00:13:32 ago, via Ethernet0/0 Route metric is 409600, traffic share count is 1 Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit Reliability 255/255, minimum MTU 1500 bytes Loading 1/255, Hops 1 SanFran#ping 171.109.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 171.109.2.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms SanFran#show ip route 171.109.3.0 Routing entry for 171.109.0.0/22 Known via "eigrp 1", distance 90, metric 409600, type internal Redistributing via eigrp 1 Last update from 131.108.1.2 on Ethernet0/0, 00:13:38 ago Routing Descriptor Blocks:

477

* 131.108.1.2, from 131.108.1.2, 00:13:38 ago, via Ethernet0/0 Route metric is 409600, traffic share count is 1 Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit Reliability 255/255, minimum MTU 1500 bytes Loading 1/255, Hops 1 SanFran#ping 171.109.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 171.109.3.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms I f you perform a sh ow ip r ou t e of t he net w or k 171.109.4.0/ 24 on SanFr an, y ou see t he out put displayed in Ex am ple 5- 80.

Ex a m ple 5 - 8 0 sh ow ip r ou t e 1 7 1 .1 0 9 .4 .0 on Sa n Fr a n SanFran#show ip route 171.109.4.0 % Subnet not in table The r eason t hat subnet 4 is not included in t he I P r out ing t able is t hat t he sum m ar y addr ess configur ed on t he r out er Sydney includes only t he subnet s 1, 2, and 3.

1:

Ex am ple 5- 79 display s t he I P r out ing t able of t he Rout er SanFr an. Which net w or k s does t he ent r y 171.109.0.0/ 22 em br ace?

A:

The / 22 indicat es a m ask of 255.255.252.0 w hen applied t o t he Class B addr ess 171.109.0.0. I n binar y , 252 is 1111 11100. The last t hr ee bit s includes t he net w or k s 1 ( 00000001) , 2 ( 00000010) , and 3 ( 00000011) . Not ice, t he last t w o ar e not t he sam e, but t he first six are ( 11111100 is 252) . Ex am ple 5- 79 confir m s connect iv it y by display ing det ailed I P r out e ent r ies for t he r em ot e net w or k s 171.109.1.0/ 24, 171.109.2.0, and 171.109.3.0/ 24 on SanFr an.

2:

What is t he default adm inist r at iv e dist ance for EI GRP int er nal r out es?

A:

The default value is 90, w hich is m or e t r ust ed t han OSPF at 110. Cisco I OS dev eloper s figur e t hat t heir ow n r out ing pr ot ocol is m or e t r ust w or t hy t han OSPF, an indust ry st andard.

3:

Which I OS com m and is used t o display t he out put in Ex am ple 5- 81?

Ex a m ple 5 - 8 1 N e igh bor s Ou t pu t IP-EIGRP neighbors for process 1 H Address Interface Seq N um 0 131.108.1.2 353 A:

Et0/0

Hold Uptime

SRTT

(sec)

(ms)

11 00:18:37

4

RTO

Q Cnt

200

0

Ex am ple 5- 81 disp lays adj acent EI GRP neighbor s w it h t he show ip eigr p neighbor s com m and.

478

4:

Why does EI GRP need t o be m anually configur ed t o r edist r ibut e int o anot her aut onom ous syst em ?

A:

EI GRP m anually r edist r ibut es only bet w een I GRP in t he sam e AS. Manual r edist r ibut ion is r equir ed bet w een differ ent aut onom ous sy st em s or r out ing dom ains.

5:

When is t he EI GRP t opology t able updat ed?

A:

Whenev er a change occur s in t he net w or k , such as a net w or k failur e, t he EI GRP t opology t able is updat ed by updat e pack et s sent t o all EI GRP r out er s in t he sam e AS.

6:

What is t he pur pose of t he com m and n o a u t o - su m m a r y ?

A:

Th e n o au t o- sum m ar y com m and enables you t o t r ansm it subpr efix r out ing infor m at ion acr oss classful net w or k boundar ies, and it disables aut om at ic sum m arizat io n of subnet r out es int o net w or k - lev el r out es.

7:

What is t he v a r ia n ce com m and used for?

A:

The v ar iance com m and, under t he EI GRP pr ocess, is used t o allow addit ional pat hs t o a r em ot e dest inat ion w hen t he com posit e m et r ic is not t he sam e.

8:

What does t he t er m St uck in Act iv e m ean?

A:

St uck in Act ive ( SI A) is not a good net w or k condit ion because t he EI GRP r out er places t he net w or k in an act ive st at e ( in t he EI GRP t opology t able) and sends out a quer y t o a neighbor ; a failur e t o r eply leav es t he r out er in an act iv e st at e. I n t he end, t he EI GRP neighbors are reset , result ing in net w or k dow n t im es and t he loss of I P dat a.

Ch a pt e r 6 1:

Which I OS com m and clear s all BGP sessions on a Cisco r out er ?

A:

clear ip bgp * .

2:

Which I OS com m and is used t o enable BGP4 on a Cisco r out er ?

A:

r out er bgpas.

3:

Ex am ple 6- 82 display s t he out put fr om t he sh o w t cp b r ie f com m and. How m any BGP sessions are in use?

Ex a m ple 6 - 8 2 sh ow t cp br ie f R2>show tcp brief TCB Local Address

Foreign Address

(state)

479

613EE508 613ED584 611654BC

131.108.255.6.11009 131.108.255.2.11008 161.108.1.1.23

131.108.255.5.179 131.108.255.1.179 131.108.255.1.11051

ESTAB ESTAB ESTAB

A:

Ther e ar e t w o BGP TCP sessions ( t he for eign TCP por t num ber is 179) . Por t 23 ( local por t ) is used by Telnet .

