FRAME-RELAY

ü A point-to-point subinterface can only accommodate a single DLCI at any given time. Point-to-
point sub-interfaces are treated by the IOS like a physical point-to-point interface and do not need
either inverse-arp or frame-relay map statements.

ü Multipoint DLCI’s rely on either inverse-arp or frame-relay map statements for proper operation.

ü You must manually clear inverse-arp with a clear frame-inarp command to remove any undesired
inverse-arp entries.

ü The broadcast parameter is required for protocols such as OSPF

ü If the router is reloaded inverse-arp will be disabled for any DLCI that is used with a frame-relay
map statement.

ü As a rule when configuring frame-relay map statements make note of the protocol and the DLCI
specified if there are any inverse mappings for that same protocol referencing the same DLCI
replace the inverse-arp entries with frame-relay map statements.

ü Rules to remember when configuring point-to-point sub-interfaces are:
o No frame-relay map statements can be used with point-to-point sub-interfaces
o One and only once DLCI can be associated with a single point-to-point interfaces

ü Without the frame-relay interface DLCI command, all DLCI’s are assigned to the physical
interface

ü Split horizon only blocks routing updates in a hub and spoke topology

ü A Cisco IOS remedy to this split horizon problem is to disable split horizon on the hub router in a
frame-relay network this can be performed at the interface configuration mode.

ü Split horizon is disabled on frame-relay physical IP interfaces split horizon is enabled on frame-
relay point-to-point and multi-point IP sub-interfaces.

ü OSPF is not affected by the rule of split horizon since it does not apply it.

ü A remedy to the problem of “hello mismatches” is using the Cisco IOS interface configuration
command “IP OSPF network”:

ü A popular selection for OSPF networks is the point-to-multipoint option

ü When using only physical interfaces in a hub and spoke topology you need to add a frame-relay
map statement on the spoke routers to assure spoke to spoke reachability nothing needs to be done
to the hub router.

ü If using point-to-point sub-interfaces each sub-interface must be configured as a separate sub net

ü If a physical or multipoint sub interface is being used at the hub remember to disable split horizon
at the hub

Interface configuration: (physical)
encap frame
frame-relay lmi-type {cisco ansi q933a} note:
after IOS 11.2 lmi is auto-sensed
ip address { A.B.C.D mask }
frame-relay map ip ip-address dlci

Interface configuration: (sub-interface)
ip address { A.B.C.D mask }
frame-relay interface-dlci dlci note:

PtoP can only have 1 dlci, PtoMP can have multiple dlci’s

FR scenarios:

ALL PHYSICAL:

Add map statement to spokes (to other spokes). NOTHING needs to be done at Hub.

ALL SUB-INTERFACES:

Frame-relay interface-dlci statements on hub (PtoMP) and spokes (PtoP) note: distance vector protocols
will be affected because of split horizon. Disable split-horizon a the hub. OSPF will have network type
mismatches.

PHYSICAL INTERFACE AT THE HUB AND PtoP SUBINTERFACES AT THE SPOKES:

frame-relay interface-dlci dlci statements at the spokes

MULTIPOINT SUBINTERFACE AT THE HUB AND PHTSICAL INTERFACES AT THE SPOKES:

Add map statement to spokes note: add map to hub also because of the inverse-arp being disabled.
frame-relay interface-dlci dlci statements at the hub ( or frame-map statements )

PtoP SUBINTERFACES AT THE HUB
:
Overcomes the problem of split-horizon without having to disable it. Note: each subinterface will need its
own subnet

EX. PVCs on same subnet


interface serial 0
ip ospf network point-to-multipoint

EX. PVCs on different subnets

interface serial 0
ip ospf network broadcast

SHOW and DEBUG
:
Show frame-relay pvc
Show frame-relay map
Show frame-relay lmi
Deb ip packet
Deb fram packet
Clear frame-relay-inarp


ISDN AND DDR ROUTING


ü The broadcast parameter allows broadcast traffic to be forwarded and broadcasts will reset the idle
timer.

ü Just as with frame-relay map statements the dialer-map broadcast parameter is required for proper
OSPF operation over a DDR link

ü Note that when the broadcast parameter is added the DDR link can stay up indefinitely due to
constant broadcast traffic, to remedy this situation granular dialer-lists must be configured.


ü A physical interface can be associated with multiple dialer pools. A logical dialer interface can be
associated with only one dialer pool.

ü In order to configure PPP chap authentication with dialer profiles enter the PPP authentication
chap statement at both the physical interface and the logical dialer interface

ü The dialer remote name statement is critical for the called party it must match the calling party
host name or the name specified in the calling parties PPP chap host name statement

Configuring Legacy ISDN :

Global configuration:
isdn switch-type ?
basic-1tr6 1TR6 switch type for Germany
basic-5ess Lucent 5ESS switch type for the U.S.
basic-dms100 Northern Telecom DMS-100 switch type for the U.S.
basic-net3 NET3 switch type for UK, Europe, Asia and Australia
basic-ni National ISDN switch type for the U.S.
basic-qsig QSIG switch type
basic-ts013 TS013 switch type for Australia (obsolete)
ntt NTT switch type for Japan
vn3 VN3 and VN4 switch types for France

dialer-list list-number protocol protocol-name permit/deny
username Remote-router-name password password ( only if using PPP encap/auth )

Interface configuration:
(minimal using dialer string… very inefficient use of B channels both sides
REQUIRE dialer strings)


ip address ip-address mask
dialer string dialer-string-numer
dialer-group dialer-group-number

Interface configuration
: (minimal using dialer map)
ip address ip-address mask
encap ppp
ppp authentication chap | pap
dialer map ip A.B.C.D ?
WORD Dialer string
broadcast Broadcasts should be forwarded to this address
class dialer map class
modem-script Specify regular expression to select modem dialing script
name Map to a host
spc Semi Permanent Connections
speed Set dialer speed
system-script Specify regular expression to select system dialing script

dialer-group dialer-group-number

Interface configuration:
(other commonly configured parameters)
idle-timeout
fast-idle
load-threshold

