Download presentation
Presentation is loading. Please wait.
Published byJodie Dennis Modified over 9 years ago
1
Bevezetés a Cisco routerek konfigurálásába
2
Fodor Éva E-mail: eva.fodor@synergon.hu
3
Tematika I. n A 7 rétegű OSI modell n Az alkalmazási és a felsõbb rétegek n A fizikai és adatkapcsolati réteg n A hálózati réteg és az útvonal-meghatározás n A routerek felhasználói intefésze
4
Tematika II. n Routing alapok n A router kiindulási konfigurációja n Konfigurálási módszerek és módok n A Cisco IOS szoftver betöltésének módjai
5
Tematika III. n TCP/IP áttekintés n IP címek beállítása n Soros vonali alapok n IP routing beállítása n Szűrőlisták használata
6
Tematika IV. n Queuing technikák n Scalable Routing Protocol áttekintés n Frame Relay alapok
7
The Internetworking model The Layered Model
8
Why a Layered Network Model? n Reduces complexity n Standardizes interfaces n Facilitates modular engineering n Ensure interoperable technology n Accelerates evolution n Simplifies teaching and learning Application Presentation Session Transport Network Data Link Physical 76543217654321
9
Layer Functions Network processes to applications Data representation Interhost communication End-to-end connections Addresses and best path Access to media Binary transmission Application Presentation Session Transport Network Data Link Physical 76543217654321
10
Peer-to-Peer Communication Application Presentation Session Transport Network Data Link Physical Application Presentation Session Transport Network Data Link Physical bits HOST AHOST B segments packets frames
11
Data Encapsulation Application Presentation Session Transport Network Data Link Physical Application Presentation Session Transport Network Data Link Physical Network Header Frame Header Frame Trailer DATA 0101101010110001
12
Data Encapsulation Example Segment Header DATA Network Header DATA Network Header Frame Header DATA Frame Trailer Segment Header DATA Segment Header 0111111010101100010101101010110001 Segment E-mail message Data Packet Frame Bits (Medium dependent)
13
Remaining Chapter Sequence Application Presentation Session transport Network Data Link Physical 76543217654321 Network Applications End-to-end services Routing Data Transmission
14
Summary n The OSI reference model organizes network functions into seven categories called layers n Data flows from upper-level user applications to lower- level bits transmitted over network media n Peer-to-Peer functions use encapsulation and de- encapsulation at layer interfaces n Most network manager task configure the lower three layers
15
Application and Upper Layers
16
Objectives n Upon complention of this chapter, you will be able to: –Name and describe computer, network, and internetwork applications –Describe the OSI presentation functions and identify common standards –Describe the OSI session functions and identify common standards –Describe the OSI transport functions for end-to-end network services –Identify common processes for establishing connections, flow control, and windowing
17
Application, Presentation and Session Layers
18
Application Layer COMPUTER APPLICATIONS Word processing Presentation Graphics Spreadsheet Database Design/Manufacturing Project Planning Others NETWORK APPLICATIONS Electronic Mail File transfer Remote Access Client/Server Process Information Location Network Management Others n Selects network application to support user’s application
19
Application Layer (cont.) INTERNETWORK APPLICATIONS Electronic Data Interchange World Wide Web E-Mail Gateways Special-Interest Bulletin Boards Financial Transaction Services Internet Navigation Utilities Conferencing (Video, Voice, Data) Others NETWORK APPLICATIONS Electronic Mail File transfer Remote Access Client/Server Process Information Location Network Management Others Internetwork applications can extend beyond the enterprise
20
Presentation Layer Text Data ASCII EBCDIC Encrypted Sound Video MIDI MPEG QuickTime Sound Video MIDI MPEG QuickTime Graphics Visual Images PICT TIFF JPEG GIF Graphics Visual Images PICT TIFF JPEG GIF Provides code formatting and conversion for applications
21
Session Layer n Network File System (NFS) n Structured Query Language (SQL) n X Window System n AppleTalk Session Protocol (ASP) n DNA Session Control Protocol (SCP) Service Request Service Reply Coordinates applications as they interact on different hosts
22
Transport Layer
23
Transport Layer Overview n Segments upper-layer applications n Establishes an end-to-end connection n Sends segments from one end host to another n Optionally, ensures data reliability
24
Segment Upper-Layer Applications Application Presentation Session Transport File Transfer File Transfer Terminal Session Terminal Session Electronic Mail Application Data Application Data port port Segments Transport segments share traffic stream
25
Establishes Connection SENDER RECEIVER Synchronize Negotiate Connection Synchronize Acknowledge Connection Established Data Transfer (Send Segments)
26
Sends Segments with Flow Control SENDER RECEIVER Transmit Buffer Full Process Segments Buffer OK Buffer Full Process Segments Buffer OK Not Ready Stop Ready Go Resume Transmission
27
Reliability with Windowing SENDER RECEIVER SENDER RECEIVER Send 1 Send 2 Receive 1 Ack 2 Receive 2 Ack 3 Send 1 Send 2 Send 3 Send 4 Window size = 3 Receive 1 Receive 2 Receive 3 Ack 4
28
An Acknowledgment Technique SENDER RECEIVER 123654123654 Send 1 Send 2 Send 3 Send 4 Send 5 Send 6 Send 5 Ack 4 Ack 5 Ack 7
29
Transport to Network Layer End-to-end segments Routed packets
30
Summary n The ISO/OSI reference model describes network applications n Presentation layer formats and converts network application data to represent text, graphics, images, video, and audio n Session-layer functions coordinate communication interactions between applications n Reliable transport-layer functions include Multiplexing Connection synchronization Flow control Error recovery Reliability through windowing
31
Physical and Data Link Layers
32
Objectives n Upon completion of this chapter, you will be able to perform the following tasks: Identify and describe the data link sublayers and their functions Explain the use of MAC addresses Describe the topology and functionally of LANs Differentiate between LAN and WAN protocols Describe the characteristics of WAN based protocols
33
Physical and Data Link Layers
34
Physical and Data-link standards Data Link (frames) Physical (bits, signals, clocking) 802.2 LLC FDDIFDDI 802.5802.5 802.3802.3 EthernetEthernet Dial on Demand ISDN SDLCHDLC X.25 Link Frame Relay PPP V.24 V.35 HSSI G.703 EAI-530 EAI/TIA-232 EAI/TIA-449 LANWAN Separate physical and data link layers for LAN and WAN
35
LAN Data Link Sublayer n LLC refers upward to higher-layer software functions n MAC refers downward to lower-layer hardware functions Network Data Link Physical Media Access Control LLC MAC Logical Link Control Packet or Datagram 802.2 LLCMAC Frame
36
LLC Sublayer Functions n Enable upper layer to gain independence over LAN media access n Allow service access point (SAPs) from interface sublayers to upper-layer functions n Provide optional connection, flow control, and sequencing service
37
MAC Address n MAC address is burned into ROM on a network interface card 0000.0c12.3456 Vendor CodeSerial Number 24 bits ROM RAM
38
Finding the MAC address n An Example:TCP/IP Address Resolution Protocol (ARP) n ARP find the MAC address for a data-link connection Host Z MAC ? Host YHost Z ARP Request Broadcast Example 1: TCP/IP destination local Host Z Host Z MAC ARP Reply Host Y MAC Host Z MAC ? ARP Request BroadcastHost Z Host Y Host Z Router MAC ARP Reply Host Y MAC Example 2: TCP/IP destination not local
39
Common LAN Technologies
40
LAN Technology Overview Ethernet Token Ring FDDI
41
Ethernet and IEEE 802.s n Several framing variations exist for this common LAN technology
42
Physical Layer: Ethernet/802.3 MacPCSun 10BaseT- Twisted Pair 10Base2 - Thin Ethernet 10Base5 - Thick Ethernet HUB
43
The Ethernet/802.3 Interface n Cisco router’s data link to Ethernet/802.3 uses an interface named E plus a number (for example, E0) 0800.089c.34d50800.2006.1a56 E0
44
Ethernet/802.3 Operation ABCD Application Presentation Session Transport Network Data Link Physical Application Presentation Session Transport Network Data Link Physical DB and C
45
Ethernet/802.3 Broadcast Application Presentation Session Transport Network Data Link Physical Application Presentation Session Transport Network Data Link Physical Application Presentation Session Transport Network Data Link Physical Application Presentation Session Transport Network Data Link Physical
46
Ethernet Frame Variations PreambleDA SA Type Data FCS 8 6 6 2 4 Ethernet Frame PreambleDA SA Length 802.2 Header FCS 8 6 6 2 4 and Data 802.3 Frame
47
Ethernet/802.3 Reliability n Carrier sense multiple access collision detect (CSMA/CD) ABC D Collosion ABC D JAM
48
High-Speed Ethernet Options n 100BaseFX,100BaseTX n 100BaseVG AnyLAN n 1000BaseSX,1000BaseLX n 1000BaseCX
49
Token Ring and IEEE 802.5 n IBM’s Token Ring is equivalent to IEEE 802.5
50
Physical Layer: Token Ring/802.5 n Logically a ring, but physically a star configuration to MAU relays MAU Shielded or Unshielded Twisted Pair Logical Technology
51
The Token Ring/802.5 Interface n Cisco router’s data link to Token Ring/802.5 uses interface named To plus a number (for example, To0) Token Ring To0
52
Token Ring/802.5 Operation n Token Ring LANs continuously pass a token or a Token Ring frame T = 0 T = 1 T = 0 T T T Data
53
Token Ring/802.5 Media Control n Fields in a frame determine priority and reservation for sharing media Access Control Field PPriority bits TToken bit MMonitor bit RReservation bits PPPTMRRR
54
Token Ring/802.5 Active Monitor n Active monitor ensure token operation on the ring for media access T M = 1M = 0 M = 1 T Data
55
Token Ring/802.5 Reliability n Sending station receives status information in a frame A ACrrACrr Frame Status Field 00Destination not found 01Copied but not acknowledged 10Unable to copy data from frame 11Station found or frame copied to another ring by a bridge
56
Fiber Distributed Data Interface (FDDI) n Devices on FDDI maintain connectivity on dual counter-rotating rings FDDI Dual Ring 100 Mbps
57
Physical Layer: FDDI n Devices attached to FDDI use token passing DAC Dual-Homed SAS DAS
58
The FDDI Interface n Cisco router’s data link to FDDI uses an interface named F plus a number (for example, F0) FDDI Dual Ring F0
59
FDDI Dual-Ring Reliability 1. When a failure domain occurs... 2. … wrap primary and secondary rings... 3. … maintaining network integrity
60
Common WAN Technologies
61
WAN Technology Overview SDLC HDLC LAPB PPP X.25 Frame Relay ISDN
62
Physical Layer: WAN EIA/TIA-232 V.35 X.21 HSSI others DTEDCE (Modem) Data Terminal Equipment End of the user’s device on the WAN link Data Circuit-Terminal Equipment End of the WAN provider’s side of the communication facility DTE to DCE Interface Standards
63
Data Link Layer: WAN protocols n SDLC - Synchronous Data Link Control n HDLC - High-Level Data Link Control n LAPB - Link Access Procedure Balanced n Frame Relay - Simplified version of HDLC framing n PPP - Point-to-Point Protocol n X.25 - Packet level protocol (PLP) n ISDN - Integrated Services Digital Network (data-link signaling) (Modem)
64
Summary The physical layer provides access to the wires of an internetwork The data link layer provides support for communication over several types of data links: LAN (Ethernet/IEEE 802.3, Token Ring/IEEE 802.5, FDDI) Dedicated WAN (SDLC, HDLC, PPP, LAPB) Switched WAN (X.25, Frame Relay, ISDN )
65
Network Layer and Path Determination
66
Objectives Upon completion of this chapter, you will be able to: List the key internetworking functions of the OSI network layer and how they are performed in a router Describe the two parts of network addressing, then identify the parts in specific protocol address examples Contrast the network discovery and update processes in distance vector routing with those in link-state routing List problems that each routing type encounters when dealing with topology changes, and describe techniques to reduce the number of these problems Explain the services of separate and integrated multiprotocol routing
67
Network Layer Basics
68
Network Layer: Path Determination n Layer 3 functions to find the best path through the internetwork Which Path?
69
Network Layer: Communicate Path n Addresses represent the path of media connections 1 2 3 4 5 6 7 8 9 10 11
70
Addressing: Network and Host n Network address - Path part used by the router n Host address - Specific port or device on the network NetworkHost 1 2 3 1 1 123123 1.3 1.2 1.1 3.1 2.1
71
Protocol Addressing Variations NetworkNode 11 NetworkNode 10.8.2.48 NetworkNode 1ac.eb0b0000.0c00.6e25 General Example TCP/IP Example Novell IPX Example (Mask 255.0.0.0)
72
Routing = building maps and giving directions Switching = moving packets between interfaces Router Functions
73
198.113.181.0 [170/304793] 192.150.42.17702:03:50D 198.113.178.0 192.168.96.0 192.168.97.0 [110/9936]192.150.42.17702:03:50O 192.150.42.17700:00:20R C [120/3]Ethernet0Ethernet0 Ethernet0 Ethernet0 Network # Interface Next Hop MetricAge Source Routing Table
74
Routing protocols need to handle issues associated with larger networks: Maintain route information Select routes Routing in Internetworks
75
Routing protocols need to handle issues associated with larger networks: Support flexible network address management Redistribute routes Route multiple protocols Routing in Internetworks (cont.)
76
Source Dest. Which is the best path from Source to Destination? Route selection: Metrics
77
Route selection: Load Balancing Load balancing can provide increased bandwidth and redundancy
78
Route selection: Routing Hierarchy A hierarchical network can reflect the corporation’s organization Hierarchical Network Corporate Headquarters National Office Remote Office
79
Static Route Uses a protocol route that a network administrators enters into the router Static Route Uses a protocol route that a network administrators enters into the router Dynamic Route Uses a route that a network routing protocol adjusts automatically for topology or traffic changes Dynamic Route Uses a route that a network routing protocol adjusts automatically for topology or traffic changes Static versus Dynamic Routes
80
A B Point-to-point or circuit-switched connection Only a single network connection with no need for routing updates “Stub” Network Fixed route to address reflects administrator’s knowledge Static Route Example
81
Use if next hop is not explicitly listed in the routing table A B C 192.34.56.0 10.0.0.0 Company X Internet Routing Table No entry for destination net Try router B deafult route Default Route Example
82
C B A D X Can alternate route substitute for a failed route ? Adapting to Topology Change
83
Routing protocol maintains and distributes routing information Network Routing Protocol Routing table Routing table Routing table Routing table Dynamic Routing Operations
84
Information used to select the best path for routing B A E1 64 Bandwidth Delay Load Reliability Bandwidth Delay Load Reliability Hop count Ticks Cost Hop count Ticks Cost Representing Distance with Metrics
85
Routing Protocols
86
C B A D C B A D Distance Vector Hybrid Routing Link State Classes of Routing Protocols
87
Convergence occurs when all routers use a consistent perspective of network topology After a topology changes, routers must recompute routes, which disrupts routing The process and time required for router reconvergence varies in routing protocols One Issue: Time to Convergence
88
Pass periodic copies of routing table to neighbor routers and accumulate distance vectors C B A D D C B A Routing Table Routing Table Routing Table Routing Table Routing Table Routing Table Routing Table Routing Table Distance Vector Concept
89
B A C W X Y Z Routing Table X 0 Y 0 Z 1 W 1 Routing Table X 0 Y 0 Z 1 W 1 Routing Table Y 0 Z 0 X 1 W 2 Routing Table Y 0 Z 0 X 1 W 2 Routers discover the best path to destinations from each neighbor Routing Table W 0 X 0 Y 1 Z 2 Routing Table W 0 X 0 Y 1 Z 2 Distance Vector Network Discovery
90
Updates proceed step-by-step from router to router B A TopologyChangeCausesRoutingTableUpdate Process to Update This Routing Table Router A Sends Out This UpdatedRoutingTable Process to Update This Routing Table Distance Vector Topology Changes
91
A E D C B X 1 Alternate Route: Network 1, Distance 3 Alternate Route: Network 1, Distance 3 Network 1, Unreachable Alternate Route: Use A Network 1, Distance 4 Alternate Route: Use A Network 1, Distance 4 Alternate routes, slow convergence, inconsistent routing Network 1 Down Problem: Routing Loops
92
A E D C B X 1 Network 1, Distance 5 Network 1, Distance 7 Network 1, Distance 4 Network 1, Distance 6 Routing loops increment the distance vector Network 1 Down Problem: Counting to Infinity
93
Routing Table Maximum metric is 16 Network 1 is Unreachable Routing Table Maximum metric is 16 Network 1 is Unreachable A E D C B X 1 Network 1, Distance 12 Network 1, Distance 14 Network 1, Distance 15 Network 1, Distance 13 Specify a maximum distance vector metric as infinity Network 1 Down Solution: Defining a Maximum
94
Network 1, unreachable If you learn a protocol’s route on an interface, do not send information about that route back out that interface A E D C B X 1 Network 1 Down B:Do not update router A about routes to network 1 D: Do not update router A about routes to network 1 Solution: Split Horizon
95
Network 1 route to network 1 has infinite Cost Network 1 route to network 1 has infinite Cost Router keeps an entry for the network down state, allowing time for other routers to recompute for this topology change A E D C B X 1 Network 1 Down Solution: Route Poisoning
96
Routers ignore network update information for some period A E D C B ?,X 1 Network 1 Down Update after Hold-Down Time Update after Hold-Down Time Network 1 Down Update after Hold-Down Time Update after Hold-Down Time Update after Hold-Down Time Update after Hold-Down Time Update after Hold-Down Time Update after Hold-Down Time Solution: Hold Down Timers
97
After initial flood, pass small event-triggered link-state updates to all other routers A D C B Link-State Packets Topological Database Shortest Path First Tree Routing Table Routing Table SPF Algorithm Link-State Concept
98
B A C W X Y Z Link-State Packet W 0 X 0 Link-State Packet W 0 X 0 Link-State Packet X 0 Y 0 Link-State Packet X 0 Y 0 Link-State Packet Y 0 Z 0 Link-State Packet Y 0 Z 0 Topological Database Topological Database Topological Database SPF A Routing Table A Routing Table B Routing Table B Routing Table C Routing Table C Routing Table SPF Tree Routers calculate the shortest path to destinations in paralell Link-State Network Discovery
99
Topology Change in Link- State Update Process to Update This Routing Table Update processes proceed using the same link- state update Process to Update This Routing Table Link-State Topology Changes
100
Topological Database SPF Routing Table Routing Table SPF Tree Processing and memory required for link-state routing Bandwidth consumed for initial link state „flood” Link-State Concerns
101
A D C B Network 1, Back Up Now Network 1, Unreachable X,ok Slow path update Slow path update arrives last Network 1 goes down then comes up Fast path updates arrive first Which SPF tree to use for routing? Unsynchronized updates, inconsistent path decisions Problem: Link-State Updates
102
Synchronizing large networks- which network topology updates are correct? Router startup-order of start alters the topology learned Partitioned regions-slow updating part separated from fast updating part Link State Update Problems (cont.)