4:

Which pat h is chosen t o t he r em ot e net w or k 131.108.1.0/ 24 in Ex am ple 6- 83? Use Ex am ple 6- 83 t o answ er quest ions 4- 6. Ex am ple 6- 83 display s t he BGP t able on a Cisco BGP rout er.

Ex a m ple 6 - 8 3 sh ow ip bgp R2>show ip bgp BGP table version is 21, local router ID is 161.108.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * 131.108.1.0/24 131.108.255.5 100 200 200 1 ? *> 131.108.255.1 100 200 200 1 ? * 131.108.101.0/24 131.108.255.5 100 200 200 1 ? *> 131.108.255.1 100 200 200 1 ? *> 161.108.1.0/24 0.0.0.0 0 32768 i A:

The pat h chosen is indicat ed by > on t he left side of t he BGP t able, w hich indicat es t he nex t hop addr ess 131.108.255.1.

5:

Which aut onom ous sy st em does t he net w or k 131.108.101.0/ 24 or iginat e from ?

A:

The pat h is indicat ed by 1 ?, or AS 1.

6:

What is t he m et r ic and local pr efer ence for t he r em ot e net w or k 131. 108. 101. 0/ 24?

A:

The m et r ic is set t o 100 ( low er is pr efer r ed) and t he local pr efer ence is 200 ( higher v alues pr efer r ed) .

7:

Ex am ple 6- 84 display s t he out put fr om t he sh o w ip b g p su m m a r y com m and for a Cisco BGP- enabled r out er . What is t he BGP aut onom ous sy st em t hat R2 resides in? How m any BGP sessions are act ive, and w hat version of BGP is configured on t he rout er nam ed R2?

Ex a m ple 6 - 8 4 sh ow ip b g p su m m a r y on R2 R2>show ip bgp summary BGP router identifier 161.108.1.1, local AS number 2 BGP table version is 21, main routing table version 21 20 network entries and 39 paths using 3028 bytes of memory 4 BGP path attribute entries using 432 bytes of memory BGP activity 61/41 prefixes, 119/80 paths Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down

480

State/PfxRcd 131.108.255.1 19 131.108.255.5 19

4

1

2755

2699

21

0

0 1d20h

4

1

2755

2699

21

0

0 1d20h

A:

[ click here] R2's local AS num ber is 2 and t he num ber of act ive BGP sessions is t w o because t he st at e is blank. The ver sion of BGP in use is 4, t he default set t ing.

8:

On a Cisco r out er , w hat v alue is pr efer r ed, higher or low er w eight , and w hat is t he r ange of values for w eight ?

A:

Higher w eight v alues ar e pr efer r ed, and t he r ange of v alues for w eight is 0– 294967295. The default value is 0.

9:

What are t he t erm s peer or neighbor used t o describe in BGP?

A:

A peer or neighbor indicat es a TCP session bet w een t w o BGP r out er s.

10: A:

What is t he BGP t able? The BGP t able is a collect ion of local and r em ot e net w or k ent r ies descr ibing t he next hop address, lo cal pr efer ence, w eight , and AS pat h. Based on t hese ent r ies, net w or ks ar e inser t ed int o t he I P r out ing t able.

Ch a pt e r 7 1:

What does a r out e r eflect or do t o nonclient I BGP peer s?

A:

A r out e r eflect or r eflect s infor m at ion t o only configur ed client s. All ot her peer s m ust be fully m eshed.

2:

What is a BGP clust er?

A:

Clust er is a t er m used t o descr ibe a r out er r eflect or and t he configur ed r out e r eflect or client s. Rout e r eflect or s ar e used in I BGP net w or k s only .

3:

How is a r out e r eflect or client configured for I BGP?

A:

Rout e r eflect or client s ar e configur ed for nor m al I BGP peer ing. The r out e r eflect or has addit ional com m ands t o ensur e t hat updat es ar e r eflect ed from one r out e r eflect or client t o anot her .

4:

Which I OS com m and is used t o display t he follow ing out put ?

BGP table version is 61, local router ID is 131.108.254.4 Status codes: s suppressed, d damped, h history, * valid, > best,

481

i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 0.0.0.0 *> 141.108.1.0/24

Next Hop 171.108.1.5 0.0.0.0

Metric LocPrf Weight Path 0 100 i 0 32768 i

A:

This display is a BGP t able and is out put w hen t he I OS show ip bgp com m and is used in exec or privileged m ode.

5:

How m any TCP peers are required in a 1000 I BGP net work?

A:

The num ber of peer s w it hout t he use of r out e r eflect or s is n( n- 1) / 2, where n is t he num ber of BGP r out er s. For exam ple, w it h 1000 BGP r out er s, t he num ber of peers is 1000( 999) / 2 = 499500. Wit h t he use of r out e r eflect or s, you w ould only need 999 peers ( use t he form ulae ( n- 1) where n is t he num ber of r out er s) , w hich is only 0.2 per cent of t he sam e fully m eshed net w or k.

6:

Pr ov ide t he I OS com m and sy nt ax t o enable a default r out e t o be sent t o a rem ot e peer.

A:

neighbor peer ip - addr ess default - originat e.

7:

To display r out e r eflect or client s, w hich sh ow com m and( s) can y ou use, if any?

A:

To v iew r out e r eflect or s, y ou can use t w o m et hods on t he r out e r eflect or : one is t o use t he I OS show ip bgp neighbor s com m and, and t he second is t o v iew t he r unning configur at ion w it h t he I OS show r unning- config com m and.

8:

View t he follow ing BGP t able. What is t he or iginat ing AS for t he r em ot e pr efer r ed pat h t o t he r em ot e net w or k 141.108.1.0/ 24?

R5#show ip bgp BGP table version is 22, local router ID is 171.108.1.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 141.108.1.0/24 300 i *> 151.108.1.0/24 *> 171.108.0.0

Next Hop 171.108.1.1 0.0.0.0 171.108.1.1

Metric LocPrf Weight Path 200 2000 100 0 200

32768 i 2000 100 ?

