Thursday, November 11, 2010

How Traceroute works.....


I know it's easy and everybody knows it...:) but still i just want to remember the icmp code numbers..:)

The "traceroute" program uses ICMP messaging and the time to live (TTL) field in the IP header. It works by sending a packet to the intended host with a TTL value of 1.
which the next hop will drop and send back an ICMP error message to the sending host.

TYPE 11 ( time-to-live exceeded
CODE 0 ( Time to live exceeded in transmit)


Then the traceroute program will send a message with a TTL of 2, then 3, etc. This way it will get information about each router using the information received in the ICMP packets. To get information about the receiving host, the message is sent to a port that is not likely to be serviced by that host. A ICMP "port unreachable" error message is generated and sent back.


See the attached picture and we can get an idea on this flow.

Tuesday, October 12, 2010

OSPF Broadcast network adjencies.

We know that every router in this network will form an adjacency with DR and BDR. and we will have one adjacency between DR and BDR as well.

so the formula for this could be.
n-2 (removed DR and BDR from the total n routers).
now these routers will form adjacency with DR and BDR both
(n-2)+(n-2) and we have to add one more adjacency between DR and BDR. so


(n-2)+(n-2)+1=2n-3 is the numbers

Example:
========


2 routers === 2*2-3=1 adjacency
4 routers === 2*4-3=5 adjacency.

Thursday, September 23, 2010

Fragmentation..




and a very good link to go for it.

http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml

Tuesday, September 7, 2010

Inter vrf routing(Static)

Objective is to ping from one vrf to the other vrf.

SETUP
========

R1 R2 and R3 three routers are there.

We need to ping from R1 (RED vrf ) to R3 (BLUE vrf).


R1-RED-----------------RED--R2--BLUE------------------BLUE--R3

1.1.1.1 1.1.1.2 2.2.2.1 2.2.2.2


101#ping vrf RED 2.2.2.2 ------------à pinging vrf BLUE’s 2.2.2.2 from R1’s VRF RED.

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

101#

===============================================

101#sh running-config interface e0/0

Building configuration...

Current configuration : 86 bytes

!

interface Ethernet0/0

ip vrf forwarding RED

ip address 1.1.1.1 255.255.255.0

end

101#

101#sh running-config | in route

ip route vrf RED 0.0.0.0 0.0.0.0 1.1.1.2

101#

===================

102#sh running-config | in route

ip route vrf RED 2.2.2.0 255.255.255.0 Ethernet1/0 2.2.2.2

ip route vrf BLUE 1.1.1.0 255.255.255.0 Ethernet0/0 1.1.1.1

102#

102#

102#sh run

102#sh running-config in

102#sh running-config interface e0/0

Building configuration...

Current configuration : 86 bytes

!

interface Ethernet0/0

ip vrf forwarding RED

ip address 1.1.1.2 255.255.255.0

end

102#sh run

102#sh running-config in

102#sh running-config interface e1/0

Building configuration...

Current configuration : 87 bytes

!

interface Ethernet1/0

ip vrf forwarding BLUE

ip address 2.2.2.1 255.255.255.0

end

102#

=================

103#sh running-config interface e1/0

Building configuration...

Current configuration : 87 bytes

!

interface Ethernet1/0

ip vrf forwarding BLUE

ip address 2.2.2.2 255.255.255.0

end

103#

103#

103#sh run

103#sh running-config | in route

ip route vrf BLUE 0.0.0.0 0.0.0.0 2.2.2.1

103#


Saturday, July 10, 2010

EIGRP auto-summary and no auto-summary

In EIGRP the auto-summary is by default enabled, means if you are just configuring the interfaces with class A, Class B or class C ip address then no matter what netmask you've applied on interface or under "router eigrp" process.
the router will advertise the address as per the mask of that class.

