IOS OSPF Multi-VRF support: remember to add "capability vrf-lite" statement

IOS "Multi-VRF" to me is a solution to one of my headache. Since I failed to persuade my colleagues buying new switches, I have to make one hardware acting as two.

(The following story is really demonstrating a bad habit. You should avoid the same mistakes by prepare well before you do anything!)

Without study further at the beginning, I jumped right into configuring and enabling the Multi-VRF feature. I decided to use OSPF, so my first configuration looked like this:

router ospf 1 vrf XXXXX
 router-id 1.2.3.4
 area 1.2.3.0 authentication message-digest
 network 1.2.3.0 0.0.0.255 area 1.2.3.0

Looks not too wrong, isn't it?

In fact, I immediately saw a lot of routing entries coming in. That's why I thought I was right at the first moment.

Then something strange came out. I checked more carefully about the routing table entries and found some routes are just missing. All OSPF externals and "intra-area"s are there, but not those "inter-area"s.

I googled a while and found this page on Cisco.com. The missing statement is "capability vrf-lite". So the correct configuration should be like this:

router ospf 1 vrf XXXXX
 router-id 1.2.3.4
 capability vrf-lite
 area 1.2.3.0 authentication message-digest
 network 1.2.3.0 0.0.0.255 area 1.2.3.0

A good lessen for myself!

Subscription button is OK now!

Shining to the sky (DSC_0526),
originally uploaded by Li-Ji.

Just to let you know, the subscription inconveniences is gone now. I have completed the Feedburner account transition and all were tested OK!

Please keep subscribing!

Cisco Reading List

Thanks to Johnson Liu's blog, I found more useful web sites and blogs that help to study about Cisco. I decide to publish all my collected Cisco reading and subscription list here in OPML^(?) format.

I hope it helps your study!

• Cisco Reading List

Subscribe when you can, bookmark otherwise!

Subscription button might not work sometimes because of moving Feedburner account

Yellow Daisy (DSC_0034),
originally uploaded by Li-Ji.

I am sorry to let you know, the "Subscribe" buttons might not work sometimes for a while.

I am moving my Feedburner account into Google account. The subscription link will be changed from http://feeds.feedburner.com/* to http://feedproxy.google.com/*.

I suggest you to bookmark this site and subscribe later.  Sorry for any inconveniences!

Manual routes only configuration practice (CNA-02-001)

CCNA Exploration 4.0, Semester 2, "Manual routes only configuration" Packet Tracer 5.0 practice file (CNA-02-001).

• CNA-02-001.pkt, (Backup Link)
• CNA-02-001-sol.pkt (solution for reference), (Backup Link)

In this example, we practice adding "manual routes" only, to maintain full connectivity.

The diagram shown in this example is quite simple. However, we will quickly learn in it: if we maintain all the necessary routes manually by hand, we could make a lot of careless mistakes. And the result is only a partially working network. The worst thing is, we have to examine all routers to find out where the problem is!

That's why we have to study so much about "automatic" ways to maintain full connectivity!

Many documents did not explain the following terms clear. In fact:

• Static means Manual
• Dynamic means Automatic

We used to choose "Static" and "Dynamic" to call entries in routing table and also those in MAC address table. I suggest "Manual" and "Automatic" would be better and clearer substitutions!

Packet Tracer 5.0 Released!

The newest version of Packet Tracer, version 5.0, is now open for Academy users to download!

Packet Tracer 5.0, including powerful simulation, visualization, authoring, assessment, and collaboration capabilities, will help students and teachers collaborate, solve problems, and learn concepts in an engaging and dynamic social environment.

References:

Packet Tracer 5.0 Multimedia Show
Cisco Network Academy Page

Generating BGP table entries originated from other AS, for practice

I found it not quite obvious to generate BGP table entries, pretending they originates from other ASes. It would be very useful when we practice BGP peering policy implementation.

This is the easiest solution I found so far:

1. Create the desired prefixes by adding static routes, pointing to some non-local reachable next-hop IP address, with Tags.
   
   
2. Note: If that address is at LAN interface subnet, its ARP entry must exist.
   
   You can use other IGP instead. The point here is the Tag in the route.
   
   
3. Use a route-map to redistribute static routes into BGP. Add "set as-path tag" action in route-map block.

Here is a sample configuration:

interface Serial1/0
 ip address 10.1.1.2 255.255.255.0

ip route 10.0.0.0 255.0.0.0 10.1.1.1 tag 789

route-map Generate-BGP-From-Static permit 10
 set as-path tag
 set origin igp


router bgp 1
 redistribute static route-map Generate-BGP-From-Static

end


Router#show ip bgp
BGP table version is 2, local router ID is 10.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network  Next Hop Metric LocPrf Weight Path
*> 10.0.0.0 10.1.1.1 0             32768  789 i
Router#

OSPF LSA Types (2), LSA Type 1: Router LSA

(Continued from previous post)

Type 1 LSA is a Router LSA. Each LSA defines one OSPF speaking router, and all its direct connections to network objects.

Network objects are (1) OSPF routers, and (2) OSPF defined networks.

Look at the diagram. The router R1 is in fact connected to 3 objects: router R2, network 10.12.12.0/24, and network 10.1.1.0/24.

No, the network 100.100.100.1/24 is not defined in this OSPF configuration, that's why it is not a connected object.

We use the command show ip ospf database router 0.0.0.1 to list the exact Type 1 Router LSAs defining R1, where 0.0.0.1 is the OSPF name (the router ID) of R1. Here is the result on R1.

