Sie sind auf Seite 1von 13

IP SLA

What are Offset lists used for?

An offset list is used to increase incoming and outgoing metrics to routes learned via EIGRP or RIP.

What are the three parts of IP SLA?

IP SLA source:

 
  • - Sends probe packets to the target.

  • - Probes configured on the IP SLAs source (IOS Router).

IP SLA responder:

 
  • - Cisco IOS device, allows it to anticipate and respond to IP SLAs request packets.

IP SLA operation:

  • - Measurement/result that includes protocol, frequency, traps …

What can be measured by IP SLA?

Voice-quality scoring

Application performance

Server response time

Packet loss

One-way latency

Response time

Network resource availability

What is the three step process of configuring IP SLA?

  • - Define one or more IP SLAs operations (probes).

  • - Define one or more tracking objects, to track the state of IOS IP SLA.

  • - Define the action associated with the tracking object.

Policy Based Routing (PBR)

How does PBR work for influencing path control?

PBR can be used to implement policies that selectively cause packets to take different paths based on source address, protocol types, or application types and override the router’s normal routing behavior.

Explain the logical operation of a PBR decision?

  • - Is there a route map?

(yes)

  • - Does it match a deny? (no)

  • - Does it match a Permit (yes) ---->

then and only then do you set the applicable match statement

What are the five steps to configuring PBR?

  • 1. Define and name the route map

  • 2. Define the conditions to match

match statements

  • 3. Define the action to be taken when there is a match

set statements

  • 4. Define which interface the route map will be attached to

PBR is applied to incoming packets.

  • 5. Verify path control results.

List 5 characteristics of BGP?

  • 1. BGP is used to interconnect AS’s

  • 2. Standard for the Internet

  • 3. Supports VLSM, CIDR

  • 4. Only routing protocol to use TCP

  • 5. Path-vector routing protocol

List four different attributes used with BGP?

MED, AS_PATH, Weight, Atomic Aggregate

List two AS number characteristics?

  • - 16 bit addresses (65,536)

  • - Private addresses: 64512 65535

When two routers establish a TCP enabled BGP connection, what are they are they called?

neighbors or peers.

What is each router running BGP called?

BGP Speaker

How are route updates exchanged by BGP neighbors whom have just formed an adjacency?

1)

2)

When BGP neighbors first establish a connection, they exchange all candidate BGP routes. After this initial exchange, incremental updates are sent as network information changes.

What mechanism is used by BGP to guarantee a loop-free exchange of routing information between autonomous systems?

  • - BGP guarantees a loop-free exchange of routing information between autonomous systems.

What two types (flavours) of BGP are there?

eBGP: External

iBGP:

Internal

Define 3 characteristics of eBGP?

eBGP runs between neighbors that belong to different AS

eBGP neighbors, by default, need to be directly connected.

Active TCP session between neighbors

Define 3 characteristics of iBGP?

iBGP runs between neighbors within the same AS

The neighbors do not have to be directly connected.

Active TCP session between neighbors

Define the four types of BGP physical connectivity that were discussed in class?

What two types (flavours) of BGP are there? eBGP: External iBGP: Internal Define 3 characteristics of

What is meant by a Transit AS?

An Autonomous System connecting to 2 ISPs, that permits traffic from ISP1 to ISP2 through the local “transit” AS

What two types (flavours) of BGP are there? eBGP: External iBGP: Internal Define 3 characteristics of

Under what circumstances is BGP recommended?

  • - Multiple paths to the Internet

  • - Manipulate the exiting traffic path

  • - Influence incoming traffic paths

When BGP Is Not Recommended?

  • - When there is only a single connection to the Internet

  • - If the routers do not have resources to support BGP

  • - Not familiar with route filtering / path manipulation

In contrast, what do BGP speakers (routers) exchange?

BGP routers exchange network reachability information, called path vectors, made up of path attributes.

What information is included in a path vector?

AS Path: A list of the full path of BGP AS numbers (hop by hop) necessary to reach a destination network. IP address to get to the next AS (the next-hop attribute) How the path was introduced into BGP (origin code attribute).

What is the three step process to the operation of BGP?

1/ Establish neighbor relationships:

Must have a TCP connection with neighbor Exchange routing tables

2/ Exchange all candidate BGP routes:

3/ Incremental Updates:

Changes Only, KeepAlive 60 sec, Hold 180 sec (3x KeepAlive)

What three tables are used by BGP?

