Monday, September 27, 2010

Understanding Wild Card Mask - With EIGRP

It's been a long time now since Cisco Introduced WildCard Mask support for EIGRP.  In my opinion it's a great option as it gives us control on which router interfaces we exactly want to run EIGRP and form neighbor-ship.

Although Idea looks simple but I have seen it still creates confusion for many people when it comes to calculate wildcard mask to enable eigrp on multiple interfaces in a single run and still not running it over undesired interfaces.


Although network followed by wild card mask as 0.0.0.0 is the most common way to make sure you don't run EIGRP on undesired interfaces. On the other hand some may prefer our old friend passive-interface command.


But lets see if we can enable EIGRP for multiple interfaces with a single network statement without including undesired interfaces.


Here is the topology diagram - Click Image to enlarge






The idea here is to enable EIGRP for all loopbacks over R1 & R2 with a single network statement.


Lets first load the initials:


Device R3 in the middle is a Router acting as bridge. Don't worry if you don't understand bridging at this moment as I am soon gonna come up with detailed posts on various bridging types :-)


Just Consider R3 as a L2 Switch at this moment connecting R1 and R2


:::Initials:::



Router#sh ver | i IOS
Cisco IOS Software, 3700 Software (C3725-ADVENTERPRISEK9-M), Version 12.4(15)T7, RELEASE SOFTWARE (fc3)

<<< R1 >>>


en
!
conf t
!
ho R1
!
no ip domain-lo
!
int lo0
ip add 1.1.1.0 255.255.255.255
exit
!
int lo1
ip add 1.1.1.1 255.255.255.255
exit
!
int lo2
ip add 1.1.1.2 255.255.255.255
exit
!
int lo3
ip add 1.1.1.3 255.255.255.255
exit
!
int f0/0
ip add 12.12.12.1 255.255.255.0
no sh 
exit
!
-------------------------------


<<< R2 >>>


en
!
conf t
!
ho R2
!
no ip domain-lo
!
int f0/0
ip add 12.12.12.2 255.255.255.0
no sh 
exit
!
int lo0
ip add 2.2.2.24 255.255.255.255
exit
!12.12.12.1
int lo1
ip add 2.2.2.25 255.255.255.255
exit
!
int lo2
ip add 2.2.2.26 255.255.255.255
exit
!
int lo3
ip add 2.2.2.27 255.255.255.255
exit
!
int lo4
ip add 2.2.2.28 255.255.255.255
exit
!
int lo5
ip add 2.2.2.29 255.255.255.255
exit
!
int lo6
ip add 2.2.2.30 255.255.255.255
exit
!
int lo7
ip add 2.2.2.31 255.255.255.255
exit
!
-------------------------------


<<< R3 >>>


en
!
conf t
!
ho BRIDGE
!
no ip domain-lo
!
no ip routing
!
bridge 1 protocol ieee
!
int f0/0
bridge-group 1
no sh
exit
!
int f0/1
bridge-group 1
no sh
exit
!

Lets verify now if R1 and R2 have basic reachability to each other before enabling EIGRP:

-------------------------------

R1(config)#do ping 12.12.12.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.12.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/9/12 ms

R2(config)#do ping 12.12.12.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.12.12.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/11/12 ms
-----------------------------

Now before configuring EIGRP, let's calculate the wild card mask :-)

----------------------------
<<< R1 >>>


1.1.1.0
1.1.1.1
1.1.1.2
1.1.1.3
--------

As you can see first three octet of all Loopbacks are same, so lets focus on 4th one.

Lets break 4th octet down into binary first
      
1.1.1.|0| > 000000|00|
1.1.1.|1| > 000000|01|
1.1.1.|2| > 000000|10|
1.1.1.|3| > 000000|11|

Now as you can see all bits are common among these binary addresses except last two bits from LSB side.

The idea now is to set value as "1" for uncommon bits and "0" for common bits and convert it back into decimal

Because from CCNA you must remember 0 = Match, 1 = Not Match

----------------------
            000000|11| -> 3
----------------------

0.0.0.3 ->That's going to be the wild card mask

Now lets configure EIGRP with this:

!
router eigrp 100
net 1.1.1.0 0.0.0.3
net 12.12.12.1 0.0.0.0
no au
end
!
=====================

Apply same method for R2's loopbacks:

<<< R2 >>>

2.2.2.24
2.2.2.25
2.2.2.26
2.2.2.27
2.2.2.28
2.2.2.29
2.2.2.30
2.2.2.31
--------

24 > 00011|000
25 > 00011|001
26 > 00011|010
27 > 00011|011
28 > 00011|100
29 > 00011|101
30 > 00011|110
31 > 00011|111
--------------
     00000|111 -> 7
--------------

2.2.2.24 0.0.0.7

!
router eigrp 100
no au
net 12.12.12.2 0.0.0.0
net 2.2.2.24 0.0.0.7
end
!
===============



Verification:



<<< R1 >>>


*Mar  1 00:25:01.947: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 100: Neighbor 12.12.12.2 (FastEthernet0/0) is up: new adjacency

