Pages

network cisco ccna gns3 certification arteq

network cisco ccna gns3 certification arteq
a network runs through it

Search insearchofthecert

Monday, May 27, 2013

gns3vault ccie lab 1...

completely contained in gns3... 3725 routers, 3640's with nm16...


the configs files and topology.net can be downloaded here:

http://ccieordie.com/?p=837


Wednesday, May 8, 2013

krzysztof's mind map...

posted at ccieordie.com


Krzysztof Saleski CCIE# 24081 mind map…

this is an amazing effort and used to be available here:
http://inetcon.org/study/CCIE_RS_Quick_Review_Kit.pdf

however, this link is busted, or at least doesn’t point to this great pdf anymore… fortunately, i have a downloaded copy, and i don’t think krzyztof will mind as it has been posted free for a long time… so here it is… it lives:

CCIE_RS_Quick_Review_Kit


 

Wednesday, April 3, 2013

more on wendell's new icnd2...

1. The sending VPN device  feeds the orignal packet and the session key into the encryption formula, calculating the encrypted data.

2. The sending device encapsulates the encrypted data into a packet, which includes the   new IP header and VPN header.
 

3. The sending device sends this new packet to the destination VPN device  

4. The receiving VPN device runs the corresponding decryption formula, using the
encrypted data and session key—the same key value as was used on the sending VPN
 device—to decrypt the data.


it is safe to say the icnd2 is no longer the same animal as it was... for those just starting out, go right to the new books... for those half way through ccna, go back to the beginning if you don't think you'll make it to the exam before october 1st... for those who have ccna or better, this is a must read...

Friday, March 29, 2013

wendell's new ccna series...

if you haven't done so already, get over to ciscopress and get wendell's new cnna book(s)...  this is a major departure from the last icnd1 and 2...  any self respecting network guy/ccna or better will want to read this right away... there are also many extras, videos, tests, etc... 

no matter your certification level, this is a must... it'll probably be quite a few years before another...

i got mine two days ago....

below is a post i did over on ccieordie.com

quote of the day, wendell…

of course i got the new ccna book (the icnd2, anyway) because this is monumental… it has been quite a while since there has been a sweeping change to this series…  anyone who has slaved through ccna will want to read this, no matter your current cert level… it also comes with extra content like videos, test engine, etc…  you owe it to yourself to take a walk down memory lane…

here is a nice sample tidbit…  you know by default the priority of a switch is 32,768 without the extended system id… when using the root primary macro, the new setting will be 24,576… you also know that priority is set in 4096 increments… but that’s an 8192 difference not 4096… do the math…

For the switch intended to take over as the root if the first switch fails, use the spanning-tree vlan vlan-id root secondary command. This command is much like the spanning-tree vlan vlan-id root primary command, but with a priority value worse than the primary switch but better than all the other switches. This command sets the switch’s base priority to 28,672 regardless of the current root’s current priority value.

Thursday, February 14, 2013

again with the beginning...

ccieordie.com is the new beginning... 

when i first launched this thing it was dedicated to the struggles in the trenches... that's where it hurts the most... i do not envy those starting the journey, but i do envy the excitement of discovery...

this place is about the pain of adversity...

ccieordie.com will be about the new pain... i thought all along if i ever survived CCNA, and God willing CCNP, that i would launch a new site...

that has happened...

i'm going after CCIE like i always knew i would and i don't care who gives a shit...

this place isn't going away, but my sorry ass ruminations will mostly be chronicled there...

remember that none of it matters until CCNA...

ccie or die...

i'm building a new site dedicated to my pursuit of ccie...

it can be found here:

http://ccieordie.com/

be patient, content is coming...

this is the logical continuation...

gre instead of virtual link...

