Category Archives: Routing

My Recap from Cisco Vegas 2016

Let’s make it clear, i wish to be there! I read really some cool stuff this year in www.ciscolive.com, and i want to share with you my favourite topics:

  • Cisco HyperFlex Systems
  • Cisco Tetration Analytics
  • Cisco Spark
  • Cisco DNA
  • Security Related (Ransomware,etc)

References:

IO Visor Project

BRKCOM-1125 – Hyper-converged Computing

 PSODCN-2375 – Introduction to Cisco HyperFlex Systems )

Cisco Tetration Analytics Data Sheet – Cisco

PSOACI-2100 – Cisco Tetration Analytics: Real-time application visibility and policy management

BRKCOL-2235_Spark Call Extending Spark with Business-Class Communications

BRKSEC-2002 – It’s Cats vs Rats in the Attack Kill Chain!

BRKSEC-2010 – Emerging Threats – The State of Cyber Security

BRKDCT-3001 Leveraging Micro Segmentation to Build Comprehensive Data Center Security Architecture

Share

BGP Free Core

“BGP Free Core” is a typical topology in MPLS Service Provider Networks where you run IGP+Label. This allows traffic to transit over devices which don’t know traffic final destination, instead they look only for labels, bring more performance at the end. MPLS allow applications such as L2VPN, L3VPN and much more.

bgp-free-core

Normal Forwarding

In normal forwarding traffic towards to destination will go hop-by-hop (lookup next-hop) until reach destination

R4#show ip route
Codes: L – local, C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route, H – NHRP, l – LISP
a – application route
+ – replicated route, % – next hop override

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 20 subnets, 2 masks
i L2     10.1.1.1/32 [115/30] via 10.4.12.12, 00:13:18, GigabitEthernet1.412
[115/30] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
i L2     10.1.2.0/24 [115/20] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
i L2     10.1.11.0/24 [115/30] via 10.4.12.12, 00:13:18, GigabitEthernet1.412
[115/30] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
i L2     10.1.12.0/24 [115/20] via 10.4.12.12, 00:15:50, GigabitEthernet1.412
i L2     10.2.2.2/32 [115/20] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
C        10.2.4.0/24 is directly connected, GigabitEthernet1.24
L        10.2.4.4/32 is directly connected, GigabitEthernet1.24
i L2     10.2.11.0/24 [115/20] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
i L2     10.2.12.0/24 [115/20] via 10.4.12.12, 00:13:18, GigabitEthernet1.412
[115/20] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
i L2     10.2.13.0/24 [115/20] via 10.4.13.13, 00:13:18, GigabitEthernet1.413
[115/20] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
C        10.4.4.4/32 is directly connected, Loopback0
C        10.4.12.0/24 is directly connected, GigabitEthernet1.412
L        10.4.12.4/32 is directly connected, GigabitEthernet1.412
C        10.4.13.0/24 is directly connected, GigabitEthernet1.413
L        10.4.13.4/32 is directly connected, GigabitEthernet1.413
i L2     10.11.11.11/32
[115/30] via 10.4.12.12, 00:13:18, GigabitEthernet1.412
[115/30] via 10.2.4.2, 00:13:18, GigabitEthernet1.24
i L2     10.11.12.0/24 [115/20] via 10.4.12.12, 00:15:50, GigabitEthernet1.412
i L2     10.12.12.12/32
[115/20] via 10.4.12.12, 00:15:50, GigabitEthernet1.412
i L2     10.12.13.0/24 [115/20] via 10.4.13.13, 00:15:50, GigabitEthernet1.413
[115/20] via 10.4.12.12, 00:15:50, GigabitEthernet1.412
i L2     10.13.13.13/32
[115/20] via 10.4.13.13, 00:15:50, GigabitEthernet1.413

R4#show ip cef
Prefix               Next Hop             Interface
0.0.0.0/0            no route
0.0.0.0/8            drop
0.0.0.0/32           receive
10.1.1.1/32          10.2.4.2             GigabitEthernet1.24
10.4.12.12           GigabitEthernet1.412
10.1.2.0/24          10.2.4.2             GigabitEthernet1.24
10.1.11.0/24         10.2.4.2             GigabitEthernet1.24
10.4.12.12           GigabitEthernet1.412
10.1.12.0/24         10.4.12.12           GigabitEthernet1.412
10.2.2.2/32          10.2.4.2             GigabitEthernet1.24
10.2.4.0/24          attached             GigabitEthernet1.24
10.2.4.0/32          receive              GigabitEthernet1.24
10.2.4.2/32          attached             GigabitEthernet1.24
10.2.4.4/32          receive              GigabitEthernet1.24
10.2.4.255/32        receive              GigabitEthernet1.24
10.2.11.0/24         10.2.4.2             GigabitEthernet1.24

What is the exact path(or multiple)?

