Few points of BGP

setup using 3640 does not support MPLS; here 3275 routers are used

1) when there is RR configuration then we can not modify the next-hop using next-hop-self command. we have to use route-map in neighor statement in out direction.
2) To advertise a default route without one existing in the routing table, use the neighbor <address> default-originate command under BGP.
3) Well-known communities are communities that have predefined meanings. Cisco IOS software supports four well-known communities which are NO_EXPORT, NO_ADVERTISE, INTERNET, and LOCAL_AS. The NO_EXPORT well-known community prevents BGP prefixes that are specifically assigned this predefined community attribute value from being advertised to any eBGP peers. The prefixes, however, will continue to be advertised to all other BGP speakers within the local AS.
In other words, prefixes assigned this community value will remain local to the Autonomous System (AS).
4) The NO_ADVERTISE community prevents any prefixes that are assigned this predefined community attribute from being advertised to any peer – internal or external.
The INTERNET community allows all prefixes assigned to this community to be advertised to any and all BGP peers (assuming no filtering, etc, is in place).
In Cisco IOS software, all BGP prefixes belong to the INTERNET community by default. And finally, the LOCAL_AS community is used in a somewhat similar manner
to another of the previously described communities: the NO_EXPORT community. If used in a Confederation, the LOCAL_AS community prevents all prefixes assigned
this community from being advertised out of the local sub autonomous system. When Confederations are not implemented, the LOCAL_AS community is applied in the
same manner as the NO_EXPORT community.
5) This option (disable-connected-check) does not increment TTL but relies on the fact that the routers ARE directly connected only peering between loopbacks is used.
The difference between this and ebgp-multihop is that in the latter one we can tune TTL value allowing multiple transit routers between the two BGP peers.
In the former option (disable-connected-check), the routers must be directly connected (1 hop since TTL=1).
6) BGP supports MD5 authentication only.
7) If the prefixes have been learned using EBGP peer the redistribution from BGP into IGP works by default.
If BGP router receives the prefixes from IBGP peer, the redistribution from BGP into IGP protocol does NOT work by default. It is a loop prevention mechanism.
In order to be able to redistribute them you must use the following command under the BGP process: bgp redistribute internal.
8) The next-hop attribute behaves like in a regular EBGP-to-IBGP sessions. Confederation EBGP does NOT modify the next-hop attribute hence the next-hop-self command
9) Metric (MED) is disregarded in comparison since the two paths come from different autonomous systems. R3 prefers External to Internal path.
10) BGP does not allow to perform a traffic sharing by default. Using dmzlink-bw bgp option we can allow both equal and unequal cost load balancing.
11) BGP cannot advertise prefixes that do not have EXACT match in the routing table. The ‘ip route null0’ can be used to summarize the prefixes. Only local prefixes can
be advertised this way
12) Prefixes originated by the router have next-hop attribute set to ‘0.0.0.0’ and weight set to 32768. Prefixes redistributed use Origin incomplete ‘?’
13)R4 suppresses ‘s’ more specific routes if ‘summary-only’ command is used. Only 40.0.0.0/14 is going to be advertised. If ‘summary-only’ command is NOT used,
the router creates the aggregate route and advertises it with addition to more specific routes. Similarly to other routing protocols the entry to ‘null0’ is created
for the summary route as a loop prevention mechanism.
14)The prefixes with the community ‘local-as’ cannot be advertised outside the AS. This includes sub-autonomous systems which are members of a confederation AS.
15)BGP backdoor changed its eBGP administrative distance from 20 to 200. Backdoor command is used when we can prefer IGP route intead of EBGP route.

16) Why Routers Ignore the paths

Paths that are marked as not synchronized in the show ip bgp longer-prefixes output

If BGP synchronization is enabled, there must be a match for the prefix in the IP routing table in order for an internal BGP (iBGP) path to be considered a valid path. BGP synchronization is enabled by default in Cisco IOS® Software. If the matching route is learned from an Open Shortest Path First (OSPF) neighbor, its OSPF router ID must match the BGP router ID of the iBGP neighbor. Most users prefer to disable synchronization with use of the no synchronization BGP subcommand.

