Routing

David’s Border Gateway Protocol (BGP) Resource List

For those of you interested in the routing protocol of the Internet - Border Gateway Protocol, or BGP - I have written a number of articles on the topic. I recommend you checkout the following:

• Five things you should know about Cisco IOS BGP configuration
• How to use BGP to achieve Internet redundancy
• Build Your Skills: Use IP and BGP to troubleshoot Internet connectivity

All 3 of these articles I wrote for TechRepublic and they offer some great tips!

Also, for the official Cisco BGP documentation, please see: Configuring BGP in the Cisco IOS.

How to Enable Policy-Based Routing in the Cisco IOS

Policy based routing (or PBR) is a process that has the router put packets through a route map before routing them.  This may be a good way of sending packets to a particular path for protocol security routes, for instance, instead of using the default shortest path algorithm. 

To use PBR, just identify the route map that you want to use for policy-based routing and then create the route map on the interface. 

Here is the syntax to define the route map for Policy-based routing:
routera(config)# route-map map-tag [permit | deny] [sequence-number]

For more step-by-step how-to information on configuring and using PBR, see my full article: How to use the Cisco IOS Policy-Based Routing Features

Managing Cisco IOS IP Routing Authentication Keys

Key management is a way of controlling authentication keys used by routing protocols. You can think of these as “passwords” for your routers. Not all routing protocols can use key management. Only DRP Agent, Enhanced Interior Gateway Routing Protocol (EIGRP), and Routing Information Protocol (RIP) Version 2 use key chains.

You must configure a key chain with keys to enable authentication. Although you can identify multiple key chains, we recommend using one key chain per interface per routing protocol. Upon specifying the key chain command, you enter key-chain configuration mode. A key chain must have at least one key and can have up to 2,147,483,647 keys.

Before you manage authentication keys, authentication must be enabled. To manage authentication keys, define a key chain, identify the keys that belong to the key chain, and specify how long each key is valid.

Each key has its own key identifier (specified with the key key-chain configuration command), which is stored locally. The combination of the key identifier and the interface associated with the message uniquely identifies the authentication algorithm and Message Digest 5 (MD5) authentication key in use.

You can configure multiple keys with lifetimes. Only one authentication packet is sent, regardless of how many valid keys exist. The lifetimes allow for overlap during key changes but please note that the router must know the time.

To configure a key, use the global configuration key chain (name of chain) command then the key-string command inside key configuration mode.

For more information on managing Cisco IOS authentication keys, please see Cisco’s IOS IP Routing Command Reference for the key chain (and other key related) commands.

How to Configure Integrated IS-IS

Cisco Integrated IS-IS is part of a link-state Interior Gateway protocol and supports CLNP, IPv4, and IPv6.  To verify your platform support, please see my article covering the Cisco IOS Feature Navigator. An Intermediate-System-to-Intermediate System (IS) operates at Level 1 or Level 2 routing, or both.

Following is a sample configuration showing a router using IS-IS as the IP protocol.

routerB(config)# router isis
routerB(config-router)# net 49.0001.0000.0000.000a.00
routerB(config-router)# interface ethernet1/1
routerB(config-if)# ip address 10.1.1.1 255.255.255.0
routerB(config-if)# ip router isis
routerB(config-if)# interface serial 2/0
routerB(config-if)# ip router isis
routerB(config-if)# ip address 192.168.1.2 255.255.255.0

Additionally, do the show ip route command to verify your configuration. Notice the “i” routes. These are your IS-IS Routes:

RouterB# show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C 172.21.1.0 is directly connected, Serial5/0
172.22.0.0/24 is subnetted, 1 subnets
i L1 172.22.1.0 [115/20] via 172.21.1.2, Serial5/0
10.0.0.0/24 is subnetted, 1 subnets
i L1 10.1.1.0 [115/20] via 192.168.1.2, Serial2/0

For more information, please see the Cisco documentation on Cisco IOS IP Routing Protocols and Cisco’s Configuring IS-IS for IP on Cisco Routers.

What is Route Table Profiling and How can it help you?

