This material on link-state routing protocols is supposed to be ICND2 but I'm just gonna say that you should still study this for ICND1 because I said so, and wish I did. Hello!
OSPF Configuration Commands
usage: conf t
router ospf 100 (numbers 1 to 65535 valid)
log-adjacency-changes
network ipaddressofnetwork wildcardmask area number
network 10.1.1.0 0.0.0.255 area 0
router-id
Create a router's interface loopback 0 address first
Turn on OSPF
If the IP address ever changes, use the command, clear ip ospf proces
1) This part can be configured here, else
2) Choose the highest of loopback interfaces, else
3) Choose the highest of active interfaces
Verification of OSPF working
show ip route (shows all the routes the router knows and how they are learned, O = OSPF)
show ip protocols
show ip ospf (displays general information)
show ip ospf interface (area id, adjacency info)
show ip ospf neighbor ipaddress mask
The command, show ip route, is very useful because it also shows the interface of the learned routes. I had a scenario to set up two encrypted tunnels for redundancy. I did a show ip route from router2 and I noticed that all the networks I was looking and learned from OSPF were listed; I was quite perplexed that the routes were not learned from the secondary tunnel associated with router2. Everyone thought I was quite the wizard to get all the systems green again, high fives all around, and no one really cared to listen what I was still concerned about.
Eventually I figured out that the routes were obviously learned by OSPF through the interface to router1 whose tunnel is indeed up, which verifies OSPF learned routes to distant networks works but my intended secondary tunnel was not up. I did some digging and discovered I was missing the tunnel's source ip address in the interface tunnel configuration, what a silly rookie typo. But that's proof that OSPF was working so well I had fooled everyone (but not myself).
Logically, a hub and spoke topology or partial mesh? You be the judge.
Authentication of OSPF
service password-encryption (otherwise the key will be in plaintext)
ip ospf authentication-key plainpas
ip ospf authentication OR
area 0 authentication (you can choose md5)
Troubleshooting OSPF
Consider possible errors in neighbor adjacency's, routing table, and authentication.
The authentication methods are 0 = null, 1 = simple pssword, 2 = md5
OSPF means Open Standard Shortest Path First
- It is Classless IGP within a larger AS operating as a single OSPF network on Cisco
- A Link State protocol propagates the LSA's and not routing table updates
These are flood to all OSPF interfaces in the area
- the description of the interface
- advertises immediately state changes
- periodic update of entire database in 30 minutes
- forms a link state database
- calculates the shortest path using a SPF algorithm
- all routers in the area will have the same topological database; knowledge of distant routers
HELLO Protocol
- OSPF sends hello packets on an interface and confirms to OSPF routers the presence of another OSPF on the link, with each other
- bidirectional response
- adjacency is formed when two routers agree on area-id, hello/dead interval, authentication, stub, area flags
To reduce traffic there is one router chosen as the DR (designated router), a BDR (backup designated router) and the rest are DROTHERS. The multicast ip address is used 224.0.0.5 and the router id used is the loopback interface.
COST
To calculate the cost of the link, use the reference bandwidth/ interface bandwidth in bits per second. For link speed greater than 100 Mbps use the ospf auto-cost reference-bandwidth.
http://ccie11440.blogspot.com/2007/11/why-are-some-ospf-routes-in-database.html
Monday, March 12, 2012
Wiring Diagram Quiz
Quiz
Assign a type of equipment for each of the points in the network, switch, router etc
Assign a media to each link based on distance- copper, fibre, T1 etc
Post your answers in the comments and let's discuss it!
My colleague had mentioned that MPLS was in alot of the questions in the CCNA Security exam as well as Cisco SDM though he was more familiar with the CLI. I just grabbed this image from google because it has alot of components of a network carrying data, voice, media during my search for MPLS, wire speed!.
Saturday, March 10, 2012
Cisco Subnetting Game Solutions
I pulled excerpts from the discussion page, to verify my own results. It seems that you have to use the whole Class C space to make the subnets even if you don`t need all the hosts. The hint is don`t worry about wasted addressing space, it`s a game for fast subnet calculations and it gets very addicting.
It`s a race against time to subnet the networks for the buildings in Area 51 before the aliens attack!
The moderator writes:
A common mistake new players make is failing to set the correct subnet mask. Even if all of the subnets have a green arrow, you still must enter the correct subnet mask in order for the game to advance. For example, if the instructions ask you to designate 2 subnets, the mask must be set to 255.255.255.128
Also, remember to click the "Set" button after each entry.
