Pete's Packet

Limitless

Archive for March, 2009

« Previous Entries

The DISTANCE command

Posted by Peter Kurdziel on March 31, 2009

Using the distance command with Distance-Vector protocols:

Configure referencing an update source. The update source address should be the IP address of the directly connected  distance-vector router advertising the specified set of prefixes.

 

Using the distance command with Link State routing protocols:

Configure referencing an update source. The update source address must be the Router ID of the router that originated the prefixes being received. 

 

Examples:

There are two distance commands you can use.

  1. distance 99 0.0.0.0 255.255.255.255 <ACL>
  2. distance ospf  = However, the distance ospf command allows you to set a distance for an entire group of routes, rather than a specific route that passes an access list.  A common reason to use the distance ospf command is when you have multiple OSPF processes with mutual redistribution, and you want to prefer internal routes from one over external routes from the other.

 

Posted in OSPF, Routing & Switching Lab | Leave a Comment »

ip default-gateway vs ip default-network vs ip route 0.0.0.0 0.0.0.0

Posted by Peter Kurdziel on March 27, 2009

*      ip default-gateway  = should only be used when ip routing is disabled on the Cisco router.

*      ip default-network = you can use ip default-network when ip routing is enabled on the Cisco router. When you configure ip default-network the router considers routes to that network for installation as the gateway of last resort on the router.

*      and ip route 0.0.0.0 0.0.0.0 = Creating a static route to network 0.0.0.0 0.0.0.0 is another way to set the gateway of last resort on a router. As with the ip default-network command, using the static route to 0.0.0.0 is not dependent on any routing protocols. However, ip routing must be enabled on the router.

For more info see: http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094374.shtml

Posted in Routing & Switching Lab | Leave a Comment »

Cool way to advertise a network without using the network statement

Posted by Peter Kurdziel on March 27, 2009

R1(config)#do sho ip prefi
ip prefix-list AGG: 1 entries
seq 5 permit 3.1.0.0/20
ip prefix-list NET: 1 entries
seq 5 permit 3.1.3.0/24
ip prefix-list R2: 1 entries
seq 5 permit 10.1.12.2/32

R1(config)#do sho route-m
route-map INJECT, permit, sequence 10
Match clauses:
Set clauses:
ip address (prefix-list) NET
Policy routing matches: 0 packets, 0 bytes
route-map EXIST, permit, sequence 10
Match clauses:
ip address prefix-lists: AGG
ip route-source prefix-lists: R2
Set clauses:
Policy routing matches: 0 packets, 0 bytes

Posted in Routing & Switching Lab | Leave a Comment »

Serial Lines: Increasing Carrier Transitions Count on Serial Link

Posted by Peter Kurdziel on March 27, 2009

Serial Lines: Increasing Carrier Transitions Count on Serial Link

Possible Problem

Solution

The following problems can result in this symptom:

Line interruptions due to an external source (such as physical separation of cabling, red or yellow T1 alarms, or lightning striking somewhere along the network)

Faulty switch, DSU, or router hardware

1. Check hardware at both ends of the link (attach a breakout box or a serial analyzer, and test to determine the source of problems).

2. If an analyzer or breakout box is incapable of identifying any external problems, check the router hardware.

3. Swap faulty equipment, as necessary.

Posted in Routing & Switching Lab | Leave a Comment »

Using NBAR to Categorize and Control Application Traffic

Posted by Peter Kurdziel on March 27, 2009

Cisco IOS version 12.4(4)T introduced the much awaited Skype classification in NBAR. Now, with simple policy you can block Skype in much the same way as you used to block kazza, limewire, and other p2p applications.

Example:

NBAR configuration to drop Skype packets

class “map match” any p2p
match protocol skype

policy “map block” p2p
class p2p
drop

int FastEthernet0
description PIX “facing interface service”
policy “input block” p2p

If you are unsure about the bandwidth-eating applications being used in your organization, you can access the interface connected to the Internet and configure using the following command:

“ip nbar protocol-discovery”

This will enable nbar discovery on your router.

If you use the following command:

“show ip nbar protocol-discovery stats bit-rate top-n 10″

It will show you the top 10 bandwidth-eating applications being used by the users. Now, you will be able to block/restrict traffic with appropriate QoS policy.

