Improvements in IGMP v2:
1. Queries can be sent from the router to either all-hosts group, or members of a specific group
2. Hosts can dynamically leave groups
3. Querier election
4. Query interval response time
When a host wishes to leave a group, it sends a 'leave-group' message to 224.0.0.2
IGMP version is configured on an interface basis:
ip igmp version {1 2 3}
Router sends membership query to group specific address, host responds:
3 60.008772 172.16.40.1 224.0.0.1 IGMP V2 Membership Query, general
4 64.003868 172.16.40.10 239.255.255.250 IGMP V2 Membership Report / Join group 239.255.255.250
Friday 8 May 2009
IGMP v1 - Internet Group Management Protocol
Switches record SRC MAC/interface to reduce the flooding of packets to all ports. Broadcast and multicast packets do not have a source MAC address, so by default are flooded out of all ports.
Static MAC table entries, Cisco Group Management Protocol (CGMP), and IGMP snooping are solutions to prevent the requirement to flood packets out of all ports. Performance improvements.
IGMP is a protocol that allows router/switch to determine a multicast group is being used, and to enable the switch to only forward packets to the interfaces wishing to recieve packets to that multicast group.
First phase is for the clients to identify themselves to the router, so that they can join the multicast group. In IGMP v1 this is via a membership report sent by the client to the destination mutlicast group, and intercepted by the router.
The router on each segment sends a query to the all hosts address 224.0.0.1, if it recieves one or more responses, the group is maintained, if not the group is removed.
In IGMP v1 there is no function to allow a host to remove its self from a group, it must 'age-out'.
Static MAC table entries, Cisco Group Management Protocol (CGMP), and IGMP snooping are solutions to prevent the requirement to flood packets out of all ports. Performance improvements.
IGMP is a protocol that allows router/switch to determine a multicast group is being used, and to enable the switch to only forward packets to the interfaces wishing to recieve packets to that multicast group.
First phase is for the clients to identify themselves to the router, so that they can join the multicast group. In IGMP v1 this is via a membership report sent by the client to the destination mutlicast group, and intercepted by the router.
The router on each segment sends a query to the all hosts address 224.0.0.1, if it recieves one or more responses, the group is maintained, if not the group is removed.
In IGMP v1 there is no function to allow a host to remove its self from a group, it must 'age-out'.
Multicasting General
Unicast 1:1
Broadcast 1:all
Multicast 1:some
Multicasting addresses:
- 224.0.0.0/4
- Link local 224.0.0.0/24
- Source specific 232.0.0.0/24
- GLOP 233.0.0.0/8
Mutlicast OUI 0100.5e, 25th bt is always 0, last 23 bits are mapped from IP address.
Broadcast 1:all
Multicast 1:some
Multicasting addresses:
- 224.0.0.0/4
- Link local 224.0.0.0/24
- Source specific 232.0.0.0/24
- GLOP 233.0.0.0/8
Mutlicast OUI 0100.5e, 25th bt is always 0, last 23 bits are mapped from IP address.
Sunday 3 May 2009
IS-IS ISO Address
As IS-IS is protocol independant - sits at the data link layer, a non-ip address is used for routerid.
An ISO address is between 8 and 20 octets.
Address is broken into two sections (IDP/DSP), and is broken into three parts:
Area- group or location
ID - particular member of location
SEL - process on the host
IDP (interdomain part) External routing to AS, provided by ISO
- AFI - country code/international code/private
- IDI - organisation within the AFI
DSP (Domain Specific Part) - Internal routing within AS
- HODSP - area within AS
- System ID - might be based on IP or MAC address (cisco 6 bytes)
NSEL - Network Entity title 0x00
An ISO address is between 8 and 20 octets.
Address is broken into two sections (IDP/DSP), and is broken into three parts:
Area- group or location
ID - particular member of location
SEL - process on the host
IDP (interdomain part) External routing to AS, provided by ISO
- AFI - country code/international code/private
- IDI - organisation within the AFI
DSP (Domain Specific Part) - Internal routing within AS
- HODSP - area within AS
- System ID - might be based on IP or MAC address (cisco 6 bytes)
NSEL - Network Entity title 0x00
Saturday 2 May 2009
IS-IS Network Protocols
Hellos
End system Hello - ISO end system use ESH to attach to routers, IS-IS just attaches to local subnet
IS hello - used by router to announce its self to End system
Intermediate to Intermediate Hello (IIH) - used to meet iS neighbours
End system Hello - ISO end system use ESH to attach to routers, IS-IS just attaches to local subnet
IS hello - used by router to announce its self to End system
Intermediate to Intermediate Hello (IIH) - used to meet iS neighbours
IS-IS General Info
Intermediate system to Intermediate System (IS-IS). Interior Gateway Protocol (IGP).
Router = Intermediate System (IS)
PC= End-System (ES).
IS-IS is router to router communication.
Connectionless Network Protocol (CLNP) used for Connectionless Network Service (CLNS), network layer of OSI model.
IS-IS uses a CLNS address as router ID, and to group routers into areas, address is administrative only.
OSI supports four levels of routing:
Level 0 - End systems, end system to Intermediate system
Level 1 - Exchange routes within an area
Level 2 - Backbone between areas
Level 3 - AS to AS (inter-domain routing protocol IDRP)
IS-IS operates on levels 1/2 within and between areas.
Router = Intermediate System (IS)
PC= End-System (ES).
IS-IS is router to router communication.
Connectionless Network Protocol (CLNP) used for Connectionless Network Service (CLNS), network layer of OSI model.
IS-IS uses a CLNS address as router ID, and to group routers into areas, address is administrative only.
OSI supports four levels of routing:
Level 0 - End systems, end system to Intermediate system
Level 1 - Exchange routes within an area
Level 2 - Backbone between areas
Level 3 - AS to AS (inter-domain routing protocol IDRP)
IS-IS operates on levels 1/2 within and between areas.
Configuring OSPF authentication
Three types of authentication
- none (default)
- plain text
- MD5 hash
OSPF authentication is configured at interface level, interconnected routers need to have authentication enabled on appropriate interfaces, with same auth.
Authentication mis-match:
*Mar 1 00:04:27.851: OSPF: Rcv pkt from 192.168.2.1, FastEthernet0/0 : Mismatch Authentication type. Input packet specified type 0, we use type 2
OSPF with MD5 hash authentication:
!interface FastEthernet0/0
ip address 192.168.2.1 255.255.255.0
ip ospf authentication message-digest
ip ospf authentication-key mysecret
duplex auto
speed auto
Debug ip ospf adj - troubleshoot authentication problems
- none (default)
- plain text
- MD5 hash
OSPF authentication is configured at interface level, interconnected routers need to have authentication enabled on appropriate interfaces, with same auth.
Authentication mis-match:
*Mar 1 00:04:27.851: OSPF: Rcv pkt from 192.168.2.1, FastEthernet0/0 : Mismatch Authentication type. Input packet specified type 0, we use type 2
OSPF with MD5 hash authentication:
!interface FastEthernet0/0
ip address 192.168.2.1 255.255.255.0
ip ospf authentication message-digest
ip ospf authentication-key mysecret
duplex auto
speed auto
Debug ip ospf adj - troubleshoot authentication problems
Subscribe to:
Posts (Atom)
.jpg)