CCNP Route: 300-101 PPP: Point to Point Protocol it is open standard protocol it is layer 2 protocol it can encapsulate any routed protocol. (IPv4,ipv6, IPX, APPLE Talk) it support authentication but other layer 2 protocol doesn't support it can aggregate multiple serial link between two router it also support header compression it can use different subnet ip on single segment. it support one way authentication and two way authentication in ppp we can define static-default route dynamically how to configure ppp r1(config-if)#encapsulation ppp r#debug ppp negotiation r2(config-if)#encapsulation ppp r2#debug ppp negotiation r#show ip route Phases in PPP 1 Down: in this phase, ppp is down, this message is seen after the link and ppp are completely down. 2 Establishment phase: it performed by LCP protocol it will establish link connectivity and will perform authentication when device receive an indication that the physical layer is up and ready to be used. 3 Authentication phase: PPP Authentication phase is option. it occurs when PPP authentication is configured on link, then it will come in authentication phase 4 Network control Phase/UP : it performed by NCP protocol it will exchange ip address of interfaces between two router (IPCP Protocol) r1(config)#interface loopback 1 r1(config-if)# ip address 1.1.1.1 255.255.255.255 r1(config)#int serial 0/0 r1(config-if)#ip unnumbered loopback 1 r2(config)#interface loopback 1 r2(config-if)# ip address 2.2.2.2 255.255.255.255 r2(config)#int serial 0/0 r2(config-if)#ip unnumbered loopback 1 r#show ip route r1(config)#int serial 0/0 r1(config-if)#no peer neighbor-route (router will not receive route from other router) r1#show ip route Note: CDPCP is reponsible to take cdp based packet from one router to another. if CDPCP is disabled thn we cant see neighbor info in cdp cmd. R#clear ppp all (this command can clear process of ppp but it is avaible in ios 15.0 only) how to configure default-route toward ISP automatically cust(config)#int serial 0/0 cust(config-if)#ppp ipcp route default cust#show ip route (sometime route will not come in routing table for that clear ip route *) how to configure one-way authentication (PAP) in this isp will authenticate to customer router isp(config)#username cisco password cisco isp(config)#int serial 0/0 isp(config-if)#ppp authentcation pap cust(config)#int serial 0/0 cust(config-if)#ppp pap sent-username cisco password cisco how to configure two-way authentication (PAP) isp(config)#username cisco password cisco isp(config)#int serial 0/0 isp(config-if)#ppp authentcation pap cust(config)#int serial 0/0 cust(config-if)#ppp pap sent-username cisco password cisco cust(config)#username cisco password cisco cust(config)#int serial 0/0 cust(config-if)#ppp authentcation pap isp(config)#int serial 0/0 isp(config-if)#ppp pap sent-username cisco password cisco how to configure ppp authentication with AAA server. isp(config)#AAA new-model isp(config)# AAA authentication ppp ccie group radius group tacacs+ local isp(config)#username cisco passsword cisco isp(config)#interface serial 0/0 isp(config-if)#ppp athentication pap ccie cust(config)#int serial 0/0 cust(config-if)#ppp pap sent-username cisco password cisco how to connect isp router with radius or tacacs isp(config)#radius-server host 10.10.10.10 key cisco123 isp(config)#tacacs-server host 20.20.20.20 isp(config)#tacacs-server key cisco123 how to configure chap authentication (two-way) isp(config)#username cisco passsword cisco isp(config-if)#encapsulation ppp isp(config-if)#ppp authentication chap cust(config-if)#ppp chap hostname cisco cust(config-if)#ppp chap password cisco cust(config)#username test password cisco cust(config-if)#encapsulation ppp cust(config-if)#ppp authentication chap isp(config)#int serial 0/0 isp(config-if)#ppp chap hostname test isp(config-if)ppp chap password cisco how to aggregate multiple serial link in ppp isp(config)#interface serial 0/0 isp(config-if)#encapsulation ppp isp(config)#interface serial 0/1 isp(config-if)#encapsulation ppp isp(config)#interface multilink 1 isp(config)#int serial 0/0 isp(config-if)#ppp multilink group 1 isp(config)# int serial 0/1 isp(config-if)#ppp multilink group 1 how to configure authentication in multilink interface isp(config)#int multilink 1 isp(config-if)#ppp authentication chap isp(config)#username cisco password cisco cust(config)#interface multilink 1 cust(config-if)#ppp chap hostname cisco cust(config-if)#ppp chap password cisco how to give default route on multilink interface cust(config)#interface multilink 1 cust(config-if)#ppp ipcp route default cust#show ip route PPPoE It stand for PPP over ethernet it wil add ppp information (8byte) between ethernet header and ip header it will not remove ethernet header PPPoE server configuration r1(config)#interface virtual-temple 1 r1(config-if)#encapsulation ppp (default is ppp) r1(config-if)#ip address 12.1.1.1 255.255.255.0 (we can call loopback address) r1(config)#bba-group pppoe test r1(config-bba-group)#virtual-templete 1 r1(config)#interface ethernet 0/0 r1(config-if)#pppoe enable group test PPPoE client Configuration r2(config)#interface dialer 10 r2(config-if)#encapsulation ppp r2(config-if)#ip address 12.1.1.2 255.255.255.0 (we can call loopback address) r2(config-if)#dialer pool 100 r2(config)#interface ethernet 0/0 r2(config-if)#pppoe-client dial-pool-number 100 how to configure authentication in PPPoE r1(config)#interface virtual-templete 1 r1(config-if)#ppp authentication chap r1(config)#username cisco password cisco r2(config)#interface dialer 10 r2(config-if)#ppp chap hostname cisco r2(config-if)#ppp chap password cisco how to configure dynamic ip addrss to pppoe client from dhcp server r1(config)#ip dhcp pool ccie r1(dhcp-config)#network 12.1.1.0 /24 r1(dhcp-config)#default-router 12.1.1.1 r1(config)#ip dhcp excluded-address 12.1.1.1 r1(config)# interface virtual-template 1 r1(config-if)#peer default ip address dhcp-pool ccie r2(config)#interface dialer 10 r2(config-if)#encapsulation ppp r2(config-if)#ip address negotiated / ip address dhcp if client is not receiving ip from dhcp server than clear ppp all or flap interface how to provide dynamic ip address to client from local pool r1(config)# ip local pool ccie1 12.1.1.10 12.1.1.10 r1(config-if)# peer default ip address pool ccie1 PPP Negotiation packets: 1 Configure-Request: device will send confreq msg to open a connection to the peer. it contain configuration option and values the sender wishes the peer to support. if the peer responds with a confrej or confnak msg then the router sends another confreq msg. 2 Configure-Reject: if configuration option received in the confreq msg is not acceptable thn device will send confreject 3 Configure-Nak: if received configration option is acceptable but some value is not acceptable thn router transmit a confnak msg Configure-Ack: if all options and values in confreq msg are acceptable thn router will transmit confack msg Terminate-Request: this msg is used to initiate and LCP close Terminate-Ack: this msg is tranmitted in reponse to the rerminate-req msg Types of Layer3 switching Process switching Fast-switching CEF (cisco express forwording) Process switching Fast switching Route Processor Switch engine CEF (cisco express forwording) There is two types of table in cef FIB: it is replica of RIB, It is present inside data plane only. Adjecancy There is two types of CEF Centeralized CEF Decenteralized CEF Type of adjacency table Null adjacency: null adj table will be responsible to handle all those packet which are forworded towards nulls interface Drop adjacency: this table is basically responsible to handle all those packet which are encounteredwith mismatch of encapsulation or crc error. Discard adjacency: this table is resonsible to handle all those packet which are discarded by an acl Glean adjacency: this table is responsible to have information about all directly connected network and whenever a packet will mode to a any directly connected network thn all