R4#trace 10.1.1.1
Type escape sequence to abort.
Tracing the route to 10.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 10.2.4.2 3 msec
10.4.12.12 4 msec
10.2.4.2 3 msec
2 10.1.12.1 3 msec
10.1.2.1 3 msec
10.1.12.1 2 msec

CSR-4#show mpls forwarding-table
no MPLS apps enabled or MPLS not enabled on any interfaces

MPLS Forwarding

On MPLS we have LIB and LFIB. LIB essentially holds all the labels and associated information, while LFIB do the forwarding based on incoming labeled packets. CEF is a pre-requirement to run MPLS.
For MPLS the routing table (RIB) still the same as we see on Normal Forwarding.

This is the LFIB table….

R4#show mpls forwarding-table
Local      Outgoing   Prefix           Bytes Label   Outgoing   Next Hop
Label      Label      or Tunnel Id     Switched      interface
16         Pop Label  10.12.12.12/32   0             Gi1.412    10.4.12.12
17         Pop Label  10.13.13.13/32   0             Gi1.413    10.4.13.13
18         Pop Label  10.1.12.0/24     0             Gi1.412    10.4.12.12
19         Pop Label  10.2.12.0/24     0             Gi1.24     10.2.4.2
Pop Label  10.2.12.0/24     0             Gi1.412    10.4.12.12
20         Pop Label  10.11.12.0/24    0             Gi1.412    10.4.12.12
21         Pop Label  10.12.13.0/24    0             Gi1.412    10.4.12.12
Pop Label  10.12.13.0/24    0             Gi1.413    10.4.13.13
22         Pop Label  10.2.13.0/24     0             Gi1.24     10.2.4.2
Pop Label  10.2.13.0/24     0             Gi1.413    10.4.13.13
23         22         10.11.11.11/32   0             Gi1.24     10.2.4.2
24001      10.11.11.11/32   0             Gi1.412    10.4.12.12
24         16         10.1.1.1/32      0             Gi1.24     10.2.4.2
24003      10.1.1.1/32      0             Gi1.412    10.4.12.12
25         17         10.1.11.0/24     0             Gi1.24     10.2.4.2
24004      10.1.11.0/24     0             Gi1.412    10.4.12.12
26         Pop Label  10.2.11.0/24     0             Gi1.24     10.2.4.2
27         Pop Label  10.1.2.0/24      0             Gi1.24     10.2.4.2
28         Pop Label  10.2.2.2/32      0             Gi1.24     10.2.4.2

Doing a trace to R1 we get a labeled path

R4#trace 10.1.1.1
Type escape sequence to abort.
Tracing the route to 10.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 10.2.4.2 [MPLS: Label 16 Exp 0] 3 msec
10.4.12.12 [MPLS: Label 24003 Exp 0] 10 msec
10.2.4.2 [MPLS: Label 16 Exp 0] 3 msec
2 10.1.12.1 3 msec
10.1.2.1 3 msec *

Share

Hot and Cold Potato in ISP Kingdom

Some ISP’s tend to use different strategies or priorities in handling traffic across Backbone, some maybe because running out of capacity or by policy. In hot-potato routing, an ISP hands off traffic to a downstream ISP as quickly as it can “closest exit routing”. In opposite way Cold-potato routing ISP carries traffic as far as possible on its own network before deliver it to a downstream ISP “best exit routing”. In general, an ISP’s routing policy would follow an hot-potato or cold-potato routing.

Following a small diagram with an Cold-potato (blue) and Hot-potato (red) flows

hotcold-potato2

Share

Cisco is raising up CCDA and CCDP to v3

Cisco is moving CCDA and CCDP to v3.

What topics were added/removed?

