tag:blogger.com,1999:blog-82751167303602506752024-03-05T08:17:39.718+00:00Network Admin StuffNetwork Admin TipsJhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comBlogger115125tag:blogger.com,1999:blog-8275116730360250675.post-35232903760219929892022-08-05T09:28:00.008+01:002022-11-30T07:06:59.687+00:00Cisco Is Easy - Main<p> <span face=""verdana" , sans-serif" style="font-size: x-large;"><span style="font-size: x-largest;"><span style="color: #6aa84f;">Cisco Basics (CCNA level) Lessons:</span></span></span></p><p><span face=""verdana" , sans-serif" style="font-size: x-large;"><span style="font-size: x-largest;"><span style="color: #6aa84f;"><a href="https://www.youtube.com/@curiouscatclub5812">Watch Video Tutorials on Youtube</a> </span></span></span><br />
<br />
<span face=""verdana" , sans-serif"><span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-1-make-yourself-at-home.html">01 - Connecting to Cisco Console Port with MINICOM</a></span></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-2-navigating-in-cisco-ios.html"><span face=""verdana" , sans-serif">02 - Navigating in Cisco IOS</span></a><span face=""verdana" , sans-serif"> - Video Available</span></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-3-initial-configuration-of-cisco.html"><span face=""verdana" , sans-serif">03 - Initial Configuration of Cisco Switch and Router</span></a><span face=""verdana" , sans-serif"> - Video Available</span></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-4-introduction-to-tcpip-layers.html"><span face=""verdana" , sans-serif">04 - Introduction to TCP/IP Layers</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-5-encapsulation-and-de.html"><span face=""verdana" , sans-serif">05 - Encapsulation and De-enapsulation Process</span></a><span face=""verdana" , sans-serif"> - Video Available</span></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-6-example-of-tcpip-traffic-flow.html"><span face=""verdana" , sans-serif">06 - Example of TCP/IP Traffic Flow</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-7-building-home-network.html"><span face=""verdana" , sans-serif">07 - Building a Home Network</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-8-ehternet-and-hub-operations.html"><span face=""verdana" , sans-serif">08 - Ethernet and Hub Operations</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-9-bridgingswitching-learning.html"><span face=""verdana" , sans-serif">09 - Bridging/Switching Learning Process </span></a><span face=""verdana" , sans-serif">- Video Available</span></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/09/lesson-10-cisco-discovery-protocol.html"><span face=""verdana" , sans-serif">10 - Cisco Discovery Protocol </span></a><span face=""verdana" , sans-serif">- Video Available</span></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/09/lesson-11-simple-layer-2-connectivity.html"><span face=""verdana" , sans-serif">11 - Layer 2 Connectivity Troubleshooting Part 1</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/09/lesson-12-layer-2-connectivity.html"><span face=""verdana" , sans-serif">12 - Layer 2 Connectivity Troubleshooting Part 2</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/09/lesson-13-layer-2-connectivity.html"><span face=""verdana" , sans-serif">13 - Layer 2 Connectivity Troubleshooting Part 3</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/09/lesson-14-ntp-and-syslog-services.html"><span face=""verdana" , sans-serif">14 - NTP and Syslog Services</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/09/lesson-15-vlans-overview.html"><span face=""verdana" , sans-serif">15 - VLANs Overview</span></a> - Video Available</span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/10/lesson-16-vlans-in-practice.html"><span face=""verdana" , sans-serif">16 - VLANs In Practice</span></a> - Video Available </span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/10/lesson-17-inter-vlan-traffic-flow.html"><span face=""verdana" , sans-serif">17 - Inter VLAN Traffic Flow Analysis</span></a> - Videos Available</span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/10/lesson-18-vtp-and-vlan-quiz.html"><span face=""verdana" , sans-serif">18 - VTP and VLAN Quiz</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/10/lesson-19-spanning-tree-protocol.html"><span face=""verdana" , sans-serif">19 - Spanning-Tree Protocol Overview</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/10/lesson-20-spanning-tree-protocol.html"><span face=""verdana" , sans-serif">20 - Spanning-Tree Protocol Operation</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/10/lesson-21-spanning-tree-protocol-in.html"><span face=""verdana" , sans-serif">21 - Spanning-Tree Protocol in Practice</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/10/lesson-22-spanning-tree-cisco.html"><span face=""verdana" , sans-serif">22 - Spanning-Tree Cisco Enhancements</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-23-introduction-to-rapid-stp.html"><span face=""verdana" , sans-serif">23 - Introduction to Rapid STP (802.1w)</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-24-layer-2-etherchannel.html"><span face=""verdana" , sans-serif">24 - Layer 2 Etherchannel</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-25-switch-port-security.html"><span face=""verdana" , sans-serif">25 - Switch Port Security</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-26-binary-world.html"><span face=""verdana" , sans-serif">26 - Binary World</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-27-ip-address-subnets-all-that.html"><span face=""verdana" , sans-serif">27 - IPv4 Address Dissected - Part 1</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-28-ipv4-address-dissected-part-2.html"><span face=""verdana" , sans-serif">28 - IPv4 Address Dissected - Part 2</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-29-ipv4-subnetting-rules.html"><span face=""verdana" , sans-serif">29 - IPv4 Subnetting - The Rules</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-30-ipv4-subnetting-practice.html"><span face=""verdana" , sans-serif">30 - IPv4 Subnetting - Practice</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-31-what-is-router.html"><span face=""verdana" , sans-serif">31 - What is a Router?</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/12/lesson-32-route-selection-process.html"><span face=""verdana" , sans-serif">32 - Route Selection Process Demistified</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/12/lesson-33-static-routing.html"><span face=""verdana" , sans-serif">33 - Static Routing</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/12/lesson-34-dynamic-routing-protocols.html"><span face=""verdana" , sans-serif">34 - Dynamic Routing Protocols Introduction</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/12/lesson-35-routing-information-protocols.html"><span face=""verdana" , sans-serif">35 - Routing Information Protocol Part 1</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/01/lesson-36-routing-information-protocol.html"><span face=""verdana" , sans-serif">36 - Routing Information Protocol Part 2</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/01/lesson-37-routing-information-protocol.html"><span face=""verdana" , sans-serif">37 - Routing Information Protocol Part 3</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/01/lesson-38-ospf-fundamentals-part1.html"><span face=""verdana" , sans-serif">38 - OSPF Fundamentals Part 1 - Terminology </span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/02/lesson-39-ospf-fundamentals-part2-hello.html"><span face=""verdana" , sans-serif">39 - OSPF Fundamentals Part 2 - Hello Packets</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/02/lesson-40-ospf-fundamentals-part3.html"><span face=""verdana" , sans-serif">40 - OSPF Fundamentals Part 3 - RouterID and DR/BDR</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/02/lesson-41-ospf-fundamentals-part-4.html"><span face=""verdana" , sans-serif">41 - OSPF Fundamentals Part 4 - Implementation</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/02/lesson-42-ospf-fundamentals-part-5-lab.html"><span face=""verdana" , sans-serif">42 - OSPF Fundamentals Part 5 - The Lab</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/02/lesson-43-eigrp-fundamentals-part-1.html"><span face=""verdana" , sans-serif">43 - EIGRP Fundamentals Part 1 - Overview</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/03/lesson-44-eigrp-fundamentals-part-2.html"><span face=""verdana" , sans-serif">44 - EIGRP Fundamentals Part 2 - Implementation</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/03/lesson-45-eigrp-fundamentals-part-3-lab.html"><span face=""verdana" , sans-serif">45 - EIGRP Fundamentals Part 3 - The Lab</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/03/lesson-46-eigrp-fundamentals-part-4.html"><span face=""verdana" , sans-serif">46 - EIGRP Fundamentals Part 4 - Troubleshooting</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/03/lesson-47-packet-filtering-with.html"><span face=""verdana" , sans-serif">47 - Packet Filtering with Standard ACL</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/03/lesson-48-standard-acl-examples.html"><span face=""verdana" , sans-serif">48 - Standard ACL Examples</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/03/lesson-49-packet-filtering-with.html"><span face=""verdana" , sans-serif">49 - Packet Filtering with Extended ACLs</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/04/lesson-50-extended-acl-examples.html"><span face=""verdana" , sans-serif">50 - Extended ACL Examples</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/04/lesson-51-network-address-translation.html"><span face=""verdana" , sans-serif">51 - Network Address Translation Part 1 - Terminology</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/05/lesson-52-network-address-translation.html"><span face=""verdana" , sans-serif">52 - Network Address Translation Part 2 - Principles of Operation</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/05/lesson-53-network-address-translation.html"><span face=""verdana" , sans-serif">53 - Network Address Translation Part 3 - Overloading Addresses</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/05/lesson-54-network-address-translation.html"><span face=""verdana" , sans-serif">54 - Network Address Translation Part 4 - Configuration Examples</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/05/lesson-55-introduction-to-ipv6-part-1.html"><span face=""verdana" , sans-serif">55 - Introduction to IPv6 Part 1 - Addresses</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/05/lesson-56-introduction-to-ipv6-address.html"><span face=""verdana" , sans-serif">56 - Introduction to IPv6 Part 2 - Address Structure</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/05/lesson-57-introduction-to-ipv6-address.html"><span face=""verdana" , sans-serif">57 - Introduction to IPv6 Part 3 - Address Configuration</span></a></span><br />
<span face=""verdana" , sans-serif"><span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/06/lesson-58-introduction-to-ipv6.html">58 - Introduction to IPv6 Part 4 - Migration</a> </span></span><br />
<span face=""verdana" , sans-serif"><span face=""verdana" , sans-serif"><br />
</span></span><br />
</p><div style="text-align: center;">
<div style="text-align: left;">
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.ie/2014/07/iou-forbidden-fruit.html"><span face=""verdana" , sans-serif">IOU Forbidden Fruit</span></a></span></div>
</div>
<span face=""verdana" , sans-serif">How to install and Use IOS on Linux.</span><br />
<div style="text-align: left;">
<br /></div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; margin: 0px;">
<hr color="grey" />
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; margin: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; margin: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; margin: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; margin: 0px;">
<span face=""verdana" , sans-serif"><b style="color: red;"><span face=""verdana" , sans-serif" style="font-size: xx-small;">Disclaimer!</span></b></span><br />
<span face=""verdana" , sans-serif"><span face=""verdana" , sans-serif" style="font-size: xx-small;">This
is a personal weblog. The opinions expressed here represent my own and
not those of my employer. Also <span style="font-size: xx-small;">the</span>
stupidity is mine and mine alone. Some post content might be rude,
offensive or borderline obnoxious (anything marked with label 'Ranting'
is not suitable for people under 18 years old). Since, I try
to have an open mind you can expect that my opinions may and probably
will change in time. You may
leave some comments but I reserve the right to ignore them completely. </span></span><br />
<span face=""verdana" , sans-serif"><span face=""verdana" , sans-serif"><br />
</span></span><br />
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; margin: 0px;">
<span face=""verdana" , sans-serif"><span face=""verdana" , sans-serif" style="font-size: xx-small;">The
technical content of this blog is a product of
weekend/sleepless-and-or-hotel night/after-work technical struggle.
Despite all efforts, it may be inaccurate and reflects the author's
knowledge as of the time of writing the posts. The
author of the posts will not assume any liability or responsibility to
any person or entity with respect to loss or damages incurred from
information contained in this blog. Any resemblance to some other
training materials and/or CCNA/CCNP/CCIE exams is completely coincidental.</span></span></div>
</div>
</div>
</div>
</div>
</div>
<br />
<br />
<hr color="grey" />Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-44707019682871510412022-08-05T09:21:00.003+01:002022-08-08T08:45:28.058+01:00Lesson 2 - Navigating in Cisco IOS<div style="text-align: center;">
<span style="font-size: x-large;"><a href="https://ciscoiseasy.blogspot.ie/2010/08/lesson-1-make-yourself-at-home.html">Previous</a> | <a href="https://ciscoiseasy.blogspot.ie/">Home</a> | <a href="https://ciscoiseasy.blogspot.ie/2010/08/lesson-3-initial-configuration-of-cisco.html">Next</a></span> </div>
<br />
<div style="text-align: center;">
<span style="font-size: large;">LESSON 2 - LAB</span></div><p>
</p><p style="text-align: left;">Cisco IOS Navigation Part 1<br /><iframe allowfullscreen="" class="BLOG_video_class" height="266" src="https://www.youtube.com/embed/fWjOq3OYBNg" width="320" youtube-src-id="fWjOq3OYBNg"></iframe><br /></p><div><br /></div><div>Cisco Navigation Part 2</div><div><div class="separator" style="clear: both; text-align: left;"><iframe allowfullscreen="" class="BLOG_video_class" height="266" src="https://www.youtube.com/embed/kCZL1Ffjucs" width="320" youtube-src-id="kCZL1Ffjucs"></iframe></div> </div><div></div><div><br /></div><div>
Once, you have connected to your terminal to Cisco switch or router console port power it up and observe startup messages on your screen.<br />
<br />
In case your network device does not have startup-configuration saved in NVRAM/Flash memory, you will be greeted with 'Would you like to enter the initial configuration dialog [yes/no]:' message as depicted below:<br />
<br />
Pic. 1 - System Configuration Dialog<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUzu9_Z9wkHmu5UbO-8ORQJP5LO9OE79VzHNomQ51kIiPCNQbu0GP8xdGg1YlzwyW745by9GO54dMFHjOSoII4QchD78AHNlOjYEV3e0baO0s8OufNJtyNJL8bU0ABllgmPUl2seO7aSM/s1600/initial-config-dialog.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUzu9_Z9wkHmu5UbO-8ORQJP5LO9OE79VzHNomQ51kIiPCNQbu0GP8xdGg1YlzwyW745by9GO54dMFHjOSoII4QchD78AHNlOjYEV3e0baO0s8OufNJtyNJL8bU0ABllgmPUl2seO7aSM/s320/initial-config-dialog.png" /></a></div>
<div style="text-align: center;">
<br /></div>
<br />
You can safely cancel this request as its capability to configure the device is not very impressive. Just enter: no and hit enter twice. Wait, as it takes few seconds for the device to give you prompt back.<br />
<br />
What follows is bunch of messages sent to the screen and after hitting the Enter key few times you get something like this (here is the router, but a switch would introduce itself as ... Switch> ):<br />
<br />
<div style="background-color: #eeeeee; font-family: "Courier New", Courier, monospace;">
Router></div>
<br />
What you are looking at right now is prompt of IOS operating system. Terminal and commands you type are the primary means of 'talking' (configuring/monitoring) your network node (switch/router).<br />
<br />
<span style="font-size: large;"><b>IOS Modes (contexts)</b></span><br />
<br />
From the very beginning try to be attentive to details you see on the screen.<br />
<br />
The prompt of the device tells you which 'context' you are in.<br />
<br />
The prompt that presents '>' character is called '<b style="color: red;">user exec mode</b>' or '<b><span style="color: red;">privilege level 1</span></b> <b style="color: red;">mode</b>'. You can't configure much in this mode of operation. It is designed as a 'monitoring' mode not a 'configuration' one. You should also know that even monitoring capability in user exec mode is limited. For instance, you can't see the running configuration of the device. However, it is useful for less experienced users who want to perform basic diagnostics of the device without risking of accidental re-configuring the device and causing a problem.<br />
<br />
Make sure that if you are learning networking you DO NOT USE PRODUCTION equipment. You should have some lab gear to experiment on. <br />
<br />
Assuming you are using lab equipment let's roll up our sleeves and begin to learn about different IOS contexts.<br />
<br />
Type in the following command:<br />
<br />
<div style="background-color: #eeeeee;">
<span style="font-family: "courier new" , "courier" , monospace;">Router>enable</span></div>
<span style="background-color: #eeeeee; font-family: "courier new" , "courier" , monospace;">Router#</span><br />
<br />
The prompt changes to '#' which is called '<b style="color: red;">privileged exec mode</b>', '<b style="color: red;">enabled mode</b>' or sometimes '<b><span style="color: red;">privilege level 15</span></b> <b style="color: red;">mode</b>'. I would like to draw your attention to two things here. Both modes of operation (or contexts, if you like) have two things in common:<br />
<ol>
<li>They are used primarily to <b>monitor</b> the device (you will be using '<b>show</b>' and '<b>debug</b>' commands in those modes).</li>
<li>Using any IOS command and pressing enter will execute the command as long as its syntax is correct. In case you make a typo or command is not available in the context you are in, an error shows up on the screen and the command will not be executed.</li>
</ol>
<span style="color: red;"><b>NOTICE!</b></span><br />
<span style="color: red;"><b>IOS takes a single command per line that must be accepted with Enter. </b></span><br />
<ol>
</ol>
Now, coming back to those two modes (contexts) here's a somewhat concise explanation of what they are used for and how to use them: <br />
<ol>
<li><b>User Exec Mode</b> - is limited in terms of what information will be available.</li>
<li> <b>Enabled Exec Mode</b> - gives the operator ALL information (like root or Administrator account on a computer).</li>
</ol>
<b><span style="font-size: large;">Question Mark </span></b><br />
<br />
IOS commands (one per line) can be a single keyword or a keyword followed by one or more arguments. You should learn how to ask IOS for help as there will be a lot of commands to remember and a lot of arguments those commands can take.<br />
<br />
Question mark '<b style="color: red;">?</b>' is your best friend in learning commands. It is a built-in help that is a '<b style="color: red;">context-sensitive help</b>'. This means that depending on which context you use, typing a question mark (<b style="color: red;">?</b>) will display only keywords (commands) available in this particular context.<br />
<br />
<span style="font-size: large;"><b>Configurations</b></span><br />
<br />
In order to configure things in Cisco IOS (except for some minor changes), you must enter the '<b style="color: red;">global configuration mode</b>' first which is characterized by the following prompt:<br />
<br />
<div style="background-color: #eeeeee; font-family: "Courier New", Courier, monospace;">
Router(config)#</div>
<br />
This context can be accessed by typing the following command in the '<b style="color: red;">privileged exec mode</b>':<br />
<br />
<div style="background-color: #eeeeee; font-family: "Courier New", Courier, monospace;">
Router#configure terminal</div>
<br />
Whatever you configure device in 'global configuration mode' or 'config mode' it is going to be applied to the device <b>as a whole unit</b> (e.g. hostname, default gateway on a switch etc.). Don't worry about details right now. I will explain them in due time.<br />
<br />
If you want to enter the context of the interface to add some parameters to it such as ip address, speed, duplex, description etc. , you must enter that interface from the global configuration mode like the one below:<br />
<br />
<div style="background-color: #eeeeee; font-family: "Courier New", Courier, monospace;">
Router(config)#interface fastethernet0/1</div>
<div style="text-align: center;">
<br /></div>
<br />
<b>REMEMBER!</b><br />
Watch your prompt to know in which context your cursor is. If a particular command does not work it is either a typo, or perhaps you are in the wrong mode of operation (wrong context).<br />
<br />
If you do not know what interfaces your device has, type the following command in the enabled mode:<br />
<br />
<span style="background-color: #eeeeee; font-family: "courier new" , "courier" , monospace;">Router#show ip interface brief</span><br />
<br />
Here's first 'gotcha'. All 'show' commands can only by typed in either user-exec mode or privileged-exec mode. If you are in the 'config' mode you must precede show command with the 'do' keyword as shown below: <br />
<br />
<div style="background-color: #eeeeee; font-family: "Courier New", Courier, monospace;">
Router(config)#do show ip interface brief</div>
<div style="text-align: center;">
<br /></div>
<br />
Now look at the whole navigation I just showed here:<br />
<br />
<br />
<div style="background-color: #eeeeee; font-family: "Courier New", Courier, monospace;">
<span style="font-family: "courier new" , "courier" , monospace;">Router>enable</span><br />
Router#configure terminal<br />
Router(config)#interface fastethernet0/1<br />
Router(config-if)#do show ip interface brief</div>
<ol>
<li>Entered the interface <b>type</b> (here: Fast Ethernet).</li>
<li>Referenced the <b>module number</b> (here: 0)</li>
<li>Referenced the <b>port number</b> in the module 0 (here: 1)</li>
</ol>
<div style="color: red;">
Please, note that routers count ports starting from 0, switches start counting ports from 1.</div>
<br />
You'll learn other contexts as we go through numerous labs.<br />
<br />
<span style="font-size: large;"><b>Abbreviations</b></span><br />
<br />
You don't have to type in the full words of the commands and certain attributes that follow the commands. For instance, instead of typing:<br />
<br />
<div style="background-color: #eeeeee; font-family: "Courier New", Courier, monospace;">
Router#configure terminal</div>
<div style="background-color: #eeeeee; font-family: "Courier New", Courier, monospace;">
Router(config)#</div>
<br />
You can type:<br />
<br />
<div style="background-color: #eeeeee; font-family: "Courier New", Courier, monospace;">
Router#conf t</div>
<div style="background-color: #eeeeee; font-family: "Courier New", Courier, monospace;">
Router(config)#</div>
<br />
As long as the abbreviation uniquely describes which command you want to use, the system has no problem accepting it.<br />
<br />
<span style="font-size: large;"><b>Shortcuts And Keystrokes</b></span><br />
<br />
When you type enough of the characters that uniquely identify the command in a given context you can use '<b>tab</b>' key and the system is going to complete the command on the screen (just like it happens in Linux terminal).<br />
<br />
I often use the following keystrokes while editing the commands:<br />
<ul>
<li>CTRL-z - takes the cursor back to the 'enabled exec' mode from any other context (Router#)</li>
<li>CTRL-a - takes the cursor to the beginning of the line</li>
<li>CTRL-e - takes the cursor to the end of the line</li>
<li>CTRL-k - erases everything to the right of the cursor</li>
<li>CTRL-u - erases everything to the left of the cursor</li>
<li>Up Arrow or CTRL-P - displays previous command from the history buffer</li>
<li>Down Arrow or CTRL-N - displays next command from the history buffer</li>
</ul>
System keeps the record of up to ten or twenty (default) commands you typed in. That depends on the system you use. You can increase/decrease the history buffer up to 256 commands.<br />
<br />
If you want to check the history buffer size, type in:<br />
<br />
<span style="background-color: #eeeeee; font-family: "courier new" , "courier" , monospace;">Router#show terminal | include history</span><br />
<br />
I will describe this pipe character '|' and 'include' keyword in our practice lab later. <br />
<br />
Changing the buffer size can be accomplished with the following command in the 'enabled mode'<br />
<br />
<div style="background-color: #eeeeee; font-family: "Courier New", Courier, monospace;">
Router#terminal history size 256</div>
<br />
There is another way of doing it, that you will practice in our lab section.<br />
<br />
The above command will increase the size of the history buffer to 256 commands.<br />
<br />
If you want to see the buffer (which commands were typed) use this command:<br />
<br />
<span style="background-color: #eeeeee; font-family: "courier new" , "courier" , monospace;">Router#show history</span><br />
<ul></ul>
If you understand the content of this lesson, let's practice all you have read (and a bit more) in our first lab.<br />
<br /><br />
<br />
<div style="text-align: center;">
<span style="font-size: x-large;"><a href="https://ciscoiseasy.blogspot.ie/2010/08/lesson-1-make-yourself-at-home.html">Previous</a> | <a href="https://ciscoiseasy.blogspot.ie/">Home</a> | <a href="https://ciscoiseasy.blogspot.ie/2010/08/lesson-3-initial-configuration-of-cisco.html">Next</a></span> </div>
<br /></div><div class="separator" style="clear: both; text-align: center;"><br /></div><br />Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-49820011805870343942020-10-22T11:11:00.001+01:002022-06-17T12:12:37.317+01:00MainPage<div style="text-align: left;">
<div style="text-align: left;">
<div style="text-align: center;">
<div style="text-align: left;">
<div style="text-align: center;">
<a href="https://ciscoiseasy.blogspot.com/2020/07/networking-next-step.html"><span face=""verdana" , sans-serif" style="font-size: x-large;"><span style="font-size: x-largest;"><span style="color: #6aa84f;"><span style="color: #3d85c6;">Going Deeper on Things</span></span></span></span></a></div>
</div>
</div>
</div>
</div><p>
<br />
<b>Latest Posts:</b><span style="font-size: large;"> </span>
<br />
</p><p><a href="https://www.youtube.com/channel/UCUakEC-DtzQt3freWLLaOUw" target="_blank">Every Admin needs to Code! Start Learning Python Today. Everyday!</a><br />
</p><p><br />
<span face=""verdana" , sans-serif" style="font-size: x-large;"><span style="font-size: x-largest;"><span style="color: #6aa84f;">Cisco Basics (CCNA level) Lessons:</span></span></span><br />
<br />
<span face=""verdana" , sans-serif"><span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-1-make-yourself-at-home.html">01 - Connecting to Cisco Console Port with MINICOM</a></span></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-2-navigating-in-cisco-ios.html"><span face=""verdana" , sans-serif">02 - Navigating in Cisco IOS</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-3-initial-configuration-of-cisco.html"><span face=""verdana" , sans-serif">03 - Initial Configuration of Cisco Switch and Router</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-4-introduction-to-tcpip-layers.html"><span face=""verdana" , sans-serif">04 - Introduction to TCP/IP Layers</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-5-encapsulation-and-de.html"><span face=""verdana" , sans-serif">05 - Encapsulation and De-enapsulation Process</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-6-example-of-tcpip-traffic-flow.html"><span face=""verdana" , sans-serif">06 - Example of TCP/IP Traffic Flow</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-7-building-home-network.html"><span face=""verdana" , sans-serif">07 - Building a Home Network</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-8-ehternet-and-hub-operations.html"><span face=""verdana" , sans-serif">08 - Ethernet and Hub Operations</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/08/lesson-9-bridgingswitching-learning.html"><span face=""verdana" , sans-serif">09 - Bridging/Switching Learning Process </span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/09/lesson-10-cisco-discovery-protocol.html"><span face=""verdana" , sans-serif">10 - Cisco Discovery Protocol </span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/09/lesson-11-simple-layer-2-connectivity.html"><span face=""verdana" , sans-serif">11 - Layer 2 Connectivity Troubleshooting Part 1</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/09/lesson-12-layer-2-connectivity.html"><span face=""verdana" , sans-serif">12 - Layer 2 Connectivity Troubleshooting Part 2</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/09/lesson-13-layer-2-connectivity.html"><span face=""verdana" , sans-serif">13 - Layer 2 Connectivity Troubleshooting Part 3</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/09/lesson-14-ntp-and-syslog-services.html"><span face=""verdana" , sans-serif">14 - NTP and Syslog Services</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/09/lesson-15-vlans-overview.html"><span face=""verdana" , sans-serif">15 - VLANs Overview</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/10/lesson-16-vlans-in-practice.html"><span face=""verdana" , sans-serif">16 - VLANs In Practice</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/10/lesson-17-inter-vlan-traffic-flow.html"><span face=""verdana" , sans-serif">17 - Inter VLAN Traffic Flow Analysis</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/10/lesson-18-vtp-and-vlan-quiz.html"><span face=""verdana" , sans-serif">18 - VTP and VLAN Quiz</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/10/lesson-19-spanning-tree-protocol.html"><span face=""verdana" , sans-serif">19 - Spanning-Tree Protocol Overview</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/10/lesson-20-spanning-tree-protocol.html"><span face=""verdana" , sans-serif">20 - Spanning-Tree Protocol Operation</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/10/lesson-21-spanning-tree-protocol-in.html"><span face=""verdana" , sans-serif">21 - Spanning-Tree Protocol in Practice</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/10/lesson-22-spanning-tree-cisco.html"><span face=""verdana" , sans-serif">22 - Spanning-Tree Cisco Enhancements</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-23-introduction-to-rapid-stp.html"><span face=""verdana" , sans-serif">23 - Introduction to Rapid STP (802.1w)</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-24-layer-2-etherchannel.html"><span face=""verdana" , sans-serif">24 - Layer 2 Etherchannel</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-25-switch-port-security.html"><span face=""verdana" , sans-serif">25 - Switch Port Security</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-26-binary-world.html"><span face=""verdana" , sans-serif">26 - Binary World</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-27-ip-address-subnets-all-that.html"><span face=""verdana" , sans-serif">27 - IPv4 Address Dissected - Part 1</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-28-ipv4-address-dissected-part-2.html"><span face=""verdana" , sans-serif">28 - IPv4 Address Dissected - Part 2</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-29-ipv4-subnetting-rules.html"><span face=""verdana" , sans-serif">29 - IPv4 Subnetting - The Rules</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-30-ipv4-subnetting-practice.html"><span face=""verdana" , sans-serif">30 - IPv4 Subnetting - Practice</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/11/lesson-31-what-is-router.html"><span face=""verdana" , sans-serif">31 - What is a Router?</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/12/lesson-32-route-selection-process.html"><span face=""verdana" , sans-serif">32 - Route Selection Process Demistified</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/12/lesson-33-static-routing.html"><span face=""verdana" , sans-serif">33 - Static Routing</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/12/lesson-34-dynamic-routing-protocols.html"><span face=""verdana" , sans-serif">34 - Dynamic Routing Protocols Introduction</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2010/12/lesson-35-routing-information-protocols.html"><span face=""verdana" , sans-serif">35 - Routing Information Protocol Part 1</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/01/lesson-36-routing-information-protocol.html"><span face=""verdana" , sans-serif">36 - Routing Information Protocol Part 2</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/01/lesson-37-routing-information-protocol.html"><span face=""verdana" , sans-serif">37 - Routing Information Protocol Part 3</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/01/lesson-38-ospf-fundamentals-part1.html"><span face=""verdana" , sans-serif">38 - OSPF Fundamentals Part 1 - Terminology </span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/02/lesson-39-ospf-fundamentals-part2-hello.html"><span face=""verdana" , sans-serif">39 - OSPF Fundamentals Part 2 - Hello Packets</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/02/lesson-40-ospf-fundamentals-part3.html"><span face=""verdana" , sans-serif">40 - OSPF Fundamentals Part 3 - RouterID and DR/BDR</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/02/lesson-41-ospf-fundamentals-part-4.html"><span face=""verdana" , sans-serif">41 - OSPF Fundamentals Part 4 - Implementation</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/02/lesson-42-ospf-fundamentals-part-5-lab.html"><span face=""verdana" , sans-serif">42 - OSPF Fundamentals Part 5 - The Lab</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/02/lesson-43-eigrp-fundamentals-part-1.html"><span face=""verdana" , sans-serif">43 - EIGRP Fundamentals Part 1 - Overview</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/03/lesson-44-eigrp-fundamentals-part-2.html"><span face=""verdana" , sans-serif">44 - EIGRP Fundamentals Part 2 - Implementation</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/03/lesson-45-eigrp-fundamentals-part-3-lab.html"><span face=""verdana" , sans-serif">45 - EIGRP Fundamentals Part 3 - The Lab</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/03/lesson-46-eigrp-fundamentals-part-4.html"><span face=""verdana" , sans-serif">46 - EIGRP Fundamentals Part 4 - Troubleshooting</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/03/lesson-47-packet-filtering-with.html"><span face=""verdana" , sans-serif">47 - Packet Filtering with Standard ACL</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/03/lesson-48-standard-acl-examples.html"><span face=""verdana" , sans-serif">48 - Standard ACL Examples</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/03/lesson-49-packet-filtering-with.html"><span face=""verdana" , sans-serif">49 - Packet Filtering with Extended ACLs</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/04/lesson-50-extended-acl-examples.html"><span face=""verdana" , sans-serif">50 - Extended ACL Examples</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/04/lesson-51-network-address-translation.html"><span face=""verdana" , sans-serif">51 - Network Address Translation Part 1 - Terminology</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/05/lesson-52-network-address-translation.html"><span face=""verdana" , sans-serif">52 - Network Address Translation Part 2 - Principles of Operation</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/05/lesson-53-network-address-translation.html"><span face=""verdana" , sans-serif">53 - Network Address Translation Part 3 - Overloading Addresses</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/05/lesson-54-network-address-translation.html"><span face=""verdana" , sans-serif">54 - Network Address Translation Part 4 - Configuration Examples</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/05/lesson-55-introduction-to-ipv6-part-1.html"><span face=""verdana" , sans-serif">55 - Introduction to IPv6 Part 1 - Addresses</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/05/lesson-56-introduction-to-ipv6-address.html"><span face=""verdana" , sans-serif">56 - Introduction to IPv6 Part 2 - Address Structure</span></a></span><br />
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/05/lesson-57-introduction-to-ipv6-address.html"><span face=""verdana" , sans-serif">57 - Introduction to IPv6 Part 3 - Address Configuration</span></a></span><br />
<span face=""verdana" , sans-serif"><span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.com/2011/06/lesson-58-introduction-to-ipv6.html">58 - Introduction to IPv6 Part 4 - Migration</a> </span></span><br />
<span face=""verdana" , sans-serif"><span face=""verdana" , sans-serif"><br />
</span></span><br />
</p><div style="text-align: center;">
<div style="text-align: left;">
<span face=""verdana" , sans-serif"><a href="http://ciscoiseasy.blogspot.ie/2014/07/iou-forbidden-fruit.html"><span face=""verdana" , sans-serif">IOU Forbidden Fruit</span></a></span></div>
</div>
<span face=""verdana" , sans-serif">How to install and Use IOS on Linux.</span><br />
<div style="text-align: left;">
<br /></div>
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; margin: 0px;">
<hr color="grey" />
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; margin: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; margin: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; margin: 0px;">
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; margin: 0px;">
<span face=""verdana" , sans-serif"><b style="color: red;"><span face=""verdana" , sans-serif" style="font-size: xx-small;">Disclaimer!</span></b></span><br />
<span face=""verdana" , sans-serif"><span face=""verdana" , sans-serif" style="font-size: xx-small;">This
is a personal weblog. The opinions expressed here represent my own and
not those of my employer. Also <span style="font-size: xx-small;">the</span>
stupidity is mine and mine alone. Some post content might be rude,
offensive or borderline obnoxious (anything marked with label 'Ranting'
is not suitable for people under 18 years old). Since, I try
to have an open mind you can expect that my opinions may and probably
will change in time. You may
leave some comments but I reserve the right to ignore them completely. </span></span><br />
<span face=""verdana" , sans-serif"><span face=""verdana" , sans-serif"><br />
</span></span><br />
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px; margin: 0px;">
<span face=""verdana" , sans-serif"><span face=""verdana" , sans-serif" style="font-size: xx-small;">The
technical content of this blog is a product of
weekend/sleepless-and-or-hotel night/after-work technical struggle.
