Friday, December 4, 2009

QOS with a hint of PBR at the beginning :)

Policy Based Routing

First off Policy Based Routing aka PBR (not pabst blue ribbon ;) is used to make sure traffic is forwarded to the destination we set it to go.

To identify the Route Map used for policy routing we use the command:
router#ip policy route-map Map_Name

We build our route maps by matching traffic based on:
  • Access List- protocol or application
  • Access List- particular source and/or destination
  • Layer 3 packet length

Whenever traffic does not match an ACL we typically set the behavior of where we want the traffic to go. We also set the behavior for matches to the ACL as well.

We set the behavior by:
  • Next hop
  • Output interface
  • Default next hop
  • Default interface

Module Quality of Service CLI (MQC)

MQC was originally invented for CBWFQ

There are three steps to configure MQC
1) Identify traffic "buckets"
"class-map"
2) Dictate policy-what happens to the traffic?
"policy-map"
3) Assign the configuration
"service-policy"


Network Based Application Recognition aka NBAR

NBAR has two jobs
  • Protocol analysis
  • Traffic classification for QOS

Packet Description Language Modules (PDLMs)

Deep packet inspection

Protocol Discover
  • "ip nbar protocol-discovery"
  • "show ip bar protocol-discovery"




Marking


Marking options
  • Layer 2 and layer 3 options exist
  • Remarking/translating is often needed
  • CoS, IP Precedence, DSCP, MPLS, Experimental Bits, DE, FECN/BECN

Layer 2 Class of Service
  • 802.1P
  • 3 bits of the 802.1Q tag used for marking


___CoS______Bits_____Application
7 111 Reserved (network)
6 110 Reserved (internet)
5 101 Voice Bearer (critical)
4 100 Video (flash-override)
3 011 Call signaling (Flash)
2 010 High Priority Data (immediate)
1 001 Medium Priority Data (priority)
0 000 Best Effort (routine)

Layer 2 Frame Relay

  • Packet discard during congestion
  • Discard eligibility bit (DE)
  • This feature works in conjunction with FECNs and BECNs

Layer 2 ATM


The Cell Loss Priority field (CLP) pretty much the same as the DE in frame relay
1 bit to indicate drop priority


Layer 2 MPLS Experimental Bits

  • Layer 2 1/2
  • 3 Bits that can be used for QoS
  • By default, first (high order) bits of the Layer 3 ToS field are copied here (IP Precedence)


Layer 3 Many Uses for the ToS Byte

  • 8 bit ToS field in the IP Header
  • First 3 bits used for IP Precedence
  • Expanded to use first 6 bits for Differentiated Services Code Point(DSCP)
  • Last two bits are used for Flow Control


DSCP

  • Standardized markings using the first six bits of the ToS byte
  • Markings are standardized into published PHBs (Per Hob Behaviors)


DSCP PHBs

Class Selector (CS) PHB
  • Used for pure backward compatibility with IP Precedence
  • Last three bits set to 000
Default PHB
  • Best effort service (000000)


DSCP PHBs

Assured Forwarding (AF) PHB
  • Guaranteed bandwidth services
  • 001,010,011, or 100 initial bit settings
Expedited Forwarding (EF) PHB
  • Used for voice
  • First three bits 101


QoS Policy Propagation through BGP QPPB

Classify packets based on:
  • Access lists
  • BGP community lists
  • BGP AS Paths
  • Specific BGP attributes can be assigned to packets based on ToS markings

Thursday, December 3, 2009

EIGRP Overview

EIGRP overview

  • DUAL aka Diffused update alogorythm
  • Low CPU utilization
  • Scalability
  • Ease of configuration
  • Composite metric
  • Automatic summarization by default-by default eigrp acts in a classful manor and summarizes prefixes. Best practice is to turn this off using the (no auto summary command)

EIGRP Metric

  • Five components
  • Bandwidth
  • Delay
  • Reliability
  • Load
  • MTU
Eventually cisco changed it to bandwidth and delay. MTU is only there as a potential tie breaker. So realistically Bandwidth and delay make the metrics up. Bandwidth that is the weakest link bandwidth in the link. The lowest cost bandwidth is considered the bandwidth for that path. Administrators set the bandwidth.

Delay is the sum of delays for the entire path. We use the "delay" command to edit the delay value.

Composite metric edited with K values. You can edit each k value which is represented in the power of 3. To view default k values "show ip protocol". K values must match between eigrp speakers.

Note MTU does not have a corresponding K value.


EIGRP DUAL

  • Feasible Distance (FD)= the cost between the local router and the destination prefix. Consist of the cost to the next hop, added to the cost that next hop is advertising to the local router (Advertised Distance or AD)
  • Successor is the best (lowest cost) route to destination.
  • Feasible Successor is the second best route.
Next hop must have AD less than the current FD of the successor. This is a loop prevention mechanism.


