Articles

Client/Server Python (works with VIRL)

Client:
#!/usr/bin/env python
import socket
TCP_IP = '10.0.0.10' TCP_PORT = 21 BUFFER_SIZE = 1024 MESSAGE = "Hello, World!"
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((TCP_IP, TCP_PORT)) s.send(MESSAGE) data = s.recv(BUFFER_SIZE) s.close()
print "received data:", data
Server:
#!/usr/bin/env python
import socket
TCP_IP = '10.0.0.14' TCP_PORT = 21 BUFFER_SIZE = 20  # Normally 1024, but we want fast response
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.bind((TCP_IP, TCP_PORT)) s.listen(1)
conn, addr = s.accept() print 'Connection address:', addr while 1:     data = conn.recv(BUFFER_SIZE)     if not data: break     print "received data:", data     conn.send(data)  # echo conn.close()
Start Server: cisco@server-2:~$ sudo python server.py  Start Client Side: cisco@server-1:~$ sudo python client.py  received data: Hello, World! cisco@server-1:~$ 
Result on Server Side: cisco@server-2:~$ sudo python server.py  Connection address: ('10.0.0…

BGP & Tunneling

Image
R1 is in AS1, R5 in AS5. R2, R3 and R4 are in AS234.
R1 has an eBGP session with R2. R5 has an eBGP session with R4.
EIGRP is configured inside AS234. To allow R1 Loopback0 to reach R5 Loopback0, we must establish an iBGP session between R2 ans R4.
We will use a GRE Tunnel between R2 and R4:

R1:
!
hostname r1
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface Serial1/0
 ip address 10.150.12.1 255.255.255.0
!
router bgp 1
 no synchronization
 bgp router-id 1.1.1.1
 bgp log-neighbor-changes
 network 1.1.1.1 mask 255.255.255.255
 neighbor 10.150.12.2 remote-as 234
 no auto-summary
!
ip route 0.0.0.0 0.0.0.0 10.150.12.2
!

On R5:

!
hostname r5
!
interface Loopback0
 ip address 5.5.5.5 255.255.255.255
!
interface Serial1/0
 ip address 10.150.45.5 255.255.255.0
!
router bgp 5
 no synchronization
 bgp router-id 5.5.5.5
 bgp log-neighbor-changes
 network 5.5.5.5 mask 255.255.255.255
 neighbor 10.150.45.4 remote-as 234
 no auto-summary
!
ip route 0.0.0.0 0.0.0.0 10.150.45.4

BGP - Synchronization

Image
Synchronization
Before the discussion of synchronization, look at this scenario. RTC in AS300 sends updates about 170.10.0.0. RTA and RTB run iBGP, so RTB gets the update and is able to reach 170.10.0.0 via next hop 2.2.2.1. Remember that the next hop is carried via iBGP. In order to reach the next hop, RTB must send the traffic to RTE.
Assume that RTA has not redistributed network 170.10.0.0 into IGP. At this point, RTE has no idea that 170.10.0.0 even exists.
If RTB starts to advertise to AS400 that RTB can reach 170.10.0.0, traffic that comes from RTD to RTB with destination 170.10.0.0 flows in and drops at RTE.
Synchronization states that, if your AS passes traffic from another AS to a third AS, BGP should not advertise a route before all the routers in your AS have learned about the route via IGP. BGP waits until IGP has propagated the route within the AS. Then, BGP advertises the route to external peers.
In the example in this section, RTB waits to hear about 170.10.0.0 via IGP.…

IPv6 - Frame-Relay #1

There is no Frame-Relay inarp mechanism for IPv6 in IOS.
We must use static l3 to l2 mapping:


!
hostname r1
!

interface Serial1/0
 no ip address
 encapsulation frame-relay
 ipv6 address 2001:CC1E::/64 eui-64
 ipv6 enable
 serial restart-delay 0
!


Gives us the IPv6 address:



r1#sh ipv6 interface brief s1/0
Serial1/0                  [up/up]
    FE80::C800:32FF:FE45:0
    2001:CC1E::C800:32FF:FE45:0
!


