cisco static routes faq
Post on 04-Apr-2018
237 Views
Preview:
TRANSCRIPT
-
7/30/2019 Cisco Static Routes FAQ
1/35
-
7/30/2019 Cisco Static Routes FAQ
2/35
: How to configure static routes on Cisco routers? You can configure two types of routing on the router- static and dynamic to send the traffic to destination. Static route tellthe network devices about exact location (hard-coded destination). Static routers can work well with small network but in
large scale network dynamic routing is the best choice. Configure static routes between routers to allow data transfer between routers without the use of dynamic routing protocols.
From the global configuration mod e, configure the hostnamethen configure the console and enable passwords on each router.
To configure static routes, first enter global configuration mode to run the following commands.
Configure the Static Routes on Router A.
-
7/30/2019 Cisco Static Routes FAQ
3/35
First run the command show ip route to view the IP routing table for router A before defining static routes
RouterA#configure terminal (enter in global configuration mode)
RouterA(config)#ip route 15.0.0.0 255.0.0.0 10.1.1.2 (define static routing on Router A)
RouterA(config)#ip route 193.168.2.0 255.255.255.0 10.1.1.2 (define static routing on Router A)
RouterA(config)#ip route 193.168.3.0 255.255.255.0 20.1.1.2 (define static routing on Router A)
RouterA(config)#exit
RouterA#
Now run the command show ip route on router A to view the IP routing table (directly connected + static routes) detail.
Configure the Static Routes on Router B.
First run the command show ip route to view the IP routing table for router B before defining static routes
RouterB#configure terminal (enter in global configuration mode)
RouterB(config)#ip route 20.0.0.0 255.0.0.0 10.1.1.1 (define static routing on Router B)
RouterB(config)#ip route 193.168.1.0 255.255.255.0 10.1.1.1 (define static routing on Router B)
RouterB(config)#ip route 193.168.3.0 255.255.255.0 15.1.1.2 (define static routing on Router B)
RouterB(config)#exit
RouterB#
-
7/30/2019 Cisco Static Routes FAQ
4/35
Now run the command show ip route on router B to view the IP routing table (directly connected + static routes) detail.
Configure the Static Routes on Router C.
First run the command show ip route to view the IP routing table for router C before defining static routes
RouterC#configure terminal (enter in global configuration mode)
RouterC(config)#ip route 10.0.0.0 255.0.0.0 15.1.1.1 (define static routing on Router C)
RouterC(config)#ip route 193.168.2.0 255.255.255.0 15.1.1.1 (define static routing on Router C)
RouterC(config)#ip route 193.168.1.0 255.255.255.0 20.1.1.2 (define static routing on Router C)
RouterC(config)#exit
RouterC#
Now run the command show ip route on router C to view the IP routing table (directly connected + static routes) detail.
Configure the Static Routes on Router B.
First run the command show ip route to view the IP routing table for router B before defining static routes
RouterB#configure terminal (enter in global configuration mode)
RouterB(config)#ip route 20.0.0.0 255.0.0.0 10.1.1.1 (define static routing on Router B)
RouterB(config)#ip route 193.168.1.0 255.255.255.0 10.1.1.1 (define static routing on Router B)
RouterB(config)#ip route 193.168.3.0 255.255.255.0 15.1.1.2 (define static routing on Router B)
-
7/30/2019 Cisco Static Routes FAQ
5/35
RouterB(config)#exit
RouterB#
Now run the command show ip route on router B to view the IP routing table (directly connected + static routes) detail.
Configure the Static Routes on Router C.
First run the command show ip route to view the IP routing table for router C before defining static routes
RouterC#configure terminal (enter in global configuration mode)
RouterC(config)#ip route 10.0.0.0 255.0.0.0 15.1.1.1 (define static routing on Router C)
RouterC(config)#ip route 193.168.2.0 255.255.255.0 15.1.1.1 (define static routing on Router C)
RouterC(config)#ip route 193.168.1.0 255.255.255.0 20.1.1.2 (define static routing on Router C)
RouterC(config)#exit
RouterC#
Now run the command show ip route on router C to view the IP routing table (directly connected + static routes) detail.
Spanning-Tree Protocol (STP) prevents loops from being formed when switches or bridgesare interconnected via multiple paths. Spanning-Tree Protocol implements the 802.1D IEEE
algorithm by exchanging BPDU messages with other switches to detect loops, and thenremoves the loop by shutting down selected bridge interfaces. This algorithm guarantees
that there is one and only one active path between two network devices.
(Spanning Tree Algorithm is used to calculate a loop-free path.
All switch ports are in blocking mode to begin with. It takes approx 30seconds until packets can be forwarded.
-
7/30/2019 Cisco Static Routes FAQ
6/35
Step 1 : Elect Root Bridge - Lowest bridge priority, if there is a tie thenswitch with lowest bridge ID
Step 2 : Elect Root Ports - Locate redundant paths to root bridge; block allbut on root. Root Path Cost is cumulative cost of path to root bridge. Portsdirectly connected to Root Bridge will be root ports, otherwise lowest root
path cost used.Step 3 : Elect Designated Ports - Single port that sends and receives traffic
from a switch to and from Root Bridge - Lowest cost path to Root Bridge.
Spanning Tree Overview
There can only be one Root Bridge.
Root-Bridge ports are called 'Designated' and are set to send and receivetraffic (forwarding state). All other redundant links to the root bridge are
shutdown.
Blocked ports still receive BPDUs.
Convergence occurs when switches have transitioned to either forwardingor blocking states. No other data is forwarded during this time.
Forward delay - Time taken for a switch to go from Listening to Learning (50seconds default).
IEEE default priority = 32,768, this is true for all devices running STP IEEE
version.
Port Fast Mode - Immediately brings a port from blocking to forwardingstate by eliminating forward delays.
Bridges can only have one spanning tree instance compared to switcheswhich can have many.
Bridge Protocol Data Units send confirmation messages using multicastframes.)
IntroductionSpanning Tree Protocol (STP) is a Layer 2 protocol that runs on bridges and switches. The specification for STP is IEEE
802.1D. The main purpose of STP is to ensure that you do not create loops when you have redundant paths in your network. Loops are deadly to a network.
Prerequisites
Requirements
There are no specific requirements for this document.
Components Used
-
7/30/2019 Cisco Static Routes FAQ
7/35
Although this document uses Cisco Catalyst 5500/5000 Switches, the spanning tree principles that the documentpresents are applicable to almost all devices that support STP.
For the examples, this document used:
A console cable that is suitable for the Supervisor Engine in the switch
Six Catalyst 5509 Switches
The information in this document was created from the devices in a specific lab environment. All of the devices used inthis document started with a cleared (default) configuration. If your network is live, make sure that you understand the
potential impact of any command.
Conventions
Refer to Cisco Technical Tips Conventions for more information on document conventions.