EIGRP "Show ip eigrp topology"
  • Passive:network available
  • Active:network unavailable
  • Update:network is being updated
  • Query:outstanding query-waiting for ACK
  • Reply:generating a reply to a cry
  • SIA:convergence problem aka (stuck in active)

BGP Short Overview

Here is my short overview of BGP from my studies today.

BGP

BGP is an exterior gateway protocol. We use BGP to route between AS's.

BGP runs on TCP port 179 for its operation.

BGP Features:
  • Reliable updates
  • Triggered updates
  • Rich metrics (path attributes) for tuning
  • Extremely scalable
  • Neighbors not discovered they have to be manually configured.


BGP Peering and Route Advertisement

  • The "neighbor remote-as" command is used for Internal BGP and External BGP peerings.
  • eBGP are assumed to be directly connected, if not, you need to use the "ebgp-multihop" command.
  • The "network" command is used to advertise prefixes; the prefix must be in the routing table (static route to null0 at least)

OSPF Part 1

OSPF Part 1

OSPF Summarization

There are two types of summarizations in OSPF

  • Summarization from one area to another use the "area range"command
  • Summarization of external prefixes use the "summary-address" command

Things to remember about OSPF Summarization

  • One of the main reasons to summarize is to reduce the convergence of the domain.

If you are advertising an area prefix into a backbone router in your OSPF network there is no advertisement of this change into the backbone. Meaning there are no LSA advertisements that will be sent out including a network summary LSA.

OSPF Adjacencies

  • OSPF adjacencies occur through the exchange of hello packets. Once an adjacency is formed the link state data base is synchronized.
  • On point to point links the neighbors become fully adjacent.
  • But in the LAN environment all the routers form an adjacency with the DR or designated router, as well as the BDR or backup designated router.
  • The DROTHERS maintain a partial relationship with eachother but whenever there is a change all routers in the LAN are updated by the DR.

OSPF Network Types

There are 3 main OSPF network types
  1. P2P aka Point-to-Point:In a P2P OSPF network there is no DR or BDR. OSPF will automatically detect a P2P link so there is no need to configure priority values or anything of the sort related to the DR/BDR.
  2. Broadcast: Broadcast OSPF networks are the most common you will see. Broadcast OSPF networks do have the DR/BDR and there is an election process. Remember that the DR is responsible for forming the OSPF network and informing its neighbors of any changes. The DR election process works like this.The router with the highest IP address or Priority value wins the DR election. The default priority of 1 is given to every router in the network. If you want to manually edit who becomes the DR you need to change the priority value to higher than 1, or if you want to make sure a router never becomes the DR you set its priority to 0.
  3. NBMA aka Non Broadcast Multi Access:NBMA is only seen on a frame relay network and is thus becoming legacy but it is still important to know. In an NBMA network the DR/BDR still exist but you have to manually form neighbors using the "neighbor" command. This is pretty much the same as in EIGRP and RIP.

The other network types in OSPF are:

  1. P2MP aka Point to Multi Point:P2MP network types do not have a DR/BDR at all, but you do not have to manually configure its neighbors either. OSPF will automatically detect the p2p link as mentioned before.
  2. P2MP Non-Broadcast:P2MP Non-Broadcast network types also do not have a DR/BDR because of the p2p link. But you do have to manually configure the neighbors using the "neighbor" command to form an adjacency.
  3. Virtual Links:As Anthony Sequiera likes to put it are "temporary band aids" for a network. Meaning they should never be a permanent solution and should only be used to connect an area back to area 0 in case of loss of connectivity.
  4. Loopback:Look back network types advertise the /32 bit host route in the network. This can be configured not to advertise the /32 bit host route for security purposes.

Important faqs:

1) There is a DR in an NBMA network type
2) The default priority value is 1
3) Setting a higher priority on a device does not preempt the existing DR.


OSPF Graceful Restart

OSPF Graceful Restart is a killer technology that allows a router with multiple processors to restart the control plane without shutting down the entire router so the neighbors do not recalculate the topology as if the router went down. OSPF graceful restart is not limited to OSPF but is also available in IS-IS, EIGRP, LDP, and BGP. OSPF graceful restart is aka NSF or NSR depending on what cisco press book you are reading.

How the process works is first off the router has to have 2 processors to make this happen. One processor will restart the control plane while the other processor continues to forward traffic aka hardware based forwarding while restarting the control plain of the second processor. During the graceful restart messages will be sent to all neighbors which all routers will recognize that explains a graceful restart is happening and that the DR is not actually dead. There is a special keep alive message that I am not familiar with that informs the routers not to recalculate the topology. This stabilizes the peer devices as long as they understand the graceful restart messages. Most older platforms, and older ios's will not understand this message.

Important FAQS:

  • The hardware base forwarding capability forwards traffic using a secondary processor during an OSPF graceful restart.


