I however welcome the time it allows me to do 'my own stuff', I can take control of time and pace myself. For instance, I have managed to go through Doyle's Routing TCP-IP (both Volumes) - this was more of a refresher. managed to cover the switching and frame relay parts on the cisco blueprint, familairized myself with the cisco documentation site and listened to albums I had bought but not had a chance to fully listen to (coldplay-viva la vida, travis - the boy with no name, and I found a foreigner - greatest hits, not sure thats mine but it did make for a good listening to on Sunday morning) .....
Aaanyway I started on routing protocols beginning with RIP; since I may never work on it apart from the ccie, a lab was required to cement some of the concepts:
RIP Concepts:
http://www.faqs.org/rfcs/rfc1723.html
http://www.faqs.org/rfcs/rfc2453.html
http://www.faqs.org/rfcs/rfc1058.html
- Rip comes in two versions 1 and 2. Generally you use version 2 unless you're a dinosaur stuck in 1993 or thereabouts:-) heck using any version of RIP almost makes you one but thats neither here nor there but we need this for the exam. I wonder if there's any circumstance under which you might be required to run RIPv1
- Its distance-vector protocol same as IGRP. The simple requirement for this kind of protocol is that a router informs its neighbors of topology changes periodically.
- Uses 224.0.0.9 for neighbor discovery. This can be changed to use unicast neighor statements. I however didn't get this to work. I think a broadcast can also be used but i never tested this either.
- RIP uses SPLIT-HORIZON with POISON REVERSE - this is a technique to ensure loops never form. Google for expandend eplanations.
- classful for version 1, version 2 can carry subnet mask information on its updates.
- Version2 supports authentication
- umm please send me other key features I might have missed.
I use GNS3 for any topology that doesn't require advanced switching. So what I'll do is upload all the files used for the LAB in case you feel like replaying it.R0: Loopback : 172.20.1.1/32
R1: : 172.20.2.1/32
Network Addresses:
R0: Serial1/0 : 192.168.10.1/30
R1: Serial1/0 : 192.168.10.2/30
ffr Addresses:
R0: Serial1/1.105 : 192.168.20.1/30
R1: Serial1/1.501 : 192.168.20.2/30
Ethernet interfaces:
R0: Fastethernet0/0: 20.20.20.1/24
r1: FastEthernet0/0: 10.10.10.1/24
The lab uses cisco 3660 routers - get the legal IOS . The dlci's correspond to the frame relay sub interfaces:
R0
!the loopback and fastethernet are not really required but we'll use their addresses to confirm !routing updates. interface Loopback0 ip address 172.20.1.1 255.255.255.255 interface FastEthernet0/0 ip address 20.20.20.1 255.255.255.0 duplex auto speed auto ! used for the point to point interface Serial1/0 ip address 192.168.10.1 255.255.255.252 serial restart-delay 0 no dce-terminal-timing-enable ! used for frame relay to R1 interface Serial1/1.105 point-to-point ip address 192.168.20.1 255.255.255.252 frame-relay interface-dlci 105 !Note: we are sending routing updates through all our interfaces. you can do uncomment !the commented lines to ensure updates go !out the two connected interfaces: router rip version 2 !passive-interface default !no passive-interface Serial1/0 !no passive-interface Serial1/1.105 network 20.0.0.0 !the ethernet network network 172.20.0.0 !the loopback network 192.168.10.0 ! the ffr network network 192.168.20.0 ! the serial network I had thought removing this last two networks and ! establishing unicast neighbors using neighbor statemtnes would work but something didn't ! work out. I'll revisit this some day. no auto-summary |
R1
interface Loopback0 ip address 172.20.2.1 255.255.255.255 interface FastEthernet0/0 ip address 10.10.10.1 255.255.255.0 duplex auto speed auto interface Serial1/0 ip address 192.168.10.2 255.255.255.252 serial restart-delay 0 no dce-terminal-timing-enable interface Serial1/1.501 point-to-point ip address 192.168.20.2 255.255.255.252 frame-relay interface-dlci 501 router rip version 2 ! just to show you how you can filter out outgoing updates, I used the reverse of the rip !configuration above (R0) on the passive-interface statement. The one below suppresses !messages going out the fastethernet and loopback interfaces --Loopback?? ! passive-interface FastEthernet0/0 ! passive-interface Loopback0 network 10.0.0.0 network 172.20.0.0 network 192.168.10.0 network 192.168.20.0 no auto-summary |
Thats the basic configuration that got my RIP running.