103
Reduce the need for resources ”Dampen” update frequency Target link-state updates to multicast Use link-state area hierarchy for topology Exchange route summaries at area borders Reduce the need for resources ”Dampen” update frequency Target link-state updates to multicast Use link-state area hierarchy for topology Exchange route summaries at area borders Coordinate link-state updates Use time stamps Update numbering and counters Manage partitioning using an area hierarchy Coordinate link-state updates Use time stamps Update numbering and counters Manage partitioning using an area hierarchy Solution: Link State Mechanisms
104
Distance Vector Link-State Views net topology from Gets common view of neighbor’s perspective entire network topology Adds distance vectors Calculates the shortest from router to router path to other routers Frequent, periodic updates: Event-triggered updates: slow convergence faster convergence Passes copies of routing Passes link-state routing updates table to neighbor routers to other routers Distance Vector Link-State Views net topology from Gets common view of neighbor’s perspective entire network topology Adds distance vectors Calculates the shortest from router to router path to other routers Frequent, periodic updates: Event-triggered updates: slow convergence faster convergence Passes copies of routing Passes link-state routing updates table to neighbor routers to other routers Comparing Distance Vector Routing to Link-State Routing
105
Choose a routing path based on distance vectors Convergence rapidly using change-based updates Ballanced Hybrid Routing Share attributes of both distance-vector and link-state routing EIGRP Hybrid Routing
106
Summary Internetworking functions of the network layer include network addressing and best path selection for traffic Network addressing uses one part to identify the path used by the router and one part for ports or devices on the net Routed protocols direct user traffic, while routing protocols work between routers to maintain path tables Network discovery for distance vector involves exchange of routing tables; problems can include slower convergence For link-state, routers calculate the shortest paths to other routers; problems can include inconsistent updates Balanced hybrid routing uses attributes of both link-state and distance vector, applying paths to several protocols
107
Basic Router Operations
108
External Configuration Sources n Configuraion information can come from many sources Virtual Terminal VTY 0-4 TFTP Server Network Management Statio Interfaces Console port Auxiliary port
109
RAM NVRAM Flash ROM Console Auxiliary Interfaces Internal Configuration Components
110
Check hardware Find and load Cisco IOS software image Find and apply router configuration information Check hardware Find and load Cisco IOS software image Find and apply router configuration information System startup routines initiate router software Fallback routines provide startup alternatives as needed An Overview of System Startup
111
Bootstrap RAM Cisco Internetworking Operating System Configuration File Load Bootstrap Locate and Load Operating System Locate and Load Configuration File or Enter „setup” mode ROM Flash NVRAM TFTP Server ROM TFTP Server Console Startup Sequence
112
RAM Command Executive Internetwork Operation System Active Programs Configuration Tables Buffers File Bootstrap Program Executes RAM for Working Storage
113
User EXEC Mode Limited examination of router. Remote access. Router> Privileged EXEC Mode Detailed examination of router. Debugging and testing. File manipulation. Remote access Router# SETUP Mode Prompted dialog used to establish an initial configuration. Global Configuration Mode Simple configuration commands. Router (config)# Other Configuration Mode Comlex and multiline configuration. Router (config - mode)# RXBOOT Mode Recovery from a catastrophe in the case of a lost password or the operating system being accidentally erased from Flash Router Modes
114
Router con0 is now available Press RETURN to get started User Access Verification Password: Router> Router> enable Password: Router# Router# disable Router> Router> exit User-mode prompt Privileged-mode prompt Console Logging in to the Router: Cisco IOS
115
n Symbolic translation n Keyword completion n Last command recall n Command prompting n Syntax checking Router# clock Translating „CLOCK” %Unknown command or computer name, or unable to find computer address Router# clock clear clock Router# clock %Incomplete command Router# clock? Setset the time and date Router# clock set %Incomplete command Router# clock set? Current time (hh:mm:ss) Router# clock set 19:56:00 %Incomplete command Router# clock set 19:56:00 ? Day of the month MONTH Month of the year Router# clock set 19:56:00 04 8. %Invalid input detected at the ‘^ ‘ maker Router# clock set 19:56:00 04 August %Incomplete command Router# clock set 19:56:00 04 August ? Year Context-Sensitive Help
116
Router> $ value for our customers, emplyees, investors, and partners Automatic scrolling of long lines. Move to the begenning of the command line Move to the end of the command line Move back one word Move forward one character Move back one character Move forward one character Refresh line Automatic scrolling of long lines. Move to the begenning of the command line Move to the end of the command line Move back one word Move forward one character Move back one character Move forward one character Refresh line Using Editing Commands
117
or Up arrowLast (previous) command recall or Down arrowMore recent command recall Router> show historyShow command buffer Router>terminal history size number-of-lines Set command buffer size Router> no terminal editingDisable advanced editing features Router> terminal editingReenable advanced editing Entry completion or Up arrowLast (previous) command recall or Down arrowMore recent command recall Router> show historyShow command buffer Router>terminal history size number-of-lines Set command buffer size Router> no terminal editingDisable advanced editing features Router> terminal editingReenable advanced editing Entry completion Reviewing Command History
118
Summary Using the router Log in with user password Enter privileged mode with enable password Disable or quit Advanved help features Command completion and prompting Syntax checking Advanced editing features Automatic line scrolling Cursor controls History buffer with command recall Copy and paste using most laptop computers
119
Examining Router Status
120
RAMNVRAMFlash Internetwork Operating System Active Tables Backup Operating Programs Configuration and Configuration System File Buffer File InterfacesInterfaces Router# show processes CPU Router# show protocols Router# show processes CPU Router# show protocols Router# show mem Router# show stack Router# show buffers Router# show mem Router# show stack Router# show buffers Router# show startup-config Router# show config Router# show startup-config Router# show config Router# show version Router# show flash Router# show interface Router Status Commands Router# show running-congif Router# write term Router# show running-congif Router# write term
121
Router# show version Cisco Internetwork Operating System Software IOS ™ 4500 Software (C4500-J-M), Experimental Version 11.2 (199600626:214907) Copyright © 1986-1996 by cisco System, Inc. Complied Fri 28-Jun-96 16:32 by rbeach Image test-base: 0x600088A0, data-base: 0x6076E000 ROM: System Bootstrap, Version5.1 (1) [daveu 1], RELEASE SOFTWARE (fc1) ROM: 4500-XBOOT Bootstrap Software, Version 10.1(1), RELEASE SOFTWARE (fc1) router uptime is 1 week, 3 days, 32 minutes System restarted by reload System image file is „c4500-j-mz”, booted via tftp from 171.69.1.129 - - - More - - - Router# show version Cisco Internetwork Operating System Software IOS ™ 4500 Software (C4500-J-M), Experimental Version 11.2 (199600626:214907) Copyright © 1986-1996 by cisco System, Inc. Complied Fri 28-Jun-96 16:32 by rbeach Image test-base: 0x600088A0, data-base: 0x6076E000 ROM: System Bootstrap, Version5.1 (1) [daveu 1], RELEASE SOFTWARE (fc1) ROM: 4500-XBOOT Bootstrap Software, Version 10.1(1), RELEASE SOFTWARE (fc1) router uptime is 1 week, 3 days, 32 minutes System restarted by reload System image file is „c4500-j-mz”, booted via tftp from 171.69.1.129 - - - More - - - show version Command
122
n Use write terminal with Release 10.3 and earlier n Use show config with Release 10.3 and earlier Router# show running-config Building configuration... Current configuration: ! Version 11.2 ! - - - More - - - Router# show running-config Building configuration... Current configuration: ! Version 11.2 ! - - - More - - - Router# show startup-config Using 1108 out of 130048 bytes ! Version 11.2 ! Hostname router - - - More - - - Router# show startup-config Using 1108 out of 130048 bytes ! Version 11.2 ! Hostname router - - - More - - - show running-config Command and show startup-config Command
123
Configuring a Router
124
Objectives Upon completion of this chapter, you will be able to perform the following tasks: Load an existing configuration file Change the router identification Assign a password to both the user and privileged EXEC modes Configure a serial interface Save the changes to NVRAM
125
n Cisco IOS software version n Router identification n Boot file locations n Protocols information n Interface configurations Router Configuration Overview
126
n Global Configuration Mode Router# config term Router (config)# : : : Router (config) # (command) Router (config)# Router (config)# exit Router# Router# config term : : : Router (config)# router protocol Router (config-router) # : : : Router (config-router) # (command) Router (config-router) # : : : Router (config-router) # exit Router (config) # interfacetype port Route (config-if) # : : : Router (config-if) # (command) Router (config-if) # : : : Router (config-if) # exit Router (config) # exit Router# Router# config term Router (config)# : : : Router (config) # (command) Router (config)# Router (config)# exit Router# Router# config term : : : Router (config)# router protocol Router (config-router) # : : : Router (config-router) # (command) Router (config-router) # : : : Router (config-router) # exit Router (config) # interfacetype port Route (config-if) # : : : Router (config-if) # (command) Router (config-if) # : : : Router (config-if) # exit Router (config) # exit Router# Other Configuration Mode Used for system-wide configuration requiring one command line. Includes commands to enter other configuration modes Usedforother configurations requiring multiple command lines Configuration Modes
127
n Use these commands for routers running Cisco IOS Release 11.0 or later NVRAM show startup-config erase startup-config Copy tftp startup-config show running-config copy running-config tftp copy tftp running-config copy running-config startup-config config term config memory RAM TFTP Server (IP Only) Console or Terminal Bit bucket Working with 11.x Config Files
128
Tokyo# copy running-config tftp Remote host []? 131.108.3.155 name of configuration file to write [tokzo-confg] ? Tokyo.2 Write file tokyo.2 to 131.108.2.155? [confirm] y Writing tokyo.2 ! ! ! ! ! ! ! ! [OK] tokyo# Tokyo# copy running-config tftp Remote host []? 131.108.3.155 name of configuration file to write [tokzo-confg] ? Tokyo.2 Write file tokyo.2 to 131.108.2.155? [confirm] y Writing tokyo.2 ! ! ! ! ! ! ! ! [OK] tokyo# Router# copy tftp running-config Host or network configuration file [host]? IP address of remote host [255.255.255.255]? 131.108.2.155 Name of configuration file [router-confg] ? Tokyo.2 configure using tokyo.2 from 131.108.2.155? [confirm] y Booting tokyo.2 from 131.108.2.155: ! ! [OK - 874/16000 bytes] tokyo# Router# copy tftp running-config Host or network configuration file [host]? IP address of remote host [255.255.255.255]? 131.108.2.155 Name of configuration file [router-confg] ? Tokyo.2 configure using tokyo.2 from 131.108.2.155? [confirm] y Booting tokyo.2 from 131.108.2.155: ! ! [OK - 874/16000 bytes] tokyo# RAM Using a TFTP Server
129
n User EXEC mode n Privileged EXEC mode n Global configuration mode Router> Router# Router(config)# Exit Other configuration modes Configuration ModePrompt Interface Subinterface Controller Map-list Map-class Line Router IPX-router Route-map Router (config.if)# Router (config-subif)# Router (config-controllr) # Router (config-map-list) # Router (config-map-class)# Router (config-line)# Router (config-router) # Router (config-ipx-router)# Router (config-route-map)# Overview of Router Modes
130
n Sets local identify or message for the accessed router or interface Router (config) # hostname Tokyo Tokyo# Router (config) # hostname Tokyo Tokyo# Tokyo (config) # banner motd# Welcome to router Tokyo Accounting Department 3rd Floor Tokyo (config) # banner motd# Welcome to router Tokyo Accounting Department 3rd Floor Tokyo (config) # interface e 0 Tokyo (config-if) # description EngineeringLAN, Bldg. 18 Tokyo (config) # interface e 0 Tokyo (config-if) # description EngineeringLAN, Bldg. 18 Router Name Login Banner Interface Decsription Configuring Router Identification
131
Router (config) # line console 0 Router (config-line) # login Router (config-line) # password cisco Router (config) # line console 0 Router (config-line) # login Router (config-line) # password cisco Router (config) # line vty 0 4 Router (config-line) # login Router (config-line) # password cisco Router (config) # line vty 0 4 Router (config-line) # login Router (config-line) # password cisco Router (config) # enable-password san-fran Router (config) # service password-encryption (set password here) Router (config) # no service password-encryption Router (config) # service password-encryption (set password here) Router (config) # no service password-encryption Console Password Virtual Terminal Password Enable Password Perform PasswordEncryption Password Configuration
132
Type includes serial, ethernet, tokenring, fddi, hssi, loopback, dialer null async atm bri and tunnel Router (config) # interface type port Router (config) # interface type slot/port Router (config) # interface type port Router (config) # interface type slot/port Router (config-if) # shutdown Use this commadn to administratively turn off an interface without altering its other configuration entries Router (config-if) # exit Turn on an interface that has been shutdown Router (config-if) # no shutdown Quit from current config-interface mode Router (config) # interface type number.subinterface After designating the primary interface, use this to establish virtual interfaces on the single physical interface Interface Configuration Mode
133
Make changes in configuration modes Examine results Router# show running-config Intended results? Save changes to backup Router# copy running-config startup-config Router# copy running-config tftp Examine backup file Router# show startup-config Remove changes Router (config) # no.... Router# config mem Router# copy tftp running-config Router# erase startup-config Router# reload Yes No Verifying Configuration Changes
134
Using NVRAM with Release 11.x Router# configure memory [OK] Router# Router# configure memory [OK] Router# Router# erase startup-config [OK] Router# Router# erase startup-config [OK] Router# Router# copy runnning-config startup-config Router# Router# copy runnning-config startup-config Router# Router# show startup-config using 5057 out of 32768 bytes ! Enable-password san-fran ! Interface Ethernet 0 ip address 131.108.100.5 255.255.255.0 ! ----More ---- Router# show startup-config using 5057 out of 32768 bytes ! Enable-password san-fran ! Interface Ethernet 0 ip address 131.108.100.5 255.255.255.0 ! ----More ---- NVRAM RAM Bit bucket
135
Summary Configuration files can come from the console, NVRAM, or a TFTP server The router has several modes: Privileged mode used for copying and managing entire configuration files Global configuration mode used for one-line commands and commands that change the entire router Other configuration modes used for multiple command lines and detailed configurations The router provides a host name, a banner, and interface descriptions to aid in identification
136
Managing the Configuration Environment
137
Configuration registers Registers in NVRAM for modifying fundamental Cisco IOS software Identifies where to boot Cisco IOS image (for examle, use config-mode commands) Configuration registers Registers in NVRAM for modifying fundamental Cisco IOS software Identifies where to boot Cisco IOS image (for examle, use config-mode commands) Router# configure terminal Router(config)# boot system flash IOS_filename Router(config)# boot system tftp IOS_filename tftp_address Router(config)# boot system rom [Ctrl-Z] Router# copy running-config startup-config Router# configure terminal Router(config)# boot system flash IOS_filename Router(config)# boot system tftp IOS_filename tftp_address Router(config)# boot system rom [Ctrl-Z] Router# copy running-config startup-config Boot system commands not found in NVRAM Get default Cisco IOS software from flash Flash memory empty Get default Cisco IOS software from tftp server Locating the Cisco IOS Software
138
Router>show version Cisco Internetwork Operating System Software Copyright (c) 1986-1998 by cisco Systems, Inc. Compiled Tue 26-May-98 17:50 by dschwart Image text-base: 0x60010900, data-base: 0x60974000 ROM: System Bootstrap, Version 11.1(8)CA1, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) BOOTFLASH: RSP Software (RSP-BOOT-M), Version 11.2(14)P, RELEASE SOFTWARE (fc1) Router uptime is 23 hours, 24 minutes System restarted by reload at 15:44:39 CET-DST Tue Sep 1 1998 --More-- Router>show version Cisco Internetwork Operating System Software Copyright (c) 1986-1998 by cisco Systems, Inc. Compiled Tue 26-May-98 17:50 by dschwart Image text-base: 0x60010900, data-base: 0x60974000 ROM: System Bootstrap, Version 11.1(8)CA1, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1) BOOTFLASH: RSP Software (RSP-BOOT-M), Version 11.2(14)P, RELEASE SOFTWARE (fc1) Router uptime is 23 hours, 24 minutes System restarted by reload at 15:44:39 CET-DST Tue Sep 1 1998 --More-- IOS (tm) RSP Software (RSP-ISV-M), Version 11.2(14)P, RELEASE SOFTWARE (fc1) System image file is "slot0:rsp-isv-mz.112-14.P", booted via slot0 show version Command
139
cisco RSP4 (R5000) processor with 32768K/2072K bytes of memory. R5000 processor, Implementation 35, Revision 2.1 (512KB Level 2 Cache) Last reset from power-on G.703/E1 software, Version 1.0. Channelized E1, Version 1.0. Bridging software. X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. Chassis Interface. 4 VIP2 controllers (2 FastEthernet)(12 E1). 2 FastEthernet/IEEE 802.3 interface(s) 218 Serial network interface(s) 123K bytes of non-volatile configuration memory. 20480K bytes of Flash PCMCIA card at slot 0 (Sector size 128K). 8192K bytes of Flash internal SIMM (Sector size 256K). cisco RSP4 (R5000) processor with 32768K/2072K bytes of memory. R5000 processor, Implementation 35, Revision 2.1 (512KB Level 2 Cache) Last reset from power-on G.703/E1 software, Version 1.0. Channelized E1, Version 1.0. Bridging software. X.25 software, Version 2.0, NET2, BFE and GOSIP compliant. Chassis Interface. 4 VIP2 controllers (2 FastEthernet)(12 E1). 2 FastEthernet/IEEE 802.3 interface(s) 218 Serial network interface(s) 123K bytes of non-volatile configuration memory. 20480K bytes of Flash PCMCIA card at slot 0 (Sector size 128K). 8192K bytes of Flash internal SIMM (Sector size 256K). Configuration register is 0x102 show version Command (cont.)
