Manomay-Institute

Manomay-Institute Computer Networking Classes

07/07/2015

RIP Timers

“RIP” this is the first interior gateway protocol that we learn when we start studying routing. RIP is easily configurable with very less configuration. In simple words it’s a distance vector routing protocol, uses hop count as metric (Bellman Ford algorithm) with maximum hop count 15 & 16 considered as unreachable, broadcasts full routing table every 30 seconds, no partial update, no trigger update, takes very long to converge & it uses four timers “Hello (30), Invalid (180), hold down (180) & Flus (240/420)”

Yes RIP is very simple & easily understandable, but how many of really understand RIP timers....??

I have seen many of my mates who kept on googling & searching books to find how exactly the timers works & they are still confused. They couldn't found the clear cut information about RIP timers.
So I am trying to put some light on how RIP convergence works or how timers come into the picture.

Let’s take an example of two routers, where RIP is running between R1 & R2. Network 10.0.0.0 is directly connected to R1, R1 sent update about network 10.0.0.0 to R2.

10.0.0.0 --------------> R1 R2

HELLO TIMER: - R1 sends periodic update (information about network 10.0.0.0) to R2 after every 30 seconds. These periodic updates are also called as hello packets that work like a keep alive between two routers. So the time period between two consecutive updates is called as hello timer

INVALID TIMER: - Suppose due to some reason R2 stops receiving hellos from R1. R2 will not consider R1 down until it misses 6 consecutive hellos (that is 180 seconds from the time when last hello was received) from R1. After 180 seconds it considers all the routes learned via R1 as invalid & mark them unreachable by changing their metric to 16 hops. So this is Invalid state for that particular route. And the timer from 0(when last hello received) to 180 seconds is the Invalid timer.

HOLD DOWN TIMER: - After completing the Invalid timer the route to network 10.0.0.0 on R2 enters to hold down timer where it remains for another 180 seconds that is from Invalid timer which is 180 to 360 seconds. In hold down state it will not accept the route information about the invalid route from any other neighbor. This timer or state is cisco proprietary & is a part of loop prevention mechanism.

FLUSH TIMER: - After completing the hold down timer it enters into the Flush timer which is 60 second post hold down timer expiration that is 420 seconds since the last hello was received. After completing 420 seconds the route is removed from the routing table.
When we talk about a non cisco device, there we don’t have a hold down timer so after Invalid timer it directly enters to flush timer. Hence in that case the flush timer ends in 240 seconds since last hello received.

Let’s add something more to our concept:-
When talking about Router connection we always have two types of scenarios “one where two routers are directly connected using a network cable & other where there is a layer 2 switch between them”.
Here we have three routers R1, R2 & R3. R1 & R2 are connected through a L2 switch SW. R2 is directly connected to R3 through a network cable. Network 10.0.0.0 is directly connected to R1 & network 30.0.0.0 is directly connected to R3. R2 learn about network 10.0.0.0 from R1 & R3 learn about 10.0.0.0 from R2. Similar way R2 learn about network 30.0.0.0 from R3 & sends the information about network 30.0.0.0 to R1 though periodic update

10.0.0.0 --- (R1) ------|SW|----- (R2) ------------- (R3) -----30.0.0.0

Case 1:-
Suppose link between R1 & SW gets disconnected. Hence R2 stops receiving hellos from. R2 waits for 180 seconds (invalid timer) & After 180 seconds it considers routes learned via R1 as invalid (which is network 10.0.0.0 here) & mark them unreachable by changing their metric to 16 hops and enters into Hold down state (timer). In hold down it waits for another 180 seconds. After completing hold down timer it starts flush timer & remains there for next 60 seconds. After completing flush timer it removes route from its routing table.
00----Invalid----->180------Hold down----->360----Flush---->420

Case 2: -
Suppose the cable between R2 & R3 goes down, due to which the physical interface or R2 immediate change state to down. So it will not wait for the invalid timer but it immediately change the route to network 30.0.0.0 as invalid & mark it unreachable by changing the hop count as 16. & it will send a trigger update to R1 also that the network 30.0.0.0 is invalid now. Hence here in this case it will bypass the invalid timer & directly enters to Hold down. R2 & R3 remains in hold down state for 180 seconds & then start the flush timer for next 60 seconds & finally flush the route to network 30.0.0.0 from their routing table in 240 seconds.
(Start as invalid route) 00-----Hold down---->180---Flush--->240

# So we have finally concluded that RIP also have a trigger update function, it triggers invalid route updates for directly connected link failures.

