Sunday, April 12, 2009
Happy Passover!
Hey everyone, I wanted to wish you all happy passover! enjoy your holiday, We didnt update the blog with any new articles lately, that's due to the reason we are a bit busy right now and we gotta take care for couple other things :) (such life? heh)Just wanted to let you know we are still here, and we got some plans for the coming week. The next article would be about VTP - Virtual Trunking Protocol.
We've got few people asking how they can register to the exam, I'll add an article about how to do that soon. stay patient :)
Also we are about to publish the second QuestionPack of CCNA-Certified! be sure if you answer those, you will be ready to answer any question you might receive on your exam :)
In addition, the questions about the STP article are about to be published either in the next few days..
You are still welcome to comments your questions, feedbacks, compliments and complains (hope there are none) :)
So, alot of updates are planned for the next few weeks.. stay tuned!
CCNA-Certified Staff.
Read more...
Thursday, April 2, 2009
The OSPF Process
So, whats OSPF?OSPF stands for Open Shortest Path First, its a link-state routing protocol. Link-state protocols don't exchange routers or metrics, they exchange the state of the links
and their costs (metric) associated with those links (LSA packets).
A link is actually a router's interface, and the state is few parameters regarding that link, including: IP of the interface, subnet mask, type of network (Ethernet / NBMA Frame-Relay..), the routers that connected to that link.
Each router collects link-state information (like routing updates in RIP) to construct its own loop-free paths to every network in the same area.
OSPF is based on the Dijkstra Shortest Path First (SPF) algorithm (a complex mathematical calculations) and it builds 'SPF tree' which is how the router see's the network topology from its point-of-view, or an overall picture of all the routers in the same area.
Link-state protocols remove the limit of hop count in distance vector protocols (RIP). actually, OSPF got infinite hop count!
As networks grows real fast, routing protocols must be able to react quickly to topology changes, and converge the network quick so there will be almost no interruptions.
The Advantages of OSPF:
- Supports VLSM / CIDR
- Infinite hop count
- Allows scalability
- Multi-Vendor (can work on NON-Cisco routers)
- Minimize routing updates
- Converge REAL quick
- Allow authentication
- Using areas
What & Why are we using areas in OSPF?
Areas actually allows you to use an hierarchical network design, seperate your whole network into smaller groups, which makes network convergence faster and delimit network instability to a single area in your network, prevent it from propagating to the whole production network.
For example, if the 'Sales Dept.' having a problem with their router, and they are in their own area, it won't affect 'Marketing Dept.' at all.
The topology of an area is unkown outside of the area, this decreases the routing overhead and saves uneeded SPF calculations by the router and additional bandwidth.
Each area has its own link-state database, its own picture of the inside area network.
- What is the backbone area? this area known as area 0 (or 0.0.0.0) and thats the core of the OSPF network. All other areas are connected to it (might be more than a single link to the backbone), and routing between different areas must go through the backbone area routers.
OSPF router types:
Backbone Router: the backbone router provides connectivity between areas. routers that belongs only to area 0, are the backbone routers.
Area Border Router (ABR): those are multiple areas routers. routers that are connected to more than 1 area.
Internal Router: routers that are not connected directly to the backbone. means, routers that are part of only single area, and this area is different than 0 (the backbone area).
Autonomous System Boundary Router: router that is also connected to external AS or routing domain.
Lets demonstrate it:
All the interfaces are in area 0, besides the link that marked in RED, which is part of area 1
So, all the routers expect router 1 are backbone routers - because they are connected only to the backbone!
Router 1 is a ABR, becuase it connected to more than a single area. its like a border between the backbone to area 1.
How do our routers become adjacencies?
For OSPF routers to become adjacencies and exchange LSA's they must agree upon two parameters.
both the subnet address and the subnet mask must match. if they dont match, the routers won't become adjacencies
they also must match hello & dead timers. both values has to be the same on both routers.
- pay attention: ospf defaults hello & dead timers is different on ethernet and nbma networks. make sure the network type is configured correctly.
after routers become neighbors, they start to exchange LSA's. the Hello packets are used to maintain that neighborship.
Also, if there is a OSPF authentication requirement, the password also must match ofcourse.
Whats RID?
The router ID is a number that uniquely identifies the router. The highest
IP address on an active interface is chosen by default, unless a loopback interface or the router
ID is configured; This identification is important in establishing and troubleshooting neighbor relationships.
So, the RID will be chosen by: The RouterID command, if not set -> by the highest loopback interface ip address, and last by the highest physical interface ip.
Why loopback interface is stronger than regular interface? and what is it anyway?
The main reason loopbacks are used in OSPF is - reliability.
OSPF is more reliable with loopback interfaces configured because loopback interfaces are always active and cannot be in a down state like a physical interfaces can.
