• If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.
Xin chào ! Nếu đây là lần đầu tiên bạn đến với diễn đàn, xin vui lòng danh ra một phút bấm vào đây để đăng kí và tham gia thảo luận cùng VnPro.

Announcement

Collapse
No announcement yet.

FAQ: Các câu hỏi thường gặp từ sinh viên - chương 2 semester 5

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • FAQ: Các câu hỏi thường gặp từ sinh viên - chương 2 semester 5

    Xin chào,

    Dưới đây là một số câu hỏi thường gặp từ các bạn đang theo học bsci.

    Chapter 2 – IP Addressing

    1. How is VLSM (Variable Length Subnet Masking) different from the usual subnetting?

    There is no difference. VLSM is simply an extension of basic subnetting, where the same A-B-C class address is subnetted by using masks of different lengths.

    2. Why do I need VLSM?

    VLSM provides a more efficient way of assigning IP addresses. It provides more flexibility in assigning an adequate number of hosts and subnets given a limited number of IP addresses.

    3. What is the difference between CIDR and supernetting?

    Classless Interdomain Routing is the mechanism that allows advertising both supernets and subnets outside of the normal bounds of a classful network number. Supernetting is a representation that allows masks that are shorter than the natural masks, hence creating supernets.

    4. Is the classful model the cause of the growth in the global routing tables?

    No. The growth of the routing tables is due to the fact that more and more organizations are connecting to the Internet. The classful model does not offer a solution to deal with such growth.

    5. I have a network that uses older protocols such as RIP v1 and IGRP.
    What issues should I consider in deciding whether to upgrade to newer protocols that support VLSM and CIDR?

    If you feel implementing VLSM and CIDR can help you utilize your address space more efficiently and give you better route summarization capabilities, then you should upgrade. One issue could be whether your current hardware is capable of running newer protocols that might need extra processing or memory requirements. That of course depends on the protocol to which you are upgrading. Other issues have to deal with the co-existence of new and old protocols. Because network upgrades are usually done in stages, you will be faced with situations where both older and newer protocols are running concurrently. Because older protocols cannot deal with VLSM or CIDR, you should not be surprised that extensive use of static routing might be required to ensure connectivity in your domain during the transition period.

    6. Can I aggregate any routes in my routing table?

    Only routes that are personally adminstered can be aggregated. Aggregating routes that are not an extension of your domain can create black holes.

    7. If I leave my provider, can I keep my IP addresses?

    For the purposes of better aggregation, today's routing practices recommend (sometimes require) that you return the old addresses and get addresses from your new provider. Ask your provider for its policies.

    8. I have hosts that require Internet connectivity and others that do not. Can I use private addresses on some hosts and not others?

    Yes, both private and global addresses can be used in the same network. When advertising routes to your provider, only the legal networks are advertised.

    9. I need to connect to the Internet, and not all my addresses are registered. I cannot afford to renumber--what do I do?

    You could always use Network Address Translation (NAT) to map your illegal address to a legal pool of addresses you get from your provider.
    Đặng Quang Minh, CCIEx2#11897 (Enterprise Infrastructure, Wireless), DEVNET, CCSI#31417

    Email : dangquangminh@vnpro.org
    https://www.facebook.com/groups/vietprofessional/

  • #2
    Mình gửi tiếp vài câu hỏi về OSPF & multi OSPF nữa đây:

    1. Why are loopbacks advertised as /32 host routes in OSPF?
    Loopbacks are considered host routes in OSPF and are advertised as /32. For more information, see section 9.1 of RFC 2328. In Cisco IOS ® version 11.3T and 12.0, if the ip ospf network pointto-point command is configured under loopbacks, then OSPF advertises the loopback subnet as the actual subnet configured on loopbacks.

    2. How do I change the reference bandwidth in OSPF?
    In Cisco IOS version 11.2 and higher, use the ospf auto-cost reference-bandwidth command under router ospf. By default, reference-bandwidth is 100 Mbps.

    3. How does OSPF calculate its metric or cost?
    OSPF uses a reference bandwidth of 100 Mbps for cost calculation. The formula to calculate the cost is reference bandwidth divided by interface bandwidth. In the case of Ethernet for example, it's 100 Mbps/10 Mbps = 10.

