From: Ewing, James (james.ewing@xxxxxxxxx)
Date: Tue Oct 16 2001 - 08:46:46 GMT-3
Something I put together for myself. Please feel free to add to correct or
delete ;)
Frame Relay-
Physical Interface
1. Encapsulation frame-relay
2. Clock source (either DTE or DCE-if DCE turn on Frame-relay switching
global command and set the clock rate)
3. If DCE set frame-relay intf-type dce
4. Turn off frame-relay inverse-arp
5. If point-to-point -frame-relay interface-dlci
6. If connected to a point-to-mulitpoint hub use frame-relay map
statements
Logical Interface
1. If point-to-point use frame-relay interface-dlci
2. If configuring a spoke multipoint use frame-relay map statements
3. If configuring a hub point-to-multipoint hub use frame-relay
interface-dlci statements
ATM-
SVCs
1. Configure vci/vpi pair 0/16 to communicate with the ILMI
2. Configure a PVC for SVC signalling-pvc [name] vpi/vci qsaal
3. Configure the NSAP and ESI addresses
4. Create the SVC
svc [name] nsap address
Create an SVC and specify the destination NSAP address.
encapsulation aal5encap
Map a protocol address to an SVC.
PVCs
1. Create PVC
2. Map a protocol to the PVC
3. Config Aal and encapsulation type
CLIP-SVC
Step 1
interface atm slot/0
or
interface atm slot/port-adapter/0
or
interface atm number
Specify the ATM interface using the appropriate format of the
interfaceatmcommand.1
Step 2
atm esi-address esi.selector
Specify the ATM address of the interface.
Step 3
ip address address mask
Specify the IP address of the interface.
Step 4
atm arp-server
nsap nsap-address
Specify the ATM address of the ATM ARP server.
Step 5
no shutdown
Enable the ATM interface.
CLIP-PVC
Configuring Classical IP and Inverse ARP in a PVC Environment
The ATM Inverse ARP mechanism is applicable to networks that use PVCs, where
connections are established but the network addresses of the remote ends are
not known. A server function is not used in this mode of operation.
In a PVC environment, the ATM Inverse ARP mechanism is enabled by default
for IP and IPX when you use the following commands beginning in global
configuration mode:
Command Purpose
Step 1 interface atm slot/0
or
interface atm slot/port-adapter/0
or
interface atm number
Specify the ATM interface using the appropriate format of the
interface atm command.1
Step 2 ip address address mask
Specify the IP address of the interface.
Step 3 pvc [name] vpi/vci Create a PVC.
Step 4 no shutdown
Enable the ATM interface.
1To determine the correct form of the interface atm command, consult your
ATM network module, port adapter, or router documentation.
Repeat Step 3 for each PVC you want to create.
By default, Inverse ARP datagrams will be sent on this virtual circuit every
15 minutes. To adjust the Inverse ARP time period, use the inarp minutes
command in interface-ATM-VC configuration mode.
ISDN
Physical-
1. Global Switch type
2. Spids configured if necessary-under the interface
3. Dialer map statement-dialer map ip (ip address) (name) broadcast
(isdn number) -under the interface
4. Dialer-list (#) protocol permit (global)
5. Encapsulation type
6. Dialer-group 1
7. Authentication for ppp (pap-chap)
8. Username and password required for ppp authentication
Logical-
1. Dialer pool member (#) - for dialer profiles-goes under the physical
interface
2. Interface dialer (#)-
interface Dialer0
ip address 172.22.85.1 255.255.255.0
no ip directed-broadcast
encapsulation ppp
dialer remote-name maui-soho-01
dialer string 5551212 class austin-soho-01
! -- Dialer0 is linked to map-class austin-soho-01
dialer load-threshold 128 outbound
dialer pool 1
! -- Defines the pool of physical resources from which the Dialer interface
may draw ! -- B channels as needed.
dialer-group 5
! -- DDR configuration command. This command is linked to the dialer-list 5
command.
ppp authentication chap
ppp multilink
TOKEN-RING
Physical
1. Ring speed
2. Use multiring to terminate the RIF and provide protocol connectivity
at layer 3
Switch
1. Create the TrBRF
2. Create the TrCRF
3. Associate ports to the CRF
4. Associate the CRF to the BRF
5. Assign IP address to the BRF
Bridging
CRB
1 . Specify CRB.
