Improvements in IGMP v2:
1. Queries can be sent from the router to either all-hosts group, or members of a specific group
2. Hosts can dynamically leave groups
3. Querier election
4. Query interval response time
When a host wishes to leave a group, it sends a 'leave-group' message to 224.0.0.2
IGMP version is configured on an interface basis:
ip igmp version {1 2 3}
Router sends membership query to group specific address, host responds:
3 60.008772 172.16.40.1 224.0.0.1 IGMP V2 Membership Query, general
4 64.003868 172.16.40.10 239.255.255.250 IGMP V2 Membership Report / Join group 239.255.255.250
Friday 8 May 2009
IGMP v1 - Internet Group Management Protocol
Switches record SRC MAC/interface to reduce the flooding of packets to all ports. Broadcast and multicast packets do not have a source MAC address, so by default are flooded out of all ports.
Static MAC table entries, Cisco Group Management Protocol (CGMP), and IGMP snooping are solutions to prevent the requirement to flood packets out of all ports. Performance improvements.
IGMP is a protocol that allows router/switch to determine a multicast group is being used, and to enable the switch to only forward packets to the interfaces wishing to recieve packets to that multicast group.
First phase is for the clients to identify themselves to the router, so that they can join the multicast group. In IGMP v1 this is via a membership report sent by the client to the destination mutlicast group, and intercepted by the router.
The router on each segment sends a query to the all hosts address 224.0.0.1, if it recieves one or more responses, the group is maintained, if not the group is removed.
In IGMP v1 there is no function to allow a host to remove its self from a group, it must 'age-out'.
Static MAC table entries, Cisco Group Management Protocol (CGMP), and IGMP snooping are solutions to prevent the requirement to flood packets out of all ports. Performance improvements.
IGMP is a protocol that allows router/switch to determine a multicast group is being used, and to enable the switch to only forward packets to the interfaces wishing to recieve packets to that multicast group.
First phase is for the clients to identify themselves to the router, so that they can join the multicast group. In IGMP v1 this is via a membership report sent by the client to the destination mutlicast group, and intercepted by the router.
The router on each segment sends a query to the all hosts address 224.0.0.1, if it recieves one or more responses, the group is maintained, if not the group is removed.
In IGMP v1 there is no function to allow a host to remove its self from a group, it must 'age-out'.
Multicasting General
Unicast 1:1
Broadcast 1:all
Multicast 1:some
Multicasting addresses:
- 224.0.0.0/4
- Link local 224.0.0.0/24
- Source specific 232.0.0.0/24
- GLOP 233.0.0.0/8
Mutlicast OUI 0100.5e, 25th bt is always 0, last 23 bits are mapped from IP address.
Broadcast 1:all
Multicast 1:some
Multicasting addresses:
- 224.0.0.0/4
- Link local 224.0.0.0/24
- Source specific 232.0.0.0/24
- GLOP 233.0.0.0/8
Mutlicast OUI 0100.5e, 25th bt is always 0, last 23 bits are mapped from IP address.
Sunday 3 May 2009
IS-IS ISO Address
As IS-IS is protocol independant - sits at the data link layer, a non-ip address is used for routerid.
An ISO address is between 8 and 20 octets.
Address is broken into two sections (IDP/DSP), and is broken into three parts:
Area- group or location
ID - particular member of location
SEL - process on the host
IDP (interdomain part) External routing to AS, provided by ISO
- AFI - country code/international code/private
- IDI - organisation within the AFI
DSP (Domain Specific Part) - Internal routing within AS
- HODSP - area within AS
- System ID - might be based on IP or MAC address (cisco 6 bytes)
NSEL - Network Entity title 0x00
An ISO address is between 8 and 20 octets.