A:

Cisco I OS alw ay s display s t he AS pat h t ak en, and in t his ex am ple, t he pat h t r aver sed t o r each t he r em ot e net w or k 141.108.1.0 is t hr ough t he AS 2000, t hen 100, and originat ing from AS 300.

9:

Using a r out e m ap, w hich I OS com m and set s t he w eight and local pr efer ence at t r ibut e t o 100?

482

A:

First , you m ust define a rout e m ap w it h an arbit rary nam e ( ccnp in t his ex am ple) and t hen com plet e t he follow ing set of com m ands:

R5(config)#route-map ? WORD Route map tag R5(config)#route-map ccnp R5(config-route-map)#set weight 100 R5(config-route-map)#set local R5(config-route-map)#set local-preference 100 Af t e r d e f in in g t h e r ou t e m a p , y ou m u st a p p ly it t o r e m ot e BGP p e e r s on t h e in b ou n d or ou t b ou n d d ir e ct ion r e q u ir e d . 10: A:

Can y ou set t he BGP at t r ibut e n e x t - hop- se lf t o bot h EBGP and I BGP peer s? No. The next - hop- self at t ribut e is used for I BGP peers only. The I OS c om m and t o set t his at t r ibut e t o r em ot e peer s is neighbor ip - addr ess next - hop- self.

Ch a pt e r 8 1:

How m any I P rout ing t ables are t here w hen m ore t han one rout ing prot ocol is configur ed on a Cisco r out er ?

A:

Ther e is only one I P r out ing t able, w hich can include r out ing infor m at ion dynam ically discover ed using OSPF or RI P. For exam ple, t he follow ing indicat es all t he possible rout ing m et hods on a Cisco rout er:

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * candidate default U - per-user static route, o - ODR 2:

Which pat h is pr efer r ed if OSPF and EI GRP hav e dy nam ically discov er ed a rem ot e net work?

A:

The Cisco I OS gives adm inist r at ive dist ance fir st pr ior it y given. EI GRP AD is 90 and OSPF is 110. The lo w er AD is m or e t r ust w or t hy , so t he Cisco I OS chooses EI GRP. You can change t he default AD v alues by using t he I OS dist ance com m and.

483

3:

What com m on m et hods ar e used t o cont r ol r out ing updat es and filt er ing?

A:

The m ain m et hods are passive int erfaces, dist ribut ion list s, and rout e m aps.

4:

What is t he m et r ic used by OSPF, and is t he low er or higher m et r ic t he chosen pat h?

A:

OSPF's m et r ic is cost ( r anging fr om 1 t o 65535) . The low er cost is alw ays pr efer r ed t o a r em ot e dest inat ion.

5:

I s a st at ic r out e alw ay s pr efer r ed ov er a dir ect ly connect ed r out e?

A:

No, dir ect ly connect ed int er faces hav e an AD of 0, com par ed t o 1 for st at ic r out es. Low er ADs ar e alw ays pr efer r ed.

6:

Which com m and st ops updat es fr om being sent out of any int er face?

A:

passive- int er face in t er face st ops updat es fr om being sent , alt hough, updat es ar e st ill r eceiv ed and pr ocessed.

7:

Which par am et er does t he Cisco I OS alw ay s com par e before looking at rout ing m et r ics, such as hop count or OSPF cost ?

A:

Befor e look ing at r out ing pr ot ocol m et r ics, Cisco I OS chooses any r em ot e pat h by com par ing adm inist rat iv e dist ance. For ex am ple, EI GRP ( AD 90) is pr efer r ed ov er OSPF ( AD 110) r out er s. Low er ADs ar e alw ay s pr efer r ed.

8:

Giv e t hr ee ex am ples of classful pr ot ocols.

A:

OSPF, BGP, and I S- I S ar e com m on ex am ples.

9:

Giv e t w o ex am ples of classless pr ot ocols?

A:

RI P and I GRP ar e classless pr ot ocols.

10:

A:

What ar e t he t hr ee m et hods comm only applied t o avoid rout ing loops w hen r edist r ibut ion is r equir ed? The t hr ee m et hods ar e as follow s: Pa ssiv e in t e r fa ce s— A p a ssiv e in t e r f a ce is a Cisco in t e r f a ce con f ig u r e d f or r ou t in g , b u t it d oe s n ot se n d a n y r ou t in g in f or m a t ion on t h e ou t b ou n d in t e r f a ce . Rou t in g in f or m a t ion ( if a n y ) is st ill r e ce iv e d a n d p r oce sse d n or m a lly . D ist r ib u t ion list s— D ist r ib u t ion list s d e f in e w h ich n e t w or k s a r e pe r m it t e d or de n ie d w h e n r e ce iv in g or se n d in g r ou t in g u p d a t e s. D ist r ib u t ion list s r e q u ir e t h a t y ou con f ig u r e a cce ss list s t o d e f in e w h ich n e t w or k s a r e p e r m it t e d or d e n ie d . Rou t e m a p s— Rou t e m a p s ca n a lso b e u se d t o d e f in e w h ich n e t w or k s

484

a r e p e r m it t e d or d e n ie d . Rou t e m a p s ca n a lso b e u se d a lo n g w it h a cce ss list s t o d e f in e w h ich n e t w or k s a r e p e r m it t e d or d e n ie d w h e n y ou a p p ly m a t ch st a t e m e n t s u n d e r a n y r ou t e m a p con f ig u r a t ion opt ion s.

