Dynamic NAT-PT Configuration

Dynamic NAT-PT is a Cisco method to implement NAT-PT.
This configuration guide is a part of our ongoing CCIE Study Guide Series.

Please click on the images, to get a larger view.

Also checkout our study notes on configuring Static NAT-PT.


We wish to come up with more of configurations and study notes. Meanwhile, please checkout the earlier editions of our CCIE study notes.

• EIGRP
• OSPF
• IPV 6
• BGP

Static NAT-PT Configuration

Static NAT-PT is one among the 4 ways to implement Cisco NAT-PT.
We are bringing this configuration guide to you, as part of our ongoing CCIE Study Guide Series.

Please click on the images, to get a larger view.

While we are working on the configuration of Dynamic NAT-PT, please checkout the earlier editions of our CCIE study notes.

• EIGRP
• OSPF
• IPV 6
• BGP

NAT-PT - CCIE Study Guide

We are starting another phase of our CCIE Study Guide Series, with some documentation and configuration instructions on NAT-PT.

NAT-PT stands for "Network Address Translation - Protocol Translation" it is an IPv6-IPv4 translation mechanism, which was designed (created) to allow IPv6-only devices communicate with IPv4-only devices and vice versa.

Cisco's basic operation of the NAT-PT consists of three items:

• The IPv6 only device (node) that is located on a IPv6 only network
• The IPv4 only device (node) that is located on a IPv4 only network
• And, the Cisco NAT-PT router that is located in between both network only devices and is doing the protocol translating.

NAT-PT is mainly used by organizations (companies) as a short-term fix; until they are completely ready to migrate to IPv6.

The best advantage of using Cisco's version of NAT-PT is that only the Cisco NAT-PT router needs to configured; the IPv4 and IPv6 network only devices involved are totally clueless that NAT-PT is happening between them. Cisco recommends that you never allow a Cisco NAT-PT router perform NAT-PT between Dual Stack devices.

The major downfall of using Cisco's version of NAT-PT is that you have a single point of failure, the Cisco NAT-PT router itself. This is why Cisco recommends that the NAT-PT solution only be used for a short amount of time, until a long term solution can be achieved.

Currently, Cisco NAT-PT can be implemented in four ways:

1. Static NAT-PT
2. Dynamic NAT-PT
3. Port Address Translation (PAT) a.k.a. Overload
4. IPv4-Mapped Operation

While we prepare some detailed configuration instructions on the above methods, please do not forget to checkout the earlier study notes that we have prepared for CCIE.

• EIGRP
• OSPF
• IPV 6
• BGP

CCIE Study Guide: BGP Notes

This is the fourth part of our CCIE Study Guide Series and provides useful notes about BGP.

1. BGP uses TCP port 179 for transport. Router with the higher BGP router-id initiates BGP session from a random port.
2. The interface from which the BGP router ID is taken does not have to be running BGP. Any valid IP address can be used as BGP router-id, even an address that is not locally configured on the router.
3. The BGP router-id must be the same as the OSPF router-id for redistributing the routes from OSPF to BGP or vice versa.
4. If the ‘network …‘ command is configured with the ‘mask’ option under the BGP process, then an exact match (network/mask) must exist in the IP routing table in order to advertise this route into BGP regardless of ‘auto-summary‘ / ‘no auto-summary‘ command. But the ‘network …‘ command configured without the ‘mask’ assumes the default classful mask and if ‘auto-summary‘ is configured then BGP will advertise a classful network only if any subnets of the classful network exist in the IP routing table. Again if the ‘network …‘ command is configured without the ‘mask’ option and if ‘no auto-summary‘ is configured, then that router must have the exact classful network in the IP routing table in order to advertise it in BGP.
5. To accept and attempt BGP connections to the external peers residing on networks that are not directly connected, we need to use either ‘neighbor ebgp-multihop …‘ or ‘neighbor ttl-security …‘ command. These two commands are mutually exclusive. We can use another command ‘neighbor disable-connected-check‘ to accomplish the same task if the BGP neighbor is one-hop away.
6. The synchronization rule states that an iBGP learned prefix cannot be considered best unless there is a matching IGP route for that BGP prefix. BGP only advertises what it considers the best path. This issue can be resolved by
   
   • redistributing BGP routes into the IGP
   • creating a full-mesh of IBGP routers and disabling the synchronization, or
   • creating a GRE tunnel. 
   When BGP is synchronizing with OSPF, the router ID must match in both protocols in order to make it work.
   