Address is broken into two sections (IDP/DSP), and is broken into three parts:
Area- group or location
ID - particular member of location
SEL - process on the host
IDP (interdomain part) External routing to AS, provided by ISO
- AFI - country code/international code/private
- IDI - organisation within the AFI
DSP (Domain Specific Part) - Internal routing within AS
- HODSP - area within AS
- System ID - might be based on IP or MAC address (cisco 6 bytes)
NSEL - Network Entity title 0x00
Saturday 2 May 2009
IS-IS Network Protocols
Hellos
End system Hello - ISO end system use ESH to attach to routers, IS-IS just attaches to local subnet
IS hello - used by router to announce its self to End system
Intermediate to Intermediate Hello (IIH) - used to meet iS neighbours
End system Hello - ISO end system use ESH to attach to routers, IS-IS just attaches to local subnet
IS hello - used by router to announce its self to End system
Intermediate to Intermediate Hello (IIH) - used to meet iS neighbours
IS-IS General Info
Intermediate system to Intermediate System (IS-IS). Interior Gateway Protocol (IGP).
Router = Intermediate System (IS)
PC= End-System (ES).
IS-IS is router to router communication.
Connectionless Network Protocol (CLNP) used for Connectionless Network Service (CLNS), network layer of OSI model.
IS-IS uses a CLNS address as router ID, and to group routers into areas, address is administrative only.
OSI supports four levels of routing:
Level 0 - End systems, end system to Intermediate system
Level 1 - Exchange routes within an area
Level 2 - Backbone between areas
Level 3 - AS to AS (inter-domain routing protocol IDRP)
IS-IS operates on levels 1/2 within and between areas.
Router = Intermediate System (IS)
PC= End-System (ES).
IS-IS is router to router communication.
Connectionless Network Protocol (CLNP) used for Connectionless Network Service (CLNS), network layer of OSI model.
IS-IS uses a CLNS address as router ID, and to group routers into areas, address is administrative only.
OSI supports four levels of routing:
Level 0 - End systems, end system to Intermediate system
Level 1 - Exchange routes within an area
Level 2 - Backbone between areas
Level 3 - AS to AS (inter-domain routing protocol IDRP)
IS-IS operates on levels 1/2 within and between areas.
Configuring OSPF authentication
Three types of authentication
- none (default)
- plain text
- MD5 hash
OSPF authentication is configured at interface level, interconnected routers need to have authentication enabled on appropriate interfaces, with same auth.
Authentication mis-match:
*Mar 1 00:04:27.851: OSPF: Rcv pkt from 192.168.2.1, FastEthernet0/0 : Mismatch Authentication type. Input packet specified type 0, we use type 2
OSPF with MD5 hash authentication:
!interface FastEthernet0/0
ip address 192.168.2.1 255.255.255.0
ip ospf authentication message-digest
ip ospf authentication-key mysecret
duplex auto
speed auto
Debug ip ospf adj - troubleshoot authentication problems
- none (default)
- plain text
- MD5 hash
OSPF authentication is configured at interface level, interconnected routers need to have authentication enabled on appropriate interfaces, with same auth.
Authentication mis-match:
*Mar 1 00:04:27.851: OSPF: Rcv pkt from 192.168.2.1, FastEthernet0/0 : Mismatch Authentication type. Input packet specified type 0, we use type 2
OSPF with MD5 hash authentication:
!interface FastEthernet0/0
ip address 192.168.2.1 255.255.255.0
ip ospf authentication message-digest
ip ospf authentication-key mysecret
duplex auto
speed auto
Debug ip ospf adj - troubleshoot authentication problems
Friday 1 May 2009
Stub summary advertisements
Advertise summary type 3 to stub
router ospf1
area 14 stub
Advertise summary default route only
router ospf 1
area 14 stub no-summary
Gateway of last resort is 10.1.1.1 to network 0.0.0.0
172.16.0.0/26 is subnetted, 1 subnets
C 172.16.1.0 is directly connected, Loopback99 10.0.0.0/26 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, FastEthernet0/0
O*IA 0.0.0.0/0 [110/2] via 10.1.1.1, 00:00:03, FastEthernet0/0
router ospf1
area 14 stub
Advertise summary default route only
router ospf 1
area 14 stub no-summary
Gateway of last resort is 10.1.1.1 to network 0.0.0.0
172.16.0.0/26 is subnetted, 1 subnets
C 172.16.1.0 is directly connected, Loopback99 10.0.0.0/26 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, FastEthernet0/0