Also it ease the process of troubleshoting and debugging the network when there is a problem.
It is nuch easier recongize and figure which router is 2.2.2.2 rather than 192.168.1.10.. right?
Whats costs and how they are calculated?
Costs is the metric of OSPF. like we got hopcount on RIP, OSPF uses cost to measure the link priority. the lower the cost, the shorter the destination is.
Costs are figured by the interface bandwidth, so the higher the bandwidth will be - the lower the cost of it.
The SPF algorithm runs a series of calculations with each router as the root of the SPF tree, and finds the shortest path to each destination on the area.
LSA's are flooded all over the network to make sure all the routers have the same SPF database, the same topology picture of the network.
Although all the routers have the same database, each router has its own view of the network, and his routing table built upon that.
Here's an example of how costs are calculated:
Router1 cost to router0 is 10 (10Mbps link), and Router0 cost to Router3 is 64 (T1 link).
so in the routing table of router1, we will see an entry to reach router3 with the cost of 10+64 = 74. thats the cost of R1 to reach R3.
The DR / BDR election process!
a DR (Designated Router) and BDR (Backup Designated Router) routers are elected on multi-access networks, such as Ethernet, Frame-Relay, etc..
Its job is to maintain the OSPF database and inform everyone when there is a topology change.
Instead of everyone will forward LSA's to everyone, and when there is a change everyone will update the rest of the routers in the network about that change,
OSPF chose one router to do that. This saves alot of bandwidth.
It works like that:
a DR router is elected, all other routers sends LSA's only to him (and to the BDR ofcourse). when there is a topology change (lets say one of the routers link went down)
that router will send LSA only to the DR router! (the destination IP is a multicast IP that accepted only at the DR router) then, the DR router will process the LSA
and send an update to the rest of the network, with the changes occured.
The BDR is actually the backup of the DR. so if the DR goes down, there won't be a new election that will take time and resources and OSPF gives a fast solution to that issue,
by 'promoting' the BDR to the DR state. OSPF then making a new election, only to the BDR this time.
The election won by the router with the highest priority, and if priority is equal the RID is used as a tiebreaker.
- Note that there will NOT be a DR election on point-to-point networks!
EXAMPLE:
In our example we will choose Router0 as the DR router of the network.
The network includes 2 Ethernet links - to Router1 and Router2
and 1 Point-To-Point link to Router3
We've 2 options to do so,
The first option is to simply use the "ip ospf priority" and set it to a higher number than the default (which is 1), and this will affect the DR election process to elect
Router0 as our DR for the 2 Ethernet segments (links to R1 and R2). NOTE that on the link to R3 there won't be any DR or BDR! Routers are equal on that link and they
exchange LSA's with each other, just like they both are the DR.
The second option we have is to set Router0 with the highest IP address. so, we will configure all the routers with loopback IP's now:
Router0:
Router0(config)#int loopback0
%LINK-5-CHANGED: Interface Loopback0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
Router0(config-if)#ip address 11.1.1.1 255.255.255.255
I used an host subnet mask of 255.255.255.255 because we actually got only one device on that 'network'. you can use whatever subnet mask you want,
but remember using 255.255.255.255 actually saves you IP's.
Router1:
Router1(config)#int loopback0
%LINK-5-CHANGED: Interface Loopback0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
Router1(config-if)#ip address 2.2.2.2 255.255.255.255
Router2:
Router2(config)#int loopback0
%LINK-5-CHANGED: Interface Loopback0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
Router2(config-if)#ip address 3.3.3.3 255.255.255.255
Now if all the priorites are equal on all the routers (if you didnt change it, they are equal by default) - the DR will be elected upon the highest IP.
Router1's IP is the highest 11.1.1.1 is bigger than 2.2.2.2 or 3.3.3.3, so Router1 will be elected as the DR on both Ethernet network segments!
Lets sum the OSPF PROCESS:
- HELLO packets are sent between neighbors to form adjancy
- Routers verifing conditions that must match [hello and dead timers + subnet network + mask]
- DR election starts ONLY on Broadcast & NBMA networks. In case of PTP networks there won't be a DR election.
- to influence the DR election - use the "ip ospf priority" on the interface level
- On NBMA (Frame-Relay) remember the "neighbor
- OSPF outside area learned routes aren't calculated for cost by SPF, and their metric is [110/1]
Read more...
Friday, March 27, 2009
Share your experience with us!
Lets share the CCNA experience !!! Hey, this section is meant for sharing your CCNA experience. You may discuss the training you undertook, study method you adopted, & the materials you have used . I'll start with my own journey -I've been studying for my CCNA exam for a 6 months period.I'll give you a short description about everything I used during my studies:
- I used Cisco Curriculum Exploration v4, and it has great method to teach you the fundamentals of Networking. it includes flash, and alot of diagram to help the explanation.