140
Router# configure terminal Router(config)# config-register 0x10F [Ctrl-Z] Router# configure terminal Router(config)# config-register 0x10F [Ctrl-Z] Configuration register bits 3,2,1, and 0 set boot option Configuration-Register ValueMeaning 0x0Use ROM monitor mode (Manually boot using the b command 0x1Automatically boot from ROM (default if router has no flash) 0x2 to 0xFExamine NVRAM for boot system commands (0x2 default if router has Flash) Configuration-Register ValueMeaning 0x0Use ROM monitor mode (Manually boot using the b command 0x1Automatically boot from ROM (default if router has no flash) 0x2 to 0xFExamine NVRAM for boot system commands (0x2 default if router has Flash) Check configuration register setting with show version Configuration Register Values
141
Router> show flash(dir) -#- ED --type-- --crc--- -seek-- nlen -length- -----date/time------ name 1.. unknown 81E4BFDC 64D114 19 6475924 Jun 11 1998 09:32:10 rsp-isv-mz.112- 14.P 14102252 bytes available (6476052 bytes used) Router> show flash(dir) -#- ED --type-- --crc--- -seek-- nlen -length- -----date/time------ name 1.. unknown 81E4BFDC 64D114 19 6475924 Jun 11 1998 09:32:10 rsp-isv-mz.112- 14.P 14102252 bytes available (6476052 bytes used) Router> show flash bootflash: (show flash device:) -#- ED --type-- --crc--- -seek-- nlen -length- -----date/time------ name 1.. unknown D607A4A1 3FCDD4 20 3919188 Jun 11 1998 10:13:04 rsp-boot-mz. 112-14.P 3682860 bytes available (3919316 bytes used) Router> show flash bootflash: (show flash device:) -#- ED --type-- --crc--- -seek-- nlen -length- -----date/time------ name 1.. unknown D607A4A1 3FCDD4 20 3919188 Jun 11 1998 10:13:04 rsp-boot-mz. 112-14.P 3682860 bytes available (3919316 bytes used) Display the layout and contents of current device Display the layout and contents of the specified device show flash Command
142
Router>show flash devices slot0, slot1, bootflash, slaveslot0, slaveslot1, slavebootflash, slavenvram, nvram, tftp, rcp Router>show flash devices slot0, slot1, bootflash, slaveslot0, slaveslot1, slavebootflash, slavenvram, nvram, tftp, rcp Router> pwd slot0 Router> pwd slot0 List possible devices Display current directory Change directory Router> cd device: Flash devices
143
Flash RAM TFTP Server copy device: tftp Router# copy slot0: tftp Enter source file name: rsp-isv-mz.112-14.P Enter destination file name [rsp-isv-mz.112-14.P]: CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC Address or name of remote host [sun]? 192.168.7.120 ! Router# copy slot0: tftp Enter source file name: rsp-isv-mz.112-14.P Enter destination file name [rsp-isv-mz.112-14.P]: CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC Address or name of remote host [sun]? 192.168.7.120 ! Back up files from flash devices Creating a Software Image Backup
144
Flash RAM TFTP Server copy tftp device: Tozsde_1#copy tftp slot0: Enter source file name: rsp-isv-mz.112-15a.P 14102124 bytes available on device slot0, proceed? [confirm] Address or name of remote host [sun]? Accessing file "rsp-isv-mz.112-15a.P" on sun...FOUND Loading rsp-isv-mz.112-15a.P from 192.168.7.120 (via FastEthernet4/0/0): !!!!!!! !!!!!!!!!!!!!!!!!!!.!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!! [OK - 6480440/9797440 bytes] CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC Tozsde_1#copy tftp slot0: Enter source file name: rsp-isv-mz.112-15a.P 14102124 bytes available on device slot0, proceed? [confirm] Address or name of remote host [sun]? Accessing file "rsp-isv-mz.112-15a.P" on sun...FOUND Loading rsp-isv-mz.112-15a.P from 192.168.7.120 (via FastEthernet4/0/0): !!!!!!! !!!!!!!!!!!!!!!!!!!.!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!! [OK - 6480440/9797440 bytes] CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC Downloading the Image from the Net
145
Summary Create running and startup configuration Configure interface Determine the load location of the Cisco IOS image
146
Access to Other Routers
147
n Media and protocol interaction TCP/IP Novell AppleTalk Others IPX CDP discovers and show Information about directly connected Cisco devices LANs Frame ATM Others Relay TCP/IP Novell AppleTalk Others IPX CDP discovers and show Information about directly connected Cisco devices LANs Frame ATM Others Relay Upper Layer Entry Addresses Cisco Proprietary Data-Link Protocol Media Supporting SNAP Cisco Discovery Protocol (CDP) Overview
148
n Single command summarizes protocols and adresses on target (for example, neighboring Cisco router) IP, IPX Router IP, AppleTalk CDP Router IP, CLNS, DECnet CDP Router IP, CLNS #sho cdp Show CDP Neighbor Entries
149
n Enable CDP on each interface Router A Router B S0 E0 S0 E0 Frame Relay WAN routerA (confi-if)# cdp enable routerA# show cdp interface Serial0 is up, line protocol is up, encapsulation is Frame Relay Sending CDP packets every 60 seconds Holdtime is 180 seconds Ethernet0 is up, line protocol is up, encapsulation is ARPA Sending CDP packets every 60 seconds Holdtime is 180 seconds routerA# show cdp interface Serial0 is up, line protocol is up, encapsulation is Frame Relay Sending CDP packets every 60 seconds Holdtime is 180 seconds Ethernet0 is up, line protocol is up, encapsulation is ARPA Sending CDP packets every 60 seconds Holdtime is 180 seconds CDP Configuration Example
150
routerA#sho cdp neighbors Capabality Codes: R - Router, T - Trans Bridge, B - Source-Route Bridge, S - Switch, H - Host, I - IGMP Device ID Local Intrfce Holdtime Capabality Platform Port ID routerB.cisco.com Eth0151R TAGSEth0 routerB.cisco.com Ser0165R TAGSSer3 routerA#show cdp neighbors detail ------------------------------------------ Device ID: routerB.cisco.com Entry aaddress(es): IP address: 196.92.68.18 CLNS address: 490001.1111.1111.1111.00 Appletalk address: 10.1 Platform: AGS, Capabalities: Router Trans-Bridge Interface: Ethernet0, port ID (outgoing port): Ethernet0 Holdtime: 143 sec routerA#sho cdp neighbors Capabality Codes: R - Router, T - Trans Bridge, B - Source-Route Bridge, S - Switch, H - Host, I - IGMP Device ID Local Intrfce Holdtime Capabality Platform Port ID routerB.cisco.com Eth0151R TAGSEth0 routerB.cisco.com Ser0165R TAGSSer3 routerA#show cdp neighbors detail ------------------------------------------ Device ID: routerB.cisco.com Entry aaddress(es): IP address: 196.92.68.18 CLNS address: 490001.1111.1111.1111.00 Appletalk address: 10.1 Platform: AGS, Capabalities: Router Trans-Bridge Interface: Ethernet0, port ID (outgoing port): Ethernet0 Holdtime: 143 sec Showing CDP Neighbors
151
routerA#sho cdp entry routerB --------------------------------- Device ID: routerB Entry address(es): IP address: 198.92.68.18 CLNS address: 490001.1111.1111.1111.00 APPLETALK ADDRESS: 10.1 Platform: AGS, Capabalities: Router Trans-Bridge Interface: Ethernet0, Port ID (outgouing port): Ethernet0 Holdtime: 155 sec Version: IOS ™ GS Software (GS3), 11.2(13337) [asastry] Copyright © 1986-1996 by cisco System, Inc. complied Tue 14-May-96 1:04 routerA#sho cdp entry routerB --------------------------------- Device ID: routerB Entry address(es): IP address: 198.92.68.18 CLNS address: 490001.1111.1111.1111.00 APPLETALK ADDRESS: 10.1 Platform: AGS, Capabalities: Router Trans-Bridge Interface: Ethernet0, Port ID (outgouing port): Ethernet0 Holdtime: 155 sec Version: IOS ™ GS Software (GS3), 11.2(13337) [asastry] Copyright © 1986-1996 by cisco System, Inc. complied Tue 14-May-96 1:04 Showing CDP Entries for a Device
152
TCP/IP Overview
153
Objectives Upon completion of this chapter, you will be able to perform the following tasks: Describe how the TCP/IP implementation relates to the OSI reference Model Identify the functions of the TCP/IP transport-layer protocols Identify the functions of the TCP/IP network-layer protocols Identify the functions performed by ICMP
154
TCP/IP Protocol Stack Application Presentation Session Transport Network Data Link Physical 76543217654321 Application Transport Internet Network Interface OSI Reference ModelTCP/IP Conceptual Layers Ethernet, 802.3, 802.5, FDDI, and so on
155
Application Layer Overview *Used by the router Application Transport Internet Network Interface Hardware File Transfer TFTP* FTP NFS E-mail SMTP Remote Login Telnet* rLogin Network Management SNMP* Name Management DNS*
156
Transport Layer
157
Transport Layer Overview *Used by the router Application Transport Internet Network Interface Hardware Transmission Control Protocol (TCP) User Datagram Protocol (UDP)
158
TCP Segment Format Source Port Dest. Port Sequence Number Acknowledgment Number HLENReservedCode Bits #Bits 16163232466 WindowCheck- sum Urgent Pointer Option Data... 1616160 or 32
159
Port Numbers 161 FTPFTP TELNETTELNET SMTPSMTP DNSDNS TFTPTFTP SNMPSNMP TCPUDP 2123255369 Port Numbers Application Layer Transport Layer
160
TCP Port Numbers Source Port Dest. Port... Dest.port = 23 Send packet to my Telnet application. 1028……...23 SPDP Host AHost Z Telnet Z
161
TCP Handshake/Open Connection Host AHost Z Receive SYN (seq = y, ack = x+1) Send SYN (seq = x) Send ACK (ack = y+1) Receive SYN (seq = x) Send SYN (seq = y, ack = x+1) Receive ACK (ack = y+1)
162
TCP Simple Acknowledgement Sender Send ACK 2 Window size = 1 Receiver Send 1 Send 2 Send 3 Receive 3 Receive 1 Receive 2 Send ACK 3 Send ACK 4 Receive ACK 2 Receive ACK 3 Receive ACK 4
163
TCP Sliding Window Sender Send ACK 7 Window size = 3 Receiver Send 1 Send 2 Send 3 Receive 3 Receive 1 Receive 2 Send ACK 4 Receive ACK 4 Send 4 Send 5 Send 6 Receive ACK 7 Receive 4 Receive 5 Receive 6
164
UDP Segment Format n No sequence or acknowledgement fields Source Port Destination Port Length Data …. #Bits 16161616 Checksum
165
Network Layer
166
Internet Layer Overview n OSI network layer corresponds to the TCP/IP Internet layer Application Transport Internet Network Interface Hardware Internet Protocol (IP) Internet Control Message Protocol (ICMP) Address Resolution Protocol (ARP) Reserve Address resolution Protocol (RARP)
167
IP Diagram VERSHLENType of service Total Length IdentificationFlags Frag Offset #Bits 4 481616 313 8 Protocol Header Checksum Destination IP Address IP Option Data... 8 16 32 32var TTL Source IP Address
168
Protocol Field n Determines destination upper-layer protocol TCPUDP IP 176 Transport Layer Internet Layer Protocol Numbers
169
Internet Control Message Protocol (ICMP) Application Transport Internet Network Interface Hardware Destination Unreachable Echo (Ping) Other ICMP
170
ICMP Testing n Destination unreachable –Host or port unreachable –Network unreachable I do not know how to get to Z! Send ICMP Send data to Z Host A To Z Destination unreachable Data Network
171
ICMP Testing (cont.) n Generated by the ping command Is B reachable ? Host A ICMP Echo Reply Yes, I am here. Host B ICMP Echo Request
172
Address Resolution Protocol (ARP) n Map IP Ethernet n Local ARP I need the Ethernet address of 172.16.3.2 172.16.3.1 IP: 12.16.3.2 = Ethernet: 0800.0020.1111 I heard that broadcast, that is me. Here is my Ethernet address. Host B IP: 172.16.3.2 = ???
173
Reserve ARP (RARP) n Map Ethernet IP n ARP and RARP are implemented directly on top of the data link layer What is my IP address? Ethernet: 0800.0020.1111 IP: 12.16.3.25 I heard that broadcast. IP address is 172.16.3.25 Ethernet: 0800.0020.1111 IP = ???