O*IA 0.0.0.0/0 [110/2] via 10.1.1.1, 00:00:03, FastEthernet0/0
Stub area configuration
Gateway of last resort is 10.1.1.1 to network 0.0.0.0
172.16.0.0/26 is subnetted, 1 subnets
C 172.16.1.0 is directly connected, Loopback99 10.0.0.0/26 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, FastEthernet0/0 192.168.1.0/26 is subnetted, 1 subnets
O IA 192.168.1.0 [110/2] via 10.1.1.1, 00:03:37, FastEthernet0/0 192.168.3.0/32 is subnetted, 1 subnets
O IA 192.168.3.1 [110/3] via 10.1.1.1, 00:03:37, FastEthernet0/0
O*IA 0.0.0.0/0 [110/2] via 10.1.1.1, 00:03:37, FastEthernet0/0
router#sh run sec router ospf
router ospf 1
log-adjacency-changes
area 14 stub
network 10.1.1.0 0.0.0.63 area 14
network 172.16.0.0 0.0.0.63 area 14
Types of area
Standard area - every router knows every prefix
Stub area - does not accept type 5 external summary routes, default is provided by ABR
Totally stubby area - does not accept type 3,4,5 summary routes, default is provided by ABR
Not So Stubby area (NSSA) - stubby areas that can have an ASBR, type 5 LSA are disguised by type 7 LSA and converted to type 5 on ABR
Stub area - does not accept type 5 external summary routes, default is provided by ABR
Totally stubby area - does not accept type 3,4,5 summary routes, default is provided by ABR
Not So Stubby area (NSSA) - stubby areas that can have an ASBR, type 5 LSA are disguised by type 7 LSA and converted to type 5 on ABR
Types of Link State Advertisemnt
Router link type 1 - lists neighbours and cost to each, flooded within an area
Network link type 2 - send by DR, lists all routers it is adjacent to, flooded within an area
Network summary link type 3 - send by ABR, lists prefixes in area, advertises summary
AS external ASBR summary link type 4 - send by ASBR, describes external route
External Link LSA type 5 - external route advertised by ASBR, type 5 can also be default-route
NSSA external type 7 -created by ASBR in not so stubby area, type 5 tunnelled through NSSA, converted to type 5 on ABR.
Network link type 2 - send by DR, lists all routers it is adjacent to, flooded within an area
Network summary link type 3 - send by ABR, lists prefixes in area, advertises summary
AS external ASBR summary link type 4 - send by ASBR, describes external route
External Link LSA type 5 - external route advertised by ASBR, type 5 can also be default-route
NSSA external type 7 -created by ASBR in not so stubby area, type 5 tunnelled through NSSA, converted to type 5 on ABR.
OSPF Router Types
Internal router - within an area, all interfaces within same area
Backbone router - all areas are interconnected via a backbone area 0interface in area 0
Area Border Router - connects two or more areas, holds a full topological database for each area, sends summary LSA
AS boundary router - connects to other routing domains, router typically located in backbone area
Backbone router - all areas are interconnected via a backbone area 0interface in area 0
Area Border Router - connects two or more areas, holds a full topological database for each area, sends summary LSA
AS boundary router - connects to other routing domains, router typically located in backbone area
NBMA Frame Relay Configuration
!
interface Serial1/0
ip address 192.168.1.1 255.255.255.0
encapsulation frame-relay
ip ospf network non-broadcast
serial restart-delay 0
frame-relay map ip 192.168.1.2 102 broadcast
frame-relay map ip 192.168.1.3 103 broadcast
no frame-relay inverse-arp
end
Router#sh run sec router ospf
router ospf 1
router-id 192.168.1.1
log-adjacency-changes
network 192.168.1.0 0.0.0.255 area 1
neighbor 192.168.1.2
neighbor 192.168.1.3
interface Serial1/0
ip address 192.168.1.1 255.255.255.0
encapsulation frame-relay
ip ospf network non-broadcast
serial restart-delay 0
frame-relay map ip 192.168.1.2 102 broadcast
frame-relay map ip 192.168.1.3 103 broadcast
no frame-relay inverse-arp
end
Router#sh run sec router ospf
router ospf 1
router-id 192.168.1.1
log-adjacency-changes
network 192.168.1.0 0.0.0.255 area 1
neighbor 192.168.1.2
neighbor 192.168.1.3
OSPF Network Types
OSPF assumes that all routers can communicate directly using multicast, and that no router is uniquely positioned. Routers on an Ethernet segment can communicate directly, however NBMA (None Broadcast Multi Access) network types are not able to.