OSPF Troubleshooting (very important)

When troubleshooting an empty OSPF Neighbor List the common causes of this problem are listed below:

  • Not properly configured on interfaces
  • Layer 1 or 2 issue
  • Passive interface
  • Access list blocking
  • Error in Layer 3 interface configuration
  • Hello or Dead timer mismatch
  • Authentication configuration error
  • Area ID mismatch
  • Stub flag mismatch
  • Secondary IP addressing issue
  • Incorrect network type configuration

When troubleshooting a "Stuck in Attempt State" the common causes of this problem are listed below:

  • Misconfigured neighbor statement
  • Unicast non-functional in NBMA environment

When troubleshooting a "Stuck in INIT State" the common causes of this problem are listed below:

  • Hellos being blocked in one direction
  • Multicast nonfunctional on one side
  • Authentication only on one side
  • Broadcast keyword missing from map command

When troubleshooting a "Stuck in Two-WAY State" message the common causes of this problem are listed below:

  • Priority of 0 on all routers
  • Neighbor stuck in EXSTART
  • Mismatched MTU
  • Duplicate Router ID's
  • Broken unicast connectivity

When troubleshooting a "Stuck in LOADING State" the common causes of this problem are listed below:

  • Mismatched MTU
  • Corrupted link-state request

My first blog

Hello Everybody!

This is the official first blog of getmydigits.blogspot.com. This blog will be used as a tool for me to help write out the technologies I learn every day and help re-enforce the topics I learned by writing them out. First off before I post anything about technologies I am going to list the new written blueprint. Below is the official new CCIE RS Written exam blueprint.

CCIE Routing & Switching Written Exam Topics v4.0 (Blueprint)
The comprehensive CCIE R&S Written Exam (#350-001) has 100 multiple-choice questions and is two hours in duration. The topic areas listed are general guidelines for the type of content that is likely to appear on the exam. Please note, however, that other relevant or related topic areas may also appear.
Exam Sections and Sub-task Objectives
Original information is located on the Cisco Learning Network - www.cisco.com/go/learningnetwork Cisco Systems, Inc. - All Rights Reserved © 2009 1 of 3
1.00
Implement Layer 2 Technologies