Background Theory
The configurations in this document apply to Catalyst 2926G, 2948G, 2980G, 4500/4000, 5500/5000, and 6500/6000Switches that run Catalyst OS (CatOS). Refer to these documents for information on the configuration of STP on other
switch platforms:
Configuring STP and IEEE 802.1s MST (Catalyst 6500/6000 Switches that run Cisco IOS Software)
Understanding and Configuring STP (Catalyst 4500/4000 Switches that run Cisco IOS Software)
Configuring STP section of Configuring the System (Catalyst 2900XL/3500XL Switches)
Configuring STP (Catalyst 3550 Switches)
Configuring STP (Catalyst 2950 Switches)
Network Diagram
This document uses this network setup:
http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008010ff7a.shtmlhttp://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008010ff7a.shtmlhttp://www.cisco.com/en/US/tech/tk801/tk36/technologies_tech_note09186a0080121ac5.shtmlhttp://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/configuration/guide/spantree.htmlhttp://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/configuration/guide/spantree.htmlhttp://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.1/8aew/configuration/guide/spantree.html#wp1020334http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.1/8aew/configuration/guide/spantree.html#wp1020334http://www.cisco.com/en/US/docs/switches/lan/catalyst2900xl_3500xl/release12.0_5_wc3/swg/Swgsyst.html#wp1047851http://www.cisco.com/en/US/docs/switches/lan/catalyst2900xl_3500xl/release12.0_5_wc3/swg/Swgsyst.htmlhttp://www.cisco.com/en/US/docs/switches/lan/catalyst2900xl_3500xl/release12.0_5_wc3/swg/Swgsyst.htmlhttp://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_8_ea1/configuration/guide/swstp.htmlhttp://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_8_ea1/configuration/guide/swstp.htmlhttp://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_6_ea2c/configuration/guide/swgstp.htmlhttp://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_6_ea2c/configuration/guide/swgstp.htmlhttp://www.cisco.com/en/US/tech/tk801/tk36/technologies_tech_note09186a0080121ac5.shtmlhttp://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/configuration/guide/spantree.htmlhttp://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.1/8aew/configuration/guide/spantree.html#wp1020334http://www.cisco.com/en/US/docs/switches/lan/catalyst2900xl_3500xl/release12.0_5_wc3/swg/Swgsyst.html#wp1047851http://www.cisco.com/en/US/docs/switches/lan/catalyst2900xl_3500xl/release12.0_5_wc3/swg/Swgsyst.htmlhttp://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_8_ea1/configuration/guide/swstp.htmlhttp://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_6_ea2c/configuration/guide/swgstp.htmlhttp://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a008010ff7a.shtml -
7/30/2019 Cisco Static Routes FAQ
8/35
ConceptsSTP runs on bridges and switches that are 802.1D-compliant. There are different flavors of STP, but 802.1D is the most
popular and widely implemented. You implement STP on bridges and switches in order to prevent loops in the network.Use STP in situations where you want redundant links, but not loops. Redundant links are as important as backups in thecase of a failover in a network. A failure of your primary activates the backup links so that users can continue to use the
network. Without STP on the bridges and switches, such a failure can result in a loop. If two connected switches run
different flavors of STP, they require different timings to converge. When different flavors are used in the switches, itcreates timing issues between Blocking and Forwarding states. Therefore, it is recommended to use the same flavors of
STP. Consider this network:
In this network, a redundant link is planned between Switch A and Switch B. However, this setup creates the possibility of a bridging loop. For example, a broadcast or multicast packet that transmits from Station M and is destined for Station N
simply continues to circulate between both switches.
However, when STP runs on both switches, the network logically looks like this:
This information applies to the scenario in the Network Diagram :
Switch 15 is the backbone switch.
Switches 12, 13, 14, 16, and 17 are switches that attach to workstations and PCs.
The network defines these VLANs:
1
200
201
202
203
204
The VLAN Trunk Protocol (VTP) domain name is STD-Doc.
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_configuration_example09186a008009467c.shtml#diaghttp://www.cisco.com/en/US/tech/tk389/tk621/technologies_configuration_example09186a008009467c.shtml#diag -
7/30/2019 Cisco Static Routes FAQ
9/35
In order to provide this desired path redundancy, as well as to avoid a loop condition, STP defines a tree that spans all theswitches in an extended network. STP forces certain redundant data paths into a standby (blocked) state and leaves other
paths in a forwarding state. If a link in the forwarding state becomes unavailable, STP reconfigures the network andreroutes data paths through the activation of the appropriate standby path.
Description of the Technology
With STP, the key is for all the switches in the network to elect a root bridge that becomes the focal point in the network.All other decisions in the network, such as which port to block and which port to put in forwarding mode, are made from
the perspective of this root bridge. A switched environment, which is different from a bridge environment, most likelydeals with multiple VLANs. When you implement a root bridge in a switching network, you usually refer to the root bridge
as the root switch. Each VLAN must have its own root bridge because each VLAN is a separate broadcast domain. Theroots for the different VLANs can all reside in a single switch or in various switches.
Note: The selection of the root switch for a particular VLAN is very important. You can choose the root switch, or you canlet the switches decide, which is risky. If you do not control the root selection process, there can be suboptimal paths in
your network.
All the switches exchange information for use in the root switch selection and for subsequent configuration of the
network. Bridge protocol data units (BPDUs) carry this information. Each switch compares the parameters in the BPDUthat the switch sends to a neighbor with the parameters in the BPDU that the switch receives from the neighbor.
In the STP root selection process, less is better. If Switch A advertises a root ID that is a lower number than the root IDthat Switch B advertises, the information from Switch A is better. Switch B stops the advertisement of its root ID, and
accepts the root ID of Switch A.
Refer to Configuring Optional STP Features for more information about some of the optional STP features, such as:
PortFast
Root guard
Loop guard
BPDU guard
STP Operation
Task
Prerequisites
Before you configure STP, select a switch to be the root of the spanning tree. This switch does not need to be the most
powerful switch, but choose the most centralized switch on the network. All data flow across the network is from theperspective of this switch. Also, choose the least disturbed switch in the network. The backbone switches often serve asthe spanning tree root because these switches typically do not connect to end stations. Also, moves and changes within
the network are less likely to affect these switches.
After you decide on the root switch, set the appropriate variables to designate the switch as the root switch. The onlyvariable that you must set is thebridge priority. If the switch has a bridge priority that is lower than all the other switches,
the other switches automatically select the switch as the root switch.
Clients (end stations) on Switch Ports
You can also issue the set spantree portfast command, on a per-port basis. When you enable the portfast variable on a
port, the port immediately switches from blocking mode to forwarding mode. Enablement of portfast helps to preventtimeouts on clients who use Novell Netware or use DHCP in order to obtain an IP address. However, do not use thiscommand when you have switch-to-switch connection. In this case, the command can result in a loop. The 30- to 60-
second delay that occurs during the transition from blocking to forwarding mode prevents a temporal loop condition inthe network when you connect two switches.
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/configuration/guide/stp_enha.html#wp1022412http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/configuration/guide/stp_enha.html#wp1022412http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/configuration/guide/stp_enha.html#wp1022412 -
7/30/2019 Cisco Static Routes FAQ
10/35
Leave most other STP variables at their default values.
Rules of Operation
This section lists rules for how STP works. When the switches first come up, they start the root switch selection process.Each switch transmits a BPDU to the directly connected switch on a per-VLAN basis.
As the BPDU goes out through the network, each switch compares the BPDU that the switch sends to the BPDU that the
switch receives from the neighbors. The switches then agree on which switch is the root switch. The switch with thelowest bridge ID in the network wins this election process.
Note: Remember that one root switch is identified per-VLAN. After the root switch identification, the switches adhere tothese rules:
STP Rule 1All ports of the root switch must be in forwarding mode.
Note: In some corner cases, which involve self-looped ports, there is an exception to this rule.
Next, each switch determines the best path to get to the root. The switches determine this path by a comparison of theinformation in all the BPDUs that the switches receive on all ports. The switch uses the port with the least amount of
information in the BPDU in order to get to the root switch; the port with the least amount of information in the BPDU is theroot port. After a switch determines the root port, the switch proceeds to rule 2.
STP Rule 2The root port must be set to forwarding mode.
In addition, the switches on each LAN segment communicate with each other to determine which switch is best to use inorder to move data from that segment to the root bridge. This switch is called the designated switch.
STP Rule 3In a single LAN segment, the port of the designated switch that connects to that LAN segment must beplaced in forwarding mode.