174
Summary The TCP/IP protocol stack has the following components: Protocols to support file transfer, e-mail, remote login, and other applications Reliable and “unreliable” transports Connectionless datagram delivery at the network layer ICMP provides control and message functions at the network layer
175
IP Address Configuration
176
Objectives Upon completion of this chapter, you will be able to perform the following tasks: Describe the different classes of IP addresses Configure IP addresses Verify IP addresses
177
TCP/IP Address Overview
178
IP Addressing Network Host 32 Bits 8 Bits 172. 16. 122. 204
179
n Class A: n Class B: n Class C: n Class D: for multicast n Class E: for research N= Network number assigned by NIC H= Host number assigned by network administrator IP Address Classes NHHH NNHH NNNH
180
Recognizing Classes in IP Addresses (First Octet Rule) High Order Bits Octet in Decimal Address Class 0 10 110 1 - 126 128 - 191 192 - 223 ABCABC
181
Configuring IP Addresses
182
Host Addresses 172.16.200.1 172.16.3.10 172.16.12.12 10.1.1.1 10.250.8.11 10.180.30.118 IP:172.16.2.1IP:10.6.24.2 172.16 Network 12. 12 Host. Routing Table Network Interface 172.16.0.0 E0 10.0.0.0 E1 E0E1
183
Subnetting Addressing 172.16.2.200 172.16.2.2 172.16.2.160 172.16.3.5 172.16.3.100 172.16.3.150 IP:172.16.2.1IP:172.16.3.1 172.16 Network 2 Subnet. New Routing Table Network Interface 172.16.2.0 E0 172.16.3.0 E1 E0E1. 160 Host
184
Subnet Mask IP Adresses Default Subnet Mask 8-bit Subnet Mask 1721600 255 00 0 NetworkHost NetworkHost NetworkHostSubnet Use host bits, starting at the high order bit position
185
Broadcast Address 172.16.3.0 172.16.1.0 172.16.3.255 (Directed broadcast) 172.16.2.0 255.255.255.255 (Local Network broadcast)
186
n Assigns an address and subnet mask n Start IP processing on an interface ip address ip-address subnet-mask term ip netmask-format n Sets format of network mask as seen in show commands Router (config) # Router (config-if) # IP Address Configuration
187
n Define statics host name to IP address mapping ip host name [tcp-port-number] address [address]... ip host tokyo 1.0.0.5 2.0.0.8 ip host tokyo 1.0.0.4 ip host tokyo 1.0.0.5 2.0.0.8 ip host tokyo 1.0.0.4 n Hosts/interfaces selectable by name or IP address Router (config) # IP Host Names
188
n Specifies one or more hosts that supply host name information ip name-server server-address1 [[server-address2]... [server-address6] Router (config) # Name Server Configuration
189
n DNS enables by default n Turns off the name service ip domain-lookup Router (config) # no ip domain-lookup Name System
190
n Test IP network connectivity Router> ping 172.16.101.1 Type escape sequence to abort timeout is 2 second Success rate is 80 percent, round-trip min/avg/max = 6/6/6 ms Router> Router> ping 172.16.101.1 Type escape sequence to abort timeout is 2 second Success rate is 80 percent, round-trip min/avg/max = 6/6/6 ms Router> Sending 5, 100-byte ICMP Echos to 172.16.101.1,. ! ! ! ! Simple Ping
191
n Ping supported for several protocols Router# ping Repeat count [5]: Datagram size [100]: Timeout in second [2]: Extended commands [n] : z Source address: Type of service [0]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of siyes [n]: Tzpe escape sequence to abort. Sending 5, 100/bzte ICMP Echos to 192.168.101.162, timeout is 2 second: ! ! ! ! ! Success rate is 100 percent (5/5), round-trip min/avg/max = 24/26/28 ms Router# Router# ping Repeat count [5]: Datagram size [100]: Timeout in second [2]: Extended commands [n] : z Source address: Type of service [0]: Data pattern [0xABCD]: Loose, Strict, Record, Timestamp, Verbose[none]: Sweep range of siyes [n]: Tzpe escape sequence to abort. Sending 5, 100/bzte ICMP Echos to 192.168.101.162, timeout is 2 second: ! ! ! ! ! Success rate is 100 percent (5/5), round-trip min/avg/max = 24/26/28 ms Router# Protocol [ip]: Target IP address: 192.168.101.162 Set DF bit in IP header? [no] : yes Extended Ping
192
n Shows interface addresses used to reach the destination Router# trace aba.nyc.mil Type escape sequence to abort. 1 debris.cisco.com (172.16.1.6) 1000 msec 8 msec 4 msec 2 barrnet-gw.cisco.com (172.16.16.2) 8 msec 8 msec 8 msec 3 externa-a-gateway.stanford.edu (192.42.110.225) 8 msec 4 msec 4 msec 4 bb2.su.barrnet.net (131.119.254.6) 8msec 8 msec 8 msec 5 su.arc.barrnet.net (131.119.3.8) 12 msec 12 msec 8 msec 6 moffett-fld-mb.in.mil (192.52.195.1) 216 msec 120 msec 132 msec Router# trace aba.nyc.mil Type escape sequence to abort. 1 debris.cisco.com (172.16.1.6) 1000 msec 8 msec 4 msec 2 barrnet-gw.cisco.com (172.16.16.2) 8 msec 8 msec 8 msec 3 externa-a-gateway.stanford.edu (192.42.110.225) 8 msec 4 msec 4 msec 4 bb2.su.barrnet.net (131.119.254.6) 8msec 8 msec 8 msec 5 su.arc.barrnet.net (131.119.3.8) 12 msec 12 msec 8 msec 6 moffett-fld-mb.in.mil (192.52.195.1) 216 msec 120 msec 132 msec 7 aba.nyc.mil (26.0.0.73) 412 msec * 664 msec Tracing the route to aba.nyc.mil (26.0.0.73) IP Trace
193
Summary IP addresses are specified in 32-bit dotted decimal format Router interface can be configured with an IP address ping and trace commands can be used to verify IP address configuration
194
Introduction to Serial Connections
195
Objectives Upon completion of this chapter, you will be able to: Describe and distinguish the types and attributes of serial communication on WANs Describe how WAN communication works Identify Point-to-Point Protocol operations to encapsulate WAN data on Cisco routers Identify dial-on-demand routing processes as a signaling trigger for WAN data calls on Cisco routers
196
Wide-Area Network Service
197
An Overview of Wide-Area Services The router uses a WAN central office Time-Division Multiplexed Circuits (56/64K or T1/E1) Call Setup (SS7 or other X.25/Frame Relay Networks Basic Telephone Service
198
Interfacing WAN Service Provides n Provider assigns connection parameters to subscriber Point-to-Point or circuit-switched connection S SS S S S S WAN Service Provider Toll Network Trunks and Switches CO Switch Local Loop Demarcation Customer Premises Equipment
199
Subscriber to Provider Interface n DTE/DCE - The point where responsibility passes Data Terminal Equipment End of the user’s device on the WAN link Data Circuit-Terminating Equipment End of the WAN provider’s side of the communication facility DTE DCE Modem CSU/DSU TA/NT1 S S S S S S
200
Using WAN Services with Routers SDLC X.25/LAPB Frame Relay ISDN/LAPB HDLC PPP DDR
201
WAN Frame Format Summary n Formats assume framing on dedicated WAN facilities Code IdentifierLengthData FlagAddressControlProtocolLCPFCSFlag FlagAddressControlProprietaryDataFCSFlag FlagAddressControlDataFCSFlag Link Control Protocol (LCP) PPP Cisco HDLC SDLC and LAPB
202
Point-to-Point Protocol
203
An Overview of PPP n PPP can carry packets from several protocol suites using Network Control Programs (NCPs) n PPP controls the setup of several link options using LCP TCP/IP NOVELL IPX AppleTalk Multiple protocol encapsulations using NCPs in PPP Link setup and control using LCP in PPP PPP Encapsulation
204
Layering PPP Elements n PPP - A data link with network-layer services IPCPIPXCPMany Others Network Control Programs Authentication, other options Link Control Protocol Synchronous or Asynchronous Physical Media IPCPIPXCPMany Others Network Control Programs Authentication, other options Link Control Protocol Synchronous or Asynchronous Physical Media IPIPXLayer 3Protocols Network Layer Data Link Layer Physical Layer
205
PPP LCP Configuration Options FeatureHow It OperatesProtocol AuthenticationRequire a passwordPAP Perform Challenge HandshakeCHAP Compress data at source;Stacker or Compressionreproduce data atPredictor destination ErrorMonitor data dropped on linkQuality DetectionAvoid frame loopingMagic Number MultilinkLoad balancing acrossMultilink multiple linksProtocol (MP) AuthenticationRequire a passwordPAP Perform Challenge HandshakeCHAP Compress data at source;Stacker or Compressionreproduce data atPredictor destination ErrorMonitor data dropped on linkQuality DetectionAvoid frame loopingMagic Number MultilinkLoad balancing acrossMultilink multiple linksProtocol (MP)
206
Configuring PPP Router (config-if) # Encapsulation ppp n Defines encapsulation type as PPP ppp authentication pap n Sets password checking for incoming calls ppp authentication chap n Forces incoming calls to answer password challenges Router (config) # Username name password secret-pwd n Sets host name and password for call verification Router (config-if) #
207
Monitoring PPP dtp -19# show interface b0 b 1 BRI0: B-Channel 1 is up, line protocol is up Hardware is BRI MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec, rely 255/255, load1/255 Encapsulation PPP, loopback not set, keepalive not set lcp =OPENmultilink=OPEN ipcp=OPEN Last input 0:05:51, output 0:05:52, output hang never Last clearing of “show interface” counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Output queue: 0/64/0 (size/threshold/drops) Conversation 0/1 (active/max aactive) Reserved Conversations 0/0 (allocated/max allocated) 5 minutes input rate 0 bits/set, 0 packet/sec 5 minutes output rate 0 bits/sec, 0 packets/sec 15 packet input, 804 bytes, 0 no buffer Received 0 broadcast, 0 runts, 0 giants 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 14 packet output, 806 bytes, 0 underruns 0 output errors, 0 collisions, 19 interface resets, 0 restarts 0 output buffer failures, 0 output buffers swapped out 1 carrier transitions dtp -19# show interface b0 b 1 BRI0: B-Channel 1 is up, line protocol is up Hardware is BRI MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec, rely 255/255, load1/255 Encapsulation PPP, loopback not set, keepalive not set lcp =OPENmultilink=OPEN ipcp=OPEN Last input 0:05:51, output 0:05:52, output hang never Last clearing of “show interface” counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Output queue: 0/64/0 (size/threshold/drops) Conversation 0/1 (active/max aactive) Reserved Conversations 0/0 (allocated/max allocated) 5 minutes input rate 0 bits/set, 0 packet/sec 5 minutes output rate 0 bits/sec, 0 packets/sec 15 packet input, 804 bytes, 0 no buffer Received 0 broadcast, 0 runts, 0 giants 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 14 packet output, 806 bytes, 0 underruns 0 output errors, 0 collisions, 19 interface resets, 0 restarts 0 output buffer failures, 0 output buffers swapped out 1 carrier transitions
208
IP Routing Configuration
209
Objectives Upon completion of this chapter, you will be able to perform the following tasks: Perform the initial configuration of your router and enable IP Add the RIP routing protocol to your configuration Add the EIGRP routing to your configuration
210
Static routes Default routes Dynamic routing Static routes Default routes Dynamic routing IP Routing Learns Destinations
211
n Define a path to an IP destination network or subnet ip route network [mask] {address | interface } [distance] Router (config) # Static Route Configuration
212
Cisco B Cisco A S1 S0 S2 S0 E0 172.16.2.1 172.16.2.2 ip route 172.16.1.0 255.255.255.0 172.16.2.1 Static Route Configuration
213
n Define a default route Router (config) # ip default-network network-number Default Route Configuration
214
Network 172.16.0.0 Subnet Mask 255.255.255.0 Company X Public Network 192.168.17.0 router rip network 172.16.0.0 network 192.168.17.0 ip default-network 192.168.17.0 router rip network 172.16.0.0 network 192.168.17.0 ip default-network 192.168.17.0 Cisco A Default Route Example
215
n RIP n IGRP Interior Routing Protocols: Exterior Routing Protocols Autonomous System 100 Autonomous System 200 Interior or Exterior Routing Protocols
216
Router (config)# router ? bgpBorder Gateway Protocol (BGP) egpExterior Gateway Protocol (EGP) eigrpEnhanced Interior Gateway Routing Protocol (EIGRP) igrp Interior Gateway Routing Protocol (IGRP) sisisISO-IS IS iso-igrpIGRP for OSI network mobileMobile router odrOn Demand stub Router ospfOpen Shorted Path First (OSPF) ripRouting Information Protocol (RIP) staticStatic routes Router (config) # router rip Router configuration commands: default-informationcontrol distribution of default information default-metricSet metric of redistrative router distanceDefine an administrative distance distance-listFilter network in routing updates exitExit from routing protocol configuration mode --- More --- Router (config)# router ? bgpBorder Gateway Protocol (BGP) egpExterior Gateway Protocol (EGP) eigrpEnhanced Interior Gateway Routing Protocol (EIGRP) igrp Interior Gateway Routing Protocol (IGRP) sisisISO-IS IS iso-igrpIGRP for OSI network mobileMobile router odrOn Demand stub Router ospfOpen Shorted Path First (OSPF) ripRouting Information Protocol (RIP) staticStatic routes Router (config) # router rip Router configuration commands: default-informationcontrol distribution of default information default-metricSet metric of redistrative router distanceDefine an administrative distance distance-listFilter network in routing updates exitExit from routing protocol configuration mode --- More --- Router (config-router) # ? IP Routing Protocol Mode
217
Application Transport Internet Network Interface Hardware Routing Information Protocols (RIP) Interior Gateway Routing Protocols (IGRP) Open Shorted Path First Protocols (OSPF) Enhanced IGRP (EIGRP) Interior IP Routing Protocols
218
n Global configuration –Select routing protocol(s) –Specify network(s) n Interface configuration –Verify address/subnet mask Network 172.30.0.0 Network 172.16.0.0 IGRP RIP IGRP, RIP Network 160.89.0.0 IP Routing Configuration Tasks
219
n Defines an IP routing protocol Router (config) # router protocol [keyword] Router (config-router) # Network network-number n The network subcommand is a mandatory configuration command for each IP routing process Dynamic Routing Configuration
220
Routing Information Protocol
221
n Hop count metric selects the path 19.2 kbps T1 RIP Overview
222
Starts the RIP routing process Router (config) # router rip Router (config-router) # network network-number Selects participating attached networks RIP Configuration
223
Cisco E Cisco A Cisco B Cisco C Cisco D T0 S0 S1 S2 Token Ring 1.4.0.0 1.1.0.0 1.2.0.0 3.3.0.0 2.3.0.0 2.2.0.0 2.7.0.0 2.6.0.0 2.5.0.0 2.1.0.0 2.4.0.0 Cisco A router rip network 1.0.0.0 network 2.0.0.0 router rip network 1.0.0.0 network 2.0.0.0 RIP Configuration Example
224
Router> show ip protocol Routing Protocol is „rip” Invalid after 180 seconds, hold down 180, flushed after 240 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Redistributing : rip Routing Information Sources: GatewayDistanceLast Update 183.8.128.121200:00:14 183.8.64.1301200:00:19 183.8.128.1301200:00:03 Router> show ip protocol Routing Protocol is „rip” Invalid after 180 seconds, hold down 180, flushed after 240 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Redistributing : rip Routing Information Sources: GatewayDistanceLast Update 183.8.128.121200:00:14 183.8.64.1301200:00:19 183.8.128.1301200:00:03 Routing for Network: 183.8.0.0. 144.253.0.0 Sending update every 30 seconds, next due in 13 seconds Distance: (default is 120) Monitoring IP
225
Router> show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP, D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area, E1 - OSPF external type1, E2 - OSPF external type 2, E - EGP, I - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default Gateway of last resort is not set 144.253.0.0 is subnetted (mask is 255.255.255.0), 1 subnets C 144.253.100.0 is directly connected, Ethernet0 R 153.50.0.0 [120/1] via 183.8.128.12, 00:00:09, Ethernet0 183.8.0.0. Is subnetted (mask is 255.255.255.128), 4 subnets R 183.8.0.128 [120/1] via 183.8.128.130, 00:00:17, Serial0 [120/1] via 183.8.64.130, 00:00:17, Serial1 C183.8.128.0 is directly connected, Ethernet0 C183.8.64.128 is directly connected, Serial1 C 183.8.128.128 is directly connected, Serial0 R 192.3.63.0 Router> show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP, D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area, E1 - OSPF external type1, E2 - OSPF external type 2, E - EGP, I - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default Gateway of last resort is not set 144.253.0.0 is subnetted (mask is 255.255.255.0), 1 subnets C 144.253.100.0 is directly connected, Ethernet0 R 153.50.0.0 [120/1] via 183.8.128.12, 00:00:09, Ethernet0 183.8.0.0. Is subnetted (mask is 255.255.255.128), 4 subnets R 183.8.0.128 [120/1] via 183.8.128.130, 00:00:17, Serial0 [120/1] via 183.8.64.130, 00:00:17, Serial1 C183.8.128.0 is directly connected, Ethernet0 C183.8.64.128 is directly connected, Serial1 C 183.8.128.128 is directly connected, Serial0 R 192.3.63.0 Displaying the IP Routing Table
226
Internet Gateway Routing Protocol
227
IGRP OverviewC n Composite metric selectss the path n Speed is the primary consideration 19.2 kbps T1
228
IGRP Configuration Defines IGRP as an IP routing process Router (config) # router igrp autonomous-system Router (config-router) # network network-number Selects participating attached networks
229
IGRP Configuration Example Cisco E Cisco A Cisco B Cisco C Cisco D T0 S0 S1 S2 Token Ring 1.4.0.0 1.1.0.0 1.2.0.0 3.3.0.0 2.3.0.0 2.2.0.0 2.7.0.0 2.6.0.0 2.5.0.0 2.1.0.0 2.4.0.0 Cisco A router igrp 109 network 1.0.0.0 network 2.0.0.0 router igrp 109 network 1.0.0.0 network 2.0.0.0
230
show ip protocol Command Router> show ip protocol Routing Protocol is „igrp 300” Invalid after 270 seconds, hold down 280, flushed after 630 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Default netwworks flagged in outgoing updates Default networks accepted from incoming updates IGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0 IGRP maximum hopcount 100 IGRP maximum metric variance 1 Redistributing : igrp 300 Routing Information Sources: Gateway DistanceLast Update 183.8.128.121200:00:14 183.8.64.1301200:00:19 183.8.128.1301200:00:03 --More-- Router> show ip protocol Routing Protocol is „igrp 300” Invalid after 270 seconds, hold down 280, flushed after 630 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Default netwworks flagged in outgoing updates Default networks accepted from incoming updates IGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0 IGRP maximum hopcount 100 IGRP maximum metric variance 1 Redistributing : igrp 300 Routing Information Sources: Gateway DistanceLast Update 183.8.128.121200:00:14 183.8.64.1301200:00:19 183.8.128.1301200:00:03 --More-- Routing for Network: 183.8.0.0. 144.253.0.0 Sending update every 30 seconds, next due in 55 seconds Distance: (default is 120)
231
Summary Routers can be configured to use one or more IP routing protocols Two IP routing protocols are: RIP IGRP
232
Basic Traffic Management with Access Lists
233
Objectives Upon completion of this chapter, you will be able to perform the following tasks: Describe the use, value, and processes of access lists Configure standard and extended access lists to filter IP traffic Monitor and verify selected access list operations on the router IPX and AppleTalk access lists later
234
Access Lists Overview
235
n Deny traffic you do not want based on packet tests (for example, addressing or traffic type) n Specify packet traffic for dialing remote sites using dial-on-demand routing (DDR) Internet 172.16.0.0 172.17.0.0 Why use Access Lists?
236
n Standard –Simpler address specifications –Generally permits or denies entire protocol suite Access List Processes Protocol Source and Destination Permit ? S0 E0 Optional Dialer Incoming Packet Outgoing Packet n Extended –More complex address specification –Generally permits or denies specific protocols What Are Access Lists?
