Tuesday, May 31, 2011

EIGRP Messages

EIGRP uses various message types to initiate and maintain neighbor relationships, and to maintain an accurate routing table. It is designed to conserve bandwidth and router resources by sending messages only when needed and only to those neighbors that need to receive them.

Packet Types:
EIGRP uses five Packet types:
  • Hello: Identifies neighbors and serves as a keepalive mechanism
  • Update: Reliably sends route information
  • Query: Reliably requests specific route information
  • Reply: Reliably responds to a query
  • Ack: Acknowledgment
EIGRP is reliable, but hellos and ACKs are not acknowledged. The acknowledgment to a query is a reply.

If a reliable packet is not acknowledged, EIGRP periodically retransmits the packet to the nonresponding neighbor as a unicast. EIGRP has a window size of one, so no other traffic is sent to this neighbor until it responds. After 16 unacknowledged retransmissions, the neighbor is removed from the neighbor table.

Neighbor Discovery and Route Exchange:

When EIGRP first starts, it uses hellos to build a neighbor table. Neighbors are directly attached routers that have a matching AS number and k values. (The timers don't have to agree.) The process of neighbor discover and route exchange betwork two EIGRP routes is as follows:

  • Step 1: Router A sends out a hello.
  • Step 2: Router B sends back a hello and an update. The update contains routing information.
  • Step 3: Router A acknowledges the update.
  • Step 4: Router A sends its update.
  • Step 5: Router B acknowledges.
When two routers are EIGRP neighbors, they use hellos between them as keepalives. Additional route information is sent only if a route is lost or a new route is discovered. A neighbor is considered lost if no hello is received within three hello periods (called hold-time). The default hello/hold timers are as follows:
  • 5 Seconds/15 Seconds for multipoint circuits with bandwidth greater than T1 and for Point-to-point media.
  • 60 Seconds/180 seconds for multipoint circuits with bandwidth less than or equal to T1.
 The Exchange process can be viewed using debug ip eigrp packets, and the update process can be seen using debug ip eigrp. the neighbor table can be seen with the command show ip eigrp neighbors.
Posted by at No comments:

EIGRP Overview

Enhanced Interior Gateway Routing Protocol (EIGRP) is a Cisco Proprietary, Advance Distance Vector, Classless Routing Protocol that uses a complex metric based on bandwidth and delay. The following are some features of EIGRP:

  • Fast Convergance
  • Support for VLSM
  • Partial updates conserve network bandwidth.
  • Support for IP, AppleTalk, and IPX.
  • Runs directly over IP, using protocol number 88.
  • Support for all layer 2 (Data Link Layer) protocols and Topologies.
  • Sophisticated Metric that supports load-balancing across unequal-cost  paths.
  • Use of Multicast (and unicast where appropriate) instead of broadcasts.
  • Support of Authentication.
  • Manual Summarization at any interface.
  • Use Multicast 224.0.0.10.

EIGRP's function is controlled by four key technologies:
  • Neighbor Discovery and Maintenance: Periodic Hello Messages
  • The Reliable Transport Protocol (RTP): Controls sending, tracking, and acknowledging EIGRP messages
  • Diffusing Update Algorithm (DUAL): Determines the best loop-free route.
  • Protocol-independent Modules (PDM):  Modules are "plug-ins" for IP, IPX, and AppleTalk versions of EIGRP

EIGRP uses three tables:
  •  The neighbor table is built from EIGRP hellos and used for reliable delivery.
  • The topology table contains EIGRP routing information for best paths and loop-free alternatives.
  •  EIGRP places best routes from its topology table into the common routing table.

Posted by at No comments:

Tuesday, May 17, 2011

AUTHENTICATION


The MD5 keyed digest in each EIGRP packet prevents the introduction of unauthorized or false routing messages from unapproved sources. Each key has its own key ID, which is stored locally. The combined of the key ID and the interface associated with the message uniquely identifies the authentication algorithm and MD5 authentication key in use. EIGRP allows keys to be managed using key chains. Each key definition within the key chain can specify a time interval for which that key will be activated (its lifetime). Then, during the lifetime of a given key, routing update packets are sent with this activated key. Only one authentication packet is sent, regardless of how many valid keys exist. The software examines the key numbers in order from lowest to highest, and it uses the first valid key that it encounters.



