routing final exam study guide
TRANSCRIPT
IP SLA
What are Offset lists used for?
An offset list is used to increase incoming and outgoing metrics to routes learned via EIGRP or RIP.
What are the three parts of IP SLA?
IP SLA source:- Sends probe packets to the target.- Probes configured on the IP SLAs source (IOS Router).
IP SLA responder:- Cisco IOS device, allows it to anticipate and respond to IP SLAs request packets.
IP SLA operation: - Measurement/result that includes protocol, frequency, traps …
What can be measured by IP SLA?
– Voice-quality scoring– Application performance– Server response time– Packet loss– One-way latency– Response time– Network resource availability
What is the three step process of configuring IP SLA?
- Define one or more IP SLAs operations (probes).- Define one or more tracking objects, to track the state of IOS IP SLA.- Define the action associated with the tracking object.
Policy Based Routing (PBR)
How does PBR work for influencing path control?
PBR can be used to implement policies that selectively cause packets to take different paths based on source address, protocol types, or application types and override the router’s normal routing behavior.
Explain the logical operation of a PBR decision?
- Is there a route map? (yes)- Does it match a deny? (no)- Does it match a Permit (yes) ----> then and only then do you set the applicable match statement
What are the five steps to configuring PBR?
1. Define and name the route map2. Define the conditions to match
• match statements3. Define the action to be taken when there is a match
• set statements4. Define which interface the route map will be attached to
• PBR is applied to incoming packets . 5. Verify path control results.
List 5 characteristics of BGP?
1. BGP is used to interconnect AS’s2. Standard for the Internet 3. Supports VLSM, CIDR4. Only routing protocol to use TCP5. Path-vector routing protocol
List four different attributes used with BGP?
MED, AS_PATH, Weight, Atomic Aggregate
List two AS number characteristics?
- 16 bit addresses (65,536)- Private addresses: 64512 – 65535
When two routers establish a TCP enabled BGP connection, what are they are they called?
neighbors or peers.
What is each router running BGP called?
BGP Speaker
How are route updates exchanged by BGP neighbors whom have just formed an adjacency?
1) When BGP neighbors first establish a connection, they exchange all candidate BGP routes. 2) After this initial exchange, incremental updates are sent as network information changes.
What mechanism is used by BGP to guarantee a loop-free exchange of routing information between autonomous systems?
- BGP guarantees a loop-free exchange of routing information between autonomous systems.
What two types (flavours) of BGP are there?
eBGP: ExternaliBGP: Internal
Define 3 characteristics of eBGP?
• eBGP runs between neighbors that belong to different AS • eBGP neighbors, by default, need to be directly connected.• Active TCP session between neighbors
Define 3 characteristics of iBGP?
• iBGP runs between neighbors within the same AS• The neighbors do not have to be directly connected.• Active TCP session between neighbors
Define the four types of BGP physical connectivity that were discussed in class?
What is meant by a Transit AS?
An Autonomous System connecting to 2 ISPs, that permits traffic from ISP1 to ISP2 through the local “transit” AS
Under what circumstances is BGP recommended?
- Multiple paths to the Internet- Manipulate the exiting traffic path- Influence incoming traffic paths
When BGP Is Not Recommended?
- When there is only a single connection to the Internet- If the routers do not have resources to support BGP- Not familiar with route filtering / path manipulation
In contrast, what do BGP speakers (routers) exchange?
BGP routers exchange network reachability information, called path vectors, made up of path attributes .
What information is included in a path vector?
AS Path: A list of the full path of BGP AS numbers (hop by hop) necessary to reach a destination network. IP address to get to the next AS (the next-hop attribute)How the path was introduced into BGP (origin code attribute).
What is the three step process to the operation of BGP?
1/ Establish neighbor relationships: Must have a TCP connection with neighbor2/ Exchange all candidate BGP routes: Exchange routing tables3/ Incremental Updates: Changes Only, KeepAlive 60 sec, Hold 180 sec (3x KeepAlive)
What three tables are used by BGP?
Neighbor - List of neighborsForwarding - List of networks learned from neighbors, contains BGP path attributesRouting - List of best routes to destination network.
What are the 4 messages types to BGP?