237
Choose Interface Route/ bridge ? Table Entry ? Access List? Permit ? Notify Sender Unwanted Packet Packet Discard Bucket Packet Inbound Interfaces Outbound Interfaces Packet Y Y Y Y N N N N Firewall Test Access List Statements How Access Lists Work
238
Permit Deny Match Last Test? Match First Test? Match Next Test? Packet Discard Bucket Destination Interface(s) Packet to Interface(s) in the Access Group Y Y Y Y Y Y N N N Implicit Deny A List of Tests: Deny or Permit
239
n Access lists are numbered (for IP, numbered or named) Step 1: Set parameters for this access list test statement (which can be one of several statements) Router (config) # access-list access-list-number {permit|deny}{test conditions} Step 2: Enable an interface to become part of the group that uses the specified access list Router (config-if) # {protcol} access-group access-list-number {in|out} Access List Command Overview
240
n Number identifies the protocol and type n Other number ranges for most protocols Access List TypeNumber Range/Identifier IPStandard1-99 Extended100-199 Named ( Cisco IOS 11.2 and later) IPXStandard800-899 SAP filters1000-1099 AppleTalk600-699 Access List TypeNumber Range/Identifier IPStandard1-99 Extended100-199 Named ( Cisco IOS 11.2 and later) IPXStandard800-899 SAP filters1000-1099 AppleTalk600-699 How to identify Access Lists
241
TCP/IP Access Lists
242
Limit traffic and restrict network use Enable directed forwarding of broadcasts FTP Broadcast Managing IP Traffic Overview
243
n Access lists control packet movement through a network Transmission of packets on an interface Virtual terminal line access ( IP) Access List Application
244
n Access lists are multipurpose Route filtering Routing table Dial-on-demand routingQueue List Priority and custom queuing Other Access List Uses
245
n Standard lists (1 to 99) test conditions of all IP packets from source addresses n Extended lists (100 to 199) can test conditions of –Source and destination addresses –Specific TCP/IP-suite protocols –Destination n Wildcard bits indicate how to check the corresponding address bits (0=check, 1=ignore) Key Concepts for IP Access Lists
246
n 0 means check corresponding bit value n 1 means ignore value of corresponding bit 128 64 32 16 8 4 2 1 0 0 0 0 0 0 0 0 = 0 0 1 1 1 1 1 1 = 0 0 0 0 1 1 1 1 = 0 0 0 0 0 0 1 1 = 1 1 1 1 1 1 1 1 = Octet bit position and address value for bit Check all address bits (match all) Ignore last 6 address bits Ignore last 4 address bits Ignore last 2 address bits Do not check address (ignore bits in octet) Examples How to Use Wildcard Mask Bits
247
n Address and wildcard mask: 172.30.16.0 0.0.15.255 IP access list test conditions: Check for IP subnets 172.30.16.0 to 172.30.31.0 network.host 172.30.16.00 0 0 0 1 0 0 0 0 Wildcard mask to match bits: 0000 1111 check ignore How to Use Wildcard Mask Bits (cont.)
248
n Accept any address: 0.0.0.0 255.255.255.255; abbreviate the expression using the keyword any Test conditions: Ignore all the address bits (match any) Any IP address 0. 0. 0. 0 Wildcard mask: 255.255.255.255 (ignore all) How to Use the Wildcard any
249
n Abbreviate the wildcard using the IP address followed by the keyword host. For example, 172.30.16.29 host n Example 172.30.16.29 0.0.0.0 checks all the address bits Test conditions: Check all the address bits (match all) An IP host address, for example: 172.30.16.29 Wildcard mask: 0.0.0.0 (check all bits) How to Use the Wildcard host
250
Sets parameters for this list entry IP standard access lists use 1 to 99 Router (config) # access-list access-list-number { permit | deny } source [source-mask] Router (config) # ip access-group access-list-number { in | out } Activates the list on an interface IP Standard Access List Configuration
251
For Standard IP Access Lists Incoming packetAccess list? Next entry in list Does source address match? Apply condition More entries? Route to interface DenyPermit No Yes ICMP MessageForward Packet Inbound Access List Processing
252
For Standard IP Access Lists Incoming packet Access list? Next entry in list Does source address match? Apply condition More entries? DenyPermit No Yes ICMP MessageForward Packet Route to interface Outbound Access List Processing
253
n Permit my network only E0E1 S0 172.16.4.13 172.16.3.0Non- 172.16.0.0 172.16.4.0 access-list 1 permit 172.16.0.0 0.0.255.255 (implicit deny all - not visible in the list) (access-list 1 deny 0.0.0.0 255.255.255.255) interface ethernet 0 ip accress-group 1 out interface ethernet 1 ip access-group 1 out access-list 1 permit 172.16.0.0 0.0.255.255 (implicit deny all - not visible in the list) (access-list 1 deny 0.0.0.0 255.255.255.255) interface ethernet 0 ip accress-group 1 out interface ethernet 1 ip access-group 1 out Standard Access List Example
254
n Allow more precise filtering conditions –check source and destination IP address –Specify an optional IP protocol port number –Use access list number range 100 to 199 Extended IP Access Lists
255
Activates the extended list on an interface Sets parameters for this list entry IP uses a list number in range 100 to 199 Router (config) # access-list access-list-number { permit | deny } protocol source source-mask destination destination-mask [operator operand] [established] ip access-group access-list-number { in | out } Extended Access List Configuration
256
n Filters based on icmp messages Router (config) # access-list access-list-number { permit | deny } {source source-wildcard |any} {destination destination-wildcard | any } [icmp-type [ icmp-code] | icmp-message ] icmp ICMP Command Syntax
257
n Filters based on tcp/tcp port number or name access-list access-list-number { permit | deny } [ operator source-port| source-port] {destination destination-wildcard | any } Router (config) # [operator destination-port | destination-port ] [established] {source source-wildcard |any} tcp TCP Syntax
258
n Filters based on udp protocol or udp port number or name access-list access-list-number { permit | deny } {source source-wildcard |any} [ operator source-port| source-port ] {destination destination-wildcard | any } Router (config) # udp [operator destination-port | destination-port ] UDP Syntax
259
Access list? Source address Destination address Protocol? * Protocol options ? Apply condition DenyPermit Next entry in list ICMP Message Match Yes Forward Packet Does not match No * If present in access list packet Extended Access List Processing
260
n Deny FTP for E0 E0E1 S0 172.16.4.13 172.16.3.0Non- 172.16.0.0 172.16.4.0 access-list 101 deny tcp 172.16.4.0 0.0.0.255. 172.16.3.0 0.0.0.255 eq 21 access-list 101 deny tcp 172.16.4.0 0.0.0.255 172.16.3.0 0.0.0.255 eq 20 access-list 101 permit ip 172.16.4.0 0.0.0.255 0.0.0.0 255.255.255.255 (implicit deny all) (access-list 101 deny ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255) interface ethernet0 ip address-group 101 out access-list 101 deny tcp 172.16.4.0 0.0.0.255. 172.16.3.0 0.0.0.255 eq 21 access-list 101 deny tcp 172.16.4.0 0.0.0.255 172.16.3.0 0.0.0.255 eq 20 access-list 101 permit ip 172.16.4.0 0.0.0.255 0.0.0.0 255.255.255.255 (implicit deny all) (access-list 101 deny ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255) interface ethernet0 ip address-group 101 out Extended Access List Example
261
Router# show ip interface Ethernet 0 is up, line protocol is up Internet address is 192.54.222.2, subnet mask is 255.255.255.0 Broadcast address is 255.255.255.255 Address determined by non-volatile memory MTU is 1500 byte Helper address is 192.52.71.4 Secondary address 131.182.115.2, subnet mask 255.255.255.0 Proxy ARP is enabled Security level is default Slit horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent Ip fast switching is enabled Gateway Discovery is disabled IP accounting is disabled TCP/IP header compression is disabled Probe proxy name replies are disabled Router # Router# show ip interface Ethernet 0 is up, line protocol is up Internet address is 192.54.222.2, subnet mask is 255.255.255.0 Broadcast address is 255.255.255.255 Address determined by non-volatile memory MTU is 1500 byte Helper address is 192.52.71.4 Secondary address 131.182.115.2, subnet mask 255.255.255.0 Proxy ARP is enabled Security level is default Slit horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent Ip fast switching is enabled Gateway Discovery is disabled IP accounting is disabled TCP/IP header compression is disabled Probe proxy name replies are disabled Router # Outgoing access list 10 is set Inbound access list is not set Monitoring Access Lists
262
Display access lists from all protocols Router # show access-lists Display a specific IP access lists Router # show ip access-lists [access-list-number] Clear packet counts Router # clear access-lists counters [ access-list-number] Display line configuration Router # show line Access List show Command
263
Router> show access-lists Standard IP access list 19 permit 172.16.19.0 Standard Ip access list 49 permit 172.16.31.0 wildcard bits 0.0.0.255 permit 172.16.194.0 wildcard bits 0.0.0.255 permit 172.16.195.0 wildcard bits 0.0.0.255 permit 172.16.196.0 wildcard bits 0.0.0.255 permit 172.16.197.0 wildcard bits 0.0.0.255 Extended IP access list 101 permit tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 23 Type code access list 201 permit 0x6001 0x0000 Type code access list 202 permit 0x6004 0x0000 deny 0x0000 0xFFFF Router> Router> show access-lists Standard IP access list 19 permit 172.16.19.0 Standard Ip access list 49 permit 172.16.31.0 wildcard bits 0.0.0.255 permit 172.16.194.0 wildcard bits 0.0.0.255 permit 172.16.195.0 wildcard bits 0.0.0.255 permit 172.16.196.0 wildcard bits 0.0.0.255 permit 172.16.197.0 wildcard bits 0.0.0.255 Extended IP access list 101 permit tcp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 eq 23 Type code access list 201 permit 0x6001 0x0000 Type code access list 202 permit 0x6004 0x0000 deny 0x0000 0xFFFF Router> deny 0.0.0.0, wildcard bits 255.255.255.255 Monitoring Access List Statements
264
Restricting Virtual Terminal Access
265
Standard and extended access lists will not block access from the router n For security, virtual terminal (vty) access can be blocked to or from the router Router# Virtual Terminal Access Overview
266
n Five virtual terminal lines (0-4) n Set identical restrictions on all the virtual terminal lines Router# 0 123 4 Virtual port (vty 0 4) Physical port (E0) How to Control vty Access
267
n Restricts incoming and outgoing connections between a particular virtual terminal line into a device (and the addresses in an access list) Router (config) # Line { vty number | vty-range} Enters configuration mode for a terminal line or a range of lines Router (config/line) # access-class access-list-number { in | out } Virtual Terminal Line Commands
268
Virtual Terminal Access Example n Permits only hosts in netwrok 192.89.55.0 to connect to the virtual terminal ports on the router Controlling Inbound Access Access-list 12 permit 192.89.55.0 0.0.0.255 ! Line vty 0 4 access-class 12 in Access-list 12 permit 192.89.55.0 0.0.0.255 ! Line vty 0 4 access-class 12 in
269
Using an Alternative to Access Lists
270
Null Interface n Route to nowhere saves valuable CPU cycles access-list ip permit 1.0.0.0 … access-list ip deny 2.0.0.0 … access-list ip permit 3.0.0.0 … access-list ip deny 4.0.0.0 … access-list ip permit 5.0.0.0 … Packet arrives Access list Null 0 Routing table S0 E0 T0 S1
271
Null Interface Command Router (config) # ip route address mask null 0 Create a static route to filter unwanted traffic Interface name is always null 0
272
Null Interface Example Ip route 201.222.5.0 255.255.255.0 null 0 131.108.5.0 131.108.1.0 131.108.4.0 131.108.6.1131.108.6.2 131.108.7.0 201.222.5.0 Eliminates traffic for 201.222.5.0 from WAN
273
Using Helper Addresses
274
Helper Addressing Overview n Routers do not forward broadcast, by default n Helper address provide selective connectivity Diskless Workstation Boot Server
275
Why Use a Helper Address? n Sometimes clients do not know the server address n Helpers change broadcast to unicast to reach server Diskless Workstation Boot Server Broadcast Looking for boot server
276
IP Helper Address Commands Router (config-if) # ip helper-address address Enables forwarding and specifies destination address for main UDP broadcast packet Changes destination address from broadcast to unicast or directed broadcast address Router (config) # ip forward-protocl { udp [ port ] | nd | snds } Specifies which protocols will be forwarded
277
Single Server - Remote Medium Diskless Workstation Boot Server 144.253.1.1 144.253.2.2 E0 Broadcast Forwarding Default UDP Broadcast interface ethernet 0 ip address 144.253.1.100 255.255.255.0 ip helper-address 144.253.2.2 interface ethernet 0 ip address 144.253.1.100 255.255.255.0 ip helper-address 144.253.2.2
278
Single Server - Remote Medium Forwarding Default and Other Broadcast Diskless Workstation Boot Server BOOTP Broadcast 144.253.1.1 144.253.2.2 E0 interface ethernet0 ip address 144.253.1.100 255.255.255.0 ip helper-address 144.253.2.2 ip forward-protocol udp 3000 no ip forward-protocol udp 69 interface ethernet0 ip address 144.253.1.100 255.255.255.0 ip helper-address 144.253.2.2 ip forward-protocol udp 3000 no ip forward-protocol udp 69
279
Server Location Multiple server-remote media Single server-remote medium Multiple server-remote medium
280
Single Server - Remote Medium Directed Broadcast into Subnet E0 BOOTP Server 144.253.2.2 DNS Server 144.253.2.1 Broadcast Directed Broadcast to 144.253.2.255 interface ethernet 0 ip address 144.253.1.100 255.255.255.0 ip helper-address 144.253.2.255 interface ethernet 0 ip address 144.253.1.100 255.255.255.0 ip helper-address 144.253.2.255
281
Multiple Server - Remote Medium Directed Broadcast and Unicast E0 BOOTP Server 144.253.2.2 DNS Server 144.253.2.1 Broadcast Directed Broadcast to 144.253.2.255 interface ethernet 0 ip address 144.253.1.100 255.255.255.0 ip helper-address 144.253.2.255 ip helper-address 144.253.3.2 interface ethernet 0 ip address 144.253.1.100 255.255.255.0 ip helper-address 144.253.2.255 ip helper-address 144.253.3.2 FTP Server 144.253.3.2
282
Summary You can manage IP traffic by: Controlling packet transmission on each medium Using a static route to the null interface in place of an access list to minimize processing overhead Configuring helper addresses to forward broadcasts Standard access lists are easy to configure and require lower processing overhead Extended access list provide greater control.