Despite all efforts, it may be inaccurate and reflects the author's
knowledge as of the time of writing the posts. The
author of the posts will not assume any liability or responsibility to
any person or entity with respect to loss or damages incurred from
information contained in this blog. Any resemblance to some other
training materials and/or CCNA/CCNP/CCIE exams is completely coincidental.</span></span></div>
</div>
</div>
</div>
</div>
</div>
<br />
<br />
<hr color="grey" />
Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-8245735111577809512020-10-20T10:35:00.002+01:002020-10-22T07:49:08.334+01:00Cisco-Next-Step<div style="text-align: center;">
<span style="font-size: x-large;"><a href="https://ciscoiseasy.blogspot.com/">Home</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/networking-next-step.html">Next Step</a> | Cisco | <a href="https://ciscoiseasy.blogspot.com/2020/07/linux-next-step.html">Linux</a></span></div>
<div>
<br /></div>
<hr />
<br />
<div>
<span style="font-size: large;">Getting deeper into routing and switching.</span></div><div><span style="font-size: large;"> </span></div><div><span style="font-size: large;"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUmOcPEG-QpejQUlU6pErQGI2x14JR1YYX-bmDqxPh23V4ZzhePz32ae9YYDUHC0JME-n_JZwWpXCb08CSAwYVaJVWzc06HUioWdN6rWKkGHFiejddbxgjvsJPnSeAROhDNPnMhnhsBEY/s1820/next-step-topology-addressing.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1280" data-original-width="1820" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUmOcPEG-QpejQUlU6pErQGI2x14JR1YYX-bmDqxPh23V4ZzhePz32ae9YYDUHC0JME-n_JZwWpXCb08CSAwYVaJVWzc06HUioWdN6rWKkGHFiejddbxgjvsJPnSeAROhDNPnMhnhsBEY/w400-h281/next-step-topology-addressing.png" width="400" /></a></div><br /> </span></div>
<div>
<span style="font-size: large;"><br /></span></div>
<div>
<span style="color: #3367d6;"><span style="font-size: x-large;"><b>BGP Routing Protocol Observations</b></span></span></div>
<div>
<span style="font-size: large;"><br /></span></div>
<div>
<span style="font-size: large;"><a href="https://ciscoiseasy.blogspot.com/2020/07/building-ibgp-peering.html">01. Building iBGP Peering</a></span><br />
<span style="font-size: large;"><a href="https://ciscoiseasy.blogspot.com/2020/07/ibgp-neighbor-address.html">02. iBGP Neighbor Address</a></span><br />
<span style="font-size: large;"><a href="https://ciscoiseasy.blogspot.com/2020/07/building-ebgp-peering.html">03. Building eBGP Peering</a></span><br />
<span style="font-size: large;"><a href="https://ciscoiseasy.blogspot.com/2020/08/bgp-network-statement.html">04. BGP Network Statement</a> </span><br />
<span style="font-size: large;"><a href="https://ciscoiseasy.blogspot.com/2020/08/bgp-next-hop-attribute.html">05. BGP Next-Hop Attribute</a></span></div><div><span style="font-size: large;"><a href="https://ciscoiseasy.blogspot.com/2020/10/bgp-upate-source.html">06. BGP Update Source</a> </span></div><div><span style="font-size: large;"><a href="https://ciscoiseasy.blogspot.com/2020/10/ibgp-route-reflector.html">07. iBGP Route Reflector</a> </span></div><div><span style="font-size: large;">08. eBGP Multi Hop </span> <br /></div>Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-75437839581155162882020-10-20T10:33:00.000+01:002020-10-20T10:33:38.034+01:00iBGP Route Reflector<p> </p><div style="text-align: center;">
<span style="font-size: x-large;"><a href="https://ciscoiseasy.blogspot.com/2020/10/bgp-upate-source.html">Previous</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/cisco-next-step.html">Cisco</a> | Next</span></div>
<div>
<br /></div>
<hr /><p>
<span style="font-size: large;"> </span></p><p><span style="font-size: large;">So far, building our BGP network I have accomplished the following:</span></p><ul style="text-align: left;"><li><span style="font-size: large;">Created eBGP peering between R2 (AS65100) and R8 (AS65089).</span></li><li><span style="font-size: large;">Created iBGP peering between R2 and R4 using their respective Loopback0 interfaces to form a BGP session. </span><br />
</li></ul><div class="separator" style="clear: both; text-align: center;">
</div><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmEwolDvuZh6x_D0JvEewJxTgzgKHD4RUGvwnsaJUYGlMua-0fyLt4TQiSYGq-OoLSyde_ZtfEY3QbAIKWvzdVJZxDLgi55GI8l1wIf3ok2Y2qwIvzKvjMMKJ7aKolQKl0ezttuRoUhUE/s1820/route-reflector1.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1280" data-original-width="1820" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmEwolDvuZh6x_D0JvEewJxTgzgKHD4RUGvwnsaJUYGlMua-0fyLt4TQiSYGq-OoLSyde_ZtfEY3QbAIKWvzdVJZxDLgi55GI8l1wIf3ok2Y2qwIvzKvjMMKJ7aKolQKl0ezttuRoUhUE/w400-h281/route-reflector1.png" width="400" /></a></div><span style="font-size: large;">Now, let's fix the problem of BGP prefixes advertisement between R1 and R4 over iBGP.</span><p></p><p><span style="font-size: large;">Here's the BGP table on R1:</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#<span style="color: #2b00fe;">show ip bgp</span>
BGP table version is 13, local router ID is 10.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 10.1.1.1/32 0.0.0.0 0 32768 i
*>i 10.2.2.2/32 172.16.123.2 0 100 0 i
*>i 10.8.0.0/28 172.16.123.2 0 100 0 65089 i
*>i 10.8.0.16/28 172.16.123.2 0 100 0 65089 i
*>i 10.8.0.32/28 172.16.123.2 0 100 0 65089 i
*>i 10.8.0.48/28 172.16.123.2 0 100 0 65089 i
*>i 10.8.8.8/32 172.16.123.2 0 100 0 65089 i
*>i 10.8.80.0/24 172.16.123.2 0 100 0 65089 i
*>i 10.8.81.0/24 172.16.123.2 0 100 0 65089 i
*>i 10.8.82.0/24 172.16.123.2 0 100 0 65089 i
*>i 10.8.83.0/24 172.16.123.2 0 100 0 65089 i
*>i 198.51.100.0 172.16.123.2 0 100 0 65089 i
R1#
</pre>
</div>
<br />
<p>
</p><p><span style="font-size: large;">Clearly, all is good here. R1 has 172.16.123.2 as its next hop IP towards the destination (next-hop-self command on R2). It receives all the prefixes that R2 is getting over eBGP from R8.</span></p><p><span style="font-size: large;">But what does the BGP table look like on R4 that is peering with R1?</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4#show ip bgp
BGP table version is 2, local router ID is 10.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
r>i 10.1.1.1/32 10.1.1.1 0 100 0 i
R4#
</pre>
</div>
<br />
<p><span style="font-size: large;">There are no BGP routes we expect to see. There is only 10.1.1.1 (R1's Loopback0). Since we are getting it via EIGRP as well, the lower AD of EIGRP will make this entry 'rib-failure' in BGP. The BGP protocol will not be used on R4 to install this one. R2 will rather rely on EIGRP as a better source of routing information.<br /></span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4#<span style="color: #2b00fe;">show ip bgp rib-failure</span>
Network Next Hop RIB-failure RIB-NH Matches
10.1.1.1/32 10.1.1.1 <span style="background-color: #fcff01;">Higher admin distance</span> n/a
R4#
R4#<span style="color: #2b00fe;">show ip route 10.1.1.1</span>
Routing entry for 10.1.1.1/32
<span style="background-color: #fcff01;">Known via "eigrp 10"</span>, distance 90, metric 409600, type internal
Redistributing via eigrp 10
Last update from 172.16.14.1 on Ethernet0/0.14, 01:07:02 ago
Routing Descriptor Blocks:
* 172.16.104.1, from 172.16.104.1, 01:07:02 ago, via Ethernet0/1
Route metric is 409600, traffic share count is 1
Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
172.16.14.1, from 172.16.14.1, 01:07:02 ago, via Ethernet0/0.14
Route metric is 409600, traffic share count is 1
Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
R4#
</pre>
</div>
<br />
<p><span style="font-size: large;">That, we already know.</span></p><p><span style="font-size: large;">Is R1 even trying to advertising prefixes learned from R2 towards R1?</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#<span style="color: #2b00fe;">show ip bgp neighbor 10.4.4.4 advertised-routes</span>
BGP table version is 13, local router ID is 10.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 10.1.1.1/32 0.0.0.0 0 32768 i
</pre>
</div>
<br />
<p><span style="font-size: large;">It does not advertise them at all. But why?<br /></span></p><p><span style="font-size: large;">In order to avoid internal routing loops, BGP uses its own '<span style="color: #2b00fe;"><b>bgp split-horizon</b></span>' rule. It stipulates that prefixes learned via iBGP, CANNOT be advertised over an iBGP session.</span></p><p><span style="font-size: large;">There are a number of ways around that.</span></p><ul style="text-align: left;"><li><span style="font-size: large;">Use BGP Route-Reflectors (explained in this post).</span></li><li><span style="font-size: large;">Use iBGP full-mesh connectivity. This one may be hard to implement with a lot of routers as it falls under n(n-1)/2 formula, where 'n' is the number of routers involved.</span></li><li><span style="font-size: large;">Use BGP Confederations.</span></li></ul><p><span style="font-size: large;">I will tackle the last two options in later posts, but for now in order to enable connectivity between R4 and AS 65089, I will use Route-Reflector. </span></p><p><span style="font-size: large;">In the simplest scenario, BGP Route-Reflector is a router that has iBGP sessions established to all other neighbors that need the prefixes. It will a 'sort of' break the rule of split-horizon and forward the prefixes to other neighbors based on the admin's configuration.<br /></span></p><p><span style="font-size: large;">Simply put, Route-Reflector is the central router that can advertise BGP prefixes to all other routers.</span></p><p><span style="font-size: large;">Route-Reflector can have three types of neighbors:</span></p><ul style="text-align: left;"><li><span style="font-size: large;">eBGP Peer</span></li><li><span style="font-size: large;">Client Peer</span></li><li><span style="font-size: large;">Non-client Peer <br /></span></li></ul><p><span style="font-size: large;">Given that, RR (route-reflector) will follow a few rules:</span></p><p><span style="font-size: large;"> </span></p><p><span style="font-size: large;">Routes learned <span style="background-color: #fcff01;">from eBGP</span> neighbors will be forwarded <span style="background-color: #fcff01;">to ALL</span> peers (eBGP, client, non-client).</span></p><p><span style="font-size: large;">Routes learned from client peers will be forwarded <span style="background-color: #fcff01;">to All</span> peers (eBGP, client, non-client).</span></p><p><span style="font-size: large;">Routes learned <span style="background-color: #fcff01;">from non-client</span> peers, will be forwarded <span style="background-color: #fcff01;">to eBGP and clients</span>.<br /></span></p><p><span style="font-size: large;"></span></p><p><span style="font-size: large;"><br /></span></p><p><span style="font-size: large;">Take a look at the above topology. R1 has currently an iBGP connectivity with R2 and R4. In a moment I will add R5 to the mix (blue arrows indicate iBGP sessions). It is a candidate to become a Route-Reflector.<br /></span></p><p><span style="font-size: large;">I am going to start with advertising Loopback0 from R4, so that AS 65089 is receiving.</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4#show run | s router bgp
router bgp 65100
bgp log-neighbor-changes
<span style="background-color: #fcff01;">network 10.4.4.4 mask 255.255.255.255</span>
neighbor 10.1.1.1 remote-as 65100
neighbor 10.1.1.1 update-source Loopback0
R4#
</pre>
</div><p>
<br />
<span style="font-size: large;">The BGP table on R4 looks like this:</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4#show ip bgp | begin Network
Network Next Hop Metric LocPrf Weight Path
r>i 10.1.1.1/32 10.1.1.1 0 100 0 i
*> 10.4.4.4/32 0.0.0.0 0 32768 i
R4#
</pre>
</div>
<br />
<p><span style="font-size: large;">I am ready to advertise (reflect) routes learned from AS 65089 towards R4. The R1 router will become a route reflector with R4 (and later R5) as its client.</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#show run | section router bgp
router bgp 65100
bgp log-neighbor-changes
network 10.1.1.1 mask 255.255.255.255
neighbor 10.4.4.4 remote-as 65100
neighbor 10.4.4.4 update-source Loopback0
<span style="background-color: #fcff01;">neighbor 10.4.4.4 route-reflector-client</span>
neighbor 172.16.123.2 remote-as 65100
R1#
</pre>
</div>
<br />
<p><span style="font-size: large;">BGP session between R1 and R4 has been re-established upon this change. What are the results then?</span></p><p><span style="font-size: large;">Since the output of 'show ip bgp neighbor 10.4.4.4' is rather large, I will check it this way:</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#<span style="color: #2b00fe;">show ip bgp neighbors 10.4.4.4 | include Route-Reflector</span>
<span style="background-color: #fcff01;">Route-Reflector Client</span>
R1#
</pre>
</div>
<br />
<p><span style="font-size: large;">R4 is now a route-reflector client.</span></p><p><span style="font-size: large;">So, can R4 see all the prefixes previously missing?</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4#<span style="color: #2b00fe;">show ip bgp | begin Network</span>
Network Next Hop Metric LocPrf Weight Path
r>i 10.1.1.1/32 10.1.1.1 0 100 0 i
*>i 10.2.2.2/32 172.16.123.2 0 100 0 i
*> 10.4.4.4/32 0.0.0.0 0 32768 i
*>i 10.8.0.0/28 172.16.123.2 0 100 0 65089 i
*>i 10.8.0.16/28 172.16.123.2 0 100 0 65089 i
*>i 10.8.0.32/28 172.16.123.2 0 100 0 65089 i
*>i 10.8.0.48/28 172.16.123.2 0 100 0 65089 i
*>i 10.8.8.8/32 172.16.123.2 0 100 0 65089 i
*>i 10.8.80.0/24 172.16.123.2 0 100 0 65089 i
*>i 10.8.81.0/24 172.16.123.2 0 100 0 65089 i
*>i 10.8.82.0/24 172.16.123.2 0 100 0 65089 i
*>i 10.8.83.0/24 172.16.123.2 0 100 0 65089 i
*>i 198.51.100.0 172.16.123.2 0 100 0 65089 i
R4#
</pre>
</div><span style="font-size: large;">It worked.</span><p><span style="font-size: large;">Now onto the iBGP session between R1 and R5. This time I will ensure that R5 is a route-reflector client.</span></p><p><span style="font-size: large;">Let's start with removing 'passive-interface' command on R1 in order to establish EIGRP adjacency:</span></p><p><span style="font-size: large;">Configuration on R1:</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">router eigrp 10
network 10.1.1.1 0.0.0.0
network 172.16.0.0
<span style="background-color: #fcff01;">passive-interface Ethernet0/0.15</span>
eigrp router-id 10.1.1.1
</pre>
</div><p>
</p><p><br />
</p><p><span style="font-size: large;">Removing the command is simple:</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#<span style="color: #2b00fe;">router eigrp 10</span>
R1(config-router)#<span style="color: #2b00fe;">no passive-interface ethernet0/0.15</span>
R1(config-router)#
R1(config-router)#
R1(config-router)#<span style="color: #2b00fe;">do show ip eigrp interfaces</span>
EIGRP-IPv4 Interfaces for AS(10)
Xmit Queue PeerQ Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable Un/Reliable SRTT Un/Reliable Flow Timer Routes
Lo0 0 0/0 0/0 0 0/0 0 0
Et0/0.14 1 0/0 0/0 4 0/2 50 0
Et0/0.123 1 0/0 0/0 5 0/2 50 0
Et0/1 1 0/0 0/0 6 0/2 50 0
Et0/0.15 0 0/0 0/0 0 0/0 0 0
</pre>
</div>
<br />
<p><span style="font-size: large;">In the above output it is clear that R1 will start sending 'hello' packets over its Ethernet0/0.15 interface.</span></p><p><span style="font-size: large;">Now, onto the R1 BGP configuration: <br /></span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#<span style="color: #2b00fe;">show run | s router bgp</span>
router bgp 65100
bgp log-neighbor-changes
network 10.1.1.1 mask 255.255.255.255
neighbor 10.4.4.4 remote-as 65100
neighbor 10.4.4.4 update-source Loopback0
neighbor 10.4.4.4 route-reflector-client
<span style="background-color: #fcff01;">neighbor 172.16.15.5 remote-as 65100</span>
<span style="background-color: #fcff01;">neighbor 172.16.15.5 route-reflector-client</span>
neighbor 172.16.123.2 remote-as 65100
R1#
</pre>
</div>
<br />
<p><span style="font-size: large;">Obviously, R5 needs a respective eigrp and BGP configuration.</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R5#<span style="color: #2b00fe;">show run | section router eigr</span>p<br />router eigrp 10<br /> network 172.16.0.0<br />R5#<br /><br />R5#<span style="color: #2b00fe;">show run | section router bgp</span>
router bgp 65100
bgp log-neighbor-changes
network 10.5.5.5 mask 255.255.255.255
neighbor 172.16.15.1 remote-as 65100
R5#
</pre>
</div>
<br />
<p><span style="font-size: large;">When RR receives a route over iBGP session, it tags it internally to know that it comes from a client. This way it know which neighbors the prefix should be forwarded to.</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#<span style="color: #2b00fe;">show ip bgp 10.5.5.5</span>
BGP routing table entry for 10.5.5.5/32, version 17
Paths: (1 available, best #1, table default)
Advertised to update-groups:
1 2
Refresh Epoch 1
Local, <span style="background-color: #fcff01;">(Received from a RR-client)</span>
172.16.15.5 from 172.16.15.5 (10.5.5.5)
Origin IGP, metric 0, localpref 100, valid, internal, best
R1#
</pre>
</div>
<br />
<p><span style="font-size: large;">Apart from that, when RR is advertising prefixes it will include two extra attributes (more on those in later posts).</span></p><ul style="text-align: left;"><li><span style="font-size: large;">Originator ID</span></li><li><span style="font-size: large;">Cluster List</span></li></ul><p><span style="font-size: large;">They will ensure a loop free topology.</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R2#<span style="color: #2b00fe;">show ip bgp 10.5.5.5</span>
BGP routing table entry for 10.5.5.5/32, version 15
Paths: (1 available, best #1, table default)
Advertised to update-groups:
1
Refresh Epoch 2
Local
172.16.15.5 (metric 307200) from 172.16.123.1 (10.1.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
<span style="background-color: #fcff01;">Originator: 10.5.5.5, Cluster list: 10.1.1.1</span>
R2#
</pre>
</div>
<br />
<p><span style="font-size: large;">A final connectivity test between the two Autonomous Systems.</span></p><p><span style="font-size: large;">Ping from R4 to R8:<br /></span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4#<span style="color: #2b00fe;">ping 10.8.8.8 source loopback0</span>
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 10.4.4.4
<span style="background-color: #fcff01;">!!!!!</span>
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
R4#
</pre>
</div>
<br />
<p><span style="font-size: large;">And ping test from R5.</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R5#ping 10.8.8.8 source loopback0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 10.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
R5#
</pre>
</div>
<br />
<div><p><span style="font-size: large;">Onto the next one :) </span></p><p><span style="font-size: large;"><br /></span></p></div>Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-48880960023990089982020-10-19T12:02:00.003+01:002020-10-20T10:36:06.730+01:00BGP Upate Source<p> </p><div style="text-align: center;">
<span style="font-size: x-large;"><a href="https://ciscoiseasy.blogspot.com/2020/08/bgp-next-hop-attribute.html">Previous</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/cisco-next-step.html">Cisco</a> | <a href="https://ciscoiseasy.blogspot.com/2020/10/ibgp-route-reflector.html">Next</a></span></div>
<div>
<br /></div>
<hr />
<br />
<span style="font-size: large;">BGP protocol uses TCP for transportation. We have already observed that BGP server must approve IP address of the client packet. We use 'neighbor ip-address' command to accomplish that.</span><br />
<span style="font-size: large;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUmOcPEG-QpejQUlU6pErQGI2x14JR1YYX-bmDqxPh23V4ZzhePz32ae9YYDUHC0JME-n_JZwWpXCb08CSAwYVaJVWzc06HUioWdN6rWKkGHFiejddbxgjvsJPnSeAROhDNPnMhnhsBEY/s1600/next-step-topology-addressing.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1126" data-original-width="1600" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUmOcPEG-QpejQUlU6pErQGI2x14JR1YYX-bmDqxPh23V4ZzhePz32ae9YYDUHC0JME-n_JZwWpXCb08CSAwYVaJVWzc06HUioWdN6rWKkGHFiejddbxgjvsJPnSeAROhDNPnMhnhsBEY/s400/next-step-topology-addressing.png" width="400" /></a></div><p>
<span style="font-size: large;">The IP address of the SYN packet from the client will be the address of the outgoing (Egress) interface according to the routing table. Let's see that in the example.</span></p><p><span style="font-size: large;">From the <a href="https://ciscoiseasy.blogspot.com/2020/08/bgp-next-hop-attribute.html">previous lab</a> we got R2 to peer with R8 and R1 using eBGP. Also R2 has R1 as it BGP neighbor using iBGP connections (they are both in the same AS 65100).</span><br />
</p><div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R2#<span style="color: #2b00fe;">show ip bgp summary</span>
BGP router identifier 10.2.2.2, <span style="background-color: #fcff01;">local AS number 65100</span>
BGP table version is 13, main routing table version 13
12 network entries using 1776 bytes of memory
12 path entries using 768 bytes of memory
3/3 BGP path/bestpath attribute entries using 408 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2976 total bytes of memory
BGP activity 12/0 prefixes, 12/0 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.16.28.8 4 <span style="background-color: #fcff01;">65089</span> 26 26 13 0 0 00:20:11 10
172.16.123.1 4 <span style="background-color: #fcff01;">65100</span> 25 26 13 0 0 00:19:33 1
R2#
</pre>
</div>
<p><span style="font-size: large;">Also, in the <a href="https://ciscoiseasy.blogspot.com/2020/08/bgp-next-hop-attribute.html">previous lab</a> we learned that eBGP learned prefixes are propagated to other iBGP Peers. R2 learn prefixes from R8 are going to be passed onto R1 (iBGP peer) unchanged. Since R1 does not know how to reach 172.16.28.8 (next-hop for the prefixes advertised to R2 from R8), it would not install them into the routing table as the next hop is unreachable).</span></p><p><span style="font-size: large;">To alleviate this, we have explored a bunch of methods (check previous lab) and in this configuration I have left the 'next-hop-self' to rectify that). The config of R2 looks like so:</span> <br />
</p><div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R2#<span style="color: #2b00fe;">show run | section router bgp</span>
router bgp 65100
bgp log-neighbor-changes
network 10.2.2.2 mask 255.255.255.255
neighbor 172.16.28.8 remote-as 65089
neighbor 172.16.123.1 remote-as 65100