Configuring ISDN Dialer Profiles:

3 steps:


Configure the physical interface: (all legacy statements must be removed)
Dialer pool-member dialer-pool-number
Encap ppp
ppp auth chap

Configure the logical dialer interface: (minimal)
ip address A.B.C.D mask
encap ppp
Dialer remote-name remote-router-name
dialer string dialer-string-number
dialer pool number
dialer-group number
ppp auth chap

Routing issues over ISDN:

ü Use static routes and dialer-lists that filter routing updates ( no broadcast parameter on map
statement)
ü SNAPSHOT routing for DV protocols
ü OSPF Demand circuit- Cisco has a solution to limit OSPF hello traffic over and ISDN link: IP
OSPF DEMAND–CIRCUIT. By entering this interface configuration command on one side of a
bri connection, OSPF adjacencies will be formed and ongoing OSPF hellos will be suppressed

SHOW and DEBUG
:
Sh dialer map
sh isdn stat
sh isdn hist
sh isdn active

sh dialer
sh int bri0 (shows D channel)
sh int bri0 1 or bri0 2 (shows B channels)
deb isdn q921
deb isdn q31

ISDN – Snapshot routing

ü All snap shot routing configuration is performed at the interface configuration mode. Typically the
snap shot client is a branch office and the snap shot server is the headquarters or hub office.

Configuring the Snapshot client:

Interface commands:
Dialer map snapshot sequence-number dial-string
Snapshot client active-period quiet-period suppress-statechange-updates dialer

Configuring the Snapshot server:

Interface commands:
snapshot server active-period dialer

Note:
ALL PERIODS ARE IN MINUTES

SHOW and DEBUG
:
sho snapshot
clear snapshot
deb snapshot

deb dialer packet
deb dialer events

Dial Backup

ü You can use dial backup to backup an individual frame-relay DLCI by placing the DLCI under a
point-to-point subinterface. If the DLCI becomes inactive the point-to-point sub-interfaces line
protocol attains a state of down and the designated back up interface will become active

ü When applying a dial backup to a legacy ISDN\DDR configuration the physical interface is placed
in standby mode. When an interface is in standby mode no other traffic can pass over it. With
dialer profiles the logical dialer interface is in standby mode and the physical interfaces are free to
be used for other services.


Apply two interface configuration commands to the primary interface:
For primary link failure:
Backup interface {bri0 | dialer}
Backup delay { XXX YYY }
• XXX = time in seconds to wait before activating the backup interface
• YYY = time in seconds to wait before putting backup interface in standby after primary is up


For primary link load overload:
Backup interface {bri0 | dialer}
Backup load { XXX YYY }
• XXX = amount of load to be exceeded to trigger backup intf.
• YYY = amount of load to be attained to deactivate backup intf.

To backup a FR individual dlci, place the dlci under a PtoP subinterface.

Floating static routes can also be used for backup.

SHOW and DEBUG
:
sho interface


RIP

ü Rip routes have a default administrative distance of 120

ü A hop count is the number of routers a rip update has transited.

ü When the static default route 0.0.0.0 0.0.0.0 is configured on a rip speaking router, rip
automatically redistributes the 0.0.0.0 entry into the rip domain.

ü Another method of advertising a default route with rip is to use the default information originate
statement under the router rip configuration mode. By entering this statement 0.0.0.0 route will be
advertised into the rip domain, even if there is no 0.0.0.0 route on the router that is the source of
the default route.

ü In a rip domain, all subnets must be contiguous. The contiguous subnet requirement can be
overcome by using a combination of default routes and the ip classless command.

ü A default route allows a rip speaking router to forward all class full network prefixes that are not
listed in a given routers routing table. However, a default route does not automatically allow a rip
speaking router to forward all subnets that are not listed in a given routers routing table.

ü By enabling ip classless, you override the contiguous subnet rule and allow the router to look for
the longest match beyond the listed subnets. If a subnet is not listed on a router with ip classless

enabled, it will eventually match the 0.0.0.0 entry. ( the default route)

ü If you adjust the timers on one router in a rip domain, adjust the timers on all routers to the exact
same settings.

ü The most useful debugging tool for rip routing is debug ip rip.

ü RIP V1 and IGRP will advertise routes having a different subnet mask than the interface if the
route is in a different major network. RIP will assume a classful mask.


Router Commands - RIP

*auto-summary Enable automatic network number summarization default Set a command to its defaults
**default-information Control distribution of default information
**default-metric Set metric of redistributed routes
**distance Define an administrative distance
***distribute-list Filter networks in routing updates exit Exit from routing protocol configuration mode
*flash-update-threshold Specify flash update threshold in second help Description of the interactive help
system
*input-queue Specify input queue depth
*maximum-paths Forward packets over multiple paths
**neighbor Specify a neighbor router
**network Enable routing on an IP network
no Negate a command or set its defaults
*offset-list Add or subtract offset from IGRP or RIP metrics
output-delay Interpacket delay for RIP updates
*passive-interface Suppress routing updates on an interface
***redistribute Redistribute information from another routing protocol
*timers Adjust routing timers

*traffic-share Algorithm for computing traffic share for alternate routes
*validate-update-source Perform sanity checks against source address of routing updates
**version Set routing protocol version


Interface Commands - RIP

Rtr(config-if)#ip rip ?
**Authentication Authentication control
**receive advertisement reception
**send advertisement transmission

(Importance - ***High **Medium *Low)

IGRP

ü Rip has a maximum hop count of 15. IGRP has a max hop count of 100

ü IGRP routes have a default administrative distance of 100.

ü Bandwidth is the smallest of all bandwidths on outbound ports in a given path. Delay is the sum
of all delays of outbound ports in a path.

ü As with rip, if you adjust timers on one you must adjust on all.

ü IGRP does not advertise the 0.0.0.0 network to downstream IGRP neighbors. Rip and EIGRP do.