those packet will be handled by glean adjacency. Punt adjacency: this table is reponsible to handle those packet which is not processed by cef and forworded to control plane to process these packet r1#show ip cef 3.3.3.3 r#debug ip packet (enable on all routers) r2(config)#no ip cef r2(config-if)#no ip route-cache IP addressing version 4, Subnetting and VLSM ARP Process IP Routing routing is a process or technique to identify the path from one network to another network a router must know the following information to route the packets from one network to another network. destination network neighbor router from which it can learn about remote network possible number of router to reach the destination best route to reach the destination There are two types of Routing Static routing Dynaming routing Static Routing Static routing is specified by an administrator in which an administrator manually specifies all routes Advantage: security low CPU utalization Efficient in small network usually used in small network Disadvantage: Time consuming Not good for large network burden on an administrator There are three way to configure static route By using next-hop address by using exit interface by using next-hop and exit interface it will install both route into routing table. bcz it will check logest prefix match and prefix match is same. after that it will check a.d. value and a.d. is also same.after that it will metric and static route matric is always 0 so both route metric is also same.. so it will install both routes into routing table. but it will not perform load-balancing it will preffer that path which is installed first into routing table Floating Static Routing floating static routing than one route will be save in routing table and second route will be same in nvram if first route goes down than second route will automatically placed into routing table. r(config)#ip route 0.0.0.0 0.0.0.0 12.1.1.1 r(config)#ip route 0.0.0.0 0.0.0.0 23.1.1.1 2 EIGRP it stand for Enhanced interior gateway routing protocol it is open standard protocol. it is an IGP Protocol it is a hybrid/advance distance routing protocol. metric is bandwidth+load+delay+reliability+mtu hello timer 5sec and hold timer 15sec. hop count bydefault 100 and maximum 255. first time full update after that triggered update it is a PDM Protocol (protocol dependant module). administrative distance is 90/170/5 it is a classless routing protocol it support vlsm it support discontigious network. bydefault auto-summary is enabled/ disable in ios version 15.0 and above. multicast address 224.0.0.10 protocol number 88. there are two version of eigrp v2 and v3 we can run maximum 30process on a single router it support equal load-balancing, bydefault 4, max 16/32. it uses dual algorithem for best path selection (diffusing update algorithem) it will create neighbor with using primary address. DUAL (Diffusing update algorithem) it is an algorithem used by eigrp for select lowest cost loop free path for each possible destination it also provide fast convergence. if in topology table multiple path available than it will run dual and it will select best route and put it in routing table there are four terms of dual: 1 FD, 2 RD, 3 Successor, 4 Feasible Successor FD: Feasible Distance total metric from source to destination or you can say that a caculated metric of successor is called FD. RD: Reported Distance A router's FD will be called RD to its neighbor Successor: A successor route is the best route to reach destination network a successor route is lowest cost to reach destination a successor route will stored in topology table as well as in routing table. Feasible Successor it is a backup path of successor which stored in topology table. eigrp will keep up to 32 feasible successor in topology table in ios version 15.0 feasibility condition AD>RD of current successor Types of EIGRP packets Hello Update-RTP Query-RTP Reply-RTP ACK RTP: Reliable Tranport Protocol it is used for detecting packet loss and to ensure ordered delivery of the packets Hello hello packet is used for neighbor discovery and for keepalive. contents of hello version opcode: hello,ack =5, update=1 , query =3, reply=4 checksum autonomous system number eigrp parameters: k values, hold time sequence and acknowledge: used for acknowledged packet only (update,query, reply) software version: information about the ios version requirment for neighborship A.S. must match. K values must match. Authentication must match. Network id must match. update: update msg can be unicast or multicast it used rtp protcol contain (subnets/prefix length, delay, bandwidth, mtu, load, reliability, hop count.) update packets are sent between neighbor to build the topology table and routing table. if there is static neighborship between router than update will be unicast. Ack: ack msg always sent as unicast. ack is not used in the case of hello. it is just for rtp packets Query: query packets are sent by a router when successor route fail and ther is no feasible successors in the topology table. the routers places the route in active state and sent a query to its neighbors for an alternetive route. query msg are sent as a multicast 224.0.0.10 Reply: reply packets are sent in response to query packets, the responding router has an alternetive route. reply packets are sent as a unicast to the querying router. stuck in active when a router noticess that a route failure and there is no feasible successor that route move in active state from passive, that router sends a query msg to its neighbor and it will wait for 3min for reply. if router does not receive a reply within active timer, that route will considered stuck-in-active state if router not receiving reply within 3min router will flap the neighborship with its neighbor router(config-router)#timers active-time (value) solution of stuck in active Disable active timers Stub router router(config-router)#eigrp stub Summarization types of table in eigrp Neighbor table Topology table Routing Table Neighbor Table it contains information about its neighbor r#show ip eighrp neighbor Topology Table it contains all destination advertise routes by neighbor routers which come from the nbr routing table r#show ip eigrp topology r#show ip eigrp topology all-links Routing Table it contain the best route to each remote network and this path called successor it will contain three types of route: internal, external, summary r#show ip route r#show ip route 1.1.1.0 r#show ip route eigrp r#show ip route eigrp 100 Null 0: it is a loop avoidance mechnism entry stored in routing table, null0 will be created only in case of summarization (auto & manual) if any traffic goes towards null0 thn it will drop by eigrp Metric Value: it use composite metric for route selection k1*1 = Bandwidth (measured in kilobytes per second) k2*0= Load (numbers from 1 to 255) k3*1= Delay (measured in 10's of microsecond) k4*0=reliability (numbers from 1 to 255, 255 is most reliable) k5*0= MTU serial: bandwidth 1544kbps, delay 20,000 microseconds fastethernet: bandwidth 100000kbps, delay 1000 microsecond loopback: delay 5000 microsecond. how to change metric weights R(config-router)#metric weights 0 1 1 1 1 0 Passive Interface router(config-router)#passive-interface default router(config-router)#passive-interface ethernet 0/0 Unequal-cost Load-Balancing eigrp automatically supports load balancing over four equal-cost routes. eigrp support up to 32 equal-cost path with ios version 15.0, in previous ios 16path Varriance: it will multiply with successor when dual algorithem run on topology table (default1, 1to128). router(config-router)#varriance (1 to 128) Offset-list it is used for equal cost load-balancing or path manupulation router(config)#access-list 1 permit 1.1.1.0 0.0.0.255 router(config-router)#offset-list 1 in 100 (on all interface) router(config-router)#offset-list 1 in 100 ethernet 0/0 (for spacific interface) router#show ip protocol (to check offset list). how to change maxium path bydefault