1) Control Plane

• Activities related to maintaining routing table, performing NAT, QOS, ACL, etc., belongs to the
control plane.
• CPU is involved in these activities of a device.
• Basically it is designated to provide information and assistance to data plane.

2) Data Plane
• Activities related to make forwarding decision on the basis of information provided by the
control plane.
• All interface of a device residence in the plane.

3) Management Plane
• Activities related device management like configuring device from CLI via console , telnet , ssh
and SNMP

Switching Methods
1. Process Switching
2. Fast switching
3. CEF (cisco express forwarding)

Process switching
• When frame is received that frame is always is sent to the processor (CPU)
• This is done repeatedly same every time a frame is received even if it is from same source
and for same destination
• It will increase CPU utilization high
• Device will stop functioning.
• Per packet load balancing.
Fast switching
• This method is knows for process once and switch many times
• RP :- Route Processor – CPU
o To process the frame so table can be populated
• SE :- Switch Engine – Shortcut
o To forward the traffic on the basis of entry in table.
• For every new connection switch always look into route processor.
• Load balancing per destination basis.

CEF: - Cisco Express Forwarding

• A mechanism of packet switching developed by cisco
• It is a fast packet switching method in comparison of process & fast switching
• By default , CEF is enabled on cisco devices like router , Switch (if routing is configured)
• It can disable but not recommended.
• It enabled by default on cisco devices.
• RIB :- Routing Information base
o The routing Table
• FIB :- Forwarding information base
o Its duplicate copy of RIB
o Is always synchronised with RIB
o Every info in RIB will automatically copied in FIB
o FIB is always updated through RIB
▪ If any routes goes down then only from FIB will automatically get deleted + vice
versa
o Layer 3
▪ Generation 1 → switch process / switching engine
▪ Generation 2 → RP / CEF
When use CEF PUNT – RIB
• An entry cannot be located in the FIB.
• The FIB table is full.
• The IP time-to-live (TTL) has expired.
• When TTL is one (1).
• The maximum transmission unit (mtu) is exceeded, and the packet must be fragmented.
• An Internet control Message Protocol (ICMP) redirect is involved.
• The encapsulation type is not supported.
• Vlan ACL, Port ACL, filtering.
• QOS
• If destination route is not exist.
• If adjacency table is not completed.
• SH ip CEF

Adjacency
• Sh adjacency
• Sh adjacency detail
• Sh ip cef 10.0.0.2 255.255.255.255 detail

Type of Adjacency table

1) Null adjacency: - Null adjacency table will be responsible to handle those packets which are
forwarded toward null interface.
2) Drop adjacency: - This table is basically responsible to handle those packets which encountered
with mismatch of encapsulation or crc error.
3) Discard adjacency: - This table is responsible to handle those packets which are discarded
(forced) by an acl.
4) Glean adjacency: - The table is responsible to have information about all directly connected
networks and whenever a packet will move to any directly connected network then those
packet will be handled by glean adjacency.
5) Punt adjacency: - The table is responsible to handle those packets which is not processed by cef
and forwarded to control plane to process these packet.
How to disable CEF
• #no ip cef

C-CEF
• Central CEF

D-CEF

• Distribute CEF
Routing
• It is a process by which router will forwarded packets.
• Router have two table to take forwarding Decision
o Routing table
▪ It find out exit interface
▪ It have L3 information
o ARP table
▪ It have MAC Address
▪ It will change L2 information
• Routing is a process in which if router receive traffic on one interface after receiving traffic
router will check routing table just to find out the exit interface , after checking the exit interface
it will switch the traffic on that exit interface , now it will change L2 information by the help of
ARP table and after that traffic will forward.

• Type of Communication

o Unicast
o Broadcast
o Multicast

• Different type of network

o Point to point network (Serial)

o Point to multipoint(Ethernet)

Type of Routing

1) Static Routing
2) Dynamic Routing
Static Routing
• In this Routing administrator manually specify the route information.
• There are three way to configure static route
1. With using next hop address
▪ When Route is assigned through next hop
• Solution →no proxy ARP
• Problem → recursive Lookup
• R1(config)#IP Route <destination network > <destination subnet
mask > <next hop ip >
2. With using exit interface
▪ When route is assigned through exit interface
• Problem →Proxy ARP
• Solution → no recursive Lookup
o Ip route <Destination Prefix ><destination subnet
mask><exit interface>
o Ip route < 30.0.0.0>< 255.0.0.0>< fastethernet 0/1>
3. With using combination of both Exit Interface and Next hop.
▪ Ip route <Destination Prefix ><destination subnet mask><exit
interface><next hop ip >

Recursive Lookup
o Repetition of routing table lookup for a single destination.
Proxy Arp
o An ARP reply is given on behalf of other devices.
• Serial Link →
o Does not Support ARP
o Serial Link Does not have mac address
o Static route can be assigned through exit interface if that interface is serial →
so that will no problem of proxy ARP.
• Advantages
o CPU utilization less
o Security
• Disadvantage
o Burden on an administrator
o Works in small network
o Time consuming
Route Preference criteria
• Purpose → Redundancy (Backup )
o Primary path
o Secondary Path
• When there are multiple paths for a single destination, so router should prefer any
one path to reach that destination.

Highest Prefix length (CIDR)

o Higher the prefix , less the number of host IPs

o Less the number of host IPs, lesser the cpu utilization.
o When multiple routes are assigned on a single router, both the routers will be
installed in routing table.

Lowest administrative Distance (AD)→ 8 bit (0-255)

o When prefix (CIDR) is length is same.

o Measure of trustworthiness.
o Lower the AD value, the higher the trust/Preference.
o Connected = 0 (always)
o Static = 1 (always )
o RIP= 120
o EIGRP=90 , 170
o OSPF=110
o BGP=20,200
o 255= route will be considered as invalid.
o Router having lower AD value will only get into routing table.

Lowest metric

o If AD value is also same then

o Connected and static route does not have metric = always (0)
o It is useful in dynamic routing protocol
o RIP →Hop count
o EIGRP→Composite metric weights ( k-value)
o OSPF →Cost
• When all criteria are same then routers will perform “Load Balancing”
• Both the routes will be installed in routing table.
 • Packets will be distributed among both the routes equally and alternating.

Dynamic Routing
• Routing in which routes are maintained and calculate automatically.
• Routers automatically exchange the routes b/w each other.
• Some packets are there for each protocol which is advertised by routing protocols to
get the routes from their neighbouring routers→ Directly Connected Routers.
• Dynamic Routing
o IGP(Interior Gateway Protocols)
o EGP(Exterior Gateway Protocols)
• IGP→Routing Protocols that share routes among same autonomous system.
o Ex→ RIP , EIGRP , OSPF
• EGP→Routing Protocols that share routes between different autonomous systems.
o BGP

Autonomous System Numbers (IANA)

o Group of router or network in single administration is called AS number

o This is share by same routing policies & controlled by a single admin or team.
o It is identify by decimal number
o 16 bit (0-65535) 0 & 65535
o 1-64511(public AS)
o 64512-65534(Private AS)
• IGP(Interior Gateway Protocols)
o RIP(Routing Information Protocols)
o EIGRP(Enhanced Interior Gateway Protocols)
o OSPF(Open Shortest Path First)
• EGP(Exterior Gateway Protocols)
1. BGP ( Border Gateway Protocol)
EIGRP
1) It stand for Enhanced Interior Gateway Protocols
2) It is an Interior Gateway Protocols
3) It is Hybrid Routing Protocols
a. It will not use distance (hop count) but still hop count will be forward
in EIGRP updates.
b. Next-hop = source of update
c. Table
4) It is Advance Distance Routing Protocols
5) It is Open standard.

Metric
a. Bandwidth = 1*K1 (by default)
i. Capacity of link
ii. Higher value is preferable
iii. Sh int fa0/0 | s BW
b. Load= 0*K2
i. Link utilization
ii. Lower value is preferable
c. Delay= 1*K3 (by default)
i. Time taken during transmission from one device to another
ii. Lower value is preferable.
d. Reliability= 0*K4
i. Link having least downtime.
ii. Lower value is preferable
e. MTU= 0*K5
i. Interface through which we can send more data.
ii. Lower value is preferable.
iii. R1(Config-router)#metric weights 0 1 0 1 1 0
Eigrp uses composite metric
In hello packets both routers will tell each other what k values they are using for metric
calculation.
By default only (k1) bandwidth and (k3) delay are used for metric
calculation.

Metric calculation = 256(10^7/least b/w) kpbs + total delay /10)

Standard IEEE
o Serial
▪ Bw =1.544 mbps
▪ Delay = 20000

o Ethernet

Bandwidth Delay
Ethernet 10,000 kbps 1000
Fast Ethernet 100,000 kbps 100
Gig Ethernet 10,00,000 kbps 10
10 gig 10,000,000 kbps -
Loop back 8,000,000 kbps 5000

1) It supports equal load balancing, by default 4, max 16/32

a. R1 (Config-ROUTER) #MAXIMUM-PATHS 10.
2) Hello timer 5 sec and hold timer 15 sec.
a. After 15 sec, neighbour ship will break and routes will be removed
from routing table.
b. In slow link (frame-relay) hello is 60 sec and hold is 180 sec.
 c. Show ip Eigrp interface detail.
3) Hop count by default 100 and maximum 255
a. Hop count not use for metric calculation.
b. R1(config-router)#metric maximum-hops
4) AD VALUE
a. 90(Internal)
b. 170(External)
c. 5(Summary Route)
d. Routes exchanged within the AS will be installed with the AD
value of 90 and between the AS with the help of redistribution
will be installed with the AD value of 170.
5) Network can be advertised with wildcard mask also
a. Opposite of subnet mask
6) RID should be unique within AS.
a. Redistributing router RID should be unique for all the AS it is
connected to.
b. Statically
c. Highest Loopback IP
d. Highest Physical Interface IP.
e. 32 bit identity always in IPV4
f. R1(config-router)# Eigrp Router-id 1.1.1.1
7) It is a classless routing Protocol.
a. It send network Id with subnet mask
8) It support VLSM
9) By default auto-summary is enabled / disable in IOS version 15.0 and
above.
10) It uses multicast address 224.0.0.10
11) It encapsulate in IP Packet.
12) It uses Protocols Number 88
13) Passive interface
a. Hello will not be sent or received
b. R1(config-router)#passive-interface fastEthernet 0/0
 14) To create multiple domain of Eigrp we use AS ( Autonomous System
Number)
15) It uses dual algorithm for best path selection (Diffusing Update
Algorithm)

DUAL (Diffusing Update Algorithm)

o It is used to store metric Information.
o Calculated of a route from source to destination.
• CD (Cumulative Distance )
o Total metric from source to destination of all paths available.
• FD(Feasible Distance)
o Best/least metric from source to destination/ least CD.
• RD(Reported Distance)
o Total metric from neighbour of source to destination.
o Metric adv. By neighbouring Router
o Show ip Eigrp topology 192.168.1.0
Terminologies
o Successor
▪ Best route / path having least CD. Will be
▪ Copied to the routing table.
o Feasible Successor
▪ Second Possible Best path
o Feasibility condition→ RD of another path < FD of successor
o Topology table keeps the record of route that matches or fulfils the
feasibility condition.
 o Whenever a router will receive the update, it will compare the B.W
carried in the update to the B.W of received interface To calculate FD
it will use the least B.W
o Delay is cumulative in nature. It will add delay carried in the update
with delay of interface on which update is received to calculate F.D
EIGRP Table
o Routing
▪ Successor FD
o Neighbour
▪ It is used to give information about neighbour
▪ It will also give information about IP address ,
▪ hold timer left for neighbour
▪ RTO , SRTT , Seq , count
▪ On which interface neighbour is contacted
o Topology
▪ The table is used by router when Eigrp is enabling on that
router.
▪ Install those routes are part of Eigrp
▪ Sub-table → topology all links
o Topology all-links = Successor, F. Successor, Alternate. CD/RD/FD
o Topology = Successor , F. Successor CD/RD/FD

Types of Msg in EIGRP

• Hello
• Update
• Query
• Reply
• Acknowledgement

Notes:-

1) Router will start dynamic Neighbour discovery on that interface

2) Router will add network present in that interface to local topology table.
3) Router will discover neighbour using Hello message.
4) Router will send multicast hello on address 244.0.0.10.