1: Open - Used to establish connections with Peers, Includes Hold Time & Router ID, Router ID determined same as OSPF2: Update - Contains the info that BGP uses to construct the picture of the internetwork3: Notification - Used for error messages4: Keepalive - Used to maintain connection with Peers
List the 6 states that BGP goes through from start to finish?
1: Idle - Waiting to start2: Connect -Waiting for TCP connection to be completed, Success: Move to OpenSent, No Success: Move to Active3: Active - Wait / try again for TCP connection4: OpenSent - Waiting for open message from peer. Keepalives are sent.5: OpenConfirm - Receives keepalives and transitions to Established6: Established - Start exchanging Update packets with peers
What does BGP use to determine the best path to a network?
BGP Path Attributes
What are the well-known mandatory BGP attributes?
AS_PATH, NEXT_HOP, ORIGIN
What are the Well-Known Discretionary BGP Attributes?
Local_Preference, Atomic Aggregate
What are the 4 categories of BGP Path Attributes?
Well-known mandatory - Must exist in the BGP update packet. If it is missing a notification (error) message is generated Well-known discretionary - Recognized by all BGP implementations, it may or may not be set in the update packet.Optional transitive - May or may not be recognized by all BGP implementations, BUT, accept and pass it to your peersOptional nontransitive - May or may not be recognized by all BGP implementations, DO NOT pass it to your peers
What happens if a well-known mandatory attribute is missing in a received update?
A notification error will be generated
What are the three origin codes used for BGP?
IGP - An origin of IGP is indicated with an “i” in the BGP tableEGP - An origin of EGP is indicated with an “e” in the BGP table.Incomplete - An incomplete origin is indicated with a “?” in the BGP table
If the Path is listed as a “?”, what does that usually mean?
- Usually redistributed.
What is the Local Preference Attribute used for?
Used to advertise which is the preferred exit point in this ASLocal to AS: Exchanged between iBGP routersUsed when there are multiple exit points from the ASHigher value – more preferred
What is the Atomic Aggregate attribute used for?
The Atomic Aggregate attribute is used to indicate that routes have been summarized.May not necessarily be the most complete route information available.
What is the MED attribute used for?
Sent to other AS’s (ISP) to indicate best entry path into your AS Used to influence the ISP’s Outbound decisionsLower Metric – is preferred
What is the Weight Attribute used for?
Local to the router Higher weight – exit point more preferredCisco proprietary
What is the BGP Route selection process?
WeightLocal_PreferenceAggregate routesAS-PATHOriginMEDPrefer EBGP over IBGP
How many BGP Autonomous Systems can a router belong to?
Only 1
What do network statements tell BGP?
Network statement tells BGP what local networks to advertise (originate) into BGPThese routes must exist in the local router’s routing table to be propagated.
Is redistribution a recommended practice when using BGP?
NO!, Redistributing is not recommended because it could result in unstable BGP tables.
When must iBGP be used?
Must be used if you have two or more exit pointsCare must be taken not to become a Transit AS
How does iBGP prevent loops?
If an iBGP router learns about an update from another iBGP neighbor it does not pass it to any other iBGP routers
What is a best practice for configuring iBGP?
Full Mesh
What can be done to provide a more stable BGP neighborship?
Loopbacks provide stability - Route Flap avoidanceA route must exist to the loopback addresses or you need to add one
Why must you reset BGP when a change is made?
Any new policy, enforced by the new filters, is applied only on routes that are received or sent after the change.
What is the difference between a hard BGP reset and a soft BGP reset?
Hard:Connection is reset (Down – Up)All tables must be relearnedCan be reset for a specific neighbour or for all neighbours
Soft:Connection is maintainedThe router creates a new update and sends it to all / specific neighbors.
How does BGP differ from IGPs?
- Unlike IGPs, BGP was never designed to choose the quickest/most efficient path.- BGP was designed to manipulate traffic flow to maximize or minimize bandwidth use.
List 6 typical BGP Set Commands?
Set weightSet local-preferenceSet as-pathSet originSet metric
When is the BGP weight attribute used?
- The weight attribute is used only when one router is multihomed and determines the best path to leave the router. - Only the local router is influenced.- Higher weight routes are preferred.
What can be used to filter out traffic from a specific AS-Path?
An “as-path access-list”.
What as-path regular expression means via AS100 when using as-path ACLs?