The following are OSPF network types configurable on a Cisco interface:
- Broadcast multiaccess
- Point-to-point
- Point-to-multipoint
- None Broadcast Multiaccess (NBMA)
On NMBA networks multicast communications are simulated by sending advertisements directly to each neighbour.
Point-to-point or Ethernet networks are automatically detected
The following are OSPF network types configurable on a Cisco interface:
- Broadcast multiaccess
- Point-to-point
- Point-to-multipoint
- None Broadcast Multiaccess (NBMA)
On NMBA networks multicast communications are simulated by sending advertisements directly to each neighbour.
Point-to-point or Ethernet networks are automatically detected
Sunday 26 April 2009
OSPF Packet Type
Five types of OSPF packet:
- Hello, used for maintaining neighbour relationships
- Database Descriptor, sending a list of router-ids, current sequence numbers, maintaining current version of link state database
- Link state requests (LSR), request for any missing LSAs
- Link state update, reply to a link state request
- Link state acknowledgement (LSAck), receipt of link state information
- Hello, used for maintaining neighbour relationships
- Database Descriptor, sending a list of router-ids, current sequence numbers, maintaining current version of link state database
- Link state requests (LSR), request for any missing LSAs
- Link state update, reply to a link state request
- Link state acknowledgement (LSAck), receipt of link state information
OSPF - DR/BDR
When mulitple routers are on the same segment, running OSPF, they form adjacencies with a designated router, and a backup designated router, this prevents routers from having to form large numbers of adjacencies with all routers.
Designated router is the router with highest interface IP address, or preferably loopback interface, BDR is router with second highest. A new router with highest IP address can not preempt the current DR. To force a DR re-election use command "clear ip ospf process *" on DR router. Use the router-id command to force the ip address used for ospf process router-id.
The DR will receive updates and send updates to segment routers. Segment routers advertise changes to the DR/BDR using multicast address 224.0.0.6.
*Mar 1 00:30:44.531: Processing link 0, id 172.16.0.1, link data 255.255.255.255, type 3
*Mar 1 00:30:44.531: Add better path to LSA ID 172.16.0.1, gateway 172.16.0.1, dist 2
*Mar 1 00:30:44.531: Add path: next-hop 192.168.0.1, interface FastEthernet0/0
*Mar 1 00:30:44.531: Processing link 1, id 192.168.0.2, link data 192.168.0.1, type 2
*Mar 1 00:30:44.535: Ignore newdist 2 olddist 1
*Mar 1 00:30:44.535: OSPF: Adding Stub nets
*Mar 1 00:30:44.535: OSPF: Add Network Route to 172.16.0.1 Mask /32. Metric: 2, Next Hop: 192.168.0.1
*Mar 1 00:30:44.535: OSPF: insert route list LS ID 172.16.0.1, type 0, adv rtr 192.168.0.1
Router#sh run sec router osp
router ospf 72
router-id 172.16.0.1
log-adjacency-changes
network 172.16.0.0 0.0.0.255 area 51
network 192.168.0.0 0.0.0.255 area 51
Designated router is the router with highest interface IP address, or preferably loopback interface, BDR is router with second highest. A new router with highest IP address can not preempt the current DR. To force a DR re-election use command "clear ip ospf process *" on DR router. Use the router-id command to force the ip address used for ospf process router-id.
The DR will receive updates and send updates to segment routers. Segment routers advertise changes to the DR/BDR using multicast address 224.0.0.6.