7. When a prefix is received from an eBGP neighbor, it is advertised to both eBGP & iBGP neighbors. When a prefix is received from an iBGP neighbor, it is advertised ONLY to eBGP neighbors and not to any iBGP neighbors. To advertise iBGP leaned routes to other iBGP peers requires the use of route-reflectors or confederations or a full-mesh of iBGP peers.
8. While sending BGP updates, EBGP peers modify the next-hop value to its own IP address. But iBGP peers do not modify it.
9. The ‘default-information originate’ command, however, requires explicit redistribution of the route 0.0.0.0. .
   Default routes can be injected into BGP in one of three ways:
   
   • using the ‘network …‘ command (default route must exist in the local routing table),
   • using the ‘default-information originate‘ command (a redistribution statement must also be configured to redistribute the default route from the local routing table to the BGP table), and
   • using the ‘neighbor … default-originate [route-map route-map-name]‘ command (this method does not even check for the existence of a default route in the IP routing table).
   The ‘default-information originate‘ command should not be configured with the ‘neighbor … default-originate‘ command on the same router.
   
10. ‘weight’ and ‘local-preference’ are set inbound and they affect outbound traffic. But ‘as-path’ and ‘med’ are set outbound and they affect inbound traffic.
11. The weights assigned with the ‘set weight …’ route-map command overrides the weights assigned using the ‘neighbor… weight …‘ command.
12. Origin code ‘i’ is default on the BGP routes advertised by ‘network …‘, ‘aggregate-address …‘ (if all subnet has ‘i’), and ‘neighbor … default-originate‘ commands. And origin code ‘?’ is default on the BGP routes advertised by ‘redistribute …‘, ‘aggregate-address …‘ (if any single subnet has ‘?’, but can be changed using ‘attribute-map’ option), ‘default-information originate‘, and ‘bgp inject-map …‘ commands.
    
13. When BGP originates a route with the ‘network …’ command, MED is copied from the metric of the original route.
14. BGP MED values are not passed beyond the receiving (neighbor) AS.
15. Enabling the ‘bgp deterministic-med’ command ensures the comparison of the MED variable when choosing routes advertised by different peers in the same autonomous system. Enabling the ‘bgp always-compare-med’ command ensures the comparison of the MED for paths from neighbors in different autonomous systems.
16. The default behavior of BGP routers that run Cisco IOS software is to treat routes without the MED attribute as having a MED of 0, making the route that lacks the MED variable the most preferred. The ‘bgp bestpath med missing-as-worst‘ command can be configured to treat the route that missing MED as the least preferred one.
17. 'bgp bestpath as-path ignore' is a hidden command in Cisco IOS which allows BGP to not consider the AS path during best path route selection.
18. There are two ways to create an aggregate address under BGP. The first is to create a static route to null interface in the routing table for the aggregate address and then advertise it with the 'network …' command. The second way is to use the 'aggregate-address …' command.
19. By default when aggregation is configured in BGP, the 'atomic-aggregate' attribute is attached to the aggregate address if the 'as-set' argument is not used in the 'aggregate-address …' command. The 'as-set' argument reveals the AS numbers which can prevent a routing loop, and once 'as-set' is configured along with the 'aggregate-address …' command, the 'atomic-aggregate' attribute is automatically removed.
20. A router reflector and its clients are known collectively as a cluster. If the cluster contains a single route reflector, the cluster ID is the router ID of the route reflector. If the cluster contains multiple route reflectors, each RR must be manually configured with a cluster ID.
21. A client router in a route reflection cluster can peer with external neighbors, but the only internal neighbor it can peer with is a route reflector in its cluster or other clients in the cluster. Clients cannot peer with routers outside of their own cluster. However, the RR itself can peer with both internal and external neighbors outside of the cluster and can reflect their routes to its clients.
22. In case of route reflection, (1) routes from EBGP are advertised to EBGP, client, non-client (2) routes from client are advertised to EBGP, client, non-client (3) routes from non-client are advertised to EBGP, client.
23. When the 'no bgp client-to-client reflection' command is configured the RR does not reflect routes from one client to another. It does, however, continue to reflect routes from clients to peers outside of the cluster, and from peers outside of the cluster to clients.
24. Standard and extended BGP communities are removed from the reflected routes unless the 'neighbor … send-community [both]' is configured on the route reflector. The link bandwidth community is removed from reflected route if the route-reflector performs IBGP multipath load-sharing for that route.
25. The “neighbor … nexthop-self” on router reflectors only affects the next hop of eBGP learned routes because the next hop of reflected routes should not be changed. To avoid a common configuration error for reflected routes, the “set ip next-hop” command should not be used in a route map to BGP route reflector clients. 
26. Unlike route reflector environments in which only the route reflector itself has to support route reflection, all routers within a confederation must support the confederation functionality.
27. EBGP routes external to the confederation are preferred over EBGP routes to member autonomous systems, which are preferred over iBGP routes.
28. AS_PATH types are AS_SEQUENCE, AS_CONFED_SEQUENCE, AS_SET, and AS_CONFED_SET. AS_SEQUENCE is an ordered set of AS numbers, and AS_SET is an unordered set of AS numbers. AS_CONFED_SEQUENCE and AS_CONFED_SET are the same as AS_SEQUENCE and AS_SET but are used only within BGP confederations.
29. When 'bgp bestpath med confed' command is configured, the router picks the confederation-internal path with the lowest MED and ignores the path with the external AS number.
30. BGP private autonomous system numbers are from 64,512 to 65,535
31. BGP prefixes can be filtered using
    