Originally introduced as a hidden command in IOS 11, Route Table Profiling is now an officially supported command and can be very helpful to Cisco network Admins. With Route Table Profiling, you can monitor for fluxuations in the routing table, route flapping, and network outages, among other things. This feature is enabled globally with ip route profile and you can view information about it with show ip route profile.

Joe Harris, CCIE #6200 has a great article on it over at his site with lots of details and examples. To view the full article visit: 6200Networks.com Route Table Profiling.

Cisco Service Provider Router Overview - the most powerful routers ever made

In a recent article, I covered the Cisco service provider router lineup. These amazing routers are what allow us to surf the web and watch IPTV. In this article I cover routers like the CRS-1 (Cisco’s most powerful router) and the new Cisco ASR 9000 and 1000 routers. To see the full article, read Check out the most powerful Cisco routers ever made

Cisco’s new Routing & Switching 360 Learning Program

Cisco announced a new learning program that will be offered from select learning partners. This could be like the master’s program of Cisco routing and switching with the CCIE lab being the capstone. The new 360 Learning program is a 6 month blended learning program. I can’t imagine what the price tag will be on this type of program. Here is the official Cisco information:

Introducing Cisco 360 Learning Program for CCIE Routing and Switching

Designed with high-potential network professionals in mind, the Cisco 360 Learning Program for CCIE Routing and Switching is a comprehensive, blended learning program designed to accelerate expert-level competency and provide the skills and training needed to prepare candidates for the rigorous CCIE Routing and Switching exam. 

For the ful press release and more detailed information, please visit Cisco’s 360 Learning Program website.

Use extended ping and extended traceroute to better troubleshoot your Cisco network

In one of my recent articles, I covered how to use the Cisco IOS extended ping and traceroute commands to troubleshoot your network. Knowledge of how these commands work is critical to solving many networking issues. The extended options give you so much power! Read the full article at: Use extended ping and extended traceroute to better troubleshoot your Cisco network

How to set OSPF Limit Retransmissions using OSPF to help the system admin

The limit for demand and non-demand circuits is set to 24 by default. Sometimes that’s not enough time to ensure that all our data packets are arriving successfully. That’s when this command comes in handy.

Here is the command for limit retransmissions:

limit retransmissions {[dc {max-number | disable}] [non-dc {max-number | disable}]}

The max number is 255 and the disable removes the limit to the number of retransmissions.

It’s basically a 2 step process. Let’s look at some examples to see how simple it is to set this variable.
1. Access your router in configuration mode and access the ospf process
router(config)# router ospf

2. Sets the limit of number of retransmissions for the demand(dc) and non-demand(non-dc)
circuits. We will change the dc circuits to 20 and the non-dc circuits to 30.
router(config-router)# limit retransmissions dc 20 non-dc 30

3. Sets the maximum number of dc retransmissions to 20, and removes the limit for the number of non-dc circuits:
router(config-router)# limit retransmissions dc 20 non-dc disable

4. This command resets the limit retransmissions back to the default of 24:
router(config-router)# no limit retransmissions

For further information and restrictions on limit retransmission, see the Cisco article, OSPF Retransmissions Limit.

When to prefer Open Shortest Path First (OSPF) route over an EIGRP route

The shortest path between two points is always a straight line or in this case it’s the administrative distance. OSPF has an administrative distance of 110 while EIGRP has only 90. Therefore, EIGRP would be picked because of its lower administrative cost.

If you want to use OSPF over EIGRP, then change the administrative distance in router configuration mode.  Whether you want to change the distance for all routes in the area (intra-area), the distance from one area to another (inter-area), or the distance from other routing domains (external), you can aim closer to the distance using this command. Currently they all have a default distance of 110 but you can change it with one easy command in router configuration mode. Here is the full command:

distance ospf {[intra-area dist1] [inter-area dist2] [external dist3]}

Also a really good incentive to use the distance ospf command is when you have multiple OSPF processes, and you might want to prefer internal routes from other external routes.  For more information on OSPF, see the article, OSPF Configuration Management with SNMP documentation.