    Note: If ip ospf cost <cost> is used on the interface, it overrides this formulated cost.

    4. Are OSPF routing protocol exchanges authenticated?
    Yes. OSPF can authenticate all packets exchanged between neighbors. Authentication may be through simple passwords or through MD5 cryptographic checksums. To configure simple password authentication for an area, use the command ip ospf authentication-key. A password of up to eight octets to each interface attached to the area may be assigned. Then enter the area <x> authentication command to the OSPF router configuration to enable authentication, where x is the area number.

    5. What is the link-state retransmit interval and what is the command to set it?
    OSPF must send acknowledgment of each newly received link-state advertisement (LSA). It does this by sending LSA packets which are retransmitted until they are acknowledged. The link-state retransmit interval defines the time between retransmissions. You can use the command ip ospf retransmit-interval to set the retransmit interval. The default value is five seconds.

    6. What is the purpose of the variable IP-OSPF-Transmit-Delay?
    This variable adds a specified time to the age field of an update. If the delay is not added before transmission over a link, the time in which the LSA propagates over the link is not considered. The default value is one second. This parameter has more significance on very low speed links.

    7. Is it true that only the static option of the virtual link in OSPF allows discontiguous networks regardless of the mask propagation properties?
    No. Virtual links in OSPF maintain connectivity to the backbone from non-backbone areas, but they are unnecessary for discontiguous addressing. OSPF provides support for discontiguous networks, since every area has a collection of networks and OSPF attaches a mask to each advertisement.

    8. Are the multicast IP addresses mapped to MAC-level multicast addresses?
    OSPF sends all advertisements using multicast addressing. Except for Token Ring, the multicast IP addresses are mapped to MAC-level multicast addresses. Cisco maps Token Ring to MAC-level broadcast addresses.

    9. Does the Cisco OSPF implementation support IP TOS-based routing?
    Cisco OSPF only supports TOS 0. This means that routers route all packets on the TOS 0 path, eliminating the need to calculate non-zero TOS paths.

    10. Will the offset-list subcommand work for OSPF?
    The offset-list command doesn't work for OSPF; it's used for distance vector protocols such as IGRP, RIP, and RIPv2.

    11. Can an OSPF default be originated into the system based on external information on a router that does not itself have a default?
    OSPF generates a default only if it is configured using the command default-information originate and if there is a default network in the box from a different process. The default route in OSPF is 0.0.0.0. If you want an OSPF-enabled router to generate a default route even if it doesn't have a default route itself, use the command default-information originate always.

    12. Can I use the distribute-list in/out command with OSPF to filter routes?
    OSPF routes can not be filtered from entering the OSPF database. The distribute-list in command only filters routes from entering the routing table, but it doesn't prevent link-state packets from being propagated. The command distribute-list out works only on the routes being redistributed by the autonomous system boundary routers (ASBRs) into OSPF. It can be applied to external type 2 and external type 1 routes, but not to intra-area and inter-area routes.

    13. How can I give preference to OSPF inter-area routes over intra-area routes?
    According to RFC, the order of preference for OSPF routes is as follows:
    • intra-area routes, O
    • inter-area routes O IA
    • external routes type 1, O E1
    • external routes type 2, O E2

    14. Do I have to manually setup adjacencies for routers on the SMDS cloud with the OSPF neighbor subcommand?
    Before Cisco IOS 10.0, you needed the neighbor command to establish adjacencies over NBMA networks (such as Frame Relay, X.25, and SMDS). As of IOS 10.0, you can use the ip ospf network broadcast command to define the network as a broadcast network, eliminating the need for the neighbor command. If you're not using a fully meshed SMDS cloud, you must use the ip ospf network point-to-multipoint command.

    15. When routes are redistributed between OSPF processes, are all SPF metrics preserved or is the default metric value used?
    The SPF metrics are not preserved. The redistribution between them is like redistribution between any two IP routing processes.

    16. How does Cisco accommodate OSPF routing on partial-mesh Frame Relay networks?
    You can configure OSPF to understand whether or not it should attempt to use multicast facilities on a multi-access interface. Also, if multicast is available, OSPF uses it for its normal multicasts.
    Cisco IOS 10.0 includes a feature called subinterfaces. You can use subinterfaces with Frame Relay to tie together a set of virtual circuits (VC) to form a virtual interface, which acts as a single IP subnet. All systems within the subnet should be fully meshed. As of 10.3 and 11.0, the ip ospf point-tomultipoint command is also available.

