Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 27 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
27
Dung lượng
217 KB
Nội dung
FRAME-RELAY ü A point-to-point subinterface can only accommodate a single DLCI at any given time. Point-to- point sub-interfaces are treated by the IOS like a physical point-to-point interface and do not need either inverse-arp or frame-relay map statements. ü Multipoint DLCI’s rely on either inverse-arp or frame-relay map statements for proper operation. ü You must manually clear inverse-arp with a clear frame-inarp command to remove any undesired inverse-arp entries. ü The broadcast parameter is required for protocols such as OSPF ü If the router is reloaded inverse-arp will be disabled for any DLCI that is used with a frame-relay map statement. ü As a rule when configuring frame-relay map statements make note of the protocol and the DLCI specified if there are any inverse mappings for that same protocol referencing the same DLCI replace the inverse-arp entries with frame-relay map statements. ü Rules to remember when configuring point-to-point sub-interfaces are: o No frame-relay map statements can be used with point-to-point sub-interfaces o One and only once DLCI can be associated with a single point-to-point interfaces ü Without the frame-relay interface DLCI command, all DLCI’s are assigned to the physical interface ü Split horizon only blocks routing updates in a hub and spoke topology ü A Cisco IOS remedy to this split horizon problem is to disable split horizon on the hub router in a frame-relay network this can be performed at the interface configuration mode. ü Split horizon is disabled on frame-relay physical IP interfaces split horizon is enabled on frame- relay point-to-point and multi-point IP sub-interfaces. ü OSPF is not affected by the rule of split horizon since it does not apply it. ü A remedy to the problem of “hello mismatches” is using the Cisco IOS interface configuration command “IP OSPF network”: ü A popular selection for OSPF networks is the point-to-multipoint option ü When using only physical interfaces in a hub and spoke topology you need to add a frame-relay map statement on the spoke routers to assure spoke to spoke reachability nothing needs to be done to the hub router. ü If using point-to-point sub-interfaces each sub-interface must be configured as a separate sub net ü If a physical or multipoint sub interface is being used at the hub remember to disable split horizon at the hub Interface configuration: (physical) encap frame frame-relay lmi-type {cisco ansi q933a} note: after IOS 11.2 lmi is auto-sensed ip address { A.B.C.D mask } frame-relay map ip ip-address dlci Interface configuration: (sub-interface) ip address { A.B.C.D mask } frame-relay interface-dlci dlci note: PtoP can only have 1 dlci, PtoMP can have multiple dlci’s FR scenarios: ALL PHYSICAL: Add map statement to spokes (to other spokes). NOTHING needs to be done at Hub. ALL SUB-INTERFACES: Frame-relay interface-dlci statements on hub (PtoMP) and spokes (PtoP) note: distance vector protocols will be affected because of split horizon. Disable split-horizon a the hub. OSPF will have network type mismatches. PHYSICAL INTERFACE AT THE HUB AND PtoP SUBINTERFACES AT THE SPOKES: frame-relay interface-dlci dlci statements at the spokes MULTIPOINT SUBINTERFACE AT THE HUB AND PHTSICAL INTERFACES AT THE SPOKES: Add map statement to spokes note: add map to hub also because of the inverse-arp being disabled. frame-relay interface-dlci dlci statements at the hub ( or frame-map statements ) PtoP SUBINTERFACES AT THE HUB : Overcomes the problem of split-horizon without having to disable it. Note: each subinterface will need its own subnet EX. PVCs on same subnet interface serial 0 ip ospf network point-to-multipoint EX. PVCs on different subnets interface serial 0 ip ospf network broadcast SHOW and DEBUG : Show frame-relay pvc Show frame-relay map Show frame-relay lmi Deb ip packet Deb fram packet Clear frame-relay-inarp ISDN AND DDR ROUTING ü The broadcast parameter allows broadcast traffic to be forwarded and broadcasts will reset the idle timer. ü Just as with frame-relay map statements the dialer-map broadcast parameter is required for proper OSPF operation over a DDR link ü Note that when the broadcast parameter is added the DDR link can stay up indefinitely due to constant broadcast traffic, to remedy this situation granular dialer-lists must be configured. ü A physical interface can be associated with multiple dialer pools. A logical dialer interface can be associated with only one dialer pool. ü In order to configure PPP chap authentication with