eigrp support equal cost load balancing in 4paths we can change it up to 32 in ios version 15.0 and above router(config-router)#maximum-path 8 (1 to 32) MD-5 Authentication r1(config)#key chain cisco (key chain name can be different) r1(config-keychain)#key 1 r1(config-keychanin-key)#key-string cisco1 r1(config-if)#ip authentication mode eigrp 100 md5 r1(config-if)#ip authentication key-chain eigrp 100 cisco r1#show key chain MD-5 Authentication with multiple key r(config)#key chain cisco r(config-keychain)#key 1 r(config-keychain-key)#key-string cisco1 r(config-keychain-key)#send-lifetime 10:00:00 16 dec 2015 10:00:00 17 dec 2015 r(config-keychain-key)#accept-lifetime 10:00:00 16 dec 2015 10:00:00 17 dec 2015 key 2 send-lifetime 09:59:00 17 dec 2015 10:00:00 18 dec 2015 interface link working in which A.S r#show ip eigrp interface how to check hello timer on any interface r#show ip eigrp interface detail how to change hello timer and holddown timer router(config-if )# ip hello-interval eigrp 100 10 router(config-if )#ip hold-timer eighrp 100 30 advertise route with redistribution command it will show as a external route in routing table router(config-router)#redistribute connected how to change max hop count r(config-if)#metric maximum-hopes 1 split-horizon it is a loop avoidance technique, bydefault it is enable on interface r(config-if)# No ip split-horizon eigrp 100 r(config-router)# eigrp stub Route Filtering route filtering is used to filter the unused routes of a router. it is used to reduce the size of routing table. we can perform route filtering by using 4 methods. Standard ACL Extended ACL Route-map Prefix-list Route Filtering by using standard Acl r(config)#access-list 1 deny 3.3.3.0 0.0.0.255 r(config)#access-list 2 permit any r(config-router)#distribut-list 1 in fa 0/0 r(config-router)#distribut-list 1 in r#show ip protocol route filtering by using extended Acl source: next hop address from which router receiving the routes destination: the routes which we want to filter r(config)#access-list 101 deny ip host 12.1.1.2 3.3.3.0 0.0.0.255 r(config)#access-list 101 permit ip any any r(config-router)#distribut-list 101 in r#show ip protocol r#show access-list 101 Route filtering by using Route-Map r(config)#access-list 1 permit 3.3.3.0 0.0.0.255 r(config)#route-map cisco deny 10 r(config-route-map)#match ip address 1 r(config)#route-map cisco permit 20 r(config-router)#distribute-list route-map cisco in r#show route-map Route filtering by metric r(config)#route-map cisco deny 10 r(config-route-map)#match metric 1000 r(config)#route-map cisco permit 11 r(config-router)#distribut-list route-map cisco in filter route with using metric between 100 to 200 200-100 =100 100/2=50 100+50=150 (150 +- 50) router(config)#route-map cisco deny 10 router(config-route-map)#match metric 150+-50 router(config)#route-map cisco permit 11 router(config-router)#distribute-list route-map cisco Route filtering by using prefix-list any= 0.0.0.0 /0 ge= greater thn le= less thn r(config)#ip prefix-list 1 deny 1.1.0.0/16 ge 24 le 24 r(config)#ip prefix-list 1 permit 0.0.0.0/0 le 32 r(config-router)#distribute-list prefix 1 in r#show ip prefix-list 1 Route filtering by using A.D. 255 r(config)#access-list 1 permit 1.1.1.0 0.0.0.255 r(config-router)#distance 255 12.1.1.2 0.0.0.0 1 (for specific route from 12.1.1.2) or r(config-router)#distance 255 12.1.1.2 0.0.0.0 (for all route from 12.1.1.2) how to filter internal/external route r(config-router)#distance eigrp 90 255. r(config-router)#distance eigrp 255 170. Load-balancing with using summarization r5(config-if)#ip summary-address eigrp 100 5.5.0.0 255.255.252.0 (interface fa 1/0) r5(config-if)#ip summary-address eigrp 100 5.5.4.0 255.255.252.0 (interface fa 1/1) how to configure summarization with leak-map r5(config)#access-list 10 permit 5.5.3.1 0.0.0.255 r5(config)#route-map cisco permit 5 r5(config-route-map)# match ip address 10 r5(config-if)#ip summary-address eigrp 100 5.5.0.0 255.255.0.0 leak-map cisco how to change A.D. value for summary route/ for null r5(config-if)#ip summary-address eigrp 100 5.5.0.0 255.255.0.0 91 how to restrict router to install summary route toward null0 r5(config-if)#ip summary-address eigrp 100 10.1.0.0 255.255.252.0 255 static neighborship r3(config-if)#no ip split-horizon eigrp 100 r3(confif-if)#no ip next-hop-self eigrp 100 Propogate/Generate default route in EIGRP Redistribut static summarization ip default-network network 0.0.0.0 redistribute static router(config)# ip route 0.0.0.0 0.0.0.0 null 0 router(config-router)# redistribute static summarization router(config-if)# ip summary-address eigrp 100 0.0.0.0 0.0.0.0 IP default-network r(config)#interface loopback 1 r(config-if)#ip address 192.168.101.1 255.255.255.0 r(config)#router eigrp 100 r(config-router)#network 192.168.101.0 r(config)# ip default-network 192.168.101.0 network 0.0.0.0 router(config)# ip route 0.0.0.0 0.0.0.0 null 0 router(config-config)#network 0.0.0.0 Redistribute rip/ospf into EIGRP router(config-router)#redistribute rip metric 1544 0 255 1 1500 router(config-router)#redistribute ospf metric 1544 0 255 1 1500 or router(config-router)#redistribute rip router(config-router)#redistribute ospf 100 router(config-router)#default-metric 1544 0 255 1 1500 advance redistribution in eigrp router(config)# route-map tag1 permit 10 router(config-route-map)#set tag 600 router(config-router)# distribute rip metric 1544 0 255 1 1500 route-map tag1 router(config)#route-map tag2 permit 10 router(config-route-map)#set tag 700 router(config-router)# distribute ospf 100 metric 1544 0 255 1 1500 route-map tag2 router(config)#route-map tag3 permit 10 router(config-route-map)#set tag 800 router(config-router)#redistribute eigrp 200 route-map tag3 router#show ip route 5.5.5.0 router#show ip eigrp topology 5.5.5.0 255.255.255.0 router#show ip eigrp topology Route filtering with tag value router(config)#route-map filter deny 10 router(config-route-map)#match tag 700 router(config)#route-map filter permit 11 router(config-router)#distribute-list route-map filter in filter external/internal route with using route-map router(config)#route-map filter1 deny 10 router(config-route-map)#match route-type external/internal router(config)#route-map filter1 permit 11 router(config-router)#distribute-list route-map filter1 in filter route from specific protocol router(config)#route-map ext deny 10 router(config-route-map)#match source-protocol rip/eigrp200/ospf 100/static/connected router(config)#route-map ext permit 11 router(config-router)#distribute-list route-map ext in Router-id in eigrp external route will carry router-id of originating router. router#show ip eigrp topology 5.5.5.0 255.255.255.0 how to electe Router-ID in eigrp router(config-router)# eigrp router-id 10.10.10.10 1 Highest IP address of loopback interface 2 Highest IP address of physical interface EIGRP Stub Routing r(config-router)# eigrp stub (it will forword connected and summary route only) r(config-router)#eigrp stub receive only (it will not forword any route) r(config-router)#eigrp stub connected (it will forword only connected route) r(config-router)# eigrp stub summary (it will forword only summary route) r(config-router)# eigrp stub redistributed (it will forword only redistributed route Policy based routing Policy based routing can be used to change the next hop ip address. this can be usefull to over rule your routing table for certain traffic types. router(config)#access-list 101 permit ip any 3.3.3.0 0.0.0.255 router(config)#route-map cisco permit 10 router(config-route-map)#match ip address 101 router(config-route-map)# set ip next-hop 13.1.1.2 router(config-if)#ip policy route-map cisco router#debug ip policy IP SLA (IP Service level agreement) it is a track object. this feature allow you to make sure that next hop is reachable befor that the routing table is used. router(config)#access-list 101 permit ip any 5.5.5.0 0.0.0.255 router(config)#ip sla 10 router(config-ip-sla)#icmp-echo 45.1.1.2 source-ip 