ü With IGRP, you must use the “ ip default–network” global configuration command. When using
this statement, it is recommended that you assign a class full address. If you use a subnet, with “ip

default -network” a static route will be created in your running configuration.


Router Commands - IGRP

default Set a command to its defaults
**default-information Control distribution of default information
**default-metric Set metric of redistributed routes
**distance Define an administrative distance
***distribute-list Filter networks in routing updates
exit Exit from routing protocol configuration mode
help Description of the interactive help system
*input-queue Specify input queue depth
*maximum-paths Forward packets over multiple paths
*metric Modify IGRP routing metrics and parameters
**neighbor Specify a neighbor router
**network Enable routing on an IP network
no Negate a command or set its defaults
*offset-list Add or subtract offset from IGRP or RIP metrics
*passive-interface Suppress routing updates on an interface
***redistribute Redistribute information from another routing protocol
*timers Adjust routing timers
*traffic-share Algorithm for computing traffic share for alternate routes
*validate-update-source Perform sanity checks against source address of routing updates
*variance Control load balancing variance

(Importance - ***High **Medium *Low)

EIGRP


ü The feasible distance is the metric used by a given router to reach a specific destination network.

ü If a directly connected neighbors metric to a given destination network is less than your own
metric, you cannot create a routing loop by selecting a shorter path to a given destination network.

ü EIGRP internal routes have an administrative distance of 90.
ü External EIGRP routes have an administrative distance of 170

ü The only difference between an IGRP metric and an EIGRP metric is that the EIGRP metric is
represented by a value that is larger than the IGRP metric by a factor of 256

ü If you have a discontiguous subnet, you will want to disable the automatic summarization feature
of EIGRP.

ü EIGRP propagates a route to network 0.0.0.0, but the static route must be redistributed into
EIGRP. RIP and OSPF behave as described when using the ip default-network command.

Router Commands - EIGRP

*auto-summary Enable automatic network number summarization
default Set a command to its defaults
**default-information Control distribution of default information
**default-metric Set metric of redistributed routes
**distance Define an administrative distance
***distribute-list Filter networks in routing updates
*eigrp EIGRP specific commands
exit Exit from routing protocol configuration mode
help Description of the interactive help system
*maximum-paths Forward packets over multiple paths
metric Modify IGRP routing metrics and parameters

**neighbor Specify a neighbor router
**network Enable routing on an IP network
no Negate a command or set its defaults
*offset-list Add or subtract offset from IGRP or RIP metrics
*passive-interface Suppress routing updates on an interface
***redistribute Redistribute information from another routing protocol
*timers Adjust routing timers
*traffic-share Algorithm for computing traffic share for alternate routes
*variance Control load balancing variance

Interface Commands - EIGRP

Rtr(config-if)#ip hello-interval eigrp 1 ?
<1-65535> Seconds between hello transmissions
Rtr(config-if)#ip hold-time eigrp 1 ?
<1-65535> Seconds before neighbor is considered down
Rtr(config-if)#ip split-horizon eigrp ?
<1-65535> Autonomous system number

OSPF

ü OSPF routers on broadcast networks will elect a DR and BDR.
ü OSPF routers on NBMA networks will elect a DR and BDR and all OSPF packets are unicast.
ü PtoMP networks are a special configuration of NBMA networks in which the networks are treated
as a collection of PtoP links. Routers DONOT elect a DR and BDR and OSPF packets are
multicast.
ü Loopback interfaces are considered stub networks and advertised as host routes. Adding the
interface command ip ospf network point-to-point can alter this default behavior.
ü The cost of a route is the sum of the costs of all outgoing interfaces to a destination. Default OSPF
cost is 10^8/BW (configured BW of the interface).

ü Best practice dictates that a non-backbone area’s addresses should be summarized INTO the
backbone area by its own ABR, as opposed to having all other ABRs summarize the area into their
areas
ü Recall from EIGRP that when a summary route is configured, a route to the null interface is
created and automatically entered into the route table to prevent routing loops and black holes.
THEREFORE, whenever you are configuring summary routes within an OSPF domain, be sure to
add a static route for the summary address pointing to a null interface.
ü By default, redistributed routes have external metric type 2. Type 2 routes have a cost which
consists of the external cost only. Type 1 routes include the cost of traversing the OSPF domain.

OSPF Authentication:
ü When authentication is configured, it must be configured for an entire area.

Configuring Type 1 authentication
:
On each interface in the area:
ip ospf authentication-key password (note: the passwords DON’T need to be the same throughout the
area, but MUST be the same between neighbors.)

Router mode configuration:
area X authentication

Configuring Type 2 authentication
:
On each interface in the area:
ip ospf message-digest-key md5 password (note: the passwords DON’T need to be the same throughout
the area, but MUST be the same between neighbors.)

Router mode configuration:
area X authentication message-digest


Manage Authentication Keys:

key chain name-of-chain
key number
key-string
accept-lifetime start-time {infinite | end-time | duration seconds}
send-lifetime start-time {infinite | end-time | duration seconds}


LSA Types-

Router LSAs (Type 1) are produced by every router. Lists all of a router’s links, or interfaces, along with
the state and outgoing cost of each link. These LSAs are flooded only within the area in which they are
originated.
Use command: show ip ospf database router

Network LSAs (Type 2) are produced by the DR on every multi-access network. Lists all attached routers
including the DR itself. Like Type 1’s network LSAs are flooded only within the originating area.
Use command: show ip ospf database network

Network Summary LSAs (Type 3) are originated by ABRs. They are sent into a single area to advertise
destinations outside that area. An ABR also advertises the destinations within its attached areas into the
backbone with Network Summary LSAs. Default routes external to the area but internal to the OSPF AS
are also advertised as Network Summary LSAs.
Use command: show ip ospf database summary

ASBR Summary LSAs (Type 4) are also originated by ABRs. ASBR Summary LSAs are identical to
network Summary LSAs except that the destination they advertise is an ASBR, not a network.
Use command: show ip ospf database asbr-summary


Autonomous System External LSAs (Type 5) are originated by ASBRs and advertise either a destination
external to the OSPF AS, or a default route external to the OSPF AS.
Use command: show ip ospf database external

NSSA External LSAs (Type 7) are originated by ASBRs within NSSAs. Unlike Autonomous System
External LSAs which are flooded throughout an OSPF AS, NSSA External LSAs are only flooded within
the originating NSSA.
Use command: show ip ospf database nssa-external

Area Types-


Stub Area – an area into which Autonomous System External LSAs (Type 5) are not flooded. Type 4s
also blocked. ABRs at the edge of the stub network will use Network Summary LSAs (Type 3) to advertise
a single default route (destination 0.0.0.0) into the area.