485

Appe n dix D . CCI E Pr e pa r a t ion—Sa m ple M ult ipr ot oco l La b This appendix is designed t o assist you in your final pr epar at ion for t he m ost w idely sought aft er cer t ificat ion in t he w or ld t oday , CCI E ( Rout ing and Sw it ching) . Today , m any published book s descr ibe how t o achiev e CCI E, but in r ealit y , no m at t er how m any books you pur chase, it all com es dow n t o your level of hands- on ex per ience. The st r ict nondisclosur e agr eem ent policed by Cisco ensur es t hat candidat es do not shar e any infor m at ion about t he lab cont ent . Ther efor e, y ou'll k now lit t le about t he lab cont ent befor e your fir st at t em pt . I n fact , t he FBI has been inv olv ed in r ecent cases in w hich indiv iduals hav e been j ailed for selling infor m at ion dir ect ly r elat ed t o CCI E lab ex am inat ions. The CCI E t eam has appr ov ed a sam ple CCI E m ult ipr ot ocol lab for inclusion in t his book so t hat you can be aw ar e of t he level of difficult y you m ust pr epar e t o encount er w hen at t em pt ing t he CCI E lab. Solut ions ar e not pr ovided in t his book per a r equest fr om Cisco's CCI E depar t m ent , so y ou m ust r esear ch t he v ar ious solut ions on your own. The end goal of any CCI E lab is a w or king net w or k solut ion. You m ight be r est r ict ed in t he w ay you pr ovide a w or king solut ion, as you w ill discover in t his sam ple CCI E lab. Candidat es w ho pr epar e for t he CCI E lab oft en ask m e how t o best pr e pare for t he lab. My answ er t o t hem is t o pr act ice and configur e ev er y feat ur e av ailable and t hen pr act ice ev en m or e. Of cour se, not ev er y feat ur e is t est ed, and y ou ar e encour aged t o read t he m ost up- t o- dat e infor m at ion on t he Web at w w w . cisco. com / w ar p/ cust om er / 625/ ccie/ . You m ust be able t o pr ovide a w or king solut ion quickly and adher e t o t he guidelines st at ed in t he lab. A good analogy is a dr iv ing t est . I m agine y ou ar e ask ed t o dr iv e dow n a 100- m ile lengt h of per fect ly st r aight r oad. I m agine ever y 100 feet , a sign indicat es a possible act ion y ou m ust t ak e. The ex am designer does not necessar ily ask about t he best solut ion, and you m ust have a broad know ledge of all I OS feat ur es t o c onfigure challenging and difficult scenarios. The CCI E lab changed dr am at ically in for m at in Oct ober 2001 fr om a t w o- day lab t o a one- day lab. A CCI E candidat e is no longer r equir ed t o sit t hr ough a separ at e t r oubleshoot ing sect ion but m ust configur e a net work in eight hours. One of t he m ost cr it ical skills in t he new CCI E lab for m at is t im e m anagem ent . Ther efor e, in t his guide, each sect ion descr ibes t he t im e const r aint s w it hin w hich y ou should com plet e t hat sect ion. This lab is designed t o be com plet ed w it hin eight hour s. I f a sect ion has no t im e allocat ion, t hat sect ion has alr eady been com plet ed for you in t he r eal CCI E lab. For exam ple, t his sam ple lab asks you t o physically cable t he net w or k. No t im e allocat ion is pr ovided, because in t he r eal CCI E lab, t he phy sical cabling is alr eady com plet ed for y ou. N OTE

486

This sam ple lab incor por at es m any of t he t echnologies and concept s cover ed in t his guide, but oft en at an elev at ed lev el. Because t his appendix cov er s a sam ple CCI E lab, t he ex er cises pr esent ed in t his lab r equir e a br oad per spect iv e and k now ledge base and ex per ience t hat goes bey ond ev en t he pr act ical ex am ples pr esent ed ear lier in t his guide.

Figur es D- 1 and D- 2 show t he t opology and assignm ent s for t his sam ple lab.

Figu r e D - 1 . CCI E La b Topology

Figu r e D - 2 . Fr a m e Re la y D LCI Assign m e n t

487

Ba sic Se t u p ( 1 H ou r ) Configur e t he net w or k in Figur e D- 1 for basic phy sical connect iv it y .

Com m unica t ions Server ( 0 .2 5 H ours) N OTE Not all CCI E labs r equir e a com m unicat ion ser ver t o be configur ed.

Configur e t he com m unicat ion ser v er so t hat w hen y ou t y pe t he host nam e of a r out er on t he ser v er , y ou ar e connect ed acr oss t he console por t t o t hat r out er : • • • • • •

Set up t he rout ers as show n in Figur e D- 1. Configure R1 as t he com m unicat ion ser v er by using t he ip host com m and. Com m unicat ion ser v er por t s 2 t hr ough 8 ar e connect ed t o r out er s R2 t hr ough R8, r espect iv ely . Com m unicat ion ser v er por t 9 connect s t o t he Cat aly st Et her net sw it ch. Com m unicat ion ser v er por t 10 connec t s t o t he Cat aly st Tok en Ring sw it ch. R9 is a Cat aly st 6509 sw it ch w it h a Mult ilay er Sw it ch Feat ur e Car d ( MSFC) m odule inst alled.

Physica l Connect ivit y ( N o Tim e) N OTE

488

Fr om Oct ober 1, 2001 onw ar d, a CCI E candidat e is not r equir ed t o cable t he lab net w or k phy sically . Ther efor e, no t im e allocat ion is giv en t o t his sect ion. This sect ion is added for com plet eness only.