R1#sh ip ro e
     2.0.0.0/32 is subnetted, 8 subnets
D       2.2.2.24 [90/409600] via 12.12.12.2, 00:00:28, FastEthernet0/0
D       2.2.2.25 [90/409600] via 12.12.12.2, 00:00:28, FastEthernet0/0
D       2.2.2.26 [90/409600] via 12.12.12.2, 00:00:28, FastEthernet0/0
D       2.2.2.27 [90/409600] via 12.12.12.2, 00:00:28, FastEthernet0/0
D       2.2.2.28 [90/409600] via 12.12.12.2, 00:00:28, FastEthernet0/0
D       2.2.2.29 [90/409600] via 12.12.12.2, 00:00:28, FastEthernet0/0
D       2.2.2.30 [90/409600] via 12.12.12.2, 00:00:28, FastEthernet0/0
D       2.2.2.31 [90/409600] via 12.12.12.2, 00:00:28, FastEthernet0/0




tclsh
foreach address {
2.2.2.24
2.2.2.25
2.2.2.26
2.2.2.27
2.2.2.28
2.2.2.29
2.2.2.30
2.2.2.31
} {ping $address}
===================================

<<< R2 >>>


R2#sh ip ro e
     1.0.0.0/32 is subnetted, 4 subnets
D       1.1.1.0 [90/409600] via 12.12.12.1, 00:00:18, FastEthernet0/0
D       1.1.1.1 [90/409600] via 12.12.12.1, 00:00:18, FastEthernet0/0
D       1.1.1.2 [90/409600] via 12.12.12.1, 00:00:18, FastEthernet0/0
D       1.1.1.3 [90/409600] via 12.12.12.1, 00:00:18, FastEthernet0/0


tclsh
foreach address {
1.1.1.0
1.1.1.1
1.1.1.2
1.1.1.3
} {ping $address}
===================================

HTH...
Deepak Arora

QOS Network Design Guide - Cisco

Today I found a great QOS resource from Cisco Website. The QOS Network Design Guide from Cisco.

The guide covers design guidelines for LAN QOS Vs WAN QOS Vs MPLS QOS etc.

A gr8 QOS Resource Indeed.


HTH...
Deepak Arora

Thursday, September 23, 2010

Weird Windows XP Issue

CCIE R&S Bootcamp In India By Narbik & Scott Morris

If you were ever dreaming about attending a CCIE R&S bootcamp taught by Evil CCIE Instructor Scott Morris :-) or Narbik....here is the biggest opportunity that can ever come for you right in India.


Yes...both of them are coming together in India to conduct 12 Day bootcamp class....and If I am not wrong...It's going to be first time ever when they will be conducting CCIE Bootcamp in India.

I am not sure about you guys but this is the opportunity I would have never missed if  I were there... never...ever...ever :-)


http://www.ccieflyer.com/2010-09-Eman_Narbik_Scott.php



Bangalore India – January 17 – 28, 2011

Milton Keynes, UK – April 11 – 22, 2011

Wilmington, DE USA – July 18 – 29, 2011

Dubai, UAE – October 17 – 28, 2011

Sydney, Australia – January 2012

Wednesday, September 22, 2010

OSPF Mock Lab - Another Challenge To Solve (Solution 2 & 3)

Last month when I posted my OSPF challenge I thought there is only one way to accomplish this challenge. But soon I had another working solution too which was working perfectly fine. Lets now call it Solution 1 for our sake.


So where is my solution or so called Solution 2 ? :-)


hmmm...Ok...Today I am not only going to show you mine original solution which I figured out but also a 3rd solution.....isn't that cool ? :-)


Yup...I picked some pieces of solution 1 and solution 2 and combined them together in a new way :-)


Okay...first of all...my solution 2 may look ugly to you...but solution 3 will definitely look ugly and actually involves good piece of troubleshooting too.

It actually reminds me of a old TV cartoon show - ED, EDD & EDDY




Ok, Lets talk about solution 2 first:


Lets put Initials first, which would be matching the GNS topology I presented during solution 1 post. So lets get started:

------------------
 Solution 2
------------------
<<< R1 >>>

-------------------------
Initials
------------------------
en
!
conf t
!
no ip domain-lo
!
ho R1
!
int s0/0
ip add 123.123.123.1 255.255.255.0
en f
no frame inv
no arp fr
frame map ip 123.123.123.2 102 b
frame map ip 123.123.123.3 103 b
frame map ip 123.123.123.1 102
ip ospf net point-to-m
no sh
exit
!
int f1/0
ip add 14.14.14.1 255.255.255.0
no sh
exit
!
router ospf 1
router-id 1.1.1.1
net 123.123.123.1 0.0.0.0 a 0
net 14.14.14.1 0.0.0.0 a 1
exit
!
int lo0
ip add 11.11.11.11 255.255.255.0
ip ospf net point-to-p
ip ospf 1 a 0
exit
end
!
------------------------------------

<<< R2 >>>

en
!
conf t
!
no ip domain-lo
!
ho R2
!
int s0/0
ip add 123.123.123.2 255.255.255.0
en f
no frame inv
no arp fr
frame map ip 123.123.123.1 201 b
frame map ip 123.123.123.2 201
ip ospf net point-to-m
no sh
exit
!
int lo0
ip add 22.22.22.22 255.255.255.0
ip ospf net point-to-p
ip ospf 1 a 0
exit
!
router ospf 1
router-id 2.2.2.2
net 123.123.123.2 0.0.0.0 a 0
exit
end
!
-------------------------------------

