Great videos from Cisco Learning Network
For Spanning Tree Protocol ( 802.1d)
For Rapid Spanning Tree Protocol ( 802.1w)
Great videos from Cisco Learning Network
For Spanning Tree Protocol ( 802.1d)
For Rapid Spanning Tree Protocol ( 802.1w)
Gateway load balancing protocol performs similar function to HSRP and VRRP. In both HSRP and VRRP, group of routers participating in first hop-redundancy has one Active and can have multiple Client routers. At one single time, traffic is being passed through Active router, leaving client routers with unused bandwidth. Client routers will only become active once Active router in a group fails. We can create multiple groups and create different active routers but it results in extra administrative burden.
GLBP on the other hand can provide load balancing over multiple routers (gateways) using a Single Virtual IP and multiple Virtual mac-addresses. The bandwidth/traffic load is shared between multiple routers participating in the group rather than being handled by a single active router.
Following are the important points conceptually for GLBP.
R2(config-if)#glbp 1 load-balancing ?
host-dependent Load balance equally, source MAC determines forwarder choice
round-robin Load balance equally using each forwarder in turn
weighted Load balance in proportion to forwarder weighting
There are three different types of Load balancing algorithms in GLBP.
Steps for configuring GLBP
How fast can you really go using a given media and protocol stack? We examine how much bandwidth is left for applications.
Ethernet frame format:
Ethernet overhead bytes: 12 gap + 8 preamble + 14 header + 4 trailer = 38 bytes/packet w/o 802.1q 12 gap + 8 preamble + 18 header + 4 trailer = 42 bytes/packet with 802.1q Ethernet Payload data rates are thus: 1500/(38+1500) = 97.5293 % w/o 802.1q tags 1500/(42+1500) = 97.2763 % with 802.1q tags TCP over Ethernet: Assuming no header compression (e.g. not PPP) Add 20 IPv4 header or 40 IPv6 header (no options) Add 20 TCP header Add 12 bytes optional TCP timestamps Max TCP Payload data rates over ethernet are thus: (1500-40)/(38+1500) = 94.9285 % IPv4, minimal headers (1500-52)/(38+1500) = 94.1482 % IPv4, TCP timestamps (1500-52)/(42+1500) = 93.9040 % 802.1q, IPv4, TCP timestamps (1500-60)/(38+1500) = 93.6281 % IPv6, minimal headers (1500-72)/(38+1500) = 92.8479 % IPv6, TCP timestamps (1500-72)/(42+1500) = 92.6070 % 802.1q, IPv6, ICP timestamps UDP over Ethernet: Add 20 IPv4 header or 40 IPv6 header (no options) Add 8 UDP header Max UDP Payload data rates over ethernet are thus: (1500-28)/(38+1500) = 95.7087 % IPv4 (1500-28)/(42+1500) = 95.4604 % 802.1q, IPv4 (1500-48)/(38+1500) = 94.4083 % IPv6 (1500-48)/(42+1500) = 94.1634 % 802.1q, IPv6
An excellent source of ethernet information is Charles Spurgeon’s Ethernet Web Site.
Gigabit ethernet is exactly 10 times faster than 100 Mbps ethernet, so for standard 1500 byte frames, the numbers above all apply, multiplied by 10. Many GigE devices however allow “jumbo frames” larger than 1500 bytes. The most common figure being 9000 bytes. For 9000 byte jumbo frames, potential GigE throughput becomes (from Bill Fink, the author of nuttcp):
Theoretical maximum TCP throughput on GigE using jumbo frames: (9000-20-20-12)/(9000+14+4+7+1+12)*1000000000/1000000 = 990.042 Mbps | | | | | | | | | | | | MTU | | | MTU | | | | | GigE Mbps | | | | | | | | IP | | Ethernet | | | | InterFrame Gap (IFG), aka Header | | Header | | | | InterPacket Gap (IPG), is | | | | | | a minimum of 96 bit times TCP | FCS | | | from the last bit of the Header | | | | FCS to the first bit of | Preamble | | the preamble TCP | | Options Start | (Timestamp) Frame | Delimiter | (SFD) | | Inter Frame Gap (IFG) Theoretical maximum UDP throughput on GigE using jumbo frames: (9000-20-8)/(9000+14+4+7+1+12)*1000000000/1000000 = 992.697 Mbps Theoretical maximum TCP throughput on GigE without using jumbo frames: (1500-20-20-12)/(1500+14+4+7+1+12)*1000000000/1000000 = 941.482 Mbps Theoretical maximum UDP throughput on GigE without using jumbo frames: (1500-20-8)/(1500+14+4+7+1+12)*1000000000/1000000 = 957.087 Mbps