R1(1.1.1.1)----------------(1.1.1.2)R2

now R1 is having loopback address

R1#sh ip int brief | in Loop
Loopback1 10.1.1.1 YES manual up up
Loopback10 200.1.1.1 YES manual up up
Loopback100 60.1.1.1 YES manual up up
R1#

R1#sh running-config | sec router
router eigrp 10
network 1.0.0.0
network 10.0.0.0
network 200.1.1.0
auto-summary
R1#

it doesn't matter how you are defining the network inside "router eigrp "

R2#sh ip route eigrp
1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
D 1.0.0.0/8 is a summary, 00:17:46, Null0
20.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
D 20.0.0.0/8 is a summary, 00:17:46, Null0
D 10.0.0.0/8 [90/409600] via 1.1.1.1, 00:00:24, Ethernet0/0
D 200.1.0.0/16 [90/409600] via 1.1.1.1, 00:00:24, Ethernet0/0
R2#

You can see that class A routes are coming as /8 and class B routes are coming as /16.
even inside "router eigrp 10" if you write network 10 as 10.1.1.0 it'll become 10.0.0.0 while doing show run.

no auto summary:
===============

R1(1.1.1.1)---------------------(1.1.1.2)R2

Now if i've configured eigrp with "no auto-summary" option


R1#sh running-config | sec eigrp
router eigrp 10
network 1.0.0.0
network 10.0.0.0
network 60.0.0.0 --------->this is my loopback ip address.
network 200.1.1.0
no auto-summary
R1#


R2#sh running-config | sec eigrp
router eigrp 10
network 1.0.0.0
network 20.0.0.0
network 130.1.0.0
no auto-summary
R2#

Now if suppose on R1 the router is having loopback as
"ip address 60.1.1.1 255.255.0.0"
the R2 will receive the route as /16 see below


R2#sh ip route eigrp
10.0.0.0/24 is subnetted, 1 subnets
D 10.1.1.0 [90/409600] via 1.1.1.1, 1d07h, Ethernet0/0
60.0.0.0/16 is subnetted, 1 subnets
D 60.1.0.0 [90/409600] via 1.1.1.1, 00:07:00, Ethernet0/0
D 200.1.0.0/16 [90/409600] via 1.1.1.1, 1d03h, Ethernet0/0
R2#


same way if the loopback ip address will be /24
the router R2 will receive the route with .


R2#sh ip route eigrp
10.0.0.0/24 is subnetted, 1 subnets
D 10.1.1.0 [90/409600] via 1.1.1.1, 1d07h, Ethernet0/0
60.0.0.0/24 is subnetted, 1 subnets
D 60.1.1.0 [90/409600] via 1.1.1.1, 00:00:09, Ethernet0/0
D 200.1.0.0/16 [90/409600] via 1.1.1.1, 1d03h, Ethernet0/0
R2 #

Friday, May 28, 2010

Install GNS3 on UBUNTU

Though this is a copy paste work from some other site..but just want to keep this with me..:)

How To Install GNS3 in Ubuntu 9.04


As I am currently studying for my CCIE, I find it very helpful to be able to practice creating networks in a non-destructive environment. Thus, GNS3 provides that solution. At first it was a little difficult installing it because you simply can’t type in

sudo apt-get install GNS3

That’s not even half of it. So here is how to install GNS3 and have it work efficiently for your CCIE studying needs.

1. First we will install Dynagen and Python-Qt4

sudo apt-get install dynagen python-qt4

2. Download GNS3 and extract in /opt

cd /opt sudo wget http://downloads.sourceforge.net/project/gns-3/GNS3/0.6.1/GNS3-0.6.1-src.tar.bz2?use_mirror=softlayer sudo tar -xjvf GNS3-0.6.1-src.tar.bz2 && rm GNS3-0.6.1-src.tar.bz2 sudo mv GNS3-0.6.1-src /opt/GNS3

3. Create the following directories:
These directories will be used by GNS3 – such as projects – where your working projects will be stored, cache, temp, IOS images, etc.

cd /opt/GNS3 mkdir Dynamips mkdir IOS mkdir Project mkdir Cache mkdir tmp chmod o+rw -R ./Project chmod o+rw -R ./tmp

4. Download binary of dynamips and make it executable

cd Dynamips sudo wget http://www.ipflow.utc.fr/dynamips/dynamips-0.2.8-RC2-x86.bin sudo chmod +x ./dynamips-0.2.8-RC2-x86.bin

You can create a desktop shortcut by right-clicking on the desktop and select “Create Launcher..”, Name it GNS3 and in the command section type in

python "/opt/GNS3/gns3"

Double click to open GNS3 and we will edit the default settings. If you don’t want to use desktop icons you can create a launcher from your programs menu by right clicking on the Main Menu, selecting Edit Menu. Select New Item on the right and you will be presented with the same window where you type in the above. From there you can move the launcher into any menu section of your choice.

