Redundant Link & Spanning-Tree

• Redundant Links between Switches are good to prevent network failure if one link stops working, But have Disadvantages like :

1. If no loop avoidance schemes were put it will lead to flood broadcasts endlessly (Broadcast Storm), It means that data will go on endless circle unless something or someone stops it.

   
   
   
   

2. Device can receive multiple copies of the same frame from different segments at the same time.

3. Confuse the MAC table about the device location (Trashing the MAC table), means the SW will receive the frame from more than 1 interface and SW is know to record the source address in the MAC table so it will have multiple entries for 1 or more MAC addresses.

4. Due to all of that the SW can’t perform frame switching and the speed will decrease by time till all the network fails.

HERE COMES THE HELP OF THE 802.1d (SPANNING-TREE PROTOCOL)

• Cisco runs 802.1d by default.

• The main task for Spanning-Tree is to stop loops by shutting down redundant links, but in the mean time the link is still available if other link goes down (BACKUP LINK)

  
  
  
  

Spanning-Tree Protocol Terms:

• Root Bridge(means root SW):

  The Bridge(SW) with the best Bridge ID

• Bridge ID: An ID determined by

1. The Bridge priority (Default 32,768 in all SWs) ( the VLAN number will be added to the priority so VLAN 1 will have priority of 32,769 and so on.

2. The Base MAC Address (Of the SW)

   Ex of Bridge ID (ROOT):

   priority of 32,768 and a MAC of 11-22-33-44-55-66, the BID(Bridge ID) would be 32768:11-22-33-44-55-66

   
   
   
   

   
   

• The LOWEST Bridge ID will become the ROOT

• Priority Possible values range from 0 to 65535, a SW with the priority of 0 means always become the ROOT

• All the decisions in this network’s SWs are made from the view of the ROOT. (will have the big role in deciding which port will be shut)

• BPDU: Bridge Protocol Data Unit: A frame that all SWs send that includes the ID of the SW, helps in the selection of the root, every SW compares it’s ID with the ID it receives from the other SW and see which ID is the lowest to choose the ROOT, After choosing the ROOT all SWs including the ROOT continue to send periodic BPDUs.

• None-Root Bridges (SWs which are not the ROOT) exchange BPDUs to update the STP topology.

• Port-Cost: A number that helps in choosing which port to be closed in a SW that has redundant links in STP, it is the cost of using the port to reach the root bridge, that number is determined by the Bandwidth of the Port, The more bandwidth The less the number is, the better the port is.

• Port Cost numbers according to the port’s Bandwidth are:

  10Mpbs costs 100

  100Mpbs costs 19

  1000Mpbs (1Gpbs) costs 4

  10000Mpbs (10Gpbs) costs 2

…. to be continues isa

Gratuitous Request and Reply in ARP

Gratuitous ARP is a feature of the Address Resolution Protocol wherein the host broadcasts an ARP request for its own hardware address.

A Gratuitous ARP could be a request or a reply. A Gratuitous ARP Request is the one where the Source and Destination IP address will be of the host itself which issues the request and is broadcast to the subnet and normally there will not be a reply.

A Gratuitious ARP reply is again the one where there was no request.

Some of the common usage of Gratuitous ARP are

Avoid/Resolve IP Conflicts

Gratuitous ARP is primarily used to resolve IP conflict issues (another system using the same IP address). When a system gets a ARP request with the Source IP address same as its own then it knows there is IP conflict and alerts accordingly. In Solaris Operating System, this occurs at the boot time to detect if there is an IP conflict.

Update Hardware changes

Gratuitous ARP is also used to send  updated hardware address information. Systems that receive gratuitous ARP reply packets will automatically update the ARP table with the IP address with the new MAC Address. For example, the switch to which the device is connected can update its MAC Address table against the switch port.

Clustering & High Availability Solutions

Gratuitous ARP is used in Clustering and High Availability Solution. This could be a simple NIC resilience on the same system or a High Availability between two systems. When the active interface goes down, the IP gets reconfigured to the secondary NIC or to the secondary device. When this change happens, a Gratuitous  ARP reply is send to all the devices in the network announcing the MAC change so they can update their ARP tables. The Linux HA project uses Gratuitous ARP for failover process.

In Cisco

ip gratuitous-arps

To enable the transmission of gratuitous Address Resolution Protocol (ARP) messages for an address in an address pool if the transmission has been disabled, use the ip gratuitous-arps command in global configuration mode. To disable the transmission, use the no form of this command.

ip gratuitous-arps [non-local]

no ip gratuitous-arps

Syntax Description

non-local

(Optional) Sends gratuitous ARP messages if a client receives an IP address from a non-local address pool. Gratuitous ARP messages for locally originated peer addresses are not sent by default.