You net w or k is alr eady phy sically pat ched. Const r uct y our net w or k as show n in Figur e D- 1. Configur e t he follow ing char act er ist ics for t he t opology in Figur e D- 1: • • • • •

All r ings should be set t o 16 Mbps and should have an MTU size of 1500. All ser ial link s bet w een r out er s ar e connect ed t hr ough a Fr am e Relay sw it ch. Rout er s R1 and R4 ar e connect ed t o an I SDN ser v ice w it h t he sw it ch t y pe defined as basic - 5ess. R1 connect s t o num ber plan 0298017705, and R4 connect s t o num ber plan 02 96307050. Rout ers R1, R2, R3, R4, R6, and R7 are connect ed t o t he Cat alyst Et hernet sw it ch ( Cat aly st 6509 ser ies sw it ch) . Rout er s R1, R5, and R8 ar e connect ed t o t he Cat aly st Tok en Ring sw it ch ( Cat aly st 3900 ser ies sw it ch) .

Cat alyst Et hernet Sw it ch Set up I ( 0 .2 5 Hours) Configur e t he Et her net sw it ch for five VLANs: • • • • •

VLAN VLAN VLAN VLAN VLAN

2, 3, 4, 6, 7,

nam ed nam ed nam ed nam ed nam ed

VLAN_A, VLAN_B, VLAN_C, VLAN_D, VLAN_E,

is connect ed t o R1 and R2. is connect ed t o R3. is connect ed t o R4. is connect ed t o R6 and R9. is connect ed t o R7.

Using VLAN_A, configur e t he m anagem ent int er face SC0 w it h t he addr ess 131.108.0.2/ 25. Ensur e t hat all dev ices in y our net w or k can t elnet t o t he sw it ch even if R1 or R2 is down. Ensur e t hat t he sw it ch is configur ed in t he VTP domain Cisc0_v Tp and t he sw it ch can creat e and delet e VLANs in t he fut ure.

Cat alyst Et hernet Sw it ch Set up I I ( 0 .2 5 H ours) Configur e t he follow ing spanning- t r ee par am et er s on t he Cat aly st 6509: • • • •

Ensur e t hat t he sw it ch nev er becom es t he r oot br idge on VLAN_D. Ensur e t hat t he sw it ch has t he best possible chance of becom ing t he r oot bridge in VLAN_E. Set all Et her net por t s t o for w ar d dat a im m ediat ely aft er a device is plugged in or act iv at ed. Set t he hello t im e on VLAN_B t o 10 seconds.

Configur e t he follow ing m iscellaneous par am et er s:

489

• • • • • • •

Disable Cisco Discov er y Pr ot ocol on por t s 3/ 1- 8. Ensur e t hat any I P phones inst alled or connect ed t o Car d 3 ar e supplied inline power. Ensur e t hat t he sw it ches get a clock sour ce fr om R1 using NTP. Ensur e t hat t he only MAC addr ess per mit t ed t o access t he sw it ch on por t 3/ 3 is t he MAC addr ess 2010- 2010- 2010 or 4000- 0000- 4000. Disable pow er r edundancy on t he sw it ch. War n all Telnet client s t hat any “ unaut hor ized access is not per m it t ed” by display ing a w ar ning m essage w hen any Telnet session is act iv at ed t o t he SC0 int er face only . I f any por t s becom e disabled because of har dw ar e er r or s, ensur e t hat t he sw it ch aut om at ically enables t he affect ed por t s aft er 10 m inut es.

Cat alyst Et hernet M SFC Set up ( 0 .2 5 H ours) Configur e R9 ( 6509 w it h an MSFC car d) for I P r out ing. Ex am ple D- 1 display s t he har dw ar e pr ofile on t he Cat aly st 6509 sw it ch.

Ex a m ple D - 1 sh ow m odu le on R9 ( M SFC) Cat6509> Mod Slot --- ----1 1 15 1 3 3 9 9

(enable) show module Ports Module-Type Model Sub Status ----- ------------------------- ------------------- --- -----2 1 48 8

1000BaseX Supervisor Multilayer Switch Feature 10/100BaseTX Ethernet 1000BaseX Ethernet

Mod --1 15 3 9 Mod 1

WS-X6K-SUP1A-2GE WS-F6K-MSFC WS-X6348-RJ-45 WS-X6408-GBIC

Module-Name Serial-Num ------------------- ----------SAD0413022N SAD041501U6 SAD04270A8A SAD03479837 MAC-Address(es) 00-30-96-33-21-7e to 00-30-96-33-21-7f 00-30-96-33-21-7c to 00-30-96-33-21-7d 00-d0-01-b0-4c-00 to 00-d0-01-b0-4f-ff 15 00-30-96-33-24-84 to 00-30-96-33-24-c3 3 00-30-96-34-9b-48 to 00-30-96-34-9b-77 9 00-30-96-2b-e1-f4 to 00-30-96-2b-e1-fb Mod Sub-Type Sub-Model 1 L3 Switching Engine WS-F6K-PFC 3 Inline Power Module WS-F6K-VPWR

Hw 3.1

1.4 1.1 2.3

Fw 5.3(1)

yes no yes no

ok ok ok ok

Sw 5.5(4)

12.1(1)E, 12.1(1)E, 5.3(1) 5.5(4) 4.2(0.24)V 5.5(4) Sub-Serial Sub-Hw SAD04150DYL 1.1 1

By using t he infor m at ion displayed in Ex am ple D- 1, configure t he MSFC for I P rout ing in VLAN 6 using RI Pv2 only. Do not r out e bet w een any ot her int er faces.

490

I P Con figu r a t ion a n d I P Addr e ssin g ( N o Tim e ) N OTE Because of r ecent changes t o t he CCI E ex am , t he candidat e is not r equir ed t o configur e I P addr essing; how ev er , t he subj ect is pr esent ed her e t o ensur e pot ent ial CCI E candidat es hav e a good under st anding of I P addr ess spaces and subnet t ing. Therefore , no t im e is pr oj ect ed for t his sect ion.