ICMP-type values
03/07/2015

ICMP-type values

03/07/2015

PING

Ping is a network diagnostic tool that’s used to check if a host in a network is alive and responding. Ping uses ICMP messages. More particularly ICMP query messages.
ICMP (Internet Control Message Protocol) is a companion to the IP protocol. It compensates the IP protocol in error reporting since IP protocol doesn’t have an error reporting method in place. ICMP only reports errors and expects higher layers of the OSI architecture model to handle and correct the errors.

ICMP has two types of messages - error reporting messages and query messages. Query messages are generally used to diagnose network problems. There are two types of query messages -
• Echo-request message
• Echo-reply message

So what happens when we ping a machine?
• The source sends an ICMP echo-request message to the destination.
• The ping program sets an sequence identifier which gets incremented with each echo-request message. It also sets a TTL (Time-to-live) period.
• Ping also inserts the sending time in the data section of the message.
• If the host is alive and responding, it sends an ICMP echo-reply message back to the source.
• Ping notes the time of the arrival of the response message, uses the sending time in the message part and calculates the Round-trip time
• It then increments the sequence identifier (as said above) and sends a new echo-request message. This goes on for the number of ping requests set by the user or the program is terminated.
The whole of the data is calculated to summarize the percentage of packet loss and other such information and the summarized data is then displayed, showing the number of packets transmitted, received, percentage of packet loss, total time taken, the minimum, average and maximum round-trip time. This of course, is in addition to the data displayed live when the program is running.

For ping TTL is 255 which is decremented by 1 for every hop
but it never gets to 0 as there is a default timer on ping of 2 seconds on cisco routers...and it would most probably time out (2 seconds) before it actually got sent to 255 devices.

01/07/2015

Secondary IP address on router's interface

Cisco IOS software supports multiple IP addresses per interface. You can specify an unlimited number of secondary addresses. Secondary IP addresses can be used in a variety of situations. The following are the most common applications:

•There might not be enough host addresses for a particular network segment. For example, suppose your subnetting allows up to 254 hosts per logical subnet, but on one physical subnet you must have 300 host addresses. Using secondary IP addresses on the routers or access servers allows you to have two logical subnets using one physical subnet.

•Many older networks were built using Level 2 bridges, and were not subnetted. The judicious use of secondary addresses can aid in the transition to a subnetted, router-based network. Routers on an older, bridged segment can easily be made aware that many subnets are on that segment.

•Two subnets of a single network might otherwise be separated by another network. You can create a single network from subnets that are physically separated by another network by using a secondary address. In these instances, the first network is extended, or layered on top of the second network. Note that a subnet cannot appear on more than one active interface of the router at a time.

To assign multiple IP addresses to network interfaces, use the following command in interface configuration mode:

Router(config-if) # ip address ip-address mask secondary

Example - Say you have a network on an interface with 192.168.1.0/24 and you run out of IPs and you need to put more servers there and not impact anything else. You can use sec IP on that interface and bring up another range like 192.168.2.0/24. Another practical use of secondary address is during IP address space migrations.

With secondary addressing, multiple IP subnets coexist in the same LAN. It's a handy tool for non-disruptively adding IP addresses to an existing LAN, without making changes to the LAN itself, and without having to renumber IP interfaces in existing subnet(s) on that LAN.

I've seen it used in data centers. On day 1, someone has 140 servers, so they get a /24 from ARIN. A couple of years later, the hosting company grows so that they need to have more than 254 web servers to keep up with hosting demand, so they ask ARIN for another /24. Unfortunately, the new /24 is not adjacent to the old one, so they can't be combined as a /23. The hosting company's LAN still has sufficient bandwidth for the servers, so they just want to add the new /24 on the existing LAN.

