Pages

Thursday, November 28, 2013

Border Gateway Protocol

Introduction

BGP is a standardized exterior gateway protocol (EGP), as opposed to RIP,  OSPF, and EIGRP which are interior gateway protocols (IGP’s). BGP  Version 4 (BGPv4) is the current standard deployment. 

BGP is considered a “Path Vector” routing protocol. BGP was not built to  route within an Autonomous System (AS), but rather to route between AS’s.  BGP maintains a separate routing table based on shortest AS Path and various other attributes, as opposed to IGP metrics like distance or cost. 

BGP is the routing protocol of choice on the Internet. Essentially, the Internet is a collection of interconnected Autonomous Systems. 

BGP Autonomous Systems are assigned an Autonomous System Number  (ASN), which is a 16-bit number ranging from 1 – 65535. A specific subset of this range, 64512 – 65535, has been reserved for private (or internal) use. 


BGP utilizes TCP for reliable transfer of its packets, on port 179.

BGP Peers (Neighbors) 

For BGP to function, BGP routers (called speakers) must form neighbor  relationships (called peers). 

There are two types of BGP neighbor relationships: 
• iBGP Peers – BGP neighbors within the same autonomous system. 
• eBGP Peers – BGP neighbors connecting separate autonomous systems. 
 Note: Do not confuse an IGP, such as OSPF, with iBGP! 


By default, BGP assumes that eBGP peers are a maximum of one hop away. This restriction can be bypassed using the ebgp-multihop option with the neighbor command.
The Administrative Distance for routes learned outside the Autonomous System (eBGP routes) is 20, while the AD for iBGP and locally-originated routes is 200.

BGP Peers Messages 

BGP forms its peer relationships through a series of messages. 

1. First, an OPEN message is sent between peers to initiate the session. The OPEN message contains several parameters:
BGP Version – must be the same between BGP peers Local AS Number BGP Router ID

2. KEEPALIVE messages are sent periodically (every 60 seconds by default) to ensure that the remote peer is still available. If a router does not receive a KEEPALIVE from a peer for a Hold-time period (by default, 180 seconds), the router declares that peer dead. 

3. UPDATE messages are used to exchange routes between peers. 

4. Finally, NOTIFICATION messages are sent when there is a fatal error condition. If a NOTIFICATION message is sent, the BGP peer session is torn down and reset.

Configuring Neighbors:
RouterB(config)# router bgp 100
RouterB(config-router)# neighbor remote-as
RouterB(config-router)# neighbor 172.16.1.2 remote-as 900

For stability purposes, the source interface used to generate updates to a
particular neighbor can be specified:

RouterB(config)# router bgp 100
RouterB(config-router)# neighbor 172.16.1.2 update-source lo0

RouterC must then point to RouterB’s loopback (assume the address is
1.1.1.1/24) in its neighbor statement:

RouterC(config)# router bgp 900
RouterC(config-router)# neighbor 1.1.1.1 remote-as 100

RouterC must have a route to RouterB’s loopback in its routing table.

Remember though: by default, BGP assumes that external peers are exactly
one hop away. Using the loopback as a source interface puts RouterB two
hops away from RouterC. Thus, the ebgp-multihop feature must be enabled:

RouterC(config)# router bgp 900
RouterC(config-router)# neighbor 1.1.1.1 ebgp-multihop 2

The 2 indicates the number of hops to the eBGP peer. If left blank, the
default is 255.