BASIC CONFIGURATION OF ROUTER-R1:

R1(config)#int serial 1/0
R1(config-if)#ip add 1.0.0.1  255.0.0.0
R1(config-if)#no shut
R1(config-if)#exit

R1(config)#int fastethernet 0/0
R1(config-if)#ip address 200.100.50.1  255.255.255.0
R1(config-if)#no shut
R1(config-if)#exit


BASIC CONFIGURATION OF ROUTER-R2:

R2(config)#int serial 1/1
R2(config-if)#ip address 1.0.0.2  255.0.0.0
R2(config-if)#no shut
R2(config-if)#exit

R2(config)#int serial 1/0
R2(config-if)#ip address 2.0.0.1  255.0.0.0
R2(config-if)#no shut
R2(config-if)#exit

R2(config)#int fastethernet 0/0
R2(config-if)#ip address 200.100.100.1  255.255.255.0
R2(config-if)#no shut
R2(config-if)#exit


BASIC CONFIGURATION OF ROUTER-R3:

R3(config)#int serial 1/1
R3(config-if)#ip address 2.0.0.2  255.0.0.0
R3(config-if)#no shut
R3(config-if)#exit

R3(config)#interface fast 0/0
R3(config-if)#ip address 200.100.150.1  255.255.255.0
R3(config-if)#no shut
R3(config-if)#exit 

RUNNING EIGRP ON ROUTER R1, R2, & R3:

R1(config)#router eigrp 2
R1(config-router)#network 200.100.50.0
R1(config-router)#network 1.0.0.0
R1(config-router)#end

R2(config)#router eigrp 2
R2(config-router)#network 200.100.100.0
R2(config-router)#network 2.0.0.0
R2(config-router)#network 1.0.0.0
R2(config-router)#end

R3(config)#router eigrp 2
R3(config-router)#network 200.100.150.0
R3(config-router)#network 2.0.0.0
R3(config-router)#end

CHECK THE ROUTING TABLE OF ROUTER R1, R2 & R3:

R1#show ip route
C    1.0.0.0/8 is directly connected, Serial1/0
D    2.0.0.0/8 [90/2681856] via 1.0.0.2, 00:01:38, Serial1/0
C    200.100.50.0/24 is directly connected, FastEthernet0/0
D    200.100.100.0/24 [90/2172416] via 1.0.0.2, 00:01:38, Serial1/0
D    200.100.150.0/24 [90/2684416] via 1.0.0.2, 00:00:59, Serial1/0

R2#show ip route
C    1.0.0.0/8 is directly connected, Serial1/1
C    2.0.0.0/8 is directly connected, Serial1/0
D    200.100.50.0/24 [90/2172416] via 1.0.0.1, 00:02:11, Serial1/1
C    200.100.100.0/24 is directly connected, FastEthernet0/0
D    200.100.150.0/24 [90/2172416] via 2.0.0.2, 00:01:33, Serial1/0


R3#show ip route
D    1.0.0.0/8 [90/2681856] via 2.0.0.1, 00:02:00, Serial1/1
C    2.0.0.0/8 is directly connected, Serial1/1
D    200.100.50.0/24 [90/2684416] via 2.0.0.1, 00:02:00, Serial1/1
D    200.100.100.0/24 [90/2172416] via 2.0.0.1, 00:02:00, Serial1/1
C    200.100.150.0/24 is directly connected, FastEthernet0/0



PERFORMING AUTHETICATION ON ROUTER-R2

R2(config)#key chain pakistan
NOTE:  This command identifies the name of the authentication key chain from which a key is to be obtained.
R2(config-keychain)#key 100
Note: This command identifies the ID number of authentication key on a key chain and enter configuration mode for that key. The range of keys is from 0 to 2147483648. The key ID number need not be consecutive.
R2(config-keychain-key)#key-string tayyab
Note: This command is used to set an authentication string (password) that is to be used to authenticate sent and received EIGRP packets. The string can contain from 1 to 80 uppercase and lowercase alphanumeric characters, except that the first character cannot be a number.
R2(config-keychain-key)#exit
R2(config-keychain)#exit
R2(config)#int serial 1/0
R2(config-if)#ip authentication key-chain eigrp 2 pakistan
*May 17 15:35:45.383: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 2: Neighbor 2.0.0.2 (Serial1/0) is down: keychain changed
*May 17 15:35:46.067: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 2: Neighbor 2.0.0.2 (Serial1/0) is up: new adjacency


Note: This command is used to enable authentication of EIGRP packets using keychain "Pakistan".
R2(config-if)#ip authentication mode eigrp 2 md5
*May 17 15:38:50.799: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 2: Neighbor 2.0.0.2 (Serial1/0) is down: authentication mode changed.

Note: There are two methods used for the authentication of EIGRP packets i.e. MD5 and Clear Text. This command is used to specify that MD5 authentication mode will be used. 

AFTER PERFORMING AUTHENTICATION ON ROUTER-R2:

R2#show ip eigrp neighbors
IP-EIGRP neighbors for process 2
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                                               (sec)         (ms)       Cnt Num
0   1.0.0.1                    Se1/1                     11 00:09:29  302  1812  0  8



R3#show ip eigrp neighbors
IP-EIGRP neighbors for process 2
Note: Adjacency between router R2 and Router R3 have been terminated. Therefore, router R2 has lost its neighbor 2.0.0.2 and Router R3 has lost its neighbor 2.0.0.1.