Neighbor - List of neighbors Forwarding - List of networks learned from neighbors, contains BGP path attributes Routing - List of best routes to destination network.

What are the 4 messages types to BGP?

1: Open - Used to establish connections with Peers, Includes Hold Time & Router ID, Router ID determined same as OSPF 2: Update - Contains the info that BGP uses to construct the picture of the internetwork 3: Notification - Used for error messages 4: Keepalive - Used to maintain connection with Peers

List the 6 states that BGP goes through from start to finish?

1: Idle - Waiting to start 2: Connect -Waiting for TCP connection to be completed, Success: Move to OpenSent, No Success: Move to Active 3: Active - Wait / try again for TCP connection 4: OpenSent - Waiting for open message from peer. Keepalives are sent. 5: OpenConfirm - Receives keepalives and transitions to Established 6: Established - Start exchanging Update packets with peers

What does BGP use to determine the best path to a network?

BGP Path Attributes

What are the well-known mandatory BGP attributes?

AS_PATH, NEXT_HOP, ORIGIN

What are the Well-Known Discretionary BGP Attributes?

Local_Preference, Atomic Aggregate

What are the 4 categories of BGP Path Attributes?

Well-known mandatory - Must exist in the BGP update packet. If it is missing a notification (error) message is generated Well-known discretionary - Recognized by all BGP implementations, it may or may not be set in the update packet. Optional transitive - May or may not be recognized by all BGP implementations, BUT, accept and pass it to your peers Optional nontransitive - May or may not be recognized by all BGP implementations, DO NOT pass it to your peers

What happens if a well-known mandatory attribute is missing in a received update?

A notification error will be generated

What are the three origin codes used for BGP?

IGP - An origin of IGP is indicated with an “iin the BGP table EGP - An origin of EGP is indicated with an “e” in the BGP table. Incomplete - An incomplete origin is indicated with a “?” in the BGP table

If the Path is listed as a “?”, what does that usually mean?

  • - Usually redistributed.

What is the Local Preference Attribute used for?

Used to advertise which is the preferred exit point in this AS Local to AS: Exchanged between iBGP routers Used when there are multiple exit points from the AS Higher value more preferred

What is the Atomic Aggregate attribute used for?

The Atomic Aggregate attribute is used to indicate that routes have been summarized. May not necessarily be the most complete route information available.

What is the MED attribute used for?

Sent to other AS’s (ISP) to indicate best entry path into your AS Used to influence the ISP’s Outbound decisions Lower Metric is preferred

What is the Weight Attribute used for?

Local to the router Higher weight exit point more preferred Cisco proprietary

What is the BGP Route selection process?

Weight Local_Preference Aggregate routes AS-PATH Origin MED Prefer EBGP over IBGP

How many BGP Autonomous Systems can a router belong to?

Only 1

What do network statements tell BGP?

Network statement tells BGP what local networks to advertise (originate) into BGP

These routes must exist in the local router’s routing table to be propagated.

Is redistribution a recommended practice when using BGP?

NO!, Redistributing is not recommended because it could result in unstable BGP tables.

When must iBGP be used?

Must be used if you have two or more exit points Care must be taken not to become a Transit AS

How does iBGP prevent loops?

If an iBGP router learns about an update from another iBGP neighbor it does not pass it to any other iBGP routers

What is a best practice for configuring iBGP?

Full Mesh

What can be done to provide a more stable BGP neighborship?

Loopbacks provide stability - Route Flap avoidance A route must exist to the loopback addresses or you need to add one

Why must you reset BGP when a change is made?

Any new policy, enforced by the new filters, is applied only on routes that are received or sent after the change.

What is the difference between a hard BGP reset and a soft BGP reset?

Hard:

 

Connection is reset (Down Up) All tables must be relearned Can be reset for a specific neighbour or for all neighbours

Soft:

Connection is maintained The router creates a new update and sends it to all / specific neighbors.

How does BGP differ from IGPs?

- Unlike IGPs, BGP was never designed to choose the quickest/most efficient path. - BGP was designed to manipulate traffic flow to maximize or minimize bandwidth use.

List 6 typical BGP Set Commands?

Set weight Set local-preference Set as-path Set origin Set metric

When is the BGP weight attribute used?

  • - The weight attribute is used only when one router is multihomed and determines the best path to leave the router.

  • - Only the local router is influenced.

  • - Higher weight routes are preferred.

What can be used to filter out traffic from a specific AS-Path?

An “as-path access-list”.