Use t he Class B subnet t ed I P addr ess 131.108.0.0 t o 131.108.255.255 t o design your net w or k. You m ust use t his addr ess space for all addr esses unless a differ ent addr ess space is specified in a par t icular quest ion. Ensur e t hat y ou r ead t he ent ir e paper befor e designing y our I P addr ess space. Aft er y our I P addr ess space and I P r out ing ar e com plet e, it m ust be possible t o r each all y our r out er s and sw it ches. Set t he enable passw or d for all r out er s and sw it ches t o ccieToBe. Configur e I P addr esses on y our r em aining int er faces: • • • • • • • •

Use a 25- bit m ask Use a 27- bit m ask Use a 28- bit m ask Use a 24- bit m ask Use a 26- bit m ask Use a subnet w it h Use a 29- bit m ask pr ot ocols. Use a 24- bit m ask pr ot ocols.

for VLAN 2. for VLAN 3. for VLAN D. for VLAN E. for all Token Ring net works. t he least number of host s for t he I SDN link. for all Fram e Relay connect ions running classless I P rout ing for all Fram e Relay connect ions running classful I P rout ing

Assign each r out er a 24- bit subnet for t he lo opback addr ess t o use. I t m ust be possible t o ping and t elnet fr om any one r out er using t he loopback addr ess. Configur e local I P host addr esses on each r out er so t hat an exec or pr ivilege user can t y pe t he r out er nam e t o ping or t elnet w it hout hav ing t o t ype t he full I P address.

Fr a m e Re la y Se t u p ( 0 .5 H ou r s) Configur e I P acr oss your Fr am e Relay net w or k as displayed in Figur e D- 2: • • • • •

You have t o use st at ic m aps for each pro t ocol. No dynam ic m apping is per m it t ed. No subint er faces ar e allow ed on any r out er . Use a m ost efficient subnet w or k for I P addr esses on t he Fr am e cloud. You m ay assign a subnet fr om your Class B r ange. Use LMI t ype t o Cisco only, and do not r ely on aut osensing t he LMI t y pe on any r out er s. All r out er int er face t y pes ar e DTE. The Fr am e por t t y pe is DCE.

491

• •

Do not use t he keyword b r oa d ca st for t he Fram e Relay link bet w een R6 and R7 when m apping I P. Ensur e t hat y ou can also ping t he local int er face fr om each r out er configur ed for Fram e Relay.

I GP Rou t in g ( 3 H ou r s) Aft er t his sect ion is com plet ed, all r out er s m ust hav e full I P connect iv it y bet w een ever y r out ing dom ain, including t he I SDN backup int er faces w hen oper at ional.

RI P Configura t ion ( 0 .5 H ours) Configure RI P on Rout ers R6 and R9 only: • • • • •

Configure RI P on R6 E0 and R9 E0. Ensur e t hat only unicast updat es ar e sent and r eceiv ed. Aut hent icat e any RI P pack et s. Redist r ibut e t he RI P r out e int o I GRP dom ain. Mak e sur e y ou can see dist r ibut ed RI P r out es t hr oughout y our t opology.

I GRP Configurat ion ( 0 .5 H ours) Configure I GRP on Rout ers R6 and R7 only: • • • • •

Use 10 as t he AS num ber for I GRP. I GRP covers t he link bet ween R6 and R7 only. Redist r ibut e t he I GRP r out es int o OSPF dom ain. Mak e sur e y ou can see dist r ibut ed I GRP r out es t hr oughout y our t opology as Ty pe 1 OSPF r out es. Redist r ibut e t he OSPF and ex t er nal EI GRP r out es w it h an adm inist r at iv e dist ance of 199 in t he EI GRP dom ain.

EI GRP Configura t ion ( 0 .5 H ours) Configure EI GRP on Rout ers R3, R7, and R8 only: • • • • •

Configure EI GRP in dom a in 333 bet ween t he serial link on R7 t o R8, R3 t o R8, and Ring 800. Sum m ar ize as m uch as possible t o r educe t he r edist r ibut ed r out es int o OSPF, but ensur e t hat all r out es appear in t he I GRP and RI P dom ains. Ensur e t hat EI GRP is aut hent icat ed acr oss t he Fr a m e Relay connect ions. Redist r ibut e t he EI GRP r out es int o OSPF dom ains w it h a cost m et r ic of 1000 seen on all OSPF rout ers. Ensur e t hat R3 nev er sends any updat es acr oss t he Et her net ( E0) segm ent .

OSPF Configurat ion ( 1 .5 H ours) Configur e OSPF as descr ibed in Figur e D- 1. Do not cr eat e any unspecified OSPF areas:

492

• • • • • • • • • • • • • • • • •

Configur e t he OSPF back bone ov er t he Fr am e Relay net w or k bet w een t he t hree rout ers: R2, R4, and R7. The I SDN li nk bet ween R1 and R4 resides in t he area 0.0.0.0. The link bet ween R4 and R5 is in area 4. Ring 100 is in area 100. Ring 500 is in area 500. The Et hernet segm ent bet ween R1 and R2 resides in area 1. The Et her net segm ent on R4 r esides in ar ea 0.0.0.40. Ensu re t hat all OSPF rout es are redist ribut ed and reachable in t he I GRP, RI P, and EI GRP dom ains. Ensur e t hat t he OSPF back bone in t he Fr am e cloud is aut hent icat ed. Ensur e t hat R1 w ill never be t he DR on all segm ent s. Ensure t hat R4 is t he DR in t he OSPF backbone net work. Ensur e t hat t he r out er I D of all OSPF- enabled r out er s is t he loopback addr ess. Do not cr eat e any addit ional ar eas. Set t he hello int er val bet w een t he link R1 and R4 t o 25 seconds. Set t he hello int er v al on R2 Et her net segm ent t o 20 seconds. Ensur e t hat all loopbacks appear as / 24 bit net w or ks on all I P r out ing t ables. Do not use t he r e dist r ibu t e con n e ct e d com m and on any r out er t o accom plish t his. Ensur e t hat ar ea 0.0.0.40 is configur ed so t hat ex cessiv e CPU r esour ces ar e not consum ed on Rout er R4. You can assum e no ot her areas or rout ers are at t ached t o t his segm ent .