PERFORMING AUTHETICATION ON ROUTER-R3

R3(config)#key chain pakistan
R3(config-keychain)#key 100
R3(config-keychain-key)#key-string tayyab
R3(config-keychain-key)#exit
R3(config-keychain)#exit

R3(config)#int serial 1/1
R3(config-if)#ip authentication key-chain eigrp 2 pakistan
R3(config-if)#ip authentication mode eigrp 2 md5
R3(config-if)#exit

*May 17 15:45:16.527: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 2: Neighbor 2.0.0.1 (Serial1/1) is up: new adjacency


AFTER PERFORMING AUTHENTICATION OF ROUTER-R3::

R2#show ip eigrp neighbors
IP-EIGRP neighbors for process 2
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                                                     (sec)         (ms)       Cnt Num
1   2.0.0.2                 Se1/0                     12 00:01:34  217  1302  0  12
0   1.0.0.1                 Se1/1                     11 00:14:40  325  1950  0  8


R3#show ip eigrp neighbors
IP-EIGRP neighbors for process 2
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                                                    (sec)   (ms)              Cnt Num
0   2.0.0.1                 Se1/1                        12 00:02:25  236  1416  0  20

_______________________________________________
_______________________________________________



Posted by at No comments:

BASIC CONFIGURATION OF EIGRP


BASIC CONFIGURATION OF ROUTER-R1::

R1(config)#int serial 1/0
R1(config-if)#ip add 1.0.0.1  255.0.0.0
R1(config-if)#no shut
R1(config-if)#exit

R1(config)#int fastethernet 0/0
R1(config-if)#ip address 200.100.50.1  255.255.255.0
R1(config-if)#no shut
R1(config-if)#exit

BASIC CONFIGURATION OF ROUTER-R2::

R2(config)#int serial 1/1
R2(config-if)#ip address 1.0.0.2  255.0.0.0
R2(config-if)#no shut
R2(config-if)#exit

R2(config)#int serial 1/0
R2(config-if)#ip address 2.0.0.1  255.0.0.0
R2(config-if)#no shut
R2(config-if)#exit

R2(config)#int fastethernet 0/0
R2(config-if)#ip address 200.100.100.1  255.255.255.0
R2(config-if)#no shut
R2(config-if)#exit

BASIC CONFIGURATION OF ROUTER-R3::

R3(config)#int serial 1/1
R3(config-if)#ip address 2.0.0.2  255.0.0.0
R3(config-if)#no shut
R3(config-if)#exit

R3(config)#interface fast 0/0
R3(config-if)#ip address 200.100.150.1  255.255.255.0
R3(config-if)#no shut
R3(config-if)#exit

ROUTING TABLE OF ROUTER-A, B, & C (Before Running EIGRP on Router-A, B & C)::

R1#show ip route
C    1.0.0.0/8 is directly connected, Serial1/0
C    200.100.50.0/24 is directly connected, FastEthernet0/0


R2#show ip route
C    1.0.0.0/8 is directly connected, Serial1/1
C    2.0.0.0/8 is directly connected, Serial1/0
C    200.100.100.0/24 is directly connected, FastEthernet0/0


R3#show ip route
C    2.0.0.0/8 is directly connected, Serial1/1
C    200.100.150.0/24 is directly connected, FastEthernet0/0


RUNNING EIGRP ON ROUTER-A::

R1(config)#router eigrp 2
R1(config-router)#network 200.100.50.0
R1(config-router)#network 1.0.0.0
R1(config-router)#end

RUNNING EIGRP ON ROUTER-B::

R2(config)#router eigrp 2
R2(config-router)#network 200.100.100.0
R2(config-router)#network 2.0.0.0
R2(config-router)#network 1.0.0.0
R2(config-router)#end
*May 17 08:02:16.387: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 2: Neighbor 1.0.0.1 (Serial1/1) is up: new adjacency

Note:: HELLO messages are used to find and maintain neighbors in the topology table. They are sent periodically and unreliably.
Router R1 sends EIGRP Hello messages to a multicast address 224.0.0.10 to find its neighbors. Router B (after receiving those messages through its interface serial 1/1) sends an acknowledgement of those messages. Router R2 also sends EIGRP Hello messages to multicast address 224.0.0.10. Only Router R1 sends an acknowledgment of EIGRP Hello messages of router R2, through network 1.0.0.0. Once Router R1 & R2 gets the acknowledgement of these EIGRP Hello messages from each other, they establishes a neighborship/adjacency and a "new adjacency" messages appears on both routers.