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00801ec9ee.shtml#using

this is borderline trivia, and i think bad design, however... a very good reason to not use a vl is due to the DNA (do not age) or no dead timer...


where am i...

as you might imagine, i am currently lost... i went through a bout of decompression yesterday after finally consolidating CCNP... this has been a dream of mine for a long time and now that it is here it will take some getting used to... but i'm sure i will get used to it...

the fact is there is no celebration going on here...  there is only the work, more consolidation, going back to the beginning to move forward again...

there is some relief that there is no test in the coming months... i plan to wait until the first of next year before sitting the CCIE written... and that was always the plan; yesterday has not changed that... 

pucker time is over and i am happy about the loneliness of the long distance run ahead... there is no immediate fight; there is no rush; there is only the battle with me now... and for that i am grateful...

back to squares...

but i do like having this to keep me company:


Tuesday, February 12, 2013

sid...

short for sid vicious because of his hair... a new friend of mine... he likes the chow here...


Monday, February 11, 2013

area 0...

that old ospf design guide is great...

http://www.cisco.com/en/US/tech/tk365/technologies_white_paper09186a0080094e9e.shtml#t6

The Backbone and Area 0

OSPF has special restrictions when multiple areas are involved. If more than one area is configured, one of these areas has be to be area 0. This is called the backbone. When designing networks it is good practice to start with area 0 and then expand into other areas later on.

The backbone has to be at the center of all other areas, i.e. all areas have to be physically connected to the backbone. The reasoning behind this is that OSPF expects all areas to inject routing information into the backbone and in turn the backbone will disseminate that information into other areas.

 contrast this with what jeff doyle wrote...

Why does OSPF require all traffic between non-backbone areas to pass through a backbone area (area 0)?

Because inter-area OSPF is distance vector, it is vulnerable to routing loops. It avoids loops by mandating a loop-free inter-area topology, in which traffic from one area can only reach another area through area 0. 


Saturday, February 9, 2013

ospf multiple area, summarization, stubs...

i've been saying this for a long time... all of this is over-engineering... it's easily relegated to network trivia, or a "we do it because we can" philosophy... but nobody wants to hear me say it... listen to these guys then...

it is no wonder my mind glazes over when these discussions come up...

http://packetpushers.net/show-134-ospf-design-part-1-debunking-the-multiple-area-myth/

and we'll have an area here and here and here, and this will be a stub, and we'll summarize there, and that needs to be nssa because it sounds cool and we get to use it in a sentence... gimme a break...

passive interface, eigrp and ospf...

this command can certainly be a pain in the ass...

ospf gives you a decent way to detect it with:

R1#sh ip ospf int s1/0.12
Serial1/0.12 is up, line protocol is up
  Internet Address 10.1.1.1/30, Area 12, Attached via Network Statement
  Process ID 1, Router ID 1.1.1.1, Network Type POINT_TO_POINT, Cost: 64
  Topology-MTID    Cost    Disabled    Shutdown      Topology Name
        0           64        no          no            Base
  Transmit Delay is 1 sec, State POINT_TO_POINT
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    oob-resync timeout 40
    No Hellos (Passive interface)
  Supports Link-local Signaling (LLS)
  Cisco NSF helper support enabled
  IETF NSF helper support enabled
  Index 2/2, flood queue length 0
  Next 0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 2
  Last flood scan time is 0 msec, maximum is 12 msec
  Neighbor Count is 0, Adjacent neighbor count is 0
  Suppress hello for 0 neighbor(s)
  Message digest authentication enabled
    Youngest key id is 1

although you have to look; it doesn't jump out at you...

eigrp isn't as friendly...