You can also use “ip nbar port-map” command to look for the protocol or protocol name using a port number or numbers other than the well-known Internet Assigned Numbers Authority (IANA)-assigned) port numbers.

Usage as per Cisco:
“ip nbar port-map protocol-name [tcp | udp] port-number”

Up to 16 ports can be specified with the above command. Port number values can range from 0 to 65535.

New PDLMs may have to be loaded to match more recent versions of some protocols.

Posted in Troubleshooting | Leave a Comment »

Multicast troubleshooting commands

Posted by Peter Kurdziel on March 27, 2009

Power Tools
mstat
mrinfo
mtrace
ping
show Commands
show ip igmp groups
show ip igmp interface
show ip pim neighbor
show ip pim interface
show ip mroute summary
show ip mroute
show ip mroute active
show ip rpf
show ip mcache
show ip mroute count
show ip route
show ip pim rp mapping
debug Commands
debug ip igmp
debug ip mpacket
debug ip mrouting
debug ip pim

For more info see: http://www.cisco.com/en/US/tech/tk828/technologies_tech_note09186a0080093f21.shtml

Posted in Multicast | Leave a Comment »

OSPF LSA Types

Posted by Peter Kurdziel on March 22, 2009

Understanding all the OSPF LSA types is one of the keys to understanding OSPF, so its definatly worth me making a few notes on them

LSA type 1 - Router LSAs are sent from a router to other routers in the same area. It contains information regarding the routers interfaces in the same area, relevant interfaces IPs, its adjacent routers on those interfaces and sub networks

LSA type 2 - Network LSAs are generated by the DR on a multi access segment, and provides similar information to an LSA type 1 for the multi access segment and subnet which it belongs

LSA type 3 - Network Summary LSAs are generated by ABRs and contain the subnets & costs but omit the topological data from all subnets in one area and sent to another area via the ABR

LSA type 4 -ASBR summary LSAs are from ASBRs and are identical in structure to a type 3 LSA and sent when crossing an AS boundary

LSA type 5 -Are AS external LSAs which are originated by ASBRs and describe external networks

LSA type 6 - Is defined as a Group Membership LSA but not used in Cisco devices

LSA type 7 -NSSA External LSAs are generated by the ASBR in an NSSA area

LSA type 8 - Is defined as a External Attribute LSA but not used in Cisco devices

LSA types 9 to 11 - Defined as Opaque LSAs and are reserved for future expansion

Posted in OSPF | Leave a Comment »

Administrative distance

Posted by Peter Kurdziel on March 22, 2009

Route Source Default Distance Values
Connected interface 0
Static route 1
Enhanced Interior Gateway Routing Protocol (EIGRP) summary route 5
External Border Gateway Protocol (BGP) 20
Internal EIGRP 90
IGRP 100
OSPF 110
Intermediate System-to-Intermediate System (IS-IS) 115
Routing Information Protocol (RIP) 120
Exterior Gateway Protocol (EGP) 140
On Demand Routing (ODR) 160
External EIGRP 170
Internal BGP 200
Unknown* 255

 

* If the administrative distance is 255, the router does not believe the source of that route and does not install the route in the routing table.

Posted in Other | Leave a Comment »

Show Interfaces Serial Field Descriptions

Posted by Peter Kurdziel on March 22, 2009

Show Interfaces Serial Field Descriptions 

 

Field

Description

Serial…is {up | down}…is administratively down

Indicates whether the interface hardware is currently active (whether carrier detect is present) or whether it has been taken down by an administrator.

line protocol is {up | down}

Indicates whether the software processes that handle the line protocol consider the line usable (that is, whether keepalives are successful), or whether it has been taken down by an administrator.

Hardware is

Specifies the hardware type.

Internet address is

Specifies the Internet address and subnet mask.

MTU

Specifies the maximum transmission unit of the interface.

BW

Indicates the value of the bandwidth parameter that has been configured for the interface (in kilobits per second). The bandwidth parameter is used to compute IGRP metrics only. If the interface is attached to a serial line with a line speed that does not match the default (1536 or 1544 for T1, and 56 for a standard synchronous serial line), use the bandwidth command to specify the correct line speed for this serial line.