RUNNING EIGRP ON ROUTER-C::

R3(config)#router eigrp 2
R3(config-router)#network 200.100.150.0
R3(config-router)#network 2.0.0.0
R3(config-router)#end
*May 17 08:03:04.055: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 2: Neighbor 2.0.0.1 (Serial1/1) is up: new adjacency

Note:: Now router R3 receives EIGRP Hello messages from router R2 and sends an acknowledgment. Router R3 also sends EIGRP Hello messages to multicast address 224.0.0.0 to find its neighbors. Only router B sends an acknowledgement of their EIGRP Hello messages from each other, they establishes a neighbor ship/adjacency and a "new adjacency" message appears on both routers.
NEIGHBOR TABLES OF ROUTER-R1, R2 & R3::

R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 2
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                                               (sec)         (ms)             Cnt Num
0   1.0.0.2                 Se1/0             13 00:07:27  167  1002  0  9


R2#show ip eigrp neighbors
IP-EIGRP neighbors for process 2
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                                                (sec)         (ms)             Cnt Num
1   2.0.0.2                 Se1/0                    10 00:07:43  250  2250  0  3
0   1.0.0.1                 Se1/1                    11 00:08:40  204  1224  0  3


R3#show ip eigrp neighbors
IP-EIGRP neighbors for process 2
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                                                  (sec)         (ms)           Cnt Num
0   2.0.0.1                 Se1/1                        1    00:08:24  132   792  0  8


Note:: On hearing HELLOS, the router creates a table of its neighbors. The continued recept of these packets maintains the neighbor table. If a HELLO from a known neighbor is not heard within a predetermined amount of time, as stated in the HOLDTIME, the router will decide that the neighbor is no longer operational and will take the appropriate action. The HOLDTIME is set at the default of three times the HELLO timer. Therefore, if the router skips three HELLOS, the neighbor is declared DEAD. The HELLO timer on a LAN is set to 5 seconds; there for the HOLDTIME is 15 seconds. On a WAN link, the HELLO timer is 60 seconds, and the HOLDTIME correspondingly is 180 seconds.
To bacome a neighbor, following conditions must be mst:
  • The router must hear a Hello packet or an ACK from a neighbor.
  • The Autonomous System Number (AS) in the packet header must be same as of the receiving router.
  • The neighbor's metric setting must be the same.

Neighbor table displays a list of every neighbor, including the IP address, the outgoing interface, the HOLDTIME, smooth router trip timer (SRTT), and uptime or how long since the neighbor was added to the table. The table is built from information on hellos received from adjacent routers (neighbors).
Kindly note that, router R2 has two neighbors; first is router R3 located at 2.0.0.2 address and the second is router R1 located at 1.0.0.1 address. Neighbor ship/adjacency is always developed between directly connected routers.

TOPOLOGY TABLES OF ROUTER-R1, R2 & R3::

R1#show ip eigrp topology
IP-EIGRP Topology Table for AS(2)/ID(200.100.50.1)

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status

P 1.0.0.0/8, 1 successors, FD is 2169856
        via Connected, Serial1/0
P 2.0.0.0/8, 1 successors, FD is 2681856
        via 1.0.0.2 (2681856/2169856), Serial1/0
P 200.100.150.0/24, 1 successors, FD is 2684416
        via 1.0.0.2 (2684416/2172416), Serial1/0
P 200.100.50.0/24, 1 successors, FD is 28160
        via Connected, FastEthernet0/0
P 200.100.100.0/24, 1 successors, FD is 2172416
        via 1.0.0.2 (2172416/28160), Serial1/0

Advertised Distance (AD):: The cost of the path to the remote network from the neighbor (the metric from the next-hop router).
Feasible Distance (FD):: The lowest-cost distance (metric) to a remote network.

R2#show ip eigrp topology
P 1.0.0.0/8, 1 successors, FD is 2169856
        via Connected, Serial1/1
P 2.0.0.0/8, 1 successors, FD is 2169856
        via Connected, Serial1/0
P 200.100.150.0/24, 1 successors, FD is 2172416
        via 2.0.0.2 (2172416/28160), Serial1/0
P 200.100.50.0/24, 1 successors, FD is 2172416
        via 1.0.0.1 (2172416/28160), Serial1/1
P 200.100.100.0/24, 1 successors, FD is 28160
        via Connected, FastEthernet0/0


R3#show ip eigrp topology
P 1.0.0.0/8, 1 successors, FD is 2681856
        via 2.0.0.1 (2681856/2169856), Serial1/1
P 2.0.0.0/8, 1 successors, FD is 2169856
        via Connected, Serial1/1
P 200.100.150.0/24, 1 successors, FD is 28160
        via Connected, FastEthernet0/0
P 200.100.50.0/24, 1 successors, FD is 2684416
        via 2.0.0.1 (2684416/2172416), Serial1/1
P 200.100.100.0/24, 1 successors, FD is 2172416
        via 2.0.0.1 (2172416/28160), Serial1/1