R4#sh ip eigrp int
EIGRP-IPv4 Interfaces for AS(10)
                              Xmit Queue   PeerQ        Mean   Pacing Time   Multicast    Pending
Interface              Peers  Un/Reliable  Un/Reliable  SRTT   Un/Reliable   Flow Timer   Routes
Fa0/1                    1        0/0       0/0          19       0/0           84           0
R4#config t
Enter configuration commands, one per line.  End with CNTL/Z.
R4(config)#router eigrp 10
R4(config-router)#no passive-int f0/0
R4(config-router)#
*Feb  9 09:45:59.609: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.1.4.6 (FastEthernet0/0) is up: new adjacency
R4(config-router)#do sh ip eigrp int
EIGRP-IPv4 Interfaces for AS(10)
                              Xmit Queue   PeerQ        Mean   Pacing Time   Multicast    Pending
Interface              Peers  Un/Reliable  Un/Reliable  SRTT   Un/Reliable   Flow Timer   Routes
Fa0/1                    1        0/0       0/0          19       0/0           76           0
Fa0/0                    1        0/0       0/0          19       0/0           76           0
R4(config-router)#do sh ip eigrp neigh
EIGRP-IPv4 Neighbors for AS(10)
H   Address                 Interface              Hold Uptime   SRTT   RTO  Q  Seq
                                                   (sec)         (ms)       Cnt Num
0   10.1.4.6                Fa0/0                    11 00:01:17   19   114  0  814
1   10.1.4.10               Fa0/1                    14 00:28:05   19   114  0  788
R4(config-router)#router eigrp 10
R4(config-router)#passive-int f0/0
R4(config-router)#
*Feb  9 09:47:35.717: %DUAL-5-NBRCHANGE: EIGRP-IPv4 10: Neighbor 10.1.4.6 (FastEthernet0/0) is down: interface passive
R4(config-router)#do sh ip eigrp neigh
EIGRP-IPv4 Neighbors for AS(10)
H   Address                 Interface              Hold Uptime   SRTT   RTO  Q  Seq
                                                   (sec)         (ms)       Cnt Num
1   10.1.4.10               Fa0/1                    11 00:28:32   18   108  0  788

the eigrp commands just show you that it's NOT there... debug doesn't help either...

trace and ttl...

http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00800a6057.shtml


The Traceroute Command

The traceroute command is used to discover the routes that packets actually take when traveling to their destination. The device (for example, a router or a PC) sends out a sequence of User Datagram Protocol (UDP) datagrams to an invalid port address at the remote host.

Three datagrams are sent, each with a Time-To-Live (TTL) field value set to one. The TTL value of 1 causes the datagram to "timeout" as soon as it hits the first router in the path; this router then responds with an ICMP Time Exceeded Message (TEM) indicating that the datagram has expired.

Another three UDP messages are now sent, each with the TTL value set to 2, which causes the second router to return ICMP TEMs. This process continues until the packets actually reach the other destination. Since these datagrams are trying to access an invalid port at the destination host, ICMP Port Unreachable Messages are returned, indicating an unreachable port; this event signals the Traceroute program that it is finished.

The purpose behind this is to record the source of each ICMP Time Exceeded Message to provide a trace of the path the packet took to reach the destination. For all the options about this command, see Trace (privileged).

R1#trace 10.2.1.4
Type escape sequence to abort.
Tracing the route to 10.2.1.4
VRF info: (vrf in name/id, vrf out name/id)
  1 10.1.1.2 16 msec 20 msec 20 msec
  2 10.1.1.6 28 msec 28 msec 16 msec
  3 10.1.1.10 64 msec 64 msec 60 msec
  4 10.1.4.6 60 msec 68 msec 64 msec
  5 10.2.1.4 64 msec 64 msec 72 msec
R1#
*Feb  9 09:22:22.349: ICMP: time exceeded rcvd from 10.1.1.2
*Feb  9 09:22:22.369: ICMP: time exceeded rcvd from 10.1.1.2
*Feb  9 09:22:22.389: ICMP: time exceeded rcvd from 10.1.1.2
*Feb  9 09:22:22.413: ICMP: time exceeded rcvd from 10.1.1.6
*Feb  9 09:22:22.453: ICMP: time exceeded rcvd from 10.1.1.6
*Feb  9 09:22:22.489: ICMP: time exceeded rcvd from 10.1.1.6
*Feb  9 09:22:22.569: ICMP: time exceeded rcvd from 10.1.1.10
*Feb  9 09:22:22.633: ICMP: time exceeded rcvd from 10.1.1.10
*Feb  9 09:22:22.693: ICMP: time exceeded rcvd from 10.1.1.10
*Feb  9 09:22:22.753: ICMP: time exceeded rcvd from 10.1.4.6
*Feb  9 09:22:22.829: ICMP: time exceeded rcvd from 10.1.4.6
R1#
*Feb  9 09:22:22.893: ICMP: time exceeded rcvd from 10.1.4.6
*Feb  9 09:22:22.965: ICMP: dst (10.1.1.1) port unreachable rcv from 10.2.1.4
*Feb  9 09:22:23.037: ICMP: dst (10.1.1.1) port unreachable rcv from 10.2.1.4
*Feb  9 09:22:23.117: ICMP: dst (10.1.1.1) port unreachable rcv from 10.2.1.4
 