- I've watched Jeremy-CBT Nuggets videos, and Chris Bryant-TrainSignal videos. IMO, Jeremy explains the material in more funny way, less boring. but Chris Bryant starting with you from scratch and building the fundamentals. I liked more TrainSignal product, although it was much more boring than CBT.
- CiscoPress ICND1+ICND2 FEB 2008 Edition, those books are really nice, but they are assuming you got some fundamentals knowledge in networking. they are explaining the more complex concepts better than the others.
- Sybex Todd's Lamle 6th Edition, I think you all know this book. Great book, explains the material very good. Although CiscoPress got some concepts that were more clear to me in their books than Todd's.
- Packet Tracer v5 (Cisco). This is one of the best tools you can ask for. This program actually lets you simulate an exam oriented networking environment, if you are like me, and you got no Cisco switches / routers to build your study network then packet tracer is something to grab!!!
NOTE: I'm against brain-dumps. dumps can't help you study or understand the concepts and acquire knowledge that you need for passing the CCNA and as a matter of fact any other certification. The exam isn't about who has a better memorizing skills, so don't use dumps instead study books . Don't waste your time on dumps. FIRST read the books, DO ALOT OF LABS, and then, only then go over any exam enviornment program you come acrss, if you wish to use them.
I found it easier to first watch a video, and then read the books chapter. That made it easier for me to read, since the videos would serve the purpose of a summary. After every chapter you're done with, use Packet Tracer to make up LABs and see how it really works!
PT has a great simulation mode that gives you the option to see the process step-by-step! use it, its awesome and very beneficial! Then, go over your book questions at the end of each chapter. Mark the questions you answered wrong, and review them. If you want, you can take notes while watching the videos.. for later reference - very helpful.
NOTE: I'm against brain-dumps. dumps can't help you study or understand the concepts and acquire knowledge that you need for passing the CCNA and as a matter of fact any other certification. The exam isn't about who has a better memorizing skills, so don't use dumps instead study books . Don't waste your time on dumps. FIRST read the books, DO ALOT OF LABS, and then, only then go over any exam enviornment program you come acrss, if you wish to use them.
I found it easier to first watch a video, and then read the books chapter. That made it easier for me to read, since the videos would serve the purpose of a summary. After every chapter you're done with, use Packet Tracer to make up LABs and see how it really works!
PT has a great simulation mode that gives you the option to see the process step-by-step! use it, its awesome and very beneficial! Then, go over your book questions at the end of each chapter. Mark the questions you answered wrong, and review them. If you want, you can take notes while watching the videos.. for later reference - very helpful.
This process should take you atleast 6 weeks, no way it will be shorter. Using dumps is something that you should know ,i do not encourage using dumps as study material you may use if like it,as a testing material.
Remember CCNA exam will test you in 3 things :
1) Concepts
2) Configuration
3) Troubleshooting
Study & practice hard, nail the concepts, and you should clear the exam!
Read more...
Thursday, March 26, 2009
STP Process: Step-by-step
STP or spanning tree protocol is used to prevent switching loops. STP will determine the most desirable path, and place that port in Forwarding mode ( to forward the traffic), while other less-desirable path ports will be in Blocking mode.Redundancy is very important in networking, they are good because they help to prevent a complete failure of a network in case one of the links goes down.
STP allows a network design to include redundant links to provide automatic backup paths if an active link fails, while removing the danger of switching loops, or the need for manual intervention enabling these backup links.
** LAB Included!
Before we start, lets cover the STP terminology:
- Root Bridge (Switch): This is the switch with the best (smallest) BID or lowest MAC address . The root bridge becomes a key parameter when considering all other network decisions, like which port will be in BLOCKING mode and which will be in FORWARDING mode.
- BID (Bridge ID): Each bridge has a unique identifier (ID) and a configurable priority number (32768 is the default priority on Cisco switches) the bridge ID is combination of the priority and the MAC address of a switch. This is how STP tracks all the switches in the network. BID of a Switch looks as follows: PRIORITY.MAC-ADDRESS; 32768.AAAA:AAAA:AAA1
- Non root Bridges: Those are all the bridges that are not elected as the root bridge.
- BPDU: Those are special data frames the switches use to exchange STP information (BID, Cost to root) with other switches in the network for the selection of the root bridge and the port roles (root port, designated port, blocking port).
There are three types of BPDUs:
* Configuration BPDU (CBPDU), used for STP computation.
* Topology Change Notification (TCN) BPDU, used to announce changes in the network topology.
* Topology Change Notification Acknowledgment (TCA).