What as-path regular expression means via AS100 when using as-path ACLs?

_100_

What as-path regular expression indicates an origin of AS100 when using as-path ACLs?

_100$

What as-path regular expression indicates transmission from AS100 when using as-path ACLs?

^100 .*

When is local preference used?

The local preference is used only within an AS (between IBGP speakers) to determine the best path to leave the AS.

When no other BGP path selection tools such as weight or local-preference have been configured, how does BGP choose its path?

It chooses the shortest AS-path regardless of available bandwidth.

When is MED used?

MED is used to decide how to enter an AS when multiple paths exist.

In the BGP path-selection process, the lowest MED value is preferred.

Default is 0.

IPv6

What improvements have been added to IPv4 in the new IPv6 addressing scheme?

  • - IPv6 addresses are 128 bits, compared to IPv4’s 32 bits

  • - Elimination of public-to-private NAT

  • - Elimination of broadcast addresses

  • - Support for mobility and security

  • - Simplified header for improved router efficiency

What is Stateless Auto-Configuration?

DHCP is not required because an IPv6 device can automatically assign itself a unique IPv6 link-local address.

How many IPv6 addresses can be configured on an interface?

One or many.

Do IPv6 routers fragment IP packets?

No, IPv6 routers no longer perform fragmentation. A discovery process is used to determine the optimum MTU to use during a given session.

How are public IPv6 addresses grouped?

  • - By major geographic region

  • - Subdivided by ISP inside that region

  • - Further subdivided for each customer

What can be done to reduce the size of an IPv6 address containing consecutive “0”s?

Successive fields of 0 can be represented as :: but only once per address.

What are the three types of IPv6 addresses?

Unicast One to One Multicast One to Many Anycast One to Nearest

What are the three scopes of unicast addresses?

Global: The scope is global (IPv6 Internet addresses). Link Local: The scope is the local link (nodes on the same subnet). (FE80…), Not routed Site Local: (Private Addressing) - Obsolete (Deprecated)

What three parts do global unicast addresses typically consist of?

A 48-bit global routing prefix A 16-bit subnet ID A 64-bit interface ID

What do IPv6 Link Local Unicast addresses start with?

Starts with Hex: FE80 Normally created dynamically Stateless Auto-configuration

Does IPv6 still use broadcasts?

No Broadcasts in IPv6 Replaced by multicasts Starts with Hex: FF

List 3 common Multicast addresses?

FF02::1

All Nodes

FF02::2

All routers

FF02::9

All RIP routers

List three methods that can be used to assign IPv6 addresses?

Stateless Auto-configuration Manually Assigned DHCPv6: Multicast to FF02::1:2

What does IPv6 use to resolve addresses, like IPv4 uses ARP?

ICMPv6 Neighbor Solicitation (NS) is similar to IPv4 ARP in that it is used when resolving an IPv6 address to a MAC address.

How does Stateless Autoconfiguration work?

Stateless autoconfiguration uses the information in RA messages to configure hosts automatically. All routers on the network reply to the RS immediately, with an RA sent to the all-nodes multicast address. The host now creates a link-local address and solicited-node address using the RA supplied by the router.

What is EUI-64 used for and how is it used?

(EUI)-64: Extended Universal Identifier format is used for stateless auto-configuration. 64 bit: Manually / Dynamically configured

Uses the 48bit MAC address and inserts 16bits “FFFE” into the middle of the address.

How is an EUI-64 address made?

Step 1 Insert FF:FE

0034:56FF:FE78:9ABC

Step 2 - convert 00 to binary and flip 7th bit

>>> 0000 0010 = 02

Step 3 convert back to HEX and the address is ready

EUI -

0234:56FF:FE78:9ABC

What command identifies an EUI-64 address has been configured?

R1(config-if)# ipv6 address FE80::1 link-local

How is a Global Unicast IPv6 address assigned?

Global Unicast IPv6 addresses are assigned by omitting the link-local parameter.

What are IPv6 Unnumbered Interfaces used for?

IPv6 supports unnumbered interfaces to enable IPv6 processing on an interface without assigning an explicit IPv6 address to the interface.

What routing protocols are used for IPv6?

Static

RIPng

OSPFv3

EIGRP for IPv6

MP-BGP4

How do you enable IPv6 Routing?

ipv6 unicast-routing

How do you specify an IPv6 default route?

R2(config)# ipv6 route ::/0 s0/1/0

Can OSPFv3 and v2 run concurrently?