Friday, February 8, 2013

rfc 3330...

years ago when i was dumber than i am now i used to refer to host addresses of 169.254.x.x as those stupid windows addresses that are dished out by microsoft when the host can't find a dhcp server...

they are actually dished out by IANA, kind of... 

IANA                         Informational                      [Page 2]

RFC 3330               Special-Use IPv4 Addresses         September 2002


   169.254.0.0/16 - This is the "link local" block.  It is allocated for
   communication between hosts on a single link.  Hosts obtain these
   addresses by auto-configuration, such as when a DHCP server may not
   be found.

as soon as you get one of those addresses on a host you think, O MY GOD, the dhcp server is down... that might be... however, and i'm sure you know, you also might be experiencing a connectivity problem in the path to the dhcp server...

and there is also the possibility of not getting the 169.254.x.x address although the dhcp server IS down... that's hardly fair... the client has no reason to broadcast for the address again once it has its lease... of course if you manually try to renew and ipconfig hangs up in the pursuit of a legit address, you've suddenly learned something...

for troubleshooting, before blaming the dhcp device, i vett l2 first...

on the client's switch...

sh int
sh vlan brief
sh int trunk
sh etherchannel summ
sh port-sec
and l3 checks if applicable...

generally speaking, if it's a l2 problem, sh int, sh vlan and sh int trunk will reveal most everything...

then onto the next switch in the path, which should eventually lead to the dhcp server...

granted this next guys link is not necessarily troubleshooting, and he may have some thoughts here that you might consider... however even for discovery purposes, i would not resort to his kind of bullshit below...

https://w.ntwk.cc/initial-ccie-lab-checks/

i am not going to pollute my pages with a sample of his, er, ideas...  go see for yourself...
 

quote of the day; jeff doyle on ospf...

jeff speaks...

Why does OSPF require all traffic between non-backbone areas to pass through a backbone area (area 0)?

Because inter-area OSPF is distance vector, it is vulnerable to routing loops. It avoids loops by mandating a loop-free inter-area topology, in which traffic from one area can only reach another area through area 0.


Every link state router floods information about itself, its links, and its neighbors to every other router. From this flooded information each router builds an identical link state database. Each router then independently runs a shortest-path-first calculation on its database – a local calculation using distributed information – to derive a shortest-path tree. This tree is a sort of map of the shortest path to every other router.

One of the advantages of link state protocols is that the link state database provides a “view” of the entire network, preventing most routing loops. This is in contrast to distance vector protocols, in which route information is passed hop-by-hop through the network and a calculation is performed at each hop – a distributed calculation using local information. Each router along a route is dependent on the router before it to perform its calculations correctly and then correctly pass along the results. When a  router advertises the prefixes it learns to its neighbors it’s basically saying, “I know how to reach these destinations.” And because each distance vector router knows only what its neighbors tell it, and has no “view” of the network beyond the neighbors, the protocol is vulnerable to loops.