24.1.1.1 router(config-ip-sla-echo)#frequency 5 (default 60sec) router(config)#ip sla schedule 10 start-time now life forever router(config)#track 100 rtr 10 router(config-track)#delay down 1 router(config-track)#delay up 10 router(config)#route-map cisco permit 10 router(config-route-map)#match ip address 101 router(config-route-map)#set ip next-hop verify-availability 24.1.1.2 5 track 100 router(config-if)#ip policy route-map cisco how to change bandwidth usage by eigrp (bydefault uses 50%) router(config-if)# IP bandwidth-percent eigrp 100 10 Frame-relay fullMesh r1(config-if)#ip address 192.168.1.1 255.255.255.0 r1(config-if)#enacapsulation frame-relay r1(config-if)#ip address 1.1.1.1 255.255.255.0 (loopback) r1(config)#router eigrp 100 r1(config-router)#network 0.0.0.0 r1(config-router)#no auto-summary same configuration on r2,r3,r4 r5(config)#frame-relay switching r5(config)#interface serial 0/0 r5(config-if)#enacapsulation frame-relay r5(config-if)#frame-relay intf-type dce r5(config-if)#clock rate 64000 r5(config-if)#frame-relay route 102 interface serial 0/1 201 r5(config-if)#frame-relay route 103 interface serial 0/2 301 r5(config-if)#frame-relay route 104 interface serial 0/3 401 r5(config)#interface serial 0/1 r5(config)#encapsulation frame-relay r5(config-if)#frame-relay intf-type dce r5(config-if)#clock rate 64000 r5(config-if)#frame-relay route 201 interface serial 0/0 102 r5(config-if)#frame-relay route 203 interface serial 0/2 302 r5(config-if)#frame-relay route 204 interface serial 0/3 402 r5(config)#interface serial 0/2 r5(config)#encapsulation frame-relay r5(config-if)#frame-relay intf-type dce r5(config-if)#clock rate 64000 r5(config-if)#frame-relay route 301 interface serial 0/0 103 r5(config-if)#frame-relay route 302 interface serial 0/1 203 r5(config-if)#frame-relay route 304 interface serial 0/3 403 r5(config)#interface serial 0/3 r5(config)#encapsulation frame-relay r5(config-if)#frame-relay intf-type dce r5(config-if)#clock rate 64000 r5(config-if)#frame-relay route 401 interface serial 0/0 104 r5(config-if)#frame-relay route 402 interface serial 0/1 204 r5(config-if)#frame-relay route 403 interface serial 0/2 304 neighborship will established between neighbor r5#show frame-relay route r5#show frame-relay pvc disable inverse arp router(config-if)#no frame-relay inverse-arp (disable on all router) router#clear frame-relay inarp (to clear inverse arp-cache) how to configure manual mapping router1(config-if)#frame-relay map ip 192.168.1.2 102 broadcast hub and spoke topology router(config)#interface serial 0.0.1 point-to-point router(config-subif)#ip address 12.1.1.1 255.255.255.0 router(config-subif)#frame-relay interface-dlci owndlci Named mode Eigrp Supports both IPv4 and IPv6 EIGRP Can be in different ASes Better config hierarchy Wide Metrics, IPv6 VRF Lite, etc router(config)#router eigrp ccie router(config--router)# address-family ipv4 autonomous-system 100 router(config-router-af)#network 12.1.1.0 0.0.0.255 router#show ip protocol router#show ip topology router#show ip route router(config-router)#address-family ipv4 autonomous-system 100 router(config-router-af)# af-interface default/ ethernet 1/0 router(config-router-af-interface)#passive-interface router(config-router-af-interface)#hello-interval 7 router(config-router-af-interface)#hold-interval 15 router(config-router-af-interface)#authentication mode md5 router(config-router-af-interface)#authentication key-chain cisco123 router(config-router-af-interface)#summary-address 10.1.0.0 255.255.252.0 router(config-router)#address-family ipv4 autonomous-system 100 router(config-router-af)# topology base router(config-router-af-topology)#timers active-time 4min/disable router(config-router-af-topology)# metric maximum-hop 2 router(config-router-af-topology)#maximum-path 32 router(config-router-af-topology)#variance 2 (1 to 128) router(config-router-af-topology)#auto-summary router(config-router-af-topology)#offset-list 1 in 1000 router(config-router-af-topology)#distribute-list acl/prefix/route-map OSPF Open Shortest Path First it is a open standard protocol. It is an IGP Protocol. it is a link state routing protocol. first time full update after that partial update. hop count limit is unlimited. it uses protocol number 89. Default administrative distance is 110. hello timer 10sec, hold time 40. multicast address 224.0.0.5(for all router), 224.0.0.6(for DRrouter). it is a classless routing protocol. bydefault auto-summarization is disabled. maximum path bydefault 4 (ios 15.0 =32). it send a update with a sequence number starting from 0x80000001 to 0xffffffff Types of packet in ospf Type1 hello Type2 DBD database discription Type3 LSR Link state request Type4 LSU Link state update (retransmission time out 5sec) Type5 LS Ack link state acknowledge Note: OSPF header size is 32bytes but always remember that first 24bytes are always common in all packet OSPF Design: it reduce the memory and cpu utalization of router it is easy to solve issues in smaller domain that is area Area in ospf Area is a logical group of devices within a single adminstration. cisco recommond that in single area should not have more than 30 router area-id is a 32bit long ID. Area-id can be represnt in decimal number or ipv4 format Note: inter area route can not move to one area to another area without backbone area, but external route can move one area to another area without backbone area. Types of Router in OSPF Backbone router internal router Area Border Router Autonomous System Boundary router Backbone router a router has all interfaces in Area 0 we can call it transit area internal router A router which has all interfacess in regular Area ABR Area Border Router a router which has at least one interface in backbone area and one in regular area we create ABR for devide database in different area An ABR will keep multiple Area's database in memory it can send routing information to different area but not send database ASBR autonomous system border router it is used to connect different routing protocol with ospf or redistribute rip,eigrp into ospf it is used to exchange routing information in ospf and different protocol Requirement to form ospf neighborship area-id must match timers must match authentication must match subnetmask must match stub flag must match mtu size must match router-id must not match network type should match contents of hello msg ospf version area id router id network mask hello interval chcksum dead interval stub flag priority authentication type authentication designated router backup designated router neighbor router id neigbor router priority Router-id router id is a unique ID in a area to identify the database on every router how to set router id manually router(config-router)#router-id 1.1.1.1 how to set router-id automatically highest ip address of loopback interface highest ip address of physical interface ospf neighborship states Formula to calculate total number of adjacancy when we dont have a DR and BDR N(n-1)/2 when we have both DR and BDR NX2-3 when we have only DR (N-1) LSA: Link State Advertisement A router will always keep its route information in its database in the form of LSA, when any update will go from one device to another device it will go in the form of LSA Types of LSA Type1 LSA: Router LSA Type 2 LSA: Network LSA Type 3 LSA: Summary LSA Type 4 LSA: ASBR Summary LSA Type 5 LSA: External LSA Type 6 LSA: Group Membership LSA Type 7 LSA: NSSA LSA Type 8 LSA: Type 9 LSA: Type 10 LSA: Type 11 LSA: Type1 LSA: Router LSA It is generate by every router within an area to represent itself, it will not cross its own area within an area all routers have common 'Router LSA' information, one router LSA can keep multiple links information after every 30min router will flood lsa, if any router receives higher sequence no. lsa than router will execute SPF algorithem in router LSA link-id and advertising router-id will be same router lsa contain some special bits like 'V' end point of virtual link, 'E' it is ASBR, 