  • Paths for which the NEXT_HOP is inaccessibleBe sure that there is an Interior Gateway Protocol (IGP) route to the NEXT_HOP that is associated with the path.
  • Paths from an external BGP (eBGP) neighbor if the local autonomous system (AS) appears in the AS_PATHSuch paths are denied upon ingress into the router and are not even installed in the BGP Routing Information Base (RIB). The same applies to any path that is denied by a routing policy that is implemented via access, prefix, AS_PATH, or community lists, unless you have configured neighbor soft-reconfiguration inbound for the neighbor.
  • If you enabled bgp enforce-first-as and the UPDATE does not contain the AS of the neighbor as the first AS number in the AS_SEQUENCEIn this case, the router sends a notification and closes the session.
  • Paths that are marked as (received-only) in the show ip bgp longer-prefixes outputThe policy has rejected these paths. However, the router has stored the paths because you have configured soft-reconfiguration inbound for the neighbor that sends the path

17) The cost community set clause is configured with a cost community ID number (0 to 255) and cost number value (0 to 4,294,967,295). The cost number value determines the preference for the path. The path with the lowest cost number value is preferred. Paths that are not specifically configured with the cost number value are assigned a default cost number value of 2,147,483,647. This value is the midpoint between 0 and 4,294,967,295. These paths are then evaluated accordingly by the best path selection process. If two paths are configured with the same cost number value, the path selection process prefers the path with the lowest community ID. If the paths have unequal pre-bestpath cost communities, the path with the lower pre-bestpath cost community is selected as the best path. This step is skipped if you have issued the bgp bestpath cost-community ignore command.

 

Random question

Q) ICMP redirect:

The router will only send ICMP redirect when below conditions are true,

1) icmp redirect command is enabled

2) source traffic and redirect gateway is in same n/w

3) Incoming traffic interface and interface towards the redirect gateway should be same.

 

Q) In IPv6 they have introduced fixed size header i.e. 40 bytes so it’s easy to process the packet by just seeing the NH field. However, in v4, IP header is flexible, from 20 bytes to 60 bytes. Internet Header Length(IHL) will provides the information if option fields are present or not. Minimum value of IHL is 5 and max is 20. So when device see the IHL value more than 5, it has to again look for option field. However, v6 will use NH field which can reduce time.

In IPv6, TTL renamed it as hop limit.
Q)Why don’t we have large MTU size
people can think that if we could configure largner MTU size then we could send less number of packet and that is good, but disadvantage of this larger MTU is when there is error in packet then packet need to resend.
We want big enough so that packet can be nice enough to send but we don’t want big enough that it will cause congestion interfaces specially when there is retransmission.

How much data a TCP device can receive is going to be detected by received window that we sent, thanks to tcp header in particular segment

Global Synchronization issues
1) all the devices will send traffic upto threshold, and then experience congestion, apply backoff algorithm, again go upto threshold and experience congestion and apply backoff algorithm. This will continue and form zick zack pattern and it waste lot of b/w.
so Cisco introduce WRED, it will randomly throw unwanted traffic away based on weighted value when we are getting closed to congestion.

 

Q) Question: Is there any way we can send multicast traffic with reliable communication for applications that require ordered, duplicate-free, detect packet loss. multicast data delivery from multiple sources to multiple receivers?

ANSWER: Pragmatic General Multicast(PGM)

the goal of PGM is not to make multicast UDP streams as reliable as TCP. The PGM goal is to allow senders or routers (performing router assist functions) to supply missing multicast packets if possible (such as for stock-ticker applications) or to assure receivers that the data is indeed missing and not just delayed (it does this by simply sequencing multicast packets). The issue is that you have to carry all of this state information in routers, which is not good for scaling

Q) How the P-bit is used in the routing loop prevention mechanism over OSPF?

Answer: The P-bit in the type 7 LSA Options field indicates whether the type 7 LSA should be translated. Only those LSAs with the P-bit set are translated. When the P-bit is set, the ABR must translate 7 to 5. If multiple NSSA ABRs exist, then the ABR with the highest RID will be chosen.

What about with an LSA Type 7 default route created by an ABR and injected in NSSA and received by another ABR.R1—–(R2—-R4—-R3), R1 and R2 is in area 0. R2,R3,R4 are in area 1 which is NSSA. on R3 we have enable one more ospf process which in area area 0. so R3 is acting as ABR and ASBR. say

P-Bit is used in order to tell the NSSA ABR whether to translate type 7 into type 5.
No Type 7/5 translation means bit P = 0.
Type 7/5 translation means bit P = 1.
If bit P = 0, then the NSSA ABR must not translate this LSA into Type 5. This happens when NSSA ASBR is also an NSSA ABR.
If bit P = 1, then the NSSA ABR must translate this type 7 LSA into a type 5 LSA. If there are multiple NSSA ABRs, the one with highest router ID

R2(config-rtr)#area 1 nssa default-information-originate

R3(config-if)#int lo0
R3(config-if)#ipv ospf 1 are
R3(config-if)#ipv ospf 1 area 0

When an ABR receives(R3) an LSA Type 7 default route from another ABR(R2) ,it looks the P bit and find that it is not set ,then it does not install the default route because the loop prevention mechanism

RFC 3101 says: When an NSSA border router originates both a Type-5 LSA and a Type-7 LSA for the same network(which means ASBR has two links configured in two area. One area is NSSA and another is normal area), then the
P-bit must be clear in the Type-7 LSA so that it isn’t translated into a Type-5 LSA by another NSSAborder router.