The second concept is this:

When link state domains grow large, the flooding and the resulting size of the link state database becomes a scaling problem. The problem is remedied by breaking the routing domain into areas: That first concept is modified so that flooding occurs only within the boundaries of an area, and the resulting link state database contains only information from the routers in the area.  This, in turn, means that each router’s calculated shortest-path tree only describes the path to other routers within the area.

The third concept is this:

OSPF areas are connected by one or more Area Border Routers (the other main link state protocol, IS-IS, connects areas somewhat differently) which maintain a separate link state database and calculate a separate shortest-path tree for each of their connected areas. So an ABR by definition is a member of two or more areas. It advertises the prefixes it learns in one area to its other areas by flooding Type 3 LSAs into the areas that basically say, “I know how to reach these destinations.”

Wait a minute – what that last concept described is not link state, it’s distance vector. The routers in an area cannot “see” past the ABR, and rely on the ABR to correctly tell them what prefixes it can reach. The SPF calculation within an area derives a shortest-path tree that depicts all prefixes beyond the ABR as leaf subnets connected to the ABR at some specified cost.

And that leads us to the answer to the question:

Because inter-area OSPF is distance vector, it is vulnerable to routing loops. It avoids loops by mandating a loop-free inter-area topology, in which traffic from one area can only reach another area through area 0.

arp...


resolving a known l3 address to an unknown l2 address...

i suggest you spend some time here, and with rfc 826... it is not enough to have familiarity...

from: http://www.tcpipguide.com/free/t_ARPMessageFormat.htm

Address resolution using ARP is accomplished through the exchange of messages between the source device seeking to perform the resolution, and the destination device that responds to it. As with other protocols, a special message format is used containing the information required for each step of the resolution process.
ARP messages use a relatively simple format. It includes a field describing the type of message (its operational code or opcode) and information on both layer two and layer three addresses. In order to support addresses that may be of varying length, the format specifies the type of protocol used at both layer two and layer three and the length of addresses used at each of these layers.


The ARP message format is designed to accommodate layer two and layer three addresses of various sizes. This diagram shows the most common implementation, which uses 32 bits for the layer three (“Protocol”) addresses, and 48 bits for the layer two hardware addresses. These numbers of course correspond to the address sizes of the Internet Protocol version 4 and IEEE 802 MAC addresses, used by Ethernet.

ccna to ccie...

i have always thought in the past without fully understanding why, that  ccie is  essentially turbo ccna...  i still believe that...

ccnp is  terribly important as it fills in the advanced technologies between... those who choose to make the leap directly from ccna to ccie are brave souls indeed...  ultimately they end up doing ccnp, without calling it exactly that... it is not possible to get there from here in any equation...

however, ccie is ccna without the creamy center of ccnp...

while i wouldn't say that any of them are fun, i will say that ccnp has been an adagio...

i see the entire thing as a play in three acts...

ccna is the first act of course, laying the foundation for the drama through exposition, character establishment and relationships...

ccnp is the rising action; the attempt to learn new things, character development and confrontation along the way...

ccie is the climax, the second turning point; the resolution of the problems set forth...


Thursday, February 7, 2013

stp root switch...

from cisco's 3560/3750 guide which of course you can download...

If all switches in a network are enabled with default spanning-tree settings, (and when they come out of the box they are wearing their birthday suits) the switch with the lowest MAC address becomes the root switch.


that is gospel...

priority is default at 32768...

that is gospel...

this is the BID of this switch on vlan 10...

dsw1#sh spann                                                                 
                                                                              
VLAN0010                                                                      
  Spanning tree enabled protocol rstp                                         
  Root ID    Priority    32778        

32768 + 10 is 32778...

the priority can change all that ONLY if it has been configured to do so... and if it has been configured to do so, the mac doesn't matter...

again, that is if it has been configured to do so...

which means the priority is an afterthought, although we all know you want to be deterministic about the placement of the root switch...

out of the box, MAC is king...

your witness, counselor...

why ospf area's and other sundries...

these kinds of basic questions are tough on the spot...

why ospf areas? ospf areas are like, like life... yeah...



http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094aaa.shtml

Areas limit the scope of route information distribution. It is not possible to do route update filtering within an area. The link-state database (LSDB) of routers within the same area must be synchronized and be exactly the same; however, route summarization and filtering is possible between different areas. The main benefit of creating areas is a reduction in the number of routes to propagate—by the filtering and the summarization of routes.

which really came in handy back when routers had shitty processors and 1k of ram...

