Monday, 30 December 2013

OSPF

           Open Shortest Path First           

1) Introduction-

 -Allow routers to dynamically learn routes from other routers and to advertise routes to other routers.
-Keep track of the state of all network connection or links between itself and a network. 
-Link-State routing protocol.
-Most widely used 'Interior Gateway Protocol(IGP)'
-Operate within a single Autonomous System (AS).
-Transport IP, protocol type-89.
-Uses a Link-State routing algo. or shortest path first algo.
-Computes shortest path route using a method based on Dijkstra's  algo.
-Support VLSM/ Classless.

OSPF - Metric-

- Select the best path routes by finding the lowest cost path to a destination.
- All routers interface or links are given a cost
   - Based on bandwidth.
   - Can be set explicitly.

OSPF - Update destination address-

-Use 2 multicast address
    -224.0.0.5 (Sent to all SPF Router)
    -224.0.0.6 (Sent to all designated router)

OSPF - Areas-

-Uses areas to organize a network into hierarchical structure.
-Reduce the no of advertise routes.
-Reduce network load.
2.OSPF - Router ID-

 -Unique identifier for each router.
-OSPF RID's are 32-bit numbers written in dotted decimal.
-Just like an Ip address.
-Using an Ip address is a convenient way to find a default RID.
-Alternatively the OSPF RID can be directly configured.
-By default RID is highest Ip address configured on any interface of router.
-Making loopback on router is best way to crate RID.


 
Posted by at No comments:
Labels:

Backup and Restoring the Cisco IOS

Backup and Restoring the Cisco IOS--

 I want to save my configuration of router in a TFTP server so in case of any failure like RAM is corrupted and we need to change or some time we need to change router also.So in this case we don't need to configure new router again we can use our saved configuration.



1.Backup--

First we will take backup of our router configuration.

Router# show version

 After apply this command you'll see a large message in that message try to find

"System returned to ROM by power-on
System image file is "c2800nm-advipservicesk9-mz.124-15.T1.bin""

This is image of router IOS . Now copy the image file (as highlighted text ).


Router#copy flash: tftp:
Source filename []? c2800nm-advipservicesk9-mz.124-15.T1.bin
Address or name of remote host []? 192.168.2.2
Destination filename [c2800nm-advipservicesk9-mz.124-15.T1.bin]?

Writing c2800nm-advipservicesk9-mz.124-15.T1.bin....!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 50938004 bytes]

50938004 bytes copied in 7.605 secs (6697000 bytes/sec)

So now you have saved your IOS on TFTP server.
2.Restore--

 Router#copy tftp: flash:
Address or name of remote host []? 192.168.2.2
Source filename []? c2800nm-advipservicesk9-mz.124-15.T1.bin
Destination filename [c2800nm-advipservicesk9-mz.124-15.T1.bin]?

Posted by at No comments:
Labels: ,

Password Recovery Of Router

Password Recovery Of Router---

 If you are newly appointed in a organization and previous Network Admin have set password for router and no body have any idea about that password. So now what to do---

Here are some simple steps by which you'll understand how you can recover your router password or can say how you can set new password without knowing existing password.

 1.Reboot the router

 2.Break the router booting process (by pressing break button)

 3.Now it'll show a message like-- monitor: command "boot" aborted due to user interrupt

4.rommon 1> confreg 0x2142

 5.rommon 1>reset ,    

and press enter and router will reboot again, and.

 6.Router#copy startup-config running-config and press enter for confirmation

 7.Now apply a New password 

 8.Again set the register to it's default

 Router(config)#config-register 0x2102

Configuration Register--

-16 Bit Software register that's written into NVRAM 
-By default config register is set to load the Cisco IOS from flash mamory
config
register     2        |        1       |         0    |      2
                      |                |              |       
Bit                   |                |              |
Number  15  14  13  12| 11  10  9  8   |  7  6  5  4  |3  2  1  0
                      |                |              |      
Binary  0   0   1   0 | 0   0   0  1   |  0  0  0  0  |0  0  1  0
So if we make 1 on 6th position it'll ignore the NVRAM contents.

Posted by at No comments:
Labels: ,

VTP

VTP (VLAN Trunking Protocol)

I am Network Admin at some organization and I have so many switches in my Network. All switches are in same network and connected to each other either directly or indirectly. Now I need to control all switches from my room. Scenario is like---
 
Befits-
  
    If you are using VTP then you don't need to go on each switch you can control from Server Switche. It'll save your time and it is provide security also.

Modes-

  VTP have 3 mode-

1.Server- There should be at-least 1 switch should be in Server mode. In server mode you can create, delete and modify vlan's.

2.Client- In client mode you can't create, delete and modify vlan's. Only you can assign ports to vlan's.

3.Transparent- If you are making some changes on Server Switch then it'll reflect on only Client Switches.It'll not affect Transparent Switch. Transparent switches can forward VTP Traffic without making changes.