    1. 'distribute-list',
    2. 'prefix-list',
    3. 'filter-list',
    4. 'policy-list',
    5. community/extended community lists,
    6. 'route-map'
32. For BGP, the 'distance …' command sets the administrative distance of the External BGP (eBGP) route. This command only affects the routing table and not the BGP table.
33. The 'network … backdoor' command has the same effect as the 'network …' command. The EBGP route is treated as a local BGP route, and the administrative distance is changed to 200. The difference is that the address specified by the network backdoor command is not advertised to EBGP peers.
34. iBGP routes are not redistributed into an IGP unless you use "bgp redistribute-internal" command under BGP routing process.
35. 'bgp inject-map … exist-map …' command injects prefixes in the local BGP RIB when a valid parent route exists. Only prefixes that are equal to or more specific than the aggregate route (existing prefix) can be injected. exist-map (route-map) must contain a 'match ip address prefix-list …' command statement to specify the aggregate prefix and a 'match ip route-source prefix-list …' command statement to specify the route source. If the parent route is a default route, we can inject any route out of it.
36. A BGP neighbor cannot be configured to work with both peer groups and peer templates. BGP peer templates and BGP peer groups are mutually exclusive.
37. Peer session template can inherit only one session template directly, but peer policy template can inherit multiple policy templates.
38. When the maximum number (as set by the 'neighbor … maximum-prefix …' command) of prefixes are reached, the string "PfxRcd" appears in the entry, the neighbor goes to shutdown  state, and the connection becomes idle.
39. No penalty is applied to a BGP peer reset when route dampening is enabled. Although the reset withdraws the route, no penalty is applied in this instance.
40. In case of iBGP multipath load sharing, when multiple iBGP paths installed in a routing table, a route reflector will advertise only one of the paths (one next hop).
41. For multiple paths to the same destination to be considered as multipaths, all attributes including weight, local preference, autonomous system path (entire attribute and not just length), origin code, MED, and IGP distance must be same. But if 'bgp bestpath as-path multipath-relax' command is configured, the AS paths still have to be the same length, but don't have to be identical.
42. Though BGP Multipath allows the installation of multiple BGP paths (for load sharing purpose) into the IP routing table for the same prefix, it does not affect the bestpath selection. A router still designates one of the paths as the best path and advertises this best path to its neighbors.
43. 'neighbor … dmzlink-bw' command can be used with eBGP and iBGP multipath features to enable unequal cost load balancing over multiple links. BGP can originate the link bandwidth community only for directly connected links to eBGP neighbors.
44. The 'bgp update-delay …' command is used to tune the maximum time the software will wait after the first neighbor is established until it starts calculating best paths and sending out advertisements.
45. The "neighbor … local-as …" command is valid only if the peer is a true eBGP peer. It does not work for two peers in different sub-ASs in a confederation.
46. In a route-map, a continue clause can be executed, without a successful match, if a route map entry does not contain a match clause. But if a match clause exists, the continue clause is executed only if a match occurs. If no successful matches occur, the continue clause is ignored. The continue statement proceeds to the specified route map entry only after configured set actions (if any) are performed.
47. When multiple values are configured in the same community list statement, a logical AND condition is created. All community values must match to satisfy an AND condition. When multiple values are configured in separate community list statements, a logical OR condition is created. The first list that matches a condition is processed.
48. While redistributing OSPF into BGP, by default only OSPF intra-area and inter-area routes are redistributed into BGP.
49. When a BGP router with synchronization enabled has also a OSPF route (redistributed from BGP) for a iBGP-learned route, then the OSPF ASBR router-id must match the originating BGP router-id in order to synchronize BGP route with OSPF route.
50. An "update group" is a group of peers with a common outbound policy which will be converged as if they are in a peer-group.