R1>show ip ospf database router 0.0.0.1

OSPF Router with ID (0.0.0.1) (Process ID 1)

Router Link States (Area 0)

LS age: 1724
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 0.0.0.1
Advertising Router: 0.0.0.1
LS Seq Number: 80000003
Checksum: 0x54DC
Length: 60
AS Boundary Router
Number of Links: 3

Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 0.0.0.2
(Link Data) Router Interface address: 10.12.12.1
Number of TOS metrics: 0
TOS 0 Metrics: 64

Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.12.12.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 64

Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.1.1.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 10


R1>

Similarly, we can also list the Type 1 Router LSA of R2. Here is the result on R1, using command "show ip ospf database router 0.0.0.2"

R1>show ip ospf database router 0.0.0.2

OSPF Router with ID (0.0.0.1) (Process ID 1)

Router Link States (Area 0)

Routing Bit Set on this LSA
LS age: 1508
Options: (No TOS-capability, DC)
LS Type: Router Links
Link State ID: 0.0.0.2
Advertising Router: 0.0.0.2
LS Seq Number: 80000004
Checksum: 0x84A8
Length: 60
Area Border Router
Number of Links: 3

Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID: 0.0.0.1
(Link Data) Router Interface address: 10.12.12.2
Number of TOS metrics: 0
TOS 0 Metrics: 64

Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.12.12.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 64

Link connected to: a Stub Network
(Link ID) Network/subnet number: 10.2.2.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 10


R1>

You may have noticed, that R2 indeed is connected to more than 3 objects, how come only 3 are listed? This is because each OSPF area has its own link state database. The above 3 objects are the only objects within Area 0, the one covering both R1 and R2.


(To be continued)

OSPF LSA Types (1)

For a quick reference about OSPF LSA types, I designed this case study to demonstrate them together.

I use 4 routers, talking to each other using OSPF protocol. R1 is belonging to Area 0. R3 and R4 are belonging to Area 1. R2 is a border router, where some interfaces are in Area 0, and others in Area 1.

(To be continued)

Network Diagram
R1 Configuration
R2 Configuration
R3 Configuration
R4 Configuration

Write (save) your configuration before you logout!

I did have some costly lessen of forgetting to write (save, actually!) the configuration of a IOS router. Recently a post of Brad Reese tells that I am not alone!

.....
Top 25 network problems and their business impact

1. Configuration not saved

Reboot will cause config to be lost
.....

Saving the configuration is easy by simply typing wr followed by <enter>, which is a short version for the write command.

The conclusion: always check and save, before you logout!

Your suggestions to this Blog!

This post is a placeholder for all your suggestions about this Blog! Complaints are also welcome!

Just leave them here by posting comments to this post (click on comments link below)!

Thank you for your help!

EIGRP metric formula

IGRP metric for a path to destination is calculated by the following rather complex mathematical formula:

IGRP Metric for the path =

[K1 * (B) + (K2 * (B))/(256-(Load)) + K3*(D)] * [K5/((Reliability) + K4)]

where:

• K1, K2, K3, K4, K5: all are constants. Default values are: K1=K3=1, K2=K4=K5=0
  
• (B) = 10,000,000 / (Smallest bandwidth in kilobits, along the path)
• (Load): Outgoing interface load at this router, measured from integer 1 (0%) to 255 (100%)
• (D) = Sum of outgoing interface delays along the path, starting from this router, in micro seconds, then divide by 10
• (Reliability): Outgoing interface reliability at this router, measured from integer 1 (0%) to 255 (100%)

When we fill K1 to K5 constants with default values into the formula, it becomes very simple:

IGRP Metric for the path = (B) + (D)

Wait, what about EIGRP metric? EIGRP metric is just equal to the calculated IGRP metric value multiplied by 256.

EIGRP Metric for the path = 256 * (IGRP Metric for the path)

Of course, after the router calculates metric values of all candidate paths to the destination, it choose the path with the smallest metric value, to put in its routing table.

Reference on Cisco.com:
IGRP Metric

Loopback detected, port went error-disabled suddenly

One working switch port on my Cisco Catalyst 2950 suddenly went down by itself!

Of course, my phone rang when I was having dinner, and then I had to tell my colleagues how to do a port reset step by step. Luckily, after the port reset, the port went back on.

I did not pay much attention to this event, until it happened to the same port again! This time, I drilled in to check the log, and found something suspicious:

.Jan 30 10:12:25: %ETHCNTR-3-HALF_DUX_COLLISION_EXCEED_THRESHOLD:
Half-duplex loopback detected, collision threshold exceeded on FastEthernet0/24.

.Jan 30 10:12:25: %PM-4-ERR_DISABLE:
loopback error detected on Fa0/24, putting Fa0/24 in err-disable state

.Jan 30 10:12:26: %LINEPROTO-5-UPDOWN:
Line protocol on Interface FastEthernet0/24, changed state to down

.Jan 30 10:12:27: %LINK-3-UPDOWN:
Interface FastEthernet0/24, changed state to down

After my survey on Cisco.com, I found a workaround to this: just disable keepalive on that interface:

Switch # config t
Switch (config)# int f0/24
Switch (config-if)# no keepalive

I believe that it is a software caveat. The phrase mentioned on the web page is:

..... The suggested workaround is to disable keepalives and upgrade to Cisco IOS Software Release 12.2SE or later. .....


References:
Errdisable Port State Recovery on the Cisco IOS Platforms