An autonomous system boundary router (ASBR) advertises external destinations throughout the OSPF autonomous system. External routes are the routes redistributed into OSPF from any other protocol. In many cases, external link states make up a large percentage of the link states in the databases of every router. A stub area is an area in which you don't allow advertisements of external routes, thus reducing the size of the database even more. Instead, a default summary route (0.0.0.0) is inserted into the stub area in order to reach these external routes. If you have no external routes in your network, then you have no need to define stub areas. 

no external routes equals no redistribution equals no stubs...

All areas in an OSPF autonomous system must be physically connected to the backbone area (area 0). In some cases where this physical connection is not possible, you can use a virtual link to connect to the backbone through a non-backbone area. As mentioned above, you can also use virtual links to connect two parts of a partitioned backbone through a non-backbone area. The area through which you configure the virtual link, known as a transit area, must have full routing information. The transit area cannot be a stub area.

good... and you use the area id virtual-link  command to accomplish this... then what ospf type is a virtual link... would someone please make up my mind...

doyle calls it a network type...

OSPF defines five network types:

Point-to-point networks
Broadcast networks
Nonbroadcast Multiaccess (NBMA) networks
Point-to-multipoint networks
Virtual links

reason number 65,535...

that you should be on cln...


if you don't know who terry slattery is, put yourself in a time out immediately...

like he says above, if you want to be a ccie because of money, there is no hope for you... your cause is lost out the gate...

of multiplexing and sockets...


http://www.inetdaemon.com/tutorials/internet/tcp/multiplexing.shtml

transport layer:

Multiplexing is the process of combining two or more data streams into a single physical connection. TCP provides multiplexing facilities by using source and destination port numbers. These port numbers allow TCP to set up a number of virtual connections over a physical connnection and multiplex the data stream through that connection.

session layer:

 http://www.tcpipguide.com/free/t_SessionLayerLayer5.htm

The primary job of session layer protocols is to provide the means necessary to set up, manage, and end sessions. In fact, in some ways, session layer software products are more sets of tools than specific protocols. These session-layer tools are normally provided to higher layer protocols through command sets often called application program interfaces or APIs.
Common APIs include NetBIOS, TCP/IP Sockets and Remote Procedure Calls (RPCs). They allow an application to accomplish certain high-level communications over the network easily, by using a standardized set of services. Most of these session-layer tools are of primary interest to the developers of application software. The programmers use the APIs to write software that is able to communicate using TCP/IP without having to know the implementation details of how TCP/IP works.
For example, the Sockets interface lies conceptually at layer five and is used by TCP/IP application programmers to create sessions between software programs over the Internet on the UNIX operating system. Windows Sockets similarly lets programmers create Windows software that is Internet-capable and able to interact easily with other software that uses that interface. (Strictly speaking, Sockets is not a protocol, but rather a programming method.)

what is a socket?

http://en.wikipedia.org/wiki/Network_socket

An Internet socket is characterized by a unique combination of the following:
  • Local socket address: Local IP address and port number
  • Remote socket address: Only for established TCP sockets. As discussed in the client-server section below, this is necessary since a TCP server may serve several clients concurrently. The server creates one socket for each client, and these sockets share the same local socket address.
  • Protocol: A transport protocol (e.g., TCP, UDP, raw IP, or others). TCP port 53 and UDP port 53 are consequently different, distinct sockets.