neighbor 172.16.123.1 next-hop-self
R2#
</pre>
</div>
<p><span style="font-size: large;">Now, let's consider another iBGP peering between R1 and R4. </span></p><p><span style="font-size: large;">There are two directly connected paths between R1 and R4. R1 can use the subnet 172.16.14.0/24 or 172.16.104.0/24 to reach R4.</span></p><p><span style="font-size: large;">In order to facilitate what comes next, let's create a EIGRP AS 10 process in our BGP AS 65100. This will involve EIGRP configuration on R1, R2, and R4 like so:</span><br />
</p><div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#<span style="color: #2b00fe;">show run | section router eigrp</span>
router eigrp 10
network 172.16.0.0<br /> passive-interface Ethernet0/0.15
eigrp router-id 10.1.1.1
R1#
</pre>
</div><p>
<span style="font-size: large;">I have chosen to use one network command rather than ip addresses with network wildcard mask. The implication of that approach is that eigrp 'hello' packets will be sent out of all interfaces with IP address 172.16.x.y. I intend to build eigrp adjacency with R2 and R4. For the moment, I do not want to establish eigrp adjacency with R5 though. In order to stop sending 'hello' packets to R5, I am making Eth0/0/15 a 'passive-interface' in eigrp.<br /></span></p><p><span style="font-size: large;">The interfaces that participate in eigrp are as follows:</span><br />
</p><div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#<span style="color: #2b00fe;">show ip eigrp interfaces</span>
EIGRP-IPv4 Interfaces for AS(10)
Xmit Queue PeerQ Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable Un/Reliable SRTT Un/Reliable Flow Timer Routes
Et0/0.14 0 0/0 0/0 0 0/0 0 0
Et0/0.123 0 0/0 0/0 0 0/0 0 0
Et0/1 0 0/0 0/0 0 0/0 0 0
R1#</pre>
</div><p> <span style="font-size: large;"> </span></p><p><span style="font-size: large;">Let's complete the EIGRP configuration on R2.</span><br />
</p><div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R2#show run | section router eigrp
router eigrp 10
network 172.16.0.0
eigrp router-id 10.2.2.2
R2#
</pre>
</div>
<br />
<p><span style="font-size: large;">And finally the EIGRP configuration on R4 node. This time, I would like to be more precise in terms of interfaces running EIGRP. I want only interfaces towards R1 to send/receive hellos. Here is the configuration:</span><br />
</p><div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4#<span style="color: #2b00fe;">show run | section router eigrp</span>
router eigrp 10
network 172.16.14.4 0.0.0.0
network 172.16.104.4 0.0.0.0
eigrp router-id 10.4.4.4
R4#
</pre>
</div>
<br />
<p><span style="font-size: large;">A quick verification on R1 to see if all the EIGRP neighbors are set up shows this:</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#show ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(10)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
2 172.16.104.4 Et0/1 12 00:03:09 1 100 0 8
1 172.16.14.4 Et0/0.14 14 00:03:21 10 100 0 7
0 172.16.123.2 Et0/0.123 14 00:06:35 8 100 0 3
R1#
</pre>
</div>
<br />
<p><span style="font-size: large;">All seems to be in order.<br /></span></p><p><span style="font-size: large;">Now, that basic EIGRP is fully functional, let's advertise Loopback0 interfaces into EIGRP on R1 and R4. <br /></span></p><p><span style="font-size: large;"></span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#<span style="color: #2b00fe;">show run | section router eigrp</span>
router eigrp 10
<span style="color: #2b00fe;"><span style="background-color: #fcff01;">network 10.1.1.1 0.0.0.0</span></span>
network 172.16.0.0
passive-interface Ethernet0/0.15
eigrp router-id 10.1.1.1
R1#
</pre>
</div><p>
</p><p><span style="font-size: large;">I will do the same on R4. Why I am doing this? You will see in a moment.</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4#<span style="color: #2b00fe;">show run | section router eigrp</span>
router eigrp 10
<span style="background-color: #fcff01;"><span style="color: #2b00fe;">network 10.4.4.4 0.0.0.0</span></span>
network 172.16.14.4 0.0.0.0
network 172.16.104.4 0.0.0.0
eigrp router-id 10.4.4.4
R4#
</pre>
</div>
<br />
<p><span style="font-size: large;">The reasons to advertise Loopback0 interfaces on both is to create two equal paths between them. Check this out:</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#<span style="color: #2b00fe;">show ip route 10.4.4.4</span>
Routing entry for 10.4.4.4/32
Known via "eigrp 10", distance 90, metric 409600, type internal
Redistributing via eigrp 10
Last update from 172.16.14.4 on Ethernet0/0.14, 00:02:36 ago
Routing Descriptor Blocks:
<span style="background-color: #fcff01;">* 172.16.104.4, from 172.16.104.4, 00:02:36 ago, via Ethernet0/1</span>
Route metric is 409600, traffic share count is 1
Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
<span style="background-color: #fcff01;">172.16.14.4, from 172.16.14.4, 00:02:36 ago, via Ethernet0/0.14</span>
Route metric is 409600, traffic share count is 1
Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
R1#
</pre>
</div>
<br />
<p><span style="font-size: large;">In the same way, R4 has two paths to Loopback0 of R1 router. <br /></span></p><p><span style="font-size: large;">This is done for a reason. When I establish iBGP peering between R1 and R4, I am going to use Loopback0 interface to do so. This way, in case of any of the interfaces (Ethernet0/1 or Ethernet0/0.14) failure, the iBGP session will remain intact using the alternate route that is still working between those two Loopback0 interfaces.<br /></span></p><p><span style="font-size: large;">Here's is the BGP configuration on R1 towards R4.</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#<span style="color: #2b00fe;">show run | section router bgp</span>
router bgp 65100
bgp log-neighbor-changes
network 10.1.1.1 mask 255.255.255.255
<span style="background-color: #fcff01;"><span style="color: #2b00fe;">neighbor 10.4.4.4 remote-as 65100</span></span>
<span style="background-color: #fcff01;"><span style="color: #2b00fe;">neighbor 10.4.4.4 update-source Loopback0</span></span>
neighbor 172.16.123.2 remote-as 65100
R1#
</pre>
</div>
<br />
<p><span style="font-size: large;">Notice, that R1 is going to try to establish TCP (and eventually iBGP) session with R2 using its source ip address 10.1.1.1 (its loopback0 interface). To see that happen, let's go extra mile and check this using debug.</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1(config)#<span style="color: #2b00fe;">access-list 100 permit ip any host 10.4.4.4</span>
R1(config)#<span style="color: #2b00fe;">end</span>
R1#<span style="color: #2b00fe;">debug ip packet detail 100</span>
IP packet debugging is on (detailed) for access list 100
R1#
FIBipv4-packet-proc: <span style="background-color: #fcff01;">route packet from (local) src 10.1.1.1</span> <span style="background-color: #04ff00;">dst 10.4.4.4</span>
FIBfwd-proc: Default:10.4.4.4/32 process level forwarding
FIBfwd-proc: depth 0 first_idx 1 paths 2 long 0(0)
FIBfwd-proc: try path 1 (of 2) v4-anh-172.16.104.4-Et0/1 first short ext 0(-1)
FIBfwd-proc: v4-anh-172.16.104.4-Et0/1 valid
FIBfwd-proc: ip_pak_table 0 ip_nh_table 65535 if Ethernet0/1 nh 172.16.104.4 deag 0 chg_if 0 via fib 0 path type attached nexthop
FIBfwd-proc: packet routed to Ethernet0/1 172.16.104.4(0)
FIBipv4-packet-proc: packet routing succeeded
FIBfwd-proc: ip_pak_table 0 ip_nh_table 65535 if Ethernet0/1 nh 172.16.104.4 uhp 1 deag 0 ttlexp 0
R1#
FIBfwd-proc: sending link IP ip_pak_table 0 ip_nh_table 65535 if Ethernet0/1 nh 172.16.104.4 uhp 1 deag 0 chgif 0 ttlexp 0 rec 0
IP: s=10.1.1.1 (local), d=10.4.4.4 (Ethernet0/1), len 44, sending
TCP src=62126, dst=179, seq=4214154337, ack=0, win=16384 SYN
<span style="background-color: #fcff01;">IP: s=10.1.1.1 (local)</span>, <span style="background-color: #04ff00;">d=10.4.4.4</span> (Ethernet0/1), len 44, sending full packet
<span style="color: #fcff01;">TCP src=62126</span>, <span style="color: #04ff00;">dst=179</span>, seq=4214154337, ack=0, win=16384 SYN
R1#<span style="color: #2b00fe;">u all</span>
All possible debugging has been turned off
R1#
</pre>
</div>
<br />
<p><span style="font-size: large;">If R4 is to accept this invitation, it must authorize the attempt sourced from 10.1.1.1.</span></p><p><span style="font-size: large;">The following configuration on R4 should do the trick.</span></p><p><span style="font-size: large;"></span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4#<span style="color: #2b00fe;">show run | section router bgp</span>
router bgp 65100
bgp log-neighbor-changes
<span style="background-color: #fcff01;"><span style="color: #2b00fe;">neighbor 10.1.1.1 remote-as 65100</span></span>
<span style="background-color: #fcff01;"><span style="color: #2b00fe;">neighbor 10.1.1.1 update-source Loopback0</span></span>
R4#
</pre>
</div>
<br />
<p><span style="font-size: large;">The iBGP session is now fully established. </span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#<span style="color: #2b00fe;">show ip bgp summary | begin Neighbor</span>
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
<span style="background-color: #fcff01;">10.4.4.4 4 65100 9 11 13 0 0 00:04:41 0</span>
172.16.123.2 4 65100 268 267 13 0 0 03:58:50 11
R1#
R4#<span style="color: #2b00fe;">show ip bgp summary | begin Neighbor</span>
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
<span style="background-color: #fcff01;">10.1.1.1 4 65100 9 7 2 0 0 00:03:04 1</span>
R4#
</pre>
</div>
<br />
<p><span style="font-size: large;">At this stage, there are two questions that might pop in your mind. </span></p><p><span style="font-size: large;">Why does R4 learn only 1 prefix? The answer to that question deserves another post.</span></p><p><span style="font-size: large;">The second question regards R1 advertising the 10.1.1.1/32 towards R2. Now, R1 uses both BGP and EIGRP, what will R2 accept into its routing table?<br /></span></p><p><span style="font-size: large;">Let's see what happened there:</span></p>
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R2#<span style="color: #2b00fe;">show ip bgp | i 10.1.1.1</span>
<span style="background-color: #fcff01;">r>i 10.1.1.1/32</span> 172.16.123.1 0 100 0 i
R2#
R2#
R2#
R2#show ip route 10.1.1.1
Routing entry for 10.1.1.1/32
<span style="background-color: #fcff01;">Known via "eigrp 10"</span>, distance <span style="background-color: #fcff01;">90</span>, metric 409600, type internal
Redistributing via eigrp 10
Last update from 172.16.123.1 on Ethernet0/0.123, 01:24:55 ago
Routing Descriptor Blocks:
* 172.16.123.1, from 172.16.123.1, 01:24:55 ago, via Ethernet0/0.123
Route metric is 409600, traffic share count is 1
Total delay is 6000 microseconds, minimum bandwidth is 10000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
R2#
</pre>
</div>
<br />
<p><span style="font-size: large;">The BGP table on R2 show this prefix. However it is marked with <span style="background-color: #fcff01;">r</span>> which stands for 'rib failure' ( routing information base failure). Instead, R2 installs that using EIGRP, But why is that?</span></p><p><span style="font-size: large;">Do you remember the Cisco 'Administrative Distance', arbitrarily set for different routing protocols?</span></p><p><span style="font-size: large;">iBGP AD = 200<br />EIGRP AD = 90</span></p><p><span style="font-size: large;">The lower the value of AD, the more likely it is for the router to install the prefix.</span></p><p><span style="font-size: large;">The EIGRP AD of () is lower than iBGP 200. Thus, EIGRP wins here.<br /></span></p>Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-17003370752442567432020-08-04T11:57:00.014+01:002020-10-19T12:05:29.720+01:00BGP Next Hop Attribute<div style="text-align: center;">
<span style="font-size: x-large;"><a href="https://ciscoiseasy.blogspot.com/2020/08/bgp-network-statement.html">Previous</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/cisco-next-step.html">Cisco</a> | <a href="https://ciscoiseasy.blogspot.com/2020/10/bgp-upate-source.html">Next</a></span></div>
<div>
<br /></div>
<hr />
<br />
<span style="font-size: large;">Let's see the behavior of next hop for advertised prefixes over eBGP.</span><br />
<span style="font-size: large;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUmOcPEG-QpejQUlU6pErQGI2x14JR1YYX-bmDqxPh23V4ZzhePz32ae9YYDUHC0JME-n_JZwWpXCb08CSAwYVaJVWzc06HUioWdN6rWKkGHFiejddbxgjvsJPnSeAROhDNPnMhnhsBEY/s1600/next-step-topology-addressing.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1126" data-original-width="1600" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUmOcPEG-QpejQUlU6pErQGI2x14JR1YYX-bmDqxPh23V4ZzhePz32ae9YYDUHC0JME-n_JZwWpXCb08CSAwYVaJVWzc06HUioWdN6rWKkGHFiejddbxgjvsJPnSeAROhDNPnMhnhsBEY/s400/next-step-topology-addressing.png" width="400" /></a></div>
<span style="font-size: large;">First, let's advertise Loopback0 on R2 so that R8 is receiving at least one prefix from R2.</span><br />
<span style="font-size: large;"><br /></span>
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R2(config)#router bgp 65100<br />R2(config-router)#neighbor 172.16.28.8 remote-as 65089
R2(config-router)#network 10.2.2.2 mask 255.255.255.255
R2(config-router)#end
R2#
</pre>
</div>
<br />
<span style="font-size: large;">R8 is receiving prefix 10.2.2.2/32:</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<span style="font-size: large;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXQzxXkrBJW3-1glTJ095pFc_dnVPBrEqaO36FnueaJbwQh-fW26Y61SeEVKprltqcCkNOMLQ0doi50Vqt8dgki0OOZt0R-tjPlIfsBx3Boee2yfzreVZ0TB1FH_jyrBQn7UA1KSiGOfY/s1600/R9-BGP-Pfx.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="441" data-original-width="875" height="201" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiXQzxXkrBJW3-1glTJ095pFc_dnVPBrEqaO36FnueaJbwQh-fW26Y61SeEVKprltqcCkNOMLQ0doi50Vqt8dgki0OOZt0R-tjPlIfsBx3Boee2yfzreVZ0TB1FH_jyrBQn7UA1KSiGOfY/s400/R9-BGP-Pfx.png" width="400" /></a></span></div><p>
<br />
<br />
<span style="font-size: large;">On R8 we can use another, fancy way to extract what prefixes are learned from a direct neighbor AS 65100 like so:</span></p><p><span style="font-size: large;">show ip bgp regex ^65100_ <br /></span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0VYJubviL0MDfY8DMJx3hRaNpjyOHTfkdafysxKhn8rX5r_gYScfHBq9B3JYU5MRxRuWKtZcYDpajC757MZXAQLZU71YP4jSrYDIo_BibBVrkLFqm3MKM361hPJ5q040R5KNjidtGdDM/s793/R8-Regex-Pfx.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="263" data-original-width="793" height="133" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0VYJubviL0MDfY8DMJx3hRaNpjyOHTfkdafysxKhn8rX5r_gYScfHBq9B3JYU5MRxRuWKtZcYDpajC757MZXAQLZU71YP4jSrYDIo_BibBVrkLFqm3MKM361hPJ5q040R5KNjidtGdDM/w400-h133/R8-Regex-Pfx.png" width="400" /></a></div><span style="font-size: large;"> </span><p></p><p><span style="font-size: large;">Now, on to configuring R1 and R2 iBGP peering.</span><br />
<br />
<span style="font-size: large;">R2 Configuration:</span><br />
<br />
</p><div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R2(config)#router bgp 65100
R2(config-router)#neighbor 172.16.123.1 remote-as 65100
R2(config-router)#end
R2#
</pre>
</div>
<br />
<span style="font-size: large;">R1 Configuration:</span><br />
<span style="font-size: large;"><br /></span>
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1(config)#router bgp 65100
R1(config-router)#bgp router-id 10.1.1.1
R1(config-router)#neighbor 172.16.123.2 remote-as 65100
R1(config-router)#network 10.1.1.1 mask 255.255.255.255
R1(config-router)#end
R1#
</pre>
</div>
<br />
<span style="font-size: large;">First let's take a peek at R8 BGP table.</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfs8aVZzB6w-Pi074Lu08f4PGpIIBx7LXSV2_VG0haa-EBhwdYifmvWbl6kKH1edfi36ar-miPEcZax1ATvJKuzb_fOFDV-1glGLZ-gv8N77QIp9EZDxH2w2SJmBB0TRPHp83pynsMzQ0/s1600/R8-BGP-pfx-from-AS65100.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="254" data-original-width="868" height="116" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfs8aVZzB6w-Pi074Lu08f4PGpIIBx7LXSV2_VG0haa-EBhwdYifmvWbl6kKH1edfi36ar-miPEcZax1ATvJKuzb_fOFDV-1glGLZ-gv8N77QIp9EZDxH2w2SJmBB0TRPHp83pynsMzQ0/s400/R8-BGP-pfx-from-AS65100.png" width="400" /></a></div>
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">All looks good. The next hop is 172.16.28.2 which is reachable via direct link.</span><br />
<br />
<span style="font-size: large;">What about R1 BGP table?</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwU6Ye0F5i1Dg4X_r1ew73-V1CbbLsc_EEwgRm9RofTsD1Ke4El4vqNMSTyDgrgi-ppn-BNTaOhntvEn0e5gZO7N_5vnvL0PcFCuysWQvLNP9fs4bIkvTDjsjtC7eOxfvJiKsJc_vqgfU/s1600/R1-BGP-Table1.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="570" data-original-width="967" height="235" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwU6Ye0F5i1Dg4X_r1ew73-V1CbbLsc_EEwgRm9RofTsD1Ke4El4vqNMSTyDgrgi-ppn-BNTaOhntvEn0e5gZO7N_5vnvL0PcFCuysWQvLNP9fs4bIkvTDjsjtC7eOxfvJiKsJc_vqgfU/s400/R1-BGP-Table1.png" width="400" /></a></div>
<span style="font-size: large;">R1 shows 11 prefixes received. However, in the above output there is no '>' (greater than) symbol next to the asterisk. The '>' symbol indicates the best path that is currently missing for all prefixes advertised by R8. As a result of that, none of the prefixes listed will be installed in the routing table.</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">Notice the 'next-hop-value' for these prefixes!</span><br />
<span style="font-size: large;"><br /></span>
<br />
<div>
<pre style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#<span style="color: blue;">show ip route 172.16.28.8</span>
<span style="background-color: yellow;">% Subnet not in table</span>
R1#
R1#
R1#<span style="color: blue;">show ip bgp 10.8.0.0</span>
BGP routing table entry for 10.8.0.0/28, version 0
Paths: (1 available, no best path)
Not advertised to any peer
Refresh Epoch 1
65089
<span style="background-color: yellow;">172.16.28.8 (inaccessible)</span> from 172.16.123.2 (10.2.2.2)
Origin IGP, metric 0, localpref 100, valid, internal
R1
</pre>
</div>
<br />
<span style="font-size: large;">The next hop is preserved in eBGP advertisements (R8's interface IP address that is used for peering with R2). And it is not reachable. That is why, BGP prefixes won't get installed in the routing table.</span><br />
<br />
<div>
<pre style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#show ip route bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/32 is subnetted, 2 subnets
B 10.2.2.2 [200/0] via 172.16.123.2, 00:12:00
R1#
</pre>
</div>
<br />
<span style="font-size: large;">There are a few ways of dealing with this issue.</span><br />
<span style="font-size: large;"><br /></span>
<br />
<h3>
<span style="font-size: large;">Method 1</span></h3>
<span style="font-size: large;">Use 'next-hop-self' Command on R2 for peer R1.</span><span style="font-size: large;"> It is the recommended command on the router that connects eBGP with iBGP peers.<br /></span>
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">router bgp 65100
bgp router-id 10.2.2.2
bgp log-neighbor-changes
network 10.2.2.2 mask 255.255.255.255
neighbor 172.16.28.8 remote-as 65089
neighbor 172.16.123.1 remote-as 65100
<span style="background-color: yellow;">neighbor 172.16.123.1 next-hop-self</span>
R2(config-router)#
</pre>
</div>
<br />
<span style="font-size: large;">The result on R1 is this:</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<span style="font-size: large;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMgZhr6ks99Sd6bhOfs70G5mNMRPy5jLgD0H7NShAyl09pRln7dCVUfM8OXisyObvO7ddbMOa1gqqJIV4eO6VZslCrk_5uLNof6Ok4HgpVzgsSBEbWDCjTlZfVRFuduM_7lo4NbA-U2U4/s1600/R1-BGP-Table2.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="464" data-original-width="868" height="213" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgMgZhr6ks99Sd6bhOfs70G5mNMRPy5jLgD0H7NShAyl09pRln7dCVUfM8OXisyObvO7ddbMOa1gqqJIV4eO6VZslCrk_5uLNof6Ok4HgpVzgsSBEbWDCjTlZfVRFuduM_7lo4NbA-U2U4/s400/R1-BGP-Table2.png" width="400" /></a></span></div>
<br />
<br />
<span style="font-size: large;"></span><br />
<span style="font-size: large;">R1 finds next-hop-ip reachable (direct link).</span><br />
<span style="font-size: large;">Removing this command and trying a second method.</span><br />
<span style="font-size: large;"></span><br />
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R2(config)#router bgp 65100
R2(config-router)#no neighbor 172.16.123.1 next-hop-self
R2(config-router)#
</pre>
</div><p><span style="font-size: large;">After a 15 or so seconds the '>' best path shows up in the BGP table on R1:</span></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT74tx96b_MkGrqzCNzcI1lmZJ4KjAtoCPCB72ab3YqUcMWw-rqTT9xNiKb72XatkfdhIp76X5rnYjINXzkC1QEpWjCUKg0-dZUHCg6vIMdyn1RaqmQ3HYqrqdOiEpLDbBCzw-gxeSV9Q/s797/R1-after-next-hop.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="439" data-original-width="797" height="220" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhT74tx96b_MkGrqzCNzcI1lmZJ4KjAtoCPCB72ab3YqUcMWw-rqTT9xNiKb72XatkfdhIp76X5rnYjINXzkC1QEpWjCUKg0-dZUHCg6vIMdyn1RaqmQ3HYqrqdOiEpLDbBCzw-gxeSV9Q/w400-h220/R1-after-next-hop.png" width="400" /></a></div><br /><span style="font-size: large;">And the prefixes will be installed in the routing table on R1:</span><p></p><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5pnpTucYjZoxA6EEmei0Q6C0ZHzGrFawxXgJVlh6RkCma7WRCXZfFFCPvHS96Lv28TYh0FLAwVCSCBBQxY2rbHovMvyIetGgkRHi9k2Kr42vgqttIzXleGZgW4C1HQRPBL47rdGNaLXA/s782/r1-route-table-bgp.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="508" data-original-width="782" height="260" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5pnpTucYjZoxA6EEmei0Q6C0ZHzGrFawxXgJVlh6RkCma7WRCXZfFFCPvHS96Lv28TYh0FLAwVCSCBBQxY2rbHovMvyIetGgkRHi9k2Kr42vgqttIzXleGZgW4C1HQRPBL47rdGNaLXA/w400-h260/r1-route-table-bgp.png" width="400" /></a></div><br /><span style="font-size: large;">Remove configuration in BGP process:</span><p></p><p><span style="font-size: large;"><b>no neighbor 172.16.123.1 next-hop-self</b><br /></span></p><p><span style="font-size: large;"><br /></span></p><h3>
<span style="font-size: large;">Method 2</span></h3>
<span style="font-size: large;">Change 'next-hop' attribute using route-map.</span><br />
<br />
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;"><span style="background-color: yellow;">route-map NEXT_HOP permit 10</span>
<span style="background-color: yellow;">set ip next-hop 172.16.123.2</span>
!