Router (config)#
bridge crb
2 . Enter configuration mode for the Ethernet interface.
Router (config-if)#
interface ethernet 0
3 . Specify the bridge-group number to which the Ethernet interface
belongs.
Router (config-if)#
bridge-group 1
4 . Exit configuration mode for the Ethernet interface and the router.
Router (config-if)#
exit
5 . Specify the bridge protocol to define the type of STP.
Router (config-if)#
bridge 1 protocol ieee
IRB
Step 1 Configure bridge groups and routed interfaces.
a. Enable bridging.
b. Assign bridge groups to interfaces.
c. Configure routing for desired protocols.
Step 2 Configure IRB and the BVI.
a. Enable IRB.
b. Configure the BVI.
c. Enable the BVI to accept routed packets.
d. Enable routing on the BVI for desired protocols.
Step 3 Verify IRB configuration.
bridge irb
!
interface ATM0/0/0.200 point-to-point
no ip directed-broadcast
pvc 1/301
encapsulation aal5snap
!
bridge-group 1
!
interface BVI1
ip address 10.0.0.2 255.0.0.0
no ip directed-broadcast
bridge 1 protocol ieee
bridge 1 route ip
!
end
IP Routing Protocols
OSPF
BASIC Configurations
1. Router ospf (process id)
2. Network statement
3. Router-id (tie down)
4. Interface command denying LSA exit on a particular interface
NBMA/Broadcast
1. All routers directly connected must have the same ip ospf network
type
2. Nail down the HUB-With priority 100 and priority 0 at the spokes
3. Neighbor Statements-for NBMA
Point-to-Point/Multipoint
1. All routers directly connected must have the same ip ospf network
type (either ppp or ppm)
2. NO DR ELECTION
ISDN Circuit on Demand
1. Under BRI interface type ip ospf demand circuit
Route Aggregation
1. Inter-area routes are summarized with an area range command
2. Inter AS routes are summarized with a summary-address command
Route Redistribution
1. When distributing other protocols into OSPF don't forget the SUBNET
command
2. When distributing OSPF into other protocols don't forget the METRIC
command
Virtual Link
1. A virtual link is when an area isn't connected to area 0. Type Area
(transit area and the ospf router id)on both sides of the tunnel
2. Don't forget to enable the virtual link over ISDN
Authentication
1. Two types of authentication
* Area
* Interface
2. If you have authentication in area 0 you need authentication on the
virtual link
RIP
V1
1. Router rip
2. Network and the CLASSFULL network
3. Split horizon issues on hub and spoke with physical interfaces
4. Maximum hop count is 15
V2
IGRP
1. Router igrp (as number0
2. Network and the CLASSFULL network
3. Split horizon issues on hub and spoke with physical interfaces
4. Maximum hop count is 100
5. When redistributing into IGRP don't forget the 5 way metric value
6. When redistributing into IGRP the network masks must be the same
(ie-if the IGRP router is /24 only /24's will be redistributed.)
7. Global command default-network point to a classfull network on your
network
8. Passive out interfaces not needed in the routing protocol
EIGRP
1. Router eigrp (as number)
2. Network
3. No auto-summary
4. Can redistribute into igrp with same as number without configuration
5. Passive out interfaces not needed in the routing protocol
IS-IS
1. Level 1 routes are equivalent to areas in OSPF
2. Level 2 routes are equivalent to backbone or ASBR routes
3. Router isis
Command Purpose
Step 1 Router(config)#router isis [area tag] Enables IS-IS
routing for the specified routing process, and places the router in router
configuration mode.
Use the area tag arguments to identify the area to which this IS-IS
router instance is assigned. A value for tag is required if you are
configuring multiple IS-IS areas.
The first IS-IS instance configured is Level 1-2 by default. Later
instances are automatically Level 1. You can change the level of routing to
be performed by a particular routing process using the is-type router
configuration command.
Step 2 Router(config)#net network-entity-title
Configures NETs for the routing process. Specify a NET for each
routing process if you are configuring multiarea IS-IS. You can specify a
name for a NET and for an address.
Step 1
Router(config)#interface interface-type
interface-number
Enters interface configuration mode.