STP Rule 4All the other ports in all the switches (VLAN-specific) must be placed in blocking mode. The rule only appliesto ports that connect to other bridges or switches. STP does not affect ports that connect to workstations or PCs. These
ports remain forwarded.
Note: The addition or removal of VLANs when STP runs in per-VLAN spanning tree (PVST / PVST+) mode triggersspanning tree recalculation for that VLAN instance and the traffic is disrupted only for that VLAN. The other VLAN parts of
a trunk link can forward traffic normally. The addition or removal of VLANs for a Multiple Spanning Tree (MST) instancethat exists triggers spanning tree recalculation for that instance and traffic is disrupted for all the VLAN parts of that MST
instance.
Note: By default, spanning tree runs on every port. The spanning tree feature cannot be turned off in switches on a per-port basis. Although it is not recommended, you can turn off STP on a per-VLAN basis, or globally on the switch. Extreme
care should be taken whenever you disable spanning tree because this creates Layer 2 loops within the network.
Step-by-Step Instructions
Complete these steps:
Issue the show version command in order to display the software version that the switch runs.
Note: All switches run the same software version.
Switch-15> (enable)show version
WS-C5505 Software, Version McpSW: 4.2(1) NmpSW: 4.2(1)
Copyright (c) 1995-1998 by Cisco Systems
NMP S/W compiled on Sep 8 1998, 10:30:21
-
7/30/2019 Cisco Static Routes FAQ
11/35
MCP S/W compiled on Sep 08 1998, 10:26:29
System Bootstrap Version: 5.1(2)
Hardware Version: 1.0 Model: WS-C5505 Serial #: 066509927
Mod Port Model Serial # Versions
--- ---- ---------- --------- ----------------------------------------
1 0 WS-X5530 008676033 Hw : 2.3
Fw : 5.1(2)
Fw1: 4.4(1)
Sw : 4.2(1)
In this scenario, Switch 15 is the best choice for the root switch of the network for all the VLANs because Switch 15 is thebackbone switch.
Issue the set spantree root vlan_id command in order to set the priority of the switch to 8192 for the VLAN or VLANs thatthe vlan_id specifies.
Note: The default priority for switches is 32768. When you set the priority with this command, you force the selection of Switch 15 as the root switch because Switch 15 has the lowest priority.
Switch-15> (enable)set spantree root 1
VLAN 1 bridge priority set to 8192.
VLAN 1 bridge max aging time set to 20.
VLAN 1 bridge hello time set to 2.
VLAN 1 bridge forward delay set to 15.
Switch is now the root switch for active VLAN 1.
Switch-15> (enable)
Switch-15> (enable)set spantree root 200
VLAN 200 bridge priority set to 8192.
VLAN 200 bridge max aging time set to 20.
VLAN 200 bridge hello time set to 2.
-
7/30/2019 Cisco Static Routes FAQ
12/35
VLAN 200 bridge forward delay set to 15.
Switch is now the root switch for active VLAN 200.
Switch-15> (enable)
Switch-15> (enable)set spantree root 201
VLAN 201 bridge priority set to 8192.
VLAN 201 bridge max aging time set to 20.
VLAN 201 bridge hello time set to 2.
VLAN 201 bridge forward delay set to 15.
Switch is now the root switch for active VLAN 201.
Switch-15> (enable)
Switch-15> (enable)set spantree root 202
VLAN 202 bridge priority set to 8192.
VLAN 202 bridge max aging time set to 20.
VLAN 202 bridge hello time set to 2.
VLAN 202 bridge forward delay set to 15.
Switch is now the root switch for active VLAN 202.
Switch-15>
Switch-15> (enable)set spantree root 203
VLAN 203 bridge priority set to 8192.
VLAN 203 bridge max aging time set to 20.
VLAN 203 bridge hello time set to 2.
VLAN 203 bridge forward delay set to 15.
Switch is now the root switch for active VLAN 203.
Switch-15>
-
7/30/2019 Cisco Static Routes FAQ
13/35
Switch-15> (enable)set spantree root 204
VLAN 204 bridge priority set to 8192.
VLAN 204 bridge max aging time set to 20.
VLAN 204 bridge hello time set to 2.
VLAN 204 bridge forward delay set to 15.
Switch is now the root switch for active VLAN 204.
Switch-15> (enable)
The shorter version of the command has the same effect, as this example shows:
Switch-15> (enable)set spantree root 1,200-204
VLANs 1,200-204 bridge priority set to 8189.
VLANs 1,200-204 bridge max aging time set to 20.
VLANs 1,200-204 bridge hello time set to 2.
VLANs 1,200-204 bridge forward delay set to 15.
Switch is now the root switch for active VLANs 1,200-204.
Switch-15> (enable)
The set spantree priority command provides a third method to specify the root switch:
Switch-15> (enable)set spantree priority 8192 1
Spantree 1 bridge priority set to 8192.
Switch-15> (enable)
Note: In this scenario, all the switches started with cleared configurations. Therefore, all the switches started with abridge priority of 32768. If you are not certain that all the switches in your network have a priority that is greater than 8192,
set the priority of your desired root bridge to 1.
Issue the set spantree portfast mod_num/port_num enable command in order to configure the PortFast setting onSwitches 12, 13, 14, 16, and 17.
Note: Only configure this setting on ports that connect to workstations or PCs. Do not enable PortFast on any port thatconnects to another switch.
This example only configures Switch 12. You can configure other switches in the same way. Switch 12 has these portconnections:
Port 2/1 connects to Switch 13.
Port 2/2 connects to Switch 15.
Port 2/3 connects to Switch 16.
Ports 3/1 through 3/24 connect to PCs.
-
7/30/2019 Cisco Static Routes FAQ
14/35
Ports 4/1 through 4/24 connect to UNIX workstations.
With this information as a basis, issue the set spantree portfast command on ports 3/1 through 3/24 and on ports 4/1through 4/24:
Switch-12> (enable)set spantree portfast 3/1-24 enable
Warning: Spantree port fast start should only be enabled on ports connected
to a single host. Connecting hubs, concentrators, switches, bridges, etc. to
a fast start port can cause temporary spanning-tree loops. Use with caution.
Spantree ports 3/1-24 fast start enabled.
Switch-12> (enable)
Switch-12> (enable)set spantree portfast 4/1-24 enable
Warning: Spantree port fast start should only be enabled on ports connected
to a single host. Connecting hubs, concentrators, switches, bridges, etc. to
a fast start port can cause temporary spanning-tree loops. Use with caution.
Spantree ports 4/1-24 fast start enabled.
Switch-12> (enable)
Issue the show spantree vlan_id command in order to verify that Switch 15 is the root of all the appropriate VLANs.
From the output from this command, compare the MAC address of the switch that is the root switch to the MAC addressof the switch from which you issued the command. If the addresses match, the switch that you are in is the root switch of
the VLAN. A root port that is 1/0 also indicates that you are at the root switch. This is the sample command output:
Switch-15> (enable)show spantree 1
VLAN 1
spanning-tree enabled
spanning-tree type ieee
Designated Root 00-10-0d-b1-78-00
-
7/30/2019 Cisco Static Routes FAQ
15/35
!--- This is the MAC address of the root switch for VLAN 1.
Designated Root Priority 8192
Designated Root Cost 0
Designated Root Port 1/0
Root Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec
Bridge ID MAC ADDR 00-10-0d-b1-78-00
Bridge ID Priority 8192
Bridge Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec
This output shows that Switch 15 is the designated root on the spanning tree for VLAN 1. The MAC address of thedesignated root switch, 00-10-0d-b1-78-00 , is the same as the bridge ID MAC address of Switch 15, 00-10-0d-b1-
78-00 . Another indicator that this switch is the designated root is that the designated root port is 1/0.