To configure: ALL routers in stub area must have area X stub in their router mode configuration.

Totally Stubby Area – use a default route to reach ALL destinations outside its area. The ABR of a totally
stubby area will block not only Autonomous System External LSAs (Type 5) but also all Network
Summary LSAs (Type 3) with the exception of a single type 3 LSA to advertise the default route.

To configure: ALL routers in stub area must have area X stub in their router mode configuration, and the
ABR must have area X stub no-summary.

Not-So-Stubby Area – allow external routes to be advertised into the OSPF AS while retaining the
characteristics of a stub area to the rest of the AS. These type 7 LSAs are flooded throughout the NSSA but
are blocked at the ABR. (translated to type 5 LSAs and flood it throughout the other areas.


To configure: ABR router in stub area must have area X nssa in its router mode configuration, and the
ASBR must have area X nssa also

The way that OSPF generates default routes (0.0.0.0) varies depending on the type of area the default
route is being injected into

Normal Areas


By default, in normal areas routers don't generate default routes. To have an OSPF router generate a default
route, use the default-information originate [always] [metric metric-value] [metric-type type-value] [route-
map map-name] command. This generates an external type-2 link with link-state ID 0.0.0.0 and network
mask 0.0.0.0, which makes the router an autonomous system boundary router (ASBR).

There are two ways to inject a default route into a normal area. If the ASBR already has the default route,
you can advertise 0.0.0.0 into the area. If the ASBR doesn't have the route, you can add the keyword
always to the default-information originate command, and then advertise 0.0.0.0.

Stub and Totally Stubby Areas


For stub and totally stubby areas, the area border router (ABR) to the stub area generates a summary link-
state advertisement (LSA) with the link-state ID 0.0.0.0. This is true even if the ABR doesn't have a default
route. In this scenario, you don't need to use the default-information originate command.

Not-So-Stubby Areas


The ABR for the NSSA generates the default route, but not by default. To force the ABR to generate the
default route, use the area <x> nssa default-information originate command. The ABR generates a type 7

LSA with the link-state ID 0.0.0.0.

Router Commands - OSPF

Rtr(config)#router ospf 1
***area OSPF area parameters
**auto-cost Calculate OSPF interface cost according to bandwidth
default Set a command to its defaults
*default-information Control distribution of default information
*default-metric Set metric of redistributed routes
*distance Define an administrative distance
*distribute-list Filter networks in routing updates
*ignore Do not complain about specific event
*log-adjacency-changes Log changes in adjacency state
*maximum-paths Forward packets over multiple paths
**neighbor Specify a neighbor router
***network Enable routing on an IP network
*no Negate a command or set its defaults
*passive-interface Suppress routing updates on an interface
***redistribute Redistribute information from another routing protocol
*router-id router-id for this OSPF process
***summary-address Configure IP address summaries
*timers Adjust routing timers
*traffic-share Algorithm for computing traffic share for alternate


OSPF intertace commands

Rtr(config-if)#ip ospf ?
***authentication-key Authentication password (key)

**cost Interface cost
*database-filter Filter OSPF LSA during synchronization and flooding
*dead-interval Interval after which a neighbor is declared dead
***demand-circuit OSPF demand circuit
*hello-interval Time between HELLO packets
***message-digest-key Message digest authentication password (key)
***network Network type
***priority Router priority
*retransmit-interval Time between retransmitting lost link state advertisements
*transmit-delay Link state transmit delay

(Importance - ***High **Medium *Low)


Area

Rtr(config-router)#area ?
<0-4294967295> OSPF area ID as a decimal value
A.B.C.D OSPF area ID in IP address format
Rtr(config-router)#area 1 ?
**Authentication Enable authentication
*default-cost Set the summary default-cost of a NSSA/stub area
*nssa Specify a NSSA area
***range Summarize routes matching address/mask (border routers only)
*stub Specify a stub area
***virtual-link Define a virtual link and its parameters

(Importance - ***High **Medium *Low)

Auto Cost


OSPF interfaces have a cost equal to 100,000,000/Bandwidth
ü Fast Ethernet = 100,000,000/100,000,000 = 1
ü Ethernet = 100,000,000/10,000,000 = 10
ü T1 = 100,000,000/1,544,000 = 65

The auto-cost command is used to change the default of 100,000,000. Changing the default affects the cost
of every OSPF interface on the router

Rtr(config-router)#auto-cost reference-bandwidth ?
<1-4294967> The reference bandwidth in terms of Mbits per second


SHOW and DEBUG
:
show ip ospf ?
*** <1-4294967295> Process ID number
border-routers Border and Boundary Router Information
database Database summary
flood-list Link state flood list
**interface Interface information
***neighbor Neighbor list
request-list Link state request list
retransmission-list Link state retransmission list
summary-address Summary-address redistribution Information
***virtual-links Virtual link information
| Output modifiers
<cr>

(Importance - ***High **Medium *Low)


BGP

Global configuration:
router bgp AS-number

Router configuration:
Neighbor A.B.C.D remote-as AS-number

Neighbor A.B.C.D update-source loopback is required source router when using a loopback interface.