BPUD's are sent every 2 seconds by default, and they are used to track the network topology for any topology change.
STP Port modes:
- Blocking: User Frames aren't forwarded through that port; BPDU's are accepted; those ports used as backup paths, and they might go into forwarding mode if the other designated links in use were to fail.
- Listening: User Frames aren't forwarded through that state; MAC-address-table is NOT built yet; BPDUs are accpeted and the switch gathers new information regarding other switches in the topology.
- Learning: User Frames aren't forwarded yet but they are accepted by the switch to build the CAM table.The switch in this state tries to learn which mac address belongs to what port.
- Forwarding: User Frames are SENT and RECEIVED; STP still monitors incoming BPDUs that would indicate it change the mode to the blocking state to prevent a loop.
OK. Now let's have some fun.
I'll demonstrate the Root Bridge election process, then how Root ports are elected and last, how Designated / Blocking ports are decided.
- Root Bridge & Root ports election:
The switches exchange BPDUs, and each of the switches compare its own BID with the received BPDU. The bridge with the lowest priority will be elected as the root bridge. If the priority is equal on all the switches, the switch with the lowest MAC address will be elected. (Remeber how BIDs look like? - priority.MAC-ADDRESS, so if priority is equal, the MAC is used as tie-breaker!)
- After the Root bridge election, each of the switches in the network needs to choose its path to the root bridge. STP uses the term 'cost' to determine the speeds of the links. Lower cost - faster link, more bandwith!
The port with the shortest path to the root bridge (lowest cost to the root bridge) is elected as the ROOT PORT. If the switch has a directly connected to the root bridge, the cost to root value will be 0.
- If a switch has multiple links to the root bridge, and their costs are equal, the neighbors BID is used as the tie-breaker. The neighbor with the lower advertising BID is elected to be the shortest path to the root (and that port role is ROOT PORT).
- If redundancy is used, and multiple links are connected to the same switch, and costs are equal (MAC will be equal too because we are connecting to the same switch!) - the lowest interface priority is used as the root port. and if that's equal too, the lowest physical interface port will be elected as root port.
I'll demonstrate it now:
Root port process:
- Elect ROOT switch -> The switches exchanging BPDUs with each other, deciding which one of them will be the Root for that network. I've changed the priority of S1 to 24576 so it would be the Root bridge of our topology.
S1(config)#spanning-tree vlan 1 priority 24576. After that, I've changed the priority of S3 to 28672 so it will be the Root bridge in-case S1 falls. S3(config)#spanning-tree vlan 1 priority 28672
- Choose Root ports on every single switch -> Each one of the switches, determine its shortest path to the Root, and that port becomes the Root port. Since every switch is directly connected to the Root, and the speed of the links is equal, that connected port becomes the Root port.
- Choose Designated ports on every segment -> Now the switches needs to agree which of the NON-Root ports will be placed in blocking mode to prevent loops. On each segment (S2 -> S3, S3 -> S4 links) the switches compare their Cost to Root, since all the switches directly connected to the Root, their Costs are equal. So, now they are comparing their BIDs. Remember I changed S3's priority? so that it would be lower than the defaut? S3 BID is lower than both switches BID, so S3 places its ports in Designanted role and those ports are Forwarding traffic regulary. S2 & S4 switches both places their connected ports to S3 to Blocking role, and those ports are Blocking aby traffic except BPDUs. Now our STP enviornment is converged.
Here are the notes I took to my self to remember this whole thing about Root port election:
- Choose the path with the lowest cost to the root bridge, If equal --> Choose the neighboring switch with the lowest BID, If equal -->
that means multiple links go through the same switch, so choose the port with the lowest priority, If equal --> pick the lowest physical interface as the root port.
- Designated & Blocking ports:
After the root ports are set, each networking segment gotta have 1 port in FWD, and 1 port in BLK mode (to prevent loops!)
The designated port of a segment is decided upon which switch is closer to the root bridge? (has lower cost to Root..)
In our topology example:
S2, S3 and S4 has equal cost to the root bridge. that actually means in STP terms that none of them is actually closer to the root than the other. So in that case, they are comparing their BIDs with each other (for each link ofcourse, S2 and S3 and S3 and S4. since there is no link between S2 and S4 - there will be no comparison between those two!)
Because S3 priority is the lowest, S3 ports will be in DP role and S2 & S4 ports goes into BLK mode.
* the cost to the root is equal, you can already guess, the decision will be made upon the lower BID. The switch with the lower BID will be the DP (Designated port..) for this link.
* Once STP is converged, each NONROOT switch MUST have only ONE Root port, and each segment between 2 nonroot switches have 1 Designated port, and the other side of the link will be in BLK mode. This is a great rule to remember.