Q) IGMP general query destination IP address:

Answer: General query destination address 224.0.0.1(The All Hosts multicast group addresses all hosts on the same network segment)

Specific group query destination address would be the IP address of that multicast group which querier switch want to query.

Q)what the destination IP address of membership report?

Answer: PC will send membership report with the destination address of that group which the pc want to join.

Q) what is the detination of leave packet for specific multicast group?

Answer: from PC igmp report it sent on 224.0.0.1 & leave is on 224.0.0.2(The All Routers multicast group addresses all routers on the same network segment). In this packet the switch will specify the multicast group address which they want to leave on that interface.

If there are multiple routers on a LAN, a designated router (DR) must be elected to avoid duplicating multicast traffic.
􀂃 PIM routers follow an election process to select a DR – the PIM router with the highest Interface IP address becomes the DR.
􀂃 The DR is responsible for:
– Sending PIM register and PIM Join and Prune messages toward the rendezvous point (RP) to inform it about host group membership.
– Sending PIM Join messages for the Shortest Path Tree.
􀂃 Gotcha: When troubleshooting PIM, make sure that you identify the DR.
The non-DRs will show (*,G) and (S,G) state, but take no action.
􀂃 DR Failover – 3 x <query-interval>
– default interval 30s

If there are multiple routers on a LAN, then IGMP querier will be the router who was lowest IP address. so, if multiple routers are present in network then DR wont be an IGMP querier.

Q) Pim hello address,

Answer:224.0.0.13 is the hello address 224.0.1.40 is use by BSR to advertise current RP. So, once we enable to PIM on any device it will automatically listen 224.0.0.13 & 224.0.1.40 address.

Q)How many qurier should be present if there are two VLAN in switch.

Answer: Each Layer 2 network should have only one IGMP Querier. if we create two vlan in single switch then we need to create two IGMP querier as when the IGMP query

comes to switch it will forward that packet to all the host in that vlan. so, number of VLAN == number of IGMP querier.

Timers:

IGMP Query timers: 60 seconds. i.e. After each 60 second IGMP querier will send general query pacekt.

Response to this query: When a host receives the query packet, it starts counting to a random value, less that the maximum response time. maximum response time

could not be less than 60 second(query interval). In Version 1 it is 10 second.

Default querier-timeout : 120 seconds

PIM hello 30 second

STP:  Most of the STP regarding answer I gave except BPDU packet format and about port identifier.

BPDU packet format

Protocol identifier: value 0000 for IEEE 802.1D

Protocol version identifier: value zero.

BPDU Type: Configuration or TCN BPDU

Flags: TC & TCA

Root Identifier: 2-byte priority number followed by 6-byte MAC address.

Root patch cost: cost of the path from the bridge sending the configuration message to the root bridge.

Bridge Identifier: Sender bridge by listing its 2-byte priority number followed by its 6-byte MAC address.

Port Identifier: port from which the configuration message was sent.The Port ID field indicates the port number

Message Age

Max age:  how long the configuration is valid (default timer=20 seconds),

Hello Time: how often BPDUs are going to be sent/relayed (default timer=2 seconds),

Forward Delay: time that bridges should wait before transitioning to a new state after a topology change.

Election in STP:

Question: SW1 is root bridge. We find out that port 1 & 3 on SW1 is designated port. Port 2 is Root port, port 4 is blocking port on SW2. The link cost between the SW1 & SW2 is same. Our requirement is to configure port 4 as RP and port 2 as Blocking port and dont change the link cost value.

 Connection

Answer:

we accomplish this using port-priority.  If we change the port priority on SW2 it doesn’t makes absolutely no difference here.  We need to look at changing the port-priority upstream i.e. on SW1. So that when SW1 sends BPDUs to SW2, SW2 will compare the received port-priority values and choose the lowest one.

Question: what we gone go if OSPF neighbour stuck in Exchange state.

Answer:

The most common possible causes of this problem are as follows:

1   Mismatched interface MTU

2   Duplicate router IDs on neighbors

3   Inability to ping across with more than certain MTU size

4   Broken unicast connectivity because of the following:

5   Access list blocking the unicast

However, if we checked all above possiblity then we to look for packet drops on those link. if the packet drops are prsent then we can disable the default COS configuration on that link.

Question: To configure MAC mac based authetication for non supplicant devices.  Non supplicant device like printer.

This device aged out because of the infrequent communication. Because of this aging out, the device is unauthenticated and port is down.

Answer: Easiest solution is restart the port using below command.

Configure netlogin port <> restart.

Whenever the fdb ages out, the port is restarted so that the authentication takes place again.

Question:

If there are 3 routes are connected like below figure and if the MTU size of R2 is lower then what happens when I send packet from R1 to R3.

Answer: Fragmentation happens in L3 so middle router will fragment packet and send it to R3. As the destination router packet is combined.