<<< R3 >>>

en
!
conf t
!
no ip domain-lo
!
ho R3
!
int s0/0
ip add 123.123.123.3 255.255.255.0
en f
no frame inv
no arp fr
frame map ip 123.123.123.1 301 b
frame map ip 123.123.123.3 301
ip ospf net point-to-m
no sh
exit
!
int lo0
ip add 33.33.33.33 255.255.255.0
ip ospf net point-to-p
ip ospf 1 a 0
exit
!
router ospf 1
router-id 3.3.3.3
net 123.123.123.3 0.0.0.0 a 0
exit
end
!
--------------------------------------


<<< R4 >>>

en
!
conf t
!
no ip domain-lo
!
ho R4
!
int f0/0
ip add 14.14.14.4 255.255.255.0
no sh
exit
!
int f1/0
ip add 45.45.45.4 255.255.255.0
no sh
exit
!
router ospf 1
router-id 4.4.4.4
net 14.14.14.4 0.0.0.0 a 1
exit
!
int lo0
ip add 44.44.44.44 255.255.255.0
exit
!
int lo1
ip add 144.144.144.144 255.255.255.0
ip ospf 1 a 1
exit
!
router rip
v 2
no au
net 44.0.0.0
net 45.0.0.0
exit
end
!
-----------------------------------------

<<< R5 >>>


en
!
conf t
!
no ip domain-lo
!
ho R5
!
int f0/0
ip add 45.45.45.5 255.255.255.0
no sh
exit
!
int lo0
ip add 55.55.55.55 255.255.255.0
ip ospf net point-to-p
ip ospf 1 a 2
exit
!
int lo1
ip add 155.155.155.155 255.255.255.0
exit
!
int f1/0
ip add 56.56.56.5 255.255.255.0
no sh
!
router ospf 1
router-id 5.5.5.5
net 56.56.56.5 0.0.0.0 a 2
exit
!
router rip
net 45.0.0.0
net 155.155.0.0
v 2
no au
exit
end
!
--------------------------------------------


<<< R6 >>>

en
!
conf t
!
no ip domain-lo
!
ho R6
!
int f0/0
ip add 56.56.56.6 255.255.255.0
no sh
exit
!
int lo0
ip add 66.66.66.66 255.255.255.0
ip ospf 1 a 2
ip ospf net point-to-p
exit
!
router ospf 1
router-id 6.6.6.6
net 56.56.56.6 0.0.0.0 a 2
exit
end
!



---------------------------------------------



Now we have all basic reachability. The problem is that we can not have route exchange between two different ospf areas without having area 0 in middle or some way logically connected to it.  That's why we designed Virtual Links Right ? :-)


But problem here is that we are not allowed to use them :-(


Ok...next idea that comes in mind is GRE tunnels :-)


But that's also not allowed :-(


Hey...but remember If I go under tunnel interface and change tunnel mode to IP-IP with command "tunnel mode ipip" at that point I am not running GRE tunnel technically but IP-IP tunnel. Which also adds benefit of less overhead.


I know...some of you may be saying that's not right :-)...but didn't you notice from comments of CCIE people over web that real lab may trick you same way with wording of tasks ? 

So lets create our first tunnel between R5 & R4 and ultimate goal here is to pull area 2 upto area 1 first.


-----------------------------------------------

<<< R4 >>>


R4(config)#do sh run int tu0
Building configuration...

Current configuration : 146 bytes
!
interface Tunnel0
 ip address 100.100.100.101 255.255.255.0
 tunnel source Loopback0
 tunnel destination 155.155.155.155
 tunnel mode ipip
end

R4(config)#router ospf 1
R4(config-router)#net 100.100.100.101 0.0.0.0 a 2
--------------------------------------
<<< R5 >>>


R5#sh run int tu0
Building configuration...

Current configuration : 142 bytes
!
interface Tunnel0
 ip address 100.100.100.100 255.255.255.0
 tunnel source Loopback1
 tunnel destination 44.44.44.44
 tunnel mode ipip
end

R5(config)#router ospf 1
R5(config-router)#net 100.100.100.100 0.0.0.0 a 2

*Mar  1 00:24:35.739: %OSPF-5-ADJCHG: Process 1, Nbr 5.5.5.5 on Tunnel0 from LOADING to FULL, Loading Done
---------------------------------------------------
<<< R4 >>>

 R4#s ip ro os | i T
O       55.55.55.0 [110/11112] via 100.100.100.100, 00:04:40, Tunnel0
O       66.66.66.0 [110/11113] via 100.100.100.100, 00:04:40, Tunnel0
O       56.56.56.0 [110/11112] via 100.100.100.100, 00:04:40, Tunnel0

---------------------------------------------------
 
<<< R5 >>>
 
R5#sh ip ro os
     66.0.0.0/24 is subnetted, 1 subnets
O       66.66.66.0 [110/2] via 56.56.56.6, 00:05:50, FastEthernet1/0


-----------------------------------------------------------



Now lets create another tunnel between R1 & R4 and pulls area 2 which is at R4 now back to Area 0 over R1:
------------------------------------------------------------