Level 1 by C Byington
Janet Area
2 Areas = 255.255.255.128
1st room
Network 192.168.1.0
Broadcast 192.168.1.127
Router 192.168.1.1
2nd Room
Network 192.168.1.128
Broadcast 192.168.1.255
Router 192.168.1.129
J Vaagen has some tips:
Memorize the subnet masks and the associated number of networks.
Then work at the 8x multiplications all the way to 248.
A tip to use in the 224 mask;
network 192.168.0.0
last ip (gateway + 30 = 31)
gateway 192.168.0.1
a lot of the scenarios use 224 as the mask..
David the Instructor:
The following table shows you possible subnet masks and why they are a certain value. Remember we borrow from the left and move to the right for more subnets.
bit 8 7 6 5 4 3 2 1
---------------------------------------------
weight 128 64 32 16 8 4 2 1
128 1 = 2 subnets
192 1 1 = 4 subnets
224 1 1 1 = 8 subnets
240 1 1 1 1 = 16 subnets
248 1 1 1 1 1 = 32 subnets
252 1 1 1 1 1 1 = 64 subnets
More hints about valid hosts and usable subnets, by Zose:
The formula 2^(number of bits) - 2 only applies to "host" bits. When determining the number of hosts in a network you use this formula. The "-2" comes from subtracting the Network Host (first IP address) and the Broadcast Host (last IP address).
When determining the correct number of subnets you do not subtract 2 normally. The only time you would subtract 2 to find the number of usable subnets is if the "ip subnet zero" command was in use (meaning the 1st subnet is not usable), and if the router is using a classful (IGRP, RIPv1) routing protocol. Usually this is not the case as both IGRP and RIPv1 are older protocols and are not commonly used any more. Instead classless protocols such as RIPv2, EIGRP, and OSPF are used.
Emmanuel has finished the game!
Okay. I've just finished the game with 32445 points. I understand your frustration cause the text is not so explicit. In this case, it means that for each of the initial subnets (8 subnets for a maximum of 16) you have to consider that this subnet could be extended in the future. So 16 subnets for the mask is the right answer (255.255.255.240) but you must leave one reserved subnet between two of these 8 initial subnets. For example suppose the network number is 192.168.1.0. With a /28 mask, the first subnet is 192.168.1.0 (With a broadcast of 192.168.1.15), the second is 192.168.1.32 (192.168.1.16 reserved for the first subnet and broadcast = 192.168.1.47), the third is 192.1.168.64 (With a broadcast of 192.168.1.79) ... Etc.
An answer with contiguous subnet numbers is wrong cause for a subnet to be extended in the future, the future reserved part must be contiguous with the initial part in order to get the possibility to migrate easier from or to the 255.255.255.224 mask (In this case we really have no more than 8 subnets but each subnet is equivalent of 2 initial subnets).
I've noticed you might have to solve this kind of problem in level 4 and 5 too with more text or no text. For the Aliens rooms there's no text and you have 8 rooms with devices. You have to imagine that aliens population will grow like the science fiction films
and therefore in this case other rooms or subnets would be necessary... I guess it's this concept of creating more subnets than showed on the screen which is the same problem for us, Jesse, David, James, Joel, Joseph and others : green everywhere except that the great "Finished" doesn't appear. I take this example of the aliens cause they are impredictible... Once you have been lucky to consider the same number of devices per room, next time you might have one alien room with 16 devices whereas 4 for another : Welcome VLSM ! Different situation and i understand why there is no text about what to do !
Applying these rules to solve your problem, i am sure you will successful in finishing the game. For me, the most difficult is the 32 subnets challenge in level 5 cause it needs to save time with the previous problems in typing correctly as fast as possible : in this question, you have to enter 32x3 numbers plus the subnet mask !
It`s a race against time to subnet the networks for the buildings in Area 51 before the aliens attack!
The moderator writes:
A common mistake new players make is failing to set the correct subnet mask. Even if all of the subnets have a green arrow, you still must enter the correct subnet mask in order for the game to advance. For example, if the instructions ask you to designate 2 subnets, the mask must be set to 255.255.255.128
Also, remember to click the "Set" button after each entry.
Level 1 by C Byington
Janet Area
2 Areas = 255.255.255.128
1st room
Network 192.168.1.0
Broadcast 192.168.1.127
Router 192.168.1.1
2nd Room
Network 192.168.1.128
Broadcast 192.168.1.255
Router 192.168.1.129
J Vaagen has some tips:
Memorize the subnet masks and the associated number of networks.
Then work at the 8x multiplications all the way to 248.