Configuration- 

1. Make trunk port to all ports which are connected to another switches.

(Note-- Apply S#show interface switchport 
  Yo can see that--
Administrative Mode: dynamic auto
Operational Mode :Static Access 

So Admin Mode is in Dynamic Auto mode it means if it detect a trunk port on another end it'll convert in Trunk port automatically.So for easiness do this configuration on switch 2 and 3 because these 2 switches are connected to all switches.)

S2#Conf t
S2(config)#interface range fastEthernet 0/1 - 3
S2(config-if-range)#switchport mode trunk
S3(config)#interface range fastEthernet 0/1 - 3
S2(config-if range)#switchport mode trunk

2.Now time to enable VTP on switches for doing this we need to give 3 information to all switches.
   (i) VTP Domain Name
   (ii) VTP Mode
   (iii) VTP Password 

(Note- No need to give Domain name to each switch every time, because when you are configuring VTP domain name on one switch all switches which are directly connected to this switch and have trunk port will have this information.)

(Note- By-default all Cisco switches are in Server mode so no need to configure Mode Server again. So if you want to make a switch client or transparent configure it.)

So on S2 and S3--

S(config)#vtp domain cisco
S(Config)#vtp password ccnp
S(config)#vtp mode client/transparent

 on S1--
S(config)# vtp password ccnp

 on S4, S5, S6, S7--
S(config)#vtp mode client/transparent
S(config)#vtp password ccnp

 (Note---Domain Name and Password must be same in whole network.)

Testing-

Now create VLAN on your server switch and see changes in Client Switches.

To see vlan's-

S# show vlan

 Now apply 

S# show vtp status

By this command you can see- 

VTP Operating Mode---Server or Client which you have set.

VTP Domain Name - ccnp

Configuration Revision - How many changes you have made in vlan's.

And you can see one more thing Maximum Vlans supported locally-255

(Note- Configuration Revision of Transparent switch always zero (0). And if you want to make Configuration Revision no zero to all switch there there are two option first change your domain name another one delete vlan database.

First one you can do easily and for second one-
S# show flash:

now you'll see a database of vlans name as---vlan.dat. You need to delete this database.So-
S#delete vlan.dat and after 2 confirmation it'll delete, and now you can see you status of vtp again.)



 

 



Posted by at No comments:
Labels: ,

Thursday, 26 December 2013

OSI in brief


Posted by at No comments:
Labels:

Tuesday, 24 December 2013

NAT (Network Address Translation) in funny way... :P




Posted by at No comments:
Labels: ,

Saturday, 21 December 2013

TCP Load Distribution using Rotary NAT

An organization has multiple servers that serve multiple hosts. Using Rotary NAT, a virtual server is established in the inside network which communicates with real servers. Destination addresses that match an access-list (permitting the IP address of virtual server) are replaced with addresses from a rotary pool. Allocation is done on a round-robin basis. The NAT router performs the following steps when translating rotary addresses-
  1. A host opens a TCP connection with virtual server 10.1.1.5
  2. The router receives the connection request and creates a translation, allocating the next real server IP address.
  3. The router replaces the destination IP address with the selected real IP address and forwards the packet.
  4. The server receives the packet and responds.
  5. The router receives the packet and performs the NAT table lookup. The router then translates the source address to virtual server IP address forwards the packet.

Configuration:

We define a pool of addresses containing the addresses of the real servers. This can be done using the global configuration command-

    ip nat pool name start-ip end-ip {netmask netmask | prefix-length prefix-length} type rotary
ip nat pool SERVER_LIST 10.1.1.10 10.1.1.11 prefix-length 24 type rotary

We define an access-list permitting the address of virtual-server 10.1.1.5. Non-TCP traffic is passed untranslated.
access-list 110 permit tcp any host 10.1.1.5

Then we establish dynamic inside destination translation specifying the access-list defined above. This is done using the global configuration command-

    ip nat inside destination list access-list-number pool name
ip nat inside destination list 110 pool SERVER_LIST

Lastly, we define inside and outside interface for NAT.
interface fastethernet 0/0
 ip nat inside
!
interface fastethernet 0/1
 ip nat outside
!


Verification:

When multiple Telnet sessions (TCP session, port 23) are established to virtual server IP address 10.1.1.5, the NAT router allocates IP addresses of different internal servers in a round-robin fashion. The following output shows that 3 different Telnet sessions are opened to 10.1.1.5. The NAT router allocates the first session to 10.1.1.10, second session to 10.1.1.11 and third session back to 10.1.1.10

NAT Translation Table

NAT_Router# show ip nat translations
Pro Inside global      Inside local       Outside local      Outside global
tcp 10.1.1.5:23        10.1.1.10:23       192.168.1.2:24440  192.168.1.2:24440
tcp 10.1.1.5:23        10.1.1.10:23       192.168.1.2:50804  192.168.1.2:50804
tcp 10.1.1.5:23        10.1.1.11:23       192.168.1.2:38530  192.168.1.2:38530
Posted by at No comments:
Labels: , ,