dialer profiles enter the PPP authentication chap statement at both the physical interface and the logical dialer interface ü The dialer remote name statement is critical for the called party it must match the calling party host name or the name specified in the calling parties PPP chap host name statement Configuring Legacy ISDN : Global configuration: isdn switch-type ? basic-1tr6 1TR6 switch type for Germany basic-5ess Lucent 5ESS switch type for the U.S. basic-dms100 Northern Telecom DMS-100 switch type for the U.S. basic-net3 NET3 switch type for UK, Europe, Asia and Australia basic-ni National ISDN switch type for the U.S. basic-qsig QSIG switch type basic-ts013 TS013 switch type for Australia (obsolete) ntt NTT switch type for Japan vn3 VN3 and VN4 switch types for France dialer-list list-number protocol protocol-name permit/deny username Remote-router-name password password ( only if using PPP encap/auth ) Interface configuration: (minimal using dialer string… very inefficient use of B channels both sides REQUIRE dialer strings) ip address ip-address mask dialer string dialer-string-numer dialer-group dialer-group-number Interface configuration : (minimal using dialer map) ip address ip-address mask encap ppp ppp authentication chap | pap dialer map ip A.B.C.D ? WORD Dialer string broadcast Broadcasts should be forwarded to this address class dialer map class modem-script Specify regular expression to select modem dialing script name Map to a host spc Semi Permanent Connections speed Set dialer speed system-script Specify regular expression to select system dialing script dialer-group dialer-group-number Interface configuration: (other commonly configured parameters) idle-timeout fast-idle load-threshold Configuring ISDN Dialer Profiles: 3 steps: Configure the physical interface: (all legacy statements must be removed) Dialer pool-member dialer-pool-number Encap ppp ppp auth chap Configure the logical dialer interface: (minimal) ip address A.B.C.D mask encap ppp Dialer remote-name remote-router-name dialer string dialer-string-number dialer pool number dialer-group number ppp auth chap Routing issues over ISDN: ü Use static routes and dialer-lists that filter routing updates ( no broadcast parameter on map statement) ü SNAPSHOT routing for DV protocols ü OSPF Demand circuit- Cisco has a solution to limit OSPF hello traffic over and ISDN link: IP OSPF DEMAND–CIRCUIT. By entering this interface configuration command on one side of a bri connection, OSPF adjacencies will be formed and ongoing OSPF hellos will be suppressed SHOW and DEBUG : Sh dialer map sh isdn stat sh isdn hist sh isdn active sh dialer sh int bri0 (shows D channel) sh int bri0 1 or bri0 2 (shows B channels) deb isdn q921 deb isdn q31 ISDN – Snapshot routing ü All snap shot routing configuration is performed at the interface configuration mode. Typically the snap shot client is a branch office and the snap shot server is the headquarters or hub office. Configuring the Snapshot client: Interface commands: Dialer map snapshot sequence-number dial-string Snapshot client active-period quiet-period suppress-statechange-updates dialer Configuring the Snapshot server: Interface commands: snapshot server active-period dialer Note: ALL PERIODS ARE IN MINUTES SHOW and DEBUG : sho snapshot clear snapshot deb snapshot deb dialer packet deb dialer events Dial Backup ü You can use dial backup to backup an individual frame-relay DLCI by placing the DLCI under a point-to-point subinterface. If the DLCI becomes inactive the point-to-point sub-interfaces line protocol attains a state of down and the designated back up interface will become active ü When applying a dial backup to a legacy ISDN\DDR configuration the physical interface is placed in standby mode. When an interface is in standby mode no other traffic can pass over it. With dialer profiles the logical dialer interface is in standby mode and the physical interfaces are free to be used for other services. Apply two interface configuration commands to the primary interface: For primary link failure: Backup interface {bri0 | dialer} Backup delay { XXX YYY } • XXX = time in seconds to wait before activating the backup interface • YYY = time in seconds to wait before putting backup interface in standby after primary is up For primary link load overload: Backup interface {bri0 | dialer} Backup load { XXX YYY } • XXX = amount of load to be exceeded to trigger backup intf. • YYY = amount of load to be attained to deactivate backup intf. To backup a FR individual dlci, place the dlci under a PtoP subinterface. Floating static routes can also be used for backup. SHOW and DEBUG : sho interface RIP ü Rip routes have a default administrative distance of 120 ü A hop count is the number of routers a rip update has transited. ü When the static default route 0.0.0.0 0.0.0.0 is configured on a rip speaking router, rip automatically redistributes the 0.0.0.0 entry into the rip domain. ü Another method of advertising a default route with rip is to use the default information originate statement under the router rip configuration mode. By entering this statement 0.0.0.0 route will be advertised into the rip domain, even if there is no 0.0.0.0 route on the router that is the source of the default route. ü In a rip domain, all subnets must be contiguous. The contiguous subnet requirement can be overcome by using a combination of default routes and the ip classless command. ü A default route allows a rip speaking router to forward all class full network prefixes that are not listed in a given routers routing table. However, a default route does not automatically allow a rip speaking router to forward all subnets that are not listed in a given routers routing table. ü By enabling ip classless, you override the contiguous subnet rule and allow the router to look for the longest match beyond the listed subnets. If a subnet is not listed on a router with ip classless enabled, it will eventually match the 0.0.0.0 entry. ( the default route) ü If you adjust the timers on one router in a rip domain, adjust the timers on all routers to the exact same settings. ü The most useful debugging tool for rip routing is debug ip rip. ü RIP V1 and IGRP will advertise routes having a different subnet mask than the interface if the route is in a different major network. RIP will assume a classful mask. Router Commands - RIP *auto-summary Enable automatic network number summarization default Set a command to its defaults **default-information Control distribution of default information **default-metric Set metric of redistributed routes **distance Define an administrative distance ***distribute-list Filter networks in routing updates exit Exit from routing protocol configuration mode *flash-update-threshold Specify flash update threshold in second help Description of the interactive help system *input-queue Specify input queue depth *maximum-paths Forward packets over multiple paths **neighbor Specify a neighbor router **network Enable routing on an IP network no Negate a command or set its defaults *offset-list Add or subtract offset from IGRP or RIP metrics output-delay Interpacket delay for RIP updates *passive-interface Suppress routing updates on an interface ***redistribute Redistribute information from another routing protocol *timers Adjust routing timers *traffic-share Algorithm for computing traffic share for alternate routes *validate-update-source Perform sanity checks against source address of routing updates **version Set routing protocol version Interface Commands - RIP Rtr(config-if)#ip rip ? **Authentication Authentication control **receive advertisement reception **send advertisement transmission (Importance - ***High **Medium *Low) IGRP ü Rip has a maximum hop count of 15. IGRP has a max hop count of 100 ü IGRP routes have a default administrative distance of 100. ü Bandwidth is the smallest of all bandwidths on outbound ports in a given path. Delay is the sum of all delays of outbound ports in a path. ü As with rip, if you adjust timers on one you must adjust on all. ü IGRP does not advertise the 0.0.0.0 network to downstream IGRP neighbors. Rip and EIGRP do. ü With IGRP, you must use the “ ip default–network” global configuration command. When using this statement, it is recommended that you assign a class full address. If you use a subnet, with “ip default -network” a static route will be created in your running configuration. Router Commands - IGRP default Set a command to its defaults **default-information Control distribution of default information **default-metric Set metric of redistributed routes **distance Define an administrative distance ***distribute-list Filter networks in routing updates exit Exit from routing protocol configuration mode help Description of the interactive help system *input-queue Specify input queue depth *maximum-paths Forward packets over multiple paths *metric Modify IGRP routing metrics and parameters **neighbor Specify a neighbor router **network Enable routing on an IP network no Negate a command or set its defaults *offset-list Add or subtract offset from IGRP or RIP metrics *passive-interface Suppress routing updates on an interface ***redistribute Redistribute information from another routing protocol *timers Adjust routing