A tip to use in the 224 mask;
network 192.168.0.0
last ip (gateway + 30 = 31)
gateway 192.168.0.1
a lot of the scenarios use 224 as the mask..
David the Instructor:
The following table shows you possible subnet masks and why they are a certain value. Remember we borrow from the left and move to the right for more subnets.
bit 8 7 6 5 4 3 2 1
---------------------------------------------
weight 128 64 32 16 8 4 2 1
128 1 = 2 subnets
192 1 1 = 4 subnets
224 1 1 1 = 8 subnets
240 1 1 1 1 = 16 subnets
248 1 1 1 1 1 = 32 subnets
252 1 1 1 1 1 1 = 64 subnets
More hints about valid hosts and usable subnets, by Zose:
The formula 2^(number of bits) - 2 only applies to "host" bits. When determining the number of hosts in a network you use this formula. The "-2" comes from subtracting the Network Host (first IP address) and the Broadcast Host (last IP address).
When determining the correct number of subnets you do not subtract 2 normally. The only time you would subtract 2 to find the number of usable subnets is if the "ip subnet zero" command was in use (meaning the 1st subnet is not usable), and if the router is using a classful (IGRP, RIPv1) routing protocol. Usually this is not the case as both IGRP and RIPv1 are older protocols and are not commonly used any more. Instead classless protocols such as RIPv2, EIGRP, and OSPF are used.
Emmanuel has finished the game!
Okay. I've just finished the game with 32445 points. I understand your frustration cause the text is not so explicit. In this case, it means that for each of the initial subnets (8 subnets for a maximum of 16) you have to consider that this subnet could be extended in the future. So 16 subnets for the mask is the right answer (255.255.255.240) but you must leave one reserved subnet between two of these 8 initial subnets. For example suppose the network number is 192.168.1.0. With a /28 mask, the first subnet is 192.168.1.0 (With a broadcast of 192.168.1.15), the second is 192.168.1.32 (192.168.1.16 reserved for the first subnet and broadcast = 192.168.1.47), the third is 192.1.168.64 (With a broadcast of 192.168.1.79) ... Etc.
An answer with contiguous subnet numbers is wrong cause for a subnet to be extended in the future, the future reserved part must be contiguous with the initial part in order to get the possibility to migrate easier from or to the 255.255.255.224 mask (In this case we really have no more than 8 subnets but each subnet is equivalent of 2 initial subnets).
I've noticed you might have to solve this kind of problem in level 4 and 5 too with more text or no text. For the Aliens rooms there's no text and you have 8 rooms with devices. You have to imagine that aliens population will grow like the science fiction films
and therefore in this case other rooms or subnets would be necessary... I guess it's this concept of creating more subnets than showed on the screen which is the same problem for us, Jesse, David, James, Joel, Joseph and others : green everywhere except that the great "Finished" doesn't appear. I take this example of the aliens cause they are impredictible... Once you have been lucky to consider the same number of devices per room, next time you might have one alien room with 16 devices whereas 4 for another : Welcome VLSM ! Different situation and i understand why there is no text about what to do !Applying these rules to solve your problem, i am sure you will successful in finishing the game. For me, the most difficult is the 32 subnets challenge in level 5 cause it needs to save time with the previous problems in typing correctly as fast as possible : in this question, you have to enter 32x3 numbers plus the subnet mask !
ICND1 Take one
When you wake up from a dream and you want to write down every thought or random fleeting memory right away, but it evaporates in front of you too quickly. Here's my list: ARP vs DNS, default clock rate set? DTE/ DCE interface, cell switched? PVC, ATM, wiring solutions between midpoints, DSLAM, TCP headers, sequence numbers, HELLO, NAT, service password-encryption, WAN, T1.
I had enough time to do the exam, but it was one of those things where I wished I could go back and change the answer to a previous question. You can't do that on these exams.
About four questions in, on the first router simulation question I didn't realize that you had to click on the console computer graphic to launch the CLI of the router to access the running-config. I kept looking through all the windows for the console login, but I just didn`t clue in. Well duh, how else would you answer the questions. Anywayz I messed up that question probably worth 30 marks and made a guess on the int fa 0/1 address and the multi-part answers were all based on that first assumption which I probably got wrong.
I only practised subnetting questions in Class C, but in real time I had to do subnetting for Class B. Not a big deal because I think I got that part right but still a bit stressful under time pressure.
Another random fact - Routers breakup broadcast domains; each interface on the router is a separate network. Routers breakup collision domains too but a layer 2 switch can do that too.
WAN is an important topic. Frame relay is not supposed to be part of ICND1 but you still had to know enough about it to get some facts straight. I will need to clarify some aspects of Permanent Virtual Circuits.