* STP root bridge ports will be ALL in Designated role and FWD state. And NON of the root ports will be in "Root" role!
** LAB for practicing is available @ STPLab.rar
** STP Questions is available @ http://ccna.certify.googlepages.com/stpquestions
Read more...
Sunday, March 22, 2009
QuestionPack Series #1
This exam pack covers Basic OSI & RIP questions.
We are starting today our QuestionPack series! bundled questions that were made by our staff, to help you nail the concepts! We will keep this series updated, so expect a pack like this every week or two.
The first pack contains 15 questions, answers included at the button.
Those questions were written by US, and were made for you to see if you understand the concepts. Good luck..
Questions related to Understanding how packets transverse in a network article.
1. Refer to the exhibit.
1. When a packet is sent from PC0 to PC1, with what credentials would the packet be RECEIVED by PC1?
A. Source IP: 10.0.0.2, Source MAC: aaaa:aaaa:aa10 -- Destination IP: 20.0.0.2, Destionation MAC: bbbb:bbbb:bb20
B. Source IP: 10.0.0.1, Source MAC: rrrr:rrrr:rr20 -- Destination IP: 20.0.0.2, Destionation MAC: bbbb:bbbb:bb20
C. Source IP: 10.0.0.2, Source MAC: rrrr:rrrr:rr20 -- Destination IP: 20.0.0.2, Destionation MAC: bbbb:bbbb:bb20
D: Source IP: 10.0.0.2, Source MAC: oooo:oooo:oo30 -- Destination IP: 20.0.0.2, Destionation MAC: rrrr:rrrr:rr20
2. When the packet is LEAVING PC0, What would be the packet and frame information?
A. Source IP: 10.0.0.2, Source MAC: aaaa:aaaa:aa10 -- Destination IP: 10.0.0.1, Destionation MAC: oooo:oooo:oo10
B. Source IP: 10.0.0.2, Source MAC: aaaa:aaaa:aa10 -- Destination IP: 20.0.0.2, Destionation MAC: oooo:oooo:oo10
C. Source IP: 10.0.0.2, Source MAC: aaaa:aaaa:aa10 -- Destination IP: 30.0.0.2, Destionation MAC: rrrr:rrrr:rr30
D. Source IP: 10.0.0.2, Source MAC: aaaa:aaaa:aa10 -- Destination IP: 20.0.0.2, Destionation MAC: bbbb:bbbb:bb20
3. When the packets are received on Router0's E0/0 interface, through what process they go?
A. The router changes the destination MAC and IP to PC1's information
B. The router passes the packet unchanged to Router1 and Router1 forwards it to PC1 as it was originated
C. The router change only the destionation IP to PC1's 20.0.0.2
D. The router changes only the destionation MAC to PC1's bbbb:bbbb:bb20
E. The router changes only the destionation MAC to Router1's E0/1 interface rrrr:rrrr:rr30
4. PC1 wants to reply back to PC0 ping, how would the packet be sent back from PC1 to PC0?
A. Source IP: 20.0.0.2, Source MAC: bbbb:bbbb:bb20 -- Destination IP: 20.0.0.1, Destionation MAC: rrrr:rrrr:rr20
B. Source IP: 20.0.0.2, Source MAC: bbbb:bbbb:bb20 -- Destination IP: 10.0.0.2, Destionation MAC: rrrr:rrrr:rr20
A. Source IP: 20.0.0.2, Source MAC: bbbb:bbbb:bb20 -- Destination IP: 10.0.0.2, Destionation MAC: rrrr:rrrr:rr30
A. Source IP: 20.0.0.2, Source MAC: bbbb:bbbb:bb20 -- Destination IP: 10.0.0.1, Destionation MAC: oooo:oooo:oo30
5. When a packet is received by a router , and no route for the destination is found in the routing table, the router will:
A. Discard the packet
B. Will send it back through the port it was received, notifying that the destination is unreachable
C. Will forward it to the default-gateway, if there is one.
D.None of the above
6. When a switch is receiving a frame, what is the first thing the switch does?
A. Checking the destionation MAC address to forward the frame as soon as possible.
B. Buffering the frame, checking for errors, and forward it through the outbound interface
C. Learning the source MAC address and inserting it to its MAC-address-table
D. Checking the destination MAC address, and if there is no entry for the destination, the switch floods the frame
E. If the destination MAC is broadcast (all ff's) the switch forwards the frame out all the interfaces including the originate interface of the frame