router bgp 65100
bgp router-id 10.2.2.2
bgp log-neighbor-changes
network 10.2.2.2 mask 255.255.255.255
neighbor 172.16.28.8 remote-as 65089
neighbor 172.16.123.1 remote-as 65100
<span style="background-color: yellow;">neighbor 172.16.123.1 route-map NEXT_HOP out</span>
</pre>
</div>
<br />
<span style="font-size: large;">Remove the configuration and try the third method.</span><br />
<span style="font-size: large;"><br /></span>
<br />
<h3>
<span style="font-size: large;">Method 3</span></h3>
<span style="font-size: large;">Advertise link (IP) between R2 and R8 using an IGP protocol (for instance EIGRP/OSPF/IS-IS, etc).</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;"></span><br />
<span style="font-size: large;">R1 EIGRP Configuration:</span><span style="font-size: large;"><br /></span>
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">router eigrp 100
network 172.16.123.1 0.0.0.0
eigrp router-id 10.1.1.1<span style="font-size: large;">
</span></pre>
</div>
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">R2 EIGRP Configuration:</span><br />
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">router eigrp 100
network 172.16.28.2 0.0.0.0
network 172.16.123.2 0.0.0.0
eigrp router-id 10.2.2.2
</pre>
</div>
<br />
<span style="font-size: large;">That does the trick as well. R1 learns how to reach next-hop 172.16.28.8 via EIGRP.</span><br />
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#show ip route 172.16.28.8
Routing entry for 172.16.28.0/24
Known via "eigrp 100", distance 90, metric 307200, type internal
Redistributing via eigrp 100
Last update from 172.16.123.2 on Ethernet0/0.123, 00:04:23 ago
Routing Descriptor Blocks:
* 172.16.123.2, from 172.16.123.2, 00:04:23 ago, via Ethernet0/0.123
Route metric is 307200, traffic share count is 1
Total delay is 2000 microseconds, minimum bandwidth is 10000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
R1#
</pre>
</div>
<br />
<span style="font-size: large;">And the last method would be to redistribute connected network 172.16.28.0 into IGP protocol.</span>Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-9911775690528153182020-08-04T09:46:00.000+01:002020-08-04T11:58:23.433+01:00BGP Network Statement<div style="text-align: center;">
<span style="font-size: x-large;"><a href="https://ciscoiseasy.blogspot.com/2020/07/building-ebgp-peering.html">Previous</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/cisco-next-step.html">Cisco</a> | <a href="https://ciscoiseasy.blogspot.com/2020/08/bgp-next-hop-attribute.html">Next</a></span></div>
<div>
<br /></div>
<hr />
<br />
<span style="font-size: large;">As of now, there are a number of Loopback interfaces in R8's configuration.</span><br />
<span style="font-size: large;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUmOcPEG-QpejQUlU6pErQGI2x14JR1YYX-bmDqxPh23V4ZzhePz32ae9YYDUHC0JME-n_JZwWpXCb08CSAwYVaJVWzc06HUioWdN6rWKkGHFiejddbxgjvsJPnSeAROhDNPnMhnhsBEY/s1600/next-step-topology-addressing.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1126" data-original-width="1600" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUmOcPEG-QpejQUlU6pErQGI2x14JR1YYX-bmDqxPh23V4ZzhePz32ae9YYDUHC0JME-n_JZwWpXCb08CSAwYVaJVWzc06HUioWdN6rWKkGHFiejddbxgjvsJPnSeAROhDNPnMhnhsBEY/s400/next-step-topology-addressing.png" width="400" /></a></div>
<span style="font-size: large;">These loopback subnets have different mask length to illustrate an important point: BGP can only advertise the networks/subnets with exact mask found in the routing table. Also, if the network/mask pair of the interface being advertised is not a classful network, the keyword 'mask' mast be present as shown below BGP configuration. All below interfaces are subnets of class A network. </span><br />
<br />
<br />
<div>
<pre style="background: #ffffff; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">interface Loopback0
ip address 10.8.8.8 255.255.255.255
!
interface Loopback10
ip address 10.8.0.1 255.255.255.240
!
interface Loopback11
ip address 10.8.0.17 255.255.255.240
!
interface Loopback12
ip address 10.8.0.33 255.255.255.240
!
interface Loopback13
ip address 10.8.0.49 255.255.255.240
!
interface Loopback14
ip address 10.8.80.1 255.255.255.0
!
interface Loopback15
ip address 10.8.81.1 255.255.255.0
!
interface Loopback16
ip address 10.8.82.1 255.255.255.0
!
interface Loopback17
ip address 10.8.83.1 255.255.255.0
</pre>
</div>
<br />
<span style="font-size: large;"> Here's the R8 Configuration that advertises those prefixes:</span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R8(config)#router bgp 65089
R8(config-router)#network 10.8.8.8 mask 255.255.255.255
R8(config-router)#network 10.8.0.0 mask 255.255.255.240
R8(config-router)#network 10.8.0.16 mask 255.255.255.240
R8(config-router)#network 10.8.0.32 mask 255.255.255.240
R8(config-router)#network 10.8.0.48 mask 255.255.255.240
R8(config-router)#network 10.8.80.0 mask 255.255.255.0
R8(config-router)#network 10.8.81.0 mask 255.255.255.0
R8(config-router)#network 10.8.82.0 mask 255.255.255.0
R8(config-router)#network 10.8.83.0 mask 255.255.255.0
R8(config-router)#
</pre>
</div>
<br />
<span style="font-size: large;">First a quick check in the BGP routing table of R8 reveals the following:</span><br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmD7c55Afjp7k8b2wgzsvVuSGIK948VL28uYyO69-QtPvGqz3RYP6UItVRPZxFSyps02slk1I-tiFNSOHbFOPDLQNwa122rqk95b82cS5Z6AnjKPgb_US8_5AkNVHAKZG1FO-R8T2cgbE/s1600/R8-BGP-Route-Table.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="381" data-original-width="870" height="175" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhmD7c55Afjp7k8b2wgzsvVuSGIK948VL28uYyO69-QtPvGqz3RYP6UItVRPZxFSyps02slk1I-tiFNSOHbFOPDLQNwa122rqk95b82cS5Z6AnjKPgb_US8_5AkNVHAKZG1FO-R8T2cgbE/s400/R8-BGP-Route-Table.png" width="400" /></a></div>
<br />
<span style="font-size: large;">There are three things that are important to notice. They all indicate that the prefixes have been advertised into BGP on the local router:</span><br />
<ol>
<li><span style="font-size: large;">Next Hop is 0.0.0.0.</span></li>
<li><span style="font-size: large;">In the 'Path', there is no AS numbers.</span></li>
<li><span style="font-size: large;">The 'Weight' attribute takes default 32768 value.</span></li>
</ol>
<span style="font-size: large;">R2 shows the AS 65089 originating prefixes. The local AS number is 65100. </span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKUQGAsFKucnaDizEzQ0PA1T4f7SP66RGathV9xZ8Q6TakeY8R9BDCZC4dALL-yRrJbNwOR9NYwirmpJAcVkiZ58bhLjFVELNb_7VUm3LWFGXbLu-BdYwspPzZJ8qCKb70wCwPMQxcAlY/s1600/R2-BGP-Route-Table.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="401" data-original-width="870" height="183" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKUQGAsFKucnaDizEzQ0PA1T4f7SP66RGathV9xZ8Q6TakeY8R9BDCZC4dALL-yRrJbNwOR9NYwirmpJAcVkiZ58bhLjFVELNb_7VUm3LWFGXbLu-BdYwspPzZJ8qCKb70wCwPMQxcAlY/s400/R2-BGP-Route-Table.png" width="400" /></a></div>
<span style="font-size: large;"> Let's add one more loopback on R8 with a class C network and advertise this one into BGP as well. Notice, there is no 'mask' keyword as the network/mask pair are both class C.</span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">interface Loopback18
ip address 198.51.100.1 255.255.255.0
</pre>
</div>
<br />
<span style="font-size: large;">BGP prefix advertisement is going to be this:</span><br />
<span style="font-size: large;"><br /></span>
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R8(config)#router bgp 65089
R8(config-router)#network 198.51.100.0
</pre>
</div>
<br />
<span style="font-size: large;">The alternative way of advertising subnets/networks would be to redistribute them into BGP. I will practice that a bit later.</span>
<br />
<span style="font-size: large;"><br /></span>
Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-86213540407655659532020-07-27T11:28:00.000+01:002020-07-27T11:28:16.398+01:00Linux-Next-Step<div style="text-align: center;">
<span style="font-size: x-large;"><a href="https://ciscoiseasy.blogspot.com/">Home</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/networking-next-step.html">Next Step</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/cisco-next-step.html">Cisco</a> | Linux</span></div>
<div>
<br /></div>
<hr />
<br />
<div>
<span style="font-size: large;">Linux is the best playground for curious minds.</span></div>
<div>
<span style="font-size: large;"><br /></span></div>
<div>
<span style="color: #3367d6; font-size: large;"><span style="font-size: large;"><b><a href="https://ciscoiseasy.blogspot.com/2020/07/ip-geo-location.html">IP Geolocation</a></b></span></span><br />
<a href="https://ciscoiseasy.blogspot.com/2020/07/connecting-kali-linux-to-wifi-network.html"><span style="color: #3367d6; font-size: large;"><span style="font-size: large;"><b>Connecting Kali Linux to WiFi Network</b></span></span></a><br />
<a href="https://ciscoiseasy.blogspot.com/2020/07/linux-simple-firewall-using-iptables.html"><span style="color: #3367d6; font-size: large;"><span style="font-size: large;"><b>Linux Simple Firewall Using IPTABLES</b></span></span></a><br />
<span style="color: #3367d6; font-size: large;"><span style="font-size: large;"><b><a href="https://ciscoiseasy.blogspot.com/2020/07/blackhole-traffic-in-linux.html">Blackhole Traffic in Linux</a> </b></span></span><br />
</div>
Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-85573666277094394342020-07-27T11:27:00.000+01:002020-07-27T11:30:30.610+01:00Blackhole Traffic in Linux<div style="text-align: center;">
<span style="font-size: x-large;"><a href="https://ciscoiseasy.blogspot.com/2020/07/linux-simple-firewall-using-iptables.html">Previous</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/linux-next-step.html">Linux</a> | Next</span></div>
<div>
<br /></div>
<hr />
<br />
<span style="font-size: large;">A few times, I had this issue with some client connected to one our servers that was filling up the disk space with some garbage.</span><br />
<br />
<span style="font-size: large;">At that point (customer or not), I needed to block their IP from connecting. There are many ways of doing that (IPTABLES, SELinux, etc.) There is also a way of doing that by rejecting their IP using routing table in Linux.</span><br />
<br /><span style="font-size: large;">In this example I will use my two Raspberry PI computers. The first one, 192.168.0.253 (clu) will block the second one 192.168.0.254 (tron). </span><br />
<span style="font-size: large;"><br /></span>
<b><span style="font-size: large;">Method 1</span></b><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">pi@clu $ sudo route add 192.168.0.254 gw 127.0.0.1
pi@clu $
</pre>
</div>
<br />
<span style="font-size: large;"> </span><span style="font-size: large;"><span style="font-size: large;">The ef</span></span><span style="font-size: large;"><span style="font-size: large;">ect of this command will produce the following output:</span></span><b><span style="font-size: large;"><span style="font-size: large;"><br /></span></span></b><br />
<br />
<div>
<pre style="background: #ffffff; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">pi@clu $ <span style="color: blue;">netstat -nr</span>
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
<span style="background-color: yellow;">192.168.0.254 127.0.0.1 255.255.255.255 UGH 0 0 0 lo</span>
pi@clu $
</pre>
</div>
<br />
<span style="font-size: large;">Removal is the same command with 'del' instead of 'add'.</span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">pi@clu $ sudo route del 192.168.0.254 gw 127.0.0.1
pi@clu $
</pre>
</div>
<br />
<b><span style="font-size: large;">Method 2</span></b><br />
<span style="font-size: large;">Another way of accomplishing the same task is the following route table change</span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">pi@clu $ sudo route add -host 192.168.0.254 reject
pi@clu $
</pre>
</div>
<br />
<span style="font-size: large;">It creates the following route table entry:</span><br />
<br />
<div>
<pre style="background: #ffffff; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">pi@clu $ <span style="color: blue;">netstat -nr</span>
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
<span style="background-color: yellow;">192.168.0.254 - 255.255.255.255 !H - - - -</span>
pi@clu $
</pre>
</div>
<br />
<span style="font-size: large;">In a similar way, we can use use keyword '-net 192.168.0.0 netmask 255.255.255.0 reject'. This will stop the whole network from entering our server. </span><br />
<br />
<span style="font-size: large;">Again, in order to remove it, the following needs to be configured:</span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">pi@clu $ sudo route del -host 192.168.0.254 reject
pi@clu $
</pre>
</div>
<br />
<span style="font-size: large;">Finally, also a quick method is to use the keyword 'blackhole'.</span><br />
<br />
<span style="font-size: large;"><b>Method 3</b> </span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">pi@clu $ sudo ip route add blackhole 192.168.0.254/32
pi@clu $
</pre>
</div>
<br />
<span style="font-size: large;">This will create the following entry in the routing table:</span><br />
<br />
<div>
<pre style="background: #ffffff; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">pi@clu $ <span style="color: blue;">netstat -nr</span>
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
<span style="background-color: yellow;">192.168.0.254 0.0.0.0 255.255.255.255 UH 0 0 0 *</span>
pi@clu $
</pre>
</div>
<br />
<span style="font-size: large;">In order to remove this entry type in: </span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">pi@clu $ sudo ip route del blackhole 192.168.0.254/32
pi@clu $
</pre>
</div>
<br />
<br />
<br />Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-85996252072396240982020-07-27T10:05:00.001+01:002020-08-04T09:48:08.197+01:00Building eBGP Peering<div style="text-align: center;">
<span style="font-size: x-large;"><a href="https://ciscoiseasy.blogspot.com/2020/07/ibgp-neighbor-address.html">Previous</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/cisco-next-step.html">Cisco</a> | <a href="https://ciscoiseasy.blogspot.com/2020/08/bgp-network-statement.html">Next</a></span></div>
<div>
<br /></div>
<hr />
<br />
<span style="font-size: large;">When two BGP routers that belong to different Autonomous System establish session, they effectively form an eBGP session. Here is an example of configuring eBGP session between R2 (AS 65100) and R8 (AS 65089).</span><br />
<span style="font-size: large;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUmOcPEG-QpejQUlU6pErQGI2x14JR1YYX-bmDqxPh23V4ZzhePz32ae9YYDUHC0JME-n_JZwWpXCb08CSAwYVaJVWzc06HUioWdN6rWKkGHFiejddbxgjvsJPnSeAROhDNPnMhnhsBEY/s1600/next-step-topology-addressing.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1126" data-original-width="1600" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUmOcPEG-QpejQUlU6pErQGI2x14JR1YYX-bmDqxPh23V4ZzhePz32ae9YYDUHC0JME-n_JZwWpXCb08CSAwYVaJVWzc06HUioWdN6rWKkGHFiejddbxgjvsJPnSeAROhDNPnMhnhsBEY/s400/next-step-topology-addressing.png" width="400" /></a></div>
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">R8 Configuration:</span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">router bgp 65089
bgp router-id 10.8.8.8
bgp log-neighbor-changes
neighbor 172.16.28.2 remote-as 65100
</pre>
</div>
<br />
<span style="font-size: large;">Now R2 Configuration:</span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">router bgp 65100
bgp router-id 10.2.2.2
bgp log-neighbor-changes
neighbor 172.16.28.8 remote-as 65089
</pre>
</div>
<br />
<span style="font-size: large;">Verification of the session.</span><br />
<br />
<div>
<pre style="background: #ffffff; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R2#<span style="color: blue;">show ip bgp summary</span>
BGP router identifier 10.2.2.2, <span style="background-color: yellow;">local AS number 65100</span>
BGP table version is 1, main routing table version 1
<span style="background-color: yellow;">Neighbor</span> V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
<span style="color: yellow;">172.16.28.</span>8 4 <span style="background-color: yellow;">65089</span> 5 5 1 0 0 00:01:29 0
R2#
</pre>
</div>
<br />
<span style="font-size: large;">All is good here.</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">More elaborate output:</span><br />
<br />
<div>
<pre style="background: #ffffff; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R2#show ip bgp neighbor 172.16.28.8
BGP neighbor is 172.16.28.8, remote AS 65089, external link
BGP version 4, remote router ID 10.8.8.8
BGP state = Established, up for 00:05:02
[snip]
Local host: 172.16.28.2, Local port: 179
Foreign host: 172.16.28.8, Foreign port: 12099
</pre>
</div>
<br />
<span style="font-size: large;">In preparation to next lab I want to advertise a few prefixes on R8, so that R2 can learn them.</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">First, I am going to create a few loopback interfaces with IP addresses.</span><br />
<br />
<div>
<pre style="background: #ffffff; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">interface Loopback0
ip address 10.8.8.8 255.255.255.255
!
interface Loopback10
ip address 10.8.0.1 255.255.255.240
!
interface Loopback11
ip address 10.8.0.17 255.255.255.240
!
interface Loopback12
ip address 10.8.0.33 255.255.255.240
!
interface Loopback13
ip address 10.8.0.49 255.255.255.240
!
interface Loopback14
ip address 10.8.80.1 255.255.255.0
!
interface Loopback15
ip address 10.8.81.1 255.255.255.0
!
interface Loopback16
ip address 10.8.82.1 255.255.255.0
!
interface Loopback17
ip address 10.8.83.1 255.255.255.0
!
</pre>
</div>
<br />
<span style="font-size: large;">As for advertising networks in BGP, this protocol is unlike IGP protocols such as IS-IS, OSPF, EIGRP.</span><br />
<br />
<span style="font-size: large;">Those observations deserve a separate post.</span>Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-44930684159870138212020-07-25T09:58:00.001+01:002020-07-27T11:29:29.080+01:00Linux Simple Firewall Using IPTABLES<div style="text-align: center;">
<br />
<span style="font-size: x-large;"><a href="https://ciscoiseasy.blogspot.com/2020/07/connecting-kali-linux-to-wifi-network.html">Previous</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/linux-next-step.html">Linux</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/blackhole-traffic-in-linux.html">Next</a></span></div>
<div>
<br /></div>
<hr />
<br />
<span style="font-size: large;">The basic computer protection is to only allow connections necessary. Anything else should be disconnected.</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">I want to check what ports my Kali Linux has currently open. The best tool to quickly do that is NMAP scanner (written by <a href="https://insecure.org/fyodor/">Gordon Lyon</a>).</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">Here goes (my Kali Linux):</span><br />
<br />
<div>
<pre style="background: #ffffff; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">jr@rat $ nmap 192.168.0.251
Starting Nmap 7.01 ( https://nmap.org ) at 2020-07-25 09:07 IST
Nmap scan report for hack (192.168.0.251)
Host is up (0.0038s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
<span style="background-color: yellow;">22/tcp open ssh</span>
Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds
jr@rat $
</pre>
</div>
<br />
<span style="font-size: large;">That's good. Only SSH server is running on the box.</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">What is the current state of IPTABLES configuration?</span><br />
<br />
<div>
<pre style="background: #ffffff; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;"><span style="color: red;">pi@hack</span>: $ <span style="color: blue;">sudo iptables -L</span>
[sudo] password for pi:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
<span style="color: red;">pi@hack</span>: $
</pre>
</div>
<br />
<span style="font-size: large;">Here's a simple protection allowing only SSH traffic to my Linux box.</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">INPUT policy is set to 'ACCEPT'. I want to change it.</span><br />
<br />
<span style="font-size: large;"><span style="font-size: large;">I would
like to give it a simple, extra protection. In case I will
open other ports in the future, they won't be accessible to the rest of my network.
Not until I permit this in IPTABLES.</span></span><br />
<br />
<span style="font-size: large;"><span style="font-size: large;">So here is my simple configuration allowing SSH only.</span></span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">pi@hack: $ sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
pi@hack: $ sudo iptables -A INPUT -i lo -j ACCEPT
pi@hack: $ sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
pi@hack: $ sudo iptables -P INPUT DROP
pi@hack: $
</pre>
</div>
<br />
<span style="font-size: large;"><span style="font-size: large;"> What is it doing?</span></span><br />
<span style="font-size: large;"><span style="font-size: large;"><br /></span></span>
<span style="font-size: large;"><span style="font-size: large;"><b>iptables -A INPUT</b> </span></span><br />
<span style="font-size: large;"><span style="font-size: large;">It will add (-A) entry to the INPUT chain (the one that deals with the packets trying to enter the box). </span></span><br />
<span style="font-size: large;"><span style="font-size: large;"><br /></span></span>
<b><span style="font-size: large;"><span style="font-size: large;">-m conntrack</span></span></b><br />
<span style="font-size: large;"><span style="font-size: large;">This refers to the stateful firewall module that allows the system to track the existing connection (initiated by this very computer) and allow the returning traffic to be accepted rather than dropped.</span></span><br />
<span style="font-size: large;"><span style="font-size: large;"><br /></span></span>
<b><span style="font-size: large;"><span style="font-size: large;">ESTABLISHED,RELATED</span></span></b><br />
<span style="font-size: large;"><span style="font-size: large;">The state of the connections might be of different sorts. Here ESTABLISHED means that my system has already received reply from the host it sent packet to. RELATED, will are packets that relate to already ESTABLISHED session (like ftp data session relies on already established control session).</span></span><br />
<span style="font-size: large;"><span style="font-size: large;"><br /></span></span>
<b><span style="font-size: large;"><span style="font-size: large;">--ctstate</span></span></b><br />
<span style="font-size: large;"><span style="font-size: large;">This sets the state such as (ESTABLISHED, RELATED, INVALID, etc.).</span></span><br />
<span style="font-size: large;"><span style="font-size: large;"><br /></span></span>
<span style="font-size: large;"><span style="font-size: large;">Next line, </span></span><br />
<br />
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">iptables -A INPUT -i lo -j ACCEPT</pre>
<span style="font-size: large;"><span style="font-size: large;"><br /></span></span>
<span style="font-size: large;"><span style="font-size: large;">allows daemons talk to Loopback interface. Without this line, local software can't talk to other hosts.</span></span><br />
<span style="font-size: large;"><span style="font-size: large;"><br /></span></span>
<span style="font-size: large;"><span style="font-size: large;">The line that allows ssh traffic coming in (self explanatory)</span></span><br />
<br />
<br />
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT</pre>
<span style="font-size: large;"><span style="font-size: large;"><br /></span></span>
<span style="font-size: large;"><span style="font-size: large;">And finally, the INPUT policy (-P) will drop everything that is not otherwise allowed.</span></span><br />
<span style="font-size: large;"><span style="font-size: large;"><br /></span></span>
<span style="font-size: large;"><span style="font-size: large;">The last problem to solve is that this configuration is not persistent. It will not survive the reboot.</span></span><br />
<span style="font-size: large;"><span style="font-size: large;"><br /></span></span>
<span style="font-size: large;"><span style="font-size: large;">In order to make it work like this after the computer is rebooted, I need to install extra package.</span></span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">pi@hack: $ sudo apt-get install iptables-persistent
pi@hack: $
</pre>
</div>
<br />
<span style="font-size: large;"><span style="font-size: large;">During the installation, a windows pops up asking if I want to save current configuration. I am going to oblige.</span></span><br />
<br />
<span style="font-size: large;"><span style="font-size: large;">Verification of this 'save' is below: </span></span><br />
<br />
<div>
<pre style="background: #ffffff; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;"><span style="color: red;">pi@hack</span>: $ <span style="color: blue;">cat /etc/iptables/rules.v4</span>
# Generated by xtables-save v1.8.2 on Sat Jul 25 09:41:15 2020
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
COMMIT
# Completed on Sat Jul 25 09:41:15 2020
<span style="color: red;">pi@hack</span>: $
</pre>
</div>
<br />
<span style="font-size: large;"><span style="font-size: large;">After adding extra lines, saving new configuration can be done with the following command:</span></span><br />
<br />
<span style="font-size: large;"><span style="font-size: large;"><b>sudo sh -c "iptables-save > /etc/iptables/rules.v4"</b> </span></span><br />
<br />
<span style="font-size: large;"><span style="font-size: large;">Similarly, the restoration of the configuration from the file, would look as follows:</span></span><br />
<br />
<span style="font-size: large;"><span style="font-size: large;"><b>sudo sh -c "iptables-restore < /etc/iptables/rules.v4</b> </span></span><br />
<span style="font-size: large;"><span style="font-size: large;"><br /></span></span>
<span style="font-size: large;"><span style="font-size: large;">One last observation about Kali Linux is that the iptables service is not turned on by default.</span></span><br />
<br />
<div>
<pre style="background: #ffffff; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;"><span style="color: red;">pi@hack</span>: $ <span style="color: blue;">systemctl status iptables</span>
● iptables.service - netfilter persistent configuration
Loaded: loaded (/etc/alternatives/iptables.service; disabled; vendor preset: disabled)
<span style="background-color: yellow;">Active: inactive (dead)</span>
Docs: man:netfilter-persistent(8)
<span style="color: red;">pi@hack</span>: $
</pre>
</div>
<br />
<span style="font-size: large;"><span style="font-size: large;">Quick enable mode (start for starting it now) should do the trick. After next reboot, iptables will be turned on doing what I have asked it to do.</span></span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;"><span style="color: red;">pi@hack</span>: $ sudo systemctl enable iptables
Created symlink /etc/systemd/system/multi-user.target.wants/netfilter-persistent.service → /lib/systemd/system/netfilter-persistent.service.