283
Chapter 6. Configuring Queuing to Manage Traffic
284
Queuing Overview n Prioritizes traffic through router n Cisco IOS offers weighted fair queuing,priority queuing, and custom queuing SNA IPX IP IPXIPSNA
285
The Need for Traffic Prioritization n Delay-sensitive applications may require higher priority than others File Transfer Interactive Traffic
286
Effective Use of Traffic Priorization n Priorization is most effective on bursty WAN links (T1/E1 or below) that experience temporary congestion IPX IP AppleTalk S0 T1/E1
287
IPX IP AppleTalk Establishing a Queuing Policy n Determines which packets get through first n Helps provide acceptable service levels and control WAN costs Traffic Queue Bottleneck
288
Determine traffic priorities Choosing a Cisco IOS Queuing Option No need for queuing WAN congested ? Strict control needed? Queuing policy? Delay OK? Use weighted fair queuing Use priority queuing Step1Step2Step3Step4 Yes No Custom Queuing
289
Configuring Weighted Fair Queuing
290
Data Stream Classification Low-Volume Traffic FIFO Queuing High-Volume Traffic Low-Volume Traffic
291
Discriminates between sessions Automatically “fairly” allocates bandwidth for each session Priority users get needed bandwidth Other users share remaining bandwidth Session 1Session 2 Session 3 Session 4 Premium Gets what it needs. Standard Shares remaining bandwidth Premium Gets what it needs Standard Shares remaining bandwidth Weighted Fair Queuing
292
Fair Queuing Operation n Messages are sorted into conversations 641 5 2 3 Packets in order of arrival
293
n Conversations are assigned a channel n Sorts the queu by order of the last bit crossing its channel Fair Queuing Operation (cont.) 6 41 25 3 Packets fair queuedFair queue 3 1 2 4 5 6
294
n Messages are transmitter in a fair order n High-volume conversations share the link Fair Queuing Operation (cont.) 61 2 5 3 4
295
Weighted Fair Queue Example Frame Relay Network interface Serial1 encapsulation frame-relay fair-queue 128 bandwidth 56 interface Serial1 encapsulation frame-relay fair-queue 128 bandwidth 56
296
Configuring Priority Queuing
297
Priority Queuing LOW Packet arrives Selects one of these Priority List for S0 HIGH MEDIUM NORMAL S0
298
Priority Queuing Operation Dispatch Packet Place in Queue Incoming Packet Select Queue NORMAL Packet? HIGH Packet? MEDIUM Packet? LOW Packet? Timeout ? Queue full? Queue service No To Yes More? Queue selectionWAN
299
Telnet IPX AppleTalk Default Telnet IPX AppleTalk Default Priority Queuing Configuration Tasks LOW HIGH MEDIUM NORMAL Telnet IPX AppleTalk Default Telnet IPX AppleTalk Default To configure priority queuing perform the following tasks: 1. Create priority list based on protocol or interface 2. Assign a default queue 3. Specify the queue sizes (optional) 4. Assign the priority list to an interface To configure priority queuing perform the following tasks: 1. Create priority list based on protocol or interface 2. Assign a default queue 3. Specify the queue sizes (optional) 4. Assign the priority list to an interface S0 Priority List for S0
300
Priority List Configuration Commands n Sets queue priority by protocol type Router (config) # Priority-list list-munber protocol protocol-name { high | medium | normal | low} queue/keyword keyword-value Sets priority by incoming interface type Router (config) # Priority-list list-munber interface interface-type interface-number { high | medium | normal | low}
301
Priority List Configuration Commands (cont.) n Assigns a default queue Router (config) # priority-list list-munber default { high | medium | normal | low} Specifies the queue sizes Router (config) # priority-list list-munber queue-limit high-limit medium-limit normal-limit low-limit Links priority list to an interafce Router (config) # Priority-group list
302
Priority Queuing Example LOW HIGH MEDIUM NORMAL priority-list 1 protocol ip high tcp 23 priority-list 1 protocol appletalk medium priority-list 1 protocol ipx medium priority-list 1 protocol ip normal priority-list 1 default low ! Interface serial 0 priority-group 1 priority-list 1 protocol ip high tcp 23 priority-list 1 protocol appletalk medium priority-list 1 protocol ipx medium priority-list 1 protocol ip normal priority-list 1 default low ! Interface serial 0 priority-group 1 S0
303
Configuring Custom Queuing
304
Custom Queuing n Queues handled in round-robin fashion S0 2 1 (system) 3 14 15 16 High priority (keepalive) Custom Queue List for S0 Deliver x number of bytes per cycle 0 Default 20 entires
305
Custom Queuing Operation 2 1 3 14 15 16 Custom Queue List for S0 Traffic Filtering S0 Next Queue Current Queue Dispatch Packet To WAN Over Service Threshold ? More ? Queued Message Forwarding NoYes
306
Custom Queuing Configuration 1 1 S0 To configure custom queuing perform the following tasks: 1. Set custom queuing filtering for protocols or interfaces 2. Assign a default queue 3. Change queue capacity (optional) 4. Configure the transfer rate per queue 5. Assign the custom queue-list to an interface To configure custom queuing perform the following tasks: 1. Set custom queuing filtering for protocols or interfaces 2. Assign a default queue 3. Change queue capacity (optional) 4. Configure the transfer rate per queue 5. Assign the custom queue-list to an interface 2 2 3 3 4 4. 5 5 14 16 15 Default Queue
307
Custom Queue Configuration Commands Router(config)# queue-list list-number protocol protocol-name queue-number queue-keyword keyword-value queue-list list-number protocol protocol-name queue-number queue-keyword keyword-value Sets queue priority by protocol type Router(config)# queue-list list-number interface interface-type interface-number queue-number queue-list list-number interface interface-type interface-number queue-number Sets priority by interface type
308
Custom Queue Configuration Commands (cont.) Router(config)# queue-list list-number default queue-number Assigns a default queue priority Router(config)# queue-list list-number queue queue-numer limit limit-number queue-list list-number queue queue-numer limit limit-number Changes the capacity of a queue
309
Custom Queue Configuration Commands (cont.) Router(config)# queue-list list-number queue queue-number byte-count byte-count-number queue-list list-number queue queue-number byte-count byte-count-number Assigns a default queue priority Router(config-if)# custom-queue-list list Assigns a queue list to an interface
310
Custom Queuing Example 1 1 1 2 2 3 3 4 4 5 5 queue-list 1 interface E0 1 queue-list 1 protocol ip 2 queue-list 1 protocol ipx 3 queue-list 1 protocol vines 4 queue-list 1 default 5 ! interface serial 3/2 custom-queue-list 1 queue-list 1 interface E0 1 queue-list 1 protocol ip 2 queue-list 1 protocol ipx 3 queue-list 1 protocol vines 4 queue-list 1 default 5 ! interface serial 3/2 custom-queue-list 1 S0
311
Custom Queuing Example 2 1 1 2 2 3 3 4 4 5 5 queue-list 1 protocol ip tcp 20 queue-list 1 protocol ip 2 queue-list 1 protocol ipx 3 queue-list 1 protocol vines 4 queue-list 1 default 5 queue-list 1 queue 1 byte-count 3000 ! interface serial 3/2 custom-queue-list 1 queue-list 1 protocol ip tcp 20 queue-list 1 protocol ip 2 queue-list 1 protocol ipx 3 queue-list 1 protocol vines 4 queue-list 1 default 5 queue-list 1 queue 1 byte-count 3000 ! interface serial 3/2 custom-queue-list 1 S0 2 datagrams per cycle
312
Queuing Comparison Weighted Fair Queuing No queue lists Low volume given priority Conversation dispatching Interactive traffic gets priority File transfers get balanced access Enabled by default Priority Queuing 4 queues High queue serviced first Packet dispatching Critical traffic gets through Designed for low-bandwidth links Custom Queuing 16 queues Round-robin serviced Threshold dispatching Allocation of available bandwidth Best suited for high-bandwidth links
313
Chapter 7 Scalable Routing Protocol OverView
314
Objectives Upon completion of this chapter, you will be able to perform the following tasks: Compare distance vector, link-state, and advanced routing protocols Identify key features of scalable routing protocols Describe variable-length subnet masking (VLSM)
315
Scalable Routing Protocols Overview
316
Routing in Internetworks Routing protocols need to handle issues associated with larger networks: maintain route information Select routes
317
Routing in Internetworks (cont) Routing protocols need to handle issues associated with larger networks: Support flexible network as management Redistribute routes Route multiple protocols
318
Distance Vector Overview Routing Update Routing Table Periodic updates are sent to neighbors ABCD
319
Scalability with Distance Vector Routing Update Routing Table Scalability concerns: Convergence update traffic Metric limitations ABCD Update Interval
320
Link-State Overview Topological Database Routing Table Link-State Advertisements Shorted Path First Three 3 SPF Algorithm 2 4 5 1 DA B C
321
Scalability with Link State 1 DA B C Scalability concerns: Heavy memory use CPU utilization Initial flood of overhead traffic – Convergence – Link State traffic
322
Advanced Routing Choose a routing path based on distance vectors Converge rapidly using change-based updates Share attribute of both distance vector and link-state routing
323
Route Selection: Metrics Which is the best path from Source to Destination?
324
Route Selection: Load Balancing Load balancing can provide increased bandwidth and redundancy
325
Route Selection: Routing Hierarchy A hierarchical network can reflect the corporation’s organization Hierarchical Network Corporate Headquarters National Office Remote Office
326
Redistribution Routing protocols can share routing information RIP IGRP 172.16.23.0 172.16.27.0 172.16.27.46
327
Multiprotocol Support IP Network IPX Network AppleTalk Network IP Network IPX Network AppleTalk Network Enhanced IGRP Enhanced IGRP can route multiple network protocols
328
Address Management Routing protocols can summarize addresses of several network into one address 172.16.25.0 172.16.26.0 172.16.27.0 172.16.28.0 I can route to the 172.16.0.0 network
329
Administrative Distance IGRP RIP Router places the IGRP route in the routing table
330
Variable-Length Subnet Masks
331
Hierarchical Addressing Long Distance Local Office Long Distance Path to 703 (Area Code) California Virginia Path to 1212 (Area Code) Path to 555 (Area Code) Does a telephone switch in California know to reach a specific line in Virginia? (1-703-55-1212)
332
IP Routers Use Hierarchical Addressing PrefixHost 32 bits n bits An IP address has a prefix part and a host part
333
Prefix Length Determined from Context Host 32 bits Variable-length prefixes are not new Prefix length = 8 HostPrefix length =16 HostPrefix length = 24 Class A Class B Class C
334
New Notation for Prefix Length „Classfull” routers accept only a few prefix lengths Class A 10.0.0.0/ 8 10.0.0.0255.0.0.0 Class B 172.16.0.0/ 16 172.16.0.0255.255.0.0 Class C 192.168.0.0/ 24 192.168.0.0255.255.255.0 „Classless” routers accept any prefix length Prefix length is included in the IP address Class C 192.168.16.0 /22 192.168.16.0255.255.252.0
335
Subnetting Extends Prefix to the Right PrefixHost 32 bits Prefix length Classless hosts know about locally configured prefix extensions Classful hosts assume /8, /16, or /24 for nonlocal prefixes
336
Classless Routing Transmits Prefix Length 172.16.1.0/ 24 172.16.13.4/ 30 172.16.0.0/ 16 172.16.13.8/ 30 Different prefix lengths are known at different points Also known as VLSM
337
Using Variable Length Subnet MAsks 172.16.1.0 172.16.2.0 172.16.14.0 172.16.254.0 172.16.0.0/24 (255.255.255.0) 254 subnets 172.16.14.0/30 (255.255.255.252) 62 more subnets available inside 172.16.14.0 172.16.14.4 172.16.14.8 172.16.14.252 Subnet 172.16.14.0/24 is divided into smaller subnets: Subnet with a fixed mask at first Further subnet one regular subnet
338
VLSM Saves Subnets in the WAN 172.16.14.5/24 172.16.14.4/30 172.16.14.16 172.16.14.12/30172.16.14.16/30 172.16.14.8/30 172.16.14.0/30 B S0 A Four host addresses are collected for each serial link
339
Route Summarization (Aggregation) PrefixHost Prefix length Subnetting extends prefix to the right. Summarization collapses prefix to the left.
340
Classless Routing and Prefix Routing 172.16.168.0 172.16.169.0 172.16.170.0 172.16.171.0 172.16.172.0 172.16.173.0 172.16.174.0 172.16.175.0 Prefix routing used by EIGRP and OSPF Classless Interdomain Routing (CIDR) used by BGP4 I will just tell you about summary route to 172.16.168.0/21
341
Discontiguous Subnets and Classful Routing 192.168.14.16 255.255.255.240 172.16.15.0 255.255.255.0 172.16.14.0 255.255.255.0 Advertise subnet 172.16.15.0 255.255.255.0 ? RIP and IGRP do not advertise subnets OSPF and EIGRP can advertise subnets
342
Router Looks for the Longest Match 192.168.5.33/32host 192.168.5.32/27subnet 192.168.5.0/24network 192.168.0.0/16block of networks 0.0.0.0/0default Supports host-specific routes, blocks of and networks, default routes
343
Summary Distance vector routing protocols periodically send complete routing updates Link-state routing protocols send LSAs to all router in the area A scalable routing protocol should: Minimize update traffic Handle address limitations Support hierarchical topology Incorporate rapid convergence VLSM saves addressing space in IP networks
344
Chapter 9 Configuring Open Shortest Path First
345
Objectives Upon completion of this chapter, you will be able to perform the following tasks: Describe OSPF features and operation Configure OSPF for proper operation Use Cisco IOS summarization and stub-area features for OSPF Verify OSPF operation
346
OSPF Features and Operation
347
OSPF Overview Standard IP link-state routing protocol Designed to overcome RIP limitations
348
OSPF Features Has no hop count limitation Supports VLSM Uses multicast addressing for updates Has faster convergence Allows for routing authentication Supports hierarchical routing
349
OSPF Hierarchical Routing Consist of areas and autonomous systems Minimizes routing udate traffic Area 0 Area 1Area 2 Autonomous System
350
OSPF Router Types Area 1 Backbone Area 0 Area 2 External AS Area Border Router AS Boundary Router Internal Router Backbone Router
351
The Backbone and Virtual Links Backbone center of communication Virtual links provide path to backbone Avoid configuring virtual links if possible Virtual Link Area 0 (Backbone) Area 1 Area 2 Area 3
352
Another Use for Virtual Links Link discontinuous backbone - Merged networks - Redundancy Area 3 Area 0
353
The Link-State Database Represents the network topology Shared with OSPF routers in same area Adjacent Link-State Database
354
Link-State Advertisements (LSAs) Sourced by router connected to link Flooded by all other routers in area Transmitted at each link-state change LSA
355
Link-State Advertisement Operation LSA LSA received Add to database Flood LSA Run SPF to calculate new table Reset timer for entry Yes No Is entry in topological database?
356
Types of Link-State Packets O — OSPF Derived Intra-Area (Router LSA) IA — Inter-Area (Summary LSA) E1 — Type 1 External Route E2 — Type 2 External Route Routing Table External AS ASBR DR Area 1 Area 0 ABR Network Router External Summary
357
Types of External Routes Type-1 (E1) metric — external + internal Type-2 (E2) metric — external cost only 55 Area 1Area 0 R1R2R3 N1 cost = 30 N2 cost = 20 N1 cost = 25 N2 cost = 20 Cost = 20 20 N2 (E2) N1 (E1)
358
OSPF Network Types Point-to-Point Broadcast Multiaccess X.25 Frame Relay Nonbroadcast Multiaccess
359
OSPF Router ID Number by which the router is known to OSPF - Default: The highest IP address on an active interface - Can be overridden by a loopback interface Network 131.108.0.0 Bogus Loopback Address Ex: 1.1.1.1 Not in OSPF table Saves address space Bogus Loopback Address Ex: 1.1.1.1 Not in OSPF table Saves address space Real Loopback Address Ex: 131.108.17.5 In OSPF table Uses address space Real Loopback Address Ex: 131.108.17.5 In OSPF table Uses address space
360
Neighbors Form using the Hello protocol Hello
361
Adjacencies Hellos elect designated router (DR) and backup designated router (BRD) Each router forms adjacency with DR and BDR DRBDR
362
Designated Router Election Hello packets exchanged via IP multicast Router with highest OSPF priority elected Hello DRBDR P=3P=2 P=1 P=0
363
Multiaccess Network New router announces presence DR and BDR respond Adding a Router New Router DR BDR 224.0.0.5 Hello
364
Multiaccess Network (cont.) New router sends LSAs to DR and BDR BDR waits for DR to respond Adding a Router New Router DR BDR 224.0.0.6 LSA
365
Multiaccess Network (cont.) DR transmits LSAs to other routers DR must receive ACK from all routers Adding a Router New Router DR BDR 224.0.0.5 LSA
366
Multiaccess Network (cont.) Source router tells DR on 224.0.0.6 DR tells others on 224.0.0.5 Other routers flood LSAs Link-State Change New Router DR BDR X X LSA
367
Configuring OSPF
368
OSPF Basic Configuration Commands Router (config) # router ospf process-id Enables on OSPF routing process Router (config-router ) # network address wildcard-mask area area-id Selects participating interfaces
369