NOTE:: The topology table in EIGRP manages the selection of routes to be added to the routing table. The topology table has a record of all known network routes within the organization. The tableis built from the update packets that are exchanged by the neighbors and by replies to queries sent by the router. When the router has an understanding of the network, it runs DUAL to determine the best path to the remote network. the result is entered into the routing table.
"DUAL" (Diffusing Update Algorithm), represented with D in routing tables, is responsible for maintenance of the topology table and the creation of the routing table. The topology table records the metric as received from the advertising router, or the next logical hop. It then adds the cost of getting to that neighbor, the one that is advertising the route. The cost to the destination network from the advertising router, plus the cost to that router, equals the metric to the destination network from the router. The metric or cost from the neighbor advertising the route is known as the advertised distance (AD). The metric or cost from the router that is determining the metric or the local router is referred to as the feasible distance (FD). If the AD is less than the FD, then the next-hop router is downstream and there is no loop.

ROUTING TABLE OF ROUTER-R1, R2 & R3:: (After Running EIGRP on Router-R1, R2 & R3)

R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    1.0.0.0/8 is directly connected, Serial1/0
D    2.0.0.0/8 [90/2681856] via 1.0.0.2, 00:39:22, Serial1/0
C    200.100.50.0/24 is directly connected, FastEthernet0/0
D    200.100.100.0/24 [90/2172416] via 1.0.0.2, 00:39:22, Serial1/0
D    200.100.150.0/24 [90/2684416] via 1.0.0.2, 00:38:25, Serial1/0

Note:: The Routing table is built from the topology table after DUAL has been run. The topology table. This is where all the routes are stored. Best paths are stored in the routing table and the router can make routing decisions.
R2#show ip route
C    1.0.0.0/8 is directly connected, Serial1/1
C    2.0.0.0/8 is directly connected, Serial1/0
D    200.100.50.0/24 [90/2172416] via 1.0.0.1, 00:41:39, Serial1/1
C    200.100.100.0/24 is directly connected, FastEthernet0/0
D    200.100.150.0/24 [90/2172416] via 2.0.0.2, 00:40:41, Serial1/0


R3#show ip route
D    1.0.0.0/8 [90/2681856] via 2.0.0.1, 00:41:18, Serial1/1
C    2.0.0.0/8 is directly connected, Serial1/1
D    200.100.50.0/24 [90/2684416] via 2.0.0.1, 00:41:18, Serial1/1
D    200.100.100.0/24 [90/2172416] via 2.0.0.1, 00:41:18, Serial1/1
C    200.100.150.0/24 is directly connected, FastEthernet0/0


_____________________________________________________________________________
_____________________________________________________________________________

Posted by at No comments:

Monday, May 16, 2011

ClassFul Routing vs ClassLess Routing

Classful routing protocols such as RIP v1 & IGRP does not support VLSM (variable length subnet mask), the only masks that are carried in classful routing updates are the network masks 255.0.0.0 (/8), 255.255.0.0 (/16), 255.255.255.0 (/24). Classless routing protocols such as RIP v2, EIGRP & OSPF support VLSM.

we tend not to think of it this way, but the classful routing protocols RIPv1 & IGRP are actually performing summarization at Network boundaries. Two protocols we do know that also do this are the clessless routing protocols RIPv2 & EIGRP. 
Posted by at No comments:

Routing Protocols vs. Routed Protocols

OSPF, IGRP, EIGRP & RIP are routing protocols, these protocols send routing updates that allow the routing process itself to determine the path or paths that data should take to get from point A to Point B.

Routed Protocols are the protocols that are actually carrying the data. The routed protocols you are most familiar with is IP; other routed protocols are Apple Talk, IPX, Vines, DECENT IV. 
Posted by at No comments:

What is Routing Protocols ?

A standard Procedure for regulating Data transmission between computers. That's just what a routing protocols is. It is an agreement between networking devices as to how they're going to transmit and receive data.
Posted by at No comments:

Sunday, May 15, 2011

Routing Basics

Once you create an internetwork by connecting your WANs and LANs to a router, you'll need to configure logical network addresses, such as IP addresses, to all hosts on the internetwork so that they can communicate across that internetwork.

The Term routing is used for taking a packet from one device and sending it through the network to another device on a different network. Routers don't really care about hosts-they only care about networs and the best path to each network. The logical network address of the destination host is used to get packets to a network through a routed network, and then the hardware address of the host is used to deliver the packet from a router to the correct destination host.

If the network has no routers, then it should be apparent that you are not routing. Routers route traffic to all the networks in your internetwork. To be able to route packets, a router must know, at a minimum, the followings:


  • Destination Address
  • Neighbor routers from which it can learn about remote networks
  • Possible routes to all remote networks
  • The best route to each remote network
  • How to main and verify routing information

The router learns about remote networks from neighbor routers or from an administrator. The router then builds a routing table (a map of the internetwork) that describes how to find the remote networks. If a network is directly connected, then the router already knows how to get it.