'B' it is ABR. link-id= router id, adv router-id= router-id Type2 LSA: Network LSA It is generated by DR router within a segment to represent itself it is having information that how many devices are connected in that multi-access link network in the form of router-id. it will also having the information of DR router's ip address. it send to all attached router between the same area link-id= ip address of DR, adv router-id= router id of DR Type3 LSA: summary LSA It is generated by ABR router for sending routing information from one area to another area it contain information about all inter area routes link-id=network id (prefix id), adv. router-id= router id of ABR Type4 LSA: ASBR summary LSA it is generated by ABR discribe that who is doing redistribution means ASBR information cost to reach an ASBR from ABR Link-id= router-id of ASBR, Adv. router-id= router-id of ABR. Type5 LSA: External LSA generated by ASBR this LSA will keep the information of all routes of other routing domain link-id= external routes, adv. router-id= router-id of ASBR. Type7 LSA: NSSA External LSA It is generated by ASBR within NSSA Area it remain within the NSSA Area LSA7 gets translate back into type5 LSA by the NSSA ABR router link-id= external routes, adv. router-id= router-id of ASBR how to enable ospf on interface router(config)#router ospf 100 router(config-router)#network 12.1.1.0 0.0.0.255 area 0 router(config-if)#ip ospf 100 area 1 how to elect DR/BDR on point to point link router(config-if)#ip ospf network broadcast how to avoid DR/BDR election on multi-access link router(config-if)#ip ospf network point-to-point how to change priority of interface router(config-if)#ip ospf priority 2 (0-255) how to adertise loopback on there own prefix length router(config-if)#ip ospf network point-to-point how to check ABR router router#show ip ospf border-router how to check which interface in which area router#show ip ospf interface brief how to check detail of all interface router#show ip ospf interface how to configure virtual-link router(config-router)#area 1 virtual-link 3.3.3.3 redsitribute eigrp into ospf router(config-router)#redistribute eigrp 100 subnets redistribute rip into ospf router(config-router)#redistribute rip subnets Note: all external route will come as E2 route in ospf and it is larger route than any other path. it will never show total cost of path (cost20) advance redistribution in ospf (change seed-metric) router(config-router)#redistribution eigrp 100 subnets metric 30 Note: if cost to reach asbr is same than we can change seed-metric how to advertise E1 route during redistribution router(config-router)#redistribution eigrp 100 subnets metric-type 1 how to add tag during redistribution router(config-router)#redistribution eigrp 100 subnet metric-type 1 tag 11 condition redistribution with using route-map (redistribute specific route) router(config)#access-list 1 permit 60.1.1.0 0.0.0.255 router(config)#access-list 1 permit 60.1.2.0 0.0.0.255 router(config)#route-map cisco permit 10 router(config-route-map)#match ip address 1 router(config-router)# redistribution eigrp 100 subnet metric metric-type 1 tag 11 route-map cisco redistribute ospf into eigrp for specific route router(config)#access-list 1 permit 10.1.1.0 0.0.0.255 router(config)#route-map cisco1 permit 10 router(config-route-map)#match ip address 1 router(config)#router eigrp 100 router(config-router)#redistribution ospf 1 metric 1544 0 255 1 1500 route-map cisco1 Type of Area Standard Area Stub Area Totally Stub Area NSSA Area Totally NSSA Area Note: we used area type to filter LSA Standard Area: bydefault all areas are standard area Stub Area it is used to filter Type5 LSA and Type4 LSA or to filter external routes after filtering type5 and type4 LSA It automatically generate default route default route is advertise by ABR stub are run on both sides means ABR and all other router of this area. we cant configure area0 as stub area stub area not allow virtual-link stub area is not allowed ASBR router so we cant configure stub area near ASBR router. we cant make stub to that area which is attached with ASBR bcz it cant do redistribution . router(config-router)#area 1 stub Totally stub: it filter LSA3,4,5 or external as well as inter-area routes It automatically generate Default route implement only on ABR router router(config-router)#area 1 stub no-summary NSSA Area it stand for not-so-stub-area it is used to allow an asbr to send external routes through stub area with using type7 LSA. filter LSA4,5 but redistribution is allowed ASBR router will generate type7 LSA after that ABR will convert type 7 lsa back to type5 LSA. default route will be manully configured run on both side like stub router router(config-router)#area 1 nssa router(config-router)#area 1 nssa default-information originate Totally NSSA it filter LSA3,4,5 Default route will automatically generated implement only on ABR router allow redistribution default route originate by ABR router(config-router)# area 1 nssa no-summary propogate default-route in ospf with using default-inforation originate command router(config-router)#default-information originate / metric-type 1 it will propogate befault route if default route is present in it routing table router(config-router)# default-information originate metric-type 1 always Route filtering To filter routes we can use distribute-list. under distribute-list we can call varrious components Standard ACL Extended ACL Prefix-list Route-MAP Area Filter List Note: we cant configure Distribute-list in outbound direction in ospf expect ASBR Standard ACL router(config)#access-list 10 deny 100.1.1.0 0.0.0.255 router(config)#access-list 10 permit any router(config-router)#Distribute-list 10 in Extended ACL router(config)# access-list 101 deny ip host 12.1.1.2 172.16.111.0 0.0.0.255 router(config)#access-list 101 permit ip any any router(config-router)#distribute-list 101 in Prefix-list router(config)#ip prefix-list ccie deny 172.16.0.0/16 ge 24 le 24 router(config)#ip prefix-list ccie permit 0.0.0.0/0 le 32 router(config-router)#distribute-list prefix ccie in Route-Map with specific metric router(config)#route-map test deny 10 router(config-route-map)#match metric 20 router(config)#route-map test permit 11 router(config-router)#distribute-list route-map test in route-map router(config)#access-list 1 permit 10.1.1.0 0.0.0.255 router(config)#route-map cisco deny 10 router(config-route-map)# match ip address 1 router(config-router)#distribute-list route-map cisco in Filter Route on ASBR for outbound direction router(config)#access-list 1 deny 100.1.1.0 0.0.0.255 router(config)#access-list 1 permit any router(config-router)#distribute-list 1 out Area Filter-list In Area filter-list we can use only prefix-list Area filter-list can configure both direction we can filter inter-area routes we can filter type3 LSA for a area we can configure area filter-list on ABR router only router(config)#ip prefix-list ccie deny 10.1.0.0/16 ge 32 le 32 router(config)#ip prefix-list ccie permit 0.0.0.0/0 le 32 router(config-router)#area 3 filter-list prefix ccie in or router(config-router)#area 0 filter-list prefix ccie out summarization we can't configure summarization for intra area route we can configure summarization only on ABR which is generating LSA3 or on ASBR which is generating LSA5. Types of summarization Internal (On ABR) External (On ASBR) internal summarization router(config-router)# area 0 range 10.1.0.0 255.255.252.0 (routes of area 0 on R7) remove null 0 entry for internal summarization router(config-router)#no discard-route internal external summarization router(config-router)# summary-address 1.1.0.0 255.255.252.0 remove null 0 entry for external summarization router(config-router)#no discard-route external note: we can configure external summarization on translater also. filter routes with using internal summarization router(config-router)# area 2 range 1.1.0.0 255.255.252.0 not-advertise filter routes with using external summarization