    17. Which address-wildmask pair should I use for assigning an unnumbered interface to an area?
    When an unnumbered interface is configured, it references another interface on the router. When enabling OSPF on the unnumbered interface, use the address-wildmask pair of interfaces to which the unnumbered interface is pointing.

    18. Can I have one numbered side and leave the other side unnumbered in OSPF?
    No. OSPF doesn't work if you have one side numbered and the other side unnumbered. This creates a discrepancy in the OSPF database that prevents routes from being installed in the routing table.

    19. Why do I receive the "cannot allocate router id" error message when I configure Router OSPF 1?
    OSPF picks up the highest IP address as a router ID. If there are no interfaces in up/up mode with an IP address, then it returns this error message. To correct the problem, configure a loopback interface.

    20. Why do I receive the "unknown routing protocol" error message when I configure Router OSPF 1?
    Your software may not support OSPF. This error message occurs most frequently with the Cisco 1600 series routers. If you are using a Cisco 1600 router, you will need a plus image to run OSPF.

    21. What do the states DR, BDR, and DROTHER mean in show ip ospf interface output?
    DR means designated router, BDR means backup designated router, and DROTHER means a router that is neither the DR nor the BDR. The DR generates a Network Link State Advertisement, which lists all the routers on that network.

    22. When I type the show ip ospf neighbor command, why do I only see FULL/DR and FULL/BDR, with all other neighbors showing 2-WAY/DROTHER?
    To reduce the amount of flooding on broadcast media, such as Ethernet, FDDI, and Token Ring, the router gets full with only DR and BDR, and shows 2-WAY for all other routers.

    23. Why don't I see OSPF neighbors as FULL/DR or FULL/BDR on my serial link?
    This is normal. On point-to-point and point-to-multipoint networks there are no DRs or BDRs.

    24. Do I need any special commands to run OSPF over BRI/PRI links?
    In addition to the normal OSPF configuration commands, you should use the dialer map command. When using the dialer map command, use the broadcast keyword to indicate that broadcasts should be forwarded to the protocol address.

    25. Do I need any special commands to run OSPF over asynchronous links?
    In addition to the normal OSPF configuration commands, you should use the async default routing command on the asynchronous interface. This command enables the router to pass routing updates to other routers over the asynchronous interface. Also, when using the dialer map command, use the broadcast keyword to indicate that broadcasts should be forwarded to the protocol address.

    Comment


    • #3
      EIGRP
      1. Is configuring EIGRP as easy as configuring IGRP?
      Yes. EIGRP is configured the same way as IGRP. Use existing configuration files to configure a routing process and choose the directly connected networks over which the protocol should run.

      2. Does EIGRP require a default network to propagate a default route?
      Although EIGRP can propagate a default route using the default network method, it isn't required. EIGRP redistributes default routes directly.

      3. Should I always use the EIGRP log-neighbor-changes command when configuring EIGRP?
      Yes. This command makes it easy to determine why an EIGRP neighbor was reset and reduces troubleshooting time.

      4. Does EIGRP support secondary addresses?
      EIGRP does support secondary addresses. Since EIGRP always sources data packets from the primary address, we recommend that you configure all routers on a particular subnet with primary addresses that belong to the same subnet. If all routers' primary IP addresses do not agree, problems can arise with neighbor adjacencies.

      5. Does EIGRP have the same debugging capabilities as IGRP?
      Yes. There are protocol-independent and procotol-dependent debug commands. There is also a suite of show commands that display neighbor table status, topology table status, and EIGRP traffic statistics. Some of these commands are:
      show ip eigrp neighbors
      show ip eigrp interfaces
      show ip eigrp topology
      show ip eigrp traffic

      6. Are the same features available in EIGRP as in IGRP?
      Yes. All of the same features in IGRP are available in EIGRP. EIGRP has additional features such as the ability to handle variable length subnets and supernet aggregates. Another feature is the DUAL algorithm which eliminates AppleTalk periodically sending routing updates.