Neighbor A.B.C.D EBGP multihop – used when an EBGP connection is to a non-connected interface
(Loopback) . Because the peer is not directly connected, you must use a static route or an IGP for reach
ability.
Neighbor A.B.C.D next hop self – used when the next hop address on the outgoing update (particularly
across NBMA network) is not reachable to the EBGP peer.

ü Within an AS, bgp peers do not need to be directly connected.
ü For routers that run ebgp, neighbors are usually directly connected.
ü ALL bgp speakers within an AS MUST establish a peer relationship unless you use Route
reflectors or confederations.
ü When a bgp speaker receives an update from other bgp speakers in its own AS, (via ibgp) the
receiving bgp speaker uses ebgp to forward the update to ebgp speakers only.

ü The BGP synchronization rule states that if an AS provides transit service to another AS, BGP
should not advertise a route until all of the routers within the AS have learned the route via an
IGP.
ü You can disable synchronization if one of the following is true:
1. Your AS does not pass traffic from one AS to another.
2. ALL the transit routers in your AS run BGP

ü The only difference between advertising a static and a default route, is that when you redistribute a
static, BGP sets the origin attribute of updates to incomplete.

ü Redistributing a static route is the best way to advertise a supernet because it stops the route from
flapping.

ü To ensure a loop free inter-domain topology, BGP does not accept updates that originated from its
own AS.

ü Origin attribute- will be “i” when injected with network command in router configuration mode,
“e” when learned through EGP, “?” incomplete when a route is redistributed into bgp.

ü BGP specifies that the next hop of EBGP learned routes remain unchanged into and through
IBGP.


The weight attribute is a special CISCO attribute that is used in the path selection when there is more than
one route to the destination. The weight attribute is local to the router on which it is assigned and is NOT
propagated in routing updates. (higher more preferred)

3 ways to set weight:
ü Access-list
ü Route-map
ü Neighbor weight command

The local preference attribute indicates the preferred path when there is multiple paths. (higher=better).
Unlike the weight attribute, the local preference IS carried with route updates and exchanged with routers
in the same
AS.


2 ways to set local preference:
ü use the bgp default local-preference command
ü route-maps

The MED attribute is a hint to EBGP peers about the preferred path into an AS when there are multiple.
(lower=better). Unlike local preference, the MED is exchanged between AS’s, but a MED that comes into
an AS does not leave the AS.

The community attribute provides a way of grouping destinations to which routing decisions can be
applied. To send the attribute you MUST use the neighbor send-community router config command.

Other topics:
BGP Route Reflectors- eliminates full mesh requiremnt.
BGP Confederations- makes “mini- AS’s” inside of an AS.
BGP Peer groups – a group of neighbors that share the same update policies.


Summary of the BGP Path Selection Process:

BGP selects only one path as the best path. When the path is selected, BGP puts the selected path in its
routing table and propagates the path to its neighbors. BGP uses the following criteria, in the order
presented, to select a path for a destination:

1. If the path specifies a next hop that is inaccessible, drop the update.

2. Prefer the path with the largest weight.

3. If the weights are the same, prefer the path with the largest local preference.

4. If the local preferences are the same, prefer the path that was originated by BGP running on this

router.

5. If no route was originated, prefer the route that has the shortest AS_path.

6. If all paths have the same AS_path length, prefer the path with the lowest origin type (where IGP is
lower than EGP, and EGP is lower than Incomplete).

7. If the origin codes are the same, prefer the path with the lowest MED attribute.

8. If the paths have the same MED, prefer the external path over the internal path.

9. If the paths are still the same, prefer the path through the closest IGP neighbor.

10. Prefer the path with the lowest IP address, as specified by the BGP router ID.


BGP Router configuration commands:

***aggregate-address Configure BGP aggregate entries
*auto-summary Enable automatic network number summarization
*bgp BGP specific commands
default Set a command to its defaults
*default-information Control distribution of default information
*default-metric Set metric of redistributed routes
*distance Define an administrative distance
***distribute-list Filter networks in routing updates
exit Exit from routing protocol configuration mode
help Description of the interactive help system
*maximum-paths Forward packets over multiple paths
***neighbor Specify a neighbor router

**network Specify a network to announce via BGP
no Negate a command or set its defaults
***redistribute Redistribute information from another routing protocol
*summary-address Configure IP address summaries
*synchronization Perform IGP synchronization
*table-map Map external entry attributes into routing table
*timers Adjust routing timers
*traffic-share Algorithm for computing traffic share for alternate routes

NEIGHBOR COMMANDS:

Rtr(config-router)#neighbor 1.1.1.1 ?
**advertise-map specify route-map for conditional advertisement
*advertisement-interval Minimum interval between sending EBGP routing updates
**default-originate Originate default route to this neighbor
description Neighbor specific description
***distribute-list Filter updates to/from this neighbor
**ebgp-multihop Allow EBGP neighbors not on directly connected networks
**filter-list Establish BGP filters
*maximum-prefix Maximum number of prefix accept from this peer
***next-hop-self Disable the next hop calculation for this neighbor
*password Set a password
*peer-group Member of the peer-group
*prefix-list Filter updates to/from this neighbor
***remote-as Specify a BGP neighbor
*remove-private-AS Remove private AS number from outbound updates
***route-map Apply route map to neighbor
***route-reflector-client Configure a neighbor as Route Reflector client
**send-community Send Community attribute to this neighbor
*shutdown Administratively shut down this neighbor

*soft-reconfiguration Peer neighbor soft reconfiguration
*timers BGP per neighbor timers
**unsuppress-map Route-map to selectively unsuppress suppressed routes
**update-source Source of routing updates
*version Set the BGP version to match a neighbor
**weight Set default weight for routes from this neighbor

(Importance - ***High **Medium *Low)

Route-maps

Global configuration mode: route-map map-tag [permit | deny] [sequence-number]
Match – set statements

SHOW and DEBUG
:
Show ip policy
Show route-map
Debug ip policy {access-list}

Policy routing

Interface statement: ip policy route-map map

Global configuration mode: route-map map-tag [permit | deny] [sequence-number]
Match – set statements