If a network isn't directly connected to the router, the router must use one of two ways to learn how to get to the remote network: Static Routing, meaning that someone must hand-type all network locations into the routing table, or something called Dynamic routing.

In dynamic routing, a protocol on one router communicates with the same protocol running on neighbor routers. The routers then update each other about all the networks they know about and place this information into the routing table. If a change occurs in the network, the dynamic routing protocols automatically inform all routers about the event. If static routing is used, the administrator is reponsible for updating all changes by hand into all routers. Typically, in a large network, a combination of both dynamic and static routing is used.

Before we jump into the IP routing process, let's take a look at a simple example that demonstrates how a router used the routing table to route packets out of an interface. We'll be going into a more tetailed study of the process in the next section.

Figure shows a simple two-router network. Lab_A has one serial interface and three LAN interfaces.

Looking at Figure, can you see hich interface Lab_A will use to forward an IP datagram to a host with an IP address of 10.10.10.10?


By using the command show ip route, we can see the routing table (map of the internetwork) that Lab_A uses to make forwarding decisions:


The C in the routing table output means that the network listed are "Directly connected," and until we add a routing protocol--something like RIP, EIGRP, etc.--to the routers in our internetwork (or use static routes), we'll have only directly connected networks in our routing table.

So let's get back to the original question: By looking at the figure and the output of the routing table, can you tell what IP will do with a received packet that has a destination IP address of 10.10.10.10? The router will packet-switch the packet to interface FastEthernet 0/0, and this interface will frame the packet and then send it out on the network segment.

Because we can, let's do another example: Based on the output of the next routing table, which interface will a packet with a destination address of 10.10.10.14 be forwarded from?

First, you can see that the network is subnetted and each interface has a different mask. And I have to tell you--you just can't answer this question if you can't subnet! 10.10.10.14 would be a host in the network 10.10.10.8/29 subnet connected to the FastEthernet0/1 interface. 
Posted by at No comments:

Saturday, May 14, 2011

Using Telnet

Telnet, part of the TCP/IP protocol suite, is a virtual terminal protocol that allows you to make connections to remote devices, gather information, and run programs. After your router and switches are configured, you can use the Telnet program to reconfigure and/or check up on your routers and switches without using a console cable. You run the Telnet program by typing telnet from any command prompt (DOS or Cisco). You need to have VTY password set on the routers for this to work.

Remember, you can't use CDP to gather information about routers and switches that aren't directly connected to your device. But you can use the Telnet application to connect to your neighbor devices and then run CDP on those remote devices to get information on them. You can issue the telnet command from any router prompt like this:


Corp#telnet 10.2.2.2
Trying 10.2.2.2 ... Open
Password required, but none set
[Connection to 10.2.2.2 closed by foreign host]
Corp#

As you can see, I didn't set my passwords--how embarrassing! Remember that the VTY ports on a router are configured as login, meaning that we have to either set the VTY passwords or use the no login command.

On a Cisco router, you don't need to use the telnet command; you can just type in an IP address from a command prompt and the router will assume that you want to telnet to the device. Here's how that looks using just the IP address:


Corp#10.2.2.2
Trying 10.2.2.2 ... Open
Password required, but none set
[Connection to 10.2.2.2 closed by foreign host]
Corp#

At this point, it would be a great idea to set those VTY passwords on the router I want to telnet into. Here's what I did on the remote router named R1:


R1#config t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#line vty 0 ?
<1-807> Last Line number
R1(config)#line vty 0 807
R1(config-line)#password telnet
R1(config-line)#login
R1(config-line)#^Z

Now let's try this again. Here I'm connecting to the router from the Corp ISR console:


Corp#10.2.2.2
Trying 10.2.2.2 ... Open
User Access Verification
Password:
R1>

Remember that the VTY password is the user-mode password, not the enable-mode password. Watch what happens when I try to go into privileged mode after telnetting into router R1:


R1>en
% No password set
R1>

It is basically saying, "No way!" This is a really good security feature because you don't want anyone telnetting into your device and being able to just type the enable command to get into privileged mode. You've got to set your enable-mode password r enable secret pass-word to use Telnet to configure remote devices!

Source:: Cisco Certified Network Associate Study Guide




Posted by at No comments:

Thursday, May 12, 2011

Documenting a Network Topology Using CDP

As the title of this section implies, I'm now going to show you how to document a sample network by using CDP. You'll learn to determine the appropriate router types, interface types, and IP addresses of various interfaces using only CDP commands and the show running-config command. And you can only console into the Lab_A router to document the network. You'll have to assign any remote routers the next IP address in each range. Given figure is what you'll use to complete the document.