An excellent paper on ATM overhead was written by John Cavanaugh of MSC. A postscript copy can be found here. Based on that paper:
-------------------------- DS3 ------------------------------ Line Rate 44.736 Mbps PLCP Payload 40.704 (avail to ATM) ATM Payload 36.864 (avail to AAL) MTU=576 MTU=9180 MTU=65527 AAL5 Payload 34.501 36.752 36.845 (avail to LLC/SNAP) LLC/SNAP Payload 34.028 36.720 36.841 (avail to IP) IP Payload 32.847 36.640 36.830 (avail to transport) UDP Payload 32.374 36.608 36.825 (avail to application) TCP Payload 31.665 36.560 36.818 (avail to application) -------------------------- OC-3c ------------------------------ Line Rate 155.520 Mbps SONET Payload 149.760 (avail to ATM) ATM Payload 135.632 (avail to AAL) MTU=576 MTU=9180 MTU=65527 AAL5 Payload 126.937 135.220 135.563 (avail to LLC/SNAP) LLC/SNAP Payload 125.198 135.102 135.547 (avail to IP) IP Payload 120.851 134.808 135.506 (avail to transport) UDP Payload 119.112 134.690 135.489 (avail to application) TCP Payload 116.504 134.513 135.464 (avail to application) -------------------------- OC-12c ----------------------------- Line Rate 622.080 Mbps SONET Payload 600.768 (avail to ATM) ATM Payload 544.092 (avail to AAL) MTU=576 MTU=9180 MTU=65527 AAL5 Payload 509.214 542.439 543.818 (avail to LLC/SNAP) LLC/SNAP Payload 502.239 541.966 543.752 (avail to IP) IP Payload 484.800 540.786 543.586 (avail to transport) UDP Payload 477.824 540.313 543.519 (avail to application) TCP Payload 467.361 539.605 543.420 (avail to application)
On the physical layer (single pt-to-pt hop), one out of every 27 cells is an OAM cell. The above calculations don’t take that into account, but that’s another 3.7% reduction!
We should add calculations for ping packets and 1500 byte packets.
So what is the largest packet that we can fit in a single ATM cell? If you are using AAL5, you have a 40 byte payload to work with. For IPv4, you could have a 20 byte header + a 20 byte IP payload. A UDP or ICMP payload could be up to 12 bytes (both use 8 bytes after the IP header). So a “ping -s8” through “ping -s12” should fit in one ATM cell and still give you a round trip time.
Packet over SONET (POS) uses PPP with HDLC to frame IP packets. These add a five byte header and a four byte trailer under normal circumstances. No padding is required, except for any possible idle time between packets. Byte stuffing is used (see notes below) which can expand the length of the POS frame.
Flag Byte (0x7e) Address Byte (0xff = all stations) Control Byte (0x03 = Unnumbered Information) Protocol - 2 bytes, 1 byte if compressed + Payload - 0-MRU bytes | PPP part Padding - 0+ bytes + Frame Check Sequence (FCS) - 4 bytes (2 in limited cases) Flag Byte (0x7e) [Interframe fill or next Address]
HDLC has no set frame size limit, nor does PPP specify the payload size, you just keep reading until you see a Flag byte. PPP however specifies that the Maximum Receive Unit (MRU) default is 1500 bytes and that other sizes can be negotiated using LCP. These LCP messages have a 16-bit length field, so a properly negotiated maximum payload would be 65535 bytes. [It would be possible to configure a sender/receiver pair to go beyond 65535 and simply not negotiate a size with LCP. No one does this however.] Most POS hardware seems to have a 4470 or 9180 byte MRU.
So we get:
-------------------------- OC-3c ------------------------------ Line Rate 155.520 Mbps SONET Payload 149.760 (avail to POS) POS Payload *** to do *** (avail to IP) etc. -------------------------- OC-12c ----------------------------- Line Rate 622.080 Mbps SONET Payload 600.768 (avail to POS) MTU=1500 MTU=9000 POS Payload (no stuff) 597.185 600.168 (avail to IP) 9 overhead POS Payload (rnd stuff) 592.583 595.520 20.71875 overhead POS Payload (max stuff) 299.486 300.234 1509 overhead ~TCP Payload w/ts rnd 572.040 592.079
Frame Relay (FR) encapsulation can be used on POS instead of HDLC/PPP. There are not any RFC’s about Frame Relay over SONET, nor does the Multiprotocol over Frame Relay RFC1490 discuss SONET or POS, but Cisco starting doing this and others have followed.