For packets originating at the router: ip local policy route-map map-tag

SHOW and DEBUG

:
Show ip policy
Show route-map
Debug ip policy
Debug ip policy {access-list}

Custom Queing

In Global configuration:
Based on protocol type-
queue-list list-number protocol protocol-name queue-number queue-keyword keyword-value

Based on source interface-
queue-list list-number interface interface-type interface-number queue-number

Assigning a default Custom Queue:
queue-list list-number default queue-number

Adjust the byte count value for a specific queue:
queue-list list-number queue queue-number byte-count byte-count-number

SHOW and DEBUG
:
Show queue
debug custom-queue

Priority Queing

In Global configuration:
Based on protocol type-

priority-list list-number protocol protocol-name {high | medium | normal | low } queue-keyword
keyword-value


Based on source interface-
priority-list list-number interface interface-type {high | medium | normal | low }

Assigning a default Priority Queue:
priority-list list-number default {high | medium | normal | low }

SHOW and DEBUG
:
deb priority
show queue [type [#]]
show queueing [custom | fair |priority | red]

HSRP

A typical HSRP configuration:

ROUTER 1:
interface ethernet 0
ip address 1.0.0.1 255.0.0.0
standby 1 ip 1.0.0.3
standby 1 preempt
standby 1 priority 110
standby 1 authentication denmark
standby 1 timers 5 15

router eigrp 1

network 1.0.0.0
network 3.0.0.0

ROUTER 2:

interface ethernet 0
ip address 1.0.0.2 255.0.0.0
standby 1 ip 1.0.0.3
standby 1 preempt
standby 1 authentication denmark
standby 1 timers 5 15
!
router eigrp 1
network 1.0.0.0
network 2.0.0.0

The standby ip interface configuration command enables HSRP and establishes 1.0.0.3 as the IP address of
the virtual router. The configurations of both routers include this command so that both routers share the
same virtual IP address. The 1 establishes Hot Standby group 1. (If you do not specify a group number, the
default is group 0.) The configuration for at least one of the routers in the Hot Standby group must specify
the IP address of the virtual router; specifying the IP address of the virtual router is optional for other
routers in the same Hot Standby group.

The standby preempt interface configuration command allows the router to become the active router when
its priority is higher than all other HSRP-configured routers in this Hot Standby group. The configurations
of both routers include this command so that each router can be the standby router for the other router. The
1 indicates that this command applies to Hot Standby group 1. If you do not use the standby preempt
command in the configuration for a router, that router cannot become the active router.

The standby priority interface configuration command sets the router's HSRP priority to 110, which is

higher than the default priority of 100. Only the configuration of Router A includes this command, which
makes Router A the default active router. The 1 indicates that this command applies to Hot Standby group
1.
The standby authentication interface configuration command establishes an authentication string whose
value is an unencrypted eight-character string that is incorporated in each HSRP multicast message. This
command is optional. If you choose to use it, each HSRP-configured router in the group should use the
same string so that each router can authenticate the source of the HSRP messages that it receives. The "1"
indicates that this command applies to Hot Standby group 1.

The standby timers interface configuration command sets the interval in seconds between hello messages
(called the hello time) to five seconds and sets the duration in seconds that a router waits before it declares
the active router to be down (called the hold time) to eight seconds. (The defaults are three and 10
seconds, respectively.) If you decide to modify the default values, you must configure each router to use the
same hello time and hold time. The "1" indicates that this command applies to Hot Standby group 1.


SHOW and DEBUG
:
Show standby
deb standby { errors | events | packets | terse | }

NAT

Interface Configuration Commands:
ip nat { inside | outside }

Interfaces need to be marked whether they are on the inside or the outside. Only packets arriving on a
marked interface will be subject to translation.

Global Configuration Commands:

Defining a pool :
ip nat pool <name> <start-ip> <end-ip> { netmask <netmask> | prefix-length <prefix-length> } [ type {
rotary } ]

Defines a pool of addresses using start address, end address, and netmask. These addresses will be allocated
as needed.

Enabling translation of inside source addresses :
ip nat inside source { list <acl> pool <name> [overload] | static <local-ip><global-ip> }

Enabling translation of inside destination addresses:
ip nat inside destination { list <acl> pool <name> | static <global-ip> <local-ip> }

Enabling translation of outside source addresses :
ip nat outside source { list <acl> pool <name> | static <global-ip> <local-ip> }

Configuring translation timeouts:
ip nat translation timeout <seconds>

Dynamic translations time out after a period of non-use. When port translation is not configured, translation
entries time out after 24 hours. This time can be adjusted with the above command or the following
variations:
ip nat translation udp-timeout <seconds>
ip nat translation dns-timeout <seconds>
ip nat translation tcp-timeout <seconds>
ip nat translation finrst-timeout <seconds>

SHOW and DEBUG
:
show ip nat translations [ verbose ]

show ip nat statistics
clear ip nat translation *
clear ip nat translation <global-ip>
clear ip nat translation <global-ip> &ltlocal-ip> <proto> <global-port> <local-port>
debug ip nat [ <list> ] [ detailed ]

Other useful NAT commands:
• clear ip nat translation * - Clear all dynamic address translation entries from
the NAT translation table
• clear ip nat translation inside global-ip local-ip [outside local-ip global-ip] -Clear
a simple dynamic translation entry containing an inside translation, or
both inside and outside translation
• clear ip nat translation outside local-ip global-ip - Clear a simple dynamic
translation entry containing an outside translation

NTP

NTP is a protocol designed to time-synchronize a network of machines.
Basic example of NTP:
clock timezone CST -6 - Sets the timezone
clock summer-time CDT recurring - Configure summer time
ntp master 3 - Make the system an authoritative NTP server
ntp update-calander - Configure NTP to update the calendar

NTP useful commands :
show calendar - Display the current calendar time
show clock [detail] - Display the current system clock time
show ntp associations [detail] - Show the status of NTP associations
show ntp status - Show the status of NTP
ntp master [stratum] - Make the system an authoritative NTP server

ntp update-calendar - Configure NTP to update the calendar
deb ntp ?
adjust NTP clock adjustments
authentication NTP authentication
events NTP events
loopfilter NTP loop filter
packets NTP packets
params NTP clock parameters
refclock NTP reference clocks
select NTP clock selection
sync NTP clock synchronization
validity NTP peer clock validity


DLSW+

Every router that supports DLSw+ must have a dlsw local-peer command; dlsw remote-peer commands
are optional, but usually at least one side of a peer connection must configure a remote peer. If a DLSw+
peer configuration omits dlsw remote-peer commands, the dlsw local-peer command must
specify the
promiscuous keyword. Promiscuous routers will accept peer connection requests from routers that are not
pre-configured.