Question: if I put the interface in a vlan wouldn't BOTH IPs, (main and secondary) be in the same vlan?

Yes, this is correct.

Extract from https://learningnetwork.cisco.com/thread/38959

29/06/2015

Bandwidth-percent command in EIGRP

The enhanced implementation uses the configured interface bandwidth in order to determine how much EIGRP data to transmit in a given amount of time. By default, EIGRP will limit itself to using no more than 50% of the interface bandwidth. The primary benefit of controlling EIGRP's bandwidth usage is to avoid losing EIGRP packets, which could occur when EIGRP generates data faster than the interface line can absorb it. This is of particular benefit on Frame Relay networks, where the access interface bandwidth and the PVC capacity may be very different. A secondary benefit is to allow the network administrator to ensure that some bandwidth remains for passing user data, even when EIGRP is very busy.

Configuration Commands
ip bandwidth-percent eigrp as-number percent

The bandwidth-percent command tells EIGRP what percentage of the configured bandwidth it may use. The default is 50 percent. Since the bandwidth command is also used to set the routing protocol metric, it may be set to a particular value to influence route selection for policy reasons. The bandwidth-percent command can have values greater than 100 if the bandwidth is configured artificially low due to such policy reasons.

For example, the following configuration allows IP-EIGRP AS 109 to use 42Kbps (75% of 56Kbps) on Serial 0:

interface Serial 0
bandwidth 56
ip bandwidth-percent eigrp 109 75

Source: http://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/13672-12.html

28/06/2015

OSPF Auto-Cost Reference Bandwidth

By default, an interface's OSPF cost is based on the port speed of the interface. The cost is calculated by dividing the reference bandwidth by the port speed.

The default reference bandwidth for OSPF is 100 Mbps. That means the bandwidth (in Mbps) is divided by 100 to calculate the OSPF cost of a particular link.

OSPF cost = 100/Bandwidth (in Mbps)

With above formulae the OSPF cost of a 100 Mbps link will be 1. Now what will be the cost of links faster than 100Mbps, will that come in fractions?
No, the cost for all links faster than 100 Mbps remains 1.

Now suppose we have two paths from router 1 to reach to network X. One through Fast Ethernet (100Mb) & another through Gigabit Ethernet (1000 Mbps). As the default reference bandwidth is 100, so the cost for both paths would be 1. Hence the router would not be able to choose Gigabit interface as the best path.

To overcome the above problem we have a concept of increasing the reference bandwidth in OSPF.

If we increase the reference bandwidth to 1000, the OSPF cost for Fast Ethernet link will become 10 & the cost of Gigabit will become 1. Hence the Router will easily choose the path with lowest cost
OSPF cost for Fast Ethernet: 1000/100 = 10
OSPF cost for Gigabit Ethernet: 1000/1000 = 1

Increasing the reference-bandwidth allows a more granular OSPF design. If changed it should be changed on all routers in the OSPF domain.

Cisco command for changing OSPF reference bandwidth:-
router ospf 1
auto-cost reference-bandwidth 1000

26/06/2015

Routing Loop in OSPF & its prevention using Backbone area..??

Well according to me this is just a hypothetical question, and doesn't have its existence.
All areas must connect to Area 0 because OSPF acts as a Linked-state protocol within an area & Distance-vector outside the area. That is because OSPF sends summary LSA 3 between areas, which only advertises the ABR's Router ID as the origin of the routes coming from its area. The area receiving the update (summary LSA 3) from another area will see the connected ABR's RID as the next hop for all the destinations within that area. So, if we connect two area directly without Area 0 in between, this will give rise to a loop.