To authenticate updates between two BGP peers:

RouterB(config)# router bgp 100
RouterB(config-router)# neighbor 172.16.1.2 password CISCO

Further Info :
http://www.routeralley.com/ra/docs/bgp.pdf



Posted by at No comments:

IS-IS Commands

IS-IS status
Show clns : Information about the CLNS network
Show clns protocol : Lists the protocol-specific information
Show clns is-neighbor : IS-IS neighbors
Show clns neighbor : Both ES and IS information
Show isis database : LSDB
Show isis topology : ISIS least-cost paths to destinationIS-IS command
Router#conf t
Router(config)#router isis      : enable IS-IS
Router(config-router)# net [network entity title]
Router(config-router)#net  49.0401.2101.8302.8174.00
Router(config-router)# is-type  [level-1/level-1-2/level-2-only]
Router(config-router)#
exit
Router(config)#interface[interface type] [interface number]
Router(config-if)#ip router isis
Router(config-if)#isis circuit-type[level-1/level-1-2/level-2-only]
: need to repeat for all interfaces that need to run IS-IS

Router#show ip route isis     : check routing table
Posted by at No comments:
Labels: , , , , ,

Intermediate System to Intermediate System (IS-IS) routing protocol Introduction

What is IS-IS ? 


  • Intermediate System to Intermediate System intra-domain routing protocol,IS, ES
  • „Is a Link State Protocol
  • „Is a dynamic routing protocol based on SPF routing algorithm
  • „IS is “OSI speak” for router (i.e., routing protocol for the ISO Connectionless  Network Protocol)
  • Is an IGP (Interior Gateway Protocol) scalable only for dynamic routing within a domain
  • Supports a 2-level hierarchy : level-1 (areas) and level-2 (backbone)
  • „Integrated IS-IS, also known as Dual IS-IS, was to provide a single routing protocol with the capabilities of routing both Connectionless Network Service (CLNS) and IP

ISIS Levels


Level-1 router
Has neighbours only on the same area
Has a level-1 LSDB with all routing information for the area

Level-2 router
May have neighbours in the same or other areas
Has a Level-2 LSDB with all routing information about inter-area

Level-1-2 router
May have neighbours on any area.
Has two separate LSDBs: level-1 LSDB & level-2 LSDB

NSAPs (Network Service Access  Points) and Addressing

  • ISIS does not have a backbone area as such (like OSPF)
  • Instead the backbone is the contiguous collection of Level-2 capable routers
  • ISIS area borders are on links, not routers
  • Each router is identified with Network Entity Title (NET).NET is an NSAP where the n-selector is 0


NSAP: Network Service Access Point

NSAP is the network layer address for CLNS  (Connectionless Network Service) packets
„An NSAP consists of 3 parts - area address,system ID and n-selector
„All routers in an area must use the same area address
„Each node in an area must have a unique systemID
„All L2 routers in a domain must each have a unique systemID
„Area address is like OSPF area number
„System ID is like an OSPF router ID

Total length between 8 and 20 bytes
Area Address: variable length field (up to 13 bytes) (used by Level 2 routing)
System ID: defines an ES or IS in an area. (used by level 1 routing; similar to OSPF router id)
NSEL: N-selector. identifies a network service user (transport entity or the IS
network entity itself)
  • NET: the address of the network entity itself
A NET implies the routing layer of the IS itself (no transport layer) 
ISs (routers) do not have any transport layer (selector=0) 

ISPs typically choose NSAP addresses as:
First 8 bits – pick a number (usually 49)
Next 16 bits – area
Next 48 bits – router loopback address
Final 8 bits – zero

CLNS Addressing
NSAP: 49.0001.1921.6800.1001.00
Router: 192.168.1.1 (loopback) in Area 1

Types of IS-IS Packets 

1. IS-IS Hello Packets 
    Used for maintaining adjacencies
    Sends hello packet every 10 sec, dead interval time is 30 sec. The DIS sends a hello every 3.3 seconds.
„              ESH (End System Hello, sent by end system and listen to ISH)
„              ISH (Intermediate System Hello, sent by IS for End Systems)
„              IIH (IS-IS Hello, sent by IS to form adjancency)

2. LSP (Link State PDU)—Advertises link-state information
Each router creates an LSP and flood it to neighbours
A level-1 router will create level-1 LSP(s)
A level-2 router will create level-2 LSP(s)
A level-1-2 router will create
level-1 LSP(s) and
level-2 LSP(s)