      7. What percent of bandwidth and processor resources does EIGRP use?
      EIGRP v1 introduced a feature that prevents any single EIGRP process from using more than 50% of the configured bandwidth on any link during periods of network convergence. Each AS or protocol (for instance, IP, IPX, or Appletalk) serviced by EIGRP is a separate process. You can use the configure interface command to properly set the bandwidth statement on each WAN interface. In addition, the implementation of partial and incremental updates means that EIGRP sends routing information only when a topology change occurs. This feature significantly reduces bandwidth use. The feasible successor feature of EIGRP reduces the amount of processor resources used by an autonomous system (AS). It requires only the routers affected by a topology change to perform route recomputation. Furthermore, the route re-computation only occurs for routes that were affected, which reduces search time in complex data structures.

      8. Does EIGRP support aggregation and variable length subnet masks?
      Yes. EIGRP supports aggregation and variable length subnet masks (VLSM). Unlike OSPF, EIGRP allows summarization and aggregation at any point in the network. EIGRP supports aggregation to any bit. This allows properly designed EIGRP networks to scale exceptionally well without the use of areas. EIGRP also supports automatic summarization of network addresses at major network borders.

      9. Does EIGRP support areas?
      No. A single EIGRP process is analogous to an area of a link-state protocol. However, within the process, information can be filtered and aggregated at any interface boundary. To bind the propagation of routing information, you can use summarization to create a hierarchy.

      10. Can I configure more than one EIGRP autonomous system on the same router?
      Yes, but we do not recommend it. Multiple EIGRP autonomous systems on the same router using mutual redistribution can cause discrepancies in the EIGRP topology table. We recommend configuring only one EIGRP autonomous system in any single autonomous system and using another protocol, such as BGP, to connect the two EIGRP autonomous systems.

      11. What does the EIGRP stuck in active message mean?
      When EIGRP returns a stuck in active (SIA) message, it means that it hasn't received a reply to a query. EIGRP sends a query when a route is lost and another feasible route doesn't exist in the topology table. The SIA is caused by two sequential events:

      The route reported by the SIA has gone away.
      An EIGRP neighbor (or neighbors) have not replied to the query for that route.

      When the SIA occurs the router clears the neighbor that didn't reply to the query. When this happens, you need to determine which neighbor has been cleared, keeping in mind that this router could be many hops away. For troubleshooting instructions, see the EIGRP White Paper.

      12. What does the neighbor statement in the EIGRP configuration section do?
      The neighbor statement has no effect when configured under an EIGRP process. The Cisco IOS parser allows you to configure this command, but it doesn't force EIGRP to form neighbor adjacencies, or affect the way EIGRP forms neighbor adjacencies.

      13. Why does the EIGRP passive-interface command remove all neighbors for an interface?
      The passive-interface command disables the transmission and receipt of EIGRP hello packets on an interface. Unlike IGRP or RIP, EIGRP sends hello packets in order to form and sustain neighbor adjacencies. Without a neighbor adjacency, EIGRP can't exchange routes with a neighbor. Therefore, the passive-interface command prevents the exchange of routes on the interface.Although EIGRP won't send or receive routing updates on an interface configured with the passiveinterface command, it still includes the address of the interface in routing updates sent out of other non-passive interfaces.

      Comment


      • #4
        BGP and Scaling BGP

        1. What is the difference between a domain and an autonomous system?
        Both notations indicate a collection of routers. The domain notation is usually used to indicate a collection of routers running the same routing protocol, such as a RIP domain or an OSPF domain. The AS represents one or more domains under a single administration that have a unified routing policy with other ASs.

        2. My company is connected to an ISP via RIP. Should I use BGP instead?
        If you are thinking of connecting to multiple providers in the near future, you should start discussing the option of using BGP with your provider. If your traffic needs do not require multiple provider connectivity, you should be okay with what you have.