Let’s take an example to explain the above rule. Suppose we have three areas, Area 1, 2 &3 that are cyclically interconnected as 1->2->3->1. Full routing information is passing between these areas.
Suppose Area 1 contains a network 1.1.1.0/24 & assume router in Area 2 chose best to network 1.1.1.0 via Area 1 & Area 3 has chosen best path to reach to network 1.1.1.0 through Area 2 (However Area 3 & Area 1 are directly connected but I am taking it as a hypothetical condition).
Network 1.1.1.0 suddenly gets disconnected. Now LSA1 & LSA2 with in Area 1 does not contain the information about network 1.1.1.0 anymore. However, let's assume that the information change has not yet been fully propagated via LSA 3 to other areas (routing loops within a single routing protocol are usually caused by outdated information which is unduly trusted).
As a result, the reachability to network 1.1.1.0 will be derived via LSA 3 advertised from Area 3 back to Area 1. Now routers in Area 1 may choose to send the traffic for network 1.1.1.0 to Area 3 areas, Area 3 will send the traffic for network 1.1.1.0 to Area 2, which in turn send it back to Area 1. So here it will turn into a loop.

Above scenario is completely hypothetical as it violates the basic rule of ospf that every area should be directly connected to Backbone area which is Area 0 & not two areas except Area0 can have direct connection
Again this was just to illustrate how loops are created and how having a backbone solves that problem. The purpose of the backbone is to eliminate redundant paths between areas. If all paths must go through the backbone, then there can't be redundant paths. Other routing protocols use split horizon to prevent this problem.

So when someone talks about possible routing loops they are only talking about a hypothetical situation that could occur if OSPF areas were allowed to exchange routes between themselves without the use of an area 0. You can't actually get a routing loop this way with OSPF because if you have multiple areas without an area 0 they are in fact treated as separate OSPF processes and would not exchange routes anyway.

26/06/2015

Auto-summarization in Eigrp:-

When a router running Eigrp have Auto-summary enabled, this router summarizes all network updates between (DIFFERENT MAJOR NETWORK BOUNDARIES).

This means, if the major network between different routers running eigrp with auto-summary enabled are the SAME, then it WILL NOT summarize any network updates.

Lets take a look at your example:

R1 has no auto-summary and advertises Network 10.0.0.0/24 to R2, if the Link between R2 and R3 is from the same major Network 10.x , for example 10.1.1.1/24, then R2 WILL NOT advertise a summary route of 10.0.0.0/8 to R3, Even though R2 has Auto-Summary enabled. (because they are not in DIFFERENT Major Network Boundaries).

However, if the Major Network between R2 and R3 is different than 10.x, then it will advertise a summary route of 10.0.0.0/8 to R3. for instance, if the Link between R2 & R3 is from the Network 192.168.x or 172.16 or Whatever but NOT the 10.x, then a Summary of 10.0.0.0/8 would be sent from R2 to R3 , and R3 would have 10.0.0.0/8 in its routing table.

24/06/2015

EIGRP AD Value 5..??

When routes are summarized via EIGRP, the router installs an EIGRP route to the summary in the local routing table with an Administrative Distance of 5 and points it to Null0. What this means is that if a packet arrives and the longest match is the summary, it will be dropped. If the longest match is the summary, it either means that your specific subnet route to that part of the summary was lost, or you never had it in the first place and were advertising address space that you didn't have a specific route to.

For example, suppose that you have the following networks in EIGRP that you want to summarize:

10.0.0.0/24
10.0.1.0/24
10.0.2.0/24
10.0.3.0/24

These networks fall neatly in to the summary 10.0.0.0/22. When EIGRP creates the summary, it will stop advertising the four /24 networks, start advertising the /22, and install a route for 10.0.0.0/22 via Null0 in the local table. As long as the router always knows the four specific /24 routes, the /22 via Null0 will never be used due to the longest match routing principle. However, suppose now that the segment connecting to the subnet 10.0.2.0/24 goes down and that network becomes unreachable.