<<< R4 >>>

R4(config)#int tu 1
R4(config-if)#ip add 125.125.125.4 255.255.255.0
R4(config-if)#tu so tu0 <- See I am putting one tunnel inside another here
R4(config-if)#tu dest 11.11.11.11
R4(config-if)#ip ospf 1 a 2
R4(config-if)#tunnel mode ipip
R4(config-if)#exit


----------------------------------------------------
 
<<< R1 >>>

R1(config)#int tu 1
R1(config-if)#ip add 125.125.125.1 255.255.255.0
R1(config-if)#tu so lo0
R1(config-if)#tu dest 100.100.100.101
R1(config-if)#ip ospf 1 a 2
R1(config-if)#tunnel mode ipip
R1(config-if)#exit


----------------------------------------------------

Now lets check the Routing Table over R1 and See if we have Route for R6's loopback:


R1(config-if)#do sh ip ro | i T
R1(config-if)#                        <- Nothing in here

-----------------------------------------------------



Hmmm... Lets see if tunnel is indeed UP:


R1(config-if)#do sh ip int b | i T
Tunnel1                    125.125.125.1   YES manual up   down

So tunnel is down.

Hmmm...for tunnel to come up we should have reachability between Tunnel Source and Destination address...right?


lets check that:

 R1(config-if)#do sh ip ro 100.100.100.101
% Network not in table

---------------------------------------------------------

Hmmm...lets make tunnel destination reachable by adding /32 static route: Remember I allowed to use one static route in entire config :-)


R1(config)#ip route 100.100.100.101 255.255.255.255 14.14.14.4
R1(config)#
*Mar  1 01:01:18.051: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to up
*Mar  1 01:01:18.247: %OSPF-5-ADJCHG: Process 1, Nbr 4.4.4.4 on Tunnel1 from LOADING to FULL, Loading Done

R1(config)#do sh ip ro 100.100.100.101                       
Routing entry for 100.100.100.101/32
  Known via "static", distance 1, metric 0
  Routing Descriptor Blocks:
  * 14.14.14.4
      Route metric is 0, traffic share count is 1

------------------------------------------------------

R1(config)#do ping 100.100.100.101

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.100.100.101, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/10/16 ms

-------------------------------------------------------





So finally our magical tunnel has come up and by this time we should have reachability to R6's loopback:


R1(config)#do sh ip ro | i T
O       100.100.100.0/24 [110/22222] via 125.125.125.4, 00:01:17, Tunnel1
O       55.55.55.0 [110/22223] via 125.125.125.4, 00:01:17, Tunnel1
O       66.66.66.0 [110/22224] via 125.125.125.4, 00:01:17, Tunnel1
C       125.125.125.0 is directly connected, Tunnel1
O       56.56.56.0 [110/22223] via 125.125.125.4, 00:01:17, Tunnel1


Which we have :-)
------------------------------------------------


------------------
 Solution 3
------------------


The major problem (not exactly) with My solution 2 is that you have full reachability among all OSPF routes but No reachability for RIP routes. Although In my original post I just asked for OSPF routes reachability only so which makes my Solution perfectly valid :-)


Now lets put some more restrictions once again :-P

1. No Static Routing Is allowed anywhere now
2. RIP Routes should also be reachable from entire ospf Domain and vice versa


Hmmm...that really makes life very complicated now.


Lets remove static route from R1 now:


R1(config)#do sh run | i ip route
R1(config)# 
                               <- So As you can see I removed it



Now lets put "default information originate always" command over R4 since we don't have static route now for reachability upto R4's Tunnel 1 Source & see if this can help us

R4(config-if)#do sh run | s r o
router ospf 1
 router-id 4.4.4.4
 log-adjacency-changes
 redistribute rip
 network 14.14.14.4 0.0.0.0 area 1
 network 100.100.100.101 0.0.0.0 area 2
 default-information originate always


R2#sh ip ro | i 0.0.0.0
Gateway of last resort is 123.123.123.1 to network 0.0.0.0
     100.0.0.0/24 is subnetted, 1 subnets
O*E2 0.0.0.0/0 [110/1] via 123.123.123.1, 01:53:08, Serial0/0
 

R6#sh ip ro | i 0.0.0.0
Gateway of last resort is 56.56.56.5 to network 0.0.0.0
     100.0.0.0/24 is subnetted, 1 subnets
O*E2 0.0.0.0/0 [110/1] via 56.56.56.5, 01:53:41, FastEthernet0/0

 

But...As soon as I do that I have another problem:

R1(config-router)#
*Mar  1 01:50:01.775: %TUN-5-RECURDOWN: Tunnel1 temporarily disabled due to recursive routing
*Mar  1 01:50:02.771: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to down
*Mar  1 01:50:02.791: %OSPF-5-ADJCHG: Process 1, Nbr 4.4.4.4 on Tunnel1 from FULL to DOWN, Neighbor Down: Interface down or detached