3. CSNP (Complete Sequence Number PDU)—An update containing the complete list of LSPs known to the router

4. PSNP (Partial Sequence Number PDU)—Used to acknowledge a routing update (LSP) on point-to-point links and to request missing information about a route after receiving a CSNP

Fast Hellos
Advantages
-Reduced link failure detection time
Disadvantages
-Increased BW/buffer/CPU usage can cause missed hellos, potential increased adjacency flapping can cause instability

Configuration:
Interface configuration mode:
Rtr-A(config)#int POS0/0
Rtr-A(config-if)#isis hello-interval minimal
Rtr-A(config-if)#isis hello-multiplier 4

Advertised hold time will now be 1 second, hello-interval will be 250 ms


Electing the DIS

An IS-IS DIS is elected based on highest priority value, and then on highest SNPA address (typically the MAC address). The priority is assigned to each interface and has a default value of 64.
Priority can be configured; the range is 1–127. In case of a tie, the router with the highest SPNA address for that interface is elected the DIS. No backup DIS exists.

DIS has two tasks
--Creating and updating the Pseudonode LSP
--Conducting the flooding over the LAN
A DIS is elected for each LAN



CLNS:

Connectionless-mode Network Service (CLNS) or simply Connectionless Network Service is an OSI Network Layer datagram service that does not require a circuit to be established before data is transmitted,
and routes messages to their destinations independently of any other messages.

Route Leaking:

The IS-IS routing protocol allows for a two-level hierarchy of routing information.There can be multiple Level 1 areas interconnected by a contiguous Level 2 backbone. A router can belong to Level 1, Level 2, or both. The Level 1 link-state database contains information about that area only.The Level 2 link-state database contains information about that level as well as each of the Level 1 areas. An L1/L2 router contains both Level 1 and Level 2 databases. It advertises information about the L1 area to which it belongs into L2.
Each L1 area is essentially a stub area. Packets destined for an address that is outside of the L1 area are routed to the closest L1/L2 router to be forwarded on to the destination area. Routing to the closest L1/L2 router can lead to sub-optimal routing when the shortest path to the destination is through a different L1/L2 router.Route leaking helps reduce sub-optimal routing by providing a mechanism for leaking, or redistributing, L2 information into L1 areas. By having more detail about interarea routes, an L1 router is able to make a better choice with regard to which L1/L2 router to forward the packet.

Both commands are entered within the router IS-IS configuration.
You must create an IP extended access list to define which routes will be leaked from Level 2 into Level 1.
If route leaking is configured without configuring wide style metrics, route leaking will not occur.

ReleaseCommand12.0S
advertise ip l2-into-l1 <100-199> metric-style wide

12.0T and 12.1
redistribute isis ip level-2 into level-1 distribute-list<100-199> metric-style wide

For More Info:

http://www.menog.org/presentations/menog-4/MENOG4-ISIS-Tutorial.pdf

http://map.twnic.net.tw/ip93/doc/k/is-is.pdf
Posted by at No comments:

Monday, November 25, 2013

OSPF configuration in Alcatel Router

Follow the commands below to configure ospf in alcatel routers

*A:NS085167016>config# router
*A:NS085167016>config>router# ospf
*A:NS085167016>config>router>ospf$ reference-bandwidth 10
*A:NS085167016>config>router>ospf$ area 0.0.0.0       ------------(for area 0)
*A:NS085167016>config>router>ospf>area$ interface "To-R4"
*A:NS085167016>config>router>ospf>area>if$ exit
*A:NS085167016>config>router>ospf>area# interface "To-R5"
*A:NS085167016>config>router>ospf>area>if$ exit
*A:NS085167016>config>router>ospf>area#
*A:NS085167016>config>router>ospf>area#
*A:NS085167016>config>router>ospf>area#
*A:NS085167016>config>router>ospf>area# exit
*A:NS085167016>config>router>ospf# area 0.0.0.1            ---------(for area 1)
*A:NS085167016>config>router>ospf>area$ interface "To-R1"
*A:NS085167016>config>router>ospf>area>if$ exit
*A:NS085167016>config>router>ospf>area# interface "To-R2"
*A:NS085167016>config>router>ospf>area>if$ exit