Hello
o Hello packet is used to form and maintain Neighbour.
o Hello packet in Eigrp is used to check whether neighbour is alive or
not
▪ bandwidth utilization is reduced
o This packet carries neighbour parameters which need to be matched
b/w routers with in a broadcast domain.
o Hello packet does not carry subnet mask information
o Multicast (ether , serial ) 224.0.0.10

Content of Hello Msg

1. Version = 2
2. OP code = 5
3. Checksum Value
4. Seq=0
5. Ack=0
6. AS number
7. K value
8. Hold = 15 sec
9. IOS version
10.Authentication (optional)
EIGRP Neighbour ship parameter

o AS(Autonomous System ) Num should match

o Subnet Should match (on the basis of AND Operation)
o Metric weight should match
o Authentication Should match(optional)
▪ Eigrp doesn’t have its any authentication parameter it will take
help router key chain feature.
▪ Key ID and Key chain is same but key name can be different.
▪ R1(Config)#Key chain R1
▪ R1(config-keychain-key)#Key 1
▪ R1(config-keychain-key)#Key-string ccna
▪ R1(config)#int fa0/0
▪ R1(Config-if)ip authentication mode Eigrp 100 md5
▪ (Config-if)ip authentication key-chain Eigrp 100 R1
▪ Show key chain
Changing key according to time.
First time should me same
▪ R1(Config)#Key chain R1
▪ R1(config-keychain-key)#Key 1
▪ R1(config-keychain-key)#Key-string ccna
▪ R1(config-keychain-key)#accept-lifetime 01:23:00 2 sep 2016
2:00:00 2 sep 2016
▪ R1(config-keychain-key)#send-lifetime 01:23:00 2 sep 2016
2:00:00 2 sep 2016
o Clock set
o Interfaces should not be passive
▪ Hello will not be sent nor received in EIGRP
▪ R1(Config)#router Eigrp 100
▪ R1(Config-if)#passive-interface fa0/0
o It advertise periodically in every 5 sec
Commands
Router (config)#Router Eigrp 100
Router (Config-router)#Network 12.0.0.0
Router(config-if)#IP hello-Interval Eigrp 100 10 (1-65535)
Router(config-if)#IP hold-Interval Eigrp 100 15 (1-65535)
Router Eigrp 100
Router (config-router)#Metric weights <TOS> 0 <k value >1 1 1 1 1
R1(Config)#do sh ip Eigrp interfaces
Show ip Eigrp interfaces detail fastethernet 0/0

RTP (reliable Transport Protocols)

Is used for reliable delivery of update
Since Eigrp is a n/w layer protocols
1. Directly encapsulate in IP header
2. IP is a connection less protocol → No ack

Adjacency
• Null update is used to verify bidirectional connectivity b/w routers which hello cannot provide
• Hello does not provide ack but update packet does.
Update Message
3. It is used to share prefix information
4. Unicast (serial)
5. Multicast (ethernet)
6. Update packet is separate from hello packet.
▪ Update are not periodic in Eigrp but only trigged
 7. OP code = 1
8. Ack = 5
9. When two router will form Neighbourship and share update it start-up
10. In that case router will share full Update on multicast address
11. When any new network is added in topology in that case router will generate
partial Update.

If there is no ack of update , query and reply is received then

1. A router will send the same update to the neighbour from which ack
is not received sixteen times as unicast. (re transmission throttling)
1st → update → multicast → Seq 1

(Multicast flow timer) → 318 ms → neighbour table

2nd → update → unicast→retry (1) →same seq number 1

RTO → 468 ms

3rd →update → Unicast → retry (2) →same seq number 1

➔ If there is no ack of update , query and reply is received then:

➔ A router will send the same update to the neighbour from which ACK is not received
sixteen times as unicast
➔ If ack is received after 8 unicast then it will stop sending further unicast messages.
➔ If ack is not received even after 16 unicast message then the router will flap the
neighbour ship.
o Hello → No ACK → unreliable → def multicast → can be unicast
o Update →ACK → reliable
o ACK → No ACK → unreliable → Always unicast
o Query → ACK → reliable → def Multicast
o Reply → ACK reliable → Always → always Unicast

SRTT (Smooth round Trip Timer)

o Avg. Time of sending the update and getting the ack in return
RTO
o Time difference between two unicast during RTP
 o Max = 5000ms

Q Count
o Number of pending acknowledgement from a particular neighbour.
Seq num
o Seq number of update last received from neighbour.

Query
o OP Code = 3
o Ethernet = Multicast
o Serial = Unicast
o It is sent when successor goes down and feasible successor is not available for a
particular route.
o Delay infinity
o If neighbour ship is static then will be unicast
o Positive reply
▪ When router have redundant path
o Negative Reply
▪ When router does not have redundant Path
 o 3 min wait for Query msg
o Stuck in active state

Split horizon
• If you receive any update on interface you cannot send back on that interface
• The split Horizon feature prevents a route learned on one interface from being advertised back
out of that same interface. It is loop in EIGRP

Route Poison
• Hop count 16 (RIP)
• Delay Infinite value ( EIGRP)

Split Horizon with poison reverse

• It is a loop avoidance Technique by default it is enable on interface.
• Bounded Update.
 • The same prefix Update which router get form interface router will not send back that prefix to
another router on same interface.
• It is used to confirm the sending router that spilt horizon is enabled on receiving router’s
interface.
• R1(config)#interface ethernet 1/0
• R1(config-if)#no ip split-horizon Eigrp 100

Type of NBR Discovery

• Dynamic NBR
o Is useful when there are more than two routers in a single broadcast
domain
o Purpose
▪ Neighbourship can be formed without knowing Neighbourship
▪ b/w utilization reduction , CPU utilization reduction
• Static NBR
o Is useful when there are only two routers with in a broadcast
domain.
▪ Security purpose
o R1(config)#Router Eigrp 100
o R1(Config-Router )#network 192.168.1.0
o R1(Config-Router )#neighbor 192.168.1.2 ethernet 1/0
o Router will send unicast msg in Eigrp
• If you want to configure static Neighbour you have to configure both side
• Static Neighbour is not compatible with Dynamic Neighbour ship.
• In static neighbour hello msg sends as Unicast.
• Hub and Spoke technique
• NBMA ( Non Broadcast Multi access)

Next-Hop Rule in Eigrp

• When Router advertised any Prefix to other router it will send it ip as Next-hop
• R1(config)#interface ethernet 1/0
• R1(config-if)#no ip split-horizon Eigrp 1
 • R1(config-if)# No ip Next-hop-self Eigrp 100

How to reduce query

1) Feasible successor
2) Summarization
3) Eigrp Stub

EIGRP Stub Router

• Non stub router will never advertise query toward Stub router.
• Stub Router will never receive Query message but can send Query msg
• Stub router will never forward one neighbour routes to another neighbour
• Connected and summary routes advertise only by stub router
• Stub router can generate query toward non Stub Router
o Information go in Hello msg
• R2(config-router)#router Eigrp 100
• R2(config-router)# Eigrp stub

Equal cost Load Balancing and Unequal

Cost Load Balancing
• Equal cost Load Balancing
o When router have multiple path but I have same metric that is known as Equal cost load
Balancing
a. By changing metric (delay and bandwidth)
b. By using offset list
c. R1#sh ip eigrp topology 34.1.1.0/24
Offset-list
• It used to perform Load-balancing and for path manipulation.
• With help of offset-list we can perform load-balancing for particular Prefix.
• Make Acl
o Ip access-list standard 10
▪ PERMIT 192.168.3.0 0.0.0.255
• Then apply offset list in EIGRP
o ROUTER EIGRP 1
▪ Offset list 10 in 504320 fa0/0

Unequal Cost Load Balancing

• When router have multiple path but I have different metric that is known as Unequal cost load
Balancing
o Variance
o Traceroute 3.3.3.3 probe 10
• A best route (successor) and backup route (F.s) in topology table.
• Prefix length will check first
o It prefix length is different it will add both in routing table
o It Prefix length is same , then it will check AD value
o Prefix that have least AD value that will install in routing table.
o If AD value is same then will come with metric.
o Prefixes that have least metric that prefix are installing in routing table.
o If metric is also same then they both prefix is install in routing table and both are
Successor.
o In Topology table we have both successor and F.Successor
o Routing table we have only successor.
o Variance → (1 to 128) by default is 1
o R1(config)#Router Eigrp 100
o R1(config-router)variance 2
Route – filtering
1) Access-list
a. Standard
i. Ip access-list standard 11
1. Permit 30.10.0 0 0.0.255.255
2. Exit any
• R2(config)#router Eigrp 1
• R2(config-router)#distribute-list 11 in fastethernet 1/0
b. Extended ACL
i. <Action> permit /deny
ii. <protocol> IP
iii. <source >any
iv. <Destination > n/w you want to match.
1. Ip access-list ex 101
a. Deny ip any 10.1.0.0 0.0.255.255
b. Permit ip any any
2. distribute-list 101 in fastethernet 1/0
2) Prefix list
a. In acl we match network part but we doesn’t match subnet mask in ACL
b. In Prefix list we match subnet mask also.
c. R2(config)#ip prefix-list forty deny 40.1.0.0/16 ge 27 le 3
d. R2(config)#ip prefix-list forty permit 0.0.0.0/0 le 32
e. R2(config-router)#distribute-list prefix forty in
f. R2(config)#ip prefix-list abs deny 0.0.0.0/0 ge 24 le 27
g. R2(config)#ip prefix-list abs permit 0.0.0.0/0 le 32
h. R2(config-router)#distribute-list prefix abs in
Route-Map
• Which parameter we can match in route-map
1) Metric
2) Metric Range
3) Next hope
4) Route-type
5) Source Protocol
6) Interface
a. Metric
i. R2(config)#Route-map <name> ccna deny <seq > 10
ii. R2(config-route-map)#match metric 33280
iii. R2(config)#Route-map <name> ccna permit <seq > 20
iv. R2(config-route-map)#exit (match all → permit any)
v. R2(Config)#router Eigrp 100
vi. R2(config-router)#distribute-list route-map ccnp in
b. Metric range
i. (Max metric + min metric)/2
ii. (32768 + 32000 )/2 = 32384
iii. 32384 – (min metric ) 32000 = 384
iv. R2(config)#route-map DAKU
v. R2(config-route-map)#match metric 32384 + - 384
vi. R2(Config)#router Eigrp 100
vii. R2(config-router)#distribute-list route-map DAKU in
c. Next hope
i. Ip access-list standard 10
1. Permit 192.168.123.1 0.0.0.0
ii. Route-map nb deny 10
1. Match ip next-hop 10
iii. Route-map nb permit 20
1. Exit
iv. Router Eigrp 100
1. Distribute-list route-map nb in
d. Route type
i. Internal (90) same domain
ii. External ( 170) different domain
1. Route-map nb deny 10
a. Match route-type < internal > <external>
2. Route-map nb permit 20
a. Exit
 3. Router Eigrp 100
a. Distribute-list route-map nb in

e. Source protocol
i. Route-map source-protocol
1. Match source-protocol ospf 4
f. Interface
i. Route-map nb
1. Match metric 32384 + - 384
2. Match interface fa0/1
3. Exit
ii. Router Eigrp 100
1. Distribute-list route-map nb in
g. Tag
1. R2(config)#route-map ccna permit
2. R2(config-route-map)#set tag 500
3. R2(config)#router eigrp 1
4. R2(config-router)#redistribute ospf 1 route-map ccna metric 1 1 1 1
1

Summarization
1) To summary the route to reduce routing table size.
2) To add multiple route to form single subnet.
3) For summary for connected route.
a. Auto-summary
b. Manual -summary

Automatic-Summary
1) At least one subnet should be same.
2) Subnet mask default
3) Summary
a. Local topology
b. directly connected
4) Routing topology
5) Whenever any router perform summarization then router will create entry in the Eigrp table
with NULL 0 (AD=5)
a. AD→ 5 (to prevent control plane)
 b. Null = 0 (to prevent forwarding / data plane loop)
6) With summary we will always forward least metric