Step 2
Router(config-if)#ip router isis [area tag]
Configures an IS-IS routing process for ISO Connectionless Network
Service (CLNS) on an interface and attaches an area designator to the
routing process.
Step 3
Router(config-if)#ipaddress ip-address-mask
Defines the IP address for the interface.
An IP address is required on all interfaces in an area enabled for
IS-IS if any one interface is configured for IS-IS routing.
4.
BGP
1. Router bgp (as number)
2. Neighbor (neighbor ip) remote-as (AS of peer)
3. Network statements only announce what's in the local routing table.
4. Two types ebgp and ibgp - ebgp has an admin distance of 20 and ibgp
has a distance of 200
5. Synchronization is only used if you need to synchronize the bgp
table with the igp table-only used for IBGP.
6. Use next-hop-self to advertise the local router as the destination
for EBGP networks within an iBGP cloud.
7. Two ways to mesh iBGP - confederations and route reflectors
8. Don't forget that EBGP has a TTL time of 1 so multi-hop is necessary
when peering with neighbors more than one hop away
9. Route maps can be used to change the next-hop, local-pref, MEDs or
block particular routes
10. Route maps preferred when setting multiple attributes
11. Prefix-lists used for simple prefix filtering
12. Distribute-lists for incoming interface traffic
13. Send community if communities are used
IPX Routing Protocols
Initial IPX config
1. IPX routing (ipx internal address)-something easy like the router
2. Interface ipx network command
3. IPX RIP is enabled automatically
4. Don't forget map ipx commands where necessary
IPX RIP
1. Beware of split horizon issues-cannot be disabled for IPX RIP, for
IPX EIGRP disable at the hub only
2. Disable rip with ipx router rip-no network (ipx network)
IPX EIGRP
1. ipx router eigrp
2. network (ipx network)
IPX NLSP
1. Must have IPX internal network number-ipx internal network number
2. Ipx router nlsp
3. ipx routing
ipx internal-network 2000
!
interface ethernet 1
ipx network 1001
area-address 0 0 (all areas)
!
interface ethernet 2
ipx network 2001
area-address 0 0 (all areas)
!
3. Disable IPX RIP SAP-ipx nlsp rip off - ipx nlsp sap off under the
interface...
IPXWAN
1. IPX internal address must be supplied for each router participating
in ipxwan
2. No ipx network interface on any interface in ipxwan on both sides of
the connection
3. Tyep IPX IPXWAN on each interface participating in ipxwan.
IPX DDR ISSUES
1. Beware of RIP/SAP updates keeping the link up
2. Enable SPX spoofing, ipx watchdog spoofing, set spx timeout- these
will help manage the broadcast issues
3. Tunnel ipx traffic over a GRE tunnel when necessary
Queuing
Weighted-Fair Queuing
1. No access-list necessary for WFQ
2. Cisco default
Custom Queuing
1. Round Robin queuing
2. Each queue forwards packets by byte
3. Need a queue-list (list number) protocol
Router 1
version 10.0 !
hostname router1
!
enable password cisco
!
interface Ethernet0
ip address 144.254.1.1 255.255.255.0
no mop enabled
!
interface Serial0
ip address 144.254.2.1 255.255.255.0
custom-queue-list 1
!
interface Serial1
shutdown
!
router igrp 109
network 144.254.0.0
!
queue-list 1 default 3
queue-list 1 protocol ip 1 udp 5715
queue-list 1 protocol ip 2 udp 7648
queue-list 1 queue 1 byte-count 19300
queue-list 1 queue 2 byte-count 19300
Priority Queuing
1. Queues are High, Medium, Normal, Low
Assigning Priority by Protocol Type
Use the priority-list command to establish queuing priorities based upon the
protocol type. The full syntax of this command follows:
priority-list list protocol protocol-name queue-keyword [args]
no priority-list list protocol
The argument list is an arbitrary integer between 1 and 10 that identifies
the priority list selected by the user.
The keyword protocol is used with the argument protocol-name to specify the
protocol you are using, and is one of the following: ip, pup, chaos, xns,
decnet, appletalk, clns, novell, apollo, vines, stun (for Serial Tunneling),
bridge (for transparent bridging traffic), or rsrb (for remote source-route
bridged traffic).
The argument queue-keyword is a priority queue name, one of high, medium,
normal, or low.