timers *traffic-share Algorithm for computing traffic share for alternate routes *validate-update-source Perform sanity checks against source address of routing updates *variance Control load balancing variance (Importance - ***High **Medium *Low) EIGRP ü The feasible distance is the metric used by a given router to reach a specific destination network. ü If a directly connected neighbors metric to a given destination network is less than your own metric, you cannot create a routing loop by selecting a shorter path to a given destination network. ü EIGRP internal routes have an administrative distance of 90. ü External EIGRP routes have an administrative distance of 170 ü The only difference between an IGRP metric and an EIGRP metric is that the EIGRP metric is represented by a value that is larger than the IGRP metric by a factor of 256 ü If you have a discontiguous subnet, you will want to disable the automatic summarization feature of EIGRP. ü EIGRP propagates a route to network 0.0.0.0, but the static route must be redistributed into EIGRP. RIP and OSPF behave as described when using the ip default-network command. Router Commands - EIGRP *auto-summary Enable automatic network number summarization default Set a command to its defaults **default-information Control distribution of default information **default-metric Set metric of redistributed routes **distance Define an administrative distance ***distribute-list Filter networks in routing updates *eigrp EIGRP specific commands exit Exit from routing protocol configuration mode help Description of the interactive help system *maximum-paths Forward packets over multiple paths metric Modify IGRP routing metrics and parameters **neighbor Specify a neighbor router **network Enable routing on an IP network no Negate a command or set its defaults *offset-list Add or subtract offset from IGRP or RIP metrics *passive-interface Suppress routing updates on an interface ***redistribute Redistribute information from another routing protocol *timers Adjust routing timers *traffic-share Algorithm for computing traffic share for alternate routes *variance Control load balancing variance Interface Commands - EIGRP Rtr(config-if)#ip hello-interval eigrp 1 ? <1-65535> Seconds between hello transmissions Rtr(config-if)#ip hold-time eigrp 1 ? <1-65535> Seconds before neighbor is considered down Rtr(config-if)#ip split-horizon eigrp ? <1-65535> Autonomous system number OSPF ü OSPF routers on broadcast networks will elect a DR and BDR. ü OSPF routers on NBMA networks will elect a DR and BDR and all OSPF packets are unicast. ü PtoMP networks are a special configuration of NBMA networks in which the networks are treated as a collection of PtoP links. Routers DONOT elect a DR and BDR and OSPF packets are multicast. ü Loopback interfaces are considered stub networks and advertised as host routes. Adding the interface command ip ospf network point-to-point can alter this default behavior. ü The cost of a route is the sum of the costs of all outgoing interfaces to a destination. Default OSPF cost is 10^8/BW (configured BW of the interface). ü Best practice dictates that a non-backbone area’s addresses should be summarized INTO the backbone area by its own ABR, as opposed to having all other ABRs summarize the area into their areas ü Recall from EIGRP that when a summary route is configured, a route to the null interface is created and automatically entered into the route table to prevent routing loops and black holes. THEREFORE, whenever you are configuring summary routes within an OSPF domain, be sure to add a static route for the summary address pointing to a null interface. ü By default, redistributed routes have external metric type 2. Type 2 routes have a cost which consists of the external cost only. Type 1 routes include the cost of traversing the OSPF domain. OSPF Authentication: ü When authentication is configured, it must be configured for an entire area. Configuring Type 1 authentication : On each interface in the area: ip ospf authentication-key password (note: the passwords DON’T need to be the same throughout the area, but MUST be the same between neighbors.) Router mode configuration: area X authentication Configuring Type 2 authentication : On each interface in the area: ip ospf message-digest-key md5 password (note: the passwords DON’T need to be the same throughout the area, but MUST be the same between neighbors.) Router mode configuration: area X authentication message-digest Manage Authentication Keys: key chain name-of-chain key number key-string accept-lifetime start-time {infinite | end-time | duration seconds} send-lifetime