Cisco ARP commands HERE

Switches

Switches

• Switch Advantages :

1. Wire Speed.

2. Hardware Based.

3. Bridging (ASIC)

4. Low Latency.

5. Low Cost

• Difference between Bridge & Switch

1. Bridge is SOFTWARE BASED —- Switch is HARDWARE BASED

   Switch is multi-port bridge

   Bridge has only 1 spanning tree —- Switch has many spanning trees

   Both forward layer 2 broadcast.

   Both learn MAC address from the source address of the frame and store it in the MAC table.

   Both forward based on the Destination MAC address.

• 3 SW Functions:

1. Address Learning

2. Forward/Filter Decision

3. Loop Avoidance [ STP used to stop network loops while still permitting redundancy ]

• When the MAC Forward/Filter table are Full, the SW has no choice but to flood the network with the frame.

• If a host didn’t communicate for a certain amount of time the SW will flush (Remove) it’s entry from the table.

• To show the MAC table use command #show mac-address-table , this is useful to find which device connected to which port by it’s MAC address

• PORT-SECURITY COMMANDS AND USE:

• To access port-security option use these commands

  #interface fast ethernet …

  #switchport port-security …… <—– this will have 4 options

1. aging

2. mac-address (secure mac address by entering the mac address manually or by using sticky after it so it will use the mac addresses connect to this port)

3. maximum (means maximum mac addresses to hold)

4. violation (security violation mode, means what to do if the security option you choosed was broken, has 3 options, protect , restrict , shutdown )

• To allow only 1 host per port

  #interface …

  #switchport port-security mac-address sticky

  #switchport port-security maximum 1

  #switchport port-security violation shutdown

  this means if the mac address connected to this port changes then the port will be shutdown and to open the port again the Admin (which is you :D) must use the command #no shutdown on the interface to open the port again 😀

• The best way to apply this port security is

  #switchport port-security mac-address sticky

  #switchport port-security maximum 2

  #switchport port-security violation shutdown

the reason why we put maximum 2 is when there is ip phone connected so there will be 2 MAC addresses, 1 for the pc and 1 for the ip phone (If there is no ip phone then make it only 1 :D)

New Gns3 live cd

I won’t go into details

Here is the link  DOWNLOAD HERE

Download it and burn it on a CD , it’s based on LINUX

& if you want to put in on BOOTABLE USB  just use UltraISO and open the ISO as shown here

After opening it choose Bootable then write disk image like this

and then on Write-Method make sure it is USB-HDD

The last thing is to click on Write, a small windows will appears warning you that ALL DATA ON THE USB WILL BE LOST, so make sure you use a FORMATED USB for this.

The system is base in linux so it will ask for user and password when loading

the user gns and no password , or user root with password root

P.S: In Bootable USB the creator of the LIVE CD says it sometimes crash, so it’s better to change your motherboard settings to boot in USB RAM mode

FOR MORE DETAILS ON THE ISO PLEASE CHECK THE PAGE OF THE PEARSON WHO MADE THIS ISO

HERE

Extended Ping :D

I was just trying the sample scenario in the new packet tracer 5.2 from Cisco and I found a point where it tells you to use extended ping to choose the source IP address which will do the ping, i didn’t know how to do that, i tried using the ? to see the command i only found ping command so i tried #ping ? it showed only that i need to put an IP or host to ping i did that and used the ? after it and nothing appeared 😀 so i search for extended ping and found 2 site, 1 is explaining how to use it and also how to use the extended trace command,

and the other was Cisco document which is complicated and so scientific so i read the easy one 😛

I wanted to share the link with you to add this info to your other infos, sure it will become handy at a time 😉

here are the links

This one is from Tech Republic, which is a great site full of tips and infos about everything related to IT

Tech Republic

The other one is a pdf file from Cisco site

Cisco

and for those who are too lazy to open the links here is a small explanation and how to use extended PING

1st you type the command

#ping

and then enter 😀 that’s it, it will prompt for all of the options you can use in the extended ping

so follow these steps and whenever you find a weird step just leave it empty and click enter and the default value (which is shown between the [] ) will be chosen and then continue 😀

just be sure to answer this

Extended commands [n]: Y

type y so that you use the extended commands , if you just clicked enter it will load the default answer which is as shown between the [] is n meaning NO 😀

Here are all the steps

Router# ping

Protocol [ip]:

Target IP address: 1.1.1.1

Repeat count [5]: 10

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]: y

Source address or interface: 2.2.2.2

Type of service [0]:

Set DF bit in IP header? [no]:

Validate reply data? [no]:

Data pattern [0xABCD]:

Loose, Strict, Record, Timestamp, Verbose[none]:

Sweep range of sizes [n]:

Type escape sequence to abort.