Manual Summary

1) At least in local topology

2) Subnet mask (defined by us)
3) Routing topology
a. AD→ 5 (to prevent control plane)
b. Null = 0 (to prevent forwarding / data plane loop)
4) With summary we will always forward least metric
5) Interface basis
6) Switch(config#)ip summarize-address Eigrp 100 3.3.0.0 255.0.0.0

Redistribute default
a. Redistribute static
i. R1(config)#router eigrp 1
ii. R1(config-router)#redistribute static
iii. R1(config-router)#exit

iv. R3(config)#ip prefix-list default permit 0.0.0.0/0

v. R3(config)#route-map abc
vi. R3(config-route-map)#match ip address prefix-list default
vii. R3(config-route-map)#exit
viii. R3(config)#router eigrp 1
ix. R3(config-router)#redistribute static route-map abc
x. R3(config-router)#exit

b. Summarization
i. Ip summary-address Eigrp 100 0.0.0.0 0.0.0.0

c. Network 0.0.0.0
i. Default route should be given by exit interface
IPV6
1) It is 128 bits address.
2) It is represent in Hexadecimal from.
3) Separated with the help of colon “:” only.
4) IPV4
a. 32 bits divided in 4 octets
b. Each octet there is 8 bits
c. 2^8 = 0-255 ( in decimal form)
5) IPV6
a. 128 bits divided on 8 hextets
b. Each hextets there is 16 bits
c. 2^16 = 0-65535 ( in hexadecimal form)
d. 1 hex digit = 4 bits
e. 1 hextets = 16 bit ( 4 digits)
 • No need of NAT
• No need of Subnetting
• DHCP Stateless (No need DHCP Server)
o No separate configuration is needed.
o No binding are maintained
• DHCP State full (Need DHCP Pool)
o Dhcp server (config)
o Dhcp server will maintain all binding table

16 bit: 16 bit: 16 bit: 16 bit: 16 bit: 16 bit: 16 bit: 16 bit

Starting 64 bits = Network Bits

Last 64 bits = Host bits

Identify the network Id portion / Address type

• In IPV6 there is no broadcast address.
• FF00 ::/8= Multicast address ( null 0 )
• FF02::/8 = Multicast address
• FC00 ::/7= Private Address(Unique local Unicast) these are used for Intra
network communication
• 2000::/3 = Public Address(Global unicast address) these are used for
communication in global (Internet)
• ::1 /128 = loopback
• FE80::/10 = Link Local Address
o Link local address is made with the help of EUI ( Extended Unique
Identifier) – 64
o Subnet is always /64
o Fe80 ::/64 = network id ( by default)
o Rest 64 bits will be considered for host IP
o This host Ip is derived from physical int mac address
o Step 1 – FE80:: → 64 bits
• FE80:0000:0000:0000:
 o Step 2—→Auto calculate by MAC Address of interface
▪ → 1234.ABCD.0128 + FFFE
▪ 1234.AB FF:FE CD.0128
o Step 3—Change 7th bits of 1st Hextet
▪ 1234.ABFF:FECD.0128
▪ 1034.ABFF:FECD.0128
▪ FE80:: 1034.ABFF:FECD.0128
• Manually IPV6 Address
➢ Rule 3:-
o Identify the host ID portion.
▪ It is in 64 bits.
• 10AA.01AO.190A
• 10AA:01 FF: FEAO: 190A
• IF 7th bit is 0 then it converts into 1.
• IF 7th bit is 1 then it will convert into 0.

How to Write in Short form of IPV6:-

1) If there is leading Zero in a field we can avoid them to write
a. 2001:0014:0001:0002:3003:0008:7000:0080
b. 2001:14:1:2:3003:8:7000: 80
2) If multiple fields are zero then write ten with double colon [::] only once in
a IPV6 address.
a. Ex- FC00:0000:0000:0001:0000:0000:0000:0001
• FC00::1:0:0:0:1
• FC00:0:0:1::1
NDP (Neighbor Discovery Protocol) (ICMPv6)

• ICMPv6 packet is used for NDP to find destination host mac

o Neighbour solicitation ( 135 )
▪ It is like ARP REQUEST
▪ It is Multicast Msg

o Neighbour advertisement ( 136)

▪ It is like ARP REPLY.
▪ It is Unicast

• Router solicitation (133)

• Router Advertisement (134)

NDP feature

1) Automatic address configuration (auto-config)

2) Prefix discovery
3) Duplicate address (NS, NA)
a. Neighbour solicitation
i. SIP (any) ::
ii. DIP ( multicast) FF02::1:FFxx:xxxx
iii. First 104 bit are fixed
iv. Last 24 bit are derived from IPV6 address
b. Neighbour advertisement
i. SIP = IPV6 add
ii. DIP = FF02 ::1
c. If IPV6 is same then it will give error(DAD) duplicate add
detection
4) Mtu discovery
5) Mac address Resolution (RA , NA)
How to assign IPV6
• R1(config-if)#ipv6 enable ( to enable IPV6)
• R1(config-if)#ipv6 address 192:168:101:1::1/64
o FE80::C801:9FF:FE20:8
o ca01.0920.0008
• R1(config)# IPV6 unicast-routing ( to enable IPV6 Routing)
• R2(config-if)#ipv6 address autoconfig

Create loopback IPV6

• R1(config)#int l0
• R1(config-if)#ipv6 address 1::1/128

Configure Static Routing

• R1(config)#ipv6 route 2::2/128 fastethernet 0/0

FE80::C802:4FF:FE70:8
• R2(config)#ipv6 route 1::1/128 fastethernet 0/0
FE80::C801:9FF:FE20:8
• ipv6 route 0::0/0 fastEthernet 1/0 23::2

Autoconfig
• DHCP for IPV6
o Stateless Auto config
▪ Stateless dhcp which does not maintain any database.
▪ Cannot provide dns-server info.
▪ Router advertisement
• As u will enable ipv6 on interface a device will start sending
Router advertisement in every 60 sec.
• Server will send Router advertisement.
 ▪ Router Solicitation
• This packet is forward by host on router to set IPV6
preferred.
• It is send by client.
▪ Valid lifetime 30 days , preferred lifetime 7 days (always)
▪ If you want the client to install any ip received from router then the
prefix length should be /64
▪ Otherwise EUI-64 will not work
o Stateful dhcp (DHCPV6)
▪ DHCP will maintain database
▪ DNS info can be provided
▪ Valid lifetime 48 hrs , Preferred lifetime 24 hrs
▪ Solicit , advertise , request , reply
▪ Client 546 , server 547
o R1(config)#ipv6 dhcp pool R2
o R1(config-dhcpv6)#address prefix 10:1:1::/80
o R1(config-dhcpv6)#dns-server 100:1:1:1::1
o R1(config-dhcpv6)#exit
o R1(config)# int fa0/0
o R1(config-if)#ipv6 dhcp server R2
o R1(config-if)#ipv6 address 100:1:1::1/80
o R2(config-if)#ipv6 address dhcp R2
o R2(config-if)#ipv6 address autoconfig default
o R1 (config-if)#ipv6 nd prefix 100:1:1::1/80 600 300
→Eigrp (Named Mode)

• R1(config)#ipv6 unicast-routing ( to enable IPV6 routing)

• R1(config)#ipv6 router eigrp 100
• R1(config-rtr)#eigrp router-id 1.1.1.1
• R1(config)#int fa0/0
• R1(config-if)#ipv6 eigrp 100
• R1(config-if)#exit
• R1(config)#int fa1/0
• R1(config-if)#ipv6 eigrp 100
• R1(config-if)#exit
• R2(config)#ipv6 router eigrp 100
• R2(config-rtr)#eigrp router-id 2.2.2.2
• R2(config-rtr)#exit
• R2(config)#int fa0/0
• R2(config-if)#ipv6 eigrp 100
• R2(config-if)#exit
• R2(config)#int fa1/0
• R2(config-if)#ipv6 eigrp 100
• R2(config-if)#exit
• R3(config)#ipv6 router eigrp 100
• R3(config-rtr)#eigrp router-id 3.3.3.3
• R3(config-rtr)#exit
• R3(config)#int fa1/0
• R3(config-if)#ipv6 eigrp 100
• R3(config-if)#exit
• R3(config)#int fa0/0
• R3(config-if)#ipv6 eigrp 100
• R3(config-if)#exit
• R4(config)#ipv6 router eigrp 100
• R4(config-rtr)#eigrp router-id 4.4.4.4
• R4(config-rtr)#exit
• R4(config)#int fa1/0
• R4(config-if)#ipv6 eigrp 100
• R4(config-if)#exit
• R4(config)#int f0/0
• R4(config-if)#ipv6 eigrp 100
• R4(config-if)#exit
• R4(config)#int range loopback 1-4
• R4(config-if-range)#ipv6 eigrp 100
• R4(config-if-range)#exit
• R1#sh ipv6 eigrp neighbours
• R1# sh ipv6 eigrp interfaces
• R1# sh ipv6 eigrp interfaces detail
• R1(config)#int fa0/0
• R1(config-if)#ipv6 hello-interval eigrp 100 10
• R1(config-if)#ipv6 hold-time eigrp 100 30
• R1#sh ipv6 eigrp topology
• R1#sh ipv6 eigrp topology all-links
• Offset list is not used in IPv6
• Prefix list
o R1(config)#ipv6 prefix-list NB deny 172:168:101:1::/64
o R1(config)#ipv6 prefix-list NB permit 0::0/0 le 128
o R1(config)#ipv6 router eigrp 100
 o R1(config-rtr)#distribute-list prefix-list NB in
o R1(config-rtr)#exit

• R1(config)#int fa0/0
• R1(config-if)#ipv6 summary-address eigrp 100 172:168:101::/61
• Classic mode = IPV4 , ipv6
o Micro second
• Named mode = ipv4 , Ipv6
o Pico second
o R1(config)# router eigrp ccnp
o R1(config-router)#address-family ipv4 autonomous-system
200
o R1(config-router-af)#exit
o R1(config-router)#address-family ipv6 autonomous-system
200
o R1(config-router-af)#eigrp router-id 1.1.1.1
o R1(config-router-af)#exit

→Ospf V3

• R1 (config)#ipv6 router ospf 10

• R1(config-rtr)#router-id 1.1.1.1
• R1(config-if)#int r fa0/0,l0
• R1(config-if-range)#ipv6 ospf 10 area 1

• R3(config)#router ospfv3 10
• R3(config-router)#router-id 3.3.3.3
• R3(config)#int r fa0/0,l0
• R3(config-if-range)#ospfv3 10 ipv6 area 1
Eigrp (Enhanced Interior Gateway routing Protocol)
• Mode
o Classic mode (32 bit)
o Name Mode (64 bit)
• Metric
o Fixed
▪ Bandwidth
▪ Delay
o Variable
▪ Load
▪ Reliability
• Minimum delay of interface 10 micro second
o 1 gig
o 10 gig
o 20 gig
o 40 gig
o 100 gig
• Bandwidth
o 10^7 / least bandwidth
o 1 gig = 10000000 / 1000000 = 10
o 10 gig = 10^7/10^7 = 1
o 20 gig = 10^7/20*10^6= 1
o 40 gig = 10^7/ 40*10^6=1

• 10 gig =
o (10^7 /least bandwidth + total delay /10 )*256
o (10^7/1 0000000+10/10)*256 = (1+1)*256=512

• Metric use in named mode

o Bandwidth (throughput)
o Load
o delay(Latency)
o Reliability
o Mtu
o Energy jitter (Reserved)
Eigrp state

Classic metric problem

• If link is more than 1 gig metric calculation is same

• You have to use multiple process for IPV4 and IPV6

Named mode use wide metric

• Eigrp named mode use one process for IPV4 and IPV6
• Delay use in picoseconds second in named mode

Configuration
• ROUTER EIGRP CCNA
o Address-family ipv4 unicast autonomous-system 100
▪ Network 12.1.1.1 0.0.0.0
• Address-family ipv6 unicast autonomous-system 100
• Show Eigrp address-family ipv4 neighbors.
• Show Eigrp address-family ipv4 interfaces.
• Show Eigrp address-family ipv4 topology
 • R2(config)#router eigrp ccnp
o R2(config-router)#address-family ipv4 unicast autonomous-system 1
o R2(config-router-af)#default af-interface fastEthernet 0/0
o R2(config-router-af)#af-interface fastEthernet 0/0
o R2(config-router-af-interface)#hello-interval 1
o R2(config-router-af-interface)#hold-time 10
o R2(config-router-af-interface)#passive-interface
o R2(config-router-af-interface)#authentication key-chain R1
o R2(config-router-af-interface)#authentication mode hmac-sha-256 ccna
• (Eigrp formula)*256 *256 = metric 64 bit
•
• Metric 64 bit / RIB scale (by default 128 ) (1 -255)
• Metric rib-scale (1-255)
• Metric version 32 bit

Formula of Named Mode Eigrp

• (10^7/ B.w + delay pico second /10 ^6 )*65536
• How device calculate delay in pico second
o Method 1
▪ Bandwidth <= 1 Gbps
▪ Delay *10^6 = pico sec
o Method 2
▪ Bandwidth >1 Gbps
▪ 10 ^13 / b.w = pico sec
▪ 10 gbps = 10^13/10^7
o Method 3
▪ Manual Delay configured
▪ Delay * 10^6 = pico sec

OSPF (Open Shortest Path First)

 • It is an IGP Protocol.
• Link State Routing Protocols (LSRP)
• Link →
• How many links are their between Routers.
• State →
• How many routers are connected with each link
• In ospf, routes are not advertised routes Infact complete database in the form of link
state advertisements(LSA) are advertised among the complete topology
• Routers calculate their best path themselves.
• OSPF metric = cost = Reference bandwidth /link bandwidth
• Reference Bandwidth (100 mbps)→default
o Ethernet = 100/10 = 10
o Fastethernet = 100/100 = 1
o Gig ethernet = 100/1000 = 1
o Note
▪ Increase reference bandwidth for high speed links
• Maximum path by default = 4 maximum = 16/32
• Hello = 10 sec , hold = 40 sec
• OSPF create a map of complete topology on the basis of “AREAS”
• Area ID = 32 bit = 0 -- 4.3 billion
• Backbone area (area id =0)
• Non backbone area (1-4.3 billion)/Normal Area

Routers identify with in area

o Backbone Routers
o Non backbone Routers/Normal routers
o ABR(area Border Routers)
o ASBR(Autonomous System Boundary Routers)
• Backbone Routers
• Router have All interface in AREA 0
• Non backbone
• Router have All interface in non backbone area
• Complete database is exchanged between routers within area only.
• Area Border routers(ABR)
o This connected to different area together.
 o A router will be ABR only when at least one interface of that is connected to
A0
o ABR will automatically exchanged best routes of one area into another area
without redistribution
o ABR’s will have the complete database of each area they are connected to.
o OSPF work in hierarchical structure(tree)
▪ Root
▪ Stems/Branches
o A0 should be centralized located between all non backbone areas
o There should not be more than one area 0 in ospf domain.
• Algorithm = SPF (Shortest path first ) for best path selection.
• AD=110
• By default auto summary disable
• Classless routing Protocol
• Hop count = unlimited
• Metric = Cost
• ASBR(Autonomous System Boundary Router)
o At least one interface should be in ospf

Neighbour ship
• Area Id should be same
• Subnet and subnet mask should same
• Hello & dead timers should be same
o R1 (config)#int fa0/0
▪ R1(config-if)#ip ospf hello-interval 5
▪ If you will change hello timer , hold will automatically change
• Router id should be unique within area
• Authentication should match (optional)
o Type 0 = null
o Type 1= plain text
o Type 2 = md5
• Ospf network type should match
• OSPF stub flag must match

• Process ID → Locally significant (1-65535)

o You can have same or different process ids on different routers.
 o Never advertises into updates.
• Router-id →to differentiate between routers within an area
o The ospf router ID (RID) is a 32 bit number that uniquely identifies an OSPF
router.
o Should be unique within area of all routers
o Must not be unique among routers of different areas.
• Election of RID
o Manual defined
o Highest loopback Int IP
o Highest physical int ip no matter that int is enabled with ospf or not
• Hello = 10 sec
• Hold = 40 sec
• OSPF tables
o Neighbour table
o Routing table
o Database table
• OSPF message / packets
o Hello
▪ It is used to discover the neighbour
▪ Packets are sent out periodically on all ospf interfaces to discover
new neighbours while ensuring that other adjacent neighbours are
still online.
▪ SIP = Interface IP
▪ DIP = 224.0.0.5
▪ Keep Alive
▪ Content in Hello MSG
• OSPF version = 2
• Msg type = 1
• Packet length = header info.
• ROUTER ID
o A unique 32-Bit ID within an ospf Domain.
• Area id
o The OSPF area that the OSPF interface belongs to. It is
a 32-bit number that can be written in dotted-decimal
format (0.0.1.0) or decimal (256).
• Packet checksum
• Authentication option
 o A field that allows secures communication between
OSPF routers to prevent malicious activity.
o Auth type
▪ Type 0 = null
▪ Type 1= plain text
▪ Type 2 = md5
• Auth data
o password
• Network mask
• Hello
• Hold
• Priority
• Neighbour Router id
• DR router id
• BDR router-id
o DBD(data base description)
▪ These packets are for summarizing database contents.
o LSR (Link state Request
o LSU (Link state Update)
o LSACK(Link state ACK)

OSPF state
o Down
▪ No hello will be sent or received
 ▪ This is the initial state of a neighbour relationship. It indicates that the
router has not received any ospf hello packets.
o Init
▪ Hello is sent.
▪ This state indicates that a hello packet has been received from
another router, but bidirectional communication has not been
established.
▪ Active neighbour ship

o 2-way
▪ Hello is sent and received.
▪ Neighbourship is done.
▪ Bidirectional communication has been established. If a DR or BDR is
needed, the election occurs during this state.
o Exstart
This is the first state in forming an adjacency
Null DBD is exchanged between to verify bidirectional connectivity
for updates.
▪ Routers identify which router will be the master or slave for the LSDB
synchronization.
 ▪ Master/Slaves (Election)
• Highest RID
▪ To decide who will start sending the database first
▪ Once the election will be completed they will move to “ exchange”
state
▪ Seq number
▪ Only master will increase Seq number
▪ MTU size negotiate
▪ Init = 1
▪ More = 1
▪ Master = 1

o Exchange
▪ During the state, routers are exchanging link states by using DBD
packets.
▪ Asking about each other’s database.
▪ LSA header send from master
▪ Then slave will send LSA header in response
▪ But will not have database information in that DBD.
o Loading
▪ Slave will send LSR to ask detail information about LSA Header.
▪ Master will send LSU
▪ Slave will send LSACK
▪ When the database is completely synchronised they will move to full
state and will said to form “adjacency”
▪ Neighbour ship / adjacency -> 40 sec (wait timer )

2 –Way State
• Network type
o BMA (Broadcast Multi Access)
o P2P (Point to point)
 • Number of Neighbour ship = n (n-1)/2 n= Number of router
• To reduce the number of adjacencies, router will elect DR & BDR between the router
o DR(Designated Router)
o BDR(Backup Designated Router)
Election Criteria
o HIGHEST Priority (def=1) = 0 -255
o Highest RID

One broadcast domain can have only one DR and one BDR
o Every DRother will form adjacency with DR and BDR both.
o DR and BDR will form adjacency with each other.
o DRother will never form adjacency with DRother.
• 224.0.0.5 → When ever DR send any update all will received from this multicast add. Every
router of ospf can accept that.
• 224.0.0.6→Only DR and BDR can accept the update.
• Clear IP OSPF PROCESS (Y) → Simultaneously with in msec
o DR (only two router in one BMA) currently
o DR/BDR (when more than two router in BMA)

→No election takes place of DR and BDR on P2p Segment.

Debug ip ospf packets

Debug ip ospf events
Debug ip ospf ajd..

LSA (LINK STATE ADVERTISEMENT)

1) LSA 1(Router LSA) → with in Area
Generated by each router with in an area.
Link State ID
o RID of router generated the LSA
Adv. Router
o RID of Router advertise the LSA
Number of router LSA = Number of router in an area
 Link count
o Broadcast (BMA)= 1 segment = 1 link count
o P2P = 1 Segment = 2 link count
o Per loopback = 1 link count
Stub network
o Don’t have DR and BDR
Transit Network
o Have DR and BDR

2) LSA2 (NETWORK LSA) → with in area

Generated by DR
LSID =DR physical interface IP
Adv. Router= DR RID
Number of DR within AREA = number of broadcast multi Access segment
Number of network LSA = Number of DR
Since in Router LSA, Network subnet mask does not get advertised so in order to advertise the
subnet mask for the transmit links n/w LSA is used.

3) LSA3 (Summary LSA) → Inter Area LSA

o Generated by ABR
o To advertise best routes of one area into another area.
o This is calculated on the basis of cost.
o LSID= network ID of route advertised by ABR
o ADV. Router= ABR RID
o Number of summary LSA= number of routes of another area.
Area 0 should be only one and centralised in a single ospf domain.
Two ABR’s will not accept and forward summary LSA of each other until they both have RLSA of
each other learned trough Area 0

Virtual Link
Virtual link is always considered as P2P
No DR/BDR
No dead Timer
Update sent over virtual link for Area will never get aged out
o Will be sent with a DNA bit to notify neighbour that it will get updates with DNA bit set
periodically
o Authentication is applicable on virtual link.
o
4) LSA 5 (AS-External LSA)
 Generated by ASBR
o when external AS other than ospf are redistributed into OSPF.
o Number of LSA 5 = Number of external routers adv into ospf
o LSID = network id of external routes
o Adv router= ASBR RID
o RID of ASBR does not change throughout ospf domain in LSA 5

5) LSA 4 (Summary – ASBR LSA)

1. Generated by ABR
2. To let other router to know how to reach ASBR
a. LSID = ASBR RID
b. ADV. RID = ABR RID
c. LSA 4 exists in those areas where router LSA of ASBR does not exist.

LSA5 (Metric)
o E1 = External Type 1
o E2 = External Type 2 (Default)
▪ For redistribute routes = Seed metric Value = 20 (Default)
▪ For default route = Metric value = 1 (default)
o E1 = Total path cost
▪ # Redistribute Eigrp 100 subnets metric-type 1
▪ Show ip ospf border-routers
▪ O>OIA>E1>E2 →Route preference ospf
▪ O = Intra Area Route
▪ OIA = Inter Area Route
▪ E1 =
• for redistributed routes = metric value = 20 (def) + forward metric
• For default route = metric value = 1 (def) + forward metric
• Forward metric = metric to reach ABR will be calculated on the basis of
LSA 4.
6) LSA 6 (Group membership)
7) NSSA External LSA

Types of Area in OSPF

1) Standard Area
2) Stub Area
 3) Totally stub Area
4) NSSA Area (Not so stub Area)
5) Totally NSSA Area

Standard Area
• By default all area are standard Area

Stub Area
• To filter LSA5 into stub area.
• Since ABR filtered LSA 5 into stub area, it will automatically filter LSA 4 into stub area.
• ABR will continue to advertise LSA 3 from non-stub area to stub area and vice versa.
• ABR will generate default route towards stub area routers in the form of LSA3.
• Stub is run on both sides’ means ABR and all other router of this area.
• Stub area not allow virtual link
• Stub area is not allowed ASBR router so we can’t configure stub area near ASBR router.
• We can’t make stub to that area which is attached with ASBR because it can’t do
redistribution.
• Area 0 cannot be configured as Stub
• Neighbourship parameter
o Stub flag should be same
o By default = 1 ( when stub is not configured)

• Area 1 stub

Totally stub Area

• Implement only on ABR router.
• ABR not only filters LSA 5 & LSA 4 but also filter LSA 3 but continue to advertise only
default route in the form of LSA 3.
• ABR will continue to advertise LSA3 of stub area into non-stub areas.
• ABR Router will generate default Route Automatically in stub Area
• Area 1 stub no-summary

NSSA Area (Not so stub Area)

 • In NSSA Area ASBR can exist in form of TYPE 7 LSA
• NSSA ASBR type 7 NSSA-External LSA (Area Dependent)
• Network ID , Subnet Mask , Metric default “20” , Route – type N2 (default) and N1
• ABR will translate type 7 into type 5 N2 into E2 .
• Then ABR will be ASBR
• There is no Need of type 4 LSA
• Whenever NSSA ABSR advertise route. It will add interface ip as forwarding address.
• Default route will be manually configured
• Then ASBR will copy and forward
i. Lowest loopback ip
ii. Highest physical interface ip
iii. Area 1 NSSA
iv. Area 1 nssa translate type7 suppress-fa (not to add forwarder address)
v. Area 1 nssa default – information originate.
vi. R1(config-router)#redistribute eigrp 100 subnets metric-type 1

Totally NSSA Area

b. Area 1 nssa no-summary
1) Stub
a. LSA 4 & LSA 5 filter
b. Default route generate automatically in LSA3 by ABR
2) Totally stub
a. LSA 5 & LSA 4 and LSA 3 filter
b. Default route generate automatically in LSA3 by ABR

3) NSSA
a. LSA 5 convert into LSA 7
b. Manually generate default route on ABR
c. Default route generate in LSA 7
4) Totally NSSA
a. LSA 5 & LSA 4 and LSA 3 filter
b. Default route generate automatically in LSA3 by ABR
How to Originate default route in OSPF

• Type 3
o Stub
o Totally Stub
• Type 5
o ASBR
o Default –information originate
o Default –information originate metric-type 1
o Default –information originate metric-type 1 metric 100
o Default –information originate metric-type 1 100 always

Conditional default route advertisement

▪ R1(config)#ip route 0.0.0.0 0.0.0.0 81.0.0.8
▪ IP access-list standard 10
• Permit 172.168.1.0 0.0.0.255
▪ Route-map 10
• Match ip add 10
▪ Router ospf 1
• Default-information originate route-map 10

Summarization in OSPF

• Internal Summarization ( done on ABR)

 o R2(config)#router ospf 1
o R2(config-router)#area 1 range 10.1.0.0 255.255.0.0
o R2(config-router)#exit
• Can be used for path manipulation.
o R4(config-router)#area 1 range 10.1.0.0 255.255.0.0 not-advertise
o R2(config-router)#area 1 range 10.1.0.0 255.255.0.0 cost 100
• External summarization (done on ASBR)
o This command will use to summarize type 5 lsa
o R1(config)#router ospf 1
o R1(config-router)#summary-address 172.168.0.0 255.255.0.0
o R1(config-router)#exit

Filtering

1) Route filtering
a. Distribute-list
i. ACL
1. Standard
a. R5(config)#ip access-list standard 10
b. R5(config-std-nacl)#deny 172.168.0.0 0.0.255.255
c. R5(config-std-nacl)#exit
d. R5(config)#router ospf 1
e. R5(config-router)#distribute-list 10 in
f. R5(config-router)#exit
2. Extended
ii. Prefix-List
iii. Route-map
b. AD value
i. R5(config)#router ospf 1
ii. R5(config-router)#distance ospf external 255
iii. Distance ospf intra-area
c. Summarization
i. Summary-address 50.1.0.0 255.255.0.0 not-advertise
2) Area filter-list
a. LSA 3 filter / Inter Area Route
b. Apply on ABR only
c. Prefix-list
i. R2(config)#ip prefix-list ccnp seq 10 deny 10.1.0.0/22 ge 24 le 32
ii. R2(config)#ip prefix-list ccnp seq 20 permit 0.0.0.0/0 le 32
d. #route ospf 100
e. #area 1 filter-list prefix ccnp out
 3) LSA filtering
a. Types of Area
b. Area Filter-list (LSA 3)
c. Distribute-list on ASBR Router for outgoing direction (LSA 5)
d. Summarization
i. ABR (LSA 3)
ii. ASBR (LSA 5)

Authentication in Ospf
1) Type 0 = Null
2) Type 1 = Plain text
a. R2(config-if)#ip ospf authentication
i. IP ospf authentication-key cisco
3) Type 2 = MD5 authentication
a. ip ospf authentication message-digest
b. ip ospf message-digest-key 1 md5 cisco
c. show ip ospf interface | in line |authentication|key

How to auto-cost reference-bandwidth

o auto-cost reference-bandwidth 1000

OSPF Network Type

1) Broadcast
a. Default network type on ethernet port
b. Hello 10 , hold 40
c. Dynamic Neighbourship will form.
d. DR and BDR elect
e. # IP OSPF Network Broadcast
2) Non-Broadcast
a. Full Mesh Topology
b. Default network on serial Int (Frame-relay)
c. Hello 30 , Dead 120
d. Not support multicast so dynamic Neighbourship will not form
e. Statically Neighbourship will support
 f. DR & BDR will elect
3) Point to Point
4) Point-to-multipoint
a. Hub and Spoke
b. Hello 30 , dead 120
c. Dynamic NBR ship
d. No DR/BDR election
5) Point-to-multipoint Non-Broadcast
a. Hub and Spoke
b. Hello 30 , dead 120
c. No Dynamic NBR ship
d. No DR/BDR election

6) Loopback
a. It will always advertise in /32
7) Virtual Link

OSPFv3
• OPSF v2 (IPV4)
• OSPF V3(IPV6)
• Router OSPFV3 process id ( Address family config)
• IPV6 router ospf process id (IPV6)
• Number of SPF calculation reduce in OSPFV3
• Hello
1 Source IPV6
▪ Int (link local address)
2 Destination IPV6
▪ FF02::5 , FF02::6
3 Cost calculation same
4 Layer 3 protocols and it encapsulate in IPV6
• LSA
1. LSA type 1
a. Router LSA
b. Which Neighbour connected on which link
c. Don’t have information about network
2. LSA type 2
a. Network LSA
b. Don’t have information about network.
3. LSA type 3
 a. Inter Area Prefix LSA
4. LSA type 4
a. Intra Area router LSA
5. LSA Type 5
a. External
6. LSA type 7
a. NSSA External
7. LSA type 8
a. Link LSA
b. It will share Link local address
c. It will be local in link
8. LSA type 9
a. Intra area Prefix LSA
b. If any network add type 9 will generate
c. Have information about network
9. IPv6 router ospf 1
a. Router id 1.1.1.1
10. IPV6 ospf 1 area 1
11. Show pv6 ospf database link adv-router 1.1.1.1
12. Show ipv6 ospf database router adv-router 1.1.1.1
13. Show ipv6 ospf database prefix adv-router 1.1.1.1

Multiple Redistribution
1) When routes are moving from lower Ad to Higher Ad there will be no problem.
a. Eigrp (90) to ospf (110)
b. Ospf (110) to eigrp (170)
2) When router is moving from higher AD to lower ad there will be chance for sub optimal routing.
a. Sub optimal routing
i. When router have shortest path but still router is using longest path is called
sub-optimal routing.
3) How we can prevent with sub-optimal routing
a. Prefix list
i. R6(config)#ip prefix-list abc seq 10 deny 1.1.1.0/24 le 32
ii. R6(config)#ip prefix-list abc seq 20 permit 0.0.0.0/0 le 32
iii. R6(config)#router os 10
iv. R6(config-router)#distribute-list prefix abc in fa1/0
 v. R6(config-router)#exit
vi. R3(config)#ip prefix-list abc seq 10 deny 1.1.1.0/24 le 32
vii. R3(config)#ip prefix-list abc seq 20 permit 0.0.0.0/0 le 32
viii. R3(config)#router ospf 10
ix. R3(config-router)#distribute-list prefix abc in
x. R3(config-router)#exit
b. AD value
i. R3(config)#router ospf 10
ii. R3(config-router)#distance ospf external 121
iii. R3(config-router)#exit
iv. R6(config)#router ospf 10
v. R6(config-router)#distance ospf external 121
vi. R6(config-router)#exit

Policy Based Routing

1) Traffic match
a. Match in ext. acl
2) Policy
a. Route-map
3) Policy
a. Apply in Interface
• R2(config)#ip access-list extended 101
o R2(config-ext-nacl)#permit ip 10.1.1.128 0.0.0.127 192.168.1.0 0.0.0.255
o R2(config-ext-nacl)#exit
• R2(config)#route-map policy
o R2(config-route-map)#match ip address 101
o R2(config-route-map)#set ip next-hop 12.0.0.1
o R2(config-route-map)#exit
• R2(config)#int fa0/0
o R2(config-if)#ip policy route-map policy
o R2(config-if)#exit
• R2#show ip int fa0/0 | section Policy
• R2(config)#ip access-list extended 101
o R2(config-ext-nacl)#permit tcp any any eq 23
o R2(config-ext-nacl)#exit
• R2(config)#route-map policy
o R2(config-route-map)#match ip address 101
o R2(config-route-map)#set ip next-hop 12.0.0.1
o R2(config-route-map)#exit
 • R2(config)#int fa0/0
o R2(config-if)#ip policy route-map policy
o R2(config-if)#exit

URPF (Unicast reverse path forwarding)

1) R1(config)#ip access-list extended 101
2) R1(config-ext-nacl)#permit ip host 10.0.0.130 host 36.0.0.6
3) R1(config-ext-nacl)#exit
4) R1(config)#route-map 101
5) R1(config-route-map)#match ip address 101
6) R1(config-route-map)#set ip next-hop 12.0.0.2
7) R1(config-route-map)#exit
8) R1(config)#ip local policy route-map 101
9) R2(config)#int fa1/1
10) R2(config-if)#ip verify unicast source reachable-via rx
11) R2(config-if)#exit
12) R2(config)#ip access-list standard 10
13) R2(config-std-nacl)#deny 1.1.1.1 0.0.0.0
14) R2(config-std-nacl)#permit any
15) R2(config-std-nacl)#exit
16) R2(config)#router ospf 1
17) R2(config-router)#distribute-list 10 in
18) R2(config-router)#exit
19) R2(config)#ip route 0.0.0.0 0.0.0.0 23.0.0.3
20) R2(config-if)#ip verify unicast source reachable-via any allow-default

PBR + IP SLA (service Level Agreement)

• R1(config)#ip Sla 10
• R1(config-ip-sla)#icmp-echo 12.0.0.2 source-ip 12 .0.0.1
• R1(config-ip-sla-echo)#Frequency <1-604800>
• R1(config)# ip sla schedule 10 start-time now life forever
• #show ip sla statistics
• R1(config)#track 11 ip sla 10 reachability
• Show track
 • R1(config)#route-map Policy
• R1(config-route-map)#set ip next-hop verify-availability 12.0.0.2 100 track 11
• R1(config)#int fa0/0
• R1(config-if)#ip policy route-map policy
• R1(config-if)#exit
• Show ip policy
• R1#show ip int fa0/0 | section policy
• Show route-map Policy
• R3(config)#ip access-list extended 101
• R3(config-ext-nacl)#deny icmp any any
• R3(config-ext-nacl)#permit ip any any
• R3(config-ext-nacl)#exit
• Set interface
• Set ip default next-hop

GRE
• It stands for Generic Routing Encapsulation.
o It is used to build tunnel (Point to point) between two sites.
o It is network layer Protocol
o Its use protocol number is 47.

Configuration NAT
• Delhi_NB(config)#ip route 0.0.0.0 0.0.0.0 s5/0
• Banglore_NB(config)#ip route 0.0.0.0 0.0.0.0 s5/1
• Delhi_NB(config)# int fa0/0
• Delhi_NB(config-if)#ip nat inside
• Delhi_NB(config)#int s5/0
• Delhi_NB(config-if)#ip nat outside
• Delhi_NB(config)#ip access-list standard 10
• Delhi_NB(config-std-nacl)#permit any
• Delhi_NB(config-std-nacl)#exit
• Delhi_NB(config)#ip nat inside source list 10 interface s5/0 overload
• Banglore_NB(config)#int fa0/0
• Banglore_NB(config-if)#ip nat inside
• Banglore_NB(config-if)#exit
 • Banglore_NB(config)#int s5/1
• Banglore_NB(config-if)#ip nat outside
• Banglore_NB(config-if)#exit
• Banglore_NB(config)#ip access-list standard 10
• Banglore_NB(config-std-nacl)#permit any
• Banglore_NB(config-std-nacl)#exit
• Banglore_NB(config)#ip nat inside source list 10 interface s5/1 overload

Configuration of GRE
• Delhi_NB(config)#int tunnel 10
• Delhi_NB(config-if)#ip add 12.0.0.1 255.0.0.0
• Delhi_NB(config-if)#tunnel source 200.20.20.2
• Delhi_NB(config-if)#tunnel destination 201.20.20.4
• Banglore_NB(config)#int tunnel 10
• Banglore_NB(config-if)#ip address 12.0.0.2 255.0.0.0
• Banglore_NB(config-if)#tunnel source serial 5/1
• Banglore_NB(config-if)#tunnel destination 200.20.20.2
• Delhi_NB(config)#ip route 10.1.2.0 255.255.255.0 12.0.0.2
• Banglore_NB(config)#ip route 10.1.1.0 255.255.255.0 12.0.0.1

Gre problem
• Always make P2p network
• Have to configure individual tunnel
• Routing table size increase
• When any spoke add you have configure tunnel for them.
• Spoke to spoke communication possible but through hub
• That why we need DMVPN

DMVPN
• It stand for dynamic multipoint VPN
• In which tunnel will create automatically.
• Multipoint GRE
• NHRP ( Next hop resolution Protocol)
 o NHRP Registration Request
o NHRP Registration Reply
o With the help of NHRP Spoke will register then self on HUB router
• Phase 1
o Spoke = P2P tunnel ( define destination )
o HUB = multipoint tunnel

Configuration
1) R1_H(config)#int fa0/0
2) R1_H(config-if)#ip add 12.0.0.1 255.0.0.0
3) R1_H(config-if)#no sh
4) R1_H(config-if)#exit
5) R1_H(config)#int s4/0
6) R1_H(config-if)#ip add 192.168.1.1 255.255.255.0
7) R1_H(config-if)#no sh
8) R1_H(config-if)#exit
9) R7_Server(config)#
10) R7_Server(config)#int s4/0
11) R7_Server(config-if)#ip add 192.168.1.10 255.255.255.0
12) R7_Server(config-if)#no sh
13) R7_Server(config-if)#exit
14) R7_Server(config)#no ip routing
15) R7_Server(config)#ip default-gateway 192.168.1.1
16) R7_Server(config)#do wr
17) R3_S1(config)#int fa1/0
18) R3_S1(config-if)#ip add 24.0.0.2 255.0.0.0
19) R3_S1(config-if)#no sh
20) R3_S1(config)#int fa0/0
21) R3_S1(config-if)#ip add 192.168.2.1 255.255.255.0
22) R3_S1(config-if)#no sh
23) R4_S2(config)#
24) R4_S2(config)#int fa1/1
25) R4_S2(config-if)#ip add 34.0.0.3 255.0.0.0
26) R4_S2(config-if)#no sh
27) R4_S2(config-if)#exit
28) R4_S2(config)#int fa0/0
29) R4_S2(config-if)#ip add 192.168.3.1 255.255.255.0
30) R4_S2(config-if)#no sh
31) R4_S2(config-if)#exit
32) R5_USer1(config)#int fa0/0
33) R5_USer1(config-if)#ip add 192.168.2.10 255.255.255.0
34) R5_USer1(config-if)#no sh
35) R5_USer1(config-if)#exit
36) R5_USer1(config)#no ip routing
37) R5_USer1(config)#ip default-gateway 192.168.2.1
38) USer2_R6(config)#
39) USer2_R6(config)#int fa0/0
40) USer2_R6(config-if)#ip add 192.168.3.10 255.255.255.0
41) USer2_R6(config-if)#no sh
42) USer2_R6(config-if)#no ip routing
43) USer2_R6(config)#
44) USer2_R6 (config)#ip default-gateway 192.168.3.1
45) R2_ISP(config)#int fa0/0
46) R2_ISP(config-if)#ip add 12.0.0.2 255.0.0.0
47) R2_ISP(config-if)#no sh
48) R2_ISP(config-if)#int fa1/0
49) R2_ISP(config-if)#ip add 24.0.0.4 255.0.0.0
50) R2_ISP(config-if)#no sh
51) R2_ISP(config-if)#exit
52) R2_ISP(config-if)#int fa1/1
53) R2_ISP(config-if)#ip add 34.0.0.4 255.0.0.0
54) R2_ISP(config-if)#no sh

• R1_H(config)#ip route 0.0.0.0 0.0.0.0 12.0.0.2

• R3_S1(config)#ip route 0.0.0.0 0.0.0.0 24.0.0.4
• R4_S2(config)#ip route 0.0.0.0 0.0.0.0 34.0.0.4
• R1_H(config)#int tunnel 1
• R1_H(config-if)#ip address 172.168.1.1 255.255.255.0
• R1_H(config-if)#tunnel source fastEthernet 0/0
• R1_H(config-if)#tunnel mode gre multipoint
• R1_H(config-if)#ip nhrp network-id 123
• R1_H(config-if)#ip nhrp authentication cisco
• sh ip nhrp
• R3_S1(config)#int tunnel 1
• R3_S1(config-if)#ip address 172.168.1.2 255.255.255.0
• R3_S1(config-if)#tunnel source fastEthernet 1/0
• R3_S1(config-if)#tunnel destination 12.0.0.1
• R3_S1(config-if)#ip nhrp network-id 123
• R3_S1(config-if)#ip nhrp authentication cisco
• R3_S1(config-if)#ip nhrp map 172.16.1.1 12.0.0.1
• R3_S1(config-if)#ip nhrp nhs 172.168.1.1
 • R3_S1(config-if)#exit
• R4_S2(config)#int tunnel 1
• R4_S2(config-if)#ip address 172.168.1.3 255.255.255.0
• R4_S2(config-if)#tunnel source fastEthernet 1/1
• R4_S2(config-if)#tunnel destination 12.0.0.1
• R4_S2(config-if)#ip nhrp nhs 172.168.1.1
• R4_S2(config-if)#ip nhrp map 172.16.1.1 12.0.0.1
• R4_S2(config-if)#ip nhrp authentication cisco
• R4_S2(config-if)#ip nhrp network-id 123
• R4_S2(config-if)#
• R1_H(config)#router eigrp 100
• R1_H(config-router)#network 172.168.0.0
• R1_H(config-router)#network 192.168.1.0
• R1_H(config-router)#exit
• R3_S1(config)#router eigrp 100
• R3_S1(config-router)#network 172.168.0.0
• R3_S1(config-router)#network 192.168.2.0
• R3_S1(config-router)#exit
• R4_S2(config)#router eigrp 100
• R4_S2(config-router)#network 172.168.0.0
• R4_S2(config-router)#network 192.168.3.0
• R4_S2(config-router)#exit
• R1_H(config)#int tunnel 1
• R1_H(config-if)#ip nhrp map multicast dynamic
• R1_H(config)#int tunnel 1
• R1_H(config-if)#no ip split-horizon eigrp 100
• R1_H(config-if)#exit

IP sec (IP security)

• IP sec is a set of rules
• It’s a combination of multiple Protocol
• It is use to encrypt the data over VPN
• It will generate key and exchange
• With the help of key router can encrypt and decrypt the data

IKE
• It stand for Internet key exchange
 • This protocol is used to generate key in IP sec
• This also defines the frame work how key will exchange.
• Ike don’t have transport mechanism

ISAKMP
• It stand for Internet security association key management Protocol
• It is layer 7 protocol , UDP based , port number is 500 , 4500 (Nat-t)
• It is used for transport key
• It is divided into two phase
• Phase are define by ISAKMP
• Modes is define by IKE
• Modes are three
o Main mode
o Aggressive mode
o Quick mode
• Phase 1
o This phase is used to make a secure path for phase 2 and authenticate the peer.
o Main mode ( 6 packet) Gre , DMVPN , site to site vpn
o Aggressive mode (3 packet) remote VPN , any connect vpn
• Phase 2
o This is used to encrypt the data
o Quick mode ( 3 packet)
• Phase 1
o Main Mode
▪ 6 packet
• 1 pair is known as ISAKMP Security Association
• HAGLE
• H= hashing ( mD5 , HMAC-SHA)
• A= Authentication ( pre-share , certificate)
• G = group ( define the size of key in bit )
• L = lifetime ( by default 24 hours)
• E = Encryption ( Des , 3-des , AES)
• Secure Key exchange :- Deffi Hellman algorithm
o Symmetric key
▪ Same key for data encryption and decryption
o Asymmetric Key
▪ One use for data encryption and other use data decryption.
o Generate the key
o After that it will check authentication
 • Authentication
o Encrypted
o Both router will authentication by 5th and 6th packet
• Phase 2
o Quick mode ( 3packet )
1) Encryption
a. (Des , 3 Des)
2) Hash algorithm
a. (Md5 , SHA, AES)
3) Encapsulation ( for key exchange which protocol we use for user data)
a. AH (Authentication Header) , ESP ( encapsulation Protocol)
4) Mode
a. Tunnel
i. L7 – l3
ii. Remote VPN
b. Transport
i. L7 – l4
ii. Site- to – site VPN
• SPI
o Outbound ( encrypt the data)
o Inbound ( decrypt the data)

Configuration
o Delhi_NB(config)#crypto isakmp policy 10
o Delhi_NB(config-isakmp)#hash md5
o Delhi_NB(config-isakmp)#group 2
o Delhi_NB(config-isakmp)#encryption aes
o Delhi_NB(config-isakmp)#authentication pre-share
o Delhi_NB(config-isakmp)#exit
o Delhi_NB(config)#crypto isakmp key cisco address 0.0.0.0

• Delhi_NB(config)#crypto ipsec transform-set SET esp-aes esp-md5-hmac

• Delhi_NB(cfg-crypto-trans)#mode transport
• Delhi_NB(cfg-crypto-trans)#exit
• Delhi_NB (config)#crypto ipsec profile VPN
• Delhi_NB (ipsec-profile)#set transform-set SET
 • Delhi_NB (ipsec-profile)#exit
• Delhi_NB(config)#interface tunnel 10
• Delhi_NB(config-if)#sh
• Delhi_NB(config-if)#tunnel protection ipsec profile VPN

MPLS (Multiprotocol Label switching)

• It is a private VPN which is used to share network information b/w the branches.
• It also provide BGP free core.
• MPLS is forwarding data on the basis of label.
• MPLS can provide traffic Engineer
• It can also Provide QOS
• TDP (tag distribution Protocol) it is cisco pro. (obsolete)

LDP
• Label distribution Protocol
• It is open standard
• It is used to exchange label between MPLS router
• Port number 646
• It use TCP & UDP both
• Multicast address 224.0.0.2
• Hello is udp based
• Hello 5 sec and Hold 15 sec
• They will negotiate for Neighbourship and after Neighbourship form they will share label and
that time it will use TCP for reliability purpose.
• They will do 3-way handshake for reliability purpose.
• It will exchange its own local label
• Remote label
MPLS have two table
o LIB ( Label Information Base)
o LFIB ( Label Forwarding Information Base)
▪ LIB = Local
▪ RIB ( forwarding table)
▪ LDP neighbour table

MPLS Header
o Header size is 32 bit
o Label is 20 bit.
▪ 1,048,576
▪ Few labels are reserved (0-15)
▪ Show mpls label range
▪ Mpls label range <value>
▪ 3 – Implicit label
• PHP ( Penultimate Hop Popping)
o By default a router will always advertise label value 3 for its
directly connected subnet to it neighbour
o It means I am telling my neighbour when u have to forward
traffic to me for that network u have to send it unlabeled , so
that I don’t have to do two lookups
o Show mpls ldp bindings
▪ 0 – Explicit label
• If you are using qos data.
o 3 bit experimental
▪ This is use for class of service , QOS
o 1 bit bottom of stack bit
▪ Whenever we have multiple label
▪ MPLs L-3 vpn
o 8 bit TTL
• Add
o Router will add label
• Swap
 o Replace the label
• POP
o Remove the label

• Ingress
o Who will add the label
• Intermediate
o Swap the label
• Egress
o Pop the label