A new way to do POS uses PPP over GFP-F (Generic Framing Proceedure, Framed) instead of HDLC. In both the HDLC and GFP-F cases, SONET / SDH VCAT (Virtual Concatenation) is used. GFP-F also allows Ethernet frames (100, GE and 10GE) and Resilient Packet Ring (RPR) frames to be sent over SONET/SDH VCAT. GFP can also map to G.709 (part of the Optical Transport Network (OTN) series).
A GFP User Frame:
A PLI of 0-3 indicates a GFP control frame. cHEC is a CRC-16 that protects the core header only (single bit error correction, multi bit error detection).
Multi-Protocol Label Switching (MPLS) adds four bytes to every frame. As described in RFC3032 the 32-bit label includes:
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Label | Label | Exp |S| TTL | Stack +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Entry Label: Label Value, 20 bits Exp: Experimental Use, 3 bits S: Bottom of Stack, 1 bit TTL: Time to Live, 8 bits
To reflect the growth of the network as a service platform, Cisco is revising the certification requirements for CCIE Routing & Switching (CCIE R&S)–the expert level certification for network engineers. The new requirements were developed with assistance from Cisco enterprise customers and reflect the expectations of employers across industries.
The competencies required for CCIE R&S v4.0 certification were released on May 5, 2009, and are available on the Cisco Learning Network under the CCIE R&S v4.0 Written Exam topics and CCIE R&S v4.0 Lab Exam topics. Exams based on the new requirements are scheduled for release on October 18, 2009, and will immediately replace the currently available v3.0 exams. Candidates who plan to take their exams on October 18, 2009, or later should prepare using the new v4.0 exam topics.
Both the written and lab exams will be refreshed with new questions and will cover MPLS and VPN networking. The written exam will add scenario-based questions to the multiple choice questions, and the lab will now require hands-on troubleshooting of preconfigured networks, in addition to configuration. Exam duration and pricing will remain the same, with the two-hour written exam at USD$350 and the eight-hour lab at USD$1400.
A beta version of the new CCIE R&S v4.0 written exam (351-001) will be available to all customers in the July–August 2009 timeframe at a discounted price of USD$50. An announcement will be made when scheduling begins.
Cisco 360 Learning Program components aligned to the new CCIE R&S certification standards will be available on May 11, 2009. All current students will have access to the new materials throughout their subscription period. New materials include additional lessons on MPLS and troubleshooting, enhanced coverage of these topics in the instructor-led workshops, an updated Practice Lab Workbook for self-paced practice, and new Performance Assessments that gauge skill level and offer mentoring feedback.
CCIE Assessor, the first CCIE R&S practice lab, will be retired on June 5, 2009, and will be replaced by the 10 eight-hour assessment labs available through the Cisco 360 Learning Program. Find out more
1 – Q: What exactly is being changed on the CCIE R&S written exam?
A: The CCIE R&S v4.0 written exam will be refreshed with new questions to reflect the current job role expectations of employers. Scenario-based questions will be added to the multiple choice questions. New topics include the skills associated with planning and evaluating network changes, implementing MPLS, Layer 3 VPN, IPv6, EIGRP and multicast; and configuring performance-based routing. More information is available on the CCIE Written Exam Overview page.
2 – Q: What exactly is being changed on the CCIE R&S lab exam?
A: The CCIE R&S v4.0 lab exam will be refreshed with new questions to reflect the current job role expectations of employers. The equipment in the testing lab will be updated with Cisco 1800 and 3800 Series Integrated Services Routers running Cisco IOS® Software Version 12.4(T) and Cisco Catalyst® 3560 Series Switches running Cisco IOS Version 12.2 Advanced IP Services. The biggest change will be the testing of hands-on troubleshooting for the first two hours of the eight-hour exam. Candidates will be presented with a series of trouble tickets for preconfigured networks, and they will need to diagnose and resolve the network fault or faults—a realistic and challenging job task. Candidates who finish the troubleshooting section early can move on to the configuration section, but they will not be allowed to go back to the troubleshooting section, since their equipment will need to be reinitialized for the configuration portion of the exam.
To make time for new material, CCIE R&S v4.0 exams will put less emphasis on equipment operation and concepts generally understood at the professional level. These skills are still assumed, but will not be the sole objective of CCIE test questions. Go to the Lab Exam Study/Learn section for more information.
3 – Q: Now that the CCIE R&S v4.0 has been announced, can I still take the CCIE R&S v3.0 exam? How long will it be valid?