7. How does the ROUTER build its routing table ?
A. From directly connected networks
B. From manually configured static networks
C. From routing protocols
D. All of the above are correct.
8. What is the right order of encapsulation as the data travels from layer 7 to layer 1?
A. Bits, frame, packet, segment
B. Segment, frame, packet, bits
C. Frame, packet, segment, bits
D. Segment, packet, frame, bits
Section2 :: Questions from RIP Concepts you gotta know article
9. This appear in the routing table of CCNA-R2:
R 100.0.0.0 [120/12] via 192.168.1.1, 00:00:16, FastEthernet0/1
This means (Choose 2):
A. The router is running RIP, and the destination network is directly connected to the next router.
B. The router is running RIP, and the destination network can be reachable through FastEthernet0/1
C. The destination network is 120 hops away.
D. The destination network is 12 hops away.
10. This appear in the routing table of CCNA-R2:
R 100.0.0.0 [120/1] via 192.168.1.1, 00:01:02, FastEthernet0/1
What can we tell from the information above?
A. The route 100.0.0.0 is 1 hop away through FastEthernet0/1
B. 192.168.1.0 is directly connected network
C. 192.168.1.1 MUST be a switch
D. Probably there is a problem with the destination network
11. Refering to the exhibit
What is the MOST correct statement?
A. RIP is running
B. RIPv2 is running
C. RIPv1 is running
D. The links going to appear as 'possible down' in 2:41 min
12. Refering to the exhibit
What is the reason route 100.0.0.0/8 appears as possibly down?
A. The router didn't receive any updates for 180 seconds
B. FastEthernet0/0 is shutted down on the local router
C. 192.168.1.1 got disconnected from FastEthernet0/0 interface
D. The router didn't receive any updates for 30 seconds
12.2 By default, how long will it take to drop this route?
A. Another 30 seconds
B. Another 60 seconds
C. Another 90 seconds
D. Another 50 seconds
E. The link won't get dropped automatically, it needs to be done manually
13. What are the advantages of RIPv2 (Choose three) ?
A. It supports authentication
B. Its easier to install than RIPv1
C. It supports VLSM / CIDR
D. It is broadcasting RIP updates
E. It is multicasting RIP updates
14. This appear in the routing table of CCNA-R2:
R 100.0.0.0 [120/16] via 192.168.1.1, 00:00:03, FastEthernet0/1
What can you tell about this route?
A. It was learned using RIP protocol
B. It received the last routing update 3 seconds ago
C. The route won't be routable due to the metric value
D. The next update should be received in 3 seconds
E. It is routable through FastEthernet0/1, on the next hop 192.168.1.1
ANSWERS:
1. C
2. B
3. E
4. B
5. C
6. C
7. A+B+C
8. D
9. B+D
10. D
11. A
12. A
12.2 B
13. A+C+E
14. C
** Hurry? You can download those questions here - Question_Pack_v1
Read more...
Saturday, March 21, 2009
Understanding the Routing Information Protocol ( RIP)
• RIP is a dynamic routing protocol, Its a protocol that advertise the routes you arespecifying with the network command, and populate them to the routing tables of other routers in your network.• RIP is a Distance-Vector protocol. It uses uses a single routing metric (hop count) to measure the distance between the source and a destination network.Every router between the source network and destination network is considered as 1 hop count.
• RIP uses AD (Administrative distance) of 120.
• RIP has 2 versions, RIPv1 and RIPv2.
** LABS included!
Comparing the advantages and disadvantages of RIP:
Advantages:
- RIP is very easy to implement, and is the prefered routing protocol across small LANs.
- The RIP process is simple, therefore it doesn't consume much of the router resources.
Disadvantages:
- RIPv1 is a classful routing protocol. therefore it doesn't send the subnet mask in its routing updates.
- RIPv1 and v2 has maximum hop count of 15. IT means that , if a packet has to go through more than 15 routers, it is NOT possible with RIP. because after 15 hops, the packet is discarded (16 hops specify the network is not reachable).
- RIP has very, very slow convergence time in network terms. (you will see how slow that is when compared to other routing protocols like EIGRP & OSPF
- RIP doesn't really have a mechanism to detect routing loops.
Issues with RIP
The main issue with RIP is routing loops.Which are averted using techniques like : Maximum hop count,Split-Horizon,Route-poisoning,Poison reverse and RIP timers.
Split-horizon
RIP prevents the routing-loops to occur by implementing the split-horizon rule. The idea is to prevent a router from advertising a route back out of the interface which it was learned from. If router B learns about a route from A ,it will forward this advertisement to C but not A.
Example:
CCNA-R1 advertise the route 100.0.0.0 to CCNA-R2 (marked by Blue arrows), R2 adds the new route entry to its routing table, and send an update to all its neighbors with the new change.