Global configuration: (minimal configuration)

dlsw local-peer peer-id A.B.C.D {promiscuous}
dlsw remote-peer { Remote peer ring group list } { tcp | frame relay | fst | interface } A.B.C.D

In addition to specifying local and remote peers, you must map the following local data-link controls to
DLSw:


Token Ring
Define a virtual ring using the source-bridge ring-group command and include a source-
bridge command that tells the router to bridge from the external Token Ring to that virtual ring.

Ethernet
Traffic that originates on Ethernet is picked up from the local Ethernet bridge group and
transported across the DLSw network. DLSw always transfers data in noncanonical format. DLSw will
automatically make the correct MAC address conversion depending on the destination media. When
DLSw+ receives a MAC address from an Ethernet-attached device, it assumes it is canonical and converts
it to noncanonical for transport to the remote peer. At the remote peer, the address is either passed
unchanged to Token Ring-attached end systems or converted back to canonical if the destination media is
Ethernet. Note that when an SNA resource resides on Ethernet, if you configure a destination SNA address
in that device, you must use canonical format. For example, Ethernet-attached 3174s must specify the
MAC address of the FEP in canonical format. If the Token Ring or noncanonical format of the MAC
address of the FEP is 4000.3745.0001, the canonical format is 0200.ECA2.0080

Others- ( SDLC, QLLC, FDDI )

SHOW and DEBUG
:
show dlsw capabilities
show dlsw circuits
show dlsw fastcache
show dlsw local-circuit
show dlsw peers
show dlsw reachability
Show Source Bridge
Show Bridge
Show LLC2

debug dlsw [border-peers [interface interface | ip address ip-address] | core
[flow-control | messages | state | xid] [circuit-number] | local-circuit circuit-number | peers
[interface interface [fast-errors | fast-paks] | ip address ip-address [fast-errors |
fast-paks | fst-seq | udp]] | reachability [error | verbose] [sna | netbios]]
debug dlsw local
debug dlsw peers [interface interface [fast-errors | fast-paks] | ip address ip-address [fast-errors | fast-paks |
fst-seq | udp]]
debug dlsw reachability [error | verbose] [netbios | sna]

SRB
Two port bridge:
Interface configuration-
source-bridge local Ring number bridge number target ring number

Multiport bridge:
Create a virtual ring in Global configuration mode:
source-bridge ring-group virtual ring number

interface configuration:
source-bridge local Ring number bridge number virtual ring number


SR/TLB

• Configure SRB on the TR interfaces to be bridged using a virtual ring.
• Configure transparent bridging on Ethernet interfaces to be bridged.
• Select a psuedo-ring number to make all the Ethernet segments appear to the IOS as a second
virtual ring.
• Configure the global configuration command: source-bridge transparent virtual ring-group
psuedo-ring soure-route bridge number transparent bridge number


Example:

source-bridge ring-group 200
source-bridge transparent 200 70 1 10

int E0
no ip address
bridge-group 10
!
int to0
no ip address
source-bridge 100 1 200
!
int to1
no ip address
source-bridge 300 1 200
!
bridge 10 protocol ieee

200 = virtual-ring number
70 = pseudo-ring
1 = SRB bridge number…. Mapped to transparent bridge 10
10 = transparent bridge number


TB

Interface configuration: Assign interfaces to bridge group:
bridge-group <1-255>


Global configuration: Select spanning tree algorithm
Bridge <1-255> protocol { dec | ibm | ieee }

Note: All non-IP protocols are bridged by default, to bridge IP you must disable IP routing.

Transparent Bridging - Basic Bridging Example
The system has two Ethernets, one Token Ring, and one serial line. IP traffic is routed and everything else
is bridged.

interface tokenring 0
ip address 131.108.1.1 255.255.255.0
bridge-group 1
!
interface ethernet 0
ip address 192.31.7.26 255.255.255.240
bridge-group 1
!
interface ethernet 1
ip address 192.31.7.65 255.255.255.240
bridge-group 1
!
interface serial 0
ip address 192.31.7.34 255.255.255.240
bridge-group 1
!
bridge 1 protocol ieee

SHOW and DEBUG
:

Sho spanning
Sho bridge

SRT
Interface configuration-
source-bridge local Ring number bridge number target ring number
bridge-group bridge-number

Global configuration:
bridge bridge-number protocol { ieee | ibm | dec }

CRB

Concurrent Routing and Bridging - specific protocols can be bridged out of specific interfaces and routed
out others In the following example IPX is concurrently routed and bridged. IP is routed on all interfaces
and all protocols other than IP are bridged on all interfaces in the bridge group:

First enable transparent bridging.
Global configuration:
bridge crb

note: With CRB ALL network protocols are bridged by default. To selectively bridge/route use this
command:
bridge xxx route protocol

Example:

ipx routing 0000.0c36.7a43
!
interface Ethernet0/0

ip address 172.19.160.65 255.255.255.0
ipx network 160
!
interface Ethernet0/1
ip address 172.19.161.65 255.255.255.0
ipx network 161
!
interface Ethernet0/2
ip address 172.19.162.65 255.255.255.0
bridge-group 1
!
interface Ethernet0/3
ip address 172.19.14.65 255.255.255.0
bridge-group 1
!
router igrp 666
network 172.19.0.0
!
bridge crb
bridge 1 protocol ieee
bridge 1 route ip
!
SHOW and DEBUG
:
Sh int crb


IRB

Integrated Routing and Bridging allows bridged and routed traffic of the same protocol to be interchanged.