1.10
Implement Spanning Tree Protocol (STP)
(a) 802.1d
(b) 802.1w
(c) 801.1s
(d) Loop guard
(e) Root guard
(f) Bridge protocol data unit (BPDU) guard
(g) Storm control
(h) Unicast flooding
(i) Port roles, failure propagation, and loop guard operation
1.20
Implement VLAN and VLAN Trunking Protocol (VTP)
1.30
Implement trunk and trunk protocols, EtherChannel, and load-balance
1.40
Implement Ethernet technologies
(a) Speed and duplex
(b) Ethernet, Fast Ethernet, and Gigabit Ethernet
(c) PPP over Ethernet (PPPoE)
1.50
Implement Switched Port Analyzer (SPAN), Remote Switched Port Analyzer (RSPAN), and flow control
1.60
Implement Frame Relay
(a) Local Management Interface (LMI)
(b) Traffic shaping
(c) Full mesh
(d) Hub and spoke
(e) Discard eligible (DE)
1.70
Implement High-Level Data Link Control (HDLC) and PPP
2.00
Implement IPv4
2.10
Implement IP version 4 (IPv4) addressing, subnetting, and variable-length subnet masking (VLSM)
2.20
Implement IPv4 tunneling and Generic Routing Encapsulation (GRE)
2.30
Implement IPv4 RIP version 2 (RIPv2)
2.40
Implement IPv4 Open Shortest Path First (OSPF)
(a) Standard OSPF areas
(b) Stub area
(c) Totally stubby area
(d) Not-so-stubby-area (NSSA)
(e) Totally NSSA
(f) Link-state advertisement (LSA) types
(g) Adjacency on a point-to-point and on a multi-access network
(h) OSPF graceful restart
2.50
Implement IPv4 Enhanced Interior Gateway Routing Protocol (EIGRP)
(a) Best path
(b) Loop-free paths
(c) EIGRP operations when alternate loop-free paths are available, and when they are not available
(d) EIGRP queries
(e) Manual summarization and autosummarization
(f) EIGRP stubs
2.60
Implement IPv4 Border Gateway Protocol (BGP)
(a) Next hop
(b) Peering
(c) Internal Border Gateway Protocol (IBGP) and External Border Gateway Protocol (EBGP)
2.70
Implement policy routing
2.80
Implement Performance Routing (PfR) and Cisco Optimized Edge Routing (OER)
2.90
Implement filtering, route redistribution, summarization, synchronization, attributes, and other advanced features
3.00
Implement IPv6
3.10
Implement IP version 6 (IPv6) addressing and different addressing types
3.20
Implement IPv6 neighbor discovery
3.30
Implement basic IPv6 functionality protocols
3.40
Implement tunneling techniques
3.50
Implement OSPF version 3 (OSPFv3)
3.60
Implement EIGRP version 6 (EIGRPv6)
3.70
Implement filtering and route redistribution
4.00
Implement MPLS Layer 3 VPNs
4.10
Implement Multiprotocol Label Switching (MPLS)
4.20
Implement Layer 3 virtual private networks (VPNs) on provider edge (PE), provider (P), and customer edge (CE) routers
4.30
Implement virtual routing and forwarding (VRF) and Multi-VRF Customer Edge (VRF-Lite)
5.00
Implement IP Multicast
5.10
Implement Protocol Independent Multicast (PIM) sparse mode
5.20
Implement Multicast Source Discovery Protocol (MSDP)
5.30
Implement interdomain multicast routing
5.40
Implement PIM Auto-Rendezvous Point (Auto-RP), unicast rendezvous point (RP), and bootstrap router (BSR)
5.50
Implement multicast tools, features, and source-specific multicast
5.60
Implement IPv6 multicast, PIM, and related multicast protocols, such as Multicast Listener Discovery (MLD)
6.00
Implement Network Security
6.01
Implement access lists
6.02
Implement Zone Based Firewall
6.03
Implement Unicast Reverse Path Forwarding (uRPF)
6.04
Implement IP Source Guard
6.05
Implement authentication, authorization, and accounting (AAA) (configuring the AAA server is not required, only the client-side (IOS) is configured)
6.06
Implement Control Plane Policing (CoPP)
6.07
Implement Cisco IOS Firewall
6.08
Implement Cisco IOS Intrusion Prevention System (IPS)
6.09
Implement Secure Shell (SSH)
6.10
Implement 802.1x
6.11
Implement NAT
6.12
Implement routing protocol authentication
6.13
Implement device access control
6.14
Implement security features
7.00
Implement Network Services
7.10
Implement Hot Standby Router Protocol (HSRP)
7.20
Implement Gateway Load Balancing Protocol (GLBP)
7.30
Implement Virtual Router Redundancy Protocol (VRRP)
7.40
Implement Network Time Protocol (NTP)
7.50
Implement DHCP
7.60
Implement Web Cache Communication Protocol (WCCP)
Original information is located on the Cisco Learning Network - www.cisco.com/go/learningnetwork Cisco Systems, Inc. - All Rights Reserved © 2009 2 of 3
8.00
Implement Quality of Service (QoS)
8.10
Implement Modular QoS CLI (MQC)
(a) Network-Based Application Recognition (NBAR)
(b) Class-based weighted fair queuing (CBWFQ), modified deficit round robin (MDRR), and low latency queuing (LLQ)
(c) Classification
(d) Policing
(e) Shaping
(f) Marking
(g) Weighted random early detection (WRED) and random early detection (RED)
(h) Compression
8.20
Implement Layer 2 QoS: weighted round robin (WRR), shaped round robin (SRR), and policies
8.30
Implement link fragmentation and interleaving (LFI) for Frame Relay
8.40
Implement generic traffic shaping
8.50
Implement Resource Reservation Protocol (RSVP)
8.60
Implement Cisco AutoQoS
9.00
Troubleshoot a Network
9.10
Troubleshoot complex Layer 2 network issues
9.20
Troubleshoot complex Layer 3 network issues
9.30
Troubleshoot a network in response to application problems
9.40
Troubleshoot network services
9.50
Troubleshoot network security
10.00
Optimize the Network
10.01
Implement syslog and local logging
10.02
Implement IP Service Level Agreement SLA
10.03
Implement NetFlow
10.04
Implement SPAN, RSPAN, and router IP traffic export (RITE)
10.05
Implement Simple Network Management Protocol (SNMP)
10.06
Implement Cisco IOS Embedded Event Manager (EEM)
10.07
Implement Remote Monitoring (RMON)
10.08
Implement FTP
10.09
Implement TFTP
10.10
Implement TFTP server on router
10.11
Implement Secure Copy Protocol (SCP)
10.12
Implement HTTP and HTTPS
10.13
Implement Telnet
11.00
Evaluate proposed changes to a Network
11.01
Evaluate interoperability of proposed technologies against deployed technologies
(a) Changes to routing protocol parameters
(b) Migrate parts of a network to IPv6
(c) Routing Protocol migration
(d) Adding multicast support
(e) Migrate spanning tree protocol
(f) Evaluate impact of new traffic on existing QoS design
11.02
Determine operational impact of proposed changes to an existing network
(a) Downtime of network or portions of network
(b) Performance degradation
(c) Introducing security breaches
11.03
Suggest Alternative solutions when incompatible changes are proposed to an existing network
(a) Hardware/Software upgrades
(b) Topology shifts
(c) Reconfigurations