Previous posts in our CCIE Study Guide Series are:

• EIGRP
• OSPF
• IPV 6

CCIE Study Guide: IPv6 Notes

IPv6 is a very hot topic these days, as the availability of IPv4 is coming to an end. The third part of our CCIE Study Guide Series and provides useful notes about IPv6.

• 128 bit addresses – eight 16bit hex fields
• Native support for mobile IP and IPSec
• Headers – 8

Version = 6
Traffic class = equivalent to IPv4 type of service
Flow label = allows packet to be labeled as part of a particular flow
Payload length = equivalent to the IPv4 total length field
Hop limit = similar to TTL
Next header = similar to the IPv4 protocol field
Source address/destination address = 128 bits each!

• Zero Compression

A double colon can be written to represent a block of zeros within the IP address.
Can only be used once in a given IPv6 address
Ex: 1234:1234:0000:0000:0000:0000:3456:3456
Ex: 1234:1234::3456:3456

• Leading Zero Compression

Leading zeros in each field can be eliminated
Can be used as many times as you’d like in a given address
Ex: 1234:1234:0000:0000:0000:0001:3456:3456
Ex: 1234:1234:0:0:0:1:3456:3456
Leading Zero and Zero compression can be used together

• Ex: 1234:1234:0000:0000:0000:0001:3456:3456
• Ex: 1234:1234::1:3456:3456

• Address types

Aggregatable global unicast address

• Equal to IPv4 public address. This is a world routable address

Link local address

• These addresses are specific to the physical link. I’m thinking this works similar to APIPA addresses in IPv4

Site local address

• This is equivalent to RFC 1918 addresses in IPv4

• Initial bit identifiers

001 – global addresses
1111 1111 – multicast (FF) ff00::/8
1111 1110 11 – site local (FEC0)
1111 1110 10 – link local (FE80)
1111 1110 1 – signifies private IP space
::x.x.x.x – IPv4 compatible address. The first 96 bits are set to 0
::1 – loopback addresses equivalent to 127.0.0.1
::/128 – unspecified address
::/0 – default route/address

• SLA – site level aggregator works similar to an IPv4 subnet address

16 bits offering up to 65,000 subnets

• Packet types

Unicast – one to one communication
Multicast – one to many or many to one communication
Anycast – anycast addresses are assigned to multiple interfaces. When a host sends an anycast packet, it is received by the nearest member of the group only.

• Address assignments

IPv6 auto configuration is equal to IPv4 DHCP

• Two types – stateful and stateless
• Stateful – DHCPv6
• Stateless – no server is used

         • I believe this works by the host sending a request to the local router/gateway and getting certain information from there.
         • Router solicitation and advertisement messages similar to NS/NA messages below. Sent to FF02::2 (all routers multicast)

Neighbor solicitation message is sent to make sure there are no dupes on a local segment. NS is multicast to FF02::1 (all nodes multicast)
Neighbor advertisement message is sent in response to an NS to inform of any dupes

• IPv6 Routing

Ipv6 unicast-routing global configuration command must be entered to use IPv6 in Cisco IOS
OSPFv3 – RFC 2740

• Router ID has to be manually set under the OSPFv3 process. This is still a 32 bit value
• R1(config-if)# ipv6 ospf process id area 0
• R1(config)# ipv6 router ospf 1
• R1(config-rtr)# router-id x.x.x.x
• R1(config-rtr)# Pay attention to the router config prompt!!!!

RIPng – RIP new generation
IS-IS for IPv6
EIGRP for IPv6
Static routing
Multi Protocol BGPv4 (MPBGP4 or just MPBGP)

• IPv6 and IPv4 playing together

Dual stack – equipment runs both IPv4 and IPv6 stacks. I never really thought of this, but is there a metric or preference for systems running dual stack? For instance, if host 1 and host 2 were both running dual stacks, would they prefer one over the other?