When a packet arrives for a destination in that subnet, suppose 10.0.2.100, the longest match is now 10.0.0.0/22 via Null0, and hence the packet is dropped. This prevents the router from using a shorter match route, like a 0.0.0.0/0 default route, to forward packets to a portion of the network that they are unlikely to reach the real final destination. For example if your default route points to the Internet, it wouldn't help you to forward traffic for your internal network 10.0.2.0/24 out to the Internet. This is why the Null0 route is there by default. There can however be designs where you do not want packets dropped if you don't have a longer match, and you do want to fall back to a shorter match route like a default. In this very particular case, this is what the Administrative Distance of the EIGRP summary is used for.

Since the AD of the Null0 route is 5, this allows you to configure a static route with a distance of anything 1 to 4, and have this preferred over the Null0 route. However this static route would only be used if you lost the more specific route to begin with. Now let's look at this in the scope of the same previous example. The four /24 subnets are summarized to /22. A /22 route with an AD of 5 points to Null0. A static route for the /22 is then configured out another interface that matches the summary, but uses an Administrative Distance of 1. This means that the static route is installed in favor of the Null0 route.

As long as the router maintains the four /24 subnet routes, again the /22 will never be used due to longest match routing rules. However if one of the subnet routes goes down, again suppose 10.0.2.0/24, the next longest match in line is the static route for 10.0.0.0/22, not the Null0 route. The end result if this is that you basically have a last ditch effort for forwarding packets that are matched by the summary.

It's a very very specific design case that you'd have to get into to even need this in the first place, but the key point is that the EIGRP process allows you to do this by making the Null0 route have a distance less than all dynamic protocols, but greater than a static route. This prevents route feedback of the summary being learned back in dynamically, but still allows you to override it with a static route.

From Cisco Press
Every time autosummarization or manual summarization takes place, EIGRP installs the summary route with the next hop to Null 0. This is a loop-prevention mechanism for EIGRP's summary routes. In this case study, this is exactly what happens—EIGRP does not install a route from its neighbor that falls within its summary range.

Routing Process on a router
24/06/2015

Routing Process on a router

Administrative Dastance of Routing Protocols
24/06/2015

Administrative Dastance of Routing Protocols

31/05/2015

Load balancing using Performance Routing pfr/OER:-
( https://supportforums.cisco.com/document/32216/load-balancing-using-performance-routing-pfroer)

Introduction:

Cisco Performance Routing pfr is one of the most intelligent Cisco IOS services that can handle traffic routing automatically to achieve the most reliable and none stop traffic forwarding between sites and over multiple routers and links.

Cisco pfr optimizes routing and route selection based on real time measurements of the available paths and select the best path with regard to the defined polices, such as traffic delay, jitter or link utilization, which make it more flexible and convenient especially with the implementations of converged networks (Voice, Video and DATA).

Using only a standard dynamic routing protocol such as BGP with two ISPs, if one of the ISPs experiencing problems inside the SP network and a company has real time sensitive traffic this will make some issues such delay, jitter and/or packet loss, while from BGP perspective the other BGP peer is reachable and the BGP session is up.

With Cisco pfr the router now will be able to measure the traffic over all the available ISPs/paths, this measurement will be done by the edge routers that taking the role of a border router BR in pfr terminologies, while another router (either dedicated or co-existed in one of the BRs) will be the decision maker and all the BR will report the traffic measurements to it and this router called Master Controller MC, which works exactly as the brain of the pfr.

If any ISP link experiencing any problem such delay or jitter the BR connected to that ISP will report the traffic measurement to the MC and the MC will compare it to a predefined policy, if its considered out of policy OOP then the MC will start looking for another external link within the BRs that has better or in policy path, and there are several timers that can be configured and tuned such as bakoff timer to avoid route flapping and periodic interval which is the periodic time in minutes that the MC router start learn prefixes with a default value of 120 minute.