  • - OSPFv3 & v2 can be run concurrently, because each address family has a separate SPF (ships in the night).

  • - They do not exchange information

What multicast address represents all OSPF routers on the local scope?

FF02::5 Represents all OSPF routers on the link local scope; equivalent to 224.0.0.5 in OSPFv2.

What multicast address represents all DR routers on the local scope?

FF02::6 Represents all DR routers on the link local scope; equivalent to 224.0.0.5 in OSPFv2.

What 32bit components are still used by OSPFv3 for IPv6?

Router ID and Area ID’s remain at 32 bits.

What mechanism is used by OSPFv3 for authentication?

None, Authentication is no longer part of OSPF.

How does EIGRP for IPv6 differ from EIGRP for IPv4?

  • - It does not automatically summarize

  • - It is configured on an interface

What transition methods are available for IPv4-to-IPv6?

Dual Stack: Both protocols are enabled, Path chosen based on addressing, Protocols do not share Route information Tunneling: Manual / GRE , Automatic (Tunneling encapsulates the IPv6 packet in the IPv4 packet.) NAT-PT Translation

What limitation is there to 6to4 tunneling?

First 16 bits of the address must be 2002 Next 32 bits must be Source IPv4 Address Emulates a NBMA network

What product reduces cost by deploying a single, resilient system for fast, secure delivery of mission-critical business services?

Cisco 2800 Series ISR

  • - Data

  • - Voice

  • - Security

  • - Wireless

List the 5 step implementation plan for deploying a branch office network?

  • 1. Deploy broadband connectivity

  • 2. Configure static routing (to ISP)

  • 3. Document and verify other services such as NAT, DHCP etc…

  • 4. Implement and tune the IPsec VPN

  • 5. Configure GRE tunnels

What does DOCSIS stand for and what does it specify?

Data Over Cable Service Interface Specification:

Standard for cable equipment devices:

DOCSIS specifies the standards for the:

cable modems (CM) ,

cable modem termination system (CMTS)

Physical and MAC layers

What type of physical medium is deployed in Cable networks?

Hybrid fiber-coaxial

What is the highest DOCSIS standard available to date?

DOCSIS® 3.0

  • channel bonding

o

up to 304 Mbps in the downstream

o

Up to108 Mbps in the upstream.

How do DSL subscribers connect to the network?

ADSL and voice on the same POTS copper line

What is the approximate maximum distance that a DSL subscriber can be from a CO and still be able to get service?

18,000ft (5,460m)

What is the most commonly deployed type of DSL?

Asymmetric DSL (ADSL)

VPNs / IPsec

What are the two basic types of VPN solutions?

Site-to-site VPNs:

VPN endpoints are devices such as routers. The VPN is completely hidden from the users.

Remote-access VPNs

Mobile user initiates a VPN connection request using either VPN client software or an Internet browser & SSL

connection.

What are two significant benefits when using IPsec VPNs?

  • - Encapsulation

  • - Encryption

Is IPsec a protocol?

No, it is a combination of security algorithms used together to achieve Confidentiality, Integrity, and Authentication

What is the main difference between a transport mode VPN and a Tunnel mode VPN?

  • - A transport mode VPN does not care about the routing process, but rather to protect the payload only.

  • - A Tunnel mode VPN encapsulates the entire packet into a new IP header and protects the data and original IP Header.

What are the 5 main steps to configuring an IPsec VPN?

  • 1. Configure the initial key exchange (ISAKMP policy) details.

  • 2. Configure the IPsec transform details (Transform Set)

  • 3. Configure the Crypto ACL. (Interesting traffic)

  • 4. Configure the VPN tunnel information.

  • 5. Apply the Crypto Map to the interfaces.

What did Cisco develop to allow IPsec VPNs to support IGPs?

GRE Tunneling protocol developed by Cisco GRE is commonly implemented with IPsec to support IGPs

Do GRE tunnels provide encryption services?

GRE is just an encapsulation protocol. By default, the traffic leaves in clear text. GRE tunnels do not provide encryption services. IPsec must also be configured to encrypt the routing traffic.

MPLS

What significance is held by MPLS Labels?

Locally Significant

Essentially, what is Layer 2 MPLS?

Extension of Ethernet across the WAN Provides do not take part in routing decisions CE routers become neighbors on the same network

What differs from Layer 2 MPLS to Layer 3 MPLS?

Customer and Provider participate in Routing process Separate Routing table for each customer: VRF: Virtual Routing and Forwarding Table