_100_
What as-path regular expression indicates an origin of AS100 when using as-path ACLs?
_100$
What as-path regular expression indicates transmission from AS100 when using as-path ACLs?
^100 .*
When is local preference used?
The local preference is used only within an AS (between IBGP speakers) to determine the best path to leave the AS.
When no other BGP path selection tools such as weight or local-preference have been configured, how does BGP choose its path?
It chooses the shortest AS-path regardless of available bandwidth.
When is MED used?
MED is used to decide how to enter an AS when multiple paths exist.– In the BGP path-selection process, the lowest MED value is preferred.– Default is 0.
IPv6
What improvements have been added to IPv4 in the new IPv6 addressing scheme?
- IPv6 addresses are 128 bits, compared to IPv4’s 32 bits- Elimination of public-to-private NAT- Elimination of broadcast addresses- Support for mobility and security- Simplified header for improved router efficiency
What is Stateless Auto-Configuration?
DHCP is not required because an IPv6 device can automatically assign itself a unique IPv6 link-local address.
How many IPv6 addresses can be configured on an interface?
One or many.
Do IPv6 routers fragment IP packets?
No, IPv6 routers no longer perform fragmentation.A discovery process is used to determine the optimum MTU to use during a given session.
How are public IPv6 addresses grouped?
- By major geographic region- Subdivided by ISP inside that region- Further subdivided for each customer
What can be done to reduce the size of an IPv6 address containing consecutive “0”s?
Successive fields of 0 can be represented as :: but only once per address.
What are the three types of IPv6 addresses?
Unicast – One to OneMulticast – One to ManyAnycast – One to Nearest
What are the three scopes of unicast addresses?
Global: The scope is global (IPv6 Internet addresses). Link Local: The scope is the local link (nodes on the same subnet). (FE80…), Not routedSite Local: (Private Addressing) - Obsolete (Deprecated)
What three parts do global unicast addresses typically consist of?
A 48-bit global routing prefixA 16-bit subnet IDA 64-bit interface ID
What do IPv6 Link Local Unicast addresses start with?
Starts with Hex: FE80Normally created dynamicallyStateless Auto-configuration
Does IPv6 still use broadcasts?
No Broadcasts in IPv6Replaced by multicastsStarts with Hex: FF
List 3 common Multicast addresses?
FF02::1 All NodesFF02::2 All routersFF02::9 All RIP routers
List three methods that can be used to assign IPv6 addresses?
Stateless Auto-configurationManually AssignedDHCPv6: Multicast to FF02::1:2
What does IPv6 use to resolve addresses, like IPv4 uses ARP?
ICMPv6 Neighbor Solicitation (NS) is similar to IPv4 ARP in that it is used when resolving an IPv6 address to a MAC address.
How does Stateless Autoconfiguration work?
Stateless autoconfiguration uses the information in RA messages to configure hosts automatically.
All routers on the network reply to the RS immediately, with an RA sent to the all-nodes multicast address.The host now creates a link-local address and solicited-node address using the RA supplied by the router.
What is EUI-64 used for and how is it used?
(EUI)-64: Extended Universal Identifier format is used for stateless auto-configuration.64 bit: Manually / Dynamically configuredUses the 48bit MAC address and inserts 16bits “FFFE” into the middle of the address.
How is an EUI-64 address made?
Step 1 – Insert FF:FE 0034:56FF:FE78:9ABCStep 2 - convert 00 to binary and flip 7th bit >>> 0000 0010 = 02Step 3 – convert back to HEX and the address is ready
EUI - 0234:56FF:FE78:9ABC
What command identifies an EUI-64 address has been configured?
R1(config-if)# ipv6 address FE80::1 link-local
How is a Global Unicast IPv6 address assigned?
Global Unicast IPv6 addresses are assigned by omitting the link-local parameter.
What are IPv6 Unnumbered Interfaces used for?
IPv6 supports unnumbered interfaces to enable IPv6 processing on an interface without assigning an explicit IPv6 address to the interface.
What routing protocols are used for IPv6?
StaticRIPngOSPFv3EIGRP for IPv6MP-BGP4
How do you enable IPv6 Routing?
ipv6 unicast-routing
How do you specify an IPv6 default route?
R2(config)# ipv6 route ::/0 s0/1/0
Can OSPFv3 and v2 run concurrently?