router(config-router)# summary-address 1.1.0.0 255.255.252.0 not-advertise how to change max-path in ospf router(config-router)#maximum-path 10 how to change A.D. value in ospf router(config-router)#distance 100 how to change hello-timer in ospf router(config-if)#ip ospf 100 hello-interval 5 note: if we changed hello interval than dead timer will automatically get changed. if we changed dead-interval manually than dead will not get change automatically how to change dead-interval in ospf router(config-if)#ip ospf 100 dead-interval 15 how to check hello and dead timer in ospf router# show ip ospf interface serial 0/0 note: if hello and dead timers are mismatch than neighborship will not come up how to change reference bandwidth in ospf router(config-router)#auto-cost reference-bandwidth 1000 router#show ip protocol how to check cost of any interface router#show ip ospf interface serial 0/0 how to check bandwidth of any interface router#show interface serial 0/0 how to change cost on any interface We can change path cost for path manupulation router(config-if)#ip ospf cost 50 how to set maximum LSA size router(config-router)#max-lsa 40 / warning-only authentication in ospf Type 0 - Null Type1 - Plain text Type2 - MD-5 How to configure plain text authentication router(config-if)# ip ospf authentication (to enable plain text authentication) router(config-if)#ip ospf authentication-key cisco123 router#debug ip ospf events how to configure md-5 authentication router(config-if)# ip ospf authentication message-digest (to enable md-5 authentication) router(config-if)#ip ospf message-digest-key 1 md5 cisco123 router#debug ip ospf events how to set null authentication router(config-if)#ip ospf authentication null note: we can configure plain text and md5 authentication but at a time latest authentication will work how to configure authentication globaly router(config-router)#area 0 authentication message-digest router(config-if)#ip ospf message-digest-key 1 md5 cisco123 OSPF Network types we use network types in ospf bcz it depend upon a media RFC Specific: non broadcast and point to multipoint Cisco specific: point to point, point to multipoint non broadcast and broadcast Fully mesh topologies Broadcast Non broadcast Hub & Spoke p2mp, p2mp-nb, p2p Non broadcast n/w – Default n/w type for frame relay (in case of sub-interface multipoint). Manually specify neigbrship becz it can’t make nbr automatically (hello 30 and dead 120) next hop can’t change. Unicast hello send and Can connect more than 2 router but have no broadcast capability. It elects Dr and BDR but all OSPF packets are exchange through unicast Command: Int fa0/0 Ip ospf network non-broadcast Note: Not mandatory to configure static nbrship both side. we can configure only one side 2.Broad cast n/w – Default n/w on fast Ethernet and FDDI Will elect DR & BDR Always map with broadcast keyword otherwise can’t make nbrship. We can’t able to set nbr manually if we forget to mention broadcast keyword in mapping time. It use multicast 224.0.0.5 add (with 01005e00005 for all ospf router) 224.0.0.6 for all DR router. Hello time 10 sec dead 40 sec To change n/w type # Int fa0/0 #IP OSPF n/w broad cast Point to multipoint :- it is not default option but best choice for nbma n/w, if broadcast is enabled otherwise it can’t work Does not select DR and BDR packet are multicast 224.0.0.5 Can’t be configured manually assign nbr Hello time 30 sec dead time 120 sec /32 will be as entry of all routers as a host. Point to multipoint non-broadcast:- Same as point to multipoint but configure with additional non broadcast keyword No DR/BDR election Unicast neighbor statement should be configured The packet is unicast Hello time 30sec dead time 120sec Point to point n/w :- Default for TI, point to point sub interface on frame relay Hello time 10 sec and dead interval 40. next hop ip is advertizing router. No DR and BDR election. It use multicast add -224.0.0.5 OSPF ignore subnet mask mismatch on point to point link. 6. Loopback:- 1. It is default n/w type for loopback interface 2. OSPF advertise stub n/w as host router /32 7. virtual-link n/w:- Virtual link is used for non backbone area that is not directly connected with backbone area (area 0). We always configure a virtual link over a primary address. This n/w type suppress hello Transits area means who work between area 0 and any regular area.then we use virtual-link over transits area. Area 1 virtual- link 146.146.146.6 hello interval 20 # Sh ip os virtual-link n/w types Hello times Dead times DR & BDR Auto NBR discovery Manual nbr define Broadcast 10 40 Y Y X P2p 10 40 X Y X P2mp 30 120 X Y X NON BROADCAST 30 120 Y N Y P2mp (NB) 30 120 X N Y BGP: Border Gateway Protocol it is an EGP Protocol (it can form neighborship between two different AS's) it is a Path Vector routing Protocol (it uses multiple attribute to select best path) it is highly scalable than IGP (it can have lakhs of routes in its BGP table) it is reliable protocol (it uses TCP) it uses tcp port number 179 before establish neighborship it have to form tcp connection (three way hand shake process). only BGP is fully reliable routing protocol. it is more secure than any other routing protocol bcz all msgs will travel on TCP protocol it is a classless routing protocol it support manual summarization Administrative Distance: IBGP 200, EBGP 20. A.S. size is 2bytes(0-65535) and 4bytes(0.0-65535.65535). Public A.S= 1 to 64511, Private AS=64512 to 65534. BGP doesn't support dynamic neighbor discovery. it supports only md5 authentication bgp convergence is slow as compaire to IGP. note: we can't configure more than one AS on a single router. note: BGP sends all type of packets as unicast. why we use BGP IGP's were developed for to handling upto 1000 of routes inside their routing table. therefore can't be implement in very large networks. BGP can contain lakh's of routes inside their BGP table or routing table. we never use default route in ISP router to other ISP router. in IGP's if any link (prefix) goes down thn it effects to complete routing structure(topology). but in BGP, it not affects other routers bgp table. when we are service provider or network size is very large. when we have multiple connections for internet or multiple service provider. Types of customers single homed customer Dual Homed customer single multi-homed Dual multi-homed single homed customer single internet connection from ISP we will never configure BGP in single homed customers. we configure static default route in the direction of ISP and natting also Dual homed customer Two internet connection from same ISP if we configure default route on both connection than it will not perform load-balancing to utalize both of connection we use BGP in dual homed customer Single multi-homed In this we must have two ISP and customer must have atleast one connection from each ISP. we can't configure default route so we to configure BGP Dual multi homed in this we must have atleast two isp and two link from each isp. Types of msges in BGP there is four types of msgs in BGP, each type of BGP packet will travell over TCP. it is not possible to transmit any single msg of BGP without forming TCP connection. 1 OPEN msg open msg send only once when nbrship comes up. than after BGP will not send any open msg. open msg will be used by BGP to exchange initial configuration between two bgp peers which is require to form bgp neighorship contents of bgp version 4 router-id own AS Hold down timer (180sec) 2 keep-alive After exchanging open msgs successfully between both router, router will start to send keep-alive msgs periodically after every 60sec just to inform its neighbor that im still awake. if any router doesn't receive keep alive msg from its neighbor within 180sec (hold down time) than router will break down the neighborship 3 Update update packets will be responsible to carry routes information. update packet having some components Path Attributes: some crieteria used by selection of best path. prefix info/NLRI: network layer reachability information. withdrawn routes: the prefix that goes down. Note: if any router have multiple prefixes and all prefix attributes are same than router will generate a single update msg 4 Notification if peering goes down than it will generate notification msg and it will contain the cause of problem. FSM(finite state mechnism) of BGP / BGP neighborship states 1 Idle: neighbor shutdown / waiting for start 3-way handshake. 