Posted by at No comments:
Labels: , , , ,

Interface and port configuration in Alcatel Routers

Use the following commands to configure interfaces and ports in alcatel router.
Note that each port should be given no shutdown command individually to make the port up.

Interface configuration
*A:NS085167016# configure
*A:NS085167016>config# router
*A:NS085167016>config>router# interface To-R1
*A:NS085167016>config>router>if$ address 10.0.0.2/28
*A:NS085167016>config>router>if$ port 1/2/1
*A:NS085167016>config>router>if$ no shutdown
*A:NS085167016>config>router>if$ exit
*A:NS085167016>config>router# interface To-R2
*A:NS085167016>config>router>if$ address 10.0.0.34/28
*A:NS085167016>config>router>if$ port 1/2/2
*A:NS085167016>config>router>if$ no shutdown
*A:NS085167016>config>router>if$ exit
*A:NS085167016>config>router# interface To-R4
*A:NS085167016>config>router>if$ address 10.0.0.49/28
*A:NS085167016>config>router>if$ port 1/2/3
*A:NS085167016>config>router>if$ no shutdown
*A:NS085167016>config>router>if$ exit
*A:NS085167016>config>router# interface To-R5
*A:NS085167016>config>router>if$ address 10.0.0.65/28
*A:NS085167016>config>router>if$ port 1/2/4
*A:NS085167016>config>router>if$ no shutdown
*A:NS085167016>config>router>if$ exit
*A:NS085167016>config>router# exit

Port configuration
*A:NS085167016>config# port 1/2/1
*A:NS085167016>config>port# no shutdown
*A:NS085167016>config>port# exit
*A:NS085167016>config# port 1/2/2
*A:NS085167016>config>port# no shutdown
*A:NS085167016>config>port# exit
*A:NS085167016>config# port 1/2/3
*A:NS085167016>config>port# no shutdown
*A:NS085167016>config>port# exit
*A:NS085167016>config# port 1/2/4
*A:NS085167016>config>port# no shutdown
*A:NS085167016>config>port# exit


Posted by at 1 comment:
Labels: , , , ,

Card and mda configuration in Alcatel routers


Card and mda both need to be configured for alcatel to work.
Follow the commands below exactly to configure card and mda

A:NS085167016# configure
A:NS085167016>config# card 1
A:NS085167016>config>card# card-type "iom-9g"
*A:NS085167016>config>card# mda 1
*A:NS085167016>config>card>mda# mda-type "c1-1gb-sfp"
*A:NS085167016>config>card>mda# exit
*A:NS085167016>config>card# mda 2
*A:NS085167016>config>card>mda# mda-type "c8-10/100eth-tx"
*A:NS085167016>config>card>mda# exit
*A:NS085167016>config>card# exit


You can use show card and show mda command to check the configurations:

*A:NS085167016# show card

===============================================================================
Card Summary
===============================================================================
Slot      Provisioned      Equipped         Admin   Operational        Comments
          Card-type        Card-type        State   State
-------------------------------------------------------------------------------
1         iom-9g           iom-9g           up      up
A         cfm-9g           cfm-9g           up      up/active
===============================================================================
*A:NS085167016# show mda

===============================================================================
MDA Summary
===============================================================================
Slot  Mda   Provisioned           Equipped              Admin     Operational
            Mda-type              Mda-type              State     State
-------------------------------------------------------------------------------
1     1     c1-1gb-sfp            c1-1gb-sfp            up        up
      2     c8-10/100eth-tx       c8-10/100eth-tx       up        up
      4                           c2-oc12/3-sfp         up        unprovisioned
===============================================================================