In this output from Switch 12, the switch recognizes Switch 15 as the Designated Root for VLAN 1:
Switch-12> (enable)show spantree 1
VLAN 1
spanning-tree enabled
spanning-tree type IEEEDesignated Root 00-10-0d-b1-78-00
!--- This is the MAC address of the root switch for VLAN 1.
Designated Root Priority 8192
Designated Root Cost 19
Designated Root Port 2/3
Root Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec
Bridge ID MAC ADDR 00-10-0d-b2-8c-00
Bridge ID Priority 32768
Bridge Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec
-
7/30/2019 Cisco Static Routes FAQ
16/35
Note: The output of the show spantree vlan_id command for the other switches and VLANs can also indicate that Switch15 is the designated root for all VLANs.
VerifyThis section provides information you can use to confirm that your configuration works properly.
The Output Interpreter Tool (registered customers only) (OIT) supports certain show commands. Use the OIT to view ananalysis of show command output.
show spantree vlan_id Shows the current state of the spanning tree for this VLAN ID, from the perspective of the switchon which you issue the command.
show spantree summaryProvides a summary of connected spanning tree ports by VLAN.
TroubleshootThis section provides information you can use to troubleshoot your configuration.
STP Path Cost Automatically Changes When a Port Speed/Duplex Is Changed
STP calculates the path cost based on the media speed (bandwidth) of the links between switches and the port cost of each port forwarding frame. Spanning tree selects the root port based on the path cost. The port with the lowest path cost
to the root bridge becomes the root port. The root port is always in the forwarding state.
If the speed/duplex of the port is changed, spanning tree recalculates the path cost automatically. A change in the pathcost can change the spanning tree topology.
Refer to the Calculating and Assigning Port Costs section of Configuring Spanning Tree for more information on how tocalculate the port cost.
Troubleshoot Commands
The Output Interpreter Tool (registered customers only) (OIT) supports certain show commands. Use the OIT to view ananalysis of show command output.
Note: Refer to Important Information on Debug Commands before you use debug commands.
show spantree vlan_id Shows the current state of the spanning tree for this VLAN ID, from the perspective of the switchon which you issue the command.
show spantree summaryProvides a summary of connected spanning tree ports by VLAN.
show spantree statisticsShows spanning tree statistical information.
show spantree backbonefastDisplays whether the spanning tree BackboneFast Convergence feature is enabled.
show spantree blockedportsDisplays only the blocked ports.
show spantree portstateDetermines the current spanning tree state of a Token Ring port within a spanning tree.
show spantree portvlancostShows the path cost for the VLANs on a port.
show spantree uplinkfastShows the UplinkFast settings.
Command Summary
Syntax: show version
https://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.plhttp://tools.cisco.com/RPF/register/register.dohttp://www.cisco.com/en/US/docs/switches/lan/catalyst4000/7.1/configuration/guide/spantree.html#wp1158533http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/7.1/configuration/guide/spantree.htmlhttp://www.cisco.com/en/US/docs/switches/lan/catalyst4000/7.1/configuration/guide/spantree.htmlhttps://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.plhttp://tools.cisco.com/RPF/register/register.dohttp://www.cisco.com/en/US/tech/tk801/tk379/technologies_tech_note09186a008017874c.shtmlhttps://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.plhttp://tools.cisco.com/RPF/register/register.dohttp://www.cisco.com/en/US/docs/switches/lan/catalyst4000/7.1/configuration/guide/spantree.html#wp1158533http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/7.1/configuration/guide/spantree.htmlhttps://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.plhttp://tools.cisco.com/RPF/register/register.dohttp://www.cisco.com/en/US/tech/tk801/tk379/technologies_tech_note09186a008017874c.shtml -
7/30/2019 Cisco Static Routes FAQ
17/35
As used inthis
document:show version
Syntax: set spantree root [ vlan_id ]
As used inthis
document:
set spantree root 1
set spantree root 1,200-204
Syntax: set spantree priority [ vlan_id ]
As used inthis
document:set spantree priority 8192 1
Syntax:set spantree
portfast mod_num/port_num {enable | disable}
As used inthisdocument:
set spantree portfast 3/1-24 enable
Syntax: show spantree [ vlan_id ]
As used inthis
document:show spantree 1
Introduction to Open Shortest Path First (OSPF)
Open Shortest Path First (OSPF) is a routing protocol which was first defined as version 2 in RFC 2328.It is used to allow routers to dynamically learn routes from other routers and to advertise routes to
http://www.inetdaemon.com/tutorials/internet/ip/routing/routing_vs_routed.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/router.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/route.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/route.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/router.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/router.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/route.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/routing_vs_routed.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/router.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/route.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/router.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/route.shtml -
7/30/2019 Cisco Static Routes FAQ
18/35
other routers . Advertisements containing routes are referred to as Link State Advertisements (LSAs) inOSPF. OSPF router keeps track of the state of all the various network connections ( links ) between
itself and a network it is trying to send data to. This makes it a link-state routing protocol . OSPFsupports the use of classless IP address ranges and is very efficient. OSPF uses areas to organize
a network into a hierarchal structure; it summarizes route information to reduce the number of advertised routes and thereby reduce network load and uses a designated router (elected via a
process that is part of OSPF) to reduce the quantity and frequency of Link State Advertisements. OSPFdoes require the router have a more powerful processor and more memory than other routing
protocols .
OSPF selects the best routes by finding the lowest cost paths to a destination. All router interfaces(links) are given a cost. The cost of a route is equal to the sum of all the costs configured on all the
outbound links between the router and the destination network, plus the cost configured on theinteface that OSPF received the Link State Advertisement on.
This tutorial will focus on explaining the basic components of OSPF, the operation of OSPF, basicconfiguration of OSPF and finally close with troubleshooting techniques used to verify correct OSPF
configuration and operation.
OSPF Router TypesIn this tutorial, when speaking of an OSPF router , we are speaking of the OSPF routing process
running on a given routing device. OSPF routers serve in various roles depending upon where they arelocated and which areas they participate in.
Internal Routers
An internal router connects only to one OSPF area. All of its interfaces connect to the area in which itis located and does not connect to any other area.
If a router connects to more than one area, it will be one of the following types of routers.
Backbone Routers
Backbone routers have one or more interfaces in Area 0 (the backbone area).
Area Border Router (ABR)
A router that connects more than one area is called an area border router or ABR. Usually an ABR isused to connect non-backbone areas to the backbone. If OSPF virtual links are used an ABR will also
be used to connect the area using the virtual link to another non-backbone area.
Autonomous System Boundary Router (ASBR)
If the router connects the OSPF Autonomous System to another Autonomous System, it is called anAutonomous System Boundary Router (ASBR).
OSPF elects two or more routers to manage the Link State Advertisments:
Designated Router (DR)
Every OSPF area will have a designated router and a backup designated router. The Designated Router(DR) is the router to which all other routers within an area send their Link State Advertisements. TheDesignated Router will keep track of all link state updates and make sure the LSAs are flooded to the
rest of the network using Reliable Multicast transport.