6 to 4 tunneling – automatic, scalable, not always up.

• This is used to tunnel IPv6 traffic over an IPv4 link
• Reserved prefix of 2002:IPv4inhex::/48
• R1(config)#interface fa 0/1
• # ip addr 220.200.18.42 255.255.255.0
• # interface tunnel 0
• # ipv6 addr 2002:dcc8:112a::/48

NAT-PT

• Allows IPv6 hosts to talk to IPv4 hosts using NAT between the two.
  
  We are preparing some notes about how to configure NAT and hope to bring them to you soon.

Previous posts in our CCIE Study Guide Series were:

• EIGRP
• OSPF

CCIE Study Guide: OSPF Notes

This is the second title in our CCIE Study Guide Series, which shall provide some useful guidelines that help to learn about OSPF.

•    Two tier hierarchical design
•    Dijkstra’s algorithm – shortest path first

Used to calculate best paths to destinations
Based on link state database
Each router in OSPF runs SPF itself

•    OSPF neighbor table – Adjacency Database
•    OSPF topology table – OSPF topology DB – LSDB
•    Routing table – Forwarding DB
•    Two area types

Transit – backbone – area 0
Regular – user access – all other areas
All regular areas must connect to area 0
Areas minimize routing tables
Localize impact of topology changes
Stop detailed LSA floods at area boundaries

•    ABR – area backbone router

Functions as default route or default path out of area
Separates LSA flood zones
Connects multiple areas

•    DR/BDR – designated router / backup designated router

Multicast address for DR/BDR 224.0.0.6
All other routers on network form adjacency with DR/BDR
LSA’s are only exchanged with these two
All other routers called DROTHERs
Elected by highest priority (default priority is 1)

•  Priority zero cannot be elected DR/BDR

•    Ip ospf priority {#} interface command

• Changing DR/BDR priority to zero takes effect immediately
• Changing priority on DROTHER to something else has no effect until re-election
• If tie in priority, highest router-ID (active IP interface) is used to break tie

Any new routers brought onto the network will form full adjacency with dr/bdr and two way state with other neighbors.
hanging priority to zero on a DR/BDR will take effect immediately.

•    ASBR

Connects the OSPF AS to an outside AS
Redistribution point

•    Five OSPF Packet types

Hello – discover and building adjacency
Hello packets are sent every 10 seconds on multi access networks
Dead interval is 4 times hello interval
Database description – DBD/DDP – checks for db synchronization
Link-state request – requests specific link-state records
Link-state update – response to LSR
Link-state ack – acknowledges other packet types

•    Operational States

 Down
Init state – routers multicast initial hello (224.0.0.5)
Two way – routers send unicast hellos listing neighbors
Exstart – master/slave relationship established with DR/BDR
Exchange – DDPs are exchanged
Loading – LSRs for specific networks
Full – all LSDBs are synchronized with DR/BDR.  Routers are able to route traffic

•    Communication

224.0.0.5 multicast to everyone
224.0.0.6 multicast to DR/BDR
LSAcks are sent unicast
LSDB summaries are multicast every 30 minutes

•     Entries have a max life of 60 minutes

32 bit sequence numbers are used for link-state advertisements

• The sequence number can be seen with the “show ip ospf database” command

Loopback interfaces are recommended for stability and RID

•  RID can be manually set using router-id router configuration command

•    If RID was set with loopback, a router reboot is required for the router-id command to take effect
•    If RID was set with router-id  command, it can be changed with “clear ip ospf process” command
•    Network Types

•     Point to Point

Multicast 224.0.0.5 to discover neighbors
No DR/BDR
ip unnumbered is possible over point to point links
10/40 hello/dead interval

 

• Broadcast

DR/BDR are the central point of contact in the network

• Non broadcast multi-access

By default, OSPF cannot form neighbor adjacencies
DR/BDR elections become crucial

•    Hub/spoke, not all spoke sites can communicate directly

Three topologies

•    Full mesh – costly, requires separate VC’s for connectivity between each site
•    Partial mesh
•    Star – hub/spoke

•     Modes of operation

•    Ip ospf network {mode} interface command
•    Broadcast – Cisco Proprietary

WAN links are treated like LAN interfaces
Multicast hello for discover
Full/partial mesh

•    Non broadcast – RFC Compliant

One IP subnet for all spokes
Neighbors are manually configured
DR/BDR is also manually rigged/configured to insure connectivity to DR