start-time {infinite | end-time | duration seconds} LSA Types- Router LSAs (Type 1) are produced by every router. Lists all of a router’s links, or interfaces, along with the state and outgoing cost of each link. These LSAs are flooded only within the area in which they are originated. Use command: show ip ospf database router Network LSAs (Type 2) are produced by the DR on every multi-access network. Lists all attached routers including the DR itself. Like Type 1’s network LSAs are flooded only within the originating area. Use command: show ip ospf database network Network Summary LSAs (Type 3) are originated by ABRs. They are sent into a single area to advertise destinations outside that area. An ABR also advertises the destinations within its attached areas into the backbone with Network Summary LSAs. Default routes external to the area but internal to the OSPF AS are also advertised as Network Summary LSAs. Use command: show ip ospf database summary ASBR Summary LSAs (Type 4) are also originated by ABRs. ASBR Summary LSAs are identical to network Summary LSAs except that the destination they advertise is an ASBR, not a network. Use command: show ip ospf database asbr-summary Autonomous System External LSAs (Type 5) are originated by ASBRs and advertise either a destination external to the OSPF AS, or a default route external to the OSPF AS. Use command: show ip ospf database external NSSA External LSAs (Type 7) are originated by ASBRs within NSSAs. Unlike Autonomous System External LSAs which are flooded throughout an OSPF AS, NSSA External LSAs are only flooded within the originating NSSA. Use command: show ip ospf database nssa-external Area Types- Stub Area – an area into which Autonomous System External LSAs (Type 5) are not flooded. Type 4s also blocked. ABRs at the edge of the stub network will use Network Summary LSAs (Type 3) to advertise a single default route (destination 0.0.0.0) into the area. To configure: ALL routers in stub area must have area X stub in their router mode configuration. Totally Stubby Area – use a default route to reach ALL destinations outside its area. The ABR of a totally stubby area will block not only Autonomous System External LSAs (Type 5) but also all Network Summary LSAs (Type 3) with the exception of a single type 3 LSA to advertise the default route. To configure: ALL routers in stub area must have area X stub in their router mode configuration, and the ABR must have area X stub no-summary. Not-So-Stubby Area – allow external routes to be advertised into the OSPF AS while retaining the characteristics of a stub area to the rest of the AS. These type 7 LSAs are flooded throughout the NSSA but are blocked at the ABR. (translated to type 5 LSAs and flood it throughout the other areas. To configure: ABR router in stub area must have area X nssa in its router mode configuration, and the ASBR must have area X nssa also The way that OSPF generates default routes (0.0.0.0) varies depending on the type of area the default route is being injected into Normal Areas By default, in normal areas routers don't generate default routes. To have an OSPF router generate a default route, use the default-information originate [always] [metric metric-value] [metric-type type-value] [route- map map-name] command. This generates an external type-2 link with link-state ID 0.0.0.0 and network mask 0.0.0.0, which makes the router an autonomous system boundary router (ASBR). There are two ways to inject a default route into a normal area. If the ASBR already has the default route, you can advertise 0.0.0.0 into the area. If the ASBR doesn't have the route, you can add the keyword always to the default-information originate command, and then advertise 0.0.0.0. Stub and Totally Stubby Areas For stub and totally stubby areas, the area border router (ABR) to the stub area generates a summary link- state advertisement (LSA) with the link-state ID 0.0.0.0. This is true even if the ABR doesn't have a default route. In this scenario, you don't need to use the default-information originate command. Not-So-Stubby Areas The ABR for the NSSA generates the default route, but not by default. To force the ABR to generate the default route, use the area <x> nssa default-information originate command. The ABR generates a type 7 LSA with the link-state ID 0.0.0.0. Router Commands - OSPF Rtr(config)#router ospf 1 ***area OSPF area parameters **auto-cost Calculate OSPF interface cost according to bandwidth default Set a command to its defaults *default-information Control distribution of default information *default-metric Set metric of redistributed routes *distance Define an administrative distance *distribute-list Filter networks in routing updates *ignore Do not complain about specific event [...]