*Mar  1 01:51:02.771: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to up
*Mar  1 01:51:02.867: %OSPF-5-ADJCHG: Process 1, Nbr 4.4.4.4 on Tunnel1 from LOADING to FULL, Loading Done
*Mar  1 01:51:09.771: %TUN-5-RECURDOWN: Tunnel1 temporarily disabled due to recursive routing
*Mar  1 01:51:10.771: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to down
*Mar  1 01:51:10.787: %OSPF-5-ADJCHG: Process 1, Nbr 4.4.4.4 on Tunnel1 from FULL to DOWN, Neighbor Down: Interface down or detached


Hmmm...so our old  GRE route recursion issue comes back which we discussed in detail few posts back :-)


So no need to panic...right :-)


Lets dig little deeper to find the cause of issue:


R1(config-router)#do debug ip routing 

*Mar  1 01:52:28.919: RT: Pruning routes for Tunnel1 (4)
*Mar  1 01:52:28.919: RT: delete route to 100.100.100.0 via 125.125.125.4, Tunnel1
*Mar  1 01:52:28.919: RT: no routes to 100.100.100.0, flushing
*Mar  1 01:52:28.919: RT: NET-RED 100.100.100.0/24
*Mar  1 01:52:28.919: RT: delete network route to 100.0.0.0
*Mar  1 01:52:28.919: RT: NET-RED 100.0.0.0/8



Hmmm... You see ? We are learning tunnel destination from R1's point of view from tunnel itself.


Lets fix this with a Distribute list:


R1(config-router)#do sh ip access-l 1
Standard IP access list 1
    10 deny   100.100.100.0
or
 ip access-l 1 de 100.100.100.0 0.0.0.0<- Actual ACL I applied was this :-)

R1(config)#router ospf 1
R1(config-router)#distribute-list 1 in Tunnel1



*Mar  1 01:54:26.651: RT: add 0.0.0.0/0 via 14.14.14.4, ospf metric [110/1]
*Mar  1 01:54:26.655: RT: NET-RED 0.0.0.0/0
*Mar  1 01:54:26.655: RT: default path is now 0.0.0.0 via 14.14.14.4
*Mar  1 01:54:26.655: RT: new default network 0.0.0.0
*Mar  1 01:54:26.655: RT: NET-RED 0.0.0.0/0
*Mar  1 01:54:31.627: RT: NET-RED 0.0.0.0/0
*Mar  1 01:54:36.915: %LINEPROTO-5-UPDOWN: Line protocol on Interface Tunnel1, changed state to up
*Mar  1 01:54:36.915: RT: is_up: Tunnel1 1 state: 4 sub state: 1 line: 0 has_route: False
*Mar  1 01:54:36.915: RT: SET_LAST_RDB for 125.125.125.0/24
  NEW rdb: is directly connected

*Mar  1 01:54:36.915: RT: add 125.125.125.0/24 via 0.0.0.0, connected metric [0/0]
*Mar  1 01:54:36.915: RT: NET-RED 125.125.125.0/24
*Mar  1 01:54:36.915: RT: interface Tunnel1 added to routing table

R1(config)#do sh access-l 1
Standard IP access list 1
    10 deny   100.100.100.0 (2 matches)
<- See we have hits for this ACL



By this point we should be good to go and run our final TCL script to verify full connectivity including for RIP routes:


--------------------------------------------------

R3>en
R3#tclsh
R3(tcl)#foreach address {
+>(tcl)#123.123.123.1
+>(tcl)#14.14.14.1
+>(tcl)#11.11.11.11
+>(tcl)#123.123.123.2
+>(tcl)#22.22.22.22
+>(tcl)#123.123.123.3
+>(tcl)#33.33.33.33
+>(tcl)#14.14.14.4
+>(tcl)#45.45.45.4
+>(tcl)#44.44.44.44
+>(tcl)#144.144.144.144
+>(tcl)#45.45.45.5
+>(tcl)#56.56.56.5
+>(tcl)#55.55.55.55
+>(tcl)#155.155.155.155
+>(tcl)#56.56.56.6
+>(tcl)#66.66.66.66
+>(tcl)#} {ping $address}

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 123.123.123.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/9/20 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 14.14.14.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/12/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 11.11.11.11, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/17/24 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 123.123.123.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/38/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 22.22.22.22, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/31/36 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 123.123.123.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/40/52 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 33.33.33.33, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 14.14.14.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/37/60 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 45.45.45.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/23/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 44.44.44.44, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/20/40 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 144.144.144.144, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/15/24 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 45.45.45.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/28/36 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 56.56.56.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/33/40 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 55.55.55.55, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/46/60 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 155.155.155.155, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/43/56 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 56.56.56.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/39/60 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 66.66.66.66, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/36/56 ms
R3(tcl)#


So again ...one problem and multiple ways to fix it :-)
 HTH...
Deepak Arora 




Monday, September 20, 2010

Load Balancing Vs Load Sharing - In General

Load sharing is the ability to distribute outgoing traffic (or influence the flow of incoming traffic) over multiple paths. Load balancing is the ability to split the load toward the same destination (host or IP prefix) over multiple paths.

HTH...
Deepak Arora

EIGRP Auto-Summary Now Disabled By Default



auto-summary (EIGRP)

To allow automatic summarization of subnet routes into network-level routes, use the auto-summary command in router configuration mode or address-family topology configuration mode. To disable this function and send subprefix routing information across classful network boundaries, use the no form of this command.
auto-summary
no auto-summary

Syntax Description

This command has no arguments or keywords.