I PX Con figu r a t ion ( 1 H ou r ) Configur e I PX and ensur e t hat I PX connect iv it y ex ist s on all r out er s: • • • • • • •

Configur e I PX dir ect ly on all int er faces ex cept all WAN and loopback int er faces. All rout ers m ust be able t o see all ot her I PX rout es and m ust be able t o I PX ping each rout er. You can use I PX EI GRP as y our r out ing pr ot ocol. Disable I PX RI P w her ever possible. Configur e NLSP bet w een R6 and R7. You cannot configur e I PX addr essing on t he Fram e Relay link. Bet ween R6 and R7, do not enable EI GRP I PX. Configur e t w o I PX ser vices on R1 nam ed I PXSer v1, act ing as an I PX ser ver , and I PXPr n1, act ing as a pr int er ser v er . Ensur e t hat all I PX- enabled rout ers can r each t hese t w o ser v er SAPs, ex cept Rout er R3. Ensur e t hat y ou can I PX ping acr oss y our net w or k .

Ba sic I SD N Con figu r a t ion ( 0 .5 H ou r s) I SDN sw it ch infor m at ion: • •

I SDN sw it ch t y pe: basic - 5ess I SDN num ber ing: - R1: 0298017705 - R4: 0296307050

493

•

SPI DS ar e not r equir ed.

Configur e t he I SDN int er faces on R1 and R4 as follows: • • • • • •

Only w hen S0 of R1 goes dow n, R1 should place an out going call t o R4. R4 cannot call R1 under any cir cum st ances. Use PPP encapsulat ion and t he st r ongest aut hent icat ion av ailable. Ensure t hat you never bring up m ore t han one B channel t o keep cost s t o a m inim um . When t he Fram e Relay link is rest ored, bring dow n t he I SDN link aft er 25 m inut es. When t he I SDN is act ive, all r out er s m ust be able t o ping and t elnet t he local I SDN int erfaces on R1 and R4.

D LSw + Con figu r a t ion ( 0 .7 5 H ou r s) Configure DLSw+ on R1, R3, R5, and R8: • • • • • • • • • • •

Rings 100, 500, and 800 should have connect ivit y t o VLAN 2 and 3. SNA host s reside on Rings 100 and 500. Host s on Ring 500 are used only w hen Ring 100 is not reachable. Ensur e t hat all r out er s peer t o R1 and only in a net w or k failure do DLSw+ circuit s t erm inat e on R5. DLSw + peer s should be act iv e only w hen user- based t r affic ( SNA/ Net BI OS) is sent or r eceiv ed. I f I P connect iv it y ex ist s, ensur e t hat DLSw + r em ains est ablished. Use a differ ent vir t ual r ing gr oup on each r out er . Configur e a filt er t hat block s Net BI OS pack et s w it h t he dest inat ion nam e Sim onisaCCI E from leaving R5 and R8. Perm it all ot her Net BI OS t raffic st ar t ing w it h t he nam e Sim onis?* * * . Ensur e t hat r em ot e DLSW+ peer s do not send t oo m any quer ies for t he dest inat ion MAC addr ess 0200.0200.0200 on Ring 100 or VLAN 2. Ensure t hat VLAN 2 can reach host s on Ring 100. Ensure t hat t he only SAPs enabled on R3 are null SAPs and SAP 08.

Fla sh Con figu r a t ion ( 0 .2 0 H ou r s) Your cust om ers accident ally erased rout er R1's syst em im age in Flash m em or y . They don't hav e Cisco I OS Soft w ar e or an TFTP ser v er on hand. They also hav e no I nt er net access. Ensur e t hat t he I OS im age is r est or ed t o t he Flash on R1 and t hen reload R1. R1 and R2 ar e r unning t he sam e I OS code and ar e t he sam e r out er har dw ar e t y pe ( Cisco 2503 r out er s) .

V TY Ch a n ge s ( 0 .2 0 H ou r s) Configur e all VTY lines so t hat net w or k adm inist r at or s do not r equir e local aut hent icat ion.

494

Adm inist r at or s m ust st ill use t he enable passw or d ccieToBe on all r out er s t o access privilege m ode. To allow nonpr iv ileged user s access t o R1 and t he abilit y t o clear t er m inal ser v er lines, ensur e t hat all ex ec user s can use t he I OS cle a r in exec m ode on Rout er R1 only.

H TTP Se r ve r ( 0 .2 0 H ou r s) Configur e R1 t o act as an HTTP ser ver , but only allow client s from Ring 500.

Ca t a ly st 6 5 0 9 Pa ssw or d Re cov e r y ( 0 .2 0 H ou r s) The enable passw or d on t he 6509 sw it ch has been m odified. Assum ing y ou hav e access t o t he sw it ch using passw or d r ecov er y on t he sw it ch, set t he enable passw or d t o ccie and t he access passw or d t o c isco.

Pr iv a t e Addr e ss Spa ce Alloca t ion ( 0 .2 0 H ou r s) Som e user s on VLAN_A hav e configur ed t heir PCs w it h t he Class A addr esses r anging fr om 10.10.1.1 t o 10.10.1.255/ 24. Ensur e t hat t he Class A addr ess is nev er pr esent in any rout ing t able except R1, and allow t he user s t o access t he r est of t he net w or k . Ensur e t hat t he r em aining net w or k can access t he host w it h t he I P addr ess 10.10.1.100/ 24.

BGP Rou t in g Con figu r a t ion ( 0 .7 5 H ou r s) Aft er finishing each of t he follow ing sect ions, m ak e sur e all configur ed int erf aces/ subnet s ar e consist ent ly v isible on all per t inent r out er s, ev en in t he ev ent of net w ork failure of any one rout er.