Optional arguments (args) may be specified, depending on the protocol-name
keyword, as follows.
* gt byte-count--Specifies a greater-than count. The priority level
assigned goes into effect when a packet exceeds the value entered for the
argument byte-count. The size of the packet must also include additional
bytes due to MAC encapsulation on the outgoing interface.
* lt byte-count--Specifies a less-than count. The priority level
assigned goes into effect when a packet size is less than the value entered
for byte-count. The size of the packet must also include additional bytes
due to MAC encapsulation on the outgoing interface.
* bridge list list-number--Assigns the priority level to bridged
traffic according to access list number using the bridge and list keywords.
The list-number argument is the
Ethernet-type code access list number assigned by the access-list global
configuration command and the access-group list interface subcommand.
* list list-number--Assigns traffic priorities according to a specific
list. The list-number argument is the IP access list number assigned by the
access-group list interface subcommand. (For use with the IP protocol,
only.)
* tcp port--Assigns the priority level defined to TCP packets
originating from or destined to a specified port. (For use with the IP
protocol only.) Table 1-2 <47987.htm> lists common TCP services and their
port numbers.
2.
The following is a sample of a priority list, including the access list
referenced by one of the priority list rules.
priority-list 1 protocol bridge high list 201
priority-list 1 protocol ip medium
priority-list 1 protocol decnet medium
priority-list 1 default low
priority-list 1 queue-limit 20 20 20 10
!
access-list 201 permit 0x6004 0x0000
Bridged traffic that matches access list 201 is given high priority. Since
type code 6004 is the Local Area Transport (LAT), this rule has the effect
of making LAT traffic have high priority. IP and DECnet traffic are given
medium priority, and everything else is given low priority. In this
instance, the network administrator has assigned queue limits of 20 packets
for every queue except the low priority queue, which is limited to 10
untransmitted packets.
DLSW
1. Border peers- any to any connect to provide full-mesh connectivity
2. Global-router 1 border peer for group 40
3. Dlsw local-peer peer-id 172.16.24.2 group 40 border promiscuous
4. Source-bridge ring-group 100
3. Interface configuration
4. Source-bridge 10 1 100
5. Source-bridge spanning
Promiscuous Mode
1. Local peer statement required-dlsw local peer peer-id (ip address of
peer) promiscuous
2. No remote peer statement needed
3.
4. version 12.0
5. !
6. hostname Sample
7. !
8. source-bridge ring-group 110
9. dlsw local-peer peer-id 10.1.1.1 promiscuous
10. !
11. interface TokenRing0/0
12. no ip address
13. ring-speed 16
14. source-bridge 222 1 110
15. source-bridge spanning
16. !
Non Promiscuous Mode
1. Local peer statement required-dlsw local peer peer-id (ip addr)
2. Remote peer-dlsw remote-peer 0 (connection type-either FST or TCP
Direct or DLSWlite) (ip addr)
3. source-bridge ring-group 10
4. !
5. dlsw local-peer peer-id 10.2.25.1
6. dlsw remote-peer 0 tcp 10.2.5.2
7. interface loopback 0
8. ip address 10.2.25.1 255.255.255.0
9. interface tokenring 0
10. no ip address
11. ring-speed 16
12. source-bridge 25 1 10
13. source-bridge spanning
14.
15. Router B
16. source-bridge ring-group 12
17. dlsw local-peer peer-id 10.2.5.2
18. dlsw remote-peer 0 tcp 10.2.25.1
19. interface loopback 0
20. ip address 10.2.5.2 255.255.255.0
21. interface tokenring 0
22. no ip address
23. ring-speed 16
24. source-bridge 5 1 12
25. source-bridge spanning
Token Ring vs. Ethernet
1. Token ring requires the source ring group-make the number -Global
configuration command
2. TR-Interface config command - source-bridge 2 1 and the above
ring-group number
3. TR-Interface config command-source-bridge spanning command
4. Ethernet- Bridge-group 1
5. Ethernet- dlsw bridge-group 1
James Ewing*
Network Engineer III- Network Architecture
One Digex Plaza
Beltsville, MD. 20705
* 240.264.2217 *301.237.3566 i mailto:james.ewing@digex.com
<mailto:james.ewing@digex.com>
This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 22:33:20 GMT-3