 

DLY

Gives the delay of the interface in microseconds.

rely

Expresses reliability of the interface as a fraction of 255 (255/255 is 100 percent reliability), calculated as an exponential average over 5 minutes.

load

Expresses load on the interface as a fraction of 255 (255/255 is completely saturated), calculated as an exponential average over five minutes.

Encapsulation

Gives the encapsulation method assigned to the interface.

loopback

Indicates whether loopback is set.

keepalive

Indicates whether keepalives are set.

Last input

Gives the number of hours, minutes, and seconds since the last packet was successfully received by an interface. Useful for knowing when a dead interface failed.

Last output

Gives the number of hours, minutes, and seconds since the last packet was successfully transmitted by an interface.

output hang

Gives the number of hours, minutes, and seconds (or never) since the interface was last reset because of a transmission that took too long. When the number of hours in any of the last fields exceeds 24, the number of days and hours is printed. If that field overflows, asterisks are printed.

Output queue, drops input queue, drops

Gives the number of packets in output and input queues. Each number is followed by a slash, the maximum size of the queue, and the number of packets because the queue is full.

5 minute input rate 5 minute output rate

Gives the average number of bits and packets transmitted per second in the past 5 minutes.

The 5-minute input and output rates should be used only as an approximation of traffic per second during a given 5-minute period. These rates are exponentially weighted averages with a time constant of 5 minutes. A period of four time constants must pass before the average will be within 2 percent of the instantaneous rate of a uniform stream of traffic over that period.

packets input

Gives the total number of error-free packets received by the system.

bytes

Gives the total number of bytes, including data and MAC encapsulation, in the error-free packets received by the system.

no buffer

Gives the number of received packets discarded because there was no buffer space in the main system. Compare with ignored count. Broadcast storms on Ethernet networks and bursts of noise on serial lines are often responsible for no input buffer events.

Received…broadcasts

Gives the total number of broadcast or multicast packets received by the interface.

runts

Gives the number of packets that are discarded because they are smaller than the medium’s minimum packet size.

Giants

Gives the number of packets that are discarded because they exceed the medium’s maximum packet size.

input errors

Gives the total number of no buffer, runts, giants, CRCs, frame, overrun, ignored, and abort counts. Other input-related errors can also increment the count, so this sum might not balance with the other counts.

CRC

The Cyclic Redundancy Check (CRC) counter is incremented by the originating station or far-end device when the checksum calculated from the data received does not match the checksum from the transmitted data. On a serial link, CRCs usually indicate noise, gain hits, or other transmission problems on the data link.

frame

Gives the number of packets received incorrectly, having a CRC error and a noninteger number of octets. On a serial line, this is usually the result of noise or other transmission problems.

overrun

Gives the number of times that the serial receiver hardware was incapable of handing received data to a hardware buffer because the input rate exceeded the receiver’s capability to handle the data.

ignored

Gives the number of received packets ignored by the interface because the interface hardware ran low on internal buffers. Broadcast storms and bursts of noise can cause the ignored count to be increased.

abort

Indicates an illegal sequence of 1 bit on a serial interface. This usually indicates a clocking problem between the serial interface and the data link equipment.

carrier transitions

Gives the number of times that the carrier detect signal of a serial interface has changed state. For example, if data carrier detect (DCD) goes down and comes up, the carrier transition counter will increment two times. This indicates modem or line problems if the carrier detect line is changing state often.

packets output

Gives the total number of messages transmitted by the system.

bytes output

Gives the total number of bytes, including data and MAC encapsulation, transmitted by the system.

underruns

Gives the number of times that the transmitter has been running faster than the router can handle. This might never be reported on some interfaces.

output errors

Gives the sum of all errors that prevented the final transmission of datagrams out of the interface being examined. Note that this might not balance with the sum of the enumerated output errors because some datagrams can have more than one error, and others can have errors that do not fall into any of the specifically tabulated categories.

collisions

Gives the number of messages retransmitted because of an Ethernet collision. This usually is the result of an overextended LAN (Ethernet or transceiver cable too long, more than two repeaters between stations, or too many cascaded multiport transceivers). Some collisions are normal. However, if your collision rate climbs to around 4 percent or 5 percent, you should consider verifying that there is no faulty equipment on the segment, or moving some existing stations to a new segment. A packet that collides is counted only once in output packets.