OSPF Basic Configuration Example router ospf 63 network 172.16.5.3 0.0.0.0 area 1 network 172.16.0.0 0.0.255.255 area 0 network 192.168.10.5 0.0.0.0 area 1 router ospf 63 network 172.16.5.3 0.0.0.0 area 1 network 172.16.0.0 0.0.255.255 area 0 network 192.168.10.5 0.0.0.0 area 1 172.16.5.3 192.168.10.5 172.16.1.1 172.16.3.1 T0 E0 E1 E2 Area 1 Area 0
370
OSPF Virtual Link Command Router (config-router) # Area area-id virtual-link router-id Creates a virtual link
371
OSPF Virtual Link Example R2: router ospf 63 area 1 virtual-link 192.168.10.5 R2: router ospf 63 area 1 virtual-link 192.168.10.5 Area 1 Area 0 Area 3 Router ID 192.168.10.5 Router ID 192.168.20.123 R1: router ospf 100 area 1 virtual-link 192.168.20.123 R1: router ospf 100 area 1 virtual-link 192.168.20.123
372
Vendor Interoperability Assigns a cost to an outgoing interface May be required for interoperability Use default cost between Cisco devices Traffic Non-Cisco Cisco Router (config-if ) # Ip ospf cost cost
373
Using Route Summarization, Stub Areas, and Redistribution
374
OSPF Route Summarization Minimizes routing table entries Localizes impact of a topology change Area 1 ABRs Summarization Area 0 Backbone
375
Route Summarization (cont.) Interarea (IA) summary link carries mask One entry can represent several subnet Area 1 Area 0 ABR Summarization O 131.108.4.0255.255.255.0 O 131.108.8.0255.255.255.0 O 131.108.12.0255.255.255.0 O 131.108.16.0255.255.255.0 O 131.108.20.0255.255.255.0 O 131.108.24.0255.255.255.0 O 131.108.28.0255.255.255.0 IA 131.108.16.0255.255.240.0 Routing Table for C Routing Table for B ABC
376
Route Summarization Issue Existing Subnet Mask = 2521111 11 00Valid 131.108.12.0255.255.255.0Address = 120000 11 00 3rd Subnet Summary Route Mask = 2401111 0000Invalid Subnet 131.108.12.0255.255.240.0Address = 120000 1100zero Some addresses may need reallocating
377
Route Summarization Commands Router (config-router ) # Area area-id range address mask Consolidates IA router on an ABR Router (config-router ) # Summary-address address mask Consolidates external routes on an ASBR
378
Route Summarization Example Area 0 Area 1 Area 2 172.16.96.0 - 172.16.127.0 255.255.255.0 172.16.64.0 - 172.16.95.0 255.255.255.0 172.16.32.0 - 172.16.63.0 255.255.255.0 172.16.32.1 172.16.64.1 172.16.127.1 172.16.96.1 Interface Addresses (255.255.255.0 mask) Interface Addresses (255.255.255.0 mask) R1# router ospf 100 network 172.16.32.0 0.0.31.255 area 1 network 172.16.96.0 0.0.31.255 area 0 area 0 range 172.16.96.0 255.255.224.0 area 1 range 172.16.32.0 255.255.224.0 R1# router ospf 100 network 172.16.32.0 0.0.31.255 area 1 network 172.16.96.0 0.0.31.255 area 0 area 0 range 172.16.96.0 255.255.224.0 area 1 range 172.16.32.0 255.255.224.0 R2# router ospf 100 network 172.16.32.0 0.0.31.255 area 2 network 172.16.96.0 0.0.31.255 area 0 area 0 range 172.16.96.0 255.255.224.0 area 2 range 172.16.64.0 255.255.224.0 R2# router ospf 100 network 172.16.32.0 0.0.31.255 area 2 network 172.16.96.0 0.0.31.255 area 0 area 0 range 172.16.96.0 255.255.224.0 area 2 range 172.16.64.0 255.255.224.0 R1 R2
379
Stub Areas Hide external routes, reduce database Consolidate external links - 0.0.0.0 Area 1 Area 0 Area 2 0.0.0.0 BGP Stub Area 172.20.64.0 - 172.20.95.0 255.255.255.0 External AS
380
Stub Area Restrictions External AS 0.0.0.0 Area 2 single exit point or, if multiple exit points, suboptimal path acceptable Transit area for virtual links disallowed An ASBR cannot be internal to stube Single Exit Point
381
Totally Stubby Areas Block external and summary routes Know only intra-area and default routes Area 1 Area 0 Area 2 0.0.0.0 BGP Stub Area 172.20.64.0 - 172.20.95.0 255.255.255.0 External AS Summary (IA) Route
382
OSPF Stub Area Commands Router (config-router ) # Area area-id stub [no-summary] Creates a stub network Router (config-router ) # Area area-id default-cost cost Specifies cost for default route sent into stub area
383
OSPF Stub Area Example External AS Area 0 Stub Area 2 192.168.15.2 192.168.15.1 192.168.14.1 E0S0 R3 R4 R3# interface Ethernet 0 ip address 192.168.14.1 255.255.255.0 interface Serial 0 ip address 192.168.15.1 255.255.255.252 router ospf 100 network 192.168.14.0 0.0.0.255 area 0 network 192.168.15.0 0.0.0.255 area 2 area 2 stub R3# interface Ethernet 0 ip address 192.168.14.1 255.255.255.0 interface Serial 0 ip address 192.168.15.1 255.255.255.252 router ospf 100 network 192.168.14.0 0.0.0.255 area 0 network 192.168.15.0 0.0.0.255 area 2 area 2 stub R4# interface Serial 0 ip address 192.168.15.2 255.255.255.252 router ospf 15 network 192.168.15.0 0.0.0.255 area 2 area 2 stub R4# interface Serial 0 ip address 192.168.15.2 255.255.255.252 router ospf 15 network 192.168.15.0 0.0.0.255 area 2 area 2 stub
384
OSPF Totally Stubby Example External AS Area 0 Stub Area 2 192.168.15.2 192.168.15.1 192.168.14.1 E0S0 R3 R4 R3# router ospf 100 network 192.168.14.0 0.0.0.255 area 0 network 192.168.15.0 0.0.0.255 area 2 area 2 stub no-summary area 2 stub default-cost 20 R3# router ospf 100 network 192.168.14.0 0.0.0.255 area 0 network 192.168.15.0 0.0.0.255 area 2 area 2 stub no-summary area 2 stub default-cost 20 R4# router ospf 15 network 192.168.15.0 0.0.0.255 area 2 area 2 stub R4# router ospf 15 network 192.168.15.0 0.0.0.255 area 2 area 2 stub
385
OSPF Route Redistribution RIP IGRP Enhanced IGRP IS-IS OSPF BGP EGP Allows routing-information exchange between OSPF and other routing protocols
386
OSPF redistribution Command Router (config-router ) # Redistribute protocol [ process-id ] [ metric value ] [ metric-type value ] [ subnet ] Redistributes routes from OSPF into other routing protocols (and vice versa)
387
OSPF Redistribution Example 1 RIP OSPF Area 0 172.16.62.1 172.16.9.1 S0 S1 R1 172.16.8.1172.16.63.1 Redistribution between RIP and OSPF router ospf 109 network 172.16.62.0 0.0.0.255 area 0 network 172.16.63.0 0.0.0.255 area 0 redistribute rip subnets metric-type 1 metric 20 router rip network 172.16.0.0 passive-interface serial 0 passive-interface serial 1 default-metric 10 redistribute ospf match internal external 1 external 2 router ospf 109 network 172.16.62.0 0.0.0.255 area 0 network 172.16.63.0 0.0.0.255 area 0 redistribute rip subnets metric-type 1 metric 20 router rip network 172.16.0.0 passive-interface serial 0 passive-interface serial 1 default-metric 10 redistribute ospf match internal external 1 external 2
388
Redistribution Example 2 “Back door” creates potential loop RIP OSPF Area 0 R1 R2 R3 172.16.9.1 172.16.8.1 router ospf 109 network 172.16.62.0 0.0.0.255 area 0 network 172.16.63.0 0.0.0.255 area 0 redistribute rip subnets metric-type 1 metric 20 distribute-list 11 out rip access-list 11 permit 172.16.8.0 0.0.7.255 router ospf 109 network 172.16.62.0 0.0.0.255 area 0 network 172.16.63.0 0.0.0.255 area 0 redistribute rip subnets metric-type 1 metric 20 distribute-list 11 out rip access-list 11 permit 172.16.8.0 0.0.7.255
389
Verifying OSPF Operation
390
Show ip ospf interface Command Verifies interfaces are in correct areas Router# show ip ospf interface e 0 Ethernet 0 is up, line protocol is up Internet Address 203.250.14.1 255.255.255.0, Area 0.0.0.0 Process ID 10, Router ID 203.250.13.41, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State BDR, Priority l Designated Router (ID) 203.250.15.1, Interfece address 203.250.14.2 Backup Designated router (ID) 203.250.13.41, interface address 203.250.14.1 Timer intervale configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 0:00:02 Neighbor Count is 3, Adjacent neighbor count is 3 Adjacent with neighbor 203.250.15.1 (Designated Router) Loopback0 is up, line protocol is up Internet address 203.250.13.41 255.255.255.255, Area 1 Process ID 10, Router ID 203.250.13.41, Network Type LOOPBACK, Cost: 1 Loopback interface is treated as a stub Host Router# show ip ospf interface e 0 Ethernet 0 is up, line protocol is up Internet Address 203.250.14.1 255.255.255.0, Area 0.0.0.0 Process ID 10, Router ID 203.250.13.41, Network Type BROADCAST, Cost: 10 Transmit Delay is 1 sec, State BDR, Priority l Designated Router (ID) 203.250.15.1, Interfece address 203.250.14.2 Backup Designated router (ID) 203.250.13.41, interface address 203.250.14.1 Timer intervale configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 0:00:02 Neighbor Count is 3, Adjacent neighbor count is 3 Adjacent with neighbor 203.250.15.1 (Designated Router) Loopback0 is up, line protocol is up Internet address 203.250.13.41 255.255.255.255, Area 1 Process ID 10, Router ID 203.250.13.41, Network Type LOOPBACK, Cost: 1 Loopback interface is treated as a stub Host
391
Show ip ospf Command Router # show ip ospf Routing Process "ospf 1" with ID 2.2.2.2 Supports only single TOS (TOS0) routes SPF schedule delay 5 secs, Hold time between two SPFs 10 secs Number of areas in this router is 1 Area 23 Number of interfaces in this area is 3 Area has no authentication SPF algorithm executed 19 times Area ranges are Link State Update Interval is 0:30:00 and due in 0:04:55 Link State Age Interval is 0:20:00 and due in 0:04:55 Router # show ip ospf Routing Process "ospf 1" with ID 2.2.2.2 Supports only single TOS (TOS0) routes SPF schedule delay 5 secs, Hold time between two SPFs 10 secs Number of areas in this router is 1 Area 23 Number of interfaces in this area is 3 Area has no authentication SPF algorithm executed 19 times Area ranges are Link State Update Interval is 0:30:00 and due in 0:04:55 Link State Age Interval is 0:20:00 and due in 0:04:55 Displays general information about the OSPF routing process
392
show ip ospf database Command Router# show ip ospf database OSPF Router with ID (3.3.3.3) (Process ID 1) Router Link States (Area 23) Link IDADVAgeSeq#ChecksumLink Routercount 3.3.3.33.3.3.3780x800000320x80865 4.4.4.44.4.4.416910x800000280xEllC1 2.2.2.22.2.2.216930x800000300x835E5 1.1.1.11.1.1.116960x800000260x80A11 Net Link States (Area 23) Link IDADV RouterAgeSeg#Checksum 150.100.4.2 4.4.4.416910x800000300x2FCE 150.100.1.2 2.2.2.216930x800000240xFB29 Router# show ip ospf database OSPF Router with ID (3.3.3.3) (Process ID 1) Router Link States (Area 23) Link IDADVAgeSeq#ChecksumLink Routercount 3.3.3.33.3.3.3780x800000320x80865 4.4.4.44.4.4.416910x800000280xEllC1 2.2.2.22.2.2.216930x800000300x835E5 1.1.1.11.1.1.116960x800000260x80A11 Net Link States (Area 23) Link IDADV RouterAgeSeg#Checksum 150.100.4.2 4.4.4.416910x800000300x2FCE 150.100.1.2 2.2.2.216930x800000240xFB29
393
show ip protocol Command Router> show ip protocol Routing Protocol is "ospf 300" Sendinq updates every 0 seconds Invalid after 0 seconds, hold down 0, flushed after 0 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Redistributing: ospf 300 Routing for Networks: 183.8.0.0/0.0.255.255 144.253.100.0/0.0.0.255 Routing Information Sources: GatewayDistance Last Update 14d.253.100.0110 6d21 183.8.128.121100:17:32 192.3.63.1921100:17:33 153.50.193.11100:17:33 183.8.6d.1301106d19 183.8.64.1281100:17:33 133.3.4.01100:17:33 131.108.100.31100:17:33 Distance: (default is 1l0) - - More - - Router> show ip protocol Routing Protocol is "ospf 300" Sendinq updates every 0 seconds Invalid after 0 seconds, hold down 0, flushed after 0 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Redistributing: ospf 300 Routing for Networks: 183.8.0.0/0.0.255.255 144.253.100.0/0.0.0.255 Routing Information Sources: GatewayDistance Last Update 14d.253.100.0110 6d21 183.8.128.121100:17:32 192.3.63.1921100:17:33 153.50.193.11100:17:33 183.8.6d.1301106d19 183.8.64.1281100:17:33 133.3.4.01100:17:33 131.108.100.31100:17:33 Distance: (default is 1l0) - - More - -
394
Other OSPF show Commands Router# show ip ospf virtual-links Displays parameters about OSPF virtual links Router# show ip ospf neighbor detail Displays neighbor information per interface Router# show ip ospf border-routers Displays routes to the ABR and ASBR
395
Summary OSPF is a scalable, standards-based link-state routing protocol OSPF features: Hierarchical design VLSM support Vendor interoperability Route summarization Route redistribution
396
Chapter 11 Configuring Enhanced IGRP
397
Objectives Upon completion of this chapter, you will be able to perform the following tasks: Describe Enhanced IGRP features and operation Configure Enhanced IGRP Verify Enhanced IGRP operation
398
Enhanced IGRP Operation
399
Enhanced IGRP Overview n Enhanced IGRP supports: n Rapid convergence n Partial bounded updates n Multiple network-layer support Enhanced IGRP IP Routing Protocols AppleTalk RTMP Novell Routing Protocols
400
Enhanced IGRP Convergence n Neighbor B provides the best route to network 7 n Neighbor B is in the routing table D H B A Neighbor TableTopology Table Network 7 Neighbor B Routing Table Network 7 Network 7
401
Partial Bounded Updates n Updates only sent to directly connected neighbor D H B A Update
402
Neighbor Discovery D H B A Neighbor TableTopology Table Network 7 Neighbor B Routing Table BDHBDH Network 7
403
Topology Table n B is current successor router n H is the feasible successor D H B A Network 7 (20) (10) (1) (100) C EF G Network 7 Advert. Distance 21 220 30 Neighbor B D H Feasible Dist. 31 230 40 Topolog Table
404
Feasible Successor Selection n Router H becomes the successor D H B A Network 7 (20) (10) (1) (100) C EF G Network 7 Advert. Distance 21 220 30 Neighbor B D H Feasible Dist. 31 230 40
405
Active State n The route to network 7 change to Active state, Because no feasible successor exists D H B A Network 7 (30) (10) (1) (100) C EF G Network 7 Advert. Distance 21 220 40 Neighbor B D H Feasible Dist. 31 230 50
406
Multiple Protocol Support for Novell IPX IPX RIP SAP Updates Enhanced IGRP
407
Multiple Protocol Support for AppleTalk RTMP Enhanced IGRP
408
Multiple Protocol Support for IP IPX RIP Enhanced IGRP Autonomous System 200 IGRP Autonomous System 200 Enhanced IGRP
409
Enhanced IGRP Configuration
410
Enhanced IGRP for IP Configuration Router (config) # router eigrp autonomous-system-number Defines Enhanced IGRP as an IP routing process Router (config-router) # network network-number Selects participating attached networks
411
Enhanced IGRP for IP Example 2.4.0.0 3.1.0.0 1.1.0.0 1.2.0.0 1.4.0.0 T0 2.3.0.0 2.1.0.0 2.2.0.0 2.5.0.0 2.6.0.0 2.7.0.0 S0 S1 S2 A A B B C E D router eigrp 109 network 1.0.0.0 network 2.0.0.0
412
Integrating Enhanced IGRP Enhanced IGRP IP RIP AppleTalk RTMP IPX RIP Enhanced IGRP saves WAN link by sending incremental routing updates
413
Enhanced IGRP Path Selection nEnhanced IGRP uses a composite metric to pick the best path IP RIP AppleTalk RTMP IPX RIP IP RIP AppleTalk RTMP IPX RIP Enhanced IGRP 19.2 T1
414
Redistribution with Enhanced IGRP Enhanced IGRP IP AppleTalk IPX Novell protocol redistribution with Enhanced IGRP is enabled by default AppleTalk RTMP redistribution is enabled by default Redistribution of IGRP in the same autonomous system is automatic Other protocols require redistribution
415
IP Route Redistribution n Routes are learned from another routing protocol IP Routing Table I 192.168.5.0 I 172.16.1.0 I 172.16.2.0 I 172.16.3.0 IP Routing Table D EX192.168.5.0 D192.168.5.8 D 192.168.5.16 D 192.168.5.24 S1 advertises routes from EIGRP S0 advertises routes from EIGRP AS 200 IGRP 172.16.0.0 AS Boundary Router AS 200 IGRP 172.16.0.0 AS 300 EIGRP 192.168.5.0 S1S0
416
IP Route Redistribution Configuration Router (config-router) # redistribute protocol [option] Allows routes discovered by one process to be advertised in the updates of another process Router (config-router) # default-metric bandwidth delay reliabulity loading mtu Used for IGRP and Enhanced IGRP redistribution Router (config-router) # default-metric number Used for OSPF, RIP, EGP BGP redistribution
417
IGRP to Enhanced IGRP Migration Autonomous System 100 IGRP/EIGRP Automatic redistribution Autonomous System 200 IGRP Autonomous System 300 EIGRP Redistribution configuration required Enhanced IGRP sends updates that are not compatible with IGRP full table updates Redistribution is automatic within the same autonomous systems Manual redistribution is required between autonomous systems
418
IP Route Redistribution Example 1 AS 200 IGRP 172.16.0.0 AS 300 EIGRP 192.168.5.0 router eigrp 300 network 192.168.5.0 redistribute igrp 200 ! route igrp 200 network 172.16.0.0 redistribute eigrp 300 default-metric command is optional with IGRP/EIGRP redistribution
419
IP Route Redistribution Example 2 RIP 172.68.0.0 Autonomous System 300 EIGRP 201.222.5.0 router rip network 172.68.0.0 redistribute eigrp 300 default-metric 3 route eigrp 300 network 201.222.5.0 redistribute rip default-metric 56 2000 255 1 1500
420
Minimizing Routing Updates
421
Route Filtering Router (config-router) # distribute-list access-list-number { out | in } [ interface-name | routing-process ] distribute-list access-list-number { out | in } [ interface-name | routing-process ] Specifies routes passed to the receiving routing protocol Uses a standard access list to permit or deny routes Can be applied to transmitted (outbound) or received (inbound) routing updates Filters all updates or updates on specific interfaces
422
IP Route Filtering Example n Hides network 10.0.0.0 using interface filtering router eigrp 1 network 172.16.0.0 network 192.168.5.0 distribute-list 7 out s0 ! Access-list 7 permit 172.16.0.0 0.0.255.255 10.0.0.0 172.16.0.0 192.168.5.0
423