Backup Designated Router (BDR)
http://www.inetdaemon.com/tutorials/internet/ip/routing/router.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/route.shtmlhttp://www.inetdaemon.com/tutorials/networking/lan/index.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/routing_vs_routed.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/addresses/classless.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/addresses/index.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/addresses/index.shtmlhttp://www.inetdaemon.com/tutorials/networking/lan/index.shtmlhttp://www.inetdaemon.com/tutorials/networking/lan/index.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/route.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/route.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/router.shtmlhttp://www.inetdaemon.com/tutorials/computers/hardware/cpu/index.shtmlhttp://www.inetdaemon.com/tutorials/computers/hardware/memory/index.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/routing_vs_routed.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/routing_vs_routed.shtmlhttp://www.inetdaemon.com/tutorials/networking/lan/index.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/router.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/route.shtmlhttp://www.inetdaemon.com/tutorials/networking/lan/index.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/routing_vs_routed.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/addresses/classless.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/addresses/index.shtmlhttp://www.inetdaemon.com/tutorials/networking/lan/index.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/route.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/router.shtmlhttp://www.inetdaemon.com/tutorials/computers/hardware/cpu/index.shtmlhttp://www.inetdaemon.com/tutorials/computers/hardware/memory/index.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/routing_vs_routed.shtmlhttp://www.inetdaemon.com/tutorials/internet/ip/routing/routing_vs_routed.shtmlhttp://www.inetdaemon.com/tutorials/networking/lan/index.shtml -
7/30/2019 Cisco Static Routes FAQ
19/35
The election process which determines the Designated Router will also elect a Backup DesignatedRouter (BDR). The BDR takes over from the DR when the DR fails.
OSPF Areas
OSPF areas are used to impose a hierarchial structure to the flow of data over the network. A networkusing OSPF will always have at least one area and if there is more than one area, one of the two areas
must be the backbone area. Areas are used to group routers into manageable groups that exchangerouting information locally, but summarize that routing information when advertising the routes
externally. A standard OSPF network looks something like a big bubble (the backbone area) with a lotof smaller bubbles (stub areas) attached directly to it. Area Border Routers (ABR) are used to connect
the areas. Each area will elect a designated router (DR) and a backup designated router (BDR) toassist in flooding Link State Advertisements (LSAs)throughout the area.
Backbone (Area 0)
The backbone is the first area you should always build in any network using OSPF and the backbone isalways Area 0 (zero). All areas are connected directly to the OSPF backbone area. When designing anOSPF backbone area, you should make sure there is little or no possibility of the backbone area being
split into two or more parts by a router or link failure. If the OSPF backbone is split due to hardwarefailures or access lists, sizeable areas of the network will become unreachable.
Totally Stub Area
A totally stubby area is only connected to the backbone area. A totally stubby / totally stub area doesnot advertise the routes it knows. It does not send any Link State Advertisements. The only route a
totally stub area receives is the default route from an external area, which must be the backbone area.This default route allows the totally stub area to communicate with the rest of the network.
Stub Area
Stub areas are connected only to the backbone area. Stub areas do not receive routes from outside theautonomous system, but do receive the routes from within the autonomous system, even if the route
comes from another area.
Not-So-Stubby (NSSA)
Frequently, it is advisable to use a separate network to connect the internal enterprise network to theInternet. OSPF makes provisions for placing an Autonomous System Boundary Router (ASBR) within anon-backbone area. In this case, the stub area must learn routes from outside the OSPF autonomous
system. Thus, a new type of LSA was required--the Type 7 LSA. Type 7 LSA's are created by theAutonomous System Boundary Router and forwarded via the stub area's border router (ABR) to thebackbone. This allows the other areas to learn routes that are external to the OSPF routing domain.
Virtual Links
Virtual links are used when you have a network that must be connected to an existing OSPF system,but cannot be physically connected directly to the routers in the OSPF backbone area. You can
configure an OSPF virtual link from the area to a backbone router, creating a virtual direct connectionto the backbone area. This virtual link acts as a tunnel which forwards LSAs to the backbone via a
second intermediate area.
Operation
STILL UNDER DEVELOPMENT
OSPF Startup and Operation
-
7/30/2019 Cisco Static Routes FAQ
20/35
STILL UNDER DEVELOPMENT
Neighbor Discovery
STILL UNDER DEVELOPMENT
Forming Adjacencies
Link State Advertisements (LSAs)
LSA Types (by type code)
1 - Router LSA
2 - Network LSA
3 - Network summary LSA
4 - ASBR Summary LSA
5 - AS External LSA
6 - Group Membership LSA
7 - NSSA External LSA
8 - External Attributes LSA
9 - Opaque LSA (link-local scope)
10 - Opaque LSA (area-local scope)
11 - Opaque LSA (AS scope)
Flooding
Reliable Transport
Shortest Path First Calculations
Configuration
Troubleshooting
OSPF Components
Areas
Routers
Link State Advertisements
Processes
OSPF Areas
-
7/30/2019 Cisco Static Routes FAQ
21/35
OSPF organizes a network into areas. An area is a set of routers that will share routing informationabout one or more networks. Routers are used by OSPF to maintain routing informatioin within an
area and to send Link State Advertisements to other areas.
Backbone Area (Area 0)
The first area that will always exist in any network using OSPF for routing is Area 0 (zero). Area 0 is
always the backbone area. All other areas are connected to the backbone either directly, or usingvirtual links that 'tunnel' through other areas. Because areas must be directly connected to thebackbone, you cannot chain areas together. All routing information beetween areas is sent through the
backbone area (Area 0).
Each area is designated by an area number. All other areas are described as having 'stubbiness':
Not So Stubby Area
Stubby Area
Totally Stubby Area (Cisco proprietary)
Access Control Lists (ACLs)
Access Control List (ACL) are filters that enable you to control which routing updates or packets arepermitted or denied in or out of a network. They are specifically used by network administrators to filter
traffic and to provide extra security for their networks. This can be applied on routers (Cisco).
ACLs provide a powerful way to control traffic into and out of your network; this control can be as simple aspermitting or denying network hosts or addresses. You can configure ACLs for all routed network protocols.
The most important reason to configure ACLs is to provide security for your network. However, ACLs canalso be configured to control network traffic based on the TCP port being used.
How ACLs work
A router acts as a packet filter when it forwards or denies packets according to filtering rules. As a Layer 3device, a packet-filtering router uses rules to determine whether to permit or deny traffic based on source
and destination IP addresses, source port and destination port, and the protocol of the packet. These rulesare defined using access control lists or ACLs.
To simplify how ACL or a router uses packet filtering work, imagine a guard stationed at a locked door. Theguard's instruction is to allow only people whose names appear on a quest list to pass through the door. The
guard is filtering people based on the condition of having their names on the authorized list.
http://www.inetdaemon.com/tutorials/networking/lan/index.shtmlhttp://www.inetdaemon.com/tutorials/networking/lan/index.shtmlhttp://www.inetdaemon.com/tutorials/networking/lan/index.shtmlhttp://www.inetdaemon.com/tutorials/networking/lan/index.shtmlhttp://www.inetdaemon.com/tutorials/networking/lan/index.shtml -
7/30/2019 Cisco Static Routes FAQ
22/35
When a packet arrives at the router, the router extracts certain information from the packet header andmakes decisions according to the filter rules as to whether the packet can pass through or be dropped.
Packet filtering process works at the Network layer of the Open Systems Interconnection (OSI) model, or the
Internet layer of TCP/IP.
Why use ACLs
* Limits network traffic to increase network performance.
* ACLs provides traffic flow control by restricting the delivery of routing updates.
* It can be used as additional security.
* Controls which type of traffic are forwarded or blocked by the router.
* Ability to control which areas a client access.
-
7/30/2019 Cisco Static Routes FAQ
23/35
Types of Access Control Lists
Standard access-list
Standard access lists create filters based on source addresses and are used for server based filtering.Address based access lists distinguish routes on a network you want to control by using network address
number (IP). Address-based access lists consist of a list of addresses or address ranges and a statement asto whether access to or from that address is permitted or denied.
Example of the command syntax for configuring a standard numbered IP ACL:
R1(config)# access-list {1-99} {permit | deny} source-addr [source-wildcard]
i. The first value { 1-99 } specifies the standard ACL number range.
ii. The second value specifies whether to permit or deny the configured source IP address traffic.
iii. The third value is the source IP address that must be matched.
iv. The fourth value is the wildcard mask to be applied to the previously configured IP address to indicatethe range.