Now, when CCNA-R2 sends an update to CCNA-R1 (through int fa0/0), it will include all its RIP enabled networks and routes besides the routes that was learned on the interface fa0/0! That means, CCNA-R2 will advertise only the networks 101.0.0.0, 102.0.0.0 and 192.168.1.0, and without split-horizon rule it may send R1's 100.0.0.0 network back to it.
Route poisoning
In route poisoning, when CCNA-R1 detects the 100.0.0.0 as down ,it will add /16 as a metric and wait for its update timer to expire to send this information about a networking being down with (/16 as metric) to all its neighbour.This will help other routers see this network as unreachable and will avoid any router from sending a packet to this network which is down.
Poison reverse
It is the process of breaking the split-horizon rule to indicate to other routers that a route is no longer reachable and should be removed from their routing tables.When a route is detected as invalid ( through an advertisment from a neighbour router), the router starts to advertise the route to all routers (including the router it received the route information about the dead network from) with a metric of 16 (also called infinity metric) which means that route is not-reachable. Other routers in the network update their routing-table, and the invalid route appears as "possibly down".
This mechanism prevents from routers from updating each other with invalid route enteries.
The Timers of RIP:
This is a part most of us get confused. ok so we know what the update timer is for, but what about invalid and hold-down?and why do we need to wait an extra 60 secs (240 seconds total) before a route is flushed from the routing table?
Ok so, the timers work like this:
* Timers by default are: update 30, invalid 180, hold-down 180, flushed 240.
* when an update packet is received, the route timer is being reset. RIP counters are presenting the time that the last update packet has been received, so the timers are increasing and not decreasing.
* so when you see the counter go above 30 - that means something goes wrong. When everything goes well, you should not see the RIP counter go above 29, because it suppose to receive an update every 30 seconds,if it doesn't, the counter keeps increasing til it gets to 180 seconds (the invalid timer). then, the router decides that something is wrong here, and mark the route as invalid. The status of the route is changed to "possibly down",and the router starts to advertise that route with a metric of 16 (infinity), thats how the router informs its neighbors that the link is invalid.
The route is retained in the table for a period of time (60 secs by default) and not flushed immedietly, so that the neighbors can be notified about the route being dropped.
Last, there is the flush-timer. the flush timer is how long it takes til the route is completely dropped from the routing table - the next step after the "possibly down" status. If it takes 180 seconds for a route to become invalid, it will take 60 seconds more for the route to be completely dropped from the table.
So again, as long as your counter is under 30, everything works fine. If the counter goes above 30, there is a problem.. if it gets to 180, it gets invalid (appears in the routing table as possibly-down). and after 240 seconds, only the route is completely flushed from the routing table.
The differences between RIPv1 and RIPv2:
- v1 doesn't support VLSM / CIDR .. v2 supports both
- v1 doesn't support authentication .. v2 has an authentication option
- v1 broadcast its routing updates .. v2 multicast them to 224.0.0.9
** Get the LABs for practice - RIP Labs
** Practice questions available! - CCNA-QAn1
Read more...
Thursday, March 19, 2009
Understanding how packets transverse in a network
One of the first things you have to know on your way to CCNA is what really happens inside a network,how packets transverse e.t.c. I won’t talk a lot about the OSI model and layers, there are plenty of articles about that - but I'll focus on the last 3 layers: Network, Data link and Physical layer.
** LAB included!
As your data goes down in the OSI model layers in PC-0, from the application layer to the transport layer it arrives at the 3rd layer the NETWORK layer. The network layer takes the transport layer SEGMENT (that’s how the data called after it passes at the transport layer) and encapsulates that segment with a header and it becomes a PACKET.
The packet header includes, information that is relative to the Layer 3 (Routers and Layer 3 Switches) devices. Layer 2 devices (Switches, Bridges) have nothing to do with that information.
The packet header includes many options that aren't really relative to your CCNA studies, so I'll not cover them all and stick to those that are related to the CCNA course.
- Version: the version of the IP, currently we are using v4 while v6 is being implemented too.
- Total length: This field includes the length of the IP datagram, included the IP header.
- TTL (Time to Live): this field indicates how many hops a data packet should be transmitted across the network before it is discarded. Each successful route by a router, decrease this value by 1. When it gets to 0, the packet is discarded.
- Protocol: These fields specify which protocol is used in the segment. TCP identified by the number 6, UDP is 17.
- Destination IP address: This is the destination IP address of the packet. (the IP of the receiving host). It is used by the Layer 3 device to route the packet to its particular destination, and assure that only the destination device receives that packet.
- Source IP address: the opposite of the destination IP. This field holds the IP of the sending device, so when the receiving host would want to reply it will know to whom it should send the packet.
- Data: this field carries the data that being sent in the packet.