pi@hack: $
</pre>
</div>
<br />
<span style="font-size: large;"><span style="font-size: large;">On to the next system discovery...</span></span>Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-78853775088458498892020-07-25T08:28:00.001+01:002020-10-15T00:49:11.432+01:00iBGP Neighbor Address<div style="text-align: center;">
<span style="font-size: x-large;"><a href="https://ciscoiseasy.blogspot.com/2020/07/building-ibgp-peering.html">Previous</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/cisco-next-step.html">Cisco</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/building-ebgp-peering.html">Next</a></span></div>
<div>
<br /></div>
<hr />
<br />
<span style="font-size: large;">When establishing BGP sessions between two nodes, there is one more thing worth noting.</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<span style="font-size: large;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLIXJIJZojhxWytnkfO7-e7HSEyFBmJjvROsWmwg9QbDaB4rTqJBbEn6_Fo_zkSRHePORmICFE_SZA40AE30zlA-TqX4qvunmZ9gnMKm71pYM5NdAxXNjJ-1ktz__QaKTavB_I1QyoAxc/s1600/03-1_Topology.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="262" data-original-width="295" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhLIXJIJZojhxWytnkfO7-e7HSEyFBmJjvROsWmwg9QbDaB4rTqJBbEn6_Fo_zkSRHePORmICFE_SZA40AE30zlA-TqX4qvunmZ9gnMKm71pYM5NdAxXNjJ-1ktz__QaKTavB_I1QyoAxc/s1600/03-1_Topology.png" /></a></span></div>
<br />
<br />
<span style="font-size: large;"> Let's remove previous configuration and start from scratch.</span><br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-size: large;">R1:</span>
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#no router bgp 65104
</pre>
</div>
<br />
<br />
<span style="font-size: large;">R4:</span>
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#no router bgp 65104
</pre>
</div>
<br />
<span style="font-size: large;"> Let's rebuild this iBGP peering between R1 and R4, but incorrectly this time. </span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">First, on R1:</span><br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1(config)#router bgp 65104
R1(config-router)#neighbor 172.16.14.4 remote-as 65104
R1(config-router)#end
R1#
</pre>
</div>
<br />
<span style="font-size: large;">So far, so good. But now, R4's configuration is going to teach us a lesson.</span><br />
<span style="font-size: large;"><br /></span>
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4(config)#router bgp 65104
R4(config-router)#neighbor 172.16.104.1 remote-as 65104
R4(config-router)#end
R4#
</pre>
</div>
<br />
<span style="font-size: large;">This is not working. iBGP Session is not getting established. What is wrong here?</span><br />
<br />
<span style="font-size: large;">First debug shows this:</span><br />
<br />
<div>
<pre style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4#<span style="color: blue;">debug ip tcp transactions</span>
TCP special event debugging is on
R4#u all
Reserved port 0 in Transport Port Agent for TCP IP type 0
TCP: connection attempt to port 179
TCP: sending RST, seq 0, ack 1549513988
TCP: <span style="background-color: yellow;">sent RST to 172.16.14.1:47137 from 172.16.14.4:179</span>
Released port 0 in Transport Port Agent for TCP IP type 0 delay 240000
TCP0: state was LISTEN -> CLOSED [0 -> UNKNOWN(0)]
TCB 0xF3E55AD0 destroyed
R4#<span style="color: blue;">u all</span>
R4#
</pre>
</div>
<br />
<span style="font-size: large;">R4 is sending TCP RST. But why? It is configured to run BGP AS 65104 after all!</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">Let's tear R1's configuration apart. </span><br />
<br />
<span style="font-size: large;">The router process is configured to be AS 65401. So is the AS number on R4. All in order here.</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">R1 configuration contains the 'neighbor 172.16.14.4 remote-as 65401'. This means, that R1 is going to try to establish iBGP session with R4. Since R1 has two interfaces towards R4, it is going to use the one that routing table uses as best path towards 172.16.14.4. Here it is:</span><br />
<br />
<div>
<pre style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#<span style="color: blue;">show ip route 172.16.14.4</span>
Routing entry for 172.16.14.0/24
Known via "connected", distance 0, metric 0 (connected, via interface)
Routing Descriptor Blocks:
<span style="background-color: yellow;">* directly connected, via Ethernet0/0.14</span>
Route metric is 0, traffic share count is 1
R1#
</pre>
</div>
<br />
<span style="font-size: large;">In order to send TCP SYN R1 will use its Ethernet0/0.14 to reach 172.16.14.4. It is going to source this request with IP address found on this interface: <b>172.16.14.1</b>.</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">A temporary ACL and debug ip packet detail (use in lab only), are going to help see what is going on.</span><br />
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4(config)#access-list 101 permit ip host 172.16.14.1 any
R4(config)#access-list 101 permit ip host 172.16.14.4 any
R4(config)#
</pre>
</div>
<br />
<span style="font-size: large;">This ACL will be used in the debug.</span><br />
<br />
<div>
<pre style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4#<span style="color: blue;">debug ip packet detail 101</span>
IP packet debugging is on (detailed) for access list 101
R4#
IP: <span style="background-color: yellow;">s=172.16.14.1 (Ethernet0/0.14), d=172.16.14.4</span>, len 44, input feature
TCP src=41155, dst=179, seq=702428119, ack=0, win=16384 <span style="background-color: yellow;">SYN</span>, MCI Check(88), rtype 0, forus FALSE, sendself FALSE, mtu 0, fwdchk FALSE
FIBipv4-packet-proc: route packet from Ethernet0/0.14 src 172.16.14.1 dst 172.16.14.4
FIBfwd-proc: Default:172.16.14.4/32 receive entry
FIBipv4-packet-proc: packet routing failed
IP: tableid=0, s=172.16.14.1 (Ethernet0/0.14), d=172.16.14.4 (Ethernet0/0.14), routed via RIB
IP: s=172.16.14.1 (Ethernet0/0.14), d=172.16.14.4 (Ethernet0/0.14), len 44, rcvd 3
TCP src=41155, dst=179, seq=702428119, ack=0, win=16384 SYN
IP: s=172.16.14.1 (Ethernet0/0.14), d=172.16.14.4
R4#, len 44, stop process pak for forus packet
TCP src=41155, dst=179, seq=702428119, ack=0, win=16384 SYN
FIBipv4-packet-proc: route packet from (local) src 172.16.14.4 dst 172.16.14.1
FIBfwd-proc: packet routed by adj to Ethernet0/0.14 172.16.14.1
FIBipv4-packet-proc: packet routing succeeded
IP: <span style="background-color: yellow;">s=172.16.14.4 (local), d=172.16.14.1 (Ethernet0/0.14)</span>, len 40, sending
TCP src=179, dst=41155, seq=0, ack=702428120, win=0 <span style="background-color: yellow;">ACK RST</span>
IP: s=172.16.14.4 (local), d=172.16.14.1 (Ethernet0/0.14), len 40, sending full packet
TCP src=179, dst=41155, seq=0, ack=702428120, win=0 ACK RST
R4#u all
All possible debugging has been turned off
R4#
</pre>
</div>
<br />
<span style="font-size: large;">Clearly R4 does not like the request sent by R1. </span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">The reason is that R4 BGP configuration has the following line:</span><br />
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4(config)#router bgp 65104
R4(config-router)#<span style="background-color: yellow;">neighbor 172.16.104.1 remote-as 65104</span>
R4(config-router)#end
R4#
</pre>
</div>
<br />
<span style="font-size: large;">R4 will try to establish the TCP (BGP) session with R1 using its outgoing interface Ethernet0/0.104.</span><br />
<br />
<span style="font-size: large;">It expects to receive TCP SYN from R1 with the source IP address 172.16.104.1, <b>not</b> currently seen 172.16.14.1. Establishing session fails on both routers due to the neighbor IP address misconfiguration. </span><br />
<h3>
<span style="font-size: large;">Conclusion</span></h3>
<span style="font-size: large;">BGP neighbor IP address configured must match IP address of the incoming TCP SYN (port 179) from the peer. If not here's what we see:</span><br />
<br />
<br />
<div>
<pre style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#<span style="color: blue;">show ip bgp summary</span>
BGP router identifier 10.1.1.1, local AS number 65104
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.16.14.4 4 65104 0 0 1 0 0 never <span style="background-color: yellow;">Idle</span>
R1#
R4#<span style="color: blue;">show ip bgp summary</span>
BGP router identifier 10.4.4.4, local AS number 65104
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.16.104.1 4 65104 0 0 1 0 0 never <span style="background-color: yellow;">Idle</span>
R4#
</pre>
</div>
<br />
<span style="font-size: large;"> Remove the configuration from this (and previous lab). Up next, eBGP session.</span>Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-9633582201910386082020-07-19T15:18:00.000+01:002020-07-25T10:00:30.023+01:00Connecting Kali Linux to WiFi Network<div style="text-align: center;">
<span style="font-size: x-large;"><a href="https://ciscoiseasy.blogspot.com/2020/07/ip-geo-location.html">Previous</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/linux-next-step.html">Linux</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/linux-simple-firewall-using-iptables.html">Next</a></span></div>
<div>
<br /></div>
<hr />
<br />
<span style="font-size: large;">My old and battered Dell Optiplex 745 desktop has seen better days. But I just can't part with it. Not when it is still alive.</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">I have installed Kali Linux on the Optiplex. It is nice to see it breathe again. I have decided to learn this Linux distribution a bit. Who knows, it may come in handy some day. </span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">Since this machine has no wireless adapter, I am going to plug in a USB one. Let's see what <b>/var/log/messages</b> says about it.</span><br />
<span style="font-size: large;"><br /></span>
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">usb 1-3: new high-speed USB device number 2 using ehci-pci
usb 1-3: New USB device found, idVendor=0bda, idProduct=8176, bcdDevice= 2.00
usb 1-3: New USB device strings: Mfr=1, Product=2, SerialNumber=3
usb 1-3: Manufacturer: Realtek
usb 1-3: SerialNumber: 00e04c000001
mtp-probe: bus: 1, device: 2 was not an MTP device
mtp-probe: checking bus 1, device 2: "/sys/devices/pci0000:00/0000:00:1a.7/usb1/1-3"
kernel: [ 861.048033] rtl8192cu: Chip version 0x10
kernel: [ 861.124660] rtl8192cu: Board Type 0
kernel: [ 861.124892] rtl_usb: rx_max_size 15360, rx_urb_num 8, in_ep 1
kernel: [ 861.124964] rtl8192cu: Loading firmware rtlwifi/rtl8192cufw_TMSC.bin
kernel: [ 861.180081] usbcore: registered new interface driver rtl8192cu
kernel: [ 861.190722] usb 1-3: firmware: direct-loading firmware rtlwifi/rtl8192cufw_TMSC.bin
mtp-probe: checking bus 1, device 2: "/sys/devices/pci0000:00/0000:00:1a.7/usb1/1-3"
mtp-probe: bus: 1, device: 2 was not an MTP device
kernel: [ 861.253312] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
kernel: [ 861.255516] rtl8192cu: MAC auto ON okay!
kernel: [ 861.298164] rtl8192cu: Tx queue select: 0x05
kernel: [ 861.815663] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
kernel: [ 861.840767] rtl8192cu: MAC auto ON okay!
kernel: [ 861.873790] rtl8192cu: Tx queue select: 0x05
kernel: [ 862.397726] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
kernel: [ 862.685255] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
</pre>
</div>
<br />
<span style="font-size: large;">The system recognizes Realtek USB WiFi adapter. </span><br />
<br />
<span style="font-size: large;">Now would be the time to try to make it work. Let's start with looking at what network adapters Kali can see:</span><br />
<span style="font-size: large;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjR7zykBLS0I70S7yIkjWZp2g-uJzZh44zIjAOZQlXoS4jH2nbT2maRmn6O76_I7Yi228DVw7ezG8v6O0DzuB7iy38xm6GaG2PU91noHR0zGWtCirTgnfgtmXsAjfb4poMNOtej5__BDRw/s1600/nmcli-dev.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="178" data-original-width="634" height="111" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjR7zykBLS0I70S7yIkjWZp2g-uJzZh44zIjAOZQlXoS4jH2nbT2maRmn6O76_I7Yi228DVw7ezG8v6O0DzuB7iy38xm6GaG2PU91noHR0zGWtCirTgnfgtmXsAjfb4poMNOtej5__BDRw/s400/nmcli-dev.png" width="400" /></a></div>
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">The WiFi adapter shows as 'wlan0' and is currently disconnected. </span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">Now onto the WiFi Access Points discovery (I know my AP name but I want to have some fun on this Sunday morning). The following command will discover all APs in the neighborhood.</span><br />
<span style="font-size: large;"><br /></span>
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;"><span style="color: red;">pi@hack</span>: $ iwlist wlan0 scan
</pre>
</div>
<br />
<span style="font-size: large;">A nice and short output to display all APs in the neighborhood is produced by 'nmcli dev wifi list'.</span><br />
<span style="font-size: large;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRl74DRY9o3hWmv01RiSfsaMol75QZR2tfQs7YUMyq-9VZZ9gAAqTNiFOHJf_OgHYAvyVLW6oVI0XYiiiuJXgTeaQ8Y6NZxHRVdw2-wNNrOniv0WYsQX9VsGLxZqgPemyEpmN_jSj-YyQ/s1600/nmcli-dev-wifi-list.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="175" data-original-width="1160" height="96" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhRl74DRY9o3hWmv01RiSfsaMol75QZR2tfQs7YUMyq-9VZZ9gAAqTNiFOHJf_OgHYAvyVLW6oVI0XYiiiuJXgTeaQ8Y6NZxHRVdw2-wNNrOniv0WYsQX9VsGLxZqgPemyEpmN_jSj-YyQ/s640/nmcli-dev-wifi-list.png" width="640" /></a></div>
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">SSIDs have been hidden here. I don't want to disclose my and my neighbor's APs.</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">Now, let's hook up the wlan0 interface to my home network. As of now, the interface looks like this in ifconfig output:</span><br />
<span style="font-size: large;"><br /></span>
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;"><span style="color: red;">pi@hack</span>: $ /sbin/ifconfig wlan0
wlan0: flags=4099<up> mtu 1500
ether d6:a5:6b:d9:b6:15 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
</up></pre>
</div>
<br />
<span style="font-size: large;">The command that is going to connect to my WiFi access point goes like this:</span><br />
<span style="font-size: large;"></span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;"><span style="color: red;">pi@hack</span>: $ sudo nmcli device wifi connect SSID-Of-My-AP password My-Password
</pre>
</div>
<br />
<span style="font-size: large;">Now, I can see that the adapter is working: </span><br />
<span style="font-size: large;"></span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">pi@hack: $ sudo ifconfig wlan0
wlan0: flags=4163<up> mtu 1500
<span style="background-color: yellow;">inet 192.168.0.28 netmask 255.255.255.0 broadcast 192.168.0.255</span>
inet6 fd34:b1bb:c269:0:31b2:adf2:7740:ea48 prefixlen 64 scopeid 0x0<global>
inet6 fe80::7c9e:84a4:2c7b:4104 prefixlen 64 scopeid 0x20<link></link>
ether e8:4e:06:0d:d6:98 txqueuelen 1000 (Ethernet)
<span style="background-color: yellow;">RX packets 36 bytes 8072 (7.8 KiB)</span>
RX errors 0 dropped 0 overruns 0 frame 0
<span style="background-color: yellow;">TX packets 20 bytes 3110 (3.0 KiB)</span>
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
pi@hack: $
</global></up></pre>
</div>
<br />
<span style="font-size: large;">I am off to a good start to explore how WiFi can be hacked.</span>Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-31187506843771385622020-07-18T09:02:00.001+01:002020-10-14T16:35:52.034+01:00Building iBGP Peering<div style="text-align: center;">
<span style="font-size: x-large;">Previous | <a href="https://ciscoiseasy.blogspot.com/2020/07/cisco-next-step.html">Cisco</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/ibgp-neighbor-address.html">Next</a></span></div>
<div>
<br /></div>
<hr />
<br />
<h3>
Key points</h3>
<br />
<div style="line-height: 100%; margin-bottom: 0cm;">
BGP Protocol does
not discover the neighboring routers running BGP (Peers).
Administrator statically defines neighbor IP addresses for the BGP
protocol to establish connection.
</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
It uses TCP for
transportation with destination port 179 (performs 3-way handshake)</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
Since BGP protocol
uses TCP for transportation, the routers rely on IGP
(OSPF/EIGRP/ISIS) to reach each other.</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
In an unlikely case
both BGP peers initiated TCP session at exact same time, only the
session originated by the higher BGP Router-ID is maintained. The
other TCP session will be dropped.</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
An iBGP Peering
(Internal BGP Peering) is built when the routers share the same AS
number (Autonomous System number) which has certain consequences in
relation to BGP operation.
</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
If the routers
forming BGP session do not share the same AS, they establish eBGP
(External BGP) peering). There are some important differences between
iBGP and eBGP operation (more on that in future labs).</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
Router allows only
one AS to be configured.</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
BGP Router ID is
chosen in the following order (the same as OSPF selection process):</div>
<ol>
<li>
<div align="left" style="line-height: 100%; margin-bottom: 0cm;">
Prefer,
manually assigned Router ID.</div>
</li>
<li>
<div align="left" style="line-height: 100%; margin-bottom: 0cm;">
If
there is no manually assigned Router ID, use the highest IP address
of configured Loopback interface.</div>
</li>
<li>
<div align="left" style="line-height: 100%; margin-bottom: 0cm;">
If
there is no manually configured Router ID, and no Loopback with
configured IP address, use the highest IP address found on the
physical interface.</div>
</li>
</ol>
<br />
<h3>
Lab Topology</h3>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgunaNTDHx3Z_ST4rfezV8xrY2iM2SAI3_KJPzoS5CP58R64kBn_-YKIeUBM6z4iH5N1pDC-YKry2CagbwtDzgqN7hRckD6Cgryo6tEKpBn0Oll7F40P5ZpmtZAWwCWR7zfZc3OMFOAliI/s1600/03-1_Topology.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="262" data-original-width="295" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgunaNTDHx3Z_ST4rfezV8xrY2iM2SAI3_KJPzoS5CP58R64kBn_-YKIeUBM6z4iH5N1pDC-YKry2CagbwtDzgqN7hRckD6Cgryo6tEKpBn0Oll7F40P5ZpmtZAWwCWR7zfZc3OMFOAliI/s1600/03-1_Topology.png" /></a></div>
<br />
<br />
<div style="line-height: 100%; margin-bottom: 0cm;">
Here’s the R1 BGP
configuration:</div>
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#conf t
R1(config)#router bgp 65100
R1(config-router)#bgp router-id 10.1.1.1
R1(config-router)#neighbor 172.16.14.4 remote-as 65100
R1(config-router)#end
R1#
</pre>
</div>
<br />
<br />
<div style="line-height: 100%; margin-bottom: 0cm;">
In English this
would, more or less, mean this:</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br />
Enter the
global confiugation mode (<b>conf t</b>).</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
Start BGP process
with AS number 65100 (<b>router bgp 65100</b>).</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
Manually assign BGP
router id to be 10.1.1.1 (<b>bgp router-id 10.1.1.1</b>). </div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
Initiate iBGP
session to the IP address 172.16.14.4 (<b>neighbor 172.16.14.4
remote-as 65100</b>)</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
Get back to
privileged mode (<b>end</b>).</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
What happens now
with ‘neighbor 172.16.14.4 remote-as 65100’ statement, is that R1 is
going to perform a routing table lookup trying to determine if it
knows how to reach the neighbor. It does know the path to the
neighbor as shown below:</div>
<br />
<div>
<pre style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R1#<span style="color: blue;">show ip route 172.16.14.4</span>
Routing entry for 172.16.14.0/24
<span style="background-color: yellow;">Known via "connected"</span>, distance 0, metric 0 (connected, via interface)
Routing Descriptor Blocks:
<span style="background-color: yellow;">* directly connected, via Ethernet0/0.14</span>
Route metric is 0, traffic share count is 1
R1#
</pre>
</div>
<br />
<div style="line-height: 100%; margin-bottom: 0cm;">
<style type="text/css">
p { margin-bottom: 0.25cm; line-height: 120% }</style>Since this is a lab
not a production equipment I can use all sorts of methods to inspect
what’s happening behind the curtain. Let’s take a sneak peek
using ‘debug ip tcp transactions’ enabled on both R1 and R4.</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<b>R1 Debug Output:</b></div>
<br />
<div>
<pre style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">
R1#<span style="color: blue;">debug ip tcp transactions</span>
TCP special event debugging is on
R1#
<span style="background-color: yellow;">TCBF316C348 created</span>
TCBF316C348 setting property TCP_VRFTABLEID (20) F3ED29DC
TCBF316C348 setting property TCP_MD5KEY (4) 0
TCBF316C348 setting property TCP_ACK_RATE (37) F31765E8
TCBF316C348 setting property TCP_TOS (11) F3176604
TCBF316C348 setting property TCP_PMTU (45) F3176590
TCBF316C348 setting property TCP_IN_TTL (34) F31765A4
TCBF316C348 setting property TCP_OUT_TTL (35) F31765A4
TCBF316C348 setting property TCP_OUT_TTL (35) F3ED2BF2
TCBF316C348 setting property TCP_RTRANSTMO (36) F31765E4
<span style="background-color: yellow;">TCP: Random local port generated 44659</span>, network 1
<span style="background-color: yellow;">TCBF316C348 bound to 172.16.14.1.44659</span>
Reserved port 44659 in Transport Port Agent for TCP IP type 1
R1#
<span style="background-color: yellow;">TCP: sending SYN, seq 2088596354, ack 0</span>
TCP0: Connection to 172.16.14.4:179, advertising MSS 1460
<span style="background-color: yellow;">TCP0: state was CLOSED → SYNSENT [44659 → 172.16.14.4(179)]</span>
Released port 44659 in Transport Port Agent for TCP IP type 1 delay 240000
TCP0: state was SYNSENT CLOSED [44659 172.16.14.4(179)]
TCP0: bad seg from 172.16.14.4 -- closing connection: port 44659 seq 0 ack 2088596355 rcvnxt 0 rcvwnd 0 len 0
<span style="background-color: yellow;">TCP0: connection closed - remote sent RST</span>
TCB 0xF316C348 destroyed
R1#<span style="color: blue;">u all</span>
All possible debugging has been turned off
</pre>
</div>
<br />
<div style="line-height: 100%; margin-bottom: 0cm;">
<style type="text/css">
p { margin-bottom: 0.25cm; line-height: 120% }</style>TCP block is created
and bound to local IP 172.16.14.1, TCP source port 44659 is randomly
chosen.</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
The source IP
172.16.14.1 is going to be used to communicate with the neighbor (IP
address of the outgoing interface towards 172.16.14.4 -
Ethernet0/0.14).</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
R1 is using TCP
trying to establish session <b>src: 172.16.14.1:44659 dst:
172.16.14.4:179</b>.</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
This attempt fails
due to TCP RST sent by 172.16.14.4. The reason RST is sen is that R4
has the port 179 currently closed. R4 BGP configuration is missing.