Posted by at 1 comment:

Rebooting Alcatel


1. Run the command 'show bof' and copy the name of primary config file
 *A:NS085167016# show bof

2. Run the command 'file'
 *A:NS085167016# file
3. Run the command  delete
*A:NS085167016>file cf3:\ # delete config.cfg
4. Run the command 'admin reboot'
*A:NS085167016# admin reboot

In actual scenario the steps will be as follows:

*A:NS085167016# show bof
===============================================================================
BOF (Memory)
===============================================================================
    primary-image    cf3:\TiMOS-8.0.R10
    primary-config   cf3:\config.cfg
    autonegotiate
    duplex           full
    speed            100
    wait             3
    persist          off
    no li-local-save
    no li-separate
    console-speed    9600
===============================================================================
*A:NS085167016# file
*A:NS085167016>file cf3:\ # delete config.cfg
MINOR: CLI Could not find cf3:\config.cfg.
*A:NS085167016>file cf3:\ # exit
*A:NS085167016# admin reboot


Posted by at No comments:
Labels: , , ,

Sunday, November 24, 2013

OSPF Neighbor states

The state of the conversation between the OSPF peers trying to build an adjacency. OSPF neighbors go through various stages of conversation & each OSPF state defines that stage & the actions performed at that stage. OSPF states are maintained on per interface basis and doesn’t represent the complete OSPF Process.

 There are 8 OSPF neighbor states in total. They are:

 1. Down – Our router is sending OSPF hellos, but No OSPF hello messages  have been received from the neighbor.

 2. Attempt – Only seen, when manual neighbors are defined in NBMA networks. It means that our router is sending unicast hello messages, but hasn’t received any reply yet.

 3. Init – It simply means that the router did received hello messages from a neighbor, but they don’t have the Router ID of the receiving router, as a known neighbor.

 4. 2-Way – It means that router did receive hello message from neighbor & that hello message includes its Router ID. This means the both routers are able to see each other Hello Messages, which also means that now they have 2-way communication going on. If required, The DR and BDR will be elected at the end of this stage, before moving on to next OSPF neighbor state.

 5. Ex-Start – The actual process of LSA/LSDB information exchange begins with this stage. This is where the master/slave relationship is established and the initial sequence numbers are exchanged.

 6. Exchange – In this OSPF neighbor state, DBD packets are exchanged. These packets only contain the LSA header information. This information will be used by routers to see what LSA’s they have and what LSA’s they don’t have.

 7. Loading – This is where the actual exchange of OSPF Database information happens. On basis of the information gathered in the above stage, Link State Requests (LSR’s) are generated to request for missing LSA’s and the requests are fulfilled by Link State Update (LSU’s) packets.

 8. Full -  Once both routers have a synchronized database after the LSR/LSU exchange process, they exchange LSAck’s with each other in order to confirm & then move on to Full state.
Posted by at No comments:

Thursday, November 21, 2013

Routing Information Protocol : along with commands

The Routing Information Protocol (RIP) is one of the oldest distance-vector routing protocols, which employs the hop count as a routing metric. RIP prevents routing loops by implementing a limit on the number of hops allowed in a path from the source to a destination. The maximum number of hops allowed for RIP is 15. This hop limit, however, also limits the size of networks that RIP can support.
RIP uses the User Datagram Protocol (UDP) as its transport protocol, and is assigned the reserved port number 520.
A hop count of 16 is considered an infinite distance, in other words the route is considered unreachable.