Basic I BGP Configurat ion ( 0 .5 H ours) Configure I BGP on all rout ers in your net w ork: • • • • • • • • •

Do not use any WAN I P int erfaces for I BGP sessions, as your net work is prone t o failures across t he Fram e Relay cloud. Configur e R5 and R8 as r out e r eflect or s, and ensur e t hat all t r affic uses a preferred pat h t hrough rout er R5. Minim ize I BGP configur at ions as m uch as possible. Do not disable BGP synchroniz at ion. Use AS 2002 on all I BGP rout ers. As long as t here is I P connect ivit y in your net w ork, ensure BGP is act ive in all rout ers. Using t he n e t w or k com m and only , ensur e t hat all net w or k s ar e adv er t ised t o t he rout e reflect ors R5 and R3. Do not change t he adm inist r at ive dist ance on any int er ior r out ing pr ot ocol. Mak e sur e y our hav e full BGP connect iv it y .

495

•

Ensure t hat all rout ers have ent ries in t heir I P rout ing t ables.

EBGP Configura t ion ( 0 .2 5 H ours) Configure EBGP on R5 and R8 as follows: • • • •

R5's rem ot e peer is 171.108.1.2/ 24 and rem ot e AS is 1024. R8's rem ot e peer is 191.200.1.2/ 30 and rem ot e AS is 4345. I SP1 and I SP2 ar e adver t ising t he full I nt er net r out ing t able. Ensur e t hat t he only r out e accept ed is a default r out e and r out es of t he for m 110.100.0.0 t o 121.110.255.255.

Set all r out es in t he r ange 110.100.0.0 t o 121.110.255.255 w it h t he follow ing at t r ibut es: • • •

Ensure t hat BGP origin is set t o I GP. Pr epend w it h pat hs w it h t he AS pat hs 1000 999 100. Set t he w eight t o 1000 for all ev en net w or k s and 2000 for all odd net w or k s.

496

Appe n dix B. W h a t t o D o Aft e r CCN P ? This appendix cov er s som e opt ions for y ou aft er becom ing a qualified Cisco Cer t ified Net w or k Pr ofessional. You can pur sue one m or e challenging st ep: t he cov et ed Cisco Cer t ified I nt er net w or k Ex per t ( CCI E) cer t ificat ion. Cisco int r oduced t he CCNA and CCNP cer t ificat ions so candidat es can follow a pr efer r ed, gr adually building pat h t o t he CCI E cer t ificat ion. How ev er , CCNA and CCNP ar e not pr er equisit es t o at t em pt t he CCI E ex am inat io n. N OTE I f y ou ar e int er est ed in leading t r aining cour ses, anot her difficult cer t ificat ion opt ion is Cisco Cer t ified Sy st em s I nst r uct or ( CCSI ) . This cer t ificat ion is aim ed m ainly at par t ner s w ho supply t he Cisco cour se m at er ial t o t he gener al public. For inform at ion, go t o w w w .cisco.com / par t ner / t r aining/ cour se_channelpar t ner s.sht m l You need an account t o access som e of t he URLs pr esent ed in t his chapt er . To obt ain a guest account , v isit w w w .cisco.com / pcgibin/ r egist er / m ain?page= st ar t &r elat ion= clnc. The guest account also enables y ou t o book a lab seat for t he CCI E ex aminat ion.

CCI E is regarded as t he m ost sought - aft er cer t ificat ion in t he indust r y t oday; m or e and m or e v endor s ar e dev ising t heir ow n cer t ificat ion pr ogr am s and t r y ing t o cat ch up t o t he indust ry - leading Cisco Syst em s. While w or king in t he CCI E pr ogr am eve ry day for t he past t w o y ear s, I hav e seen t he m any changes and challenges facing pot ent ial CCI Es. As of Sept em ber 30, 2001, t her e w er e appr ox im at ely 6700 CCI Es. About 110 of t hese 6700 CCI Es hold m or e t han one CCI E qualificat ion. The m aj or it y of CCI Es are locat ed in Eur ope and Nor t h Am er ica. Befor e y ou decide t o t ak e t his st ep, y ou need t o be aw ar e of t he challenges in fr ont of y ou. You cannot hope t o becom e a CCI E by sim ply buy ing a book or a ser ies of books. Hands- on ex per ience is r equir ed; at least t w o years of int ernet working ex per ience is cr it ical, and ev en t hen y ou m ust fully pr epar e for t he difficult ex am inat ion. Thr ee v ar iet ies of CCI E cer t ificat ion ar e cur r ent ly av ailable: • • •

CCI E Rout ing and Sw it ching ( Released 1993) CCI E Secur it y ( Released August 2001) CCI E Com m unicat ions and Ser v ices ( Released August 2001)

This discussion concent r at es on t he Rout ing and Sw it ching ( R&S) cer t ificat ion, as new er cer t ificat ions gener ally t ak e m ont hs or ev en y ear s t o becom e w ell est ablished. The Securit y exam inat ion is one ex am inat ion y ou should also consider , especially consider ing t oday 's clim at e of I nt er net fir ew all fr ailt y and dem and for secur it y ex per t s.

497

N OTE For m or e infor m at ion on t he Secur it y t r ack , go t o w w w .cisco.com / w ar p/ cust om er / 625/ ccie/ cer t ificat ions/ secur it y .ht m l. For m or e infor m at ion on t he Com m unicat ions and Ser v ices t r ack , go t o w w w .cisco.com / w ar p/ cust om er / 625/ ccie/ cer t ificat ions/ ser v ices.ht m l. Recent ly, four CCI E t r acks w er e r et ir ed: I SP Dial, SNA, Design, and WAN Sw it ching.

498