        3. I have a single IGP connection to a provider. I am thinking of connecting to the same provider in a different location. Can I connect via an IGP or should I use BGP?
        This depends on the provider. Some providers will let you connect via IGP in multiple locations; others prefer that you use BGP. Practically speaking, when you use BGP, you will be in better control of your traffic.
        4. I thought that BGP is to be used between ASs; I am a bit confused about using BGP inside the AS.
        Think of BGP inside the AS (IBGP) as a tunnel through which routing information flows. If your AS is a transit AS, IBGP will shield all your internal nontransit routers from the potentially overwhelming number of external routing updates. On the other hand, even if you are not a transit AS, you will realize that IBGP will give you better control in choosing exit and entrance points of your traffic.

        5. You talk about BGP4, but is anybody still using BGP1, 2, or 3? What about EGP?
        BGP4 is the de facto interdomain routing protocol used on the Internet. EGP and BGP1, 2, and 3 are obsolete. BGP4's support of CIDR and better filtering and policy setting capabilities has prompted everybody to shift gears into using this new protocol.

        6. Does BGP send periodic updates like RIP?
        No. BGP exchanges routing information once, when the BGP session is being established. After that, only network changes are exchanged between BGP peers.

        7. Does the BGP session become "established" after all the routing updates have been exchanged between BGP neighbors?
        No. It is the other way around. No routing exchange can take effect until both BGP neighbors agree on all parameters and the session becomes established.

        8. Is the Network Layer Reachability Information (NLRI) the actual BGP routing update?
        No. The NLRI is one of the elements that is carried in a BGP UPDATE message. Other elements are the attributes and the unreachable networks.

        9. You talk about authentication as an example of the BGP optional parameters. How important is authentication?
        Authentication is a means to validate the BGP peer. This is to prevent hackers from assuming the identity of one of your peers and feeding you wrong routing information. With authentication, both peers will validate the connection via password mechanisms.

        10. Where does BGP carry information about AS numbers?
        AS numbers are listed as part of the AS_path attribute carried in the UPDATE message.

        11. If my IBGP peers are not directly connected, do I have to use EBGP multihop?
        No. There is no restriction on IBGP peers to be connected. EBGP multihop is for EBGP only.

        12. Should I inject my BGP routes into the IGP for synchronization to take effect?
        No. Injecting the BGP into your IGP is not recommended. You should turn the synchronization off. Make sure that this will not result in reachability problems inside your AS.

        13. Does listing my IGP routes via the network command rather than redistributing the IGP into BGP give my BGP routes more stability?
        No. In both methods, the fluctuation of your IGP routes will translate in fluctuation in your BGP routes. The network command only gives you better control and less worry about what your IGP might carry into BGP if you use redistribution.

        14. Do I have to list my connected interfaces by using the network command?
        If you want the directly connected subnets to be reachable via BGP, then you can advertise them; if not, you don't have to.

        15. I have two border routers talking EBGP to my provider and IBGP internally. If I list my IGP routes via the network command on both routers, would that create a loop on the IBGP session?
        No. Actually, doing so gives you more redundancy. If one of your border routers fails, the other border router will still announce the same networks.

        16. What happens if I use next-hop-self on my EBGP peers?
        Next-hop-self is used between IBGP peers. Using it between EBGP peers is a not an option because the next hop is always the IP address of the EBGP neighbor.

        17. I need to receive only a few updates from my neighbor. Can I filter on my side of the link?
        Yes. Ask your neighbor to send you only the routes you need to minimize unnecessary link bandwidth usage and unnecessary route fluctuations. At the same time, use filtering on your end to protect yourself from potential accidents where your neighbor sends you more routes than you are expecting.

        18. My provider needs me to send different local preferences on different links.
        No. Local preference is defined inside the AS and is not carried on EBGP sessions.

        19. I am receiving MED from my provider that is influencing my traffic in a way that conflicts with my IGP. What do I do?
        If receiving MEDs is causing you problems, call your provider and ask him to stop sending MEDs. Or, you can set MED to 0 on your end of the session.

        20. I am connected to multiple providers. On some occasions, my AS gets hit with an enormous amount of traffic that does not belong to my AS. What could be wrong?
        You might be advertising routes that you receive from one provider to other providers. Other ASs might be using your AS as transit for their traffic. Make sure that you advertise only your routes to your providers.

        21. I am multihomed to the same provider. Do I have to worry about advertising the routes I learn from one link back on the second link?
        BGP on your provider's end will detect that the routes it is receiving from you have passed through its AS already and will ignore them. Nevertheless, this is bad practice. You should not overload the links and routers with useless information; make sure that you send your own routes only.