RIP uses some methods to prevent routing loops and count to infinity problem
SPLIT HORIZON:
A router never sends information about a route back in same direction which is original information came, routers keep track of where the information about a route came from. Means when router A sends update to router B about any failure network, router B does not send any update for same network to router A in same direction.
ROUTE POISONING:
Router consider route advertised with an infinitive metric to have failed ( metric=16) instead of marking it down. For example, when network  goes down, router  starts route poisoning by advertising the metric (hop count) of this network as 16, which indicates an unreachable network.
POISON REVERSE:
The poison reverse rule overwrites split horizon rule. For example, if router B receives a route poisoning of network B from router C  then router B will send an update back to router C (which breaks the split horizon rule) with the same poisoned hop count of 16. This ensures all the routers in the domain receive the poisoned route update.
Notice that every router performs poison reverse when learning about a downed network. In the above example, router A also performs poison reverse when learning about the downed network from B.
HOLD DOWN TIMERS:
After hearing a route poisoning, router starts a hold-down timer for that route. If it gets an update with a better metric than the originally recorded metric within the hold-down timer period, the hold-down timer is removed and data can be sent to that network. Also within the hold-down timer, if an update is received from a different router than the one who performed route poisoning with an equal or poorer metric, that update is ignored. During the hold-down timer, the “downed” route appears as “possibly down” in the routing table.
For example, in the above example, when B receives a route poisoning update from C, it marks network 4 as “possibly down” in its routing table and starts the hold-down timer for network 4. In this period if it receives an update from C informing that the network 4 is recovered then B will accept that information, remove the hold-down timer and allow data to go to that network. But if B receives an update from A informing that it can reach network by 1 (or more) hop, that update will be ignored and the hold-down timer keeps counting.
Note: The default hold-down timer value = 180 second.
TRIGGERED UPDATE :
When any route failed in network ,do not wait for the next periodic update instead send an immediate update listing the poison route.

RIP Operation:

RIP defines two types of messages.
Request Message
Response Message

When a RIP router comes up, it sends a broadcast Request Message on all of its RIP enabled interfaces. All the neighboring routers which receive the Request message respond back with the Response Message containing their Routing table. The Response Message is also gratuitously sent when the Update timer expires. On receiving the Routing table, the router processes each entry of the routing table as per the following rules:
If there are no route entry matching the one received then the route entry is added to the routing table automatically, along with the information about the router from which it received the routing table
If there are matching entry but the hop count metric is lower than the one already in its routing table, then the routing table is updated with the new route.
If there are matching entry but the hop count metric is higher than the one already in its routing table, then the routing entry is updated with hop count of 16 (infinite hop). The packets are still forwarded to the old route. A Holddown timer is started and all the updates for that from other routers are ignored. If after the Holddown timer expires and still the router is advertising with the same higher hop count then the value is updated into its routing table. Only after the timer expires, the updates from other routers are accepted for that route.

Configuring RIP
Router(config)#router rip
Enter router RIP configuration mode
Router(config-router)#network
Identify networks that will participate in the router protocol. Notice that you identify networks, and not interfaces.
NOTE: You need to advertise only the classful network number, not a subnet:

R2(config)#router rip
R2(config-router)#version 2
Router(config-router)#network 172.16.0.0
not
Router(config-router)#network 172.16.10.0
Router(config-router)#no auto-summary
If you advertise a subnet, you will not receive an error message, because the router will automatically convert the subnet to the classful network address.
By default, auto-summary is enabled in rip. If this is not disabled there will be differences in the number of routes that appear in show ip route. However, it will not affect the routing process.

RIP Timers:

Update Timer
This timer controls the interval between two gratuitous Response Message. By default the value is 30 seconds. The response message is broadcast to all its RIP enabled interface.

Invalid Timer
This timer specifies how long a routing entry can be in the routing table without being updated. This is also called as expiration Timer. By default, the value is 180 seconds. After the timer expires the hop count of the routing entry will be set to 16, marking the destination as unreachable.

Flush Timer
This timer controls the time between the route is invalidated or marked as unreachable and removal of entry from the routing table. By default the value is 240 seconds. This is 60 seconds longer than Invalid timer. So for 60 seconds the router will be advertising about this unreachable route to all its neighbours. This timer has to be longer than Invalid Timer.