interface resets

Gives the number of times that an interface has been completely reset. This can happen if packets queued for transmission were not sent within several seconds. On a serial line, this can be caused by a malfunctioning modem that is not supplying the transmit clock signal, or by a cable problem. If the system notices that the carrier detect line of a serial interface is up but the line protocol is down, it periodically resets the interface in an effort to restart it. Interface resets can also occur when an interface is looped back or shut down.

restarts

Gives the number of times that the controller was restarted because of errors.

alarm indications, remote alarms, rx LOF, rx LOS

Gives the number of CSU/DSU alarms, and the number of occurrences of receive loss of frame and receive loss of signal.

BER inactive, NELR inactive, FELR inactive

Shows the status of G.703-E1 counters for bit error rate (BER) alarm, near-end loop remote (NELR), and far-end loop remote (FELR). Note that you cannot set the NELR or FELR.

 

Posted in Other, Troubleshooting | Leave a Comment »

Serial lines: Adjusting Buffers / Implementing Hold Queue Limits / Using Priority Queuing to Reduce Bottlenecks

Posted by Peter Kurdziel on March 22, 2009

 Adjusting Buffers

Excessively high bandwidth utilization greater than 70 percent results in reduced overall performance and can cause intermittent failures. For example, DECnet file transmissions might be failing because of packets being dropped somewhere in the network.

If the situation is bad enough, you must increase the bandwidth of the link. However, increasing the bandwidth might not be necessary or immediately practical. One way to resolve marginal serial line overutilization problems is to control how the router uses data buffers.

Caution In general, do not adjust system buffers unless you are working closely with a Cisco technical support representative. You can severely affect the performance of your hardware and your network if you incorrectly adjust the system buffers on your router.

Use one of the following three options to control how buffers are used:

Adjust parameters associated with system buffers.

Specify the number of packets held in input or output queues (hold queues).

Prioritize how traffic is queued for transmission (priority output queuing).

The configuration commands associated with these options are described in the Cisco IOS configuration guides and command references.

The following section focuses on identifying situations in which these options are likely to apply and defining how you can use these options to help resolve connectivity and performance problems in serial/WAN interconnections.

Tuning System Buffers

There are two general buffer types on Cisco routers: hardware buffers and system buffers. Only the system buffers are directly configurable by system administrators. The hardware buffers are specifically used as the receive and transmit buffers associated with each interface and (in the absence of any special configuration) are dynamically managed by the system software itself.

The system buffers are associated with the main system memory and are allocated to different-size memory blocks. A useful command for determining the status of your system buffers is the show buffers exec command. Figure 15-8 shows the output from the show buffers command.

Figure 15-8 show buffers Command Output

 

In the show buffers output, the following is true:

total identifies the total number of buffers in the pool, including used and unused buffers.

permanent identifies the permanent number of allocated buffers in the pool. These buffers are always in the pool and cannot be trimmed away.

in free list identifies the number of buffers currently in the pool that are available for use.

min identifies the minimum number of buffers that the route processor (RP) should attempt to keep in the free list:

The min parameter is used to anticipate demand for buffers from the pool at any given time.

If the number of buffers in the free list falls below the min value, the RP attempts to create more buffers for that pool.

max allowed identifies the maximum number of buffers allowed in the free list:

The max allowed parameter prevents a pool from monopolizing buffers that it doesn’t need anymore, and frees this memory back to the system for further use.

If the number of buffers in the free list is greater than the max allowed value, the RP should attempt to trim buffers from the pool.

hits identifies the number of buffers that have been requested from the pool. The hits counter provides a mechanism for determining which pool must meet the highest demand for buffers.

misses identifies the number of times that a buffer has been requested and that the RP detected that additional buffers were required. (In other words, the number of buffers in the free list has dropped below min.) The misses counter represents the number of times that the RP has been forced to create additional buffers.

trims identifies the number of buffers that the RP has trimmed from the pool when the number of buffers in the free list exceeded the number of max allowed buffers.

created identifies the number of buffers that has been created in the pool. The RP creates buffers when demand for buffers has increased until the number of buffers in the free list is less than min buffers or a miss occurs because of zero buffers in the free list.

failures identifies the number of failures to grant a buffer to a requester even after attempting to create an additional buffer. The number of failures represents the number of packets that have been dropped due to buffer shortage.

no memory identifies the number of failures caused by insufficient memory to create additional buffers.