Here's the breakdown of the modules tested and my score.
Describe the operation of data networks - 71%
* Implement a small switched network - 60%
Implement an IP addressing scheme and IP services to meet network requirements for a small branch office 80%
Implement a small routed network - 67%
* Explain and select the appropriate administrative tasks required for a WLAN - 0%
Identify security threats to a network and describe general methods to mitigate those threats - 100%
Implement and verify WAN links - 75%
So I end the exam with my score of 787 out of 1000. You need 804 to pass which means I missed it by a margin of 17. That makes me knowledgeable enough to be dangerous.
It is my own fault for not passing I`m sure, but I will still launch a complaint because I noticed a couple of peculiarities with my exam experience. I felt like I was doing question 9 and then I clicked the mouse one too many times and I was on question 13. So I probably missed a four part question. I was a bit perplexed, probably should`ve said something at the time but I was like whatever. I`m wondering if those are the WLAN questions I completely skipped over. I only remember doing two questions on that whole subject and they did not adequately cover the topic of Explain and select the appropriate administrative tasks required for a WLAN.
I have the Pearson Vue 1 800 number so I may lodge a complaint and try to ask Cisco for a rebate on the retake of the exam. But do I really want to do this again after 10 days. Do I really want to re certify in 3 years and do this again. Right now though, I just feel like I want to crawl under a rock and die, but I can`t help but pulling my books to... restudy! All the kids are napping so I have 2 hours!!!
I have the difficult task of explaining to my boss that I didn't pass the exam. Hopefully if I show him the report card with the marks broken down he can see that I passed the important stuff and even got a 100% on the network security portion (comforting). However I feel that I have temporarily lost my geek status so the blog will not be named Barbie Geek Tech Bytes for now...
I had enough time to do the exam, but it was one of those things where I wished I could go back and change the answer to a previous question. You can't do that on these exams.
About four questions in, on the first router simulation question I didn't realize that you had to click on the console computer graphic to launch the CLI of the router to access the running-config. I kept looking through all the windows for the console login, but I just didn`t clue in. Well duh, how else would you answer the questions. Anywayz I messed up that question probably worth 30 marks and made a guess on the int fa 0/1 address and the multi-part answers were all based on that first assumption which I probably got wrong.
I only practised subnetting questions in Class C, but in real time I had to do subnetting for Class B. Not a big deal because I think I got that part right but still a bit stressful under time pressure.
Another random fact - Routers breakup broadcast domains; each interface on the router is a separate network. Routers breakup collision domains too but a layer 2 switch can do that too.
WAN is an important topic. Frame relay is not supposed to be part of ICND1 but you still had to know enough about it to get some facts straight. I will need to clarify some aspects of Permanent Virtual Circuits.
Here's the breakdown of the modules tested and my score.
Describe the operation of data networks - 71%
* Implement a small switched network - 60%
Implement an IP addressing scheme and IP services to meet network requirements for a small branch office 80%
Implement a small routed network - 67%
* Explain and select the appropriate administrative tasks required for a WLAN - 0%
Identify security threats to a network and describe general methods to mitigate those threats - 100%
Implement and verify WAN links - 75%
So I end the exam with my score of 787 out of 1000. You need 804 to pass which means I missed it by a margin of 17. That makes me knowledgeable enough to be dangerous.
It is my own fault for not passing I`m sure, but I will still launch a complaint because I noticed a couple of peculiarities with my exam experience. I felt like I was doing question 9 and then I clicked the mouse one too many times and I was on question 13. So I probably missed a four part question. I was a bit perplexed, probably should`ve said something at the time but I was like whatever. I`m wondering if those are the WLAN questions I completely skipped over. I only remember doing two questions on that whole subject and they did not adequately cover the topic of Explain and select the appropriate administrative tasks required for a WLAN.
I have the Pearson Vue 1 800 number so I may lodge a complaint and try to ask Cisco for a rebate on the retake of the exam. But do I really want to do this again after 10 days. Do I really want to re certify in 3 years and do this again. Right now though, I just feel like I want to crawl under a rock and die, but I can`t help but pulling my books to... restudy! All the kids are napping so I have 2 hours!!!
I have the difficult task of explaining to my boss that I didn't pass the exam. Hopefully if I show him the report card with the marks broken down he can see that I passed the important stuff and even got a 100% on the network security portion (comforting). However I feel that I have temporarily lost my geek status so the blog will not be named Barbie Geek Tech Bytes for now...
Subscribe to:
Posts (Atom)