Holddown Timer
This timer is started per route entry, when the hop count is changing from lower value to higher value. This allows the route to get stabilized. During this time no update can be done to that routing entry.The default value of this timer is 180 seconds.
Posted by at No comments:

Wednesday, November 20, 2013

Spanning Tree Protocol: Port states and roles


Spanning-Tree Port States
1.            Disabled - The port in this state does not participate in the STP operation (it is shut down).
2.            Blocking (BPDU processing state)- The port does NOT forward any Ethernet frames, does NOT accept any Ethernet frames (discards arriving frames), does NOT learn any MAC addresses. However, the portDOES process BPDU frames received from a neighboring switch. If the port transitions to this state (blocking), it can stay blocked for 20 seconds by default (max_age).
3.            Listening (Loop free technology learning state)- The port in this state CAN send and receive the BPDU frames. However, the port in this state does NOT learn any MAC addresses, and does NOT forward or process incoming frames either. All Ethernet frames are being discarded. The computation of loop free topology takes place in this state. If the port transitions to this state (listening), it can stay in this state for 15 seconds by default (forward_delay).
4.            Learning (MAC addresses learning state)- The port in this state already knows its role (root port or designated port ) in the STP domain. However, the port will not forward any Ethernet frames yet. It will be learning MAC addresses from the frames arriving at the port in order to populate MAC address table. This helps avoid too much flooding when the port transition to the forwarding state. If the port transitions to this state (learning), it can stay in this state for 15 seconds by default (forward_delay).
5.            Forwarding (Frames forwarding state)- The port in this state will forward all Ethernet frames as per switch operation. Also, the port will process all incoming Ethernet frames and will actively learn MAC addresses from the arriving traffic.

Spanning-Tree Port Roles
Root Port (RP) - It is a port on a non-root switch, which is the shortest (the best) path towards the root bridge. Root bridge does NOT have any root ports. (no shortest path to itself ;-))
Designated Port (DP) - It is a port that is in the forwarding state. All ports of the root bridge are designated ports (they are never in a blocking state). BPDU frames our sent out this port.
Non-Designated Port (NDP) or Blocking Port - It is a port that is in a blocking state in the STP topology.
                                                             STP PortFast 

PortFast allows switch ports that connect a host device (such as a printer or 
a workstation), to bypass the usual progression of STP states. Theoretically, 
a port connecting to a host device can never create a switching loop. Thus, 
Port Fast allows the interface to move from a blocking state to a forwarding 
state immediately, eliminating the normal 30 second STP delay. 

To configure PortFast on an interface: 

Switch(config)# int fa0/10 
Switch(config-if)# spanning-tree portfast 

To enable PortFast globally on all interfaces: 

Switch(config)# spanning-tree portfast default 

PortFast should not be enabled on switch ports connecting to another 
hub/switch, as this may result in a loop. Note that PortFast does not disable 
STP on an interface - it merely speeds up the convergence. 

PortFast additionally reduces unnecessary BPDU traffic, as TCN BPDU’s 

will not be sent out for state changes on a PortFast-enabled interface. 

Posted by at No comments:
Labels: , , ,

Spanning Tree Protocol along with commands

Spanning Tree Protocol (STP) is a network protocol that ensures a loop-free topology for any bridged Ethernet local area network. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them.

Working of STP:
1. Choosing the root bridge:

1. Each switch has a bride ID(BID)= Priority value + MAC Address
2. Switches exchange BPDUs (Bridge Protocol data units) to compare bridge IDs
3. The switch with the lowest bridge ID becomes the root bridge(first priority is compared, if they are equal, MAC address is compared. Lower values get the priority)
4.Administrator can set the priority to fix the selction: If there are low speed switches which has lower MAC address they can act as root bridge which reduces the performance of the network. 
 If the network administrators would like some switch to become the root bridge, they must set its priority to be less than 32768 or configure the spanning tree a root primary/secondary. When configuring the root primary and root secondary the switch will automatically change the priority accordingly, 24577 and 28673 respectively with the default configuration.