Command Default

The behavior of this command is enabled by default (the software does not send subprefix routing information across classful network boundaries).
Cisco IOS Release 15.0(1)M, 12.2(33)SRE, 12.2(33)XNE, Cisco IOS XE Release 2.5, Cisco IOS Release 12.2(33)SXI4 and Later Releases
The behavior of this command is disabled by default (the software sends subprefix routing information across classful network boundaries).

Command Modes

Router configuration (config-router)
Address-family topology configuration (config-router-af-topology)

Command History

Release
Modification
10.0
This command was introduced.
12.2(8)T
The command default behavior changed to disabled.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.2SX
This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.
15.0(1)M
This command was modified. Address-family topology configuration mode was added. The default behavior was changed to disabled.
12.2(33)SRE
This command was modified. Address-family topology configuration mode was added. The default behavior was changed to disabled.
12.2(33)XNE
This command was integrated into Cisco IOS Release 12.2(33)XNE.
Cisco IOS XE Release 2.5
This command was integrated into Cisco IOS XE Release 2.5.
12.2(33)SXI4
This command was modified. Address-family topology configuration mode was added. The default behavior was changed to disabled.

Usage Guidelines

To allow the software to create summary subprefixes to the classful network boundary when crossing classful network boundaries, use the auto-summary command.
Enhanced Interior Gateway Routing Protocol (EIGRP) summary routes are given an administrative distance value of 5. You cannot configure this value.

Examples

The following example enables automatic summarization for EIGRP process 109:
Router(config)# router eigrp 109
Router(config-router)# auto-summary
The following example enables automatic summarization for EIGRP autonomous-system 4473:
Router(config)# router eigrp virtual-name 
Router(config-router)# address-family ipv4 autonomous-system 4473
Router(config-router-af)# topology base 
Router(config-router-af-topology)# auto-summary 

Related Commands

Command
Description
address-family (EIGRP)
Enters address-family configuration mode to configure an EIGRP routing instance.
ip summary-address eigrp
Configures a summary aggregate address for a specified interface.
router eigrp
Configures the EIGRP address-family process.
topology (EIGRP)
Configures an EIGRP process to route IP traffic under the specified topology instance and enters router address-family topology configuration mode.

Free CCNA Lab Workbook


URL

Tuesday, September 14, 2010

OSPF Mock Lab - Another Challenge To Solve (Solution 1)

So after a little long I am back with Solution of OSPF mock lab challenge. But good part is that someone actually solved the puzzle and won the prize. 

Yup...Manish Salaria

Although his solution was different from mine and looks easier to configure, but if you will get into details about how packet is flowing between R2's loop-back and R6's loop-back then things might get little complicated to understand in first look.

Anyways here I am posting his solution, soon this week I'll post mine too. With his solution though I am not putting any explanation here but mine solution will be having detailed walk through.

I changed interface numbering a little bit as I tested this on different PC running Linux and different Set of IOS.  So you may want to adjust interface numbering under initial configuration I gave in first post.


Here is quick GNS topology I used: Click on Image for better view




So here we go: 


R1:
R1#sh ip int b | e una|do
Interface                  IP-Address      OK? Method Status                Protocol
Serial0/0                  123.123.123.1   YES manual up                    up     
FastEthernet1/0            14.14.14.1      YES manual up                  up     
Loopback0                  11.11.11.11     YES manual up                   up  



R1#sh run int s0/0
Building configuration...

Current configuration : 337 bytes
!
interface Serial0/0
 ip address 123.123.123.1 255.255.255.0
 encapsulation frame-relay
 ip ospf network point-to-multipoint
 serial restart-delay 0
 no arp frame-relay
 frame-relay map ip 123.123.123.1 102
 frame-relay map ip 123.123.123.2 102 broadcast
 frame-relay map ip 123.123.123.3 103 broadcast
 no frame-relay inverse-arp
end


R1#sh run | s r o
router ospf 1
 router-id 1.1.1.1
 log-adjacency-changes
 network 14.14.14.1 0.0.0.0 area 1
 network 123.123.123.1 0.0.0.0 area 0


R1#sh ip ro | b ^G  
Gateway of last resort is 14.14.14.4 to network 0.0.0.0

     33.0.0.0/24 is subnetted, 1 subnets
O       33.33.33.0 [110/65] via 123.123.123.3, 02:39:10, Serial0/0
     22.0.0.0/24 is subnetted, 1 subnets
O       22.22.22.0 [110/65] via 123.123.123.2, 02:39:10, Serial0/0
     144.144.0.0/32 is subnetted, 1 subnets
O       144.144.144.144 [110/2] via 14.14.14.4, 02:18:00, FastEthernet1/0
     11.0.0.0/24 is subnetted, 1 subnets
C       11.11.11.0 is directly connected, Loopback0
     123.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O       123.123.123.3/32 [110/64] via 123.123.123.3, 02:39:10, Serial0/0
O       123.123.123.2/32 [110/64] via 123.123.123.2, 02:39:10, Serial0/0
C       123.123.123.0/24 is directly connected, Serial0/0
     14.0.0.0/24 is subnetted, 1 subnets
C       14.14.14.0 is directly connected, FastEthernet1/0
O*E2 0.0.0.0/0 [110/1] via 14.14.14.4, 02:18:00, FastEthernet1/0



R2:


R2#sh prot | e una|do  
Global values:
  Internet Protocol routing is enabled
Serial0/0 is up, line protocol is up
  Internet address is 123.123.123.2/24
Loopback0 is up, line protocol is up
  Internet address is 22.22.22.22/24


R2#sh run int s0/0
Building configuration...