A: The CCIE R&S v3.0 written exam will be available through October 17, 2009, at all Pearson VUE testing centers. Passing the v3.0 written exam qualifies a candidate to take any available version of the CCIE R&S lab exam. As with all CCIE written exams, a passing score on v3.0 written exam will remain valid for three years, as long as the candidate attempts the lab exam once within the first 18 months. If the lab is not attempted, the written exam becomes invalid and the candidate will have to retest using whatever written exam is available at that time.
4 – Q: If I take the CCIE R&S written beta test in July or August 2009, will I still be able to schedule the CCIE R&S v3.0 lab exam?
A: Scores on CCIE written beta tests are not available until 4 to 6 weeks after the close of the beta period. At this time, there is no guarantee the CCIE R&S v3.0 lab exam will still be available when a beta test candidate receives his or her score. Beta testers should plan on taking the CCIE R&S v4.0 lab test to achieve certification.
5 – Q: If I don’t pass the CCIE R&S v4.0 written beta exam, can I take it again in five days?
A: No, a candidate can only take a CCIE written beta test once during the beta testing period.
6 – Q: Will there be any changes to the recently-added Core Knowledge portion of the exam, the part with the short-answer questions?
A: The questions in the Core Knowledge section of the lab exam may cover any area on the CCIE R&S v4.0 Lab Exam topics.
7 – Q: What can a candidate expect in the troubleshooting portion of the lab exam?
A: Troubleshooting is allotted two of the eight hours required for the CCIE lab exam. Candidates will be presented with a series of trouble tickets for preconfigured networks and will need to diagnose and resolve the fault or faults. As with previous CCIE labs, the network will need to be up and running for the candidate to receive credit. Candidates who finish the troubleshooting section early can move on to the configuration section, but they will not be allowed to go back to the troubleshooting section.
8 – Q: Does a candidate have to pass both the troubleshooting and configuration sections in order to pass the entire CCIE R&S v4.0 lab exam and earn a CCIE?
A: Candidates will receive a single pass/fail grade on the entire exam, including both configuration and troubleshooting. Failing score reports will give an indication of where the candidate scored lower, to help the candidate prepare for another attempt.
9 – Q: Will the CCIE R&S mobile lab exam also be updated?
A: Yes, CCIE R&S mobile labs use the same lab version as Cisco office locations, and they will switch to the v4.0 lab exam on October 18, 2009 as well.
10 – Q: Which exam will be used for recertification?
A: As of October 18, 2009, CCIEs who take the CCIE R&S written exam for recertification will be given the v4.0 exam and should prepare using the exam topics found on the Cisco Learning Network.
11 – Q: Are the previous Cisco 360 components applicable to the CCIE R&S v4.0 exams? Should candidates studying for CCIE R&S v4.0 exams wait for the new Cisco 360 materials to begin work?
A: The learning components available at first launch of Cisco 360 are still relevant to candidates studying for the CCIE R&S v4.0 certification exams. No Cisco 360 Learning Program components are being retired. There is no need for candidates to wait for revised Cisco 360 material to begin their study and practice. The subscription model ensures that Cisco 360 customers can take advantage of all new content as it is released and do not need to wait.
One of my old student who is preparing for CCNP asked me on how to write an access-list for permitting/denying even or odd networks. So I am just pasting my email reply to him
Here is a simple tip to write an access-list for even or odd networks.
Lets say we are asked to permit all odd or permit all even for 192.168.1.0/24 ?
We’ll play the game with last octet or I should say the least significant bit of last octet.
-If it is 0, the IP address will be Even
-If it is 1, the IP address will be Odd
192.168.1.00000001 = 192.168.1.1 – odd
192.168.1.00000011 = 192.168.1.3 – odd
192.168.1.00000010 = 192.168.1.2 even
192.168.1.00000100 = 192.168.1.4 even
FOR Even Networks
The IP address will be 192.168.1.0
With the wild card mask as 0.0.0.254
254 = 11111110
Here, 0 means DO CARE of the last bit in IP address (must be ZERO)
Hence ACL will be
access-list 1 permit 192.168.1.0 0.0.0.254
For Odd Networks
The IP address will be 192.168.1.1
With the wild card mask as 0.0.0.254
254 = 11111110
Here, 0 means DO CARE of the last bit in IP address (must be ONE)
Hence ACL will be
access-list 1 permit 192.168.1.1 0.0.0.254
Sorry for posting late, Narbiks bootcamp was fun. Its worth attending his bootcamp if you are somewhere in the mid-tier of your CCIE preparation. Narbik recommends to cover Soups-to-nuts before you attend his bootcamp and he is right., otherwise it can be too much of information for you in 5 Days. Here is what he covered in last three days.
