21 nov. 2011

IP Event Dampening


IP Event Dampening
Suppress the effects of excessive interface flapping events on routing protocols and routing tables in the network.

Works for
Connected routes
Static routes
RIP, OSPF, EIGRP, IS-IS, and BGP
HSRP

Enabling IP Event Dampening
enable
configure terminal
interface type number
dampening [half-life-period reuse-threshold] [suppress-threshold max-suppress [restart-penalty]]
end

Without arguments : default configuration parameters.

The following example configures interface dampening on Ethernet interface 0/0 and sets the half life to 30 seconds, the reuse threshold to 1500, the suppress threshold to 10000; and the maximum suppress time to 120 seconds:
interface Ethernet 0/0
 dampening 30 1500 10000 120
-
Libellés : ,

RIP Commands:


Allowing Unicast Updates for RIP (version 1 and 2)
Router(config-router)# neighbor ip-address
This doesn't disable broadcast/multicast updates. Combine with "passive interface xxx" 
Applying Offsets to Routing Metrics
Router(config-router)# offset-list [access-list-number | access-list-name] {in | out} offset [interface-type interface-number]
Increase incoming and outgoing metrics to routes learned via RIP. Per route (acl) and/or per interface.

Specifying a RIP Version
Router(config-router)# version {1 | 2}
To control which RIP version an interface sends:
Router(config-if)# ip rip send version 1
Router(config-if)# ip rip send version 2
Router(config-if)# ip rip send version 1 2 To control how packets received from an interface are processed:
Router(config-if)# ip rip receive version 1
Router(config-if)# ip rip receive version 2
Router(config-if)# ip rip receive version 1 2
Enabling RIP Authentication
RIP Version 1 does not support authentication. A key chain must be defined first.Router(config-if)# ip rip authentication key-chain name-of-chainRouter(config-if)# ip rip authentication mode {text | md5}
RIP Route Summarization

Interface command: ip summary-address rip
 Example:ip summary-address rip 10.1.1.0 255.255.255.0The router advertises 10.1.1.0/24 route. Advertisement of smaller routes is suppressed. Automatic summary overrides configured summary address except when:

  • The configured interface summary address and the IP address of the configured interface share the same major network (the classful, nonsubnetted portion of the IP address).
AND 
  • Split horizon is not enabled on the interface.
Disabling the Validation of Source IP Addresses
Router validates the source IP address of incoming RIP routing updates. If that source address is not valid, the software discards the routing update. To disable this feature (router is “off network” and you want to receive its updates): Router(config-router)# no validate-update-source

Enabling or Disabling Split Horizon
Split horizon blocks information about routes from being advertised by a router out of any interface from which that information originated.For nonbroadcast networks you may want to disable split horizon with RIP.Router(config-if)# ip split-horizonRouter(config-if)# no ip split-horizon Split horizon for Frame Relay is disabled by default. For all other encapsulations, split horizon is enabled by default.


Configuring Interpacket Delay
Software adds no delay between packets in a multiple-packet RIP update being sent. If you have a high-end router sending to a low-speed router, you might want to add such interpacket delay to RIP updates.Router(config-router)# output-delay milliseconds

Connecting RIP to on demand circuits
RIP sends information only when there has been an update to the routing database. Periodic update packets are suppressed over the interface on which this feature is enabled.Router(config)# interface serial controller-numberRouter(config-if)# ip rip triggered
















-
Libellés : , ,

PPP over Frame Relay


PPPoFR:
Uses virtual access interfaces cloned from a virtual template interface.
Works only on point-to-point (sub-)interfaces

Configuring Virtual Template Interfaces
1. Create a virtual template interface.
2. Configure the virtual template interface: enable PPP encapsulation using encapsulation ppp.
3. Enable IP addressing on the virtual template interface using the ip unnumbered interface-type/number.

IP address pool can be used to assign IP addresses, or an IP address can be assigned directly to the virtual template interface.

Example:
interface loopback0
 ip address 172.16.1.1 255.255.255.252
 !
interface Virtual-Template1
 ip unnumbered Loopback0
 no ip directed-broadcast
 ppp authentication chap

Apply the virtual template interface and configure PPP over Frame Relay
1. In interface configuration mode enable Frame Relay with the encapsulation frame-relay command.
2. Apply a virtual template with PPP encapsulation to the DLCI to which it will apply. Use the frame-relay interface-dlci dlci [ppp virtual-template-name-string] command.