The show buffers command output in Figure 15-8 indicates high numbers in the Trims and Created fields for large buffers. If you are receiving high numbers in these fields, you can increase your serial link performance by increasing the max free value configured for your system buffers. trims identifies the number of buffers that the RP has trimmed from the pool when the number of buffers in free list exceeded the number of max allowed buffers.

Use the buffers max free number global configuration command to increase the number of free system buffers. The value that you configure should be approximately 150 percent of the figure indicated in the total field of the show buffers command output. Repeat this process until the show buffers output no longer indicates trims and created buffers.

If the show buffers command output shows a large number of failures in the (no memory) field (see the last line of output in Figure 15-8), you must reduce the usage of the system buffers or increase the amount of shared or main memory (physical RAM) on the router. Call your technical support representative for assistance.

Implementing Hold Queue Limits

Hold queues are buffers used by each router interface to store outgoing or incoming packets. Use the hold-queue interface configuration command to increase the number of data packets queued before the router will drop packets. Increase these queues by small increments (for instance, 25 percent) until you no longer see drops in the show interfaces output. The default output hold queue limit is 100 packets.

Note The hold-queue command is used for process-switched packets and periodic updates generated by the router.

Use the hold-queue command to prevent packets from being dropped and to improve serial link performance under the following conditions:

You have an application that cannot tolerate drops, and the protocol is capable of tolerating longer delays. DECnet is an example of a protocol that meets both criteria. Local-area transport (LAT) does not meet this criteria because it does not tolerate delays.

The interface is very slow (bandwidth is low or anticipated utilization is likely to sporadically exceed available bandwidth).

Note When you increase the number specified for an output hold queue, you might need to increase the number of system buffers. The value used depends on the size of the packets associated with the traffic anticipated for the network.

Using Priority Queuing to Reduce Bottlenecks

Priority queuing is a list-based control mechanism that allows traffic to be prioritized on an interface-by-interface basis. Priority queuing involves two steps:

Step 1 Create a priority list by protocol type and level of priority.

Step 2 Assign the priority list to a specific interface.

Both of these steps use versions of the priority-list global configuration command. In addition, further traffic control can be applied by referencing access-list global configuration commands from priority-list specifications. For examples of defining priority lists and for details about command syntax associated with priority queuing, refer to the Cisco IOS configuration guides and command references.

Note Priority queuing automatically creates four hold queues of varying size. This overrides any hold queue specification included in your configuration.

Use priority queuing to prevent packets from being dropped and to improve serial link performance under the following conditions:

When the interface is slow, a variety of traffic types are being transmitted, and you want to improve terminal traffic performance

If you have a serial link that is intermittently experiencing very heavy loads (such as file transfers occurring at specific times), and priority queuing will help select which types of traffic should be discarded at high traffic periods

In general, start with the default number of queues when implementing priority queues. After enabling priority queuing, monitor output drops with the show interfaces serial exec command. If you notice that output drops are occurring in the traffic queue that you have specified to be high priority, increase the number of packets that can be queued (using the queue-limit keyword option of the priority-list global configuration command). The default queue-limit arguments are 20 packets for the high-priority queue, 40 for medium, 60 for normal, and 80 for low.

Note When bridging Digital Equipment Corporation (Digital) LAT traffic, the router must drop very few packets, or LAT sessions can terminate unexpectedly. A high-priority queue depth of about 100 (specified with the queue-limit keyword) is a typical working value when your router is dropping output packets and the serial lines are subjected to about 50 percent bandwidth utilization. If the router is dropping packets and is at 100 percent utilization, you need another line.

Another tool to relieve congestion when bridging Digital LAT is LAT compression. You can implement LAT compression with the interface configuration command bridge-group group lat-compression

Posted in Other, Troubleshooting | Leave a Comment »

« Previous Entries
 
Follow

Get every new post delivered to your Inbox.