TCP Control Block is destroyed. And shortly R1 is going to repeat the
same process in an endless loop.</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
Let’s configure R4
to complete iBGP session with R1.</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
R4 - BGP
Configuration:</div>
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">
router bgp 65104
bgp router-id 10.4.4.4
neighbor 172.16.14.1 remote-as 65104
</pre>
</div>
<br />
<div style="line-height: 100%; margin-bottom: 0cm;">
</div>
Now, with proper BGP
configuration on both devices, R1 shows the following output in the debug:
<br />
<div>
<pre style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">
R1#<span style="color: blue;">debug ip tcp transactions </span>
TCP special event debugging is on
R1#
<span style="background-color: yellow;">TCBF316C998 created</span>
TCBF316C998 setting property TCP_VRFTABLEID (20) F3ED29DC
TCBF316C998 setting property TCP_MD5KEY (4) 0
TCBF316C998 setting property TCP_ACK_RATE (37) F3F83DA0
TCBF316C998 setting property TCP_TOS (11) F3F83DBC
TCBF316C998 setting property TCP_PMTU (45) F3F83D48
TCBF316C998 setting property TCP_RTRANSTMO (36) F3F83D9C
<span style="background-color: yellow;">TCP: Random local port generated 24819</span>, network 1
<span style="background-color: yellow;">TCBF316C998 bound to 172.16.14.1.24819</span>
Reserved port 24819 in Transport Port Agent for TCP IP type 1
<span style="background-color: yellow;">TCP: sending SYN, seq 3941922061, ack 0</span>
TCP0: Connection to 172.16.14.4:179, advertising MSS 1460
<span style="background-color: yellow;">TCP0: state was CLOSED → SYNSENT [24819 </span><span style="background-color: yellow;"><span style="background-color: yellow;">→</span> 172.16.14.4(179)]
TCP0: state was SYNSENT </span><span style="background-color: yellow;"><span style="background-color: yellow;">→</span> ESTAB [24819 </span><span style="background-color: yellow;"><span style="background-color: yellow;">→</span> 172.16.14.4(179)]</span>
TCP: tcb F316C998 connection to 172.16.14.4:179, peer MSS 1460, MSS is 1460
<span style="background-color: yellow;">TCBF316C998 connected to 172.16.14.4.179</span>
TCBF316C998 setting property TCP_NO_DELAY (0) F3F83D9C
TCBF316C998 setting property TCP_RTRANSTMO (36) F3F83D9C
R1#
<span style="background-color: yellow;">%BGP-5-ADJCHANGE: neighbor 172.16.14.4 Up</span>
R1#<span style="color: blue;">u all</span>
All possible debugging has been turned off
</pre>
</div>
<br />
And below is R4 output. Both are self-explanatory<br />
<br />
<div>
<pre style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4#<span style="color: blue;">debug ip tcp transactions</span>
TCP special event debugging is on
R4#
TCBF31AB410 created
TCBF31AB410 setting property TCP_PMTU (45) F31764C8
TCBF31AB410 setting property TCP_TOS (11) F31764F0
TCBF31AB410 setting property TCP_VRFTABLEID (20) F31AB0D4
TCBF31AB410 bound to 0.0.0.0.179
TCBF31AB410 setting property TCP_ACCESS_CHECK (5) 8F076F8
TCBF31AB410 setting property TCP_MD5KEY (4) 0
Reserved port 179 in Transport Port Agent for TCP IP type 1
TCBF31AB410 listening with queue 1
<span style="background-color: yellow;">TCBF31C6948 created
TCP0: state was LISTEN → SYNRCVD [179 → 172.16.14.1(24819)]
TCP: tcb F31C6948 connection to 172.16.14.1:24819, peer MSS 1460, MSS is 516
TCP: sending SYN, seq 991876611, ack 3941922062</span>
TCP0: Connection to 172.16.14.1:24819, advertising MSS 1460
<span style="background-color: yellow;">TCP0: state was SYNRCVD → ESTAB [179 → 172.16.14.1(24819)]
TCBF31AB410 accepting F31C6948 from 172.16.14.1.24819</span>
TCBF31C6948 setting property TCP_VRFTABLEID (20) F31AB0D4
TCBF31C6948 setting property TCP_PMTU (45) F3F0A150
TCBF31C6948 setting property TCP_NO_DELAY (0) F3F0A178
TCBF31C6948 setting property TCP_ACK_RATE (37) F3F0A180
TCBF31C6948 setting property TCP_RTRANSTMO (36) F3F0A178
<span style="background-color: yellow;">%BGP-5-ADJCHANGE: neighbor 172.16.14.1 Up</span>
R4#
TCP0: ACK timeout timer expired
R4#<span style="color: blue;">u all</span>
All possible debugging has been turned off
</pre>
</div>
<br />
<br />
<div style="line-height: 100%; margin-bottom: 0cm;">
Another lab trick
(do not attempt to use such debugs on the production equipment as
they may crash), is to use ‘debug ip packet detail’ to see that
exchange.</div>
<br />
Here it is on R4:<br />
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">R4(config)#access-list 100 permit tcp any host 172.16.14.1
R4(config)#access-list 100 permit tcp host 172.16.14.1 any
R4(config)#router bgp 65104
R4(config-router)#no neighbor 172.16.14.1
R4(config-router)#do debug ip packet detail 100
R4(config-router)#neighbor 172.16.14.1 remote-as 65104
R4(config-router)#end
R4#
</pre>
</div>
<br />
<br />
<div style="line-height: 100%; margin-bottom: 0cm;">
This produces rather
large output. But here is the gist:</div>
<br />
<br />
<div>
<pre style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">
R4#
<span style="background-color: yellow;">FIBipv4-packet-proc: route packet from (local) src 172.16.14.4 dst 172.16.14.1</span>
FIBfwd-proc: packet routed by adj to Ethernet0/0.14 172.16.14.1
<span style="background-color: yellow;">FIBipv4-packet-proc: packet routing succeeded</span>
IP: <span style="background-color: yellow;">s=172.16.14.4</span> (local), <span style="background-color: yellow;">d=172.16.14.1</span> (<span style="background-color: yellow;">Ethernet0/0.14</span>), len 44, sending
TCP src=35036, dst=179, seq=3608906138, ack=0, win=16384 <span style="background-color: yellow;">SYN</span>
IP: s=172.16.14.4 (local), d=172.16.14.1 (Ethernet0/0.14), len 44, sending full packet
TCP src=35036, dst=179, seq=3608906138, ack=0, win=16384 SYN
IP: <span style="background-color: yellow;">s=172.16.14.1</span> (Ethernet0/0.14), <span style="background-color: yellow;">d=172.16.14.4</span>, len 44, rcvd 0
TCP src=179, dst=35036, seq=2263598807, ack=3608906139, win=16384 <span style="background-color: yellow;">ACK SYN</span>
FIBipv4-packet-proc: route packet from (local) src 172.16.14.4 dst 172.16.14.1
FIBfwd-proc: packet routed by adj to Ethernet0/0.14 172.16.14.1
FIBipv4-packet-proc: packet routing succeeded
IP: <span style="background-color: yellow;">s=172.16.14.4</span> (local), <span style="background-color: yellow;">d=172.16.14.1</span> (Ethernet0/0.14), len 40, sending
TCP src=35036, dst=179, seq=3608906139, ack=2263598808, win=16384 <span style="background-color: yellow;">ACK</span>
</pre>
</div>
<br />
<style type="text/css">
p { margin-bottom: 0.25cm; line-height: 120% }</style>
<br />
<div style="line-height: 100%; margin-bottom: 0cm;">
The take away from
this TCP 3-way exchange is that R4 becomes a client, R1 is a server,
and the TCP session has been established.</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
Here is the proof:</div>
<br />
<div>
<pre style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">
R4#show tcp brief
TCB Local Address Foreign Address (state)
F31F82F0 <span style="background-color: yellow;">172.16.14.4.35036 172.16.14.1.179 ESTAB</span>
R4#
R4#show ip bgp neighbor 172.16.14.1
BGP neighbor is 172.16.14.1, remote AS 65104, <span style="background-color: yellow;">internal link</span>
BGP version 4, remote router ID 10.1.1.1
<span style="background-color: yellow;">BGP state = Established</span>, up for 00:11:43
[snip]
<span style="background-color: yellow;">Local host: 172.16.14.4, Local port: 35036
Foreign host: 172.16.14.1, Foreign port: 179</span>
[snip]
</pre>
</div>
<br />
<div style="line-height: 100%; margin-bottom: 0cm;">
<br />
<div style="line-height: 100%; margin-bottom: 0cm;">
The ‘<b>internal
link</b>’ means it is an iBGP sessions. Both R1 and R4 share the
same AS number 65104.</div>
<div style="line-height: 100%; margin-bottom: 0cm;">
<br /></div>
<div style="line-height: 100%; margin-bottom: 0cm;">
In the following
output, notice two things:</div>
<ul>
<li>
<div style="line-height: 100%; margin-bottom: 0cm;">
State shows
nothing (it means it is established)</div>
</li>
<li>
<div style="line-height: 100%; margin-bottom: 0cm;">
PfxRcd
(prefixes received) is 0</div>
</li>
</ul>
</div>
<br />
<div>
<pre style="background: rgb(255, 255, 255) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">
R4#<span style="color: blue;">show ip bgp summary</span>
BGP router identifier 10.4.4.4, local AS number 65104
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.16.14.1 4 65104 23 23 1 0 0 00:16:56 <span style="background-color: yellow;"> </span> <span style="background-color: yellow;">0</span>
R4#
</pre>
</div>
<br />
<div style="line-height: 100%; margin-bottom: 0cm;">
<style type="text/css">
p { margin-bottom: 0.25cm; line-height: 120% }</style></div>
<style type="text/css">
p { margin-bottom: 0.25cm; line-height: 120% }</style>
<br />
<div style="line-height: 100%; margin-bottom: 0cm;">
<span style="font-family: "liberation" serif , serif;"><span style="font-size: small;">Unlike
IGP routing protocols (OSPF/ISIS/EIGRP/RIP), BGP does not advertise
any network prefixes. They will need to be advertised manually by the
admin. </span></span>
</div>
<style type="text/css">
p { margin-bottom: 0.25cm; line-height: 120% }</style><br />
<style type="text/css">
p { margin-bottom: 0.25cm; line-height: 120% }</style>Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-72005314544367363902020-07-12T09:35:00.002+01:002020-07-19T15:19:08.222+01:00ip-geo-location<div style="text-align: center;">
<span style="font-size: x-large;">Previous | <a href="https://ciscoiseasy.blogspot.com/2020/07/linux-next-step.html">Linux</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/connecting-kali-linux-to-wifi-network.html">Next</a></span></div>
<div>
<br /></div>
<hr />
<br />
<div>
<span style="font-size: large;">In my work I often need to block particular IP addresses on the firewall. Those are typically some attackers who try to either scan for network vulnerability or just attack some resources.</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">I am usually curious where these attacks are coming from. There are plenty of resources out there that help geo-locating IP addresses. One of them is</span><br />
<span style="font-size: large;"><br /></span>
<a href="https://www.geolocation.com/"><span style="font-size: large;">https://www.geolocation.com/</span></a><br />
<br />
<br />
<span style="font-size: large;">For instance, if I wanted to find out the location of one of Microsoft Name Server:</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">40.90.4.205</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">I could go to the website and type and get the results like that:</span><br />
<span style="font-size: large;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcBFVDJ7fma8lXI8ZplIQxVQfn4s2VxoPm7c_uPy5sNCsJjolBZOeFX9cS193ND1Cf6OvDVLqWhO_0y222Tf-6I70deymYrNOhd-FFPB6LzDPWG-M78Z6q-b34yhvE5LaHY_92_KbOMgw/s1600/ip-geolocaton1png.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="303" data-original-width="423" height="286" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcBFVDJ7fma8lXI8ZplIQxVQfn4s2VxoPm7c_uPy5sNCsJjolBZOeFX9cS193ND1Cf6OvDVLqWhO_0y222Tf-6I70deymYrNOhd-FFPB6LzDPWG-M78Z6q-b34yhvE5LaHY_92_KbOMgw/s400/ip-geolocaton1png.png" width="400" /></a></div>
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">But when I hit enter, the url field shows the exact query sent to their server. </span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtPC6iNJi_Y-UnNk6NUBHucY3FoM9OLtCVgnWclkGNfyuAxBgDtyLY3MUUcQzzt2bJVPQD2kA5NDs2eKgJun-XNQbSLZ9cvPAtqthIL4_BBeu57flWhKWYfm1vjQZhk66YOQN-eJoO6ks/s1600/ip-geolocaton2png.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="281" data-original-width="541" height="207" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtPC6iNJi_Y-UnNk6NUBHucY3FoM9OLtCVgnWclkGNfyuAxBgDtyLY3MUUcQzzt2bJVPQD2kA5NDs2eKgJun-XNQbSLZ9cvPAtqthIL4_BBeu57flWhKWYfm1vjQZhk66YOQN-eJoO6ks/s400/ip-geolocaton2png.png" width="400" /></a></div>
<br />
<span style="font-size: large;"> The query looks like this:</span><br />
<br />
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); color: black; font-family: "courier"; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;"><span style="font-size: small;">https://www.geolocation.com/?ip=40.90.4.205#ipresult</span></pre>
</div>
<br />
<br />
<span style="font-size: large;">And that can be easily automated in Bash.</span><br />
<br />
<span style="font-size: large;">The best way is to use an example. Let's say I want to find the location of Microsoft NS servers. </span><br />
<br />
<b><span style="font-size: large;">Step 1 - Obtain IP addresses</span></b><span style="font-size: large;"> </span><br />
<br />
<br />
<div>
<pre style="background: rgb(255, 224, 204) none repeat scroll 0% 0%; border: 1px solid rgb(255, 102, 0); font-family: "courier"; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;"><span style="font-size: small;">jr@rat $ host -t ns microsoft.com
microsoft.com name server ns3-205.azure-dns.org.
microsoft.com name server ns1-205.azure-dns.com.
microsoft.com name server ns4-205.azure-dns.info.
microsoft.com name server ns2-205.azure-dns.net.
jr@rat $</span></pre>
</div>
<br />
<span style="font-size: large;">Okay. Not exactly what I want is it? Let's 'cut' the output and get just the name of the servers:</span><br />
<br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;"><span style="font-size: small;">jr@rat $ host -t ns microsoft.com | cut -d " " -f4 > microsoft-ns.txt
jr@rat $ cat microsoft-ns.txt
ns3-205.azure-dns.org.
ns1-205.azure-dns.com.
ns4-205.azure-dns.info.
ns2-205.azure-dns.net.
jr@rat $</span></pre>
</div>
<br />
<span style="font-size: large;">Better. But I need IPs rather than names.</span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;"><span style="font-size: small;">jr@rat $ while read ip; do host $ip; done < microsoft-ns.txt
ns3-205.azure-dns.org has address 13.107.24.205
ns3-205.azure-dns.org has IPv6 address 2a01:111:4000::cd
ns1-205.azure-dns.com has address 40.90.4.205
ns1-205.azure-dns.com has IPv6 address 2603:1061::cd
ns4-205.azure-dns.info has address 13.107.160.205
ns4-205.azure-dns.info has IPv6 address 2620:1ec:bda::cd
ns2-205.azure-dns.net has address 64.4.48.205
ns2-205.azure-dns.net has IPv6 address 2620:1ec:8ec::cd
jr@rat $ </span></pre>
</div>
<br />
<span style="font-size: large;">Well, I'd rather have IPv4 addresses only. One more shot at this: </span><br />
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">jr@rat $ while read ip; do host $ip | grep "has address" | cut -d " " -f4; done < microsoft-ns.txt > ip.txt
jr@rat $ cat ip.txt
13.107.24.205
40.90.4.205
13.107.160.205
64.4.48.205
jr@rat $</pre>
</div>
<br />
<span style="font-size: large;">With this ip.txt file and only IP addresses in it, I can proceed to step 2.</span></div>
<div>
</div>
<div>
<span style="font-size: large;">
<br />
<b>Step 2 - Use IP Geolocation Server</b></span></div>
<br />
<div>
</div>
<div>
<span style="font-size: large;">So, the script could look like this:<b> </b></span></div>
<div>
<span style="font-size: large;"></span></div>
<div>
<span style="font-size: large;"><span style="font-size: large;"></span></span></div>
<div>
<span style="font-size: large;"><span style="font-size: large;"></span></span></div>
<div>
<span style="font-size: large;"><span style="font-size: large;"></span></span></div>
<div>
<span style="font-size: large;"><span style="font-size: large;"></span></span></div>
<div>
<span style="font-size: large;"><span style="font-size: large;"></span></span></div>
<div>
<span style="font-size: large;"><span style="font-size: large;"></span></span></div>
<div>
<span style="font-size: large;"><span style="font-size: large;"></span></span></div>
<div>
<span style="font-size: large;"><span style="font-size: large;"></span></span></div>
<div>
<span style="font-size: large;"><span style="font-size: large;"></span></span></div>
<div>
<span style="font-size: large;"><span style="font-size: large;"></span></span></div>
<div>
<span style="font-size: large;"><span style="font-size: large;"><br /></span></span>
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">jr@rat $ while read ip; do host $ip | grep "has address" | cut -d " " -f4; done < microsoft-ns.txt > ip.txt
jr@rat $ cat ip.txt
13.107.24.205
40.90.4.205
13.107.160.205
64.4.48.205
jr@rat $</pre>
</div>
<br />
<br />
<div>
<span style="font-size: large;">The last line will fire up the web browser and get me the information I wanted:<b> </b></span></div>
<span style="font-size: large;"><span style="font-size: large;"><br /></span></span>
<br />
<div>
<pre style="background: #ffe0cc; border: 1px solid #ff6600; color: black; font-family: "courier"; font-size: 14px; height: auto; line-height: 16px; overflow: auto; padding: 10px; text-align: left; width: 95%;">jr@rat $ firefox &
jr@rat $ while read ip; do firefox -new-tab https://www.geolocation.com/?ip=$ip#ipresult;done < ip.txt
jr@rat $</pre>
</div>
<br />
<span style="font-size: large;">In Bash it is very easy to automate those boring tasks. </span><br />
<br /></div>
Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-39570043274035304852020-07-12T07:53:00.001+01:002020-07-27T09:21:40.183+01:00Networking Next Step<div style="text-align: center;">
<span style="font-size: x-large;"><a href="https://ciscoiseasy.blogspot.com/">Home</a> | Next Step | <a href="https://ciscoiseasy.blogspot.com/2020/07/cisco-next-step.html">Cisco</a> | <a href="https://ciscoiseasy.blogspot.com/2020/07/linux-next-step.html">Linux</a></span></div>
<hr />
<br />
<span style="font-size: large;"><a href="https://ciscoiseasy.blogspot.com/2020/07/building-ibgp-peering.html">>> First Lab Here</a> </span><br />
<br />
<span style="font-size: large;">In order to hone skills the playground is necessary.</span><br />
<div>
<span style="font-size: large;"><br /></span></div>
<div>
<span style="font-size: large;">First, I need a lab to work on. So, here is this virtual environment, a bit buggy as well but hey, that's all I have for now :)</span></div>
<div>
<span style="font-size: large;"><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEildTMwy2R9w9bRpnj6G2aUKweS7fJErY0ZNN3P4eS5OQ8pgTA9ojS0kgU5nxycs3hqLRrmKUy-AmKffVK7chmKqnKzUJl3ABO_PW6k8sNmurOBSfi6HKtnHnu-REYPIiBXH4XpnPuKOKc/s1600/next-step-topology-addressing.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1126" data-original-width="1600" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEildTMwy2R9w9bRpnj6G2aUKweS7fJErY0ZNN3P4eS5OQ8pgTA9ojS0kgU5nxycs3hqLRrmKUy-AmKffVK7chmKqnKzUJl3ABO_PW6k8sNmurOBSfi6HKtnHnu-REYPIiBXH4XpnPuKOKc/s400/next-step-topology-addressing.png" width="400" /></a></div>
<span style="font-size: large;"><br /></span></div>
<div>
</div>
<div>
<span style="font-size: large;"><br /></span></div>
<div>
<span style="font-size: large;">The switches are connected as follows:</span></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh58wi2lpcznO75bZc2TVOxO6h69JoFeM2rcpDOSD6opN6n3bPBtEZ_Bm2SsAFxppWQJJLAIlQU96I2CvhyphenhyphenF2hg5NuQpjxOvkfF-wojkSb1Ksw53emtfmh875ScErZXSW40ByBm580Uxwyu/s1327/01.02.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="873" data-original-width="1327" height="330" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh58wi2lpcznO75bZc2TVOxO6h69JoFeM2rcpDOSD6opN6n3bPBtEZ_Bm2SsAFxppWQJJLAIlQU96I2CvhyphenhyphenF2hg5NuQpjxOvkfF-wojkSb1Ksw53emtfmh875ScErZXSW40ByBm580Uxwyu/w500-h330/01.02.png" width="500" /></a></div>
<span style="font-size: large;"><br /></span></div>
<div>
<span style="font-size: large;"><br /></span></div>
<div>
<span style="font-size: large;"><a href="https://drive.google.com/file/d/1i5mDOta-XtowqmX5_RFeJ3jsF3A-ugez/view?usp=sharing">Here</a> is the initial configuration of all devices.</span></div>
<div>
<span style="font-size: large;"><br /></span></div>
<div>
<span style="font-size: large;">And <a href="https://drive.google.com/file/d/1qEWrR1LyXndOgh1va_dPahhL9oB0vwqj/view?usp=sharing">here</a> is the '<b>show cdp neighbors</b>' output.</span></div>
<div>
<br />
<span style="font-size: large;">Also, there are two Raspberry PIs (love 'em), two laptops and one very, very old Dell Optiplex 745 desktop. </span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">All computers run Linux. It looks like I have more than enough to have techno-fun :)</span><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">I am ready to rock'n'roll then.</span></div>
Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-5359664333501171972020-04-12T11:20:00.000+01:002020-04-22T10:26:02.865+01:00Cisco Next Step<br />
<h2 style="text-align: center;">
Previous | Cisco Next Step | Next</h2>
<br />
<br />
<span style="font-size: x-small;">Return to <a href="https://ciscoiseasy.blogspot.com/">Cisco Basics</a> (CCNA level)</span><br />
<span style="font-size: x-small;">Return to <a href="https://hackingcisco.blogspot.com/">Hackingcisco</a> (miscellaneous labs)</span><br />
<br />
Building Routing and Switching Playground<br />
<br />
I love discovering how stuff works. I love tinkering with computers and cars in particular. This one here, is about Cisco network devices, which are a form of specialized computers. I <br />
<br />
I have this virtual lab I can try to put in good use. The following physical topology can be used to create an unlimited variations of L2/L3 labs.<br />
<br />
<b>LAB - LAYER 1 Topology</b> <br />
<br />