*Mar 1 00:30:44.531: Processing link 0, id 172.16.0.1, link data 255.255.255.255, type 3
*Mar 1 00:30:44.531: Add better path to LSA ID 172.16.0.1, gateway 172.16.0.1, dist 2
*Mar 1 00:30:44.531: Add path: next-hop 192.168.0.1, interface FastEthernet0/0
*Mar 1 00:30:44.531: Processing link 1, id 192.168.0.2, link data 192.168.0.1, type 2
*Mar 1 00:30:44.535: Ignore newdist 2 olddist 1
*Mar 1 00:30:44.535: OSPF: Adding Stub nets
*Mar 1 00:30:44.535: OSPF: Add Network Route to 172.16.0.1 Mask /32. Metric: 2, Next Hop: 192.168.0.1
*Mar 1 00:30:44.535: OSPF: insert route list LS ID 172.16.0.1, type 0, adv rtr 192.168.0.1
Router#sh run sec router osp
router ospf 72
router-id 172.16.0.1
log-adjacency-changes
network 172.16.0.0 0.0.0.255 area 51
network 192.168.0.0 0.0.0.255 area 51
OSPF Neighbours/Adjacencies
Routers running OSPF need to be directly connected in order to form adjacencies, routers exchange hello messages and update their respective neighbour tables.
Hello messages are sent to multicast address: 224.0.0.5
*Mar 1 00:17:10.235: OSPF: Send hello to 224.0.0.5 area 51 on FastEthernet0/0 from 192.168.0.2
*Mar 1 00:17:11.503: OSPF: Rcv hello from 192.168.0.1 area 51 from FastEthernet0/0 192.168.0.1
*Mar 1 00:17:11.503: OSPF: End of hello processing
Router1#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.0.1 1 FULL/BDR 00:00:28 192.168.0.1 FastEthernet0/0
Router2#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.0.2 1 FULL/DR 00:00:39 192.168.0.2 FastEthernet0/0
Hello messages are sent every 10 seconds on a broadcast link, or every 30 seconds on a non-broadcast link.
Hello messages are sent to multicast address: 224.0.0.5
*Mar 1 00:17:10.235: OSPF: Send hello to 224.0.0.5 area 51 on FastEthernet0/0 from 192.168.0.2
*Mar 1 00:17:11.503: OSPF: Rcv hello from 192.168.0.1 area 51 from FastEthernet0/0 192.168.0.1
*Mar 1 00:17:11.503: OSPF: End of hello processing
Router1#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.0.1 1 FULL/BDR 00:00:28 192.168.0.1 FastEthernet0/0
Router2#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.0.2 1 FULL/DR 00:00:39 192.168.0.2 FastEthernet0/0
Hello messages are sent every 10 seconds on a broadcast link, or every 30 seconds on a non-broadcast link.
OSPF General
OSPF is a link-state protocol based on Dijkstra shortest path first algorithm.
Routers running OSPF neighbour with routers that are directly connected, with the same network address. Link State Advertisements (LSA) are sent between routers to create a topology table, which should be consistant on all routers within the same area.
OSPF populates the following three tables:
- Neighbour table (show ip ospf neighbour
- Topology table (sh ip ospf database)
- Routing table (sh ip route)
Router#sh run sec router ospf
router ospf 72
log-adjacency-changes
network 172.16.0.0 0.0.0.255 area 51
network 192.168.0.0 0.0.0.255 area 51
Routers running OSPF neighbour with routers that are directly connected, with the same network address. Link State Advertisements (LSA) are sent between routers to create a topology table, which should be consistant on all routers within the same area.
OSPF populates the following three tables:
- Neighbour table (show ip ospf neighbour
- Topology table (sh ip ospf database)
- Routing table (sh ip route)
Router#sh run sec router ospf
router ospf 72
log-adjacency-changes
network 172.16.0.0 0.0.0.255 area 51
network 192.168.0.0 0.0.0.255 area 51
Subscribe to:
Posts (Atom)
.jpg)