DESGN

Topics Removed from the DESGN Exam:

  • Describe developing business trends
  • Describe network management protocols and features
  • Describe network architecture for the enterprise
  • Identify Cisco technologies to mitigate security vulnerabilities

Topics Added to the DESGN Exam:

  • Describe the Cisco Design lifecycle – PBM (Plan, Build, Manage)
  • Describe the importance and application of Scalability in a network
  • Describe the importance and application of Resiliency in a network
  • Describe the importance and application of concept of Fault Domains in a network
  • Design a basic branch network
  • Describe the concepts of virtualization within a network design
  • Identify network elements that can be virtualized
  • Describe Data Center components
  • Describe the concepts of Network Programmability within a network design

ARCH

Topics Removed from the ARCH Exam:

  • Design for infrastructure services
  • Identify network management capabilities in Cisco IOS Software
  • Create summary-able and structured addressing designs
  • Describe IPv6 for campus design considerations
  • Describe the components and technologies of a SAN network
  • Create an effective e-commerce design
  • Create remote access VPN designs for the teleworker

 

Topics Added to the ARCH Exam:

  • Create stable, secure, and scalable routing designs for IS-IS
  • Determine IPv6 migration strategies
  • Design data center interconnectivity
  • Design data center and network integration
  • Select appropriate QoS strategies to meet customer requirements
  • Design end to end QoS policies
  • Design a network to support Network Programmability (SDN)
  • Describe network virtualization technologies for the data center

CCDA Exams & Recommended Training

Required Exam(s) Recommended Training
640-864 DESGN
Last day to test: December 14, 2015
Designing for Cisco Internetwork Solutions (DESGN) v2.1
OR
200-310 DESGN Designing for Cisco Internetwork Solutions (DESGN) v3.0

CCDP Exams & Recommended Training

Required Exam(s) Recommended Training
300-101 ROUTE Implementing Cisco IP Routing (ROUTE)
300-115 SWITCH Implementing Cisco IP Switched Networks (SWITCH)
642-874 ARCH
Last day to test: December 14, 2015
OR300-320 ARCH
Designing Cisco Network Service Architectures (ARCH)ORDesigning Cisco Network Service Architectures (ARCH)

 

Share

Open Switch continua a crescer

Poderemos em breve ver switches com um brand á medida? A Facebook talvez seja um dos primeiros a fazê-lo… Atualmente dependemos muito do hardware dos fabricantes onde o software é desenhado especificamente para essa plataforma. Com isto não é possível desagregar o hardware do software de forma alguma…

A Facebook em conjunto com a Open Compute Project (OCP) introduz o “Wedge” como um novo protótipo de switch top-of-rack e um novo sistema operativo para o mesmo de nome “FBOSS”

O grande objectivo da parceria entre Facebook e Open Compute Project (OCP) é reduzir ao máximo o custo das infraestruturas e aumentar a sua eficiência.

10333122_779825828716274_1114130333_n.png 10173498_655852611162022_1103167099_n.png

 

Referências:

Open Compute Project

Introducing “Wedge” and “FBOSS,” the next steps toward a disaggregated network

 

Share

Update exame CCNP Routing and Switching v2

A certificação CCNP Routing and Switching será renovada em breve para a versão 2, consultar o link CCNP Routing and Switching para mais detalhes. A Cisco disponibiliza a CCNP exam combination tool para facilitar os exames necessários para quem realizou alguns do antigo curso.
A versão do IOS para esta nova versão é a 15.2

Recommended Training
642-902 ROUTE
Last day to test January 29, 2015
OR
300-101 ROUTE
Implementing Cisco IP Routing (ROUTE)
Implementing Cisco IP Routing (ROUTE) v2.0
AND
642-813 SWITCH
Last day to test January 29, 2015
OR
300-115 SWITCH
Implementing Cisco IP Switched Networks (SWITCH)
Implementing Cisco IP Switched Networks (SWITCH) v2.0
AND
642-832 TSHOOT
Last day to test January 29, 2015

OR
300-135 TSHOOT
Troubleshooting and Maintaining Cisco IP Networks (TSHOOT)
Troubleshooting and Maintaining Cisco IP Networks (TSHOOT) v2.0


Objectivos Exame 300-101 ROUTE inclui:

  • Network Principles
  • Layer 2 Technologies
  • Layer 3 Technologies
  • VPN Technologies
  • Infrastructure Security
  • Infrastructure Services

**Clique para expandir/colapsar os objectivos em detalhe**
Objectivos Exame 300-115 SWITCH inclui:
  • Layer 2 Technologies
  • Infrastructure Security
  • Infrastructure Services

**Clique para expandir/colapsar os objectivos em detalhe**
Objectivos Exame 300-135 TSHOOT inclui:
  • Network Principles
  • Layer 2 Technologies
  • Layer 3 Technologies
  • VPN Technologies
  • Infrastructure Security
  • Infrastructure Services

**Clique para expandir/colapsar os objectivos em detalhe**

Referências:

ROUTE Exam

ROUTE Exam v2.0

SWITCH Exam

SWITCH Exam v2.0

TSHOOT Exam

TSHOOT Exam v2.0

Share