For more details please refer to the following link:

Performance Routing Q&A

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6599/ps8787/prod_qas0900aecd806c4f03.html

Configuration Example:

In this configuration example we will see how we can configure load balancing by using pfr in one edge router this edge router has two external links represent WAN or Internet links ( both are valid options) and this edge router configured as BR router and MC router.

the routing configuration is very simple only two defual routes each point to one of the ISP’s next hop IP.

ip route 0.0.0.0 0.0.0.0 10.1.1.10

ip route 0.0.0.0 0.0.0.0 20.1.1.10

EDGE_RTR ip route

Gateway of last resort is 20.1.1.10 to network 0.0.0.0

1.0.0.0/24 is subnetted, 1 subnets

C 1.1.1.0 is directly connected, Loopback0

20.0.0.0/24 is subnetted, 1 subnets

C 20.1.1.0 is directly connected, FastEthernet1/1

10.0.0.0/24 is subnetted, 1 subnets

C 10.1.1.0 is directly connected, FastEthernet1/0

C 192.168.1.0/24 is directly connected, FastEthernet2/0

S* 0.0.0.0/0 [1/0] via 20.1.1.10

[1/0] via 10.1.1.10

pfr.jpg

The criteria will be used here to do load balancing is link utilization, first we need to define the border router and basic MC configurations

interface Loopback0

ip address 1.1.1.1 255.255.255.0

key chain OER ---- for authentication

key 1

key-string oerkey

MC part:

oer master

max-range-utilization percent 2 ---- 2% only for this example ( if the range between external links utilization over 2 % then the MC will start to distribute the load between the links with regard to the max link utilization configured bellow as will )

logging

!

border 1.1.1.1 key-chain OER ----- local loopback as both BR and MC co-existed

interface FastEthernet1/1 external

max-xmit-utilization absolute 5 --- this means max utilization for this link 5 K ( just for the purpose of this example to see the link out of policy quickly )

interface FastEthernet1/0 external

max-xmit-utilization absolute 50 --- 50k ( this value for this example only )

interface FastEthernet2/0 internal

!

learn

throughput

periodic-interval 0 --- configured 0 to make sure all the time the router will learn prefixes ( for the purpose of this example only)

aggregation-type prefix-length 32 -- automatic aggregation of the prefixes that will be created by the MC automatically will have a prefix length with /32 in this example

mode route control

mode route metric static tag 2000 --- automatic static route entries created by the MC will have route tag as 2000

mode select-exit best --- always select the best in policy exit

resolve range priority 1 --- policy measurement criteria will give utilization range priority 1

resolve utilization priority 2 variance 1 --- link utilization priority 2

BR part:

oer border

local Loopback0 -- same ip address used in the MC part config for this BR

master 1.1.1.1 key-chain OER

!

EDGE_RTR oer master border

Border Status UP/DOWN AuthFail

1.1.1.1 ACTIVE UP 01:09:11 0

as it shown earlier in this document the routing table has only two static default routes each one points to a different ISP/ next hop

Now lets generate traffic from the inside network to simulate internal traffic and as we configured the link utilization of interface fa1/1 to a low value this interface will be considered OOP quickly

EDGE_RTR oer master prefix

EDGE_RTR #

: %OER_MC-5-NOTICE: Load OOP BR 1.1.1.1, i/f Fa1/1, load 24

policy 5

%OER_MC-5-NOTICE: Exit 1.1.1.1 intf Fa1/1 OOP, Tx BW 24, R

x BW 24, Tx Load 0, Rx Load 0

EDGE_RTR oer master prefix

Prefix State Time Curr BR CurrI/F Protocol

PasSDly PasLDly PasSUn PasLUn PasSLos PasLLos

ActSDly ActLDly ActSUn ActLUn EBw IBw

--------------------------------------------------------------------------------

100.100.100.100/32 DEFAULT* @29 1.1.1.1 Fa1/1 U

U U 0 0 0 0

U U 0 0 25 25

EDGE_RTR #

%OER_MC-5-NOTICE: Discovered Exit for prefix 100.100.100.100/32, BR 1.1.1.1, i/f Fa1/1

EDGE_RTR oer border routes static

Flags Network Parent Tag

CE 100.100.100.100/32 0.0.0.0/0 2000

EDGE_RTR ip route 100.100.100.100

Routing entry for 100.100.100.100/32

Known via "static", distance 1, metric 0

Tag 2000

Routing Descriptor Blocks:

* 10.1.1.10

Route metric is 0, traffic share count is 1

Route tag 2000

As it shown above a static route entry has been created automatically with a prefix length of /32 based on the prefix aggregation length specified in the MC config

Also the route tag is 2000 which is the tag value configured in the MC config as well, this tag maybe useful for redistribution or route filtering

Also the most important thing is that the created static route entry for the prefix 100.100.100.100/32 is through the Fa1/0

Because the first used link was fa1/1 and according to the previous logging message this link flooded with traffic and considered out of policy

: %OER_MC-5-NOTICE: Load OOPBR 1.1.1.1, i/f Fa1/1, load 24

policy 5

then the MC has chosen fa1/0 because it is not over utilized ( in policy )

now lets generate traffic again to over utilize fa1/0 :

%OER_MC-5-NOTICE: Load OOPBR 1.1.1.1, i/f Fa1/0, load 53

policy 50

%OER_MC-5-NOTICE: Exit 1.1.1.1 intf Fa1/0 OOP, Tx BW 53, R

x BW 53, Tx Load 0, Rx Load 0

New learned prefixes:

Prefix State Time Curr BR CurrI/F Protocol

PasSDly PasLDly PasSUn PasLUn PasSLos PasLLos

ActSDly ActLDly ActSUn ActLUn EBw IBw

--------------------------------------------------------------------------------

200.200.200.200/32 DEFAULT* @74 1.1.1.1 Fa1/0 U

U U 0 0 0 0

U U 0 0 29 28

100.100.100.100/32 INPOLICY 0 1.1.1.1 Fa1/0 STATIC

U U 0 0 0 0

U U 0 0 0 0

%OER_MC-5-NOTICE: Discovered Exit for prefix 200.200.200.200/32, BR 1.1.1.1, i/f Fa1/0

EDGE_RTR oer border routes static

Flags: C - Controlled by oer, X - Path is excluded from control,

E - The control is exact, N - The control is non-exact

Flags Network Parent Tag

CE 100.100.100.100/32 0.0.0.0/0 2000

CE 200.200.200.200/32 0.0.0.0/0 2000

EDGE_RTR ip route

200.200.200.0/32 is subnetted, 1 subnets

S 200.200.200.200 [1/0] via 20.1.1.10

1.0.0.0/24 is subnetted, 1 subnets

C 1.1.1.0 is directly connected, Loopback0

100.0.0.0/32 is subnetted, 1 subnets

S 100.100.100.100 [1/0] via 10.1.1.10

20.0.0.0/24 is subnetted, 1 subnets

C 20.1.1.0 is directly connected, FastEthernet1/1

10.0.0.0/24 is subnetted, 1 subnets

C 10.1.1.0 is directly connected, FastEthernet1/0

C 192.168.1.0/24 is directly connected, FastEthernet2/0

S* 0.0.0.0/0 [1/0] via 20.1.1.10

[1/0] via 10.1.1.10

It obvious from the above routing table we have two new static routes entries crated automatically by the MC each one point to a different next hop based on the link's utilization policy configuration. Here we achieved load balancing over tow links by using pfr.


Note:

You can implement NAT with this solution if its required by using ACLs and route maps

This example was configured and working with NAT:

EDGE_RTR ip nat translations

Pro Inside global Inside local Outside local Outside global

icmp 20.1.1.1:84 192.168.1.1:84 200.200.200.200:84 200.200.200.200:84

icmp 10.1.1.1:85 192.168.1.1:85 100.100.100.100:85 100.100.100.100:85

EDGE_RTR #

For a configuration example of using NATing with two links and route maps please see the document bellow:

https://supportforums.cisco.com/docs/DOC-8313

This was a simple pfr configuration example; with pfr you can configure more complex policies and measurements with active and/or passive monitoring using echo, tcp or udp props in conjunction with ip sla, also you can use a dynamic routing protocol instead of static routing such as BGP.

Address

J-30A, East Vinod Nagar
Delhi
110091

Telephone

+919711155566

Website

Alerts

Be the first to know and let us send you an email when Manomay-Institute posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Shortcuts

Share

Category