Configuration of Mpls
• R2(config)#int fa0/0
• R2(config-if)#mpls ip
• R2(config)#router ospf 10
• R2(config-router)#mpls ldp autoconfig
• R2#sh mpls interfaces
• R4#sh mpls ldp neighbour
• R2(config)#mpls ldp router-id lo1
• R2(config)#mpls ldp router-id lo1 force
• R1(config)#int fa0/0
• R1(config-if)#mpls ldp discovery transport address interface
• R1#sh mpls forwarding-table
• R1#sh mpls ldp bindings (first check )
• R1#sh mpls ldp bindings 4.4.4.4 255.255.255.255
• R1#sh ip route 4.4.4.4 255.255.255.255 ( second check)
• sh mpls ldp neighbor
•
• R1( config)#Mpls ldp neighbour 2.2.2.2 password cisco123
• R2( config)#Mpls ldp neighbour 1.1.1.1 password cisco123
I
BGP (Border Gateway Protocols)
1) It stands for Border gateway protocol.
2) It is an EGP Protocol.
3) It is used to provide inter – AS communication.
4) It is a path vector routing Protocol.
a. It means bgp us path attribute for best path selection.
5) Flexibility
a. For loud balancing in BGP or for path manipulation there is multiple path attributes in
BGP.
6) It is a highly scalable routing Protocol.
a. BGP can handle lakh’s of route in table.
b. Because BGP algorithm is more powerful than IGP.
c. IGP routing protocol algorithm is not able to handle lakh’s of route.
7) It is a completely reliable Routing Protocol
a. Work on TCP
8) It uses TCP Port number 179.
a. Completely reliable routing protocol.
9) It work on layer 7.
10) It is a class less routing protocol.
11) By default auto summary is disabled.
12) It supports Manual Summarization.
13) By default maximum path 1.
14) Administrative Distance = 20 (EBGP) and 200 (IBGP)
15) AS number 2 byte and 4 byte
a. 2 byte = 16 bit = 0 to 65535
b. 4 byte = 0:0 – 65535:65535
16) Public A.S = 1 to 64511, Private AS = 65412 to 65534.
17) BGP doesn’t support dynamic Neighbourship discovery.
18) It support only md5 authentication
19) It support static Neighbourship
20) BGP sends all type of packets as unicast
21) We can’t configure more than one AS on a single router
22) BGP convergence is slow as compare to IGP.
Why we use BGP

1) IGP’s were developed for to handling up to 1000 of routes inside their routing table. Therefore
can’t be implementing in very large networks.
2) BGP can contain lakh’s of routes inside their BGP table or routing table.
3) We never use default route in ISP router to other ISP Router.
4) In IGP’s if any link (PREFIX) goes down then it affects to complete routing structure (topology).
But in BGP, it not affects other routers BGP table.
5) When we are service provider or network size is very large.
6) When we have multiple connections for internet or multiple service provider.

BGP session types

1) Internal BGP
a. When you are forming Neighbourship b/w same AS.
b. AD is 200 for IBGP
c. TTL is 255
2) External BGP
a. When you are forming Neighbourship b/w different AS.
b. AD is 20
c. TTL is 1
i. Network should be directly connected.

Type of customer

1. Single homed Customer

a. Single internet connection from ISP
b. We will never configure BGP in single homed customers
c. We configure static default route in the direction of ISP and natting also
2. Dual homed Customer
a. Two internet connection from same ISP.
b. If we configure default route on both connection than it will not perform load balancing
to utilize both of connection we use BGP in dual homed customer.
3. Single multi-homed customer
a. In this we must have two ISP and customer must have at least one connection from
each ISP.
b. We can’t configure default route so we to configure BGP.
4. Dual multi- homed Customer
a. In this we must have at least two ISP and two links from each ISP.
BGP Neighbourship state

• BGP forms a TCP session with neighbor routers called peers. BGP uses the finite-state
machine (FSM) to maintain a table of all BGP peers and their operational status. The
BGP session may report the following states:
1) Idle
1. We don’t have path to reach neighbor
2. No route to neighbor
3. Neighbour shutdown
4. Waiting for start-3way handshake.
2) Connect
1. In this state router try to make 3 way handshake.
2. Try to form TCP connection, but won’t be confirmed.
3) Active
1. TCP connection not completed, retrying to form tcp connection.
4) Open sent
1. These routers will exchange open message with each other and check
parameter to establish Neighbourship.
2. TCP connection completed and sent open msg.
5) Open confirm
1. Exchanged open msg, parameter agreed, send keepalive after 60 sec.

6) Established
1. Peering completed, update is exchanged.

Type of MSG in BGP

• There are four types of msg in BGP, each type of BGP packet will travel over tcp. It is not
possible to transmit it any single msg of BGP without forming TCP Connection.

1) Open Msg
a. Open msg send only once when Neighbourship comes up. Than after BGP will not send
any open msg.
b. Open msg will be used by BGP to exchange initial configuration between two BGP peers
which is require to form BGP Neighbourship.
Content of open msg
1) Marker
2) Length
3) Type : Open Message (1)
4) Version = 4
5) BGP identifier = Router-id
6) My AS
7) Hold down timer (180 sec)
a. There are three type of table in BGP
i. Neighbour table
ii. BGP table
iii. Routing table

2) Keep-alive
a. After exchanging open msg successfully between routers. Router will start to send keep-
alive msgs periodically after every 60 sec just to inform its neighbor that I’m still awake.
b. If any router doesn’t receiver keep alive msg from its neighbor within 180 sec (hold
down time)
i. Type code 4
3) Update msg
a. Type = 2
b. Update packets will be responsible to carry routes information. Update packet having
some components
c. Path Attributes: some criteria used by selection of best path.
d. Prefix info/NLRI: Network layer reachability information.
e. Withdrawn routes: The prefix that goes down.
f. EBGP Update timer is 30 sec
g. IBGP Update timer is 5 sec

Note: if any router have multiple prefixes and all prefix attributes same than router will generate a single
update msg.

4) Notification
a. If peering goes down than it will notification msg and it will contain the cause of
problem.
Next hop Rule in EBGP
• Whenever in EBGP router share prefix with neighbor router it will change next hop address.

Next hop Rule in IBGP

• Whenever in IBGP router share prefix with neighbor router it will not change next hop address.

Loop Avoidance Mechanism in IBGP

• Whenever any IBGP router receives any prefix from IBGP router it will not share with another
IBGP router.

Loop Avoidance Mechanism in EBGP

• Whenever IBGP router share prefix it will not add AS number, but EBGP router will add as
number whenever it will share prefix.
• Whenever any EBGP router receive any update prefix , in that prefix router it get his own AS
number so it will discard that update

➢ router bgp 200

➢ neighbor 12.1.1.1 remote-as 100
➢ neighbor 23.1.1.3 remote-as 200
➢ neighbor 23.1.1.3 next-hop-self ( work only on edge router)

Route Reflector
1) Server
a. By default server
2) Client
3) Non-client
a. Side router
• Non-client → Server →Non-client
• Client →Server→Non-client
• Client →Server →Client
• Non-C→Server→Client
• R3(config-router)#neighbor 23.1.1.2 route-reflector-client

• R4(config)#route-map ccnp permit

• R4(config-route-map)#set ip next-hop 34.1.1.3
• R4(config-route-map)#exit

• R4(config)#router bgp 200

• R4(config-router)#neighbor 34.1.1.3 route-map ccnp in

• R4(config)#router bgp 200

• R4(config-router)#neighbor 34.1.1.3 route-reflector-client
• R4(config-router)#exit

• R4(config)#route-map ccnp1 permit

• R4(config-route-map)#set ip next-hop 45.1.1.4
• R4(config-route-map)#exit

• R4(config)#router bgp 200

• R4(config-router)#neighbor 45.1.1.5 route-map ccnp1 out
• R4(config-router)#exit

• R3(config)#route-map ccna permit

• R3(config-route-map)#set ip next-hop 34.1.1.4
• R3(config-route-map)#exit

• R3(config)#router bgp 200

• R3(config-router)#neighbor 34.1.1.4 route-map ccna in
 • R2(config)#route-map ccna permit
• R2(config-route-map)#set ip next-hop 23.1.1.3
• R2(config-route-map)#exit

• R2(config)#router bgp 200

• R2(config-router)#neighbor 23.1.1.3 route-map ccna in.
• R2(config-router)#exit

Indirect Neighbourship b/w IBGP

o Static route
o IGP protocols
o R1(config-router)#neighbor 2.2.2.2 update-source loopback 1
o R2(config-router)#neighbor 1.1.1.1. update-source loopback 1
o R1(config)#ip route 2.2.2.2 255.255.255.255 12.1.1.2
o R2(config)#ip route 1.1.1.1 255.255.255.255 12.1.1.1

Indirect Neighbourship b/w EBGP

• R2(config)#router bgp 200

• R2(config-router)#neighbor 1.1.1.1 remote-as 100
• R2(config-router)#neighbor 1.1.1.1 update-source loopback 1
• R2(config-router)#neighbor 1.1.1.1 disable-connected-check
• R1(config)#router bgp 100
• R1(config-router)#neighbor 2.2.2.2 remote-as 200
• R1(config-router)#neighbor 2.2.2.2 update-source loopback 1
• R1(config-router)#neighbor 2.2.2.2 disable-connected-check
• R1(config-router)#neighbor 4.4.4.4 next-hop-self
• R1(config-router)#neighbor 3.3.3.3 ebgp-multihop 2
• R6(config-router)#neighbor 46.1.1.4 allowas-in
• R5(config-router)#neighbor 15.1.1.1 allowas-in
• R1(config-router)#synchronization
Path Attribute

1) Well known Mandatory

a. BGP will always carry these attributes with bgp update automatically.

2) Well know discrationary.

a. Sometimes bgp will carry these attribute with bgp update, sometime
it’s not. It depends on nbr, its.IBGP nbr or EBGP nbr.

3) Optional transitive

a. If any bgp neighbour receive any update with optional transitive

attribute and that router don’t support that attribute in that case it will
not drop update, it will accept that update and also will forward it to
another neighbour after removing that attribute.

4) Optional non-transitive

a. If any bgp neighbour receive any update with optional non-transitive

attribute and that router don’t support that attribute in that case it will
discard that incoming update.
How BGP define Best Path

1) Next-hop:
a. If in an ibgp or ebgp update next hop is not reachable then that
particular update is not considered as best.
2) weight:
a. it is Cisco proprietary and also it has local significance,
b. bgp will not carry weight information with bgp update
c. for self advertised prefixes it is by default 32768
d. for all received prefixes by default it is 0
e. Higher weight will always prefer.
i. Path manipulation
1. Locally significant
2. Can only be applied in IN direction
3. Weight never advertise into bgp update
4. R1(config-router)#neighbor 13.1.1.3 weight 1
5. <0-65535> default weight
3) Local preference
a. Advertise from ibgp to ibgp.
b. Bgp will always include local preference attribute in its outgoing bgp
update but only for ibgp neighbour.
c. By default local preference is 100 for internal prefixes.
d. Do not advertise in ebgp to ebgp router.
e. Local pref. will be blank.
f. Higher will always preferred.
g. If any router receive prefixes from ebgp nbr (0), and from IBGP nbr
(100) in that case local preference will never compared.
4) Self Advertised
a. self advertised prefix will be preferred
b. If router receiving same prefix from different nbr than it will not
compare self advertised.
5) AS Path
a. Loop avoidance
b. Best path calculation
i. Least number of as-path in an update is preferable
ii. Can apply in IN and OUT direction.
c. router will define that path as best which is providing destination
network after crossing less number of AS
d. AS-path list can have maximum 64AS’s.
6) Origin code
a. i = if we are advertising route in bgp with network command.
b. E= if any route advertised in EGP
c. ? = if we redistributed anything in BGP by default origin code will be
'?'
d. i>E>?

7) MED (metric) (multi exit discriminator)

a. by default med is 0, lower will always be preferred

b. If we redistribute any routing protocol into bgp, their metric will go
along with bgp update in the form of med.
c. Med received from ibgp router will not be adv. To ebgp router.
d. Med of ebgp router will be adv. To ebgp router
e. Lowest med is preferable

8) external>internal

a. If any prefix coming from two different nbr’s one is ebgp (20) and
one is ibgp (200) than it will preferred external first.