Redistribution Filter Example router rip network 192.168.5.0 redistribute eigrp 1 deafult-metric 3 distribute-list out eigrp 7 ! router eigrp 1 network 172.16.0.0 redistribute rip default-metric 56 2000 255 1 1500 ! access-list 7 deny 10.0.0.0 0.255.255.255 access-list 7 permit 0.0.0.0 255.255.255.255 RIP 192.168.5.0 EIGRP 172.16.0.0 EIGRP 10.0.0.0 Hides network 10.0.0.0 using redistribution filtering
424
Enhanced IGRP Route Summarization Router (config-router) # no auto-summary Network-level route summarization (Class A, B, or C) is enabled by default Disables automatic summarization Router (config-if) # ip summary-address eigrp as-number addresss mask Enables summarization for advertisements on a specific interface
425
Route Summarization Example router eigrp 1 network 10.108.0.0 network 172.16.0.0 no auto-summary router eigrp 1 network 10.108.0.0 end int s 0 ip address 192.168.4.2 255.255.255.0 ip summary-address eigrp 1 172.16.0.0 255.255.0.0 10.108.0.0 172.16.1.0 172.16.2.0 192.168.4.2 World S0
426
Minimizing Routing Updates Router (config-router) # passive-interface interface-name Prevent routing protocol updates from being generated on the interface As an alternative to passive interface you: Do not configure a routing protocol on the interface Use access lists to filter routing protocol Use route redistribution
427
Using the passive-interface Command n The passive-interface command disables sending routing updates on interfaces RIP 172.17.0.0 EIGRP 172.16.0.0 AS 90 S0 E0 router rip network 172.17.0.0 redistribute eigrp 90 default-metric 3 pasive-interface ethernet 0 ! router eigrp 90 network 172.16.0.0 redistribute rip default-metric 1544 100 255 1 1500 passive-interface serial 0
428
Static Route Configuration Router (config) # ip route network [ mask ] address [ distance ] Defines a path to an IP destination network or subnet Default administrative distance is 1 Requires redistribution Router (config) # ip route network [ mask ] interface [ distance ] Defines a path to an IP destination network or subnet Default administrative distance is 0 (means directly connected) Automatically redistributed
429
Static Route Reditribution A ED BC S0 201.222.5.0 131.108.0.0 192.31.7.10192.31.7.18 ip route 131.108.0.0 255.255.0.0 192.31.7.18 ip route 201.222.5.0 255.255.255.0 192.31.7.10 ! router eigrp 1 network 192.31.7.0 default-metric 10000 100 255 1 1500 redistribute static distribute-list 3 out static ! access-list 3 permit 131.108.0.0 0.0.255.255 Passive-interface s0
430
VerifyingEnhanced IGRP Operation
431
Router (config) # show ip protocols Display the parameters and current state of the active routing protocol process Router (config) # show ip route eigrp Display current Enhanced EIGRP entries in the routing table
432
Verifying Enhanced IGRP Operation (cont.) Router (config) # show ip eigrp neighbors Display the neighbours discovered by IP Enhanced IGRP Router (config) # show ip eigrp topology Display the IP Enhanced IGRP topology table Router (config) # show ip eigrp traffic Display the number of IP Enhanced IGRP packets sent and received
433
Verifying Enhanced IGRP Operation (cont.) Router # show ipx route Displays the contents of the IPX routing table Router # show ipx eigrp neighbors Display the neighbors discovered by IPX Enhanced IGRP Router # show ipx eigrp topology Displays the IPX Enhanced IGRP topology table
434
Verifying Enhanced IGRP Operation (cont.) Router # show AppleTalk route Displays the contents of the AppleTalk routing table Router # show AppleTalk eigrp neighbors Display the neighbors discovered by AppleTalk Enhanced IGRP Router # show AppleTalk eigrp topology Displays the AppleTalk Enhanced IGRP topology table
435
Summary Enhanced IGRP is an advanced routing protocol that uses the DUAL algorithm Enhanced IGRP has the following features: Rapid convergence Incremental updates Routes IP, IPX, and AppleTalk Route summarization
436
1999.03.01© Synergon Informatika Rt., 1999 Chapter 12 Connecting Enterprises to an Internet Service Provider
437
437. © Synergon Informatika Rt., 1999. június Objectives Upon completion of this chapter, you will be able to perform the following tasks: Determine when to use BGP to connect to an ISP Describe methods to connect to an ISP using static and default routes, and BGP
438
438. © Synergon Informatika Rt., 1999. június BGP and ISP Connectivity Basics
439
439. © Synergon Informatika Rt., 1999. június Internet Service Provider BGP Overview Autonomous System BGP used between autonomous systems (AS) ISP BGP configuration can be complex
440
440. © Synergon Informatika Rt., 1999. június When Not to Use BGP ISP runs BGP Static A B Use a static route to provide connectivity Advertise default network via IGP Avoid BGP configuration by using default networks and static routes — Appropriate when the local policy is the same as the ISP policy
441
441. © Synergon Informatika Rt., 1999. június AS 100 Policy Drives BGP Requirements A AS 400 F AS 200 C B AS 300 ED Static Route BGP Policy for AS 100: Always use AS 300 path to reach AS 400
442
442. © Synergon Informatika Rt., 1999. június AS 100 Policy Drives BGP A AS 400 F AS 200 C B AS 300 ED BGP Downstream policy relies on upstream presence of BGP Router F must run BGP so that router A can implement policy
443
443. © Synergon Informatika Rt., 1999. június BGP Sessions EBGP AS 1 Service Provider IBGP AS 2 BGP traffic is carried by TCP connections Two types of BGP session: External and internal
444
444. © Synergon Informatika Rt., 1999. június BGP Operation IPBGP IGP Routing Protocol BGP Routing Protocol BGP routes can be redistributed into the IP routing table
445
445. © Synergon Informatika Rt., 1999. június BGP Operation (cont.) IPBGP IGP Routing Protocol BGP Routing Protocol Redistributing IP into BGP requires: - The route to be known - The BGP network command
446
446. © Synergon Informatika Rt., 1999. június Connecting to an ISP Using BGP and Alternatives
447
447. © Synergon Informatika Rt., 1999. június ISP Connecting to an ISP Overview Enterprise Network Accomplished through static routes, default, or BGP
448
448. © Synergon Informatika Rt., 1999. június Static Route Command Review ip route network mask {interface | ip-address} Router (config) # Creates a static route Can establish a “floating” route
449
449. © Synergon Informatika Rt., 1999. június RIP Static Route Example ISP AS 100 19.0.0.0 AS 200 15.1.1.1 15.1.1.2 15.1.1.0 A S0 Service Provider Running BGP ip route 0.0.0.0 0.0.0.0 S0 ! router rip network 19.0.0.0 ip route 0.0.0.0 0.0.0.0 S0 ! router rip network 19.0.0.0
450
450. © Synergon Informatika Rt., 1999. június OSPF Example ISP AS 100 19.0.0.0 AS 200 15.1.1.1 15.1.1.2 15.1.1.0 A S0 Service Provider Running BGP ip route 0.0.0.0 0.0.0.0 S0 ! router ospf 1 network 19.0.0.0 ip route 0.0.0.0 0.0.0.0 S0 ! router ospf 1 network 19.0.0.0 OSPF default configuration using a static route
451
451. © Synergon Informatika Rt., 1999. június BGP Commands router bgp autonomous-system Router (config) # Enables the BGP routing protocol network network-number Router (config-router) # Allows BGP to advertise an IGP route if it is already in the IP table Does not activate the protocol on an interface
452
452. © Synergon Informatika Rt., 1999. június BGP Commands (cont.) neighbor ip-address remote-as autonomous-system Router (config-router) # Actives a BGP clear ip bgp { * | address } Router # Resets BGP connections Use after changing BGP configuration
453
453. © Synergon Informatika Rt., 1999. június BGP Configuration Example AS 100 19.0.0.0 AS 200 15.1.1.1 15.1.1.2 15.1.1.0 A S0 15.0.0.0 B Configuration for A route bgp 100 network 19.0.0.0 neighbor 15.1.1.2 remote-as 200 route bgp 100 network 19.0.0.0 neighbor 15.1.1.2 remote-as 200 Configuration for B route bgp 200 network 15.0.0.0 neighbor 15.1.1.1 remote-as 100 route bgp 200 network 15.0.0.0 neighbor 15.1.1.1 remote-as 100 Representative of most BGP configurations
454
454. © Synergon Informatika Rt., 1999. június BGP show Commands show ip bgp Router # Displays the BGP routing table show ip bgp paths Router # Displays all paths in database show ip bgp summary Router # Displays status of all BGP connections
455
455. © Synergon Informatika Rt., 1999. június Summary BGP is a protocol used to connect autonomous systems Static routes or default routes can be used if the autonomous system policy is consistent with ISP policy
456
Configuring Frame Relay
457
n Upon completion of this module, you will be able to perform the following tasks: Describe Cisco’s implementation of Frame Relay Recognize key Frame Relay terms and features List the command to configure Frame Relay LMIs, maps, and subinterfaces List the command to monitor Frame Relay operation in the router Objectives
458
Frame Relay Overview
459
Introduction to Frame relay DT E DLCIs PVC s DCE DLCIs DCE Local Management Interface (LMI) LAN Protocol Permanent virtual circuits (PVCs) use data-link connection identifiers (DLCs)
460
Frame Relay Stack Application Presentation Session Transport Network Data Link Physical 76543217654321. Frame Relay Physical OSI Reference ModelFrame Relay 2121
461
Frame Relay DLCI Assignment n Get DLCI from your Frame Relay provider n Each DLCI is locally significant n map your network addresses to DLCI n Map entry indicates static route to destination Frame Relay Switch 172.16.11.2 DLCI 48 DLCINetwork Address 48172.16.11.3 172.16.11.3
462
Configuring Frame Relay
463
Frame Relay Configuration Router (config-if) # Encapsulation frame-relay [ ietf ] Router (config-if) # Frame Relay Imi-type { ansi | cisco | q933a } n Selects LMI type n Sets Frame relay encapsulation
464
Frame Relay Address Mapping Router (config-if) # Frame-relay map protocol protocol-address DLCI [ broadcast ] [ ietf | cisco ] n Defines how to reach a destination
465
Nonbroadcast Multiaccess (NBMA) n All routers appear as peers on a single subnet n Assumes configuration with fully meshed virtual circuits Frame Relay Network DLCI 110 172.16.11.3 172.16.11.2 172.16.11.4 DLCI 77 DLCI 48 DLCI 66 DLCI 134 DLCI 235 Subnet 172.16.11
466
Frame Relay Maps Example interface serial 0 ip address 172.16.11.2 255.255.255.0 ! ! Enable frame relay, use the ANSI LMI encapsulation frame-relay frame-relay Imi-type ansi !Note: for alternate ietf encap, also use Imi-type ansi ! !set up a static frame relay map - full mesh ! frame-relay map ip 172.16.11.3 48 broadcast frame-relay map ip 172.16.11.4 110 broadcast interface serial 0 ip address 172.16.11.2 255.255.255.0 ! ! Enable frame relay, use the ANSI LMI encapsulation frame-relay frame-relay Imi-type ansi !Note: for alternate ietf encap, also use Imi-type ansi ! !set up a static frame relay map - full mesh ! frame-relay map ip 172.16.11.3 48 broadcast frame-relay map ip 172.16.11.4 110 broadcast Cisco A
467
Split Horizon and Frame Relay n If you map DLCIs from A’s SO, only updates to or from A can route on that interface (that is, not B to C or D) A: Do not send updates in from B on S0 back out on S0 B: Sending updates for C or D using S0 on A DLCI 16 to B DLCI 17 to C DLCI 22 to D S0 : D C B A
468
Full Mesh for Frame Relay n Full connectivity using a full point-to-point mesh uses many PVCs and configuration statements C D B A DLCI to B DLCI to C DLCI to D DLCI to B DLCI to A DLCI to D DLCI to A DLCI to B DLCI to C DLCI to D DLCI to A
469
An Alternative: Subinterfaces n Routers need to bypass split horizon on S0 n Define logical subinterfaces on the serial line C B D A S0.2 for DLCI to C S0 to a serial line S0.3 for DLCI to D S0.1 for DLCI to B
470
Partial Mesh for Frame Relay n Map DLCIs with A’s subinterfaces to connect all routers with fewer DLCIs and a simpler configuration C B D A S0.1 S0.2 S0.3 B: Sending traffic for C or D using serial line to A A: Can relay traffic in from B on S0.1, back out on S0.2, or back out on S0.3
471
Subinterface Configuration Router (config) # Interface type.subinterface-number point-to-point Router (config-if) # frame Relay interface-dlci dlci broadcast n Assign a DLCI to the Frame Relay subinterface on the router n Defines the logical subinterface f or Frame Relay and enters the interface configuration mode
472
Frame Relay with Subinterfaces n Each Frame Relay subinterface uses its own subnet Frame Relay Network int S0.2 DLCI 48 ipx address 4a1d.0000.0c556.de33 S0 172.16.113.2 int S0.1 DLCI 110 172.16.112.1 172.16.112.2 ipx address 4a1d.0000.0c566.de35 172.16.113.1
473
Subinterface Configuration Example interface serial 0 encapsulation frame-relay ! ! The first of the two subinterfaces interface s 0.1 point-to-point ! Assign the DLCI to the subinterface frame-relay interface-dlci 110 broadcast ! Indicate the destination protocol address for DLCI 110 ipx network 4a1d ! ! The second subinterface on the S0 interface interface s 0.2 point-to-point frame-relay interface-dlci 48 broadcast ipx network 4c1d interface serial 0 encapsulation frame-relay ! ! The first of the two subinterfaces interface s 0.1 point-to-point ! Assign the DLCI to the subinterface frame-relay interface-dlci 110 broadcast ! Indicate the destination protocol address for DLCI 110 ipx network 4a1d ! ! The second subinterface on the S0 interface interface s 0.2 point-to-point frame-relay interface-dlci 48 broadcast ipx network 4c1d Cisco A
474
Inverse ARP for Network Discovery n This auto-discovery of remote destination addresses simplifies Frame Relay configuration A S S Frame Relay Network Switch announces DLCI 48 DLCI 48 DLCI 66 172.16.11.2 172.16.11.3 Switch announces DLCI 66 Router A announces IP 172.16.11.2 for DLCI 66 Router B announces IP 172.16.11.3 for DLCI 48 B
475
Using Inverse ARP for DLCIs n Frame Relay Inverse ARP is on by default once you specify DLCIs n Inverse ARP resolves protocol addresses of remote routers for local DLCIs C B D A DLCI 22 to D Inverse-arp ipx 22 DLCI 16 to B Inverse-arp ipx 16 DLCI 17 to C Inverse-arp ipx 17 D’s IPX Address C’s IPX Address B’s IPX Address
476
Showing a Frame Relay Interface Router# show int s 0 Serial 0 is up, line protocol is up hardware is MCI serial Internet address is 172.16.11.2, subnet mask 255.255.255.0 MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation Frame Relay, loopback not set, keepalive set (10 sec) LMI DLCI 1026, LMI sent 1, LMI stat recvd 0, LMI upd recvd 0 Last input 0:04:42, output 0:00:07 output hang never Last clearing of “show interface” counters never output queue 0/40, 0 drops; input queue 0/75, 0 drpos five minutes input rate 0 bits/sec, 0 packets/sec five minutes output rate 0 bits/sec, 0 packets/sec 6019 packets input, 305319 bytes, 0 no buffer Received 2973 broadcasts. 0 runts, 0 giants 7 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 7 abort 8595 packets output, 3499314 bytes, 0 underruns 0 output errors, 0 collosions, 10 interface resets, 0 restarts 17 carrier transitions Router# show int s 0 Serial 0 is up, line protocol is up hardware is MCI serial Internet address is 172.16.11.2, subnet mask 255.255.255.0 MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation Frame Relay, loopback not set, keepalive set (10 sec) LMI DLCI 1026, LMI sent 1, LMI stat recvd 0, LMI upd recvd 0 Last input 0:04:42, output 0:00:07 output hang never Last clearing of “show interface” counters never output queue 0/40, 0 drops; input queue 0/75, 0 drpos five minutes input rate 0 bits/sec, 0 packets/sec five minutes output rate 0 bits/sec, 0 packets/sec 6019 packets input, 305319 bytes, 0 no buffer Received 2973 broadcasts. 0 runts, 0 giants 7 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 7 abort 8595 packets output, 3499314 bytes, 0 underruns 0 output errors, 0 collosions, 10 interface resets, 0 restarts 17 carrier transitions
477
Monitoring Frame Relay Router#terminal monitor Router#no logging console Router#debug frame-relay Imi Serial 0 (out): StEnq, clock 20212760, myseq 206, mineseen 205, yourseen 136, DTE up Serial 0 (in): StEnq, clock 20212760, myseq 206 RT IE 1, length 1, type 1 Serial 0 (out): StEnq, clock 20212770, myseq 207, mineseen 205, yourseen 136, DTE up Serial 0 (in): StEnq, clock 20212776, myseq 207 RT IE 1, length 1, type 0 KA IE 3, length 2, yourseq 146, myseq 298 PVC IE 0x7, length 0x6, dlci 48, status 0, bw 56000 PVC IE 0x7, length 0x6, dlci 58, status 0, bw 56000 PVC IE 0x7, length 0x6, dlci 110, status 4, bw 56000 Router#terminal monitor Router#no logging console Router#debug frame-relay Imi Serial 0 (out): StEnq, clock 20212760, myseq 206, mineseen 205, yourseen 136, DTE up Serial 0 (in): StEnq, clock 20212760, myseq 206 RT IE 1, length 1, type 1 Serial 0 (out): StEnq, clock 20212770, myseq 207, mineseen 205, yourseen 136, DTE up Serial 0 (in): StEnq, clock 20212776, myseq 207 RT IE 1, length 1, type 0 KA IE 3, length 2, yourseq 146, myseq 298 PVC IE 0x7, length 0x6, dlci 48, status 0, bw 56000 PVC IE 0x7, length 0x6, dlci 58, status 0, bw 56000 PVC IE 0x7, length 0x6, dlci 110, status 4, bw 56000
478
Summary Use a locally significant DLCI as an indicator of the ultimate destination of a Frame Relay PVC Cisco supports different Frame Relay LMIs: ANSI (Annex D) CCITT (Annex A) Cisco (LMI) Define static PVCroutes with Frame Relay maps Alternately, define subinterfaces for interface DLCIs to avoid split horizon on routing and SAP updates Inverse ARP, on by default, auto-discovers remote protocol addresses for local DLCIs Monitor Frame Relay with show and debug commands
Similar presentations
© 2025 SlidePlayer.com Inc.
All rights reserved.