The empty steps means the default value was chosen

Hope that helps…

Show commands are Very Important in Troubleshooting

The most important point in studying is to know how to troubleshoot running protocols and devices

here i’ll put the most common and most used show commands and there use isa

1st

#show running configuration

it’s the most used command because it shows use every command that is running in the device and also shows you if there are wrong commands or wrong configurations

2nd

#show ip interface brief
this command is really great too because it shows is every interface logical or physical in the device and from there you can see the IP Add of every interface and if the interface is up or down

you must check the interface and see if it is up up, means must be up in STATUS & in PROTOCOL also

see this

It shows that the interfaces are down down
the 1st down means that the interface is still shutdown and the admin didn’t use the command #no shutdown

so always use the command no shutdown to open the interface,

the second down means the protocol is not working, means that the interface is not connecting with the other interface on the other device, so you should check the ip address if it’s in the same subnet as the other interface, and check also if the other interface is up up

and check if there is a protocol using this interface, you will need to use the show running configuration command to check the interface and the protocols.

3rd

#show ip route

this command shows you the routing table and from that u can see the routing protocol running and there networks and you can see also the source address from which you got the route

these are 3 show command which i think are the most important and the most basic commands you’ll almost use every time you use a Cisco device

many problems are just wrong commands typed in the device or as simple as that so don’t forget these commands and when using them especially the show running config command make sure you check every command in the list and see if it’s written write and the ip address and the subnet masks also

these will be great help also in the CCNA exam  so becarefull

I hope that helps all of who are taking the CCNA exam and also in real life

P.S:

The #show running configuration command helped me in an interview i did coz the interviewer asked me to gather the info i can about the device so when i used the comman i saw every command they are using and all the protocols also :D, aslo use #show version to check what kind of devices i’m in 😛

CCNA small but usefull Notes 2

• Cisco Device boot sequence :
  1. POST
  2. Bootstrap
  3. Load IOS from flash to RAM
  4. Hardware Inventory
  5. Load Config file

• The SETUP that apears after starting a CISCO Router prompts for:

Hostname

Password & Secret

Router & Routing Protocols

IP Address

• CSMA/CA    is for 802.11 –> Wireless
• CSMA/CD    is for 802.3 —> Ethernet
• To check if SDM is installed in the router use this command    #show flash
• IPv6 works with DNS to track devices
• To go back to privileged there are 2 ways

ctrl+z

type #end

• To check interface’s security settings use this command #show port-security interface….
• To show Router’s memory STATs use #show memory
• To disable split horizon in an interface use  #no ip split-horizon in interface config mode
• Split-horizon only used bye Distance-vector protocols (RIPv1&2, IGRP, EIGRP)
• Copy config to TFTP  #copy run configuration tftp then follow by the IP , File name
• Copy from TFTP to FLASH of the Device use #copy tftp flash then follow the steps
• All routing protocols can load-balance across 4 equal-cost paths
• IGRP & EIGRP are the only protocols that can load-balance across unequal-cost paths
• To enable load-balance of unequal-cost paths in IGRP & EIGRP use command #variance in their config mode
• When choosing root bridge in spanning tree it always chooses the SW with the smallest priority 0 = always root,  61440= never root
• To change the priority use command #spanning-tree vlan .. priority .. for every VLAN
• To make the SW the root automatically  use command #spanning-tree vlan.. root primary
• To enable portfast on all non-trunking interfaces use command #spanning-tree portfast default
• To change the terminal History size use command  #terminal history … MAX size is 256
• CDP sends hello every 60 secs & the Hold time is 180 secs ( 3x Hello)
• When choosing DR in OSPF it always choose the Router with the highest priority if same priority then choose the highest Router ID (RID) through the highest loopback interface ip address, if no loopback then the highest ip address in physical interface
• To change the OSPF priority for an interface use command #ip ospf priority … in the interface config mode
• IPv6 Routing Protocols
  • EIGRP for IPv6
  • RIPng
  • MP_BGP4
  • OSPFv3

• VTP advertise every 5-mins or when change happens
• VTP advertisements are multicast
• In Store & forward mode in the SW the steps are
  • check CRC then discards frames smaller than 64-bytes and larger than 1518-bytes