Commands:
spanning-tree vlan 1 root primary 
spanning-tree vlan 1 root secondary
To avoid this, we change change the priority so that the required switch act as root bridge or we can set any switch to root using the following commands.

Commands:
spanning-tree vlan 1 priority ?
  % Bridge Priority must be in increments of 4096.
  % Allowed values are:
  0     4096  8192  12288 16384 20480 24576 28672

  32768 36864 40960 45056 49152 53248 57344 61440

Root bridge is the switch that has all ports working in the designated role. 
It will be the reference point from which the loop free topology is computed. 
Root bridge will impose the timers that other switches will use such as: 

hello time - how often BPDUs are going to be sent/relayed (default timer=2 seconds), 
max age - how long the configuration is valid (default timer=20 seconds),
forward delay - how long a port should be in listening/learning state (default timer=15 seconds). 

Commands:
Switch(config)# spanning-tree vlan 10 hello-time 10 
Switch(config)# spanning-tree vlan 10 forward-time 20 
Switch(config)# spanning-tree vlan 10 max-age 40

Root bridge will be announcing its presence by sending BPDU frames. 
Other switches will relay those frames out their designated port given the hello time. 

Also, the root bridge has all its ports in the designated role (forwarding).

2. Determine the least cost paths to the root bridge

Least cost path from each bridge. 
After the root bridge has been chosen, each bridge determines the cost of each possible path from itself to the root. From these, it picks one with the smallest cost (a least-cost path). The port connecting to that path becomes the root port (RP) of the bridge.
When multiple paths from a bridge are least-cost paths, the chosen path uses the neighbor bridge with the lower bridge ID. The root port is thus the one connecting to the bridge with the lowest bridge ID
The table below shows the default cost of an interface for a given data rate.
Data rateSTP Cost (802.1D-1998)RSTP Cost (802.1D-2004 / 802.1w)
4 Mbit/s2505,000,000
10 Mbit/s1002,000,000
16 Mbit/s621,250,000
100 Mbit/s19200,000
1 Gbit/s420,000
2 Gbit/s310,000
10 Gbit/s22,000

Least cost path from each network segment. 
The bridges on a network segment collectively determine which bridge has the least-cost path from the network segment to the root. The port connecting this bridge to the network segment is then the designated port (DP) for the segment.

When more than one bridge on a segment leads to a least-cost path to the root, the bridge with the lower bridge ID is used to forward messages to the root. The port attaching that bridge to the network segment is the designated port for the segment.In some cases, there may still be a tie, as when two bridges are connected by multiple cables.
In this case, multiple ports on a single bridge are candidates for root port.
In this case, the path which passes through the port on the neighbor bridge that has the lowest port identifier [Port priority(default=128) + Port number] is used.
Bridge ID = priority (16 bits) + ID [MAC address] (48 bits); the default bridge priority is 32768, and

Port ID = priority (4 bits) + ID [Interface number] (12 bits); the default port priority is 128.

 Commands:
Switch(config)#int fa0/10
Switch(config)#spanning-tree port-priority 50

Disable all other root paths. Any active port that is not a root port or a designated port is a blocked port (BP).



Posted by at No comments:

Tuesday, November 19, 2013

Differences between RIPv1 and RIPv2

RIPv1
RIPv2
Classful
Classless
Does not support VLSM
Supports VLSM
Does not send subnet mask with periodic updates
Sends subnet masks with periodic updates
Use 255.255.255.255 to send periodic updates
Use 224.0.0.9 to send periodic updates
Do not support authentication
Supports authentication


Posted by at No comments:
Subscribe to: Posts (Atom)