5. Go to edit | preferences and in the ‘Terminal command:’ section type in:

gnome-terminal -t %d -e 'telnet %h %p' > /dev/null 2>&1 &

6. Under ‘Paths’ change the ‘Project directory:’ to

/opt/GNS3/Project

and the ‘IOS/PIX directory:’ to

/opt/GNS3/IOS

7. Click on Dynamips tab on the left

For the ‘Executable path:’ type in

/opt/GNS3/Dynamips/dynamips-0.2.8-RC2-x86.bin

8. Change the ‘Working directory:’ to

/opt/GNS3/tmp

Click on the Capture tab on the left

9. For the ‘Working directory for capture files:’ change it to

/opt/GNS3/Project

After you have done all that you will be able to Open and Save your GNS3 projects properly and have an efficient setup for GNS3. In order to use the devices in GNS3 you must obtain our own IOS images from Cisco.

Sunday, March 7, 2010

OSPF Virtual Links


OSPF Virtual Links:
===============
1- When a area don't have connectivity with the backbone area ospf use virtual links to connect this isolated area to backbone.
2- The area through which you configure the virtual link, known as a transit area, in our case we are connecting Area 2 to area 0 via area 1 so for us area 1 is transit area.
3- T
he transit area cannot be a stub area.

4- Configs shown below to get the virtual links up and working
5-
The OSPF packets between the two ends of the virtual link are not multicast packets. They are tunneled packets .
6-
Once the routers become adjacent on the virtual link, Router3 considers itself an area border router (ABR), because it now has a link in Area 0. As a result, Router3 creates a summary LSA for 141.1.0.0/16 in Area 0 and in Area 1.


R1:-

router ospf 12
router-id 1.1.1.1
log-adjacency-changes
network 1.1.0.0 0.0.255.255 area 0
network 121.1.1.1 0.0.0.0 area 0

R2:-

router ospf 12
router-id 2.2.2.2
log-adjacency-changes
area 1 virtual-link 3.3.3.3 ---->virtual link to the router(3.3.3.3 is the Router iD)
network 1.1.0.0 0.0.255.255 area 0
network 2.2.2.1 0.0.0.0 area 1


R3:-

router ospf 12
router-id 3.3.3.3
log-adjacency-changes
area 1 virtual-link 2.2.2.2 -----> virtual Link 2.2.2.2 ( is the router id)
network 2.2.2.2 0.0.0.0 area 1
network 3.3.3.1 0.0.0.0 area 2

R4:-

router ospf 12
router-id 4.4.4.4
log-adjacency-changes
network 3.3.3.2 0.0.0.0 area 2
network 141.1.1.1 0.0.0.0 area 2


Few show CLI'S
=============

R2#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
3.3.3.3 0 FULL/ - - 2.2.2.2 OSPF_VL2
1.1.1.1 1 FULL/DR 00:00:35 1.1.1.1 GigabitEthernet0/3
3.3.3.3 1 FULL/DR 00:00:36 2.2.2.2 GigabitEthernet0/1
R2#
R2#
R2#sh ip os
R2#sh ip ospf vir
R2#sh ip ospf virtual-links
Virtual Link OSPF_VL2 to router 3.3.3.3 is up
Run as demand circuit
DoNotAge LSA allowed.
Transit area 1, via interface GigabitEthernet0/1, Cost of using 1
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:06
Adjacency State FULL (Hello suppressed)
Index 2/3, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
R2#