Then, after all the IP packet fields are filled, the packet moves down to Layer 2 - the Data Link layer and being encapsulated by ARPA protocol and becomes a FRAME. The frame is used to transmit files on the local LAN or between two nodes in physical address environment. The frame includes source and destination MAC addresses - a MAC address is the PHYSICAL ADDRESS (hard coded) of a device. It is a unique address for each device in Ethernet network! The frame also has a FCS trailer, that's for error-detection.
After that, the Data Link layer passes the FRAME to the PHYSICAL layer, there the frame is translated into bits - 0's and 1's - and being transmitted over the cable.That was a brief overview of the process, to make it easier for you.
Now what is happening when a packet is received on a ROUTER?
- The router collects the streaming bits and reassemble them, that's make a FRAME. Then, the FRAME is given to the Layer2.
- The router then checks the DEST. MAC address in the frame, if the frame DEST. MAC address is the MAC address of the receiving interface, router actually STRIPS the Layer2 encapsulation - and we are left with the PACKET which contains layer 3 details, and that is handed over to Layer3.
- The router looks at the DEST. IP address in the PACKET, and then looking for a route for it in its ROUTING TABLE. If the router finds a route entry for the destination route, it forwards it out of the right interface. Else, it will discard the packet.
Now what is happening when a packet is received on a SWITCH?
Well switches doesn't really receives packets, they receives FRAMES. The switch reassembles the bits into FRAME. Now, this is how a switch handles FRAMES:
- The switch actually first CHECK THE SOURCE MAC ADDRESS of the frame! Why it does that? That's how switches build their MAC address table. If the switch has the source MAC of the frame in its table, it goes to step 2. else, it adds the SOURCE MAC address with the RECEIVED port on the switch to its MAC address table.
- Then, the switch checks the DEST. MAC address and looks if it fits to one of its MAC address table entry. If its finds a fit, the switch will FORWARD the frame - it will send the frame out the specific port. If it has not found a match in its MAC table, that frame actually called "unknown unicast frame" - and what the switch does with those kind of frames is FLOODING it out ALL OF ITS PORTS except the port it received it. (The originator of the frame).
Note: The switch doesn't even get to the point of a PACKET. Switches DON’T check or modify a packet! They mess only with the FRAME itself!
Switches also DON’T change the Source & Destination of the MAC ADDRESSES! What switches actually do is receiving a frame, checking where it supposes to be forwarded, and forward it AS IT IS to the right destination depending upon its internet table called as the CAM ( content addressable memory ) table.
For routers, routers just CHECK the IP addresses in the packet. PACKETS source & destination addresses are not being CHANGED / MODIFIED by the router, the router is only a station on the way of the packet!
But what routers do is CHANGING the SOURCE & DESTINATION of the MAC addresses in the FRAME!
MAC addresses are used to forward frames over a local LAN. Now if a packet arrived on the router, that means it needs to be forwarded to other local LAN, so it is outside of the LAN of the originator of the packet. So, the router change's the SOURCE MAC address to its FORWARDING port MAC address, and the DESTINATION MAC address is changed to the next station along the way! (It might be another router or the destination device)
Let's illustrate a way packet goes from PC 0 to PC1.
Let’s say PC0 sends traffic to PC1. PC0 will look for the MAC address of PC1 in its mac-address table. (I'll not get into the ARP process here, so let’s assume ARP process already done).
PC0 will send the packet as follows: SOURCE IP - 10.0.0.2, DESTINATION IP - 20.0.0.2
And regarding the MAC address in the frame, what would it be? - SOURCE MAC - aaaa:aaaa:aa10, and DESTINATION MAC - oooo:oooo:oo10 !
Next, the router receives the packet on its E0/0 interface, it compares the destination mac address in the frame to its own mac address of the interface that received the frame, and it founds a match. That means this frame destinated to him, so it will decapsulate the frame and forwards the packet to the layer3 process.
At layer 3, the router will look at the destination IP address of the packet. Then it will look for a match for it in its routing table. It will find one, thru the network 30.0.0.0! So, the router will encapsulate the packet into frame again, but this time with that MAC information:
Source MAC - oooo:oooo:oo30
Destination MAC - rrrr:rrrr:rr30
You got the point? The MAC addresses are used to forward traffic across a LAN, and IP is used across different LANs and WANs!
R1 will do the same process as R0 did, and will forward out this packet thru its E0/0 interface right to the destination! So,
Source MAC address is - rrrr:rrrr:rr30
Destination MAC address is - bbbb:bbbb:bb20.
To sum it all up: Note that the IP's remained the same through the whole process! The packet at PC1 still has the same source and destination IP addresses in it. The MAC addresses are always changed when crossing through devices, except switches!!!
** Get the LAB and start practicing! - Packet LAB
Read more...
Subscribe to:
Posts (Atom)