2 Connect: try to form TCP connection, but wan't be confirmed 3 Active: TCP connection not completed, retrying to form tcp connection 4 Open-sent: TCP connection completed and sent open msg. 5 Open-confirm: exchanged open msg, perameter agreed, send keep-alive after 60sec 6 Established: peering completed, update is exhanged. Types of neighbor in BGP IBGP: Internal border gateway protocol EBGP: external border gateway protocol how to establish neighborship in bgp router#debug ip tcp packet router#debug ip bgp all router(config)#router bgp 100 router(config-router)#neighbor 12.1.1.1 remote-as 200 router#show tcp brief router#show ip bgp neighbor router#show ip route router#show ip bgp how to advertise prefix router(config)#router bgp 100 router(config-router)#network 172.16.0.0 mask 255.255.0.0 note: we can advertise network but its prefix length should be match in its routing table connected route. note: it will install only best route of bgp table into routing table. Well known Mandatory BGP will always carry these attributes with bgp update automatically well know discreationary sometimes bgp will carrry these attribute with bgp update , sometime its not. it depends on nbr, its IBGP nbr or EBGP nbr optional transitive if any bgp neighbor receive any update with optional transitive attribute and that router dont support that attribute in that case it will not drop update, it will accept that update and also will forword it to another neighbor after removing that attribute. optional non-transitive if any bgp neighbor receive any update with optional non-transitive attribute and that router dont support that attribute in that case it will discard that incoming update. how BGP define Best Path 1 Next-hop: reachability, if next-hop not reachable than it will not compaire other path attribute, if any router receiving any prefix from two nbr and next-hop is reachable via both router, than bgp will not define best path based on next-hop. 2 weight: it is cisco proprietory and also it has local significance, bgp will not carry weight information with bgp update for self advertised prefixes it is bydefault 32768 for all recieved prefixes bydefault it is 0 higher weight will always preffered. 3 Local preference bgp will always include local preference attribute in its out going bgp update but only for ibgp neighbor. bydefault local preference is 100 for internal prefixes higher will always preffered if any router receive prefixes from ebgp nbr (0), and from IBGP nbr (100) in that case local preference will never compaire 4 Self Advertised self advertised prefix will be preferred if router receiving same prefix from different nbr than it will not compaire self advertised. 5 AS Path AS- path list can have maximum 64 AS's router will define that path as best which is providing destination network after crossing less numger of AS 6 Origin code i = if we are advertising route in bgp with network cmd E= if any route advertised in EGP. ? = if we redistributed anything in BGP bydefault origin code will be '?' i>E>? 7 MED (metric) bedefault med IS 0, lower will always be preferred if we redistribute any routing protocol into bgp, their metric will go along will bgp update in the form of med. some time metic will be 0 sometimes null. 8 external>internal if any prefix coming from to different nbr one is ebgp and one is ibgp than it will preferre external first 9 IGP cost to reach next-hop if igp configured background of bgp thn bgp can use igp cost to reach next-hop address. 10 oldest path (for ebgp neighbor only) if router receiving sam eprefix coming from two different EBGP neighbor than oldest path always be preffered 11 router-id of neighbor lower will always preffered if router receiving same prefix coming from two different IBGP nbr than lower router-id of neighbor will always be preffered 12 lower neighbor address if router receiving same prefix coming from two nbr which router id is has same than lower ip address will be preffered note: BGP support equal cost load-balancing but up to igp cost to reach next hope attribute must be same. loop avoidance mechenism in BGP BGP will always discard all these updates which are carrying its own AS inside there AS-path list. if a BGP router receives anything from one ibgp neighbor than it will never advertise that information toward any other ibgp nbr. Rule of next-hop Whenever any router give update to its ebgp neighbor, it will advertise update after modifying their next-hop address. whenever any router give update to its ibgp neighbor, it will advertise update without modifying their next-hop address. how to configure neighbor router(config-router)#neighbor 12.1.1.2 remote-as 100 how to advertise network in bgp router(config-router)#network 10.1.1.0 mask 255.255.255.0 note: that prefix should be present in its local routing table with same prefix lengh. connected check rule for EBGP According to BGP, EBGP neighbor are directly connected if ebgp neighbor are not directly connect in that case bgp will not initiate bgp neighborship due to directly connected rule. to break this rule we have to disable connected check rule. if we change ttl value than directly connected check rule will get disable automatically. Note: open msg ttl value for ebgp enighbor is 1, and for ibgp neighbor ttl value is 255. router(config)#router bgp 100 router(config-router)#neighbor 2.2.2.2 remote-as 200 router(config-router)#neighbor 2.2.2.2 update-source loopback 1 router(config-router)#neighbor 2.2.2.2 disable-connected-check router(config-router)#neighbor 2.2.2.2 ebgp-multihop 2 how to advertise network in bgp router(config-router)#network 10.1.1.0 mask 255.255.255.0 router(config-router)#network 192.168.101.0 (advertise class full prefix without mask) router(config-router)#redistribute connected how to check check that which route is advertising to neighbor router router# show ip bgp neighbors 192.168.12.1 advertised-routes router#clear ip bgp * in how to configure authentication router(config-router)#neighbor 1.1.1.1 password 5 cisco@123 how to change keep-alive interval and hold time router(config-router)#timer bgp 50 100 (globly) router(config-router)#neighbor 192.168.12.2 timers 50 100 (per neighbor) note: bgp neighbors will negociate lower hold timer how to configure summarization router(config-router)#aggregate-address 100.1.0.0 255.255.248.0 summary-only we use path attribute for path manupulation for outgoing traffic (weight,local prefernce) how to manupute path with using weight for all prefix router(config-router)#neighbor 192.168.13.3 weight 1 how to manupute path selection with using weight for particular prefix router(config)# access-list 1 permit 1.1.1.1 0.0.0.0 router(config)#route-map weight permit 10 router(config-route-map)#match ip address 1 router(config-route-map)#set weight 1 router(config)# route-map weight permit 20 router(config-router)# neighbor 192.168.13.3 route-map weight in router# clear ip bgp * in how to manupulate path selection with using local preference router(config)#access-list 1 permit 1.1.1.1 0.0.0.0 router(config)#route-map lp permit 10 router(config-route-map)#match ip address 1 router(config-route-map)#set weight 1 router(config)#route-map lp permit 20 router(config-router)#neighbor 192.168.13.3 route-map lp in how to shutdown any neighbor router(config-router)#neighbor 192.168.12.2 shutdown how to manupulate path selection with using AS-Path list specially use this attribute to manupulate in bound traffic router(config)#access-list 1 permit 1.1.1.1 0.0.0.0 router(config)#route-map as_path permit 10 