Routing Redistribution on Cisco Routers

In order for two Layer 3 devices (routers or layer 3 switches) to be able to exchange routing information, it is necessary to use the same routing protocol, such as RIP, EIGRP, OSPF, BGP, etc. Different routing protocols, or protocols configured differently (eg different EIGRP autonomous system) do not exchange information.
However, when a device learns routing information from different sources (eg static routes or using different protocols) Cisco IOS allows the information learned from a specific source to be published to other devices using a different protocol. For example, a route learned through RIP can be advertised to other devices using OSPF. This is what is called “redistribution” of routes: Using a routing protocol to advertise routes that are learned through other means (other protocol, static routes or directly connected). To configure route redistribution some rules must be in place:
  • The redistributed route must be present in the routing table.
  • The redistributed route will be received by the neighbouring device with a new metric as configured by the redistributing router.
What is it used for?

In principle it is desirable that a network should use a single routing protocol. However, in some cases we may require the use of redistribution: two companies merged, different departments of a company managed by different teams, multi-vendor environments, migration, etc. When addressing a redistribution of routes scenario we should take into account particular aspects of routing: different metrics, administrative distance of each protocol, the capabilities of classful and classless routing, and network topology.
Metrics

Each routing protocol uses a different metric. This causes the routes redistributed to lose the original metric of the protocol and the metric is redefined in terms of the new protocol. For example, if an OSPF route is redistributed with a metric of 1642 in RIP, RIP metric uses number of hops (between 1 and 15). So you must change the metric before redistributing to RIP.
The metric with which a protocol receives the routes learned by another metric is called seed metric.
Each protocol uses a default seed metric:
RIP – default seed metric: infinity.
EIGRP – default seed metric: infinity.
OSPF – default seed metric: 20.
The default seed metric can also be modified using the “default metric” command.
The basic commands
When you configure redistribution of protocols, you should indicate how to redistribute routing information, and how we want to measure these routes (metric) when they are redistributed. If we do not indicate anything, the routes are redistributed with the default metric.
Router (config) # router rip
Router (config-router) # network 129.100.0.0
Router (config-router) # redistribute ospf 1 metric 2
In this example we tell the router to redistribute routing information into RIP when learned through the OSPF process 1 which is in the routing table, with a metric of 2 hops.
Redistribution in EIGRP
To redistribute routing information into EIGRP, it should be noted that the default metric is infinite. Therefore, if you do not specify metric for redistributed routes, they will not appear in the routing table of the neighbouring device.

Furthermore, by defining the metric it should be noted: bandwidth, delay, reliability, load and MTU.

An example:
Router (config) # router eigrp 100
Router (config-router) # redistribute static
Router (config-router) # redistribute rip
Router (config-router) # default-metric 10000 100 255 1 1500
Redistribution in OSPF
The default metric used by OSPF is 20, so it does not require us to specify a metric for the route learned by the adjacent devices. However, when there are multiple subnets on the same network and you want to publish routes for each subnet, you must configure a metric otherwise OSPF will summarize all subnets in the class boundary and publish a single route.

An example:
Router (config) # router ospf 1
Router (config-router) # redistribute static metric 200 subnets
Router (config-router) # redistribute eigrp 100 metric 500 subnets
RIP redistribution
Like EIGRP, RIP redistributes the protocols using a default metric of infinity, so it is necessary to specify a different metric in order for the neighbour router to incorporate the routing information in its table.

An example:
Router (config) # router rip
Router (config-router) # redistribute static metric 1
Router (config-router) # redistribute ospf 1 metric 2
Posted by at No comments:
Labels: , ,

Copying files on a Cisco Router via FTP

This example enters the FTP username and password into the routers config.

Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config) #ip ftp username ernie
Router(config) #ip ftp password erniepassword
Router(config) #end
Router#copy ftp: running-config
Address or name of remote host [192.168.1.1] ? 192.168.1.1
Source filename [ ] ? test
Destination filename [ running-config] ?
Accessing ftp://192.168.1.1/test. . .
Loading /test
[ OK - 24/4096 bytes]
24 bytes copied in 0. 276 secs (87 bytes/sec)
Router#

This example uses the username and password entered into the command line which overrides any username/password configured in the router's config.

Router#copy ftp: //ernie:erniepassword@192.168.1.1/c3845-advipservicesk9-mz.124-3i.bin slot1:
Destination filename [c3845-advipservicesk9-mz.124-3i.bin] ?
Accessing ftp: //ijbrown: ianpassword@192.168.1.1/c3845-advipservicesk9-mz.124-3i.bin. . .
Loading pub/c3845-advipservicesk9-mz.124-3i.bin ! ! ! !
Erase slot1: before copying? [ confirm]
Erasing the slot1 filesystem will remove all files! Continue? [ confirm]
Erasing device. . . eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee . . . erased
Erase of slot1: complete
Loading pub/c3845-advipservicesk9-mz.124-3i.bin
! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
[ OK - 11819052/4096 bytes]
Verifying checksum. . . OK (0x3256)
11812352 bytes copied in 266. 956 secs (44573 bytes/sec)
Router#
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)