Question: if there is Sw2 in between the R4 & R5. if the MTU size of SW2 is low then will packet go from R4 to R5.

Answer: No, packet will not pass. Switch works at L2. He won’t do fragmentation. Hence we need to manually configured the MTU size on switch.

New Picture

Q: If there are two router directly connected with one another as shown in figure then answer below questions:

1) Are they going to ping one another

2) if we enable OSPF between then will they form neighbourship

3) if we enable EIGRP between then will they form neighbourship.

11

Ans: 1) yes, they will definitely ping as ARP will check the if destination is in same networks. if yes then it will send broadcast in the same network. 2) They will not form neighborship. In order to form neighborship we need to match all the parameters in HELLO packets. subnet mask which is present in the packet is not match hence they will not form neighbor. 3) yes, if we enable EIGRP then they will form a neighbourship.

We can see in OSPF packet capture when we enable the ospf routing then router will send the HELLO packet with the destination address of 224.0.0.5. then if he receive hello from neighboring device then it will match parameters which are present in HELLO packets. HELLO packet has TTL value of 1. one everything is fine in hello then they will send DB description packets, LS request, LS update packets, LS ack pacekts in order to share the database. whenever any link goes down respective router will send LS update to other routers. neighboring router will send LS ack to that update.

Q) what is  difference between OSPF Neighbors & Adjacencies

In OSPF two routers are neighbors when they are “in touch” by means of the Hello protocol. To be able to be “in touch” the two routers must have an interface to a common network (e.g. they’re both on the same ethernet segment, or they have a point-to-point link) and some things must be configured identically on those interfaces.

Two routers are adjacent when they are neighbors and they keep their link state databases synchronized(Full state). On point-to-point links, point-to-multipoint links and virtual links, two neighboring routers always form an adjacency. On broadcast and nbma, only someneighboring routers form an adjacency.

Q) SW1 and SW3 has enabled with STP but there is no STP protocol running on SW2 and SW4, then considering below scenario what will happens.

Ans: SW1 will consider himself as root bridge and send BPDU toward on SW2. On SW2 there is no STP is running so it will flood the multicast packets on all the ports. those packets is received on SW1 and SW3. SW1 see this are the packets generated by me. So, he will block the  higher number port link i.e. port 2 on SW1. SW2 will forwards BPDU on SW3 on port 3,4.  SW3 will again blocks the higher number port i.e 2 and transit the BPDU towards SW4 on port 3,4. Sw4 receive the packets on port 1 which he will send it on port 2 and the packets receive on port 2 which he will send it to port 1. when those packets receive on SW3, he will block higher number port i.e. 4.

New Picture1

RIP
(update timer = 30 sec.) entire routing table 
(invalid timer = 180 sec.) 
(hold-down timer = 180 sec.) 
(flush-down timer = 240 sec.)

IGRP
(update timer = 90 sec.) 
(invalid timer = 270 sec.) 
(hold-down timer = 280 sec.) 
(flush-down timer = 630 sec.)

EIGRP
(5 Sec = Hello timer) 
(3 times Hello = Hold-timer)
(60 Sec. = Hello timer) NBMA less than T1 speed
(3 times Hello = Hold-timer)
(90 Sec. = Update timer)
(3 times Update timer = Invalid timer)
(7 times Update timer = Flush timer)

OSPF
(10 Sec. = Hello timer) 
(30 Sec. NBMA = Hello timer)
(4 times Hello = Dead-interval)
(4 times NBMA Hello = NBMA Dead-interval)

STP
Hello: 2 second
Max age: 20 second
Forward delay: 15 second

24 ports = 24 collision domains, 1 switch = 1 broadcast domain. Number of collision domains depends on what the ports are connected to. For example, if all ports are connected to the same hub then there will be only 1 collision domain.

RPVST+ and RSTP are both based upon the IEEE 802.1W specification. RSTP can only achieve rapid transition to forwarding on edge port and on point-to-point links. STP BPDU are relayed by all non-root bridges and RSTP BPDU are generated by each bridge.

When there is duplex mismatch, two error can be seen on half duplex end, 1)Excessive collision 2) Late collision

 

Quiz EIGR : Let’s try with this topology

To reach 192.168.1.0 Boston passes through the Link Boston–London–Munich because it has the best metric.

Now assume the link London–Munich fails.

Which path will be chosen by Boston to reach 192.168.1.0/24 ?

10550892_1546827782216885_5446648353837367226_n

Socessor is London FD = 20 and AD=10
Paris FD = 35 ,AD = 25
Madrid FD = 108, AD = 8
the fissbile successor is Madrid because the AD < FD of Successor

The issues here is Suboptimal routing. so to achieve optimal routing we need to first look on metric aspect.and need make changes accordingly… Variance nothing to do here