verification:
R1
R1#sh ip int br | exclude una Interface IP-Address OK? Method Status Protocol FastEthernet0/0 10.10.10.1 YES manual up up Serial1/0 192.168.10.2 YES manual up up Serial1/1.501 192.168.20.2 YES manual up up Loopback0 172.20.2.1 YES manual up up R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#router rip R1(config-router)#no offset-list 0 out 14 Serial1/0 R1(config-router)#no offset-list 1 in 2 Serial1/1.501 R1(config-router)# R1(config-router)#^Z R1#clear ip ro *Mar 1 00:11:17.931: %SYS-5-CONFIG_I: Configured from console by console* R1#sh ip protocols Routing Protocol is "rip" ! The running Protocol Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Sending updates every 30 seconds, next due in 15 seconds !This is the interval Between updates Invalid after 180 seconds, hold down 180, flushed after 240 !'invalid after' - after 180 seconds, the route will be declared invalid Redistributing: rip ! redistributed for protocols Default version control: send version 2, receive version 2 ! version Interface Send Recv Triggered RIP Key-chain FastEthernet0/0 2 2 Serial1/0 2 2 Serial1/1.501 2 2 Loopback0 2 2 !Interfaces RIP is running on. You can change this using the passive-interface command Automatic network summarization is not in effect Maximum path: 4 !This is the number as seen under interfaces above. Note the loopback interface is counted :-) Routing for Networks: 10.0.0.0 172.20.0.0 192.168.10.0 192.168.20.0 ! Networks being RIP is operationg/routing for. I had always assumed using unicast neighbors would negate the need for putting in networks for point to point links. I'll test this again and probably revert later on. Routing Information Sources: Gateway Distance Last Update 192.168.10.1 120 00:00:18 192.168.20.1 120 00:00:13 Distance: (default is 120) *Important, enable 'debug ip rip' and 'debug ip rip events' for a clearer visibility of whats going on..... |
R0
R0(config-router)#do sh ip int br Interface IP-Address OK? Method Status Protocol FastEthernet0/0 20.20.20.1 YES manual up up Serial1/0 192.168.10.1 YES manual up up Serial1/1.105 192.168.20.1 YES manual up up Loopback0 172.20.1.1 YES manual up up to verify reachability: ping all the other router's addresses. I use tcl both for dempnstration and to make life easier - I assume for the lab I'll have many many 'places' to ping and a script will come in handy: R0#tclsh R0(tcl)# R0(tcl)#! R0(tcl)#foreach address { +>(tcl)#10.10.10.1 +>(tcl)#192.168.10.2 +>(tcl)#192.168.20.2 +>(tcl)#172.20.2.1 +>(tcl)#} { +>(tcl)#Ping $address +>(tcl)#} Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 108/156/248 ms Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.10.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 92/130/188 ms Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.20.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 68/148/212 ms Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.20.2.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 100/123/164 ms R0(tcl)#tclquit R0#sh ip route rip 172.20.0.0/32 is subnetted, 2 subnets R 172.20.2.1 [120/1] via 192.168.20.2, 00:00:11, Serial1/1.105 [120/1] via 192.168.10.2, 00:00:11, Serial1/0 10.0.0.0/24 is subnetted, 1 subnets R 10.10.10.0 [120/1] via 192.168.20.2, 00:00:11, Serial1/1.105 [120/1] via 192.168.10.2, 00:00:11, Serial1/0 |
Did you notice the offset-list 0 out 14 Serial1/0 command on R1?, this if sent outbound can help you ensure a router you dont have control over doesn't send your routes to any of its neighbors via RIP. The HOP count will be 15 in my case so R1 can't send out that route.*They could choose to redistribute via another protocol and ignore the metric. you could also use the offset to decide which Interface should receive what network.
An offset list is the mechanism for increasing incoming and outgoing metrics to routes learned via RIP. Alternatively prefix lists and extended access lists can also be used.
eg :
Test route filtering eg allow 20.0.0.0 from 2.3.4.5
ip prefix-list FILTER permit 10.0.0.0/8 !(thats what will appear on routing table.
ip prefix-list SOURCE permit 2.3.4.5
distribute-list prefix FILTER gatewat SOURCE in
or use an extended access-list:
access-list 100 permit ip host 2.3.4.5 host 10.0.0.0
distribute-list 100 in
*this second method here is not really documented but it works
Thats it for RIP for now.
http://www.cisco.com/en/US/docs/ios/12_0/np1/configuration/guide/1crip.html#wp4653
*A few un-related questions:
1 : I edited and fixed the tables and their width. i like th enew width size now!
2: How do i upload zipped files? I had said I'd send out the dynamips .net and nvram files....I can't see a quick way to do this on blogger. --- Please note I found a workable soution and uploaded the files, you can pick and play here! in .zip format
Posts
No comments:
Post a Comment