The following example uses bridge group 1 to bridge and route IP:

interface Ethernet 0
bridge-group 1
!
interface Ethernet 1
bridge-group 1
!
interface Ethernet 2
bridge-group 1
!
interface Ethernet 3
ip address 5.0.0.1 255.0.0.0
!
interface BVI 1
ip address 3.0.0.1 255.0.0.0
!
bridge irb
bridge 1 protocol ieee
bridge 1 route ip

note: With IRB ALL network protocols are bridged by default. To selectively bridge/route use this
command:

SHOW and DEBUG

Sho int bvi 1
Sho int irb


IS-IS

IPX


IPX Addressing:
ü network.node format in hexadecimal Ex: c5c0.4445.5354.0000
ü 32-bit network number
ü 48-bit node number
ü Novell 3.x and 4.x servers use internal network number Ex: aa01.0000.0000.0001

IPX Filtering:
• Input SAP filter
ipx input-sap-filter {access-list | name} Limits SAPs being added to the router’s SAP table from an
interface
• Output SAP filter
ipx output-sap-filter {access-list | name} Limits SAPs being sent out an interface
• GNS Filter
ipx output-gns-filter {access-list | name}
Controls servers included in GNS responses out an interface
• ipx gns-reply-disable
Disable responses to GNS queries on an interface
• Input Network Filter
ipx input-network-filter {access-list | name} Controls networks added to the routing table
• Output Network Filter
ipx output-network-filter {access-list | name}


Show debug:
• debug ipx packet

• show ipx cache
• show ipx interface [type [#]]
• show ipx route [network] [default] [detailed]
• show ipx servers [unsorted | [sorted [name | net | type]] [regexp name]
• show ipx traffic


ATM

End-station configuration example:
hostname RtrA
!
interface ATM3/0
no ip address
!
interface ATM3/0.1 point-to-point
ip address 1.1.1.1 255.255.255.0
pvc 0/108 : Define VPI/VCI values for PVC
protocol ip 1.1.1.2 : IP address for other side of PVC
broadcast : PVC attributes
encapsulation aal5snap

ATM SVC Setup:

• Using SVC’s requires the signaling and ILMI PVC’s
• Station addressing uses 20-byte NSAP addresses
• Use show atm ilmi-status to check ILMI
• Use debug atm sig-events to check signaling

End-station configuration example for Classical IP over ATM

interface ATM3/0
no ip address
pvc 0/5 qsaal : Signaling and ILMI PVC’s
pvc 0/16 ilmi : Signaling and ILMI PVC’s

!
!
interface ATM3/0.1 multipoint
ip address 1.1.1.1 255.255.255.0
atm esi-address 777777777777.00 : ESI for this end-station
atm arp-server nsap 47.009181000000001007386901.555555555555.00 : Full NSAP of arp server


Show and debug:

show atm vc
show atm ilmi-status
debug atm sig-events
show arp
VOIP

• FXO - Foreign Exchange Office
Connects to PSTN’s central office or local PBX Typically used for off-premise extension applications
• FXS - Foreign Exchange Station
Connects to telephone equipment, keysets and PBXs. Supplies ring voltage and dialtone


Configuring FXO/FXS:
• Dial type (FXO only)
dial-type {dtmf | pulse}

• Signal type
signal {loop-start | ground-start}
• Call progress tone
• Ring frequency (FXS only)
ring frequency {25 | 50}
• Ring number (FXO only)
ring number number
• PLAR connection mode (optional)
connection plar number
• Music threshold (optional)
music-threshold decibels
• Description (optional)
description string
• Comfort noise (optional, w/ VAD)
comfort-noise


Incoming Dial-peers:
• Define dial-peer
dial-peer voice number pots
• Telephone number for this dial-peer
destination-pattern string
• Voice port for this dial-peer
port slot-number/subunit-number/port


Outgoing Dial-peers:
• Define dial-peer
dial-peer voice number voip
• Telephone number for this dial-peer

destination-pattern string
• IP Address for this dial-peer
session target {ipv4:address | dns:host-name}

Compression:
• Configured by dial-peer on 3600
• Available types:
ü g711alaw - G711 A-Law (64kbps)
ü g711ulaw - G711 µ-Law (64kbps)
ü g729r8 - G729 (8kbps) - default
• Dial-peers on each end MUST match


Useful Voice Commands Useful Voice Commands:
• show voice port slot-number/subunit-number/port
• show voice port slot-number/subunit-number/port
• show num-exp [dialed-number]
• show dialplan number dial-string


FRTS

Frame-Relay Traffic Shaping:
• Dynamic traffic throttling on a per-VC basis. This allows the amount of traffic output to be adjusted for
amount of congestion being experienced in the network.

Frame-Relay Traffic Shaping Terms:
ü Tc - Committed Rate Measurement Interval (Bc/CIR)
ü Bc - Committed Burst Size
ü Be - Excess Burst Size

ü CIR - Committed Information Rate
ü MinCIR - Minimum Committed Information Rate

Frame-Relay Traffic Shaping Configuration
• Enable FRTS
frame-relay traffic-shaping
• Define a map-class
map-class frame-relay map-class-name
• Define map-class parameters
frame-relay custom-queue-list list-number
frame-relay priority-group list-number
frame-relay adaptive-shaping [becn |foresight]
frame-relay cir [in | out]
frame-relay mincir [in | out] bps
frame-relay bc [in | out] bits
frame-relay be [in | out] bits
frame-relay idle-timer duration
frame-relay traffic-rate average [peak]

• Apply map-class to an interface or vc
frame-relay class map-class-name
class map-class-name