... OSPF area ID as a decimal value A. B.C.D OSPF area ID in IP address format Rtr(config-router)#area 1 ? **Authentication Enable authentication *default-cost Set the summary default-cost of a NSSA/stub area *nssa Specify a NSSA area ***range Summarize routes matching address/mask (border routers only) *stub Specify a stub area ***virtual-link Define a virtual link and its parameters (Importance - ***High... ip nat translations [ verbose ] show ip nat statistics clear ip nat translation * clear ip nat translation clear ip nat translation <local-ip> debug ip nat [ ] [ detailed ] Other useful NAT commands: • clear ip nat translation * - Clear all dynamic address translation entries from the NAT translation table • clear ip nat translation... list-number frame-relay priority-group list-number frame-relay adaptive-shaping [becn |foresight] frame-relay cir [in | out] frame-relay mincir [in | out] bps frame-relay bc [in | out] bits frame-relay be [in | out] bits frame-relay idle-timer duration frame-relay traffic-rate average [peak] • Apply map-class to an interface or vc frame-relay class map-class-name class map-class-name Multicasting Multicast:... translation inside global-ip local-ip [outside local-ip global-ip] -Clear a simple dynamic translation entry containing an inside translation, or both inside and outside translation • clear ip nat translation outside local-ip global-ip - Clear a simple dynamic translation entry containing an outside translation NTP NTP is a protocol designed to time-synchronize a network of machines Basic example of NTP: clock... Frame-Relay Traffic Shaping Terms: ü Tc - Committed Rate Measurement Interval (Bc/CIR) ü Bc - Committed Burst Size ü Be - Excess Burst Size ü CIR - Committed Information Rate ü MinCIR - Minimum Committed Information Rate Frame-Relay Traffic Shaping Configuration • Enable FRTS frame-relay traffic-shaping • Define a map-class map-class frame-relay map-class-name • Define map-class parameters frame-relay custom-queue-list... external Token Ring to that virtual ring Ethernet -Traffic that originates on Ethernet is picked up from the local Ethernet bridge group and transported across the DLSw network DLSw always transfers data in noncanonical format DLSw will automatically make the correct MAC address conversion depending on the destination media When DLSw+ receives a MAC address from an Ethernet-attached device, it assumes... canonical and converts it to noncanonical for transport to the remote peer At the remote peer, the address is either passed unchanged to Token Ring-attached end systems or converted back to canonical if the destination media is Ethernet Note that when an SNA resource resides on Ethernet, if you configure a destination SNA address in that device, you must use canonical format For example, Ethernet-attached... ***summary-address Configure IP address summaries *timers Adjust routing timers *traffic-share Algorithm for computing traffic share for alternate OSPF intertace commands Rtr(config-if)#ip ospf ? ***authentication-key Authentication password (key) **cost Interface cost *database-filter Filter OSPF LSA during synchronization and flooding *dead-interval Interval after which a neighbor is declared dead ***demand-circuit... that this command applies to Hot Standby group 1 The standby authentication interface configuration command establishes an authentication string whose value is an unencrypted eight-character string that is incorporated in each HSRP multicast message This command is optional If you choose to use it, each HSRP-configured router in the group should use the same string so that each router can authenticate... source { list pool [overload] | static } Enabling translation of inside destination addresses: ip nat inside destination { list pool | static } Enabling translation of outside source addresses : ip nat outside source { list pool | static } Configuring translation timeouts: ip nat translation timeout . FRAME-RELAY ü A point-to-point subinterface can only accommodate a single DLCI at any given time. Point-to- point sub-interfaces are treated by the IOS like a physical point-to-point interface. (Type 3) are originated by ABRs. They are sent into a single area to advertise destinations outside that area. An ABR also advertises the destinations within its attached areas into the backbone. Summary LSAs. Default routes external to the area but internal to the OSPF AS are also advertised as Network Summary LSAs. Use command: show ip ospf database summary ASBR Summary LSAs (Type