R3#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
2.2.2.2 0 FULL/ - - 2.2.2.1 OSPF_VL3
2.2.2.2 1 FULL/BDR 00:00:31 2.2.2.1 FastEthernet3/1
4.4.4.4 1 FULL/DR 00:00:38 3.3.3.2 FastEthernet6/0
R3#
R3#
R3#sh ip os
R3#sh ip ospf vir
R3#sh ip ospf virtual-links
Virtual Link OSPF_VL3 to router 2.2.2.2 is up
Run as demand circuit
DoNotAge LSA allowed.
Transit area 1, via interface FastEthernet3/1, Cost of using 1
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:02
Adjacency State FULL (Hello suppressed)
Index 1/2, retransmission queue length 0, number of retransmission 1
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 1, maximum is 1
Last retransmission scan time is 0 msec, maximum is 0 msec
R3#


R1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

1.0.0.0/16 is subnetted, 1 subnets
C 1.1.0.0 is directly connected, GigabitEthernet0/3
2.0.0.0/16 is subnetted, 1 subnets
O IA 2.2.0.0 [110/2] via 1.1.1.2, 00:42:04, GigabitEthernet0/3
3.0.0.0/16 is subnetted, 1 subnets
O IA 3.3.0.0 [110/3] via 1.1.1.2, 00:32:50, GigabitEthernet0/3
141.1.0.0/32 is subnetted, 1 subnets
O IA 141.1.1.1 [110/4] via 1.1.1.2, 00:32:50, GigabitEthernet0/3
121.0.0.0/32 is subnetted, 1 subnets
C 121.1.1.1 is directly connected, Loopback12
R1#

above we can see R1 got the routes from R4 via virtual links.


Using a GRE Tunnel Instead of a Virtual Link

You can also build a generic routing encapsulation (GRE) tunnel between Router2 and Router3 and put the tunnel in Area 0. The main differences between a GRE tunnel and a virtual link are described in this table:


GRE Tunnel

Virtual Link

All traffic in the tunnel is encapsulated and decapsulated by the tunnel endpoints.

The routing updates are tunneled, but the data traffic is sent natively.

Tunnel headers in every packet cause overhead.

Data traffic is not subject to any tunnel overhead.

The tunnel can go through a stub area.

The transit area cannot be a stub area, because routers in the stub area do not have routes for external destinations. Because data is sent natively, if a packet destined for an external destination is sent into a stub area which is also a transit area, then the packet is not routed correctly. The routers in the stub area do not have routes for specific external destinations.

Thursday, February 11, 2010

Multicast address to mac conversion.


MULTICAST:
=========

Converting the ip address of a multicast packet. I've launched vlc to listen to a multicast stream at 226.1.1.1

Above is the IGMP group request my pc has sent to the gateway
Now here are the steps to generate the Mac address.

Step 1:
--------
Our ip add is having the following digits

226.1.1.1
11100010-00000001-00000001-00000001

now we have to replace first 4 bits of this ip (means 1110) with 01-00-5E(standard mac for multicast)

01-00-5E-XX-XX-XX is our mac address as of now.

Step 2:
--------
Now we have to replace next 5 digits with a 0 in mac

11100010-00000001-00000001-00000001
01-00-5E-0X-XX-XX

Step 3:
-------
Now copy the remaining 23 bits of your ip address and convert them to HEX.

11100010-0 000001-00000001-00000001 ----> 10101(this is the hex)

So now our mac will be

01-00-5E-01-01-01

as shown in the packet capture.

Sunday, January 3, 2010

ARP




ARP request and ARP replay.suppose i'm pining from 72.163.192.214 to 72.163.192.12.
now here is the pics which represent the arp request and reply packet.


ARP is used to map a destination IP address to its MAC
address.An ARP request when added to a IP datagram has the
following fields to it [Note that a ARP request packet isadded to the IP datagram in the DATA Field]...
1) Hardware Type [Ethernet/Token Ring .. Details]
2) Protocol Type [IP/IPX ..details]
3) Operation field
[ARP Req,ARP reply,Proxy ARF Req,Proxy ARP Reply]
4) H/w Length
5) Protocol Length
6) Source IP
7) Source MAC addr
8) Destination IP9) Destination MAC addr
Here the main focus will be on the fields 6-9 ..
6) Source IP [needs no explanation]
7) Source MAC addr [needs no explanation]
8) Destination IP [needs no explanation]
9) Destination MAC addr [This will be 0000:0000:0000]
Here is the full view of arp request:

ARP REPLY: