BGP LAB DAY 6

 

 

Task:- Understanding BGP Synchronization Rule

Dont use or advertise the routes to eBGP learned by iBGP neighbor unless and until
same are learned via other IGP .

By default BGP Synchronization Rule is not enabled.

R3 have eBGP neighbor as R1 and iBGP neighbor as R4

!!On R4 lets create an loopback and advertise to R3 via iBGP
and then check on R3 and R4 what is happening !!

Remember one thing we wont advertise the same network via any IGP

R4(config)#int loopback 400
R4(config-if)#ip address 140.0.0.1 255.255.255.0

R4(config)#router bgp 300
R4(config-router)#network 140.0.0.0 mask 255.255.255.0

R4#sh ip bgp 140.0.0.0
BGP routing table entry for 140.0.0.0/24, version 39
Paths: (1 available, best #1, table default)
  Advertised to update-groups:
     2          4
  Refresh Epoch 1
  Local
    0.0.0.0 from 0.0.0.0 (40.1.4.1)
      Origin IGP, metric 0, localpref 100, weight 32768, valid, sourced, local, best
      rx pathid: 0, tx pathid: 0x0

Lets check on R3

R3#sh ip bgp 140.0.0.0
BGP routing table entry for 140.0.0.0/24, version 39
Paths: (1 available, best #1, table default)
  Advertised to update-groups:
     3
  Refresh Epoch 1
  Local
    4.4.4.4 (metric 435200) from 4.4.4.4 (40.1.4.1)
      Origin IGP, metric 0, localpref 100, valid, internal, best
      rx pathid: 0, tx pathid: 0x0

The route is present in Bgp table of R3

But lets check whether it is using it or not

For that lets have a look at the routing table

R3#sh ip route 140.0.0.0
Routing entry for 140.0.0.0/24, 1 known subnets
B        140.0.0.0 [200/0] via 4.4.4.4, 00:03:16

It is present in Routing table also

Now lets check on R1

R1#sh ip route 140.0.0.0
Routing entry for 140.0.0.0/24, 1 known subnets
B        140.0.0.0 [20/0] via 13.1.1.3, 00:04:34  ------------> Getting learned via R3

It is present in Routing table of R1 also

That means BGP Synchronization is disable by default

Now lets enable BGP Synchronization on R3

R3#sh run | section bgp
router bgp 300
 bgp log-neighbor-changes
 network 30.1.1.0 mask 255.255.255.0
 network 30.1.2.0 mask 255.255.255.0
 network 30.1.3.0 mask 255.255.255.0
 network 30.1.4.0 mask 255.255.255.0
 neighbor 4.4.4.4 remote-as 300
 neighbor 4.4.4.4 description **iBGP with R4**
 neighbor 4.4.4.4 update-source Loopback0
 neighbor 13.1.1.1 remote-as 100
 neighbor 13.1.1.1 description **eBP with R1**

R3(config)#router bgp 300
R3(config-router)#synchronization
R3(config-router)#^Z
R3#

R3#sh run | section bgp
router bgp 300
 synchronization ==================================> enabled
 bgp log-neighbor-changes
 network 30.1.1.0 mask 255.255.255.0
 network 30.1.2.0 mask 255.255.255.0
 network 30.1.3.0 mask 255.255.255.0
 network 30.1.4.0 mask 255.255.255.0
 neighbor 4.4.4.4 remote-as 300
 neighbor 4.4.4.4 description **iBGP with R4**
 neighbor 4.4.4.4 update-source Loopback0
 neighbor 13.1.1.1 remote-as 100
 neighbor 13.1.1.1 description **eBP with R1**

R3#clear ip bgp * soft in
R3#clear ip bgp * soft out

R3#sh ip route 140.0.0.0
% Network not in table
R3#
R3#sh ip bgp 140.0.0.0
BGP routing table entry for 140.0.0.0/24, version 0
Paths: (1 available, no best path)
  Not advertised to any peer
  Refresh Epoch 2
  Local
    4.4.4.4 (inaccessible) from 4.4.4.4 (40.1.4.1)
      Origin IGP, metric 0, localpref 100, valid, internal, not synchronized
      rx pathid: 0, tx pathid: 0


Now you can see the route is present in BGP but not in the routing table

Lets check on R1

R1#sh ip route 140.0.0.0              
Routing entry for 140.0.0.0/24, 1 known subnets
B        140.0.0.0 [20/0] via 2.2.2.2, 00:03:51  =========> it is stop learning via R3 and now its learning via R2

Thanks for Reading !!!!!

amartechstuff
 

BGP LAB DAY 5

 

 

 Task :- Understanding BGP Autosummary

Autosummary is not enabled by default.

R1(config)#int loopback 100
R1(config-if)#ip add 100.0.0.1 255.255.255.0

R1(config)#router bgp 100
R1(config-router)#network 100.0.0.0
R1(config-router)#^Z

R1#sh ip bgp 100.0.0.0
% Network not in table

!!Now will enable Autosummary in BGP

R1(config)#router bgp 100
R1(config-router)#auto-summary
R1(config-router)#^Z

R1#sh ip bgp 100.0.0.0
BGP routing table entry for 100.0.0.0/8, version 20
Paths: (1 available, best #1, table default)
  Advertised to update-groups:
     2
  Refresh Epoch 1
  Local
    0.0.0.0 from 0.0.0.0 (1.1.1.1)
      Origin IGP, metric 0, localpref 100, weight 32768, valid, sourced, local, best
      rx pathid: 0, tx pathid: 0x0

Also lets check on R2

R2#sh ip bgp 100.0.0.0
BGP routing table entry for 100.0.0.0/8, version 20
Paths: (1 available, best #1, table default)
  Advertised to update-groups:
     3
  Refresh Epoch 1
  100, (received & used)
    1.1.1.1 from 1.1.1.1 (1.1.1.1)
      Origin IGP, metric 0, localpref 100, valid, external, best
      rx pathid: 0, tx pathid: 0x0

R2#ping 100.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/26/36 ms

Thanks for Reading !!!!

amartechstuff

SPANNING TREE PROTOCOL INTERVIEW Q&A

Question 1 –What is Spanning Tree Protocol (STP) and the use of STP ??

Answer-

Spanning Tree Protocol is a open standard LAYER 2 protocol - IEEE 802.1D which runs on Switches .

On all Cisco Switches it is enabled by default.

In layer 2 network whenever you go for redundancy; layer 2 loops can be created

STP avoids such L2 loops by blocking a port on the loop.

Question 2 –How STP Works OR Explain STP Operations ?

Answer-

Out of all the switches one switch will be elected as Root Bridge(RB) and all other switches will act as  Non Root Bridge (NRB)

All the switches will send BPDUs i.e hellos on all ports after every 2 secs.

NRB will always listen for BPDUs from the RB.

If NRB receives BPDUs from RB from more than one port it will came to know that there is a loop & it will block all ports except one port through which the cost is less i.e Root Port.

Eliminate the loop in the network.
 

Question 3 – What is the Spanning tree path cost value?

Answer-

This cost value is inversely proportional to the bandwith .
     Bandwidth     Cost
      10 Mbps   -    100
      100 Mbps -    19
      1 Gbps   -         4
      10 Gbps  -        2

Question 4 –How is the election of the Root Bridge done ?

Answer-

Election of the Root Bridge is based on Bridge ID .

The switch with lowest Bridge ID will be elected as Root Bridge.

Bridge ID is 8 Bytes .

Bridge ID = Bridge Priority + Bridge MAC

Bridge Priority = 2 Bytes , Default Bridge Priority is 32768

Bridge MAC ie. Mac address is 6 Bytes .

Question 5a –In this scenario if Switch 1 is root bridge and all the ports of all the switches have bandwidth of 100 Mbps then which port will be blocked
 - switch 2 fa0/2 or switch 3 fa0/2 ?

Answer-

Switch 3 Fa0/2  

Question 5b –In this scenario if Switch 1 is root bridge and all
the ports of all the switches have bandwidth of 100 Mbps then on Switch 4 which port will be blocked ?

Answer -

Switch 4 Fa0/2 

Question 5c –In this scenario if Switch 1 is root bridge and all the
 ports of all the switches have bandwidth of 100 Mbps then on Switch 2 which port will be blocked ?

Answer -

Switch 2 Fa0/7

Root Port Selection

lower cost

Forwarding switch (i.e upstream switch) bridge id

Port Priority of the upstream switch (not local port number)

Port number of the upstream switch (not local port number)
 

Question 6 – What are the different port states in STP?

Answer -

Disabled – A port in the disabled state does not take part in the STP.

Listening – A port in listening state prepares to forward data frames without populating the MAC address table. The port sends and listens  to BPDUs to make sure no loops occurs on the network

Learning– A port in the learning state populates the MAC address table but doesn’t forward data frames. The port still sends and receives BPDU messages as  in the listening state.

Forwarding – The port in the forwarding state can now send and receive data frames, collect MAC addresses in its address table, send and receive BPDU messages.
     This port is now a fully functioning switch port within the spanning-tree topology.

Blocking – A port in the blocking state does not forward frames.
      It only listens to BPDU messages. The function of the blocking      state is to prevent the use of looped paths.
 

Question 7 – What is the default time a port takes to transit from the blocking state to forwarding state ?

Answer -

The default time a port takes to transit from the blocking state to forwarding state is 50 seconds.

Max Age = 20 secs
Listening = 15 secs
Learning = 15 secs 

Question 8 – Explain Root Guard ?

Answer -

Root guard is used to protect root bridge .

Root guard stops a new switch introduced in the network with a lower bridge ID to become a root bridge.

If a port with root guard feature enabled receives a superior BPDU ,it moves the port into root-inconsistent state (which is somewhat similar to listening state)

Thus the current Root Bridge retains its status.

Configuration
        SW(config)#int fa0/24
        SW(config-if)#spanning-tree guard root
 

Question 9 –Explain Spanning tree Portfast ?

Answer -

Portfast is a enhancement feature of STP which speed up the STP convergence on access ports.
 It actually causes the spanning-tree forwarding state immediately bypassing the listening and learning states.
It is used on access port only where single workstation is connected .
Configuration
       SW(config)# int fa0/24
       SW(config-if)# spanning-tree portfast
        OR
       SW(config)#spanning-tree portfast default   this will enable
                                                                                all the access port in portfast

Question 10 –Explain BPDU Guard ?

Answer -

When we enable portfast on a port , we do not expect BPDUs on that port.

Incase a switch is connected by mistake on the port where portfast is enabled a loop can form (since when we configure portfast we disable STP on that port)

So to protect from such scenario we can enable BPDU guard on the port so that once a BPDU is received on the portfast port the port moves into err-disable mode i.e shutdown and it will not move the traffic . 

Thanks for Reading 

amartechstuff

Cisco Packet Tracer | Configure IP address to PC and Server | Ping test

 

It is very easy to Configure IP address to a PC and Server in Cisco Packet Tracer 

Simply Click on the icon of the PC or Server 

and refer the snapshot 

By clicking on Command Prompt option you will get an command prompt by using which you can

perform ping test and various stuff

 

 

Thanks for reading !!!!!

amartechstuff 

Cisco Packet Tracer Lab - Basic Switch Configuration | Hostname | MOTD | Password

 

1) Configure the hostname of the Switch as SW1

2)  Set a message of the day (MOTD) banner  for the switch -

*************************************************

Only Authorized Users Allowed 

*************************************************

3)  Configure a 

line console password - India@123

line vty - cisco

enable secret password - Cisco@123

==================================================

Solution 

==================================================

1) Configure the hostname of the Switch as SW1

Switch#config t
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#hostname SW1
SW1(config)#exit

2) Set a message of the day (MOTD) banner  for the switch

SW1(config)#banner motd $
Enter TEXT message.  End with the character '$'.
*************************************************

Only Authorized Users Allowed

*************************************************
$

SW1(config)#^Z
SW1#exit

*************************************************

Only Authorized Users Allowed

*************************************************


SW1>

3)  Configure a line console password - India@123 l

ine vty - cisco

enable secret password - Cisco@123

SW1#config t
SW1(config)#line console 0
SW1(config-line)#password India@123
SW1(config-line)#login
SW1(config)#enable secret Cisco@123
SW1(config)#exit
SW1#

*************************************************

Only Authorized Users Allowed

*************************************************


User Access Verification

Password:

SW1>en
Password:
SW1#

Thanks for reading 

amartechstuff

SPAN - PORT MIRRORING - CONFIGURATION ON CISCO PACKET TRACER

 SPAN - Switched Port Analyzer 

Allows you to monitor and capture network traffic 😊

Traffic is flowing from source (client) to destination (server)

and we need to monitor and capture the same on the monitoring device -sniffer

 

Once we enable span the initiate the traffic from client to server - a copy of traffic is sent on the switchport connected to sniffer.