<span style="font-size: x-small;"><span style="font-family: "courier new" , "courier" , monospace;"><span style="color: orange;">*********************** Router 1 Physical Connections ***********************</span><br />R1#show cdp neighbors <br />Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge<br /> S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, <br /> D - Remote, C - CVTA, M - Two-port Mac Relay <br /><br />Device ID Local Intrfce Holdtme Capability Platform Port ID<br />SW4 Eth 0/3 167 R S Linux Uni Eth 0/0<br />SW1 Eth 0/0 164 R S Linux Uni Eth 0/0<br />SW2 Eth 0/1 165 R S Linux Uni Eth 0/0<br />SW3 Eth 0/2 166 R S Linux Uni Eth 0/0<br /><br /><br /><span style="color: orange;">*********************** Router 2 Physical Connections ***********************</span><br /><br />R2#show cdp neighbors<br />Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge<br /> S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, <br /> D - Remote, C - CVTA, M - Two-port Mac Relay <br /><br />Device ID Local Intrfce Holdtme Capability Platform Port ID<br />SW4 Eth 0/3 163 R S Linux Uni Eth 0/1<br />SW1 Eth 0/0 160 R S Linux Uni Eth 0/1<br />SW2 Eth 0/1 161 R S Linux Uni Eth 0/1<br />SW3 Eth 0/2 162 R S Linux Uni Eth 0/1<br /><br /><br /><span style="color: orange;">*********************** Router 3 Physical Connections ***********************</span><br /><br />R3#show cdp neighbors <br />Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge<br /> S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, <br /> D - Remote, C - CVTA, M - Two-port Mac Relay <br /><br />Device ID Local Intrfce Holdtme Capability Platform Port ID<br />SW4 Eth 0/3 162 R S Linux Uni Eth 0/2<br />SW1 Eth 0/0 159 R S Linux Uni Eth 0/2<br />SW2 Eth 0/1 160 R S Linux Uni Eth 0/2<br />SW3 Eth 0/2 161 R S Linux Uni Eth 0/2<br />R3#<br /><br /><br /><span style="color: orange;">*********************** Router 4 Physical Connections ***********************</span><br /><br />R4#show cdp neighbors <br />Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge<br /> S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, <br /> D - Remote, C - CVTA, M - Two-port Mac Relay <br /><br />Device ID Local Intrfce Holdtme Capability Platform Port ID<br />SW4 Eth 0/3 137 R S Linux Uni Eth 0/3<br />SW1 Eth 0/0 134 R S Linux Uni Eth 0/3<br />SW2 Eth 0/1 135 R S Linux Uni Eth 0/3<br />SW3 Eth 0/2 136 R S Linux Uni Eth 0/3<br /><br /><br /><span style="color: orange;">*********************** Router 5 Physical Connections ***********************</span><br /><br />R5#show cdp neighbors <br />Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge<br /> S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, <br /> D - Remote, C - CVTA, M - Two-port Mac Relay <br /><br />Device ID Local Intrfce Holdtme Capability Platform Port ID<br />SW4 Eth 0/3 138 R S Linux Uni Eth 1/0<br />SW1 Eth 0/0 135 R S Linux Uni Eth 1/0<br />SW2 Eth 0/1 136 R S Linux Uni Eth 1/0<br />SW3 Eth 0/2 137 R S Linux Uni Eth 1/0<br /><br /><br /><span style="color: orange;">*********************** Router 6 Physical Connections ***********************</span><br /><br />R6#show cdp neighbors<br />Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge<br /> S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, <br /> D - Remote, C - CVTA, M - Two-port Mac Relay <br /><br />Device ID Local Intrfce Holdtme Capability Platform Port ID<br />SW4 Eth 0/3 170 R S Linux Uni Eth 1/1<br />SW1 Eth 0/0 167 R S Linux Uni Eth 1/1<br />SW2 Eth 0/1 168 R S Linux Uni Eth 1/1<br />SW3 Eth 0/2 169 R S Linux Uni Eth 1/1<br /><br /><br /><span style="color: orange;">*********************** Router 7 Physical Connections ***********************</span><br /><br />R7#show cdp neighbors <br />Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge<br /> S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, <br /> D - Remote, C - CVTA, M - Two-port Mac Relay <br /><br />Device ID Local Intrfce Holdtme Capability Platform Port ID<br />SW4 Eth 0/3 137 R S Linux Uni Eth 1/2<br />SW1 Eth 0/0 134 R S Linux Uni Eth 1/2<br />SW2 Eth 0/1 135 R S Linux Uni Eth 1/2<br />SW3 Eth 0/2 136 R S Linux Uni Eth 1/2<br /><br /><br /><span style="color: orange;">*********************** Router 8 Physical Connections ***********************</span><br />R8#show cdp neighbors<br />Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge<br /> S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, <br /> D - Remote, C - CVTA, M - Two-port Mac Relay <br /><br />Device ID Local Intrfce Holdtme Capability Platform Port ID<br />SW4 Eth 0/3 141 R S Linux Uni Eth 1/3<br />SW1 Eth 0/0 138 R S Linux Uni Eth 1/3<br />SW2 Eth 0/1 139 R S Linux Uni Eth 1/3<br />SW3 Eth 0/2 140 R S Linux Uni Eth 1/3<br /><br /><br /><span style="color: orange;">*********************** Router 9 Physical Connections ***********************</span><br />R9#show cdp neighbors<br />Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge<br /> S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, <br /> D - Remote, C - CVTA, M - Two-port Mac Relay <br /><br />Device ID Local Intrfce Holdtme Capability Platform Port ID<br />SW4 Eth 0/3 151 R S Linux Uni Eth 2/0<br />SW1 Eth 0/0 148 R S Linux Uni Eth 2/0<br />SW2 Eth 0/1 149 R S Linux Uni Eth 2/0<br />SW3 Eth 0/2 150 R S Linux Uni Eth 2/0<br /><br /><br /><span style="color: orange;">*********************** Switch 1 Physical Connections ***********************</span><br /><br />SW1#show cdp neighbors <br />Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge<br /> S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, <br /> D - Remote, C - CVTA, M - Two-port Mac Relay <br /><br />Device ID Local Intrfce Holdtme Capability Platform Port ID<br />SW4 Eth 5/0 155 R S Linux Uni Eth 5/0<br />SW4 Eth 5/1 155 R S Linux Uni Eth 5/1<br />SW2 Eth 4/0 153 R S Linux Uni Eth 4/0<br />SW2 Eth 4/1 153 R S Linux Uni Eth 4/1<br />SW3 Eth 4/2 154 R S Linux Uni Eth 4/2<br />SW3 Eth 4/3 154 R S Linux Uni Eth 4/3<br />R2 Eth 0/1 154 R Linux Uni Eth 0/0<br />R3 Eth 0/2 150 R Linux Uni Eth 0/0<br />R1 Eth 0/0 151 R Linux Uni Eth 0/0<br />R6 Eth 1/1 176 R Linux Uni Eth 0/0<br />R7 Eth 1/2 170 R Linux Uni Eth 0/0<br />R4 Eth 0/3 154 R Linux Uni Eth 0/0<br />R5 Eth 1/0 161 R Linux Uni Eth 0/0<br />R8 Eth 1/3 172 R Linux Uni Eth 0/0<br />R9 Eth 2/0 166 R Linux Uni Eth 0/0<br /><br /><br /><span style="color: orange;">*********************** Switch 2 Physical Connections ***********************</span><br /><br />SW2#show cdp neighbors<br />Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge<br /> S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, <br /> D - Remote, C - CVTA, M - Two-port Mac Relay <br /><br />Device ID Local Intrfce Holdtme Capability Platform Port ID<br />SW4 Eth 4/2 164 R S Linux Uni Eth 4/2<br />SW4 Eth 4/3 164 R S Linux Uni Eth 4/3<br />SW1 Eth 4/0 161 R S Linux Uni Eth 4/0<br />SW1 Eth 4/1 161 R S Linux Uni Eth 4/1<br />SW3 Eth 5/1 163 R S Linux Uni Eth 5/1<br />SW3 Eth 5/0 163 R S Linux Uni Eth 5/0<br />R2 Eth 0/1 149 R Linux Uni Eth 0/1<br />R3 Eth 0/2 124 R Linux Uni Eth 0/1<br />R1 Eth 0/0 161 R Linux Uni Eth 0/1<br />R6 Eth 1/1 152 R Linux Uni Eth 0/1<br />R7 Eth 1/2 152 R Linux Uni Eth 0/1<br />R4 Eth 0/3 130 R Linux Uni Eth 0/1<br />R5 Eth 1/0 130 R Linux Uni Eth 0/1<br />R8 Eth 1/3 126 R Linux Uni Eth 0/1<br />R9 Eth 2/0 147 R Linux Uni Eth 0/1<br /><br /><br /><span style="color: orange;">*********************** Switch 3 Physical Connections ***********************</span><br /><br />SW3#show cdp neighbors<br />Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge<br /> S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, <br /> D - Remote, C - CVTA, M - Two-port Mac Relay <br /><br />Device ID Local Intrfce Holdtme Capability Platform Port ID<br />SW4 Eth 4/0 133 R S Linux Uni Eth 4/0<br />SW4 Eth 4/1 133 R S Linux Uni Eth 4/1<br />SW1 Eth 4/2 130 R S Linux Uni Eth 4/2<br />SW1 Eth 4/3 130 R S Linux Uni Eth 4/3<br />SW2 Eth 5/0 131 R S Linux Uni Eth 5/0<br />SW2 Eth 5/1 131 R S Linux Uni Eth 5/1<br />R2 Eth 0/1 165 R Linux Uni Eth 0/2<br />R3 Eth 0/2 171 R Linux Uni Eth 0/2<br />R1 Eth 0/0 163 R Linux Uni Eth 0/2<br />R6 Eth 1/1 158 R Linux Uni Eth 0/2<br />R7 Eth 1/2 131 R Linux Uni Eth 0/2<br />R4 Eth 0/3 151 R Linux Uni Eth 0/2<br />R5 Eth 1/0 160 R Linux Uni Eth 0/2<br />R8 Eth 1/3 178 R Linux Uni Eth 0/2<br />R9 Eth 2/0 178 R Linux Uni Eth 0/2<br /><br /><br /><span style="color: orange;">*********************** Switch 4 Physical Connections ***********************</span><br /><br />SW4#show cdp neighbors<br />Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge<br /> S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone, <br /> D - Remote, C - CVTA, M - Two-port Mac Relay <br /><br />Device ID Local Intrfce Holdtme Capability Platform Port ID<br />SW1 Eth 5/1 152 R S Linux Uni Eth 5/1<br />SW1 Eth 5/0 152 R S Linux Uni Eth 5/0<br />SW2 Eth 4/2 153 R S Linux Uni Eth 4/2<br />SW2 Eth 4/3 153 R S Linux Uni Eth 4/3<br />SW3 Eth 4/1 154 R S Linux Uni Eth 4/1<br />SW3 Eth 4/0 154 R S Linux Uni Eth 4/0<br />R2 Eth 0/1 150 R Linux Uni Eth 0/3<br />R3 Eth 0/2 141 R Linux Uni Eth 0/3<br />R1 Eth 0/0 147 R Linux Uni Eth 0/3<br />R6 Eth 1/1 163 R Linux Uni Eth 0/3<br />R7 Eth 1/2 135 R Linux Uni Eth 0/3<br />R4 Eth 0/3 137 R Linux Uni Eth 0/3<br />R5 Eth 1/0 164 R Linux Uni Eth 0/3<br />R8 Eth 1/3 158 R Linux Uni Eth 0/3<br />R9 Eth 2/0 149 R Linux Uni Eth 0/3</span></span><br />
<br />
We are off to a good start now.<br />
<br />
<h2 style="text-align: center;">
Previous | Cisco Next Level | <a href="https://ciscoiseasy.blogspot.com/2020/04/building-routing-and-switching.html">Next</a></h2>
Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-7249191188088534022020-04-12T11:19:00.000+01:002020-04-19T12:06:13.190+01:00Building Routing and Switching Playground<br />
<h2 style="text-align: center;">
<a href="https://ciscoiseasy.blogspot.com/2020/04/cisco-next-step.html">Previous</a> | <a href="https://ciscoiseasy.blogspot.com/2020/04/cisco-next-step.html">Cisco Next Level</a> | <a href="https://ciscoiseasy.blogspot.com/2020/04/fire-up-that-bgp.html">Next</a></h2>
<br />
<br />
<span style="font-size: x-small;">Return to <a href="https://ciscoiseasy.blogspot.com/">Cisco Basics</a> (CCNA level)</span><br />
<span style="font-size: x-small;">Return to <a href="https://hackingcisco.blogspot.com/">Hackingcisco</a> (miscellaneous labs)</span><br />
<b><br /></b>
<b>Building The Lab Topology</b><br />
<br />
So, given the <a href="https://ciscoiseasy.blogspot.com/2020/04/cisco-next-step.html">physical topology</a> here's the first topology that will be my playground:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1S5QzVYH9HqiAps1MY3QEQRdh78G5HIh36qqG_BRP1iGDNF79ZIWTVR1nuMycHx8kS4y6se-mon20VtcdeRs4zqhhgtRSHaLQA_bqWOVzfMasXhSWYgqH05FNpN069V2pECeOFu-ZYUo/s1600/next-step-topology1.2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1126" data-original-width="1600" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1S5QzVYH9HqiAps1MY3QEQRdh78G5HIh36qqG_BRP1iGDNF79ZIWTVR1nuMycHx8kS4y6se-mon20VtcdeRs4zqhhgtRSHaLQA_bqWOVzfMasXhSWYgqH05FNpN069V2pECeOFu-ZYUo/s400/next-step-topology1.2.png" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
Pic1-1: Topology (Vlans)<br />
<br />
Now, let's configure layer 2 and IP addressing and start experimenting.<br />
The physical layer (layer 1 from previous post) will be the guide on how to accomplish the above Layer3 connectivity (point-to-point for now).<br />
<br />
<br />
Initially, I wanted port-channels between the switches but guess what? Ain't working properly (buggy software). Have to settle on this switch-to-switch connectivity for now:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhi_Ir5xJeEOwn919M6EAWbnb28CyMznIIlYqHnlKGdAn04BgxnTZn6tkPQho-UMmRpWXP4u0-8S-56c3rLKTJfNYsl4ld21NFlCsAevl5LpcLNXT_nGEfxkq6IO6f7IMjyVi3vxmK2zoM/s1600/02.04.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="873" data-original-width="1327" height="210" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhi_Ir5xJeEOwn919M6EAWbnb28CyMznIIlYqHnlKGdAn04BgxnTZn6tkPQho-UMmRpWXP4u0-8S-56c3rLKTJfNYsl4ld21NFlCsAevl5LpcLNXT_nGEfxkq6IO6f7IMjyVi3vxmK2zoM/s320/02.04.png" width="320" /></a></div>
Pic. 1-2: Switch-to-switch Connectivity<br />
<br />
Finally, IP addressing and I am good to go.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTr4VGOc4T8QXZN6rI3lEMUE-J64zMnQ412Mgr14g1LMLBccS4hjlvYdB5Yenhi3PELw9ogXAuQPwkGEvpI70JBv0jieeTdGciQTXD30EGntqFgJD58Rt6xaFrpm-McPnMkfawaYB_l5Q/s1600/next-step-topology1.2-addressing.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1126" data-original-width="1600" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTr4VGOc4T8QXZN6rI3lEMUE-J64zMnQ412Mgr14g1LMLBccS4hjlvYdB5Yenhi3PELw9ogXAuQPwkGEvpI70JBv0jieeTdGciQTXD30EGntqFgJD58Rt6xaFrpm-McPnMkfawaYB_l5Q/s400/next-step-topology1.2-addressing.png" width="400" /></a></div>
<br />
<br />
Pic. 1.3: IP Addressing<br />
<br />
Also, below are the Loopback0 IP addresses of all the nodes:<br />
<br />
<pre>Loopback0 Interface IP Addresses:
R1 10.1.1.1/32
R2 10.2.2.2/32
R3 10.3.3.3/32
R4 10.4.4.4/32
R5 10.5.5.5/32
R6 10.6.6.6/32
R7 10.7.7.7/32
R8 10.8.8.8/32
R9 10.9.9.9/32
R10 10.10.10.10/32
SW1 10.11.11.11/32
SW2 10.12.12.12/32
SW3 10.13.13.13/32
SW4 10.14.14.14/32
</pre>
<br />
<a href="https://drive.google.com/open?id=1edQhAzSKHv9s4-cNFAsdK1CefBeb4UIZ">Topology 1 Initial Configuration Download</a><br />
<br />
<h2 style="text-align: center;">
<a href="https://ciscoiseasy.blogspot.com/2020/04/cisco-next-step.html">Previous</a> | <a href="https://ciscoiseasy.blogspot.com/2020/04/cisco-next-step.html">Cisco Next Level</a> | <a href="https://ciscoiseasy.blogspot.com/2020/04/fire-up-that-bgp.html">Next</a></h2>
Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-59235076104344040842019-02-18T19:09:00.000+00:002019-02-18T20:43:02.667+00:00Cisco Advanced<div style="text-align: center;">
<div style="text-align: left;">
<div style="text-align: center;">
<div style="text-align: left;">
<div style="text-align: center;">
<div style="text-align: center;">
<div style="text-align: left;">
<div style="text-align: center;">
<div style="text-align: left;">
<div style="text-align: center;">
<span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><a href="https://ciscoiseasy.blogspot.com/">CCNA Basics</a> <span style="color: orange;">|</span> Cisco Advanced</span> </span></span><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="color: orange;">|</span> </span></span></span><a href="https://ciscoiseasy.blogspot.com/2019/02/linux.html"><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;">Linux</span></span></a><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"> </span></span></span></span></span></div>
</div>
</div>
</div>
</div>
<br />
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;"><br /></span></span></span></span>
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: x-large;">Routing Protocols - BGP</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;"><br /></span></span></span></span>
<a href="https://ciscoiseasy.blogspot.com/2019/02/lab00-lab-topology.html"><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;">Lab 00 - Lab Topology</span></span></span></span></a><br />
<a href="https://ciscoiseasy.blogspot.com/2019/02/ibgp-peering.html"><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;">Lab 01 - iBGP Peering</span></span></span></span></a><br />
<a href="https://ciscoiseasy.blogspot.com/2019/02/ebgp-peering_18.html"><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;">Lab 02 - eBGP Peering</span></span></span></span></a><br />
<span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;">Lab 03 - BGP Update Source</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;"><br /></span></span></span></span></div>
</div>
</div>
</div>
</div>
</div>
Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-71807204967348667002019-02-18T19:08:00.000+00:002019-02-18T20:43:35.759+00:00EBGP Peering<!-- MAIN MENU -->
<br />
<div style="text-align: center;">
<span style="color: orange; font-family: "verdana" , sans-serif; font-size: x-large;">
<a href="https://ciscoiseasy.blogspot.com/">CCNA Basics</a> |
<a href="https://ciscoiseasy.blogspot.com/2019/02/cisco-advanced.html">Cisco Advanced</a> |
<a href="https://ciscoiseasy.blogspot.com/2019/02/linux.html">Linux</a>
</span>
</div>
<!-- END OF MAIN MENU -->
<br />
<!-- SUB MENU -->
<br />
<div style="text-align: center;">
<span style="color: #134f5c; font-family: "verdana" , sans-serif; font-size: large;">
<a href="https://ciscoiseasy.blogspot.com/2019/02/ibgp-peering.html">iBGP Peering</a> |
BGP Update Source
</span>
</div>
<!-- END OF SUB MENU -->
<br />
<br />
<!-- NORMAL TEXT -->
<br />
<div style="text-align: left;">
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
<b>TASK</b><br />
</span><br />
<ul><span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
<li>Configure eBGP peering between R4 (AS 1) and BB3 (AS 54).</li>
<li>Configure eBGP peering between R6 (AS 1) and BB1 (AS 54).</li>
</span></ul>
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span>
</div>
<!-- END OF NORMAL TEXT -->
<br />
<br />
<!-- NORMAL TEXT -->
<br />
<div style="text-align: left;">
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
<b>R4</b> eBGP peering is going to be the first task. I would like to pay attention to some important details regarding eBGP connection.
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;"><b>R4</b> Configuration:
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span>
</div>
<!-- END OF NORMAL TEXT -->
<!-- PREFORMATTED TEXT -->
<br />
<div style="text-align: left;">
<span style="color: #444444; font-size: 15px;">
<span style="font-family: "courier new" , "courier" , monospace; white-space: pre;">
router bgp 1
neighbor 192.168.134.254 remote-as 54
</span>
</span>
</div>
<!-- END OF PREFORMATTED TEXT -->
<!-- NORMAL TEXT -->
<br />
<div style="text-align: left;">
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">Now, a few verification steps to make a few important observations.<br />
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span>
</div>
<!-- END OF NORMAL TEXT -->
<!-- PREFORMATTED TEXT -->
<br />
<div style="text-align: left;">
<span style="color: #444444; font-size: 15px;">
<span style="font-family: "courier new" , "courier" , monospace; white-space: pre;">
R4#show ip bgp neighbor 192.168.134.254
BGP neighbor is 192.168.134.254, remote AS 54, external link
BGP version 4, remote router ID 31.3.0.1
BGP state = Established, up for 00:03:51
</span>
</span>
</div>
<!-- END OF PREFORMATTED TEXT -->
<!-- NORMAL TEXT -->
<br />
<div style="text-align: left;">
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">The neighbor is in AS 54 unlike R4, which is in AS 1. That makes the BGP connection type eBGP.<br />
This is marked with 'external link' for eBGP (internal link is iBGP).
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
Another very important characteristic of eBGP is that BGP uses TTL 1 (hop) by default. In iBGP connections that TTL is 255 by default (Outgoing TTL 1).
This means that it is assumed that in order for eBGP connections to work, the peers (routers) must be DIRECTLY connected to each other.
This can be changed and shown in later labs.
<br />
</span>
</div>
<!-- END OF NORMAL TEXT -->
<!-- PREFORMATTED TEXT -->
<br />
<div style="text-align: left;">
<span style="color: #444444; font-size: 15px;">
<span style="font-family: "courier new" , "courier" , monospace; white-space: pre;">
R4#show ip bgp neighbor 192.168.134.254 | i TTL
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1
</span>
</span>
</div>
<!-- END OF PREFORMATTED TEXT -->
<!-- NORMAL TEXT -->
<br />
<div style="text-align: left;">
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">What are we learning from AS 54? Here it is:
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span>
</div>
<!-- END OF NORMAL TEXT -->
<!-- PREFORMATTED TEXT -->
<br />
<div style="text-align: left;">
<span style="color: #444444; font-size: 15px;">
<span style="font-family: "courier new" , "courier" , monospace; white-space: pre;">
R4#show ip bgp reg _54$
Network Next Hop Metric LocPrf Weight Path
*> 28.119.16.0/24 192.168.134.254 0 0 54 i
*> 28.119.17.0/24 192.168.134.254 0 0 54 i
*> 114.0.0.0 192.168.134.254 0 54 i
*> 115.0.0.0 192.168.134.254 0 54 i
*> 116.0.0.0 192.168.134.254 0 54 i
*> 117.0.0.0 192.168.134.254 0 54 i
*> 118.0.0.0 192.168.134.254 0 54 i
*> 119.0.0.0 192.168.134.254 0 54 i
R4#
</span>
</span>
</div>
<!-- END OF PREFORMATTED TEXT -->
<!-- NORMAL TEXT -->
<br />
<div style="text-align: left;">
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;"><b>R6</b> Configuration:
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span>
</div>
<!-- END OF NORMAL TEXT -->
<!-- PREFORMATTED TEXT -->
<br />
<div style="text-align: left;">
<span style="color: #444444; font-size: 15px;">
<span style="font-family: "courier new" , "courier" , monospace; white-space: pre;">
router bgp 1
neighbor 192.168.116.254 remote-as 54
</span>
</span>
</div>
<!-- END OF PREFORMATTED TEXT -->
<!-- NORMAL TEXT -->
<br />
<div style="text-align: left;">
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">Now let's see what prefixes both R4 and R6 are learning from AS 54:
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span>
</div>
<!-- END OF NORMAL TEXT -->
<!-- PREFORMATTED TEXT -->
<br />
<div style="text-align: left;">
<span style="color: #444444; font-size: 15px;">
<span style="font-family: "courier new" , "courier" , monospace; white-space: pre;">
R6#show ip bgp regex ^54_
Network Next Hop Metric LocPrf Weight Path
*> 28.119.16.0/24 192.168.116.254 0 54 i
* i 192.168.134.254 0 100 0 54 i
*> 28.119.17.0/24 192.168.116.254 0 54 i
* i 192.168.134.254 0 100 0 54 i
*> 112.0.0.0 192.168.116.254 0 0 54 50 60 i
* i 192.168.134.254 0 100 0 54 50 60 i
*> 113.0.0.0 192.168.116.254 0 0 54 50 60 i
* i 192.168.134.254 0 100 0 54 50 60 i
*> 114.0.0.0 192.168.116.254 0 0 54 i
* i 192.168.134.254 0 100 0 54 i
*> 115.0.0.0 192.168.116.254 0 0 54 i
* i 192.168.134.254 0 100 0 54 i
*> 116.0.0.0 192.168.116.254 0 0 54 i
* i 192.168.134.254 0 100 0 54 i
*> 117.0.0.0 192.168.116.254 0 0 54 i
* i 192.168.134.254 0 100 0 54 i
*> 118.0.0.0 192.168.116.254 0 0 54 i
* i 192.168.134.254 0 100 0 54 i
*> 119.0.0.0 192.168.116.254 0 0 54 i
* i 192.168.134.254 0 100 0 54 i
R6#
R4#show ip bgp reg ^54_
Network Next Hop Metric LocPrf Weight Path
* i 28.119.16.0/24 192.168.116.254 0 100 0 54 i
*> 192.168.134.254 0 0 54 i
* i 28.119.17.0/24 192.168.116.254 0 100 0 54 i
*> 192.168.134.254 0 0 54 i
* i 112.0.0.0 192.168.116.254 0 100 0 54 50 60 i
*> 192.168.134.254 0 54 50 60 i
* i 113.0.0.0 192.168.116.254 0 100 0 54 50 60 i
*> 192.168.134.254 0 54 50 60 i
* i 114.0.0.0 192.168.116.254 0 100 0 54 i
*> 192.168.134.254 0 54 i
* i 115.0.0.0 192.168.116.254 0 100 0 54 i
*> 192.168.134.254 0 54 i
* i 116.0.0.0 192.168.116.254 0 100 0 54 i
*> 192.168.134.254 0 54 i
* i 117.0.0.0 192.168.116.254 0 100 0 54 i
*> 192.168.134.254 0 54 i
* i 118.0.0.0 192.168.116.254 0 100 0 54 i
*> 192.168.134.254 0 54 i
* i 119.0.0.0 192.168.116.254 0 100 0 54 i
*> 192.168.134.254 0 54 i
R4#
</span>
</span>
</div>
<!-- END OF PREFORMATTED TEXT -->
<!-- NORMAL TEXT -->
<br />
<div style="text-align: left;">
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">Both R4 and R6 have two paths to the prefixes advertised by AS 54. Each one of them prefers its direct peer for those (marked with gt sign).
Also, when advertising BGP prefixes, each one of them is going to advertise its best route only. Using iBGP advertisement, both R4 and R6 are going to preserver next-hop attribute.
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
At this point, it is going to be very interesting to look into BGP table on R1 which is receiving the same prefixes from R4 and R6. Here's what we get:
<br />
</span>
</div>
<!-- END OF NORMAL TEXT -->
<!-- PREFORMATTED TEXT -->
<br />
<div style="text-align: left;">
<span style="color: #444444; font-size: 15px;">
<span style="font-family: "courier new" , "courier" , monospace; white-space: pre;">
R1#show ip bgp regexp _54$
Network Next Hop Metric LocPrf Weight Path
* i 28.119.16.0/24 192.168.116.254 0 100 0 54 i
* i 192.168.134.254 0 100 0 54 i
* i 28.119.17.0/24 192.168.116.254 0 100 0 54 i
* i 192.168.134.254 0 100 0 54 i
* i 114.0.0.0 192.168.116.254 0 100 0 54 i
* i 192.168.134.254 0 100 0 54 i
* i 115.0.0.0 192.168.116.254 0 100 0 54 i
* i 192.168.134.254 0 100 0 54 i
* i 116.0.0.0 192.168.116.254 0 100 0 54 i
* i 192.168.134.254 0 100 0 54 i
* i 117.0.0.0 192.168.116.254 0 100 0 54 i
* i 192.168.134.254 0 100 0 54 i
* i 118.0.0.0 192.168.116.254 0 100 0 54 i
* i 192.168.134.254 0 100 0 54 i
* i 119.0.0.0 192.168.116.254 0 100 0 54 i
* i 192.168.134.254 0 100 0 54 i
R1#
</span>
</span>
</div>
<!-- END OF PREFORMATTED TEXT -->
<!-- NORMAL TEXT -->
<br />
<div style="text-align: left;">
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">What is worth noticing here is that R1 gets prefixes with two different paths: <br />
- through 192.168.116.254 (BB1) and through 192.168.134.254 (BB3) <br />
- none of these are the best routes as R1 does not know how to reach these next-hop IP addresses
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
There are few ways to fix it. For now, let's advertise those networks into EIGRP that is already running on all routers.
Here's the configuration:
<br />
</span>
</div>
<!-- END OF NORMAL TEXT -->
<!-- PREFORMATTED TEXT -->
<br />
<div style="text-align: left;">
<span style="color: #444444; font-size: 15px;">
<span style="font-family: "courier new" , "courier" , monospace; white-space: pre;">
R4(config)#router eigrp 1
R4(config-router)#network 192.168.134.0
R4(config-router)#
R6(config)#router eigrp 1
R6(config-router)#network 192.168.116.0
</span>
</span>
</div>
<!-- END OF PREFORMATTED TEXT -->
<!-- NORMAL TEXT -->
<br />
<div style="text-align: left;">
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">Once R1 (and all other routers) can reach next-hop addressess: 192.168.116.254 and 192.168.134.254 via EIGRP, BGP can select the best path (grater than sign)
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span>
</div>
<!-- END OF NORMAL TEXT -->
<!-- PREFORMATTED TEXT -->
<br />
<div style="text-align: left;">
<span style="color: #444444; font-size: 15px;">
<span style="font-family: "courier new" , "courier" , monospace; white-space: pre;">
R1#show ip bgp regexp _54$
Network Next Hop Metric LocPrf Weight Path
* i 28.119.16.0/24 192.168.116.254 0 100 0 54 i
*>i 192.168.134.254 0 100 0 54 i
* i 28.119.17.0/24 192.168.116.254 0 100 0 54 i
*>i 192.168.134.254 0 100 0 54 i
* i 114.0.0.0 192.168.116.254 0 100 0 54 i
*>i 192.168.134.254 0 100 0 54 i
* i 115.0.0.0 192.168.116.254 0 100 0 54 i
*>i 192.168.134.254 0 100 0 54 i
* i 116.0.0.0 192.168.116.254 0 100 0 54 i
*>i 192.168.134.254 0 100 0 54 i
* i 117.0.0.0 192.168.116.254 0 100 0 54 i
*>i 192.168.134.254 0 100 0 54 i
* i 118.0.0.0 192.168.116.254 0 100 0 54 i
*>i 192.168.134.254 0 100 0 54 i
* i 119.0.0.0 192.168.116.254 0 100 0 54 i
*>i 192.168.134.254 0 100 0 54 i
R1#
R1#show ip route bgp
Gateway of last resort is not set
28.0.0.0/24 is subnetted, 2 subnets
B 28.119.16.0 [200/0] via 192.168.134.254, 00:04:58
B 28.119.17.0 [200/0] via 192.168.134.254, 00:04:58
B 112.0.0.0/8 [200/0] via 192.168.134.254, 00:04:58
B 113.0.0.0/8 [200/0] via 192.168.134.254, 00:04:58
B 114.0.0.0/8 [200/0] via 192.168.134.254, 00:04:58
B 115.0.0.0/8 [200/0] via 192.168.134.254, 00:04:58
B 116.0.0.0/8 [200/0] via 192.168.134.254, 00:04:58
B 117.0.0.0/8 [200/0] via 192.168.134.254, 00:04:58
B 118.0.0.0/8 [200/0] via 192.168.134.254, 00:04:58
B 119.0.0.0/8 [200/0] via 192.168.134.254, 00:04:58
172.16.0.0/16 is variably subnetted, 11 subnets, 2 masks
B 172.16.2.0/24 [200/0] via 10.1.0.2, 03:19:38
B 172.16.3.0/24 [200/0] via 10.1.13.3, 03:19:38
B 172.16.4.0/24 [200/0] via 10.1.146.4, 03:19:07
B 172.16.5.0/24 [200/0] via 10.1.0.5, 03:19:10
B 172.16.6.0/24 [200/0] via 10.1.146.6, 03:19:18
B 172.16.7.0/24 [200/0] via 10.1.67.7, 03:19:38
B 172.16.8.0/24 [200/0] via 10.1.58.8, 03:19:15
B 172.16.9.0/24 [200/0] via 10.1.79.9, 03:19:12
B 172.16.10.0/24 [200/0] via 10.1.108.10, 03:19:07
R1#
</span>
</span>
</div>
<!-- END OF PREFORMATTED TEXT -->
<!-- NORMAL TEXT -->
<br />
<div style="text-align: left;">
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">In the above output it is I can see that the next-hop for AS 54 network is 192.168.134.254 (BB3).<br />
The question is what does R1 advertise to its peer R3? Is it going to be both paths or only the best?