Extended access lists
Extended access lists create filters based on source addresses, destination addresses, protocol, portnumber and other features and are used for packet based filtering for packets that traverse the network.
Example of the command syntax for configuring an extended numbered IP ACL:
Router(config)# access-list {100-199} {permit | deny} protocol source-addr [source-wildcard] [operator operand] destination-addr [destination-wildcard] [operator operand] [established]
i. Like the standard ACLs, the first value { 100-199 or 2000 - 2699 } specifies the ACL number range.
ii. The next value specifies whether to permit or deny according to the criteria that follows.
iii. The third value specifies protocol type ( IP, TCP, UDP, or other specific IP sub-protocols). The source IPaddress and wildcard mask determine traffic source. The destination IP address and its wildcard mask areused to indicate the final destination of the network traffic. When the destination IP address and mask areconfigured, the port number must be specified to match, either by number or by a well-known port name,
otherwise all traffic to that destination will be dropped.
Standard and Extended access lists can be applied base on the use of ip access-list command.
Access lists use the deny or permit statement to define which packet is allowed or denied entry into a server or network.
http://www.orbit-computer-solutions.com/Extended-ACLs.phphttp://www.orbit-computer-solutions.com/Extended-ACLs.phphttp://www.orbit-computer-solutions.com/Extended-ACLs.php -
7/30/2019 Cisco Static Routes FAQ
24/35
Masks
Masks are used with IP addresses in IP ACLs to specify what should be permitted and denied. Masks in order to configure IP addresses on interfaces start with 255 and have the large values on the left side, for example,
IP address 172.16.2.14 with a 255.255.255.0 mask. Masks for IP ACLs are the reverse, for example, mask0.0.0.255. This is sometimes called an inverse mask or a wildcard mask. When the value of the mask is
broken down into binary (0s and 1s), the results determine which address bits are to be considered inprocessing the traffic. A 0 indicates that the address bits must be considered (exact match); a 1 in the mask
is a "no".
Note these ACL equivalents.
The source/source-wildcard of 0.0.0.0/255.255.255.255 means "any".
The source/wildcard of 10.1.1.2/0.0.0.0 is the same as "host 10.1.1.2".
If you subtract 255.255.255.0 (normal mask) from 255.255.255.255, it yields 0.0.0.255.
Read about Wildcards
The command below defines an ACL that permits this network 192.168.1.0 0.0.0.255.
access-list acl_permit permit ip 192.168.1.0 0.0.0.255
Inbound traffic to the router is compared to access lists entries based on the order that the entries occur inthe router. The router looks through the entries until it has a match. If the router found no match when it
reaches the end of the list, the traffic is denied. For this reason, you should have the frequently hit entries atthe top of the list. There is an implied deny for traffic that is not permitted. Single-entry access lists with onlyone deny entry has the effect of denying all traffic. You must have at least one permit statement in an ACL or
all traffic is blocked.
Access lists implicitly deny all access that is not expressly permitted. The following line is auto-appended toall access-lists:
deny ip any any
If it is desirable to over-ride this implicit denial statement, enter a permit ip any any statement as the last entryin the access-list.
Ip Addresing and Subnetting
AddressThe unique number ID assigned to one host or interface in a network.
http://www.orbit-computer-solutions.com/IP-Addressing.phphttp://www.orbit-computer-solutions.com/IP-Addressing.phphttp://www.orbit-computer-solutions.com/Using-Wildcards.phphttp://www.orbit-computer-solutions.com/Using-Wildcards.phphttp://www.orbit-computer-solutions.com/IP-Addressing.phphttp://www.orbit-computer-solutions.com/Using-Wildcards.php -
7/30/2019 Cisco Static Routes FAQ
25/35
SubnetA portion of a network sharing a particular subnet address.
Subnet maskA 32-bit combination used to describe which portion of an address refers to the subnet and which part refers to the host.
InterfaceA network connection.
If you have already received your legitimate address(es) from the Internet Network Information Center (InterNIC), you are ready to begin.
If you do not plan to connect to the Internet, Cisco strongly suggests that you use reserved addresses from RFC 1918 .
Conventions
Refer to Cisco Technical Tips Conventions for more information on document conventions.
Understanding IP AddressesAn IP address is an address used in order to uniquely identify a device on an IP network. The address is made up of 32 binary bits, whichcan be divisible into a network portion and host portion with the help of a subnet mask. The 32 binary bits are broken into four octets (1octet = 8 bits). Each octet is converted to decimal and separated by a period (dot). For this reason, an IP address is said to be expressed
in dotted decimal format (for example, 172.16.81.100). The value in each octet ranges from 0 to 255 decimal, or 00000000 - 11111111
binary.
Here is how binary octets convert to decimal: The right most bit, or least significant bit, of an octet holds a value of 2 0. The bit just to theleft of that holds a value of 2 1. This continues until the left-most bit, or most significant bit, which holds a value of 2 7. So if all binary bits
are a one, the decimal equivalent would be 255 as shown here:
1 1 1 1 1 1 1 1
128 64 32 16 8 4 2 1 (128+64+32+16+8+4+2+1=255)
Here is a sample octet conversion when not all of the bits are set to 1.
0 1 0 0 0 0 0 1
0 64 0 0 0 0 0 1 (0+64+0+0+0+0+0+1=65)
And this is sample shows an IP address represented in both binary and decimal.
10. 1. 23. 19 (decimal)
00001010.00000001.00010111.00010011 (binary)
These octets are broken down to provide an addressing scheme that can accommodate large and small networks. There are five differentclasses of networks, A to E. This document focuses on addressing classes A to C, since classes D and E are reserved and discussion of
them is beyond the scope of this document.
Note: Also note that the terms "Class A, Class B" and so on are used in this document to help facilitate the understanding of IP
addressing and subnetting. These terms are rarely used in the industry anymore because of the introduction of classlessinterdomain routing (CIDR) .
Given an IP address, its class can be determined from the three high-order bits. Figure 1 shows the significance in the three highorder bits and the range of addresses that fall into each c lass. For informational purposes, Class D and Class E addresses are also
shown.
Figure 1
http://www.ietf.org/rfc/rfc1918.txthttp://www.ietf.org/rfc/rfc1918.txthttp://www.cisco.com/en/US/tech/tk801/tk36/technologies_tech_note09186a0080121ac5.shtmlhttp://www.cisco.com/en/US/tech/tk801/tk36/technologies_tech_note09186a0080121ac5.shtmlhttp://www.cisco.com/en/US/tech/tk801/tk36/technologies_tech_note09186a0080121ac5.shtmlhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#cidrhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#cidrhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#cidrhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#cidrhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figonehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figonehttp://www.ietf.org/rfc/rfc1918.txthttp://www.cisco.com/en/US/tech/tk801/tk36/technologies_tech_note09186a0080121ac5.shtmlhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#cidrhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#cidrhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figone -
7/30/2019 Cisco Static Routes FAQ
26/35
In a Class A address, the first octet is the network portion, so the Class A example in Figure 1 has a major network address of 1.0.0.0- 127.255.255.255. Octets 2, 3, and 4 (the next 24 bits) are for the network manager to divide into subnets and hosts as he/she sees fit.
Class A addresses are used for networks that have more than 65,536 hosts (actually, up to 16777214 hosts!).
In a Class B address, the first two octets are the network portion, so the Class B example in Figure 1 has a major network address of 128.0.0.0 - 191.255.255.255. Octets 3 and 4 (16 bits) are for local subnets and hosts. Class B addresses are used for networks that havebetween 256 and 65534 hosts.
