Ccies

Default Routing

If you want to communicate to anything other than your connected network, you must have routes for the destinations. This can be a scale issue when one wants to communicate with random IP addresses like when surfing around on the Internet. Basically you have two options to do this. Either you know all the destinations, or you have a default route® that blindly takes care of reachability for you. I’d like to walk through the various protocols to see how you can inject a default route.

Security

VACL VLAN Access List can be used to filter traffic within a VLAN. A feature that is easily overlooked when troubleshooting connectivity problems at L2. It is configured a bit like a route-map. Let’s have a look at a simple topology to demonstrate how it works: Say we want to not allow any devices on Vlan 12 to be able to ping each other. We can achieve this using a VACL.

RIP

Goodbye… Maximum hop count of 15 No discard-route Classful network command No summarization past classful boundary No suppression of summary's component network Weird timers ip default-network madness Learning on passive-interfaces clear ip route * Counting to infinity  

Multicast

Linknets: 10.0.xy.0/24 x = Lowest R y = Highest R Loopback0: R.R.R.R/32 This is the topology I’ll use throughout this page. PIM BSR Forwarding PIM PIM (Protocol Independent Multicast) is the protocol run between routers to signal control plane information and ensure no loops occur. It is protocol independent, because it uses any unicast routing protocol for its RPF (Reverse Path Forwarding) check – the way loops are avoided.

BGP

If you are unfamiliar with BGP and the terms used when talking about BGP, you might want to check out the RFC 4271 which has great definitions of the terms. I will go through how BGP works and address some of its limitations. To do this, I will start with the following topology: At first it might look confusing, but this is really a very simplified view of how a company could be connected to the Internet.

Services

DHCP Packets Reservations Relay Snooping Snooping In The Data Center Packet Validation On Untrusted Ports NTP Stratum Server Client Peer Access List Broadcast Multicast Authentication NAT NAT Order of Operation Inside to Outside Outside to Inside Static NAT Alias VRF-Aware NAT TCP Small Servers UDP Small Servers DHCP DHCP provides a dynamic way of handing out an IP configuration to clients.

EIGRP

Adjacency Unequal Cost Load Sharing Filtering Distribute List ACL Standard ACL Extended ACL Prefix List Gateway Route Map Distance Hop Count Adjacency EIGRP is a simple distance vector protocol. To become neighbors only a few parameters of the Hello packet must match:

DMVPN

DMVPN Topology Phase 1 Phase 2 NHRP Phase 3 DMVPN Topology Below you see the DMVPN topology I use for demonstrating various configs in the page. Phase 1 Not many people use Phase 1, because of its obvious drawback: Every packet between spokes must traverse the Hub. So unless you have a really good reason to do it, use Phase 3 instead.

MPLS L3 VPN Walkthrough

Let me go over a basic MPLS L3 VPN using the topology below.   Here AS 2345 makes up the network that will provide the MPLS L3 VPN service to AS 6 and AS 78. Building a MPLS L3 VPN service requires a couple of technologies for label exchange: MPLS – LDP BGP – VPNv4 For both LDP and BGP we need reachability of the loopback interfaces of the routers in AS 2345.

OSPF

Transport Network Types Mixing Network Types Adjacencies Area Types Stub Area Totally Stubby Area NSSA Forward Address Virtual Link Sham Link Domain Tag Down Bit Area Design Prefix Suppression Transport OSPF it a protocol of itself.