• 802.1q trunking protocol adds 4-bytes TAG field to the frame
• ISL trunking protocol adds 30-bytes of info to the original frame (26-header, 4-trailer)
• VLAN range from 1-1005 & 1,1002,…,1005 are registered and cannot be deleted so the usable are from 2-1001
• The command  #show sessions is used to display telnets from the router
• The command  #show users is used to display telnet to the router & console connections
• To close active telnets use command #clear line … (VTY line Number)
• To turn CDP off in all interface used command #no cdp run
• To Turn CDP off on specific interface use command #interface ….. followed by command  #no cdp enable
• RIP max load-balance is 16 (default 4) and only equal-cost paths
• In ACL  0.0.0.0 255.255.255.255 is same as ANY
• Wild care masks are used by  OSPF and ACL
• The command #show protocol shows ROUTED protocol ( like IP )
• The Default Static Route begins with  #ip route 0.0.0.0 0.0.0.0 followed by next hope IP address (the ip address of the interface of the other router) or exit interface (the interface of the same router you are in)   as #ip route 0.0.0.0 0.0.0.0 fast ethernet 0/0
• In DHCP, Pool name is CASE SENSITIVE
• In spanning-tree, BPDUs are sent every 2-secs

that’s it for now, soon i will put other useful small notes that helps you in your revision…

CCNA Small but usefull Notes…

TCP Header 20-bytes without options 😀

UDP Header 8-bytes 😀

Ethernet Header 20 bytes

Frame Relay  Header 4-6 bytes

Point-to-Point Header 6 bytes

IP Header 20 bytes

EGP Protocols -like BGP- are used between AS

Neighbor table & Topology table in EIGRP are kept in RAM

Inverse ARP maps DLCI to IP

In MAC address the 1st 3-Bytes (24-bits) are the OUI (Organizationally Unique Identifier)

The Command #show ip ospf interface …. gives you the hello timer

Routing table Samples   R=Rip ,  I=IGRP , D=EIGRP , O=OSPF , C=Connected Directly , S=Static Route

In OSPF, DR collects & distributes the routing updates then sends them through Multicast address 224.0.0.5 to Non-DR routers

Non-DR routers send updates to 224.0.0.6 to the DR

All OSPF routers (DR & Non-DR) send hello using 224.0.0.5

OSPF sends hello every 10 secs and the dead time is 4 x hello = 4 x 1- = 40 secs

EIGRP sends hello every 5 secs (every60 seconds on WAN links) and the dead time is 3 x hello = 3 x 5 = 15 secs

EIGRP uses Multicast address 224.0.0.10 to send updates and hellos

EIGRP use DUAL to determine loopfree paths

EIGRP uses RTP to ensure reliable delivery of updates and uses seq. number to ensure order

EIGRP does not use TCP or UDP, instead it uses RTP

RIP broadcast every 30 secs and uses multicast address 224.0.0.9

IGRP broadcast routing table every 90 secs

TCP Ports  Telnet 23, FTP 20, 21  , DNS 53, HTTP 80, HTTPS 443, SMTP 25

UDP Ports DNS 53, SNMP 161, TFTP 69

802.1D   STP

802.1W   RSTP

802.1Q    Trunk

802.1ad   LACP

802.1p   QoS

That’s enough for now i’ll continue soon, hope to see some comments to encourage me to finish it fast 😀

If there are mistakes or any questions plz say..

My 1st Post…

Al Salamo Alikoum All,

My Name is Islam, and i’m  CCNA certified and currently studying for my CCNP isa..

I created this blog to be a place to gather Informations about all kinds of Network Technologies coz it’s a big world now and everything related to IT now are circling arount the Networks… or at least i think so 😀

I’ll be glad if anybody has a good info that can help somebody else in this world to put it or send it to me so i can put it in my blog so more people can benefit from it.

I hope that this blog will help anybody who is seeking the knowledge of Network Technologies.

As my 1st post, i wanted to start with something great that can help lot of people, so I’ll start by putting links to great Arabic and English

• The 1st one is Arab Hardware, it’s a great great forum from which i learned lots of stuff about Cisco and Microsoft.
• The 2nd one is Sadikhov, i know most of you sure know that forum coz it’s well-known, this forum was one of the things that helped me pass my CCNA exam sure after the help of Allah.

I’ll be adding lot of links, tutorial, study note, free tests to help you prepare for Cisco Certificate exams and news about Network Techs and Cisco stuff.

Best Regards,

Islam