Posts Tagged ‘pass’

To pass the BSCI exam and become a CCNP, you have to be aware of the proper use of passive interfaces. You learned about passive interfaces in your CCNA studies, but here we’ll review the basic concept and clear up one misconception regarding passive interfaces and OSPF.

Configuring an interface as passive will still allow the interface to receive routing updates, but the interface will no longer transmit them. While the command itself would make you think this command will be applied at the interface level, that is not the case. Below, we’ll configure ethernet0 as a RIP passive interface.

R1(config)#router rip

R1(config-router)#passive-interface ethernet0

Ethernet0 will no longer send RIP routing updates, but will accept them.

The passive interface concept is clear enough with RIP, IGRP, and EIGRP – all protocols that send routing update packets. But OSPF doesn’t send routing update packets – OSPF sends link state advertisements. It’s the inability of the passive interface command to stop LSAs that lead many to think that passive interfaces cannot be used with OSPF. Read the rest of this entry »

Your BSCI exam and CCNP certification success depend on mastering BGP, and a big part of that is knowing how and when to use the many BGP attributes. And for those of you with an eye on the CCIE, believe me – you’ve got to know BGP attributes like the back of your hand. One such BGP attribute is the Multi-Exit Discriminator, or MED.

The MED attribute is sent from a router or routers in one AS to another AS to indicate what path the remote AS should use to send data to the local AS.

That sounds a little confusing on paper, so let’s walk through an example. R1 is in AS 1, and R2, R3, and R4 are in AS 234. R4 is advertising a loopback into BGP, and R1 has two possible next-hops to get to that loopback – R2 (172.12.123.2) and R3 (172.12.123.3). Let’s see which of the two paths R1 is using.

R1#show ip bgp 4.4.4.4

BGP routing table entry for 4.4.4.4/32, version 8

Paths: (2 available, best #2, table Default-IP-Routing-Table)

Flag: 0×208

Advertised to non peer-group peers:

172.12.123.3
Read the rest of this entry »

To pass the BSCI exam and earn your CCNP, you’ve got to keep a lot of details in mind. It’s easy to overlook the “simpler” protocols and services such as static routing and distance vector protocols. With this in mind, here’s a quick review of some details you should know for success in the exam room and real-world networks!

When packets need to be routed, the routing table is parsed for the longest prefix match if multiple paths exist with the same prefix length, the route with the lowest AD is preferred. If there are still multiple valid paths, equal-cost load-sharing goes into effect.

The ip route command is used to create static routes the command ip route 0.0.0.0 0.0.0.0 < next-hop-IP or local exit interface> creates a default static route.

A static route with a next-hop IP address has an AD of one, while a static route with a local exit interface has an AD of zero.

A floating static route is a static route with an AD higher than that of the dynamic routing protocols running on the router, ensuring that the static route can only be used if the routing protocol goes down.

On-Demand Routing (ODR) is only appropriate in a hub-and-spoke network. The spokes effectively become stub routers. ODR uses Cisco Discovery Protocol (CDP) to send route information.

To propagate a default route with IP routing, use the ip default-network command. To do so with IP routing disabled, use ip default-gateway. You can also redistribute a static route into most protocols, but not IGRP. IGRP does not understand a static route to 0.0.0.0.
Read the rest of this entry »

When you earned your CCNA, you thought you learned everything there is to know about RIP. Close, but not quite! There are some additional details you need to know to pass the BSCI exam and get one step closer to the CCNP exam, and one of those involves RIP update packet authentication.

You’re familiar with some advantages of using RIPv2 over RIPv1, support for VLSM chief among them. But one advantage that you’re not introduced to in your CCNA studies is the ability to configure routing update packet authentication.

You have two options, clear text and MD5. Clear text is just that – a clear text password that is visible by anyone who can pick a packet off the wire. If you’re going to go to the trouble of configuring update authentication, you should use MD5. The MD stands for “Message Digest”, and this is the algorithm that produces the hash value for the password that will be contained in the update packets.

Not only must the routers agree on the password, they must agree on the authentication method. If one router sends an MD5-hashed password to another router that is configured for clear-text authentication, the update will not be accepted. debug ip rip is a great command for troubleshooting authenticated updates.

R1, R2, and R3 are running RIP over a frame relay cloud. Here is how RIP authentication would be configured on these three routers.

R1#conf t

R1(config)#key chain RIP

< The key chain can have any name. >

R1(config-keychain)#key 1

< Key chains can have multiple keys. Number them carefully when using multiples. >

R1(config-keychain-key)#key-string CISCO

< This is the text string the key will use for authentication. >

R1(config)#int s0

R1(config-if)#ip rip authentication mode text

< The interface will use clear-text mode. >
Read the rest of this entry »