•    Point to multi-point – RFC Compliant

Multicast hello for discover
No DR/BDR (requires additional LSAs)
Mesh/star

•    point to multi-point non broadcast – Cisco Proprietary

Used in place of P2MP where broadcasts and multicast are disabled
Neighbors are manually configured

•    point to point – Cisco Proprietary

Different IP subnet on each interface
No DR/BDR elected or needed
LAN or WAN interface

•    Default Modes

Point to point FR – point to point mode
Multipoint FR (subinterfaces) – non broadcast
main FR interface – non broadcast

 
•    NB mode neighbor configuration

Neighbor {ip} priority {# default 0} poll-interval {#} cost {1-65535} database-filter all

mode	prefer topo	subnet	hello timer	adjacency	RFC	example
bcast	Full/partial	Same	10 sec	Auto DR	Cisco	LAN
non bcast	Full/partial	Same	30 sec	Manual DR	RFC	FR
p2mp	Partial/star	Same	30 sec	Auto no DR	RFC	FR bcast
p2mp nb	Partial/star	Same	30 sec	Manual	Cisco	FR nbcast
p2p	Partial/star	Diff	10 sec	Auto no DR	Cisco	serial/sub

•    LSA Types

• Router LSA – type 1

IntraArea LSA generated by every router in the area.  Advertises link states.  The LSID = RID of originator

• Network LSA – type 2

Network LSA generated for Multiaccess networks
Generated by DR – LSID = RID of DR

• Summary LSA – type 3

Summary advertisements generated by ABR
Summarizes type 1 LSAs from one area to another
Describes routes to area’s networks (aggregate routes)
LSID = destination network #
Not flooded to stubby, totally stubby, or not so stubby areas
Routes are NOT automatically summarized

• Summary LSA – type 4

Generated by ABR to advertise the presence of an ASBR.  ASBR sends type 1 with e-bit set to ID itself
Routes to ASBR
LSID = RID of describe ASBR
Not flooded to stubby, totally stubby, or not so stubby areas
Routes are NOT automatically summarized

• AS External LSA – type 5

Generated by ASBRs to advertise external networks and autonomous systems.  LSID = external network #
Contains all routes separately, unless manually summarized
ABRs pass type 5 LSAs on to the rest of the AS

• Multicast OSPF LSA – type 6

• NSSA External LSA – type 7

ASBR in a stubby area that needs to pass external routes back into the AS.  Stubby area needs to be reclassified as NSSA to allow those routes.

• ABR receives type 7 LSAs and forwards them as type 5 to the rest of the AS

• External LSA for BGP – type 8

•    Cost/Metric

•   100mbps/link speed = cost

Example  100mbps interface has cost 1
Unfortunately, 1000mbps interface also has cost 1

•    Auto-cost reference-bandwidth {ref bw} interface command to change this behavior

bandwidth {value} interface command to define actual bandwidth
ip ospf cost {value} interface command

•    Route summarization

Occurs at ABRs, relies on contiguous IP design
Area # range {addr | mask} advertise/not-advertise cost {#}
Router will create a summarized route to null 0
ASBR Summarization

Summary-address {addr | mask } tag router config command

• Default route

Default-information originate always metric {value}
Per Cisco, default metric of 10. 

OSPF Area Types
Standard Area

Accepts link updates, route summaries, and external routes

• Stub Area

Blocks type 5 LSAs.  No routes external to the AS.  If stubs need to connect to external AS, they use default routes.

• Totally Stubby Area

Blocks type 3, 4, and 5 LSAs.  No external AS, no summary routes.  Uses default route for everything outside of the local area.

• Not So Stubby Area

Acts like a stub/tsa but allows ASBR connected to it
ASBR in an NSSA generates type 7 LSA

ABR to NSSA translates Type 7 to Type 5 before passing along to the rest of the ASRoutes from Type 7 LSA show in routing table as O N1 or O N2 (type 2 is default)

• Stub/TSA/NSSA configuration

Area # stub router configuration command on all routers in area
Area # stub no-summary router configuration command on ABR for TSA
 area # nssa no-summary

• Virtual Links

Allow extension of Area 0 through another area
Area # virtual-link RID where RID is the RID of the neighbor on the other side of the VL
sho ip ospf virtual-links

•  Helpful commands

Sho ip ospf neighbor
Sho ip ospf database
Sho ip ospf adj  this is ADJ, not adjacency!!!!!!