In this output, you can see that you have a router with four interfaces: Two FastEthernet and two Serial. First, determine the IP addresses of each interface by using the show running-config command.

Lab_A#sh running-config
Building configuration...
Current configuration : 960 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Lab_A
!
ip subnet-zero
!
!
interface FastEthernet0/0
ip address 192.168.21.1 255.255.255.0
duplex auto
!
interface FastEthernet0/1
ip address 192.168.18.1 255.255.255.0
duplex auto
!
interface Serial0/0
ip address 192.168.23.1 255.255.255.0
!
interface Serial0/1
ip address 192.168.28.1 255.255.255.0
!
ip classless
!
line con 0
line aux 0
line vty 0 4
!
end



With this step completed, you can now write down the IP address of the Lab_A router's four interfaces. Next, You need to determine the type of devices on the other end of each of these interfaces. It's easy to do this--Just use the show cdp neighbors command:


You've got a good deal of information now! By using both the show running-config and show cdp neighbors commands, you know about all the IP addresses of the Lab_A router plus the types of routers connected to each of the Lab_A router's links and all the interfaces of the remote routers.

And by using all the information gathered from show running-config and show cdp neighbors, we can now create the topology figure.

If we needed to, we could've also used the show cdp neighbors detail command to view the neighbor's IPaddresses. But since we know the IP addresses of each link on the Lab_A router we already know that the next available IP address is going to be.




Posted by at No comments:

Wednesday, May 11, 2011

Gathering Port and Interface Information in CDP

The show cdp interface command gives you the CDP status on router interfaces or switch ports. As i said earlier, you can turn off CDP completely on a router by using no cdp run command. But remember that you  can also turn off CDP on a per-interface basis with the no cdp enable command. You enable a port with the cdp enable command. All ports and interfaces default to cdp enable.

On a router, the show cdp interface command displays information about each interface using CDP, including the encapsulation on the line, the timer, and the holdtime for each interface. Here's an example of this command's output on the R1 Router.

R1#show cdp interface
FastEthernet0/0 is administratively down, line protocol is down
  Encapsulation ARPA
  Sending CDP packets every 60 seconds
  Holdtime is 180 seconds
Serial1/0 is up, line protocol is up
  Encapsulation HDLC
  Sending CDP packets every 60 seconds
  Holdtime is 180 seconds
Serial1/1 is up, line protocol is up
  Encapsulation HDLC
  Sending CDP packets every 60 seconds
  Holdtime is 180 seconds
Serial1/2 is administratively down, line protocol is down
  Encapsulation HDLC
  Sending CDP packets every 60 seconds
  Holdtime is 180 seconds
Serial1/3 is administratively down, line protocol is down
  Encapsulation HDLC
  Sending CDP packets every 60 seconds
  Holdtime is 180 seconds

The above output is nice because it always tells you the interface's status. To turn off CDP on one interface on a router, use the no cdp enable command from interface configuration mode:

R1#config terminal
R1(config)#int serial 1/0
R1(config-if)#no cdp enable

R1#show cdp interface
FastEthernet0/0 is administratively down, line protocol is down
  Encapsulation ARPA
  Sending CDP packets every 60 seconds
  Holdtime is 180 seconds
Serial1/1 is up, line protocol is up
  Encapsulation HDLC
  Sending CDP packets every 60 seconds
  Holdtime is 180 seconds
Serial1/2 is administratively down, line protocol is down
  Encapsulation HDLC
  Sending CDP packets every 60 seconds
  Holdtime is 180 seconds
Serial1/3 is administratively down, line protocol is down
  Encapsulation HDLC
  Sending CDP packets every 60 seconds
  Holdtime is 180 seconds

Notice that serial 1/0 isn't listed in the router output. To get that output, you'd have to perform a cdp enable on serial 1/0. It would show up in the output:

R1#config terminal
R1(config)#int serial 1/0
R1(config-if)#cdp enable


Posted by at No comments:

Gathering Interface Traffic Information Through CDP

The show cdp traffic command displays information about interface traffic, including the number of CDP packets sent and received and the errors with CDP. The following output shows the show cdp traffic command used on the R1 Router.


R1#show cdp traffic
CDP counters :
        Total packets output: 78, Input: 73
        Hdr syntax: 0, Chksum error: 0, Encaps failed: 0
        No memory: 0, Invalid packet: 0, Fragmented: 0
        CDP version 1 advertisements output: 0, Input: 0
        CDP version 2 advertisements output: 78, Input: 73

This is not really the most important information you can gather from a router, but it does show how many cdp packets are sent and received on a device.

Posted by at No comments:

Gathering Neighbor Information Through CDP

The show cdp neighbor command delivers information about directly connected devices. It's important to remember that CDP packets aren't passed through a Cisco Switch and that you only see what's directly attached. So this means that if your router is connected to a switch, you won't see any of the devices hooked up to that switch.
The following output shows the show cdp neighbor command used on my R1 router.