As per BGP rules, only the best path is further advertised.
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
Let's see one of those prefixes on R1 in more detail. Pay attention which path is the best. Then take a look at what R3 receives from R1.
<br />
</span>
</div>
<!-- END OF NORMAL TEXT -->
<!-- PREFORMATTED TEXT -->
<br />
<div style="text-align: left;">
<span style="color: #444444; font-size: 15px;">
<span style="font-family: "courier new" , "courier" , monospace; white-space: pre;">
R1#show ip bgp 112.0.0.0
BGP routing table entry for 112.0.0.0/8, version 24
Paths: (2 available, best #1, table default)
Not advertised to any peer
Refresh Epoch 1
54 50 60
192.168.134.254 (metric 307200) from 10.1.146.4 (172.16.4.4)
Origin IGP, metric 0, localpref 100, valid, internal, best
Refresh Epoch 1
54 50 60
192.168.116.254 (metric 2195456) from 10.1.146.6 (172.16.6.6)
Origin IGP, metric 0, localpref 100, valid, internal
R1#
R1#show ip bgp neighbor 10.1.13.3 advertised-routes
Network Next Hop Metric LocPrf Weight Path
*> 172.16.1.0/24 0.0.0.0 0 32768 i
Total number of prefixes 1
R1#
</span>
</span>
</div>
<!-- END OF PREFORMATTED TEXT -->
<!-- NORMAL TEXT -->
<br />
<div style="text-align: left;">
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">What? Only one prefix is being advertised (the one that belongs to R1)?
</span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">
Of course, this is as expected. R1 is learning AS 54 prefixes from R4 and R6 over iBGP session.<br />
BGP split-horizon rule stipulates that what is learned over iBGP cannot be re-advertised over another iBGP session.
It is a loop prevention mechanism. Later, we will see how it can be handled. So far now we're going to leave this at that. </span><br />
<span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;"><br />
</span>
<br />
<span style="color: orange;"><span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">Summary</span></span><br />
<ul>
<li><span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">BGP routes learned over eBGP retain original next-hop attribute</span></li>
<li><span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">Prefixes learned over iBGP will NOT be advertised over iBGP sessions (BGP Split-Horizon rule)</span></li>
<li><span style="cfont-family: "verdana" , sans-serif; color: #333333; font-size: large;">BGP Router only advertises the best paths<br />
</span>
</li>
</ul>
</div>
<!-- END OF NORMAL TEXT -->
Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-53977505086462950962019-02-12T23:02:00.000+00:002020-04-22T08:28:29.869+01:00Linux<div style="text-align: center;">
<div style="text-align: left;">
<div style="text-align: center;">
<div style="text-align: left;">
<div style="text-align: center;">
<span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><a href="https://ciscoiseasy.blogspot.com/">CCNA Basics</a> <span style="color: orange;">|</span> <a href="https://ciscoiseasy.blogspot.com/2020/04/cisco-next-step.html">Cisco Next Step</a></span> </span></span><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="color: orange;">|</span> </span></span></span><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;">Linux</span></span></div>
</div>
</div>
</div>
</div>
<div style="text-align: left;">
<br /></div>
<span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;"><br /></span></span></span></span>
<span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;"><a href="https://ciscoiseasy.blogspot.com/2019/02/tcpdump-basics.html">1. TCPDUMP 1 - Basics</a> </span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;">2. TCPDUMP 2 - IP Header </span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;"><br /></span></span></span></span>
Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-24755452778925667892019-02-12T23:01:00.000+00:002020-04-22T08:29:01.980+01:00TCPDUMP Basics<div style="text-align: center;">
<span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><a href="https://ciscoiseasy.blogspot.com/">CCNA Basics</a> <span style="color: orange;">|</span> <a href="https://ciscoiseasy.blogspot.com/2020/04/cisco-next-step.html">Cisco Next Step</a></span> </span></span><span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="color: orange;">|</span> </span></span></span><span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;">Linux</span></span><span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"> </span></span></span></span></span></div>
<br />
<br />
<div style="text-align: center;">
<span style="color: orange; font-size: large;"><span style="color: orange;"><span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: small;">TCPDUMP Basics | TCPDUMP IP Header </span></span></span></span></span></span></div>
<div style="text-align: left;">
<span style="font-size: large;"><br /></span></div>
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;">TCPDUMP is a very powerful packet capturing tool. "Must love tcpdump and wireshark" the job ads often say, so working with networks requires mastering the fundamentals of this tool.</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;"><br /></span></span></span></span>
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;">I have two Raspberry PI computers in my lab. They are perfect learning tools (hats off to the creators).</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;"><br /></span></span></span></span>
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;"><b><span style="color: orange;">TYPICAL SYNTAX</span></b></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;"><br /></span></span></span></span>
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;">A typical packet capture might look like this:</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;"><br /></span></span></span></span>
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-family: "courier new" , "courier" , monospace; font-size: large;"><span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;">pi@lucy: $ <span style="color: blue;">sudo tcpdump -i eth0 -s 1600 -nn -vvv src host 192.168.0.254 and dst port 22</span><br />tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 1600 bytes</span></span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;"><br /></span></span></span></span>
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;">What on earth do those flag stand for?</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;"><b>-i eth0</b> capture packets on eth0 interface</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;"><b>-s 1600</b> capture only 1600 bytes rather than max. allowed (varies by version)</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: small;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: x-small;"><b>-nn</b> don't resolve ip address or port numbers to names</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: small;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: x-small;"><b>-v</b> slightly more verbose output</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><b>-vv</b> even more verbose output</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><b>-vvv</b> even more verbose output (useful with -x or -X option)</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><b>src host</b> coming from IP address</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><b>and</b> logical and (both statement must be true to capture packets)</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><b>dst port</b> dst port 22 (ssh)</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><br /></span></span></span></span>
<span style="color: orange; font-size: large;"><b><span style="font-family: "verdana" , sans-serif; font-size: medium;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;">NETWORK FILTERING</span></span></span></span></span></b></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;">tcpdump net 192.168.0</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;">tcpdump src net 192.168.0</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;">tcpdump dst net 192.168.0</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;">etc. </span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><br /></span></span></span></span>
<span style="color: orange; font-size: large;"><b><span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;">PROTOCOL FILTERING</span></span></span></span></b></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;">tcpdump ip</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;">tcpdump tcp</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;">tcpdump icmp</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;">etc. </span></span></span></span></span><br />
<span style="font-size: large;"><br /></span>
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;">Combining expressions may may involve keywords such as:</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;"><br /></span></span></span></span></span>
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;"><b>!</b> negation</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;"><b>not</b> negation</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;"><br /></span></span></span></span></span>
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;"><b>&</b> concatenation</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;"><b>and</b> concatenation</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;"><br /></span></span></span></span></span>
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;"><b>||</b> alternative (or)</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;"><b>or</b> alternative</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;"><br /></span></span></span></span></span>
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;">Example:</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;"><span style="font-family: "courier new" , "courier" , monospace;">pi@lucy: $ <span style="color: blue;">sudo tcpdump -i eth0 -s 1600 -nn -vvv -c3 'tcp and src host 192.168.0.254'</span></span></span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;"><br /></span></span></span></span></span>
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;">I've thrown in -c3 (for capturing only 3 packets) and the combined expression in quotes (' ').</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;"><br /></span></span></span></span></span>
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;">Another example:</span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: medium;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;"><span style="font-family: "courier new" , "courier" , monospace;">pi@lucy: $ <span style="color: blue;">sudo tcpdump -i eth0 -s 1600 -nn -vvv -c3 'not tcp and src host 192.168.0.254'</span></span></span></span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: large;"><span style="color: #134f5c; font-size: large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><span style="font-size: large;"><br /></span></span></span></span></span>
<span style="color: #134f5c;"><span style="font-size: large;"><span style="font-family: "verdana" , sans-serif;"></span></span></span>Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-80290251399190199382019-02-12T14:09:00.001+00:002019-02-12T14:09:32.892+00:00Lab00 - Lab Topology<br />
<div style="text-align: center;">
<span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><a href="https://ciscoiseasy.blogspot.com/">CCNA Basics</a> <span style="color: orange;">|</span> <a href="https://ciscoiseasy.blogspot.com/2019/02/cisco-advanced.html">Cisco Advanced</a></span> </span></span><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="color: orange;">|</span> </span></span></span><a href="https://ciscoiseasy.blogspot.com/2019/02/linux.html"><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;">Linux</span></span></a><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"> </span></span></span></span></span></div>
<br />
<br />
<div style="text-align: center;">
<span style="color: orange;"><span style="color: orange;"><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: medium;">Creating Lab Topology | <a href="https://ciscoiseasy.blogspot.com/2019/02/ibgp-peering.html">iBGP Peering</a></span></span></span></span></span></span></div>
<br />
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: small;">Lab 1 Topology</span></span></span></span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3u-ASgR1TNEWg-4rF77r34QJavEYuHCJmaRIEFDeXcvM4qhK3whlJYq6I7E4qZITUpR-THrKnvF7aRzEZkHJSWUTn5gjClCanE95b7mpGY_g_1OeWtrMwnCzdrt_BUStN2dmx2yuLhtg/s1600/topology1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1108" data-original-width="1600" height="276" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3u-ASgR1TNEWg-4rF77r34QJavEYuHCJmaRIEFDeXcvM4qhK3whlJYq6I7E4qZITUpR-THrKnvF7aRzEZkHJSWUTn5gjClCanE95b7mpGY_g_1OeWtrMwnCzdrt_BUStN2dmx2yuLhtg/s400/topology1.png" width="400" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
</div>
Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.comtag:blogger.com,1999:blog-8275116730360250675.post-23980131002429563412019-02-12T14:09:00.000+00:002019-02-18T19:10:04.270+00:00iBGP Peering<div style="text-align: center;">
<div style="text-align: left;">
<div style="text-align: center;">
<div style="text-align: left;">
<div style="text-align: center;">
<span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><a href="https://ciscoiseasy.blogspot.com/">CCNA Basics</a> <span style="color: orange;">|</span> <a href="https://ciscoiseasy.blogspot.com/2019/02/cisco-advanced.html">Cisco Advanced</a></span> </span></span><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="color: orange;">|</span> </span></span></span><a href="https://ciscoiseasy.blogspot.com/2019/02/linux.html"><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;">Linux</span></span></a><br />
<br />
<span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"> </span></span></span><span style="color: orange;"><span style="font-family: "verdana" , sans-serif; font-size: x-large;"><span style="color: #134f5c; font-size: x-large;"><span style="font-family: "verdana" , sans-serif;"><span style="font-size: large;"><a href="https://ciscoiseasy.blogspot.com/2019/02/lab00-lab-topology.html">Lab Topology</a> | <a href="https://ciscoiseasy.blogspot.com/2019/02/ebgp-peering_18.html">eBGP Peering</a></span></span></span></span></span><br />
<br />
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
<span style="font-size: large;"><span style="font-family: "verdana" , sans-serif;"><a href="https://ciscoiseasy.blogspot.com/2019/02/lab00-lab-topology.html">Lab Topology</a> </span></span></div>
<div style="text-align: left;">
<span style="font-size: large;"><br /></span></div>
<div style="text-align: left;">
<span style="color: orange;"><b><span style="font-size: large;">TASK</span></b></span><br />
<ul>
<li><span style="font-size: large;">Configure EIGRP AS 1 on all routers. </span></li>
<li><span style="font-size: large;">Configure full mesh iBGP peering using BGP AS 1. </span></li>
<li><span style="font-size: large;">Advertise loopback0 into BGP ensuring full reachability.</span></li>
</ul>
</div>
<div style="text-align: left;">
<br />
<span style="color: orange;"><b><span style="font-size: large;">SOLUTIONS</span></b></span><br />
<br />
<b><span style="font-size: large;">EIGRP Configurations</span></b><br />
<span style="font-size: large;"><br /></span>
<span style="font-size: large;">First an easy part.</span><br />
<br />
<span style="font-size: large;">On all routers/switches:</span><br />
<pre><span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">! </span></span></pre>
<pre><span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">router eigrp 1
network 10.0.0.0
network 172.16.0.0</span></span></pre>
<pre><span style="font-size: large;"><span style="font-family: "courier new" , "courier" , monospace;">! </span></span></pre>
<span style="font-size: large;">
</span><br />
<span style="font-size: large;">On R5 (S1/0 interface is a multipoint one). Another command must be added:</span><br />
<br />
<span style="font-size: large;"><b>R5 Config</b>:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">!</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">interface serial1/0</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;"> no ip split-horizon eigrp 1 </span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">!</span></span><br />
<a href="https://drive.google.com/file/d/18mV6uyqwONGww4v-ZT1WXTS-y1Y2GovL/view?usp=sharing"><b><span style="font-size: large;">EIGRP Verification</span></b></a><span style="font-size: large;"> </span><br />
<br />
<span style="font-size: large;">Now, that I have verified that I see all the loopbacks (all routers are runnning EIGRP), I can remove them from EIGRP.</span><br />
<br />
<span style="font-size: large;">On all routers/switches:</span><br />
<pre><span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">! </span></span></pre>
<pre><span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">router eigrp 1
no network 172.16.0.0</span></span></pre>
<pre><span style="font-size: large;"><span style="font-family: "courier new" , "courier" , monospace;">! </span></span></pre>
<br />
<span style="font-size: large;">BGP neighbor statement must match the source IP address of the peer sending BGP Open message. </span><br />
<br />
<span style="font-size: large;">For instance, if R1 is to peer with R3</span><span style="font-size: large;">, the latter (R3) must have a neighbor statement </span><span style="font-size: large;">specifying IP address of R1 who's sending the BGP Open message. This example is easy, because they are directly connected. But it is not so obvious what src IP R1 is going to use sending Open message to R2. Let's see the direct peering first.</span><br />
<span style="font-size: large;"><br /></span>
<span style="color: orange;"><span style="font-size: large;"><b>R1</b> peering with <b>R3</b></span></span><br />
<span style="font-size: large;">In order for R1 to reach 10.1.13.3 (R3), the outgoing is going to be S1/1 interace:</span><br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">R1#<span style="color: blue;">show ip route 10.1.13.3</span><br />Routing entry for 10.1.13.0/24<br /> <span style="background-color: yellow;"><span style="color: blue;">Known via "connected"</span></span>, distance 0, metric 0 (connected, via interface)<br /> Redistributing via eigrp 1<br /> Routing Descriptor Blocks:<br /> * <span style="background-color: yellow;"><span style="color: blue;">directly connected, via Serial1/1</span></span><br /> Route metric is 0, traffic share count is 1<br />R1#</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;"><br /></span></span>
<br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">R1#<span style="color: blue;">show run int s1/1</span><br />!<br />interface Serial1/1<br /> <span style="background-color: yellow;"><span style="color: blue;">ip address 10.1.13.1</span></span> 255.255.255.0<br /> serial restart-delay 0</span></span><br />
<span style="font-size: large;"><span style="font-family: "courier new" , "courier" , monospace;">!</span><br />In fact, this is the lab so I can take risks here, which I would not try on the production machine. Below is the debug of IP packets on <b>R1</b> pinging <b>R3</b> (10.1.13.3) and <b>R3</b> pinging <b>R1</b> (10.1.13.1).</span><br />
<br />
<span style="font-size: large;"><span style="color: red;"><b>NEVER USE THIS DEBUG ON THE PRODUCTION SYSTEM !</b></span></span><br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">R1(config)#<span style="color: blue;">access-list 1 permit 10.1.13.1</span><br />R1(config)#<span style="color: blue;">end</span></span></span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">R1#<span style="color: blue;">debug ip packet detail 1</span><br />IP packet debugging is on (detailed) for access list 1<br />R1#</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;"></span></span><br />
<span style="font-size: large;"><span style="font-family: "courier new" , "courier" , monospace;"></span><br /><span style="font-family: "courier new" , "courier" , monospace;">R1#ping 10.1.13.1 repeat 1 <br /><br />FIBipv4-packet-proc: <span style="color: blue;">route packet from (local) src 10.1.13.1 dst 10.1.13.1</span><br />FIBfwd-proc: Default:10.1.13.1/32 receive entry<br />FIBipv4-packet-proc: packet routing failed<br />IP: tableid=0, s=10.1.13.1 (local), d=10.1.13.1 (Serial1/1), <span style="color: blue;">routed via RIB<br />IP: s=10.1.13.1 (local), d=10.1.13.1</span> (Serial1/1), len 100, sending<br /> ICMP type=8, code=0</span></span>
<br />
<br />
<span style="font-size: large;">Directly connected networks have Administrative Distance 0, which is the most trusted. That's why R1 and R3 won't consider any other path (many available here) to reach each other.</span><br />
<br />
<span style="font-size: large;">Now, I am ready to configure iBGP Peering between <b>R1</b> and <b>R3</b>.</span>
<br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-size: large;"><b>R1 Config</b>:</span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">!</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">router bgp 1<br /> bgp log-neighbor-changes<br /> neighbor 10.1.13.3 remote-as 1</span></span>
<br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">!</span></span>
<br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-size: large;">Since, the respective configuration on <b>R3</b> has not been done yet, BGP cannot establish TCP session (<b>R3</b> socket is not listening on port 179 just yet). Here's the behavior of such TCP session establishment attempt:</span><br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-size: large;"><span style="font-family: "courier new" , "courier" , monospace;">R1#<span style="color: blue;">debug ip tcp transactions</span> <br />TCP special event debugging is on<br />TCBF3E670A0 created<br />TCBF3E670A0 setting property TCP_VRFTABLEID (20) F22CE1FC<br />TCBF3E670A0 setting property TCP_MD5KEY (4) 0<br />TCBF3E670A0 setting property TCP_ACK_RATE (37) F3254C08<br />TCBF3E670A0 setting property TCP_TOS (11) F3254C24<br />TCBF3E670A0 setting property TCP_PMTU (45) F3254BB0<br />TCBF3E670A0 setting property TCP_RTRANSTMO (36) F3254C04<br /><span style="color: blue;">TCP: Random local port generated 63024</span>, network 1<br /><span style="color: blue;">TCBF3E670A0 bound to 10.1.13.1.63024</span><br /><span style="color: blue;">Reserved port 63024 in Transport Port Agent for TCP IP type 1</span><br /><span style="color: blue;">TCP: sending SYN</span>, seq 4018291362, ack 0<br /><span style="color: blue;">TCP0: Connection to 10.1.13.3:179,</span> advertising MSS 1460<br />TCP0: state was CLOSED -> SYNSENT [63024 -> 10.1.13.3(179)]<br />Released port 63024 in Transport Port Agent for TCP IP type 1 delay 240000<br /><span style="color: blue;">TCP0: state was SYNSENT -> CLOSED [63024 -> 10.1.13.3(179)]</span><br />TCP0: bad seg from 10.1.13.3 -- closing connection: port 63024 seq 0 ack 4018291363 rcvnxt 0 rcvwnd 0 len 0<br /><span style="color: blue;">TCP0: connection closed - remote sent RST</span><br />TCB 0xF3E670A0 destroyed<br />R1#<span style="color: blue;">u all</span><br />All possible debugging has been turned off</span></span>
<br />
<span style="font-size: large;"><b>R1</b> is picking an ephemeral port (semi-randomly) 63024 (tcp src port):</span><br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-size: large;"><span style="font-size: large;"><span style="font-family: "courier new" , "courier" , monospace;"><span style="color: blue;">TCP: Random local port generated 63024</span></span></span></span>
<br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-size: large;">then, it is creating TCP Control Block:</span><br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-size: large;"><span style="font-size: large;"><span style="font-family: "courier new" , "courier" , monospace;"><span style="color: blue;">TCBF3E670A0 bound to 10.1.13.1.63024</span></span></span></span>
<br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-size: large;"><b>R1 </b>is sending SYN packet towards 10.1.13.3 port 179 (BGP) and is receiving RST in reply (<b>R3</b> has not been configured to open TCP port 179)</span>
<br />
<span style="font-size: large;"></span>
<br />
<span style="font-size: large;"><span style="font-size: large;"><span style="font-family: "courier new" , "courier" , monospace;"><span style="color: blue;">TCP: sending SYN</span>, seq 4018291362</span></span></span><span style="font-size: large;"><span style="font-size: large;"></span></span><br />
<span style="font-size: large;"><span style="font-size: large;"><span style="font-family: "courier new" , "courier" , monospace;"></span></span></span><span style="font-size: large;"><span style="font-family: "courier new" , "courier" , monospace;"><span style="color: blue;">TCP0: connection closed - remote sent RST</span></span></span>
<br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-size: large;">Completing <b>R1</b> to <b>R3</b> iBGP peering:</span><br />
<br />
<span style="font-size: large;"></span>
<b><span style="font-size: large;">R3 Config:</span></b><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">!</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">router bgp 1<br /> bgp log-neighbor-changes<br /> neighbor 10.1.13.1 remote-as 1</span></span>
<br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">!</span></span><br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-size: large;">Now, the peering is complete.</span><br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-size: large;"><span style="font-size: large;"><span style="font-family: "courier new" , "courier" , monospace;">R1#<span style="color: blue;">show ip bgp summar</span>y<br />BGP router identifier 172.16.1.1, local AS number 1<br />BGP table version is 1, main routing table version 1<br /><br />Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd<br />10.1.13.3 4 1 4 4 1 0 0 00:00:40 0<br />R1#</span></span></span><br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-size: large;"><span style="font-size: large;"><span style="font-family: "courier new" , "courier" , monospace;">R1#<span style="color: blue;">show ip bgp neighbor 10.1.13.3</span><br />BGP neighbor is 10.1.13.3, remote AS 1, internal link<br /> BGP version 4, remote router ID 172.16.3.3<br /> <span style="background-color: yellow;"><span style="color: blue;">BGP state = Established, up for 00:01:35</span></span></span></span></span>
<br />
<br />
<span style="font-size: large;">Here's how the peering between R1 and R2 (not a directly adjacent router) is going to look like.</span><br />
<br />
<span style="font-size: large;">How does <b>R1</b> reach <b>R2</b> (10.1.0.2)?</span><br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">R1#<span style="color: blue;">show ip route 10.1.0.2</span><br />Routing entry for 10.1.0.0/24<br /> <span style="background-color: yellow;">Known via "connected"</span>, distance 0, metric 0 (connected, via interface)<br /> Redistributing via eigrp 1<br /> Routing Descriptor Blocks:<br /> * <span style="background-color: yellow;">directly connected, via Serial1/0</span><br /> Route metric is 0, traffic share count is 1<br />R1#<br />R1#<span style="color: blue;">show run int s1/0</span><br /> </span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">interface Serial1/0<br /> <span style="color: blue;">ip address 10.1.0.1</span> 255.255.255.0</span></span><br />
<span style="font-size: large;"><br /></span>
<br />
<span style="font-size: large;">R1 will use S1/0 interface (10.1.0.1) as its source to reach R2 (10.1.0.2). Thus, the R2's neighbor statement must point to 10.1.0.1. Conversly, R2 will use its S1/0 interface (10.1.0.2) as the src IP for BGP open packet towards 10.1.0.1. R1 neighbor statement must be 10.1.0.2 to accept BGP Open message.</span><br />
<span style="font-size: large;">Here's the config to create R1 to R2 peering:</span><br />
<span style="font-size: large;"><br /></span>
<br />
<b><span style="font-size: large;">R1 Config:</span></b><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">!</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">router bgp 1<br /> neighbor 10.1.0.2 remote-as 1</span></span>
<br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">!</span></span><br />
<span style="font-size: large;"><br /></span>
<br />
<b><span style="font-size: large;">R2 Config:</span></b><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">!</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">router bgp 1<br /> bgp log-neighbor-changes<br /> neighbor 10.1.0.1 remote-as 1</span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">!</span></span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;"></span></span><br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">R2#<span style="color: blue;">show ip bgp neighbors 10.1.0.1 | i internal|Neighbor|state|TTL</span><br />BGP neighbor is 10.1.0.1, <span style="background-color: yellow;">remote AS 1, internal link</span><br /> <span style="background-color: yellow;">BGP state = Established</span>, up for 00:03:24<br /> Neighbor sessions:<br /> Neighbor capabilities:<br />Connection state is ESTAB, I/O status: 1, unread input bytes: 0 <br />Connection is ECN Disabled, Mininum incoming TTL 0, <span style="background-color: yellow;">Outgoing TTL 255</span><br />R2#</span></span><br />
<br />
<span style="font-family: "courier new" , "courier" , monospace;"><span style="font-size: large;">R2#<span style="color: blue;">show tcp brief | i 10.1.0.1</span><br />F3270560 10.1.0.2.<span style="background-color: yellow;">179</span> 10.1.0.1.<span style="background-color: yellow;">29446</span> ESTAB<br />R2# </span></span><br />
<br />
<br />
<span style="font-size: x-large;"><span style="color: orange;"><b>Summary</b></span></span><br />
<br />
<ul>
<li><span style="font-size: large;">BGP Neighbor statement must match the peer's IP address which is used to start BGP session</span></li>
<li><span style="font-size: large;">iBGP peerings are configured with the SAME AS number</span></li>
<li><span style="font-size: large;">iBGP peerings use TTL 255 by default which means that BGP peers do not have to be directly connected</span></li>
<li><span style="font-size: large;">TCP Port 179 is used to establish connection</span></li>
<li><span style="font-size: large;">Reachability to the Neighbor Address is necessary to establish TCP connection</span></li>
<li><span style="font-size: large;">In rare case both routers started the session only one session is preserved </span></li>
<li><span style="font-size: large;">Initiator of the TCP session picks ephemeral port (above 1023) as the source port with TCP 179 port as the destination </span></li>
</ul>
<br />
<br />
<div style="text-align: center;">
<span style="font-size: x-large;"><b><span style="color: orange;"><a href="https://drive.google.com/file/d/1CVZ8XrjzlxEqtKpOvhjdGCfgglcMdsiu/view?usp=sharing"><span style="font-size: x-large;">Complete lab solution is here.</span></a> </span></b></span></div>
</div>
<div style="text-align: left;">
</div>
</div>
</div>
</div>
</div>
</div>
Jhttp://www.blogger.com/profile/14613178990982384153noreply@blogger.com