Example:
interface serial 3/0
 no ip address
 encapsulation frame-relay
 !
interface serial 3/0.1 point-to-point
 frame-relay interface-dlci 101 ppp virtual-template1
 !
interface Virtual-Template1
 ip unnumbered loopback0
 ppp authentication chap
!
interface loopback 0
 ip address 172.16.1.1 255.255.255.252

Adding CHAP Authentication to PPP over Frame Relay

Example:
!
hostname R1
!
username R2 password 0 cisco
!
interface Virtual-Template1
 ip address 192.168.1.2 255.255.255.0
 ppp authentication chap
 !
interface Serial1
 no ip address
 encapsulation frame-relay
!
interface Serial1.1 point-to-point
 frame-relay interface-dlci 101 ppp Virtual-Template1

!
hostname R2
!
username R1 password 0 cisco
!
interface Virtual-Template1
 ip address 192.168.1.1 255.255.255.0
 no peer default ip address
 ppp authentication chap
!
interface Serial1
 no ip address
 encapsulation frame-relay
!
interface Serial1.1 point-to-point
 frame-relay interface-dlci 101 ppp Virtual-Template1
!


Tips:



  • Works even if Virtual-Templates on each routers are on different subnets.
  • It is possible to assign ip addresses from a local pool:


R5:!interface Virtual-Template1  ip unnumbered Loopback0 peer default ip address pool PPPpool!ip local pool PPPpool 10.7.7.7 10.7.7.88!
Then, Virtual-Access interfaces get IP Addresses from this pool:R5#show ip route connected      10.0.0.0/32 is subnetted, 2 subnetsC       10.7.7.8 is directly connected, Virtual-Access2C       10.7.7.9 is directly connected, Virtual-Access3     192.168.1.0/32 is subnetted, 1 subnetsC       192.168.1.1 is directly connected, Loopback0










-
Libellés : , ,

Create a loopback Interface on MacOS

Create a loopback Interface on MacOS X:
ifconfig lo0 alias 172.16.123.1 will add an alias IP 172.16.123.1 to the loopback adapter
ifconfig lo0 -alias 172.16.123.1 will remove it

-
Libellés :

17 nov. 2011

Frame-Relay Static Mapping


Static mapping:
When dynamic mapping is forbidden:
Use "frame-relay map ip broadcast" command and "no frame-relay inverse-arp"
TIP:
Broadcast keyword is effective for the DLCI. If there is more than one mapping for the same DLCI (IP1, DLCI1); (IP2, DLCI1), there is no need to add the broadcast keyword on both. Else it will send redundant broadcast on the DLCI. 

Configuration:

On the spokes:

interface Serial0/0
 ip address 183.1.123.1 255.255.255.0
 encapsulation frame-relay
 frame-relay map ip 183.1.123.2 102 broadcast
 frame-relay map ip 183.1.123.3 102
 no frame-relay inverse-arp
On the hub:
interface Serial0/0
 ip address 183.1.123.2 255.255.255.0
 encapsulation frame-relay
 frame-relay map ip 183.1.123.1 201 broadcast
 frame-relay map ip 183.1.123.3 203 broadcast
 no frame-relay inverse-arp 

Verification:

R5#show frame-relay map 
Serial0/0 (up): ip 183.1.0.4 dlci 504(0x1F8,0x7C80), static,
              broadcast,
              CISCO, status defined, active
Serial0/0 (up): ip 183.1.0.3 dlci 513(0x201,0x8010), static,
              broadcast,
              CISCO, status defined, active


















-






















Libellés :
,
,

















          

        

          

        

21 mai 2010


          

        









Back up and Restore Configuration Files










Automatic Backup of Configuration using the Kron Method:



Router(config)#kron policy-list SaveConfig

Router(config-kron-policy)#cli write 

Router(config-kron-policy)#exit 



Router(config)#kron occurrence SaveConfigSchedule at 23:00 Sun recurring

Router(config-kron-occurrence)#policy-list SaveConfig
















-






















Libellés :
,

















          

        

          

        

11 mai 2010


          

        









Multi-chassis LACP










http://www.cisco.com/en/US/docs/ios/cether/configuration/guide/ce_mlacp.html











-






































        

      









Inscription à :
Articles (Atom)









NTP - ACL



NTP - Network Time Protocol Packet types: -  Control messages : don't bother with this. -  NTP request/update messages: used for time sy...












    

  • 

    

    Create a loopback Interface on MacOS
    

    Create a loopback Interface on MacOS X:  ifconfig lo0 alias 172.16.123.1  will add an alias IP 172.16.123.1 to the loopback adapter   ifconf...
    

    

    

    • 

  • 

    

    NTP - ACL
    

    NTP - Network Time Protocol Packet types: -  Control messages : don't bother with this. -  NTP request/update messages: used for time sy...
    

    

    

    • 

  • 

    

    Client/Server Python (works with VIRL)
    

    Small Python Client/Server Application  Client     #!/usr/bin/env python     import socket     TCP_IP = '10.0.0.10'   TCP_PORT = 21 ...
    

    

    

    •