Previous posts in our CCIE Study Guide Series are:

• EIGRP

CCIE Study Guide: EIGRP Notes

This is the first among our CCIE Study Guide Series and attempts to guide you through EIGRP, with some study notes.

Cisco Proprietary Protocol
Advanced distance vector
Automatic summarization at classful boundary (can be disabled/turned off)

supports VLSM/CIDR
manually summarized routes have AD of 5, point to NULL0
more specific routes within summarized range must exist in routing table, or summarized route disappears

multicast address 224.0.0.10

Unicast and multicast are used for updates

IP/IPX/Appletalk routed protocol support
no special configuration required for various layer 2 technologies
Unequal cost load balancing
Successor - Best path to a destination
Feasible sucessor - second best path to a destination

Advertised Distance - cost from next hop to final destination
Feasible Distance - cost from local router to final destination
For Feasible successor to be used, AD must be less than the FD through successor

Hello Packets are sent every 5 seconds on links greater than T1

sent every 60 seconds for T1 and slower
hold time interval defaults to 3 times the hello interval
changing default hello interval does NOT automatically update the hold time

ip hello-interval eigrp {as} {seconds} interface command
ip hold-time eigrp {as} {seconds} interface command
Un-acknowledged multicast updates are unicast to the host that did not ack.  This avoids hold ups with further updates to the rest of the network
EIGRP metric is based on load, bandwidth, delay, and reliability.

Cisco recommends leaving k values at default

Configuration of EIGRP

router eigrp {as}
network {address | wildcard mask} (wildcard is optional)
no auto-summary (turns off summarization at classful boundary)
redistribute static (redistributes any static routes into the protocol)
variance {#} (modifies which routes will be considered for unequal cost load balancing)
max-paths {#} (number of paths to be used for load balancing. default is 4, max is 16)
ip summary-address eigrp {as} {address | mask} (interface configuration command to summarize routes at a non classful boundary.)
eigrp stub receive-only ( this creates a stub in eigrp.  The “receive-only option” tells the stub router to not send ANY routes)

EIGRP Authentication

EIGRP supports cleartext and MD5 authentication.  It looks like we’re only concerned with MD5 for the exams (for obvious security reasons)

ip authentication mode eigrp {as} md5 (interface config mode)
ip authentication key-chain eigrp {as} {name of keychain}
key chain {name of keychain} (global config mode)
key {key-id} (this can be between 0-2147483647)
key-string {key}

As of IOS 12.3, EIGRP sends a graceful goodbye message when bringing the process down.  Goodbye messages are sent inside of Hello packets

Helpful Commands

show ip eigrp neighbors
show ip route
show ip route eigrp
show ip protocols – shows active routing protocol info (displays k values)
show ip eigrp interfaces
show ip eigrp toplogy – successor/feasible successor
show ip eigrp traffic
debug eigrp packets

Key technologies

DUAL Finite State
RTP
Neighbor discovery/recovery
Protocol dependant modules (ip, ipx, appletalk)

Wait for all the other CCIE preparation notes, which are under preparation.

CCIE Study Guide Series: Start with Something Easier

Aspirations, multi-hued dreams never end. It follows one to other. But very few people follow and defeat it. Your success depends on what you do for yourself because you can never give or make things from an empty vessel. IPSR is all set to bring a new study - aid series for our Cisco aspirants! These CCIE study notes can be used more as a study guide to dig deeper into the texts you are reading.

Cisco certification comprises five levels: Entry, Associate, Professional, Expert and Architect. For professionals, it’s a new effort from IPSR Cisco team to bring expert assistance to help prepare and shape your career into expert-level, with these study notes. Cisco Certified Internetwork Expert (CCIE) is an advanced level technical networking Cisco Certification, considered as one of the hardest certifications in the world. It includes four major tracks Routing & Switching, Security, Service Provider & Voice. Remember, to achieve this level of certification requires extensive knowledge of various router configurations and troubleshooting. So, start thinking to be an expert who can troubleshoot and maintain complex service provider.

IPSR aims to develop a perfect learning guide that assists Cisco candidates to lead a successful CCIE certification and career. CCIE Study Guide series comprises of the following: 

1. EIGRP
2. OSPF
3. IPV 6
4. BGP

We wish that our CCIE notes helps you to study better and build a successful career in the networking industry with Cisco expert-level certifications.