On r2:

! hostname r2 !
interface Serial1/0  no ip address  encapsulation frame-relay  ipv6 address 2001:CC1E::/64 eui-64  ipv6 enable  serial restart-delay 0 !

Gives us the IPv6 address:
r2#sh ipv6 interface brief s1/0 Serial1/0                  [up/up]     FE80::C801:32FF:FE45:0     2001:CC1E::C801:32FF:FE45:0 !



Now, we can configure the mapping:


On r1:

! interface Serial1/0  frame-relay map ipv6 2001:CC1E::C801:32FF:FE45:0 102 ! r1#show frame-relay map Serial1/0 (up): ipv6 2001:CC1E::C801:32FF:FE45:0 dlci 102(0x66,0x1860), static,               CISCO, status defined, active

And, on r2: ! interface Serial1/0

Policy Routing w/ Tracking objects

Image
Reliable Policy Routing R5 has two loopbacks, 5.5.5.5/32 and 55.55.55.55/32 Configure policy routing on r2 so that:  - to reach 5.5.5.5/32 packets from r1 must go to r3.  - to reach 55.55.55.55/32 packets from r1 must go to r4.  - do not use static routing on r2 (excepted to reach r1).
Use reliable routing to do this:  - if r3 is not reachable, packets to 5.5.5.5/32 must go through r4.  - if r4 is not reachable, packets to 55.55.55.55/32 must go through r3.
Verify using traceroute.
r1 configuration: ! hostname r1 ! interface Loopback0  ip address 1.1.1.1 255.255.255.255 ! interface Serial1/0  ip address 192.168.12.1 255.255.255.0 ! ip route 0.0.0.0 0.0.0.0 192.168.12.2 !
r2 configuration: ! hostname r2 ! track 5 ip sla 10 ! track 55 ip sla 15 ! interface Serial1/0  ip address 192.168.12.2 255.255.255.0  ip policy route-map PBR ! interface Serial1/1  ip address 192.168.23.2 255.255.255.0  serial restart-delay 0 ! interface Serial1/2  ip address 192.168.24.2 255.255.255.0 ! ip route 1.1.1.1 255.255.255.255 192.168.12.1 ! ip sla …

Backup using Backup Interfaces

R1 is connected to R2 via 2 links, one of the two links will be active if the first on goes down:



!
hostname r1
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet1/0
 ip address 192.168.12.1 255.255.255.0
!

interface FastEthernet2/0  backup delay 3 60  backup interface FastEthernet1/0  ip address 192.168.112.1 255.255.255.0 ! ip route 2.2.2.2 255.255.255.255 192.168.12.2 ip route 2.2.2.2 255.255.255.255 192.168.112.2 !
! hostname r2 ! interface Loopback0  ip address 2.2.2.2 255.255.255.255 ! interface FastEthernet1/0  ip address 192.168.12.2 255.255.255.0 ! interface FastEthernet2/0  ip address 192.168.112.2 255.255.255.0 ! ip route 1.1.1.1 255.255.255.255 192.168.12.1 ip route 1.1.1.1 255.255.255.255 192.168.112.1 !

FastEthernet2/0:
Backup interface FastEthernet1/0, failure delay 3 sec, secondary disable delay 60 sec,

r1(config-if)#backup ?         active     Configure an interface as an active backup   delay      Delays before backup line up or down transitions   interface  Configure …

Static Routing Backup with Tracking

Use ip sla + tracking object to check the next-hop availability. If the next hop is not reachable, the static route disappears from the routing table, useful if there is a switch between the routers:
!
interface FastEthernet1/0.102
 encapsulation dot1Q 102
 ip address 192.168.12.2 255.255.255.0
!
track 5 ip sla 1 reachability
 default-state up
!
ip sla 1
 icmp-echo 192.168.12.1 source-ip 192.168.12.2
 timeout 900
 threshold 2
 frequency 3
ip sla schedule 1 life forever start-time now
!
ip route 1.1.1.1 255.255.255.255 192.168.12.1 name Bob track 5 !