9) IGP cost to reach next-hop

a. If igp configured background of bgp then bgp can use igp cost to
reach next-hop address.
b. lower cost will be preferred

10) oldest path (for ebgp neighbor only)

a. If router receiving same prefix coming from two different EBGP
neighbour than oldest path always be preferred.
11) router-id of neighbor
a. lower will always preferred
b. if router receiving same prefix coming from two different IBGP nbr
than lower router-id of neighbor will always be preffered
12) lower neighbor address
a. if router receiving same prefix coming from two nbr which router id is
has same than lower ip address will be preffered
 • Note: BGP support equal cost load-balancing but up to igp cost to reach next
hope attribute must be same.

VRF (virtual Routing and Forwarding)

• R1(config)#ip vrf site-A
• R1(config-vrf)#RD 1:1 (64 bit)
• R1(config)#ip vrf site-B
• R1(config-vrf)#RD 2:2
• R1(config-vrf)#exit
• do sh ip ro vrf site-B
• do sh ip ro vrf site-A
• R1(config)#interface fa1/1
• R1(config-if)#ip vrf forwarding site-A
• R1(config-if)#ip address 13.1.1.1 255.255.255.0
• do sh ip vrf site-A
• R1(config)#int fa2/0
• R1(config-if)#ip vrf forwarding site-B
• R1(config-if)#ip add 14.1.1.1 255.255.255.0
• R1(config-if)#exit
• R1(config)#router eigrp 1
• R1(config-router)#address-family ipv4 vrf site-A autonomous-system 1
• R1(config-router-af)#network 12.1.1.0 0.0.0.255
• R1(config-router-af)#network 13.1.1.0 0.255.255.255
• R1(config-router-af)#exit
• R4(config)#router ospfv3 1
• R4(config)#int fa0/0
• R4(config)#ipv6 enable
• R4(config-if)#ospfv3 1 ipv4 area 1
• R4(config-if)#ipv6 enable
• R4(config-if)#ospfv3 1 ipv4 area 1
• R4(config-if)#exit
QOS (Quality of service)
1) IP header
• (TOS) Type of services
o This field is used for prioritising the traffic. It is replaced by DSCP (Differentiated
Services Code Point) with additional features.
o 1 byte= 8 bit
o 3 bits are for TOS
o 2^3 = 8 value in which 4 values are reserved, we can use another 4 value
o To define the priority
o In first value (cso)default
o 00000000
▪ First 3 bit for IP precedence
▪ Last 5 bits are unused in TOS

CS0 IPP0 000 Routine (by default)

CS1 IPP1 001 Priority
CS2 IPP2 010 Immediate
CS3 IPP3 011 Flash
CS4 IPP4 100 Flash override
CS5 IPP5 101 Critical (by default for
voice)
CS6 IPP6 110 Inter n/w access L3
CS7 IPP7 111 Intra n/w access L2

In case of DSCP
o 000 (cs)class selector 000(Drop probability) 00(ECN)

2) Assured forwarding
a. These values are used to increase number of queues. These AF values are combination
of c s value & drop probability
b. IT defines four classes of queuing purpose and three levels of drop probability for each
queue.
c. AF value
i. Syntax = AFxy
1. X= CS value
2. Y=Drop probability
3) Expedited Forwarding
a. EF is always preferred over all AF value
b. The DSCP value of EF with decimal value 56, binary 1011100.
4) Ethernet Header
They can only marked if dot1q and ISL header is present it means only on trunk port
First 3 bit COS in dot1q header are called user priority bits .
5) Wan marking
a. MPLS
b. Tunnel
Which model is used to implement qos in network
o Best effort delivery
o Integrated server model
▪ RSVP ( resource reservation protocol)
R2(config)#ip access-list extended 101
R2(config-ext-nacl)#permit tcp host 1.1.1.1 host 4.4.4.4 eq 22
R2(config-ext-nacl)#exit

R2(config)#class-map ssh
R2(config-cmap)#match access-group 101
R2(config-cmap)#exit

R2(config)#policy-map ccnq
R2(config-pmap)#class ssh
R2(config-pmap-c)#set ip precedence 3
R2(config-pmap)#class HTTP
R2(config-pmap-c)#set dscp ef
R2(config-pmap-c)#exit

R2(config)#int fa1/0
R2(config-if)#service-policy output ccnq
R2(config-if)#exit
ip ssh source-interface lo1
Multicasting
• Multicast
o One too many
o In which one device is sending data and a specific group of device receive the data
o Class D = 224.0.0.0 – 239.255.255.255
o 01-00-5E-00-00-00
o A multicast ip address cannot be used a source of an ip packet.

PIM (protocol independent multicast)

• It is layer 3 protocol.
• It use 224.0.0.13 multicast address.
• It use protocol number 103
• Time hello 30 sec
• It will help to forward multicast traffic b/w router
• Dense mode
o The multicast traffic is needed to forward in the entire network. It means the multicast
traffic should be delivered to all routers present in the network.
• Sparse mode
o We don’t forward multicast traffic on any interface until a downstream
router requests us to forward it.
o (Rendezvous Point)

IGMP (Internet Group management protocol)

• It help users to join multicast group

• It is layer 3 protocol and use protocol number 2.
• It use multicast address
o Query = 224.0.0.1 ( to all users)
o Join msg (report) = 224.0.0.2 ( to all routers connected in the LAN network)
▪ Router will start sending IGMP membership query msg
▪ This msg is periodic
▪ In every 60 sec
▪ Client will send IGMP join msg
• IGMP snooping
o The switch will start inspecting IGMP join msg
o IGMP snooping can be enabled on a switch to make it aware multicast traffic
o By default IGMP snooping is disable
 • IGMP leave msg for leaving multicast group

Configuration
• R1(config)#ip multicast-routing
• R1(config)#int range fa0/0 , fa1/0
• R1(config-if-range)#ip pim dense-mode
• R1(config-if-range)#exit
• R2(config)#int range fa0/0 , fa1/0
• R2(config-if-range)#ip pim dense-mode
• R2(config-if-range)#exit
• R1#sh ip mroute
• R2(config)#do sh ip pim neighbour
• R1(config)#int fa0/0
• R1(config-if)#ip igmp version 1
• R1(config-if)#exit
• R4(config)#int fa0/0
• R4(config-if)#ip igmp join-group 234.1.1.1

NTP
1) NTP is stands for Network Time Protocol
2) It is a UDP Based Protocol
3) It use port number 123
4) It use transport IP base
5) It is use to synchronies time among all device
6) It works on server-client model
7) In which client sent request to server and ask for time and server reply time.
8) Stratum
a. 1 to 15
b. Only 15 hops you will
c. Small number is preferred.
9) Why we need NTP server?
a. In real time scenario we have many devices so it’s not possible to sync time/
configure time on every device that scenario we need NTP server.
10) How NTP servers work?
 a. It works on the basis stratum preference value. An ntp client can be configured with
multiple NTP servers. The device will use only the NTP server with the lowest
stratum value.
11) What is poling Interval?
a. After 64 sec client again synchronies time with server is known as Poling Interval.
12) What is root dispersion?
a. That is the calculated error of the actual clock attached to the atomic clock.
13) What is NTP peer?
a. NTP peer mode is intended for configuration where a group of devices operate as
mutual backups of each other. IF one of the devices loses a reference source , the
time values can flow from the surviving peers to all the others
14) How time authorizes and server?
a. Server send digest in NTP server
b. Client have to verify digest
i. Digest = md5 + key
15) Sh clock
16) Sh ntp status
17) Ntp master 3
18) Sh ntp associations
19) Ntp server 1.1.1.1
20) Clock set
21) Ntp authenticate
22) Ntp authenticate –key 1 md5 cisco
23) Ntp trusted-key 1
24) Ntp server 12.1.1.1 key 1

SNMP
1) It stands for Simple network management Protocol
2) It is a udp based protocol
3) Use port number 161 , 162
4) Snmp is server which is used to monitor the network devices.
a. Network health , interface , cpu , memory , logs , interface
5) For snmp we can use an application that can run on any end system.
6) Network manager system (NMS)
a. This is a SNMP server who collect information from agent
b. It is a centralized device.
7) SNMP Agent
a. That device which send information to snmp server.
i. Router , switch , firewall
8) MIB
 a. It stands for Management information base.
b. Its collected data which have multiple information
c. Each variable is used a number that help to understand object identifier
9) SNMP version 1
a. Get request
i. Whenever server is sending request to get some variable to agent.
ii. Port number 161 used by server and client is used 162
b. Get response
i. Client is sending response.
c. Set request
i. Server want to configure something on agent (hostname , vtp )
10) SNMP version 1
a. Variable counter is 32 bits.
b. Traps will have limited information
c. Snmp informs are not supported.
d. No authentication
e. Only traps (traps are encrypted)
11) SNMP version 2
a. No authentication
b. Informs are supported
c. variable counter is 64 bits
d. Traps and informs are encrypted.

12) SNMP TRAP

a. Is used by server to send information to client and no need ack.
13) SNMP Inform
i. In this case if agent is sending information to server and server have to send ack
for same.
14) Get Bulk request
i. In which server can request to agent for bulk information
15) Match traffic : ACL
16) Community : kind of string
17) Read only , Read write
Configuration
• R1(config)#snmp-server host 10.0.0.2 cisco
• R1(config)#snmp-server community cisco rw
• R1(config)#snmp-server enable traps
• R2(config)#snmp-server host 10.0.0.2 informs version 2c cisco

Syslog
• Log message
o Those logs generate by a device
o It is udp based protocol use port number 512
o Interface , line protocol …etc
o By default log message are enable on console mode
o At remote access ( telnet/ssh) log are disable)
1) Time stamp
a. Date and Time
b. It’s time to define at which there was changed on device.
2) Facility (%)
a. Which type of change ( interface )
3) Severity level
a. 0 to 7
 4) Mnemonic
a. What happened in a facility
5) Message string
a. It’s a complete message of the log

• R1#show logging
• How to store log message
o Store on device
▪ 4096 bytes
▪ We can increase this size.
▪ It can use more memory on device
o Remote device
• Logging console
• No logging console
o This command will disable log in device.
• No service timestamps
• Service sequence –number
o To add sequence with log
• Service timestamps log
• Sh logging history
 • Logging buffered 7
• Logging buffered 8192*
• Logging console 7
• Logging host
• Logging trap 7

COPP (Control Plane Policy)

• It is used to protect a device’s route processor (RP) for unnecessary traffic.

• This policy is used to protect CPU of device (Router, Switch).
• It protect from Dos ( Denial of service) Condition.
• Control plane data Policy is applied on device, in which control plane data is allowed and all
another type of data is denied.

There are three type of plane

1) DATA Plane
a. Also known as user plane
b. Traffic transiting the router
2) Control Plane
a. Traffic initiated by the router
b. Traffic destined to the router
3) Management Plane
a. Management configuration and monitoring
b. telnet , ssh , tftp

• COPP is used for control plane traffic (policing)

o Control plane considered as a separate entity, with its own ingress and egress port.
o Allows for traffic filtering and rate limiting through modular Qos cli (MQC).
o MQC concepts- class maps, policy maps, and service policies.
• copp used
o class map
▪ Classify network traffic based on layer 3, 4 and 7 information.
o policy map
▪ Define a series of action to be taken against traffic matching a class map.
o service policies
▪ Specify where a policy map should be implemented.
Configuration
• R1(config)#ip access-list extended ICMP
o R1(config-ext-nacl)#permit icmp any any
o R1(config-ext-nacl)#exit
• R1(config)#class-map ICMP
o R1(config-cmap)#match access-group name ICMP
o R1(config-cmap)#exit
• R1(config)#policy-map PMAP
o R1(config-pmap)#class ICMP
▪ (config-pmap-c)#police 8000 conform-action transmit exceed-action drop
▪ R1(config-pmap-c-police)#exit
• R1(config)#control-plane
o R1(config-cp)#service-policy input PMAP
• R1#sh policy-map control-plane