        22. I am a provider and I have given one of my customers a private AS number. Now, the customer wants to have a different connection with another provider. What would happen if he keeps using a private AS number?
        This would be an illegal configuration. After you advertise this customer's network to the Internet, you are stripping the private AS number and announcing the routes as if they originated from your own AS. If the second provider does the same thing, then the customer's networks will have two origins -- your AS and the AS of the other provider -- and that is illegal.

        23. I am connected to one provider in San Francisco and I am advertising my routes via BGP. I am connecting to another provider in LA. Should I get a different AS number?
        If both the SF and LA networks fall under the same administration and have the same policies with other ASs, then they belong in the same AS. Remember that dividing networks via BGP is to define the boundaries of administration and policy. Geographical location is not the deciding factor.

        24. I statically defined a default toward my provider by pointing toward a network I am learning via BGP. What happens if that network goes up and down?
        Your default will appear and disappear. That is why you should not point your default to a specific subnet. Always point to an aggregate or supernet because they are less likely to flip-flop.
        25. I have the option of getting the 0/0 default via BGP or defining a static default. What do you think is best?
        For the border router, both methods are the same as long as the aggregate you are pointing to is stable. On the other hand, after you receive the 0/0 via BGP, it will get flooded to all your IBGP peers and there is a chance that you will end up sending it out to your other EBGP peers. When you define the default statically, you will have better control.

        26. I need to have a primary link where all my traffic flows and a backup link in case of failure. I also need to load balance my traffic. Is that possible?
        That is not possible. If you were using your primary link for all inbound and outbound traffic, this would dictate that no other traffic would flow on the other link. These are two contradicting requirements.

        27. My AS is connected to two providers, one in SF and one in NY. I want the traffic from and toward my SJ site to go in and out on the SF link. All other traffic should flow over the NY link. What do I need to do to achieve this behavior?
        For your inbound traffic toward San Jose, you can use the AS_path manipulation technique to make your path longer for all SJ routes advertised on the NY link. The problem is with your outbound traffic. If you know exactly what networks the SJ users are trying to reach, you can give those destinations better local preference on the SF exit. If the SJ site needs to reach any destination, then setting a better local preference on the SF link will cause all your outbound traffic to leave via the SF link. That doesn't meet your requirement about the NY link carrying all other traffic.
        Another way of dealing with this scenario is policy routing, where a router can track source addresses and direct traffic accordingly.

        28. I am prepending AS numbers to my routes to tip the balance of my traffic. I am not seeing any effect. Why?
        Remember that multiple providers exchange your updates. A provider along the way can use local preference to override your path length. Check with your provider.

        29. Do I have to set BGP policies? Why can't I leave it to BGP to figure out the correct path?
        You do not have to set policies. Remember that BGP is not taking into account the speed of your links and your user traffic requirements. If you are happy with your traffic pattern the way it is, then you do not need to change any attributes.

        30. I am not running IBGP between my border routers; do I have to worry about routing loops?
        As far as the interaction between IGP and BGP, loops cannot occur. If your internal routers are following a default toward the BGP border routers, after the traffic reaches the border router, it has only one way out via the EBGP session.

        31. I have two BGP border routers running IBGP and connected via a serial link. I am using local preference to control my exit points. What happens if the serial line goes down?
        If you are setting BGP policies that cause traffic to be directed between BGP routers, this would be the same scenario as if you do not have a link between the border routers. While the serial line is down, your traffic might end up looping inside the AS.

        32. If I use a serial link between my IBGP border routers to direct traffic from one router to the other, should that link be as fast as my links to my providers?
        The only traffic that line will carry is outbound traffic that is redirected between border routers and a portion of incoming traffic. Try to figure out what percentage of your total traffic that constitutes to estimate the appropriate link bandwidth.

        33. I need to direct traffic toward destination X over my serial line and toward destination Y over my Ethernet line. Can I do that via policy routing?
        What you have just described can be done via static routing which works on the basis of destination. There is no need for policy routing which works on the basis of source or source and destination combined.

        Comment


        • #5
          thanks for the helpful thread of dangquangminh & asiamoonlight!!!

          Comment

          Working...
          X