Current configuration : 289 bytes
!
interface Serial0/0
 ip address 123.123.123.2 255.255.255.0
 encapsulation frame-relay
 ip ospf network point-to-multipoint
 serial restart-delay 0
 no arp frame-relay
 frame-relay map ip 123.123.123.1 201 broadcast
 frame-relay map ip 123.123.123.2 201
 no frame-relay inverse-arp
end





R2#sh run | s r o
router ospf 1
 router-id 2.2.2.2
 log-adjacency-changes
 network 123.123.123.2 0.0.0.0 area 0



 R2#sh ip ro | b ^G
Gateway of last resort is 123.123.123.1 to network 0.0.0.0

     33.0.0.0/24 is subnetted, 1 subnets
O       33.33.33.0 [110/129] via 123.123.123.1, 02:43:09, Serial0/0
     22.0.0.0/24 is subnetted, 1 subnets
C       22.22.22.0 is directly connected, Loopback0
     144.144.0.0/32 is subnetted, 1 subnets
O IA    144.144.144.144 [110/66] via 123.123.123.1, 02:41:42, Serial0/0
     11.0.0.0/24 is subnetted, 1 subnets
O       11.11.11.0 [110/65] via 123.123.123.1, 02:43:09, Serial0/0
     123.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O       123.123.123.3/32 [110/128] via 123.123.123.1, 02:43:09, Serial0/0
O       123.123.123.1/32 [110/64] via 123.123.123.1, 02:43:09, Serial0/0
C       123.123.123.0/24 is directly connected, Serial0/0
     14.0.0.0/24 is subnetted, 1 subnets
O IA    14.14.14.0 [110/65] via 123.123.123.1, 02:43:09, Serial0/0
O*E2 0.0.0.0/0 [110/1] via 123.123.123.1, 02:22:04, Serial0/0
 

R3:


R3#sh prot | e una|do
Global values:
  Internet Protocol routing is enabled
Serial0/0 is up, line protocol is up
  Internet address is 123.123.123.3/24
Loopback0 is up, line protocol is up
  Internet address is 33.33.33.33/24


R3#sh run int s0/0
Building configuration...

Current configuration : 289 bytes
!
interface Serial0/0
 ip address 123.123.123.3 255.255.255.0
 encapsulation frame-relay
 ip ospf network point-to-multipoint
 serial restart-delay 0
 no arp frame-relay
 frame-relay map ip 123.123.123.1 301 broadcast
 frame-relay map ip 123.123.123.3 301
 no frame-relay inverse-arp
end
 

 R3#sh run | s r o
 router ospf 1
 router-id 3.3.3.3
 log-adjacency-changes
 network 123.123.123.3 0.0.0.0 area 0


R3#sh ip ro | b ^G
Gateway of last resort is 123.123.123.1 to network 0.0.0.0

     33.0.0.0/24 is subnetted, 1 subnets
C       33.33.33.0 is directly connected, Loopback0
     22.0.0.0/24 is subnetted, 1 subnets
O       22.22.22.0 [110/129] via 123.123.123.1, 02:46:13, Serial0/0
     144.144.0.0/32 is subnetted, 1 subnets
O IA    144.144.144.144 [110/66] via 123.123.123.1, 02:44:36, Serial0/0
     11.0.0.0/24 is subnetted, 1 subnets
O       11.11.11.0 [110/65] via 123.123.123.1, 02:46:13, Serial0/0
     123.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O       123.123.123.2/32 [110/128] via 123.123.123.1, 02:46:13, Serial0/0
O       123.123.123.1/32 [110/64] via 123.123.123.1, 02:46:13, Serial0/0
C       123.123.123.0/24 is directly connected, Serial0/0
     14.0.0.0/24 is subnetted, 1 subnets
O IA    14.14.14.0 [110/65] via 123.123.123.1, 02:46:13, Serial0/0
O*E2 0.0.0.0/0 [110/1] via 123.123.123.1, 02:24:58, Serial0/0




R4:


R4#sh prot | e una|do
Global values:
  Internet Protocol routing is enabled
FastEthernet0/0 is up, line protocol is up
  Internet address is 14.14.14.4/24
FastEthernet1/0 is up, line protocol is up
  Internet address is 45.45.45.4/24
Loopback0 is up, line protocol is up
  Internet address is 44.44.44.44/24
Loopback1 is up, line protocol is up
  Internet address is 144.144.144.144/24


R4#sh run | s r r
router rip
 version 2
 network 44.0.0.0
 network 45.0.0.0
 no auto-summary




R4#sh run | s r o
router ospf 1
 router-id 4.4.4.4
 log-adjacency-changes
 network 14.14.14.4 0.0.0.0 area 1
 default-information originate always


