Prologue Hey fellow CCIE’s candidates and networking geeks. Today I want to step deep into the realm of PfR or Performance Routing. First let’s go back in time to the predecessor, Optimized Edge Routing or OER. As crazy as this sounds, OER came out in 2006 with IOS 12.3 . So, technically before all this SDN fanfare, Cisco actually decoupled the control (part of it at least) and data plane with OER/PfR back in the dizay. DID THAT JUST BLOW…
I recently had one of my customers asked about private VLANs and the benefits/use cases. I thought this was a good opportunity to refresh my knowledge of PVLANs because it was a weak area of mine during my last CCIE lab. What are Private VLANs? The main objective with PVLANs is conserving IP space, but still allowing L2 separation for security purposes. Typically, VLAN design calls for a single IP subnet for each VLAN. Here we are able to create multiple (secondary VLAN/s) VLANs for isolation, but…
IP Services ARP: ARP is the process of resolving unknown L2 (MAC) information FROM known L3 (IP) information. Inverse ARP is learning unknown L3 (IP) information from known L2 (DLCI) information. Proxy ARP, as defined in RFC 1027, was implemented to enable devices that are separated into physical network segments connected by a router in the same IP network or subnetwork to resolve the IP-to-MAC addresses. When devices are not in the same data link layer network but in the…
So, it’s been over a week since my last lab attempt and I have had plenty of time to reflect. I will say that I underestimated the troubleshooting section considerably. My advise is when you hit a difficult question, do not linger on it, move on and try to come back if you have time. It’s hard to assess which tickets are the challenging ones without a little investigation. I will say that if you cannot solve the ticket within 10-15 minutes… MOVE ON. Next…
Hold-Queue & Hardware TX Ring: TX-Ring DEFAULT on 1841 (128) packets on a FastEthernet interface “tx-ring-limit X” verify with “sh controller fa 0/1 | in tx” FIFO Ingress queue is 75 packets by default and 40 packets on an 1841 FastEthernet interface “hold-queue X in|out” verify with “sh interface fa0/1 | in queue” Keep in mind that the software queue is only invoked when the hardware (TX-RING/FIFO) is full. CPU/packet spikes can tie up CPU cycles causing the router to use…
Preface: To clear old entries in the multicast table, use “clear ip mroute *”. This command usually will allow changes to be sync:ed, but not always. In the worst case scenario, you may have to reload the device. Modifications to a working multicast environment is not recommended if you cannot interrupt traffic forwarding. Be sure to schedule maintenance window in a REAL production environment. PIM: Signaling protocol that uses the unicast routing table to preform RPF checks. Dense mode: Flood to all multicast enabled interfaces and downstream routers prune…
MPLS: Autoconfig (enable LDP on all interfaces) only available when using OSPF as IGP. LDP send discovery packets via UDP to 224.0.0.2 (all routers) port 646. Route-ID is highest loopback but can be forced “mpls ldp route-id x.x.x.x force”. To use the physical connection of the interface (not the loopback due to lack of reachability) use this command on the interface. ” mpls ldp discovery transport-address interface”. Once communications is established, via TCP 646, authentication is verified (MD5 only). After peer is…
Unlink IGP’s, BGP does not use metrics to select best path. Instead, BGP is vector based. This path is determined with Path Attributes (PA’s). The default PA, if no others are set is AS-PATH. Shortest path to destination prefix is the best path. Building the neighbor relationship: TCP Port 179 (established based on neighbor address), Open, Established, and finally Updates (contains the prefix information). If there is a problem/error a “notification” message is sent. Keepalive is 60 and hold time is…
Notes: auto-summary in RIP affects what is advertised, but not the local RIB. Preventing route feedback: Prevent router feedback (RIP) with static route to null0 or distribute-list (IN) on originating router. interface> ip rip advertise (interval different than the global) default sent out specific interface: use route-map that sets interface and default-information originate. DON’T FORGET ABOUT ROUTE FEEDBACK IN RIP! ACL to filter even/odd octets: ip access permit 0.0.1.0 255.255.254.255 : permit 3rd octet odd only ip access permit 0.0.0.0 255.255.254.255…
Here is a subject and burned me in my last lab. I had a much more complex environment, but the fundamentals are the same. Recursive routing errors occur when the tunnel destination is dynamically learned across the tunnel interface itself. Here are two simple methods to correct this behaivor. 1) Static route to the tunnel destination via any interface/path, but the tunnel interface (lower metric then a dynamic learned IGP). On the CCIE lab static routes are generally a no-no, that being…