router(config-route-map)#match ip address 1 router(config-route-map)#set as-path prepend 100 100 router(config)#route-map cisco permit 20 router(config-router)#neighbor 22.1.1.1 route-map as_path in router#clear ip bgp * how to manupulate path selection with using origin code this attribute is also used to manupulate in bound traffic router1(config)#access-list 1 permit 1.1.1.1 0.0.0.0 router1(config)#route-map as_path permit 10 router1(config-route-map)#match ip address 1 router1(config-route-map)#set origin incomplete router1(config)#route-map cisco permit 20 router1(config-router)#neighbor 192.168.12.2 route-map as_path in router1#clear ip bgp * how to manupulate path selection with using med this is also used for inbound traffic router1(config)#access-list 1 permit 1.1.1.1 0.0.0.0 router1(config)#route-map med permit 10 router1(config-route-map)#match ip address 1 router1(config-route-map)#set metric 1 router1(config)#route-map cisco permit 20 router1(config-router)#neighbor 192.168.12.2 route-map med in router1#clear ip bgp * note: if any prefix is receiving from 2 different neighbor and both neighbor AS is same than it will compare med. if any prefix is receiving from 2 different neighbor and both neighbor AS is different than it will not compare med (bydefault) router(config-router)# bgp always-compare-med note: we cant manupulate path selection with using path-attribut external>internal. redistribute eigrp into bgp router(config-router)# redistribute eigrp 100 redistribute bgp into ospf router(config-router)#redistribute bgp 300 subnets redistribute ospf into bgp router(config-router)#redistribute ospf 100 / match internal external redistribute bgp into eigrp router(config-router)#redistribute bgp 200 metric 1544 0 255 1 1500 note: bydefault bgp will not redistribute interanl route. router(config-router)#bgp redistribute-internal route filtering in bgp standard ACL prefix-list route-map note: we can't call route-map in distribute-list route filering with using standard acl router2(config)# access-list 1 deny 40.1.1.1 0.0.0.0 router2(config)# access-list 1 permit any any router2(config-router)# distribute-list 1 in or router2(config-router)# neighbor 192.168.2.2 distribute-list 1 in route filtering with using prefix-list router(config)# ip prefix-list test deny 40.1.0.0/22 ge 32 le 32 router(config)# ip prefix-list test permit 0.0.0.0/0 le 32 router(config-router)# neighbor 192.168.2.2 distribute-list prefix-list test in route filtering with using route-map route ipv6 addressing it is a 128 bits address and devided into 8block, in each block there is 16bits it will be represented in hexadecimal form ipv6 address is devided into two parts, first part known as network prefix, and second part is host-id part. types of address in ipv6= 1 unicast 2 multicast unicast: unique local address (fc00::/7), global unicast address (2000::/3), link local add (fe80::/10) multicast: ff00::/8 loopback address ::1 link-local address we will never required to allocate link-local address manually device will automatially calculate these link-local address by itself link local address can't across its broadcast domain we can communicate within the network with using this address. NO ARP NO need of dhcp server (serverless auto configuration) ND protocol this protocol will use icmpv6 to get the mac addrss of dest/next-hop, serverless auto conf, router-discovery, prefix discovery, duplicate address DAD duplicate address detection there is no gratious arp, to detect duplicate ip address it uses DAD, and this dad will be also performed with the help of icmpv6. types of msgs in ipv6 router solicitation: multicasted by a node when it wants routers to send a router advertisement immediately instead of waiting for advertisement the next scheduled. it send router soliitation to learn about conf parameters and about the existance of routers on the link. router advertisement sent periodically or in reponse of a soliitation. routers advertise their presence, as well as provide information neccessory for a node to configure itself. (gatgeway info,prefix info) neighbor solicitation it is like arp req msg, to get layer2 address of neighbor, determine whether the neighbor is still reachable via layer2 address, to check duplicate address. neighbor advertisement it is like ARP response msg, to give layer 2 address. redirect if there is two different prefix and they will communiate via router so after redirect msg they will communicate directly ipv4 224.0.0.1 for all node, 224.0.0.2 for all routers only ipv6 ff02::1 for all node, ff02::2 for all routers only. rip ff02::9 ospf ff02::5/6 eigrp ff02::A for stateless auto config router(config-if)# ipv6 address autoconfig router(config-if)# ipv6 address autoconfig default (to receive default route automatically) RIP:ex we can use offset-list in rip (config-if)#ipv6 rip test metric-offset 3) rip supports only prefix list for route filtering BGP router(config)#ipv6 unicast-routing router(config)#router bgp 100 router(config-router)# bgp router-id 1.1.1.1 router(config-router)#neighbor 2000:192:168:1::2 remote-as 200 router(config-router)# no bgp default ipv4-unicast router(config-router)#address-family ipv6 unicast router(config-router)#neighbor 2000:192:168:1::2 activate router#show ipv6 unicast summary GRE: Generic router encapsulation it is a layer 3 protocol it uses protocol number 47 it will add 24byte long extra information (external ip header 20bytes, type and flag 4bytes ) compatability between ipv4 and ipv6 Dual stacking ipv6 tunnel NAT-PT r2(config)#ip route 1.1.1.0 255.255.255.0 serial 0/0 r3(config)# ipv6 route ::/0 serial 0/0 r2(config-if)# ipv6 nat (serial 0/0) r2(config-if)#ipv6 nat (serial 0/1) r2(config)# ipv6 nat prefix 2000::/96 r2(config)#ipv6 nat v6v4 source 2000:192:168:2:2 12.1.1.3 r2(config)# ipv6 nat v4v6 source 1.1.1.1 2000::0101:0101 GRE Generic router encapsulation layer 3 protocol protocol number is 47 will directly intract with ip itself it will add 24byte long extra information 24byte= 20byte for external ip header, 4byte will be for type and flags field. DMVPN NHS: ROUTER(CONFIG)# interface tunnel 1 router(config-if)#ip address 192.168.1.1 255.255.255.0 router(config-if)# tunnel source serial 1/0 router(config-if)#tunnel mode gre multipoint router(config-if)#ip nhrp network-id 1 (any number) router(config-if)#ip nhrp authentication cisco123 router(config-if)#ip nhrp map NHC: router(config)#interface tunnel 1 router(config-if)#ip address 192.168.1.2 255.255.255.0 router(config-if)#tunnel source serial 1/0 rotuer(config-if)#tunnel destination (ip address of nhs) rotuer(config-if)#ip nhrp network-id 10 rotuer(config-if)#ip nhrp authentication cisco123 rotuer(config-if)#ip nhrp map 192.168.1.1 (nhs tunnel ip address.) 11.1.1.10 (public ip of nhs) rotuer(config-if)#ip nhrp nhs 192.168.1.1 rotuer#show ip nhrp after configuring eigrp nhs(config-if)# ip nhrp map multicast dynamic nhc(config-if)#ip nhrp map multicast 11.1.1.1 (public ip of nhs) nhc(config-if)#shutdown / no shutdown AAA (authorization) priviledge level (default 0,1,15) r(config)#username cisco privilege 5 password cisco r(config)#username test privilege 15 password test r(config-line)#login local login with cisco user it can run only limited commands. now login with test user which has privilege 15 and give the privilege to user cisco. r(config)#privilege exec level 5 configure terminal r(config)#privilege configure level 5 interface r(config)#privelege interface level 5 ip address r(config)#privilege interface level 5 shutdown r(config)#privilege interface level 5 no shutdown r# show privilege syslog server r(config)#loggin console ? r(config)#loggin moniter ? r(config)#logging host 192.168.1.1 transport udp port 656 r(config)#logging source-interface loopback 1 r(config)#logging rate-limit console all 2 snmp server r(config)#snmp-server host 192.168.1.1 cisco@123 r(config)#snmp-server community cisco@123 rw r(config)#snmp-server enable traps chck in running config r(config-if)#no snmp trap link-status