R1#show cdp neighbor
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater

Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
R2               Ser 1/0            158           R       7206VXR   Ser 1/0
R3               Ser 1/1            150           R       7206VXR   Ser 1/0

Okay, we are directly connected with a console cable to the R1 Router. and the router is directly connect to two devices. We have one connection to the Router R2 and one connection to the router R3. The device ID shows the configured hostname of the connected devices, the local interface is our interface, and the port ID is the remote devices' directly connected interface. All you get to review are directly connected devices.

Given table summarizes the information displayed by the show cdp neighbor command for each device.

Device ID     |     the hostname of the device directly connected.

Local Interface     |     The port or interface on which you are receiving the CDP packet.

Holdtime     |     The amount of time the router will hold the information before discarding it if no more CDP packet are received.

Capability     |     The capability of the neighbor, such as the router, switch, or repeater. the capability codes are listed at the top of the command output.

Platform     |     The type of Cisco device directly connected. In the privious coutput, A Cisco 7200 router is attached directly to the 7200 router.

Port ID     |     The neighbor device's port or interface on which the CDP packets are multicast.


Another command that'll deliver the goods on neighbor information is the show cdp neighbors detail command. this command can be run on both routers and switches, and it displays detailed information about each device connected to the device you're running the command on. Check out this router output for an example:

R1#show cdp neighbors detail
-------------------------
Device ID: R2
Entry address(es):
  IP address: 12.1.1.2
Platform: Cisco 7206VXR,  Capabilities: Router
Interface: Serial1/0,  Port ID (outgoing port): Serial1/0
Holdtime : 123 sec

Version :
Cisco IOS Software, 7200 Software (C7200-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Fri 11-Jul-08 04:22 by prod_rel_team

advertisement version: 2

-------------------------
Device ID: R3
Entry address(es):
  IP address: 13.1.1.3
Platform: Cisco 7206VXR,  Capabilities: Router
Interface: Serial1/1,  Port ID (outgoing port): Serial1/0
Holdtime : 175 sec

Version :
Cisco IOS Software, 7200 Software (C7200-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Fri 11-Jul-08 04:22 by prod_rel_team

advertisement version: 2


What are we being shown here? First, we're given the hostname and IP address of all directly connected devices. In addition to the same information displayed by the show cdp neighbor command, the show cdp neighbor detail command gives us the IOS version of the neighbor device.

The show cdp entry * command displays the same information as the show cdp neighbors detail command. Here's an example of the router output using the show cdp entry * command:

R1#show cdp entry *

-------------------------
Device ID: R2
Entry address(es):
  IP address: 12.1.1.2
Platform: Cisco 7206VXR,  Capabilities: Router
Interface: Serial1/0,  Port ID (outgoing port): Serial1/0
Holdtime : 171 sec

Version :
Cisco IOS Software, 7200 Software (C7200-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Fri 11-Jul-08 04:22 by prod_rel_team

advertisement version: 2

-------------------------
Device ID: R3
Entry address(es):
  IP address: 13.1.1.3
Platform: Cisco 7206VXR,  Capabilities: Router
Interface: Serial1/1,  Port ID (outgoing port): Serial1/0
Holdtime : 163 sec

Version :
Cisco IOS Software, 7200 Software (C7200-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Fri 11-Jul-08 04:22 by prod_rel_team

advertisement version: 2

There isn't any difference between the show cdp neighbors detail and show cdp entry * commands. However, the show cdp entry * command has two options that the show cdp neighbors detail command does not:

R1#show cdp entry * ?
  protocol  Protocol information
  version   Version information
  |         Output modifiers
 


R1#show cdp entry * protocol
Protocol information for R2 :
  IP address: 12.1.1.2
Protocol information for R3 :
  IP address: 13.1.1.3

The preceding output of the show cdp entry * protocols command can show you just the IP addresses of each directly connected neighbor. The show cdp entry * version will show you only the IOS version of your directly connected neighbors:

R1#show cdp entry * version

Version information for R2 :
  Cisco IOS Software, 7200 Software (C7200-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Fri 11-Jul-08 04:22 by prod_rel_team


Version information for R3 :
  Cisco IOS Software, 7200 Software (C7200-ADVENTERPRISEK9-M), Version 12.4(20)T, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Fri 11-Jul-08 04:22 by prod_rel_team

Although the show cdp neighbors detail and show cdp entry commands are very similar, the show cdp entry command allows you to display only one line of output for each directly connected neighbor, whereas the show cdp neighbor detail command does not.

Source: CCNA: Cisco Certified Network Associate Study Guide, 6th Edition
Posted by at No comments:
Subscribe to: Comments (Atom)