- OSPFv3 & v2 can be run concurrently, because each address family has a separate SPF (ships in the night).- They do not exchange information
What multicast address represents all OSPF routers on the local scope?
FF02::5 – Represents all OSPF routers on the link local scope; equivalent to 224.0.0.5 in OSPFv2.
What multicast address represents all DR routers on the local scope?
FF02::6 – Represents all DR routers on the link local scope; equivalent to 224.0.0.5 in OSPFv2.
What 32bit components are still used by OSPFv3 for IPv6?
– Router ID and Area ID’s remain at 32 bits.
What mechanism is used by OSPFv3 for authentication?
None, Authentication is no longer part of OSPF.
How does EIGRP for IPv6 differ from EIGRP for IPv4?
- It does not automatically summarize- It is configured on an interface
What transition methods are available for IPv4-to-IPv6?
Dual Stack: Both protocols are enabled, Path chosen based on addressing, Protocols do not share Route informationTunneling: Manual / GRE , Automatic (Tunneling encapsulates the IPv6 packet in the IPv4 packet.)NAT-PT Translation
What limitation is there to 6to4 tunneling?
First 16 bits of the address must be 2002Next 32 bits must be Source IPv4 AddressEmulates a NBMA network
What product reduces cost by deploying a single, resilient system for fast, secure delivery of mission-critical business services?
Cisco 2800 Series ISR- Data- Voice- Security- Wireless
List the 5 step implementation plan for deploying a branch office network?
1. Deploy broadband connectivity2. Configure static routing (to ISP)3. Document and verify other services such as NAT, DHCP etc…4. Implement and tune the IPsec VPN5. Configure GRE tunnels
What does DOCSIS stand for and what does it specify?
Data Over Cable Service Interface Specification: Standard for cable equipment devices: cable modems (CM) , cable modem termination system (CMTS)
DOCSIS specifies the standards for the: Physical and MAC layers
What type of physical medium is deployed in Cable networks?
Hybrid fiber-coaxial
What is the highest DOCSIS standard available to date?
DOCSIS® 3.0 channel bonding
o up to 304 Mbps in the downstream o Up to108 Mbps in the upstream.
How do DSL subscribers connect to the network?
ADSL and voice on the same POTS copper line
What is the approximate maximum distance that a DSL subscriber can be from a CO and still be able to get service?
18,000ft (5,460m)
What is the most commonly deployed type of DSL?
Asymmetric DSL (ADSL)
VPNs / IPsec
What are the two basic types of VPN solutions?
Site-to-site VPNs:VPN endpoints are devices such as routers.The VPN is completely hidden from the users.
Remote-access VPNsMobile user initiates a VPN connection request using either VPN client software or an Internet browser & SSL connection.
What are two significant benefits when using IPsec VPNs?
- Encapsulation- Encryption
Is IPsec a protocol?
No, it is a combination of security algorithms used together to achieve Confidentiality, Integrity, and Authentication
What is the main difference between a transport mode VPN and a Tunnel mode VPN?
- A transport mode VPN does not care about the routing process, but rather to protect the payload only.- A Tunnel mode VPN encapsulates the entire packet into a new IP header and protects the data and original IP Header.
What are the 5 main steps to configuring an IPsec VPN?
1. Configure the initial key exchange (ISAKMP policy) details.2. Configure the IPsec transform details (Transform Set)3. Configure the Crypto ACL. (Interesting traffic)4. Configure the VPN tunnel information.5. Apply the Crypto Map to the interfaces.
What did Cisco develop to allow IPsec VPNs to support IGPs?
GRE Tunneling protocol developed by CiscoGRE is commonly implemented with IPsec to support IGPs
Do GRE tunnels provide encryption services?
GRE is just an encapsulation protocol. By default, the traffic leaves in clear text. GRE tunnels do not provide encryption services. IPsec must also be configured to encrypt the routing traffic.
MPLS
What significance is held by MPLS Labels?
Locally Significant
Essentially, what is Layer 2 MPLS?
Extension of Ethernet across the WANProvides do not take part in routing decisionsCE routers become neighbors on the same network
What differs from Layer 2 MPLS to Layer 3 MPLS?
Customer and Provider participate in Routing processSeparate Routing table for each customer: VRF: Virtual Routing and Forwarding Table