  
R4#sh ip ro | b  ^G
Gateway of last resort is 45.45.45.5 to network 0.0.0.0

     155.155.0.0/24 is subnetted, 1 subnets
R       155.155.155.0 [120/1] via 45.45.45.5, 00:00:24, FastEthernet1/0
     33.0.0.0/24 is subnetted, 1 subnets
O IA    33.33.33.0 [110/66] via 14.14.14.1, 02:28:36, FastEthernet0/0
     22.0.0.0/24 is subnetted, 1 subnets
O IA    22.22.22.0 [110/66] via 14.14.14.1, 02:28:36, FastEthernet0/0
     144.144.0.0/24 is subnetted, 1 subnets
C       144.144.144.0 is directly connected, Loopback1
     11.0.0.0/24 is subnetted, 1 subnets
O IA    11.11.11.0 [110/2] via 14.14.14.1, 02:28:36, FastEthernet0/0
     123.0.0.0/32 is subnetted, 3 subnets
O IA    123.123.123.3 [110/65] via 14.14.14.1, 02:28:36, FastEthernet0/0
O IA    123.123.123.2 [110/65] via 14.14.14.1, 02:28:36, FastEthernet0/0
O IA    123.123.123.1 [110/1] via 14.14.14.1, 02:28:36, FastEthernet0/0
     44.0.0.0/24 is subnetted, 1 subnets
C       44.44.44.0 is directly connected, Loopback0
     14.0.0.0/24 is subnetted, 1 subnets
C       14.14.14.0 is directly connected, FastEthernet0/0
     45.0.0.0/24 is subnetted, 1 subnets
C       45.45.45.0 is directly connected, FastEthernet1/0
R*   0.0.0.0/0 [120/1] via 45.45.45.5, 00:00:24, FastEthernet1/0



R5:


R5#sh prot | e una|do
Global values:
  Internet Protocol routing is enabled
FastEthernet0/0 is up, line protocol is up
  Internet address is 45.45.45.5/24
FastEthernet1/0 is up, line protocol is up
  Internet address is 56.56.56.5/24
Loopback0 is up, line protocol is up
  Internet address is 55.55.55.55/24
Loopback1 is up, line protocol is up
  Internet address is 155.155.155.155/24


R5#sh run | i ip route
ip route 0.0.0.0 0.0.0.0 45.45.45.4
 

 R5#sh run | s r r
 router rip
 version 2
 network 45.0.0.0
 network 155.155.0.0
 default-information originate
 no auto-summary



R5#sh run | s r o    
router ospf 1
 router-id 5.5.5.5
 log-adjacency-changes
 network 56.56.56.5 0.0.0.0 area 2
 default-information originate



R5#sh ip ro | b ^G
Gateway of last resort is 45.45.45.4 to network 0.0.0.0

     155.155.0.0/24 is subnetted, 1 subnets
C       155.155.155.0 is directly connected, Loopback1
     55.0.0.0/24 is subnetted, 1 subnets
C       55.55.55.0 is directly connected, Loopback0
     66.0.0.0/24 is subnetted, 1 subnets
O       66.66.66.0 [110/2] via 56.56.56.6, 00:01:00, FastEthernet1/0
     56.0.0.0/24 is subnetted, 1 subnets
C       56.56.56.0 is directly connected, FastEthernet1/0
     44.0.0.0/24 is subnetted, 1 subnets
R       44.44.44.0 [120/1] via 45.45.45.4, 00:00:07, FastEthernet0/0
     45.0.0.0/24 is subnetted, 1 subnets
C       45.45.45.0 is directly connected, FastEthernet0/0
S*   0.0.0.0/0 [1/0] via 45.45.45.4

 

R6:


R6#sh prot | e una|do
Global values:
  Internet Protocol routing is enabled
FastEthernet0/0 is up, line protocol is up
  Internet address is 56.56.56.6/24
Loopback0 is up, line protocol is up
  Internet address is 66.66.66.66/24


 R6#sh run | s r o
 router ospf 1
 router-id 6.6.6.6
 log-adjacency-changes
 network 56.56.56.6 0.0.0.0 area 2



R6#sh ip ro | b ^G
Gateway of last resort is 56.56.56.5 to network 0.0.0.0

     55.0.0.0/24 is subnetted, 1 subnets
O       55.55.55.0 [110/2] via 56.56.56.5, 02:12:56, FastEthernet0/0
     66.0.0.0/24 is subnetted, 1 subnets
C       66.66.66.0 is directly connected, Loopback0
     56.0.0.0/24 is subnetted, 1 subnets
C       56.56.56.0 is directly connected, FastEthernet0/0
O*E2 0.0.0.0/0 [110/1] via 56.56.56.5, 02:03:20, FastEthernet0/0

Final Reachability Check using TCL:


tclsh
foreach address {
123.123.123.1
14.14.14.1
11.11.11.11
123.123.123.2
22.22.22.22
123.123.123.3
33.33.33.33
14.14.14.4
45.45.45.4
44.44.44.44
144.144.144.144
45.45.45.5
56.56.56.5
55.55.55.55
155.155.155.155
56.56.56.6
66.66.66.66
} {ping $address}



HTH...
Deepak Arora