In a Class C address, the first three octets are the network portion. The Class C example in Figure 1 has a major network address of 192.0.0.0 - 233.255.255.255. Octet 4 (8 bits) is for local subnets and hosts - perfect for networks with less than 254 hosts.
Network MasksA network mask helps you know which portion of the address identifies the network and which portion of the address identifies the node.
Class A, B, and C networks have default masks, also known as natural masks, as shown here:
Class A: 255.0.0.0
Class B: 255.255.0.0
Class C: 255.255.255.0
An IP address on a Class A network that has not been subnetted would have an address/mask pair similar to: 8.20.15.1 255.0.0.0. To seehow the mask helps you identify the network and node parts of the address, convert the address and mask to binary numbers.
8.20.15.1 = 00001000.00010100.00001111.00000001
255.0.0.0 = 11111111.00000000.00000000.00000000
Once you have the address and the mask represented in binary, then identifying the network and host ID is easier. Any address bitswhich have corresponding mask bits set to 1 represent the network ID. Any address bits that have corresponding mask bits set to 0
represent the node ID.
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figonehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figonehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figonehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figonehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figonehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figonehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figonehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figonehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figonehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figonehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figone -
7/30/2019 Cisco Static Routes FAQ
27/35
8.20.15.1 = 00001000.00010100.00001111.00000001
255.0.0.0 = 11111111.00000000.00000000.00000000
-----------------------------------
net id | host id
netid = 00001000 = 8
hostid = 00010100.00001111.00000001 = 20.15.1
Understanding SubnettingSubnetting allows you to create multiple logical networks that exist within a single Class A, B, or C network. If you do not subnet, you are
only able to use one network from your Class A, B, or C network, which is unrealistic.
Each data link on a network must have a unique network ID, with every node on that link being a member of the same network. If youbreak a major network (Class A, B, or C) into smaller subnetworks, it allows you to create a network of interconnecting subnetworks.
Each data link on this network would then have a unique network/subnetwork ID. Any device, or gateway,connecting n networks/subnetworks has n distinct IP addresses, one for each network / subnetwork that it interconnects.
In order to subnet a network, extend the natural mask using some of the bits from the host ID portion of the address to create asubnetwork ID. For example, given a Class C network of 204.17.5.0 which has a natural mask of 255.255.255.0, you can create subnets in
this manner:
204.17.5.0 - 11001100.00010001.00000101.00000000
255.255.255.224 - 11111111.11111111.11111111.11100000
--------------------------|sub|----
By extending the mask to be 255.255.255.224, you have taken three bits (indicated by "sub") from the original host portion of the addressand used them to make subnets. With these three bits, it is possible to create eight subnets. With the remaining five host ID bits, each
subnet can have up to 32 host addresses, 30 of which can actually be assigned to a device since host ids of all zeros or all ones are not allowed (it is very important to remember this). So, with this in mind, these subnets have been created.
204.17.5.0 255.255.255.224 host address range 1 to 30
204.17.5.32 255.255.255.224 host address range 33 to 62
204.17.5.64 255.255.255.224 host address range 65 to 94
204.17.5.96 255.255.255.224 host address range 97 to 126
204.17.5.128 255.255.255.224 host address range 129 to 158
204.17.5.160 255.255.255.224 host address range 161 to 190
204.17.5.192 255.255.255.224 host address range 193 to 222
204.17.5.224 255.255.255.224 host address range 225 to 254
Note: There are two ways to denote these masks. First, since you are using three bits more than the "natural" Class C mask, you can
denote these addresses as having a 3-bit subnet mask. Or, secondly, the mask of 255.255.255.224 can also be denoted as /27 as there are27 bits that are set in the mask. This second method is used with CIDR . With this method, one of these networks can be described with
the notation prefix/length. For example, 204.17.5.32/27 denotes the network 204.17.5.32 255.255.255.224. When appropriate theprefix/length notation is used to denote the mask throughout the rest of this document.
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#cidrhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#cidrhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#cidr -
7/30/2019 Cisco Static Routes FAQ
28/35
The network subnetting scheme in this section allows for eight subnets, and the network might appear as:
Figure 2
Notice that each of the routers in Figure 2 is attached to four subnetworks, one subnetwork is common to both routers. Also, eachrouter has an IP address for each subnetwork to which it is attached. Each subnetwork could potentially support up to 30 host
addresses.
This brings up an interesting point. The more host bits you use for a subnet mask, the more subnets you have available. However, themore subnets available, the less host addresses available per subnet. For example, a Class C network of 204.17.5.0 and a mask of
255.255.255.224 (/27) allows you to have eight subnets, each with 32 host addresses (30 of which could be assigned to devices). If youuse a mask of 255.255.255.240 (/28), the break down is:
204.17.5.0 - 11001100.00010001.00000101.00000000
255.255.255.240 - 11111111.11111111.11111111.11110000
--------------------------|sub |---
Since you now have four bits to make subnets with, you only have four bits left for host addresses. So in this case you can have up to 16
subnets, each of which can have up to 16 host addresses (14 of which can be assigned to devices).
Take a look at how a Class B network might be subnetted. If you have network 172.16.0.0 ,then you know that its natural mask is255.255.0.0 or 172.16.0.0/16. Extending the mask to anything beyond 255.255.0.0 means you are subnetting. You can quickly see that youhave the ability to create a lot more subnets than with the Class C network. If you use a mask of 255.255.248.0 (/21), how many subnets
and hosts per subnet does this allow for?
172.16.0.0 - 10101100.00010000.00000000.00000000
255.255.248.0 - 11111111.11111111.11111000.00000000
-----------------| sub |-----------
You are using five bits from the original host bits for subnets. This allows you to have 32 subnets (2 5). After using the five bits for subnetting, you are left with 11 bits for host addresses. This allows each subnet so have 2048 host addresses (2 11), 2046 of which could
be assigned to devices.
Note: In the past, there were limitations to the use of a subnet 0 (all subnet bits are set to zero) and all ones subnet (all subnet bits set toone). Some devices would not allow the use of these subnets. Cisco Systems devices allow the use of these subnets when theip subnet
zero command is configured.
Examples
Sample Exercise 1
Now that you have an understanding of subnetting, put this knowledge to use. In this example, you are given two address / maskcombinations, written with the prefix/length notation, which have been assigned to two devices. Your task is to determine if these devicesare on the same subnet or different subnets. You can do this by using the address and mask of each device to determine to which subnet
each address belongs.
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figtwohttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figtwohttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figtwohttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figtwo -
7/30/2019 Cisco Static Routes FAQ
29/35
DeviceA: 172.16.17.30/20
DeviceB: 172.16.28.15/20
Determining the Subnet for DeviceA:
172.16.17.30 - 10101100.00010000.00010001.00011110
255.255.240.0 - 11111111.11111111.11110000.00000000
-----------------| sub|------------
subnet = 10101100.00010000.00010000.00000000 = 172.16.16.0
Looking at the address bits that have a corresponding mask bit set to one, and setting all the other address bits to zero (this is equivalentto performing a logical "AND" between the mask and address), shows you to which subnet this address belongs. In this case, DeviceA
belongs to subnet 172.16.16.0.
Determining the Subnet for DeviceB:
172.16.28.15 - 10101100.00010000.00011100.00001111
255.255.240.0 - 11111111.11111111.11110000.00000000
-----------------| sub|------------
subnet = 10101100.00010000.00010000.00000000 = 172.16.16.0
From these determinations, DeviceA and DeviceB have addresses that are part of the same subnet.
Sample Exercise 2
Given the Class C network of 204.15.5.0/24, subnet the network in order to create the network in Figure 3 with the host requirementsshown.