Switch(config)#monitor session 1 source interface fa0/1
Switch(config)#monitor session 1 destination interface fa0/3
Switch#sh monitor
Session 1
---------
Type                   : Local Session
Description            : -
Source Ports           :
    Both               : Fa0/1
Destination Ports      : Fa0/3
    Encapsulation      : Native
          Ingress      : Disabled

THANKS FOR READING

AMARTECHSTUFF

BGP LAB DAY 4

 

 R1#sh ip bgp summary
BGP router identifier 10.1.4.1, local AS number 100
BGP table version is 41, main routing table version 41
20 network entries using 2880 bytes of memory
28 path entries using 2240 bytes of memory
6/5 BGP path/bestpath attribute entries using 816 bytes of memory
4 BGP AS-PATH entries using 96 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 6032 total bytes of memory
BGP activity 28/8 prefixes, 44/16 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
2.2.2.2         4          200      21      20       41    0    0 00:09:18       16
13.1.1.3        4          300     121     126       41    0    0 01:46:18        8
R1#
R1#
R1#sh ip int brief
Interface              IP-Address      OK? Method Status                Protocol
FastEthernet0/0        unassigned      YES NVRAM  administratively down down
FastEthernet1/0        unassigned      YES NVRAM  administratively down down
Ethernet2/0            12.1.1.1        YES NVRAM  up                    up
Ethernet2/1            13.1.1.1        YES NVRAM  up                    up
Ethernet2/2            21.1.1.1        YES NVRAM  up                    up
Ethernet2/3            unassigned      YES NVRAM  administratively down down
Loopback0              1.1.1.1         YES NVRAM  up                    up
Loopback1              10.1.1.1        YES NVRAM  up                    up
Loopback2              10.1.2.1        YES NVRAM  up                    up
Loopback3              10.1.3.1        YES NVRAM  up                    up
Loopback4              10.1.4.1        YES NVRAM  up                    up

!! Changing Router id to 1.1.1.1

R1#config
Configuring from terminal, memory, or network [terminal]?
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#
R1(config)#
R1(config)#router bgp 100
R1(config-router)#bgp router-id ?
  A.B.C.D  Manually configured router identifier
  vrf      vrf-specific router id configuration

R1(config-router)#bgp router-id 1.1.1.1
R1(config-router)#
*Nov 30 09:46:58.451: %BGP-5-ADJCHANGE: neighbor 2.2.2.2 Down Router ID changed
*Nov 30 09:46:58.451: %BGP_SESSION-5-ADJCHANGE: neighbor 2.2.2.2 IPv4 Unicast topology base removed from session  Router ID changed
*Nov 30 09:46:58.459: %BGP-5-ADJCHANGE: neighbor 13.1.1.3 Down Router ID changed
*Nov 30 09:46:58.459: %BGP_SESSION-5-ADJCHANGE: neighbor 13.1.1.3 IPv4 Unicast topology base removed from session  Router ID changed
*Nov 30 09:46:59.335: %BGP-5-ADJCHANGE: neighbor 2.2.2.2 Up
*Nov 30 09:46:59.523: %BGP-5-ADJCHANGE: neighbor 13.1.1.3 Up
R1(config-router)#^Z
R1#
R1#
R1#
R1#wr
*Nov 30 09:47:29.295: %SYS-5-CONFIG_I: Configured from console by console
Building configuration...
[OK]
R1#sh ip bgp sum
R1#sh ip bgp summary
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 21, main routing table version 21
20 network entries using 2880 bytes of memory
28 path entries using 2240 bytes of memory
6/5 BGP path/bestpath attribute entries using 816 bytes of memory
4 BGP AS-PATH entries using 96 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 6032 total bytes of memory
BGP activity 48/28 prefixes, 72/44 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
2.2.2.2         4          200      11       9       21    0    0 00:00:40       16
13.1.1.3        4          300       6       9       21    0    0 00:00:40        8