Day 3:- BGP
It was a big day for me. Day 3 is a BGP day, youy have almost 200 pages worth of BGP labs. Narbik’s BGP lecture style is totally different then the conventional CCIE Instructors. He doesn’t start BGP with Attributes or BGP states. He attacks on BGP optimization and then buiold you towards attributes and other advance topics. Simply awesome. He will start with MSS ( Maximum segment size) , Scan time, Advertising Interval and then take you to Memory pools, templates and Peer-groups. At last he will talk about BGP states, Aggregation, Attributes and some awesome route-filtering techniques. I will say that was my best BGP class.
Day 4:- RIPv2 and QoS
Another big day which was dedicated to Qos and 2 hours worth of lecture for RIP v2. He showed what RIPv2 is worth of. People normally ignore RIP but if you know what all you can do with RIP. You will never be disappointed to use it for your small size network. He covered optimization, RIP updates,Filtering,redistribution,authentication building it on some advanced scenarios.
Qos was never my strong topic, although I am using it regularly in my job but I always struggled on few advanced topics. I should not have a problem in Qos after attending Narbik’s lecture. Narbik started Qos with Queuing. He covered, CBWFQ, LLQ, filtering,CBWRED,Shaping, CAR,policing and SRR. Pretty good lecture indeed!
FInal Day ( Day 5 Multicast and CCIE lab tips).
Narbik covered multicast Addressing, Delievery Methods, Manipulating MCast Traffic, Dense,sparse modes, MSDP,ANycast and udp helper. I still have to work on Multicast labs but I am sure I can practice on it and grasp what I need most for my Lab.
As I am going through Narbik’s Advance 6 volume CCIE workbooks, I will try to post tips and tricks on various technologies going forward.
Cuil can be a great tool for searching cisco related docs on the web. It claims to have a better indexing and largest database then any available search engine 🙂
Here is a small review from cnet.
I was all geared up for my CCIE R&S lab in san jose. I was a bit nervous as most of my lab practice came from job experience, plus some online workbook scenarios. Not to mention that I relied more or less on a non-conventional style of study. Dynamips was definitely a great help especially if you are running your dynamips on UBuntu Linux ( I love it).
I arrived in San Jose 2 days before my lab, and tried to manage my stress and jet lag. I promised myself that I would not look back in to my notes, but guess what i was so stressed that I started looking back in to my Qos,multicast and IP securtiy notes. I tried to have a good night sleep before the exam, but I was not able to sleep. I was getting cisco dreams all night.
I woke up at 6:30 in the morning and got ready for the exam, I had a yogurt for my breakfast as it was my wife’s suggestion. Arrived at site, checked in and the front desk guy asked for my ID, then he checked me in with other candidates waiting in the lobby. I could see some going through notes and other just confused and lost. Proctor arrived at 8:15 and he acquainted us with rules and regulations.
by the lunch hour I was pretty confident as i thought I was doing well but right after the lunch I had some doubts, I skipped a few questions and moved on to the next. I finished rest of the tasks and the time was already 4:30. 30 minutes to go and i had still few tasks left which i had skipped earlier. I went back to the tasks and tried to finish all of them. By the time I finished all the tasks , my time was up.
I came out still confident and with a great hope that I would clear the lab. I was awake again whole night as the proctor told me that I would get a result the next morning. I checked my mail almost three times in the night but nothing fruitful came out of it. In the morning at almost 7:15 AM, I checked my mail again and I could see a mail from cisco. I logged in to Cisco with my CCO id, my heart was beating fast. To my surprise, I could see FAIL next to my score. What went wrong , I asked myself. My technology score was black and white enough to show me where I messed up.
For my secont attempt, I’ve signed up for Narbik’s bootcamp in June, and am planning to retry my lab within a few weeks of completing the bootcamp.
I came across a great resource, Cisco-centric Open Source Community (COSI). COSI is an Internet-based community that develops free Cisco tools and makes them available for download from its Web site. There are almost 50 utilities available for download. The scripts and utilities all include documentation, and the community has developed all of these tools to work with Cisco IOS routers, switches, firewalls, or CiscoWorks management software.
COSI’s Web site also offers other advantages. Clicking the link to download a script takes you to a community download page, which also features discussion forums for questions and support of these tools. It’s important to remember that Cisco’s Technical Assistance Center (TAC) doesn’t support these tools, so you must count on your own skills and the help of others in the community.
A tradeoff: These tools are not ideal for new Cisco IOS users or anyone who doesn’t have some Linux experience. Many of these tools help automate more advanced Cisco admin tasks when administering a midsize to large Cisco network