Figure 3
Looking at the network shown in Figure 3 , you can see that you are required to create five subnets. The largest subnet must support28 host addresses. Is this possible with a Class C network? and if so, then how?
You can start by looking at the subnet requirement. In order to create the five needed subnets you would need to use three bits from theClass C host bits. Two bits would only allow you four subnets (2 2).
Since you need three subnet bits, that leaves you with five bits for the host portion of the address. How many hosts does this support?25 = 32 (30 usable). This meets the requirement.
Therefore you have determined that it is possible to create this network with a Class C network. An example of how you might assign thesubnetworks is:
netA: 204.15.5.0/27 host address range 1 to 30
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figthreehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figthreehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figthreehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figthreehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figthreehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figthree -
7/30/2019 Cisco Static Routes FAQ
30/35
netB: 204.15.5.32/27 host address range 33 to 62
netC: 204.15.5.64/27 host address range 65 to 94
netD: 204.15.5.96/27 host address range 97 to 126
netE: 204.15.5.128/27 host address range 129 to 158
VLSM ExampleIn all of the previous examples of subnetting, notice that the same subnet mask was applied for all the subnets. This means that each
subnet has the same number of available host addresses. You can need this in some cases, but, in most cases, having the same subnet
mask for all subnets ends up wasting address space. For example, in the Sample Exercise 2 section, a class C network wassplit into eight equal-size subnets; however, each subnet did not utilize all available host addresses, which results in wasted address
space. Figure 4 illustrates this wasted address space.
Figure 4
Figure 4 illustrates that of the subnets that are being used, NetA, NetC, and NetD have a lot of unused host address space. It ispossible that this was a deliberate design accounting for future growth, but in many cases this is just wasted address space due to the
fact that the same subnet mask is being used for all the subnets.
Variable Length Subnet Masks (VLSM) allows you to use different masks for each subnet, thereby using address space efficiently.
VLSM Example
Given the same network and requirements as in Sample Exercise 2 develop a subnetting scheme with the use of VLSM, given:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#ex2http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#ex2http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#ex2http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figfourhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figfourhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figfourhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#ex2http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#ex2http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#ex2http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figfourhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figfourhttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#ex2 -
7/30/2019 Cisco Static Routes FAQ
31/35
netA: must support 14 hosts
netB: must support 28 hosts
netC: must support 2 hosts
netD: must support 7 hosts
netE: must support 28 host
Determine what mask allows the required number of hosts.
netA: requires a /28 (255.255.255.240) mask to support 14 hosts
netB: requires a /27 (255.255.255.224) mask to support 28 hosts
netC: requires a /30 (255.255.255.252) mask to support 2 hosts
netD*: requires a /28 (255.255.255.240) mask to support 7 hosts
netE: requires a /27 (255.255.255.224) mask to support 28 hosts
* a /29 (255.255.255.248) would only allow 6 usable host addresses
therefore netD requires a /28 mask.
The easiest way to assign the subnets is to assign the largest first. For example, you can assign in this manner:
netB: 204.15.5.0/27 host address range 1 to 30
netE: 204.15.5.32/27 host address range 33 to 62
netA: 204.15.5.64/28 host address range 65 to 78
netD: 204.15.5.80/28 host address range 81 to 94
netC: 204.15.5.96/30 host address range 97 to 98
This can be graphically represented as shown in Figure 5:
Figure 5
-
7/30/2019 Cisco Static Routes FAQ
32/35
Figure 5 illustrates how using VLSM helped save more than half of the address space.
CIDRClassless Interdomain Routing (CIDR) was introduced to improve both address space utilization and routing scalability in the Internet. It
was needed because of the rapid growth of the Internet and growth of the IP routing tables held in the Internet routers.
CIDR moves way from the traditional IP classes (Class A, Class B, Class C, and so on). In CIDR , an IP network is represented by a prefix,which is an IP address and some indication of the length of the mask. Length means the number of left-most contiguous mask bits that
are set to one. So network 172.16.0.0 255.255.0.0 can be represented as 172.16.0.0/16. CIDR also depicts a more hierarchical Internetarchitecture, where each domain takes its IP addresses from a higher level. This allows for the summarization of the domains to be done
at the higher level. For example, if an ISP owns network 172.16.0.0/16, then the ISP can offer 172.16.1.0/24, 172.16.2.0/24, and so on tocustomers. Yet, when advertising to other providers, the ISP only needs to advertise 172.16.0.0/16.
For more information on CIDR, see RFC 1518 and RFC 1519 .
AppendixSample Config
Routers A and B are connected via serial interface.
Router A
hostname routera
!
ip routing
!
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figfivehttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figfivehttp://www.ietf.org/rfc/rfc1518.txthttp://www.ietf.org/rfc/rfc1518.txthttp://www.ietf.org/rfc/rfc1518.txthttp://www.ietf.org/rfc/rfc1519.txthttp://www.ietf.org/rfc/rfc1519.txthttp://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00800a67f5.shtml#figfivehttp://www.ietf.org/rfc/rfc1518.txthttp://www.ietf.org/rfc/rfc1519.txt -
7/30/2019 Cisco Static Routes FAQ
33/35
int e 0
ip address 172.16.50.1 255.255.255.0
!(subnet 50)
int e 1 ip address 172.16.55.1 255.255.255.0
!(subnet 55)
int t 0 ip address 172.16.60.1 255.255.255.0
!(subnet 60) int s 0
ip address 172.16.65.1 255.255.255.0 (subnet 65)
!S 0 connects to router B
router rip
network 172.16.0.0
Router B
hostname routerb
!
ip routing
!
int e 0
ip address 192.1.10.200 255.255.255.240
!(subnet 192)
int e 1
ip address 192.1.10.66 255.255.255.240
!(subnet 64)
int s 0
ip address 172.16.65.2 (same subnet as router A's s 0)
!Int s 0 connects to router A
router rip
network 192.1.10.0
network 172.16.0.0
Host/Subnet Quantities Table
-
7/30/2019 Cisco Static Routes FAQ
34/35
Class B Effective Effective
# bits Mask Subnets Hosts
------- --------------- --------- ---------
1 255.255.128.0 2 32766
2 255.255.192.0 4 16382
3 255.255.224.0 8 8190
4 255.255.240.0 16 4094
5 255.255.248.0 32 2046
6 255.255.252.0 64 1022
7 255.255.254.0 128 510
8 255.255.255.0 256 254
9 255.255.255.128 512 126
10 255.255.255.192 1024 62
11 255.255.255.224 2048 30
12 255.255.255.240 4096 14
13 255.255.255.248 8192 6
14 255.255.255.252 16384 2
Class C Effective Effective
# bits Mask Subnets Hosts
------- --------------- --------- ---------
1 255.255.255.128 2 126
2 255.255.255.192 4 62
3 255.255.255.224 8 30
4 255.255.255.240 16 14
5 255.255.255.248 32 6
6 255.255.255.252 64 2
-
7/30/2019 Cisco Static Routes FAQ
35/35
*Subnet all zeroes and all ones included. These
might not be supported on some legacy systems.
*Host all zeroes and all ones excluded.
Classes of IPClass A networks use a default subnet mask of 255.0.0.0 and have 0-127 as their first octet. The address 10.52.36.11 is a class A
address. Its first octet is 10, which is between 1 and 126, inclusive.
Class B networks use a default subnet mask of 255.255.0.0 and have 128-191 as their first octet. The address 172.16.52.63 is aclass B address. Its first octet is 172, which is between 128 and 191, inclusive.
Class C networks use a default subnet mask of 255.255.255.0 and have 192-223 as their first octet. The address 192.168.123.132 isa class C address. Its first octet is 192, which is between 192 and 223, inclusive.
top related